[01:19] <Psi-Jack> Hey, anyone here use mydns? :)
[01:26] <maswan> I'm a bind&sendmail guy. :)
[01:53] <Psi-Jack> maswan: Yeouch. ;)
[02:47] <Psi-Jack> Hey, anyone know how to setup IP Aliases in the /etc/network/interfaces?
[02:47] <infinity> By "IP aliases", I assume you mean virtual adapters?
[02:48] <Psi-Jack> I mean, just that. IP aliases. Several aliases bound to a single interface, for example, eth0, eth0:1, eth0:2, etc.
[02:48] <infinity> eg: "iface eth0:1 inet static\n address 123.123.123.123" etc?
[02:48] <Psi-Jack> Hmm, would that actually.. Work? hmm
[02:48] <infinity> It's the same as setting up any other interface, yes.
[02:48] <infinity> The only caveat is that eth0:1 can't go up before eth0 (so you could have a "pre-up" for eth0:1 that says "pre-up ifconfig eth0 up")
[02:49] <infinity> Or just make sure they're in the right order in the file, and all set to "auto" :)
[02:49] <Psi-Jack> heh. Hmmm.. auto?
[02:50] <maswan> infinity: that's the way we do it at work (no aliasing at home currently) :)
[02:51] <Psi-Jack> Hmmm.
[02:51] <infinity> Example:
[02:51] <infinity> auto eth0
[02:51] <infinity> auto eth0:1
[02:51] <infinity> iface eth0 inet static
[02:51] <infinity>   address 10.0.0.2
[02:51] <infinity>   network 10.0.0.0
[02:51] <infinity>   netmask 255.255.255.240
[02:51] <Psi-Jack> I have mapping hotplig, script grep, map eth0, which started eth0, eventually during the hotplug.
[02:51] <infinity>   network 10.0.0.15
[02:51] <infinity>   gateway 10.0.0.1
[02:51] <infinity> iface eth0:1 inet static
[02:51] <infinity>   address 10.0.0.3
[02:51] <Psi-Jack> hotplug even.
[02:51] <infinity>   network 10.0.0.0
[02:51] <infinity>   netmask 255.255.255.240
[02:52] <infinity>   network 10.0.0.15
[02:52] <infinity> That should work smashingly.
[02:52] <infinity> Oh, get rid of the hotplug stuff on your server... (It's going away in dapper anyway, for all installations)
[02:52] <Psi-Jack> Oh, great..
[02:52] <infinity> udev will magically handly hotpluggish suff without the crazy mapping scripts in dapper.
[02:52] <infinity> Thankfully.
[02:53] <Psi-Jack> It better be very "compatible" with otherwise, else every dumb-founded ubuntu person will be screaming. ;)
[02:54] <infinity> dapper's default interfaces file is much easier for people to understand (no one really understood the hotplug mapping stuff)
[02:54] <infinity> And the breezy->dapper upgrade SHOULD fix old interfaces files to remove the unnecessary gunk.
[02:54] <infinity> This upgrade path needs to be tested, re-tested, and tested some more, mind you. :)
[02:54] <Psi-Jack> There should be no should in that statement. ;)
[02:55] <infinity> The should will become a "does" or "will" before release, trust me. :)
[02:55] <Psi-Jack> hehe
[02:56] <Psi-Jack> I love people in #ubuntu sometimes. I get more help /here/ than I ever will in #ubuntu, 19:20 times.
[02:56] <Psi-Jack> Course, then again, most of my questions are usually topics the average "user" doesn't use. ;)
[02:58] <Psi-Jack> Hmm. now to see if maradns can bind to multiple IP's, specifically set.
[03:01] <Psi-Jack> Well, it certainly didn't like that. heh
[03:10] <Psi-Jack> Not bad.. Not bad at all.. Roughly about 2.7mb, IF even that much, used by mydns. :)
[03:11] <Psi-Jack> Oh sheesh.. Not even 1mb. Roughly ONLY about 400kB.
[03:15] <Psi-Jack> heh. I'm wondering though, why maradns, being my caching dns, uses up around 8mb.
[03:30] <Psi-Jack> Heh heh
[03:31] <Psi-Jack> Yeah, I found that out about the D C C S E N D exploit. For some reason SPI is vulnerable to it.
[11:21] <pesco> Hi all. I'm going to set up a new server in about two weeks. Should I try Ubuntu server instead of trusty Debian, and if so, why?
[11:29] <spike> pesco: because trusty debian is trusty debian and not trusty debian-server, and you're building a server, not a generic linux box. because you cannot afford to run old software, neither to run unstable stuff from sid. because you have no time to spend on default customization you want on a server, like kernel patching. because u're running on some hw certificated by ubuntu and both customers and boss will be happy to see it as such
[11:30] <spike> because you're using some scsi controller for which dedicated management software exists but isnt packaged
[11:32] <spike> pesco: because if you're gonna need something server related you have more chances to see it implemented into ubuntu-server than generic debian
[11:33] <spike> pesco: and because you get all this based on your trusty debian
[12:26] <pesco> spike: Thanks. I suppose going right with Dapper will be fine in my timeframe?
[12:30] <spike> pesco: I do not think so, then it really depends what's that machine for and what you define "fine", but I wouldnt advise it. better going with breezy and update to dapper later, even if with breezy you're not gonna get all the cool stuff
[12:31] <spike> pesco: dapper will be released in april,so in 2 weeks wont be stable yet. it will probably run fine and be stable, but you're taking responsibilities for that
[11:50] <Psi-Jack> Anyone know of a web-based firewall/NAT/PAT manager, at all? ;)
[11:56] <bpuccio> monowall provides one, but its a complete distribution, not a web interface that you can install an on ubuntu machine
[11:56] <spike> Psi-Jack: think ebox is getting one. otherway ipcop/smoothwall got one too you could rip off
[11:56] <spike> m0n0wall as well, yeah
[11:56] <Psi-Jack> Hmmm.
[11:57] <spike> the other frontend I know of is GUI, firestarter
[11:57] <spike> Psi-Jack: are you sure you need something webbased?
[11:57] <Psi-Jack> Well, the reason I asked for web-based, is I will be using it on a remote monitorless box. Within my LAN.
[11:57] <spike> wouldnt something like shorewall do the job?
[11:57] <spike> ssh to it?
[11:57] <spike> I cant think of anything bettern than shorewall for fw management
[11:57] <Psi-Jack> Shorewall. What's that?
[11:58] <spike> it's rock solid, can take care of everything, from vpn to tc
[11:58] <spike> a cli frontend to iptables
[11:58] <Psi-Jack> Hmmm. I ntoiced, there's a shorewall webmin module.
[11:59] <spike> no idea, vim is all I need with such good confs
[11:59] <Psi-Jack> hehe.
[11:59] <spike> you can define zones, policies and whatever, like u'd do on a netscreen
[11:59] <spike> much better than cisco like style imho
[11:59] <Psi-Jack> Cool. :)
[11:59] <Psi-Jack> I'll have to check it out, then.. ;)
[12:00] <spike> I would :)
[12:00] <Psi-Jack> Heh, webmin-shorewall removes webmin-firewall. Oh well. Still gonna check it out.