-
Posts
5611 -
Joined
-
Last visited
-
Days Won
8
Content Type
Profiles
Forums
Events
Posts posted by paul
-
-
it does ... and it works perfect.
theYinYeti is right.
2 processors = about 1.8 the speed
I've got 2 1gig procs, and a sinlge 2.3 is faster :-(
-
good news !!! :-)
I'm trying to sell MNF's to clients with different setups .. .so hearing reports like this is great!!!
-
yep ... but for security reasons I would do
proxyarp
67.x.x.127 eth1 eth0 no
(67.x.x.127 being webServer IP)
rules
ACCEPT wan dmz tcp http 67.69.40.126
don't forward UDP (big security hole) http only needs tcp port 80 (and 443 for https)
if all you want is a webserver then then:
rules
ACCEPT wan dmz tcp http 67.69.40.126
ACCEPT wan dmz tcp https 67.69.40.126
I think ... you may have to specify then dmz ip address (try it without first)
example:
ACCEPT wan dmz:67.x.x.127 tcp http 67.69.40.126
ACCEPT wan dmz:67.x.x.127 tcp https 67.69.40.126
cool?
-
correct ...
I have 2 public IP's
202.x.x.1 and 202.x.x.2
firewall ip 202.x.x.1
DNAT tcp+udp wan:202.x.x.1 dmz:202.x.x.2 dns
ACCEPT tcp+udp wan dmz:202.x.x.2 dns
which mean my primary AND secondary DNS records can be on one machine :-) cheating I know (some bodies gonna give me the lecture about DNS records being on different subnets :-( )
have a read thru the docs at http://www.shorewall.net
-
for http forwarding I did
ACCEPT wan dmz:10.0.0.2 http
and it worked fine.
if you want to have public IP addresses in your DMZ its quite easy.
put an entry in the proxyarp table, then change all your DNAT rules to ACCEPT rules.
warning however, you may have to wait some time (in my case 2 days) for the ISP's arp table to update
-
install a local imap server then use fetchmail daemon to get your mail from the ISP and store it in your local imap server
-
remove the new drivers first
cd /path/to/new_driver_src/
as root
make uninstall
should remove them then reinstall the 3.123 drivers
-
The firewall by default has icmp_request turned off on all devices.
Which means you won't be able to ping the firewall from anywhere
a couple of points you should note
if the network addresses are on the same subnet the firewall won't work
example: eth0 192.168.1.1 eth1 192.168.1.2 <-- won't work !!!!!
also MNF is NOT IE friendly (it just doesn't work with that stoopid browser)
try accessing the firewall with mozilla (or pheonix)
if you have a look at your routing tables on the firewall, you will see why it won't work when the devices are on the same subnet.
also I had to generate new ssl keys
as root on the firewall:
/usr/lib/ssl/mod_ssl/gen( something like genratekey.sh)
then cp server.key and server.crt to /etc/http/conf/ssl/ (overwrite existing keys)
then /etc/init.d/http-naat restart
then you should all be good!
p.s. the shameless plug on NZLUG worked :-)
-
get mozilla or pheonix or k-meleon for windows ....
-
its feature of MNF not a bug :P
-
perhaps you should try the new MandrakeMNF ... and when you're done, tick the box that say "start caching name server"
you can get it here
-
this from deno
The MandrakeSecurity Multi Network Firewall (MNF, or simply "firewall") product is finally ready! You will have to wait a few more hours for the official announcement, but it's for real now:A long waiting is over, and the new "Mandrake firewall" with a bunch of high-end features is waiting for you to use it!
and yes there is an ISO image !!! 8)
-
don't turn it off !!!!
instead put an internal DNS server in your network that resolves www.domain.com to 192.168.1.x (or whatever)
Much safer ... and easier to get running
-
look ... I'm a little green alien type thing !!!! :P
-
Y
Waitaminute.. what if Paul is an alien.. omygosh... that has to be true.. I know the truth is out there.. but this is so surprising.. wait till I tell the wo.....
(dragged away by men in black).
ha ha ... roswell "EAT MY DUST!!!" its all happening here in little ol' NZ !!! :lol:
-
You got 7 right!
Congratulations! You are a true geek and code monkey.
:P 8)
-
Sweet mother of !@#$%^&*
Paul Willard: Total CPU Time = 3.908 years
That is pure freeking MADNESS !!
But yeah... I Joined the team...?
8)
-
one thing I have noticed with MDK and Bind, is Mandrake have an odd variable $ORIGIN ... my entries wouldn't work with these in, and the server work fine without them ..... can't figure out why MDK would put them there ???
-
when I build a DNS server I constantly, from another computer on the network do a "dig @192.168.1.1 mandrakeusers.org"
if there is no access to the dns server (its not running or a firewall is blocking it) then it will return .. no DNS server found
you can also do this from the DNS machine
dig @localhost mandrakeusers.org
if it returns anything (not an error of course) then its working fine, and could be a network/security issue
-
I would pay $$$ maybe $$$$ for GTA3 or GTA-ViceCity for Linux !!!!!!!!!!!!!!!!!!!!!
MOttS
I would pay $$$$ for any "in-car" racing game
GTA
grand Turismo
World Rally
V8 Supercars
Formula 1
etc etc etc
-
hi Red
this very thing happened to me when I first installed SNF
I think what happens is when you edit the network card configuration, and especialy change what interface the admin is on, it seems to forget which driver goes with what card.
if you a lsmod you will noptice that only one network driver is installed, and have a look at /etc/modules.conf I had problems in there too.
The only way I could figure out how to fix it was to reinstall :-( any you do on the command line is forgotten when you reboot, which is why I decided to reinstall.
I now have a nice reliable SNF running (I have also updated a bunch of software).
are you able to update packages?? if you can't it probably mean you need to update some packages manually, which is not hard to do, but it may have some affect on how the www-front works.
-
ok so it looks pretty cool ... but I'm only getting one desktop
I have done --kde and edited /etc/3ddesktop.conf but still nothing
mdk 9.0 with 32mb GF2
is there a trick :?:
-
How long does it take you to accumulate that kind of unit Paul? It makes me envious with me just about 50 right now :)
Ronin is right ... I have seti@home running on lots of machines (5 I think)
-
first of all ... check this out
secondly ... if you're interested in joining our group you can visit this link
http://setiathome.ssl.berkeley.edu/stats/t...eam_139739.html
Batch file
in Software
Posted
you mean a shell script :-)
and depends on what you want. ou can running any script (just about) in any languauge (just about) from the command line
it can have any name, or any extension (it doesn't work like windows does)
example:
a perl script (thisismyscript.name)
a php script (thisismyscript.name)
then to run it
you will need to make it executable
chmod 755 thisismyscript.name
then you should be able to execute it by doing
./thisismyscript.name
if that doesn't work try doing
perl ./thisismyscript.name
or
php ./thisismyscript.name