| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14
Comments:
<0> yoda2: /dev/cdrom should be a symlink to the device your cdrom actually is, which is commonly something like /dev/hdc
<1> yoda did you check in /etc/fstab
<0> yoda2: and if I recall correctly, you're running fc, which probably (or should) has/have an entry in /etc/auto.misc for your cdrom, unless it couldn't detect it
<2> not this time I didn't; but i will when i go back and try other commands
<0> yoda2: type this: dmesg |grep -i cd-rom
<0> that should tell you which device it is
<2> should i do "mount -t iso 9660 /dev/hdc /mnt/cdrom" or "mount -t iso 9660 /hdc /mnt/cdrom"?
<2> it's hdc
<2> primary device on second ide chain
<0> then make /dev/cdrom a symlink to hdc
<0> and /mnt/cdrom is a better choice than /cdrom but you have to create that dir manually if it doesn't already exist
<2> ?
<0> you created /dev/cdrom using mkdir, correct?
<2> of course fiver
<0> remove it
<2> probably; i've created cdrom folders every place but in my lap
<0> and then create it as a symlink instead using ln
<0> ln -s more specifically
<2> ?
<2> ln -s?
<3> yoda2: grep cdrom /etc/fstab
<3> yoda2: None of this crap should be that hard
<3> Which leads me to say just what the hell are you doing to your system?
<2> i just cat it; but i have to boot to that drive to look at it; now i'm in windowz xp
<2> hold on ; brb
<0> reality: apparently fc didn't autodetect and configure his drive
<0> so he's trying to do it, and has made his own fstab entry
<0> which is not to be trusted
<3> For a simple cdrom, I'd say that's an unlikely scenario
<0> I think it's a burner, but even so it's unlikely
<0> yoda2: grep cdrom /etc/auto.misc
<3> It's all PEBKAC
<0> fc no longer uses fstab entries iirc, instead using autofs for cds
<0> no question there
<4> hi all
<5> hi CatalinuX
<4> how can I configure iptables so the only traffic that is allowed from the exterior is through SSH ?
<2> i'm back; i had a job interview with the company that's owned by the second richest HU man
<2> here in Austin
<2> phone
<0> did you tell him you weren't qualified? ;b
<2> lol
<2> with linux i would tell anyone
<2> but it's a windows job
<2> which doesn't give me a problem
<2> for some strange reason
<0> heh.. :x
<0> anyway..
<0> yoda2: grep cdrom /etc/auto.misc
<6> hmm austin
<2> very pretty city
<5> CatalinuX what distro ?
<6> been awhile since i visited austin
<4> Ubuntu 6.06
<4> Dapper
<6> CatalinuX iptables -I INPUT -p tcp --dport 22 -j ACCEPT
<6> CatalinuX iptables -I INPUT -j DROP
<6> oops dont do that
<6> first one then iptables -A INPUT -j DROP
<6> then only thing allowed in is ssh
<4> and this blocks ICMP pings too ?
<6> yes
<5> :)
<4> Thanks
<6> it will block everything but port 22
<4> :)
<6> though blokcing pings isn't good
<0> that's ***uming you're dealing only with INPUT traffic and not FORWARD traffic
<2> reality; part of my problem (big part); is that the installation never went through the GUI part of the install; because X failed; because of no linux video drivers; etc.,etc.,etc.
<6> Fiver true, but that is what i ***umed :)
<4> redragon: why blocking pings isn`t good ?
<6> why would blocking pings be good?
<6> !icmp
<7> hmm... icmp is Internet Control Message Protocol. or DO NOT BLOCK ALL ICMP or someone will thwack you and you will have deserved it., or use --state RELATED in iptables to selectively block and still have legal icmps p***
<0> well, blocking all ICMP isn't good anyway
<0> pings can be debated
<4> :)
<4> Ok so this commands will block INCOMING traffic. Will they also block OUTGOING ?
<0> no
<6> i reject with icmp-port-unreachable myself
<6> yes and no
<6> it wont block outgoing but if you dont add a related,established rule nothing will come back
<6> so i suggest you do
<6> iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
<4> redragon: I want to enable all OUTGOING and restrict only INCOMING
<2> <0> then make /dev/cdrom a symlink to hdc?
<6> then do that
<4> ok thanks
<0> I usually use -m conntrack --ctstate instead of -m state --state
<4> so I should give all the three commands ?
<6> yes
<0> but either is better than neither
<2> fiver's scenario about my cd-rom is exactly correct; the OS never saw and auto-configured it; it never got auto-configured
<6> and 1 more to be smart
<6> just a sec
<6> messy donut
<0> yoda2: yes, make a symlink
<2> as in?
<6> iptables -I INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
<0> as in? as in make a symlink.. use the command "ln" to create a symlink.. it's not hard.. and like most linux commands, there's a man page if you're unfamiliar with syntax
<2> thanks
<4> redragon: using these 4 commands you gave me will I have all OUTGOING traffic enabled and ingoing accepted only through SSH ? And will the OUTGOING packets I send receive a response ?
<0> yoda2: I don't know what all got b0rked when your install failed, but if you have many other problems, as a n00b, you may want to consider reinstalling in text-only mode and going from there
<6> yes CatalinuX
<6> the 127 is just to ensure that all localhost traffic isn't inhibited, that would be a bad thing
<6> every good firewall should have the 127 rule
<2> fiver; it looked like it went all the way through the installation; the only part that failed was after it reboots and continues in GUI mode; is there a way to do more of the installation including what it would do in GUI mode totally in text mode?
<4> redragon: Is there any way I can alwasy allow INCOMING traffic coming to my machine to take place if I initiate OUTGOING packets first ?
<6> CatalinuX thats what the related,estabilshed rule was for
<4> oh .. :">
<4> thanks a lot redragon ;)
<6> if the incoming packet is part of an outgoing established connected or related to an outgoing connection it will be allowed in
<0> yoda2: I believe there is, but you'll have to google for it.. I don't remember how offhand as I've never had to do it.
<2> also; my /etc/fstab commands were all done manually by me; should I remove my manually created commands in there?
<0> yoda2: or maybe ask in #fedora on freenode.net
<2> WOW
<6> ooohhhh dr who night
<2> i didn't know that one existed
<2> yes red
<0> yeah that's the "unofficial" fedora irc channel
<2> k
<2> thanks very much
<0> sure
<2> i will bug them for a while; let you all get some rest
<8> hey is redragon here
<2> he is
<8> ok
<8> where the heck is longword
<3> yoda2: You need to just go ahead and install Ubuntu
<8> the new release?
<3> Well, yeah, that would be recommended
<8> tonight usenix is going to the aquarium
<2> but i'm having so much fun banging my head against FC5
<2> reality
<3> yoda2: The only thing you're doing is messing up your system even further
<2> i can always reinstall FC5 at any point if i need to
<3> Soon, you'll be beyond the point of us being able to help you repair everything you've already botched.
<3> Or you could install Ubuntu and have a working system now
<2> format and start over fixes everything
<2> true
<2> but that would probably b too easy
<3> Does it now? What about your video card? What about your CD drive?
<2> all dead
<2> i have the linux drivers from both ATI and nvidia ready to go when I get my CD-ROM on its feet
<3> Therefore, not fixed
<3> I have a sinking suspicion that your order of devices is messed up
<2> 1) get cd-rom up 2) load nvidia motherboard linux drivers 3) get network card running 4) load video drivers and update with yum
<2> my road map
<2> right now i'm banging my head against the CD
<8> have you guys seen the new black macbooks?
Return to
#linuxhelp
or
Go to some related
logs:
#AllNiteCafe
#AllNiteCafe
xzhqwlinu
#MissKitten
#squid
#networking
#linux
+toupper +identifier not found
segula
#linux
|
|