#garfield Logs

Feb 26 2012

00:20 iamturnip mainly PCI and MINI for laptop
01:32 rue_house ok
01:32 rue_house I'm waiting for early ipads or iphones to come up too
11:14 Tom_itx gawd i get tired of Jan in avr
11:42 rue_house what bugs you ?
11:42 rue_house do you find her as bad as flyback or pepsi?
11:45 rue_house hahahah she has a crush on you
11:46 Tom_itx in a different way
19:14 rue_house ok
19:14 Tom_itx mkay?
19:14 Tom_itx i'm shuffling keyboards every time i type so..
19:14 rue_house did you get ssh working to it?
19:14 Tom_itx i dunno
19:14 rue_house can you ssh to it now?
19:14 Tom_itx just wait a sec
19:14 rue_house ok plug eth1 into your local network
19:14 Tom_itx no i don't think i set that up
19:14 rue_house on the machine run pump -i eth1
19:15 Tom_itx i'm using my previous notes
19:15 rue_house then tell me if you can ping one of your inside computers
19:15 Tom_itx because they worked
19:15 Tom_L ok toss that keyboard waaayy over there --------------->
19:16 Tom_L auto eth0
19:16 Tom_L iface eth0 inet static
19:16 Tom_L address 192.168.1.122
19:16 Tom_L network 192.168.1.0
19:16 Tom_L netmask 255.255.255.0
19:16 Tom_L broadcast 192.168.1.255
19:16 Tom_L gateway 192.168.1.1
19:16 rue_house ... did you put a gui on the router?
19:16 Tom_L except it's eth1
19:16 Tom_L did i do what?
19:16 rue_house no
19:16 Tom_L no
19:16 rue_house leave that for eth0
19:17 rue_house plug eth0 into the internet, plug eth1 into the local network
19:17 rue_house run pump -i eth1
19:17 Tom_L :/
19:17 rue_house it shoudl get an address from your current router
19:17 Tom_L umm
19:17 Tom_L i'm not sure i can hook into both
19:17 Tom_L lemme see here
19:17 rue_house they can operate in parallel for now
19:18 rue_house I shoudl get my pommigranite
19:18 Tom_L gonna have to unhook for a min
19:18 Tom_L brb
19:18 e_house w
19:18 rue_house I wanted to make a roller
19:19 rue_house hmmm
19:22 Tom_L ok let's see here
19:23 Tom_L ok for now eth0 is static and eth1 is dhcp
19:24 rue_house now run pump -i eth1
19:24 rue_house ifconfig
19:24 Tom_L i gotta restart first
19:24 rue_house should show you have a local address on eth1
19:24 rue_house restart what!
19:24 rue_house !??!?!!?
19:24 Tom_L failed to bring up eth0
19:24 rue_house What are you restarting!?
19:24 rue_house What are you restarting!?
19:25 rue_house What are you restarting!?
19:25 rue_house What are you restarting!?
19:25 rue_house What are you restarting!?
19:25 rue_house What are you restarting!?
19:25 Tom_L i had to save the changes
19:25 rue_house so?
19:25 rue_house What are you restarting!?
19:25 rue_house What are you restarting!?
19:25 Tom_L networking
19:25 rue_house no
19:25 rue_house run pump -i eth1
19:25 Tom_L ./etc/init.d/networking restart
19:25 rue_house then run ifconfig and see if you have a local address
19:25 rue_house eth1 shoudl have a local address
19:26 Tom_L it's local loopback i think
19:26 rue_house run ifconfig
19:26 Tom_L cause the config set it that way
19:26 rue_house there will be a eth1 clause
19:26 rue_house yes?
19:26 Tom_L yeah eth1 is working
19:27 rue_house lo (loopback) is just a distraction for you, ignore it
19:27 rue_house ok
19:27 rue_house now where was I
19:27 Tom_L but i saw it in the interfaces file
19:27 rue_house just ignore loopback
19:28 Tom_L so eth1 is dhcp
19:28 Tom_L and eth0 is static
19:28 Tom_L by the file
19:28 rue_house now, does your other router use that static ip addres?
19:28 Tom_L i don't think so
19:28 Tom_L no
19:28 Tom_L that's why i assigned it
19:28 rue_house ok, does it use a different static ip?
19:28 Tom_L it's high enough it won't
19:29 Tom_L which one?
19:29 Tom_L the other linux box uses 121 and this is 122
19:29 rue_house ok
19:29 rue_house let me rewind
19:29 rue_house do you have a static ip with your isp?
19:29 Tom_L no
19:29 rue_house ok
19:29 rue_house run pump -i eth0
19:29 Tom_L it's assigned by the cablemodem i think
19:29 Tom_L ok
19:30 rue_house did it finish?
19:30 Tom_L it didn't do anythign
19:30 rue_house run ifconfig
19:30 Tom_L operation failed
19:30 rue_house tell me if,... did it say that?
19:30 Tom_L yes
19:30 rue_house ok
19:31 Tom_L umm
19:31 Tom_L if that is gonna be an issue, i'd just like to get this one online so i can transfer my pages to this pc temporarily while i update the REAL one
19:31 rue_house whats your eth0 plugged into?
19:31 Tom_L cablemodem
19:32 Tom_L thru the 8port switch
19:32 rue_house ok, switch the eth1 to the cablemodems switch and run pump -i eth1 then run ifconfig and see if it gets an ip address NOT NOT EDIT THE NETWORKING FILE OR RESTART THE NETWROKING SERVICES
19:33 rue_house ok?
19:33 Tom_L one sec
19:34 Tom_L failed
19:36 Tom_L the first test eth0 returned: ipconfOperation failed. eth1 returned: Operation failed
19:36 Tom_L a different message
19:38 Tom_L btw, ssh is installed
19:39 rue_house then thats the answer, you only get 1 address
19:39 Tom_L then let's go with the above message i posted
19:39 Tom_L i told you this mb doesn't fully support linux
19:39 Tom_L and it only has one slot
19:40 rue_house I think you will find if you plug either internface into the local network and run pump -i eth~ on it, it'll work just fine
19:40 Tom_L so let's work on getting eth1 static and online
19:40 Tom_L hmm
19:40 Tom_L ok what about this... because i don't know
19:41 Tom_L what if i plug the WAN from the cablemodem into a regular port on the 8port switch instead of the wan in?
19:41 Tom_L probably nothing
19:41 rue_house my isp allows so amny mac addresses, if I plug in sequential machines only the first 2 will work, I have to get them to clear the mac addresses I'm not using
19:41 Tom_L doesn't that just swap the signals?
19:41 Tom_L yeah i've done that before
19:41 Tom_L but i've never tried it on this modem
19:41 rue_house no
19:42 rue_house its theirmain server that has the list
19:42 Tom_L i know
19:42 Tom_L but they can only see my router
19:42 rue_house if your list is full you have to get things cleared out before it will let anything connect
19:42 Tom_L it shouldn't be full
19:42 rue_house they ahve a list of all the mac addreses that have been ever plugged into your modem
19:43 Tom_L i know
19:43 rue_house if its more than 2 or 3, they deny connectivity to and new device
19:43 Tom_L that's not stored in the modem is it?
19:43 rue_house no
19:43 Tom_L ok
19:43 rue_house its on their server
19:43 Tom_L i'm not gonna call em tonight
19:43 rue_house get the mac address of the router your using now
19:43 rue_house call them up and get them to flush out everything else
19:44 Tom_L 00:1A:70:E7:29:BC
19:44 rue_house we want eth0 to be on your local network
19:44 rue_house so plug it in that way and run pump -i eth0
19:45 rue_house we will ignore eth1 going to the internet for now
19:45 Tom_L ok eth0 is plugged into the 24port switch
19:45 Tom_L inside the router
19:45 Tom_L the linksys
19:45 rue_house k, now run pump so it gets a local network address
19:45 rue_house pump -i eth0
19:45 Tom_L it was 106 before
19:45 rue_house dosn't matter
19:46 Tom_L returned nothing but a prompt
19:46 rue_house then it worked
19:46 rue_house linux programs aren't verbose
19:46 rue_house if you type ifconfig you shoudl see the config for eth0
19:47 rue_house I want more snack
19:47 Tom_L ifconfig returned a bunch of goop on eth0 now
19:47 rue_house yay
19:47 rue_house ok, you want eth0 statically allocated on your network yes?
19:47 Tom_L mmm it took a lower ip this time
19:48 rue_house dosn't matter what address it took
19:48 Tom_L yeah but i'd like it 122 instead of 101
19:48 Tom_L i know
19:48 Tom_L edit interfaces
19:48 rue_house ok, you want eth0 statically allocated on your network yes?
19:48 Tom_L uh huh
19:48 rue_house lets see the paragraph you got about eth0 from ifocnifg
19:49 rue_house I forgot to buy cookies
19:49 Tom_L and how do you propose i get it to you?
19:49 rue_house did you ssh to it from a windows machine?
19:49 Tom_L no
19:49 Tom_L i can
19:49 rue_house lets do that
19:50 rue_house I want crackers too
19:50 Tom_L eth0 Link encap:Ethernet HWaddr 70:71:bc:bc:87:79
19:50 Tom_L inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0
19:50 Tom_L inet6 addr: fe80::7271:bcff:febc:8779/64 Scope:Link
19:50 Tom_L UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
19:50 Tom_L RX packets:872 errors:0 dropped:0 overruns:0 frame:0
19:50 Tom_L TX packets:117 errors:0 dropped:0 overruns:0 carrier:0
19:50 Tom_L collisions:0 txqueuelen:1000
19:50 Tom_L RX bytes:57183 (55.8 KiB) TX bytes:16460 (16.0 KiB)
19:50 Tom_L Interrupt:28 Base address:0x8000
19:50 rue_house oh I'm hungry, damn
19:50 rue_house ok
19:51 rue_house now, lets see that paragraph you wrote for eth0 in interfaces
19:52 Tom_L auto eth0
19:52 Tom_L iface eth0 inet static
19:52 Tom_L address 192.168.1.122
19:52 Tom_L network 192.168.1.0
19:52 Tom_L broadcast 192.168.1.255
19:52 Tom_L gateway 192.168.1.1
19:52 rue_house ok that shoudl be fine
19:52 Tom_L restart it?
19:52 rue_house mm hold on
19:53 Tom_L that's what i used on the other one but different ip
19:53 rue_house its gonna infer the netmask
19:53 rue_house hold on
19:53 Tom_L this debian says you gotta do something additional for port forwarding
19:53 rue_house you barely have a working interface, hold on about port forwarding :)
19:54 Tom_L i'm just telling you ahead of time
19:54 rue_house ok take out broadcast and network, add netmask 255.255.0.0
19:55 rue_house you should have address, netmask and gateway
19:56 rue_house yea it wasn't working cause you didn't have netmask
19:57 Tom_L it worked on the other one
19:57 rue_house older version of softwares
19:58 rue_house netmask is now required
19:58 Tom_L putty sure as hell doesn't like this keyboard
19:59 Tom_L ok added netmask
20:00 Tom_L br
20:00 Tom_L b
20:03 rue_house you can restart networking if you want to check it worked, otherwise we can continue
20:08 Tom_L either way
20:09 rue_house ready to continue?
20:09 Tom_L carry on
20:09 rue_house ok eth1 will be your modem interface, so get it confugured for dhcp
20:10 Tom_L it should be
20:10 rue_house auto eth1
20:10 rue_house iface eth1 inet dhcp
20:10 Tom_L modem?
20:10 rue_house eth0 is your local interface, eth1 is your public interface
20:10 Tom_L yeah that's what it says
20:10 Tom_L iface eth1.....
20:11 rue_house ok so thats find
20:11 rue_house shall we config the firewall part next?
20:12 Tom_L can we test it somehow first?
20:12 Tom_L then sure
20:12 rue_house hu?
20:12 rue_house you cant test eth1 till you get your isp to clear the mac address oist
20:13 Tom_L ok carry on
20:13 Tom_L gawd i got a headache
20:14 Tom_L ready when you are
20:16 rue_house did you isntall shorewall?
20:17 Tom_L yup
20:17 Tom_L apt-get install openssh-server ssh pump less shorewall localepurge deborphan dhcpd locate
20:17 rue_house shorewall is just a compiler for routing rules in the kernel
20:17 Tom_L yippee!
20:17 rue_house go to /etc/shorewall
20:17 Tom_L in putty?
20:18 rue_house yea
20:18 Tom_L or it doesn't matter..
20:18 rue_house dosn't matter
20:18 rue_house use putty and you can play while we work
20:18 Tom_L i may have lost connection
20:18 Tom_L we need a new ip :)
20:18 rue_house did you restart the networking?
20:19 Tom_L ok i'm ready
20:19 rue_house do an ls do you see a bunch of config files?
20:19 Tom_L yes i restarted it
20:19 Tom_L one conf
20:19 Tom_L one makefile
20:19 rue_house hah, so it took the new address then
20:20 rue_house hu?
20:20 rue_house in /etc/shorewall?
20:20 Tom_L i puttied into it with the new address
20:20 Tom_L root@debian:/etc/shorewall# ls
20:20 Tom_L Makefile shorewall.conf
20:20 rue_house uh, thats new
20:20 Tom_L that's what i said
20:21 Tom_L welcome to new
20:21 rue_house wonder if the makefile builds the config scripts
20:21 e_house throws caution to the
20:21 rue_house type make all
20:21 Tom_L command not found
20:21 Tom_L no compiler
20:21 rue_house ah
20:21 Tom_L :)
20:21 rue_house funny that
20:22 Tom_L remember you said don't install anything?
20:22 rue_house yep thats find
20:22 rue_house apt-get install make
20:22 Tom_L k
20:22 rue_house I'm in and out, I'm gonna start a fire
20:23 rue_house its 10c in here which I'm finding COLD
20:23 rue_house make all
20:23 Tom_L don't leave me hangin or i'll pass out
20:23 rue_house does it do anyting?
20:23 Tom_L root@debian:/etc/shorewall# make all
20:23 Tom_L Shorewall isn't started
20:23 Tom_L Compiling...
20:23 Tom_L ERROR: No firewall zone defined
20:23 rue_house I want it to make about 12 config files
20:23 rue_house ah, it wants zones, ok
20:23 rue_house hmm
20:23 rue_house interesting
20:23 rue_house -rwxr-xr-x 1 root root 5911 2006-07-21 20:46 interfaces
20:23 rue_house -rw-r----- 1 root root 453 2007-11-08 08:21 Makefile
20:23 rue_house -rwxr-xr-x 1 root root 3375 2011-06-11 08:07 masq
20:23 rue_house -rw-r--r-- 1 root root 3493 2006-07-21 20:46 policy
20:23 rue_house -rw-r--r-- 1 root root 809 2006-07-21 20:46 routestopped
20:24 rue_house -rwxr-xr-x 1 root root 13300 2012-02-09 08:15 rules
20:24 rue_house -rwxr-xr-x 1 root root 12526 2009-08-22 11:36 rules.old
20:24 rue_house -rw-r----- 1 root root 4004 2011-01-31 19:02 shorewall.conf
20:24 rue_house -rw-r----- 1 root root 23150 2006-07-21 20:46 shorewall.conf.dpkg-old
20:24 rue_house -rw-r--r-- 1 root root 592 2009-08-22 11:01 zones
20:24 rue_house that is the file list
20:24 rue_house did you isntall locate?
20:24 Tom_L pt-get install openssh-server ssh pump less shorewall localepurge deborphan dhcpd locate
20:24 rue_house type updatedb
20:24 rue_house tell me when it finishes
20:25 Tom_L done
20:25 Tom_L it's done
20:25 rue_house locate routestopped
20:25 rue_house does it find one?
20:25 Tom_L root@debian:/etc/shorewall# locate routestopped
20:25 Tom_L dammit
20:26 Tom_L root@debian:/etc/shorewall# locate routestopped
20:26 Tom_L ./usr/share/doc/shorewall/default-config/routestopped
20:26 Tom_L ./usr/share/doc/shorewall/examples/three-interfaces/routestopped
20:26 Tom_L ./usr/share/doc/shorewall/examples/two-interfaces/routestopped
20:26 Tom_L ./usr/share/man/man5/shorewall-routestopped.5.gz
20:26 Tom_L damn irc hates /
20:26 rue_house cool
20:27 rue_house ls /usr/share/doc/shorewall/examples/two-interfaces/
20:27 Tom_L interfaces policy routestopped shorewall.conf.gz
20:27 Tom_L masq README.txt rules zones
20:27 rue_house coooool!
20:28 rue_house copy over interfaces, policy, routestopped, masq, rules, and zones
20:28 rue_house to /etc/shorewall/interfaces
20:28 rue_house erh
20:28 rue_house /etc/shorewall
20:28 Tom_L how do you copy files?
20:29 Tom_L mv?
20:29 Tom_L cp?
20:29 rue_house interfaces tells shorewall what network interfaces its using
20:29 rue_house cp
20:29 rue_house zones defines network zones
20:29 rue_house rules are the firewall rules
20:29 rue_house and masq is the masqerading rules
20:29 Tom_L how do you copy multiple files at once?
20:29 rue_house 10 min break?
20:29 Tom_L cp interfaces policy routstopped massq rules?
20:29 rue_house cp this that other thing whatever there
20:30 rue_house cp a s d f /etc/shorewall/
20:31 Tom_L root@debian:/etc/shorewall# ls
20:31 Tom_L interfaces Makefile masq policy routestopped rules shorewall.conf
20:34 rue_house hmm how you gonna edit these
20:34 rue_house used to any linux command line editor?
20:34 Tom_L i use pico mostly
20:34 rue_house it pico isntalled?
20:34 Tom_L of course
20:34 rue_house ok edit zones
20:35 Tom_L wait
20:35 Tom_L it's not in the directory
20:35 Tom_L mmmm
20:35 Tom_L are we making a new file?
20:35 rue_house no
20:35 Tom_L hold on i didn't copy it
20:35 rue_house zones should have been one of the ones you copied
20:36 Tom_L yeah i missed it
20:36 Tom_L ok
20:36 Tom_L ready
20:37 rue_house you want the part that isn't commented out to have 3 zones defined
20:37 rue_house fw firewall
20:37 rue_house net ipv4
20:37 rue_house loc ipv4
20:37 rue_house fw is the firewall itself
20:37 rue_house net is the internet
20:37 Tom_L ok it does
20:37 rue_house loc is your local network
20:37 rue_house its all there already?
20:37 Tom_L fw firewall
20:37 Tom_L net ipv4
20:37 Tom_L loc ipv4
20:37 rue_house COOL!
20:37 rue_house ok
20:37 rue_house edit
20:37 Tom_L of course
20:37 rue_house exit
20:37 rue_house edit interfaces next
20:38 Tom_L net eth0 detect dhcp,tcpflags,nosmurfs,routefilter,logmartians
20:38 Tom_L loc eth1 detect tcpflags,nosmurfs,routefilter,logmartians
20:38 rue_house switch loc and net
20:38 rue_house you want eth0 to be your local
20:38 Tom_L do you know how to copy and paste in pico?
20:39 rue_house nope
20:39 Tom_L me either
20:39 rue_house I use vim
20:39 Tom_L i know you do
20:39 rue_house and the only time I copy and paste is from a gui consoe where I can select the text and middle click
20:40 rue_house selected text is automatically copied, middle click pastes selection
20:40 Tom_L edited
20:40 rue_house now, the traffic rules are next
20:40 rue_house are there any rules enabled?
20:41 Tom_L the rules file?
20:41 rue_house yes
20:41 rue_house anything not commented out?
20:41 Tom_L DNS(ACCEPT) $FW net
20:41 Tom_L SSH(ACCEPT) loc $FW
20:41 rue_house I have to do kitty litter and starta fire
20:41 Tom_L Ping(ACCEPT) loc $FW
20:41 Tom_L that's it
20:41 rue_house ok thats an ok start
20:41 rue_house next
20:42 rue_house wait the format is differnet
20:42 rue_house do they show any examples like
20:42 rue_house ACCEPT loc fw tcp 67
20:42 rue_house by the way, these firewall rules are VERRY strict
20:43 Tom_L # For information about entries in this file, type "man shorewall-rules"
20:43 Tom_L #############################################################################################################
20:43 Tom_L #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK
20:43 Tom_L # PORT PORT(S) DEST LIMIT GROUP
20:43 rue_house is there not about 20 pages of exampels at the top of the file?
20:43 Tom_L nope
20:43 rue_house oh
20:43 rue_house uh
20:44 Tom_L oh wait
20:44 Tom_L Ping(DROP) net $FW
20:44 Tom_L ACCEPT $FW loc icmp
20:44 Tom_L ACCEPT $FW net icmp
20:44 Tom_L i missed those
20:44 rue_house I have to do kitty litter and start a fire or I'm gonna have kat pee ont eh floor and frozen toes
20:44 rue_house biab
20:56 rue_shop I gotta love this sytem
20:56 rue_shop now I'm wet and cold
20:57 Tom_L step in pee and went outside?
20:57 rue_shop in new water for the boiler
20:57 rue_shop its got a drop, which has added up to over 12L since I last ran it
20:57 rue_shop drip
20:57 Tom_L antifreze?
20:57 Tom_L better fix that costly drip
20:58 Tom_L i figured out cut and paste while you were gone but i can't duplicate it now :(
20:58 Tom_L it's a sucky little editor but it works
20:59 rue_shop I dont re-antifreeze it
21:00 Tom_L alright now what?
21:05 rue_shop we need to add rules for your dhcp in and out
21:05 rue_shop we also need to set up dns
21:05 rue_shop and your dhcp server
21:05 Tom_L you realize this is a test right?
21:06 Tom_L the real thing will be once i transfer the webpages here and start on the other pc that has 2 good lan cards in it
21:07 Tom_L i just don't want the webpages to be down
21:12 rue_house ok
21:12 rue_house so
21:12 rue_house next
21:12 rue_house we need rules for your dhcp
21:12 Tom_L just a sec
21:13 rue_house # DHCP re-leases
21:13 rue_house #
21:13 rue_house ACCEPT loc fw tcp 67
21:13 rue_house ACCEPT loc fw udp 67
21:13 Tom_L ok
21:13 Tom_L i think
21:13 rue_house these rules let your local network talk to the dhcp server on the firewall
21:13 Tom_L i'm copying my web over too
21:13 rue_house dear god, the boiler lines are 3c!
21:13 e_house sits and shivvers
21:15 Tom_L oh..
21:15 Tom_L do i need to install the stuff for php files?
21:15 Tom_L what is that called...
21:16 rue_house are we setting up a router or installing apache, cmon
21:16 Tom_L i'm just waiting
21:16 Tom_L how many things do you do at once?????
21:18 rue_house well right now I'm reordering the dx order, watching the firebox and helping you
21:18 Tom_L ok i'm ready
21:18 Tom_L did you get the email from dx?
21:18 rue_house and making a todo list that includes, the laundry, shaving, and trying to remember what I forgot
21:18 rue_house the last one said I needed to repay
21:18 Tom_L when you trip over your beard it's time to shave
21:19 rue_house I cant find the credit card, give me your for a min eh?
21:19 Tom_L sure
21:19 Tom_L they'll reject you
21:19 Tom_L i had that happen recently
21:19 rue_house ok dns, you want to use your isp's or set your own up
21:19 Tom_L went on vacation and was 2 states away and tried to use it
21:19 rue_house if your isps is reliabel, use theirs
21:19 Tom_L they turned me down
21:19 Tom_L i had to call them
21:20 rue_house 4510
21:20 Tom_L use the isp's
21:20 Tom_L dns isn't that big a deal
21:20 Tom_L is it?
21:20 rue_house ok
21:20 rue_house without it you have to access everything by IP address
21:21 Tom_L internal?
21:21 Tom_L well as long as somebody is assigning it...
21:22 rue_house uh why isn't the payment page https?
21:22 Tom_L which one?
21:23 Tom_L hmm
21:23 Tom_L i dunno
21:23 Tom_L cause they don't care?
21:24 rue_house chanign it to https worked
21:24 rue_house the link they give you int eh email isn't secure
21:25 Tom_L oh
21:25 rue_house ok so, cat /etc/resolv.conf
21:25 rue_house Sorry to let you know that the payment is failed due to failed to authorize the payment. please pay it again.
21:25 rue_house wtf?
21:27 Tom_L # Generated by pump for interface eth0
21:27 Tom_L search ks.cox.net
21:27 Tom_L nameserver 68.105.28.12
21:27 Tom_L nameserver 68.105.29.12
21:27 Tom_L nameserver 68.105.28.11
21:30 Tom_L now what?
21:31 rue_house ah there you are
21:31 rue_house ok, thats fine
21:31 rue_house we need to set up so you can ssh to it
21:31 rue_house do you want to be abel to ssh from outside
21:31 rue_house from the great wide internet?
21:32 rue_house wait, your default rueles aleardy had ssh stuff didn't they?
21:32 rue_house yea
21:32 rue_house dns ssh and ping
21:33 rue_house you run automatic for your dynamic dns?
21:33 rue_house do you want the firewall to update it for you?
21:35 Tom_L you there?
21:35 rue_house yes
21:35 rue_house <rue_house> dns ssh and ping
21:35 rue_house <rue_house> you run automatic for your dynamic dns?
21:35 rue_house <rue_house> do you want the firewall to update it for you?
21:40 rue_house I have to make supper
21:40 Tom_L k
21:40 Tom_L next step?
21:41 rue_house <rue_house> <rue_house> you run automatic for your dynamic dns?
21:41 rue_house <rue_house> <rue_house> do you want the firewall to update it for you?
21:41 rue_house andwre questions
21:41 Tom_L what do you recomend?
21:41 Tom_L i think it's set to automatic now
21:41 rue_house do ou have the dydns set up on your existing router?
21:41 Tom_L the linksys?
21:41 rue_house I dont know what to have for supper
21:42 Tom_L well i didn't have much so i can't recomend this time
21:42 Tom_L how do i find out?
21:43 rue_house I'll try kraft dinner with wieners then
21:43 rue_house did you confure it on the linksyss?
21:43 Tom_L i'll have to look but i'm sure it's automatic
21:44 Tom_L yeah it's auto
21:46 rue_house ok install ez-ipupdate on the machine then
21:46 rue_house on dx I cant get back to the page to select paying by paypall
21:46 Tom_L you can't?
21:47 Tom_L you're sure having a helluv a time spending money
21:47 Tom_L configure manually?
21:48 rue_house aha, if I click re-order I can
21:48 Tom_L umm
21:48 Tom_L installed... do i configure manually?
21:49 rue_house its configured via
21:49 Tom_L clicked <yes>
21:49 Tom_L it had a list of servers like dyndns etc
21:49 rue_house /etc/ez-ipupdate/default.conf
21:49 rue_house oh ok
21:50 Tom_L that dir is empty
21:50 rue_house oh and it didn't ask you questions to get it conigured/
21:50 Tom_L nope
21:51 rue_house and /etc/ez-ipdate is enpty?
21:51 rue_house k
21:51 rue_house make a default.conf
21:51 Tom_L root@debian:/etc/ez-ipupdate# ls
21:51 Tom_L root@debian:/etc/ez-ipupdate#
21:51 Tom_L k
21:51 Tom_L empty file
21:52 rue_house service-type=dyndns
21:52 rue_house #server=(default)
21:52 rue_house user=password:login
21:52 rue_house host=name of site (rueshuose for rueshouse.dyndns.org)
21:52 rue_house interface=eth1
21:52 rue_house run-as-user=ez-ipupd
21:52 rue_house cache-file=/var/cache/ez-ipupdate/default-cache
21:52 rue_house daemon
21:53 rue_house but you dont want that to run
21:53 Tom_L do i want dyndns?
21:53 rue_house so maybe put a # infront of all the lines for now
21:53 rue_house is that who the dynamic dns is worth?
21:53 rue_house with
21:53 Tom_L for my webpages yes
21:54 rue_house yes, but you ahve to make sure it dosn't run or it'll setet the account
21:54 rue_house maybe give it the wrong passowrd for now
21:55 Tom_L ok, # infront of all those lines
21:55 Tom_L ok, remember i have 2
22:12 rue_house I think you make a second file for the other one
22:12 Tom_L called?
22:12 Tom_L it's just for the logbot mostly
22:13 rue_house nature
22:13 Tom_L but it's a different user
22:13 Tom_L umm what ver of php should i install?
22:14 Tom_L or how do i find what ver is available
22:15 rue_shop yea, write a whole nother file
22:15 Tom_L call it what?
22:15 rue_shop just say apt-get install php
22:15 rue_shop call it
22:15 rue_shop uh tom2
22:15 Tom_L yeah i found that
22:15 rue_shop .conf
22:15 Tom_L tom2.conf?
22:15 Tom_L k
22:16 rue_shop its hard to get more wood in the boiler when the flames are shooting 2 feet out the door
22:16 Tom_L naw, you can just mark shaving off your list
22:19 e_house rubs his
22:19 rue_house and haircuts
22:19 Tom_L no comment on that :)
22:20 Tom_L service type won't be the same on the 2nd one
22:20 rue_house i'LL WAIT A day on the dx stuff again
22:20 rue_house write a whole new file
22:20 Tom_L i did
22:20 Tom_L just copied it for now
22:21 e_house th
22:21 rue_house back to shorewall
22:21 Tom_L do i need to restart anything after installing php?
22:21 rue_house we forgot masq
22:21 Tom_L ok
22:21 rue_house no
22:22 rue_house anything in masq?
22:22 Tom_L eth0 10.0.0.0/8,\
22:22 Tom_L 169.254.0.0/16,\
22:22 Tom_L 172.16.0.0/12,\
22:22 Tom_L 192.168.0.0/16
22:22 rue_house huh
22:22 Tom_L we need to add something for the name server don't we?
22:22 Tom_L that ip list?
22:22 Tom_L from ks.cox.net or whatever it was
22:22 rue_house thats in the dhcp server config
22:23 rue_house oh damn, I'm starting to drift
22:23 Tom_L how much more?
22:23 rue_house I was hoping for a few more hours
22:23 rue_house well, I think your masq is wrong
22:23 rue_house mine is
22:23 rue_house eth1 eth0
22:23 rue_house eth1 eth2
22:23 Tom_L what should it be?
22:23 rue_house because eth0 and eth2 are my internal networks
22:24 rue_house so yours should be like line 1
22:24 rue_house eth1 eth0
22:24 Tom_L get rid of all the numbers?
22:24 rue_house maybe just comment them out
22:24 Tom_L :)
22:24 rue_house things change fast in linux
22:24 rue_house I dont know if I'm out of date
22:24 Tom_L i do
22:25 rue_house to put it this way, I origionally configured this in 2006
22:25 Tom_L we didn't copy over the readme
22:25 rue_house you dont need a readme
22:26 Tom_L what dir was that in?
22:26 Tom_L i wanna look real quick
22:26 rue_house /etc/shorewall
22:26 Tom_L no that was the 'to' dir
22:26 Tom_L what was the 'from' dir
22:26 rue_house damnit I wanted to sit down and finish that overload pcb
22:27 rue_house locate routestopped look for two interfaces
22:27 Tom_L . /usr/share/doc/shorewall/examples/two-interfaces/
22:27 rue_house I better start supper
22:27 Tom_L do what now???
22:28 Tom_L haha readme doesn't say a gd thing
22:28 Tom_L #INTERFACE HOST(S) OPTIONS
22:28 Tom_L eth1 -
22:29 Tom_L content of routestopped
22:39 rue_house watching food is for wooses
22:39 rue_house routestopped is ok
22:39 rue_house oh maybe not
22:39 rue_house make sure routestopped just has eth0
22:39 Tom_L it does
22:39 Tom_L except the -
22:39 Tom_L err
22:39 Tom_L ok
22:40 Tom_L not eth1?
22:40 rue_house it was backwards rememebr?
22:41 Tom_L ok
22:42 iamturnip exit
22:42 iamturnip opps
22:42 iamturnip wrong window
22:42 rue_house hi
22:42 rue_house whats new?
22:42 Tom_L commented eth1 added eth0
22:42 rue_house ok
22:42 Tom_L now what?
22:42 Tom_L i got 5 min left
22:42 rue_house oh, you need to add the rule for ez-ipupdate
22:43 rue_house #
22:43 rue_house # ez-ipupdate
22:43 rue_house #
22:43 rue_house ACCEPT fw net tcp 80
22:43 Tom_L 80 or 81?
22:43 rue_house apparently 80
22:43 Tom_L what file?
22:43 rue_house rules
22:43 Tom_L mmm
22:44 rue_house everything you need to do is in rules
22:44 Tom_L what dir?
22:44 Tom_L cd /etc/shorewall
22:44 Tom_L ok rules
22:44 rue_house DNAT net loc:192.168.8.111 udp 1234 <-- thats how you do port forwarding
22:45 Tom_L that makes no sense to me
22:45 Tom_L udp being 81?
22:46 rue_house no
22:46 Tom_L and loc: being 192.168.1.122 ?
22:46 Tom_L mmm
22:46 rue_house 80 is http, which means that ez-ipupdate uses http to update the records
22:46 rue_house oh, the port forwarding example
22:46 Tom_L yes
22:47 rue_house so its from the internet (net) to local machine 192.168.8.111 using udp port 1234
22:47 Tom_L DNAT net loc:192.168.1.122 udp 82
22:47 Tom_L ?
22:48 rue_house you prolly want tcp for that
22:48 rue_house ;)
22:48 Tom_L why are those spaced so damn far apart?
22:48 Tom_L tcp?
22:48 rue_house tcp instead of udp
22:48 Tom_L ok
22:48 Tom_L for all http port fwding?
22:48 Tom_L so if i do an 81 and 82...
22:49 rue_house sure
22:49 Tom_L can they map to the same ip?
22:49 rue_house yes
22:49 Tom_L ok, what updates this file once i save it?
22:50 rue_house /etc/init.d/shorewall restart
22:50 rue_house it might not be enabled yet
22:50 rue_house I think there is a switch in /etc/defaults/shorewall
22:50 Tom_L The firewall won't be started/stopped unless it is configured
22:50 Tom_L Please read about Debian specific customization in
22:51 Tom_L usr/share/doc/shorewall/README.Debian.gz.
23:02 Tom_L ok
23:06 rue_house thats the file in /etc/default
23:07 rue_house called shorewall
23:07 rue_house if you open it up it says in it to comment out a line
23:07 Tom_L ok so what now?
23:07 rue_house did you edit /etc/default/shorewall?...
23:07 Tom_L umm
23:07 rue_house #startup=0
23:07 rue_house startup=1
23:09 Tom_L ok
23:11 Tom_L root@debian:/etc/default# /etc/init.d/shorewall restart
23:11 Tom_L Restarting "Shorewall firewall": not done (check /var/log/shorewall-init.log).
23:13 Tom_L root@debian:/etc/default# /etc/init.d/shorewall restart
23:13 Tom_L Restarting "Shorewall firewall": not done (check /var/log/shorewall-init.log).
23:13 Tom_L tarting Shorewall....
23:13 Tom_L Feb 26 23:01:36 Starting Shorewall....
23:13 Tom_L ERROR: Unable to determine the routes through interface "eth1": Firewall state not changed
23:13 Tom_L Feb 26 23:01:36 ERROR: Unable to determine the routes through interface "eth1"
23:13 Tom_L Feb 26 23:01:36 ERROR:Shorewall start failed:Firewall state not changed
23:14 Tom_L gonna go to sleep now. take it up again tomorrow
23:15 Tom_L i'll check for notes here tomorrow AM
23:21 rue_house to fix that YOU HAVE TO CALL YOU ISP AND GET THEM TO CLEAR THE MAC ADDRESS TABLE :)
23:32 Tom_itx ok