Re: [CentOS-docs] Contributing to Wiki
On 04/03/2011 02:31 AM, Jim Woods wrote: I emailed you sometime last week off-list. I re-read the website version 2, next steps thread, tried to write an email in response, realized it was terribly too long, and figured I would edit the wiki pages or put up a couple of new ones. The wiki isnt a mailing list, please dont use it to 'communicate' with people. - KB ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-docs] Release Notes for CentOS 5.6
Hi, this release has taken quite a long time (probably too long), but it is nearing it's release (I think I already had this excuse once before). Which means that it is Release Notes time! And that we're in need of translators for the Release Notes! http://wiki.centos.org/Manuals/ReleaseNotes/CentOS5.6 is what's there already, so if you want to translate these pages, go ahead. If you haven't done any tranastions before (for us that is) and want to help, make sure that you are on this page: http://wiki.centos.org/TranslationGroup To do that, just drop a mail here on the centos-docs mailing list :) Cheers and thanks in advance, Ralph ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Release Notes for CentOS 5.6
On Mon, Apr 4, 2011 at 8:57 AM, Ralph Angenendt ra...@centos.org wrote: If you haven't done any tranastions before (for us that is) and want to help, make sure that you are on this page: http://wiki.centos.org/TranslationGroup Please note that not all translators are listed on that page. Akemi ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On Mon, Apr 4, 2011 at 3:23 AM, Karanbir Singh mail-li...@karan.org wrote: The wiki isnt a mailing list, please dont use it to 'communicate' with people. Are you serious? You're telling me it's not acceptable procedure to create a wiki page, say WebsiteVer2/WireFrame, where folks can post an image for the website design, then discuss on the mailing list and point people to that wiki page to look at? I should post my existing website content review (not very short) just to the mailing list? Not as a wiki page where others can edit and adjust? A living document on the wiki and discussion on the mailing list, that's unacceptable? Now, I am going to guess this is a mis-understanding. That you thought I was just going to post my email verbatim to the wiki. That is not the case. All I wanted to do was create the starter pages like the ones I mention above, then post to the mailing list and get the discussion moving forward. It seemed inefficient to me to try and use the mailing list for the collaborative work portion and not the wiki. Thanks, Jim ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On 4 April 2011 17:25, Jim Woods redkil...@gmail.com wrote: On Mon, Apr 4, 2011 at 3:23 AM, Karanbir Singh mail-li...@karan.org wrote: The wiki isnt a mailing list, please dont use it to 'communicate' with people. Are you serious? You're telling me it's not acceptable procedure to create a wiki page, say WebsiteVer2/WireFrame, where folks can post an image for the website design, then discuss on the mailing list and point people to that wiki page to look at? I should post my existing website content review (not very short) just to the mailing list? Not as a wiki page where others can edit and adjust? A living document on the wiki and discussion on the mailing list, that's unacceptable? Now, I am going to guess this is a mis-understanding. That you thought I was just going to post my email verbatim to the wiki. That is not the case. All I wanted to do was create the starter pages like the ones I mention above, then post to the mailing list and get the discussion moving forward. It seemed inefficient to me to try and use the mailing list for the collaborative work portion and not the wiki. Do you have a home page, Jim? If so, use that. If not, Ralph will create one for you, if asked. Alan. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On 04/04/2011 05:25 PM, Jim Woods wrote: On Mon, Apr 4, 2011 at 3:23 AM, Karanbir Singhmail-li...@karan.org wrote: The wiki isnt a mailing list, please dont use it to 'communicate' with people. Are you serious? Absolutely! You're telling me it's not acceptable procedure to create a wiki page, say WebsiteVer2/WireFrame, where folks can post an image for the website design, then discuss on the mailing list and point people to that wiki page to look at? I can imagine there will be a fair few ideas thrown around, so sticking with the list initially would be better. If not, a vcs instance to host such would be far better than putting it in the wiki. Now, I am going to guess this is a mis-understanding. That you thought I was just going to post my email verbatim to the wiki. That is not That is what it sounded like... the case. All I wanted to do was create the starter pages like the ones I mention above, then post to the mailing list and get the discussion moving forward. It seemed inefficient to me to try and use the mailing list for the collaborative work portion and not the wiki. The 'work part of the website ver2' is meant to take place in a development centric tool, like openatrium, rather than overloading what is essentially a flat-text target, ie the wiki. As Alan pointed out, a good place to start might be under your username on the wiki. - KB ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On Mon, Apr 4, 2011 at 9:40 AM, Karanbir Singh mail-li...@karan.org wrote: The 'work part of the website ver2' is meant to take place in a development centric tool, like openatrium, rather than overloading what is essentially a flat-text target, ie the wiki. As Alan pointed out, a good place to start might be under your username on the wiki. Fair enough. Does the openatrium tool exist yet? Is that something else that needs to get done before moving forward? I wouldn't have made the wiki request, or assumed that was the correct place do this work if I had known there were plans to use another tool. Ralph, can you create a HomePage for me? I would like to use that to place a review of the existing web content, and maybe put up a wireframe to show how the frontpage would look. Thanks, Jim ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On 04/04/2011 06:04 PM, Jim Woods wrote: Fair enough. Does the openatrium tool exist yet? Is that something else that needs to get done before moving forward? I wouldn't have made the wiki request, or assumed that was the correct place do this work if I had known there were plans to use another tool. Yes, its there. But looks to be a bit frozen out at the moment ( http://qaweb.dev.centos.org/websitever2/ is where its meant to show up ); fwiw, its been 'evaluated', quite possible not 'decided' upon. Maybe a point for the meeting on Thursday! Ralph, can you create a HomePage for me? I would like to use that to place a review of the existing web content, and maybe put up a wireframe to show how the frontpage would look. I think he did that already :) also, it would be awesome if we can get a few options like this for the irc meeting on Thursday. - KB ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On Mon, Apr 4, 2011 at 10:07 AM, Karanbir Singh mail-li...@karan.org wrote: Yes, its there. But looks to be a bit frozen out at the moment ( http://qaweb.dev.centos.org/websitever2/ is where its meant to show up ); fwiw, its been 'evaluated', quite possible not 'decided' upon. Maybe a point for the meeting on Thursday! Absolutely. Ralph, can you create a HomePage for me? I would like to use that to place a review of the existing web content, and maybe put up a wireframe to show how the frontpage would look. I think he did that already :) I think he did too, but I can't access or edit it. You are not allowed to view this page. also, it would be awesome if we can get a few options like this for the irc meeting on Thursday. Agreed. I will try to get this up asap. I do plan on attending the meeting. Thanks, Jim ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On 4 April 2011 18:25, Jim Woods redkil...@gmail.com wrote: On Mon, Apr 4, 2011 at 10:07 AM, Karanbir Singh mail-li...@karan.org wrote: I think he did that already :) I think he did too, but I can't access or edit it. You are not allowed to view this page. I've just checked and see that there is a typo on the acl line. Unfortunately I can't correct it . . . Ralph, KB, Russ -- something for you to do, please. Alan. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-docs] Contributing to Wiki
On Mon, 4 Apr 2011, Alan Bartlett wrote: I think he did too, but I can't access or edit it. You are not allowed to view this page. I've just checked and see that there is a typo on the acl line. Unfortunately I can't correct it . . . umm -- E_NEED_CONTEXT ;) What page URL and perhaps a diff as to what is desired, please? -- I've deleted the prior thread tail out of my mailspool already -- Russ herrold ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On Mon, Apr 4, 2011 at 10:40 AM, R P Herrold herr...@centos.org wrote: On Mon, 4 Apr 2011, Alan Bartlett wrote: I think he did too, but I can't access or edit it. You are not allowed to view this page. I've just checked and see that there is a typo on the acl line. Unfortunately I can't correct it . . . umm -- E_NEED_CONTEXT ;) What page URL and perhaps a diff as to what is desired, please? -- I've deleted the prior thread tail out of my mailspool already Here: http://wiki.centos.org/JimWoods #acl JimWoods:reead,write,revert,delete Default Akemi ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On 4 April 2011 18:40, R P Herrold herr...@centos.org wrote: On Mon, 4 Apr 2011, Alan Bartlett wrote: I think he did too, but I can't access or edit it. You are not allowed to view this page. I've just checked and see that there is a typo on the acl line. Unfortunately I can't correct it . . . umm -- E_NEED_CONTEXT ;) What page URL and perhaps a diff as to what is desired, please? -- I've deleted the prior thread tail out of my mailspool already Oops, sorry Russ. And to compound things, I've just had a network disconnect! Please correct the typo in the acl line for Jim's home page [1], explicitly: s/reead/read/ and that should, I believe, solve the problem. Alan. [1] http://wiki.centos.org/JimWoods ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On 04/04/2011 08:48 PM, Akemi Yagi wrote: On Mon, Apr 4, 2011 at 10:40 AM, R P Herroldherr...@centos.org wrote: On Mon, 4 Apr 2011, Alan Bartlett wrote: I think he did too, but I can't access or edit it. You are not allowed to view this page. I've just checked and see that there is a typo on the acl line. Unfortunately I can't correct it . . . umm -- E_NEED_CONTEXT ;) What page URL and perhaps a diff as to what is desired, please? -- I've deleted the prior thread tail out of my mailspool already Here: http://wiki.centos.org/JimWoods #acl JimWoods:reead,write,revert,delete Default Akemi I used my supercow powers and fixed it . ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On 04/04/2011 09:00 PM, Manuel Wolfshant wrote: On 04/04/2011 08:48 PM, Akemi Yagi wrote: On Mon, Apr 4, 2011 at 10:40 AM, R P Herroldherr...@centos.org wrote: On Mon, 4 Apr 2011, Alan Bartlett wrote: I think he did too, but I can't access or edit it. You are not allowed to view this page. I've just checked and see that there is a typo on the acl line. Unfortunately I can't correct it . . . umm -- E_NEED_CONTEXT ;) What page URL and perhaps a diff as to what is desired, please? -- I've deleted the prior thread tail out of my mailspool already Here: http://wiki.centos.org/JimWoods #acl JimWoods:reead,write,revert,delete Default Akemi I used my supercow powers and fixed it . Actually I wanted to by I am not allowed to. I am just an ordinary cow, sorry for the noise. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On Mon, Apr 4, 2011 at 11:18 AM, Manuel Wolfshant wo...@nobugconsulting.ro wrote: On 04/04/2011 09:00 PM, Manuel Wolfshant wrote: On 04/04/2011 08:48 PM, Akemi Yagi wrote: On Mon, Apr 4, 2011 at 10:40 AM, R P Herroldherr...@centos.org wrote: What page URL and perhaps a diff as to what is desired, please? -- I've deleted the prior thread tail out of my mailspool already Here: http://wiki.centos.org/JimWoods #acl JimWoods:reead,write,revert,delete Default Akemi I used my supercow powers and fixed it . Actually I wanted to by I am not allowed to. I am just an ordinary cow, sorry for the noise. You are a supercow. But we need a super-duper-cow here. Akemi ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On Mon, Apr 4, 2011 at 12:41 PM, Akemi Yagi amy...@gmail.com wrote: You are a supercow. But we need a super-duper-cow here. I don't know who or what kind of cow did it, but I seem to be able to edit now. Thanks, Jim ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Contributing to Wiki
On Mon, Apr 4, 2011 at 1:32 PM, Jim Woods redkil...@gmail.com wrote: On Mon, Apr 4, 2011 at 12:41 PM, Akemi Yagi amy...@gmail.com wrote: You are a supercow. But we need a super-duper-cow here. I don't know who or what kind of cow did it, but I seem to be able to edit now. Thanks, It was done by a super-super-cow named KB. :-) Akemi ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-es] Copiar sin confirmación al reemplazar
Gracias por la info, me ha ayudado mucho. On Tue, 29 Mar 2011 09:47:57 -0600, RenÃ(c) Lara Alvarado wrote: Saludos Maykel Franco. A mi me sucedio lo mismo cuando iniciaba. Depues hasta risa me dió cuando conocí la solucion que aqui me lo resolvieron! Seguramente ya te contestaron, solo quiero agregar como a veces nos encerramos! Yo me pasé una tarde probando, pero mas que nada por la necedad de pensar ¿como es posible que no pueda hacer un copy? Te dejo mis notas de ese evento: Copiar un archivos sin confirmar la sobre escritura usando comando yes. yes | cp -Rf * /home/macropro/E_fe01 (esta es una solucion desesperada pero funciona!) En centos pide confirmacion porque por default hay un alias: cp='cp -i' Para quitarlo: unalias cp unalias elimina el alias de cp que pide confirmación Otra opcion para no eliminar el alias es encerrar entre apóstrofes, esto usa el comando tal cual sin alias, con la ventaja que el alias se mantiene para uso posteriores Ej: 'cp' archivo /haciadonde/archivo 'cp' -rf /RutaOrigen/* /RutaDestino/ - Original Message - From: Maykel Franco Hernandez To: centos Sent: Tuesday, March 29, 2011 5:14 AM Subject: [CentOS-es] Copiar sin confirmación al reemplazar Hola muy buenas, estoy tratando de copiar unos archivos actualizados a otro lugar donde no están actualizados y constantemente me pide la confirmación dichosa. He probado con muchos atributos para pasárselos al cp y nada... He hecho oun man cp y lo he leído todo inclusive buscado en internet y no consigo hacer que no me pida confirmación para reemplazar archivos. Hago un cp -aRf , cp -R --force , cp -fr ... y nada, supuestamente con la opción -f no debería de pedir confirmación...pero me la pide y si tengo que reemplazar 200.000 archivos dandole a la tecla s... Lo podría hacer con el cp -Ru lo que pasa que solo copia los ficheros que han sido modificados o diferentes, no reemplaza. ___ CentOS-es mailing list CentOS-es@centos.org [3] http://lists.centos.org/mailman/listinfo/centos-es [4] Links: -- [1] mailto:may...@maykel.sytes.net [2] mailto:centos-es@centos.org [3] mailto:CentOS-es@centos.org [4] http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Fwd: Problema cluster al bootear
Nadie puede hecharme un cable en esto?? Hola muy buenas, he seguido el siguiente tutorial que está muy bien: http://www.howtoforge.com/setting-up-an-active-active-samba-ctdb-cluster-using-gfs-and-drbd-centos-5.5 [1] El problema, es que cuando bootean los nodos, tiene puesto que en el archivo /etc/fstab de arranque, monte la partición /dev/drbd0 en /clusterdata en ambos nodos y eso se ejecuta antes de sincronizar las particiones drbd y no se monta porque no existe en ése momento...Podría ejecutar un servicio antes que otro? Cómo puedo solucionar esto? Es más, aparte, que cuando reinicias uno de los nodos y arranca ya no se sincroniza y hay que repetir el proceso... Alguien me puede ayudar? Esto lo he montado en otros sistemas linux y se han sincronizado correctamente en el booteo. Un saludo. ___ CentOS-es mailing list CentOS-es@centos.org [2] http://lists.centos.org/mailman/listinfo/centos-es [3] Links: -- [1] http://www.howtoforge.com/setting-up-an-active-active-samba-ctdb-cluster-using-gfs-and-drbd-centos-5.5 [2] mailto:CentOS-es@centos.org [3] http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Problema cluster al bootear
Muchisimas gracias por contestar, tengo el runlevel 3 que lo edite en /etc/inittab . Gracias, voy a probarlo y si tengo alguna duda la comento. Un saludo. On Mon, 4 Apr 2011 09:46:53 +0200, Oscar Osta Pueyo wrote: Hola, Podría ejecutar un servicio antes que otro? Si, primero de todo es saber que runlevel tienes...desde consola ejecuta # runlevel, devolverá algo parecido a N 3 o N 5. Una vez sabes tu runlevel puedes ir a /etc/rc3.d o /etc/rc5.d, donde se encuentran los enlaces a /etc/init.d. Los enlaces siguen la siguiente nomenclatura Kxxscript Sxxscript donde: - K le envía la opción stop al script. - S le envía la opción start al script. - xx son el orden de ejecución en el proceso de boot. Asi que deberías localizar tu script y cambiar el xx a un valor más alto. Con el tema del cluster con gfs y drdb no puedo ayudarte mucho...pero puedes mirar los siguientes documentos: http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [1] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [2] -- Oscar Osta Pueyo oostap.lis...@gmail.com [3] _kiakli_ Links: -- [1] http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [2] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [3] mailto:oostap.lis...@gmail.com ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Openfire Cambiar Active Directory
Hola a todos. Tengo el siguiente problema: Desde hace tiempo tengo instalado y configurado un servidor con openfire sobre CentOS. El mismo valida los usuarios con un Active Directory que tengo en la red. El problema se dio cuando cambie el servidor de Active Directory por otro que tiene una ip diferete. Y el primero fue apagado. Entonces ahora no puedo conectarme al openfire para que me valide a los mismos usuarios que tengo en el otro servidor con active directory. Lo que estoy necesitando es encontrar un lugar en openfire donde cambiar la ip del viejo servidor active directory por el nuevo. Alguno tiene idea donde puedo encontrar esto? Gracias y saludos ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Problema cluster al bootear
Alguien me puede ayudar con el tema de drbd?? Cada vez que arranca siempre me suelta el mismo error... block drbd0: Split-Brain detected but unresolved, dropping connection! El famoso split brain, si fuera una vez o alguna pues lo entendería pero siempre que configuro el drbd y consigo ya tener las 2 particiones sincronizadas como primary/primary y funcionando el servicio perfectamente, en cuanto reinivio otra vez lo mismo... block drbd0: Split-Brain detected but unresolved, dropping connection! Lo tengo puesto con un cable cruzado para garantizar la integridad de los datos y no saturar la red. Lo que no entiendo, porque el mismo sistema funciona 100% en ubuntu server... Nadie tiene experiencia en el tema del clúster que está muy a la orden del día?? Un saludo. Y gracias por anticipado, se aprende mucho en estas listas. On Mon, 4 Apr 2011 09:46:53 +0200, Oscar Osta Pueyo wrote: Hola, Podría ejecutar un servicio antes que otro? Si, primero de todo es saber que runlevel tienes...desde consola ejecuta # runlevel, devolverá algo parecido a N 3 o N 5. Una vez sabes tu runlevel puedes ir a /etc/rc3.d o /etc/rc5.d, donde se encuentran los enlaces a /etc/init.d. Los enlaces siguen la siguiente nomenclatura Kxxscript Sxxscript donde: - K le envía la opción stop al script. - S le envía la opción start al script. - xx son el orden de ejecución en el proceso de boot. Asi que deberías localizar tu script y cambiar el xx a un valor más alto. Con el tema del cluster con gfs y drdb no puedo ayudarte mucho...pero puedes mirar los siguientes documentos: http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [1] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [2] -- Oscar Osta Pueyo oostap.lis...@gmail.com [3] _kiakli_ Links: -- [1] http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [2] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [3] mailto:oostap.lis...@gmail.com ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Problema cluster al bootear
publica el archivo de configuración del drbd has puesto alguna condicion para manejar el split-brain? yo pongo una que indica que tome como saludable al más joven. qué usas para manejar el heartbeat? debes ponerle ahi el orden de arranque de los servicios. No arranques al drbd independientemente sino que lo arranque el sistema de heartbeat saludos epe Maykel Franco Hernandez wrote: Alguien me puede ayudar con el tema de drbd?? Cada vez que arranca siempre me suelta el mismo error... block drbd0: Split-Brain detected but unresolved, dropping connection! El famoso split brain, si fuera una vez o alguna pues lo entendería pero siempre que configuro el drbd y consigo ya tener las 2 particiones sincronizadas como primary/primary y funcionando el servicio perfectamente, en cuanto reinivio otra vez lo mismo... block drbd0: Split-Brain detected but unresolved, dropping connection! Lo tengo puesto con un cable cruzado para garantizar la integridad de los datos y no saturar la red. Lo que no entiendo, porque el mismo sistema funciona 100% en ubuntu server... Nadie tiene experiencia en el tema del clúster que está muy a la orden del día?? Un saludo. Y gracias por anticipado, se aprende mucho en estas listas. On Mon, 4 Apr 2011 09:46:53 +0200, Oscar Osta Pueyo wrote: Hola, Podría ejecutar un servicio antes que otro? Si, primero de todo es saber que runlevel tienes...desde consola ejecuta # runlevel, devolverá algo parecido a N 3 o N 5. Una vez sabes tu runlevel puedes ir a /etc/rc3.d o /etc/rc5.d, donde se encuentran los enlaces a /etc/init.d. Los enlaces siguen la siguiente nomenclatura Kxxscript Sxxscript donde: - K le envía la opción stop al script. - S le envía la opción start al script. - xx son el orden de ejecución en el proceso de boot. Asi que deberías localizar tu script y cambiar el xx a un valor más alto. Con el tema del cluster con gfs y drdb no puedo ayudarte mucho...pero puedes mirar los siguientes documentos: http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [1] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [2] -- Oscar Osta Pueyo oostap.lis...@gmail.com [3] _kiakli_ Links: -- [1] http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [2] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [3] mailto:oostap.lis...@gmail.com ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] iptables + squid proxy transparente
Hola amigos ya hace un muy buen rato que estoy batallando con un proxy que quiero levantar pero no encuentro cual es el problema tengo un servidor con la squid levantado y un script (que anexo en este correo) con un servidor de DHCP pero no logro que las maquinas dentro de la red que pasarian por el proxy obtengan señal de internet ya revise y revise la configuracion de mi squid de echo ahorita no esta restringiendo nada, ya tengo una lista ACL que apara todas mis direcciones del squid pero aun asi no obtengo resultados diferentes. Así que acudo a ustedes para que me ayuden con este pequeño proyecto que traigo en manos esperando que todos estén bien les mando un saludo y agradesimentos de antemano. -- Mario Villela Larraza mario.villelalarr...@gmail.com Cel 0445512591926 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Problema cluster al bootear
Antes de nada muchas gracias por contestar e interesarte. Te pondría los archivos de configuración ahora mismo pero no tengo los servidores disponibles puesto que los tengo en otras dos máquinas, las cuales son para pruebas. He seguido este tutorial pero me gustaría poner los archivos, pero ahora mismo no tengo acceso: http://www.howtoforge.com/setting-up-an-active-active-samba-ctdb-cluster-using-gfs-and-drbd-centos-5.5 En la pagina 2 viene todo referente a drbd y gfs. En cuanto a la instalación que he realizado no tengo administrado el drbd con heartbeat porque de momento estaba solo probando esa maqueta y luego finalmente le iba añadir heartbeat para el tema de servicios y ip virtual(resources en general). El split-brain es a veces común pero con el cable cross-over parece que iba mejor pero en esta instalación no tiene efecto. En cuanto tenga los servidores disponibles pongo los archivos de configuración y dejo tambien puesta las ultimas 20 lineas del log de /var/log/messages para ver el error que da cuando intenta sincronizar las 2 particiones en red(raid1). Un saludo y gracias por el interes. On Mon, 04 Apr 2011 09:08:02 -0500, Ing. Ernesto PÃ(c)rez EstÃ(c)vez wrote: publica el archivo de configuración del drbd has puesto alguna condicion para manejar el split-brain? yo pongo una que indica que tome como saludable al más joven. qué usas para manejar el heartbeat? debes ponerle ahi el orden de arranque de los servicios. No arranques al drbd independientemente sino que lo arranque el sistema de heartbeat saludos epe Maykel Franco Hernandez wrote: Alguien me puede ayudar con el tema de drbd?? Cada vez que arranca siempre me suelta el mismo error... block drbd0: Split-Brain detected but unresolved, dropping connection! El famoso split brain, si fuera una vez o alguna pues lo entendería pero siempre que configuro el drbd y consigo ya tener las 2 particiones sincronizadas como primary/primary y funcionando el servicio perfectamente, en cuanto reinivio otra vez lo mismo... block drbd0: Split-Brain detected but unresolved, dropping connection! Lo tengo puesto con un cable cruzado para garantizar la integridad de los datos y no saturar la red. Lo que no entiendo, porque el mismo sistema funciona 100% en ubuntu server... Nadie tiene experiencia en el tema del clúster que está muy a la orden del día?? Un saludo. Y gracias por anticipado, se aprende mucho en estas listas. On Mon, 4 Apr 2011 09:46:53 +0200, Oscar Osta Pueyo wrote: Hola, Podría ejecutar un servicio antes que otro? Si, primero de todo es saber que runlevel tienes...desde consola ejecuta # runlevel, devolverá algo parecido a N 3 o N 5. Una vez sabes tu runlevel puedes ir a /etc/rc3.d o /etc/rc5.d, donde se encuentran los enlaces a /etc/init.d. Los enlaces siguen la siguiente nomenclatura Kxxscript Sxxscript donde: - K le envía la opción stop al script. - S le envía la opción start al script. - xx son el orden de ejecución en el proceso de boot. Asi que deberías localizar tu script y cambiar el xx a un valor más alto. Con el tema del cluster con gfs y drdb no puedo ayudarte mucho...pero puedes mirar los siguientes documentos: http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [1] [1] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [2] [2] -- Oscar Osta Pueyo oostap.lis...@gmail.com [3] [3] _kiakli_ Links: -- [1] http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [4] [2] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [5] [3] mailto:oostap.lis...@gmail.com [6] ___ CentOS-es mailing list CentOS-es@centos.org [7] http://lists.centos.org/mailman/listinfo/centos-es [8] ___ CentOS-es mailing list CentOS-es@centos.org [9] http://lists.centos.org/mailman/listinfo/centos-es [10] Links: -- [1] http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [2] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [3] mailto:oostap.lis...@gmail.com [4] http://www.centos.org/docs/5/html/5.2/Cluster_Suite_Overview/ [5] http://www.centos.org/docs/5/html/5.2/Cluster_Administration/ [6] mailto:oostap.lis...@gmail.com [7] mailto:CentOS-es@centos.org [8] http://lists.centos.org/mailman/listinfo/centos-es [9] mailto:CentOS-es@centos.org [10] http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] iptables + squid proxy transparente
No llegó el adjunto :( -- Ramón Macías Zamora Tecnología, Investigación y Desarrollo Guayaquil - Ecuador msn:ramon_mac...@hotmail.com skype: ramon_macias UserLinux# 180926 (http://counter.li.org) Cel:593-8-0192238 Tel:593 4 6044566 http://www.raykasolutions.com/ WEB SITES, HOSTINGS, DOMINIOS, MANTENIMIENTO DE EQUIPOS, REDES, SERVIDORES LINUX, SOPORTE. El 4 de abril de 2011 16:35, Mario Villela Larraza mario.villelalarr...@gmail.com escribió: Hola amigos ya hace un muy buen rato que estoy batallando con un proxy que quiero levantar pero no encuentro cual es el problema tengo un servidor con la squid levantado y un script (que anexo en este correo) con un servidor de DHCP pero no logro que las maquinas dentro de la red que pasarian por el proxy obtengan señal de internet ya revise y revise la configuracion de mi squid de echo ahorita no esta restringiendo nada, ya tengo una lista ACL que apara todas mis direcciones del squid pero aun asi no obtengo resultados diferentes. Así que acudo a ustedes para que me ayuden con este pequeño proyecto que traigo en manos esperando que todos estén bien les mando un saludo y agradesimentos de antemano. -- Mario Villela Larraza mario.villelalarr...@gmail.com Cel 0445512591926 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] iptables + squid proxy transparente
ahora si aquí esta el archivo adjunto perdón :s El 4 de abril de 2011 19:37, Ramón Macías Zamora ramon.mac...@raykasolutions.com escribió: No llegó el adjunto :( -- Ramón Macías Zamora Tecnología, Investigación y Desarrollo Guayaquil - Ecuador msn:ramon_mac...@hotmail.com skype: ramon_macias UserLinux# 180926 (http://counter.li.org) Cel:593-8-0192238 Tel:593 4 6044566 http://www.raykasolutions.com/ WEB SITES, HOSTINGS, DOMINIOS, MANTENIMIENTO DE EQUIPOS, REDES, SERVIDORES LINUX, SOPORTE. El 4 de abril de 2011 16:35, Mario Villela Larraza mario.villelalarr...@gmail.com escribió: Hola amigos ya hace un muy buen rato que estoy batallando con un proxy que quiero levantar pero no encuentro cual es el problema tengo un servidor con la squid levantado y un script (que anexo en este correo) con un servidor de DHCP pero no logro que las maquinas dentro de la red que pasarian por el proxy obtengan señal de internet ya revise y revise la configuracion de mi squid de echo ahorita no esta restringiendo nada, ya tengo una lista ACL que apara todas mis direcciones del squid pero aun asi no obtengo resultados diferentes. Así que acudo a ustedes para que me ayuden con este pequeño proyecto que traigo en manos esperando que todos estén bien les mando un saludo y agradesimentos de antemano. -- Mario Villela Larraza mario.villelalarr...@gmail.com Cel 0445512591926 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Mario Villela Larraza mario.villelalarr...@gmail.com Cel 0445512591926 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] iptables + squid proxy transparente
No llega, supongo que una restricción de la lista. Podrías pegar el contenido -- Ramón Macías Zamora Tecnología, Investigación y Desarrollo Guayaquil - Ecuador msn:ramon_mac...@hotmail.com skype: ramon_macias UserLinux# 180926 (http://counter.li.org) Cel:593-8-0192238 Tel:593 4 6044566 http://www.raykasolutions.com/ WEB SITES, HOSTINGS, DOMINIOS, MANTENIMIENTO DE EQUIPOS, REDES, SERVIDORES LINUX, SOPORTE. El 4 de abril de 2011 19:55, Mario Villela Larraza mario.villelalarr...@gmail.com escribió: ahora si aquí esta el archivo adjunto perdón :s El 4 de abril de 2011 19:37, Ramón Macías Zamora ramon.mac...@raykasolutions.com escribió: No llegó el adjunto :( -- Ramón Macías Zamora Tecnología, Investigación y Desarrollo Guayaquil - Ecuador msn:ramon_mac...@hotmail.com skype: ramon_macias UserLinux# 180926 (http://counter.li.org) Cel:593-8-0192238 Tel:593 4 6044566 http://www.raykasolutions.com/ WEB SITES, HOSTINGS, DOMINIOS, MANTENIMIENTO DE EQUIPOS, REDES, SERVIDORES LINUX, SOPORTE. El 4 de abril de 2011 16:35, Mario Villela Larraza mario.villelalarr...@gmail.com escribió: Hola amigos ya hace un muy buen rato que estoy batallando con un proxy que quiero levantar pero no encuentro cual es el problema tengo un servidor con la squid levantado y un script (que anexo en este correo) con un servidor de DHCP pero no logro que las maquinas dentro de la red que pasarian por el proxy obtengan señal de internet ya revise y revise la configuracion de mi squid de echo ahorita no esta restringiendo nada, ya tengo una lista ACL que apara todas mis direcciones del squid pero aun asi no obtengo resultados diferentes. Así que acudo a ustedes para que me ayuden con este pequeño proyecto que traigo en manos esperando que todos estén bien les mando un saludo y agradesimentos de antemano. -- Mario Villela Larraza mario.villelalarr...@gmail.com Cel 0445512591926 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Mario Villela Larraza mario.villelalarr...@gmail.com Cel 0445512591926 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] iptables + squid proxy transparente
No veo nada raro, en /etc/squid/squid.conf debe estar puesto: http_port 3128 transparent la palabra *transparent* es imprescindible -- Ramón Macías Zamora Tecnología, Investigación y Desarrollo Guayaquil - Ecuador msn:ramon_mac...@hotmail.com skype: ramon_macias UserLinux# 180926 (http://counter.li.org) Cel:593-8-0192238 Tel:593 4 6044566 http://www.raykasolutions.com/ WEB SITES, HOSTINGS, DOMINIOS, MANTENIMIENTO DE EQUIPOS, REDES, SERVIDORES LINUX, SOPORTE. El 4 de abril de 2011 20:06, Mario Villela Larraza mario.villelalarr...@gmail.com escribió: supongo que si ha de ser una restricción, pero bueno lo pego aquí para mas rápido jejeje #!/bin/bash # # # Para guardar las reglas #+ iptables-save reglas #+ iptables-restore reglas # # Miramos si tenemos un parametro en linea de comando if [ -n $1 ] [ $1 = q ] then QUIET=1 else QUIET=0 fi # Registramos el inicio del firewall #FECHA=$(date +%C%y-%m-%d %H:%M) #echo $FECHA #/usr/bin/logger -p kern.notice -t NETFILTER \ # == Iniciado Cortafuegos: $FECHA = # PARAMETRIZACION DEL SCRIPT ## ### Definimos constantes para usar en el ###+ script if [ $QUIET = 0 ]; then echo Cargando parametros... fi # Binario de iptables IPTABLES=/sbin/iptables # INTERFACES # eth1 - conectado a internet con IP FIJA EXT_IF=eth1 EXT_IP=192.168.2.10 # eth2 - conectado a LAN LAN_IF=eth2 LAN_IP=10.0.0.1 LAN_RED=10.0.0.0/24 # lo - interfaz de loopback LOO_RED=127.0.0.0/8 # cualquier red ANY_RED=0.0.0.0/0 # MAQUINAS INTERNAS IP_SERVIDOR_FTP=10.0.0.12 IP_SERVIDOR_WEB=10.0.0.13 if [ $QUIET = 0 ]; then echo Cargando modulos... fi ## ### Nos aseguramos que tenemos cargados ###+ los modulos necesarios modprobe ip_conntrack_irc modprobe ip_conntrack_ftp modprobe ip_nat_irc modprobe ip_nat_ftp if [ $QUIET = 0 ]; then echo Limpiando FW... fi ## ### Limpiamos la configuracion existente # Limpiamos (flush) las reglas $IPTABLES -F # Borramos 'cadenas' de usuario $IPTABLES -X # Ponemos a cero paquetes y contadores $IPTABLES -Z # Limpiamos las reglas de NAT $IPTABLES -t nat -F # Borramos 'cadenas' de usuario de NAT $IPTABLES -t nat -X if [ $QUIET = 0 ]; then echo Estableciendo politicas... fi ## ### Establecemos las politicas por omision ###+ de las 'cadenas' # Por omision descartamos los paquetes $IPTABLES -P INPUT ACCEPT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -P FORWARD ACCEPT # PREROUTING - NAT sobre la IP destino: normalmente desde inet hacia LAN # POSTROUTING - NAT sobre la IP origen: normalmente desde LAN hacia inet $IPTABLES -t nat -P PREROUTING ACCEPT $IPTABLES -t nat -P POSTROUTING ACCEPT # Relajamos la politica de salida #+ Dejamos salir paquetes de LAN_IP por LAN_IF $IPTABLES -A OUTPUT -o $LAN_IF -s $LAN_IP -j ACCEPT #+ Dejamos salir paquetes de EXT_IP por EXT_IF $IPTABLES -A OUTPUT -o $EXT_IF -s $EXT_IP -j ACCEPT if [ $QUIET = 0 ]; then echo - Denegacion de redes invalidas... fi ## # No admitimos desde el exterior redes locales (RFC 1918) #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s 192.168.0.0/16 -j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s 10.0.0.0/8 -j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s 172.16.0.0/12 -j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s 224.0.0.0/4 -j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s 240.0.0.0/5 -j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s $LOO_RED-j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s 0.0.0.0/8 -j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s 169.254.0.0/16 -j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s 255.255.255.255 -j DROP #$IPTABLES -t nat -A PREROUTING -i $EXT_IF -s $EXT_IP -j DROP # Desde el interior solo admitimos nuestra red LAN $IPTABLES -t nat -A PREROUTING -i $LAN_IF -s ! $LAN_RED -j ACCEPT if [ $QUIET = 0 ]; then echo - Denegacion de broadcast de NetBIOS... fi ## # Bloquear paquetes broadcast de NetBios salientes iptables -A FORWARD -p tcp --sport 137:139 -o $EXT_IF -j DROP iptables -A FORWARD -p udp --sport 137:139 -o $EXT_IF -j DROP iptables -A OUTPUT -p tcp --sport 137:139 -o $EXT_IF -j DROP iptables -A OUTPUT -p udp --sport 137:139 -o $EXT_IF -j DROP if [ $QUIET = 0 ]; then echo Activando NAT... fi ## # Activamos el bit de forward echo 1 /proc/sys/net/ipv4/ip_forward # Enmascaramos la salida de la LAN $IPTABLES -t nat -A POSTROUTING -s $LAN_RED -o $EXT_IF -j MASQUERADE if [ $QUIET = 0 ]; then echo Accesos a la maquina local permitidos... fi ## ### Permitimos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Robert Heller Sent: Monday, April 04, 2011 3:25 AM To: CentOS mailing list Cc: CentOS mailing list Subject: Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working I'm wondering if anyone running CentOS 5.5 has Shockwave on Firefox working. I have made no attempt to watch longer videos with flash. I do watch 3-5 minute music videos all the time, but I use mplayer for those (even the FLV files I have downloaded from YouTube). Is Shockwave the same thing as Flash? At least for Windows two separate installers are needed. AFAIK, Shockwave isn't available for anything but Windows and possibly Mac, while a working Flash is available for most platforms. Just to mention it, I've installed the 64b Adobe Flash preview release on CentOS 5.5 x64 and can now luxuriate in viewing Youtube from Linux. 8-] -- /Sorin smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] question on software raid
On 04/01/2011 05:32 PM, Jerry Geis wrote: dmesg is not reporting any issues. The /proc/mdstat looks fine. md0 : active raid1 sdb1[1] sda1[0] X blocks [2/2] [UU] however /var/log/messages says: smartd[3392] Device /dev/sda 20 offline uncorrectable sectors The machine is running fine.. raid array looks good - what is up with smartd? THanks, Jerry This means that you will be in trouble sooner or later. Is there only sda1 on sda? If so, try mdadm /dev/md0 --fail /dev/sda1 mdadm /dev/md0 --remove /dev/sda1 mdadm /dev/md0 --add /dev/sda1 which will end up overwriting the offline uncorrectable sectors. In most cases this fixes the disk. But you will have to monitor it carefully from now on. HTH, Kay ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is Centos 5.5 too old fro Google Chrome?
On Sun, Apr 3, 2011 at 10:05 PM, Vnpenguin vnpeng...@vnoss.org wrote: On Mon, Apr 4, 2011 at 06:51, Todd Cary t...@aristesoftware.com wrote: I tried to install Google Chrome and received the dependencies error. Is Centos too old for the new Chrome or is there an older Chrome version that is compatible? You need CentOS 6 or Fedora 14 to run Google Chrome :-) Some people reported successful installation of Chrome on CentOS-5 in this forum thread (see note #15): https://www.centos.org/modules/newbb/viewtopic.php?topic_id=23746 Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Download the repo DAG of CentOS 5.5
Fidel Dominguez-Valero wrote on Sun, 03 Apr 2011 14:45:41 -0400: ok, could you help me to do that? Is there anything you do not need help with? Kai ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to install wine ?
Hello friends, I have downloaded wine-1.3.13.tar.bz2 How to install it ? I have no internet connection. so I want to install it manually. Thanks in advance. Rajan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best way to extend pv partition for LVM
On Sat, 2 Apr 2011, Jay Leafey wrote: You COULD use option #1, but it requires some additional resources and a LOT of shuffling. Why do you need to shuffle? fdisk /dev/sda delete the PV partition create a new PV partition starting at the same sector but ending at the end of the now larger disk. write it out and reboot. I forget whether the reboot is still necessary, but I think fdisk will warn you it is if you've got mounted filesystems on that disk. pvresize /dev/sda1 Done. I see no problem with #2 though. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is Centos 5.5 too old fro Google Chrome?
Hi I use the Chromium build from: http://www.cs.bham.ac.uk/~cxs548/chrome The highest Chromium rev you can run with the RHEL5.x flash-plugin chrome-10.0.612.0.tar.gz is v10. chrome-11 is incompatible with flash-plugin-10.2.152.27-0.1.el5.rf. Looks like flash-plugin_10.2.153.1-0.1.el5.rf is available now, so v11 might be OK. It seems like the Chromium build leads flash-plugin by one version, but i haven't been actively upgrading as each becomes available. - csawyer -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Akemi Yagi Sent: 04 April 2011 10:00 To: CentOS mailing list Subject: Re: [CentOS] Is Centos 5.5 too old fro Google Chrome? On Sun, Apr 3, 2011 at 10:05 PM, Vnpenguin vnpeng...@vnoss.org wrote: On Mon, Apr 4, 2011 at 06:51, Todd Cary t...@aristesoftware.com wrote: I tried to install Google Chrome and received the dependencies error. Is Centos too old for the new Chrome or is there an older Chrome version that is compatible? You need CentOS 6 or Fedora 14 to run Google Chrome :-) Some people reported successful installation of Chrome on CentOS-5 in this forum thread (see note #15): https://www.centos.org/modules/newbb/viewtopic.php?topic_id=23746 Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] question on software raid
Scott Silva wrote: Could it be that the bad sectors so far have been in unused areas? Once a drive runs out of sectors to map corrections to, I would really think about replacing it. This advice is so often repeated by people on lists. This is a pretty normal function of modern hard drives. The drive needs to reallocate the bad sectors. It does not mean that the drive is failing unless there have been a large number of sectors requiring reallocation or it keeps happening often. Have a look at this to fix them for normal drives without raid: http://smartmontools.sourceforge.net/badblockhowto.html Linux raid will rewrite the block if it is in the raided part of the disk. You can force a scrub doing this (md0 is the raid device). echo check /sys/block/md0/md/sync_action Check /proc/mdstat and dmesg for status. You should be doing this weekly to identify bad blocks, so check your crontab. Jeremy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] sshd: Authentication Failures: 137 Time(s)
Hi, to prevent scripted dictionary attacks to sshd I applied those iptables rules: -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --set --name SSH --rsource And this is part of logwatch: sshd: Authentication Failures: unknown (www.telkom.co.ke): 137 Time(s) unknown (mkongwe.jambo.co.ke): 130 Time(s) unknown (212.49.70.24): 107 Time(s) root (195.191.250.101): 8 Time(s) How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? Thx Rainer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install wine ?
On 04/04/11 2:01 AM, Rajan Dahal wrote: Hello friends, I have downloaded wine-1.3.13.tar.bz2 How to install it ? I have no internet connection. so I want to install it manually. thats probably the source tarball for Wine, and will need to be compiled. doesn't it have a README and/or INSTALL file inside the tar ? But, rather than compiling, there are RPM's for wine built for el4,5,6 on rpmforge. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install wine ?
On Mon, 4 Apr 2011, John R Pierce wrote: On 04/04/11 2:01 AM, Rajan Dahal wrote: I have downloaded wine-1.3.13.tar.bz2 How to install it ? I have no internet connection. so I want to install it manually. thats probably the source tarball for Wine, and will need to be compiled. doesn't it have a README and/or INSTALL file inside the tar ? But, rather than compiling, there are RPM's for wine built for el4,5,6 on rpmforge. Beware that RPMforge contains the stable releases (1.2.2) and the RPMforge testing repository is at 1.3.7, but I am doing a 1.3.17 build right now. Often the latest development release have a better success rate than the stable release, but if you are unsure, download both and test your use-case with both toroughly :) -- -- dag wieers, d...@wieers.com, http://dag.wieers.com/ -- dagit linux solutions, i...@dagit.net, http://dagit.net/ [Any errors in spelling, tact or fact are transmission errors] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best way to extend pv partition for LVM
On 04/04/11 11:11, John Hodrien wrote: On Sat, 2 Apr 2011, Jay Leafey wrote: You COULD use option #1, but it requires some additional resources and a LOT of shuffling. Why do you need to shuffle? fdisk /dev/sda delete the PV partition create a new PV partition starting at the same sector but ending at the end of the now larger disk. write it out and reboot. I forget whether the reboot is still necessary, but I think fdisk will warn you it is if you've got mounted filesystems on that disk. pvresize /dev/sda1 Reboot shouldn't be needed. You might want to run partprobe though. A fourth approach is to use pvmove, to move data off /dev/sda ... do the fdisk stuff then pvcreate and add the PV into your VG again. This however requires that the existing PVs can hold all the data which was in the /dev/sda device. kind regards, David Sommerseth ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is Centos 5.5 too old fro Google Chrome?
On Sun, Apr 03, 2011 at 09:51:14PM -0700, Todd Cary wrote: I tried to install Google Chrome and received the dependencies error. Is Centos too old for the new Chrome or is there an older Chrome version that is compatible? You can use this repo. Made by someone on the forums, I believe his name is Mr. Kamei, but I could be wrong about the name He's made binaries that work. Chromium itself doesn't and won't support CentOS/RH/OLE 5.5 # CentOS-Chromium.repo # # The mirror system uses the connecting IP address of the client and the # update status of each mirror to pick mirrors that are updated to and # geographically close to the client. You should use this for CentOS updates # unless you are manually picking other mirrors. # # If the mirrorlist= does not work for you, as a fall back you can try the # remarked out baseurl= line instead. # # [chromium] name=CentOS-5 - Custom Chromium kit from linux-powered.com baseurl=ftp://ftp.linux-powered.com/CentOS/5.x/Chromium/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rk -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Xander: So, Buffy, how'd the slaying go last night? Buffy: Xander! Xander: I mean, how'd the laying go? No, I don't mean that either. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Download the repo DAG of CentOS 5.5
On 03/04/11 20:45, Fidel Dominguez-Valero wrote: ok, could you help me to do that? [root@server ~]# man reposync kind regards, David Sommerseth On Sun, 2011-04-03 at 21:36 +0300, Eero Volotinen wrote: 2011/4/3 Fidel Dominguez-Valero fdval...@gmail.com: Yes, I know that, but I want to download for make a local repository just use reposync to mirror it to local repository. -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
On 04/04/11 11:18, Rainer Traut wrote: Hi, to prevent scripted dictionary attacks to sshd I applied those iptables rules: -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --set --name SSH --rsource And this is part of logwatch: sshd: Authentication Failures: unknown (www.telkom.co.ke): 137 Time(s) unknown (mkongwe.jambo.co.ke): 130 Time(s) unknown (212.49.70.24): 107 Time(s) root (195.191.250.101): 8 Time(s) How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? This is just a hunch, but --seconds 60 indicates that it will only look back one minute to check if it could find a hit. So if the attacker tries to connect again after 2 minutes or even 61 seconds, it won't trigger this rule. Try increasing this value to 3600 (1 hour). Maybe you want even longer. kind regards, David Sommerseth ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install wine ?
On 04/04/11 2:41 AM, Dag Wieers wrote: Beware that RPMforge contains the stable releases (1.2.2) and the RPMforge testing repository is at 1.3.7, but I am doing a 1.3.17 build right now. Often the latest development release have a better success rate than the stable release, but if you are unsure, download both and test your use-case with both toroughly :) what are these? http://packages.sw.be/wine/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install wine ?
Personally I seem to get the best results by installing it orally [?] 330.gif___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FLISOL 2011
Can you please stop this? Kai ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best way to extend pv partition for LVM
That's what I called tricky ;-) As I do not need one big partition but a lot of smaller ones (for VMs) I've now just added another pv and volume group. This way I can decide on which one a new volume goes. In case I ever need to I can still merge them. Kai ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
On Monday 04 April 2011 12:18:43 Rainer Traut wrote: Hi, to prevent scripted dictionary attacks to sshd I applied those iptables rules: -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --set --name SSH --rsource And this is part of logwatch: sshd: Authentication Failures: unknown (www.telkom.co.ke): 137 Time(s) unknown (mkongwe.jambo.co.ke): 130 Time(s) unknown (212.49.70.24): 107 Time(s) root (195.191.250.101): 8 Time(s) How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? The attackers are not trying constantly.. Just a few bursts of trys. Look at denyhosts ( http://denyhosts.sourceforge.net/ ). I also have a tool for protecting from brute force attacks called Hawk ( https://github.com/hackman/Hawk-IDS-IPS ). Marian Thx Rainer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Best regards, Marian Marinov signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Postgresql uses sockets - but I'd like to use TCP/IP
Hi Folks, CentOS 5.5 - Postgresql 8.4 Installed - startet try to createuser -d- -a -p username get message could not connect to server: Connection refused Is the server running locally and accepting connections on Unix domain socket /tmp/.s.PGSQL.0? postrgesql.conf has line listen_addresses = '192.168.0.2' Why sockets (in /tmp are s.PGSQL.5431 ) What goes wrong? I have an other installation on other server with same conf. Files. There works all as I expect (no socket). Any hints welcome Thx Timothy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Door not hitting me on my way out
On 3.4.2011 23:57, Steve Clark wrote: Big issue I saw with Scientific Linux was a lack of commitment to long term support matching what RedHat and Centos provide. This seems to be true. https://access.redhat.com/support/policy/updates/errata/ https://www.scientificlinux.org/distributions/ Assuming that CentOS is supporting as long as RedHat: CentOS 5 until March 31, 2014 SL 5 until at least 2012-02-02 CentOS 6 until November 30, 2017 SL 6 until at least 2014-11-11 -- Kind Regards, Markus Falb signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postgresql uses sockets - but I'd like to use TCP/IP
On 04/04/11 3:44 AM, Timothy Kesten wrote: Hi Folks, CentOS 5.5 - Postgresql 8.4 Installed - startet try to createuser -d- -a -p username get message could not connect to server: Connection refused Is the server running locally and accepting connections on Unix domain socket /tmp/.s.PGSQL.0? -p is the port number.you seem to have convinced it to use port 0 which obviously isn't correct if you want to use tcp, you would specify a hostname via -h ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Door not hitting me on my way out
On 04/04/2011 06:47 AM, Markus Falb wrote: On 3.4.2011 23:57, Steve Clark wrote: Big issue I saw with Scientific Linux was a lack of commitment to long term support matching what RedHat and Centos provide. This seems to be true. https://access.redhat.com/support/policy/updates/errata/ https://www.scientificlinux.org/distributions/ Assuming that CentOS is supporting as long as RedHat: CentOS 5 until March 31, 2014 SL 5 until at least 2012-02-02 CentOS 6 until November 30, 2017 SL 6 until at least 2014-11-11 tp://lists.centos.org/mailman/listinfo/centos From the Scientic WebPage Minor Releases Scientific Linux has plans to make a minor release based on each of the Enterprise Updates for the latest major release. Minor releases for the older major releases will occur much less frequently. So for the Scientific Linux 3.0.x line, we will make minor releases for each Enterprise Update, until Scientific Linux 4.0.x is released. We will then make the 4.0.x minor releases for each of the Enterprise 4 Updates, and only occasionally create a minor release for the 3.0.x line. The minor releases will be named according to their corresponding update release. Hence, Scientific Linux 3.0.1 corresponded with Update 1, 3.0.2 will correspond with Update 2. The minor releases will also be a time for the installer to be enhanced, programs to be added or removed, and other minor tweeking. Administrators should be able to use yum or apt to get from one minor release to another, without much hassle. I read this as not being keeping up with minor releases. -- Stephen Clark *NetWolves* Sr. Software Engineer III Phone: 813-579-3200 Fax: 813-882-0209 Email: steve.cl...@netwolves.com http://www.netwolves.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Door not hitting me on my way out
On Sat, 2011-04-02 at 10:31 +0200, Dag Wieers wrote: On Fri, 1 Apr 2011, John R Pierce wrote: On 04/01/11 6:54 PM, Digimer wrote: I would not fault someone for moving on, but I would when said person does so in a manner that only leads to unhelpful drama. yeah, seriously. call the WHAHmbulance. I don't see how this is helpful either. But that's the problem, there's no way anyone can help the releases moving forward... Good luck waiting :) Okay, so Nico is a bit upset. I can't say I blame him - But he did raise a point and make me think about something. Now, if I'm wrong, flame the crap out of me, I have very good filter-foo ! The one thing I would love to be able to contribute my time to is helping test new code, and get it out the door so guys on the street can test it out. Maybe it's my curiosity, but my brain tells me that Fedora is the forerunner for RHEL. And the Fedora code is out there. CentOS is built from the RHEL code, with all RHEL specific items removed. Ergo - If I replicate the build environment on some of my machines, (KVM and XEN both running riot all over my systems, but not doing anything useful for me! :( ), then surley I should be able to get some postive results, and be able to contrib that back to the guys upstream. That's what my brain tells me. I don't mind running build environments, or test environments or whatever - I guess what I'm saying is GIMME SOME OF YOUR WORKLOAD!! Or at least make it easy for other bored sysads to help you out. All this spare processing power and capable guys and girls eager to support our distro of choice to get the best bleeding edge stable code. It's almost like following a football team! How DARE debian get ahead of us! Gentoo!? Who the bleeding hell do you think you are!? Don't you know CENTOS is in the HOUSE!? *calms down* Excuse my excitement. I could edit this email before I hit send, but then you guys wouldn't really know how I feel towards CentOS. How can the average guy get involved with testing, can we build the same environments as you guys? Do you have a standard way of operating that maybe some of us could learn, and contribute? Is it out there already out there and documented? How can we get our hands dirty? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Solved - Postgresql uses sockets - but I'd like to use TCP/IP
Am Montag, 4. April 2011 13:00 schrieb John R Pierce: On 04/04/11 3:44 AM, Timothy Kesten wrote: Hi Folks, CentOS 5.5 - Postgresql 8.4 Installed - startet try to createuser -d- -a -p username get message could not connect to server: Connection refused Is the server running locally and accepting connections on Unix domain socket /tmp/.s.PGSQL.0? -p is the port number.you seem to have convinced it to use port 0 which obviously isn't correct if you want to use tcp, you would specify a hostname via -h thought the -p option is for password. But problem is solved: reinstalled Postgresql - now it works like it should Thx Timothy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Solved - Postgresql uses sockets - but I'd like to use TCP/IP
On 04/04/11 4:25 AM, Timothy Kesten wrote: thought the -p option is for password. thats -P as in big P. But problem is solved: reinstalled Postgresql - now it works like it should say huh? seems kinda over the top for a minor usage error. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install wine ?
On Mon, 4 Apr 2011, John R Pierce wrote: On 04/04/11 2:41 AM, Dag Wieers wrote: Beware that RPMforge contains the stable releases (1.2.2) and the RPMforge testing repository is at 1.3.7, but I am doing a 1.3.17 build right now. Often the latest development release have a better success rate than the stable release, but if you are unsure, download both and test your use-case with both toroughly :) what are these? http://packages.sw.be/wine/ That is an overview of all packages from all repositories. The filename gives away what repository they are from: .rf. is rpmforge .rfx. is rpmforge-extras .rft. is rpmforge-testing .rfb. is rpmforge-buildtools Kind regards, -- -- dag wieers, d...@wieers.com, http://dag.wieers.com/ -- dagit linux solutions, i...@dagit.net, http://dagit.net/ [Any errors in spelling, tact or fact are transmission errors] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Solved - Postgresql uses sockets - but I'd like to use TCP/IP
Am Montag, 4. April 2011 13:30 schrieb John R Pierce: But problem is solved: reinstalled Postgresql - now it works like it should say huh? seems kinda over the top for a minor usage error. Maybe a little missconfiguration - overlooked by me :-) Timothy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] about:plugins -Re: interview request for ppl who have Shockwave/.Firefox working
On 04/04/2011 02:46 AM Sorin Srbu wrote: -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Robert Heller Sent: Monday, April 04, 2011 3:25 AM To: CentOS mailing list Cc: CentOS mailing list Subject: Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working I'm wondering if anyone running CentOS 5.5 has Shockwave on Firefox working. I have made no attempt to watch longer videos with flash. I do watch 3-5 minute music videos all the time, but I use mplayer for those (even the FLV files I have downloaded from YouTube). Is Shockwave the same thing as Flash? At least for Windows two separate installers are needed. In Firefox click Tools/Addons/Plugins. What do you see listed there? Alternatively, perhaps better, you can type about:plugins (without quotes) in the Firefox address bar. Under Tools... I have Adobe Reader 9.3, Adobe Reader 9.4 (temporarily disabled due to testing), Helix DNA Plugin: RealPlayer G2 Plug-in Compatible, NPAPI Plugins Wrapper 1.3.0, and Shockwave Flash 10 0 r153, that's all. Now looking at about:plugins under Shockwave Flash it says: File: nswrapper_32_32.libflashplayer.so Version: Shockwave Flash 10.2 r153 So to your question, the evidence seems to be saying that, yes, Shockwave is the same as Flash, at least on Linux. Or do you see something different? AFAIK, Shockwave isn't available for anything but Windows and possibly Mac, while a working Flash is available for most platforms. Just to mention it, I've installed the 64b Adobe Flash preview release on CentOS 5.5 x64 and can now luxuriate in viewing Youtube from Linux. 8-] I've been able to play some Youtube stuff... sometimes it doesn't play-- for what reason, I haven't been able to see. (?) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
On 04/03/2011 08:06 PM Yves Bellefeuille wrote: On Sunday 03 April 2011 18:41, ken wrote: For a long time now I've wanted to be able to watch videos. I've done the try this! and try that! method and it hasn't worked well. So I'm wondering if anyone running CentOS 5.5 has Shockwave on Firefox working. Are you perhaps confusing Shockwave and Flash? Most videos on the Web are in Flash format. Simply install flash-plugin, available on RPMForge, http://rpmrepo.org/RPMforge Yves, What does your about:plugins page say? (For explication, see the about:plugins subthread.) Or do you have some other diagnostic which indicates these are not the same? Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
Hi, maybe this is not really helpful for you. But maybe you want try fedora linux for websurfing. Its also RHEL based. I don't know why you need a webbrowser on an enterprise linux. For me is links or lynks enough on CentOS ;-) Best regards, -Ursprüngliche Nachricht- Von: centos-boun...@centos.org [mailto:centos-boun...@centos.org] Im Auftrag von ken Gesendet: Montag, 4. April 2011 14:10 An: CentOS mailing list Betreff: Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working On 04/03/2011 08:06 PM Yves Bellefeuille wrote: On Sunday 03 April 2011 18:41, ken wrote: For a long time now I've wanted to be able to watch videos. I've done the try this! and try that! method and it hasn't worked well. So I'm wondering if anyone running CentOS 5.5 has Shockwave on Firefox working. Are you perhaps confusing Shockwave and Flash? Most videos on the Web are in Flash format. Simply install flash-plugin, available on RPMForge, http://rpmrepo.org/RPMforge Yves, What does your about:plugins page say? (For explication, see the about:plugins subthread.) Or do you have some other diagnostic which indicates these are not the same? Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
On Monday 04 April 2011 08:09, ken wrote: What does your about:plugins page say? (For explication, see the about:plugins subthread.) Or do you have some other diagnostic which indicates these are not the same? It does say Shockwave Flash. Now isn't that interesting, because Adobe itself says they're different things. In the download section at http://www.adobe.com/products/ , they're listed separately and, as Sorin pointed out, Shockwave isn't even available for Linux. Anyway, did you download Flash for Linux at http://www.adobe.com/go/getflashplayer ? Regards, -- Yves Bellefeuille y...@storm.ca La Esperanta Civito ne rifuzas anticipe la kunlaboron de erarintoj, se ili konscias pri sia eraro. -- Heroldo Komunikas, n-ro 473. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] about:plugins -Re: interview request for ppl who have Shockwave/.Firefox working
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of ken Sent: Monday, April 04, 2011 2:02 PM To: CentOS mailing list Subject: [CentOS] about:plugins -Re: interview request for ppl who have Shockwave/.Firefox working Under Tools... I have Adobe Reader 9.3, Adobe Reader 9.4 (temporarily disabled due to testing), Helix DNA Plugin: RealPlayer G2 Plug-in Compatible, NPAPI Plugins Wrapper 1.3.0, and Shockwave Flash 10 0 r153, that's all. Now looking at about:plugins under Shockwave Flash it says: File: nswrapper_32_32.libflashplayer.so Version: Shockwave Flash 10.2 r153 So to your question, the evidence seems to be saying that, yes, Shockwave is the same as Flash, at least on Linux. Or do you see something different? Well, kinda' different over here, at least on Firefox4 running on WinXP. Shockwave Flash File: NPSWF32.dll Shockwave Flash 10.2 r152 Shockwave for Director File: np32dsw.dll Adobe Shockwave for Director Netscape plug-in, version 11.5.8.612 Some differences are expected I guess, platform-wise. Just wasn't sure if Shockwave and Flash were the same thing. Will be quiet now. 8-) -- /Sorin smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Yves Bellefeuille Sent: Monday, April 04, 2011 2:38 PM To: CentOS mailing list Subject: Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working Anyway, did you download Flash for Linux at http://www.adobe.com/go/getflashplayer ? Who, me? -- /Sorin smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] FLISOL 2011
centos-boun...@centos.org wrote: Hello dear friends Anyone know if in the U.S is going to organize the FLISOL? Especially in the state of Michigan. Perhaps if Michigan moves south of the border... For those of us who don't know FLISOL from Lysol (which includes me) http://en.wikipedia.org/wiki/FLISOL http://en.wikipedia.org/wiki/Software_Libre So CentOS should be mentioned at a FLISOL meeting, and should be discussed on FLISOL mailing lists, but FLISOL doesn't merit discussion here (nor does Michigan). Insert spiffy .sig here: Life is complex: it has both real and imaginary parts. //me *** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. www.Hubbell.com - Hubbell Incorporated** ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
On 04/03/2011 09:24 PM Robert Heller wrote: At Sun, 03 Apr 2011 18:41:35 -0400 CentOS mailing list centos@centos.org wrote: For a long time now I've wanted to be able to watch videos. I've done the try this! and try that! method and it hasn't worked well. So I'm wondering if anyone running CentOS 5.5 has Shockwave on Firefox working. Currently it works for me with short videos-- up to two or three minutes long. However, when Shockwave is enabled, CPU usage jumps to 99%, sometimes even 100%! If I disable it CPU usage goes down to 1 - 5%. (For those who speak load avg, I've seen highs of 6 and 8... as opposed to the no Shockwave-now of 0.14 to 0.45.) So with the CPU already buried just by having Shockwave is enabled, if a video lasts longer than four minutes, gaps in the video's continuity begin to appear, and by ten minutes in the video is locked up altogether. What's everyone else's experience with this? Does anyone have a setup where they can view a 1.5-hour video normally... and maybe even work in their editor alongside it at the same time? If so, would you be open to explaining what hardware and software etc. you've got so that this works so well? I am able to watch 1/2 hour TV shows with flash-plugin-10.2.152.27-release from Adobe's repo in Firefox (firefox-3.6.13-2.el5.centos), on my i686 IBM ThinkPad X31 laptop (which has 512Meg of memory and a 1700MHz, Pentium M processor), using CentOS 5.5. The CPU does get hot (the fan fires up sometimes). Oh, I use a *very* lightweight X11 setup: I don't use GNome or KDE or any sort of 'Desktop Manager' system at all. Just FVWM in MWM mode. Virtually NO 'eye candy' at all. My system boots to runlevel 3 and I fire up X11 from my login. I have made no attempt to watch longer videos with flash. I do watch 3-5 minute music videos all the time, but I use mplayer for those (even the FLV files I have downloaded from YouTube). Robert, you bring up a good point about X. But two things: First, my Dell i600m has the same CPU as your machine, except that mine is a 1500MHz, a tad slower, but I have 2G of RAM and so swap is almost never even touched. Still, since it's my CPU which is getting jammed up by Flash|Shockwave, perhaps measures to ease the load on the CPU generally would be a good strategy. Secondly, still, as said previously, when Shockwave isn't playing a video (but with gnome and everything else running as usual), my CPU's load avg is trivial, giving me no reason to suspect gnome or anything else I'm running is a hog worth trimming. All indications point to Shockwave itself as being the problem. NB: While writing this, yum-updated just gave me flash-plugin-10.2.153.1-0.1.el5.rf.i386.rpm. So I've upgraded from flash-plugin-10.2.153.1-release.src.rpm... hopefully it's the fix I need. Robert, thanks for the response. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
On 04/04/2011 08:37 AM Yves Bellefeuille wrote: On Monday 04 April 2011 08:09, ken wrote: What does your about:plugins page say? (For explication, see the about:plugins subthread.) Or do you have some other diagnostic which indicates these are not the same? It does say Shockwave Flash. Now isn't that interesting, because Adobe itself says they're different things. In the download section at http://www.adobe.com/products/ , they're listed separately and, as Sorin pointed out, Shockwave isn't even available for Linux. Perhaps the adobe webpage is a bit incomplete, or maybe they're talking about the Windows plugins, I don't know. I have to believe more what I read on my system. Anyway, did you download Flash for Linux at http://www.adobe.com/go/getflashplayer ? This kind of thing is not easy to remember. Most of the time I assume that, version numbers being the same, especially in the case of commercial binaries, the packages will be the same regardless of where they come from. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] about:plugins -Re: interview request for ppl who have Shockwave/.Firefox working
On 04/04/2011 08:41 AM Sorin Srbu wrote: -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of ken Sent: Monday, April 04, 2011 2:02 PM To: CentOS mailing list Subject: [CentOS] about:plugins -Re: interview request for ppl who have Shockwave/.Firefox working Under Tools... I have Adobe Reader 9.3, Adobe Reader 9.4 (temporarily disabled due to testing), Helix DNA Plugin: RealPlayer G2 Plug-in Compatible, NPAPI Plugins Wrapper 1.3.0, and Shockwave Flash 10 0 r153, that's all. Now looking at about:plugins under Shockwave Flash it says: File: nswrapper_32_32.libflashplayer.so Version: Shockwave Flash 10.2 r153 So to your question, the evidence seems to be saying that, yes, Shockwave is the same as Flash, at least on Linux. Or do you see something different? Well, kinda' different over here, at least on Firefox4 running on WinXP. Shockwave Flash File: NPSWF32.dll Shockwave Flash 10.2 r152 Shockwave for Director File: np32dsw.dll Adobe Shockwave for Director Netscape plug-in, version 11.5.8.612 Some differences are expected I guess, platform-wise. Just wasn't sure if Shockwave and Flash were the same thing. Will be quiet now. 8-) Well, this tells us that XP users are getting a higher version than us Linux folks. But we can't really get anything more than that from what XP tells us... or? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
Am 04.04.2011 12:34, schrieb Marian Marinov: How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? The attackers are not trying constantly.. Just a few bursts of trys. Look at denyhosts ( http://denyhosts.sourceforge.net/ ). I also have a tool for protecting from brute force attacks called Hawk ( https://github.com/hackman/Hawk-IDS-IPS ). Ok, thanks to both of you, it seems the scripts getting better and better. Will change my iptables rule to keep the blacklist for longer. Thx Rainer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tips for motherboard with multiple PCI / PCI-e slots
centos-boun...@centos.org wrote: Hi, I need to fit at least three NICs and I was looking for motherboard models that contain 3 or 4 CPI (or PCI-e) slots and works with CentOS. You can get 4 etherports on one card... For 17 examples: http://www.newegg.com/Product/ProductList.aspx?Submit=ENEN=100010064%20 600013873IsNodeId=1bop=AndOrder=RATINGPageSize=20 How many of those work well with Linux (of whatever variety) I don't know. One board claiming RedHat compatibility with a loadable kernel module is http://www.supermicro.com/products/accessories/addon/AOC-UG-I4.cfm Another article that might give fast, cheap, albeit old answers is http://www.freelabs.com/~whitis/hardware/quartet.html Why do you need 3 network interface cards? Would two NICs with 2 etherports each, or 1 4-port card meet your need? I had a problem in the past with some models that had a bug and did not work well with linux (ok with windows) so that's way I am asking this here. Are you building a desktop/personal machine, or a server? Are you picky about power/heat/noise factors of the Mobo? Sorry about your 5 options being narrowed down to 30, but the question asked was really imprecise. Insert spiffy .sig here: Life is complex: it has both real and imaginary parts. //me *** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. www.Hubbell.com - Hubbell Incorporated** ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tips for motherboard with multiple PCI / PCI-e slots
Hi Brunner, I need four network interfaces. This can be in one or multiple cards. The problem is just what you've described : lack of info regarding the compatibility/stability of such card under CentOS. And since some of those dual/quad cards cost more than the motherboard itself I can't afford to buy one just to find out that it does not work or need an exotic driver that I need to recompile myself every time a new kernel ships. I'll have a look into those. In this list I've read something about intel pro mt but it seems to be discontinued from intel's site... ( On Mon, Apr 4, 2011 at 9:11 AM, Brunner, Brian T. bbrun...@gai-tronics.comwrote: centos-boun...@centos.org wrote: Hi, I need to fit at least three NICs and I was looking for motherboard models that contain 3 or 4 CPI (or PCI-e) slots and works with CentOS. You can get 4 etherports on one card... For 17 examples: http://www.newegg.com/Product/ProductList.aspx?Submit=ENEN=100010064%20 600013873IsNodeId=1bop=AndOrder=RATINGPageSize=20 How many of those work well with Linux (of whatever variety) I don't know. One board claiming RedHat compatibility with a loadable kernel module is http://www.supermicro.com/products/accessories/addon/AOC-UG-I4.cfm Another article that might give fast, cheap, albeit old answers is http://www.freelabs.com/~whitis/hardware/quartet.html Why do you need 3 network interface cards? Would two NICs with 2 etherports each, or 1 4-port card meet your need? I had a problem in the past with some models that had a bug and did not work well with linux (ok with windows) so that's way I am asking this here. Are you building a desktop/personal machine, or a server? Are you picky about power/heat/noise factors of the Mobo? Sorry about your 5 options being narrowed down to 30, but the question asked was really imprecise. Insert spiffy .sig here: Life is complex: it has both real and imaginary parts. //me *** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. www.Hubbell.com - Hubbell Incorporated** ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
Am Montag, den 04.04.2011, 15:07 +0200 schrieb Rainer Traut: Am 04.04.2011 12:34, schrieb Marian Marinov: How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? The attackers are not trying constantly.. Just a few bursts of trys. Look at denyhosts ( http://denyhosts.sourceforge.net/ ). I also have a tool for protecting from brute force attacks called Hawk ( https://github.com/hackman/Hawk-IDS-IPS ). Ok, thanks to both of you, it seems the scripts getting better and better. Will change my iptables rule to keep the blacklist for longer. Thx Rainer Also check MaxAuthTries in /etc/ssh/sshd_config Specifies the maximum number of authentication attempts permitted per connection. Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
One other factor might be video hardware acceleration. Of those who have Shockwave working, are you also running VHA?? On 04/03/2011 06:41 PM ken wrote: For a long time now I've wanted to be able to watch videos. I've done the try this! and try that! method and it hasn't worked well. So I'm wondering if anyone running CentOS 5.5 has Shockwave on Firefox working. Currently it works for me with short videos-- up to two or three minutes long. However, when Shockwave is enabled, CPU usage jumps to 99%, sometimes even 100%! If I disable it CPU usage goes down to 1 - 5%. (For those who speak load avg, I've seen highs of 6 and 8... as opposed to the no Shockwave-now of 0.14 to 0.45.) So with the CPU already buried just by having Shockwave is enabled, if a video lasts longer than four minutes, gaps in the video's continuity begin to appear, and by ten minutes in the video is locked up altogether. What's everyone else's experience with this? Does anyone have a setup where they can view a 1.5-hour video normally... and maybe even work in their editor alongside it at the same time? If so, would you be open to explaining what hardware and software etc. you've got so that this works so well? Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ZFS @ centOS
On Apr 2, 2011, at 5:28 PM, Dawid Horacy Golebiewski dawid.golebiew...@tu-harburg.de wrote: I pondered Solaris for some time, but as I do not intend to build the OS from scratch and nexenta was to GUIed for me I started researching SME. What puzzled me is the theory and the practice: RAIDz is the best solution from a theoretical standpoint (maximum features available) but still raid 5,65+0 etc. are used. Why? Raidz/2/3 isn't raid5/6, similar but not the same. In ZFS you create vdevs, which can be individual disks, mirrors or raidzs. Then you create a pool out of multiple vdevs. The vdevs should be of the same size and type for performance and capacity planning reasons, but it's not a requirement. Currently you cannot add drives to a vdev, but you can add vdevs to a pool. IO written to a pool does round robin across the vdevs giving a raid0 type performance. -Ross ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tips for motherboard with multiple PCI / PCI-e slots
On Mon, 4 Apr 2011, robert mena wrote: Hi Brunner, I need four network interfaces. This can be in one or multiple cards. The problem is just what you've described : lack of info regarding the compatibility/stability of such card under CentOS. And since some of those dual/quad cards cost more than the motherboard itself I can't afford to buy one just to find out that it does not work or need an exotic driver that I need to recompile myself every time a new kernel ships. I'll have a look into those. In this list I've read something about intel pro mt but it seems to be discontinued from intel's site... ( I bought an Intel 82576 Quad port PCIe board for use with CentOS 5. Works flawlessly with the igb driver out of the box with no fiddling. Far from cheap, but avoids the headaches I was getting from a Broadcom chipset. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is Centos 5.5 too old fro Google Chrome?
On 04/04/2011 04:11 AM, Cal Sawyer wrote: Hi I use the Chromium build from: http://www.cs.bham.ac.uk/~cxs548/chrome The highest Chromium rev you can run with the RHEL5.x flash-plugin chrome-10.0.612.0.tar.gz is v10. chrome-11 is incompatible with flash-plugin-10.2.152.27-0.1.el5.rf. Looks like flash-plugin_10.2.153.1-0.1.el5.rf is available now, so v11 might be OK. It seems like the Chromium build leads flash-plugin by one version, but i haven't been actively upgrading as each becomes available. - csawyer For what its worth, I use that chromium on my CentOS 5.x x86_64 desktop. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
On 04/04/11 15:35, henry ritzlmayr wrote: Am Montag, den 04.04.2011, 15:07 +0200 schrieb Rainer Traut: Am 04.04.2011 12:34, schrieb Marian Marinov: How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? The attackers are not trying constantly.. Just a few bursts of trys. Look at denyhosts ( http://denyhosts.sourceforge.net/ ). I also have a tool for protecting from brute force attacks called Hawk ( https://github.com/hackman/Hawk-IDS-IPS ). Ok, thanks to both of you, it seems the scripts getting better and better. Will change my iptables rule to keep the blacklist for longer. Thx Rainer Also check MaxAuthTries in /etc/ssh/sshd_config Specifies the maximum number of authentication attempts permitted per connection. That won't do too much. It only tells the ssh server how many attempts to accept before closing the TCP connection. The attacker can still just re-connect and try again, which is what usually happens during these attempts. Of course, setting MaxAuthTries to 1, will slow the attacker a little bit down, as it needs to re-establish the SSH connection again. Moving over to disallowing password authentication and only use pubkey with ~/.ssh/authorized_keys is probably going to do a better job securing the server. kind regards, David Sommerseth ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tips for motherboard with multiple PCI / PCI-e slots
Just about any motherboard will work. Where you typically would run into problems would be drivers for expansion cards/peripherals. We have 4 NICs in many of our CentOS 5 servers: Broadcom Corporation NetXtreme II BCM5709 Gigabit Ethernet (rev 20) Broadcom Corporation NetXtreme II BCM5708 Gigabit Ethernet (rev 12) Intel Corporation 82541GI Gigabit Ethernet Controller (rev 05) The Broadcom chips use the bnx2 driver, while the Intel uses the e1000 driver - both included with CentOS. I've ran them at 100 and 1000, with 802.1q, no jumbo frames. Never had a problem with them. --Blake Original Message Subject: [CentOS] Tips for motherboard with multiple PCI / PCI-e slots From: robert mena robert.m...@gmail.com To: CentOS mailing list centos@centos.org Date: Sunday, April 03, 2011 9:25:24 PM Hi, I need to fit at least three NICs and I was looking for motherboard models that contain 3 or 4 CPI (or PCI-e) slots and works with CentOS. I had a problem in the past with some models that had a bug and did not work well with linux (ok with windows) so that's way I am asking this here. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
You could also try using tcpwrappers along with iptables. On 04/04/2011 06:34 AM, Marian Marinov wrote: On Monday 04 April 2011 12:18:43 Rainer Traut wrote: Hi, to prevent scripted dictionary attacks to sshd I applied those iptables rules: -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --set --name SSH --rsource And this is part of logwatch: sshd: Authentication Failures: unknown (www.telkom.co.ke): 137 Time(s) unknown (mkongwe.jambo.co.ke): 130 Time(s) unknown (212.49.70.24): 107 Time(s) root (195.191.250.101): 8 Time(s) How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? The attackers are not trying constantly.. Just a few bursts of trys. Look at denyhosts ( http://denyhosts.sourceforge.net/ ). I also have a tool for protecting from brute force attacks called Hawk ( https://github.com/hackman/Hawk-IDS-IPS ). Marian Thx Rainer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
Am Montag, den 04.04.2011, 16:04 +0200 schrieb David Sommerseth: On 04/04/11 15:35, henry ritzlmayr wrote: Am Montag, den 04.04.2011, 15:07 +0200 schrieb Rainer Traut: Am 04.04.2011 12:34, schrieb Marian Marinov: How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? The attackers are not trying constantly.. Just a few bursts of trys. Look at denyhosts ( http://denyhosts.sourceforge.net/ ). I also have a tool for protecting from brute force attacks called Hawk ( https://github.com/hackman/Hawk-IDS-IPS ). Ok, thanks to both of you, it seems the scripts getting better and better. Will change my iptables rule to keep the blacklist for longer. Thx Rainer Also check MaxAuthTries in /etc/ssh/sshd_config Specifies the maximum number of authentication attempts permitted per connection. That won't do too much. It only tells the ssh server how many attempts to accept before closing the TCP connection. The attacker can still just re-connect and try again, which is what usually happens during these attempts. Of course, setting MaxAuthTries to 1, will slow the attacker a little bit down, as it needs to re-establish the SSH connection again. Right, but with setting MaxAuthTries to 1, the iptables rule specified by the OP jumps in much earlier. Moving over to disallowing password authentication and only use pubkey with ~/.ssh/authorized_keys is probably going to do a better job securing the server. kind regards, David Sommerseth Henry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tips for motherboard with multiple PCI / PCI-e slots
Re quad-port NICs: AOC-SG-i4 is good, too, and smaller than the UG version. iirc, it uses a newer Intel chipset as well. Oddly, it isn't listed on Supermicro's site except as a PDF factsheet. I have a few of them and they work well. There's also the Intel EXPI9404PTL, but here in the UK it's a fair chunk more expensive than the SM card. cheers, - csawyer -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Brunner, Brian T. Sent: 04 April 2011 14:12 To: CentOS mailing list Subject: Re: [CentOS] Tips for motherboard with multiple PCI / PCI-e slots centos-boun...@centos.org wrote: Hi, I need to fit at least three NICs and I was looking for motherboard models that contain 3 or 4 CPI (or PCI-e) slots and works with CentOS. You can get 4 etherports on one card... For 17 examples: http://www.newegg.com/Product/ProductList.aspx?Submit=ENEN=100010064%20 600013873IsNodeId=1bop=AndOrder=RATINGPageSize=20 How many of those work well with Linux (of whatever variety) I don't know. One board claiming RedHat compatibility with a loadable kernel module is http://www.supermicro.com/products/accessories/addon/AOC-UG-I4.cfm Another article that might give fast, cheap, albeit old answers is http://www.freelabs.com/~whitis/hardware/quartet.html Why do you need 3 network interface cards? Would two NICs with 2 etherports each, or 1 4-port card meet your need? I had a problem in the past with some models that had a bug and did not work well with linux (ok with windows) so that's way I am asking this here. Are you building a desktop/personal machine, or a server? Are you picky about power/heat/noise factors of the Mobo? Sorry about your 5 options being narrowed down to 30, but the question asked was really imprecise. Insert spiffy .sig here: Life is complex: it has both real and imaginary parts. //me *** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept for the presence of computer viruses. www.Hubbell.com - Hubbell Incorporated** ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
On 04/04/11 11:18, Rainer Traut wrote:
to prevent scripted dictionary attacks to sshd
I applied those iptables rules:
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent
--update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --set
--name SSH --rsource
And this is part of logwatch:
sshd:
Authentication Failures:
unknown (www.telkom.co.ke): 137 Time(s)
unknown (mkongwe.jambo.co.ke): 130 Time(s)
unknown (212.49.70.24): 107 Time(s)
root (195.191.250.101): 8 Time(s)
How is it possible for an attacker to try to logon more then 4 times?
Can the attacker do this with only one TCP/IP connection without
establishing a new one? Or have the scripts been adapted to this?
i see similar results on some of my servers, eg:
% grep 'a\.bad\.ip\.address' authpriv|grep 'authentication failure'|awk '{print
$3}'|less
15:47:44
15:49:34
15:49:46
15:51:32
15:53:17
15:53:30
15:55:14
15:56:59
15:58:44
16:00:34
16:02:19
16:02:31
16:04:17
[...]
so i can see that yes, at least some automated scripts have been adapted
to back off in an attempt not to trip my iptables rules. you can do a
similar grep to see the times of your attempts, and that will tell you if
they're running a softly-softly script, or if instead they have found a
way to test many passwords without tripping the iptables rule.
On Mon, 4 Apr 2011, David Sommerseth wrote:
This is just a hunch, but --seconds 60 indicates that it will only look
back one minute to check if it could find a hit. So if the attacker tries
to connect again after 2 minutes or even 61 seconds, it won't trigger this
rule. Try increasing this value to 3600 (1 hour). Maybe you want even
longer.
i occasionally trip my iptables rule myself, for example if i scp a couple
of files off a server and then go back for a third; i feel it would be a
shame to lock myself out for an hour, by doing that.
the way i see it is that, even in the limiting case where an attacker can
try two passwords every minute, she will be limited to just under 3,000
attempts a day, and that's not very many when you're trying to brute-force
decent passwords. given that most of those are attempts to guess root's
password, and i have PermitRootLogin no in sshd_config, the tiny
additional load caused by an attempt every 30 seconds is something i can
live with in exchange for not locking myself out for too long.
how long you set your lockout for is a call you must make for your
server(s); i just wanted you to have more points of view about what people
are doing out there in the wild.
--
Tom Yates - http://www.teaparty.net
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
Guys, really... look at denyhosts and Hawk. Both projects analyze the logs of the service and check for failed login attempts. It is useless to battle the bruteforcers at the network level since they can adapt their behaviour to really easy surcomvent any firewalls. In order to protect your applications you should build on them. Every daemon now has a decent log capabilities. And you can simply tail the log constantly and detect which IPs should be blocked. And then block them promptly. It is hard to find someone that will enter the wrong password more then 10 times :) I don't know for denyhosts, but Hawk removes the blocks every day and you can configure how long you want to keep a single IP blocked. This way you have better control over the automated block/unblock procedure. If you need more information about Hawk, contact me. Marian On Monday 04 April 2011 17:18:58 Jason Brown wrote: You could also try using tcpwrappers along with iptables. On 04/04/2011 06:34 AM, Marian Marinov wrote: On Monday 04 April 2011 12:18:43 Rainer Traut wrote: Hi, to prevent scripted dictionary attacks to sshd I applied those iptables rules: -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --update --seconds 60 --hitcount 4 --name SSH --rsource -j DROP -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -m recent --set --name SSH --rsource And this is part of logwatch: sshd: Authentication Failures: unknown (www.telkom.co.ke): 137 Time(s) unknown (mkongwe.jambo.co.ke): 130 Time(s) unknown (212.49.70.24): 107 Time(s) root (195.191.250.101): 8 Time(s) How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? The attackers are not trying constantly.. Just a few bursts of trys. Look at denyhosts ( http://denyhosts.sourceforge.net/ ). I also have a tool for protecting from brute force attacks called Hawk ( https://github.com/hackman/Hawk-IDS-IPS ). Marian Thx Rainer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Best regards, Marian Marinov signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
Hey you should check out fail2ban as well. Excellent little app that analysis the log for the corresponding demon using a regex (u can create custom ones too) and performs an action you choose including iptables, hosts.deny, etc.. You can easily adjust setting like 3 failed connections max per min, etc.. Works well for sshd, postfix, httpd, etc..also fires you an email when a attack is stopped Simple and very effective. Definitely worth checking out Aly Sent from my BlackBerry device on the Rogers Wireless Network -Original Message- From: Marian Marinov m...@yuhu.biz Sender: centos-boun...@centos.org Date: Mon, 4 Apr 2011 18:00:23 To: CentOS mailing listcentos@centos.org Reply-To: CentOS mailing list centos@centos.org Subject: Re: [CentOS] sshd: Authentication Failures: 137 Time(s) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install wine ?
Rajan Dahal wrote: Hello friends, I have downloaded wine-1.3.13.tar.bz2 How to install it ? I have no internet connection. so I want to install it manually. If you can d/l that, you might consider d/l the rpms, which would install and configure it correctly. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] about:plugins -Re: interview request for ppl who have Shockwave/.Firefox working
Sorin Srbu wrote: Of ken Under Tools... I have Adobe Reader 9.3, Adobe Reader 9.4 (temporarily disabled due to testing), Helix DNA Plugin: RealPlayer G2 Plug-in Compatible, NPAPI Plugins Wrapper 1.3.0, and Shockwave Flash 10 0 r153, that's all. Now looking at about:plugins under Shockwave Flash it says: File: nswrapper_32_32.libflashplayer.so Version: Shockwave Flash 10.2 r153 So to your question, the evidence seems to be saying that, yes, Shockwave is the same as Flash, at least on Linux. Or do you see something different? Well, kinda' different over here, at least on Firefox4 running on WinXP. Shockwave Flash File: NPSWF32.dll Shockwave Flash 10.2 r152 Shockwave for Director File: np32dsw.dll Adobe Shockwave for Director Netscape plug-in, version 11.5.8.612 Some differences are expected I guess, platform-wise. Just wasn't sure if Shockwave and Flash were the same thing. Will be quiet now. 8-) Are you sure the latter isn't the Expen$ive flash video creator (like Acrobat vs. acroread)? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-5.5 Live CD netinstall
According to http://wiki.centos.org/Manuals/ReleaseNotes/CentOSLiveCD5.5 There is a Network Install option on the Live CD that is the same as our CentOS-5.5-i386-netinstall ISO. I've looked quite carefully at my CentOS-5.5 Live CD (on a USB stick), and I don't see a Network Install option anywhere. Could some kind soul explain where it can be found, please. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sshd: Authentication Failures: 137 Time(s)
Rainer Traut wrote: Am 04.04.2011 12:34, schrieb Marian Marinov: How is it possible for an attacker to try to logon more then 4 times? Can the attacker do this with only one TCP/IP connection without establishing a new one? Or have the scripts been adapted to this? The attackers are not trying constantly.. Just a few bursts of trys. Look at denyhosts ( http://denyhosts.sourceforge.net/ ). I also have a tool for protecting from brute force attacks called Hawk ( https://github.com/hackman/Hawk-IDS-IPS ). Ok, thanks to both of you, it seems the scripts getting better and better. Will change my iptables rule to keep the blacklist for longer. May I highly commend to your attention fail2ban? We use it, and it works very well. Default is 3 from an IP, 5 for ssh, and it's banned for a configurable amount of time - default is 2 hours. And you can add additional filters. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kernel Panic on HP/Compaq ProLiant G7
On 4/1/2011 1:44 PM, Windsor Dave L. (AdP/TEF7) wrote: On 3/24/2011 11:03 AM, Windsor Dave L. (AdP/TEF7.1) wrote: Hello Everyone, I recently installed CentOS 5.5 x86_64 on a brand new ProLiant DL380 G7. I have identical OS software running reock-solid on two other DL380 ProLiant servers, but they are G6 models, not G7. On the G7, the installation went perfectly and the machine ran great for about 2 weeks, when it just seemed to stop. The system stopped responding on the network, and there was no video on the console (or remote console via iLO). It would not reboot or cold boot through iLO, I actually had to hold the power to turn it off and then hit it again to power up. OK everyone, here is an update: The server crashed again overnight. This time, the following error messages were on the console: HARDWARE ERROR CPU 3: Machine Check Exception:4 Bank 5: ba400405 TSC 5172b45d44f0a MISC 80 This is not a software problem! Run through mcelog --ascii to decode and contact your hardware vendor snipped I have been able to move all workloads onto other servers. As at least two people suggested, I booted from the HP SmartStart CD and ran 100 loops of systems diagnostics and tests, especially for the memory and CPU. No problems were found. I think I will run memtest86 over the weekend. Best Regards, Dave Windsor This is interesting... I tried to load memtest86 from the CentOS 5.5 Install DVD, and the system immediately rebooted. I eventually loaded memtest86 from an OpenSUSE 11.4 install DVD I had laying around, and that ran OK. I ran memtest86+ starting Friday about 6 pm and stopping Monday morning at 10:45 am. Almost 70 full passes were completed, and no errors were found. Best Regards, Dave Windsor Robert Bosch LLC Team Leader, MES Database Infrastructure Group (AdP/TEF7.1) 4421 Highway 81 North Anderson, SC 29621 USA ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is Centos 5.5 too old fro Google Chrome?
I tried to install Google Chrome and received the dependencies error. Is Centos too old for the new Chrome or is there an older Chrome version that is compatible? Chrome depends on a few newer packages than exist in 5.5. I'm guessing centos 6 will have updated packages which will allow Chrome to install. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
Robert Heller wrote: At Mon, 04 Apr 2011 09:39:04 -0400 CentOS mailing list centos@centos.org wrote: snip And yes, the 64-bit flash 'preview' plugin and yes, it plays flash videos just fine there. [*I* have no use for nVidia's drive -- I don't do 3D modeling or video games, etc.] Unfortunately, you *do* need nVidia's proprietary driver if you've got dual monitors, like a lot of places I've worked in the last few years. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Forcing IPv4 DNS lookups first before IPv6
On Mon, 2011-04-04 at 09:51 -0500, Russell Jones wrote: Hello! I am having a strange issue with CentOS 5.4 that I cannot seem to solve. Every DNS lookup results in records being requested first before A records. As a result, this causes a large amount of unnecessary DNS traffic on the network. IPv6 has been completely disabled on these servers: Doubtful, if you are seeing lookups. Does ip addr show any IPv6 interfaces? /etc/modprobe.conf, ipv6 off and net-pf-10 off /etc/sysconfig/network, NETWORKING_IPV6=no lsmod | grep ipv6 shows the kernel module no longer loaded. Yet watching TCP dump shows that records are requested before A records every time a login is requested from one of our local machines to another You *only* sees these for login? Perhaps some authentication module you are using is causing them to happen? Is there some sort of configuration directive I can use to force IPv4 lookups first before IPv6? Or even better, stop IPv6 lookups all together? I don't believe you see IPv6 lookups from the normal resolver libraries unless there is at least one active IPv6 interface. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
At Mon, 4 Apr 2011 11:39:30 -0400 CentOS mailing list centos@centos.org wrote: Robert Heller wrote: At Mon, 04 Apr 2011 09:39:04 -0400 CentOS mailing list centos@centos.org wrote: snip And yes, the 64-bit flash 'preview' plugin and yes, it plays flash videos just fine there. [*I* have no use for nVidia's drive -- I don't do 3D modeling or video games, etc.] Unfortunately, you *do* need nVidia's proprietary driver if you've got dual monitors, like a lot of places I've worked in the last few years. I have just the one 17 VGA monitor. Don't have room for either a larger monitor or a second one. And I am not sure what I would do with a second monitor if I had one. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Robert Heller -- 978-544-6933 / hel...@deepsoft.com Deepwoods Software-- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is Centos 5.5 too old fro Google Chrome?
On Mon, Apr 04, 2011 at 09:44:00AM -0600, compdoc wrote: I tried to install Google Chrome and received the dependencies error. Is Centos too old for the new Chrome or is there an older Chrome version that is compatible? Chrome depends on a few newer packages than exist in 5.5. I'm guessing centos 6 will have updated packages which will allow Chrome to install. Judging from Scientific Linux 6.0, this seems to be the case, installed without problem or any special effort. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Maggie Walsh: We use the latest in scientific technology and state-of-the-art weaponry, and you, if I understand correctly, poke them with a sharp stick. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
Robert Heller wrote: At Mon, 4 Apr 2011 11:39:30 -0400 CentOS mailing list centos@centos.org wrote: Robert Heller wrote: At Mon, 04 Apr 2011 09:39:04 -0400 CentOS mailing list centos@centos.org wrote: snip And yes, the 64-bit flash 'preview' plugin and yes, it plays flash videos just fine there. [*I* have no use for nVidia's drive -- I don't do 3D modeling or video games, etc.] Unfortunately, you *do* need nVidia's proprietary driver if you've got dual monitors, like a lot of places I've worked in the last few years. I have just the one 17 VGA monitor. Don't have room for either a larger monitor or a second one. And I am not sure what I would do with a second monitor if I had one. Wow - you haven't lived All my work-stations have dual monitors. If you regularly use a browser and a word processor or spreadsheet you will benefit. If you are trying to set up servers and compare between them, it is very useful too. Makes copy paste etc so much simpler for my little brain to deal with. YMMV mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos attachment: rkampen.vcf___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
Robert Heller wrote: At Mon, 4 Apr 2011 11:39:30 -0400 CentOS mailing list centos@centos.org wrote: Robert Heller wrote: At Mon, 04 Apr 2011 09:39:04 -0400 CentOS mailing list centos@centos.org wrote: snip And yes, the 64-bit flash 'preview' plugin and yes, it plays flash videos just fine there. [*I* have no use for nVidia's drive -- I don't do 3D modeling or video games, etc.] Unfortunately, you *do* need nVidia's proprietary driver if you've got dual monitors, like a lot of places I've worked in the last few years. I have just the one 17 VGA monitor. Don't have room for either a larger monitor or a second one. And I am not sure what I would do with a second monitor if I had one. Lessee, last place I worked, not sure about the one before that, and where I work now, almost everyone has dual monitors. It's the in thing. (We won't talk about my co-worker, who seems to remember fondly when he was in the NOC, with three? four? monitors) mark only has two eyeballs ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
At Mon, 04 Apr 2011 12:22:59 -0400 CentOS mailing list centos@centos.org wrote: Robert Heller wrote: At Mon, 4 Apr 2011 11:39:30 -0400 CentOS mailing list centos@centos.org wrote: Robert Heller wrote: At Mon, 04 Apr 2011 09:39:04 -0400 CentOS mailing list centos@centos.org wrote: snip And yes, the 64-bit flash 'preview' plugin and yes, it plays flash videos just fine there. [*I* have no use for nVidia's drive -- I don't do 3D modeling or video games, etc.] Unfortunately, you *do* need nVidia's proprietary driver if you've got dual monitors, like a lot of places I've worked in the last few years. I have just the one 17 VGA monitor. Don't have room for either a larger monitor or a second one. And I am not sure what I would do with a second monitor if I had one. Wow - you haven't lived All my work-stations have dual monitors. If you regularly use a browser and a word processor or spreadsheet you will benefit. I don't use word processors or spreadsheets. No loss there. I do use a keyboard-based text editor in an xterm window. If you are trying to set up servers and compare between them, it is very useful too. I have no trouble with multiple xterm windows (to different machines). I never maximize the xterm windows, so there is room for several on the screen. And I do have multiple 'virtual' screens (a feature of FVWM). Makes copy paste etc so much simpler for my little brain to deal with. YMMV mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos begin:vcard fn:Rob Kampen n:Kampen;Rob org:Team Torman Realty, LLC adr:;;13019 Water Point Blvd;Windermere;FL;34786;USA email;internet:rkam...@reaching-clients.com tel;work:407-876-4108 tel;fax:407-876-3591 tel;home:407-876-4854 tel;cell:407-341-3815 note:LCAM CPM Candidate url:www.robkampen.com version:2.1 end:vcard MIME-Version: 1.0 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Robert Heller -- 978-544-6933 / hel...@deepsoft.com Deepwoods Software-- http://www.deepsoft.com/ () ascii ribbon campaign -- against html e-mail /\ www.asciiribbon.org -- against proprietary attachments ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Forcing IPv4 DNS lookups first before IPv6
Thanks for your help! Doubtful, if you are seeing lookups. Does ip addr show any IPv6 interfaces? No active ipv6 interfaces: [root@hostname1 ~]# ip addr 1: lo: LOOPBACK,UP,LOWER_UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:e0:81:76:ca:52 brd ff:ff:ff:ff:ff:ff inet 172.29.87.20/24 brd 172.29.87.255 scope global eth0 3: eth1: BROADCAST,MULTICAST mtu 1500 qdisc noop qlen 1000 link/ether 00:e0:81:76:ca:53 brd ff:ff:ff:ff:ff:ff [root@hostname1 ~]# lsmod | grep -i ipv6 [root@hostname1 ~]# You *only* sees these for login? Perhaps some authentication module you are using is causing them to happen? No, I also see this when doing traceroutes. It's just the at login part that it's most prevalent due to the DNS-induced lag time. The server's user authentication is NIS, and I am unaware of any IPv6 NIS configuration that would cause this. But if you are please do let me know, I'm tearing my hair out here and I don't have much left. Example from a traceroute from hostname1 to hostname2. This was nothing more than a traceroute hostname2 on this same box I just showed as not having any IPv6 interfaces, nor the IPv6 kernel module loaded: [root@hostname1 ~]# tcpdump -v 'port 53' tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 11:07:24.989304 IP (tos 0x0, ttl 64, id 65039, offset 0, flags [DF], proto: UDP (17), length: 60) hostname1.59725 vdns1-hc.example.com.domain: [bad udp cksum 2bd2!] 26130+ ? hostname2.example.com. (32) 11:07:24.989612 IP (tos 0x0, ttl 62, id 61322, offset 0, flags [DF], proto: UDP (17), length: 111) vdns1-hc.example.com.domain hostname1.59725: 26130* q: ? hostname2.example.com. 0/1/0 ns: example.com. SOA[|domain] 11:07:24.989666 IP (tos 0x0, ttl 64, id 65040, offset 0, flags [DF], proto: UDP (17), length: 69) hostname1.47865 vdns1-hc.example.com.domain: [bad udp cksum 9d73!] 33222+ ? hostname2.ioexample.ioroot.tld. (41) 11:07:24.989763 IP (tos 0x0, ttl 64, id 65040, offset 0, flags [DF], proto: UDP (17), length: 72) hostname1.58021 vdns1-hc.example.com.domain: [bad udp cksum f44f!] 24663+ PTR? 20.251.31.172.in-addr.arpa. (44) 11:07:24.990137 IP (tos 0x0, ttl 62, id 61323, offset 0, flags [DF], proto: UDP (17), length: 140) vdns1-hc.example.com.domain hostname1.58021: 24663* q: PTR? 20.251.31.172.in-addr.arpa. 1/1/1 20.251.31.172.in-addr.arpa.[|domain] 11:07:24.991182 IP (tos 0x0, ttl 62, id 61324, offset 0, flags [DF], proto: UDP (17), length: 133) vdns1-hc.example.com.domain hostname1.47865: 33222 NXDomain q: ? hostname2.ioexample.ioroot.tld. 0/1/0 ns: ioexample.ioroot.tld. SOA[|domain] 11:07:24.991214 IP (tos 0x0, ttl 64, id 65041, offset 0, flags [DF], proto: UDP (17), length: 60) hostname1.42778 vdns1-hc.example.com.domain: [bad udp cksum 5f4a!] 12333+ A? hostname2.example.com. (32) 11:07:24.991665 IP (tos 0x0, ttl 62, id 61325, offset 0, flags [DF], proto: UDP (17), length: 291) vdns1-hc.example.com.domain hostname1.42778: 12333* q: A? hostname2.example.com. 1/6/5 hostname2.example.com. A hostname2.example.com ns: example.com.[|domain] 11:07:24.991797 IP (tos 0x0, ttl 64, id 65042, offset 0, flags [DF], proto: UDP (17), length: 71) hostname1.38670 vdns1-hc.example.com.domain: [bad udp cksum 1a59!] 25903+ PTR? 43.43.29.172.in-addr.arpa. (43) 11:07:24.992089 IP (tos 0x0, ttl 62, id 61326, offset 0, flags [DF], proto: UDP (17), length: 137) vdns1-hc.example.com.domain hostname1.38670: 25903* q: PTR? 43.43.29.172.in-addr.arpa. 1/1/1 43.43.29.172.in-addr.arpa.[|domain] 11:07:24.993030 IP (tos 0x0, ttl 64, id 65043, offset 0, flags [DF], proto: UDP (17), length: 72) hostname1.51119 vdns1-hc.example.com.domain: [bad udp cksum 161e!] 53743+ PTR? 254.87.29.172.in-addr.arpa. (44) 11:07:24.993608 IP (tos 0x0, ttl 62, id 24219, offset 0, flags [DF], proto: UDP (17), length: 147) vdns1-hc.example.com.domain hostname1.51119: 53743* q: PTR? 254.87.29.172.in-addr.arpa. 1/1/1 254.87.29.172.in-addr.arpa.[|domain] 11:07:24.993922 IP (tos 0x0, ttl 64, id 65044, offset 0, flags [DF], proto: UDP (17), length: 71) hostname1.49775 vdns1-hc.example.com.domain: [bad udp cksum 6bab!] 59260+ PTR? 43.43.29.172.in-addr.arpa. (43) 11:07:24.994401 IP (tos 0x0, ttl 62, id 24220, offset 0, flags [DF], proto: UDP (17), length: 137) vdns1-hc.example.com.domain hostname1.49775: 59260* q: PTR? 43.43.29.172.in-addr.arpa. 1/1/1 43.43.29.172.in-addr.arpa.[|domain] Notice how before it even attempts an IPv4 lookup it cycles through IPv6 first, appending the domains that are in the search path of this boxes' /etc/resolv.conf to the host I did a traceroute to. Then after it exhausts all of its IPv6 lookup attempts, it does IPv4 and of course the first lookup succeeds. With boxes that have
Re: [CentOS] interview request for ppl who have Shockwave/.Firefox working
Robert Heller wrote: At Mon, 04 Apr 2011 12:22:59 -0400 CentOS mailing list centos@centos.org wrote: snip I have no trouble with multiple xterm windows (to different machines). I never maximize the xterm windows, so there is room for several on the screen. And I do have multiple 'virtual' screens (a feature of FVWM). snip Yeah - folks seem to have forgotten the concept that screen real estate is *valuable*, and gone to the Everybody Always Wants To Maximize My Wonder!!!Full!!! Website!! Turkeys. Who don't understand the concept of a window mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
