/srv/irclogs.ubuntu.com/2006/10/24/#ubuntu-server.txt

=== nictuku [n=yves@ubuntu/member/nictuku] has joined #ubuntu-server
=== ToonArmy [n=chris@Lafrowda-10.ex.ac.uk] has joined #ubuntu-server
tmh__it shouldn't require z-window-system-core. funny.02:10
tmh__if you're sure the package you installed requires X and it didn't install the required deps, that's a bug.02:11
=== jsgotangco [n=jsg123@ubuntu/member/jsgotangco] has joined #ubuntu-server
=== mgalvin [n=mgalvin@cpe-74-67-44-20.nycap.res.rr.com] has joined #ubuntu-server
=== Hilmar [i=Hilmar@c85-196-76-250.static.sdsl.no] has joined #ubuntu-server
HilmarAnyone here who can help me with some iptables, i have tried on my own for 4 hours now with the online docs, but I cant get it to work06:38
HilmarHave tried everything and starting to get frustrated :(06:38
fabbioneHilmar: it really depends what you need to do06:39
fabbionethis is generally not an help channel06:39
HilmarI know, I was just sent here from the ubuntu channel, since you guys maybe knows more about servers06:40
HilmarIts a single server which is going to work as a gateway for a small network06:40
fabbioneiptables are not -server specific but whatever ;)06:40
fabbioneok ask your question.. what can't you do?06:40
HilmarSorry, Im just desperate for help now06:40
HilmarOk, let me paste the rules I have applied06:40
Hilmarsudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE06:41
Hilmarsudo iptables -A FORWARD -s 192.168.0.0/16 -o ppp0 -j ACCEPT06:41
Hilmarsudo iptables -A FORWARD -d 192.168.0.0/16 -m state --state ESTABLISHED,RELATED -i ppp0 -j ACCEPT06:41
fabbioneMEH06:41
HilmarI switched out 192.168.0.0 with 10.0.23.0, and ppp0 with eth1, which is the card which is connected to the modem06:41
HilmarSo they should adjust to my system06:42
fabbionehalt.. one second that i need to look at my rules too06:42
fabbionethat will never work...06:43
fabbioneclear up the tables06:43
Hilmariptables --clear ?06:43
fabbioneiptables -t filter -F INPUT06:43
fabbioneiptables -t filter -F FORWARD06:43
fabbioneiptables -t filter -F OUTPUT06:43
fabbioneiptables -t nat -F PREROUTING06:43
fabbioneiptables -t nat -F POSTROUTING06:43
fabbionethis will CLEAR EVERYTHING06:44
fabbioneiptables -t filter -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED06:44
Hilmar--flush should do it also06:44
fabbionethat's for the state thingy06:44
HilmarWhat does that mean?06:45
fabbioneactually.. you can skip that06:45
fabbioneok did you clear the tables?06:45
HilmarI did a flush, which should clear everything06:45
fabbioneok06:45
HilmarAnyway, I take notes of what you write anyway06:45
fabbionefirst of all.. cat /proc/sys/net/ipv4/ip_forward06:45
Hilmarso I can do a reboot in worst case06:45
fabbionenah.. no need to reboot06:46
Hilmarnothing there06:46
Hilmarin ip_forward06:46
fabbionecan you give me the output?06:46
fabbioneit's either 0 or 106:46
Hilmar006:46
fabbioneok that's the first problem06:46
fabbioneecho 1 > /proc/sys/net/ipv4/ip_forward06:46
fabbioneyou need to enable IP forwarding06:46
Hilmarpermission denied06:47
fabbionesudo..06:47
fabbioneyou need to be root06:47
HilmarI did06:47
fabbioneit's impossible that gives you permission denied06:48
fabbioneuname -a ?06:48
Hilmar2.6.15-26-adml64-server #1 smp Date, UTC 2006 x86_6406:49
Hilmaramd64*06:50
fabbioneit's an old kernel... and it works here...06:50
fabbionei know for a fact that the above operation works06:50
HilmarI downloaded the last image today06:50
Hilmarinstalled it and followed the docs to set it up06:51
fabbioneit's not the last image.. -27- is06:51
HilmarI cant understand how I could do anything wrong, there wasnt much options during the install either06:51
fabbionei am just saying that if you cannot do echo 1 >... it will never work06:52
HilmarWell, I downloaded it yesterday, so maybe the mirror wasnt updated06:52
fabbionethat image is at least a few weeks old.. check your mirror or change it06:52
Hilmarerr06:52
Hilmarwhen I opend it in pico06:52
Hilmarit worked06:52
Hilmarbut not with echo06:53
HilmarI swear06:53
fabbioneok i don't really care either way06:53
HilmarWell, it set to 1 now06:53
fabbionenow add only the MASQUERADE entry in your rules06:53
fabbioneand only that one06:53
Hilmarsudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE 06:53
Hilmarthis ?06:53
fabbioneif your outgoing interface is ppp0 yes06:54
fabbioneotherwise change it06:54
Hilmaroffcourse06:54
fabbioneok.. now take a machine on the 192.168.0.0/16 network and try to connect to the internet06:54
fabbione(I assume that the server already is connected and working)06:54
Hilmardone, I need to reconnect the modem to the server again, I had to connect it to a workstation to be able to get on irc06:55
fabbionewell now you need to check that it's working06:55
HilmarSo the other rules is not needed?06:55
Hilmarbut do you know why the ip_forward wasnt enabled?06:56
=== greenman [n=michael@12-216-242-213.client.mchsi.com] has joined #ubuntu-server
greenmanhello06:56
fabbionethe other rules should not be required06:56
greenmanI have an installation question06:56
HilmarHi06:56
fabbioneHilmar: ip forwarding is disabled by default06:56
fabbionegreenman: -> #ubuntu06:56
greenmanthere are two options install to the hard disk and install a lamp server06:57
greenmando i do both or one first then the other06:57
Hilmarhmm, ok. thanx a lot fabbione06:57
HilmarWill try it out now06:57
greenmani'm think install to hard disk then install lamp06:57
fabbioneHilmar: no problem06:57
fabbionegreenman: it's the same..06:57
fabbionelamp will just install lamp without you having to do anything later06:57
fabbionemakes no different06:57
fabbionedifference06:57
fabbioneanyway these are FAQ06:57
fabbioneso please ask in #ubuntu06:58
greenmanfabbione: so doing install lamp, installs ubuntu and lamp, while install to hard disk would just be ubuntu?06:58
greenmanfabbione: they sent me here.  sorry for the bother.06:58
=== Hilmar [n=jalla@c85-196-76-250.static.sdsl.no] has joined #ubuntu-server
fabbionegreenman: if you install lamp OR install ubuntu+amp will make no difference.. it's the same thing06:59
Hilmarfabbione: *bows down*06:59
fabbionegreenman: you still need to install on an harddisk.. no matter06:59
fabbioneHilmar: does it work?06:59
HilmarAye06:59
fabbioneHilmar: ok06:59
fabbioneHilmar: the other rules are not required..06:59
fabbionenot in your specific case at least07:00
greenmani guess i'll try the lamp thingie first, it should tell me if I've screwed up.  seems kinda redundant07:00
HilmarDoes it hurt to applie them, or what effect do they have07:00
fabbioneHilmar: it doesn't really hurt but they are useless because FORWARD policy is set to ACCEPT by default07:00
fabbioneyou will just add an extra filter for an ip packet to go trough to obtain the same result07:01
Hilmarfabbione: One more question, how can I add those rules each time it starts up, cause now I have to add them each time07:01
=== greenman [n=michael@12-216-242-213.client.mchsi.com] has left #ubuntu-server []
fabbionealso note that you are NATTING a private network (192.168.0.0/16) that is not routed over internet07:01
fabbionethere is no way to get a connection from outside07:01
HilmarI know, I need to forward ports then, right?07:02
fabbioneHilmar: man interfaces and look in /etc/network/07:02
HilmarOk07:02
fabbionethere are all kind of facilities for what you want07:02
fabbionefrom now.. your best friend is google :)07:02
HilmarYou couldnt just paste me the line I need to add to /etc/network/interfaces ?:P, its realy late and tired and want to get this done :)07:05
HilmarFor the masqurade rule07:05
fabbioneHilmar: don't be lazy07:05
fabbioneand you are from norway.. that means it's 7:05 am there07:06
fabbionecan't be late.. you might say it's early07:06
HilmarWell, I have been up all night :P07:06
HilmarBut nm, I figure it out, you have been a great help anyway07:07
=== jsgotangco [n=jsg123@ubuntu/member/jsgotangco] has joined #ubuntu-server
=== jsgotangco_ [n=jsg123@125.212.8.56] has joined #ubuntu-server
=== ToonArmy [n=chris@Lafrowda-4.ex.ac.uk] has joined #ubuntu-server
=== thefish [n=thefish@unaffiliated/thefish] has joined #ubuntu-server
=== ToonArmy [n=chris@Lafrowda-16.ex.ac.uk] has joined #ubuntu-server
=== spike [n=spike@unaffiliated/spike] has joined #ubuntu-server
=== pschulz01_ [n=paul@eth14611.sa.adsl.internode.on.net] has joined #ubuntu-server
=== ToonArmy [n=chris@Lafrowda-18.ex.ac.uk] has joined #ubuntu-server
=== Pazzo [n=thomas@dialin-225136.rol.raiffeisen.net] has joined #ubuntu-server
=== thefish [n=thefish@unaffiliated/thefish] has joined #ubuntu-server
=== thefish [n=thefish@unaffiliated/thefish] has joined #ubuntu-server
=== truz_`24 [n=truz_`24@74.129.166.232] has joined #ubuntu-server
=== MagicFab [n=fabian@modemcable035.165-57-74.mc.videotron.ca] has joined #ubuntu-server
=== gregbuntu [n=renegarg@net35.arts.umanitoba.ca] has joined #ubuntu-server
MagicFabis there any marketing material for ubuntu server ? like past presentations / figures of TCO, security etc. ? Searched the wiki without much luck04:43
=== lbm [n=lbm@82.192.173.92] has joined #ubuntu-server
=== cmazzetti|out [n=chatzill@151.55.92.102] has joined #ubuntu-server
=== ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server
=== ivoks_ [n=ivoks@vipnet175-164.mobile.CARNet.hr] has joined #ubuntu-server
=== lbm [n=lbm@82.192.173.92] has joined #ubuntu-server
=== n3storm [n=nest0rm@87.218.255.102] has joined #ubuntu-server
n3stormhi05:32
n3stormI have setup an ubuntu server05:32
n3stormwhen a ssh user logs in the system05:34
n3stormtheir home directory is not writable05:35
n3stormCould not chdir to home directory /home/josu: Permission denied05:35
n3stormI checked quotas05:35
n3stormbut they are ok05:36
n3stormI created new users in new groups05:36
n3stormand nothing05:36
n3stormthe last thing I have done is have a look at fstab05:36
n3stormthe /home partition is /dev/sdb1       /home           ext3    defaults,usrquota,grpquota        0       205:37
n3stormany idea so far?05:37
n3stormreally sorry guys and girls05:40
n3stormI didn't read the topic05:40
n3stormbyes05:40
n3storm:D05:40
=== n3storm [n=nest0rm@87.218.255.102] has left #ubuntu-server ["Konversation]
=== [NB] Mahem [n=asdf@90-228-225-95-no126.tbcn.telia.com] has left #ubuntu-server []
=== ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server
=== hawk_ [n=hawk@1-1-4-25a.lio.sth.bostream.se] has joined #ubuntu-server
=== DJ_Mirage [n=martijn@biggetje.xs4all.nl] has joined #ubuntu-server
=== DJ_Mirage [n=martijn@biggetje.xs4all.nl] has joined #ubuntu-server
=== daq4th [n=darkness@netstation-005.cafe.zSeries.org] has joined #ubuntu-server
=== MagicFab [n=fabian@modemcable035.165-57-74.mc.videotron.ca] has joined #ubuntu-server
=== yogurtthewise [n=yogurt@bb-87-81-167-77.ukonline.co.uk] has joined #ubuntu-server
=== ivoks [n=ivoks@2-199.dsl.iskon.hr] has joined #ubuntu-server
=== stubblechin [n=fizz@c-68-52-163-167.hsd1.tn.comcast.net] has joined #ubuntu-server
stubblechinany chance of getting nginx added as an ubuntu server package? debian has it and it beats the pants off lighttpd10:53
stubblechinalso, where's the best place to make this sort of request?10:55
ajmitchif debian has it, then it'll likely get imported automatically to universe for feisty10:59
=== stubblechin [n=fizz@c-68-52-163-167.hsd1.tn.comcast.net] has joined #ubuntu-server
tmh__stubblechin: https://wiki.ubuntu.com/MOTU/Packages/Candidates11:32
ajmitchtmh__: hardly needed if it's already in debian11:34
tmh__I guess you're right.11:35
tmh__so what's the deal with apache 2.2?11:36
ajmitchit's been in debian unstable for about 3 weeks11:37
ajmitchso feisty will most likely get it11:37

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!