| |
| |
| |
|
Page: 1 2 3 4 5 6
Comments:
<0> I'm abit curious why a university need solaris admins though
<0> I've never seen solaris in large production in uk unveristies
<0> I have them over a barrel here..
<0> "Due to the urgency of this role they have indicated they will be flexible on their requirements"
<0> mwahaha
<1> every uni I know has sun systems
<0> well
<0> I guess they use them heavily here too ;)
<1> they're too scared to run linux, but they're not quite stupid enough to run windows for their main systems
<0> if it warrants a big salary, mwahaha
<1> I hate my uni so much... if I could display my hate, i'm sure my eyes would boil from my skull, bleeding from every orifice I would scream in terrible pain and anguish, envolping the world in never ending darkness and agony
<2> wow
<1> luckily my hate doesn't seem to manifest in such a way
<2> luckily
<2> :)
<1> it's like it's run by a bunch of retarded monkeys
<2> in my experience most of them are
<2> around here we call it unionization
<2> :O
<1> heh
<2> i have a great dislike for ident
<2> just thought i'd share that
<1> same
<1> use a different variant like oident or pident
<2> there has to be some way to get iptables to log to a facility other than kern
<2> like local0 for example
<3> We're running a debian box with Shorewall as our Firewall... we have 1 external ip and a group of public ip's (that can be accessed thru the net)... the problem is we are trying to do some SIP calling from a certain machine, and when it connects to the outside machine, the outside machine only sees our Firewall's external IP (not the public ip of the computer making the call), so when it tries to return data back it doesnt work, despite the ports being open
<1> you can denken (iirc), see ulogd
<1> [TX], explain to me the difference between public IP and external IP
<2> i was wondering that
<1> ulogd, or public vs external? :P
<2> the later ;)
<1> hehe
<3> ferro: I'm not quite sure how it works, but the firewall has 3 nic's.. 1 nic has an IP all the traffic goes through (call it nicA), 1 nic is on our lan (nicB), and 1 nic is to a dmz (nicC)... in the dmz the group of ip's can be accessed thru the net, but when the machines make outbound connections they are seen as the ip address of nicA
<2> so they are being nat'd and they shouldnt is what it sounds like
<0> indeed
<0> do you have IPs ***igned to you from your ISP ?
<3> yes
<0> denken hit the nail on the head, [TX]
<4> [TX]: you need to forward the correct ports to the correct machine
<4> should be easy enough to do with shorewall i suppose
<3> nagual: I did
<0> Stop running nat/masq
<3> the public ip addresses are set physically on the computers.. not on the firewall
<2> well, he probably wants NAT/MASQ for the IP range hidden behind nicB
<2> just not nicC
<2> you need a special iptables setup concerning NAT/MASQ'ing of certain IP's, [TX]
<5> sounds to me like someone set up a nat-rule that was a little too big
<2> yup
<3> how do I check the nat rules
<2> read this: http://iptables-tutorial.frozentux.net/chunkyhtml/
<2> your exact scenario is outlined there
<5> iptables -t nat -F POSTROUTING; iptables -t nat -I POSTROUTING -i nicb -j MASQUERADE
<5> or something like that
<3> ive seen this network setup two ways.. one is the way I described, with the ips actually set on the computers... the other way is with the firewall having a bunch of Virtual NIC's on it with the public ip's set on them..
<3> is our setup correct? or are we supposed to use virtual nic's on the firewall?
<5> eh....
<2> your terminology is confusing
<5> why the hell ***ign the ip's to the firewall ?
<5> (aka "virtual nic's")
<1> i think he means virtual nics as in ip aliasing on interfaces
<1> e.g eth0:1
<3> ya sorry
<5> yeah, I ***umed that
<5> as long as your machine's nicA is properly ***igned as the router for the ip's hooked up on nicB on the router/gateway on nicA, there is no reason to use anything but proper routing
<3> they are
<3> well no
<3> nicB is 192.168.0.3 ... all the lan comps are 192.168.0.* ... they have 192.168.0.3 as their gateway
<5> err
<5> me thinks you need to read up on basic internet routing
<5> aren't the lan-zone hooked on nicC ?
<3> no
<3> nicC goes directly to our ISP
<3> downstairs
<5> sigh, so nicA then
<3> er ****, I mean nicA
<3> nicA goes to our isp
<3> nicC goes to another hub, with a set of computers connected to it.. nicC and those comps are using the "public" ip's ***igned by the ISP
<5> right.
<5> well, then just screw nicB for a second because that's easily configured...
<5> well, I guess nicC is too...
<6> Hey, can someone recommend a good brand of computer joystick?
<6> My old one broke
<5> basicly what you need is to drop all nat-information, then set up routing properly, with the route tool
<5> which shouldn't even be an issue if your interfaces are properly configured and routing is enabled
<3> ok thanks, I will read up more
<5> but your ISP has to have routing set up so that the router you're hooked up to knows that your ip's on nicC is _behind_ nicA
<3> ok good thing they are downstairs. :p
<5> hehe
<5> I would ***ume that they would just route everything directly on to the cable if you don't tell them otherwise
<1> stupid 1.5mbit
<1> correct me if i'm wrong here, but isn't the whole linux kernel written in C? I remember some discussion a year or so back regarding the inclusion of c++ into the kernel, but I never followed that discussion and now i've lost the thread
<7> weird
<7> Is it possible to run a ssh-server on a read-only system?
<7> As in if the hard-drive is remounted read-only normally you cant login through SSH.
<1> hum
<7> But I'd like to be able to login as SSH to initiate a reboot of the system.
<1> yes you can
<7> How would I go about to do that?
<7> I dont know how to spawn the tty's without a read-only system.
<1> not sure tbh, but i know you can do it with live CDs, they use memory in a different way though to store data
<7> And if I use ssh -t (to make it not spawn a tty) I get a very limited shell.
<7> yup.
<7> that's sort of what I'm looking for.
<1> i think you'll have to implement a similar solution to a live cd with memroy control
<7> hm. mount it on an mfs perhaps?
<1> isn't mfs for more Digital Unix, not linux based, I don't think linux system's utilize mfs. I could be very wrong here though
<1> i suggest you look at the way live cds are setup and go from there
<0> I'm being packeted.
<1> woot
<0> it sort of hurts
<1> 1.5sec reply, you're okay
<0> hehe, I know - he's using a connection of not more than 1.5Mb
<0> it's not going to even harm my router
<0> funny though
<0> idiots on irc
<1> of course, which is why i used sit behind some m***ive connections
<0> hehe
<0> my 10mbit cable evades most packets nicely. anything serious is usually directed at my web site anyways, where the firewall can take the flaq
<8> Hi. i want install another http server (i use apache now), just for FLV file, i need very smaller server.... someone know ?
<9> apt-cache search small webserver
<9> there is also an httpd in perl. fire up google for it
<8> i want someone with experience with any server....
<9> punani: poll
<10> Don't ask questions/polls like "Does anyone use X" or "Has anyone got Y", noone will answer you... ask a question directly related to your problem with a good amount of information, see 'smart questions'
<1> depends what you want to do kerlelon, the kernel even has a inbuilt webserver
<8> google use it ?
<1> aparently it's extremely fast too
<8> "aparently" ?
<1> well i haven
<1> well i haven't personally used it, so therefore it's only heresay for me
<8> nomy: this is the name of web server ? apt-cache search small webserver
<8> thttpd - tiny/turbo/throttling HTTP server
<1> apparently the monkey httpd server is supposed to be relatively good and fast as well
<1> something to do with a monkey o_O
<1> i distinctly remember a monkey
<11> anyone seen http://www.phpriot.com/3253 kind of hd failure/driver probs before
<1> sounds like a dead hd to me (or a buggy driver)
<2> nagual:
<4> .
<4> this movie is ****e anyway
<2> nomy: you around too?
<0> humm
<0> to /win 6
<0> er
<1> whoah....
<1> holy ****, this is amazing, my new soundcard plus my berhinnger headphones tripples it's output
Return to
#debian
or
Go to some related
logs:
#politics
#goal
#beginner
miami vice testarossa avi
verbal reasonsing
#politics
#politics
Assue france
#windows
#computers
|
|