1182384299 Q * coderanger_ Ping timeout: 480 seconds
1182384527 M * fullsick Bertl: about my question yesterday in regards to the host leaving lockfiles behind in /tmp when vservers are started and then stopped...any idea?
1182384583 M * fullsick I noticed with vserver on my debian box everything is great, but on my boxes with a manually compiled kernel and util-vserver placed in /usr/local/* I get this problem
1182384632 M * Bertl sounds strange (as I said) maybe talk to daniel_hozac? btw, what version?
1182385498 M * fullsick 2.6.20.4-vs2.2.0, util-vserver-0.30.212
1182385574 M * fullsick there are no lockfiles in /tmp when the vserver is started... but two appear when it is stopped
1182385586 M * fullsick i.e vserver-lock.K31154  vserver-lock.y31039
1182385746 M * fullsick oh, and also get the msg "lockfile: open(<lockfile>): No such file or directory" appear
1182385785 M * fullsick before the vserver shutdown scripts are run, and again at the end of the last script running
1182385940 M * Bertl could you try a more recent version for me?
1182385945 M * Bertl e.g. 0.30.213?
1182385983 M * Bertl btw, if you want them to go to /usr instead of /usr/local, just specify --prefix= when building
1182386551 M * fullsick sure ill try the new version...and i specified /usr/local/, although i wonder why lockfiles go in /tmp not /var/lock ?
1182386588 M * Bertl no idea, personally I consider that a bug, the interesting thing is that I do not see that behaviour here
1182386609 J * DoberMann_ ~james@AToulouse-156-1-105-4.w90-30.abo.wanadoo.fr
1182386718 Q * DoberMann[ZZZzzz] Ping timeout: 480 seconds
1182386858 M * fullsick ive run with the --debug flag and see the steps in creating/removing the lockfile... when i perform them manually the lockfile dissappears as expected
1182386972 M * Bertl is this with 0.30.213?
1182386990 M * fullsick no sorry 0.30.212 my existing version
1182386994 M * fullsick im doing .213 now...
1182386998 M * Bertl ok, np
1182387310 M * fullsick well whadd'ya know... the new version works!
1182387320 M * Bertl excellent!
1182387324 M * fullsick no more lockfiles left behind
1182387333 M * Bertl the way it should be! :)
1182387346 M * fullsick excellent stuff, thanks for the help!!
1182387352 M * Bertl you're welcome!
1182387497 Q * cedric Quit: cedric
1182387991 Q * fatgoose Quit: fatgoose
1182388150 Q * Vudumen Remote host closed the connection
1182388953 J * Vudumen 38a2067488@perverz.hu
1182389028 J * fatgoose ~samuel@204.19.247.184
1182389319 Q * Vudumen Remote host closed the connection
1182389993 J * Vudumen ~vudumen@perverz.hu
1182391846 Q * Piet Quit: Piet
1182392274 Q * Johnnie Ping timeout: 480 seconds
1182395187 J * Johnnie ~jdlewis@c-67-163-246-136.hsd1.pa.comcast.net
1182395261 J * FloodServ services@services.oftc.net
1182395630 Q * fatgoose Quit: fatgoose
1182397246 Q * bXi Remote host closed the connection
1182397254 J * bXi bluepunk@irssi.co.uk
1182400643 M * Bertl okay, off to bed now ... have fun!
1182400648 N * Bertl Bertl_zZ
1182400926 J * meandtheshell ~markus@85-124-37-10.dynamic.xdsl-line.inode.at
1182406873 Q * derjohn2 Ping timeout: 480 seconds
1182406973 J * derjohn2 ~aj@e180202019.adsl.alicedsl.de
1182407921 N * DoberMann_ DoberMann[PullA]
1182407936 J * yarihm ~yarihm@hg-public-dock-128-dhcp.ethz.ch
1182408146 J * DavidS david@chello062178045213.16.11.tuwien.teleweb.at
1182409045 M * harry damn... kernel panic'ed again :(
1182409061 M * harry 2.6.19.7-grsec-vserver kernel :(
1182409998 Q * sladen Ping timeout: 480 seconds
1182412675 Q * DavidS Quit: Leaving.
1182412734 M * matti Morning.
1182412745 M * matti harry: That's life.
1182413509 J * HeinMueck ~Miranda@host-88-217-199-211.customer.m-online.net
1182415901 M * meandtheshell matti: no, that's non formal verified software :)
1182415957 M * meandtheshell http://en.wikipedia.org/wiki/Coyotos
1182416491 M * Wonka lol
1182416504 M * Wonka try and prove linux correct...
1182417668 M * meandtheshell Wonka: I doubt that would work ;-]
1182417743 M * meandtheshell However, as of now, there is no single OS that I would name "modern" - also, Linux just happened somehow ;)
1182417819 Q * lylix Read error: Connection reset by peer
1182417956 J * lylix ~eric@dynamic-acs-24-154-33-109.zoominternet.net
1182418746 M * harry fiiiiiiiiiiiiiixed
1182418814 J * cedric ~cedric@80.70.39.67
1182419585 J * chand ~chand@212.99.51.254
1182419931 M * mjt fixed.. what?
1182419989 J * bzed ~bzed@wireless-3-171.internal.dc7.debconf.org
1182421506 J * lilalinux ~plasma@dslb-084-058-194-179.pools.arcor-ip.net
1182421694 Q * meandtheshell Quit: Leaving.
1182422256 Q * yarihm Quit: Leaving
1182423657 Q * mjt Ping timeout: 480 seconds
1182424178 J * mjt ~mjt@nat.corpit.ru
1182424444 Q * mountie Ping timeout: 480 seconds
1182424838 M * matti mjt: He is talking to himself.
1182424869 M * matti mjt: harry is a bit crazy. Like old mad scientist.
1182425869 Q * mire Quit: Leaving
1182426676 M * waldi hrm, I should finaly take a look at the sparc problem
1182426689 M * waldi the machine died again in an oom loop
1182426995 M * matti I've a solution for you.
1182426995 M * matti ;]
1182426999 M * matti But x86 ;p
1182427006 M * matti s/But/Buy/
1182427331 J * pmenier ~pmenier@LNeuilly-152-22-72-5.w193-251.abo.wanadoo.fr
1182427908 J * sladen paul@starsky.19inch.net
1182428199 J * mountie ~mountie@CPE000f66950c89-CM000a739acaa4.cpe.net.cable.rogers.com
1182429053 Q * chand Ping timeout: 480 seconds
1182429251 Q * Aiken Quit: Leaving
1182429267 Q * sladen Remote host closed the connection
1182429471 M * mjt there's another solution.  Add more memory.  More.  MORE.  MORE!!!!
1182429560 M * daniel_hozac micah: awesome, thanks!
1182429633 J * ema ~ema@rtfm.galliera.it
1182430786 M * HeinMueck Hi all! Is there an opposite to the initialize script, that is executed after everything is down with the configuration directory as the working directory?
1182430802 M * daniel_hozac like postpost-stop?
1182430844 M * HeinMueck Well, at least in the docs it says it has the vserver root as working directory
1182430877 M * HeinMueck which makes sense, as all pre have there post companions
1182430912 M * HeinMueck but initialize seems to be a quite lonley one :)
1182431075 M * daniel_hozac well, does the current working directory really matter?
1182431084 M * daniel_hozac you can change that quite easily ;)
1182431164 M * HeinMueck of course ;-) I just wanted to make sure I'm not missing something. Again. hehehe
1182431227 M * daniel_hozac the only thing that happens after postpost-stop is the removal of the cpuset.
1182431238 M * daniel_hozac which i don't think should matter...
1182431299 M * HeinMueck Reason I'm asking is that I have some vservers running from loop devices, which need to be mounted before start and unmounted after stop.
1182431330 M * HeinMueck so I found initialize for mounting them
1182431366 M * daniel_hozac if you're using namespaces, they should be unmounted implicitly.
1182431386 M * daniel_hozac or is it the destruction of the loop device you're after?
1182431445 M * HeinMueck jep, both, just getting rid of them
1182431915 M * HeinMueck I will try the namespaces - just found that loop devices will be killed anyway when not used anymore
1182432444 Q * FloodServ synthon.oftc.net services.oftc.net
1182432618 M * blizz is it possible to execute only the post-install script for a vserver? build failed, because the context already existed
1182432633 M * daniel_hozac hmm?
1182432634 M * blizz which raises another question, is there an auto incrementing xid counter somewhere?
1182432646 M * daniel_hozac sure.
1182432650 M * daniel_hozac at least with recent utils.
1182432947 Q * infowolfe galapagos.oftc.net synthon.oftc.net
1182432947 Q * fullsick galapagos.oftc.net synthon.oftc.net
1182432947 Q * hardwire galapagos.oftc.net synthon.oftc.net
1182432947 Q * coderanger galapagos.oftc.net synthon.oftc.net
1182432947 Q * Johnnie galapagos.oftc.net synthon.oftc.net
1182432947 Q * mugwump galapagos.oftc.net synthon.oftc.net
1182432947 Q * Rich_Estill galapagos.oftc.net synthon.oftc.net
1182432947 Q * micah galapagos.oftc.net synthon.oftc.net
1182432947 Q * dilinger galapagos.oftc.net synthon.oftc.net
1182432947 Q * mountie galapagos.oftc.net synthon.oftc.net
1182432947 Q * jkl galapagos.oftc.net synthon.oftc.net
1182432947 Q * AndrewLee galapagos.oftc.net synthon.oftc.net
1182432947 Q * phreak`` galapagos.oftc.net synthon.oftc.net
1182433092 J * mountie ~mountie@CPE000f66950c89-CM000a739acaa4.cpe.net.cable.rogers.com
1182433092 J * Johnnie ~jdlewis@c-67-163-246-136.hsd1.pa.comcast.net
1182433092 J * infowolfe ~infowolfe@c-24-10-147-179.hsd1.ut.comcast.net
1182433092 J * fullsick ~bob@203.176.96.250
1182433092 J * hardwire ~bip@rdbck-1961.wasilla.mtaonline.net
1182433092 J * coderanger ~coderange@c-65-96-210-168.hsd1.ma.comcast.net
1182433092 J * Rich_Estill ~restill@c-24-11-195-139.hsd1.mi.comcast.net
1182433092 J * dilinger ~dilinger@mail.queued.net
1182433092 J * mugwump ~samv@watts.utsl.gen.nz
1182433092 J * micah ~micah@micah.riseup.net
1182433092 J * AndrewLee ~andrew@flat.iis.sinica.edu.tw
1182433092 J * phreak`` ~phreak``@deimos.barfoo.org
1182433092 J * jkl jkl@c-67-173-253-237.hsd1.co.comcast.net
1182433291 Q * nox Remote host closed the connection
1182433406 J * nox ~nox@static.88-198-17-175.clients.your-server.de
1182434917 Q * s0undt3ch Ping timeout: 480 seconds
1182435630 J * sladen paul@starsky.19inch.net
1182435932 J * mire ~mire@252-171-222-85.adsl.verat.net
1182436062 Q * cedric Read error: Connection reset by peer
1182436121 J * cedric ~cedric@80.70.39.67
1182436256 Q * infowolfe Quit: Leaving
1182436769 J * FloodServ services@services.oftc.net
1182437277 N * Bertl_zZ Bertl
1182437287 M * Bertl morning folks!
1182437291 M * daniel_hozac morning Bertl!
1182437414 Q * cedric Read error: Connection reset by peer
1182437451 J * cedric ~cedric@80.70.39.67
1182437561 J * infowolfe ~infowolfe@c-24-10-147-179.hsd1.ut.comcast.net
1182437805 Q * cedric Read error: Connection reset by peer
1182437829 J * cedric ~cedric@80.70.39.67
1182438002 J * xeon` ~xeon@d57-2-134.home.cgocable.net
1182438253 J * fatgoose ~samuel@204.19.247.184
1182438256 M * fatgoose aloha
1182439585 Q * xeon` 
1182439697 J * eSa| ~kvirc@ip-87-238-2-45.adsl.cheapnet.it
1182439709 J * stefani ~stefani@tsipoor.banerian.org
1182441224 M * Bertl wb fatgoose! eSa|! stefani!
1182441511 M * stefani hola
1182441758 Q * ensc Ping timeout: 480 seconds
1182441759 N * nebuchad` nebuchadnezzar
1182441952 J * jakesol ~richardso@adsl-074-186-026-107.sip.mia.bellsouth.net
1182442415 Q * mire Quit: Leaving
1182442511 Q * zLinux Remote host closed the connection
1182442782 Q * HeinMueck Quit: Aah!
1182443020 M * baldy any1 here running nagios in a vps?
1182443027 M * baldy i cant install nagios plugins
1182443041 M * baldy compile stop at
1182443042 M * baldy checking for ICMP ping syntax...
1182443210 M * Bertl and? maybe check the logs?
1182443216 M * kaner thats configure
1182443577 Q * lilalinux Remote host closed the connection
1182444734 M * Hollow kaner: nagios wants to pin 127.0.0.1 during configure which is totally insane, workaround is to build it in a chroot, rather than a whole guest environment
1182444755 M * Bertl hmm, the ping should work, no?
1182444760 M * Hollow no..
1182444773 M * Hollow maybe it should, but it doesn't :)
1182444849 P * pmenier I am leaving
1182444883 M * Bertl Hollow: ah, you mean 127.0.0.1 explicitely, not just localhost?
1182444886 M * daniel_hozac yep.
1182444905 M * Bertl well, that should work with 2.3 when configured correctly
1182444913 M * Hollow Bertl: yep
1182444919 M * Bertl but I agree, that is not what folks have out there
1182445071 M * baldy i run -vs2.3.0.12 ;)
1182445121 M * Bertl baldy: then configure it properly :)
1182445124 J * yarihm ~yarihm@hg-public-dock-5-dhcp.ethz.ch
1182445158 M * Bertl baldy: i.e. set a loopback ip, and have it remapped
1182445170 M * daniel_hozac the remapping happens by default though, right?
1182445185 M * Bertl depends on the kernel config
1182445195 M * Bertl but you need to have the ip available on the host
1182445200 M * daniel_hozac yeah.
1182445206 M * Bertl (it isn't atomagically added yet)
1182445233 M * daniel_hozac in the kernel? or do you mean by the utils?
1182445242 M * Bertl neither :)
1182445258 M * Bertl I mean, neither the tools nor the kernel does that 
1182445266 M * daniel_hozac well, i was referring to the yet ;)
1182445269 M * Bertl I plan to let the kernel add it by default
1182445276 M * daniel_hozac oh, okay.
1182445297 M * Bertl we might even hide it from the host at some point
1182445309 M * Bertl (not sure about that though)
1182445324 M * daniel_hozac makes sense... would keep host daemons from interfering on it, no?
1182445337 M * Bertl yep
1182445424 Q * cedric Quit: cedric
1182445660 J * HeinMueck ~Miranda@dslb-088-064-024-129.pools.arcor-ip.net
1182445871 J * bonbons ~bonbons@2001:5c0:85e2:0:20b:5dff:fec7:6b33
1182446440 Q * ema Quit: leaving
1182446449 J * ensc ~irc-ensc@p54B4E9A7.dip.t-dialin.net
1182446520 J * DavidS ~david@217.19.46.18
1182446538 M * Bertl wb HeinMueck! bonbons! ensc! DavidS!
1182446571 Q * bzed Quit: Leaving
1182446592 J * bzed ~bzed@wireless-3-171.internal.dc7.debconf.org
1182446616 M * Bertl daniel_hozac: btw, I had a brief look through the changes we did since 2.0.3-rc2
1182446635 M * daniel_hozac okay. anything relevant for a -rc3?
1182446640 M * Bertl daniel_hozac: and the only (maybe) relevant stuff I found so far is the unhash fix
1182446654 M * Bertl and I'm not really sure we should rework that for 2.0.3
1182446659 M * daniel_hozac hmm, which unhash fix is that?
1182446665 M * Bertl http://vserver.13thfloor.at/Experimental/delta-unhash-fix02.diff
1182446679 M * daniel_hozac ah.
1182446690 M * daniel_hozac as i recall, 2.0.3 already has something like that.
1182446706 M * Bertl okay, even better, do you have anything worth adding?
1182446738 M * daniel_hozac  *  V0.12  have __create claim() the vxi
1182446746 M * Bertl if not, I simply rebias 2.0.3 to the most recent 2.6.16 and upload as rc3?
1182446765 M * daniel_hozac i can't think of anything, so that sounds good to me.
1182446806 M * DavidS yo Bertl!
1182446817 Q * bonbons Ping timeout: 480 seconds
1182447134 N * DavidS DavidS|Vienna
1182447308 J * bonbons ~bonbons@2001:5c0:85e2:0:20b:5dff:fec7:6b33
1182447719 Q * gerrit Ping timeout: 480 seconds
1182448476 M * harry website updated...
1182449091 M * harry real    180m16.663s
1182449091 M * harry user    164m11.950s
1182449091 M * harry sys     11m9.300s
1182449099 M * harry haha... kernel compiles can take a while :))
1182449114 M * daniel_hozac what kind of slowass machine is that? :P
1182449140 M * harry this system ... where my irc is running :)
1182449149 M * harry System is 1112 kB
1182449154 M * harry pretty small kernel too :)
1182449161 M * harry p200, 64 meg ram ;
1182449162 M * harry :)
1182449255 Q * harry Quit: newest, latest and ... greatest!
1182449521 J * meandtheshell ~markus@85.127.108.76
1182449580 M * Bertl hmm, can't compete with my 90Mhz pentium with 14M ram :)
1182449642 M * Bertl (should be 16M, but the bios took 2 of them :)
1182449650 M * meandtheshell lol
1182449684 J * harry ~harry@d54C2508C.access.telenet.be
1182449714 M * meandtheshell I got 1GB RAM here but will upgrade soon since I am used to have a lot of apps open at the same time - they suck up RAM like a dessert does with water :)
1182449764 M * meandtheshell will buy this thingy http://www.deltacomputer.de/produkte/promos/FL_opteron_workst.shtml 
1182449768 M * Bertl you must be running open office and firefox then :)
1182449779 M * meandtheshell iceweasel
1182449788 M * meandtheshell and pidgin and and and ...
1182449797 M * harry blah... hippycrap
1182449825 M * Bertl at least I know pidgin, what is iceweasel?
1182449858 M * harry Bertl: firefox
1182449860 M * harry but...
1182449870 M * harry firefox says: you have to use the firefox icon with firefox
1182449875 M * meandtheshell http://en.wikipedia.org/wiki/IceWeasel
1182449878 M * harry debian hippies say: that's not free!!!!
1182449893 M * harry so they took source, recompiled it with their own icon
1182449893 M * meandtheshell harry: hippies are cool :)
1182449901 M * harry meandtheshell: they must die
1182449921 M * harry so now... iceweasel is firefox with another icon, just because they say: it has to be completely free
1182449924 M * harry i hate them for that!
1182449929 J * gerrit ~gerrit@bi01p1.co.us.ibm.com
1182449931 M * daniel_hozac well, it's true.
1182449942 M * daniel_hozac Mozilla has to okay any patch applied to firefox.
1182449950 M * daniel_hozac or you cannot call it firefox.
1182449953 M * meandtheshell harry: whatever ...
1182449970 M * daniel_hozac which is quite limiting if you're a distributor...
1182449980 M * Bertl yeah, branching makes sense there
1182449982 M * meandtheshell I don't care as long as I can put 16GB RAM into my workstation
1182449982 M * harry daniel_hozac: it's crap
1182450012 M * harry how else can you keep your code a bit clean?
1182450019 M * harry if everyone wrecks it...
1182450031 M * Bertl harry: like you do? :)
1182450035 M * harry if i started redistributing completely messed up patches of vserver
1182450040 M * harry and get linuxvserver.org
1182450045 M * harry start redistributing it
1182450055 M * harry Bertl: yeah!
1182450056 M * harry ;)
1182450075 M * harry it would have been better that Bertl never allowed me to call it vserver
1182450095 J * coderanger_ ~laptop@wireless-19-103.media.mit.edu
1182450098 M * daniel_hozac have you missed the whole free software concept? :P
1182450102 M * harry ps. am i that bad a coder, Bertl ? ;)
1182450112 M * harry hmm... patch merger... let's not get to coding :)
1182450113 M * meandtheshell hvs - harry-vserver
1182450144 M * harry daniel_hozac: i get it to some point
1182450153 M * harry but you can't keep bitching on everything
1182450161 M * harry they are partially right tough...
1182450163 M * meandtheshell mhvswcot - mighty-harry-vserver-with-cerry-on-top
1182450165 M * meandtheshell :)
1182450215 M * harry meandtheshell: call it: Bertl, spender and pipacs-cocktail
1182451149 M * Bertl harry: no icing on the top?
1182451189 M * harry Bertl: just a tiny bit...
1182451233 M * harry if too much, then it would seem like i do a tough job on it... and i don't , especially not compared to what you guys do
1182451278 M * Bertl well, folks love your patch combos, so you must be doing something right :)
1182451300 M * harry true... 
1182451307 M * harry even i use them... so they can't be all that bad :)
1182451336 M * harry that's probably the way you let me call it vserver too ;)
1182451361 M * harry are there a lot of grsec-related problems here actually?
1182451372 M * harry not that i'm aware off it seems, but i'm not allways following here
1182451375 M * daniel_hozac just people who don't follow your README...
1182451391 M * daniel_hozac IME, anyway.
1182451394 M * harry do you have any idea what percentage of people using vserver use grsec pat too?
1182451414 M * daniel_hozac do we even know how many people use vserver? :)
1182451419 M * harry hehe
1182451420 M * harry no
1182451428 M * harry would be nice to have a clue tough, wouldn't it
1182451544 M * neuralis a million or so, by the end of the year ;)
1182451562 M * harry hehe
1182451570 M * harry that's 1 in 1000...
1182451582 M * harry not bad :p
1182451613 M * harry i think i have about 10 servers with vserver kernel running
1182451620 M * harry (and x guests off course)
1182451645 Q * jakesol Read error: Connection reset by peer
1182451660 A * harry dishes :(
1182451893 Q * yarihm Ping timeout: 480 seconds
1182451924 Q * fatgoose Quit: fatgoose
1182452027 M * DavidS|Vienna i am responsible for ~2000 vserver users
1182452036 M * DavidS|Vienna no grsec though
1182452171 M * daniel_hozac users, or servers?
1182452180 M * daniel_hozac (i.e. guests or hosts)
1182452295 M * Bertl maybe really 'users' :)
1182452691 Q * HeinMueck Quit: Aah!
1182453179 N * DoberMann[PullA] DoberMann
1182453234 J * jakesol ~richardso@adsl-074-186-026-107.sip.mia.bellsouth.net
1182453297 M * jakesol anything wrong with the linux-vserver mailing list?
1182453305 M * daniel_hozac nope.
1182453340 M * daniel_hozac at least, i just got messages from there a couple of minutes ago.
1182453350 M * jakesol ok, thanks.
1182453414 M * daniel_hozac (i even replied to your email)
1182453799 M * jakesol to the email I sent in relation on creating a guest CentOS 5 vserver?
1182453818 M * daniel_hozac right.
1182453960 J * dna ~naucki@121-198-dsl.kielnet.net
1182454330 M * jakesol can you send that email again?
1182454377 M * daniel_hozac it's probably on its way. the list takes some time sometimes, as does my mail.
1182454391 M * jakesol ok, thx
1182454399 M * Bertl jakesol: give it some time or check the online archives (sladen's)
1182454429 M * daniel_hozac (http://archives.linux-vserver.org/200706/date.html)
1182454447 J * Johnsie ~jdlewis@c-67-163-246-136.hsd1.pa.comcast.net
1182454733 J * yarihm ~yarihm@84-75-109-39.dclient.hispeed.ch
1182455304 Q * Johnsie Ping timeout: 480 seconds
1182455329 Q * Johnnie Ping timeout: 480 seconds
1182455426 M * DavidS|Vienna yeah, real users (humans ;) .. alltogether 5 hosts with ~70 guests
1182455559 M * Bertl daniel_hozac: see, I always said 'those humans really exist!' :)
1182455592 M * daniel_hozac haha.
1182455863 J * Johnsie ~jdlewis@c-67-163-246-136.hsd1.pa.comcast.net
1182455886 J * Johnnie ~jdlewis@c-67-163-246-136.hsd1.pa.comcast.net
1182455904 Q * jakesol 
1182456406 Q * Johnnie Ping timeout: 480 seconds
1182456416 Q * Johnsie Ping timeout: 480 seconds
1182456420 N * DoberMann DoberMann[PullA]
1182456439 M * Bertl 0000000000-
1182456468 M * Bertl soory, never vacuum your keyboard when online :)
1182456481 M * daniel_hozac hehe
1182456646 M * bXi 27229 root      25   0   120   44   28 R  100  0.0  15094:42 vcontext
1182456654 M * bXi is this normal ?
1182456664 M * bXi ooh
1182456670 M * bXi its taking 100% cpu :?
1182456682 M * bXi thought i copied the headers
1182456686 M * daniel_hozac update your utils.
1182456750 M * Bertl (or get a few more of those cpus :)
1182456797 M * bXi is it really using 100% cpu ?
1182456801 M * daniel_hozac yes.
1182456801 M * bXi or just saying thath
1182456974 M * bXi oh btw
1182456996 J * Johnsie ~jdlewis@c-67-163-246-136.hsd1.pa.comcast.net
1182457005 M * bXi the vserver kernel is being sold with a server distro 
1182457008 J * James ~jltaylor@64.232.166.41
1182457014 M * daniel_hozac cool, which one?
1182457020 M * bXi syn-3
1182457030 M * daniel_hozac never heard of it...
1182457037 M * bXi made by a dutch company called datux
1182457037 N * James Guest30
1182457044 Q * Johnsie 
1182457045 M * bXi their fairly new 
1182457053 M * bXi but the product they make is pure genius
1182457062 M * bXi i used to work with them like half a year ago
1182457086 M * bXi they have all kinds of modules
1182457090 M * bXi like a voice module
1182457109 M * Guest30 I'm looking for paid support for installing vserver
1182457113 M * bXi if you install a cd with voice module you'll get an instant working asterisk enviroment
1182457208 M * bXi do i need to reboot or anything with the new vserver util?
1182457215 M * daniel_hozac nope.
1182457223 M * daniel_hozac just kill the processes and you should be fine.
1182457246 M * bXi ok cool
1182457251 M * bXi maybe i can play my flash game then :P
1182457265 M * daniel_hozac Guest30: i guess you might want to talk to Bertl (if you're not doing that already).
1182457306 M * Guest30 Thanks
1182457448 M * bXi daniel_hozac: is there a bug_report about this behaviour ?
1182457463 M * daniel_hozac bXi: yes.
1182457500 M * bXi where can i find it?
1182457504 M * bXi like to read about it
1182457582 M * bXi util-vserver-0.30.213.ebuild do i need this version?
1182457587 M * bXi or even newer
1182457650 M * daniel_hozac http://archives.linux-vserver.org/200701/0054.html
1182457653 M * daniel_hozac 0.30.213 has the fix.
1182457943 Q * sladen Ping timeout: 480 seconds
1182458474 J * Jozsef ~root@adsl239.adsl.hungarnet.hu
1182458653 J * sladen paul@starsky.19inch.net
1182458668 M * Bertl welcome Jozsef!
1182458688 M * Jozsef Hi!
1182458694 M * daniel_hozac (you shouldn't IRC as root ;))
1182458715 M * Bertl daniel_hozac: he's new to IRC, he'll learn :)
1182458720 N * Guest30 JAMES1
1182458742 P * Jozsef 
1182458817 M * daniel_hozac that's why i mentioned it :)
1182458872 J * Jozsef ~kadlec@adsl239.adsl.hungarnet.hu
1182458883 M * Jozsef Hi, it's me again :-)
1182458889 M * Bertl wb Jozsef!
1182458894 M * Hollow daniel_hozac: seems i had more luck with swig this time: http://paste.linux-vserver.org/2688 :)
1182458914 M * Bertl daniel_hozac: FYI, Jozsef is the guy doing ipsets :)
1182458939 M * Bertl Jozsef: meet daniel_hozac, Linux-VServer alrounder :)
1182458956 Q * JAMES1 Read error: Connection reset by peer
1182458957 M * Jozsef Hi everybody
1182458992 M * Bertl Jozsef: glad that you could make it here ... IMHO that is much easier than via email :)
1182459005 M * daniel_hozac Bertl: the iptables/netfilter module?
1182459009 M * Jozsef I'm an absolute beginner in irc...
1182459021 M * Bertl do you like it so far?
1182459039 M * Jozsef Seems to be fine. :-)
1182459063 M * Bertl okay, then let's get in media res ...
1182459089 M * Bertl ah, btw, the channel is publicly logged (JFYI)
1182459100 M * Jozsef That's OK.
1182459106 J * haxier ~haxier@eu85-84-166-67.clientes.euskaltel.es
1182459112 M * Bertl wb haxier!
1182459122 M * haxier Hi!
1182459141 M * Bertl Jozsef: okay, as I wrote you via email, we have something 'working' on sets of IPs
1182459168 M * Jozsef A set/hash for every context is the simplest and fastest (in time).
1182459173 M * Bertl Jozsef: the current implementation is quite clumsy there (legacy) as it is basically walking a list to verify if a given address is matched
1182459191 M * Guy- Jozsef: wow, hi, I never expected to see you here :)
1182459211 M * Bertl Jozsef: see, folks already like you :)
1182459218 M * Jozsef Thanks!
1182459220 M * Guy- we know each other in person :)
1182459287 M * Bertl Jozsef: okay, my 'near future' plans for this 'matching process' look something like a parse/matching tree, but for now, something like a hash probably would suffice
1182459338 M * Jozsef How many network context is "the average" and what is the max?
1182459353 M * Bertl Jozsef: 'why parse/matching tree' you might ask? well, I think it would be cool to be able to match entire networks/ranges with as few as possible checks
1182459367 M * Bertl ah, yes, let me give you some terminology we use
1182459385 M * Bertl first, physical systems/machines are usually referred to as 'hosts'
1182459407 M * Bertl virtual compartments are referred to as 'guests'
1182459429 M * Bertl each guest consists of up to two contexts and a bunch of (name) spaces
1182459458 M * Bertl we have a 'context' (grouping mechanism) for processes (pid) and for networking (ip-sets)
1182459486 M * Guy- (how can a guest consist of more than one context? are you counting the network context separately?)
1182459496 M * Bertl Jozsef: a typical machine will host about 30-100 guests, but we know of larger installations
1182459499 M * Bertl Guy-: yep
1182459508 Q * bonbons Quit: Leaving
1182459508 M * bXi typical?
1182459519 M * bXi damn i thought my 6 vservers was a lot :P
1182459525 M * Jozsef And the slow part is the relation between process-context and network-context?
1182459526 M * Bertl Jozsef: the theoretical upper maximum is currently ~50000
1182459536 M * Guy- 0xbfff :)
1182459568 M * Guy- well, no, if you count context 0, it's 0xc000
1182459572 M * daniel_hozac Bertl: what do you base that on?
1182459577 M * Bertl Jozsef: the thing is, we do not really check on incoming and outgoing packets (regarding IPs) which would be a hot path
1182459594 M * Bertl daniel_hozac: context ids, process numbers and so on
1182459609 M * daniel_hozac ah, yeah, i guess you might run out of pids...
1182459634 M * Bertl Jozsef: what we do instead is limit the 'bind a socket' process
1182459670 M * Bertl Jozsef: i.e. when a socket has IP_ADDR_ANY assigned, we do not allow all IPs, but only those defined in the context
1182459674 M * Jozsef OK.
1182459692 M * Bertl as this usually is on the slow path anyway, the overhead is minimal
1182459716 M * Bertl once the connection is ongoing, there is no real check or interference
1182459732 M * Jozsef That looks good.
1182459733 M * Bertl we also need to check for addresses when we do interface/ip hiding for the guests
1182459743 M * Bertl but again, that is not a hot path
1182459750 M * Guy- I don't know how related this is, but it'd be nice to be able to use packet sockets in guests that only see the packets related to that guest
1182459783 M * Bertl Guy-: you mean, raw sockets receiving ip layer packets (like tcpdump :)
1182459791 M * Guy- yes
1182459800 M * Bertl Guy-: we actually have a solution for that (almost done)
1182459832 M * Guy- hooray :)
1182459846 M * Bertl but note that this _is_ kind of hot path, so probably will be disabled by default
1182459859 M * Bertl (unless we can show that the impact is minimal, what I doubt)
1182459859 M * Guy- I was hoping one of my students would do it, but none of them chose this assignment :)
1182459868 J * James1 ~jltaylor@64.232.166.41
1182459878 M * Jozsef So: where is the critical patch? Services in guests?
1182459891 M * Bertl Jozsef: so, should I show you some code what our interface/checks look like?
1182459909 M * Jozsef Yes, let's see it.
1182459912 M * Bertl sec
1182460045 M * Bertl here is where we change the mainline code to do the isolation checks: http://www.13thfloor.at/vserver/s_rel26/v2.2.0/split-2.6.20.4-vs2.2.0/15_netiso.diff.hl
1182460102 M * Bertl and here is the context stuff (at the beginning) and the checks (at the end): http://www.13thfloor.at/vserver/s_rel26/v2.2.0/split-2.6.20.4-vs2.2.0/11_net.diff.hl
1182460133 M * Jozsef OK, I'm looking at it.
1182460134 M * Bertl let me also upload a patch which was added recently to improve code separation
1182460178 Q * dna Quit: Verlassend
1182460234 J * onox ~onox@kalfjeslab.demon.nl
1182460240 M * Bertl wb onox!
1182460258 M * onox hi Bertl
1182460375 M * Bertl Jozsef: here you go: http://www.13thfloor.at/~herbert/vnet.diff.hl
1182460550 J * slacker403 ~root@cpe-71-74-73-121.insight.res.rr.com
1182460752 Q * DavidS|Vienna Quit: Leaving.
1182460783 M * Jozsef Might be stupid, but why do you need mask in struct nx_info?
1182460873 M * Bertl ah, we need that for broadcast stuff (at least I think :)
1182460964 M * Jozsef I'm asking it, because network addresses makes it harder.
1182460993 M * Jozsef There is no set type which supports both IP addresses and networks.
1182461044 M * Bertl maybe I should elaborate on what my plans are for the future then, and we exchange ideas on that and decide how to proceed?
1182461051 M * Jozsef In the new patch in addr_in_nx_info you ignore the mask...
1182461068 M * Jozsef OK.
1182461160 M * Jozsef So, what do you plan for the future?
1182461161 J * fatgoose ~samuel@204.19.247.184
1182461197 M * Bertl as I mentioned, I want to reduce the number of checks/tests while extending the number of IPs assigned to a guest
1182461291 M * Bertl my best idea so far goes like this:
1182461353 M * Bertl have a binary or ternary tree with yes/no edges, where each node holds one IP or network or range
1182461381 M * Bertl and 'parse' that tree when looking for a specific address
1182461410 M * Bertl when we hit a terminal node/edge, we have either a positive or a negative on that IP
1182461434 M * Bertl for example, if a guest has assigned the following ips (ranges)
1182461456 M * Bertl 192.168.0.1, 192.168.0.3, 10.0.0.1-10.0.0.42
1182461481 M * Bertl then the tree could look like this:
1182461519 M * Bertl  A<-(yes)-[ip > 10.0.0.0]-(no)->B
1182461557 M * Bertl A: YES<-(yes)-[in range 10.0.0.1,10.0.0.42]-(no)->NO
1182461592 M * Bertl B: YES<-(yes)-[ip == 192.168.0.1]-(no)->C
1182461617 M * Bertl C: YES<-(yes)-[ip == 192.168.0.3]-(no)->NO
1182461649 M * Bertl of course, that wouldn't simply cases much were we have a random address distribution
1182461663 M * Bertl (well, it would give something like log(n) I guess)
1182461703 M * Bertl but most of our real world cases use network ranges if they have more than 2 or 3 ips 
1182461724 M * Jozsef Looking at the tree, what you want is almost identical with how nf_hipac works.
1182461738 M * Bertl ah??
1182461774 M * Jozsef nf_hipac is an alternative to iptables.
1182461802 M * Jozsef Internally it does exactly that what you described,
1182461807 J * Aiken ~james@ppp121-45-220-241.lns2.bne1.internode.on.net
1182461839 M * Bertl hmm, yeah, sounds interesting ... but probably more a long term shot ... I guess
1182461895 M * Bertl but thanks a lot for this valuable input, that might be quite interesting for folks having many rules (thinking of olpc and planetlab here :)
1182461946 M * Jozsef For many-many rules, nf_hipac is much faster than iptables.
1182461946 M * Bertl Jozsef: I think the netmask isn't that important in our case, we could as well treat that one special (as we do/did)
1182462001 M * Jozsef But you have got addresses, ranges, networks which should be handled...
1182462034 M * Bertl so what do you think so far? does it make sense to incorporate ipsets (in a first step) and just handle the 'linear list of addresses' via them?
1182462085 M * Jozsef As far as I see, it's doable.
1182462128 M * Jozsef But having a separated set for every host, that seems to be overkill (but makes it much more simpler).
1182462137 M * Bertl would you be willing to give us a hand there? or provide some hints where and what to cut/take?
1182462152 M * Bertl actually it would be a set per guest :)
1182462171 M * Bertl how much space does the set structure eat up, for an empty set?
1182462183 M * Jozsef If ipset can be used outside of netfilter, I'm happy to help.
1182462217 M * Bertl (rough estimate is fine :)
1182462221 M * Jozsef That absolutely depends on the set type: bitmap or hash.
1182462297 M * Jozsef A bitmap type of set supports 65536 addresses and requires ~9kB,
1182462316 M * Jozsef but the addresses must be in a /16 range.
1182462334 M * Bertl ah, btw, what about ipv6?
1182462347 M * Jozsef A hash is a hash: as big or small as you wish :-).
1182462376 M * Jozsef IPv6 is for the next release, I'm working on it.
1182462390 M * Jozsef Currently there is no IPv6 support.
1182462390 M * daniel_hozac sounds like our IPv6 policy ;)
1182462400 M * Jozsef ;-)
1182462407 M * Bertl okay, I guess we could give you some testing ground on the ipv6 side (if there is interest)
1182462429 M * onox hmm
1182462433 M * onox i almost forgot plan9
1182462473 M * Jozsef As I wrote in E-mail, besides IPv6 support I'm rewriting kernel-userpsace communication. So it requires some time...
1182462485 M * Bertl let's assume we go for the hash, probably a hash chain size of 7-13 would deal with 1-100 ips easily
1182462536 M * Jozsef To be honest, I'm not satisfied with how the hash type currently works.
1182462548 M * Bertl how so?
1182462567 M * Jozsef It uses double hashing and resizing when clashes happens (instead of using a linear list).
1182462645 M * Bertl ah, so the hash is typically quite large
1182462658 M * Jozsef Resizing is overkill, so I plan to go back to use linear lists instead.
1182462711 M * Jozsef This is the usual trade between space and speed :-(.
1182462758 M * Bertl yep, well, maybe we can design a new hash together, thus you might benefit from this too :)
1182462770 M * Jozsef Okay :-).
1182462800 M * Bertl I'm already using hashes for the xid/nid, so we probably can reuse something there too
1182462827 M * Jozsef How do you handle clashes?
1182462831 M * Bertl what is missing here is the know-how regarding hash function for ips and similar
1182462856 M * Bertl quite simple, we use the hlists (hash chain lists) for each entry
1182462872 N * DoberMann[PullA] DoberMann
1182462876 M * Bertl so a colission brings us back to linear search in the hash chain
1182462901 M * Jozsef That is the usual approach: and I feel better than double hashing/resizing...
1182463008 M * Bertl as you can see from the last patch (which does a lot of cleanup), the functions testing for IPs are quite isolated, so we can basically plug in whatever we want there
1182463032 M * Jozsef For a comparison between hashtables, hastries and two hash functions you can have a look at http://people.netfilter.org/kadlec/hashtrie/.
1182463076 M * Bertl wow, nice!
1182463176 M * Jozsef Is it acceptable for you to restrict "fast" lookups for IP addresses?
1182463199 M * Bertl means?
1182463240 M * Jozsef I mean let's assume you use a hash type of ipset, with plain IP addresses in it.
1182463251 M * Bertl okay
1182463344 M * Jozsef How do you plan to *create* the sets? From kernel? Or from userspace (when creating the guest instance)?
1182463346 M * Bertl ah, I guess I know what you mean ... well, the critical function will be: ip_find_src
1182463373 M * Bertl which uses the ip _and_ netmask for checks
1182463387 N * DoberMann DoberMann[ZZZzzz]
1182463395 M * Bertl the set creation is not a problem at all, it could literally take ages :)
1182463414 M * Bertl i.e. we could compute a perfect hash or whatever to get them :)
1182463466 M * Bertl if a set changes once a day that is probably extreme
1182463478 M * Bertl (ignoring guest restarts and such)
1182463513 M * Jozsef That too much :-)
1182463557 M * Bertl hehe :)
1182463573 M * Jozsef Hm. What about two hash lookups in ip_find_src? First for an IP (iphash type of set), the second for a network (nethash type of set).
1182463599 M * Bertl would probably do the trick ...
1182463622 M * Bertl maybe an alternative concept could be something like this:
1182463667 M * Bertl we can basically asume that guests do not share IPs (but they usually will share networks)
1182463692 M * Bertl (although there is no rule blocking shared ips)
1182463725 M * Bertl but, let's assume, we make a single hash, with all the ips used by guests
1182463737 M * Bertl could be a bigger one in this case :)
1182463766 M * Bertl and basically store the context assignment in the data nodes
1182463804 M * Bertl (would give a maximum of 8k as in your bitmap case)
1182463833 M * Bertl or if we do one level of indirection, we could cut that down to 32 bytes or so :)
1182463873 M * Bertl but, we would get two features quite fast:
1182463886 M * Jozsef Hm. So first you would check for the IP, then the context id?
1182463887 M * Bertl - check if an ip is assigned to the guest
1182463908 M * Bertl - find a set of guests for a given ip
1182463954 M * Bertl (the second one is not available atm)
1182463963 M * Bertl the hash could work like this:
1182463964 M * Jozsef Good!
1182463994 M * Jozsef I mean, good, that the second case can be ignored :-).
1182464000 M * Bertl IP (ipv4/ipv6) -> Entry (set of 256 bits) -> Table [xids]
1182464054 M * Bertl if we are doing a check for 'in this context' we would simply do a bittest with a known bit
1182464070 M * Bertl (after doing the IP hash lookup :)
1182464105 M * Bertl OTOH, if we want to 'classify' an arbitrary IP (regarding to contexts)
1182464126 M * Bertl we would do the hash lookup and then process the bitmask
1182464142 M * Jozsef What do I overlook here: don't you limit the possible number of contexts here?
1182464161 M * Bertl yes, actually I limit it to 256 in this example
1182464192 M * Bertl but we currently have a kernel config for the upper number of contexts, so that could be flexible as well
1182464234 M * Bertl thing is, an embedded system has different requirements than a 16 cpu ultra sparc :)
1182464261 M * Guy- Bertl: I do use guests that share IPs, fwiw :)
1182464292 M * Bertl Guy-: but I assume it is not the default scenario, no?
1182464320 M * Guy- if you mean it's not what I usually do, then yes, you're right, it's not
1182464364 M * Jozsef If it's a bitset, multiple bits can be enabled.
1182464414 M * Guy- Jozsef: btw, can you make an educated guess about when ipsets will be in mainline?
1182464455 M * Jozsef I don't want to submit ipset into mainline before addig IPv6 support.
1182464472 M * Guy- I see
1182464507 M * Jozsef We'll have a netfilter workshop at September, I'd like to present a working new version at that time.
1182464508 M * Bertl daniel_hozac: any comments so far?
1182464550 M * Jozsef So after September I hope I'll be able to submit it.
1182464605 M * Guy- I'm looking forward to that
1182464617 M * Guy- it's a very useful netfilter enhancement
1182464641 M * slacker403 hello everyone 
1182464648 M * slacker403 blah blah Bertl etc
1182464674 M * Bertl Jozsef: in your graphs, the hashtable-sf can be considered the same as the hashtable, right?
1182464678 M * Bertl slacker403: hey!
1182464705 M * slacker403 how ya doing 
1182464732 M * Jozsef Yes, but with superfasthash instead of jenkins hash function.
1182464740 N * fatgoose samueltc
1182464761 M * Bertl Jozsef: yeah, how 'fast' is that hash function actually?
1182464785 M * Bertl Jozsef: I mean, talking in cpu cycles or so, what do we have to expect?
1182464841 M * Jozsef It's on the page ;-): 137 cycles.
1182464865 M * Bertl ah, quite something, I thought so ...
1182464901 M * Jozsef These are *good* hash functions.
1182464922 M * Bertl yeah, I'm just trying to figure if it would be a replacement
1182464933 J * drkvg bbaafb6194@pepin.poivron.org
1182464941 M * Bertl welcome drkvg!
1182464950 M * drkvg hi there - is there any known issues for running ProFTPD within a vserver?
1182464962 M * Bertl Jozsef: we currently have 16 ips in a tight memory space (ip/mask) 
1182464984 M * Bertl drkvg: IIRC, it was once on the 'special applications list' but no idea why ...
1182465059 M * Bertl drkvg: not there anymore ... http://linux-vserver.org/Problematic_Programs
1182465066 M * drkvg I have one installed within a vserver, and it fails to initiate ftp-data connexions - config is exactly the same on another production box, only that it doesn't run in a vserver
1182465071 M * drkvg Bertl: thx for the pointer!
1182465072 M * Bertl drkvg: what issues do you see? and what kernel/tool versions?
1182465100 M * Guy- drkvg: have you tried strace and tcpdump?
1182465109 M * drkvg debian etch, running kernel 2.6.18-4-vserver-686
1182465112 M * drkvg Guy-: not yet
1182465136 M * Guy- ooo, that's a museum kernel
1182465145 M * Bertl is that a vs2.0 or vs2.2 kernel?
1182465169 M * Guy- I'm very much afraid it's v2.0 (at least the previous version was, IIRC)
1182465202 M * Bertl Jozsef: okay, I guess we take some time to think about this .. if you are interested in helping us out here, your help is quite appreciated
1182465250 M * Bertl Jozsef: of course, you'll get a place on our wiki and a lot of karma :)
1182465258 M * Jozsef Could you send me a link of the latest version I could ponder over it?
1182465293 M * Bertl sure, sec, http://vserver.13thfloor.at/Stuff/OLPC/patch-2.6.22-rc5-vsOLPC.0.4.1.diff
1182465304 M * Bertl this is probably the best version for you to look at
1182465308 M * daniel_hozac Bertl: sounds good to me.
1182465337 M * Bertl daniel_hozac: do you know the planetlab requirements by now?
1182465360 M * Bertl drkvg: would it be simple to test a more recent kernel?
1182465386 M * drkvg Bertl: well, it's a production box, so switching kernels is not easy
1182465388 M * daniel_hozac well, as long as it's possible to have guests that share IP addresses, it should be fine.
1182465390 M * Jozsef OK, thanks. I think I'm leaving now. Bye!
1182465404 M * drkvg it seems the problem has to do with the local vserver IP range though
1182465406 M * Bertl Jozsef: have a good evening! and thank you!
1182465415 M * drkvg I'm digging into it..
1182465430 P * Jozsef 
1182465457 M * Bertl local vserver range?
1182465464 M * Guy- drkvg: it's not a NAT issue, is it?
1182465611 M * drkvg Guy-: not yet :)
1182465618 M * drkvg Guy-: I'm connecting locally at the moment
1182465651 M * drkvg Bertl: well, I got a public IP for the box, and a local IP's for the vservers
1182465664 M * drkvg s/a local IP's/local IPs
1182465677 M * daniel_hozac that sounds like a rather typical setup.
1182465690 M * Guy- drkvg: like 192.168.0.0/16 or like 127.0.0.0/8?
1182465700 M * drkvg Guy-: yes
1182465705 M * Bertl FTP needs conection tracking for the NAT
1182465753 M * Guy- drkvg: that was an either/or question :)
1182465768 M * drkvg locally, I can connect the FTP server, but when I try to transfer somthing (say, the output of `ls`), it answers: (localhost[127.0.0.1]) - Refused PORT 192,168,66,10,223,65  (address mismatch)
1182465777 M * Guy- drkvg: you can shoot yourself in the foot if you use the loopback range carelessly
1182465798 M * Guy- drkvg: ah! what's the client IP the server sees?
1182465803 M * drkvg Guy-: oh, I know, I used to use the loopback range, and stopped
1182465822 M * drkvg hmm; probably 127.0.0.1
1182465829 M * Guy- that's the prolem then
1182465829 M * Bertl drkvg: not unexpected, but that should not happen for external connects
1182465856 M * Guy- drkvg: you're telling the server to open the data connection to a 3rd party, and it refuses for security reasons
1182465856 M * drkvg right!
1182465867 M * Bertl drkvg: what you see here is that 127.0.0.1 gets remapped to 192,168,66,10, which is the first guest ip
1182465879 M * drkvg ftp-data does work when I directly connect to 192.168.66.10
1182465903 M * Bertl this is perfectly fine, and you can work around that by allowing the guest ips too (if that is possible)
1182465921 M * Bertl or alternately by disabling the source ip remapping
1182465947 M * Bertl (which requires a new kernel and kernel compile)
1182466033 M * drkvg Bertl: thanks a lot for the explanation!
1182466044 M * drkvg I guess my problems are more iptables/netfilter related now
1182466135 M * Bertl could be ProFTP config related too
1182466221 M * drkvg I'm wondering how to enable connexion tracking when using port redirection
1182466236 M * Bertl (or more precisely, chances are good that you can fix it in the ProFTP config too :)
1182466257 M * daniel_hozac the FTP modules let you specify what ports they should be looking at.
1182466320 M * Guy- I think proftpd just has a master 'allow foreign IP in PORT' type of switch
1182466358 M * Guy- which I wouldn't normally recommend turning on
1182466373 M * Guy- but now, good night :)
1182466418 M * drkvg Guy-: night, and thanks!
1182466715 J * s0undt3ch ~s0undt3ch@80.69.34.154
1182467179 M * Bertl wb s0undt3ch!
1182467193 M * s0undt3ch Bertl: Thanks
1182467672 M * slacker403 long day
1182467678 M * drkvg hey!
1182467692 M * drkvg it works, using the MasqueradeAddress directive in /etc/proftpd.conf
1182467730 Q * yarihm Quit: Leaving
1182467765 J * derjohn3 ~aj@e180206251.adsl.alicedsl.de
1182468208 Q * derjohn2 Ping timeout: 480 seconds
1182469413 Q * bzed Quit: Leaving
1182469474 J * DavidS david@chello062178045213.16.11.tuwien.teleweb.at
1182469823 P * stefani I'm Parting (the water)