| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
Comments:
<0> what is similar command in linux?
<1> `couse i've tryed and not only once
<2> dts: my consultancy rate is GBP1000/day
<2> dts: what have you tried?
<0> it was freebsd command to open ports lower than 1024
<3> XyZzY is there for win32 ?
<1> -a forward -s ip -d 0/0 -p tcp --dport $port -j drop/reject
<4> wxaman: who knows?
<2> dts: it's case sensisitve
<1> i've tryed with -i eth1 and -o eth0
<1> none seems to work
<5> dts: You might want to have a look at what those options actually mean
<2> dts: it still case sensitive
<5> dts: And like smsie said, it's case sensitive...forward != FORWARD
<2> -a != -A
<5> That too
<1> smsie offcourse it is, i've just wrote here not in console
<6> So anyone has any idea why when i set font size to 30 on firefox, it's still really small? seems something is fu*ked with the proportions
<6> it's same for every X app
<7> Strider: why?
<2> dts: write here *exactly* what you're writing in console
<8> smsie: that lot I work for explicitly allow ssh out though the nat. I dont' think they really realize what that means :)
<2> dts: otherwise we don't know what's happening
<9> Nanuq: because they're the only modern, light diesels available for domestic purchase in Canada that isn't a SMART?
<1> iptables -A FORWARD -o eth0 -s 10.0.00/24 -p tcp --dport 22 -j REJECT
<5> dts: You'll also want to make sure there are no other rules interfering. Of so, use -I, not -A
<7> Strider: why buy a car at all?
<2> DaveHowe: it means that anyone with $CLUE can walk around the firewall. It's not a bad thing
<1> i've tryed with -I too, the same
<9> Nanuq: because my company is moving ot a place with ****y transit, and besides, I wnat one for diving and going on trips and stuff
<1> i've typed more than 50 commands
<1> or rules or however you want them to say
<5> dts: And with all these tries you never actually considered clearing the chain? :)
<8> firewall isn't too anal anyhow, smsie - its a company whose ceo is fairly techie
<1> PolarWolf
<1> did i asked how to clear rules ?
<7> Strider: Okay..
<1> wtf:)
<5> dts: Either way, it's never a single command that does the trick. All tables and chains need to be in line and in sync
<2> iptables -I FORWARD -p tcp -i $EXTIF --dport 22 -j DROP
<5> dts: Please remember whose problem this is.
<2> that *is* the correct rule
<1> let me try it:)
<8> smsie: provided you predefine extif
<2> DaveHowe: well, yes
<2> DaveHowe: anyone who doesn't is an idiot :)
<5> And ***uming it's external to interal you want filtered
<1> no need, it's et0
<1> eth0
<2> dts: and it will *always* be eth0?
<2> dts: I have around 200 rules. I don't want to have to change them all if I swap a few cards around...
<7> hey Stephen :)
<1> i don't understand you guys
<2> heya Eric
<2> patently
<1> i've asked just one question
<1> and you answered me for 100 with no needs for me
<6> grr linux ready for the desktop my arse
<2> dts: we answered with best practice.
<8> dts and? this isn't a linux help channel. you got advice, be happy
<2> dts: I answered with how *I* would do it. If you want ansawers on how YOU should do it, pay me to consult. I'll come and analyse your needs specifically
<8> most of us get *paid* to do this **** 9-5. we don't need to do it after work too
<1> :)))
<1> guess what smsie
<1> still not working:)
<2> dts: then something else is wrong
<5> dts: iptables -nvL, dump the output on pastebin
<1> no time anymore
<1> i'll figure myself this
<1> thx anyway
<1> l8r guzy
<5> have fun.
<5> ****wad
<2> what a ****ing moron
<7> now where's whyz at
<5> Ah well, he's still the one with the problem.
<2> that *is* the right rule. His tables are probably so screwed that nothing works
<5> Yah
<5> Hmm, bulk scan script works great
<5> http://pastebin.com/755265
<2> I managed to **** up the Oracle install yesterday
<2> well, last week...we only noticed yesterday
<2> seemingly setting ora92 account shell to /bin/false is a bad idea
<5> Hahaha
<5> smsie: Wanna have fun? Install RAC
<5> That'll keep you busy for a day or so
<2> all I wanted to do was disable logins
<2> seemed like a sane way to do it
<2> oh no...not sane at all!
<10> mornin' guys, happy weekend or something :)
<2> still, luckily the support people for the failover solution told me the right way...without making me feel TOO stupid
<2> nice of them, given that it's not actually their problem
<2> long weekend
<9> why does oracle need its sehll set? that seems stupid.. but then, its whorale.. who knows what evil lies within
<2> Strider: because in order to su in the init scripts it needs to be set
<2> on Solaris at least
<2> pretty sure that Linux doesn't act that way
<8> Strider: plus some oracle processes are scripts - cron, for example
<9> oh, true
<9> damn, all these RoHS parts are annoying.. you can't solder them with standard lead/tin solder
<7> who the hell uses lead solder these days?
<0> wanna bind port 443 to ircd, any ideas how to do it w/o running it as root and no ipchains/ipfw
<0> ?
<10> LGr: you don't.
<2> LGr: you can't
<2> LGr: you'd have to hack at the kernel
<0> so the redirection with ipchains to higher port is the only solution?
<2> it's the only sane solution
<10> LGr: why on earth abuse 443 for that anyway? That makes no sense.
<2> Lion-O: because he wants to abuse a proxy somewhere
<10> smsie: hrm, hrm.
<0> because I own irc network
<8> Lion-O: or because his employer is anal and won't let him irc ;)
<0> and wanna let my users who firewalled to use port 443
<0> aka ssl ;)
<10> LGr: thats plain out stupid.
<2> Lion-O: I run an sshd on 443 for the same reason
<0> I dont see anything wrong
<10> LGr: if you wish to abuse something try 8080.
<0> 8080 is closed
<10> LGr: oh well..
<0> many ppl just got 80 and 443 opened there
<10> LGr: Speak English in here.
<0> huh?
<0> english is not my native language
<10> LGr: "people". We don't like that net crap in here.
<0> you exactly know what I mean, and 'ppl' is a well known abbreviation for word 'people'
<0> wikipedia 'people' for its meaning
<10> LGr: not in here. In here we demand you use English.
<2> LGr: not in here.
<10> LGr: Its simple, as you said, not everyone is a native English speaker and as such we want to make sure everyone understands.
<0> are you here for mental *********ion or for linux talks? )
<11> i'm for *********ion, too
<2> that match a +f somewhere maybe?
<2> in fairness, it WAS a bit wide
<12> [13:21] *** smsie sets mode: +b *!*s@*.users.undernet.org
<12> [13:21] [#linux] Banned- XyZzY, wishes, gunstar (3 users)
<10> smsie: hmm, a dual kick :) impressive 8)
<2> ah
<10> smsie: its probably my fault since I kicked him before you banned him 8)
<2> Lion-O: hmm, desynched servers maybe. MY server thinks I kicked him :)
<12> wishes is +f iirc.
<10> smsie: lol
<2> 12:26 -!- mode/#linux [+b *!*s@*.users.undernet.org] by smsie
<2> 12:26 -!- LGr was kicked from #linux by smsie [bye]
Return to
#linux
or
Go to some related
logs:
#squid
#MissKitten
janie^ quotesdb
gatirta
yppasswdd not running error
#skype
A CONVERTED CANNIBAL IS ONE WHO, ON FRIDAY, EATS ONLY FISHERMEN
Fabrizio Faniello i do.mp3
[sendmail] kill
#linuxhelp
|
|