From beck0778 at umn.edu Tue Jul 1 13:58:09 2008 From: beck0778 at umn.edu (beck0778 at umn.edu) Date: 01 Jul 2008 13:58:09 -0500 Subject: [tclug-list] Has anyone ever used firewire with a Comcast cable box? Message-ID: Apparently there's an FCC ruling that requires cable companies to provide a firewire-capable set top box if the customer asks for one. Has anyone out there ever tried using firewire to get content out of a comcast cable box? Were they willing to provide you with one of these boxes? Were you able to watch/record any channels on your linux box over firewire? --Matthew From sloncho at gmail.com Tue Jul 1 14:18:27 2008 From: sloncho at gmail.com (Sunny) Date: Tue, 1 Jul 2008 14:18:27 -0500 Subject: [tclug-list] Has anyone ever used firewire with a Comcast cable box? In-Reply-To: References: Message-ID: On Tue, Jul 1, 2008 at 1:58 PM, wrote: > Apparently there's an FCC ruling that requires cable companies to provide a > firewire-capable set top box if the customer asks for one. Has anyone out > there ever tried using firewire to get content out of a comcast cable box? > Were they willing to provide you with one of these boxes? Were you able to > watch/record any channels on your linux box over firewire? > > --Matthew > Yes, I did in the past. I took me about an hour at their office in St. Paul until the person there understood what I want, going trough hoops that they do not have one, etc. At the end they found a box. It appeared that they did not know what to look for. Also, most of the boxes they found with firewire were actually DVRs, not regular boxes, and they tried to charge me for DVR. Anyway, they found the box (note, you need to printout and show them the FCC ruling, otherwise you may be out of luck). It worked well with MythTV, and I was able to record the off the air (non-encrypted) content. I do not know about others, because I did not pay axtra for the rest of the HD channels. As a summary - the unencrypted channels can be tuned even if you have basic subscription w/o HD at all. So if you need only them you are better with a HD tuner card. Cheers -- Svetoslav Milenov (Sunny) Even the most advanced equipment in the hands of the ignorant is just a pile of scrap. From airchia at gmail.com Wed Jul 2 15:02:53 2008 From: airchia at gmail.com (Nick Scholtes) Date: Wed, 2 Jul 2008 15:02:53 -0500 Subject: [tclug-list] Sound Doesn't Work Message-ID: I have a Dell Latitude laptop (can't remember model number off hand), it's about three years old. I have Fedora Core 5 and I can't get the sound to work. I have a functioning sound card. Ideas? (Sorry I don't have more info, but I'm at work; laptop's at home) Thanks! Nick -- Art: bellsoffreedom.cgsociety.org/gallery/ Blog: cognitivealchemy.blogspot.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080702/a03cd531/attachment.htm From erikerik at gmail.com Wed Jul 2 15:13:16 2008 From: erikerik at gmail.com (Erik Anderson) Date: Wed, 2 Jul 2008 15:13:16 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: References: Message-ID: On Wed, Jul 2, 2008 at 3:02 PM, Nick Scholtes wrote: > I have a Dell Latitude laptop (can't remember model number off hand), it's > about three years old. I have Fedora Core 5 and I can't get the sound to > work. I have a functioning sound card. Ideas? (Sorry I don't have more info, > but I'm at work; laptop's at home) Nick - I'd guess FC5 either isn't loading any drivers for the card or is loading the incorrect drivers. Usually what I do in this case is boot up a knoppix CD. That will load up the correct drivers in 99% of the cases in my experience. Then when you verify that sound is working in knoppix, you can check what drivers it loaded (run lsmod from the CLI) and make sure FC5 is loading the same ones. -Erik From airchia at gmail.com Wed Jul 2 15:26:00 2008 From: airchia at gmail.com (Nick Scholtes) Date: Wed, 2 Jul 2008 15:26:00 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: References: Message-ID: Hi Erik, Thanks for the advice. I'm a bit of a novice with Linux. Could you walk me through that? What's knoppix? I can run lsmod from any shell, right? Thanks, Nick On Wed, Jul 2, 2008 at 3:13 PM, Erik Anderson wrote: > On Wed, Jul 2, 2008 at 3:02 PM, Nick Scholtes wrote: > > I have a Dell Latitude laptop (can't remember model number off hand), > it's > > about three years old. I have Fedora Core 5 and I can't get the sound to > > work. I have a functioning sound card. Ideas? (Sorry I don't have more > info, > > but I'm at work; laptop's at home) > > Nick - I'd guess FC5 either isn't loading any drivers for the card or > is loading the incorrect drivers. Usually what I do in this case is > boot up a knoppix CD. That will load up the correct drivers in 99% of > the cases in my experience. Then when you verify that sound is working > in knoppix, you can check what drivers it loaded (run lsmod from the > CLI) and make sure FC5 is loading the same ones. > > -Erik > -- Art: bellsoffreedom.cgsociety.org/gallery/ Blog: cognitivealchemy.blogspot.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080702/948ba40d/attachment.htm From erikerik at gmail.com Wed Jul 2 15:28:53 2008 From: erikerik at gmail.com (Erik Anderson) Date: Wed, 2 Jul 2008 15:28:53 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: References: Message-ID: Knoppix is a livecd version of linux you can download for free. You basically download the knoppix iso image, burn it to a CD (as you did the FC5 image), then boot off of it. It allows you to run a full non-destructive linux environment off of a CD. Unfortunately I'm leaving the office momentarily, so I don't have time to give you more details than that. Possibly someone else on the list will be able to, though? -Erik On Wed, Jul 2, 2008 at 3:26 PM, Nick Scholtes wrote: > Hi Erik, > > Thanks for the advice. I'm a bit of a novice with Linux. Could you walk me > through that? What's knoppix? > I can run lsmod from any shell, right? > > Thanks, > Nick > > > On Wed, Jul 2, 2008 at 3:13 PM, Erik Anderson wrote: >> >> On Wed, Jul 2, 2008 at 3:02 PM, Nick Scholtes wrote: >> > I have a Dell Latitude laptop (can't remember model number off hand), >> > it's >> > about three years old. I have Fedora Core 5 and I can't get the sound to >> > work. I have a functioning sound card. Ideas? (Sorry I don't have more >> > info, >> > but I'm at work; laptop's at home) >> >> Nick - I'd guess FC5 either isn't loading any drivers for the card or >> is loading the incorrect drivers. Usually what I do in this case is >> boot up a knoppix CD. That will load up the correct drivers in 99% of >> the cases in my experience. Then when you verify that sound is working >> in knoppix, you can check what drivers it loaded (run lsmod from the >> CLI) and make sure FC5 is loading the same ones. >> >> -Erik > > > > -- > Art: bellsoffreedom.cgsociety.org/gallery/ > > Blog: cognitivealchemy.blogspot.com -- Erik Anderson http://andersonfam.org From trnja001 at umn.edu Wed Jul 2 15:35:33 2008 From: trnja001 at umn.edu (Elvedin Trnjanin) Date: Wed, 02 Jul 2008 15:35:33 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: References: Message-ID: <486BE695.4070406@umn.edu> Knoppix lets you boot into a usable Linux environment from a CD or DVD, meaning you don't have to install it on your hard drive on overwrite whatever is on there. If you're going to download a big ISO, I'd suggest downloading and installing Fedora Core 9 instead as it'll most likely support your hardware out of the box. You can run lsmod from any shell and attach the results to the e-mail if you'd like. Nick Scholtes wrote: > Hi Erik, > > Thanks for the advice. I'm a bit of a novice with Linux. Could you > walk me through that? What's knoppix? > I can run lsmod from any shell, right? > > Thanks, > Nick > > > On Wed, Jul 2, 2008 at 3:13 PM, Erik Anderson > wrote: > > On Wed, Jul 2, 2008 at 3:02 PM, Nick Scholtes > wrote: > > I have a Dell Latitude laptop (can't remember model number off > hand), it's > > about three years old. I have Fedora Core 5 and I can't get the > sound to > > work. I have a functioning sound card. Ideas? (Sorry I don't > have more info, > > but I'm at work; laptop's at home) > > Nick - I'd guess FC5 either isn't loading any drivers for the card or > is loading the incorrect drivers. Usually what I do in this case is > boot up a knoppix CD. That will load up the correct drivers in 99% of > the cases in my experience. Then when you verify that sound is working > in knoppix, you can check what drivers it loaded (run lsmod from the > CLI) and make sure FC5 is loading the same ones. > > -Erik > > > > > -- > Art: bellsoffreedom.cgsociety.org/gallery/ > > > Blog: cognitivealchemy.blogspot.com > > ------------------------------------------------------------------------ > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > From bradyh at bitstream.net Wed Jul 2 16:00:16 2008 From: bradyh at bitstream.net (bradyh at bitstream.net) Date: Wed, 2 Jul 2008 16:00:16 -0500 (CDT) Subject: [tclug-list] Sound Doesn't Work In-Reply-To: <486BE695.4070406@umn.edu> References: <486BE695.4070406@umn.edu> Message-ID: <46061.151.151.73.170.1215032416.squirrel@webmail.iphouse.com> Core 5? That's pretty old. How many floppy disks does that require? ;-) If you don't think you can run the newest versions or don't want to upgrade then try the lsmod test. If you're not sure if your laptop can handle it Knoppix would make a good test. Otherwise definitely upgrade to Core 9. If you aren't able to download and burn the disks there are people here who could do it for you. I'll do it if Qwest comes through with my new 3-7Mbps connection. -Brady > Knoppix lets you boot into a usable Linux environment from a CD or DVD, > meaning you don't have to install it on your hard drive on overwrite > whatever is on there. If you're going to download a big ISO, I'd suggest > downloading and installing Fedora Core 9 instead as it'll most likely > support your hardware out of the box. > > You can run lsmod from any shell and attach the results to the e-mail if > you'd like. > > > Nick Scholtes wrote: >> Hi Erik, >> >> Thanks for the advice. I'm a bit of a novice with Linux. Could you >> walk me through that? What's knoppix? >> I can run lsmod from any shell, right? >> >> Thanks, >> Nick >> >> >> On Wed, Jul 2, 2008 at 3:13 PM, Erik Anderson > > wrote: >> >> On Wed, Jul 2, 2008 at 3:02 PM, Nick Scholtes > > wrote: >> > I have a Dell Latitude laptop (can't remember model number off >> hand), it's >> > about three years old. I have Fedora Core 5 and I can't get the >> sound to >> > work. I have a functioning sound card. Ideas? (Sorry I don't >> have more info, >> > but I'm at work; laptop's at home) >> >> Nick - I'd guess FC5 either isn't loading any drivers for the card >> or >> is loading the incorrect drivers. Usually what I do in this case is >> boot up a knoppix CD. That will load up the correct drivers in 99% >> of >> the cases in my experience. Then when you verify that sound is >> working >> in knoppix, you can check what drivers it loaded (run lsmod from the >> CLI) and make sure FC5 is loading the same ones. >> >> -Erik >> >> >> >> >> -- >> Art: bellsoffreedom.cgsociety.org/gallery/ >> >> >> Blog: cognitivealchemy.blogspot.com >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >> tclug-list at mn-linux.org >> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >> > > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > From tompoe at fngi.net Wed Jul 2 15:25:40 2008 From: tompoe at fngi.net (Tom Poe) Date: Wed, 02 Jul 2008 15:25:40 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: References: Message-ID: <486BE444.50702@fngi.net> Nick Scholtes wrote: > I have a Dell Latitude laptop (can't remember model number off hand), > it's about three years old. I have Fedora Core 5 and I can't get the > sound to work. I have a functioning sound card. Ideas? (Sorry I don't > have more info, but I'm at work; laptop's at home) > > Thanks! > Nick > > -- > Art: bellsoffreedom.cgsociety.org/gallery/ > > > Blog: cognitivealchemy.blogspot.com > > ------------------------------------------------------------------------ > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > Nick: Try hitting sound direct with: $ aplay samplewav.wav (you'll need to search for file: locate *.wav and pick one) tom From airchia at gmail.com Wed Jul 2 18:03:48 2008 From: airchia at gmail.com (Nick Scholtes) Date: Wed, 2 Jul 2008 18:03:48 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: <46061.151.151.73.170.1215032416.squirrel@webmail.iphouse.com> References: <486BE695.4070406@umn.edu> <46061.151.151.73.170.1215032416.squirrel@webmail.iphouse.com> Message-ID: Wow, everyone on this list is so helpful and friendly. Thank you. I appreciate the comments. Sometimes you get flamed for asking seemingly pedestrian questions! I'll try downloading knoppix and maybe even upgrading to the new Fedora Core. I have broadband, so I'm able to do it. But thank you for the offer. More as it unfolds! Nick On Wed, Jul 2, 2008 at 4:00 PM, wrote: > Core 5? That's pretty old. How many floppy disks does that require? ;-) > > If you don't think you can run the newest versions or don't want to > upgrade then try the lsmod test. If you're not sure if your laptop can > handle it Knoppix would make a good test. Otherwise definitely upgrade to > Core 9. > > If you aren't able to download and burn the disks there are people here > who could do it for you. I'll do it if Qwest comes through with my new > 3-7Mbps connection. > > -Brady > > > Knoppix lets you boot into a usable Linux environment from a CD or DVD, > > meaning you don't have to install it on your hard drive on overwrite > > whatever is on there. If you're going to download a big ISO, I'd suggest > > downloading and installing Fedora Core 9 instead as it'll most likely > > support your hardware out of the box. > > > > You can run lsmod from any shell and attach the results to the e-mail if > > you'd like. > > > > > > Nick Scholtes wrote: > >> Hi Erik, > >> > >> Thanks for the advice. I'm a bit of a novice with Linux. Could you > >> walk me through that? What's knoppix? > >> I can run lsmod from any shell, right? > >> > >> Thanks, > >> Nick > >> > >> > >> On Wed, Jul 2, 2008 at 3:13 PM, Erik Anderson >> > wrote: > >> > >> On Wed, Jul 2, 2008 at 3:02 PM, Nick Scholtes >> > wrote: > >> > I have a Dell Latitude laptop (can't remember model number off > >> hand), it's > >> > about three years old. I have Fedora Core 5 and I can't get the > >> sound to > >> > work. I have a functioning sound card. Ideas? (Sorry I don't > >> have more info, > >> > but I'm at work; laptop's at home) > >> > >> Nick - I'd guess FC5 either isn't loading any drivers for the card > >> or > >> is loading the incorrect drivers. Usually what I do in this case is > >> boot up a knoppix CD. That will load up the correct drivers in 99% > >> of > >> the cases in my experience. Then when you verify that sound is > >> working > >> in knoppix, you can check what drivers it loaded (run lsmod from the > >> CLI) and make sure FC5 is loading the same ones. > >> > >> -Erik > >> > >> > >> > >> > >> -- > >> Art: bellsoffreedom.cgsociety.org/gallery/ > >> > >> > >> Blog: cognitivealchemy.blogspot.com > >> > >> ------------------------------------------------------------------------ > >> > >> _______________________________________________ > >> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > >> tclug-list at mn-linux.org > >> http://mailman.mn-linux.org/mailman/listinfo/tclug-list > >> > > > > > > _______________________________________________ > > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > > tclug-list at mn-linux.org > > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > > > > -- Art: bellsoffreedom.cgsociety.org/gallery/ Blog: cognitivealchemy.blogspot.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080702/9af7a24e/attachment-0001.htm From andyzib at gmail.com Wed Jul 2 18:12:57 2008 From: andyzib at gmail.com (Andrew Zbikowski) Date: Wed, 2 Jul 2008 18:12:57 -0500 Subject: [tclug-list] DSL modem for grandma In-Reply-To: <20080627115637.d75f6c7d.tclug@jfoo.org> References: <65293fcc0806270714w3aaf3c0el7c63495a9314af68@mail.gmail.com> <065601c8d874$cc906440$e017a8c0@usicorp.usinternet.com> <20080627115637.d75f6c7d.tclug@jfoo.org> Message-ID: Find something that is just a DSL modem/bridge without the frills of Wireless networking, NAT, etc. I've got a company that is using a DLink DSL Router/Modem in bridge mode and haven't had a problem with the modem for at least 2 years. I'm very happy having a DSL modem that is only smart enough to do the DSL authentication and dump an Ethernet connection to a better device. Separating the modem from the router makes life easier if you decide to change to cable in the future. Say you want to move from 802.11B to 802.11G to 802.11N to 802.11whateverisnext, or change to a router that has external storage, move to a Time Capsule, whatever. The less you have to involve your ISP with such a change the better. :) Once you have a DSL modem, pick a router that is supported by OpenWRT (www.openwrt.org) and/or DD-WRT (www.dd-wrt.com). OpenWRT Supported Hardware: http://wiki.openwrt.org/TableOfHardware?action=show&redirect=toh DD-WRT Supported Hardware: http://www.dd-wrt.com/wiki/index.php/Supported_Devices I go by the OpenWRT list. You want one that says Supported, not WIP or Kamikaze. Even if you don't use the 3rd party firmware you will still end up with a Router/AP that is better behaved than most of the devices made by the same manufacturers but don't run OpenWRT/DD-WRT. This is all my opinion on how I like to have things setup. I like having the option of dropping my cable or DSL service without having to swap out my router/firewall. Good for threatening to cancel your cable service. :) -- Andrew S. Zbikowski | http://andy.zibnet.us IT Outhouse Blog Thing | http://www.itouthouse.com From tclug at cmulcahy.com Wed Jul 2 18:55:48 2008 From: tclug at cmulcahy.com (tclug at cmulcahy.com) Date: Wed, 02 Jul 2008 18:55:48 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: References: Message-ID: <486C1584.4090903@cmulcahy.com> An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080702/281709aa/attachment.htm From jucziz6 at gmail.com Wed Jul 2 21:40:11 2008 From: jucziz6 at gmail.com (James) Date: Wed, 2 Jul 2008 21:40:11 -0500 Subject: [tclug-list] DNS connection refused Message-ID: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> Howdy, I have Fedora 9 installed and would like to use it as the DNS system in the house. The setup is as follows options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; forwarders { 68.87.77.130; 68.87.72.130; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; zone "home.local" { type master; file "/var/named/home.local.hosts"; }; zone "1.168.192.in-addr.arpa" { type master; file "1.168.192.in-addr.arpa.zone"; allow-update { key "rndckey"; }; notify yes; I have the files in /var/named setup and configured. From the DNS system I can type nslookup 43p and get the following [root at fc9 named]# vi /etc/named.conf [root at fc9 named]# nslookup 43p Server: 127.0.0.1 Address: 127.0.0.1#53 Name: 43p.home.local Address: 192.168.1.52 From tclug at beitsahour.net Wed Jul 2 21:47:55 2008 From: tclug at beitsahour.net (Munir Nassar) Date: Wed, 02 Jul 2008 21:47:55 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> Message-ID: <486C3DDB.9060607@beitsahour.net> James wrote: > Howdy, > > I have Fedora 9 installed and would like to use it as the DNS system in > the house. > > The setup is as follows > > options { > listen-on port 53 { 127.0.0.1 ; }; > listen-on-v6 port 53 { ::1; }; > directory "/var/named"; > dump-file "/var/named/data/cache_dump.db"; > statistics-file "/var/named/data/named_stats.txt"; > memstatistics-file "/var/named/data/named_mem_stats.txt"; > allow-query { localhost; }; this tells it to only allow localhost to use this server as a resolver, add your subnet in: allow-query { localhost; 10.0.0.0/24; }; or define an acl for your local net acl localnet { 10.0.0.0/24; }; and then you can use localnet in the allow-query list From kjh at flyballdogs.com Wed Jul 2 22:00:09 2008 From: kjh at flyballdogs.com (Kathryn Hogg) Date: Wed, 2 Jul 2008 22:00:09 -0500 (CDT) Subject: [tclug-list] {Disarmed} DNS connection refused In-Reply-To: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> Message-ID: <38896.192.168.0.7.1215054009.squirrel@flyballdogs.com> Did you open port 53 on the firefall that comes with fedora? System->Adminstration->Firewall on the gnome menu -- Kathryn http://womensfooty.com From jucziz6 at gmail.com Wed Jul 2 21:58:03 2008 From: jucziz6 at gmail.com (James) Date: Wed, 2 Jul 2008 21:58:03 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: <65C7B8766ADCD445B28DEA1DF0C7FC1F011B3F65@MSPMAILCL01.int.capella.lan> References: <65C7B8766ADCD445B28DEA1DF0C7FC1F011B3F65@MSPMAILCL01.int.capella.lan> Message-ID: <81675d140807021958l266885c9w48c382f29550151b@mail.gmail.com> I should have mentioned that I tried chaning /etc/named.conf listen-on port 53 { 127.0.0.1; }; to listen-on port 53 { 192.168.1.50; }; On Wed, Jul 2, 2008 at 9:51 PM, Stuart, Joseph wrote: > This is from my blackberry so I might not have seen it all, but maybe the > listen-on port 53 (127.00.1) is the problem. Shouldn't that ip be the > external interface? > > > ----- > Sent from my wireless device > > > -----Original Message----- > From: tclug-list-bounces at mn-linux.org > To: tclug-list at mn-linux.org > Sent: Wed Jul 02 21:40:11 2008 > Subject: [tclug-list] DNS connection refused > > Howdy, > > I have Fedora 9 installed and would like to use it as the DNS system in the > house. > > The setup is as follows > > options { > listen-on port 53 { 127.0.0.1; }; > listen-on-v6 port 53 { ::1; }; > directory "/var/named"; > dump-file "/var/named/data/cache_dump.db"; > statistics-file "/var/named/data/named_stats.txt"; > memstatistics-file "/var/named/data/named_mem_stats.txt"; > allow-query { localhost; }; > recursion yes; > forwarders { > 68.87.77.130; > 68.87.72.130; > }; > }; > logging { > channel default_debug { > file "data/named.run"; > severity dynamic; > }; > }; > zone "." IN { > type hint; > file "named.ca"; > }; > > > include "/etc/named.rfc1912.zones"; > > zone "home.local" { > type master; > file "/var/named/home.local.hosts"; > }; > > zone "1.168.192.in-addr.arpa" { > type master; > file "1.168.192.in-addr.arpa.zone"; > allow-update { key "rndckey"; }; > notify yes; > > > I have the files in /var/named setup and configured. From the DNS system I > can type > nslookup 43p and get the following > [root at fc9 named]# vi /etc/named.conf > [root at fc9 named]# nslookup 43p > Server: 127.0.0.1 > Address: 127.0.0.1#53 > Name: 43p.home.local > Address: 192.168.1.52 > > From a windows system I get the following > C:\Users\dalan>nslookup 43p > Server: UnKnown > Address: 192.168.1.50:53 > *** UnKnown can't find 43p: Query refused > > From the AIX system I get > (43p-aix) [dalan] nslookup 43p > *** Can't find server name for address 192.168.1.50:Query refused > *** Default servers are not available > (43p-aix) [dalan] > > I have shut off the firewall and SE-Linux on the Fedora system. I'm not > sure why the fedora system is blocking/refusing the request coming from > another system. > I even put the following entries in iptables. > SERVER_IP="192.168.1.50" > iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $SERVER_IP --dport 53 > -m state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 --dport > 1024:65535 -m state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p udp -s 0/0 --sport 53 -d $SERVER_IP --dport 53 -m > state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 --dport 53 -m > state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d $SERVER_IP --dport 53 > -m state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 --dport > 1024:65535 -m state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p tcp -s 0/0 --sport 53 -d $SERVER_IP --dport 53 -m > state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 --dport 53 -m > state --state ESTABLISHED -j ACCEPT > > I still have the same effect. > > Running the following shows that the system is refusing the connection. > /usr/sbin/tcpdump -X port 53 > > [root at fc9 named]# /usr/sbin/tcpdump -X port 53 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes > 21:39:38.512926 IP aix.sparish.local.52686 > fc9.sparish.local.domain: > 46304+ PTR? 50.1.168.192.in-addr.arpa. (43) > 0x0000: 4500 0047 ac22 0000 1e11 6ccd c0a8 0134 E..G."....l....4 > 0x0010: c0a8 0132 cdce 0035 0033 7c2c b4e0 0100 ...2...5.3|,.... > 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 .........50.1.16 > 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 8.192.in-addr.ar > 0x0040: 7061 0000 0c00 01 pa..... > 21:39:38.519048 IP fc9.sparish.local.domain > aix.sparish.local.52686: > 46304 Refused- 0/0/0 (43) > 0x0000: 4500 0047 0000 4000 4011 b6ef c0a8 0132 E..G.. at .@......2 > 0x0010: c0a8 0134 0035 cdce 0033 fc26 b4e0 8105 ...4.5...3.&.... > 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 .........50.1.16 > 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 8.192.in-addr.ar > 0x0040: 7061 0000 0c00 01 pa..... > > > Any help would be welcome > > Thanks > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080702/7a88f918/attachment-0001.htm From Joseph.Stuart at capella.edu Wed Jul 2 21:51:18 2008 From: Joseph.Stuart at capella.edu (Stuart, Joseph) Date: Wed, 2 Jul 2008 21:51:18 -0500 Subject: [tclug-list] DNS connection refused Message-ID: <65C7B8766ADCD445B28DEA1DF0C7FC1F011B3F65@MSPMAILCL01.int.capella.lan> This is from my blackberry so I might not have seen it all, but maybe the listen-on port 53 (127.00.1) is the problem. Shouldn't that ip be the external interface? ----- Sent from my wireless device -----Original Message----- From: tclug-list-bounces at mn-linux.org To: tclug-list at mn-linux.org Sent: Wed Jul 02 21:40:11 2008 Subject: [tclug-list] DNS connection refused Howdy, I have Fedora 9 installed and would like to use it as the DNS system in the house. The setup is as follows options { listen-on port 53 { 127.0.0.1; }; listen-on-v6 port 53 { ::1; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query { localhost; }; recursion yes; forwarders { 68.87.77.130; 68.87.72.130; }; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." IN { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; zone "home.local" { type master; file "/var/named/home.local.hosts"; }; zone "1.168.192.in-addr.arpa" { type master; file "1.168.192.in-addr.arpa.zone"; allow-update { key "rndckey"; }; notify yes; I have the files in /var/named setup and configured. From the DNS system I can type nslookup 43p and get the following [root at fc9 named]# vi /etc/named.conf [root at fc9 named]# nslookup 43p Server: 127.0.0.1 Address: 127.0.0.1#53 Name: 43p.home.local Address: 192.168.1.52 From a windows system I get the following C:\Users\dalan>nslookup 43p Server: UnKnown Address: 192.168.1.50:53 *** UnKnown can't find 43p: Query refused From the AIX system I get (43p-aix) [dalan] nslookup 43p *** Can't find server name for address 192.168.1.50:Query refused *** Default servers are not available (43p-aix) [dalan] I have shut off the firewall and SE-Linux on the Fedora system. I'm not sure why the fedora system is blocking/refusing the request coming from another system. I even put the following entries in iptables. SERVER_IP="192.168.1.50" iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $SERVER_IP --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -p udp -s 0/0 --sport 53 -d $SERVER_IP --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 --dport 53 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d $SERVER_IP --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp -s 0/0 --sport 53 -d $SERVER_IP --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 --dport 53 -m state --state ESTABLISHED -j ACCEPT I still have the same effect. Running the following shows that the system is refusing the connection. /usr/sbin/tcpdump -X port 53 [root at fc9 named]# /usr/sbin/tcpdump -X port 53 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 21:39:38.512926 IP aix.sparish.local.52686 > fc9.sparish.local.domain: 46304+ PTR? 50.1.168.192.in-addr.arpa. (43) 0x0000: 4500 0047 ac22 0000 1e11 6ccd c0a8 0134 E..G."....l....4 0x0010: c0a8 0132 cdce 0035 0033 7c2c b4e0 0100 ...2...5.3|,.... 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 .........50.1.16 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 8.192.in-addr.ar 0x0040: 7061 0000 0c00 01 pa..... 21:39:38.519048 IP fc9.sparish.local.domain > aix.sparish.local.52686: 46304 Refused- 0/0/0 (43) 0x0000: 4500 0047 0000 4000 4011 b6ef c0a8 0132 E..G.. at .@......2 0x0010: c0a8 0134 0035 cdce 0033 fc26 b4e0 8105 ...4.5...3.&.... 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 .........50.1.16 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 8.192.in-addr.ar 0x0040: 7061 0000 0c00 01 pa..... Any help would be welcome Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080702/a2ff930a/attachment.htm From kjh at flyballdogs.com Wed Jul 2 22:03:13 2008 From: kjh at flyballdogs.com (Kathryn Hogg) Date: Wed, 2 Jul 2008 22:03:13 -0500 (CDT) Subject: [tclug-list] {Disarmed} DNS connection refused In-Reply-To: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> Message-ID: <62488.192.168.0.7.1215054193.squirrel@flyballdogs.com> A > options { > listen-on port 53 { 127.0.0.1; }; Won't this restrict to listening only on localhost? No other hosts will be able to connect to port 53 on this machine. > listen-on-v6 port 53 { ::1; }; > directory "/var/named"; > dump-file "/var/named/data/cache_dump.db"; > statistics-file "/var/named/data/named_stats.txt"; > memstatistics-file "/var/named/data/named_mem_stats.txt"; > allow-query { localhost; }; And this will only allow queries from localhost -- Kathryn http://womensfooty.com From jucziz6 at gmail.com Wed Jul 2 22:06:49 2008 From: jucziz6 at gmail.com (James) Date: Wed, 2 Jul 2008 22:06:49 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: <486C3DDB.9060607@beitsahour.net> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> <486C3DDB.9060607@beitsahour.net> Message-ID: <81675d140807022006j1a7e39a4m571cf7339e87d81b@mail.gmail.com> I inserted your suggestion and the connection is still refused. I also tried to telnet to the port and the telnet gets refused. Thanks James On Wed, Jul 2, 2008 at 9:47 PM, Munir Nassar wrote: > James wrote: > > Howdy, > > > > I have Fedora 9 installed and would like to use it as the DNS system in > > the house. > > > > The setup is as follows > > > > options { > > listen-on port 53 { 127.0.0.1 ; }; > > listen-on-v6 port 53 { ::1; }; > > directory "/var/named"; > > dump-file "/var/named/data/cache_dump.db"; > > statistics-file "/var/named/data/named_stats.txt"; > > memstatistics-file "/var/named/data/named_mem_stats.txt"; > > allow-query { localhost; }; > > > this tells it to only allow localhost to use this server as a resolver, > add your subnet in: > allow-query { > localhost; > 10.0.0.0/24; > }; > > or define an acl for your local net > > acl localnet { > 10.0.0.0/24; > }; > > and then you can use localnet in the allow-query list > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080702/066aeb85/attachment.htm From jucziz6 at gmail.com Wed Jul 2 22:07:21 2008 From: jucziz6 at gmail.com (James) Date: Wed, 2 Jul 2008 22:07:21 -0500 Subject: [tclug-list] {Disarmed} DNS connection refused In-Reply-To: <38896.192.168.0.7.1215054009.squirrel@flyballdogs.com> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> <38896.192.168.0.7.1215054009.squirrel@flyballdogs.com> Message-ID: <81675d140807022007j199f1abeh30bce5f7354daae1@mail.gmail.com> I've shut off the firewall. On Wed, Jul 2, 2008 at 10:00 PM, Kathryn Hogg wrote: > Did you open port 53 on the firefall that comes with fedora? > > System->Adminstration->Firewall on the gnome menu > > -- > Kathryn > http://womensfooty.com > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080702/994d0099/attachment-0001.htm From tclug at beitsahour.net Wed Jul 2 22:23:32 2008 From: tclug at beitsahour.net (Munir Nassar) Date: Wed, 02 Jul 2008 22:23:32 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: <81675d140807022006j1a7e39a4m571cf7339e87d81b@mail.gmail.com> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> <486C3DDB.9060607@beitsahour.net> <81675d140807022006j1a7e39a4m571cf7339e87d81b@mail.gmail.com> Message-ID: <486C4634.8000508@beitsahour.net> James wrote: > I inserted your suggestion and the connection is still refused. > > I also tried to telnet to the port and the telnet gets refused. > > Thanks > James > > On Wed, Jul 2, 2008 at 9:47 PM, Munir Nassar > wrote: > > James wrote: > > Howdy, > > > > I have Fedora 9 installed and would like to use it as the DNS > system in > > the house. > > > > The setup is as follows > > > > options { > > listen-on port 53 { 127.0.0.1 > >; }; > Need to change this to listen on all your interfaces, also dns is udp, you cannot telnet to port 53 to test it out, use host @localhost www.example.com or dig www.example.com localhost From tclug at beitsahour.net Thu Jul 3 09:38:59 2008 From: tclug at beitsahour.net (Munir Nassar) Date: Thu, 03 Jul 2008 09:38:59 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> <486C3DDB.9060607@beitsahour.net> <81675d140807022006j1a7e39a4m571cf7339e87d81b@mail.gmail.com> <486C4634.8000508@beitsahour.net> Message-ID: <486CE483.2010907@beitsahour.net> Jima wrote: > > While I'll agree that you're right about the DNS, UDP, and telnet > parts, you appear to have mixed up the syntax for `dig` and `host`. > It's: > > dig @localhost www.example.com > or > host www.example.com localhost i cannot help it that English is my second language ;) From jucziz6 at gmail.com Thu Jul 3 09:55:24 2008 From: jucziz6 at gmail.com (James) Date: Thu, 3 Jul 2008 09:55:24 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: <486CE483.2010907@beitsahour.net> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> <486C3DDB.9060607@beitsahour.net> <81675d140807022006j1a7e39a4m571cf7339e87d81b@mail.gmail.com> <486C4634.8000508@beitsahour.net> <486CE483.2010907@beitsahour.net> Message-ID: <81675d140807030755m16ef24e0k8f97ffbb598c9698@mail.gmail.com> Figures the returns I get from a google search would tell me to test with Telnet and they have it wrong.. Thank Munir On Thu, Jul 3, 2008 at 9:38 AM, Munir Nassar wrote: > Jima wrote: > > > > While I'll agree that you're right about the DNS, UDP, and telnet > > parts, you appear to have mixed up the syntax for `dig` and `host`. > > It's: > > > > dig @localhost www.example.com > > or > > host www.example.com localhost > i cannot help it that English is my second language ;) > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080703/af7ab7b2/attachment.htm From jima at beer.tclug.org Thu Jul 3 09:37:48 2008 From: jima at beer.tclug.org (Jima) Date: Thu, 3 Jul 2008 09:37:48 -0500 (CDT) Subject: [tclug-list] DNS connection refused In-Reply-To: <486C4634.8000508@beitsahour.net> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> <486C3DDB.9060607@beitsahour.net> <81675d140807022006j1a7e39a4m571cf7339e87d81b@mail.gmail.com> <486C4634.8000508@beitsahour.net> Message-ID: On Wed, 2 Jul 2008, Munir Nassar wrote: > Need to change this to listen on all your interfaces, > > also dns is udp, you cannot telnet to port 53 to test it out, use host > @localhost www.example.com or dig www.example.com localhost While I'll agree that you're right about the DNS, UDP, and telnet parts, you appear to have mixed up the syntax for `dig` and `host`. It's: dig @localhost www.example.com or host www.example.com localhost FYI. :-) Jima From marc at e-skinner.net Thu Jul 3 10:46:25 2008 From: marc at e-skinner.net (Marc Skinner) Date: Thu, 03 Jul 2008 10:46:25 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> Message-ID: <486CF451.6090308@e-skinner.net> Might want to try this: acl bogusnets { 0.0.0.0/8; 169.254.0.0/16; 224.0.0.0/3; }; acl internalnet { 127.0.0.1; 192.168.1.0/24; }; acl mynet { 127.0.0.1; 192.168.1.0/24; }; acl thisdns { 127.0.0.1; 192.168.1.whaever your DNS server is; }; in options section: allow-notify { mynet; }; allow-query { mynet; }; allow-recursion { mynet; }; blackhole { bogusnets; }; listen-on { thisdns; }; listen-on-v6 { none; }; query-source address * port 53; version "!BIND!"; James wrote: > Howdy, > > I have Fedora 9 installed and would like to use it as the DNS system > in the house. > > The setup is as follows > > options { > listen-on port 53 { 127.0.0.1 ; }; > listen-on-v6 port 53 { ::1; }; > directory "/var/named"; > dump-file "/var/named/data/cache_dump.db"; > statistics-file "/var/named/data/named_stats.txt"; > memstatistics-file "/var/named/data/named_mem_stats.txt"; > allow-query { localhost; }; > recursion yes; > forwarders { > 68.87.77.130 ; > 68.87.72.130 ; > }; > }; > logging { > channel default_debug { > file "data/named.run"; > severity dynamic; > }; > }; > zone "." IN { > type hint; > file "named.ca "; > }; > > include "/etc/named.rfc1912.zones"; > > zone "home.local" { > type master; > file "/var/named/home.local.hosts"; > }; > > zone "1.168.192.in-addr.arpa" { > type master; > file "1.168.192.in-addr.arpa.zone"; > allow-update { key "rndckey"; }; > notify yes; > > I have the files in /var/named setup and configured. From the DNS > system I can type > nslookup 43p and get the following > [root at fc9 named]# vi /etc/named.conf > [root at fc9 named]# nslookup 43p > Server: 127.0.0.1 > Address: 127.0.0.1#53 > Name: 43p.home.local > Address: 192.168.1.52 > > From a windows system I get the following > C:\Users\dalan>nslookup 43p > Server: UnKnown > Address: 192.168.1.50:53 > *** UnKnown can't find 43p: Query refused > > From the AIX system I get > (43p-aix) [dalan] nslookup 43p > *** Can't find server name for address 192.168.1.50:Query refused > *** Default servers are not available > (43p-aix) [dalan] > I have shut off the firewall and SE-Linux on the Fedora system. I'm > not sure why the fedora system is blocking/refusing the request coming > from another system. > I even put the following entries in iptables. > SERVER_IP="192.168.1.50 " > iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $SERVER_IP > --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 --dport > 1024:65535 -m state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p udp -s 0/0 --sport 53 -d $SERVER_IP --dport 53 -m > state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 --dport 53 > -m state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d $SERVER_IP > --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 --dport > 1024:65535 -m state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p tcp -s 0/0 --sport 53 -d $SERVER_IP --dport 53 -m > state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 --dport 53 > -m state --state ESTABLISHED -j ACCEPT > > I still have the same effect. > > Running the following shows that the system is refusing the connection. > /usr/sbin/tcpdump -X port 53 > > [root at fc9 named]# /usr/sbin/tcpdump -X port 53 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes > 21:39:38.512926 IP aix.sparish.local.52686 > fc9.sparish.local.domain: > 46304+ PTR? 50.1.168.192.in-addr.arpa. (43) > 0x0000: 4500 0047 ac22 0000 1e11 6ccd c0a8 0134 E..G."....l....4 > 0x0010: c0a8 0132 cdce 0035 0033 7c2c b4e0 0100 ...2...5.3|,.... > 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 .........50.1.16 > 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 > 8.192.in-addr.ar > 0x0040: 7061 0000 0c00 01 pa..... > 21:39:38.519048 IP fc9.sparish.local.domain > aix.sparish.local.52686: > 46304 Refused- 0/0/0 (43) > 0x0000: 4500 0047 0000 4000 4011 b6ef c0a8 0132 > E..G.. at .@......2 > 0x0010: c0a8 0134 0035 cdce 0033 fc26 b4e0 8105 ...4.5...3.&.... > 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 .........50.1.16 > 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 > 8.192.in-addr.ar > 0x0040: 7061 0000 0c00 01 pa..... > > Any help would be welcome > > Thanks > ------------------------------------------------------------------------ > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > From jucziz6 at gmail.com Thu Jul 3 17:07:57 2008 From: jucziz6 at gmail.com (James) Date: Thu, 3 Jul 2008 17:07:57 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: <486CF451.6090308@e-skinner.net> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> <486CF451.6090308@e-skinner.net> Message-ID: <81675d140807031507h289a8808x5770943d40743e58@mail.gmail.com> Thanks Marc, this worked. Now I need to setup acl sets for the internal and external network. On Thu, Jul 3, 2008 at 10:46 AM, Marc Skinner wrote: > Might want to try this: > > acl bogusnets { 0.0.0.0/8; > 169.254.0.0/16; > 224.0.0.0/3; > }; > > acl internalnet { > 127.0.0.1; > 192.168.1.0/24; > }; > > acl mynet { > 127.0.0.1; > 192.168.1.0/24; > }; > > acl thisdns { > 127.0.0.1; > 192.168.1.whaever your DNS server is; > }; > > > > in options section: > > > allow-notify { > mynet; > }; > allow-query { > mynet; > }; > allow-recursion { > mynet; > }; > blackhole { > bogusnets; > }; > listen-on { > thisdns; > }; > listen-on-v6 { > none; > }; > query-source address * port 53; > version "!BIND!"; > > > > > > > > > > > James wrote: > >> Howdy, >> I have Fedora 9 installed and would like to use it as the DNS system in >> the house. >> The setup is as follows >> options { >> listen-on port 53 { 127.0.0.1 ; }; >> listen-on-v6 port 53 { ::1; }; >> directory "/var/named"; >> dump-file "/var/named/data/cache_dump.db"; >> statistics-file "/var/named/data/named_stats.txt"; >> memstatistics-file "/var/named/data/named_mem_stats.txt"; >> allow-query { localhost; }; >> recursion yes; >> forwarders { >> 68.87.77.130 ; >> 68.87.72.130 ; >> }; >> }; >> logging { >> channel default_debug { >> file "data/named.run"; >> severity dynamic; >> }; >> }; >> zone "." IN { >> type hint; >> file "named.ca "; >> }; >> >> include "/etc/named.rfc1912.zones"; >> zone "home.local" { >> type master; >> file "/var/named/home.local.hosts"; >> }; >> >> zone "1.168.192.in-addr.arpa" { >> type master; >> file "1.168.192.in-addr.arpa.zone"; >> allow-update { key "rndckey"; }; >> notify yes; >> I have the files in /var/named setup and configured. From the DNS system >> I can type >> nslookup 43p and get the following >> [root at fc9 named]# vi /etc/named.conf >> [root at fc9 named]# nslookup 43p >> Server: 127.0.0.1 >> Address: 127.0.0.1#53 >> > >> Name: 43p.home.local >> Address: 192.168.1.52 >> From a windows system I get the following >> C:\Users\dalan>nslookup 43p >> Server: UnKnown >> Address: 192.168.1.50:53 >> *** UnKnown can't find 43p: Query refused >> From the AIX system I get >> (43p-aix) [dalan] nslookup 43p >> *** Can't find server name for address 192.168.1.50:Query refused >> *** Default servers are not available >> (43p-aix) [dalan] >> I have shut off the firewall and SE-Linux on the Fedora system. I'm not >> sure why the fedora system is blocking/refusing the request coming from >> another system. >> I even put the following entries in iptables. >> SERVER_IP="192.168.1.50 " >> iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d $SERVER_IP --dport >> 53 -m state --state NEW,ESTABLISHED -j ACCEPT >> iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 --dport >> 1024:65535 -m state --state ESTABLISHED -j ACCEPT >> iptables -A INPUT -p udp -s 0/0 --sport 53 -d $SERVER_IP --dport 53 -m >> state --state NEW,ESTABLISHED -j ACCEPT >> iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 --dport 53 -m >> state --state ESTABLISHED -j ACCEPT >> iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d $SERVER_IP --dport >> 53 -m state --state NEW,ESTABLISHED -j ACCEPT >> iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 --dport >> 1024:65535 -m state --state ESTABLISHED -j ACCEPT >> iptables -A INPUT -p tcp -s 0/0 --sport 53 -d $SERVER_IP --dport 53 -m >> state --state NEW,ESTABLISHED -j ACCEPT >> iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 --dport 53 -m >> state --state ESTABLISHED -j ACCEPT >> I still have the same effect. >> Running the following shows that the system is refusing the connection. >> /usr/sbin/tcpdump -X port 53 >> >> [root at fc9 named]# /usr/sbin/tcpdump -X port 53 >> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode >> listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes >> 21:39:38.512926 IP aix.sparish.local.52686 > fc9.sparish.local.domain: >> 46304+ PTR? 50.1.168.192.in-addr.arpa. (43) >> 0x0000: 4500 0047 ac22 0000 1e11 6ccd c0a8 0134 E..G."....l....4 >> 0x0010: c0a8 0132 cdce 0035 0033 7c2c b4e0 0100 ...2...5.3|,.... >> 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 .........50.1.16 >> 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 8.192.in-addr.ar< >> http://8.192.in-addr.ar> >> 0x0040: 7061 0000 0c00 01 pa..... >> 21:39:38.519048 IP fc9.sparish.local.domain > aix.sparish.local.52686: >> 46304 Refused- 0/0/0 (43) >> 0x0000: 4500 0047 0000 4000 4011 b6ef c0a8 0132 E..G.. at .@......2 >> >> 0x0010: c0a8 0134 0035 cdce 0033 fc26 b4e0 8105 ...4.5...3.&.... >> 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 .........50.1.16 >> 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 8.192.in-addr.ar< >> http://8.192.in-addr.ar> >> 0x0040: 7061 0000 0c00 01 pa..... >> Any help would be welcome >> Thanks >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >> tclug-list at mn-linux.org >> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >> >> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080703/e84677b1/attachment.htm From marc at e-skinner.net Thu Jul 3 22:47:49 2008 From: marc at e-skinner.net (Marc Skinner) Date: Thu, 03 Jul 2008 22:47:49 -0500 Subject: [tclug-list] DNS connection refused In-Reply-To: <81675d140807031507h289a8808x5770943d40743e58@mail.gmail.com> References: <81675d140807021940h7c5ff854s629c9a4e912f4bf4@mail.gmail.com> <486CF451.6090308@e-skinner.net> <81675d140807031507h289a8808x5770943d40743e58@mail.gmail.com> Message-ID: <486D9D65.7040107@e-skinner.net> i do this: - that should get you started! // *** EXTERNAL VIEW *** view "external-in" in { match-clients { any; }; recursion no; additional-from-auth no; additional-from-cache no; // HINT zone "." { type hint; file "root.hints"; }; // FORWARDS zone "localhost" { type master; file "ex.addr/localhost"; allow-query{ any; }; }; // REVERSES zone "0.0.127.in-addr.arpa" { type master; file "ex.rev/127.0.0"; }; }; ///////////////////////////////////////////// // *** INTERNAL VIEW *** view "internal-in" in { match-clients { internalnet; }; recursion yes; additional-from-auth yes; additional-from-cache yes; // HINTS zone "." { type hint; file "root.hints"; }; // FORWARDS zone "localhost" { type master; file "in.addr/localhost"; allow-query{ any; }; }; zone "home.domain.com" { type master; file "in.addr/home.domain.com"; allow-query{ any; }; }; // REVERSES zone "0.0.127.in-addr.arpa" { type master; file "in.rev/127.0.0"; }; zone "1.168.192.in-addr.arpa" { type master; file "in.rev/192.168.1"; allow-query{ any; }; }; James wrote: > Thanks Marc, this worked. > > Now I need to setup acl sets for the internal and external network. > > > On Thu, Jul 3, 2008 at 10:46 AM, Marc Skinner > wrote: > > Might want to try this: > > acl bogusnets { 0.0.0.0/8 ; > 169.254.0.0/16 ; > 224.0.0.0/3 ; > }; > > acl internalnet { > 127.0.0.1 ; > 192.168.1.0/24 ; > }; > > acl mynet { > 127.0.0.1 ; > 192.168.1.0/24 ; > }; > > acl thisdns { > 127.0.0.1 ; > 192.168.1.whaever your DNS server is; > }; > > > > in options section: > > > allow-notify { > mynet; > }; > allow-query { > mynet; > }; > allow-recursion { > mynet; > }; > blackhole { > bogusnets; > }; > listen-on { > thisdns; > }; > listen-on-v6 { > none; > }; > query-source address * port 53; > version "!BIND!"; > > > > > > > > > > > James wrote: > > Howdy, > I have Fedora 9 installed and would like to use it as the DNS > system in the house. > The setup is as follows > options { > listen-on port 53 { 127.0.0.1 > >; }; > > listen-on-v6 port 53 { ::1; }; > directory "/var/named"; > dump-file "/var/named/data/cache_dump.db"; > statistics-file "/var/named/data/named_stats.txt"; > memstatistics-file "/var/named/data/named_mem_stats.txt"; > allow-query { localhost; }; > recursion yes; > forwarders { > 68.87.77.130 > >; > 68.87.72.130 > >; > > }; > }; > logging { > channel default_debug { > file "data/named.run"; > severity dynamic; > }; > }; > zone "." IN { > type hint; > file "named.ca >"; > > }; > > include "/etc/named.rfc1912.zones"; > zone "home.local" { > type master; > file "/var/named/home.local.hosts"; > }; > > zone "1.168.192.in-addr.arpa" { > type master; > file "1.168.192.in-addr.arpa.zone"; > allow-update { key "rndckey"; }; > notify yes; > I have the files in /var/named setup and configured. From the > DNS system I can type > nslookup 43p and get the following > [root at fc9 named]# vi /etc/named.conf > [root at fc9 named]# nslookup 43p > Server: 127.0.0.1 > > > Address: 127.0.0.1#53 > > > Name: 43p.home.local > Address: 192.168.1.52 > > > > From a windows system I get the following > C:\Users\dalan>nslookup 43p > Server: UnKnown > Address: 192.168.1.50:53 > > > > *** UnKnown can't find 43p: Query refused > From the AIX system I get > (43p-aix) [dalan] nslookup 43p > *** Can't find server name for address 192.168.1.50:Query refused > *** Default servers are not available > (43p-aix) [dalan] > I have shut off the firewall and SE-Linux on the Fedora > system. I'm not sure why the fedora system is > blocking/refusing the request coming from another system. > I even put the following entries in iptables. > SERVER_IP="192.168.1.50 > >" > > iptables -A INPUT -p udp -s 0/0 --sport 1024:65535 -d > $SERVER_IP --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 > --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p udp -s 0/0 --sport 53 -d $SERVER_IP > --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p udp -s $SERVER_IP --sport 53 -d 0/0 > --dport 53 -m state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d > $SERVER_IP --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 > --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT > iptables -A INPUT -p tcp -s 0/0 --sport 53 -d $SERVER_IP > --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p tcp -s $SERVER_IP --sport 53 -d 0/0 > --dport 53 -m state --state ESTABLISHED -j ACCEPT > I still have the same effect. > Running the following shows that the system is refusing the > connection. > /usr/sbin/tcpdump -X port 53 > > [root at fc9 named]# /usr/sbin/tcpdump -X port 53 > tcpdump: verbose output suppressed, use -v or -vv for full > protocol decode > listening on eth0, link-type EN10MB (Ethernet), capture size > 96 bytes > 21:39:38.512926 IP aix.sparish.local.52686 > > fc9.sparish.local.domain: 46304+ PTR? > 50.1.168.192.in-addr.arpa. (43) > 0x0000: 4500 0047 ac22 0000 1e11 6ccd c0a8 0134 > E..G."....l....4 > 0x0010: c0a8 0132 cdce 0035 0033 7c2c b4e0 0100 > ...2...5.3|,.... > 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 > .........50.1.16 > 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 > 8.192.in-addr.ar > > > > 0x0040: 7061 0000 0c00 01 pa..... > 21:39:38.519048 IP fc9.sparish.local.domain > > aix.sparish.local.52686: 46304 Refused- 0/0/0 (43) > 0x0000: 4500 0047 0000 4000 4011 b6ef c0a8 0132 > E..G.. at .@......2 . at ......2> > > 0x0010: c0a8 0134 0035 cdce 0033 fc26 b4e0 8105 > ...4.5...3.&.... > 0x0020: 0001 0000 0000 0000 0235 3001 3103 3136 > .........50.1.16 > 0x0030: 3803 3139 3207 696e 2d61 6464 7204 6172 > 8.192.in-addr.ar > > > > 0x0040: 7061 0000 0c00 01 pa..... > Any help would be welcome > Thanks > ------------------------------------------------------------------------ > > > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > > > > From mbmiller at taxa.epi.umn.edu Fri Jul 4 15:50:15 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Fri, 4 Jul 2008 15:50:15 -0500 (CDT) Subject: [tclug-list] ImageMagick outdoing Photoshop (for me, so far) Message-ID: More below, but mainly I wonder how people here do downsizing of JPEG images for the web, so I'm putting this question up front: Can any of you do better downsizing than this, and if so how?... http://taxa.epi.umn.edu/~mbmiller/pics/20080701_Adriana/comparison/ The filenames reveal which program was used to downsize and to what width. Use the "original.jpg" with your system and see how it looks, but if yours looks better, make sure the downsized file is about the same number of bytes as mine, or smaller. --Mike --- For years I've been using an "action" I made in Photoshop to make smaller versions of my large JPEG photos. For every JPEG file in a directory, the action would make a JPEG 640 pixels wide and another 320 pixels wide (maintaining aspect ratio). It had to put them in the same fixed location so I had another script to move them to where I wanted them. Now, finally, I tried ImageMagick' "convert" program on an Ubuntu machine. It didn't take too long to figure out how it worked. The first few downsized files I made were vastly superior to what I was getting from Photoshop, but then I realized that my file sizes were larger -- more than double the size of the Photoshop files. So I read a little more about convert's -strip and -quality options and I titrated -quality so that I was getting the same filesize as Photoshop was producing. These are the commands I was then using for 320 and 640 pixel wide images: convert infile.jpg -strip -quality 80 -resize 320 -filter Lanczos -sharpen 0x0.7 outfile.jpg convert infile.jpg -strip -quality 80 -resize 640 -filter Lanczos -sharpen 0x0.7 outfile.jpg Here is an example of ImageMagick and Photoshop downsized output files along with the original: http://taxa.epi.umn.edu/~mbmiller/pics/20080701_Adriana/comparison/ If you can do better, let me know because I will love to see your output files and your method (just make sure your output file size is almost the same as mine). Now that the files were the same size, I still liked the ImageMagick files better than the Photoshop files! That was a nice surprise. The truth may be that Photoshop is better at this but I wasn't doing everything I could to optimize its output. The reason is I didn't try harder is that it is a pain to work with the Photoshop "actions" -- I don't want to mess with them. ImageMagick uses command-line arguments instead of "actions" so it is a piece of cake to make changes to settings. This also makes it easy to do scripting. Here's what I'll be doing in bash: mkdir 640 320 for file in $(\ls -1 *.jpg) ; do for N in 640 320 ; do convert $file -strip -quality 80 -resize ${N} -filter Lanczos -sharpen 0x0.7 ${N}/$file done done By the way, I got some of my ideas from here: http://www.xs4all.nl/~bvdwolf/main/foto/down_sample/example1.htm But that guy used Photoshop to "sharpen" his ImageMagick output file, which seems like cheating to me, or at least it confuses readers who want to compare the programs. Maybe ImageMagick didn't have -sharpen back in 2004 when he made that page. Best, Mike From tompoe at fngi.net Sun Jul 6 08:23:34 2008 From: tompoe at fngi.net (Tom Poe) Date: Sun, 06 Jul 2008 08:23:34 -0500 Subject: [tclug-list] Wonderland project volunteers needed Message-ID: <4870C756.5010400@fngi.net> Would like to stir up interest in creating a virtual world on Minneapolis' wireless network. It need not rely on the Internet, as it would operate as a local broadband infrastructure. Sun's Wonderland project seems to be far enough along to be attractive. http://blogs.sun.com/wonderland/entry/postcard_from_wonderland_lecture_hall#comments Send me an email, and let's discuss the possibilities. Tom Poe, Charles City, Iowa From admin at lctn.org Mon Jul 7 09:47:13 2008 From: admin at lctn.org (Raymond Norton) Date: Mon, 7 Jul 2008 09:47:13 -0500 (CDT) Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: <24492989.2611215441967562.JavaMail.root@mail.lctn.org> Message-ID: <13261440.2631215442033024.JavaMail.root@mail.lctn.org> I need to find a 4TB NAS solution, and am curious if there is any good reason to change from using Freenas, and look at an enterprise solution? If so, what would be a recommended make & model? -- Raymond Norton LCTN -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080707/dcebfa83/attachment.htm From kc0iog at gmail.com Mon Jul 7 12:37:09 2008 From: kc0iog at gmail.com (Brian Wall) Date: Mon, 7 Jul 2008 12:37:09 -0500 Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: <13261440.2631215442033024.JavaMail.root@mail.lctn.org> References: <24492989.2611215441967562.JavaMail.root@mail.lctn.org> <13261440.2631215442033024.JavaMail.root@mail.lctn.org> Message-ID: <2c6699da0807071037i23891b83ib861e6b140eb89d9@mail.gmail.com> On Mon, Jul 7, 2008 at 9:47 AM, Raymond Norton wrote: > > I need to find a 4TB NAS solution, and am curious if there is any good > reason to change from using Freenas, and look at an enterprise solution? If > so, what would be a recommended make & model? "Enterprise" implies that you need guaranteed availability and support. FreeNAS offers neither. An enterprise NAS is a well supported box running Windows storage server. Nothing fancier than that. A whitebox running FreeNAS will give you the same features (probably more) with more stability (FreeBSD kernel vs Windows kernel) on lesser hardware. But when it breaks, you're fixing it yourself. HP and Dell sell their NAS products, that price tag includes support and Windows licensing. You of course could meet in the middle somewhere, buy yourself a well supported box like an HP DL380 and put RHEL or SuSE pro, as both are well supported and can do everything you'd ask your FreeNAS box to do. What's your objective? -Brian From admin at lctn.org Mon Jul 7 12:49:58 2008 From: admin at lctn.org (Raymond Norton) Date: Mon, 7 Jul 2008 12:49:58 -0500 (CDT) Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: <20364643.2991215452688930.JavaMail.root@mail.lctn.org> Message-ID: <19226335.3061215452998158.JavaMail.root@mail.lctn.org> >What's your objective? We provide educational videos to 20 school districts. I have had great results with Freenas, but have a bit of a concern implementing it in this application. If my homemade Freenas box goes down, it will be my problem. With an enterprise solution I would have support available. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080707/c0c7a2bd/attachment.htm From mbmiller at taxa.epi.umn.edu Mon Jul 7 13:19:56 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Mon, 7 Jul 2008 13:19:56 -0500 (CDT) Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: <19226335.3061215452998158.JavaMail.root@mail.lctn.org> References: <19226335.3061215452998158.JavaMail.root@mail.lctn.org> Message-ID: On Mon, 7 Jul 2008, Raymond Norton wrote: >> What's your objective? > > We provide educational videos to 20 school districts. I have had great > results with Freenas, but have a bit of a concern implementing it in > this application. If my homemade Freenas box goes down, it will be my > problem. With an enterprise solution I would have support available. One of the arguments in favor of open-source software is that even though it is hard to make money selling it, a developer can make money supporting it, as can other skilled people. So I'm wondering if there isn't any company offering FreeNAS support contracts. I would say that such a company could provide "enterprise" FreeNAS. I see this... http://sourceforge.net/services/project_services.php?d-7959848-p=1&d-7959848-s=5&d-7959848-o=2&project_id=151951 ...but I don't have time now to study it and read it. Mike From marc at e-skinner.net Mon Jul 7 13:44:16 2008 From: marc at e-skinner.net (Marc Skinner) Date: Mon, 07 Jul 2008 13:44:16 -0500 Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: References: <19226335.3061215452998158.JavaMail.root@mail.lctn.org> Message-ID: <48726400.1060103@e-skinner.net> don't forget the NAS appliances out there - the snap servers run a version of Linux if you want to stay in the family. http://www.snapserver.com/snap/en-US/Products/ they will give you enterprise support as well, and they have models from 250GB to 82TB. Mike Miller wrote: > On Mon, 7 Jul 2008, Raymond Norton wrote: > > >>> What's your objective? >>> >> We provide educational videos to 20 school districts. I have had great >> results with Freenas, but have a bit of a concern implementing it in >> this application. If my homemade Freenas box goes down, it will be my >> problem. With an enterprise solution I would have support available. >> > > > One of the arguments in favor of open-source software is that even though > it is hard to make money selling it, a developer can make money supporting > it, as can other skilled people. So I'm wondering if there isn't any > company offering FreeNAS support contracts. I would say that such a > company could provide "enterprise" FreeNAS. > > I see this... > > http://sourceforge.net/services/project_services.php?d-7959848-p=1&d-7959848-s=5&d-7959848-o=2&project_id=151951 > > ...but I don't have time now to study it and read it. > > Mike > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > From jus at krytosvirus.com Mon Jul 7 13:47:03 2008 From: jus at krytosvirus.com (Justin Krejci) Date: Mon, 7 Jul 2008 13:47:03 -0500 Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: <2c6699da0807071037i23891b83ib861e6b140eb89d9@mail.gmail.com> References: <24492989.2611215441967562.JavaMail.root@mail.lctn.org><13261440.2631215442033024.JavaMail.root@mail.lctn.org> <2c6699da0807071037i23891b83ib861e6b140eb89d9@mail.gmail.com> Message-ID: <0f1b01c8e061$d9b35fc0$e017a8c0@usicorp.usinternet.com> > "Enterprise" implies that you need guaranteed availability and > support. FreeNAS offers neither. An enterprise NAS is a well > supported box running Windows storage server. Nothing fancier than > that. A whitebox running FreeNAS will give you the same features > (probably more) with more stability (FreeBSD kernel vs Windows kernel) > on lesser hardware. But when it breaks, you're fixing it yourself. > HP and Dell sell their NAS products, that price tag includes support > and Windows licensing. I am confused as to your reason for equating "enterprise" and "windows" as if there are no enterprise supported NAS's that run non-windows operating systems. As one example there is the Snap Server http://www.snapserver.com/ which runs GuardianOS (Linux) http://www.snapserver.com/Snap/en-US/products/sw/integrated/gos/ I have gotten real knee deep with the OS and (owner at the time) Adaptec support to resolve some partitioning/RAID problems. They were able to assist and bring about complete data recovery thanks to their non-windows enterprise support. The support is optional. From jus at krytosvirus.com Mon Jul 7 13:59:48 2008 From: jus at krytosvirus.com (Justin Krejci) Date: Mon, 7 Jul 2008 13:59:48 -0500 Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: References: <19226335.3061215452998158.JavaMail.root@mail.lctn.org> Message-ID: <0f1f01c8e063$a1f15130$e017a8c0@usicorp.usinternet.com> > One of the arguments in favor of open-source software is that even though > it is hard to make money selling it, a developer can make money supporting > it, as can other skilled people. So I'm wondering if there isn't any > company offering FreeNAS support contracts. I would say that such a > company could provide "enterprise" FreeNAS. Certainly you should consider any moral obligations or convictions but to play devil's advocate, single or small loose teams of OS developers are more likely to disband than a large corporation thus either killing support right then and there or not offering any further support once existing contracts expire. I am not advocating large corporations are any better. They periodically go out of business or get bought/sold and services and things can get dropped unexpectedly just the same as well. Nothing is guaranteed, not even taxes or death... This is a perfect segue into, back up your data if you care about your data. Just my $.02 From tclug at mikerochford.com Mon Jul 7 21:58:56 2008 From: tclug at mikerochford.com (Mike Rochford) Date: Mon, 07 Jul 2008 21:58:56 -0500 Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: <13261440.2631215442033024.JavaMail.root@mail.lctn.org> References: <13261440.2631215442033024.JavaMail.root@mail.lctn.org> Message-ID: <4872D7F0.60401@mikerochford.com> Raymond, I would look into Netapp products. They are very easy to use have excellent features (snapmirror,snapshots,etc). These devices support many type of connections(CIFS,NFS, LUNS,etc). These devices will grow with your company. I currently work with a Netapp 3040a cluster. -Mike Raymond Norton wrote: > > I need to find a 4TB NAS solution, and am curious if there is any good > reason to change from using Freenas, and look at an enterprise solution? > If so, what would be a recommended make & model? > > > > > > -- > Raymond Norton > LCTN > > > ------------------------------------------------------------------------ > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list From chewie at wookimus.net Tue Jul 8 10:03:58 2008 From: chewie at wookimus.net (Chad Walstrom) Date: Tue, 08 Jul 2008 10:03:58 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: References: Message-ID: <18718.1215529438@skuld.wookimus.net> I'm surprised that Knoppix is still around, honestly. In any case, most audio cards are supported in the 2.6 kernels using the ALSA drivers. If the resource websites for Fedora don't help you out with debugging the audio card, give the ALSA website and resources a try. The `alsaconf' application should get you started. Also try to use the `alsamixer' application. I've found that occasionally the only thing that needs to happen is to get the mixer behaving correctly. There is also some weird interaction between the old sound API and drivers (OSS) and ALSA. Download and install the `aumix' application. Crank the mixer volumes all the way up for this OSS driver-based application, then use the desktop-integrated ALSA mixer to fine-tune. Audio is not fun, but once it is working, it works well. Good luck. Chad From chewie at wookimus.net Tue Jul 8 10:24:02 2008 From: chewie at wookimus.net (Chad Walstrom) Date: Tue, 08 Jul 2008 10:24:02 -0500 Subject: [tclug-list] OT recommended enterprise NAS In-Reply-To: <0f1b01c8e061$d9b35fc0$e017a8c0@usicorp.usinternet.com> References: <24492989.2611215441967562.JavaMail.root@mail.lctn.org><13261440.2631215442033024.JavaMail.root@mail.lctn.org> <2c6699da0807071037i23891b83ib861e6b140eb89d9@mail.gmail.com> <0f1b01c8e061$d9b35fc0$e017a8c0@usicorp.usinternet.com> Message-ID: <19188.1215530642@skuld.wookimus.net> Justin Krejci wrote: > I am confused as to your reason for equating "enterprise" and > "windows" as if there are no enterprise supported NAS's that run > non-windows operating systems. I'm confused with this assertion. NetApp has their own OS called DataONTAP that has nothing to do with Windows OS. EMC's OS certainly isn't Windows, including the one that they run on their entry-level AX-4 product. If you're looking for a commercial NAS product, I would probably also throw in with NetApp. Their StoreVault product w/1TB disks will get you 12TB raw (up to about 9.5TB or so usable storage) for around $20-25k. That includes the NFS/CIFS/iSCSI, and I think FC interfaces. For the same price, you can buy an Aberdeen Linux or Windows based NAS device with 40TB raw storage split over two arrays. I bought two of these w/o the NAS OS's and will use them for backup servers. > As one example there is the Snap Server http://www.snapserver.com/ > which runs GuardianOS (Linux) > http://www.snapserver.com/Snap/en-US/products/sw/integrated/gos/ > > I have gotten real knee deep with the OS and (owner at the time) > Adaptec support to resolve some partitioning/RAID problems. They were > able to assist and bring about complete data recovery thanks to their > non-windows enterprise support. The support is optional. Was it non-Windows being the primary factor, or the fact that Adaptec makes a good OS-agnostic product? Hardware-based RAID certainly helps in recovery operations, but you won't get down to this level of hands-on if you buy something like NetApp or EMC. If something goes wrong, you call support and they send someone out. When someone says "Enterprise", I believe they generally imply a few catagorical features of a product: 1. Highly dependable hardware 2. Five-9's (99.999% uptime, 5 minutes unplanned downtime per year) 3. 24x7x365x4hr-onsite support It's all about risk management. So, what risk are you willing to take? Chad From seg at haxxed.com Wed Jul 9 11:20:35 2008 From: seg at haxxed.com (Callum Lerwick) Date: Wed, 9 Jul 2008 11:20:35 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: References: Message-ID: <1218b5bc0807090920m67f4c5y565f013fc0af9bd1@mail.gmail.com> On Wed, Jul 2, 2008 at 3:28 PM, Erik Anderson wrote: > Knoppix is a livecd version of linux you can download for free. You > basically download the knoppix iso image, burn it to a CD (as you did > the FC5 image), then boot off of it. It allows you to run a full > non-destructive linux environment off of a CD. Unfortunately I'm > leaving the office momentarily, so I don't have time to give you more > details than that. Possibly someone else on the list will be able to, Fedora has LiveCDs these days: (Scroll down below "install media") http://fedoraproject.org/en/get-fedora Which gives you a nice non-destructive way to see if a newer Fedora will run better. You can also do a clean install (Back up your data!) directly from the LiveCD environment. You can also use the disk to start a network upgrade of an existing system, but that's only supported going from the previous Fedora release to the one on the disk. Upgrading FC5 all the way to F9 is not officially supported and I wouldn't recommend doing it. From airchia at gmail.com Wed Jul 9 12:37:29 2008 From: airchia at gmail.com (Nick Scholtes) Date: Wed, 9 Jul 2008 12:37:29 -0500 Subject: [tclug-list] Sound Doesn't Work In-Reply-To: <1218b5bc0807090920m67f4c5y565f013fc0af9bd1@mail.gmail.com> References: <1218b5bc0807090920m67f4c5y565f013fc0af9bd1@mail.gmail.com> Message-ID: Good idea. I've always wondered exactly what LiveCD's were. Nick On Wed, Jul 9, 2008 at 11:20 AM, Callum Lerwick wrote: > On Wed, Jul 2, 2008 at 3:28 PM, Erik Anderson wrote: > > Knoppix is a livecd version of linux you can download for free. You > > basically download the knoppix iso image, burn it to a CD (as you did > > the FC5 image), then boot off of it. It allows you to run a full > > non-destructive linux environment off of a CD. Unfortunately I'm > > leaving the office momentarily, so I don't have time to give you more > > details than that. Possibly someone else on the list will be able to, > > Fedora has LiveCDs these days: (Scroll down below "install media") > > http://fedoraproject.org/en/get-fedora > > Which gives you a nice non-destructive way to see if a newer Fedora > will run better. > > You can also do a clean install (Back up your data!) directly from the > LiveCD environment. You can also use the disk to start a network > upgrade of an existing system, but that's only supported going from > the previous Fedora release to the one on the disk. Upgrading FC5 all > the way to F9 is not officially supported and I wouldn't recommend > doing it. > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > -- Art: bellsoffreedom.cgsociety.org/gallery/ Blog: cognitivealchemy.blogspot.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080709/0a08bfb2/attachment.htm From webmaster at mn-linux.org Sat Jul 12 08:25:05 2008 From: webmaster at mn-linux.org (TCLUG Classifieds) Date: Sat, 12 Jul 2008 08:25:05 -0500 Subject: [tclug-list] New TCLUG Classified Ad Message-ID: <200807121325.m6CDP5n18867@crusader.real-time.com> New TCLUG Classified Ad Category: Computer Type of Ad: For Sale Subject: Dell PowerEdge Servers (2450, 1550, 1650) I have three Dell PowerEdge servers I'm looking to sell, as I've upgraded. These servers all work, and are currently in production. Dell PowerEdge 2450 - $150 Dell PowerEdge 1550 - $125 Dell PowerEdge 1650 - $125 The 1650 has a bad CD-ROM drive, but everything else works. For more details, please see my Craig's List ad: http://tinyurl.com/6pnhya Email ecrist at secure-computing.net if you're interested. Eric Seller Email address: ecrist at secure-computing dot net http://www.mn-linux.org/cgi-bin/classifieds/index.cgi From thoth.serath at gmail.com Sat Jul 12 10:58:45 2008 From: thoth.serath at gmail.com (Chris Gloege) Date: Sat, 12 Jul 2008 10:58:45 -0500 Subject: [tclug-list] server thin client Message-ID: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> i am working with a mpls public school teacher putting edubuntu server with old 386 computers as thin clients. i was wondering how the relationship between the server kernel and the ? image the thin clients works... is there 2 separate images that get accesse? we want to customize the image the thin clients access for reasons not yet known to me. any suggestions for this really vague question? -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080712/f0e5a892/attachment.htm From nassarmu at beitsahour.net Sat Jul 12 14:47:17 2008 From: nassarmu at beitsahour.net (Munir Nassar) Date: Sat, 12 Jul 2008 14:47:17 -0500 Subject: [tclug-list] server thin client In-Reply-To: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> References: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> Message-ID: <48790A45.3070108@beitsahour.net> Chris Gloege wrote: > i am working with a mpls public school teacher putting edubuntu server > with old 386 computers as thin clients. i was wondering how the > relationship between the server kernel and the ? image the thin clients > works... is there 2 separate images that get accesse? we want to > customize the image the thin clients access for reasons not yet known to > me. any suggestions for this really vague question? In the latest version of Ubuntu (8.04, Hardy Heron) the ltsp client image gets mounted from the server via nbd and starts up as if it was a standalone system. you can have client images for any supported architecture though i have only tried i386, this is independent of the actual server architecture; the connection to the server is via ssh. note though that i386 is an architecture label not a processor, i do not believe Ubuntu supports anything under a 486. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 257 bytes Desc: OpenPGP digital signature Url : http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080712/a8133068/attachment.pgp From mbmiller at taxa.epi.umn.edu Sat Jul 12 15:41:39 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Sat, 12 Jul 2008 15:41:39 -0500 (CDT) Subject: [tclug-list] server thin client In-Reply-To: <48790A45.3070108@beitsahour.net> References: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> <48790A45.3070108@beitsahour.net> Message-ID: On Sat, 12 Jul 2008, Munir Nassar wrote: > note though that i386 is an architecture label not a processor, i do not > believe Ubuntu supports anything under a 486. Ubuntu system requirements: https://help.ubuntu.com/community/Installation/SystemRequirements Bare Minimum requirements It should be possible to get Ubuntu running on a system with the following minimum hardware specification, although it is unlikely that the system would run well. You should use the Alternate install CD to attempt such an installation. * 300 MHz x86 processor * 64 MB of system memory (RAM) * At least 4 GB of disk space (for full installation and swap space) * VGA graphics card capable of 640x480 resolution * CD-ROM drive or network card That does not specifically preclude the 386 (80386 processor)... http://en.wikipedia.org/wiki/X86 ...but I don't think any ran at 300 MHz, and I think the fastest may have been 33 MHz, so then, yes, you would need a 486 to get to 300 MHz to meet "bare minimum requirements," and that would not allow you to do graphics. I know there are distros that will run on 386, but I don't know if you can get X to work on such systems. Mike From andyzib at gmail.com Sat Jul 12 18:32:32 2008 From: andyzib at gmail.com (Andrew Zbikowski) Date: Sat, 12 Jul 2008 18:32:32 -0500 Subject: [tclug-list] server thin client In-Reply-To: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> References: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> Message-ID: The clients have to boot up something. Your clients boot off the network using the ROM from the network card. The network card downloads a small boot image that is usually the Linux kernel, and enough utilities to NFS mount an export from the server. This is most likely what the client images are. The XServer starts, and does an XDMCP query to the server. The thin client is only the display. Even though the applications are running on the server and using the server's CPU and memory, the thin client is still doing the graphics processing. You might want something a bit faster and a bit more modern than a 386...unless you're doing just text console. :) If it works on a 386 though...great. -- Andrew S. Zbikowski | http://andy.zibnet.us IT Outhouse Blog Thing | http://www.itouthouse.com From mbmiller at taxa.epi.umn.edu Sat Jul 12 22:06:25 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Sat, 12 Jul 2008 22:06:25 -0500 (CDT) Subject: [tclug-list] server thin client In-Reply-To: References: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> Message-ID: On Sat, 12 Jul 2008, Andrew Zbikowski wrote: > The clients have to boot up something. > > Your clients boot off the network using the ROM from the network card. > > The network card downloads a small boot image that is usually the Linux > kernel, and enough utilities to NFS mount an export from the server. > This is most likely what the client images are. > > The XServer starts, and does an XDMCP query to the server. > > The thin client is only the display. Even though the applications are > running on the server and using the server's CPU and memory, the thin > client is still doing the graphics processing. You might want something > a bit faster and a bit more modern than a 386...unless you're doing just > text console. :) The X terminology is a little tricky because the "X server" is running on the machine that one would be tempted to call "the client" -- the usually smaller machine that connects to the larger more powerful machine. So in the X system the thin client has to do a lot of work. Another option is VNC. With VNC the X client and X server both run on the big server machine and the smaller machine just runs a viewer that does very little processing. But, for VNC on Linux, the VNCviewer is an X application which requires that an X server is running on the thin client. It might work a lot better on a minimal client system though, and it has some other advantages over XDMCP. I don't know how low you can go in processing power and make this work. A 386 is so old (I think I started buying 486s in 1993) -- is it not possible to get 486 machines for free that can do this work for you? Even Pentium II machines are getting pretty long in the tooth and I'm sure many are being discarded. Mike From pjcrump at bitstream.net Sat Jul 12 23:11:59 2008 From: pjcrump at bitstream.net (PJ Crump) Date: Sat, 12 Jul 2008 23:11:59 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? Message-ID: <4879808F.7020305@bitstream.net> For the last 7 years I have been hosting a website from my house on port 443 (very low low usage - 20 hits a day) and today it's not working for anyone coming in from the internet. I checked all the usual things and nothing is out of line.. Then I started thinking that maybe Comcast is blocking it.. Thoughts? Thanks - PJ From jpschewe at mtu.net Sun Jul 13 08:26:53 2008 From: jpschewe at mtu.net (Jon Schewe) Date: Sun, 13 Jul 2008 08:26:53 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <4879808F.7020305@bitstream.net> References: <4879808F.7020305@bitstream.net> Message-ID: <487A029D.6090107@mtu.net> My secure site on a Comcast cable modem is still working from outside the Comcast network. I've had them block port 25 (both in and out) a number of times thinking they are protecting me from spam, so it's possible they decided you have spam on port 443 :) PJ Crump wrote: > For the last 7 years I have been hosting a website from my house on port > 443 (very low low usage - 20 hits a day) and today it's not working for > anyone coming in from the internet. I checked all the usual things and > nothing is out of line.. Then I started thinking that maybe Comcast is > blocking it.. Thoughts? > > Thanks - PJ > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > -- Jon Schewe | http://mtu.net/~jpschewe If you see an attachment named signature.asc, this is my digital signature. See http://www.gnupg.org for more information. For I am convinced that neither death nor life, neither angels nor demons, neither the present nor the future, nor any powers, neither height nor depth, nor anything else in all creation, will be able to separate us from the love of God that is in Christ Jesus our Lord. - Romans 8:38-39 From pjcrump at bitstream.net Sun Jul 13 09:27:57 2008 From: pjcrump at bitstream.net (PJ Crump) Date: Sun, 13 Jul 2008 09:27:57 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <487A029D.6090107@mtu.net> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> Message-ID: <487A10ED.6000706@bitstream.net> Any suggestions as to how to get them to re-enable it? Jon Schewe wrote: > My secure site on a Comcast cable modem is still working from outside > the Comcast network. I've had them block port 25 (both in and out) a > number of times thinking they are protecting me from spam, so it's > possible they decided you have spam on port 443 :) > > PJ Crump wrote: >> For the last 7 years I have been hosting a website from my house on >> port 443 (very low low usage - 20 hits a day) and today it's not >> working for anyone coming in from the internet. I checked all the >> usual things and nothing is out of line.. Then I started thinking >> that maybe Comcast is blocking it.. Thoughts? >> >> Thanks - PJ >> >> _______________________________________________ >> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >> tclug-list at mn-linux.org >> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >> > From canito at dalan.us Sun Jul 13 09:54:25 2008 From: canito at dalan.us (David Alanis) Date: Sun, 13 Jul 2008 09:54:25 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <487A10ED.6000706@bitstream.net> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net> Message-ID: <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> If this is the case you have to speak to their "security" department. I am not 100% sure customer service can initiate this for your, lets see.. http://security.comcast.net/get-help/contact-comcast-security.aspx Give this a try.. Or if anyone knows different? David Quoting PJ Crump : > Any suggestions as to how to get them to re-enable it? > > > Jon Schewe wrote: >> My secure site on a Comcast cable modem is still working from outside >> the Comcast network. I've had them block port 25 (both in and out) a >> number of times thinking they are protecting me from spam, so it's >> possible they decided you have spam on port 443 :) >> >> PJ Crump wrote: >>> For the last 7 years I have been hosting a website from my house on >>> port 443 (very low low usage - 20 hits a day) and today it's not >>> working for anyone coming in from the internet. I checked all the >>> usual things and nothing is out of line.. Then I started thinking >>> that maybe Comcast is blocking it.. Thoughts? >>> >>> Thanks - PJ >>> >>> _______________________________________________ >>> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >>> tclug-list at mn-linux.org >>> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >>> >> > > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program. From pjcrump at bitstream.net Sun Jul 13 11:13:28 2008 From: pjcrump at bitstream.net (PJ Crump) Date: Sun, 13 Jul 2008 11:13:28 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net> <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> Message-ID: <487A29A8.6070804@bitstream.net> What do you think I should tell them is the reason why I need the port opened up? David Alanis wrote: > If this is the case you have to speak to their "security" department. > I am not 100% sure customer service can initiate this for your, lets > see.. > > http://security.comcast.net/get-help/contact-comcast-security.aspx > > Give this a try.. Or if anyone knows different? > > David > > > Quoting PJ Crump : > >> Any suggestions as to how to get them to re-enable it? >> >> >> Jon Schewe wrote: >>> My secure site on a Comcast cable modem is still working from outside >>> the Comcast network. I've had them block port 25 (both in and out) a >>> number of times thinking they are protecting me from spam, so it's >>> possible they decided you have spam on port 443 :) >>> >>> PJ Crump wrote: >>>> For the last 7 years I have been hosting a website from my house on >>>> port 443 (very low low usage - 20 hits a day) and today it's not >>>> working for anyone coming in from the internet. I checked all the >>>> usual things and nothing is out of line.. Then I started thinking >>>> that maybe Comcast is blocking it.. Thoughts? >>>> >>>> Thanks - PJ >>>> >>>> _______________________________________________ >>>> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >>>> tclug-list at mn-linux.org >>>> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >>>> >>> >> >> >> _______________________________________________ >> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >> tclug-list at mn-linux.org >> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >> > > > > ---------------------------------------------------------------- > This message was sent using IMP, the Internet Messaging Program. > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.comVersion: 8.0.138 / Virus Database: > 270.4.10/1549 - Release Date: 7/12/2008 4:31 PM > > > From dniesen at gmail.com Sun Jul 13 11:22:37 2008 From: dniesen at gmail.com (Donovan) Date: Sun, 13 Jul 2008 11:22:37 -0500 Subject: [tclug-list] server thin client In-Reply-To: References: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> Message-ID: <47f4d5e70807130922h4e6ae800g2bbf5d1cd544868d@mail.gmail.com> On Sat, Jul 12, 2008 at 10:06 PM, Mike Miller wrote: > On Sat, 12 Jul 2008, Andrew Zbikowski wrote: > >> The clients have to boot up something. >> >> Your clients boot off the network using the ROM from the network card. >> >> The network card downloads a small boot image that is usually the Linux >> kernel, and enough utilities to NFS mount an export from the server. >> This is most likely what the client images are. >> >> The XServer starts, and does an XDMCP query to the server. >> >> The thin client is only the display. Even though the applications are >> running on the server and using the server's CPU and memory, the thin >> client is still doing the graphics processing. You might want something >> a bit faster and a bit more modern than a 386...unless you're doing just >> text console. :) > > > The X terminology is a little tricky because the "X server" is running on > the machine that one would be tempted to call "the client" -- the usually > smaller machine that connects to the larger more powerful machine. So in > the X system the thin client has to do a lot of work. > > Another option is VNC. With VNC the X client and X server both run on the > big server machine and the smaller machine just runs a viewer that does > very little processing. But, for VNC on Linux, the VNCviewer is an X > application which requires that an X server is running on the thin client. > It might work a lot better on a minimal client system though, and it has > some other advantages over XDMCP. > > I don't know how low you can go in processing power and make this work. > A 386 is so old (I think I started buying 486s in 1993) -- is it not > possible to get 486 machines for free that can do this work for you? > Even Pentium II machines are getting pretty long in the tooth and I'm sure > many are being discarded. > > Mike > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > PII's are pretty easy for people to give up for nothing. I offered "free recycling" to folks a few years ago and ended up with a bunch of working PII/PIII's that would make mighty fine thin clients. I would imagine it would be even easier waving a school flag. I'd be happy to throw the word out to some friends, family, clients if you're looking to collect some gear that would be easier to support and more useful to the students. -- Donovan Niesen From dniesen at gmail.com Sun Jul 13 11:24:08 2008 From: dniesen at gmail.com (Donovan) Date: Sun, 13 Jul 2008 11:24:08 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <487A29A8.6070804@bitstream.net> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net> <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> <487A29A8.6070804@bitstream.net> Message-ID: <47f4d5e70807130924g42ca15e5u86d389d4dcda2b5a@mail.gmail.com> On Sun, Jul 13, 2008 at 11:13 AM, PJ Crump wrote: > What do you think I should tell them is the reason why I need the port > opened up? > > > > > David Alanis wrote: >> If this is the case you have to speak to their "security" department. >> I am not 100% sure customer service can initiate this for your, lets >> see.. >> >> http://security.comcast.net/get-help/contact-comcast-security.aspx >> >> Give this a try.. Or if anyone knows different? >> >> David >> >> >> Quoting PJ Crump : >> >>> Any suggestions as to how to get them to re-enable it? >>> >>> >>> Jon Schewe wrote: >>>> My secure site on a Comcast cable modem is still working from outside >>>> the Comcast network. I've had them block port 25 (both in and out) a >>>> number of times thinking they are protecting me from spam, so it's >>>> possible they decided you have spam on port 443 :) >>>> >>>> PJ Crump wrote: >>>>> For the last 7 years I have been hosting a website from my house on >>>>> port 443 (very low low usage - 20 hits a day) and today it's not >>>>> working for anyone coming in from the internet. I checked all the >>>>> usual things and nothing is out of line.. Then I started thinking >>>>> that maybe Comcast is blocking it.. Thoughts? >>>>> >>>>> Thanks - PJ >>>>> >>>>> _______________________________________________ >>>>> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >>>>> tclug-list at mn-linux.org >>>>> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >>>>> >>>> >>> >>> >>> _______________________________________________ >>> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >>> tclug-list at mn-linux.org >>> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >>> >> >> >> >> ---------------------------------------------------------------- >> This message was sent using IMP, the Internet Messaging Program. >> >> >> No virus found in this incoming message. >> Checked by AVG - http://www.avg.comVersion: 8.0.138 / Virus Database: >> 270.4.10/1549 - Release Date: 7/12/2008 4:31 PM >> >> >> > > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list > Accessing home webcam for monitoring sick grandmother? Tug those heart strings. -- Donovan Niesen From jpschewe at mtu.net Sun Jul 13 17:39:55 2008 From: jpschewe at mtu.net (Jon Schewe) Date: Sun, 13 Jul 2008 17:39:55 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <487A29A8.6070804@bitstream.net> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net> <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> <487A29A8.6070804@bitstream.net> Message-ID: <487A843B.4000509@mtu.net> I tried to convince them to open port 25 and ended up just waiting it out, about 6 months or so and it got opened up. The problem is that the Terms of Use disallow servers. PJ Crump wrote: > What do you think I should tell them is the reason why I need the port > opened up? > > > > > David Alanis wrote: >> If this is the case you have to speak to their "security" >> department. I am not 100% sure customer service can initiate this >> for your, lets see.. >> >> http://security.comcast.net/get-help/contact-comcast-security.aspx >> >> Give this a try.. Or if anyone knows different? >> >> David >> >> >> Quoting PJ Crump : >> >>> Any suggestions as to how to get them to re-enable it? >>> >>> >>> Jon Schewe wrote: >>>> My secure site on a Comcast cable modem is still working from outside >>>> the Comcast network. I've had them block port 25 (both in and out) a >>>> number of times thinking they are protecting me from spam, so it's >>>> possible they decided you have spam on port 443 :) >>>> >>>> PJ Crump wrote: >>>>> For the last 7 years I have been hosting a website from my house on >>>>> port 443 (very low low usage - 20 hits a day) and today it's not >>>>> working for anyone coming in from the internet. I checked all the >>>>> usual things and nothing is out of line.. Then I started thinking >>>>> that maybe Comcast is blocking it.. Thoughts? >>>>> >>>>> Thanks - PJ >>>>> >>>>> _______________________________________________ >>>>> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >>>>> tclug-list at mn-linux.org >>>>> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >>>>> >>>> >>> >>> >>> _______________________________________________ >>> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >>> tclug-list at mn-linux.org >>> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >>> >> >> >> >> ---------------------------------------------------------------- >> This message was sent using IMP, the Internet Messaging Program. >> >> >> No virus found in this incoming message. >> Checked by AVG - http://www.avg.comVersion: 8.0.138 / Virus Database: >> 270.4.10/1549 - Release Date: 7/12/2008 4:31 PM >> >> >> > -- Jon Schewe | http://mtu.net/~jpschewe If you see an attachment named signature.asc, this is my digital signature. See http://www.gnupg.org for more information. For I am convinced that neither death nor life, neither angels nor demons, neither the present nor the future, nor any powers, neither height nor depth, nor anything else in all creation, will be able to separate us from the love of God that is in Christ Jesus our Lord. - Romans 8:38-39 From ecrist at secure-computing.net Sun Jul 13 17:56:18 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Sun, 13 Jul 2008 17:56:18 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <487A843B.4000509@mtu.net> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net> <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> <487A29A8.6070804@bitstream.net> <487A843B.4000509@mtu.net> Message-ID: <476C6701-8ACE-4096-BD48-E726C9296017@secure-computing.net> If you have business-class service, you're allowed to host servers now. It's a bit more expensive, but you can even get /29, /28, or /27 bit subnets, too. Eric On Jul 13, 2008, at 5:39 PM, Jon Schewe wrote: > I tried to convince them to open port 25 and ended up just waiting it > out, about 6 months or so and it got opened up. The problem is that > the > Terms of Use disallow servers. > > PJ Crump wrote: >> What do you think I should tell them is the reason why I need the >> port >> opened up? >> >> >> >> >> David Alanis wrote: >>> If this is the case you have to speak to their "security" >>> department. I am not 100% sure customer service can initiate this >>> for your, lets see.. >>> >>> http://security.comcast.net/get-help/contact-comcast-security.aspx >>> >>> Give this a try.. Or if anyone knows different? >>> >>> David >>> >>> >>> Quoting PJ Crump : >>> >>>> Any suggestions as to how to get them to re-enable it? >>>> >>>> >>>> Jon Schewe wrote: >>>>> My secure site on a Comcast cable modem is still working from >>>>> outside >>>>> the Comcast network. I've had them block port 25 (both in and >>>>> out) a >>>>> number of times thinking they are protecting me from spam, so it's >>>>> possible they decided you have spam on port 443 :) >>>>> >>>>> PJ Crump wrote: >>>>>> For the last 7 years I have been hosting a website from my >>>>>> house on >>>>>> port 443 (very low low usage - 20 hits a day) and today it's not >>>>>> working for anyone coming in from the internet. I checked all >>>>>> the >>>>>> usual things and nothing is out of line.. Then I started >>>>>> thinking >>>>>> that maybe Comcast is blocking it.. Thoughts? >>>>>> >>>>>> Thanks - PJ >>>>>> >>>>>> _______________________________________________ >>>>>> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >>>>>> tclug-list at mn-linux.org >>>>>> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >>>>>> >>>>> >>>> >>>> >>>> _______________________________________________ >>>> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota >>>> tclug-list at mn-linux.org >>>> http://mailman.mn-linux.org/mailman/listinfo/tclug-list >>>> >>> >>> >>> >>> ---------------------------------------------------------------- >>> This message was sent using IMP, the Internet Messaging Program. >>> >>> >>> No virus found in this incoming message. >>> Checked by AVG - http://www.avg.comVersion: 8.0.138 / Virus >>> Database: >>> 270.4.10/1549 - Release Date: 7/12/2008 4:31 PM >>> >>> >>> >> > > -- > Jon Schewe | http://mtu.net/~jpschewe > If you see an attachment named signature.asc, this is my digital > signature. > See http://www.gnupg.org for more information. > > For I am convinced that neither death nor life, neither angels > nor demons, neither the present nor the future, nor any > powers, neither height nor depth, nor anything else in all > creation, will be able to separate us from the love of God that > is in Christ Jesus our Lord. - Romans 8:38-39 > > > _______________________________________________ > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota > tclug-list at mn-linux.org > http://mailman.mn-linux.org/mailman/listinfo/tclug-list --- Eric Crist From tclug at jfoo.org Sun Jul 13 19:42:48 2008 From: tclug at jfoo.org (John Gateley) Date: Sun, 13 Jul 2008 19:42:48 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <476C6701-8ACE-4096-BD48-E726C9296017@secure-computing.net> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net> <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> <487A29A8.6070804@bitstream.net> <487A843B.4000509@mtu.net> <476C6701-8ACE-4096-BD48-E726C9296017@secure-computing.net> Message-ID: <487AA108.3000603@jfoo.org> Eric F Crist wrote: > If you have business-class service, you're allowed to host servers > now. It's a bit more expensive, but you can even get /29, /28, or /27 > bit subnets, too. > > > Eric > > On Jul 13, 2008, at 5:39 PM, Jon Schewe wrote: > >> I tried to convince them to open port 25 and ended up just waiting it >> out, about 6 months or so and it got opened up. The problem is that >> the >> Terms of Use disallow servers. Or switch to DSL and ipHouse - I've been using this setup for years... j From thoth.serath at gmail.com Sun Jul 13 19:51:35 2008 From: thoth.serath at gmail.com (Chris Gloege) Date: Sun, 13 Jul 2008 19:51:35 -0500 Subject: [tclug-list] thin clients Message-ID: <7c055dc50807131751l57c01ed3uf1a4fa897fe96c42@mail.gmail.com> we have all of the thin clients and a dual processor 2.?? processor server. they boot fast and run good, some problems with video being choppy, we are using vlc, but all is good on that front for the first round. this is a pilot project using 3 class rooms. there will be more soon. i guess he, david, decided it would be unnecessary to manipulate the ltsp (?) client image. next steps: 1) figure out group policies for a 3 tier system the kids get more permissions as they behave properly and loose them as they don't. 2) we want to so screen casts on a mac using some sort of virtual machine. i have wmware on my pc. just not sure what works on mac as that is what david wants to do it on. i know how to make the final file smaller using flash to make a swf file. cam studio and audacity on a mac? ffshow? i hate it that i don't know macs. all my stuff is pulled out of garbage or free with the exception of my fairly cheap laptop... 3) if we have to we can lock down the computers and firefox to prevent installation of software and addons. if you have ever been to dunn bros, some have the systems so they are fresh for the next person, only we want the students to be able to save files on the server within their usr files. and i imagine we want to save bookmarks as well. 4) we want to know what the best educational software for linux is and remove inferior apps. all suggestions will be appreciated. here is a link to the blog david set up for this project: http://groosd.blogspot.com/2008/07/next-step-details.html we are looking for volunteers to help us. please take a minute to check out the blog as it has a list of things we want to accomplish. also, we have a project where we take old computers and put ubuntu systems in them and sell them at very low cost, right now $50 to students and their families, offered through the school itself. we want to make them pay something so they appreciate them, plus we need to recover some costs for gas to pick them up, and some money will be put aside to keep the project going. he was originally thinking that we had to purchase these computers and sell them at a much higher price. i am sure we can get general mills, cargil, target, etc. to provide us with some through their philanthropy department. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080713/575cb9cf/attachment.htm From ecrist at secure-computing.net Sun Jul 13 19:54:37 2008 From: ecrist at secure-computing.net (Eric F Crist) Date: Sun, 13 Jul 2008 19:54:37 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <487AA108.3000603@jfoo.org> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net> <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> <487A29A8.6070804@bitstream.net> <487A843B.4000509@mtu.net> <476C6701-8ACE-4096-BD48-E726C9296017@secure-computing.net> <487AA108.3000603@jfoo.org> Message-ID: <3ECB3BAE-2B2E-422A-89EB-C0CAD640FD04@secure-computing.net> On Jul 13, 2008, at 7:42 PM, John Gateley wrote: > Eric F Crist wrote: >> If you have business-class service, you're allowed to host servers >> now. It's a bit more expensive, but you can even get /29, /28, or / >> 27 >> bit subnets, too. >> >> >> Eric >> >> On Jul 13, 2008, at 5:39 PM, Jon Schewe wrote: >> >>> I tried to convince them to open port 25 and ended up just waiting >>> it >>> out, about 6 months or so and it got opened up. The problem is that >>> the >>> Terms of Use disallow servers. > > Or switch to DSL and ipHouse - I've been using this setup for years... I second the DSL w/ipHouse (www.iphouse.com). They're fairly reasonable on their pricing, and I've not experienced any port blocking from them. Also, the folks over there are pretty capable. --- Eric Crist From jpschewe at mtu.net Sun Jul 13 21:12:42 2008 From: jpschewe at mtu.net (Jon Schewe) Date: Sun, 13 Jul 2008 21:12:42 -0500 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <3ECB3BAE-2B2E-422A-89EB-C0CAD640FD04@secure-computing.net> References: <4879808F.7020305@bitstream.net> <487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net> <20080713095425.ttvqt03pk40ckko8@mail.dalan.us> <487A29A8.6070804@bitstream.net> <487A843B.4000509@mtu.net> <476C6701-8ACE-4096-BD48-E726C9296017@secure-computing.net> <487AA108.3000603@jfoo.org> <3ECB3BAE-2B2E-422A-89EB-C0CAD640FD04@secure-computing.net> Message-ID: <487AB61A.2080309@mtu.net> Eric F Crist wrote: >> Or switch to DSL and ipHouse - I've been using this setup for years... >> > > > I second the DSL w/ipHouse (www.iphouse.com). They're fairly > reasonable on their pricing, and I've not experienced any port > blocking from them. Also, the folks over there are pretty capable. > The problem is that DSL isn't available for many of us and it's slower for the same price. Granted the ability to run servers is worth something too. -- Jon Schewe | http://mtu.net/~jpschewe If you see an attachment named signature.asc, this is my digital signature. See http://www.gnupg.org for more information. For I am convinced that neither death nor life, neither angels nor demons, neither the present nor the future, nor any powers, neither height nor depth, nor anything else in all creation, will be able to separate us from the love of God that is in Christ Jesus our Lord. - Romans 8:38-39 From chewie at wookimus.net Mon Jul 14 00:55:03 2008 From: chewie at wookimus.net (Chad Walstrom) Date: Mon, 14 Jul 2008 00:55:03 -0500 Subject: [tclug-list] server thin client In-Reply-To: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> References: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> Message-ID: <28146.1216014903@skuld.wookimus.net> One thing to note about the 386 platform is that it's relatively challenging to find a kernel that will run on less than 4MB of RAM. The 2.4 and 2.6 kernels both required at least 4MB of RAM to run. You could squeak by with 2MB on the 2.2 kernel, but just barely. The only way I was able to get it to work was by having a swap partition already defined on the disk. You might be able to find an old version of Linux and an old version of XFree86 that could run on the 386 platform. That's pretty much all you need for an LTSP thin client. You'll need the kernel, optionally a dhcp or bootp client, the NFS client software, and of course X. This will probably be a challenge. Now, there are hacks out there for "small" kernels, but many of these are designed for embedded devices that start out with 8MB of RAM minimum. For 386, you're going to have to open the vault and look for dusty old apps. You would do far better to procure a stack of Pentium class machines. Buy either network bootable NIC's or Compaq flash cards to house the minimal kernel and root software. For the truely minimalistic, check out: http://chippc.com/thin-clients/jack-pc/ "Wall socket PC"... Totally awesome. G'night! Chad From Craig.A.Smith at honeywell.com Mon Jul 14 08:45:46 2008 From: Craig.A.Smith at honeywell.com (Smith, Craig A) Date: Mon, 14 Jul 2008 09:45:46 -0400 Subject: [tclug-list] [OT] Is comcast blocking port 443? In-Reply-To: <487A843B.4000509@mtu.net> References: <4879808F.7020305@bitstream.net><487A029D.6090107@mtu.net> <487A10ED.6000706@bitstream.net><20080713095425.ttvqt03pk40ckko8@mail.dalan.us><487A29A8.6070804@bitstream.net> <487A843B.4000509@mtu.net> Message-ID: <352399F8DB39E14FBB4B648897CA32E6E9B590@DE08EV802.global.ds.honeywell.com> I have a web site on a Comcast dynamic ip (thank-you www.dyndns.org for a free domain that follows my dynamic ip). This morning, port 443 is working fine as is port 25 (smtp). However, because many mail-servers (including Gmail) reject traffic from dynamic addresses, I relay outbound mail through smtp.comcast.net. Jon Schewe wrote: > The problem is that the Terms of Use disallow servers. When I subscribed last year, I read all the fine print on the paperwork the installer had me sign. There was no language regarding home servers. Since Comcast could block, I assume it's okay (wink-wink). From mbmiller at taxa.epi.umn.edu Mon Jul 14 08:49:30 2008 From: mbmiller at taxa.epi.umn.edu (Mike Miller) Date: Mon, 14 Jul 2008 08:49:30 -0500 (CDT) Subject: [tclug-list] server thin client In-Reply-To: <28146.1216014903@skuld.wookimus.net> References: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> <28146.1216014903@skuld.wookimus.net> Message-ID: On Mon, 14 Jul 2008, Chad Walstrom wrote: > For the truely minimalistic, check out: > > http://chippc.com/thin-clients/jack-pc/ > > "Wall socket PC"... Totally awesome. Those are cool but I guess they cost about $400. Mike From iipreca at hotmail.com Mon Jul 14 12:21:42 2008 From: iipreca at hotmail.com (G J) Date: Mon, 14 Jul 2008 12:21:42 -0500 Subject: [tclug-list] server thin client In-Reply-To: References: <7c055dc50807120858m7974145drb1fd34623558a33d@mail.gmail.com> <28146.1216014903@skuld.wookimus.net> Message-ID: > Date: Mon, 14 Jul 2008 08:49:30 -0500 > From: mbmiller at taxa.epi.umn.edu > To: tclug-list at mn-linux.org > Subject: Re: [tclug-list] server thin client > > On Mon, 14 Jul 2008, Chad Walstrom wrote: > > > For the truely minimalistic, check out: > > > > http://chippc.com/thin-clients/jack-pc/ > > > > "Wall socket PC"... Totally awesome. > > > Those are cool but I guess they cost about $400. > > Mike > And you need a POE Switch to power them. Jesse _________________________________________________________________ The i?m Talkaton. Can 30-days of conversation change the world? http://www.imtalkathon.com/?source=EML_WLH_Talkathon_ChangeWorld -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.mn-linux.org/pipermail/tclug-list/attachments/20080714/29029492/attachment.htm From a