mudfish
-
Posts
28 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by mudfish
-
-
appreciate your reply but it seems my questions has not been answered. :sad:
-
hi ian,
added security=user in the globals section on my smb.conf but still no luck.i think security=user is the default so i guess it is not a problem. :unsure:
-
hi all,
i have a mandriva 2007 which has samba installed and a share on its reiserfs partition but i cannot seem to get acl support to work. i don't see any security tabs when i browse the share using the root account on my winxp computer.just wanna ask some questions here and much help is appreciated.
1. is acl supported on reiserfs?
2. is the linux kernel on my system(2.6.17-5mdv) supports acl or do i still have to patch it?
3. or do i have to change it to ext3 or xfs filesystem?
below is my fsstab entry
/dev/hda1 / ext3 defaults 1 1 /dev/hdc1 /home reiserfs notail,noatime,acl 1 2 none /proc proc defaults 0 0 /dev/hdc5 /tmp ext3 defaults 1 2 /dev/hda6 /usr ext3 defaults 1 2 /dev/hda7 /var ext3 defaults 1 2 /dev/hda5 swap swap defaults 0 0
my smb.conf
[global] workgroup = HOME server string = samba log level = 3 log file = /var/log/samba/log.%m max log size = 100 socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 preferred master = No local master = No wins support = Yes nt acl support = yes [MyShare] comment = A Shared Drive browseable = yes writable = yes guest ok = no path = /home/MyShareneed help.
-
seems mr. google did the job for me.i found this iptable entry:
iptables -t nat -A PREROUTING -p tcp --dport 80 -d www.iamnotloading.com -j ACCEPT
which works perfectly. :)
-
Have you configured squid so that it is specified manually in the browser configuration, or have you configured it to be transparent and have iptables automatically redirect traffic to the squid proxy server?
As a thought though, you want to be looking at any request to the destination address so that it is passed directly without going via the squid proxy. This rule would come before the rule that redirects all other http traffic via the squid proxy. So I'm assuming you've done it transparently. If so, also remember that you should only be redirecting http traffic, since https will not automatically redirect transparently due to a suspected "man-in-the-middle" attack. That is normal by design.
yes ian,i have squid setup as transparent proxy caching server.port 443 is block so https is not a problem on my side.
-
hi all,
ive disabled ecn and tcp window scaling is off but still some sites wont show up when it goes to my squid proxy. hopefully someone here would help me for the much needed iptable firewall rule to allow some sites not to pass through squid(i.e direct)
hoping someone here would bail me out on this problem as ive been pulling my hair off for days on this one.
-
found this info on mandriva 2007 errata page and that answers my problem.
http://wiki.mandriva.com/en/Releases/Mandr...T_dies_on_login
i should have read the errata page before asking here.sorry mods.
:wacko: but thanks again ian for the time. B)
-
no.i am trying to access it from the localhost itself i.e on the same machine that swat and samba is installed on.
-
hi all.
recently installed samba server(3.0.23b) with swat on mandriva 2007 box.everything went smoothly but when i try to access samba via swat on my browser as root it keeps throwing me back to its login prompt eventhough i am 100% sure i entered the correct root password. (i am accessing it on the same machine where samba is installed.)before that ive already edited the swat file on the xinetd.d directory and change the option disable from "yes" to "no" and then run "service xinetd restart"
any ideas ?
-
hi all,
its me again.i am trying to setup a samba fileserver in my /home partition using nt-style permissioning(just like windows server 2003).my question is how do i enable acl support on the etc/fstab on my /home partition? :unsure:
Joel
-
thanks for the info..:)
-
btw i am using mandrake 10.1 :)
-
hi all,
my network is up before my shorewall is started.how can i do the reverse of it?(i,e shorewall first before the ethxx because from what i ve read shorewall should first be the one up and running before the network interfaces should be up when the linux box boots up for added security measure.
i would appreciate all your help. :)
-
one of the linux gurus here in our place set it up using bridge utils? and proxyarp?.man, i dont know that stuff and the configs.he just added one nic to my gateway (i dunno how he set it up but it works..)i am still looking for a much simpler solution than the one he did.btw he remove the router and he connected the adsl modem to eth1,eth0 is the firewall ip and eth2 is the network bridge?!anyway thanks ianw1974 for the help. B)
-
i havent tried resetting it to the default.when u say start a konsole session and move the kde folder to a new location did u mean using my account or being as root?does it guarantee that it would not alter my network configuration and settings as well as my firewall configuration?if i do that would mcc and all the applications that ive installed would run now?im a bit hesitant doing this as i am on a learning curve and this is the server of our lan so i wanna make sure i can bail out easily if this fails.hope you understand. :mellow:
-
hello there,
ive messep up my kde and after successive retries on bringing it back get paid off.but after i get to the desktop.most of the programs wont run anymore even mcc wont start.my firestarter firewall would say bus error when i tried to launch its gui but when i check its status via console it says it is running.my question is.can i re install kde without reconfiguring my network and other settings?.i am running mandrake 10.1 as a router/gateway on my lan.is there a system restore in linux as there is in windows xp? :unsure:
thanks.
[moved from Installing Mandriva by spinynorman]
-
Providing you can assign public IP to WAN port. WHat model of router? We can check it.
sorry for the late reply ian.it's a linksys router model RT31PN-AN. attach is the pdf manual.
-
The linksys will allow you to do it through the web gui. Although I expect it can only assign one public IP. As long as you don't need to nat the sameport to different machines, then you'll be fine with using just one public ip.
hi.u mean it can be done in my linksys router even it has no 1:1 NAT feature.can you tell me how to do it? :) .i can send to you the pdf manual of my router. :)
-
As paul said. Or use the public IP's on the firewall and nat them to the machine you want to use with it. Depending of course if your router/firewall can take more than one multiple public IP on it's WAN (internet-facing) interface.
i am not that good in networking especially when it comes to linux and. have read bout proxyarp and it seems too difficult for my brain to catch it up.i am looking for a much simpler solution.btw, my linksys model is rt31p2-na and it doesn't support 1:1 NATting.
anybody can explain this code to me if this iptable rules really works on the firewall.it says it is 1:1 NATting
## Standard Stuff ##
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables --table nat -A POSTROUTING -o eth0 -j SNAT --to $NAT_IP
## The 1:1 NAT stuff ##
iptables -t nat -A PREROUTING -d $EXTERNAL_IP \
-j DNAT --to-destination $INTERNAL_IP
iptables -t nat -A POSTROUTING -s $INTERNAL_IP \
-j SNAT --to-source $EXTERNAL_IP
iptables -t nat -A POSTROUTING -s $INTERNAL_NET -d $INTERNAL_IP \
-j SNAT --to-source $NAT_IP
Where $NAT_IP is the external IP of your firewall. The last rule is required if you want hosts on your internal net to be able to talk to that external IP as well.
have found it at
http://www.mybrainhurts.com/blog/2007/07/1...r-firewall.html
thanks
-
heres my network.i have an adsl modem connected to a linksys router.the router is then connected to a mandrake linux box.the linux box shares his internet to my lan(which has a firestarter firewall and squid running)
eth1=router
eth0=lan
now my isp assigned me 6 public ip's.i want to distribute this 6 public ip's inside my lan i.e use their public ip addresses inside my network.it will be used for connecting to a remote vpn server(the vpn server does not accept multiple connections using only 1 ip address).any info on how to do that? or maybe some iptable rules for me to get going?is it possible?
:mellow:
-
hi all
ty for the quick and informative replies.it really helps us a lot newbies gain new knowledge from experienced linux users.im a bit new to shorewall as im used to using firestarter with just a few clicks and its done.i am blocking port 25 on the firewall because i am not running a mail server..(am i doing right?i mean closing port 25 does not mean i can no longer check my email account on yahoo right?? greetz goes to scoonma,soulse and paul.
-
how do you block port 25 on shorewall firewall?
-
i finally find the solution to my problem after a lot of googling.here's the link if anyone encounters this problem with squid.
http://osdir.com/ml/security.firewalls.fir...7/msg00014.html ;)
-
well, anyone knows a gui firewall that can do what i want with squid?btw, thanks greg2 for informing me about that.
samba acl support on reiserfs?
in Networking
Posted
thanks.that should be the reason why i am not seing the security tabs in my windows box..Im off to configuring SAMBA as a PDC now.Does anybody here have a working samba guide to PDC using Mandriva 2007?Again, thank you Ian.