1118534403 M * Pazzo ...and my mtab contains proc /proc proc, devpts /dev/pts, none /proc proc, none /tmp tmpfs and none /dev/pts 1118534414 M * Pazzo before there have been just two entries 1118534438 M * Pazzo (no "none" lines) 1118534490 M * Bertl means? 1118534517 M * Pazzo I can see proc and pts twice now - proc => /proc and none => /proc and devpts => /dev/pts and none => /dev/pts 1118534562 M * Bertl maybe you added them to the /etc/vservers/*/apps/init/mtab? 1118534581 M * Pazzo sorry, you're right :) 1118534598 M * Bertl np 1118534632 M * Pazzo /proc/mounts shows "/dev/root /" - is this hardcoded? 1118534642 M * Bertl yes ;) 1118534668 M * Pazzo so should I put "/dev/root /" in my mtab? 1118534677 M * Bertl if you like to ... 1118534692 M * Bertl the mtab is only used by mount and the quota tools 1118534736 M * Pazzo now /etc/mtab == mount =~ /proc/mounts 1118534757 M * Pazzo (there is also "rootfs / rootfs rw 0 0" in /proc/mounts) 1118535004 M * Pazzo ok, that's it for now - thnx bertl! 1118535065 M * Bertl you're welcome! 1118535076 M * Pazzo btw: compiled rc4, removed all workarounds / patches, reinstalled util-vserver from sid on my sarge system => everything is fine ;-) 1118535088 M * Bertl good to hear! 1118535088 M * Pazzo reboot & shutdown are working 1118535649 Q * Aiken Ping timeout: 480 seconds 1118536334 Q * nox iridium.oftc.net jupiter.oftc.net 1118536334 Q * Doener|gone iridium.oftc.net jupiter.oftc.net 1118536334 Q * flock iridium.oftc.net jupiter.oftc.net 1118536334 Q * sannes iridium.oftc.net jupiter.oftc.net 1118536334 Q * Bertl iridium.oftc.net jupiter.oftc.net 1118536334 Q * brc iridium.oftc.net jupiter.oftc.net 1118536334 Q * TheSeer iridium.oftc.net jupiter.oftc.net 1118536334 Q * Snow-Man iridium.oftc.net jupiter.oftc.net 1118536334 Q * sladen iridium.oftc.net jupiter.oftc.net 1118536334 Q * SiD3WiNDR iridium.oftc.net jupiter.oftc.net 1118536334 Q * micah iridium.oftc.net jupiter.oftc.net 1118536334 Q * mugwump iridium.oftc.net jupiter.oftc.net 1118536334 Q * locksy iridium.oftc.net jupiter.oftc.net 1118536334 Q * atsab iridium.oftc.net jupiter.oftc.net 1118536334 Q * cryo_ iridium.oftc.net jupiter.oftc.net 1118536334 Q * Beirdo iridium.oftc.net jupiter.oftc.net 1118536334 Q * aba iridium.oftc.net jupiter.oftc.net 1118536334 Q * berni iridium.oftc.net jupiter.oftc.net 1118536337 Q * id iridium.oftc.net jupiter.oftc.net 1118536337 Q * Loki|muh iridium.oftc.net jupiter.oftc.net 1118536337 Q * cereal iridium.oftc.net jupiter.oftc.net 1118536337 Q * albeiro iridium.oftc.net jupiter.oftc.net 1118536337 Q * romke iridium.oftc.net jupiter.oftc.net 1118536337 Q * dsoul iridium.oftc.net jupiter.oftc.net 1118536337 Q * DaPhreak iridium.oftc.net jupiter.oftc.net 1118536337 Q * FaUl iridium.oftc.net jupiter.oftc.net 1118536337 Q * janra iridium.oftc.net jupiter.oftc.net 1118536337 Q * meebey iridium.oftc.net jupiter.oftc.net 1118536337 Q * zimbo iridium.oftc.net jupiter.oftc.net 1118536337 Q * lilo iridium.oftc.net jupiter.oftc.net 1118536337 Q * eXplasm2 iridium.oftc.net jupiter.oftc.net 1118536337 Q * Pazzo iridium.oftc.net jupiter.oftc.net 1118536337 Q * gregster iridium.oftc.net jupiter.oftc.net 1118536337 Q * eyck iridium.oftc.net jupiter.oftc.net 1118536337 Q * pusling iridium.oftc.net jupiter.oftc.net 1118536337 Q * alexx iridium.oftc.net jupiter.oftc.net 1118536337 Q * case iridium.oftc.net jupiter.oftc.net 1118536337 Q * SNy iridium.oftc.net jupiter.oftc.net 1118536337 Q * ola_ iridium.oftc.net jupiter.oftc.net 1118536337 Q * virtuoso iridium.oftc.net jupiter.oftc.net 1118536337 Q * Vudumen iridium.oftc.net jupiter.oftc.net 1118536337 Q * DaCa iridium.oftc.net jupiter.oftc.net 1118536337 Q * Hunger iridium.oftc.net jupiter.oftc.net 1118536359 J * eXplasm2 explasm@p549F3B53.dip.t-dialin.net 1118536359 J * id ~id@relax-media.softwarezentrum.de 1118536359 J * Pazzo ~Pazzo@host130-250.pool8172.interbusiness.it 1118536359 J * nox ~nox@noxlux.de 1118536359 J * Loki|muh loki@satanix.de 1118536359 J * cereal ~cereal@217.20.124.153 1118536359 J * aba ~aba@eos.turmzimmer.net 1118536359 J * albeiro ~albeiro@albeiro.usercloak.oftc.net 1118536359 J * romke ~romke@procyon.romke.net 1118536359 J * dsoul darksoul@pingu.ii.uj.edu.pl 1118536359 J * gregster ~gregor@greart.de 1118536359 J * eyck eyck@81.219.64.71 1118536359 J * berni ~berni@svr01.mucip.net 1118536359 J * DaPhreak ~phreak@lms.rz.uni-greifswald.de 1118536359 J * pusling ~pusling@195.215.29.124 1118536359 J * alexx ~alexx@82.225.136.176 1118536359 J * DaCa ~danny@mail.limehouse.org 1118536359 J * Vudumen vudumen@perverz.hu 1118536359 J * zimbo ~zimbo@callisto.dom.bonis.de 1118536359 J * virtuoso ~s0t0na@80.253.205.251 1118536359 J * lilo ~lilo@lilo.usercloak.oftc.net 1118536359 J * ola_ ~ola@213.115.168.248 1118536359 J * SNy ~mfr@217.20.120.199 1118536359 J * meebey meebey@booster.qnetp.net 1118536359 J * janra janra@paradox.homeip.net 1118536359 J * FaUl ~immo@ip88.164.1211G-CUD12K-01.ish.de 1118536359 J * Hunger Hunger.hu@Hunger.hu 1118536359 J * case ~case@donpanic.faveve.uni-stuttgart.de 1118536384 J * Doener|gone ~doener@p5487608D.dip.t-dialin.net 1118536384 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1118536384 J * sannes ~ace@cm-84.118.217.070.chello.no 1118536384 J * Bertl ~herbert@212.16.62.52 1118536384 J * brc bruce@201008077213.user.veloxzone.com.br 1118536384 J * TheSeer ~theseer@border.office.salesemotion.net 1118536384 J * Snow-Man ~sfrost@snowman.net 1118536384 J * cryo_ ~say@212.86.243.154 1118536384 J * atsab ~as@lotes.vtu.lt 1118536384 J * locksy ~locksy@mrtg.sisgroup.com.au 1118536384 J * mugwump ~samv@210-54-92-184.ipnets.xtra.co.nz 1118536384 J * micah micah@micha.hampshire.edu 1118536384 J * Beirdo ~gjhurlbu@beirdo.usercloak.oftc.net 1118536384 J * SiD3WiNDR luser@bastard-operator.from-hell.be 1118536384 J * sladen paul@starsky.19inch.net 1118536389 M * Bertl 1118536396 M * Bertl happy splitting time ... 1118536404 M * romke hehe 1118536456 M * DaCa Bertl: you moved to freenode? :) 1118536578 M * Bertl :) 1118536717 M * Loki|muh Bertl: why is this channel on oftc.net? 1118537002 M * Bertl because! 1118538032 J * explasm__ explasm@p549F7FCC.dip.t-dialin.net 1118538244 M * Bertl wb explasm__! 1118538458 Q * eXplasm2 Ping timeout: 480 seconds 1118540111 Q * sladen uranium.oftc.net jupiter.oftc.net 1118540111 Q * SiD3WiNDR uranium.oftc.net jupiter.oftc.net 1118540111 Q * micah uranium.oftc.net jupiter.oftc.net 1118540111 Q * mugwump uranium.oftc.net jupiter.oftc.net 1118540111 Q * locksy uranium.oftc.net jupiter.oftc.net 1118540111 Q * atsab uranium.oftc.net jupiter.oftc.net 1118540111 Q * cryo_ uranium.oftc.net jupiter.oftc.net 1118540111 Q * TheSeer uranium.oftc.net jupiter.oftc.net 1118540111 Q * brc uranium.oftc.net jupiter.oftc.net 1118540111 Q * sannes uranium.oftc.net jupiter.oftc.net 1118540111 Q * Snow-Man uranium.oftc.net jupiter.oftc.net 1118540111 Q * flock uranium.oftc.net jupiter.oftc.net 1118540111 Q * Doener|gone uranium.oftc.net jupiter.oftc.net 1118540111 Q * Beirdo uranium.oftc.net jupiter.oftc.net 1118540111 Q * Bertl uranium.oftc.net jupiter.oftc.net 1118540111 Q * nox uranium.oftc.net jupiter.oftc.net 1118540124 J * nox ~nox@noxlux.de 1118540411 J * Doener|gone ~doener@p5487608D.dip.t-dialin.net 1118540411 J * flock ~restless@l192-117-111-12.broadband.actcom.net.il 1118540411 J * sannes ~ace@cm-84.118.217.070.chello.no 1118540411 J * Bertl ~herbert@212.16.62.52 1118540411 J * brc bruce@201008077213.user.veloxzone.com.br 1118540411 J * TheSeer ~theseer@border.office.salesemotion.net 1118540411 J * Snow-Man ~sfrost@snowman.net 1118540411 J * cryo_ ~say@212.86.243.154 1118540411 J * atsab ~as@lotes.vtu.lt 1118540411 J * locksy ~locksy@mrtg.sisgroup.com.au 1118540411 J * mugwump ~samv@210-54-92-184.ipnets.xtra.co.nz 1118540411 J * micah micah@micha.hampshire.edu 1118540411 J * Beirdo ~gjhurlbu@beirdo.usercloak.oftc.net 1118540411 J * SiD3WiNDR luser@bastard-operator.from-hell.be 1118540411 J * sladen paul@starsky.19inch.net 1118545056 M * Bertl any debian folks around? 1118545161 M * DaCa Bertl: #define debian folks 1118545196 M * Bertl folks using/knowing debian stuff ;) 1118545218 M * Bertl I want to add testing to my apt sources 1118545231 M * Bertl but I do not want apt-get to take packages from there 1118545236 M * Bertl (by default) 1118545240 M * DaCa what do you have now? 1118545253 M * Bertl deb http://debian.inode.at/debian/ stable main contrib non-free 1118545265 M * Bertl and an updates line 1118545284 M * DaCa ok, repeat that line, change stable into testing 1118545316 M * Bertl okay, thought so, but won't that make apt-get take packages from both? 1118545326 M * DaCa then in /etc/apt/apt.conf 1118545373 M * DaCa APT::Default-Release "stable"; 1118545389 M * Bertl the file does not exist yet? 1118545401 M * DaCa create it :) 1118545430 M * DaCa apt-get update; apt-cache policy 1118545460 M * DaCa you should see stable at priority 990 and etch at 500 1118545510 M * DaCa man apt_preferences for more complex stuff 1118545523 M * Bertl k, seems to work 1118545562 M * Bertl and how do I install/force a package from testing now? 1118545595 M * DaCa with the default release set to stable, say you want to fetch something from testing: apt-get install package/testing 1118545619 M * Bertl apt-get install util-vserver/testing 1118545627 M * Bertl Selected version 0.30.204-5sarge2 (Debian:3.1r0/stable, Debian:testing) for util-vserver 1118545630 M * Bertl util-vserver is already the newest version. 1118545636 M * Bertl ?? 1118545659 M * DaCa that still fetches dependencies from stable, if you want depencies from testing too, do apt-get -t testing package 1118545695 M * Bertl did I miss something? testing has 204 too? 1118545711 M * DaCa apt-cache policy util-vserver 1118545716 M * Bertl do I ahve to use broken for 207? 1118545741 M * DaCa sid had 207-7 1118545757 M * DaCa sid has 207-7 1118545805 M * Bertl so another entry for unstable? 1118545809 M * DaCa so do the same, duplicate the line for unstable, apt-get update, apt-get install util-vserver/unstable 1118545826 M * Bertl btw, the 204 is severly broken on most archs 1118545848 M * Bertl just tried it on alpha, no-go, the tools use syscall 273 ; 1118545899 M * Bertl well, that's not better with 207 from debian either ... 1118545984 M * Bertl now trying source ... 1118546009 M * Bertl hmm, it failed to find vconfig? 1118546019 M * Bertl are the dependancies broken in debian? 1118546030 M * Bertl (in the debian package, I mean) 1118546085 M * Bertl DaCa: how to search for a package containing a given file? 1118546150 M * DaCa if the package is installed dpkg -S filename 1118546177 M * DaCa otherwise grep the Contents.gz files on the mirrors 1118546200 M * DaCa what file are you looking for? 1118546277 M * Bertl vconfig 1118546559 M * DaCa Setting up util-vserver (0.30.207-7) ... 1118546571 M * DaCa no vconfig, should it be there? 1118546646 M * Bertl it's not part of util-vserver 1118546654 M * DaCa or do you mean you need it for the source package (build-depend) 1118546656 M * Bertl it is part of the vlan tools (usually) 1118546698 M * Bertl ah, the package is called vlan 1118546712 M * Bertl I don#t understand why the debian package didn't pull that in? 1118546743 M * Bertl this basically means that vlan configs do not work for debian folks? 1118546758 M * Bertl gosh, the packages are more broken than I expected ... 1118546809 M * DaCa what do you mean? when exactly do you need vconfig? 1118556549 J * monrad ~monrad@213083190130.sonofon.dk 1118558786 M * eyck there is also dpkg-grep 1118559106 M * Bertl great! ;) 1118559126 M * Bertl off to bed now ... have a good whatever! 1118559132 N * Bertl Bertl_zZ 1118562080 Q * Hollow Remote host closed the connection 1118562212 J * Hollow ~Hollow@home.xnull.de 1118563052 J * dotwaffle ~waffle@hack118.plus.com 1118565018 Q * greedy Quit: using sirc version 2.211+KSIRC/1.3.12 1118567099 M * dotwaffle anyone awake for a simple query? want to know which devel patch to apply for 2.6.11 kernel (Ubuntu)... As patch-2.6.11.11-vs2.0-rc4.diff fails on build. 1118567265 M * dotwaffle guess not... 1118567274 M * daniel_hozac are you patching a vanilla 2.6.11.11 kernel, or Ubuntu's idea of a 2.6.11 kernel? 1118567298 M * dotwaffle daniel_hozac: Cheers, Ubuntu's idea of it - is it worth doing the vanilla set then? 1118567321 M * daniel_hozac the patches are made for vanilla. 1118567396 M * dotwaffle ah! that would make sense! Will get back to you if that fixes it (incidentally, it was failing on fs/super.c) 1118567752 A * dotwaffle looks to ubuntu.com to find out what the Ubuntu team add on to make it so dodgy... 1118568519 M * dotwaffle daniel_hozac: super.o now compiles - thanks for that. 1118568930 Q * rs Quit: rs 1118571820 J * yarihm ~yarihm@217-162-204-252.dclient.hispeed.ch 1118573063 J * Doener` ~doener@p54877F10.dip.t-dialin.net 1118573503 Q * Doener|gone Ping timeout: 480 seconds 1118574065 M * id moin #vserver 1118574101 M * Loki|muh moin id 1118574340 M * dotwaffle suomeksi? 1118574347 M * dotwaffle suomalainen? 1118574392 Q * dotwaffle Quit: Installing vserver kernel. 1118574875 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr 1118574907 M * id morning rs ! 1118574948 Q * explasm__ Remote host closed the connection 1118575200 J * eXplasm explasm@p549F7FCC.dip.t-dialin.net 1118582639 J * hws123 ~Werner@p54A14DF0.dip.t-dialin.net 1118582642 M * hws123 Hi 1118582785 Q * yarihm Quit: This computer has gone to sleep 1118582794 M * hws123 I do have quite an OT question but maybe somebody is able to give me some hints: I do run a web server (public IP) which forwards all requests to my internal vservers (private IP's) and therefore the internal Apache's only log internal ip address, so is there a way to forward the remote IP address as well (e.g. with mod_headers)? 1118583266 N * Bertl_zZ Bertl 1118583322 M * Bertl hws123: hmm, why not leave the external ip as is? 1118583392 M * hws123 bertl: I do use mod_proxy to forward all the requests to the internal vservers. And for those internal web servers it looks like the proxy itself is requesting a web site although it is of course a remote client. 1118583405 M * hws123 Or how to you guys do this kinda stuff? 1118583430 M * Bertl where are the vservers located, and who has the public ip? 1118583498 M * hws123 My real web server has the one and only public IP, the vservers are installed on the same server but all have private ip's 1118583525 M * hws123 So inet->public ip (Apache)->vserver (same system, but 192.168.x.y) 1118583540 M * Bertl i.c. interesting idea with mod_proxy ... never tried it ;) 1118583560 M * Bertl I would simply use something like: 1118583609 M * hws123 I use mod_proxy because I can use it together with mod_security (modsecurity.org) 1118583634 M * hws123 It works fine with mod_proxy but I need to forward the original client ip as well 1118583642 M * Bertl iptable -t nat -A POSTROUTING -d -p tcp --port 80 -j DNAT --to 1118583665 M * hws123 I suppose I need to set an environment variable for each request 1118583681 M * daniel_hozac that's not possible if you have multiple name-based vhosts on separate vservers ;) 1118583695 M * hws123 berl: well, then I can't have a) several vservers all running Apache's and b) an apache on the *real* web server 1118583720 M * daniel_hozac (i have a very similar setup myself) 1118583726 M * Bertl ah, mod_proxy does handly the different names? 1118583731 M * hws123 yes 1118583735 M * Bertl i.e. it looks into the protocol 1118583741 M * hws123 sure 1118583753 M * Bertl well, then you have to 'modify' that to pass on the ip, no? 1118583762 M * hws123 and mod_security can protect all the vservers 1118583779 M * hws123 yeah, that's my problem, I am sure mod_headers can do that 1118583789 M * hws123 daniel: how do you forward the original ip? 1118583794 M * daniel_hozac shouldn't Apache send X-Forwarded-For with the proxy requests? 1118583797 M * daniel_hozac i don't. 1118583816 M * daniel_hozac i haven't bothered to figure that out, since i have access to the proxy logs as well :) 1118583823 M * hws123 ok 1118583829 M * hws123 my customer's don't 1118583925 M * hws123 ok mod_rewrite will do the trick, hold on 1118583951 M * daniel_hozac hmm? 1118583978 M * Bertl what about ProxyPass? 1118583999 M * hws123 I use ProxyPass, but it doesn't forward the ip correctly 1118584005 M * Bertl ah, wrong one: 1118584010 M * Bertl ProxyPreserveHost Directive 1118584023 M * hws123 e.g. I use a wiki inside a vserver and it says "192.168.x.y" instead of the original client ip 1118584044 M * hws123 that will only forward the hostname of the host requests (e.g. example.com) *not* the ip of the client 1118584086 M * Bertl ah, yes ... indeed 1118584610 M * Bertl okay, back later 1118584624 N * Bertl Bertl_oO 1118584672 M * hws123 mod_rewrite is able to set environment variables as well 1118584701 M * daniel_hozac how does that help? 1118584818 M * hws123 well, you can set the remote_addr environment variable for a proxy forward 1118584832 M * hws123 at least I believe you can 1118584897 M * daniel_hozac well, environmental variables aren't forwarded to the other Apache, AFAIK. 1118585193 M * hws123 but you can do that with mod_rewrite afaik 1118585557 M * daniel_hozac well, Apache does seem to set X-Forwarded-For. 1118585601 M * daniel_hozac so using that in the LogFormat would do the trick. 1118585762 M * daniel_hozac yep, works ok here. 1118586207 M * hws123 how? 1118587080 M * Pazzo FEEDBACK: upgraded some hosts [p4 2.6G (HT) 2GB | p4 2.4G (non-HT) | p3 1,0G 1GB | P3 800Mhz 256MB | Sempron 2400+ 1GB] to run a vanilla-based 2.6.11.11-vs2.0-rc4-i686-smp on Debian Sarge with util-vserver from Debian SID: everything is running fine! 1118587291 M * Pazzo ehm... and a P3 1,2Ghz with 768MB :) 1118587525 M * hws123 how many vservers are you running? 1118588293 M * daniel_hozac hws123: s/%h/%{X-Forwarded-For}i/ in the combined LogFormat. 1118588310 Q * rs Quit: rs 1118588586 M * hws123 ok thanks 1118588608 M * hws123 but that won't give the users inside the vserver the real ip addresses in their php etc. scripts 1118588616 M * daniel_hozac true. 1118588634 M * daniel_hozac but proper scripts know how to deal with X-Forwarded-For >:) 1118588659 J * Val ~val@v41.ath.cx 1118588668 M * Val hi :) 1118590374 Q * hws123 Quit: Leaving 1118591572 J * shuri sjnesjd@64.235.209.226 1118593757 J * eXplasm2 explasm@p549F6838.dip.t-dialin.net 1118593797 J * yarihm ~yarihm@217-162-204-252.dclient.hispeed.ch 1118593808 Q * eXplasm Ping timeout: 480 seconds 1118593826 Q * yarihm Quit: 1118594127 J * yarihm ~yarihm@217-162-204-252.dclient.hispeed.ch 1118595773 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr 1118596031 N * Bertl_oO Bertl 1118596081 M * Bertl evening folks! 1118596221 M * matti Hello Bertl, what's up? 1118596380 M * Bertl nothing unusual ... (most servers ;) 1118596489 M * matti :) 1118596772 M * eyck which one is down? 1118596790 M * Bertl my home server is currently down ;) 1118596806 M * Bertl but on purpose ;) 1118596970 M * matti http://www.tomsnetworking.com/News_story_1024.php 1118597305 J * erwan_ho ~erwan@konilope.dyndns.org 1118597514 M * Bertl matti: hmm, but it isn't april the 1st? 1118597563 M * matti Hm... 1118597599 M * matti I don't look at the date, damn. Probably you're right, sorry. 1118597788 M * Bertl you actually believed it? cool! 1118597828 Q * romke Quit: Lost terminal 1118598077 M * matti Bertl: Believed? I just consider this as quite intersting. I not make believes in everything. 1118598104 M * Bertl yeah, would really be 'quite' interesting ... 1118598208 M * matti Ehhh, sorry. I'll never past URL again :) 1118598256 M * Bertl no, please keep pasting intersting urls ... 1118598264 M * Bertl we appreciate it ... 1118598306 J * fwiffo ~mmrnmrhm@p5499E528.dip.t-dialin.net 1118598309 M * fwiffo rehi 1118598316 M * Bertl wb fwiffo! 1118598530 M * fwiffo so is there a possible way to set the iface to something other than eth* with the possibility to masquerade to eth*? 1118598597 M * Bertl hmm .. parse error ;) 1118598644 M * fwiffo means no? 1118598658 M * Bertl means: I didn't understand the question ;) 1118598670 M * fwiffo or should i write my sentence in pcre? 1118598717 M * fwiffo oh, that was regarding the problem discussed yesterday (or the day before yesterday?) 1118598755 M * Bertl my elephant is on vacation, and my memory isn't the best, I guess :) 1118598765 M * fwiffo np 1118598834 M * fwiffo i just woke up, so i'm a bit dizzy reght now... 1118598841 M * fwiffo s/reg/rig/ 1118598947 M * fwiffo k, to refresh your memary: 1118598960 M * fwiffo argh, typing is very difficult... 1118599066 M * fwiffo i have for example eth0 on the host, which i don't want to touch 1118599095 M * fwiffo and, say, 5 vservers 1118599167 M * fwiffo and i want to filter all of these vservers with iptables 1118599231 M * fwiffo so these should listen/connect to virtual interfaces 1118599239 M * fwiffo like tap* for example 1118599330 M * fwiffo memory refreshed? ;-) 1118599341 M * Bertl well, that is possible, if the packets 'arrive' on such a tun/tap device 1118599416 M * fwiffo means? 1118599438 M * Bertl if you use qemu or uml or soemthing like that, the output can come from a tun/tap device 1118599455 M * Bertl and you can process it inside a vserver via those devices 1118599518 M * Bertl similar for example with vlan devices 1118599533 M * Hollow hey Bertl 1118599560 M * fwiffo yeah, tun/tap was just an example 1118599599 M * Bertl hey Hollow! 1118599606 M * Hollow i had a strange problem today... vserver ... stop gave me a sync timeout, and it was fixed by putting "#!/bin/true" into /etc/vservers/.default/apps/vshelper-delegate/shutdown (DaPhreak told me this hack..) 1118599613 M * fwiffo usually to be able to filter you have to set up the device to the ip your host will have 1118599623 M * Bertl Hollow: with 2.0-rc4 ? 1118599626 M * Hollow yup 1118599647 M * Bertl did you disable the legacy config? 1118599654 M * Hollow the legacy api? 1118599658 M * Bertl yup 1118599664 M * Hollow no, it's enabled 1118599677 M * Bertl and you're sure that it is 2.0-rc4 ? 1118599683 M * Hollow yup 1118599708 M * Hollow CONFIG_VSERVER=y 1118599712 M * Hollow CONFIG_VSERVER_SECURITY=y 1118599716 M * Hollow CONFIG_VSERVER_LEGACYNET=y 1118599720 M * Hollow # Linux VServer 1118599724 M * Hollow CONFIG_VSERVER_LEGACY=y 1118599728 M * Hollow # CONFIG_VSERVER_NGNET is not set 1118599732 M * Hollow CONFIG_VSERVER_PROC_SECURE=y 1118599736 M * Hollow CONFIG_VSERVER_HARDCPU=y 1118599739 Q * rs Ping timeout: 480 seconds 1118599740 M * Hollow # CONFIG_VSERVER_HARDCPU_IDLE is not set 1118599744 M * Hollow CONFIG_VSERVER_DEBUG=y 1118599744 M * Hollow CONFIG_VSERVER_HISTORY=y 1118599745 M * Hollow CONFIG_VSERVER_HISTORY_SIZE=64 1118599745 M * Hollow zeus portage # uname -a 1118599745 M * Hollow Linux zeus 2.6.11.11-vs2.0-rc4 1118599812 M * Bertl strange, because it does not use the startup/shutdown helper when in legacy mode .. 1118599835 M * Hollow i.e. i can disable legacy? 1118599859 M * Bertl no you should not, until new (non legacy capable) tools are available 1118599867 M * Hollow ok.. 1118599893 M * Hollow the timeout is in waitForSync 1118599894 M * Bertl let me check the source code ... 1118599897 M * Hollow in vserver.stop 1118599899 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr 1118599925 M * Bertl welcome rs! 1118600000 M * Bertl Hollow: do you get any kernel logging? 1118600005 M * Hollow no 1118600074 M * Bertl could you replace the true by false and try again? 1118600149 M * Hollow yup but dinner first.. cu 1118600162 M * Bertl cya 1118600166 M * fwiffo c'ya 1118600187 M * fwiffo so, any better method than tun/tap 1118600218 M * fwiffo i've used uml before and i don't want to use it again, because it's too slow 1118600247 M * fwiffo s/p$/&?/ 1118600265 M * Bertl as I said, it depends on a terminating interface connection 1118600274 M * Bertl its nothing linux-vserver can provide 1118600304 M * Bertl if you _have_ a separate interface which terminates your 'virtual' connection, then linux-vserver guests can use the IP assigned to that 1118600307 M * fwiffo yep, sure, because it uses the interfaces the host provides 1118600343 M * Bertl uml style interfaces will be provided by ngnet in the future 1118600347 M * fwiffo yepyep, i achieved this using ethertap 1118600368 M * fwiffo yeah, tried that, but it's "a bit" broken ;-) 1118600385 M * Bertl yes, it's broken right now 1118600418 M * fwiffo so, any other method to get this working without ngnet? 1118600429 M * Bertl not that I know of ... 1118600446 M * Bertl otherwise we would not work on ngnet I guess 1118600455 M * fwiffo there was this "nat of local connections" where did it vanished? 1118600474 M * Bertl that is still in the kernel 1118600492 M * fwiffo huh? but not in 2.6.11 O_o 1118600524 M * fwiffo grep'ed the sc and found nothing... 1118600597 M * Pazzo hi Bertl! 1118600641 M * Bertl fwiffo: hmm, not explicit, but should work, especially with the bridge/ebt tables and the redirect targets 1118600641 M * fwiffo hrm, mom, checking changelogs... 1118600653 M * Bertl hey Pazzo! 1118600675 M * fwiffo with bridging? O_o 1118600699 M * Pazzo did you read my "feedback"? installed vs2.0-rc4 on some completely different hosts... 1118600741 M * Bertl yep, thanks! 1118600802 M * fwiffo k, that could be solved i think... 1118600830 M * fwiffo is there a way to specify different gateways for vservers? 1118600844 M * Bertl yes 1118600853 M * Bertl advanced multitable routing allows for that 1118600867 M * fwiffo sheeesh, that's what i wanted to avoid 1118600908 M * Bertl well, the 'real' question IMHO is, what do you want to accomplish in the first place? 1118600949 M * Bertl most folks coming from UML first ask for the 'virtual' interfaces 1118600968 M * Bertl and after some time, they figure that those interfaces are not really required 1118600995 M * fwiffo because usually you have several ip's on a real iface? 1118601008 M * Bertl not necessarily ... 1118601020 M * fwiffo or several real interfaces? 1118601023 M * fwiffo ;-) 1118601054 M * fwiffo i already got the vserver to bind processes to a ethertap device 1118601076 M * Bertl even for folks with a bunch of vservers on _private_ ips and a single dialup ethernet connection, virtual interfaces are _not_ required ;) 1118601107 M * fwiffo and what would be the solution with this? 1118601120 M * Bertl simple nat 1118601181 M * fwiffo yeah, snat/dnat works, right... 1118601186 M * fwiffo but i want dynamic nat 1118601198 M * Bertl dynamic means? 1118601212 M * fwiffo something like masquearading ;-) 1118601225 M * Bertl why? 1118601234 M * Bertl there is simply nothing to masquerade?! 1118601245 M * Doener` hm, yet another .11.y release 1118601250 M * Doener` evening folks 1118601254 N * Doener` Doener 1118601255 M * fwiffo moin doener 1118601333 M * fwiffo yeah, and how do you want to get vservers' connection to the outbound iface? 1118601360 M * fwiffo if there's already a gw set _and_ you don't want advanced routing? 1118601388 M * Bertl hey Doener! 1118601407 M * Bertl fwiffo: look, if you have a single public ip, with a gateway 1118601437 M * Bertl and you use that public ip for internet connections, what kind of 'masquerading' do you ahve to do for that ip? 1118601488 M * Bertl (not for any private ips, just for the public) 1118601504 M * fwiffo yeah, you _should_ not need it... 1118601529 M * fwiffo but if you want to get outside you have to use (for example): 1118601578 M * fwiffo ping -I 1118601619 M * fwiffo so, i have to set up two ifaces for vserver, and the eth0 thingy with nodev, right? 1118601629 M * Bertl why? 1118601642 M * Bertl I mean, why do you think you need that? 1118601670 M * Bertl --interface hansi=dummy0:192.168.0.2/24 1118601676 M * Bertl and a nat rule like: 1118601701 M * Bertl iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -SNAT --to 1118601711 M * Bertl will probably do everything you want ... 1118601719 M * eyck what is dummy0? 1118601742 M * fwiffo eyck: a "/dev/null" interface ;-) 1118601775 M * fwiffo something which is used eg. for dod on ppp connections 1118601777 M * eyck cool, if it's /dev/null then what it's doing in forwarding chain? 1118601781 Q * rs Read error: Connection reset by peer 1118601788 M * eyck fwiffo: this in 2.6 feature? 1118601803 M * Bertl eyck: no, and it's not used in my example at all ;) 1118601805 M * fwiffo imho yes 1118601821 M * eyck ok, tnx 1118601830 J * rs ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr 1118601953 M * fwiffo Bertl: okay, i think we talked at cross purposes - i'll get back to the question after breakfast and a cigarette ;-) 1118601962 M * Bertl k 1118602102 M * Pazzo why do "irq 11: nobody cared! .... Disabling IRQ #11" errors happen? 1118602119 M * Bertl because of broken bioses 1118602179 M * Pazzo hmmm... and how to avoid them? 1118602203 M * Bertl hmm, buy quality boards with a good bios? 1118602358 Q * rs Read error: Connection reset by peer 1118602388 J * rs_ ~rs@Laubervilliers-151-13-4-57.w82-127.abo.wanadoo.fr 1118602424 M * eyck which are those? 1118602604 M * Bertl hmm, intel server boards for example 1118602642 M * FaUl serverworks? 1118603202 Q * Doener Ping timeout: 480 seconds 1118603780 M * Pazzo 2.6.11.12-vs2.0-rc4 up and running 1118603790 J * Doener ~doener@p54877F10.dip.t-dialin.net 1118603962 M * fwiffo damnit... 1118603965 M * fwiffo rehi 1118604002 M * fwiffo that problem was because of the icmp echo's *g* 1118604062 M * fwiffo that cisco thingy didn't allow it ;-) 1118604098 M * fwiffo hehe, and i always tested using icmp echo requests 1118604124 M * fwiffo but thatkns for your help anyway ;-) 1118604440 M * Hollow Bertl: http://phpfi.com/65601 1118604477 M * Hollow this is without 1118604487 M * Hollow without shutdown script 1118604513 M * Hollow ehm 1118604516 M * Hollow wait 1118604568 M * Doener Hollow: hm, any limits on that vserver? 1118604582 M * Hollow Doener: just default configuration 1118604596 M * Hollow build -m skeleton 1118604652 J * hwarrier hwarrier@adsl-67-112-26-96.dsl.snfc21.pacbell.net 1118604684 M * Hollow hm, even the hack doesn't work atm 1118605133 Q * hwarrier Ping timeout: 480 seconds 1118606055 M * Bertl hmm, funny ... back now ... 1118606781 Q * yarihm Quit: Leaving 1118607702 M * SiD3WiNDR okay, so there was no wifi in the hotel. 1118607775 M * Bertl :( 1118607847 M * Bertl Vudumen: you around? 1118607962 M * Vudumen Bertl: yes. hi :) 1118608275 M * SiD3WiNDR if a server has a high load average, is there a quick way to see which vserver is doing lots of io or so? 1118609809 M * mugwump if each vserver has its own LVM you can use lvmsar 1118609840 M * Bertl SiD3WiNDR: with 2.0? 1118610062 M * Bertl Doener: you around? 1118610072 M * Doener yep 1118610186 M * SiD3WiNDR Bertl: 1.2 :/ 1118610192 M * SiD3WiNDR 1.2.10 1118610324 M * Bertl hmm, not easy ... 1118610337 M * Bertl Doener: funny results with 2.0-rc4 and alpha 1118610353 M * Bertl Linux-VServer Test [V0.12] (C) 2003-2005 H.Poetzl 1118610353 M * Bertl chcontext is working. 1118610353 M * Bertl chbind is working. 1118610353 M * Bertl Linux 2.6.11.11-vs2.0-rc4 alpha/0.30.207/0.30.207 [Ea] 1118610353 M * Bertl VCI: 0002:0001 428 03110076 1118610355 M * Bertl --- 1118610358 M * Bertl [000]# succeeded. 1118610360 M * Bertl [001]# succeeded. 1118610363 M * Bertl [011]# failed. 1118610366 M * Bertl [031]# succeeded. 1118610368 M * Bertl [101]# succeeded. 1118610371 M * Bertl [102]# succeeded. 1118610373 M * Bertl [201]# failed. 1118610376 M * Bertl [202]# failed. 1118610393 M * Bertl it seems that the capability system is somehow broken 1118610399 M * Bertl (maybe just userspace side) 1118610483 M * SiD3WiNDR well, I can't find a reason why my load just went up 1118610486 M * SiD3WiNDR to 11 1118610496 M * Bertl btw, HR is promoting linux ;) 1118610500 M * SiD3WiNDR I entered all vservers with vserver .. enter, and ran top, nothing really running on anything :/ 1118610509 M * Doener HR? 1118610512 M * SiD3WiNDR HR? 1118610515 M * SiD3WiNDR Hewlett Rackard? ;) 1118610519 M * Bertl 'hessisches fernsehen' 1118610531 M * Doener ah :) 1118610562 Q * rs_ Quit: rs_ 1118610649 M * Doener hm, let's see where HR went... local cable tv provider has chosen to change all senders' frequencies... 1118610663 M * Bertl too late, it's already over now ;) 1118610704 M * Bertl vdr does keep my channels in sync ... 1118610810 M * Bertl okay, back to the alpha issues ... 1118611032 Q * erwan_ho Remote host closed the connection 1118611110 M * Bertl chbind(640): unaligned trap at 0000000120001afc: 00000200000000ea 2d 31 1118611115 M * Bertl interesting ... 1118611185 M * Doener uhm... yeah... 1118611227 M * Doener that means? 1118611244 M * Bertl well no idea (but I have a few theories ;) 1118611254 M * Doener d'oh! 1118611264 M * Bertl okay, I know what it means ... but not why we get that 1118611267 M * Doener i just realized that you meant alpha arch, not tools... 1118611275 M * Bertl hehe :) 1118611290 A * Doener is still a little drunk from yesterday's party... 1118611308 M * aba which party? 1118611308 M * Bertl isch dash sho? 1118611449 M * Doener village fair... 1118612222 M * DaPhreak lo guyes 1118612237 M * DaPhreak s/guyes/guys/ ;P its a bit late 1118612271 M * Bertl hmm, is it? 1118612282 M * DaPhreak not for you ;) 1118612405 M * DaPhreak hmm .. what exactly is causing the tools to offend about version mismatch, since i'm experiencing it currently with .205 and -rc4 1118612428 M * Bertl huh? please provide details 1118612447 M * DaPhreak well what do you need ?! :) 1118612461 M * Bertl output of testme.sh? 1118612469 M * DaPhreak second 1118612595 M * DaPhreak here you go: http://phpfi.com/65634 1118612603 M * DaPhreak looks a bit weird for me 1118612851 M * Bertl okay, let's try with testme.sh -vv 1118612871 M * Bertl this looks indeed a little weird ... 1118612980 M * DaPhreak -vv: http://phpfi.com/65636 1118613027 M * Bertl okay, looks like 'just' broken tools 1118613081 M * Bertl .204 or .207 should work 'fine' 1118613114 M * DaPhreak well .205 worked fine before :) just did a reinstall (of the tools) 1118613142 M * DaPhreak ok. i'm gonna install .204/207 and report back :) 1118613155 M * DaPhreak Bertl: thanks a lot ;) 1118613160 M * Bertl np 1118613933 M * Bertl hmm, the tools still keep confusing me ... 1118613985 M * DaPhreak heh 1118614048 M * Bertl Doener: http://phpfi.com/65638 1118614064 Q * fwiffo Quit: thanks for the help 1118614289 M * Doener what's the easiest way to translate the VCMD_XX_X? 1118614300 M * Bertl good question ... 1118614316 M * Bertl seems like I have to 'enhance' the debug output there ... 1118614322 M * Bertl basically it's like this: 1118614335 M * Bertl VCMD_09 -> switch.h 1118614346 M * Bertl 9 -> VPROC 1118614362 M * Bertl VCMD_ctx_create_v0 VC_CMD(VPROC, 1, 0) 1118614365 M * Bertl VCMD_ctx_create VC_CMD(VPROC, 1, 1) 1118614383 M * Bertl it was 1[0] -> VCMD_ctx_create_v0 1118614397 M * Doener ah, switch.h :) 1118614438 M * Bertl -> switch.c case VCMD_ctx_create_v0: 1118614452 M * Bertl return vc_ctx_create(id, NULL); 1118614494 M * Bertl but eyck still hasn't finished the debug parser *G* :) 1118614614 M * Bertl no, seriously, I'll write a few tools to interpret such output in the near future ... 1118614643 M * Bertl (maybe I can even integrate the interpretation into the debug routine) 1118614673 M * Doener hm, what confuses you? the mass of version checks? 1118614707 M * Bertl no, where happens the bcaps dropping? 1118614723 M * Bertl VCMD_set_ccaps() no? 1118614856 M * Doener vxD: vc: VCMD_52_4[0], 45678,7ffffcc0,0 1118614917 M * Bertl yeah, so this is called, now let me upload the alpha version 1118614956 M * Bertl http://phpfi.com/65641 1118614997 M * Bertl looks pretty much the same to me ... 1118615038 M * Bertl http://phpfi.com/65642 (here now complete) 1118615118 M * Bertl but vc_set_caps doesn't 'apply' the bcap limit, no? 1118615156 M * Bertl that happens in vx_mask_bcaps 1118615219 M * Bertl which, to my suprise is called in vx_migrate_task() and vc_set_cflags() 1118615238 M * Bertl ah, yes in flags at the setup, right 1118615340 M * Bertl ah, and that is the solution! 1118615344 M * Doener hu? 1118615348 M * Bertl # chcontext --secure --ctx 45678 cat /proc/self/status | grep ctx 1118615351 M * Bertl ctxflags: 202000000 1118615355 M * Doener VXF_STATE_SETUP is missing or what` 1118615359 M * Bertl (on qemu/x86) 1118615366 M * Bertl # chcontext --secure --ctx 45678 cat /proc/self/status | grep ctx 1118615366 M * Bertl ctxflags: 300000000 1118615369 M * Bertl on alpha 1118615670 M * Bertl now unfortunately we have no debug output regarding the flags yet 1118615764 J * rs ~rs@imhotep.rhapsodyk.net 1118615771 M * Bertl evening rs! 1118615779 M * rs evening 1118616449 Q * Val Quit: zZz 1118616763 Q * rs Quit: rs 1118617140 M * Bertl 2.6.11.12 is out, yay! 1118617427 M * Bertl kernel compiling on the alpha takes ages_ 1118617459 M * Bertl and it seems to recompile everything ... each time 1118617900 M * Zoiah Bertl: ccache! 1118617954 M * Bertl yeah, probably a good solution, I'm just used to the kernel build system being _very_ efficient (on non alpha platforms ;) 1118618183 Q * shuri Read error: Connection reset by peer 1118618206 M * Bertl Zoiah: and it really depends ... 1118618244 M * Bertl if the smart alpha folks had some idea like putting the build time in each and every object file, then ccache is pretty useless, no? 1118618600 M * Zoiah Well, yes. 1118618612 M * Zoiah The preprocessed output must be equal. 1118618642 J * Aiken ~james@tooax7-087.dialup.optusnet.com.au 1118618790 M * Bertl evening Aiken! 1118618837 M * Aiken hello 1118618855 M * Aiken rh62 -> Linux barney.bedrock 2.4.30-vs1.2.10 #1 Mon Jun 13 08:31:28 EST 2005 i686 unknown 1118618884 M * Aiken installing the .30 tools as a rpm has not been straight forward 1118619017 M * Bertl hmm, there is a rh62 rpm? 1118619029 M * Aiken the spec file in the tar ball 1118619046 M * Aiken should be able to be used to make an rpm 1118619073 M * Bertl yeah, but you need to know how to 'adjust' it (that's what the distro maintainers do ;) 1118619096 M * Aiken I ended up using make DESTDIR=/tmp/uv install then making my own spec file for the binary files 1118619119 M * Bertl looks like you are _not_ a maintainer ;) 1118619121 M * Aiken setting up a test vserver now to see if I have been wasting my time or not 1118619172 M * Aiken I had set the spec file to what I wanted but the 3.X series rpm would not make the rpm for me :( 1118619286 A * Aiken is happy, it works 1118619352 M * Aiken apart from having to change #!/bin/bash to #!/bin/bash2 in it was relatively painless 1118619370 J * rs ~rs@imhotep.rhapsodyk.net 1118619560 M * Aiken if I had not bothered with a rpm and just done a make install I would have had this running last night instead if this morning 1118619606 M * Bertl yeah, guess so ... 1118620065 J * Aiken_ ~james@tooax6-248.dialup.optusnet.com.au 1118620076 Q * Aiken Ping timeout: 480 seconds 1118620080 M * Bertl wb Aiken_! 1118620150 M * Aiken_ :( 1118620168 M * Aiken_ something bad happened 1118620191 M * DaPhreak typed rm -rf / ?! :) 1118620217 M * Aiken_ not for 10 or 11 years 1118620241 M * Aiken_ and when I did I also lost windows as I had it mounted at the time 1118620252 M * Aiken_ you learn never to do that again 1118620382 M * Aiken_ I think when I did vserver betty stop I also lost processes on the host 1118620413 M * Bertl hmm, how so? 1118620421 M * Bertl did sshd stop working? 1118620463 M * Aiken_ my telnet session to the machine stopped working, squid stopped responding 1118620496 M * Aiken_ my raid 5 set will stop resyncing in 50 minutes :( 1118620523 M * Bertl telnet? 1118620541 M * Bertl well, what I assume that happened is the following: 1118620562 M * Aiken_ private network, who is going to be able to sniff passwords? 1118620568 M * Bertl your configuration is a little unfortunate, and the guest did take down your main interface ;) 1118620584 M * Bertl well, not the guest, but the tools to be precise ... 1118620587 M * Aiken_ that is possible