| === fginther` is now known as fginther | ||
| teward | is there any guide or tutorial for setting up routing of a public IP to a specific container, for bidirectional NAT so that that container's traffic only is routed over that public IP? | 00:18 |
|---|---|---|
| teward | LXD containers :) | 00:18 |
| patdk-lap | that is just normal iptables stuff, nothing special about lxd | 01:05 |
| patdk-lap | or whatever your firewall is | 01:06 |
| patdk-lap | why would you even bother doing that though, and not just bind that public ip to the container itself, and bypass the need for all the extra firewall layers and nat? | 01:06 |
| teward | patdk-lap: got a guide for *that*, given that i've only got one host nic interface, with two additional IP aliases added to it, so it only uses the one IP alias? | 01:30 |
| teward | i'd *love* to bind the public IP to the container itself, but not sure how :) | 01:31 |
| teward | (more fluent with NAT and iptables than direct-binding heh) | 01:31 |
| teward | it's basically ens3 ens3:0 and ens3:1, so that the three IPs properly can connect to the 'net. | 01:34 |
| teward | erm | 01:35 |
| teward | :1 and :2 | 01:35 |
| teward | patdk-lap: is there a guide for how to bind public IPs to containers? Or is that some host ip-route stuff and container ip setup stuff? | 01:47 |
| teward | sorry for asking stupid questions, not as familiar with ip routing on LXD vs. ESXi / physical switch routing, etc. | 01:47 |
| patdk-lap | hmm, I just assign the ip to the lxd, and it's done | 02:16 |
| patdk-lap | or you use the network bridge, and then assign the ip from inside the lxd | 02:17 |
| patdk-lap | it really has to do with how you configure your container, and host, how you do it | 02:17 |
| patdk-lap | there isn't going be any generic guide, unless you build the whole system host and container using the same guide | 02:17 |
| teward | patdk-lap: I'll see what I can do, then, and if all else fails create a second bridge that bridges to the specific virtual interface (ens3:1 or such) | 02:23 |
| IShavedForThis_ | hey guys! by trying to get winscp the permission allowed to transfer webtools to my plex plugin folder on my ubuntu server, I chown -R 777 to change the permission and seem to have screwed up horribly, as now plex wont play videos, and i still can't copy | 03:10 |
| IShavedForThis_ | the folder. Does anybody know how to change the owner group back to the original for plex? | 03:11 |
| sarnold | what was the owner before you reset it? | 03:11 |
| IShavedForThis_ | I can't remember because im an idiot. It was whatever the default was | 03:12 |
| IShavedForThis_ | plex [117] possibly | 03:12 |
| sarnold | does the plex user need to be able to write to all the files? does it need to make sure other users can't read or write them? | 03:13 |
| IShavedForThis_ | owner group and others should be able to read and execute, while only the owner (plex) should be able to write | 03:15 |
| IShavedForThis_ | with an octal of 775 | 03:15 |
| IShavedForThis_ | problem is, I must have changed the owner with the chown -R 777 command | 03:15 |
| IShavedForThis_ | how do I change it back to plex? | 03:15 |
| IShavedForThis_ | by the way, thank you sarnold | 03:16 |
| sarnold | IShavedForThis_: if you want it to be plex, then chown -R plex should do the job | 03:18 |
| IShavedForThis_ | okay ill try that | 03:19 |
| IShavedForThis_ | now, do you know how to transfer files from between sftp on windows to linux? I cannot get this folder to transfer without error code 3 popping up, with no help from google | 03:21 |
| IShavedForThis_ | and that did fix the playback issue! | 03:22 |
| sarnold | hrm, the sftp manpage suggests that 'put' should work fine on directories | 03:24 |
| sarnold | at least if you use put -r | 03:25 |
| sarnold | error 3 appears to be "path not found" https://msdn.microsoft.com/en-us/library/windows/desktop/ms681382(v=vs.85).aspx -- does lls show the directory as expected? | 03:25 |
| IShavedForThis_ | weird. I'm trying to copy a file and paste it into linux | 03:26 |
| IShavedForThis_ | the directory is there as it should be, just not the folder I'm trying to paste (since it hasn't been pasted yet) | 03:27 |
| teward | patdk-lap: I got a pretty quick response on a mailing list on how to achieve the bridged connection setup, and altered my host system's settings to provide a 'bridge' with a static IP for the host that can access the 'net, and a NAT'd bridge for other containers. That should solve the direct-assignment issue. NO need to reply to my other pings :) | 03:29 |
| IShavedForThis_ | nothing. I even made the directory in ssh and still cant move the files over. | 03:34 |
| IShavedForThis_ | it looks like i need write permission as my user, as well as plex. | 03:42 |
| sarnold | if plex doesn't need write access and you don't care about other users onthe machine reading the data, the easy thing might be to re-chown the whole pile to your user account instead of plex | 03:45 |
| IShavedForThis_ | yeah I tried that and that broke plex lol, it works best as its own user | 03:46 |
| IShavedForThis_ | i wish there was a way to just sign into winscp as root so I can copy a damn directory | 03:46 |
| sarnold | sign in as plex then? | 03:47 |
| IShavedForThis_ | I tired, plex doesnt have a password, but when I enter nothing it says that access is denied. | 03:47 |
| IShavedForThis_ | is there anyway of finding out if plex does have a password? | 03:48 |
| sarnold | feel free to set one, or put an ssh key in the authorized_keys file | 03:48 |
| CarlenWhite | In BIND, if I want to prevent redundancy of IP's like if two subdomains point to the same IP, I can do: | 05:36 |
| CarlenWhite | mysubdomain 14400 IN A 123.123.123.123 | 05:37 |
| CarlenWhite | otherdomain 14400 IN A mysubdomain | 05:37 |
| CarlenWhite | Or am I thinking of CNAME actually. | 05:37 |
| sarnold | you're probably thinking of CNAME | 05:38 |
| CarlenWhite | Ah | 05:38 |
| CarlenWhite | I'm playing around in the config files to configure a home mail server for a few things to complain if something screwy is happening around the house. | 05:39 |
| CarlenWhite | E.G. The DVR system is alarmed for some reason. | 05:40 |
| CarlenWhite | So: `home 14400 IN MX 0 home` should work, since home is already defined elsewhere as a A record. | 05:41 |
| CarlenWhite | And this is a very basic mail server and I should probably prevent mail going in since it should only send mail out. | 05:42 |
| sarnold | mx records are only used when mail senders are trying to figure out which machine handles incoming email for a domain | 05:42 |
| CarlenWhite | Ah. Then I should toss that then. | 05:43 |
| CarlenWhite | If I can send mail at this state, I'll giggle. | 05:46 |
| sarnold | :D | 05:47 |
| sarnold | it's such an insanely simply protocol but the layers upon layers of stuff these days.. | 05:47 |
| CarlenWhite | Wait can I even send mail outbound with mail...? | 05:52 |
| sarnold | maybe | 05:52 |
| sarnold | some ISPs prevent their users from sending outbound mail except through their services in order to reduce spam | 05:53 |
| sarnold | hopefully you can configure your systems to 'smarthost' or 'satellite' to their systems in that case | 05:53 |
| CarlenWhite | I don't even have a mail account with em nor could I even if I wanted. | 05:54 |
| CarlenWhite | Some nuttiness on how the account was created requires us to wait until the account is put into a abandoned state so we can retake responsibility. | 05:54 |
| CarlenWhite | All because an accountant signed under their name. | 05:55 |
| sarnold | comcast? that sounds like comcast :) | 05:55 |
| CarlenWhite | Nah. TDS. | 05:55 |
| CarlenWhite | We could provide all the information that proves that the house is owned by us and they wouldn't budge. | 05:56 |
| sarnold | holy cow I'm pretty sure I paid a huge chunk of money to them in the 90s to buy an expanded memory card for my calculator. | 05:56 |
| CarlenWhite | TDS Telecom? | 05:56 |
| sarnold | this logo looks right https://en.wikipedia.org/wiki/TDS_Telecom | 05:56 |
| sarnold | apparently I can't remember their logo worth crap :) http://www.ebay.com/sch/sis.html?_nkw=Tripod-Data-Systems-TDS-48-COGO-CARD-HP-48SX-GX- | 05:59 |
| CarlenWhite | Has a vague resemblance in your defense. | 06:00 |
| CarlenWhite | Also I'm not recieving any test message so. | 06:01 |
| CarlenWhite | TDS is blocking or I'm not good with Ubuntu mailing guff. | 06:01 |
| sarnold | do you get any errors in logs? | 06:01 |
| CarlenWhite | Nope. All I got is certbot being awake to do something. | 06:01 |
| CarlenWhite | Derp I only checked dmesg | 06:05 |
| CarlenWhite | Yeah something isn't happy. https://puu.sh/vVHPK.png | 06:07 |
| sarnold | well that's at least something you can troubleshoot :) | 06:08 |
| sarnold | from the machine in question try nc alt1.gmail-blah..com:25 and try to talk smtp with it | 06:08 |
| sarnold | change networking / firewalling / etc until you can connect | 06:08 |
| CarlenWhite | Gets hung up on connection. | 06:09 |
| sarnold | based on this here it feels like a firewall is set to DROP packets | 06:10 |
| sarnold | does that ring a bell? | 06:10 |
| sarnold | it might be your isp of course | 06:10 |
| CarlenWhite | Maybe? Let me attempt to figure out what the hell resides in my IPTABLES file | 06:10 |
| sarnold | try to contact other smtp servers on port 25 | 06:10 |
| sarnold | time for me to bail, good luck :) | 06:11 |
| CarlenWhite | Bye | 06:12 |
| === JanC_ is now known as JanC | ||
| === Guest24214 is now known as clvx | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!
