Re: [gentoo-user] Re: iptables - do I need the nat table?
On Mon, Apr 12, 2010 at 8:31 AM, Tanstaafl tansta...@libertytrek.org wrote: On 2010-04-11 9:20 AM, Graham Murray wrote: Tanstaafl tansta...@libertytrek.org writes: I'm a bit clueless when it comes to firewalls, and have no idea what these numbers mean/do: *raw :PREROUTING ACCEPT [4911:886011] :OUTPUT ACCEPT [4546:2818732] COMMIT The numbers are [packets:bytes] which match the rule or table concerned. Ok, so... I still don't know what they *mean*... ie, is this a hole in my firewall? What is the raw table used for, in plain english? More importantly though... When I try to remove the nat and raw tables from my firewall, they don't go away. I have always kept my rules in a separate file, and when I want to make changes, I change the external file, then do iptables-restore /path/to/iptables-current. (My rule set is very small, so this only takes a second or two, so its not/never been a problem) I've been doing it this way for a long time, and all other changes I have ever made - eg, opening a certain port for a certain host - work fine, but, when I comment out the raw and nat tables, then restore the rules, then do iptables-save path/to/iptables-current-dump, the examined file still shows the raw and nat tables loaded... ??? Here is a very useful book. I think he is the expert. He will answer email. LINUX FIREWALLS Attack Detection and Response with iptables, psad, and fwsnort by Michael Rash ISBN-10: 1-59327-141-7 ISBN-13: 978-1-59327-141-1 No Starch Press, Inc. 555 De Haro Street, Suite 250, San Francisco, CA 94107 phone: 415.863.9900; fax: 415.863.9950; i...@nostarch.com; www.nostarch.com Librar y of Congress Cataloging-in-Publication Data Rash, Michael. Linux firewalls : attack detection and response with iptables, psad, and fwsnort / Michael Rash. p. cm. Includes index. ISBN-13: 978-1-59327-141-1 ISBN-10: 1-59327-141-7 1. Computers--Access control. 2. Firewalls (Computer security) 3. Linux. I. Title. QA76.9.A25R36 2007 005.8--dc22 2006026679 -- If we can but prevent the government from wasting the labours of the people, under the pretence of taking care of them, they must become happy. - Thomas Jefferson
Re: [gentoo-user] X11 and HP2475w: First steps?
On Mon, Apr 12, 2010 at 12:18 PM, Paul Hartman paul.hartman+gen...@gmail.com wrote: On Sat, Apr 10, 2010 at 3:21 AM, meino.cra...@gmx.de wrote: Hi, before damaging delicate electronic equipment I want to ask, what the best way is to switch from a 1600x1200 pixel analogous Iiyama monitor to an Flat panel HP2475w (LCD) with 1980x1200 pixel monitor? Graphics card is a (info via lspci): nVidia Corporation G73 [GeForce 7600 GT] (rev a2) With one analog and one digital output. Thank you very much for any help in advance! If you're using binary nvidia driver I think it should autodetect your monitor and everything should be fine... no need to specific modelines or anything like that (however if you have done that with your old monitor you may need to remove it). I switch between monitors often and it Just Works(tm). :) If you use framebuffer maybe you'll need to edit your grub config to use a different mode, but LCD usually just scales invalid modes to fit the screen anyway. I don't think you should worry about damaging it. LCD monitors have to have the correct settings or they won't work. You can damage them. You probably have your system set up to detect your hardware just like a LiveCD does. -- If we can but prevent the government from wasting the labours of the people, under the pretence of taking care of them, they must become happy. - Thomas Jefferson
Re: [gentoo-user] Can't get a DVD to burn.
On Fri, Apr 2, 2010 at 12:21 PM, Dale rdalek1...@gmail.com wrote: Neil Bothwick wrote: On Thu, 01 Apr 2010 16:12:30 -0500, Dale wrote: Then again, when I put a CD/DVD in, it doesn't mount it automatically anymore. I think that is a KDE4 thing. I may not have turned something on. I just haven't looked into it yet. That's a settings thing, turned off by default System Settings Advanced Removable Devices I spoke to soon. It worked once tho. I can mount it manually tho. Maybe I already mounted it manually and forgot? I already had a DVD in there. I'm getting to old. lol Am I supposed to have anything in fstab for KDE4 and the DVD? I don't have currently and didn't for KDE3 either. I read somewhere that KDE4 did this differently tho. Dale :-) :-) Something like this will allow a non-admin user to mount the CD/DVD /dev/cdrom/mnt/cdrom auto noauto,user0 0 -- If we can but prevent the government from wasting the labours of the people, under the pretence of taking care of them, they must become happy. - Thomas Jefferson
Re: [gentoo-user] Can't get a DVD to burn.
Bad enough you mentioned HAL in a conversation with Dale. Now there's XML involved. This thread is officially never going to end. This list really lightens up a day. LOL -- If we can but prevent the government from wasting the labours of the people, under the pretence of taking care of them, they must become happy. - Thomas Jefferson
Re: [gentoo-user] OT:Choosing a filesystem
On Thu, Apr 1, 2010 at 1:47 PM, meino.cra...@gmx.de wrote: Hi, I googled down some - often fairly outdated - texts about the best filesystem fpr a Linux box. Other texts focussed on uses, which do not aplly to me: Fileservers, webservers, database machines etc. Wnat I want is a fast and stable (!) filesystem for a desktop PC with one 1TByte harddisk. Since using Gentoo and a lot of sources I do compile very often bigger things (blender-2.50 for example). Another thing: Due to my experimenting it is possible that I have to reboot hard, which means, the filesystem will be unmounted not cleanly (dirty do to say...;) The choosen filesystem should be good in recovering such thing. I am currently using a vanilla 2.6.32.10 kernel. The question, what remains is: What choose should I make? I have been following this thread. I decided to research to do my own comparisons of ext3, ext4, JFS and XFS. ext3 has 3 journaling levels: Journal (lowest risk) Ordered (medium risk) most Linux distributions are using this one Writeback (highest risk) XFS uses Ordered (medium risk) JFS uses Writeback (highest risk) It appears from the documentation that ext4 takes the best of ext3, XFS and JFS. My research also showed that ext2/3 is the most widely used on Linux and has the greatest community support coverage. ext4 falls into the same category as XFS and JFS in this respect. It appears that ext4, XFS or JFS or some combination of them would be the best choice. If you want to know where I got my information use Google like I did. -- If we can but prevent the government from wasting the labours of the people, under the pretence of taking care of them, they must become happy. - Thomas Jefferson
Re: [gentoo-user] Can't get a DVD to burn.
On Tue, Mar 30, 2010 at 3:39 AM, Neil Bothwick n...@digimed.co.uk wrote: On Mon, 29 Mar 2010 20:19:02 -0500, Dale wrote: I also tried to burn this with tkdvd but it failed too. I don't think the media is bad. It doesn't appear to be k3b since the other program fails too. I also updated to the latest testing but no difference that I can see. It does sometimes burn and sometimes if I try again it will burn but it's not getting any better. K3b is running mkisofs and growisofs at the same time, hence the mixed up debug output making it hard to see where the error is coming from. Take the media, drive and growisofs out of the equation by getting K3b to create an ISO image instead. If that works, write the image to disc with growisofs -dvd-compat -Z /dev/dvd=/path/to/file.iso At least you'll have a better idea where the problem lies. I once had a problem just like this and it turned out to be bad media. The generic cheap priced discs don't always work. The more expensive name brand generally are better because most, if not all of them, work. -- If we can but prevent the government from wasting the labours of the people, under the pretence of taking care of them, they must become happy. - Thomas Jefferson
Re: [gentoo-user] ping / connect to another subnet
On Tue, Mar 30, 2010 at 2:08 PM, Joseph syscon...@gmail.com wrote: I'm running Windows XP on VirtualBox, it has a network NAT so the IP address it gets: IP: 10.0.2.15 Gateway: 10.0.2.2 DNS: 10.10.0.1 (Linux router) I've tried to access the Windows IP by creating another subnet: ifconfig eth0:1 10.0.2.0 up but it doesn't work, I can not ping the Windows IP: 10.0.2.15 (Windows firewall is OFF) Any suggestions? You could try using Bridged instead of NAT. Bridged would let you set up the NIC on the VM to the same IP address range as the host using the same NIC as the host. If your host IP is 192.168.1.10 on eth0 You could set Bridged eth0 on the VM settings panel and then set your net config inside the VMs OS to 192.168.1.X on eth0 -- If we can but prevent the government from wasting the labours of the people, under the pretence of taking care of them, they must become happy. - Thomas Jefferson
Re: [gentoo-user] Re: Question about Seamonkey and a test.
On Wed, Mar 17, 2010 at 6:04 AM, Dale rdalek1...@gmail.com wrote: Hartmut Figge wrote: Dale: I just gave Seamonkey a fresh start. Now I have a question. I had the old set up so that when I opened Seamonkey, it would start both the browser and email. Now it only starts the browser. I remember it was in the preferences somewhere but I can't find it for the life of me. Check the desired option. http://www.triffids.de/pub/screenshot/sm100317.png (12 KB) Also, I'm hoping this page will arrive and not be blank. Also, can someone confirm this is TEXT ONLY with no HTML stuff. It's OK. You could see yourself by using Ctrl+U. ;) Hartmut Thanks for the link. I looked everywhere else but there. I was thinking that only themes, fonts and such was in there. lol I have sent messages to the list before with it set to plain text but it still have html when the list got it. So, since I am starting over basically with this setup, I wanted to make sure it was not only sent plain text but received that way as well. Now if gmail would just send me a copy of my message, then I would know for sure. Thanks for help on both of these. I'm back in action again and didn't lose any info. You have to set that up in gmail settings.
Re: [gentoo-user] Re: Question about Seamonkey and a test.
On Wed, Mar 17, 2010 at 6:28 AM, Dale rdalek1...@gmail.com wrote: stosss wrote: On Wed, Mar 17, 2010 at 6:04 AM, Dalerdalek1...@gmail.com wrote: Hartmut Figge wrote: Dale: I just gave Seamonkey a fresh start. Now I have a question. I had the old set up so that when I opened Seamonkey, it would start both the browser and email. Now it only starts the browser. I remember it was in the preferences somewhere but I can't find it for the life of me. Check the desired option. http://www.triffids.de/pub/screenshot/sm100317.png (12 KB) Also, I'm hoping this page will arrive and not be blank. Also, can someone confirm this is TEXT ONLY with no HTML stuff. It's OK. You could see yourself by using Ctrl+U. ;) Hartmut Thanks for the link. I looked everywhere else but there. I was thinking that only themes, fonts and such was in there. lol I have sent messages to the list before with it set to plain text but it still have html when the list got it. So, since I am starting over basically with this setup, I wanted to make sure it was not only sent plain text but received that way as well. Now if gmail would just send me a copy of my message, then I would know for sure. Thanks for help on both of these. I'm back in action again and didn't lose any info. You have to set that up in gmail settings. I think I have it set up on the gmail server to do whatever Seamonkey says. Then I have to set up Seamonkey to send text only to gentoo.org and kde.org . Those are the two mailing lists I regularly reply to. I only want plain text to the mailing lists and html for everyone else. I send pics and other things to other folks. I assume that is what you are talking about. I have not been able to get gmail to send me a copy. I know the mailing list software sends a copy back but gmail won't let me get it over pop access. sorry, I was talking about setting gmail to send you a copy of your email.
Re: [gentoo-user] Re: Question about Seamonkey and a test.
On Wed, Mar 17, 2010 at 6:51 AM, Dale rdalek1...@gmail.com wrote: stosss wrote: On Wed, Mar 17, 2010 at 6:28 AM, Dalerdalek1...@gmail.com wrote: I think I have it set up on the gmail server to do whatever Seamonkey says. Then I have to set up Seamonkey to send text only to gentoo.org and kde.org . Those are the two mailing lists I regularly reply to. I only want plain text to the mailing lists and html for everyone else. I send pics and other things to other folks. I assume that is what you are talking about. I have not been able to get gmail to send me a copy. I know the mailing list software sends a copy back but gmail won't let me get it over pop access. sorry, I was talking about setting gmail to send you a copy of your email. Where is that setting? I have looked but maybe they are calling it something that I'm not recognizing. I just looked again and they have added a LOT of new settings. I don't see that one tho. It is hiding from me and I would really like to have that. It does not appear to be possible now. I have never used it. I like the way it puts it in the thread in my account.
Re: [gentoo-user] Re: Question about Seamonkey and a test.
On Wednesday, March 17, 2010, Frank Steinmetzger war...@gmx.de wrote: Am Mittwoch 17 März 2010 schrieb Dale: I only want plain text to the mailing lists and html for everyone else. I send pics and other things to other folks. Ya don’t need HTML for that. ;-) I have even seen mails that were multiparted plain-text, i.e. text, image attachment, text, image-attachment, you get the idea. Don’t know anymore though what program that was. KMail does multi-parted
Re: [gentoo-user] Pending layman directory relocation
I am new to Gentoo and just watching this discussion. So why does stage three put portage in /usr
Re: [gentoo-user] KDE? Get me out of here!
I wonder if amarok would not be better off using the strigi/nepomuk indexing function, instead of trying to be real clever and doing it itself. I think Amarok uses MySQL.
Re: [gentoo-user] No more mythtv for Gentoo users?
Wasn't Agrajag the toothless wonder that kept getting accidentally killed by Arthur Dent? Yes
Re: [gentoo-user] How to get KMS to set the screen resolution to that of the external monitor attached to the laptop.
On Sun, Feb 28, 2010 at 9:05 AM, ubiquitous1980 nixuser1...@gmail.com wrote: Is there a way to get KMS to set the resolution to 1680 x 1050 so that I have more real estate on my external monitor. At present, the external monitor is not getting full use with parts of it blacked out to make the resolution of the laptop's screen. Thanks, Damien A person named Duncan running Gentoo can be found on the KDE mailing list. There is a thread about this on that list and I think there was a solution.
Re: [gentoo-user] Manual pages (man pages) have ESC all through them when having used sudo.
On Sun, Feb 28, 2010 at 7:28 AM, pk pete...@coolmail.se wrote: ubiquitous1980 wrote: http://lists.debian.org/debian-security/2006/07/msg00059.html With sudo su - the man pages do not have ESC throughout. I have learned sudo su from my ubuntu days and I am only guessing that this is bad practice and that the correct command is $ sudo su - No need to guess. Messing with superuser privileges without a proper superuser environment (paths etc.) is considered bad from a security point of view; for instance, an malicious application could be installed in your user home dir, prepend the path to this to your local user $PATH and whenever you do su (without -) you could invoke this app with superuser privileges... So to summarize: The link above (debian.org) explains it quite well and yes, I would say it's a bad habit to omit -. :-) 7 years ago a veteran Linux user taught me to always use su - for the very reason you stated.
Re: [gentoo-user] Multi-file search replace of text
On Sun, Feb 28, 2010 at 4:41 PM, Stroller
strol...@stellar.eclipse.co.uk wrote:
On 28 Feb 2010, at 19:06, Etaoin Shrdlu wrote:
On Sunday 28 February 2010, Stroller wrote:
...
$ sed 's/Project Gutenberg/Wordsworth Classics/' foo bar
$ mv bar foo
$
Have a look at sed's -i option.
Using `grep` I can search *recursively* through directories to find the
text I'm looking for. EG: `grep -R Gutenberg ~`
I would like to find every instance of $foo in a directory hierarchy and
replace it with $bar.
...
A starting point could be (after you make a backup of the whole tree)
find /basedir -type f -exec sed -i 's/foo/bar/g' {} +
Many thanks - that looks great!
My only concern is that it is unreliable enough that you state the need to
backup first. ;)
Why are you concerned about a backup? It is always good to do backups
before changing things. You never know when something might go wrong.
;)
