Re: [CentOS] nouveau crash on centos 6.5
From my experience, if you are using NVidia graphics cards you should probably change over to the proprietary NVidia drivers. They have fewer issues and better performance. Here are a couple of links on how to do this. We've had people who have had success with each of these 2 different methods: http://www.linuxquestions.org/questions/linux-newbie-8/instructions-on-how-to-make-nvidia-gtx645-graphics-card-run-using-nvidia-in-rhel-6-5-a-4175500802/ http://rodgersnotes.wordpress.com/2013/07/07/installing-nvidia-drivers-on-redhat-6-4-and-removing-nouveau/ Stephen Lewis stephen.le...@idt.com Computer Operations Support, ADC -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of zep Sent: Friday, September 12, 2014 9:42 AM To: centos@centos.org Subject: Re: [CentOS] nouveau crash on centos 6.5 On 09/12/2014 09:20 AM, Jan Taylor wrote: Hi, I am running 64 bit CentOS 6.5, and have an intermittent problem where the desktop crashes with the following error nouveau E[Xorg 6062]] failed to idle channel 0xccc The only route I have out of it is to power down then restart. It is intermittent, where some days it does not happen, to 2-3 times per day. Have others had this experience and is there a solution? Thanks in advance for any help Best wishes Jan _ http://markmail.org/message/v7lmivgrosja75lp#query:+page:1+mid:apvyygkt55yrzu4i+state:results suggests it's also been an issue for ubuntu, towards the end of that thread there are some suggestions for fixes (kernel parameters to set) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] need help with 6.3 install, kernel panic when os boots up
Hi, I am new to the community and look for some help for installing CentOS on my Dell poweredge t420 server. I am installing the CentOS on dual boot; already have the windows server 2008 installed via UEFI. I installed the CentOS 6.3 via UEFI DVD boot too, and because my server have the hardware RAID, so instead of the LVM, I use standard partition for all my partitions. The installation completed successfully and I let the installer write the boot info into the EFI boot partition. Reboot the machine after installation complete, but got kernel panic issue when loading the OS. I saw some message like this: Kernel panic - not syncing: Attempted to kill init! Pid: 1, comm: init Not tainted blablba version BTW, don't want to make thing complicated, but curious if the partition might be a issue here(whether type, or the order of the partition) The weird thing is before I installed the centOS using standard partition, I by chance, chose use free space for create the partition to install the OS once, and the system automatically help me create the LVM and OS was working fine. After that I format the harddisk and want to install it again using standard partition, and it failed. Thanks for any help. I could provide more debug info, just let me know how. Lewis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kernel autoconfigure ?
2012/3/27 Johnny Hughes joh...@centos.org: On 03/26/2012 04:45 PM, admin lewis wrote: Anyone know if there is a kernel autoconfigure tool to compile from source ? thanks luigi What are you trying to accomplish. Simply I want enable grsecurity. I downloaded vanilla kernel and grsecurity patch but I dont want reconfigure every kernel options.. because it's too long read and understand every feature of the kernel. Also I want disable all modules I dont need. Finally I dont want initrd. Thanks very much for any help luigi -- Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007 http://predellino.blogspot.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] kernel autoconfigure ?
Anyone know if there is a kernel autoconfigure tool to compile from source ? thanks luigi -- Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007 http://predellino.blogspot.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos 6.2 install some problems
Hi, I have reinstalled centos 6.2 x86_64 because it seems there is not xfs mod on i386. But i have found an orther problem. After the partitioning there is not any prompt to choice the type of server I want (minimal, web etc) So now I have a desktop installation... I want to remove xorg, gnome etc.. and an other bug.. i am unable to setup Eth interface ... with system-config-network-tui i cant see any eth.. I have 4 NIC.. and all works well.. cheers luigi -- Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007 http://predellino.blogspot.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] XFS on Centos 6.2 ?
Hi, I need of to mount an XFS partition on Centos 6.2 .. but I cant find the kernel module.. it that true the xfs is available only under x86_64 ? -- Linux Server, Microsoft Windows 2003/2008 Server, Exchange 2007 http://predellino.blogspot.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Secure a python http server
Hi, I want to make secure my python http server.. what should i use ? chroot ? there are something more secure ? On my centos server I've SE enabled..then .. sandboxing ? Thanks very much lewis -- Linux and Windows 2003/2008 Server. http://predellino.blogspot.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Secure a python http server
2011/8/30 Steven Crothers steven.croth...@gmail.com: You wrote the application... nobody can tell you how to secure code they've never seen. On Tue, Aug 30, 2011 at 1:16 PM, admin lewis adminle...@gmail.com wrote: Hi, I want to make secure my python http server.. what should i use ? chroot ? there are something more secure ? On my centos server I've SE enabled..then .. sandboxing ? http://mapproxy.org/ that's it.. lewis -- Linux Server, Microsfot Windows 2003/2008 Server, Exchange 2007 http://predellino.blogspot.com/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] ups advice
2011/4/14 John R Pierce pie...@hogranch.com: On 04/14/11 9:06 AM, admin lewis wrote: Hi I have a Dell PowerEdge T310 *tower* server.. I have to buy an ups by apc... anyone could help me giving an hint ? a simple smart ups 1000 could be enough ? apc smartups or eaton powerware woudl be my choices. 1000VA should be fine. avoid consumer UPS's like apc backups, they are junk. how long do you need the system to stay powered when the power fails? just long enough to shutdown? or do you need it to stay up for some period of time? Few minutes... 10 minutes should be enough.. and then shutdown the machine .. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] [OT] ups advice
Hi I have a Dell PowerEdge T310 *tower* server.. I have to buy an ups by apc... anyone could help me giving an hint ? a simple smart ups 1000 could be enough ? thx so much!! lewis. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] ups advice
2011/4/14 Bowie Bailey bowie_bai...@buc.com: On 4/14/2011 12:06 PM, admin lewis wrote: Hi I have a Dell PowerEdge T310 *tower* server.. I have to buy an ups by apc... anyone could help me giving an hint ? a simple smart ups 1000 could be enough ? APC's website has a UPS Selector feature that will recommend a UPS based on your equipment. -- Bowie I take a APC Smart-UPS 1000VA LCD 230V It seems good a enough to give 15-20 minutes of power to my server. very very thanks for your simple but very useful hint. lewis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Rules for port forwarding
Hi, does anyone remember the rules for port forwarding ? the followings does not work: iptables -A FORWARD -i eth0 -o eth1 -p tcp –dport 80 -j ACCEPT iptables -A PREROUTING -t nat -p tcp -i eth0 –dport 80 -j DNAT –to 192.168.20.1:80 thx lewis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Install on Dell PowerEdge T310
2011/3/24 Alexander Dalloz ad+li...@uni-x.org: Am 23.03.2011 19:33, schrieb admin lewis: Thanks very much to all, now I have understood.. anyway it's a perc s300.. I see I can make a virtual disk read-only... very interesting.. well .. to have a /boot partition read-only is a non-sense... thanks to all again... someone has told google is your friend .. ..but I say I prefer human friend.. :-) https://access.redhat.com/kb/docs/DOC-19840 yep, after I created the array, centos cant see any disk... :-( ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Install on Dell PowerEdge T310
Hi, this is the first time I install linux on a dell server. Simply I booted from a centos 5.5 x64 dvd but I cant see the disks.. is there something I miss ? thanks very much for any help luigi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Install on Dell PowerEdge T310
2011/3/23 John R Pierce pie...@hogranch.com: On 03/23/11 10:40 AM, admin lewis wrote: Hi, this is the first time I install linux on a dell server. Simply I booted from a centos 5.5 x64 dvd but I cant see the disks.. is there something I miss ? does that system have some form of PERC raid controller? you need to go into the PERC Bios (or use Dell's utility disk and the raid configuratator) and define whatever level of hardware raid you want, creating logical volumes that your OS will see as 'disks'. Thanks very much to all, now I have understood.. anyway it's a perc s300.. I see I can make a virtual disk read-only... very interesting.. well .. to have a /boot partition read-only is a non-sense... thanks to all again... someone has told google is your friend .. ..but I say I prefer human friend.. :-) -- Admin Lewis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] tcpdump; how to dump all
Hi, My server is connected to the lan and when I run tcpdump I see few packets captured but lots packets received by filter. How can I dump every packets received by filter ? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to set ACLs on windows share
2010/10/26 Miguel Medalha miguelmeda...@sapo.pt I have to get/set acls on a windows share by script. I can mount the windows share by mount.cifs but I don't know how to set/get acls... anyone could help me ? thx so much. You would benefit from posing this question to the Samba mailing list: sa...@lists.samba.org Do you want to set the ACLs from the Windows side or from the Unix server side? What do you use to store ACLs? Linux ACLs? A Samba VFS module? Hi, I found the solution... smbcacls ... anyway... I have a linux client and I want to get/set acls on a windows share, by script. anyway thx. bye ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] how to set ACLs on windows share
Hi, I have to get/set acls on a windows share by script. I can mount the windows share by mount.cifs but I don't know how to set/get acls... anyone could help me ? thx so much. -- Admin Lewis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] temp dir, httpd and selinux
Hi, I have a php software installed on a centos server with selinux enforced activeted. The php software (glpi -- http://www.glpi-project.org) have a plugin that must write on a temp dir... but selinux dont give access to that dir to write. How should i do ? lewis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Net CD/DVD writer
Hi, i'm looking for a net cd writer software. I've found webcdwriter (http://joerghaeger.de/webCDwriter/) but it seems not more upgraded. Anyone know something else ? thx lewis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Partitioning production server
Hi, I have to install a production server with postgresql.. with few hundreds of MB (2-300) would u advice me to partitioning the disk ? The server will be under vmware environment with SAN as storage. -- -- Lewis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Problems with NFS version 4 Kerberos
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi All, I've got a problem with kerberoized NFS server , i can't start rpc.svcgssd daemon on my server. shaver ~ # rpc.svcgssd -fvvv ERROR: GSS-API: error in gss_acquire_cred(): Unspecified GSS failure. Minor code may provide more information - No principal in keytab matches desired name Unable to obtain credentials for 'nfs' unable to obtain root (machine) credentials do you have a keytab entry for nfs/your.host@YOUR.REALM in /etc/krb5.keytab? shaver ~ # klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal - - -- 2 nfs/shaver.aaron@aaron.net 2 nfs/shaver.aaron@aaron.net 2 nfs/shaver.aaron@aaron.net 2 nfs/shaver.aaron@aaron.net 2 host/shaver.aaron@aaron.net 2 host/shaver.aaron@aaron.net 2 host/shaver.aaron@aaron.net 2 host/shaver.aaron@aaron.net shaver ~ # hostname shaver.aaron.net shaver ~ # domainname shaver.aaron.net Kerberos works well on client , i just thought i've got problems with principal name. Appreciate any of your help ;-) Thanks. - -- Best Regards, Aaron Lewis - PGP: 0x4A6D32A0 FingerPrint EA63 26B2 6C52 72EA A4A5 EB6B BDFE 35B0 4A6D 32A0 irc: A4r0n on freenode -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv4se0ACgkQvf41sEptMqAZswCglOKzYbRD5KHMmaZWhfP+NcOX AI4AnjeQqp8OCHh+K67wuq3r99JMGoFU =Xd5s -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 2 internet connections and one for backup
You are still flouting the rules of posting on the mailing list even after I sent you a polite offlist message not to top-post. Read the following link on how to post on the CentOS list. http://www.centos.org/modules/tinycontent/index.php?id=16 Regards, Vandaman. Apparently, someone didn't get what they wanted for Christmas, is grumpy and feels like being the list police. Lighten up man... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] pop3 attack
IPCop won't stop it. It will let you put a firewall rule in to block them, but you can do that with regular iptables. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lanny Marcus Sent: Tuesday, December 09, 2008 6:12 PM To: CentOS mailing list Subject: Re: [CentOS] pop3 attack On Tue, Dec 9, 2008 at 4:26 PM, James Pifer [EMAIL PROTECTED] wrote: Thanks to all. For now I've stopped it using iptables. I tried stopping it at my router without success, yet another reason to replace it! I will also report it to [EMAIL PROTECTED] Great. Scott can tell you whether or not if you switch to IPCop as your Firewall/Router, that would stop it. As I recall, IPCop considers things originating within your LAN OK, and things from outside as suspicious. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Trouble Donating on centos.org
I don't trust paypal with my real CC#. Yay for temporary numbers. What's to trust? They do anything unauthorized, call your CC company and let them take care of it. That's the beauty of credit cards, your liability is almost nothing. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Where is the file that sets aliases?
I'm sorry, but I just can't understand why I can't find these Anne [EMAIL PROTECTED] ~]# pwd /root [EMAIL PROTECTED] ~]# cat .bashrc # .bashrc # User specific aliases and functions alias rm='rm -i' alias cp='cp -i' alias mv='mv -i' # Source global definitions if [ -f /etc/bashrc ]; then . /etc/bashrc fi [EMAIL PROTECTED] ~]# ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] OT Mailing List Spam
This is why the RFC clearly states that you must answer certain email addresses; abuse@ being one! If you don't follow the RFC's than how can anyone expect your protocols or operations to be compliant with any standards? Now, someone decided, in their infinite wisdom, that if you send an auto-reply directing you to a web form, that this is compliant.. where as I read it as a cheat! That does not allow me to use the abuse@ address for the function it was intended and as stated earlier: I DO NOT HAVE TIME IN A DAY TO GO REPORTING SOME ADMINISTRATOR'S DEFICIENCY IN POLICING HIS/HER OWN USERS THROUGH A PROPRIETARY WEB FORM. Therefore, I have been given authority to block them, meeting my management's criteria. Make sure your rules meet the RFCs and your management's criteria and you will make your life a whole lot simpler.. Oh, and argue the RFC's with management, in case they do not understand! So, let's look at your stance. [EMAIL PROTECTED] would probably get millions of mails a day. Acting more as a spam trap more than anything else, and I don't think anyone would call them unreasonable for not reading each and every mail sent to it. If you think they should, perhaps you should volunteer. The spirit of the RFC is that you could send mail to [EMAIL PROTECTED] and get in touch with someone. When the RFC was written, the idea that someone will monitor this mailbox was reasonable. Today, it is not in all cases. So, in that spirit, some orgs have setup auto responders telling you how to get in touch with them. In my opinion, this is a perfectly reasonable solution that accomplishes the same goal. Why you feel like you are too good to communicate them in an effective manner is your own issue, not theirs or the RFC. They are obviously understanding the goal of the RFC and attempting to comply, where you are just blindly taking it literally. My suggestion to you is to learn to think beyond the exact wording and look at the spirit of the RFC and apply it to the situation. In this case, you send mail to abuse, they reply with an effective way to communicate with the abuse contacts. How that is cheating is beyond me. They met your criteria given that they must answer certain addresses, even if it was with an auto-reply. I don't know what is proprietary about a web form. They are based on RFCs as well and so long as it functions in your web browser, why would you care? To take it one step further, if you are having trouble communicating with them via e-mail, this may be an ideal way to reach them as e-mail may not be effective. Basically, get off your holier than thou RFC high horse and at least make an attempt to work with people instead of just bitching and moaning that they don't do exactly what you think they should. Or, submit an updated RFC to update it to your opinion on this cheating. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] OT Mailing List Spam
Male Bovine Defecation! If yahoo is going to provide mail services, they damn well should do it in a responsible manner. Just becaue they are big does not exempt them from this responsibility. On the contrary, the large free mail providers, yahoo, hotmail, gmail, etc. are frequently used by spammers, phishers, and other criminals for drop boxes to further their crimes. As large as it is, AOL does a very good job of dealing with complaints and handling spam. They are also quite active in the anti-spam/anti-phishing community. What are they doing that is not responsible other than not doing thing the way YOU think they should? As I pointed out, they accept abuse complaints, just not in the way the YOU think they should. I would have to read the RFC, but I assume it does not specify that all abuse correspondence must be done via e-mail using the abuse address, only that they have to accept mail for that address. Which, they do. They are playing 100% by the RFC, just not in the way you want them to. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] OT Mailing List Spam
Just the idea of a autoresponder for abuse mail account is dang scary. Would make a spammers job easy. I do not use autoresponders ever for any accounts. I have the server eat all mail that comes in and not bounce them off, Again, a good thing for a spammer to find. And what are they going to do, spam people with Yahoo's auto reply? It's not like it's an open relay. Possible it could be used for a DOS attack, but not for spamming. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] OT Mailing List Spam
Well, there are ways and there are ways. An e-mail that allows a single reply to confirm an abuse report (avoiding spurious reports/spams) could be sent to the original reporter. Have a single change needed, varied with an arbitrary value to avoid mechanical responses, could accomplish the same thing with less time/effort on the part of the original reporter. Or, a web form. What is the difference? What we see implemented is really more of an offload effort from us to them solution. That is not contained in the intent of the RFC. So, the real rant comes not against the RFC intent, but against the implementation which forces more workload onto a well-intentioned reporter of abuse. So, your complaint is with who is doing it, not how they are doing it? Workload? Cut and paste the original mail into the web form. And, in the future, you can bypass the initial e-mail. Why you feel like you are too good to communicate them in an effective manner is your own issue, not theirs or the RFC. One hell of an assumption on your part there. There is no assumption. You are the one who was ranting about not being able to communicate with them on your terms. The RFC does not specify that all communication must be by SMTP, only that they must reply to the abuse address. You just don't like it for whatever reason. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] RE: Create Local CentOS 5.1 repo
Looking at the structure on one of the mirrors should help you: http://mirror.centos.org/centos/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Joseph L. Casale Sent: Saturday, April 12, 2008 1:36 PM To: CentOS mailing list Subject: [CentOS] Create Local CentOS 5.1 repo I am trying to create a local base repo from the DVD on a webserver as I am not able to install with the x64 DVD. I have done this before I recall by placing the DVD contents in the root of an empty webserver, but I have many existing repo's on this current server and so I wanted to maintain the existing hierarchy structure. I tried using the createrepo command and neither that nor copying the DVD into specified dir is working. Anyone know how to do this? Thanks! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Centos 5 on i586
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Garrick Staples Sent: Friday, February 08, 2008 4:32 PM To: CentOS mailing list Subject: Re: [CentOS] Centos 5 on i586 On Fri, Feb 08, 2008 at 12:40:55PM -0800, MHR alleged: On Feb 8, 2008 9:02 AM, Ray Van Dolson [EMAIL PROTECTED] wrote: On Fri, Feb 08, 2008 at 05:47:58PM +0100, Matias Surdi wrote: Is possible to install Centos 5 on a 586 CPU? (cpu_type = 5) No. I think there was some interest in making this happen at some point: http://wiki.centos.org/QaWiki/CentOS5PentiumSupport However I'm not sure that it will end up happening: http://bugs.centos.org/view.php?id=1836 Pardon me, but you CAN install CentOS 5.1 on any x86 CPU. If your CPU is a valid 64-bit CPU, you can install either the i386 version (32-bit) or the x86_64 version. You may not get full support of specific CPU instructions that are available ONLY on your particular CPU, but the right one will run. I had 586 CPUs on two different machines at work way back when 5.0 came out, and the x86_64 installation ran just fine on both. There is no such thing as a 64bit i586 CPU. With regards to Intel CPUs, the original Pentiums are i586. Everything after that (PentiumPro, PentiumII, III, and IV) is i686. Earlier PentiumIV are 32bit only, later chips added the 64bit instructions and registers. The CPUs are backwards compatible with older software. So, what is a valid 64bit CPU? I have a DEC Alpha in the basement that is most certainly 64 bit, but can't install the i386 or x86_64 version on it. How about Sparc or HP-UX boxes? Are they valid 64 bit CPUs? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Firewall frustration
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Weaver Sent: Monday, December 31, 2007 8:09 PM To: centos@centos.org Subject: Re: [CentOS] Firewall frustration -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 31 Dec 2007 12:21:34 -0500 Robert Moskowitz [EMAIL PROTECTED] wrote: William L. Maltby wrote: On Mon, 2007-12-31 at 09:33 -0500, Robert Moskowitz wrote: Peter Farrell wrote: Problem is I want a REAL router/firewall with little work. Run a smoothwall installtion and replace your CentOS install. http://www.smoothwall.org/ well first challenge is my unit's USB ethernet dongles. Centos uses the RTL 8150 driver for them. Smoothwall only lists the RTL 8129, 8139, and 8169... I've used this at home for years. I don't know if it's suitable, but it seems *very* flexible. Allows for NAT or not, has typical zones, reporting, IPTables modification support, ... http://www.ipcop.org/ Has run/tested successfully on various configurations here. It's another ditch your CentOS solution though. But you can put it on any old junk laying around and it'ss probably work. Using cable modem in the boonies, 486DX/66 gives about 450KB/sec, Pentium 200MHz pci gives = 700MB/sec - both from decent sites. Tested using both ISA and PCI bus adapters through both twisted pair and thin coax. As I thought about things this morning, trying to put up smoothwall, I realized that one of my goals is to have a tool to turn a Centos system that I am using for foo, into a firewall for bar for a day. I have Astaro for my serious firewall needs (see later post), but need something 'portable'. You see I have these plans with some small itx systems have you considered linux that fits on a floppy disk? http://mypage.uniserve.ca/~thelinuxguy/small_and_floppy_linux/ http://www.linuxlinks.com/Distributions/Floppy/ http://www.dmoz.org/Computers/Software/Operating_Systems/Linux/Distribut ions/Tiny/Floppy_Sized/ get one running and configured and save to floppy... things go south reboot the machine and everything is back. no hard drives to worry about... - -- Mark Drunkenness is not an excuse for stupidity. If you're stupid when you're sober then that's one thing, but if you're sober when you're stupid, then you're just plain stupid! == Powered by CentOS5 (RHEL5) -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHeZKZAHUWFbtwPigRAqlLAJ9NrXCoPuh0vyCET81GKQ7a27RQ0QCbBvkT Ez253XYLAOfSJS7u5ij36U4= =jb20 -END PGP SIGNATURE- I have this vision of a live CD that would come up and pull down it's config via SCP or HTTPS and run. Or maybe a PGP encrypted file over TFTP. No writable media in the machine at all, no access to write to the configs, just a dumb device that knows where to get it's config. Any compromise could be fixed with just a reboot, the config could even be reloaded at some interval automatically, off machine logging, perhaps even without an interface. You could more than likely go one step further and use PXE to load everything over NFS or something, then you are at no moving parts. Unfortunately, I have the ideas but not the knowledge or time. In my opinion, this would be the ultimate evolution of things like IP Cop and Smoothwall. I want to say that monowall had this on the roadmap, but I haven't looked lately. Appears someone has done some work on it: http://people.freebsd.org/~nik/m0n0wall/pxe+nfs/article.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Best laptop for CentOS
I would love to find a Linux laptop that had good wi-fi support. Including WPA and using an integrated wi-fi adaptor. Having to edit a File to connect to a secure access point is not user friendly if you ask me. I haven't tried with CentOS, but my new Compaq/HP NC6400 Intel chipset based wireless worked great with my WPA access point via the GUI on the Scientific Linux live CD. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
