| fredrik2 | Hi! I can't get Postfix with Dovecot SASL working correctly. | 00:34 |
|---|---|---|
| fredrik2 | I followed the server guide, but with no sucess. | 00:34 |
| fredrik2 | When i telnet host 25. I'm not seeing the AUTH option | 00:35 |
| fredrik2 | I've restarted postfix, dovecot & sasauthd & even reinstalled everything | 00:35 |
| fredrik2 | Started postfix in -v mode. Checked logs. | 00:35 |
| fredrik2 | Don't know what do next. Anyone ? | 00:35 |
| Daviey | hallyn: thanks, now have a good weekend :) | 00:47 |
| excalibr | Is there a way to sync packages/configs across multiple servers? | 04:26 |
| escott | !clone | excalibr | 04:30 |
| ubottu | excalibr: To replicate your packages selection on another machine (or restore it if re-installing), you can type « aptitude --display-format '%p' search '?installed!?automatic' > ~/my-packages », move the file "my-packages" to the other machine, and there type « sudo xargs aptitude --schedule-only install < my-packages ; sudo aptitude install » (this currently may cause problems with multiarch) - See also !automate | 04:30 |
| === Lcawte|Away is now known as Lcawte | ||
| === chu_ is now known as chu | ||
| === Lcawte is now known as Lcawte|Away | ||
| trimeta | Does ubuntu-zfs install anything to help me perform a weekly scrub of the zpool? There seem to be mentions of cronjobs in the changelog, but I have nothing in /etc/cron.*. | 07:27 |
| trimeta | Oddly enough, my version of zfsutils is 0.6.0.65-0ubuntu1~precise1, despite the latest version online being 8.3~svn226546-6...maybe this is related to the problem. | 07:56 |
| trimeta | Oh, that's just for kfreebsd. | 07:57 |
| halvors | May somone help me with my iptables setup? | 12:23 |
| halvors | iptables -P INPUT DROP | 12:23 |
| halvors | iptables -P OUTPUT DROP | 12:23 |
| halvors | iptables -P FORWARD DROP | 12:23 |
| halvors | iptables -A INPUT -i lo -j ACCEPT | 12:23 |
| halvors | (13:42:34) halvors: iptables -A OUTPUT -o lo -j ACCEPT | 12:23 |
| halvors | (13:42:36) halvors: iptables -A INPUT -i eth0 -j ACCEPT | 12:23 |
| halvors | (13:42:36) halvors: iptables -A OUTPUT -o eth0 -j ACCEPT | 12:23 |
| halvors | (13:43:28) halvors: iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE | 12:23 |
| halvors | (13:42:34) halvors: iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT | 12:23 |
| halvors | My current config- | 12:23 |
| Cromulent | use a pastebin... | 12:24 |
| remix_tj | halvors: what's the problem? | 12:25 |
| halvors | Well, my LAN hosts can't access the internet | 12:33 |
| halvors | The best way is to DROP anything and allow what i want, right? | 12:35 |
| halvors | remix_tj: You there? :) | 12:37 |
| remix_tj | yes | 12:38 |
| remix_tj | uhm | 12:38 |
| remix_tj | i think it's correct. Where are your lan devices connected? | 12:38 |
| halvors | on eth0 | 12:39 |
| halvors | And eth1 is WAN :) | 12:40 |
| halvors | remix_tj: Did you get that? I forgot to mention your nick :( | 12:44 |
| remix_tj | with this config | 12:44 |
| remix_tj | you can't go to the internet because incoming packets are dropped, so you're not able to open tcp connections | 12:45 |
| remix_tj | maybe you should add something like | 12:45 |
| remix_tj | iptables -A FORWARD -p tcp -m state --state RELATED, ESTABLISHED -j ACCEPT | 12:45 |
| remix_tj | and | 12:46 |
| remix_tj | you should insert something allowing icmp echo reply halvors | 12:47 |
| remix_tj | without that rule clients cannot get ping response | 12:47 |
| halvors | client can't get ping response from the Ubuntu Box or? | 12:48 |
| remix_tj | from host in the internet | 12:49 |
| halvors | Shouldn't i do something like: iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED, ESTABLISHED -j ACCEPT | 12:49 |
| halvors | You mean for remote hosts to be able to ping the Ubuntu box? | 12:49 |
| remix_tj | you should explicitely specify -p tcp | 12:50 |
| remix_tj | (afaik) | 12:50 |
| remix_tj | for icm reply i mean your LAN hosts cannot ping outside machines | 12:51 |
| remix_tj | *icmp | 12:51 |
| halvors | Why should i specify tcp? | 12:52 |
| halvors | With that i allow TCP, UDP and ICMP, right? | 12:53 |
| halvors | iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED, ESTABLISHED -j ACCEPT | 12:53 |
| remix_tj | -p tcp | 12:54 |
| halvors | Why? | 12:54 |
| halvors | Shouldn't i be able to use UDP and ICMP? | 12:55 |
| remix_tj | halvors: maybe do not work, i no not remember if iptables has a conntrack method for icmp and udp | 12:55 |
| remix_tj | *do not | 12:55 |
| halvors | hmm. | 12:55 |
| halvors | So you mean that this command won't work? | 12:56 |
| halvors | 148.122.169.23 | 12:56 |
| halvors | Obs | 12:56 |
| halvors | iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED, ESTABLISHED -j ACCEPT | 12:56 |
| halvors | That should be routing tcp... | 12:56 |
| remix_tj | halvors: try | 12:57 |
| remix_tj | if does not work you'll get an iptables error message | 12:57 |
| halvors | Ok. | 12:57 |
| halvors | Thanks you. | 12:57 |
| halvors | Maybe i'll loose connectivity now when trying this out. | 12:58 |
| halvors | remix_tj: When using the command "iptables -A FORWARD -p tcp -m state --state RELATED, ESTABLISHED -j ACCEPT" how gain udp and icmp too? | 13:07 |
| remix_tj | uhm | 13:07 |
| remix_tj | this depends on conntrack of the operating sistem, i do not know if there is something for conntracking udp and icmp, since they are stateless | 13:08 |
| RoyK | halvors: afaik there is no real conntrack for udp and icmp, since those are stateless protocols | 13:57 |
| === m_3_ is now known as m_3-backstage | ||
| === PreciseOne is now known as IdleOne | ||
| jkyle | anyone have a reference for installing juju on osx? | 15:57 |
| jkyle | zookeeper keeps failing for me, figure others would have to solve that too | 15:58 |
| halvors | I get an error with isc-dhcp-server, this is the error i'm getting: | 16:34 |
| halvors | Jun 23 18:32:50 skymia-server dhcpd: /etc/dhcp/dhcpd.conf line 129: subnet 192.168.50.1 netmask 255.255.255.0: bad subnet number/mask combination. | 16:34 |
| halvors | Jun 23 18:32:50 skymia-server dhcpd: subnet 192.168.50.1 netmask 255.255.255.0 | 16:34 |
| halvors | Jun 23 18:32:50 skymia-server dhcpd: ^ | 16:34 |
| halvors | Why? | 16:34 |
| halvors | Isn't that right? | 16:34 |
| halvors | When i does: | 16:38 |
| halvors | "service isc-dhcp-server restart" get the error message, "Unknown instance"... | 16:39 |
| TheLordOfTime | have you heard of patience before? | 16:39 |
| TheLordOfTime | !Patience | 16:39 |
| ubottu | Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/ | 16:39 |
| TheLordOfTime | sometimes it takes a bit to get an answer | 16:39 |
| TheLordOfTime | just an FYI | 16:39 |
| * TheLordOfTime thinks you've got more than one issue going on though | 16:40 | |
| halvors | Sorry, but i'm in a bit if a hurry here. | 16:40 |
| halvors | Is there any way to restore the startup script to default? Also the one from the dhcp3-server package. | 16:41 |
| RoyK | halvors: I guess perhaps a bad character at the end | 16:42 |
| RoyK | or perhaps a missing semicolon | 16:43 |
| === Lcawte|Away is now known as Lcawte | ||
| jkyle | wow, that was quite the drive by question. | 16:47 |
| jkyle | off hand, 192.168.50.1 isn't a subnet | 16:47 |
| jkyle | halvors: 192.168.50.1 isn't a subnet, pastebin your conf though | 16:49 |
| halvors1 | Solved it, thanks for help :D | 17:02 |
| RoyK | halvors1: network problems? ;) | 17:02 |
| halvors1 | Yrah. | 17:04 |
| halvors1 | Yeah. | 17:04 |
| jkyle | Daviey: ping | 17:43 |
| === erichammond1 is now known as erichammond | ||
| axisys | a pci compliance require adding some awareness if someone delete a log file.. what is the least amount of work to acheive that with a security pkg may be? | 19:27 |
| axisys | we are sending the log file to splunk and arcsight.. but there might be another way to achieve locally.. bsm audit looks not verbose and open-audit does seems only look at hardware | 19:28 |
| axisys | s/not verbose/too verbose/ | 19:29 |
| axisys | did not see much discussion in https://help.ubuntu.com/12.04/serverguide/security.html | 19:29 |
| axisys | AppArmor profile does not look to be least amount of work.. | 19:30 |
| Skaag | trying to rescue a crashed system, that had software raid | 19:58 |
| Skaag | I believe raid5 on /dev/sda2, /dev/sdb2 and /dev/sdc2 | 19:58 |
| Skaag | I'm now in "rescue mode" and I have no idea how to assemble them back | 19:59 |
| === LordOfTime is now known as TheLordOfTime | ||
| axisys | Skaag: you could boot from a live cd and fix it that way as a easier route | 20:03 |
| Skaag | I'm already in the shell, trying to use mdadm... | 20:03 |
| axisys | cat /proc/mdstat ? | 20:03 |
| axisys | oops.. i have to run.. | 20:04 |
| Skaag | it shows me md127 with sda2 and sdc2 but not sdb2 | 20:04 |
| Skaag | and md0 with sdc1 which is the /boot partition I believe | 20:04 |
| Skaag | is the order important? | 20:07 |
| Skaag | right now I have sdb2, sda2, sdc2 but i'm not sure that's the original order of physical devices in the array | 20:09 |
| qman__ | the order is irrelevant | 20:15 |
| qman__ | it can assemble in any order, the metadata says what's where | 20:15 |
| Skaag | ok cool | 20:15 |
| Skaag | so /proc/mdstat now says it's rebuilding | 20:15 |
| Skaag | but I'm failing to mount it | 20:16 |
| Skaag | despite having an active raid5 device | 20:16 |
| Skaag | maybe now there's lvm on top..? | 20:16 |
| qman__ | possibly | 20:16 |
| Skaag | i'm lost. | 20:17 |
| Skaag | how do I know what type of volume is on /dev/md127 … ? | 20:18 |
| qman__ | you can fdisk -l | 20:18 |
| qman__ | actually not | 20:19 |
| qman__ | trying to remember what the right thing is | 20:19 |
| Skaag | all frisk says is about the physical devices, they are all Linux raid autodetect | 20:20 |
| Skaag | fdisk | 20:20 |
| Skaag | damn autocorrect... | 20:20 |
| D3lirious | Good day, or evening .. how is everyone Im good my self lol | 21:14 |
| TheLordOfTime | SpamapS: i hope you're around | 21:15 |
| D3lirious | chatty group aint ya lol | 21:17 |
| TheLordOfTime | patience | 21:22 |
| TheLordOfTime | :P | 21:22 |
| qman__ | well, this is a support channel; if you have a question, !ask it | 21:23 |
| Daviey | jkyle: hey | 21:23 |
| qman__ | if you're just looking to chat, I think it's #ubuntu-social | 21:23 |
| TheLordOfTime | qman__: isnt it -offtopic? | 21:23 |
| qman__ | probably | 21:23 |
| Daviey | jkyle: How are you doing? | 21:24 |
| === Lcawte is now known as Lcawte|Away | ||
| iSIEMENS | Hello! | 23:42 |
| Yankees52 | !ops | 23:54 |
| ubottu | Help! Channel emergency! soren, lamont, mathiaz, Pici, Daviey, Tm_T or pmatulis | 23:54 |
| Yankees52 | ban me | 23:54 |
| IdleOne | Yankees52: why do you keep doing this? | 23:54 |
| Yankees52 | i am drunk right now ban me! | 23:55 |
| IdleOne | so what was your excuse for this morning? | 23:55 |
| Yankees52 | hangover | 23:55 |
| IdleOne | I wonder if there is something more productive you could do with your time | 23:56 |
| Yankees52 | drink booze! | 23:56 |
| IdleOne | I mean you seem like a half intelligent person. | 23:56 |
| Yankees52 | ban me! | 23:56 |
| Yankees52 | vodka babty | 23:56 |
| Yankees52 | baby | 23:56 |
| qman__ | not to fuel a fire, but high intelligence tends to lead to substance abuse rather than away from it | 23:57 |
| patdk-lap | thought it leads to bordom | 23:57 |
| patdk-lap | and then various other bad activities, like virus making | 23:58 |
| patdk-lap | spam emails | 23:58 |
| patdk-lap | ... | 23:58 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!