[03:01] <Tyrone> hello
[03:01] <Tyrone> need help here
[03:04] <Knightlust> what's the problem Tyrone?
[03:05] <Tyrone> can you speak bisaya?
[03:05] <Tyrone> or tagalog only?
[03:06] <Knightlust> not visaya though
[03:06] <Tyrone> i have a problem in my ubuntu
[03:06] <Knightlust> please describe your problem
[03:08] <Tyrone> meron ako ubuntu tapos layout ng internet ko ganina modem ubuntu tapos switch then pc
[03:08] <Tyrone> ang prob is yong pc na naka connect sa switch tapos switch inyo ubuntu ayaw magka internet
[03:09] <Tyrone> i tried everything pero ayaw parin
[03:09] <Knightlust> via ethernet?
[03:10] <Knightlust> naka-setup ba router/modem mo as dhcp? or static ip?
[03:10] <Terminus> hmmm... could be NAT misconfiguration, dhcp, or dns.
[03:10] <Knightlust> anong modem? from pldt ba?
[03:11] <Tyrone> opo
[03:11] <Tyrone> zyzel
[03:11] <Tyrone> zyxel
[03:11] <Knightlust> the same one that i have, pero i don't think it supports dhcp by default, i have to use a router
[03:12] <Knightlust> unless you hack it, are you sure na switch gamit mo? hindi router?
[03:12] <Tyrone> pero yong ubuntu ko meron internet
[03:12] <Tyrone> switch po
[03:12] <Tyrone> modem router na daw kasi tong modem ng pldt
[03:13] <Knightlust> yeah, pero supports only one connection at a time
[03:13] <Knightlust> it can't handle multiple connection without a switch
[03:13] <Knightlust> wait
[03:13] <Knightlust> so ung setup mo ganito: internet->modem->switch->ubuntu
[03:13] <Tyrone> nope internet modem ubuntu switch
[03:13] <Knightlust> *it can't handle multiple connection without a switch
[03:14] <Knightlust> *it can't handle multiple connection without a router
[03:14] <Knightlust> arrrgghhh
[03:14] <Tyrone> ganun ba
[03:14] <Knightlust> ok, so kelangan mo lang ng routing application
[03:15] <Knightlust> so ung ubuntu mo na ang magiging router where other pcs would connect via switch? right?
[03:15] <Tyrone> paano yon?
[03:16] <Tyrone> opoh
[03:16] <Knightlust> if that's the case, then try installing firestarter or guidedog
[03:16] <Knightlust> it'll handle your nat requirements
[03:16] <Knightlust> http://www.fs-security.com/docs/connection-sharing.php
[03:17] <Knightlust> http://www.simonzone.com/software/guidedog/manual/
[03:17] <Tyrone> na try ko na po yan ayaw parin eh
[03:17] <Knightlust> na-try mo na firestarter's nat?
[03:17] <Knightlust> Terminus: any ideas?
[03:18] <Knightlust> i don't have firestarter or guidedog installed, so i can't walk you through
[03:19] <Terminus> Knightlust: no easy ideas. i'd just throw iptables inside rc.local, configure dhcpd and named. and switch on ip forwarding. =)
[03:20] <Knightlust> but it might be overkill for Tyrone 
[03:20] <Tyrone> i try ip forwarding ayaw eh
[03:20] <Terminus> Knightlust: that's why i said no easy ideas. =)
[03:20] <Knightlust> firestarter's the easiest i've tried back then, 3yrs to be exact
[03:20] <Knightlust> Tyrone: try mo muna basic setup ng firestarter
[03:21] <Knightlust> it should connect
[03:21] <Terminus> Knightlust: the first question would be, is the modem a zyxel p-600? is configured as a bridge or nat? you might end up with a double nat.
[03:21] <Tyrone> yes zyxel p600
[03:21] <Knightlust> my p-600's configured by default as bridged
[03:22] <Knightlust> we need to hack it to enable nat, which pldt doesn't support
[03:22] <Terminus> the zyxel p-600 can also be configured as a router (not nat) but i wouldn't expect that on a home connection.
[03:22] <Terminus> IIRC, the password for the zyxel is just 1234. XD
[03:22] <Tyrone> p660
[03:23] <Knightlust> Tyrone: ung pcs mo na naka-connect sa switch, configured ba to connect via dhcp? can it ping the ubuntu machine?
[03:23] <Tyrone> i can access the pldt 
[03:23] <Tyrone> static po
[03:23] <Tyrone> internet cafe kasi to
[03:24] <Terminus> ah... so it has a static IP address. does it require PPPoE authentication or not?
[03:25] <Knightlust> heh, this conversation's reminiscent of my at&t call center days
[03:25] <Terminus> ROFL
[03:25] <Tyrone> in my general in wan
[03:25] <Tyrone> name internet
[03:25] <Tyrone> mode routing
[03:25] <Knightlust> Tyrone: ok, so it can ping the pldt box? then it's configured as a router
[03:25] <Tyrone> encapsulation ppoe
[03:25] <Knightlust> kasi kung naka-bridge yung pldt modem mo, hindi mo dapat mapi-ping yan e
[03:26] <Tyrone> tapos in nat setup naman
[03:26] <Terminus> yep. business dsl still use pppoe auth i think. we definitely use it here.
[03:26] <Tyrone> naka active network address translation tapos SUA only
[03:27] <Terminus> Knightlust: manually configuring the ip address while in bridge mode will allow you to access the CPE. =)
[03:27] <Terminus> yep. you'll end up with a double NAT if you use the linux box for NAT as well. not really the best thing to do.
[03:27] <Knightlust> yeah, but won't xyzel automaticall revert to router-mode once you ping(ed) it?
[03:28] <Terminus> Knightlust: nope. i've used it to fool around with the modems at home and here at the office. =)
[03:28] <Tyrone> any luck than i can use the ubuntu ?
[03:28] <Tyrone> by the way
[03:28] <Terminus> PLDT didn't leave me the PL number and password so DOM inspection to the rescue! XD
[03:29] <Tyrone> i want to ubuntu to ack as a squid proxy server
[03:29] <Knightlust> heh, good ol' google did it for me. but i did void the warranty
[03:29] <Knightlust> Tyrone: if you remove the ubuntu machine, can the other clients connect to the internet then?
[03:30] <Tyrone> yes
[03:30] <Knightlust> ok, so router-mode nga sya
[03:30] <Knightlust> then you'll need to read up on iptables
[03:30] <Tyrone> :(
[03:30] <Tyrone> nose bleed na ako sa ip table na yan
[03:30] <Tyrone> hahahahaha
[03:30] <Terminus> Tyrone: there is, but the configuration may be more complex. worst case scenario, you'll have to configure pass-through pppoe and have the linux box do the dialup.
[03:30] <Knightlust> if so, then why would you need a proxy server?
[03:31] <Knightlust> exactly, it'll be easier that way
[03:31] <Knightlust> or, are you trying to instead setup dansguardian?
[03:31] <Tyrone> because here in our internet cafe the online games will lag if somebody use youtube
[03:31] <Tyrone> nope
[03:32] <Knightlust> i see
[03:32] <Tyrone> i have just install squid
[03:33] <Tyrone> matanong ko lang pwd naba install teamviewer dito sa ubuntu 10.10?
[03:33] <Knightlust> have you tried guidedog? it may be more effective than firestarter
[03:33] <Tyrone> papaacess ko sana sainyo to check if the setup is right
[03:33] <Knightlust> afaik, there's a teamviewer client for ubuntu
[03:33] <Knightlust> can't at the moment, am currently at work
[03:34] <Knightlust> but if you setup the ubuntu box for ip passthru, would squid work?
[03:35] <Tyrone> yes
[03:36] <Knightlust> that's beyond me right now. i'll be at home by 6PM, i'll try guidedog or firestarter later
[03:36] <Tyrone> your from manila?
[03:37] <Knightlust> baguio
[03:37] <Tyrone> ahh cool
[03:37] <Tyrone> dati ako sa olongapo city
[03:37] <Tyrone> pero dito na ako sa cagayan de oro
[03:37] <Knightlust> nice. so, how's the weather? 
[03:38] <Knightlust> hot, i assume
[03:38] <Tyrone> cloudy
[03:38] <Tyrone> not that hot..\
[03:38] <Tyrone> Knightlust:  by the way in my eth0 gawin ko ba dhcp? tapos yong eth 1 naka static tama po ba?
[03:39] <Terminus> good bandwidth control is typically a very complicated thing.
[03:39] <Knightlust> only if eth0 is the one that's connected to the modem
[03:40] <Tyrone> yes eth0 is connected to it
[03:41] <Knightlust> can the clients ping the ubuntu box?
[03:41] <Tyrone> no
[03:41] <Knightlust> ok, have you tried checking the their netmasks?
[03:42] <Knightlust> or subnet, or whatever term windows uses these days
[03:43] <Tyrone> ang ginawa kong ip ng eth1 is 192.168.1.34 sub 255.255.255.0 gateway wala..
[03:43] <Knightlust> that may be the problem you have
[03:43] <Knightlust> ok, anong subnet ng clients mo? i would assume it's the same thing
[03:43] <Knightlust> er... any firewall installed on your ubuntu box?
[03:44] <Knightlust> another question, can the clients ping other clients
[03:45] <Knightlust> also, can the clients ping the pldt modem *with* the ubuntu box connected between the modem and the switch
[03:45] <Tyrone> not
[03:45] <Tyrone> no
[03:45] <Tyrone> they cant
[03:45] <Tyrone> the client ip add is 192.168.1.100
[03:46] <Knightlust> can the clients ping each other?
[03:46] <Tyrone> hndi ko pa na try
[03:47] <Tyrone> isang pc palang kasi ni try ko kinabit eh
[03:47] <Knightlust> i see, nvm then
[03:47] <Knightlust> wait, lemme think this through
[03:47] <Tyrone> :)
[03:47] <Tyrone> sorry for disturbing you
[03:48] <Knightlust> np, still compiling anyway
[03:49] <Knightlust> ok, let's try basic troubleshooting
[03:50] <Knightlust> if only we could get the client to ping the ubuntu box
[03:50] <Knightlust> then methinks we'll be halfway through setting up your proxy server
[03:51] <Knightlust> but i see no reason not to be able to ping the ubuntu box, since it doesn't block icmp packets by default
[03:53] <Terminus> Knightlust: you're doing C++ dev?
[03:53] <Knightlust> Terminus: c++, php, java, python
[03:53] <Knightlust> but at the moment, i'm compiling mariadb
[03:54] <Knightlust> Tyrone: can you post the output of ifconfig -a
[03:54] <Knightlust> also netstat -rn
[03:54] <Knightlust> Tyrone: er.. use pastebin pala
[03:57] <Tyrone> Knightlust:  can you use teamviewer to access my ubuntu?
[03:58] <Knightlust> i can, but not at the moment, i'm still at work
[03:58] <Tyrone> ah kk
[03:58] <Terminus> Knightlust: ah... was wondering why you were compiling. =)
[03:58] <Tyrone> anong oras pwd?
[03:59] <Knightlust> 6pm
[03:59] <Knightlust> more or less, depending on my workload
[03:59] <Knightlust> pero at the moment, i don't think it's an ubuntu config problem
[04:00] <Knightlust> more like misconfigured settings
[04:00] <Tyrone> maybe
[04:00] <Tyrone> walang prob sa ubuntu
[04:01] <Knightlust> Tyrone: if you use eth1 to connect to the modem and internet via dhcp, can it connect?
[04:01] <Tyrone> sa settings lang ata to para ma access ng ibang pc yong internet
[04:01] <Tyrone> yes
[04:01] <Knightlust> ok, did you use network manager to setup the static ip address?
[04:02] <Tyrone> yes
[04:02] <Knightlust> wait, i think there's a setting in nm that you need to check
[04:03] <Tyrone> ok
[04:03] <Knightlust> open it up, go to the ipv4 settings tab, click on the routes button
[04:04] <Knightlust> and then there's one little checkbox option at the bottom, forgot what it's called
[04:04] <Knightlust> google images fails me
[04:05] <Tyrone> ok wait
[04:05] <Tyrone> il turn my ubuntu
[04:05] <Knightlust> ayun, check the "use this connection for resources on its network"
[04:05] <Tyrone> kk im using my laptop
[04:05] <Knightlust> http://img259.imageshack.us/i/screenshoteditingipv4ro.png/sr=1
[04:06] <Knightlust> then try pinging the ubuntu box one more time
[04:06] <Knightlust> kung talagang ayaw, i'm out of ideas na
[04:08] <Tyrone> kk access mo lang mamaya ubuntu ko try ko install teamviewer para makita mo setup ng network interfaces ko
[04:09] <Knightlust> ok
[04:09] <Knightlust> see you later then, late na pala ako sa meeting
[04:09] <Knightlust> later guys
[04:11] <Tyrone> kk thanks
[04:13] <Tyrone> Terminus: youthere?
[04:24] <Terminus> Tyrone: yes?
[04:25] <Tyrone> my modem router mode is routing not bridge
[04:26] <Terminus> Tyrone: yep. i got that earlier. your configuration may require reconfiguring the modem as well.
[04:27] <Tyrone> ah ok
[06:48] <Tyrone> hllo
[07:32] <Tyrone> hello
[09:29] <Tyrone> Knightlust: you there?
[10:01] <zakame> hola
[10:02] <zakame> I wonder if natty is good for NAT :P
[10:04] <rstacruz> why wouldnt it be?
[10:04] <Tyrone> hello zakame 
[10:04] <Tyrone> thanks god your here
[10:04] <Tyrone> :)
[10:05] <Tyrone> sir pa help naman
[10:05] <zakame> hehe yeah it would be bad for natty if it couldn't do nat
[10:05] <zakame> sure what's the prob?
[10:05] <Tyrone> meron ksi ako ubuntu 10.10
[10:06] <Tyrone> tapos setupko internet modem ubuntu switch then pc
[10:06] <Tyrone> kasu yong pc ayaw maka internet yong ubuntu lang
[10:07] <zakame> ubuntu as a switch? is the ubuntu a desktop or laptop?
[10:08] <Tyrone> desktop
[10:08] <Tyrone> intel board xeon proc
[10:08] <Tyrone> gagawin ko kasi sana proxy server
[10:08] <Tyrone> dito sa cafe namin
[10:08] <zakame> ahh
[10:08] <Tyrone> para yong mag youtube hndi mag lag online games
[10:09] <Tyrone> pwd po kita ma private chat?
[10:09] <zakame> looks like you want to do a network gateway
[10:09] <zakame> not just a switch
[10:09] <Tyrone> parang ganun na po
[10:09] <Tyrone> kasu nose bleed na ako eh
[10:10] <zakame> and maybe some traffic shaping too
[10:10] <Tyrone> sir gusto mo po ma kita meron teamviewr ako
[10:10] <zakame> pwede but I'm on mobile lol
[10:11] <Tyrone> hndi pala pwd ma install teamviewr sa ubuntu
[10:11] <Tyrone> :(
[10:11] <Tyrone> ganun po ba..
[10:11] <zakame> no as in I'm on IRC via my phone hehe
[10:11] <zakame> I could give you a few pointers though
[10:11] <Tyrone> meron thn nag sabi sakin na maganda daw traffic shaping..
[10:12] <Tyrone> ahh kk.. cgi2 il try
[10:12] <zakame> the first thing you have to make sure is that your ubuntu box is ready to do IP forwarding
[10:13] <Tyrone> how to know if its ready sir?
[10:13] <zakame> so you have to see that in /etc/sysctl.conf there's a line
[10:13] <zakame> net.ipv4.ip_forward=1
[10:14] <zakame> alternatively you can check on a root prompt
[10:14] <zakame> e.g. sudo sysctl net.ipv4.ip_forward
[10:14] <zakame> it has to be set to 1
[10:14] <zakame> so your ubuntu box can forward packets between interface
[10:15] <Tyrone> 0 po lumabas sir
[10:15] <Tyrone> (zero)
[10:16] <zakame> that means your box doesn't forward yet
[10:16] <Tyrone> how can i make it 1 sir?
[10:16] <Tyrone> sorry im new in ubuntu...
[10:16] <zakame> set it via sudo sysctl net.ipv4.ip_forward=1
[10:17] <Tyrone> done sir
[10:17] <zakame> check it again
[10:17] <Tyrone> its now 1 sir
[10:17] <zakame> cool
[10:18] <zakame> edit /etc/sysctl.conf to have that line (I think it is there already, just commented out)
[10:18] <zakame> so you don't lose that setting across reboots
[10:19] <Tyrone> its set to 1 sir
[10:19] <zakame> cool
[10:19] <Tyrone> nabuksan ko na conf 
[10:20] <zakame> then next up is setting up iptables
[10:20] <Tyrone> :(
[10:20] <Tyrone> nose bleed ako jan..
[10:20] <Tyrone> il just do my best...
[10:20] <Tyrone> ano next sir
[10:20] <zakame> iptables by itself is hard, but there's a bunch of packages in debian/ubuntu that ease it somewhat
[10:20] <zakame> what we use in the office here for example is shorewall
[10:21] <Tyrone> ?
[10:21] <Tyrone> pwd yan rin gamitin ko
[10:21] <Tyrone> o hndi pwd?
[10:21] <zakame> yeah you can use that, there's a package
[10:21] <Tyrone> what's the command sir to install it?
[10:22] <zakame> apt-get that, and in a little while you should have a simple shorewall running
[10:22] <zakame> apt-get install shorewall
[10:22] <Tyrone> by the way sir meron na pala na install na squid nito
[10:22] <Tyrone> ok lang ba?
[10:23] <zakame> no prob
[10:23] <Tyrone> done installing
[10:24] <zakame> cool
[10:24] <zakame> now here's a quickstart guide to set up a two-interface firewall doing forwarding from the modem to your lan: http://shorewall.net/two-interface.htm
[10:25] <zakame> I suggest you read it thoroughly first, then try it on the ubuntu box
[10:25] <zakame> you probably need to to set up dhcpd and a dns server later on that same machine as well
[10:26] <Tyrone> wew
[10:26] <zakame> so your client pc boxes can get IP addresses and resolve remote domains
[10:26] <Tyrone> nose bleed nanaman ako nito
[10:26] <Tyrone> hehehe
[10:26] <zakame> hehe
[10:26] <Tyrone> naka static ip mga pc dito sir
[10:26] <zakame> ah no need for dhcpd then
[10:27] <Tyrone> like from pc 1 to 15 ip nila 192.168.1.101 then 192.168.1.102
[10:27] <zakame> ah
[10:27] <Tyrone> yan naka setup sakanila sir
[10:27] <zakame> looks like a 192.168.1/24 subnet
[10:27] <Tyrone> prang ganun sir
[10:27] <zakame> you'll need that info once you set the masq
[10:29] <Tyrone> sir kailangan ko ba type lahat andun sa site na binigay mo?
[10:31] <zakame> not really, like i said, read throughly and find what's really needed :)
[10:31] <Tyrone> ok
[10:31] <Tyrone> thank you..
[10:32] <zakame> most important is that you set the /etc/shorewall/{zones,policy,masq}
[10:34] <Tyrone> kk il look for that
[10:35] <Tyrone> sir in eth0 wher the internet connected kailangan ba naka dhcp? then yong eth1 static?
[10:38] <zakame> yeah
[10:39] <Tyrone> ok
[10:40] <Tyrone> sir yong setup pala ng pldt modem is routing tapos pppoe
[10:42] <zakame> oh
[10:43] <zakame> I think you'llneed to replace eth0 then to use pppoe
[10:43] <zakame> if that in another interface
[10:43] <zakame> what does ifconfig -a say?
[10:44] <Tyrone> sir marami naka sulat eh
[10:44] <Tyrone> meron eth0 and eth1 
[10:46] <Tyrone> ano po kailangan nyo makita sir para yon nalang lagay ko dito
[11:23] <Tyrone> wew
[11:23] <Tyrone> ayaw parin
[11:23] <Tyrone> hahahaha
[13:12] <Tyrone> hello
[16:38] <Tyrone> weEeeeEe love ubuntu hehee