| === medberry is now known as med_away | ||
| === jjohansen is now known as jj-afk | ||
| === nerens_ is now known as nerens | ||
| ScottK | kirkland: When server people said they wanted an improved boot experience, I don't think it was the colors they were concerned with. | 02:10 |
|---|---|---|
| twb | haha | 02:11 |
| kirkland | ScottK: thank you for the constructive comment | 02:11 |
| twb | I would like the boot process not to hang if I make an LVM LV read-only and it has a fsck pass defined in /etc/fstab | 02:11 |
| ScottK | kirkland: I'm serious. I'm sure it's lovely and all, but ^^^ is what's important. | 02:11 |
| twb | Just as an example | 02:12 |
| Saturn2888 | hi all. How do I remove sit0 and sit1 adapters? I had them in there a long time ago and haven't ever been able to remove them. I was wondering if anyone else knows. They were Link encap:IPv6-in-IPv4 and should be pretty easy to delete for someone that knows better. | 03:07 |
| fxhp | I want to specify the disk image path in vmbuilder | 04:33 |
| fxhp | And I cannot find any docs that give examples | 04:34 |
| eagles0513875 | any webmin users in here out of curiosity | 07:02 |
| greppy | eagles0513875: probably not, it's not really supported on ubuntu | 07:06 |
| eagles0513875 | greppy: then why is it in the repo O_o | 07:08 |
| greppy | eagles0513875: which repo? | 07:10 |
| greppy | I don't find it in mine | 07:10 |
| jmarsden | eagles0513875: rmadison webmin shows nothing at all... i.e. it is not there. | 07:10 |
| eagles0513875 | ya | 07:10 |
| eagles0513875 | my apologies | 07:10 |
| eagles0513875 | now how to uninstall it from source :( | 07:11 |
| _ruben | some makefiles offer a 'make uninstall' option | 07:12 |
| _ruben | if not, then it'll be a manual process | 07:13 |
| _ruben | and if your lucky, all its files reside under for instance /usr/local/webmin/ | 07:13 |
| eagles0513875 | found it | 07:19 |
| eagles0513875 | the uinstall script was in /etc/webmin | 07:19 |
| eagles0513875 | another question for you guys | 07:19 |
| eagles0513875 | sudo: unable to resolve host EagleEyeT <---- i have that name in the /etc/hostname file yet its still complaining | 07:19 |
| eagles0513875 | what have i set incorrectly in that file | 07:19 |
| greppy | is it in /etc/hosts? | 07:20 |
| eagles0513875 | let me look | 07:24 |
| eagles0513875 | greppy: http://pastebin.com/F9aPs6aV | 07:25 |
| greppy | then no you don't. | 07:27 |
| eagles0513875 | wait | 07:27 |
| greppy | you need to add EagleEyeT to /etc/hosts | 07:27 |
| eagles0513875 | problem fixed | 07:27 |
| eagles0513875 | the name was something different before the bmit-internal it was called before | 07:28 |
| eagles0513875 | and i had changed that and didnt change it in hosts | 07:28 |
| eagles0513875 | thanks greppy :) | 07:33 |
| maxillusionist | hi ilea | 08:05 |
| tuxinator | hi all | 09:24 |
| tuxinator | how to achieve that snmpd does monitor interface traffic? | 09:24 |
| _ruben | what? | 09:25 |
| tuxinator | my snmpwalk output: http://pastebin.com/8dgPdH8P | 09:25 |
| _ruben | oh, change the public community from paranoid to ehm, the other one | 09:25 |
| _ruben | in /etc/snmp/snmpd.conf | 09:26 |
| tuxinator | i plan to use cacti later, but first i have to ensure that it gets interface statistics from snmpd | 09:26 |
| tuxinator | _ruben: thanks man, looks better :D it's long time since i last worked with snmpd :D | 09:27 |
| === ogra is now known as Guest78603 | ||
| === Guest78603 is now known as ogra_ | ||
| GeneralK | So I have an issue where I am unable to mount an NTFS partition on a drive that uses a gpt partiton table... It's like the partition doesn't exist outside of parted or whataver tool I use to look at it in... eg. I can't mount it from /dev/sda or /dev/dm-0 Any ideas would be appreciated | 10:48 |
| iclebyte_work | anyone noticed any BGP issues with British Telecom? | 10:49 |
| DavidB | I have a File sharing problem on our Ubuntu File Server can someone please help me out? We have 15 station running Windows Xp and Windows 7 and our File Server running Ubuntu, I configured 3 shares with full access, restarted Samba but some of the stations can not agges the server | 11:27 |
| DavidB | access* | 11:27 |
| DavidB | Can someone please help? | 11:28 |
| DavidB | Hello? | 11:30 |
| DavidB | IIs there someone willing to help? | 11:31 |
| Aison | maybe you should provide some more information | 11:31 |
| DavidB | Like? | 11:31 |
| Aison | eg. pastebin your samba config | 11:31 |
| DavidB | ok | 11:31 |
| Aison | that don't mean that I can help, but maybe | 11:32 |
| DavidB | #======================= Global Settings ======================= [global] workgroup = COTTONTEXDOM ;netbios name = GrafUBU server string = %h server (Server) ;wins support = no ; wins server = w.x.y.z dns proxy = no ; name resolve order = lmhosts host wins bcast #### Debugging/Accounting #### log file = /var/log/samba/log.%m max log size = 1000 ;syslog only = no syslog = 0 panic action = /usr/share/samba/panic | 11:33 |
| RoyK | !pastebin | 11:34 |
| ubottu | For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. | 11:34 |
| DavidB | sorry for that | 11:35 |
| DavidB | my first time here | 11:35 |
| DavidB | http://paste.ubuntu.com/582045/ | 11:35 |
| RoyK | np | 11:36 |
| Aison | can you do | 11:39 |
| Aison | testparm -s smb.conf > smb.conf.tested | 11:39 |
| Aison | and paste this? | 11:39 |
| DavidB | ok | 11:39 |
| RoyK | DavidB: can you connect to the server via IP address from the clients that can't see the server - as in \\x.x.x.x ? | 11:42 |
| DavidB | @RoyK I can see the shares , acces some of them but not others | 11:42 |
| DavidB | http://paste.ubuntu.com/582047/ | 11:43 |
| Aison | quite strange | 11:46 |
| DavidB | i need to also specify that the computer that cant brows one share is in a domain | 11:47 |
| Aison | well, I never used this security = SHARE option | 11:47 |
| DavidB | I need open access to all shares | 11:49 |
| DavidB | its an internal server so dont need security higher than local | 11:49 |
| DavidB | Does it conflict maybe with the Main Domain server rules? | 11:50 |
| DavidB | brb | 11:51 |
| Aison | i've got a problem also here: some of my ubuntu servers have got a higher resolution in console than others, why? where can I change that? some framebuffer thingie? | 11:52 |
| DavidB | Aison I added a virtual device with a resolution setting on mine http://paste.ubuntu.com/582053/ | 12:02 |
| DavidB | I dont have a monitor attached to the server | 12:03 |
| DavidB | The link is my custom xorg.conf | 12:03 |
| Aison | well, here i've got 6 servers with a switchbox connected to one screen | 12:03 |
| Aison | I don't have got X here ;) | 12:03 |
| DavidB | :) | 12:04 |
| Aison | but somehow my consoles have got different resolutions | 12:05 |
| DavidB | Maybe you have diferent resolutions in grub's menu.lst | 12:06 |
| Aison | yeah, but on ubuntu 10.10 I can't find the menu.lst | 12:06 |
| Aison | it's defined somewhere else | 12:06 |
| DavidB | http://lifealgorithms.wordpress.com/2009/11/11/customising-console-and-grub2-resolution/ | 12:07 |
| DavidB | But be carefull it sais it might fail :) | 12:08 |
| DavidB | Any ideas on my problem? :P | 12:11 |
| zul | morning | 12:23 |
| DavidB | morning | 12:23 |
| Aison | DavidB, I guess your problem is located at the client (windows) side | 12:24 |
| Aison | because everything else looks ok | 12:24 |
| DavidB | well I have 2 similare shres on the same server but both are accesible | 12:25 |
| DavidB | similar* | 12:25 |
| DavidB | Aison I found the culprit | 12:54 |
| DavidB | I needed a Read Only = no on the last share that was not accesible | 12:55 |
| Aison | oh :) | 13:02 |
| RoAkSoAx | morning all | 13:04 |
| === dendro-afk is now known as dendrobates | ||
| === dendrobates is now known as dendro-afk | ||
| === dendro-afk is now known as dendrobates | ||
| orudie | At boot of 10.04 I get error: disk not found, followed by disk check, telling me that disk is not properly mounted/unmounted, then the system starts and everything seems normal. Any help for me how to fix this ? | 14:41 |
| patdk-wk | don't yank the power cable out? | 14:44 |
| mdeslaur | kirkland: FYI, qemu-kvm isn't installable right now because it FTBFS on i386...are you looking into that? | 14:46 |
| kirkland | mdeslaur: yes | 14:46 |
| === ogra_ is now known as ogra | ||
| mdeslaur | kirkland: ok, cool....thanks | 14:46 |
| kirkland | mdeslaur: jdstrand reported in ubuntu-devel | 14:46 |
| compdoc | orudie, type: 'smartctl -a /dev/sda' (or whatever device your hard drive is) | 14:47 |
| mdeslaur | kirkland: ah, cool | 14:47 |
| orudie | compdoc, smartctl not recognized | 14:49 |
| compdoc | sorry, I thought smartmontools was included with the OS | 14:50 |
| orudie | compdoc, i'll install it | 14:51 |
| compdoc | you need to read the SMART data onthe drive. look for reallocated sectors and pending sector count | 14:51 |
| compdoc | see if either are greater than zero | 14:51 |
| patdk-wk | and don't do it over usb cable | 14:54 |
| RoAkSoAx | kirkland: /win 2 | 15:09 |
| RoAkSoAx | arrgh | 15:09 |
| RoAkSoAx | kirkland: howdy!! please don't forget to review python-ethtool for the new queue when you have the time :) | 15:09 |
| kirkland | RoAkSoAx: aha, sure, thanks | 15:12 |
| === SquishyNotHere is now known as squishy | ||
| zul | time to do some deweeding again | 15:28 |
| compdoc | just say no! to deweed | 15:37 |
| iclebyte_work | anyone running puppet? | 15:47 |
| zul | RoAkSoAx: where are with 619712? | 15:57 |
| RoAkSoAx | zul: huh? | 15:58 |
| RoAkSoAx | oh bug# | 15:58 |
| RoAkSoAx | zul: well I was never able to reproduce the "race" as specified in the bug #619712 | 16:00 |
| uvirtbot | Launchpad bug 619712 in keepalived "keepalived vrrp race condition and fix (versions 1.1.17 and 1.2.0 but perhaps all?)" [High,Won't fix] https://launchpad.net/bugs/619712 | 16:00 |
| RoAkSoAx | zul: however, it is supposed to be "fixed" upstream | 16:00 |
| RoAkSoAx | in the latest release | 16:01 |
| zul | RoAkSoAx: can you add the info to the bug and do the approiate thing plesase? :) | 16:01 |
| RoAkSoAx | zul: sure. We can also try to get the latest into natty, but that will also mean that we'd need to get ipvsadm2.6 | 16:03 |
| zul | RoAkSoAx: wouldnt it be easier to backport the supposed fix from upstream? | 16:04 |
| RoAkSoAx | zul: that too, though the newest releases have better support for IPV6 | 16:05 |
| zul | RoAkSoAx: any known regressions with it? | 16:05 |
| RoAkSoAx | zul: none so far. I'm gonna evauluate either to patch it, or get FFe's over this weekend | 16:06 |
| RoAkSoAx | and by monday I should have a clearer picture of what to do | 16:06 |
| uvirtbot | New bug: #370874 in exim4 (main) "package exim4-base 4.69-5ubuntu2 failed to install/upgrade: short read in buffer_copy (backend dpkg-deb during `./usr/share/doc/exim4-base/spec.txt.gz')" [Undecided,Invalid] https://launchpad.net/bugs/370874 | 16:12 |
| zul | RoAkSoAx: cool thanks | 16:20 |
| === dendrobates is now known as dendro-afk | ||
| === dendro-afk is now known as dendrobates | ||
| bbeck | Does anyone have experience creating their own EC2 AMI of ubuntu server that is preconfigured with certain packages? I'm trying to build an image for some software that I've written and having troubles figuring out how to get started. | 16:32 |
| patdk-wk | hmm, I thought that was pretty simple | 16:32 |
| patdk-wk | install ubuntu into ec2 | 16:33 |
| patdk-wk | install software you want, configure it how you want | 16:33 |
| patdk-wk | then back it up to s3 | 16:33 |
| patdk-wk | publish backup in s3 as ami, done | 16:33 |
| bbeck | well that certainly does sound easy. | 16:36 |
| patdk-wk | I'm sure there are a few catchs :) | 16:36 |
| patdk-wk | like first time run scripts to configure the ip and machine name when it's installed from the ami, that would be lost doing it that way | 16:37 |
| patdk-wk | but otherwise, yep | 16:37 |
| bbeck | why would that matter? i'm assuming EC2 has a DHCP server to provide IPs | 16:38 |
| patdk-wk | I didn't think it used dhcp | 16:38 |
| patdk-wk | been awhile since I last used ec2 though | 16:38 |
| xuru | what's a good channel to ask some fiber channel/multipath questions on ubuntu? | 16:44 |
| patdk-wk | this one? | 16:47 |
| xuru | ok, I'm getting a lot of these errors: sd 3:0:2:5: reservation conflict | 16:53 |
| xuru | I have 5 ESX servers hooked up to a Pillar 300 | 16:53 |
| xuru | and I'm hooking up this backup server to it as well | 16:54 |
| xuru | Running ubuntu 10.04 lts | 16:54 |
| xuru | everything looks good running multipath -v3 and multipath -ll | 16:54 |
| xuru | but the paths seem to go down and then become active again | 16:55 |
| xuru | I'm guessing this is because the esx servers are issuing a scsi reserve? | 16:55 |
| patdk-wk | not sure :( | 17:00 |
| patdk-wk | I haven't attached any linux machines to the fiber esx stores | 17:00 |
| patdk-wk | only done that on windows, and haven't bothered to see if it complains | 17:00 |
| xuru | yeah, it's kind of weird... I've been trying to get vmware's vixDiskLib SDK to work over SAN... been a long road so far | 17:02 |
| owen1 | i try to change my timezone to utc but can't find it in tzselect. any tips? | 17:28 |
| genii-around | owen1: Pick 11 and then put maybe just GST ? | 17:31 |
| owen1 | genii-around: `GST' is not a conforming Posix time zone string. | 17:31 |
| genii-around | GMT perhaps then. I think it takes the "GST-#" and converts it to the 3 letter codes | 17:33 |
| genii-around | GST-0 seems to work | 17:33 |
| owen1 | genii-around: ok. thanks! | 17:41 |
| genii-around | np | 17:42 |
| zul | sorry about the spam | 17:48 |
| === dendrobates is now known as dendro-afk | ||
| * RoAkSoAx off to lunch | 18:38 | |
| Frosh | I have setup some of our Ubuntu servers using KInit, Winbind, and Samba (following a guide i read) and setup authentication against our Active Directory; this has (seemingly) worked fine for several months, but newly created AD users are unable to login (they get "access denied") - I was wondering if anyone could help me troubleshoot (turn on appropriate logging, debugging, etc..) - if this is the wrong venue, can someone point | 19:19 |
| RoAkSoAx | kirkland: ping | 20:07 |
| RoAkSoAx | kirkland: is the setvtrgb /etc/vtrgb supposed to change background colors too? | 20:08 |
| kirkland | RoAkSoAx: yo | 20:08 |
| kirkland | RoAkSoAx: if i understand your question correctly, yes | 20:08 |
| RoAkSoAx | kirkland: cause the only thing I get change in both my laptops is the letters from grey to white | 20:09 |
| kirkland | RoAkSoAx: are you on the console, ctrl-alt-f1? | 20:09 |
| RoAkSoAx | kirkland: yes | 20:09 |
| kirkland | RoAkSoAx: the background color change is not noticeable | 20:10 |
| kirkland | RoAkSoAx: it goes from 0,0,0 black to 1,1,1 black | 20:10 |
| kirkland | RoAkSoAx: goto http://tldp.org/HOWTO/Bash-Prompt-HOWTO/x329.html | 20:10 |
| kirkland | RoAkSoAx: grab the bash script at the end of that page | 20:10 |
| kirkland | RoAkSoAx: and run it before an after you do: | 20:10 |
| kirkland | sudo setvtrgb vga | 20:11 |
| kirkland | sudo setvtrgb /etc/vtrgb | 20:11 |
| RoAkSoAx | let's see | 20:11 |
| RoAkSoAx | kirkland: i though it would change the color to aubergine though :) | 20:13 |
| kirkland | RoAkSoAx: run debconf | 20:13 |
| kirkland | RoAkSoAx: dpkg-reconfigure <something> | 20:14 |
| kirkland | RoAkSoAx: or press F9 in byobu | 20:14 |
| RoAkSoAx | kirkland: ahh I see it now!! cool!! | 20:15 |
| RoAkSoAx | kirkland: thanks ;) | 20:15 |
| kirkland | RoAkSoAx: you could, however, change your background to aubergine, though, easily :-) | 20:15 |
| kirkland | RoAkSoAx: do this .... | 20:15 |
| kirkland | RoAkSoAx: sudo vi /etc/vtrgb | 20:17 |
| kirkland | RoAkSoAx: and change the first number in the 3 lines to: | 20:17 |
| kirkland | 61 | 20:17 |
| kirkland | 0 | 20:17 |
| kirkland | 31 | 20:17 |
| kirkland | RoAkSoAx: and then sudo start setvtrgb | 20:17 |
| * RoAkSoAx tries | 20:17 | |
| RoAkSoAx | kirkland: much better! I think that should be default :) | 20:18 |
| kirkland | RoAkSoAx: the beauty is that you can now configure this easily | 20:18 |
| RoAkSoAx | kirkland: indeed!! But personally I was expecting to see it by default :) | 20:19 |
| kirkland | RoAkSoAx: heh. that's up to the design team, not me :-) | 20:21 |
| RoAkSoAx | kirkland: as long as we can change it with no hassle is all good :) | 20:21 |
| RoAkSoAx | kirkland: though, idk if this is because of the new color changes, but byobu's color scheme has changed | 20:24 |
| === dendro-afk is now known as dendrobates | ||
| RoAkSoAx | kirkland: dude this new colors (and the console with aubergine is just amazing!! it's awesome that you've done this!! | 20:36 |
| koltroll | RoAkSoAx, url? (just joined but you sound so excited that I got interested) | 20:36 |
| RoAkSoAx | koltroll: http://fossplanet.com/f10/call-testing-aubergine-love-server-folks-114677/ | 20:37 |
| koltroll | cheers | 20:37 |
| kirkland | RoAkSoAx: thanks, man; it's nice to hear something kind from someone every once in a while :-) | 20:38 |
| kirkland | RoAkSoAx: b/c there are some gripey people out there! | 20:38 |
| RoAkSoAx | kirkland: thanks to you!! :) (and indeed!!) | 20:38 |
| === ogra is now known as Guest95250 | ||
| === dendrobates is now known as dendro-afk | ||
| === Negative is now known as negativeOne | ||
| === negativeOne is now known as anadon | ||
| === erichammond1 is now known as erichammond | ||
| RoyK | http://transport.nilu.no/products/fukushima <-- seems California is getting some .jp air soon | 21:25 |
| Patrickdk | never did need that state anyways | 21:26 |
| === garfieldairIines is now known as Myst | ||
| david5345 | I ran nmap on my ubuntu box. I did the 4 different scans, default, xmas tree, FIN, null and UDP Scan | 21:41 |
| david5345 | Every time it said "1000 scanned ports are open|filtered". Except on the UDP scan, it caught ntp as being "closed". | 21:42 |
| david5345 | Are my iptables secure enough ? or is there another test I should run ? | 21:42 |
| RoyK | david5345: iptables is secure enough for L3/L4 | 21:42 |
| david5345 | For the sake of this conversation, I am only talking about TCP, UDP and IP | 21:43 |
| RoyK | for that, iptables is secure | 21:43 |
| david5345 | ok, I guess my question was if my rules were strong enough. | 21:43 |
| RoyK | pastebin them | 21:43 |
| RoyK | !pastebin | 21:43 |
| ubottu | For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic. | 21:43 |
| david5345 | sorry ubottu, I am used to msn messenger | 21:44 |
| david5345 | Do I need to worry about security lower than L3 ? | 21:44 |
| RoyK | rarely | 21:44 |
| RoyK | unless you're afraid of attacks on the LAN | 21:44 |
| RoyK | but then, arptables can do filtering as well | 21:45 |
| david5345 | It's in a data centre, I assume they will protect against local attacks | 21:45 |
| RoyK | for any sysadmin, a pinch of paranoia is good, but don't add too much of it | 21:45 |
| david5345 | I am beyond a pinch :D | 21:45 |
| RoyK | david5345: I'm quite sure you will be sharing the network with others in the same datacentre | 21:46 |
| david5345 | Yes, but would any of them launch an attack against me ? | 21:46 |
| RoyK | david5345: you never know - one can be hacked and try to do so, but if they do, they would probably try on IP, L3, so it shouldn't be much of a problem | 21:47 |
| david5345 | Do I need to worry about 5, 6, and 7 ? Does 7 include installing secure programs and keeping them patched ? | 21:47 |
| RoyK | L2 and down is pretty well secured already, unless there's a bad driver somewhere | 21:47 |
| RoyK | L7 is application protocols - they should be fairly secure - but "L8+" (no such thing, but still) is usually the problem - some bad code and suddenly you have an XSS or DoS or even local exploit | 21:49 |
| RoyK | HTTP is a good example of a L7 protocol | 21:49 |
| david5345 | Wonderful! | 21:49 |
| david5345 | HTTP is only as secure as the backend such as apache or PHP | 21:50 |
| RoyK | HTTP is secure, and so is apache, but adding PHP or CGI or something to that (all of which uses HTTP for transport) can open doors | 21:50 |
| guntbert | RoyK: L8 = you and me ;-) so what might L8+ really be? | 21:51 |
| RoyK | I'd call php and the gang L8, you and me comes a wee bit further up :) | 21:52 |
| RoyK | L>7 is highly subjective :) | 21:52 |
| guntbert | indeed :-) | 21:53 |
| david5345 | apache = L8 | 21:53 |
| david5345 | PHP = L9, MySQL = L10 :D | 21:53 |
| RoyK | apache = L5-7 | 21:53 |
| RoyK | apache doesn't do much >L7 | 21:53 |
| david5345 | I dislike apache, I now use lighttpd. It uses up less resouces :) | 21:53 |
| RoyK | but it can call PHP etc, which is on a higher level | 21:54 |
| RoyK | lighty is nice, but Apache works too | 21:54 |
| RoyK | I guess that's just a matter of taste | 21:54 |
| david5345 | I also wrote a apparmor.d profile for my PHP code, I figure that should help me keep things secure | 21:55 |
| david5345 | Actually, I really like apparmor.d now that I understand it. | 21:57 |
| bezao | how do i enable iptables on my vps? i dont have eth0, ifconfig shows me "lo" "venet0" "venet0:0" i tried using venet0 and venet0:0 on iptables, but it doesnt work, it block everything! i'm trying this "iptables -N TRUSTED" and "iptables -A TRUSTED -i venet0 -p tcp -m tcp --dport 22 -j ACCEPT" but it blocks me. | 22:12 |
| === erichammond1 is now known as erichammond | ||
| bezao | how do i enable iptables on my vps? i dont have eth0, ifconfig shows me "lo" "venet0" "venet0:0" i tried using venet0 and venet0:0 on iptables, but it doesnt work, it block everything! i'm trying this "iptables -N TRUSTED" and "iptables -A TRUSTED -i venet0 -p tcp -m tcp --dport 22 -j ACCEPT" but it blocks me. | 22:22 |
| === dendro-afk is now known as dendrobates | ||
| ehw | bezao: a) define "block everything!" do you get an error message? and b) this sounds like an OpenVZ container; have you asked the company you're renting it from about the error? | 22:27 |
| bezao | ehw i cant access it from my home. i can only access by the openvz console at my hosting website to reset iptables, then i can access i again from my home. | 22:29 |
| bezao | i enabled port 22 to ssh, but i cant connect, ping timeout/connection refused | 22:29 |
| bezao | ehw i have an ubuntu vbox at home, that i tested it, but at home i have eth0, which it works the iptables rules! but on the vps, i dont have eth0, so i search on ifconfig and tested the possibilits and got nothing! :/ | 22:32 |
| ehw | bezao: OpenVZ uses a different name for the interfaces. What you might want to check is if your rules ever get to TRUSTED; if you don't have a jump to TRUSTED at the end of e.g. INPUT, then it won't be reached | 22:33 |
| bezao | sorry i did not udnerstood.. let me pastebin the file | 22:35 |
| bezao | please can you check ehw http://pastebin.com/idinWvT4 ? | 22:36 |
| === Guest95250 is now known as ogra | ||
| ehw | bezao: also paste bin the output of iptables-save after you're run the script? | 22:39 |
| bezao | 1min | 22:40 |
| bezao | need to change venet0:0 to venet0 | 22:40 |
| bezao | it was saying it was wrong | 22:40 |
| bezao | ehw http://pastebin.com/K1Mj4Yb6 | 22:41 |
| bezao | after i run, i cant ping anymore my vps ip, and cant connect to ssh, to i go the vps-url and tell it to disable iptables. then i can use ssh and ping again | 22:42 |
| bezao | any ideias ehw ? | 22:46 |
| ehw | have a look, bezao | 22:46 |
| azizLIGHTS | how do i undo the command "adduser dropbox ubuntu" ? | 22:46 |
| ehw | *having* | 22:46 |
| bezao | ok | 22:49 |
| ehw | bezao: if i just run the script, it works fine in a normal vm (using KVM); you can't use aliases like eth0:0 or venet0:0 for interface names, that's for sure | 22:50 |
| bezao | ehw i pasted you before i change, i'm now using venet0 | 22:52 |
| ehw | bezao: it's been a while since I saw openvz in action; doesn't venet0 have an internal address? | 22:53 |
| bezao | ehw venet0 doesnt have an ipv4, venet0:0 has an ipv4 | 22:54 |
| ehw | bezao: can you put venet+ as the interface name and give it a try? | 22:54 |
| bezao | on the iptables file? | 22:55 |
| bezao | sure, let me try | 22:55 |
| ehw | right, after -i in the iptables commands | 22:55 |
| bezao | it works, i have access to ssh but i cant ping, even if i comment the line about ping | 22:57 |
| bezao | comment or uncomment, ping doesnt work. | 22:58 |
| ehw | bezao: might want to check if /proc/sys/net/ipv4/icmp_ech_ignore_all is set to 1; should be 0 if you want to be able to piing | 22:58 |
| bezao | i dont have that file ehw | 22:58 |
| bezao | i think you mean ech = echo | 22:59 |
| bezao | that i have | 22:59 |
| bezao | it's 0. | 22:59 |
| ehw | bezao: sorry yes, that was a type | 22:59 |
| ehw | typo (typing on ipad is hit-or-miss) | 22:59 |
| bezao | hehe, np. | 23:00 |
| bezao | i have 0, it should be able to ping? | 23:00 |
| ehw | bezao: should do normally... | 23:01 |
| bezao | it doesnt, hehe, np ehw iptables works;) thanks dude | 23:02 |
| ehw | bezao: glad at least ssh works :-D | 23:02 |
| bezao | it's everythin that i need :) | 23:03 |
| === dendrobates is now known as dendro-afk | ||
| nzfish | hi chan, anyone using openpanel? | 23:25 |
| === dendro-afk is now known as dendrobates | ||
| erichammond | Is it possible to create an upstart task that only runs after the file system has been mounted and before mysql starts? Or would I have to modify the mysql upstart configuration to tell it to wait for my new task to complete? | 23:52 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!