[03:40] <hexahive> Hello ppl :) I need an advice, especially if there's someone having experience with fwknop-server... I'm getting an error "[*] Access file: 'access.conf' was not found."  ... I've checked that the file exists in /etc/fwknop, also tried to chmod it to 777 and chgroup it to my username instead of root, but nothing of those usual things help... Any ideas ?
[03:55] <andol> hexahive: I have no experience with fwknop-server, but as a general approach I would try running it using strace, and see which access.conf paths are tried.
[03:56] <sarnold> I hadn't noticed that he rejoined here before replying in another channel... if my hunch is correct he ought to be on his way soon :)
[03:56] <sarnold> (my suggestion: give the full pathname in the configuration file, based on the logging messages given here http://sources.debian.net/src/fwknop/2.6.0-2.2/server/access.c/#L1018 )
[03:57] <hexahive> sorry for generating confusion ;)
[04:01] <hexahive> sarnold: you were absolutely right, when i run it with "sudo fwknopd" while in /etc/fwknopd, it works
[04:02] <sarnold> \o/
[04:02] <sarnold> bonus points to the author for giving decent error messages :) that's not always the case
[04:02] <sarnold> (I went looking in fact expecting it to be terrible.)
[04:03] <hexahive> yep, i've noticed he made the code give different messages whether the file exists or the permissions aren't right, which is cool :)
[05:22] <DanDreamPipe> So I'm trying to redirect defunctsite.com/path/file.html or defunctsite.com/path to newsite.com/path/subpath/file.html while using DNS
[05:22] <DanDreamPipe> But DNS does not support file paths
[05:22] <DanDreamPipe> What do, what are my options here
[05:24] <DanDreamPipe> I've been trying to figure this out for many hours
[05:33] <ChibaPet> DanDreamPipe: You can't do it with DNS. You need your load balancer or web server or other intermediary to do that translation.
[05:48] <DanDreamPipe> I'm willing to set such servers up, but by setting said devices DNS settings to my server will the queries to defunctsite.com/path/etc still resolve to newsite/etc/?
[05:50] <DanDreamPipe> And queries to undefined.com go to google DNS
[05:54] <ChibaPet> With no offense intended, I think the sort of advice you need would best be supplied by a local expert - local professional services or something. You're confusing a couple concepts that could end up making your life difficult if you don't get them right.
[06:00] <jvwjgames> Hello
[06:00] <jvwjgames> I am wondering if there is a way that if a demon
[06:02] <jvwjgames> *could if it receives certain data that all programs could stop except for Apache and another program
[06:02] <jvwjgames> Is that possible?
[06:04] <jvwjgames> Anyone?
[06:05] <jvwjgames> I need to know if this is possible
[09:59] <FuriousGeorge> im running openvpn and trying to ping server subnet from client (i can ping the server itself)
[09:59] <FuriousGeorge> in tcpdump i see pings reach the server and seem to die there
[09:59] <FuriousGeorge> i expected them to be routed to the computer with the matching destination which is on the same  subnet,
[10:00] <FuriousGeorge> if i go to the destination computer and listen for pings on eth0 i see none, but if i try to ping the source computer i can.  i can ping any computer on the subnet behind it for that matter
[10:00] <FuriousGeorge> i made sure ip forwarding was enabled on the server, and that iptables/firewalld was not even installed
[10:00] <FuriousGeorge> im at a loss at this point
[10:18] <lordievader> Still sounds like a firewall, tcpdump sits before the firewall.
[12:15] <caribou> nacc: jgrimm asked me to sponsor the logwatch merge
[12:18] <caribou> nacc: oh, looks like kirkland already sponsored it
[12:58] <devster31> hi, I have multiple ssh servers in a LAN, but I want to access them from outside the network and the best option seems a VPN (correct me if I'm wrong), is there a tutorial that I can follow to set up openVPN so that only traffic towards those hosts is passed through the VPN and all the internet traffic isn't?
[13:05] <caribou> jgrimm: is it still useful to merge the latest clamav bits now that we're so close to release ?
[13:05] <caribou> jgrimm: debian has a new 0.99-1 as of a march 11th
[13:37] <beisner> jamespage, ddellav - fyi, pushed neutron 2014.1.5-0ubuntu4~cloud0 from proposed to icehouse-updates in uca re: bug 1393391
[13:42] <beisner> jamespage, ddellav - also, promoted qemu 2.2+dfsg-5expubuntu9.7~cloud2 from kilo-proposed to kilo-updates in uca re: bug 1546445
[13:45] <BlackDex> hello there.. I have a dell server and installed ubuntu 14.04.4 LTS on it. When i type `dmesg` the console is very very slow with the output. How can i speed this up?
[13:45] <younder> Anyone have any experience with setting up a bind9 (DNS) server? My server name is pandora and my domain name the same. A nslookup on pandora fails on the master node while the 10 cluster nodes it succeeds. The resolv suceeds on all. What is the problem?
[13:47] <younder> BlackDex, It is fine on mine ( a Dell PowerEdge T110 II)
[13:48] <younder> mongodb has a powerful diagnostic util that I tried earlier today.
[13:48] <BlackDex> younder: i have an dell poweredge R430
[13:53] <younder>  It basically dumps all the diagnostic data of your system. It's up to you to make sense of it though
[13:54] <younder> I could make a dump of it into pastebin if you like
[13:58] <jgrimm> caribou, skip it
[13:59] <caribou> jgrimm: ok!
[13:59] <jgrimm> thanks sir!
[14:01] <younder> Altso I have a problem with a cluster node L1 which can't access apt-get-ng while all the other nine nodes can. Seems to be in the network setup, but I can't find it. Any suggestions?
[14:04] <younder> They have identical (via ansible) setups
[14:05] <younder> But originally they were set up one by one. and L1 seemed to have internet connectivity while the other nodes did not. To mak it update i change /etc/resolv.con  etc
[14:51] <designbybeck> I'm trying to learn more about the cloudimg setups. I am using the vhd here: http://uec-images.ubuntu.com/wily/current/
[14:51] <designbybeck> the vhd boots, but I'm not sure what the username and password are?
[14:52] <younder> You need werewulf..
[14:53] <designbybeck> this is wily younder  is that what you mean?
[14:54] <younder> http://warewulf.lbl.gov/trac
[14:54] <designbybeck> HHHmmmm
[14:55] <younder> is what I mena a cluster manager which takes old prootocols like boot and  works by identically configuring all nodes.
[14:57] <younder> I don't use it in my cluster but it gets good reviews on HPC
[14:58] <crazybluek> just wonder what to do...  firewall/gateway need some implementation of a few lines with 6to4 and 6in4 Tunnels in shorewall  or/else remove shorewall and install ufw instead...  what are best thing to do ?
[14:58] <designbybeck> I was just trying to follow some of these guides for settings up openstack in a VM to play with: http://docs.openstack.org/developer/devstack/guides/single-vm.html
[14:58] <younder> Anyhow Admin magasin and HPC magazine will better see you throght than a random question on ubuntu srever which is for more spesicic ubuntu related questions
[15:00] <designbybeck> I figured it was an Ubuntu CloudImg build on UbuntuServer so I thought this group might know
[15:00] <younder> crazybluek, have you tried ufw (uncomplicated firewall)
[15:02] <younder> There is a book on IPTABLS I can recommend  called 'linux firewalls' by michael rash but i reccomend UFW for starters. It is build on to of IPTABLES anyhow so co can eassily use hat insted
[15:04] <jrwren> does ufw have ipv6 and 6to4 and 6in4 support?
[15:04] <younder> There is a book on IPTABLES I can recommend  called 'linux firewalls' by Michael Rash but  recommend UFW for starters. It is build on to of IPTABLES anyhow so co can easily use that
[15:04] <younder> jrwren, yes
[15:04] <crazybluek> younder never been into ufw
[15:04] <younder> I  use it every day
[15:05] <younder> But not for ipv6
[15:05] <younder> It's the 6to4 and 6in4 I wonder about.
[15:06] <younder> Dangerous to combine anyhow
[15:08] <younder> you get the ip6 over ip4 attacks. Blow your firewall sky high to combine them
[15:11] <younder> As usual read a book about it but not implemented it yet. O'reilly IPV6
[15:12] <jrwren> what are these attacks?
[15:15] <younder> http://www.darkreading.com/vulnerabilities-and-threats/windows-ipv4-networks-vulnerable-to-ipv6-attack/d/d-id/1097153?
[15:16] <younder> http://www.rmv6tf.org/wp-content/uploads/2013/04/5-IPv6-Attacks-and-Countermeasures-v1.2.pdf
[15:23] <younder> Particularly you network if opened to  IPV6 from he firewall is open to scan.
[15:24] <younder> Even if yo have IPV4 internally they also have IPV6 addresses.
[15:30] <jrwren> looks like scare tactics to sell firewalls ;]
[15:42] <younder> jrwren, No just my own fear
[15:43] <jrwren> younder: I classic stateful connections only firewall works quite well *shrug*
[15:45] <younder> I like IPTABLES too :)
[15:45] <jrwren> :]  Me too
[15:58] <teward> server team meeting today?
[16:00] <jgrimm> teward, yep
[16:25] <younder> what do you have to say about port 53 and the DNS.?
[16:26] <younder> Is it all it is? I seem to believe there are more prots.
[16:26] <younder> ports
[16:26] <patdk-wk> heh?
[16:26] <patdk-wk> dns uses udp port 53 and tcp port 53
[16:26] <patdk-wk> it uses nothing else
[16:27] <patdk-wk> unless you are not talking about dns, but talking about mdns, then it uses port 5353
[16:27] <younder> I use ufw allow 53
[16:27] <younder> You are wrong
[16:31]  * ogra_ has never seen anything else but udp/tcp 53 being used for DNS
[16:32] <jrwren> no, you are wrong ;]
[16:33] <jrwren> ^ that is my way of saying, "how about instead of saying, 'you are wrong', you show facts."
[16:33] <younder> ports for rndc
[16:33] <patdk-wk> I would love to see some facts that show I'm wrong
[16:33] <patdk-wk> rndc != dns
[16:33] <jrwren> rndc isn't dns.
[16:33] <patdk-wk> hell, what even is rndc
[16:33] <jrwren> AFAIK DNS servers that aren't ISC BIND do not do rndc.
[16:33] <younder> Port 953
[16:34] <jrwren> patdk-wk: rndc is an ISC BIND9 management protocol
[16:34] <maswan> patdk-wk: rndc is bind's remode daemon control protocol
[16:34] <patdk-wk> ya, not dns
[16:34] <jrwren> well, ISC BIND, not just bind9
[16:34] <younder> no it is used to magege a BIND9 DND server though
[16:34] <patdk-wk> I haven't used bind since well, 2004?
[16:34] <maswan> which you might like to have for a "dns server" in general, but you might also want to have ssh for the same reasons. Doens't make it dns.
[16:35] <jrwren> yes, words are important. bind isn't dns, bind is A dns server.
[16:35] <younder> and so port 953 is also a port bind9 CAN listen to
[16:35] <patdk-wk> one should not expose ports that one does not need
[16:35] <younder> absoutely
[16:40] <ogra_> (and one should not blame others of being wrong if one didnt explain the actual problem correctly at all)
[16:40] <ogra_> :)
[16:41] <patdk-wk> ogra_, it's ok, I'm wrong, wife tells me all the time
[16:41] <ogra_> lol :)
[16:42] <jrwren> its ok, its only human to use a close but inacurrate word and assume others know what you mean. My wife does it all the time, as do I. ;]
[16:42] <younder> anyhow if you are uing a bind9 server as am I guard port 953 ;)
[16:42] <jrwren> you are blocking individual ports?
[16:42] <patdk-wk> block all ports
[16:42] <jrwren> is there a reason you cannot block all and open what you want?
[16:42] <patdk-wk> only unblock a few
[16:43] <patdk-wk> otherwise anyone *user* account can run stuff on the server
[16:43] <patdk-wk> not good
[16:43] <younder> I use ufw It bocs all pots unless i explicitly open them
[16:43] <younder> I use ufw It blocs all ports unless i explicitly open them
[16:44] <GeekDude> I installed a new 14.04.4 box yesterday and chose 'no' when asked if I wanted to automatically update/important update. If I wanted to change that, would 'sudo dpkg-reconfigure unattended-upgrades' be the correct way to go about that? Does it produce the same results as picking yes during installation, or does it just accomplish the same thing by different means?
[16:45] <younder> but you mileage may vary. I alto like going straight to the metal and using iptables
[16:46] <younder> GeekDude, A simple "sudo apt-get update && sudo apt-get upgrade -y " will do that
[16:47] <GeekDude> younder: I want it to be automatic, and only important/security updates though
[16:47] <younder> The -y is king in a cluster
[16:47] <younder> GeekDude, the you don't want upgrade
[16:48] <younder> GeekDude, anyhow your system should do that once  a week.
[16:48] <younder> when you install it
[16:48] <jaywink> hey all. Any idea what could cause when running a python script that does "os.system('service foobar restart')" in root terminal, everything works, but the same script in root crontab gives 'unrecognized service'? The upstart conf file is in /etc/init and as said, service works normally but not via root
[16:49] <younder> jaywink, permissions
[16:49] <jaywink> younder, even if running via root crontab?
[16:49] <GeekDude> younder: The thing is, during install I explicitly disabled that option. I am now wishing I had picked it.
[16:49] <patdk-wk> service isn't in bath :)
[16:49] <patdk-wk> path
[16:50] <jaywink> patdk-wk, tried also full path to /usr/sbin/service - and it is service which says "unrecognized" ;)
[16:50] <jrwren> jaywink: 'unrecognized service' or 'unrecognized command service'?  Sounds like /sbin is not in the path.
[16:51] <younder> GeekDude, sudo dpkg-reconfigure --priority=low unattended-upgrades
[16:51] <younder> should do it
[16:51] <jaywink> jrwren, definitely service command is found, tried full path
[16:54] <jrwren> jaywink: i cannot imagine what is wrong. does using invoke-rc.d or initctl directly work?
[16:54] <younder> dkpg-reconfigure is overall underrated
[16:55] <jaywink> jrwren, yes. this is the script (sorry, jinja template, vars are replaced correctly and script works otherwise) - https://github.com/jaywink/ansible-diaspora/blob/master/templates/restart_on_memory_capped.py
[16:55] <younder> jaywink, have you checked premissions
[16:55] <younder> ?
[16:55] <jaywink> something python + cron session related maybe... since same os.system in root shell works
[16:56] <younder> sudo chown root <program>
[16:56] <jrwren> jaywink: cron's environment is often different from root shell environment
[16:56] <jaywink> younder, it's running in root crontab, how could it be permissions sorry? the script executes, only error is the os.system call
[16:56] <lordievader> jaywink: Does 'initctl list' list the service you are trying to control if that command is ran from the crontab?
[16:57] <GeekDude> younder: what is the significance of 'priority=low'?
[16:58] <younder> jaywink, correct me if I a wrong but isn't hat just python for a shell command?
[16:58] <younder> GeekDude, one a week vs one a day
[17:01] <lordievader> GeekDude: The man page reads that the priority setting sets the minimum priority level of questions asked, see 'man dpkg-reconfigure'.
[17:01] <GeekDude> lordievader: I did check that page, but I have no clue what that means
[17:02] <lordievader> It seems that questions dpkg might pose are put in different priority classes. The default is low, so setting it to low can be ommited.
[17:03] <jaywink> lordievader, finally got cron to output :P yes, initctl list executed from root crontab does contain the service .. sigh... I made a python script for expansion flexibility, seems that is biting back now
[17:04] <lordievader> jaywink: Upstart being as strange as it is, it might work with initctl instead of 'service'. I had it before that service didn't know a particular service while initctl did.
[17:04] <younder> jaywink, can't you use a shellbang #/path/python
[17:05] <younder> nad no py
[17:05] <younder> and no. py
[17:06] <younder> WELL THEN IT WILL WORK!!! ;)
[17:07] <lordievader> younder: His problem has nothing to do with how the interpreter is called.
[17:08] <younder> lordievader, I know
[17:09] <younder> lordievader, It's just a feeling I get sometimes.. This SHOULD work and then NOT
[17:21] <jaywink> lordievader, awesome, initctl totally worked :) thanks!
[17:21] <lordievader> jaywink: Ah, good to hear ;)
[17:22] <younder> so you are moving to systend  finally!
[17:23] <younder> systemd
[17:23] <younder> wonderful inprovement over init
[17:23] <jaywink> yeah but on trusty on this server
[17:24] <younder> I am relly looking forward ti 16.06 in fact I have a alpha in a VM right now
[17:24] <younder> 16.04
[17:25] <lordievader> The beta of Xenial is already released ;)
[17:26] <younder> enoght words read https://wiki.debian.org/systemd
[17:32] <jrwren> both upstart and systemd are excellent IMO.
[17:33] <jaywink> compared to initv scripts yeah... :P
[17:34] <younder> now we have something except aptitude  to work on
[17:49] <arcsky> hey there is differnt keyboard layout in my shell how can i switch back? i have only ssh access.
[17:51] <RoyK> arcsky: keyboard layout is a local thing, meaning the ssh client reads through the client's OS - it doesn't matter what sort of layout the server's using
[17:53] <arcsky> i have used this putty windows  client to connect ot my ubuntu machine for years and now it has switched..
[18:23] <younder> arsky what is putty windows?
[18:23] <teward> younder: putty windows client - i.e. PuTTY SSH client for Windows
[18:23] <younder> Iv'eused ssh for years.
[18:23] <teward> arcsky: "now it has siwtched" <-- this is fairly vague, so it's unclear what exactly you're asking
[18:23] <younder> OOH. yes. I remeber them now
[18:24] <teward> arcsky: the SSH client can sometimes 'override' the key mapping in use; but so can the Server
[18:24] <younder> So you wans an encryped tynnel
[18:24] <younder> tunnel?
[18:24] <teward> younder: no, that's not his issue.
[18:24] <younder> lol ok
[18:24] <teward> RoyK: i noticed an odd instance in some qemu-run VMs of Ubuntu where the SSH client's keymapping isn't honored
[18:24] <teward> rare, but odd
[18:25] <sarnold> back in the day we used to spend forever trying to get the backspace key to work reliably everywhere. good times.
[18:25] <teward> heheh
[18:25] <teward> sarnold: i think i heard horror stories of those days xD
[18:25] <younder> I use quemy too mostly for the pi's
[18:26] <younder> so the por bastards on a doze. What can we do to help him?
[18:26] <sarnold> we can help him better formulate problem descriptions
[18:27] <younder> You havent considered .. no
[18:28] <younder> so you don't wnat the whole linux hell thing just the 'telnet'?
[18:28] <younder> hell = RHELL = shell
[18:29] <younder> The robot deamonds have taken over so  much.
[18:30] <jrwren> what do you mean^?^?^?^?^?^?^?^?^?^?^?sarnold: what do you mean?
[18:30] <sarnold> jrwren: lol
[18:31] <younder> Imagine a elf atabbing a dwark. Or a child killing a parent after being forked mind you, to become a deamond. Now thts just unix
[18:31] <Pici> younder: Er, can we keep these random comments to a minimum please?
[18:32] <Pici> younder: If you're looking for a chat channel there is #ubuntu-offtopic, otherwise these channels are for support unless otherwise specified..
[18:32] <RoyK> sarnold: stty erase ^H # ;)
[18:33] <sarnold> RoyK: heh if only it had been that easy.. :)
[18:40] <RoyK> sarnold: some old unix wiz taught me back then ;)
[18:41] <sarnold> RoyK: the trick was getting all layers involved to agree that ^H is the One True Backspace
[18:42] <younder> what?
[18:42] <jcastro> jgrimm: got a sec? Our team needs help getting an FFe for Xenial for charm-tools
[18:42] <jcastro> https://bugs.launchpad.net/ubuntu/+source/charm-tools/+bug/1546776
[18:42] <jcastro> https://bugs.launchpad.net/ubuntu/+source/juju-core/+bug/1545913
[19:03] <rsevero> Hi. I have a server whose network interfaces were named through a /etc/udev/rules.d/70-persistent-net.rules file. My really strange problem is that now that I removed my 70-persistent-net.rules file and reboot, the interfaces I keeping the names I invented. Why? How can I make it get the automatic names again?
[19:04] <rsevero> the interfaces are keeping the names I invented
[19:05] <nacc> rsevero: just removing that file doesn't regenerate the initrds
[19:05] <younder> Have you flushed the DNS cache
[19:06] <rsevero> nacc: I don't kow this file nor how to regenerate it. How can I do it?
[19:07] <sarnold> nacc: ooo
[19:07] <rsevero> younder: Why DNS caches would have any influence on the naming my network interfaces are named by the kernel?
[19:07] <younder> rsevero, actulaly the arp cache
[19:07] <nacc> rsevero: I believe it is `update-initramfs -u -k all`, iirc
[19:08] <nacc> sarnold: was that "good guess, nacc"? Or "you're wrong, nacc"? :)
[19:08] <sarnold> nacc: "good guess nacc" :D
[19:09] <sarnold> something I wouldn't have considered and yet once I hear it, seems plausible enough :)
[19:10] <nacc> sarnold: whew
[19:13] <rsevero> nacc: It seems you are right nacc. Having most of my experience on Gentoo, I would never have thought about regenerating initramfs to apply network interface name changes. Am I correct in understanding that every time I edit /etc/udev/rules.d/70-persistent-net.rules I have to regenerate initramfs?
[19:15] <patdk-wk> you shouldn't ever have to, no
[19:15] <nacc> rsevero: right, the issue is those rules get copied into the initrd, iirc
[19:15] <patdk-wk> oh?
[19:15] <nacc> i might be wrong, but i recall doing that in the past
[19:15] <patdk-wk> something change with that lately?
[19:16] <patdk-wk> or is that a requirement due to the biosdev... package?
[19:17] <rsevero> nacc: Ok, thanks.
[19:17] <nacc> i don't have it in front of me right now, but i think the files are copied into the initrd during update/creation
[19:17] <nacc> patdk-wk: --^
[19:18] <nacc> patdk-wk: presuming that's the case, they would get out of sync if you locally modify them and don't regenerate the initrd(s)
[19:18] <rsevero> On a completely unrelated issue: how can I fix a computer that starts to show "error: invalid video mode specification 'text'. Booting in blind mode" just after initial Grub screen after it got hard reseted?
[19:19] <rsevero> And never completes the boot process?
[19:20] <nacc> rsevero: can you provide the kernel cmdline? should be viewable in grub too
[19:21] <rsevero> linux     /vmlinuz-4.2.0-35-generic.efi.signed root=/dev/mapper/vg-root ro
[19:21] <rsevero> nacc: Is this the line you want?
[19:23] <nacc> rsevero: yeah
[19:23] <nacc> rsevero: hrm, seems that message is from grub itself
[19:23] <nacc> rsevero: https://lists.gnu.org/archive/html/help-grub/2013-01/msg00016.html
[19:23] <rsevero> nacc: Yes. I think so.
[19:24] <nacc> rsevero: not sure, sorry
[19:29] <rsevero> nacc: I had already seem that page. Thanks anyway. Will try my luck on grub channel ;)
[19:30] <nacc> rsevero: yeah that's probably more likely to succeed, sorry!
[20:13] <randymarsh9> hello
[20:16] <randymarsh9> ntop is a network display tool as well as web server?
[20:18] <nacc> randymarsh9: yes, per it's description, i think it has an embedded web server
[20:32] <DirtyCajun> this is why i love linux. why Raid 0 when you can juust keep them seperate and symlink.
[20:33] <patdk-wk> you can do that on windows too
[20:33] <patdk-wk> but simlink doesn't increase the speed of a single file
[20:34] <patdk-wk> or a database
[20:34] <bekks> Or anything else ;)
[20:36] <DirtyCajun> but it decreses total data falure when 1 drive fails in a raid 0
[20:37] <bekks> thats why you use RAID 1 :P
[20:37] <DirtyCajun> you are losing space.
[20:37] <Deeps> DirtyCajun: 'why raid0 when you can do something that doesn't offer the benefits of raid0' 'because of the benefits of raid0' 'but then you get the drawbacks too' well, yeah.
[20:38] <DirtyCajun> the only benefit i know of raid 0 is speed. wrong?
[20:38] <Deeps> no
[20:38] <Deeps> but if speed matters, then it's a significant benefit
[20:38] <maswan> well, space too
[20:39] <DirtyCajun> i cant count the number of people i know that raid 0 NOT for speed but for a "single large disk so they dont have to split files"
[20:39] <Deeps> just because you know a lot of people who make poor choices for their requirements doesn't make the technology bad
[20:40] <DirtyCajun> this is being misconstrued. lord. s/why raid 0/why raid 0 for space consolidation/
[20:40] <Deeps> ('a lot' may be inaccurate, i dont know how high you can count)
[20:41] <randymarsh9> anybody know what nprobe is and how it relates to ntop?
[20:41] <randymarsh9> is it a plugin or standalone application?
[20:42] <Deeps> looks like a netflow collector
[20:43] <Deeps> similar to nfdump i guess
[20:44] <Deeps> ah no, looks like it has flow manipulation capabilities as well
[20:48] <gpiccoli> Hello, sorry to bother you. I tried to joing #ubuntu-cloud, but it "redirected" here, so I believe this is the channel for cloud questions, right?
[20:49] <Pici> yep
[20:49] <gpiccoli> I wanna boot a x86 cloud image using qemu in another arch. The problem:
[20:49] <gpiccoli> I boot the image, it works but end up giving lots of n/w problem, related to cloud-init
[20:50] <gpiccoli> is there a way to disable cloud-init and boot directly to terminal, as usual?
[20:51] <gpiccoli> the error messages are like "request error [(<urllib3.connectionpool.HTTPConnectionPool object at 0x7f8fc1a1d890>"
[20:57] <randymarsh9> Deeps: so does it sound like it integrates with ntop or it runs on its own?
[20:58] <Deeps> it runs on it's own, but it still needs to feed into ntop or something else like it
[20:58] <randymarsh9> i installed both ntopng and nprobe and can't figure out what's running what so troubleshooting is pretty freaking hard
[20:58] <Deeps> Fully interoperable with commercial collectors such as IsarFlow, Fluke, Cisco, Dartware, AdventNet, Arbor Networks, Plixer, NetFlow Auditor, SolarWinds Orion NTA.
[20:58] <Deeps> from the nprobe page
[21:01] <randymarsh9> pretty lame that none of the switches work on windows when they claim it runs on windows
[21:01] <randymarsh9> guess i should have this running on linux
[21:04] <Deeps> i'm assuming you haven't paid for it
[21:04] <Deeps> given that you're asking in here
[21:05] <Deeps> rather than using the 5 days installation support that they give you when you pay
[21:06] <Deeps> and from what i can tell, nprobe isn't free
[21:10] <randymarsh9> what makes you think it's not free?
[21:10] <randymarsh9> it's open source and they link to the download page right on their site
[21:26] <Deeps> randymarsh9: the text on the site that says it's not free
[21:27] <lordievader> IIRC, the software is free, the appliance/support isn't.
[21:27] <Deeps> randymarsh9: nProbe™ is available for a little fee, that’s used for running the project and funding the new developments. You can purchase online your copy of nProbe™ at the ntop e-shop site, that includes one year support. After the transaction is completed you can download your nProbe™ copy immediately
[21:27] <Deeps> nProbe is distributed under the EULA and requires a license per system.
[21:27] <Deeps> just because source is open, just because the download is freely available without drm, doesn't make it free
[21:30] <Deeps> the website seems to contradict itself regarding availability of source code, but it doesn't appear that the source is freely available either
[21:32] <lordievader> They provide a deb didn't they?
[21:35] <Deeps> the text suggests it's a binary package distribution
[21:35] <lordievader> Ah, in such a way.
[21:35]  * lordievader is happy with pmacct
[21:36] <Deeps> oh that looks like it could be good at home
[21:36] <Deeps> and more
[21:43] <randymarsh9> Deeps: then maybe don't link to it from the same directory where you store all your free license binaries
[21:45] <Deeps> randymarsh9: maybe better to tell them that rather than me, it's not my license you're violating
[21:45] <randymarsh9> their page says it's free to try
[21:45] <Deeps> \o/
[21:45] <randymarsh9> are you the dmca police or something
[21:46] <randymarsh9> jesus christ
[21:46] <Deeps> nope, but you asked why i thought it wasn't free, i explained. just because you don't like the answer doesn't mean you need to take it out on me /o\
[21:48] <randymarsh9> you made it sound like i shouldn't be asking for help in here because i didn't pay for it
[21:48] <randymarsh9> very helpful of you
[21:48] <Deeps> sorry if you got that impression, given that i've been the only person to try and help you so far, i'll leave you to the rest /o\
[21:49] <Deeps> gl, nn!
[21:50] <randymarsh9> by telling me i didn't pay for support.....
[21:50] <randymarsh9> right, thanks
[21:55] <crazybluek> hmm, it seems net hangs every time dhclient renew ip given by fibermodem ?  any workaround this ?
[21:57] <sarnold> does it renew the same or a different address?
[21:57] <sarnold> does it set e.g. bad dns server names?
[21:57] <sarnold> does it mess with the routing tables?
[21:58] <sarnold> are there any errors or warnings in the logs?
[22:00] <crazybluek> should be same address as it have had same IP all the time
[22:00] <crazybluek> havn't found warnings in logs yet
[22:01] <randymarsh9> anyone know of any better alternatives to ntop for collecting netflow traffic?
[22:01] <crazybluek> I loose net connectiong at 18-20 minute
[22:02] <crazybluek> 24/7  I loose netconnection every 18-20 minute
[22:02] <sarnold> crazybluek: dang..
[22:02] <crazybluek> for 1-2 minute
[22:02] <lordievader> randymarsh9: As I said, I'm happy with the pmacct and nfsen combination.
[22:03] <crazybluek> 18-20 min  about same time as renew time 1065 second I've seen in logs
[22:03] <sarnold> nfsen? is that packaged?
[22:04] <randymarsh9> lordievader: does it have a pretty dashboard ?
[22:04] <lordievader> sarnold: Not that I know of.
[22:04] <lordievader> randymarsh9: It's functional.
[22:05] <randymarsh9> ahah
[22:05] <sarnold> lordievader: hah, apparently I've already visited http://nfsen.sourceforge.net/ and even looked at screenshots. sigh. :)
[22:05] <randymarsh9> guess that's most important
[22:05] <randymarsh9> lordievader: do you have it running on ubuntu?
[22:06] <lordievader> randymarsh9: Nfsen, yes. Pmacct, no.
[22:06] <randymarsh9> if i download nfsen do i need to use pmacct?
[22:07] <randymarsh9> i just want to see what's using the most bandwidth
[22:07] <lordievader> Nfsen is just something to collect/display flow data. It doesn't generate it.
[22:07] <randymarsh9> so pmacct is the collector and nfsen displays it?
[22:08] <lordievader> Yes, pmacct listens on an interface and sends the flow data to nfsen.
[22:09] <randymarsh9> does nfsen come with its own web server or do i have to set one up?
[22:11] <lordievader> No, you need your own.
[22:12] <randymarsh9> why don't you run pmacct on ubuntu?
[22:12] <randymarsh9> i'm thinking of setting them both up on the same box
[22:12] <lordievader> Because the box that I want to run it on doesn't run Ubuntu?
[22:12] <randymarsh9> what does it run
[22:13] <lordievader> Gentoo.
[22:14] <randymarsh9> so why not put nfsen on gentoo as well?
[22:14] <randymarsh9> or are you trying to keep them separated
[22:16] <lordievader> Since my webserver vm runs Ubuntu.
[22:19] <randymarsh9> cool