/srv/irclogs.ubuntu.com/2015/04/20/#ubuntu-server.txt

=== zz_DenBeiren is now known as DenBeiren
=== markthomas|away is now known as markthomas
Voyagewhat does it takes to setup an smtp server and get your email passed through the automatic email spam filters?04:15
=== markthomas is now known as markthomas|away
=== N0DEH is now known as CripperZ
=== CripperZ is now known as cripperz
=== cripperz is now known as CripperZ
=== ideopathic_ is now known as ideopathic
lordievaderGood morning.07:58
=== Lcawte|Away is now known as Lcawte
=== Lcawte is now known as Lcawte|Away
=== Lcawte|Away is now known as Lcawte
=== mburns is now known as mburns_
=== Lcawte is now known as Lcawte|Away
=== kickinz1|afk is now known as kickinz1
=== mburns_ is now known as mburns
=== kickinz1|afk is now known as kickinz1
RovanionHi, I'm getting the following errors on one of my drives in syslog and after a while it's lost to the system: http://paste.ubuntu.com/10855746/11:53
RovanionDoes anyone know how to find the cause of this issue?11:54
RovanionThis is my complete dmesg for ata1: http://paste.ubuntu.com/10855773/12:01
lordievaderRovanion: Drive failure? Check smart.12:23
Rovanionlordievader: Nothing notable on the smart record as far as I can see. Though they're hard to read. At least smartctl0 -H /dev/sdx returns passed on all devices.12:26
WalexVoyage__: setting up an SMTP server is not complicated if it is simple. For spam filters sometimes it helps to do SPF or some other idiotic authentication scheme.12:26
lordievaderRovanion: Could you pastebin the output of 'smartctl -a /dev/sdx'?12:29
Rovanionlordievader: Here it is: http://paste.ubuntu.com/10855877/12:31
lordievaderDrive seems to be fine, indeed.12:32
RovanionI've read a bunch of different causes for erros like this. But I'm having a hard time discerning which could cause mine. Some are kernel, some are cable, some are controller and some are power issues.12:33
RovanionSo the disks works for something like half a day while inside a ZPool while resilvering(rebuilding) a mirror, then disappears from Linux totally. /dev/sdx isn't there anymore.12:35
=== pgraner-afk is now known as pgraner
=== wickedpuppy2 is now known as wickedpuppy
=== Lcawte|Away is now known as Lcawte
=== martins-afk is now known as martinst
coetryCan someone please help me with Amazon EC2? I have an instance that i changed the security group to accept all tcp connections from port ranges 0 - 65535, and i have rails serving on 0.0.0.0:300015:40
coetrybut i can't seem to connect to the server from the public ip15:40
coetryits ubuntu server 14.0415:41
coetryis there a firwall on the server or something thats stopping it from accepting connections?15:41
coetryhttp://pastie.org/1010350015:44
excalibrcoetry, iptables -nvL15:48
coetryexcalibr: http://pastie.org/1010351315:50
excalibrcoetry, I see nothing is blocking on your server so it must be your network firewall then15:54
excalibrHave you tried giving your ec2 instance a reboot?15:56
coetryexcalibr, i did reboot it :/15:57
=== markthomas|away is now known as markthomas
excalibrcoetry, sorry I can't offer any further help. Ive never ran into such problem last time I used ec2. I did something differently though. I allowed all ports and proto in the security group and managed the firewall from within my instance16:07
tewardcoetry: check the EC2 control panel16:08
tewardcoetry: the security 'firewall' is controlled there, not at iptables16:08
tewardyou have to enter 'security group' allowed ports to permit access to the systems16:08
tewardotherwise the default is block all but SSH16:08
teward(that Standard Operating Procedure hasn't changed in Amazon EC2 ever)16:09
tyhicksjamespage: hello - we've finally got through all the MIR security reviews that were ahead of the conntrack MIR (LP: #1381450)17:03
tyhicksjamespage: but we're not sure if it is still useful to do this week17:03
tyhicksjamespage: if sarnold could get through it in the next day or two, would it still be useful for 15.04?17:04
=== Voyage_ is now known as Voyage
VoyageWalex,  SPF ?17:07
sarnoldVoyage: Y17:07
sarnoldVoyage: http://en.wikipedia.org/wiki/Sender_Policy_Framework17:07
=== Guest36304 is now known as mgagne
jamespagetyhicks, yes please17:19
tyhickssarnold: ^ could you focus on that and cve triage today?17:20
sarnoldtyhicks: sure17:20
tyhickssarnold: thanks! :)17:21
* sbeattie assumes tyhicks meant s/cve triage/community/ today17:23
tyhickssbeattie, sarnold: ah, I got your roles mixed up17:24
tyhicksthat's even better for sarnold :)17:24
* sbeattie *knew* not to get his hopes up. :)17:25
sarnoldyes, yes it is :)17:25
sarnoldsorry sbeattie17:25
sarnoldsbeattie: I've already started process_cve with the kjernel-team merge.. I'll finish just that bit..17:26
tyhicksdoh17:26
sarnold.. unless you've already started, then I'll try to figure out how to bail17:26
tyhicksI really screwed that up17:26
sbeattiesarnold: no, go ahead and finish that bit.17:27
sarnold CVE-2013-4866    (1/78: 1%)17:29
sarnoldouch..17:29
sarnoldsbeattie: okay, kernel team merge checked in, thanks17:29
* sbeattie cries17:30
sarnold... if there's any bright side, the first issue from debian that it prompted for me was this: (The LIXIL Corporation My SATIS Genius Toilet application for Android ...)17:31
sarnoldwhich is hilarious in itself17:32
sarnoldbut also hopefully means debian went crazy finding NFUs to document.. I hope.17:32
Alina-malinalol at dan bilzerian17:35
Voyagesarnold,  ok. what precautions should be made while making an smpt server17:47
sarnoldVoyage: keep up on your logs17:48
Voyagesarnold,  need my emails to not go in spam folders17:48
lazyPowerVoyage: thats a trust based system that takes time17:56
lazyPowerthe easiest thing you can do starting off is set DKIM validation on your dns for the server, then you have to wait and send mail while it builds trust17:57
Voyagek17:57
lazyPowerhttp://en.wikipedia.org/wiki/DomainKeys_Identified_Mail <- outlines it pretty well17:58
=== bilde2910|away is now known as bilde2910
=== Lcawte is now known as Lcawte|Away
=== kickinz1 is now known as kickinz1|afk
=== kickinz1|afk is now known as kickinz1
=== markthomas is now known as markthomas|away
=== cryptodan is now known as cryptodan_portab
=== cryptodan_portab is now known as cryptodan
tychicushas anyone run into issues with tagged vlan's on 14.04, specifically with regards to intervlan routing?19:34
tychicusI'm running into an issue that seems to only affect my ubuntu machines, thinking maybe I have something wrong on the ubuntu configuration side19:35
patdk-lapwhat is intervlan routing?19:36
tychicussorry inter vlan routing19:37
tychicusrouting packets between vlan's19:37
patdk-lapI don't understand the usage of inter19:37
patdk-lapthat would be external vlan routing19:37
patdk-lapinside vlan is l2, bridge19:37
patdk-lapso you just have normal l3 routing issues19:37
tychicusinterVLAN is just the cisco nomenclature19:38
tychicus2 vlan's19:38
tychicusdefault vlan 119:38
tychicusthen vlan 20019:39
tychicusvlan 200 is able to pickup an IP from local dhcp, or static assignment19:39
tychicuscan talk to other devices on the same subnet, but can't see to exit the subnet19:39
ay_carambawait till you get to routing on a stick19:40
ay_caramba;)19:40
tychicusKernel IP routing table19:40
tychicusDestination     Gateway         Genmask         Flags Metric Ref    Use Iface19:40
tychicus0.0.0.0         192.168.28.254  0.0.0.0         UG    0      0        0 eth219:40
tychicus0.0.0.0         192.168.200.254 0.0.0.0         UG    100    0        0 eth2.20019:40
tychicus192.168.28.0    0.0.0.0         255.255.255.0   U     0      0        0 eth219:40
tychicus192.168.200.0   0.0.0.0         255.255.255.0   U     0      0        0 eth2.20019:40
tychicusis how the local routing table is configured19:40
tychicuseverything is fine with the default vlan19:42
tychicusit can talk to other devices on vlan 20019:42
=== keithzg__ is now known as keithzg
patdk-lapall this talk, but no question for what is wrong?19:49
tychicuswhat is wrong is that as soon as I ifup eth2.20019:49
patdk-lap?19:50
tychicusthe vlan attached to eth2 can not communicate with vlan 20019:50
patdk-lapwhat does routing tables have to do with that?19:50
=== bilde2910 is now known as bilde2910|away
patdk-lapthat has to do with forwarding19:51
tychicusas in ip_forward19:51
tychicus?19:51
patdk-lapand routefilters, and ....19:51
tychicushere is the tutorial I used https://wiki.ubuntu.com/vlan19:52
tychicusis there something that is more complete?19:52
tychicusthe ubuntu systems are the only ones having this issue, so I am trying to track down where I went wrong in the configureation19:53
patdk-lapthat tutorial is complete, to setup a vlan19:57
patdk-lapthat tutorial has NOTHING to do with routing between vlans19:57
patdk-lapfor that, consult any firewall config tutorial you want19:57
tychicusthe function of routing between vlan's is set up on the router19:58
patdk-lapso this is just an end machine?19:58
tychicusit works for every machine in the network execpt ubuntu machines19:58
tychicusyes19:58
patdk-lapwell, fix up your default route then19:58
patdk-lapor turn of rp_filter19:58
patdk-laprp_filter is a GOOD THING to have on19:58
patdk-lapbut it doesn't work for multible default routes19:58
tychicuswould I need to be disabled for eth2 the physical interface, or only for eth2.200 (vlan interface)?20:01
patdk-lapdisabled for anything with a default gateway on it20:03
patdk-lapin your case, all20:03
tychicuswhat is the preferred way to do this? sudo echo 0 > sudo /proc/sys/net/ipv4/conf/all/rp_filter20:10
tychicusdoes not seem to work20:10
sarnoldecho 0 | sudo tee /proc/sys/net/ipv4/conf/all/rp_filter  or use sudo -s to get a shell first, then just echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter20:11
tychicussysctl -w20:11
tychicusok thanks20:12
tychicuspatdk-lap: thank you that worked20:14
tychicussarnold: thank you toot20:14
tychicuss/toot/too20:14
patdk-lapadd it into a /etc/sysctl.d/xxxx file20:27
=== markthomas|away is now known as markthomas
=== Lcawte|Away is now known as Lcawte
=== kickinz1 is now known as kickinz1|afk
=== Lcawte is now known as Lcawte|Away
=== DenBeiren is now known as zz_DenBeiren

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!