[CentOS-virt] Which is the best network interface to use.
I am running centos 5.5 virtualized environment. I have 2 bridged network cards. My question is this. Should I be using virtual network or the shared physical device architecture? ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Semi-Authoritative DNS?
On 11/05/10 16:54, Tim Nelson wrote: Greetings All- I have an odd need for a 'semi-authoritative' DNS server. Let's say I have a zone for 'domain.com' with public DNS servers. However, I wanted to run an internal DNS server for internal things. Public resolution of 'www.domain.com' would yield the public IPs, private resolution of 'www.domain.com' would yield the internal private IPs. Easy enough. BUT, what if there is a DNS record present on the public nameservers that is *not* present on the internal nameserver? Typically, DNS will say 'no record found' when it could really forward the request to the public DNS. Is it possible to configure this? So, the internal 'domain.com' zone will be authoritative for records it has but forward queries for those records it does not have, even on the same domain? I hope that made sense. Maybe there is a better way of accomplishing this? The systems in question are running Centos 5.5 x86_64 with BIND bind-9.3.6-4.P1.el5_4.1 . --Tim You have to use views for this. Check the example BIND configuration files that come with the package (/usr/share/doc/bind...). It's sometimes called split horizon DNS as well, you may have better luck googling that. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] obtaining non-packaged software
I have been using Fedora on my home desktop for close to an year, and I am happy with it, nevertheless I am considering switching to a slower-moving distro. CentOS + EPEL put together have less packages than Fedora. Moreover RPM Fusion has fewer packages for EL than for Fedora. I am wondering how can I install on my PC applications for which packages do not exist from one of the above-mentioned repos. I can go upstream, get sources and build them. It is a good solution, I do that even with Fedora, however this can mean a lot of work when a package depends on 10 others. So I wonder what do other CentOS users do in a similar situation? Is it possible to get a Fedora binary package and install it? What about getting a Fedora source package, building and installing it? Is there any other possibility? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
I have been using Fedora on my home desktop for close to an year, and I am happy with it, nevertheless I am considering switching to a slower-moving distro. I followed the same path a few years ago, and I'm very happy with it. So, welcome! CentOS + EPEL put together have less packages than Fedora. Moreover I use CentOS + EPEL as a base and include specific packages from RPMForge, using includepkgs in the /etc/yum.repos.d/rpmforge.repo file. For example my (very personal) package list from RPMForge: includepkgs=pam_keyring pbzip2 subversion* mod_dav_svn bonnie++ xplanet xplanet-maps filezilla allegro* unrar aircrack-ng python-reportlab python-psycopg drupal6 powertop fuse-davfs2 dropbox* nautilus-dropbox gtkimageview* I used RPMFusion when on Fedora and found it a great repo, but on CentOS, RPMForge is much more complete and of better quality IMHO I can go upstream, get sources and build them. It is a good solution, I build locally very rarely and only when I need something quick on my workstation that I know I will use once (I don't even install it and run the binaries directly when possible). it possible to get a Fedora binary package and install it? What about in general, no getting a Fedora source package, building and installing it? Is there Yes and it is pretty straightforward for a lot of them. Just first unzip the Fedora SRPM with the Archive Manager and copy the files in rpmbuild/SOURCES and rpmbuild/SPECS (the RPM format somehow changed around Fedora 9 or 10, so rpm -Uvh *.src.rpm won't work with recent Fedora versions) However for some packages you will see that they depend on recent versions of some software, especially the graphical environment libraries (GTK/GNOME or Qt/KDE). In that case there is not much you can do, because you don't want to update core libraries of CentOS (if yous start going that way, you should rather keep using Fedora or use Ubuntu...) An approach is then to look at earlier Fedora versions until you find a version of the software which is still compatible with the CentOS libraries. CentOS is more or less compatible with Fedora 6, but I found that up to Fedora 9 most packages rebuild easily ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] file conflict while installing phonon-backend-gstreamer for Amarok
Hi I am trying to install phonon-backend-gstreamer so that i can play mp3 songs through Amarok as per the following forum ( http://forums.fedoraforum.org/showthread.php?t=205019 ) , but i get the following dependency error . how can i solve this your inputs will be of great value i am using Fedora 9 . -- : : Total download size: 254 k Is this ok [y/N]: y Downloading Packages: (1/2): phonon-4.3.1-2.fc9.i386.rpm | 152 kB 00:05 (2/2): phonon-backend-gstreamer-4.3.1-2.fc9.i386.rpm | 102 kB 00:02 Running rpm_check_debug Running Transaction Test Finished Transaction Test Transaction Check Error: file /usr/lib/libphonon.so.4 from install of phonon-4.3.1-2.fc9.i386 conflicts with file from package kdelibs-4.0.3-7.fc9.i386 file /usr/lib/libphononexperimental.so.4 from install of phonon-4.3.1-2.fc9.i386 conflicts with file from package kdelibs-4.0.3-7.fc9.i386 file /usr/share/dbus-1/interfaces/org.kde.Phonon.AudioOutput.xml from install of phonon-4.3.1-2.fc9.i386 conflicts with file from package kdelibs-4.0.3-7.fc9.i386 Error Summary - -- Regards Agnello D'souza ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
At Sat, 6 Nov 2010 11:31:18 + CentOS mailing list centos@centos.org wrote: I have been using Fedora on my home desktop for close to an year, and I am happy with it, nevertheless I am considering switching to a slower-moving distro. CentOS + EPEL put together have less packages than Fedora. Moreover RPM Fusion has fewer packages for EL than for Fedora. I am wondering how can I install on my PC applications for which packages do not exist from one of the above-mentioned repos. I can go upstream, get sources and build them. It is a good solution, I do that even with Fedora, however this can mean a lot of work when a package depends on 10 others. So I wonder what do other CentOS users do in a similar situation? Is it possible to get a Fedora binary package and install it? What about getting a Fedora source package, building and installing it? Is there any other possibility? RPMForge has a lot of packages (but be careful!). rpmbone has more. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Robert Heller -- 978-544-6933 / hel...@deepsoft.com Deepwoods Software-- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Addressing outgoing connections to a specific interface
On a CentOS 5.5 laptop (Dell Inspiron, dual boot with a Debian-based distro) I have a cable plugged into eth0 which is on a LAN with no internet connection. Additionally, I connect wirelessly on wlan0 to the internet. Both connections have router on the 192.168.0.1 address. Although I need to stay connected to the wireless router, can I still access the address 192.168.0.1 on the wired interface? Some googling led me to the keyword loopback but I am at a loss as how to configure it, or if this is even the right idea. If there is a specific page that I should be reading in the fine manual then please do RTFM me, as I myself failed to find the proper page. Thanks in advance. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
On 6 November 2010 12:00, Mathieu Baudier mbaud...@argeo.org wrote: I use CentOS + EPEL as a base and include specific packages from RPMForge, using includepkgs in the /etc/yum.repos.d/rpmforge.repo file. For example my (very personal) package list from RPMForge: Thanks a lot for the detailed and helpful answer. You answered all my questions! In particular I had never heard of RPMForge, I will check it. An approach is then to look at earlier Fedora versions until you find a version of the software which is still compatible with the CentOS libraries. CentOS is more or less compatible with Fedora 6, but I found that up to Fedora 9 most packages rebuild easily I checked my local mirror and it has packages from Fedora 7 onwards, so there seem to be a way. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
In particular I had never heard of RPMForge, I will check it. Also check ElRepo for up to date drivers (e.g. NVIDIA): http://elrepo.org More generally the CentOS wiki is a very helpful resource, e.g.: http://wiki.centos.org/AdditionalResources/Repositories ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
On 6 November 2010 12:57, Robert Heller hel...@deepsoft.com wrote: RPMForge has a lot of packages (but be careful!). rpmbone has more. Careful about what? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
On Sat, Nov 6, 2010 at 13:31, Piscium grok...@gmail.com wrote: I have been using Fedora on my home desktop for close to an year, and I am happy with it, nevertheless I am considering switching to a slower-moving distro. CentOS + EPEL put together have less packages than Fedora. Moreover RPM Fusion has fewer packages for EL than for Fedora. I am wondering how can I install on my PC applications for which packages do not exist from one of the above-mentioned repos. I can go upstream, get sources and build them. It is a good solution, I do that even with Fedora, however this can mean a lot of work when a package depends on 10 others. So I wonder what do other CentOS users do in a similar situation? Is it possible to get a Fedora binary package and install it? What about getting a Fedora source package, building and installing it? Is there any other possibility? Are there any specific applications that you need but are not available in the CentOS repos, or just in general? My experience is that I had to build Anki [1], as no current version was available for either CentOS or Fedora. [1] http://ichi2.net/anki/#linux -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
Dotan, On 6 November 2010 13:04, Dotan Cohen dotanco...@gmail.com wrote: Although I need to stay connected to the wireless router, can I still access the address 192.168.0.1 on the wired interface? Some googling led me to the keyword loopback but I am at a loss as how to configure it, or if this is even the right idea. If there is a specific page that I should be reading in the fine manual then please do RTFM me, as I myself failed to find the proper page. I think I need to drink more coffee because I'm failing to understand what you're trying to achieve. If wlan and eth0 are connected to the same network with different IPs and you want to use the eth0's IP address on wlan0 when eth0 is not connected, you use ifconfig with wlan0:1 notation to assign eth0's IP to wlan0:1. If you want to access from your LAN network to your WiFi network, you need to set up one of the following, a) a bridge (assuming you want to join your WLAN and LAN networks) b) a masquerading setup c) plain old routing between two networks All of them should work but behave slightly differently. Bridge is useful when you want to join two networks, masquerade is OK if you don't want to access from WiFi network to your LAN network, otherwise you will have to set up port forwardings, if you chose to route in between, then your WiFi router need to be aware of your LAN and have your laptop in between as a gateway to route the correct packages. -- Hakan (m1fcj) - http://www.hititgunesi.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On 6 November 2010 13:04, Dotan Cohen dotanco...@gmail.com wrote: Although I need to stay connected to the wireless router, can I still access the address 192.168.0.1 on the wired interface? Some googling led me to the keyword loopback but I am at a loss as how to configure it, or if this is even the right idea. If there is a specific page that I should be reading in the fine manual then please do RTFM me, as I myself failed to find the proper page. (re-reading what you wrote) I think I now get it. You want to use both network cards at the same time. Yes, it's doable. The easiest method would be bonding. -- Hakan (m1fcj) - http://www.hititgunesi.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
RPMForge has a lot of packages (but be careful!). rpmbone has more. Careful about what? Third-party repos sometimes conflict. For example if you activate both EPEL and RPMForge fully, it is very likely that your perl-* packages will be a complete mess. That's why I personally followed the approach of enabling EPEL (almost) fully and then include RPMForge packages one by one (see my previous mail) It could be done the other way around, using primarily RPMForge and then picking up EPEL packages one by one. RPMForge is stronger on multimedia, up-to-date versions etc., but EPEL is a Fedora project and many packages have the same maintainer in EPEL and Fedora. So, by using it you stay more in the Red Hat family, since RHEL (and thus CentOS) releases are based on Fedora. A recommended approach is also to use the yum priorities plugin: http://wiki.centos.org/PackageManagement/Yum/Priorities ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
On 6 November 2010 13:22, Dotan Cohen dotanco...@gmail.com wrote: Are there any specific applications that you need but are not available in the CentOS repos, or just in general? My experience is that I had to build Anki [1], as no current version was available for either CentOS or Fedora. I like Tomboy, which in turn requires the mono stack, and neither is available on CentOS nor EPEL. I could use gnote as an alternative, though, it also is not available at those two repos either. And I use the Flash player and Acrobat reader from the Adobe repo. Can they be used on CentOS? And I like to listen to radio over the Internet, so I use different streaming protocols, codecs and players plugged in to Firefox. So yes, with codecs, flash, players and so on I am asking for trouble. I would say half of the reliability issues I have with Fedora are related to Firefox and media plugins and codecs. Hopefully with CentOS I would have less Gnome issues and kernel oops. Anyway, Fedora 12 was very reliable on my hardware, but I have a number of issues with Fedora 13. I could try to upgrade to Fedora 14 but perhaps I will wait instead for CentOS 6. Apparently it is largely based on Fedora 12 so I would expect it would work well on my PC. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 15:52, Hakan Koseoglu ha...@koseoglu.org wrote: You want to use both network cards at the same time. Yes, it's doable. The easiest method would be bonding. Yes, both cards at the same time. They are on different networks: eth0 is connected to an internet-less LAN, and wlan0 is connected to a router that connects it with the internet. Both networks have devices on 192.168.0.1 and I need to access (via port 80 in a web browser) both those devices at the same time. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
On 6 November 2010 13:57, Mathieu Baudier mbaud...@argeo.org wrote: Third-party repos sometimes conflict. For example if you activate both EPEL and RPMForge fully, it is very likely that your perl-* packages will be a complete mess. That's why I personally followed the approach of enabling EPEL (almost) fully and then include RPMForge packages one by one (see my previous mail) It could be done the other way around, using primarily RPMForge and then picking up EPEL packages one by one. RPMForge is stronger on multimedia, up-to-date versions etc., but EPEL is a Fedora project and many packages have the same maintainer in EPEL and Fedora. So, by using it you stay more in the Red Hat family, since RHEL (and thus CentOS) releases are based on Fedora. Thanks, I will keep that in mind. In fact I also had the same problem with Fedora, whereby some Atrpms packages conflicted with those from mainline Fedora or RPM Fusion, so I ended up disabling Atrpms and enabling it only when grabbing individual packages. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
It seems that bonding is aggregating multiple ethernet channels together to form a single channel, not quite what I am looking for. To be more specific: I am connected to the internet via wlan0. When I type 192.168.0.1 into my web browser, I get the web control panel of the Linksys router that manages that wireless network. However, at the moment I need to access the web control panel of the D-Link router that manages my eth0 LAN, also on 192.168.0.1 but on the eth0 interface. How can this be done? Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On 06.11.10 15:13, Dotan Cohen wrote: To be more specific: I am connected to the internet via wlan0. When I type 192.168.0.1 into my web browser, I get the web control panel of the Linksys router that manages that wireless network. However, at the moment I need to access the web control panel of the D-Link router that manages my eth0 LAN, also on 192.168.0.1 but on the eth0 interface. How can this be done? Set a temporary additional route #$ ip ro add 192.168.0.1/32 dev eth0 You can get rid of it again with #$ ip ro del 192.168.0.1 However, maybe you really should get rid of such doubled adresses or networks. -- Best Regards, Markus Falb signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
At Sat, 6 Nov 2010 13:15:20 + CentOS mailing list centos@centos.org wrote: On 6 November 2010 12:57, Robert Heller hel...@deepsoft.com wrote: RPMForge has a lot of packages (but be careful!). Â rpmbone has more. Careful about what? Conflicts with EPel and 'interesting' dependency issues. So long as you do things like use priorities and don't leave RPMForge enabled by default and only enable it on the command line when you install specific packages. Or explicitly list the packages you are getting from RPMForge. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Robert Heller -- 978-544-6933 / hel...@deepsoft.com Deepwoods Software-- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] xServes are dead ;-( / SAN Question
On Nov 5, 2010, at 7:34 PM, Nicolas Ross rossnick-li...@cybercat.ca wrote: Hi ! As some of you might know, Apple has discontinued it's xServes server as of january 31st 2011. We have a server rack with 12 xserves ranging from dual G5's to dual quand-core xeon lastest generation, 3 xserve-raid and one activeraid 16 TB disk enclosure. We also use xSan to access a shared file system among the servers. Services are run from this shared filesystem, spreaded across the servers. Some LUNs on the fiber channel network are accessed directly and mounted on a case-by-case basis. Those raid volumes are partitioned with a GUID partition map, and apple_label type volumes. So they can be mounted by name with mount_hfs. We were on the verge on upgrading at least 6 of our server in a separate location (as a backup-site), with another SAN, same aplication etc. But this announce has come put a little delay. We do have several servers running CentOS (about 10 or so), on intel server platform. Now with this said, I am searching for documentation on operating a SAN under linux. We are looking at Quantum StorNext FS2 product for the SAN itselft. And I am searching info about accessing volumes on a fiber channel network by label. I know I can label individual ext3 partition, but how to do so on a raid array via fiber channel ? Basicly, I search for a linux starter guide to fiber channel storage. Thanks for any insight. You could also look at Nexenta to replace the OS on the SAN head servers, load up their RAM, put in SSD drives and make the storage live for another 5 years until you can find an alternative. As for the other servers, virtualize, virtualize, virtualize. Then you don't really have to worry about the hardware being discontinued any more. -Ross ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 69, Issue 4
Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-requ...@centos.org You can reach the person managing the list at centos-announce-ow...@centos.org When replying, please edit your Subject line so it is more specific than Re: Contents of CentOS-announce digest... Today's Topics: 1. CEBA-2010:0827 CentOS 5 i386 logrotate Update (Tru Huynh) 2. CEBA-2010:0827 CentOS 5 x86_64 logrotate Update (Tru Huynh) 3. CEBA-2010:0826 CentOS 5 i386 gnome-screensaverUpdate (Tru Huynh) 4. CEBA-2010:0826 CentOS 5 x86_64 gnome-screensaver Update (Tru Huynh) -- Message: 1 Date: Fri, 5 Nov 2010 23:50:07 +0100 From: Tru Huynh t...@centos.org Subject: [CentOS-announce] CEBA-2010:0827 CentOS 5 i386 logrotate Update To: centos-annou...@centos.org Message-ID: 20101105225007.go24...@sillage.bis.pasteur.fr Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2010:0827 Upstream details at : https://rhn.redhat.com/errata/RHBA-2010-0827.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) i386: ae1caae9068e3be9012a8a1bee428833 logrotate-3.7.4-9.el5_5.2.i386.rpm source: d0fef61c003ca12a30b3279c91ea233e logrotate-3.7.4-9.el5_5.2.src.rpm Tru -- Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xBEFA581B -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.centos.org/pipermail/centos-announce/attachments/20101105/b82e0f1a/attachment-0001.bin -- Message: 2 Date: Fri, 5 Nov 2010 23:51:07 +0100 From: Tru Huynh t...@centos.org Subject: [CentOS-announce] CEBA-2010:0827 CentOS 5 x86_64 logrotate Update To: centos-annou...@centos.org Message-ID: 20101105225107.gp24...@sillage.bis.pasteur.fr Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2010:0827 Upstream details at : https://rhn.redhat.com/errata/RHBA-2010-0827.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) x86_64: 06d0036ea8789c845363286aa35e87df logrotate-3.7.4-9.el5_5.2.x86_64.rpm source: d0fef61c003ca12a30b3279c91ea233e logrotate-3.7.4-9.el5_5.2.src.rpm Tru -- Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xBEFA581B -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.centos.org/pipermail/centos-announce/attachments/20101105/8ba5428e/attachment-0001.bin -- Message: 3 Date: Fri, 5 Nov 2010 23:51:51 +0100 From: Tru Huynh t...@centos.org Subject: [CentOS-announce] CEBA-2010:0826 CentOS 5 i386 gnome-screensaver Update To: centos-annou...@centos.org Message-ID: 20101105225151.gq24...@sillage.bis.pasteur.fr Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2010:0826 Upstream details at : https://rhn.redhat.com/errata/RHBA-2010-0826.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) i386: 0e97270b3225ac5734af4a38a4edd162 gnome-screensaver-2.16.1-8.el5_5.1.i386.rpm source: 642f51ac1be230e9a0dba08360e6a7bd gnome-screensaver-2.16.1-8.el5_5.1.src.rpm Tru -- Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xBEFA581B -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.centos.org/pipermail/centos-announce/attachments/20101105/e46e3aa5/attachment-0001.bin -- Message: 4 Date: Fri, 5 Nov 2010 23:52:48 +0100 From: Tru Huynh t...@centos.org Subject: [CentOS-announce] CEBA-2010:0826 CentOS 5 x86_64 gnome-screensaver Update To: centos-annou...@centos.org Message-ID: 20101105225248.gr24...@sillage.bis.pasteur.fr Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2010:0826 Upstream details at : https://rhn.redhat.com/errata/RHBA-2010-0826.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) x86_64: 756651824187ae5ddcbe08ffc47bf337 gnome-screensaver-2.16.1-8.el5_5.1.x86_64.rpm source: 642f51ac1be230e9a0dba08360e6a7bd gnome-screensaver-2.16.1-8.el5_5.1.src.rpm Tru -- Tru Huynh (mirrors,
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 16:29, Markus Falb markus.f...@fasel.at wrote: Set a temporary additional route #$ ip ro add 192.168.0.1/32 dev eth0 You can get rid of it again with #$ ip ro del 192.168.0.1 Thanks, that is what I need to know! I should be able to google it from here. However, maybe you really should get rid of such doubled adresses or networks. Neither side is willing to bugde, it's my own doing really and it's in a learning environment, not a business environment, so I learn what I can from it! CentOS seems to be very flexible and configurable, doubly so regarding anything to do with a network, and this is a great way to learn about both the OS and networks in general. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Logwatch not working properly
I having a problem where Logwatch is not showing any events from the
/var/log/secure log file. When I run
logwatch --print --range today --service sshd --detail 10 --debug 10
the end result shows this:
...
LogFiles that will be processed:
[0] = secure
[1] = messages
Made Temp Dir: /var/cache/logwatch/logwatch.sOga48bL with tempdir
export LOGWATCH_DATE_RANGE='today'
export LOGWATCH_GLOBAL_DETAIL='10'
export LOGWATCH_OUTPUT_TYPE='unformatted'
export LOGWATCH_TEMP_DIR='/var/cache/logwatch/logwatch.sOga48bL/'
export LOGWATCH_DEBUG='10'
Preprocessing LogFile: secure
/var/log/secure 2/dev/null | /usr/bin/perl
/usr/share/logwatch/scripts/shared/expandrepeats ''| /usr/bin/perl
/usr/share/logwatch/scripts/shared/onlyhost ''| /usr/bin/perl
/usr/share/logwatch/scripts/shared/applystddate
''/var/cache/logwatch/logwatch.sOga48bL/secure
TimeFilter: Period is day
TimeFilter: SearchDate is (Nov 6 ..:..:..)
TimeFilter: Debug SearchDate is (Nov 6 )
DEBUG: Inside ApplyStdDate...
DEBUG: Looking For: (Nov 6 ..:..:..)
Preprocessing LogFile: messages
/var/log/messages 2/dev/null | /usr/bin/perl
/usr/share/logwatch/scripts/shared/expandrepeats ''| /usr/bin/perl
/usr/share/logwatch/scripts/shared/removeservice 'talkd'| /usr/bin/perl
/usr/share/logwatch/scripts/shared/removeservice 'telnetd'| /usr/bin/perl
/usr/share/logwatch/scripts/shared/removeservice 'inetd'| /usr/bin/perl
/usr/share/logwatch/scripts/shared/removeservice 'nfsd'| /usr/bin/perl
/usr/share/logwatch/scripts/shared/removeservice '/sbin/mingetty'|
/usr/bin/perl /usr/share/logwatch/scripts/shared/removeservice 'netscreen'|
/usr/bin/perl /usr/share/logwatch/scripts/shared/removeservice 'netscreen'|
/usr/bin/perl /usr/share/logwatch/scripts/shared/onlyhost ''| /usr/bin/perl
/usr/share/logwatch/scripts/shared/applystddate
''/var/cache/logwatch/logwatch.sOga48bL/messages
DEBUG: Inside RemoveService...
DEBUG: Inside RemoveService...
DEBUG: Inside RemoveService...
DEBUG: Inside RemoveService...
DEBUG: Inside RemoveService...
DEBUG: Inside RemoveService...
DEBUG: Inside RemoveService: 930 Lines In, 930 Lines Out
DEBUG: Inside RemoveService: 930 Lines In, 930 Lines Out
DEBUG: Inside RemoveService: 930 Lines In, 930 Lines Out
DEBUG: Inside RemoveService: 930 Lines In, 930 Lines Out
DEBUG: Inside RemoveService: 930 Lines In, 930 Lines Out
DEBUG: Inside RemoveService...
DEBUG: Inside RemoveService: 930 Lines In, 930 Lines Out
DEBUG: Inside RemoveService: 930 Lines In, 930 Lines Out
TimeFilter: Period is day
TimeFilter: SearchDate is ( 2010-Nov-06 ..h ..m ..s )
TimeFilter: Debug SearchDate is ( 2010-Nov-06 h m s )
### Logwatch 7.3 (03/24/06)
Processing Initiated: Sat Nov 6 11:38:23 2010
Date Range Processed: today
( 2010-Nov-06 )
Period is day.
Detail Level of Output: 10
Type of Output: unformatted
Logfiles for Host: valhala..org
##
- SSHD Begin
DEBUG: Inside OnlyService for sshd
DEBUG: Inside SSHD Filter
-- SSHD End -
Looking at file /usr/share/logwatch/scripts/services/sshd there is block of
code starting at line 165:
...
if ( $Debug = 5 ) {
print STDERR \n\nDEBUG: Inside SSHD Filter \n\n;
$DebugCounter = 1;
}
while (defined(my $ThisLine = STDIN)) {
if ( $Debug = 5 ) {
print STDERR DEBUG($DebugCounter): $ThisLine;
$DebugCounter++;
}
...
From above, this line never prints anything:
print STDERR DEBUG($DebugCounter): $ThisLine;
while the previous print STDERR does print when $Debug = 5.
Doing a rpm -V Logwatch shows one changed file
S.5T c /etc/logwatch/conf/logwatch.conf
as I added a Detail = High line to it.
I do have sshd events in /var/log/secure, here's some showing testing a
failed login using a non-existing account:
2010-11-06T08:59:03.684006-04:00 valhala sshd[23633]: Invalid user bob from
192.168.1.12
2010-11-06T08:59:03.688784-04:00 valhala sshd[23636]:
input_userauth_request: invalid user bob
2010-11-06T08:59:05.996036-04:00 valhala sshd[23633]: pam_unix(sshd:auth):
check pass; user unknown
2010-11-06T08:59:05.996313-04:00 valhala sshd[23633]: pam_unix(sshd:auth):
authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=bunny2..org
2010-11-06T08:59:07.837697-04:00 valhala sshd[23633]: Failed password for
invalid user bob from 192.168.1.12 port 57945 ssh2
2010-11-06T08:59:10.644065-04:00 valhala sshd[23633]: pam_unix(sshd:auth):
check pass; user unknown
2010-11-06T08:59:12.505509-04:00 valhala sshd[23633]: Failed password for
invalid user bob from 192.168.1.12 port 57945 ssh2
2010-11-06T08:59:14.348019-04:00 valhala sshd[23633]: pam_unix(sshd:auth):
check pass; user unknown
2010-11-06T08:59:15.759400-04:00 valhala sshd[23633]: Failed password for
invalid user bob
Re: [CentOS] Addressing outgoing connections to a specific interface
On 11/06/10 7:29 AM, Markus Falb wrote: On 06.11.10 15:13, Dotan Cohen wrote: To be more specific: I am connected to the internet via wlan0. When I type 192.168.0.1 into my web browser, I get the web control panel of the Linksys router that manages that wireless network. However, at the moment I need to access the web control panel of the D-Link router that manages my eth0 LAN, also on 192.168.0.1 but on the eth0 interface. How can this be done? Set a temporary additional route #$ ip ro add 192.168.0.1/32 dev eth0 You can get rid of it again with #$ ip ro del 192.168.0.1 that temporary route will break his internet access, since 192.168.0.1 is ALSO his internet gateway on the W-LAN side. there's no way around this. if you can readdress one or the other LAN, then this would just work all the time. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 19:10, John R Pierce pie...@hogranch.com wrote: that temporary route will break his internet access, since 192.168.0.1 is ALSO his internet gateway on the W-LAN side. there's no way around this. if you can readdress one or the other LAN, then this would just work all the time. This is on the Internet-connected interface: wlan0 Link encap:Ethernet HWaddr 00:18:de:98:c7:34 inet addr:192.168.0.26 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::218:deff:fe98:c734/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:114879 errors:0 dropped:0 overruns:0 frame:0 TX packets:78945 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:104017653 (104.0 MB) TX bytes:11292782 (11.2 MB) And this is on the LAN-connected interface: eth0 Link encap:Ethernet HWaddr 00:15:c5:c8:13:d1 inet addr:192.168.0.101 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::215:c5ff:fec8:13d1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1921474 errors:0 dropped:0 overruns:0 frame:0 TX packets:8322288 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:146445850 (146.4 MB) TX bytes:3479224403 (3.4 GB) Interrupt:17 I'm not booted into CentOS at the moment (I just rebooted to Ubuntu because my Thunderbird mail is there) but I can reboot if there is any other info that might be relevant. I'm really surprised that it is this difficult (I don't yet believe impossible!) and just assumed that I'm doing things wrong. As the saying goes, if in Linux it is getting difficult, then you are probably doing it wrong! Surely I am not the first person who is connected to two separate LANs and needs to access addresses on both of them. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
On Sat, 06 Nov 2010 11:31:18 + Piscium wrote: So I wonder what do other CentOS users do in a similar situation? Is it possible to get a Fedora binary package and install it? What about getting a Fedora source package, building and installing it? Is there any other possibility? For a few programs that don't seem to be (readily) available for Centos I just take some steps to create/compile my own rpm. Sometimes all it takes is a simple rpmbuild --rebuild command on a Fedora rpm, sometimes it takes a bit more than that. You can find my Centos rpms here: http://www.melvilletheatre.com/articles/el5/index.html -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On 6 November 2010 14:13, Dotan Cohen dotanco...@gmail.com wrote: To be more specific: I am connected to the internet via wlan0. When I type 192.168.0.1 into my web browser, I get the web control panel of the Linksys router that manages that wireless network. However, at the moment I need to access the web control panel of the D-Link router that manages my eth0 LAN, also on 192.168.0.1 but on the eth0 interface. How can this be done? OK, I got it wrong earlier. Not possible without breaking your WLan network. It's much easier to move the D-Link router to 192.168.0.2 or something else, in most cases it doesn't matter where the router sits. Better, move one of them to an other private network subnet (192.168.1.0/24 maybe?) -- Hakan (m1fcj) - http://www.hititgunesi.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On 11/06/2010 10:29 AM, Dotan Cohen wrote: Surely I am not the first person who is connected to two separate LANs and needs to access addresses on both of them. No. You're just one of the first to want to do it with both sub-nets set up with THE SAME NETWORK ADDRESS. Move one. Both are adjustable. -- KevinO ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 19:35, Hakan Koseoglu ha...@koseoglu.org wrote: OK, I got it wrong earlier. Not possible without breaking your WLan network. It's much easier to move the D-Link router to 192.168.0.2 or something else, in most cases it doesn't matter where the router sits. Better, move one of them to an other private network subnet (192.168.1.0/24 maybe?) Thanks, Hakan. I control neither router! The wireless admin doesn't even understand that her wifi is unsecured (but she says that if I can connect via her connection somehow and don't cause trouble, she doesn't mind) and the wired network has too many other-people things already connecting to the 192.168.0.1 address that it would not be feasible to change. I'll google it some more, this is more of a learning experience for me than a critical issue. I seem to be a bit too convinced that somehow this is possible, and so long as I'm learning I will continue to try. I'll post back if I have any success. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 20:05, KevinO ke...@kevino.org wrote: No. You're just one of the first to want to do it with both sub-nets set up with THE SAME NETWORK ADDRESS. Move one. Both are adjustable. I see! Is there no way to do specify which interface (eth0 / wlan0) to use for the rest of a terminal session, without affecting other running processes? The problem pretty much reduces to this. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On 11/06/2010 11:10 AM, Dotan Cohen wrote: On Sat, Nov 6, 2010 at 20:05, KevinOke...@kevino.org wrote: No. You're just one of the first to want to do it with both sub-nets set up with THE SAME NETWORK ADDRESS. Move one. Both are adjustable. I see! Is there no way to do specify which interface (eth0 / wlan0) to use for the rest of a terminal session, without affecting other running processes? The problem pretty much reduces to this. It boils down to the routing table, which is based on IP address, and this table is system wide. -- KevinO ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On 11/06/2010 11:10 AM, Dotan Cohen wrote: On Sat, Nov 6, 2010 at 20:05, KevinOke...@kevino.org wrote: No. You're just one of the first to want to do it with both sub-nets set up with THE SAME NETWORK ADDRESS. Move one. Both are adjustable. I see! Is there no way to do specify which interface (eth0 / wlan0) to use for the rest of a terminal session, without affecting other running processes? The problem pretty much reduces to this. The only other solutions I can come up with involve adding another machine, either virtual or physical. -- KevinO ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 20:14, KevinO ke...@kevino.org wrote: It boils down to the routing table, which is based on IP address, and this table is system wide. I see, thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Nov 6, 2010, at 9:04 AM, Dotan Cohen wrote: Both connections have router on the 192.168.0.1 address. Although I need to stay connected to the wireless router, can I still access the address 192.168.0.1 on the wired interface? What you want is a NAT to take, say, 192.168.1.0/24 and translate it to the eth0 192.168.0.0/24 network, where the translation occurs at the egress of eth0 (that is, the 192.168.1.0/24 route is set to go out eth0, and the egress (and by extension the ingress) traffic gets translated. How you would do this in iptables I'm not sure; I've done it with Cisco hardware, as this is a common issue when joining two RFC 1918 networks together that have overlapping address space. But at the end you would access 192.168.1.1 and it would get translated to 192.168.0.1 at the eth0 point and wouldn't interfere with the wlan0 version of the 192.168.0.1 address. I'm not exactly 100% sure it can be done without an external NAT box, but a small external router that can do NAT would make it much easier. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] xServes are dead ;-( / SAN Question
On 11/05/2010 04:34 PM, Nicolas Ross wrote: Now with this said, I am searching for documentation on operating a SAN under linux. We are looking at Quantum StorNext FS2 product for the SAN itselft. I'm not sure how much help you'll get from the community. StorNext is a proprietary product that appears to have its own drivers and management tools. If you want documentation, ask the vendor for it. And I am searching info about accessing volumes on a fiber channel network by label. I know I can label individual ext3 partition, but how to do so on a raid array via fiber channel ? Well, on standard SAN products you'll see block devices corresponding to the volumes that you've exported from the SAN to the host system. You can create filesystems on them and label those just like you would any other block device. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 20:51, Lamar Owen lo...@pari.edu wrote: On Nov 6, 2010, at 9:04 AM, Dotan Cohen wrote: Both connections have router on the 192.168.0.1 address. Although I need to stay connected to the wireless router, can I still access the address 192.168.0.1 on the wired interface? What you want is a NAT to take, say, 192.168.1.0/24 and translate it to the eth0 192.168.0.0/24 network, where the translation occurs at the egress of eth0 (that is, the 192.168.1.0/24 route is set to go out eth0, and the egress (and by extension the ingress) traffic gets translated. How you would do this in iptables I'm not sure; I've done it with Cisco hardware, as this is a common issue when joining two RFC 1918 networks together that have overlapping address space. But at the end you would access 192.168.1.1 and it would get translated to 192.168.0.1 at the eth0 point and wouldn't interfere with the wlan0 version of the 192.168.0.1 address. I'm not exactly 100% sure it can be done without an external NAT box, but a small external router that can do NAT would make it much easier. That is not what I am trying to do, I will try to rephrase: I have a laptop connected to two network interfaces: eth0 and wlan0. Each interface connects to a different LAN. Both LANs have machines on the 192.168.0.1 address that I must access via port 80 in a web browser. I don't need to access each one at the same time, but I do need to leave both interfaces up for other software running on this machine. CentOS 5.5, Dell Inspiron laptop. I suppose that I need either: 1) An address system such as eth0:192.168.0.1 and wlan0:192.168.0.1 (syntax invented to illustrate idea, it doesn't really work!) -or- 2) A way to do something like this as a user without affecting other users: $ export INTERFACE=eth0 $ lynx 192.168.0.1 $ export INTERFACE=wlan0 $ lynx 192.168.0.1 -or- 3) A pony. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Nov 6, 2010, at 4:05 PM, Dotan Cohen wrote: On Sat, Nov 6, 2010 at 20:51, Lamar Owen lo...@pari.edu wrote: But at the end you would access 192.168.1.1 and it would get translated to 192.168.0.1 at the eth0 point and wouldn't interfere with the wlan0 version of the 192.168.0.1 address. I'm not exactly 100% sure it can be done without an external NAT box, but a small external router that can do NAT would make it much easier. That is not what I am trying to do, I will try to rephrase: I have a laptop connected to two network interfaces: eth0 and wlan0. Each interface connects to a different LAN. Both LANs have machines on the 192.168.0.1 address that I must access via port 80 in a web browser. I don't need to access each one at the same time, but I do need to leave both interfaces up for other software running on this machine. CentOS 5.5, Dell Inspiron laptop. Right, I understood that. If you did a NAT you would access the WLAN one with its native 192.168.0.1, and the other one on eth0 with the translated (also RFC 1918) address, whatever you might have set that to. Now, I do realize that some routers will re-inject their IP address into URLs, and that might break things; fixable using DNS, but that's neither here nor there. And your machine itself needs access to both routers at the same time, whether you do or not, as you've described things, since one of those routers is the default gateway for the machine. I suppose that I need either: 1) An address system such as eth0:192.168.0.1 and wlan0:192.168.0.1 (syntax invented to illustrate idea, it doesn't really work!) -or- 2) A way to do something like this as a user without affecting other users: $ export INTERFACE=eth0 $ lynx 192.168.0.1 $ export INTERFACE=wlan0 $ lynx 192.168.0.1 2.5) The iptables -mowner --uid-owner rule might help you. (see http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#OWNERMATCH ) It has breakage as noted in the tutorial, however. Packet routing isn't designed to switch between multiple devices with the same address; the interface used isn't supposed to matter, in the eyes of the routing table (and in normal IP practice). Addresses are supposed to be unique, from the point of view of any given IP host, in other words. This is the problem NAT was invented to solve. Some routing protocols deal with this in ways, but, again, these protocols assume that if the address is the same, it's going to the same host. But you already knew all that.and I know you already knew all that. -or- 3) A pony. Choice three, like much of the whole IP routing infrastructure, leaves piles of poo lying around in too many places ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
Lamar Owen wrote: On Nov 6, 2010, at 4:05 PM, Dotan Cohen wrote: On Sat, Nov 6, 2010 at 20:51, Lamar Owen lo...@pari.edu wrote: But at the end you would access 192.168.1.1 and it would get translated to 192.168.0.1 at the eth0 point and wouldn't interfere with the wlan0 version of the 192.168.0.1 address. I'm not exactly 100% sure it can be done without an external NAT box, but a small external router that can do NAT would make it much easier. That is not what I am trying to do, I will try to rephrase: I have a laptop connected to two network interfaces: eth0 and wlan0. Each interface connects to a different LAN. Both LANs have machines on the 192.168.0.1 address that I must access via port 80 in a web browser. I don't need to access each one at the same time, but I do need to leave both interfaces up for other software running on this machine. CentOS 5.5, Dell Inspiron laptop. Right, I understood that. If you did a NAT you would access the WLAN one with its native 192.168.0.1, and the other one on eth0 with the translated (also RFC 1918) address, whatever you might have set that to. Now, I do realize that some routers will re-inject their IP address into URLs, and that might break things; fixable using DNS, but that's neither here nor there. And your machine itself needs access to both routers at the same time, whether you do or not, as you've described things, since one of those routers is the default gateway for the machine. I suppose that I need either: 1) An address system such as eth0:192.168.0.1 and wlan0:192.168.0.1 (syntax invented to illustrate idea, it doesn't really work!) -or- 2) A way to do something like this as a user without affecting other users: $ export INTERFACE=eth0 $ lynx 192.168.0.1 $ export INTERFACE=wlan0 $ lynx 192.168.0.1 2.5) The iptables -mowner --uid-owner rule might help you. (see http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#OWNERMATCH ) It has breakage as noted in the tutorial, however. Packet routing isn't designed to switch between multiple devices with the same address; the interface used isn't supposed to matter, in the eyes of the routing table (and in normal IP practice). Addresses are supposed to be unique, from the point of view of any given IP host, in other words. This is the problem NAT was invented to solve. Some routing protocols deal with this in ways, but, again, these protocols assume that if the address is the same, it's going to the same host. But you already knew all that.and I know you already knew all that. To amplify this just a little bit, by the rules of IP routing, every machine must: A) Have a unique address. B) Be attached to the proper subnet for that address as defined by the local netmask. Once those are true, there exists a unique route between any two machines connected to the network, or the Internet. Having said that, part of the 192.168 address block is unique in that it cannot be routed over the Internet. It doesn't exist anywhere as far as those routers are concerned. However, there is a way to map that block of local addresses to routeable addresses, called Network Address Translation (NAT). All you need is one router between the private block and the Internet that you can use to do that mapping. Most firewalls can handle that in their sleep. So what you need is a way to insert a router between your software and one of your devices with the duplicated address. That router would then translate the addresses in one of those subnets into a unique address that won't conflict with the other. Personally, I would probably use a VM with FreeBSD and/or m0n0wall. But I still wonder if you are unique in finding this address collision, or do others also have the same problem? If it is widespread, then it should be solved by the people managing those devices. Bob McConnell N2SPP ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Nov 6, 2010, at 5:19 PM, Bob McConnell wrote: But I still wonder if you are unique in finding this address collision, or do others also have the same problem? If it is widespread, then it should be solved by the people managing those devices. Nah; one of the prominent use cases for NAT on Cisco routers is linking between two overlapping networks. (see http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080093f30.shtml ) This happens when companies merge, for instance, and both of them used the same or overlapping RFC1918 networks; happens a lot with 10.0.0.0/8 and 192.168.0.0/16 (mostly in the 192.168.0.0/24 and 192.168.1.0/24), not so much in 172.16.0.0/12 (which then becomes a popular pool to NAT the overlappers to). Judicious NAT and split DNS help solve the problem until things can get renumbered. Large networks never do get renumbered, and NAT between enterprise networks lives on. IPv6 includes a large block of ULA addresses to hopefully reduce collisions of this sort for non-globally-routed addresses.___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Semi-Authoritative DNS?
On 11/06/2010 02:54 AM, Tim Nelson wrote: Greetings All- I have an odd need for a 'semi-authoritative' DNS server. Let's say I have a zone for 'domain.com' with public DNS servers. However, I wanted to run an internal DNS server for internal things. Public resolution of 'www.domain.com' would yield the public IPs, private resolution of 'www.domain.com' would yield the internal private IPs. Easy enough. BUT, what if there is a DNS record present on the public nameservers that is *not* present on the internal nameserver? Typically, DNS will say 'no record found' when it could really forward the request to the public DNS. Is it possible to configure this? So, the internal 'domain.com' zone will be authoritative for records it has but forward queries for those records it does not have, even on the same domain? Checkout dnsmasq package. That will do exactly what you want. Kal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, 2010-11-06 at 17:19 -0400, Bob McConnell wrote: So what you need is a way to insert a router between your software and one of your devices with the duplicated address. That router would then translate the addresses in one of those subnets into a unique address that won't conflict with the other. Personally, I would probably use a VM with FreeBSD and/or m0n0wall. But I still wonder if you are unique in finding this address collision, or do others also have the same problem? If it is widespread, then it should be solved by the people managing those devices. See http://shorewall.net/netmap.html Shorewall firewall alows one to remap addresses. regards, Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logwatch not working properly
Found it. From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Albert McCann Sent: Saturday, November 06, 2010 12:18 PM To: 'CentOS mailing list' Subject: [CentOS] Logwatch not working properly I having a problem where Logwatch is not showing any events from the /var/log/secure log file. The date format used by the default /etc/rsyslogd.conf may be wrong in CentOS 5.5, and I'm guessing RedHat's rsyslog-3.22.1-3. 2010-11-06T08:59:03.684006-04:00 valhala sshd[23633]: Invalid user bob from 192.168.1.12 I renamed rsyslog.conf to rsyslog.conf.back and reinstalled rsyslog just to make sure I got a good rsyslog.conf file. What it should display as is this (for logwatch to be able to see): Nov 6 21:25:31 valhala sshd[579]: Accepted password for someone from 192.168.1.12 port 61275 ssh2 This provided the clue I needed: http://howtoforge.org/forums/showthread.php?p=242790 I have Fedora 13 running in a VMWare session, and this line from F13's rsyslog.conf, seems to do this trick: $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat Al -- Ate yerz ago i cudent evin spel injuneer. Now i ar one. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logwatch not working properly
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Albert McCann Sent: Saturday, November 06, 2010 9:55 PM To: 'CentOS mailing list' Subject: Re: [CentOS] Logwatch not working properly Found it. Now that I know what to look for, here's the RedHat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=583621 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] httpd RPM newer than 2.0.63 avail for CentOS 4.x?
I'm maintaining an internet-facing web server which is now running httpd 2.0.63 (httpd-2.0.63-2.el4s1.centos.2) which is now neary 2.5 years old(!?!). I need to move to either 2.0.64 or 2.2.12 or later. However, I've been unable to find available RPMs for such releases for CentOS 4.x. I have to believe that others have these needs also. In light of this, how do others keep up with security upgrades for the httpd? I'm rather new to this aspect of things, so am still in the process of sorting things out in this regard. Any help would be appreciated. Thanks! --Phil -- Philip Amadeo Saeli CentOS, RHEL, openSUSE psa...@zorodyne.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
