/srv/irclogs.ubuntu.com/2013/11/26/#ubuntu-server.txt

=== Jikan is now known as Jikai
=== Jikai is now known as Jikan
=== freeflying_away is now known as freeflying
=== Jikan is now known as Jikai
Beatstreethttp://i39.tinypic.com/71jlu0.jpg01:33
Beatstreetduring install I keep getting an error during partioning01:33
=== freeflying is now known as freeflying_away
babinlonstonHi , all  I ahve Fijutsu Primergy MX130 S2 Micro Server , I want to install Ubuntu 12.04 server edition in it and Need to Install Guest operating systems in it , is it possible to manage graphically if i install KVM in it ?04:27
=== freeflying_away is now known as freeflying
=== philipballew is now known as philip
eagles0513875_hey guys06:27
eagles0513875_i am on 12.04 on my servers and i am getting the following apache error [Tue Nov 26 06:13:19 2013] [error] Init: Multiple RSA server certificates not allowed06:28
eagles0513875_this only started yesterday. thing is i only have one certificate from a CA and the other is self signed could that be causing the issue?06:28
syriaHi , How can I configure ubuntu server 10.04 LTS to autostart VMs please?09:14
syriaHi , How can I configure ubuntu server 10.04 LTS to autostart VMs please?09:36
kwootThis is dryving me nuts. I am a newbie to vmbuilder but everytime I get an error: Failure trying to run: chroot /tmp/tmpJtt3HY mount -t proc proc /proc. What am I missing here?10:12
=== freeflying is now known as freeflying_away
kwootMy commandline says: sudo vmbuilder kvm ubuntu \10:16
kwoot                  --verbose \10:16
kwoot                  --suite precise \10:16
kwoot                  --flavour virtual \10:16
kwoot                  --hostname testvm1204 \10:16
kwoot                  --mem 1024 \10:16
kwoot                  --user jeroen \10:16
kwoot                  --pass iwdi2hw \10:16
kwoot                  --mirror http://nl.archive.ubuntu.com/ubuntu/  \10:16
kwoot                  --iso /md0/home/jeroen/Downloads/ubuntu-12.04-desktop-amd64.iso     \10:16
kwoot                  --timezone CET \10:16
kwoot                  --addpkg acpid \10:16
kwoot                  --addpkg vim \10:16
kwoot                  --addpkg openssh-server \10:16
Roryyeah kwoot don't do that10:27
Rory!paste10:28
ubottuFor posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.10:28
Raboopatdk-wk yes, you where correct root_squash10:33
=== freeflying_away is now known as freeflying
=== Guest46324 is now known as med_
=== med_ is now known as medberry
=== gary_poster|away is now known as gary_poster
kwootSorry about that. Will do next time. But, a hint as to why this does not work would still be appreciated.13:49
=== Ursinha-afk is now known as Ursinha
kwootOk. So specifying an ISO image is the source of the mahem. Right.13:54
=== derrik_ is now known as derrik
zulroaksoax:  ping14:22
roaksoaxzul pong14:23
zulroaksoax:  can you do a quick review for me?14:23
roaksoaxyup14:23
zulhttps://code.launchpad.net/~zulcss/python-heatclient/icehouse-ftbfs/+merge/19672214:23
jamespagezul, nice work on getting the icehouse builds up and running14:33
jamespageI see lots of blue now!14:33
zuljamespage:  no worries...nova is still stumping me though14:33
=== mjohnson15_2 is now known as mjohnson15
bluekinghello15:39
* genii slides blueking a mug of coffee15:40
bluekingthinking about to use ubuntu-server on my new box that should be used as router + some server stuff15:40
bluekingdoes ubuntu support latest intel hardware on nic side ?15:41
bluekingI210AT I350 and so on ?15:41
* blueking havn't tasted coffee for 30 years15:42
* blueking blinks at genii 15:42
geniiblueking: It's just my custom to be the maker or bringer of virtual coffee :)15:42
bluekingdoesn't sound delicious :P15:43
bluekingI am thinking on skip sphirewall/debian due it seems impossibly to get NAT to work :/15:43
bluekingso thinking about  ubuntu server15:44
geniiblueking: The page at https://downloadcenter.intel.com/Detail_Desc.aspx?DwnldID=13663 leads me to believe that Linux drivers are available for the I35015:45
genii( and the igb driver referenced there is present on my system here which is 13.10 )15:46
bluekingon sphirewall/debian I had to make install of driver myself.. had to put in pci-e ethernet card to get os installed  then  install driver for onboard nic     and not sure if that caused some problem with routing  setup15:46
bluekinggenii:  looks good15:47
bluekingI need extra stuff to turn ubuntu server  into router box ?15:48
bluekingmaybe thinking about BGP  and quagga  but might be overkill for  local network at home/house15:49
blueking*twiddles thumbs*15:52
bluekinggenii:  what u think about using ubuntu server as router ?15:53
bluekinggenii  and I might have some extra stuff on it like rtorrent/rutorrent  samba15:54
geniiblueking: I would probably instead have a dedicated appliance running OpemWRT, myself15:54
bluekinggenii:  on pc hardware ?15:54
bluekinggenii: http://www.supermicro.nl/products/motherboard/Xeon/C220/X10SLM_-F.cfm15:54
bluekingintel xeon E3 1230L15:54
bluekingand 16GB ecc udimm15:55
bluekinggenii:   that hardware ar bought for beeing used as router15:55
geniiblueking: Well, if that's what it's purpose is supposed to be from the start, and it's also going to run additional services, then Ubuntu Server is not a bad choice.15:57
bluekingok :)15:58
geniiApologies on lag, work requires me to often be away from my computer.15:58
bluekingnods  not in hurry15:58
bluekingbecame father last wednesday :)15:59
bluekingbeeing home from work 2 weeks after birth15:59
geniiblueking: So you need also a small side project like this to keep you busy? ;)16:00
bluekinggenii:  have been trying to finish this project for more than a week but seems sphirewall/debian wasn't solution  :/16:02
bluekingjust using iptables on ubuntu to setup router/nat ?16:03
bluekingor install some stuff to do nat stuff <?16:03
geniiblueking: There is a somewhat simplified tutorial here: http://www.yourownlinux.com/2013/07/how-to-configure-ubuntu-as-router.html16:05
bluekingseems to be a good one :)16:07
bluekinggenii:  u know abouthing about BGP ?16:08
bluekingborder gateway protocol16:08
patdk-wkonly ebgp v416:10
bluekingpatdk-wk:  was that about  BGP ?16:11
danleyblueking, I don't think you need BGP. how many routers do you have in your local network ?16:31
patdk-wkbgp has nothing to do with how many routers you have16:50
patdk-wkbut I wonder, what exactly will this be talking to on a home network16:51
jamespagezul, hallyn_: I'm trying to resync ipxe as much as possible from Debian16:59
jamespagehow does qemu pickup roms these days?  the ipxe-qemu package currently installs them to /usr/share/qemu16:59
jamespagebut thats not done in debian - everything just gets chucked in /usr/lib/ipxe/qemu17:00
zuljamespage:  hallyn_ was the last one to touch qemu17:00
hallyn_jamespage: ipxe-qemu is depended upon by qemu, that's how qemu gets them...17:07
jamespagehallyn_, yeah - I see the package dependency17:07
hallyn_jamespage: I'm not attached to how it currently is, feel free to change it17:07
jamespagehallyn_, this is what was confusing me - http://paste.ubuntu.com/6479931/17:13
jamespagethe links to lib/ipxe come from qemu-system-x8617:13
hallyn_jamespage: if those didn't include pcnet32 i'd say they were just less commonly used and you just install all of ipxe to get them.17:15
jamespagehallyn_, looking up to Debian17:15
jamespagehttp://anonscm.debian.org/gitweb/?p=pkg-qemu/qemu.git;a=blob;f=debian/qemu-system-x86.links;h=3be443dbd5f1dc4bb73494d261bbbd905b9e9ab8;hb=HEAD17:15
hallyn_jamespage: ok.  haven't merged this month i guess17:18
hallyn_i'm still looking for time to finish looking at the arm64 patches infinity wanted17:18
hallyn_and somebody's bugging us to do our tps reports this week :)17:18
jamespagehallyn_, I'm wondering whether we should put symlinks in /usr/share/qemu from the qemu packages only17:18
jamespagebut for now I'll leave compat links in so we don't break anything17:19
hallyn_jamespage: the ../../lib/ipxe/ns8390.rom link should just be dropped, nothing like it seems to exist in ipxe17:20
hallyn_jamespage: I dno't know.  1.0.0+git-2.149b50-1ubuntu3 is where I reversed the links.  Something broke when I didn't, but that's all I remember.17:24
jamespagehallyn_, yeah - you would have had an install failure17:24
hallyn_jamespage: I would've?17:24
jamespageqemu-system-x86 trying to overwrite files from ipxe-qemu17:25
hallyn_ipxe-qemudidn't yet exist did it?17:25
bluekingdanley:   just one router + two asus wifi routers set in AP mode17:28
bluekingpatdk-wk:   ethernet (fiber modem) - router  -  24 port managed gbit switch17:30
bluekingrouter = linux on pc17:31
patdk-wkso why do you think you need to run any kind of router?17:32
bluekinggave up using asus rt n66u as router  beeing not stable  net dropping out several times a day17:32
patdk-wkyou just need 1 firewall17:32
patdk-wkthose are not routers, those are firewalls17:32
bluekingfirewall + nat17:32
patdk-wkfirewall + nat != router17:33
patdk-wknat is a firewall function17:33
bluekingok17:33
patdk-wkif there was no nat at all, I would be willing to say router17:33
bluekingrouter =  dhcpd server giving IP to each device connected on local net ?17:33
patdk-wkcause it would route17:33
patdk-wkno17:34
patdk-wkcause it's not routing anything, it's replacing17:34
bluekingwhat you recommend me to do ?17:34
patdk-wkyou don't need bgp17:34
patdk-wkyou don't need quagga17:34
bluekingok17:34
patdk-wkyou just need a basic iptables + dhcp + dns17:34
patdk-wkpersonally, I perfer to use shorewall for my firewall/nat config17:35
patdk-wkthen configure a dhcp server17:35
patdk-wkthen optionally a dns server17:35
patdk-wkand your good17:35
bluekingshorewall  are ?17:35
patdk-wkshorewall is a program that manages iptables (firewall, nat, )17:35
bluekingsome guys mentioned that firewall  should be at .. uhm there are diff security levels  if have linux  and then software to ake firewall but then  base of linux are not secured from attack ?17:37
patdk-wkbase of linux?17:37
patdk-wkI thought you where worried about setting up a home network17:37
patdk-wknow your interesting in securing a shell server?17:38
bluekingshould block all  from ethernet all ports open on inside/local net17:38
patdk-wkwell, that isn't very secure17:39
patdk-wkblock all from everything17:39
patdk-wkbetter yet, unplug it, then it's secure17:39
blueking:)17:39
bluekingubuntu server  , shorewall,  dhcp server, dns server is what I need17:40
bluekingfirewall  ?17:41
bluekingubuntu server  , shorewall,  dhcp server, dns server is what I need17:42
bluekingpatdk-wk:  no need for firewall u say or I have to install that too  or are it within ubuntu server ?17:43
patdk-wkdid you bother to read anything I said?17:43
patdk-wkshorewall configures the firewall+nat17:43
bluekingah missed that part :/17:43
bluekingsorry17:43
bluekingI'll give it a try17:44
bluekingwish me good luck :)17:44
=== G4MBY is now known as PaulW2U
zuladam_g:  https://code.launchpad.net/~zulcss/nova/icehouse-ftbfs/+merge/19676318:07
TheLordOfTimeoh god the pebkac... has anyone else here noticed that there's an overabundance of people who use the default document root as configured in a site's config for web servers, rather than more sanely making their own location for their site's doc root?18:08
TheLordOfTimeand then upgrades sometimes cause their code to die because they are using the default location and not a sane separate location?18:08
patdk-wknever noticed :)18:08
patdk-wknever had an upgrade break something like that18:09
patdk-wkbut then, I never let the upgrades overwrite my configs18:09
patdk-wkand I always test the upgrade first18:09
TheLordOfTimepatdk-wk, apparently nginx 1.1.19 has done this, i'm testing 1.4.418:09
TheLordOfTimepatdk-wk, https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1194074 makes me want to punch kittens...18:09
uvirtbotLaunchpad bug 1194074 in nginx "Default index.html blindly overwritten" [Undecided,Confirmed]18:09
patdk-wkheh, not good18:09
TheLordOfTimebecause i always am like "WHY ARE YOU USING THE DEFAULT DOCROOT AND NOT A MORE SANE LOCATION?!?!?"18:09
patdk-wkthat is why I stopped using rhel18:10
TheLordOfTimeHell, I don't even use the default docroot18:10
TheLordOfTimei use /home/MYUSER/html/sitespecificfolderhere18:10
patdk-wkcause in /etc/httpd/conf.d I would delete files I didn't want, like welcome.conf and stuff18:10
TheLordOfTimemhm18:10
patdk-wkand on upgrades they woudl *come back to life*18:10
TheLordOfTimeright18:12
TheLordOfTimepatdk-wk, i'm going to try and replicate with 1.4.4 in Debian, if i can replicate it with that, i'm going to say "Hey, you guys fix it, and give me a patch" lol18:12
TheLordOfTimeCBA to rewrite their code today, especially since it's frigid cold here today18:13
patdk-wkcould just look at the package, fix it18:13
patdk-wkand submit a patch18:13
TheLordOfTime... blehhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh stupid snow18:13
TheLordOfTimebrb, need to shovel the car out of the driveway18:13
ChocoboHi all.  I am using raring-lts kernel... I need to do some iptables loging but I notice ipt_LOG does not exist.  Any ideas?18:33
patdk-wkxtables?18:34
patdk-wkor ULOG18:34
Chocobopatdk-wk: Hmm, never used them.  I will have to look into it.18:38
patdk-wkulog is ultraconfigurable compared to log18:39
patdk-wkbut I was just wondering if it was hiding in the xtables package18:39
Chocobopatdk-wk: I do see ipt_ULOG.18:39
ChocoboHrmmm, so I installed ulogd but I don't seem to be getting anything in the logs.   I did "iptables -t raw -A OUTPUT -d <DEST-IP> -j ULOG"18:45
bluekingjust a question-...  no guide on how to put ubuntu server iso on memory stick for installation ?18:47
patdk-wkcopy it?18:49
sarnoldblueking: dd if=/path/to/file.iso of=/path/to/usb/device   :)18:49
bitbyteGood Evening, I'm having a little trouble setting up StrongSwan, Is anyone able to help me out ?18:49
bluekingsarnold:18:50
bluekingnot in windows18:50
sarnoldblueking: oh. let me go looking for a bit..18:50
sarnoldblueking: http://sourceforge.net/projects/win32diskimager/18:51
bluekingunetbootin ?18:51
geniiI think either winimage or windd also18:52
sarnoldoh, unetbootin looks nice.18:52
patdk-wkbitbyte, don't do it18:53
patdk-wkuse openswan, or libreswan18:53
bitbytepatdk-wk Why not use StrongSwan ?18:54
patdk-wkdidn't it die a long long time ago18:54
bitbyteThe IPsec protocol seems the best and most secure option, StrongSwan seems to implement it well18:55
axisyshow to install openssh-server from precise into lucid?18:56
Chocobohrmm, it doesn't look like ipt_ULOG is working within a network namespace.18:56
axisyscannot upgrade lucide to precise yet18:56
patdk-wkoh, strongswan is still alive18:56
patdk-wkdunno, openswan works good, and is easy to configure18:56
axisyslucid*18:56
patdk-wkaxisys, you don't18:57
axisysgetting a security scan and asking to upgrade openssh18:57
axisysI guess I can compile one and install that way for now18:57
bitbytepatdk-wk The thing i'm having trouble with is the config. I'm not really too sure about the address ranges18:57
patdk-wkaxisys, learn about the security scan then18:57
axisyspatdk-wk: OpenSSH J-PAKE Session Key Retrieval Vulnerability18:58
patdk-wkaxisys, you sure?18:58
patdk-wkaxisys, what cve?18:58
sarnoldaxisys: http://people.canonical.com/~ubuntu-security/cve/pkg/openssh.html18:59
bitbytepatdk-wk This is what i have so far but I'm not sure about the IP's http://pastebin.com/VWj9DiXJ18:59
axisyspatdk-wk: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-447818:59
uvirtbotaxisys: OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4478)18:59
bitbyteThe right and left subnets I'm not really sure if their set right18:59
sarnoldaxisys: http://people.canonical.com/~ubuntu-security/cve/2010/CVE-2010-4478.html18:59
uvirtbotsarnold: OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4478)18:59
bitbyteIs the left subnet, the one which belongs to the servers internal network ?19:00
sarnoldaxisys: "not enabled at compile time"  :)19:00
patdk-wkso amazing19:00
patdk-wkyour vaunerable to something you don't have :)19:00
patdk-wklove stupid security scans19:00
patdk-wkall they do is check what version you have, and ASSUME you have issues19:00
axisyspatdk-wk: :-)19:01
patdk-wkthis drives up the scanners profits19:01
patdk-wkcause it finds things you don't have19:01
patdk-wkproving you need them19:01
axisyssarnold: help respond to the scan then. what is not enabled?19:01
patdk-wkyo udon't need to19:01
patdk-wkjust supply that link19:01
sarnoldI'd wager the clear majority of people just use their distribution-provided versions of nearly all their software -- making the tools worse-than-doing-nothing for nearly everybody19:02
sarnoldaxisys: J-PAKE authentication support19:02
patdk-wkI would scream at them myself19:02
patdk-wkhow the hell can I be vaunerable to j-pake when I don't support it19:03
axisyspatdk-wk: which link.. there were few flew by including mine19:03
patdk-wkhttp://people.canonical.com/~ubuntu-security/cve/2010/CVE-2010-4478.html19:04
uvirtbotpatdk-wk: OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4478)19:04
axisysshould ldd /usr/sbin/sshd prove that j-pake is not enabled?19:04
patdk-wkdunno19:04
patdk-wkthem testing if j-pake is enabled would prove it19:05
patdk-wkthe issue is, they didn't even bother19:05
axisyspatdk-wk, sarnold : thanks a lot, guys!19:16
sarnoldaxisys: woot! have fun. :)19:17
axisysguess dealing with mediocre security team ;-)19:17
axisysat best19:17
sarnoldoww19:18
patdk-wkthey always are :)19:30
patdk-wkjust enough to prove they did something19:30
patdk-wkwithout digging into doing real work19:30
qman__yeah, anybody can click 'scan' in openvas and email you the pdf19:37
qman__people wo actually do their jobs check to see whether the software is actually vulnerable19:38
=== thomi_ is now known as thomi
qman__my lucid servers get lit up for PHP vulnerabilities they don't have based on the version number all the time19:40
=== qman__ is now known as qman
bluekingkernel to choose ?19:48
Level15hi, all. question, i am running win2k under kvm + libvirtd. Network speed between host and guest is way too slow. I tried changing the nic type to virtio, but it seems newer virtio drivers for windows do not support win2k. Any hints?20:03
bluekingshorewall  are not included in ubunti pack ?20:09
geniiNot by default20:09
bluekingok have to fetch it myself then20:10
geniiblueking: If you mean install it with apt-get, then yes :)20:11
bluekingah same style as debian20:12
geniiYep.20:12
bluekingwhat I need for rtorrent/rutorrent ? it uses scgi ?20:14
bluekingphp5-cgi ?20:14
bluekingor php5-xmlrpc ?20:14
qmanLevel15: sorry but you're probably SOL, windows 2000 hasn't been on anybody's radar in about 6 years20:15
jrwrenLevel15: win2k is 13 yrs old. good luck. :(20:15
Level15yeah... my friend has an ancient application that only runs on win2k and i'm just trying to give him a hand20:16
qmanthat it's working at all is surprising to me20:18
sarnoldLevel15: try fiddling around with several of the different NICs? my 'man qemu' reports 12 different nics, and while the ne2k_isa is unlikely to be best :) it can't hurt to try several of them..20:20
Level15I thought virtio was the best... found some oldr virtio drivers but gave me poor performance as well20:22
adam_gdweaver`, ping20:23
dweaver`adam_g, hi20:23
sarnoldLevel15: with newer guests, virtio probably would be best. but older guests might do better with standard, well-tested drivers, and forcing the emulator to be the funny one...20:24
adam_gdweaver`, hey, taking a lookat https://bugs.launchpad.net/bugs/1242992, trying to reproduce with not much luick. exactly where are you hitting this?20:24
uvirtbotLaunchpad bug 1242992 in python-keystoneclient "Unable to autolaunch a dbus-daemon without a $DISPLAY for X11" [Undecided,Confirmed]20:24
Level15sarnold: will try, thanks20:25
adam_gdweaver`, i suspect the newly backported version of keyring from 12.10 is the culprit,but unable to reproduce with python-keystoneclient alone20:25
dweaver`adam_g, I did a clean deployment of Havana in our demo lab using Juju, I can paste the bundle file for you if you like.20:25
adam_gdweaver`, im more interested exactly what was failing and where20:26
dweaver`adam_g, Oh, OK, when trying to use openstack-dashboard you get the error in the apache log file.20:26
adam_gdweaver`, ah! okay20:26
adam_gill try that20:26
bluekinggenii:  when doing apt-get  I  want to look through what that are available  to be downed/installed   how ?20:35
adam_gdweaver`, hmph, still no luck20:35
sarnoldblueking: apt-get -u dist-upgrade20:40
dweaver`adam_g, I don't know what to suggest, then. I can try and re-deploy and see if I get the error again on a  new clean deployment, but that might take a while to organise as we are working on other bits of the lab at the moment.20:41
geniiblueking: From command-line, usually something like: apt-cache search <something>20:42
adam_gdweaver`, if you hit it again please capture some log output and traces20:42
bluekingok20:42
geniiblueking: I recommend to run first however: sudo apt-get update20:42
bluekingi've done that at first20:43
bluekingshorewall   there are diff  versions out.. currently   my isp  uses IPv4  but soon they'll start use IPv6  what to use ?20:44
dweaver`adam_g, which logs do you want, just the apache log?20:44
bluekingshorewall6 maybe ?20:45
adam_gdweaver`, if that is the only place you're seeing any errors, yeah20:45
adam_gdweaver`, im interested to know if manually using the keystone client from the problematic node gives the same results, like the original bug shows20:45
dweaver`adam_g, Ok, I can try that too.20:50
bluekinggenii:  atleast ubuntu server 13.10 found nic's without issue20:54
bluekingoh noes.. :/    sending reboot  command in shell   makes  pc shutdown and doesn't bring it up again,  howto make it restart without needing to push powerbutton ?20:56
sarnoldblueking: give it a minute, it might need to spend time on shutdown to flush swap, flush dirty pages to disk, go through a slow bios, wait five seconds at a grub prompt, then perhaps wait for a dhcp lease or something..20:58
bluekingsarnold:  powerled  extinguishes20:59
bluekinghad same problem with suse too21:00
sarnoldblueking: try looking at the reboot= option in bootparam(7) -- you might need to fiddle with that. (I haven't seen a need to change it in a decade or more, but you never know..)21:04
=== mjohnson15_2 is now known as mjohnson15
bluekingsarnold:  what file/location to look at ?21:05
sarnoldblueking: man 7 bootparam21:06
jrwrenblueking: also maybe a bios settings.21:09
bluekingjrwren:   reboots fine with other lix distru than ubuntu and suse,21:15
axisyssudo nm -D /usr/sbin/sshd | grep method shows jpake method is not compiled in21:18
bluekingjust wonder  ubuntu server    i have nic interfaces  p2p1 and p3p1    where p2p1 are connected to ethernet and p3p1 are local net    diff subnets   p2p1 gets ip from dhcp  192.168.1.114    and then on p3p1  static  ip 192.168.2.1    netmask 255.255.255.0  then gateway on p3p1 should be ?22:24
patdk-lapnone!22:30
patdk-lapit's a trick question :)22:30
bluekinglooked at example  http://www.yourownlinux.com/2013/07/how-to-configure-ubuntu-as-router.html     can't be correct to have diff subnets on same local net ?22:30
bluekingpatdk-lap:  ubuntu machine has eth0 and eth1   10.10.6.203 and 10.10.6.204     ubuntu eth0 - switch - hostA that has ip 192.168.1.8     diff subnet from eth0 10.10.6.203 ?    this example confused me :/22:34
patdk-lapwhat confuses me is22:35
patdk-laphow can people always fine the worse, most idiotic examples, that people post22:35
blueking:)22:35
patdk-laphttp://www.shorewall.net/two-interface.htm22:37
bluekingpatdk-lap:  hmm I installed shorewall6 I think22:43
Patrickdkwhy?22:45
Patrickdkdoes your isp support ipv6?22:45
Patrickdkdoes all the websites you use support ipv6?22:45
Patrickdkaren't you having enough issues dealing with ipv4 first?22:46
bluekingPatrickdk:  isp are soon going to use ipv622:47
Patrickdknot likely22:47
Patrickdkthey have been going to use ipv6 soon for years now22:47
Patrickdkand they have made even more plans to not use it22:47
Patrickdkthus the invention of CGN22:48
bluekingso easier use shorewall two interface22:48
Patrickdkit's just as easy to use shorewall or shorewall622:49
Patrickdkbut shorewall handles ipv422:49
Patrickdkand shoreall6 handles ipv622:49
bluekingok done purge of shorwall622:49
bluekinga question when use 'init 6' shouldn't it reboot  computer and not powerdown whole box ?22:51
bluekingsuse and ubuntu  shuts down whole box with reboot/init 6,   sphirewall/debian  it restarted without need to push powerbutton... are there any setting that cause this powerdown when I want to restart linux ?22:54
=== medberry is now known as med_
=== mjohnson15_2 is now known as mjohnson15
bluekinguhm   what does last number 24 in  ip  mean  ?  192.168.0.0/2423:27
sarnoldblueking: the number of bits in a netmask; /24 corresponds with 255.255.255.0.23:27
sarnoldblueking: http://en.wikipedia.org/wiki/CIDR_notation23:28
bluekingok23:28
=== freeflying is now known as freeflying_away
bluekinghmm I need to static ip on local net interface...23:42
sarnoldblueking: man 5 interfaces -- and don't forget to set aside some IPs for static use from your dhcp server :)23:50
=== freeflying_away is now known as freeflying

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!