[01:10] <levander> Is there a page that documents the advantage of running Ubuntu Server over regular Ubuntu?  I mean, can't you just 'sudo apt-get install apache2' yourself?
[01:11] <kgoetz> afaik theres not one per-se
[01:12] <levander> kgoetz: Careful, you'll get banned from the channel.
[01:12] <kgoetz> levander: because?
[01:12] <levander> Your dissing the product, man.  There's got to be some advantage.
[01:13] <dendrobates> there is more to a server distrobution than apache
[01:13] <levander> dendrobates: Is there any page explaining to me what these differences are?
[01:14] <dendrobates> uch smaller.
[01:14] <kgoetz> levander: wtf are you going on about?
[01:14] <dendrobates> there is a different kernel, no gui, and the package list is much smaller
[01:15] <levander> I'm just doing a small DNS server, apache2, a mail server, mysql.  Maybe I'm not the target candidate for Ubuntu Server?
[01:15] <levander> Why do they have a different kernel?
[01:15] <dendrobates> there are different needs for server and desktop.
[01:15] <levander> dendrobates: What kernel do they have?
[01:16] <levander> dendrobates: What are these differences?
[01:16] <dendrobates> different config
[01:16] <levander> ah, yeah
[01:16] <dendrobates> upstream version, but a different congih
[01:16] <levander> I guess I'm just in a weird situation, because this is actually just a small home server, not a production server.
[01:17] <dendrobates> it is fine to use the server packages in ubuntu desktop if you feel more comfortable with that
[01:18] <levander> dendrobates: I'm just trying to decide what's better for me.  I'd be comfortable with either.
[01:18] <dendrobates> is it on server hardware?
[01:19] <levander> No, it's just an old AMD 1800+ that I want to run the above listed server software on.
[01:19] <levander> On thing I'm wondering is how much trouble it's gonig to cause my booting this machine without a monitor attached.
[01:19] <dendrobates> ubuntu server has a smaller memory footprint and installs much less cruft.
[01:20] <dendrobates> basically why would you install/run the desktop apps if you do not need them.
[01:20] <levander> I got a GB of RAM and 40 GB of hard disk, but I guess it using less RAM could come in handy.
[01:21] <levander> dendrobates: Yeah, it's not the idea that I'll run desktop apps on it.  But, I guess if the box goes down with serious problem, it would be nice to attach a monitor to it.
[01:21] <dendrobates> you can still use a monitor, just no x.
[01:21] <levander> I see on ubuntu.com that they've got an integrated LAMP install.  But, I'm not using PHP, which I understand is the bitch in that config.
[01:22] <dendrobates> you don't have to install the lamp stack.  You can apt-get apache
[01:22] <levander> Yeah, I was just saying that looks like a big advantage of Ubuntu Server, if you're using PHP that is.
[01:23] <dendrobates> you can always install server and do an apt-get install ubuntu-desktop if you change your mind.
[02:31] <jetole> hey guys, does anyone know where I can find a listing of say all apnic ip address ranges or all ripe... well more specifically apnix
[02:31] <jetole> *apnic
[02:32] <kgoetz> you'd have to check their website probably
[02:32] <jetole> yeah... do you know where, I assume it is a common place since the host tool on everyones computer queries the proper RIR
[02:33] <jetole> whois tool does as well
[02:34] <kgoetz> whois.apnic.net ?
[02:35] <jetole> right, I am actually looking for a list of all apnic IP
[02:35] <jetole> whois 85.15.0.0/16 queries RIPE, how does my whois tool know it is a RIPE IP?
[02:36] <kgoetz> the dns server/s tell it
[02:36] <jetole> hmmmm
[02:37] <jetole> if I wanted to firewall every asian ip from connecting to port 25... can anyone think of a method?
[02:39] <kgoetz> SMTP? it would probably be easier to reject all .cn .jp etc domains
[02:43] <jetole> kgoetz: yeah... not really
[02:44] <jetole> out of 640 hosts analyzed in my SMTP records for today, 222 had NXDOMAIN entries i.e. no DNS PTR
[02:44] <jetole> and of coarse we get spam for canadian viagra that canadian-viagra.com (forget the real website name) points to jp
[02:45] <kgoetz> jetole: so perhaps not accepting from host without valid dns would work best for you
[02:45] <jetole> well we have started implementing that as well as a lot of anti spam features but frankly I am about to ready to say fsck asia on the SMTP level
[02:46] <jetole> grey lists don't seem to work because there seems to be a lot of broken legitimate SMTP servers out there and they mean too much to the corperation to just tell them they are broken and let us know when they are fixed
[02:47] <jetole> one of them I saw today in the logs belonged to some news company called dispatch.com or .net
[02:47] <kgoetz> something like spamcop RBL+not accepting from invalid dns should help a lot
[02:48] <jetole> well spamcop is on the list but it is providing temporary issues atm
[02:48] <ajmitch> blacklisting everyone in APNIC makes a lot of people very very unhappy
[02:48]  * kgoetz included
[02:48] <jetole> ajmitch: asian people?
[02:48] <ajmitch> pretty much anyone in australia or NZ
[02:48] <jetole> oh
[02:48] <jetole> ...
[02:48] <jetole> yeah that doesn't help
[02:48] <kgoetz> jetole: the P stands for Pacific
[02:49] <jetole> yeah but the A stand for asian ;)
[02:49] <kgoetz> Asia to be picky
[02:49] <ajmitch> and you're talking to people in the APNIC range at the moment :)
[02:49] <jetole> kidding, well I mean I am not but I understand what you mean
[02:50]  * ajmitch really doesn't like trying to explain to customers why mail doesn't get through
[02:52] <jetole> ajmitch: yeah, our partnership department had to do that today @ grey listing
[02:52] <kgoetz> greylisting is evil (from what i hear)
=== jjesse_ is now known as jjesse
[02:53] <jetole> kgoetz: grey listing is great, broken legitimate mail servers are whats evil
[02:54] <kgoetz> 4517   Reject RBL                                87.91%
[02:54] <kgoetz> our one blacklist (which i forget where its from)
[02:54] <jetole> grey listing is fully SMTP compliant and does not break protocol, if a mail server cannot communicate with a grey listed server then from time to time it may not communicate with any other server either and mail is lost
[02:55] <jetole> all grey listing does is the server initially issues a try back later code, SMTP 452
[02:56] <jetole> if a SMTP server gets the code from another server and does not retry then the server is broken
[02:56] <jetole> EOF
[03:56] <ScottK> kgoetz: There's really no evil in greylisting, but I do get sick of not getting my mail instantly.
[06:51] <ScottK> lamont: Thanks for the mail.
[06:54] <lamont> np
[06:54] <lamont> sorry for the delay - it's been an interestingly busy afternoon/evening
[06:54] <lamont> and now to bed.
[06:57] <Kalamansi> ScottK lamont : i have server ubunt 7.10 desktop. running on firestarter as firewall. how to filter the downloads of my pc2 and pc3 when they download a file? pc1 is my server.
[06:57] <Kalamansi> filter or auto scan by with anti virus
[06:57] <Kalamansi> in ubuntu server
[06:57] <kgoetz> set it up as a proxy
[06:58] <ScottK> Kalamansi: This is not, however, a desktop support channel.  Try #ubuntu
[06:58] <kgoetz> you'll want clamav+probably squid
[06:59] <Kalamansi> ScottK i have installed CLI server too still underconstruction because i dont know how to configure a firestarter in CLI
[06:59] <Kalamansi> thanks kgoetz
[06:59] <ScottK> Isn't firstarter just a gui for iptables?
[07:00] <ScottK> firstarter/firestarter
[07:00] <kgoetz> yeah
[07:00] <Kalamansi> ScottK : ahh ok i got it
[07:00] <Kalamansi> so whats the other alternative for CLI server aside from firestarter?
[07:00] <ScottK> iptables
[07:01] <kgoetz> or save your rules after makin them with firestarter and load it onto the server
[07:01] <ScottK> I've never done it, but I believe you can set up firestarter on one box and then copy the iptables rules it produces to another.  That's not, however, a complete substitute for knowing what you're doing.
[07:01] <Kalamansi> ScottK : do you have tutorials and howto? configuring a server just for internet sharing, traffic shaping and dhcp or assigning ip?
[07:02] <ScottK> I don't, but Google does.
[07:02] <Kalamansi> ScottK : how to locate the iptables of firestarter? or the .conf of the firestarter kgotz?
[07:02] <Kalamansi> kgoetz*
[07:02] <kgoetz> Kalamansi: no idea
[07:03]  * ScottK neither
[07:03] <ScottK> I suspect the firestarter documentation would be a good place to start.
[07:04]  * ScottK is going to quit and go to bed before he starts mumbling about consulting rates.
[07:04] <ScottK> Good night.
[07:04] <Kalamansi> ScottK : kgoetz : is it okay to use dhcp to pc2 and pc3 or better to assign each pc an ip?
[07:04] <kgoetz> ScottK: later mate
[07:04] <kgoetz> Kalamansi: much of a muchness
[07:11] <Kalamansi> kgoetz : you mean better to assign ip each pc?
[07:13] <kgoetz> Kalamansi: i mean it doesnt matter
[07:13] <kgoetz> afk , going home
[07:13] <Kalamansi> thanks
[07:13] <Kalamansi> thanks mate
[08:22] <kraut> moin
[08:34] <Kalamansi> kraut sup
[08:34] <Kalamansi> kraut : how to save my config? when i type this "ip addr add 192.168.2.1/24 dev eth1, udo ifconfig eth1 192.168.2.1 netmask 255.255.255.0,echo 1 > /proc/sys/net/ipv4/ip_forward and pc2 then pc3 can connect to the internet..i reboot my server, after backing up, and do a ifconfig all that i entered in eth1 was gone... and pc2 / pc3 cant connect to the internet.. how to solve this problem?
[08:36] <kraut> write it down into /etc/network/interfaces
[08:36] <Kalamansi> i see
[08:36] <Kalamansi> thanks
[08:36] <kraut> how to use this file is described in man interfaces
[08:37] <Kalamansi> kraut : what kind of apps is good for logging or process of workstations? like log all yahoo messenger chats and msn chats?
[08:38] <kraut> what exactly do you mean and what do you want to log?
[08:38] <kraut> linux use a syslog-facility. everything system-relevant can be found in /var/log
[08:40] <Kalamansi> kraut : is there any applications to install, like for example a application that can logs or chats that came from yahoo messenger and msn chats?
[08:40] <Kalamansi> logs all chats
[08:41] <kraut> that's application dependend. also this is #ubuntu-_server_, please remember this!
[08:42] <Kalamansi> ok ok but still it is installed in ubuntu server
[08:42] <kraut> of course it is, but that are desktop-applications
[08:43] <kraut> and it's stupid to install desktop-applications on a server-distro. of course it's possible, but nobody does this.
[08:45] <Kalamansi> kraut : i usually (but not many times) ..when my isp disconnected, i always dial so that i could connect using a windows os dialer then unplug the cable rj45 then put it back to server..how to config the server and let the server to dial my isp?my setup is isp's modem---server ubuntu pc1 --- switch --- pc1 and pc2 ..
[08:47] <kraut> erm, how do you dial? PPPoE?
[08:47] <Kalamansi> yeah PPPoE they give me login and password (3mbps)
[08:48] <kraut> normal dsl-connection?
[08:48] <Kalamansi> how do i dial? i use windows box then plug the modem wire to the nic, then dial.if get connected, i unplug the modem cable wire and transfer to ubuntu box
[08:49] <Kalamansi> yes dsl connection
[08:49] <kraut> do you understand german?
[08:50] <Kalamansi> i cannot understand german
[08:50] <kraut> hmm, then have a look on pppoeconf
[08:50] <kraut> it's easy to handle and will guide you through the config
[08:50] <Kalamansi> how to access pppoeconf?
[08:50] <kraut> anyhow, the linux-dialer is called ppp, it creates the pppoe-tunnel to your dslam
[08:51] <kraut> apt-cache search pppoeconf?
[08:52] <Kalamansi> i see
[08:56] <Kalamansi> thanks kraut
[08:56] <Kalamansi> =)
[08:56] <kraut> np
[08:57] <kraut> you should use google for example more in future
[08:57] <kraut> you could handle this easy thinks on your own if you search a bit
[08:59] <Kalamansi> one last question kraut before i go, how to filter all download of pc2 and pc3? im not sure if there is anti virus in console
[08:59] <kraut> there isn't a free and good soloution
[09:00] <kraut> please try first to understand linux and how it works, then take care on special topics like that
[09:00] <Kalamansi> so its okay to use CLI than GUI servers?
[09:01] <kraut> what?
[09:01] <kraut> a server is a server and a desktop is a desktop
[09:02] <Kalamansi> yes but i dont really get it..why others want a desktop server and others want server without x window..which is really safe? server with desktop or server without x window?
[09:03] <_ruben> x is both insecure and a resource hog, avoid installing on a server when possible
[09:05] <kraut> Kalamansi: _ruben got the point exactly
[09:05] <kraut> and installing a window-manager will bloat your package-list
=== mdz_ is now known as mdz
=== \sh_away is now known as \sh
[16:12] <ScottK> Debian Bug #311812
[16:12] <ubotu> Debian bug 311812 in postfix "postfix: syslog reconnection" [Important,Open] http://bugs.debian.org/311812
[16:16] <XiXaQ> Isn't it very strange that Ubuntu still doesn't have a package for freenx?
[16:18] <ScottK> Does Debian have one?
[16:19] <XiXaQ> several. I think all of the other distros of some size has them.
[16:19] <dantalizing> search gave no results at packages.debian.org
[16:20] <XiXaQ> I don't know if they're in their repositories.
[16:23] <kriel> Okay, here's a strange question. I'm currently in the process of remapping my network, so my server currently has two active interfaces. However, my sshd only listens to one interface (eth0). Is there any way to coax my sshd into listening to both interfaces?
[16:24] <lamont> ScottK: yeah - that's a syslog bug that affects postfix... :-)
[16:25] <ScottK> lamont: Please fix.  kthnxbye
[16:25] <lamont> and requires a change in postfix to use the non-existant syslog package interface for adding $CHROOT/dev/log
[16:25] <lamont> please work with the debian syslog maintainer on how to add additional log files to syslogd
[16:25] <ScottK> Cool.  Sounds like you've got it handled.
[16:26] <ScottK> lamont: Any thoughts on adding the VDA patch to your Postfix package?
[16:26] <lamont> remind me of what VDA is
[16:27] <ScottK> Virtual Delivery Agent
[16:27] <ScottK> Allows some kind of soft bounce quota thingy.
[16:28] <ScottK> IIRC, the last comment on it I saw from Weitse was "Doesn't meet Postfix quality standards".
[16:28] <lamont> is that the stupid half-ass quotas-sort-of for virtual mailboxen?
[16:28] <ScottK> Yeah  That one.
[16:28] <lamont> sounds like the same thing.  and yeah.  fails.
[16:28] <ScottK> OK.  You may want to read the ubuntu-server ML and weigh in on the ebox thread.
[16:28] <lamont> I believe my last comment on the bug is something of the form "I'll provide this when it comes down from upstream. kthx"
[16:29] <lamont> sigh.  I'll take a look at that later today, I guess.
[16:30] <sommer> ScottK: are you thinking they'll ship a different version of postfix?
[16:30]  * sommer found the eBox udpate very interesting
[16:30] <ScottK> sommer: I'm thinking they'll want us to patch our postfix when we integrate ebox.
[16:31] <ScottK> That, or, even worse, ship their own in the package.  That horror hadn't even ocurred to me.
[16:31] <lamont> and the patch fails to meet quality standards, so they'll need to update it.
[16:31] <sommer> from the language used my impression was they were shipping their own, but obviously it's still being developed
[16:32] <sommer> couldn't you configure filesystem quotas to give you a similar result?
[16:32] <ScottK> sommer: I believe ebox upstream is shipping their own.  Dunno what'll happen with the Ubuntu packages
[16:32]  * ScottK doesn't have time to get into it right now.
[16:33] <ScottK> sommer: Short version is almost, but not quite.
[16:33] <sommer> ScottK: gotcha, thanks
[16:34] <nealmcb> yeah - I'm glad to see the ebox conversation starting - it is a big challenge, and we really need something to bring servers to a wider audience
[16:36] <sommer> nealmcb: seems like the biggest challenge is the large amount of options used to configure server apps, and how do you translate that to a web interface
[16:43] <foolano> ScottK: so far we are shipping our own postfix package
[16:43] <ScottK> foolano: Right, but we don't want two postfix in Ubuntu.
[16:43] <foolano> but as i just said on the mailing list we can easily strip out that part from the code
[16:44] <foolano> no problem
[16:44] <ScottK> foolano: Sounds good.
[16:44] <nealmcb> sommer: well I don't think they have to handle all the options - just the ones that a typical soho would really need. but they have to avoid fouling up existing configs
[16:44] <nealmcb> foolano: welcome!
[16:45] <foolano> thanks :)
[16:45] <nealmcb> foolano: what's your name?
[16:46] <ScottK> foolano: I just replied on the ML to close the thread.  Thanks.
[16:47] <foolano> handling all the possible options and presenting a simple UI is too complicated
[16:50] <sommer> nealmcb: I agree, lot of work though
[16:53] <sommer> foolano: thanks for the update, eBox is a very interesting project
[17:02] <foolano> our current released is debian based, but i really think that we are doing the right think by changing to Ubuntu. Hopefully, we'll have more users more testing, and we'll end up with a better product
[17:03] <foolano> s/released/release/
[17:07] <ScottK> Probably.  I doubt that many people who are the type to run Debian servers are also the kind to run Ebox.
[17:07]  * nealmcb nods
[17:09] <nealmcb> foolano: ahh - I think I met you at UDS Boston :-)
[17:09] <foolano> mmm, whois...
[17:09] <foolano> hehe
[17:09] <foolano> yeah
[17:10] <foolano> i think you sat in front of me during the ebox meeting
[17:10] <nealmcb> yes
[17:11] <foolano> how's everything going? :)
[17:12] <nealmcb> as usual, trying to stay on top of too many things at once :-)
[17:12] <foolano> hehehe, that's the way to go :)
[17:13] <nealmcb> I seem to recall rumors that apache 1.3 might not be in hardy
[17:14] <nealmcb> the memory size issue with apache2 and ebox seems surprising - do you know what causes it?
[17:15] <nealmcb> how big is apache 1.3 plus mod-perl plus ebox?
[17:15] <soren> We don't even have apache1.3 anymore..
[17:15] <soren> (!)
[17:15] <soren> It's not even in gutsy.
[17:17] <nealmcb> ahh - on re-reading I see that is what foolano said :-)
[17:17] <nealmcb> in email - had to backport....
[17:17] <foolano> i don't know what is causing it
[17:17] <foolano> i have to do some profiling to find out
[17:18] <foolano> in the meantime, i'm using apache 1.3
[17:18] <kriel> I have two interfaces connected to my Ubuntu 7.10 (server) machine. lspci shows two interfaces, and originally ifconfig showed two interfaces (plus loopback) as well. After a reboot (with no hardware changes at all) lspci still shows two interfaces, but ifconfig only shows one. Where could I begin troubleshooting this? (besides using lspci and ifconfig)
[17:18] <nealmcb> foolano:  http://vda.sourceforge.net/se doesn't work for me (from your email)
[17:18] <foolano> nealmcb: i pasted the wrong URL, remove the trailing "/se"
[17:19] <nealmcb> yeah - and I guess it is moot now anyway.  thanks
[17:23] <fishor> kriel: dmesg, /etc/netwok/interfaces, /var/log/syslog
[17:28] <foolano> gotta go. see you later
[17:28] <kriel> fishor: if i pastebin those files, would you mind helping me figure out what happened?
[17:32] <fishor> kriel: 1. you should check in dmesg if netwok interface driver was loaded corrctly 2. in /etc/netwok/interfaces if it was korrectly configured 3. in /var/log/syslog if there is some other errors
[17:36] <kriel> fishor: thanks.
[17:59] <nealmcb> memes we'll be hearing about: home servers - take off on stay-at-home-dads: http://www.stayathomeserver.com/
[18:38] <ScottK> sommer: I'm taking another stab at backporting clamav to Dapper/Edgy/Feisty/Gutsy.  Please have a look at the team wiki page.  Testing needed.
[18:41] <sommer> ScottK: cool, will do
[18:42] <sommer> haven't gotten very far in backporting the API to the dapper version, but really haven't looked at it since before x-mas
[18:44] <ScottK> With PPA, I can build test packages against the curren clamav pretty easily and others can test, so we'll get that a shot.  0.92 had additional API changes anywya.
[18:44] <ScottK> wya/way
[18:46] <sommer> gotcha, should be able to do some testing this evening
[20:18] <pHaze> What's the best way to auto build and deploy servers in a cluster with ubuntu server?
[20:19] <nealmcb> pHaze: what sort of cluster?
[20:20] <pHaze> Just a regular web cluster. Running apaches and some of our own software.
[20:20] <pHaze> behind a load sharer.
[20:21] <pHaze> I'm building machines individually right now and want to automate the process so I can just slap a disk in and a new ubuntu spins up along with our own software installed.
[20:21] <zul> kickstart might help
[20:22] <nealmcb> !kickstart
[20:22] <ubotu> Ways to automate installation of Ubuntu on multiple machines are described at https://help.ubuntu.com/6.10/ubuntu/installation-guide/i386/automatic-install.html - See also !cloning
[20:22] <nealmcb> !cloning
[20:22] <ubotu> To replicate your packages selection on another machine (or restore it if re-installing), you can type « dpkg --get-selections > ~/my-packages », move the file "my-packages" to the other machine, and there type « sudo dpkg --set-selections < my-packages && apt-get dselect-upgrade » - See also !automate
[20:22] <nealmcb> !automate
[20:23] <pHaze> thanks
[20:23] <nealmcb> np
[20:23] <nealmcb> !automate
[20:23] <ubotu> Ways to automate installation of Ubuntu on multiple machines are described at https://help.ubuntu.com/6.10/ubuntu/installation-guide/i386/automatic-install.html - See also !cloning
[20:23]  * nealmcb mumbles about best-effort delivery to uboto :-)
[20:24] <nealmcb> *ubotu
[20:24] <nealmcb> and I wonder if those techniques have changed much since dapper
[20:29] <zul> preseed as well
[21:25] <ScottK> Hell ivoks
[21:25] <ScottK> Hello I mean
[21:25] <ScottK> Sorry
[21:25] <ScottK> ivoks: I'm -> <- this close to having amavisd-new in Main
[21:25] <astabeno> scottk: I am going to report you
[21:25] <ivoks> hi all
[21:26] <ivoks> hell ivoks :)
[21:26] <ivoks> ScottK: awsome
[21:26] <astabeno> just kidding
[21:26] <ScottK> Once that's done you can integrate it into task select ...
[21:27] <ScottK> astabeno: Glad to hear it.  I'm famously grumpy and would have hated to have to have pointed some of it at you.
[21:29] <ScottK> ivoks: I decided to kill of amavisd-new-milter once I say the Debian amavisd-new maintainer comment that he just assumed it worked because he had no way to test it.
[21:29] <ScottK> I think we don't want that in Main and it saves me having to split libmilter out of sendmail.
=== \sh is now known as \sh_away
[21:38] <varek> i hate grub error 17
[21:39] <varek> no idea what's happening, but i've called grub-install onto the right hard drive 1000 times now
[21:42] <varek> is there any way to get grub to be a little more verbose
[21:45] <qman> google is your friend
[21:45] <qman> grub error 17 means the partition exists but the fiesystem type cannot be recognized
[21:45] <varek> no shit.
[21:45] <qman> filesystem*
[21:45] <varek> thanks for that.
[21:46] <qman> pretty straightforward
[21:46] <varek> how is it straightforward ?
[21:46] <qman> either your filesystem is damaged, has the wrong type code, your drive is toast, or your BIOS is interfering
[21:47] <qman> it really can't be anything else
[21:47] <varek> must be the bios.
[21:48] <qman> go in and make sure all your disks are set to "auto", not "user" or "LBA
[21:48] <qman> "
[21:54] <varek> they're all set to auto :\
[21:57] <varek> apparently someone on a gentoo forum found that the bios helpfully re-ordered drives at boot time
[22:00] <ajmitch> yep, /dev/sd{a,b,c} are certainly not in that order for me in the BIOS
[22:00] <ajmitch> I think that the first SATA drive that the BIOS sees turns up as sdb for me
[22:04] <varek> i'm using a sata PCI card for my boot hard drive
[22:07] <varek> s'pose i'll just guess hard drives
[22:07] <varek> five to choose from :(
[22:09] <varek> wait
[22:09] <varek> this is ridiculous.
[22:11] <ivoks> there's a magic command
[22:11] <ivoks> find
[22:11] <varek> yeah but presumably it'll be different at boot
[22:12] <varek> according to device.map it's hd4,0 but that gives me error 17, so it must be one of my software RAID disks at boot
[22:12] <ivoks> software raid disk?
[22:12] <ivoks> like... windows software raid?
[22:13] <varek> linux software raid.
[22:13] <ivoks> what raid type?
[22:14] <varek> md, raid 5
[22:15] <ivoks> i hope you don't have /boot on md raid5
[22:15] <varek> no...
[22:17] <varek> it's on a seperate disk, first partition
[22:23] <varek> any ideas besides just guessing ?
=== mtp_ is now known as matttp
[22:27] <varek> guessing it is.
[22:28] <varek> wait, how is that going to help
[22:29] <varek> error 17 means grub isn't even loading
[22:31] <varek> when it says 'cannoy mountselected partition' what does it mean ?
[22:34] <somerville32> It means it can not mount the partition you selected to mount
[22:35] <varek> which is specified when you install grub right?
[22:37] <Thorsten11> hello all
[22:37] <Thorsten11> is anyone on this channel/
[22:38] <varek> haha.
[22:38] <varek> fellow has less patience than i do.
[22:39] <Thorsten11> i have a question if anyone is out there
[22:39] <Thorsten11> well its actually more of a concern
[22:39] <ScottK> !ask | Thorsten11
[22:39] <ubotu> Thorsten11: Please don't ask to ask a question, ask the question -- All On One Line, so others can read it and follow it easily --. and if anyone knows the answer they will most likely answer. :-)
[22:40] <Thorsten11> I was viewing the auth.log file on my server back home from the hotel room i am in and i have one hell of alot of remote login attempts, obviously a brute force, my question is what can i do to make sure no one gets in
[22:41] <ScottK> This is SSH, I assume?
[22:41] <Thorsten11> yes
[22:42] <ScottK> You can use iptables to limit the number of SSH connection attempts.  If the server has lots of people trying to logon, this may have unwanted side effects.
[22:42] <ScottK> I'm the only one SSH'ing into servers I administer, so it works quite well for me.
[22:42] <ScottK> Once they hit the limit, SSH just stops responding and they go away.
[22:43] <Thorsten11> that would work perfect, I am the only one that really logs in, ocasionally my brother does, but basically me.
[22:44] <ScottK> !pastebin
[22:44] <ubotu> pastebin is a service to post large texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the #ubuntu channel topic)
[22:44] <Thorsten11> Because i travel so much the ip address restriciton could never work so i have been looking for another solution
[22:45] <Thorsten11> thanks alot scottk
[22:45] <ScottK> http://paste.ubuntu-nl.org/52350/ is the basic idea.  You'll have to figure out how to integrate it into your iptables rules.
[22:45] <varek> what the hell
[22:45] <Thorsten11> ok
[22:45] <varek> it actually loaded grub
[22:45] <Thorsten11> thanks again too all
[22:46] <ScottK> Thorsten11: Test it when you have local access to the server
[22:46] <Thorsten11> i shall, probably tomorrow when i get home
[22:46] <Thorsten11> are you on here often?  I'd like to let you know how it works out
[22:47]  * ScottK is usually either here or logged in and reads the scrollback
[22:47] <Thorsten11> fantastic
[22:47] <Thorsten11> cheers and thanks, i'll let you know
[22:49] <ajmitch> varek: you found the right partition & disk then?
[22:49] <varek> i changed the boot order in the bios
[22:49] <ajmitch> heh
[22:49] <ajmitch> computers are wonderful
[22:50] <varek> it didn't like it being fifth, but did like it being first :\
[22:56] <varek> now i just have to figure out how to get it to recognize raid.
[22:57] <nealmcb> ScottK: so that ssh rate limiting rule links to a ratedrop chain, right?  how do you define that?
[22:59] <ScottK> nealmcb: http://paste.ubuntu-nl.org/52352/
[23:00] <nealmcb> ScottK: cool - thanks
[23:01] <ScottK> nealmcb: No problem.  That's mostly thanks to Google.