=== nictuku [n=yves@ubuntu/member/nictuku] has joined #ubuntu-server === ToonArmy [n=chris@Lafrowda-10.ex.ac.uk] has joined #ubuntu-server [02:10] it shouldn't require z-window-system-core. funny. [02:11] if you're sure the package you installed requires X and it didn't install the required deps, that's a bug. === jsgotangco [n=jsg123@ubuntu/member/jsgotangco] has joined #ubuntu-server === mgalvin [n=mgalvin@cpe-74-67-44-20.nycap.res.rr.com] has joined #ubuntu-server === Hilmar [i=Hilmar@c85-196-76-250.static.sdsl.no] has joined #ubuntu-server [06:38] Anyone here who can help me with some iptables, i have tried on my own for 4 hours now with the online docs, but I cant get it to work [06:38] Have tried everything and starting to get frustrated :( [06:39] Hilmar: it really depends what you need to do [06:39] this is generally not an help channel [06:40] I know, I was just sent here from the ubuntu channel, since you guys maybe knows more about servers [06:40] Its a single server which is going to work as a gateway for a small network [06:40] iptables are not -server specific but whatever ;) [06:40] ok ask your question.. what can't you do? [06:40] Sorry, Im just desperate for help now [06:40] Ok, let me paste the rules I have applied [06:41] sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE [06:41] sudo iptables -A FORWARD -s 192.168.0.0/16 -o ppp0 -j ACCEPT [06:41] sudo iptables -A FORWARD -d 192.168.0.0/16 -m state --state ESTABLISHED,RELATED -i ppp0 -j ACCEPT [06:41] MEH [06:41] I switched out 192.168.0.0 with 10.0.23.0, and ppp0 with eth1, which is the card which is connected to the modem [06:42] So they should adjust to my system [06:42] halt.. one second that i need to look at my rules too [06:43] that will never work... [06:43] clear up the tables [06:43] iptables --clear ? [06:43] iptables -t filter -F INPUT [06:43] iptables -t filter -F FORWARD [06:43] iptables -t filter -F OUTPUT [06:43] iptables -t nat -F PREROUTING [06:43] iptables -t nat -F POSTROUTING [06:44] this will CLEAR EVERYTHING [06:44] iptables -t filter -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED [06:44] --flush should do it also [06:44] that's for the state thingy [06:45] What does that mean? [06:45] actually.. you can skip that [06:45] ok did you clear the tables? [06:45] I did a flush, which should clear everything [06:45] ok [06:45] Anyway, I take notes of what you write anyway [06:45] first of all.. cat /proc/sys/net/ipv4/ip_forward [06:45] so I can do a reboot in worst case [06:46] nah.. no need to reboot [06:46] nothing there [06:46] in ip_forward [06:46] can you give me the output? [06:46] it's either 0 or 1 [06:46] 0 [06:46] ok that's the first problem [06:46] echo 1 > /proc/sys/net/ipv4/ip_forward [06:46] you need to enable IP forwarding [06:47] permission denied [06:47] sudo.. [06:47] you need to be root [06:47] I did [06:48] it's impossible that gives you permission denied [06:48] uname -a ? [06:49] 2.6.15-26-adml64-server #1 smp Date, UTC 2006 x86_64 [06:50] amd64* [06:50] it's an old kernel... and it works here... [06:50] i know for a fact that the above operation works [06:50] I downloaded the last image today [06:51] installed it and followed the docs to set it up [06:51] it's not the last image.. -27- is [06:51] I cant understand how I could do anything wrong, there wasnt much options during the install either [06:52] i am just saying that if you cannot do echo 1 >... it will never work [06:52] Well, I downloaded it yesterday, so maybe the mirror wasnt updated [06:52] that image is at least a few weeks old.. check your mirror or change it [06:52] err [06:52] when I opend it in pico [06:52] it worked [06:53] but not with echo [06:53] I swear [06:53] ok i don't really care either way [06:53] Well, it set to 1 now [06:53] now add only the MASQUERADE entry in your rules [06:53] and only that one [06:53] sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE [06:53] this ? [06:54] if your outgoing interface is ppp0 yes [06:54] otherwise change it [06:54] offcourse [06:54] ok.. now take a machine on the 192.168.0.0/16 network and try to connect to the internet [06:54] (I assume that the server already is connected and working) [06:55] done, I need to reconnect the modem to the server again, I had to connect it to a workstation to be able to get on irc [06:55] well now you need to check that it's working [06:55] So the other rules is not needed? [06:56] but do you know why the ip_forward wasnt enabled? === greenman [n=michael@12-216-242-213.client.mchsi.com] has joined #ubuntu-server [06:56] hello [06:56] the other rules should not be required [06:56] I have an installation question [06:56] Hi [06:56] Hilmar: ip forwarding is disabled by default [06:56] greenman: -> #ubuntu [06:57] there are two options install to the hard disk and install a lamp server [06:57] do i do both or one first then the other [06:57] hmm, ok. thanx a lot fabbione [06:57] Will try it out now [06:57] i'm think install to hard disk then install lamp [06:57] Hilmar: no problem [06:57] greenman: it's the same.. [06:57] lamp will just install lamp without you having to do anything later [06:57] makes no different [06:57] difference [06:57] anyway these are FAQ [06:58] so please ask in #ubuntu [06:58] fabbione: so doing install lamp, installs ubuntu and lamp, while install to hard disk would just be ubuntu? [06:58] fabbione: they sent me here. sorry for the bother. === Hilmar [n=jalla@c85-196-76-250.static.sdsl.no] has joined #ubuntu-server [06:59] greenman: if you install lamp OR install ubuntu+amp will make no difference.. it's the same thing [06:59] fabbione: *bows down* [06:59] greenman: you still need to install on an harddisk.. no matter [06:59] Hilmar: does it work? [06:59] Aye [06:59] Hilmar: ok [06:59] Hilmar: the other rules are not required.. [07:00] not in your specific case at least [07:00] i guess i'll try the lamp thingie first, it should tell me if I've screwed up. seems kinda redundant [07:00] Does it hurt to applie them, or what effect do they have [07:00] Hilmar: it doesn't really hurt but they are useless because FORWARD policy is set to ACCEPT by default [07:01] you will just add an extra filter for an ip packet to go trough to obtain the same result [07:01] fabbione: One more question, how can I add those rules each time it starts up, cause now I have to add them each time === greenman [n=michael@12-216-242-213.client.mchsi.com] has left #ubuntu-server [] [07:01] also note that you are NATTING a private network (192.168.0.0/16) that is not routed over internet [07:01] there is no way to get a connection from outside [07:02] I know, I need to forward ports then, right? [07:02] Hilmar: man interfaces and look in /etc/network/ [07:02] Ok [07:02] there are all kind of facilities for what you want [07:02] from now.. your best friend is google :) [07:05] You couldnt just paste me the line I need to add to /etc/network/interfaces ?:P, its realy late and tired and want to get this done :) [07:05] For the masqurade rule [07:05] Hilmar: don't be lazy [07:06] and you are from norway.. that means it's 7:05 am there [07:06] can't be late.. you might say it's early [07:06] Well, I have been up all night :P [07:07] But nm, I figure it out, you have been a great help anyway === jsgotangco [n=jsg123@ubuntu/member/jsgotangco] has joined #ubuntu-server === jsgotangco_ [n=jsg123@125.212.8.56] has joined #ubuntu-server === ToonArmy [n=chris@Lafrowda-4.ex.ac.uk] has joined #ubuntu-server === thefish [n=thefish@unaffiliated/thefish] has joined #ubuntu-server === ToonArmy [n=chris@Lafrowda-16.ex.ac.uk] has joined #ubuntu-server === spike [n=spike@unaffiliated/spike] has joined #ubuntu-server === pschulz01_ [n=paul@eth14611.sa.adsl.internode.on.net] has joined #ubuntu-server === ToonArmy [n=chris@Lafrowda-18.ex.ac.uk] has joined #ubuntu-server === Pazzo [n=thomas@dialin-225136.rol.raiffeisen.net] has joined #ubuntu-server === thefish [n=thefish@unaffiliated/thefish] has joined #ubuntu-server === thefish [n=thefish@unaffiliated/thefish] has joined #ubuntu-server === truz_`24 [n=truz_`24@74.129.166.232] has joined #ubuntu-server === MagicFab [n=fabian@modemcable035.165-57-74.mc.videotron.ca] has joined #ubuntu-server === gregbuntu [n=renegarg@net35.arts.umanitoba.ca] has joined #ubuntu-server [04:43] is there any marketing material for ubuntu server ? like past presentations / figures of TCO, security etc. ? Searched the wiki without much luck === lbm [n=lbm@82.192.173.92] has joined #ubuntu-server === cmazzetti|out [n=chatzill@151.55.92.102] has joined #ubuntu-server === ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server === ivoks_ [n=ivoks@vipnet175-164.mobile.CARNet.hr] has joined #ubuntu-server === lbm [n=lbm@82.192.173.92] has joined #ubuntu-server === n3storm [n=nest0rm@87.218.255.102] has joined #ubuntu-server [05:32] hi [05:32] I have setup an ubuntu server [05:34] when a ssh user logs in the system [05:35] their home directory is not writable [05:35] Could not chdir to home directory /home/josu: Permission denied [05:35] I checked quotas [05:36] but they are ok [05:36] I created new users in new groups [05:36] and nothing [05:36] the last thing I have done is have a look at fstab [05:37] the /home partition is /dev/sdb1 /home ext3 defaults,usrquota,grpquota 0 2 [05:37] any idea so far? [05:40] really sorry guys and girls [05:40] I didn't read the topic [05:40] byes [05:40] :D === n3storm [n=nest0rm@87.218.255.102] has left #ubuntu-server ["Konversation] === [NB] Mahem [n=asdf@90-228-225-95-no126.tbcn.telia.com] has left #ubuntu-server [] === ivoks [n=ivoks@ubuntu/member/ivoks] has joined #ubuntu-server === hawk_ [n=hawk@1-1-4-25a.lio.sth.bostream.se] has joined #ubuntu-server === DJ_Mirage [n=martijn@biggetje.xs4all.nl] has joined #ubuntu-server === DJ_Mirage [n=martijn@biggetje.xs4all.nl] has joined #ubuntu-server === daq4th [n=darkness@netstation-005.cafe.zSeries.org] has joined #ubuntu-server === MagicFab [n=fabian@modemcable035.165-57-74.mc.videotron.ca] has joined #ubuntu-server === yogurtthewise [n=yogurt@bb-87-81-167-77.ukonline.co.uk] has joined #ubuntu-server === ivoks [n=ivoks@2-199.dsl.iskon.hr] has joined #ubuntu-server === stubblechin [n=fizz@c-68-52-163-167.hsd1.tn.comcast.net] has joined #ubuntu-server [10:53] any chance of getting nginx added as an ubuntu server package? debian has it and it beats the pants off lighttpd [10:55] also, where's the best place to make this sort of request? [10:59] if debian has it, then it'll likely get imported automatically to universe for feisty === stubblechin [n=fizz@c-68-52-163-167.hsd1.tn.comcast.net] has joined #ubuntu-server [11:32] stubblechin: https://wiki.ubuntu.com/MOTU/Packages/Candidates [11:34] tmh__: hardly needed if it's already in debian [11:35] I guess you're right. [11:36] so what's the deal with apache 2.2? [11:37] it's been in debian unstable for about 3 weeks [11:37] so feisty will most likely get it