Re: SOLVED?! Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
> On Tue, 2004-10-12 at 15:41, Simon Wong wrote: > > http://lists.slug.org.au/archives/slug/2001/August/msg00730.html > > > > I've just realised that this DOESN'T let me reconnect to my old session > :-( > > Guess I was a bit hasty... That's the bit you have to wait for. ;-) - Jeff -- linux.conf.au 2005: Canberra, Australia http://lca2005.linux.org.au/ "Creative thinkers make many false starts, and continually waver between unmanageable fantasies and systematic attack." - Harry Hepner -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Gnome games. The other type.
The nephew noticed some games on my laptop, in particular one called, I think, Same (ball game, object is to get rid of the entire set). Could he have a copy for Dad's (Microsoft-oriented) PC? I dunno. Is there an analogous game somewhere? Any help etc., Regards, Bill Bennett. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Latex question. On arrows.
@>>> and @<<< do *not* produce arrows that extend automatically to accommodate unusually wide subscripts and superscripts, page 226 of TLC notwithstanding. I have a feeling that I've seen this before, although long ago and far away. Can anyone help, please? Regards, Bill Bennett. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
CLOSED Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
On Tue, 2004-10-12 at 15:18, Jeff Waugh wrote: > > I want to do what Windows does with Terminal Server. You can connect, > > login, disconnect, then reconnect right where you left everything at some > > later point in time. > > As long as you're happy self-configuring vncserver sessions, you can do Thanks, this is what I will investigate. > that. Making it all work with sleek integration is a fair chunk of work > (which GNOME hackers are doing for you). Cool :-) -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] GNOME keyboard repeat rate
On Tue, Oct 12, 2004 at 03:14:30 +1000, James Gregory wrote:
> Does someone know how this works?
It writes to the 8042 keyboard controller directly. There are two i/o
registers, 0x64 and 0x60. For more info on these registers, see:
http://members.tripod.com/~oldboard/assembly/8042.html
http://members.tripod.com/~oldboard/assembly/keyboard_commands.html
This is the exact sequence (from strace):
open("/dev/port", O_RDWR) = 3
lseek(3, 100, SEEK_SET) = 100
read(3, "\24", 1) = 1
lseek(3, 96, SEEK_SET) = 96
write(3, "\363", 1) = 1
lseek(3, 100, SEEK_SET) = 100
read(3, "\24", 1) = 1
lseek(3, 96, SEEK_SET) = 96
rt_sigprocmask(SIG_BLOCK, [CHLD], [], 8) = 0
rt_sigaction(SIGCHLD, NULL, {SIG_DFL}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
nanosleep({1, 0}, {1, 0}) = 0
write(3, "\0", 1) = 1
close(3)= 0
> Is it X limiting the repeat rate, or is it the keyboard?
It's the keyboard.
Cheers,
John
--
Also of interest is the practice of creating something useful that
should and would be used by hordes of people, then deploying it using
ASP and SQL Swerver, ensuring that when the hordes do arrive, it'll
rapidly become a molten heap of slag and 404s. -- Dan Birchall
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: SOLVED?! Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
On Tue, 2004-10-12 at 15:41, Simon Wong wrote: > http://lists.slug.org.au/archives/slug/2001/August/msg00730.html > I've just realised that this DOESN'T let me reconnect to my old session :-( Guess I was a bit hasty... -- Simon Wong <[EMAIL PROTECTED]> Wongy.org -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
SOLVED?! Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
On Tue, 2004-10-12 at 15:17, Jeff Waugh wrote: > If you search for GDM and VNC in the SLUG archives, you'll very likely find > one of my old recipes for fun inetd+gdm+vncserver love. That'll let as many > people log in as you want (plus you can limit it), with autoconfigured VNC > sessions for each of them, managed via GDM. Thanks Jeff :-) http://lists.slug.org.au/archives/slug/2001/August/msg00730.html You've made my Month! I'll give this a go and look forward to future vino/GDM love! -- Simon Wong <[EMAIL PROTECTED]> Wongy.org -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] GNOME keyboard repeat rate
This one time, at band camp, James Gregory wrote: >I don't know much about how this stuff works. Has anyone else had this >problem? Is there a solution? Is it bug-filing time? Do you have "keyboard rate programming" enabled or disabled in the BIOS? -- [EMAIL PROTECTED] http://spacepants.org/jaq.gpg -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
This one time, at band camp, Simon Wong wrote: >Can it be setup for multiple people to login, simultaneously? x11nvc has the -shared option to allow multiple simultaneous connections. In general the answer to your RD questions are "yes". -- [EMAIL PROTECTED] http://spacepants.org/jaq.gpg -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
This one time, at band camp, Jeff Waugh wrote: > > >> I want to be able to connect to a server running X and GDM, login, do some >> stuff and then be able to disconnect and reconnect at a later stage (like >> Citrix Metaframe allows you to do) with my applications, xterms etc still >> running. >> >> Is this possible with GDM and XDMCP or will I get a new session everytime >> I connect to GDM? >> >> I want to be able to get a whole desktop rather than just X forwarding of >> applications. > >You'll get a new session every time you connect. > >So there's a few ways of doing this, all of them are a bit lame at the >moment (at least in relation to your specifications), but there's some very >interesting stuff in the wings. There's one other tool, x11vnc on debian, which does almost the same thing; You run it as an app on someones x session and it allows VNC clients to connect. It means you need to have your user always logged in and have x11vnc running though. Maybe suitable for a quick hack but I'd recommend GNOME 2.8 for real rockin' remote desktops. -- [EMAIL PROTECTED] http://spacepants.org/jaq.gpg -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
> I want to do what Windows does with Terminal Server. You can connect, > login, disconnect, then reconnect right where you left everything at some > later point in time. As long as you're happy self-configuring vncserver sessions, you can do that. Making it all work with sleek integration is a fair chunk of work (which GNOME hackers are doing for you). - Jeff -- linux.conf.au 2005: Canberra, Australia http://lca2005.linux.org.au/ "When there's public debate and mass hysteria, that's when the patches roll in." - Michael Meeks -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
> I'm a bit confused about VNC as I've only ever used it for single (one > user) connections. > > Can it be setup for multiple people to login, simultaneously? As in, two people viewing/using the same session (you can), or multiple people using multiple sessions (see below)? > Even for 1 user, would I start GDM and then tightvncserver so that at > least one session is available? If you search for GDM and VNC in the SLUG archives, you'll very likely find one of my old recipes for fun inetd+gdm+vncserver love. That'll let as many people log in as you want (plus you can limit it), with autoconfigured VNC sessions for each of them, managed via GDM. - Jeff -- linux.conf.au 2005: Canberra, Australia http://lca2005.linux.org.au/ Toothpaste is the most important meal of the day. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] GNOME keyboard repeat rate
On Tue, Oct 12, 2004 at 03:07:04PM +1000, John Clarke wrote: > On Tue, Oct 12, 2004 at 02:57:52 +1000, James Gregory wrote: > > > I had forgotten about kbdrate. I've now tried it and it has resulted in > > my keyboard being stuck at a single, slow speed. > > I've never seen it do that before. It used to (and may still) default > to the lowest possible repeat rate, which is *really* slow, but > "kbdrate -r 30 -d 250" has always worked fine for me. That's in fact precisely the command I used. Does someone know how this works? Is it X limiting the repeat rate, or is it the keyboard? What about when set by the gnome keyboard app? Does it then go through some other path? Thanks for your help though, James. -- "Now, there are no problems only opportunities. However, this seemed to be an insurmountable opportunity." - http://www.surfare.net/~toolman/temp/diagram.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
On Tue, Oct 12, 2004 at 02:52:53PM +1000, Simon Wong wrote: > ... least one session is available? The way I run it is not with GDM, but have 'exec gnome-session' as the last (and possibly only) line of my .vnc/xstartup file. Note that Gnome only allows one gnome session per user per machine as far as I know. Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] GNOME keyboard repeat rate
On Tue, Oct 12, 2004 at 02:57:52 +1000, James Gregory wrote: > I had forgotten about kbdrate. I've now tried it and it has resulted in > my keyboard being stuck at a single, slow speed. I've never seen it do that before. It used to (and may still) default to the lowest possible repeat rate, which is *really* slow, but "kbdrate -r 30 -d 250" has always worked fine for me. Cheers, John -- The fact that I can say the John Howard is a short weasly little man with the social vision of an accountant, and the likeability of a small mound of ratshit, and not get locked up, is enough freedom for my needs. -- James Vandenberg -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] GNOME keyboard repeat rate
On Tue, Oct 12, 2004 at 02:42:36PM +1000, John Clarke wrote: > On Tue, Oct 12, 2004 at 02:38:11 +1000, James Gregory wrote: > > > I'm stuck on a problem that really looks like it should be easy to fix. > > I wanted to speed up the repeat-rate on my PC keyboard at work so I > > Have you tried kbdrate? I had forgotten about kbdrate. I've now tried it and it has resulted in my keyboard being stuck at a single, slow speed. -- "Now, there are no problems only opportunities. However, this seemed to be an insurmountable opportunity." - http://www.surfare.net/~toolman/temp/diagram.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
On Tue, 2004-10-12 at 13:21, Stuart Guthrie wrote: > That sounds more like VNC. So everyone says :-) > Is this what you mean? > > http://www.linuxjournal.com/article.php?sid=6553 Man, that guy has *the* most annoying writing style. I want to do what Windows does with Terminal Server. You can connect, login, disconnect, then reconnect right where you left everything at some later point in time. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
On Tue, 2004-10-12 at 14:28, Jeff Waugh wrote: > You'll get a new session every time you connect. I suspected as much :-( > * You can run an 'xvncserver' process, which is an X server, but with an >RFB (VNC) framebuffer. This will hang around as long as you want it to, >independently of the VNC connections to it. Generally, once the last X >client disconnects, the server will go with it (just like normal X, when >your desktop session ends, for example). I'm a bit confused about VNC as I've only ever used it for single (one user) connections. Can it be setup for multiple people to login, simultaneously? Even for 1 user, would I start GDM and then tightvncserver so that at least one session is available? > > * You can run vino (GNOME) or krfb (KDE) on an existing X server. This is >much like running VNC on Windows - it shares the current desktop. It's >going to be pretty CPU intensive on the X server unless you have DAMAGE >support in your X server (latest Xorg release) and VNC server (vino can >use DAMAGE). This method is really designed for viewing someone else's >running session more than anything else, handy for doing support and so >on. It's only as persistent as the X server itself. I installed this from Debian and it works quite well - for sharing a desktop as you mention. In fact it gets quite amusing when you try and connect from an xterm in Gnome to your current desktop like I just did! > > * The next version of vino, due for GNOME 2.10 will integrate with GDM, to >provide true session roaming capabilities. It will do precisely what you >describe above, much like Sun's cool SunRay machines. Oh well, maybe I have to wait six months... -- Simon Wong <[EMAIL PROTECTED]> Wongy.org -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] GNOME keyboard repeat rate
On Tue, Oct 12, 2004 at 02:38:11 +1000, James Gregory wrote: > I'm stuck on a problem that really looks like it should be easy to fix. > I wanted to speed up the repeat-rate on my PC keyboard at work so I Have you tried kbdrate? Cheers, John -- The last thing I remember before I woke (and /probably/ unrelated to earlier posts in this thread) was "But named shouldn't meow if there's an error in a zone file!" -- Alan W. Frame -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] GNOME keyboard repeat rate
Hi all, I'm stuck on a problem that really looks like it should be easy to fix. I wanted to speed up the repeat-rate on my PC keyboard at work so I figured I'd use the GNOME keyboard preferences app to do it. It's done almost what I wanted -- the keyboard repeat is fast for about a second or so, then it slows right down. I then attempted to set it with xset, figuring that might fix it. Alas it seems the GNOME setting overrides the X one as this didn't change anything. I don't know much about how this stuff works. Has anyone else had this problem? Is there a solution? Is it bug-filing time? Thanks, James. -- "Now, there are no problems only opportunities. However, this seemed to be an insurmountable opportunity." - http://www.surfare.net/~toolman/temp/diagram.html -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
> I want to be able to connect to a server running X and GDM, login, do some > stuff and then be able to disconnect and reconnect at a later stage (like > Citrix Metaframe allows you to do) with my applications, xterms etc still > running. > > Is this possible with GDM and XDMCP or will I get a new session everytime > I connect to GDM? > > I want to be able to get a whole desktop rather than just X forwarding of > applications. You'll get a new session every time you connect. So there's a few ways of doing this, all of them are a bit lame at the moment (at least in relation to your specifications), but there's some very interesting stuff in the wings. * You can run an 'xvncserver' process, which is an X server, but with an RFB (VNC) framebuffer. This will hang around as long as you want it to, independently of the VNC connections to it. Generally, once the last X client disconnects, the server will go with it (just like normal X, when your desktop session ends, for example). * You can run vino (GNOME) or krfb (KDE) on an existing X server. This is much like running VNC on Windows - it shares the current desktop. It's going to be pretty CPU intensive on the X server unless you have DAMAGE support in your X server (latest Xorg release) and VNC server (vino can use DAMAGE). This method is really designed for viewing someone else's running session more than anything else, handy for doing support and so on. It's only as persistent as the X server itself. * The next version of vino, due for GNOME 2.10 will integrate with GDM, to provide true session roaming capabilities. It will do precisely what you describe above, much like Sun's cool SunRay machines. That's going to rock way hard. :-) - Jeff -- GNOME Boston Summit October 9-11, 2004 We're kind of like Canada, only we hate ourselves more, and it's wetter around the edges. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
To do this with KDE you need to urpmi kdenetwork (if you're using mandrake) HTH Stu On Tue, 2004-10-12 at 13:21, Stuart Guthrie wrote: > That sounds more like VNC. > > I think Gnome can do something like this now. KDE since a year or so > ago. > > Is this what you mean? > > http://www.linuxjournal.com/article.php?sid=6553 > > Stu > > On Tue, 2004-10-12 at 12:58, Simon Wong wrote: > > Afternoon all! > > > > I want to be able to connect to a server running X and GDM, login, do > > some stuff and then be able to disconnect and reconnect at a later stage > > (like Citrix Metaframe allows you to do) with my applications, xterms > > etc still running. > > > > Is this possible with GDM and XDMCP or will I get a new session > > everytime I connect to GDM? > > > > I want to be able to get a whole desktop rather than just X forwarding > > of applications. > > > > > > -- > > Simon Wong <[EMAIL PROTECTED]> > > Wongy.org -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
> > Is this possible with GDM and XDMCP or will I get a new session > everytime I connect to GDM? new session.. you really want something like VNC. the vino project may do something close to what you want, http://www.gnome.org/~markmc/remote-desktop-2.html Not sure how mature it is yet.. Dave. -- David Airlie, Software Engineer http://www.skynet.ie/~airlied / airlied at skynet.ie pam_smb / Linux DECstation / Linux VAX / ILUG person -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
On Tue, Oct 12, 2004 at 12:58:56PM +1000, Simon Wong wrote: > Is this possible with GDM and XDMCP or will I get a new session > everytime I connect to GDM? You'll get a new session. You probably want to use VNC. Matt -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Are remote X sessions (XDMCP) reconnectable?
That sounds more like VNC. I think Gnome can do something like this now. KDE since a year or so ago. Is this what you mean? http://www.linuxjournal.com/article.php?sid=6553 Stu On Tue, 2004-10-12 at 12:58, Simon Wong wrote: > Afternoon all! > > I want to be able to connect to a server running X and GDM, login, do > some stuff and then be able to disconnect and reconnect at a later stage > (like Citrix Metaframe allows you to do) with my applications, xterms > etc still running. > > Is this possible with GDM and XDMCP or will I get a new session > everytime I connect to GDM? > > I want to be able to get a whole desktop rather than just X forwarding > of applications. > > > -- > Simon Wong <[EMAIL PROTECTED]> > Wongy.org -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Are remote X sessions (XDMCP) reconnectable?
Afternoon all! I want to be able to connect to a server running X and GDM, login, do some stuff and then be able to disconnect and reconnect at a later stage (like Citrix Metaframe allows you to do) with my applications, xterms etc still running. Is this possible with GDM and XDMCP or will I get a new session everytime I connect to GDM? I want to be able to get a whole desktop rather than just X forwarding of applications. -- Simon Wong <[EMAIL PROTECTED]> Wongy.org -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Scirpt Via browser Gives code=SERVER_RESPONSE_CLOSE !
Louis wrote: Hi Sluggers: When I call a script via the browser that takes some times to run I get this error from the browser and it stops the script. Server Error The following error occurred: [code=SERVER_RESPONSE_CLOSE] The server closed the connection while reading the response. Contact your system administrator. Please contact the administrator How can I deal with this to get the script to run right to the end ? Thanks. Louis. What is the script written in? Is the server under you're control? I'm guessing not. If it's PHP then the PHP docs have some tips on getting around long run-time scripts. Push output to the client earlier or something like that Fil -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] User mode linux 2.6
Has anyone got UML running on 2.6 series kernels? (Either with 2.6 as the host machine, or the user mode kernel) Benno -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Licensed Office Application. Licensed Operating System. Other Licensed Application. 840 (slug@slug.org.au)
http://Bwfzdy.eiddemih.info/?5Q7G7A5LG9cuTBBGOIEtR -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
Voytek wrote: BTW - what kernel are you using? Why don't you move to iptables? Linux 2.4.20-28.7 #1 Thu Dec 18 11:31:59 EST 2003 i686 unknown # service iptables ipchains and iptables can not be used together.[WARNING] there are several good reasons why I'm not moving to iptables; the 1st one is, I don't know how I guess, the default install used ipchains ? or, maybe I ticked a rwong choice ? Don't know. I'm a Debian guy so not enough experience with RH and relatives, sorry. what are advantges of moving ? basically, this is web/mail/sql host, with just these services allowed I have to admit it wasn't stright-forward to find an answer. Two possible reasons I could come up with are: 1. I suspect there is a speed advantage for iptables. 2. Get ready to move to 2.6 one day. It supports only iptables. And finally, here is a comparison table I found: http://www.oofle.com/iptables.php?page=compare Which looks pretty conclusive to me, two points which drew my attention: 1. Support for fragmented packets (there were various tricks used with fragmented packets to circumnavigate around firewall rules). 2. Connection state (just looking at the "SYN" bit is not always enough). Besides, there seems to be a plethora of GUI interfaces for iptables these days...:) I'd be glad to hear what others think. Does this answer your question? Cheers, --Amos -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
> Voytek wrote: >> >>-A input -s 220.240.54.97 -d 0/0 53 -p tcp -y -j ACCEPT >> > My experience with ipchains is ancient, I use iptables for years now so > I can't verify what I'm saying but: > > -A input -s 220.240.54.97 -d 203.42.34.54 53 -p tcp -y -j ACCEPT OK, thanks, done, and, still transfers OK > Should probably do the trick. If you leave it "-d 0/0" then I think you > allow > your secondary to access ANY host on your internal network which doesn't > sound like a Good Thing(tm) to me. OK, thanks > BTW - what kernel are you using? Why don't you move to iptables? Linux 2.4.20-28.7 #1 Thu Dec 18 11:31:59 EST 2003 i686 unknown # service iptables ipchains and iptables can not be used together.[WARNING] there are several good reasons why I'm not moving to iptables; the 1st one is, I don't know how I guess, the default install used ipchains ? or, maybe I ticked a rwong choice ? what are advantges of moving ? basically, this is web/mail/sql host, with just these services allowed -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
Voytek wrote: Ah ok, that's probably part of what I missed. I suppose that 203.42.34.54 is the IP address you tried to access, right? no, 203.42.34.54 is the dns host yes, that's what I mean, this is the address you used when you tried to access the DNS host? I wonder - did you keep getting "connection refused" when the server listened on the TCP port and the only problem was the firewall? I think so... For security's sake, I'd recommand blocking TCP access to your BIND from anyone but your designated secondaries. Otherwise you open this sensitive server for DOS attacks and all sorts of hazards, and they are not necessary for anyone else. so, that I'd need to do in ipchains rules, yes ? specifically allow tcp port 53 for each designated slave dns host ? is this how it works ? -A input -s 220.240.54.97 -d 0/0 53 -p tcp -y -j ACCEPT My experience with ipchains is ancient, I use iptables for years now so I can't verify what I'm saying but: -A input -s 220.240.54.97 -d 203.42.34.54 53 -p tcp -y -j ACCEPT Should probably do the trick. If you leave it "-d 0/0" then I think you allow your secondary to access ANY host on your internal network which doesn't sound like a Good Thing(tm) to me. BTW - what kernel are you using? Why don't you move to iptables? Hope this helps, --Amos -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
> Ah ok, that's probably part of what I missed. I suppose that > 203.42.34.54 is the IP address you tried to access, right? no, 203.42.34.54 is the dns host > I wonder - did you keep getting "connection refused" when the server > listened on the TCP port and the only problem was the firewall? I think so... > For security's sake, I'd recommand blocking TCP access to your BIND > from anyone but your designated secondaries. Otherwise you open > this sensitive server for DOS attacks and all sorts of hazards, and they > are not > necessary for anyone else. so, that I'd need to do in ipchains rules, yes ? specifically allow tcp port 53 for each designated slave dns host ? is this how it works ? -A input -s 220.240.54.97 -d 0/0 53 -p tcp -y -j ACCEPT -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Re: PHP and Perl for the web
On Mon, Oct 11, 2004 at 12:54:12AM +1000, Mike K wrote: > Is there a way to easily create and edit web pages layout of pages > produced via PHP/Perl and mySql? Are IDEs available that will allow > this? (Sorry, need MS Win ones as well. I guess I'm hinting at something > like dreamweaver or frontpage, et al.) Depends on how you're doing the development. I've successfully used FrontPage (blech) and Nvu (less blech, but is still pretty unpolished) as the layout platform, with calls to hand-written PHP functions as needed for dynamicism. With judicious use of CSS (yeah, try teaching a FrontPage jockey how to use CSS -- it's a fucking nightmare) the designer can do pretty much all of the prettying up. I've not worked out a way to let graphics wallies comprehensively screw with the layouts produced by my real PHP apps, but if you're not throwing stuff together, you should be able to get a good process going, where your graphics wallies doing the layout after the initial design phase, and then integrate the layout stuff into the app properly. - Matt signature.asc Description: Digital signature -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
Ah ok, that's probably part of what I missed. I suppose that 203.42.34.54 is the IP address you tried to access, right? I wonder - did you keep getting "connection refused" when the server listened on the TCP port and the only problem was the firewall? For security's sake, I'd recommand blocking TCP access to your BIND from anyone but your designated secondaries. Otherwise you open this sensitive server for DOS attacks and all sorts of hazards, and they are not necessary for anyone else. Cheers, --Amos Voytek wrote: Amos it looks I sorted some more of it, by, enabling TCP not just UDP: # netstat -tanp | grep :53 tcp0 0 203.42.34.54:53 0.0.0.0:* LISTEN 27791/named but, the prob was I was blocking port 53 -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
Hi Voytek,
also in your named.conf under...
options {
directory "/var/named";
// query-source address * port 53;
};
you may need to uncomment the query-source directive above
Ben
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
> Hi Voytek, > you also might want to consider... > www.simonzone.com > he has a neat GPL firewall called Guarddog that is very easy to > configure (GUI based). Just point and click to configure and you can output the rules it creates. > I've learnt a lot from studying its output. thanks, Ben it looks good, but, I only have command line access... -- Voytek -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
> (I missed most of the discussion due to e-mail problems). > > "connection refused" sounds like there is no server listening on the TCP > port. What does "netstat -tanp" give for port 53? Amos it looks I sorted some more of it, by, enabling TCP not just UDP: # netstat -tanp | grep :53 tcp0 0 203.42.34.54:53 0.0.0.0:* LISTEN 27791/named but, the prob was I was blocking port 53 -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
[SLUG] Scirpt Via browser Gives code=SERVER_RESPONSE_CLOSE !
Title: Message Hi Sluggers: When I call a script via the browser that takes some times to run I get this error from the browser and it stops the script. Server Error The following error occurred: [code=SERVER_RESPONSE_CLOSE] The server closed the connection while reading the response. Contact your system administrator. Please contact the administrator How can I deal with this to get the script to run right to the end ? Thanks. Louis. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
(I missed most of the discussion due to e-mail problems). "connection refused" sounds like there is no server listening on the TCP port. What does "netstat -tanp" give for port 53? Cheers, --Amos Ben Donohue wrote: Hi Voytek, you also might want to consider... www.simonzone.com he has a neat GPL firewall called Guarddog that is very easy to configure (GUI based). Just point and click to configure and you can output the rules it creates. I've learnt a lot from studying its output. Ben Voytek wrote: I'm trying to setup/config BIBD on RH73 ( 'rh73 dns server' ) in below mssg, I'm talking about 3 dns hosts: 'rh73 dns server' - the one I'm trying to setup; 'test dns server' - what I'm using to test; 'old dns server' - my current dns server BIND is running on 'rh73 dns server', but, I can not get any zones transferred to my 'test dns server' when I try to get zones from the 'rh73 dns server', my 'test dns server' says: 'connection refused' (but, does transfer from 'old dns' OK) I suspect I might be blocking BIND with my IPCHAINS firewall rules. do I need an explict rule in ipchains for bind, or does bind has some 'automatic' right..? am I looking in the right place..? I have: /etc/sysconfig/ipchains (this is the file to look at, yes ?) # Firewall configuration written by lokkit # Manual customization of this file is not recommended. # Note: ifup-post will punch the current nameservers through the # firewall; such entries will *not* be listed here. :input ACCEPT :forward ACCEPT :output ACCEPT -A input -s 0/0 -d 0/0 ntp -p udp -j ACCEPT -A input -s 0/0 -d 0/0 443 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 110 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 21 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT #-A input -s 0/0 -d 0/0 23 -p tcp -y -j ACCEPT -A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth0 -j ACCEPT -A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth1 -j ACCEPT -A input -s 0/0 -d 0/0 -i lo -j ACCEPT -A input -p tcp -s 0/0 -d 0/0 0:1023 -y -j REJECT -A input -p tcp -s 0/0 -d 0/0 2049 -y -j REJECT -A input -p udp -s 0/0 -d 0/0 0:1023 -j REJECT -A input -p udp -s 0/0 -d 0/0 2049 -j REJECT -A input -p tcp -s 0/0 -d 0/0 6000:6009 -y -j REJECT -A input -p tcp -s 0/0 -d 0/0 7100 -y -j REJECT # service ipchains status returns this: Chain input (policy ACCEPT): target prot opt sourcedestination ports ACCEPT udp -- 203.28.234.5 0.0.0.0/0 53 -> 1025: 65535 ACCEPT udp -- 203.28.234.4 0.0.0.0/0 53 -> 1025: 65535 ACCEPT udp -- 127.0.0.10.0.0.0/0 53 -> 1025: 65535 ACCEPT udp -- 0.0.0.0/00.0.0.0/0 * -> 123 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 443 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 110 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 25 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 80 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 21 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 22 ACCEPT udp -- 0.0.0.0/00.0.0.0/0 67:68 -> 67 :68 ACCEPT udp -- 0.0.0.0/00.0.0.0/0 67:68 -> 67 :68 ACCEPT all -- 0.0.0.0/00.0.0.0/0 n/a REJECT tcp -y 0.0.0.0/00.0.0.0/0 * -> 0:1023 : REJECT tcp -y 0.0.0.0/00.0.0.0/0 * -> 2049 REJECT udp -- 0.0.0.0/00.0.0.0/0 * -> 0:1023 REJECT udp -- 0.0.0.0/00.0.0.0/0 * -> 2049 REJECT tcp -y 0.0.0.0/00.0.0.0/0 * -> 6000:6 009 REJECT tcp -y 0.0.0.0/00.0.0.0/0 * -> 7100 Chain forward (policy ACCEPT): Chain output (policy ACCEPT): what creates the 'port 53' entries at the top ? (resolver ?) do I need anything in ipchains to allow port 53 connection ? looking at syslog on 'rh73 dns server', it's timing out trying to reach the master dns server: net.au/IN: refresh: failure trying master 203.42.34.53#53: timed out l.com.au/IN: refresh: failure trying master 203.42.34.53#53: timed out nfo/IN: refresh: failure trying master 203.42.34.53#53: timed out nfo/IN: refresh: retry limit for master 203.42.34.53#53 exceeded ch.com.au/IN: refresh: failure trying master 203.42.34.53#53: timed out ch.com.au/IN: refresh: retry limit for master 203.42.34.53#53 exceeded so, do I need to add something like: -A input -s 0/0 -d 0/0 53 -p tcp -y -j ACCEPT in /etc/sysconfig/ipchains ?? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
Hi Voytek, you also might want to consider... www.simonzone.com he has a neat GPL firewall called Guarddog that is very easy to configure (GUI based). Just point and click to configure and you can output the rules it creates. I've learnt a lot from studying its output. Ben Voytek wrote: I'm trying to setup/config BIBD on RH73 ( 'rh73 dns server' ) in below mssg, I'm talking about 3 dns hosts: 'rh73 dns server' - the one I'm trying to setup; 'test dns server' - what I'm using to test; 'old dns server' - my current dns server BIND is running on 'rh73 dns server', but, I can not get any zones transferred to my 'test dns server' when I try to get zones from the 'rh73 dns server', my 'test dns server' says: 'connection refused' (but, does transfer from 'old dns' OK) I suspect I might be blocking BIND with my IPCHAINS firewall rules. do I need an explict rule in ipchains for bind, or does bind has some 'automatic' right..? am I looking in the right place..? I have: /etc/sysconfig/ipchains (this is the file to look at, yes ?) # Firewall configuration written by lokkit # Manual customization of this file is not recommended. # Note: ifup-post will punch the current nameservers through the # firewall; such entries will *not* be listed here. :input ACCEPT :forward ACCEPT :output ACCEPT -A input -s 0/0 -d 0/0 ntp -p udp -j ACCEPT -A input -s 0/0 -d 0/0 443 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 110 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 21 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT #-A input -s 0/0 -d 0/0 23 -p tcp -y -j ACCEPT -A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth0 -j ACCEPT -A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth1 -j ACCEPT -A input -s 0/0 -d 0/0 -i lo -j ACCEPT -A input -p tcp -s 0/0 -d 0/0 0:1023 -y -j REJECT -A input -p tcp -s 0/0 -d 0/0 2049 -y -j REJECT -A input -p udp -s 0/0 -d 0/0 0:1023 -j REJECT -A input -p udp -s 0/0 -d 0/0 2049 -j REJECT -A input -p tcp -s 0/0 -d 0/0 6000:6009 -y -j REJECT -A input -p tcp -s 0/0 -d 0/0 7100 -y -j REJECT # service ipchains status returns this: Chain input (policy ACCEPT): target prot opt sourcedestination ports ACCEPT udp -- 203.28.234.5 0.0.0.0/0 53 -> 1025: 65535 ACCEPT udp -- 203.28.234.4 0.0.0.0/0 53 -> 1025: 65535 ACCEPT udp -- 127.0.0.10.0.0.0/0 53 -> 1025: 65535 ACCEPT udp -- 0.0.0.0/00.0.0.0/0 * -> 123 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 443 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 110 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 25 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 80 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 21 ACCEPT tcp -y 0.0.0.0/00.0.0.0/0 * -> 22 ACCEPT udp -- 0.0.0.0/00.0.0.0/0 67:68 -> 67 :68 ACCEPT udp -- 0.0.0.0/00.0.0.0/0 67:68 -> 67 :68 ACCEPT all -- 0.0.0.0/00.0.0.0/0 n/a REJECT tcp -y 0.0.0.0/00.0.0.0/0 * -> 0:1023 : REJECT tcp -y 0.0.0.0/00.0.0.0/0 * -> 2049 REJECT udp -- 0.0.0.0/00.0.0.0/0 * -> 0:1023 REJECT udp -- 0.0.0.0/00.0.0.0/0 * -> 2049 REJECT tcp -y 0.0.0.0/00.0.0.0/0 * -> 6000:6 009 REJECT tcp -y 0.0.0.0/00.0.0.0/0 * -> 7100 Chain forward (policy ACCEPT): Chain output (policy ACCEPT): what creates the 'port 53' entries at the top ? (resolver ?) do I need anything in ipchains to allow port 53 connection ? looking at syslog on 'rh73 dns server', it's timing out trying to reach the master dns server: net.au/IN: refresh: failure trying master 203.42.34.53#53: timed out l.com.au/IN: refresh: failure trying master 203.42.34.53#53: timed out nfo/IN: refresh: failure trying master 203.42.34.53#53: timed out nfo/IN: refresh: retry limit for master 203.42.34.53#53 exceeded ch.com.au/IN: refresh: failure trying master 203.42.34.53#53: timed out ch.com.au/IN: refresh: retry limit for master 203.42.34.53#53 exceeded so, do I need to add something like: -A input -s 0/0 -d 0/0 53 -p tcp -y -j ACCEPT in /etc/sysconfig/ipchains ?? -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
> On Mon, Oct 11, 2004 at 12:58:33PM +1000, Voytek wrote: >> >> > Why not explicitly ACCEPT port 53 ? > oops, yes, I'm already accepting it earlier, so no need for this, thanks -- Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] am I blocking BIND with IPCHAINS ?
> On Mon, Oct 11, 2004 at 12:49:07PM +1000, Voytek wrote: >> >> >> > On Mon, Oct 11, 2004 at 12:11:14PM +1000, Voytek wrote: >> thanls, Alex >> >> I thought DNS only needed udp.. >> >> I guess with a '-y' option ? > presuming you are using conntrack and the RELATED,ESTABLISHED at the top > of the chain Alex, not sure what that means.. all my 'tcp' lines have that option, so, I guess it needs it ? /etc/sysconfig/ipchains :input ACCEPT :forward ACCEPT :output ACCEPT # entered port 53 udp 11/10/2004 -A input -s 0/0 -d 0/0 53 -p udp -j ACCEPT -A input -s 0/0 -d 0/0 53 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 443 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 110 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 21 -p tcp -y -j ACCEPT -A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT #-A input -s 0/0 -d 0/0 23 -p tcp -y -j ACCEPT -A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth0 -j ACCEPT -A input -s 0/0 67:68 -d 0/0 67:68 -p udp -i eth1 -j ACCEPT Voytek -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
Re: [SLUG] Mixing Desk Automation
On Mon, 11 Oct 2004 16:48:49 +1000 "Kevin Fitzgerald" <[EMAIL PROTECTED]> wrote: > Hi all > > Bit of a Left field question for you. I have amate who is an audio > engineer and an analogue purist. He wants automation for his sound desk > (Mimics the actions he makes with the faders etc) Anyway. OK so far. > His desk has the capability What format does the desk send an receive? Its usually MIDI. > and he can stripe the tape with SMPTE but needs some > way of recording the movements and playing them back. Well SMTPE is only the time base, you can't encode the automation that way. > There is a commercial software package called Disk Mix by otari that > can do it but it is a $4000 price tag. Does anyone out there know of a > linux alternative?? Well assuming that the desk uses MIDI automation, it is theoretically possible, but probably a bit of fiddling around. Erik -- +---+ Erik de Castro Lopo [EMAIL PROTECTED] (Yes it's valid) +---+ "The growing and dangerous intrusion of this new technology, threatens an entire industry's economic vitality and future security." -- Jack Valenti (MPAA president) on the video cassette recorder, 1982. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
