1204330020 J * quasisane ~sanep@c-76-118-191-64.hsd1.nh.comcast.net 1204330246 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1204330884 Q * mire Ping timeout: 480 seconds 1204331425 J * virtuoso ~s0t0na@ppp91-122-103-232.pppoe.avangarddsl.ru 1204332101 N * DoberMann DoberMann[ZZZzzz] 1204333597 Q * DLange Quit: Bye, bye. Hasta luego. 1204334566 M * Bertl okay, off to bed now ... have a good one everyone! 1204334575 N * Bertl Bertl_zZ 1204334722 J * mire ~mire@211-169-222-85.adsl.verat.net 1204334858 J * marl ~marl@89.242.221.218 1204334893 J * arachnist arachnist@plzdie.kthxbai.pl 1204334906 Q * rgl Quit: Saindo 1204334960 Q * dowdle Remote host closed the connection 1204334963 M * marl hi folks, just installed vserver onto a debian host, and tried building a ubuntu fiesty, the build command returned almost instantly and the deboot log file for the guest just has : /lib/util-vserver/distributions/feisty/debootstrap.script: line 3: default_mirror: command not found in it, done a search but cant find anything, anyone any pointers? 1204335249 M * daniel_hozac debootstrap scripts weren't as version-agnostic as i had hoped. you'll want to uninstall debootstrap, make sure you have a util-vserver 0.30.215 pre release and point it at debootstrap 1.0.8... 1204335322 Q * hijacker Ping timeout: 480 seconds 1204335368 M * daniel_hozac (or maybe check backports for a more recent debootstrap package) 1204335413 M * marl newer debootstrap would solve the problem? or is util-vserver 0.30.215 stable? 1204335452 M * marl this is going to be a production system :( 1204335471 M * daniel_hozac as stable as the last release, only without the bugs. 1204335483 Q * mire Ping timeout: 480 seconds 1204335527 M * marl lol, anything i need to note be4 installing 215? can i just compile and install over 214? 1204335707 M * marl ok, heres a daft question, were can i download 215 from? i can only find links to 214 :( 1204335736 M * daniel_hozac http://people.linux-vserver.org/~dhozac/t/uv-testing/ 1204335815 M * marl just use the latest one? dated today? 1204335831 Q * virtuoso Ping timeout: 480 seconds 1204335848 M * daniel_hozac should be fine. 1204335866 M * daniel_hozac it compiles and starts guests, at least :) 1204336025 J * mire ~mire@88-171-222-85.adsl.verat.net 1204336168 M * marl i have another host running 3 guests, it is a dual cpu machine with 4Gb ram, and hardware raid, as far as i can tell it was installed with vserver kernel and no tweeking, but i have BIG slowdowns whenever there is a lot of disk access, any pointers? i know its a bit fague, but not logged into machine at present, and just thought id ask while i was on :) (host doing nothing other than running quests, and guest 1 is samba server guest 2&3 are admin servers) 1204336231 M * daniel_hozac heavy I/O tends to cause a general sluggishness. 1204336263 M * daniel_hozac hard to say anything specific without knowing the specifics :) 1204336295 M * marl lol i know, as i said it was just a quicky while i was waiting for 215 to compile and install 1204336333 M * marl ok its done, i need to uninstall debootstrap, and then install which version? 1204336350 M * daniel_hozac just uninstall it, let the utils handle it. 1204336440 M * marl :( now i get : E: Failed getting release file http://ftp.debian.org/debian/dists/feisty/Release 1204336461 M * marl ive come accross this one be4 and cant remmeber how to solve it :( 1204336465 M * daniel_hozac -m http://ftp.ubuntu.com/ubuntu 1204336685 M * marl vserver test build -m debootstrap http://ftp.ubuntu.com/ubuntu --hostname=test.example.com --interface eth0:192.168.0.1/24 -- -d fiesty 1204336722 M * marl ? 1204336781 M * marl sorry im so dense 2night, am very tired, but i want to get this working 2night!!!!!! 1204336783 M * marl lol 1204337205 M * marl ah got it the -m http needs to be at the end of the line 1204337706 Q * mire Quit: Leaving 1204338488 M * marl successssss :) :) :) :) :) :) 1204338528 M * marl thanks daniel for the help, couldnt find anything on line baout the debootstrap stuff 1204338540 M * marl now im away to bed to try and get some sleep 1204338542 M * marl nigth all 1204338632 Q * ^jan Quit: Panacea .gz. 1204339813 Q * besonen_mobile Ping timeout: 480 seconds 1204342461 J * Infinito argos@200-140-69-1.gnace701.dsl.brasiltelecom.net.br 1204343204 Q * Infinito Quit: Quitte 1204344629 Q * hparker Quit: Read error: 104 (Peer reset by connection) 1204346851 J * fatgoose_ ~samuel@76-10-149-199.dsl.teksavvy.com 1204347279 Q * fatgoose Ping timeout: 480 seconds 1204349947 Q * fatgoose_ Quit: fatgoose_ 1204353362 Q * larsivi Ping timeout: 480 seconds 1204353591 J * JonB ~NoSuchUse@77.75.164.169 1204355506 J * ktwilight_ ~ktwilight@249.211-66-87.adsl-static.isp.belgacom.be 1204355617 Q * ktwilight Read error: Connection reset by peer 1204356168 J * ktwilight__ ~ktwilight@175.212-66-87.adsl-static.isp.belgacom.be 1204356553 Q * ktwilight_ Ping timeout: 480 seconds 1204358166 J * hijacker ~hijacker@213.91.163.5 1204358426 J * Julius ~julius@p57B25CBA.dip.t-dialin.net 1204358614 J * besonen_mobile ~besonen_m@71-220-235-129.eugn.qwest.net 1204358996 Q * JonB Quit: This computer has gone to sleep 1204359857 J * DLange ~dlange@p57A32F99.dip0.t-ipconnect.de 1204359967 Q * DLange 1204359982 J * DLange ~dlange@p57A32F99.dip0.t-ipconnect.de 1204359989 J * JonB ~NoSuchUse@77.75.164.169 1204360682 J * rgl ~rgl@lx2-84-90-10-215.netvisao.pt 1204360690 A * rgl waves 1204361625 M * JonB hey rgl 1204361895 Q * JonB Quit: This computer has gone to sleep 1204362988 Q * besonen_mobile Ping timeout: 480 seconds 1204363291 J * JonB ~NoSuchUse@77.75.164.169 1204363861 J * pob_ ~pob@bac69-2-82-67-5-193.fbx.proxad.net 1204363992 M * pob_ hello it's my first time on irc 1204364003 M * JonB hi 1204364016 M * JonB dont look for girls, there are none on irc 1204364030 M * pob_ ok i was wonder if i was connect 1204364035 M * JonB you are 1204364042 M * JonB people are just sleeping here 1204364053 M * pob_ no i don't look for girl on irc just for help 1204364061 M * JonB good then 1204364089 M * JonB and i was not looking what channel i was on. I'm on another and people do come there looking for girls, sorry about that 1204364094 M * JonB so, what kind of help? 1204364133 M * pob_ i install vserver and i have some trouble with nat and routing 1204364152 M * pob_ i use shorewall for set iptables rules 1204364176 M * JonB routing is setup on the host 1204364183 M * JonB and the guests then use the same routing table 1204364206 M * pob_ and i want to log and set rules between vserver and the host 1204364230 M * pob_ this is ok for me 1204364271 M * pob_ but i set up a dummy0 interface for vservers 1204364333 M * pob_ and if i try to connect to the host from a vserver 1204364356 M * pob_ all packet go trough the loopback interface 1204364426 M * JonB yes, it does 1204364428 M * JonB always 1204364448 M * JonB because the lo interface is used for any network traffik inside the same kernel 1204364494 M * pob_ there is a way to control this witih iptables 1204364496 M * pob_ ? 1204364549 M * JonB i am not sure 1204364568 M * JonB but, why do you want to do this? 1204364618 M * pob_ because i see that like a security hole 1204364651 M * pob_ if some one can get root access on vserver 1204364654 M * JonB why does it matter if the traffic comes over lo0 or dummy0 or eth0 ? 1204364669 M * JonB which kernel are you running? 1204364689 M * pob_ 2.6.20-vs2.2.0 1204364700 M * pob_ but i going to update 1204364731 M * pob_ in 2.6.22-2.2.0.6 1204364775 M * JonB good, that should plug the latest security hole in the kernel 1204364800 M * pob_ whith shorewall i have a log of all the traffic 1204364817 M * JonB cant you just block the packets based on their ip address? it's not like the guests can fake their ip address unless you give them CAP_NET_RAW 1204364850 M * pob_ except between vservers and host 1204364879 M * JonB that should also be possible 1204364887 M * JonB i hope 1204364888 J * xdr ~xdr@gote2.23.cust.blixtvik.net 1204364920 M * JonB maybe you need to make a special logging rule for traffic between host and guest and then delete the log if you dont want it 1204364929 M * pob_ normally (sorry for my english) it do 1204364951 M * pob_ but i try and even i set strong rules in shorewall 1204364961 M * pob_ the packets go trough 1204364999 M * JonB how do you set the rules? 1204365011 M * JonB i set some myself but that was between guests 1204365018 M * JonB my host only runs sshd 1204365031 M * pob_ do you know shorewall ? 1204365042 M * JonB no 1204365045 M * JonB i used iptables 1204365091 M * pob_ ok, in shorewall you set some zones that you link with interfaces 1204365104 M * pob_ i don't know iptables 1204365119 M * pob_ i got a net zone for eth0 1204365134 M * pob_ and a dmz zone for dummy0 1204365148 M * JonB can you make alias interfaces? 1204365157 M * pob_ yes 1204365219 M * JonB maybe you can make an alias for each guest and setup such zones 1204365230 M * JonB what services is it you want to protect on the host? 1204365254 M * pob_ ssh 1204365278 M * pob_ it's the only one on the host 1204365294 M * JonB does that really need firewall protection? 1204365368 M * pob_ i see lot of tentative of brute force on ssh 1204365390 M * pob_ and as i'am may be to much paranoid 1204365435 M * JonB from the guests? 1204365444 M * pob_ if i can't detect such traffic on my firewall if those packets come from the vservers 1204365458 M * JonB force your sshd to only accept ssh keys 1204365459 M * pob_ yes 1204365535 Q * ensc Remote host closed the connection 1204365551 M * pob_ yes i can do that, i never do it but it's a good way 1204365588 M * JonB cant you just log the ip address of anyone trying to initiate a session on sshd? 1204365591 M * pob_ i use a technique of port knocking with shorewall to protect ssh 1204365613 M * JonB ok 1204365642 M * pob_ ye si log such address execpt from the guests 1204365737 M * pob_ ok thank you verry much for you answers, it help me 1204365766 J * ensc ~irc-ensc@77.235.182.26 1204365768 M * pob_ i must go, my dogs wait after me and my baby also 1204365772 M * pob_ bye 1204365791 M * JonB bye 1204365796 Q * pob_ Quit: leaving 1204365865 Q * ensc Remote host closed the connection 1204366206 J * ensc ~irc-ensc@77.235.182.26 1204366624 Q * ensc Remote host closed the connection 1204366793 J * DLange2 ~dlange@p57A32F99.dip0.t-ipconnect.de 1204366793 N * DLange Guest106 1204366793 N * DLange2 DLange 1204366833 Q * Guest106 Ping timeout: 480 seconds 1204366842 Q * DLange 1204366856 J * DLange ~dlange@p57A32F99.dip0.t-ipconnect.de 1204366966 J * ensc ~irc-ensc@77.235.182.26 1204367050 J * larsivi ~larsivi@144.84-48-50.nextgentel.com 1204367274 J * CyberMonk hacker@2001:5c0:84dc:1:2::39 1204367576 N * Bertl_zZ Bertl 1204367586 M * Bertl morning folks! 1204367673 M * JonB hey Bertl 1204367689 Q * JonB Quit: This computer has gone to sleep 1204367727 Q * weeble Ping timeout: 480 seconds 1204367798 N * DoberMann[ZZZzzz] DoberMann 1204367809 Q * FireEgl Quit: Leaving... 1204368167 Q * ensc Remote host closed the connection 1204368486 J * ensc ~irc-ensc@77.235.182.26 1204368657 J * friendly12345 ~friendly@ppp59-167-75-63.lns1.mel6.internode.on.net 1204369863 J * JonB ~NoSuchUse@77.75.164.169 1204370363 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1204371562 J * phedny ~mark@010-022-128-083.dynamic.caiway.nl 1204372549 Q * friendly12345 Quit: Leaving. 1204373518 Q * Eimann Quit: migration 1204373582 J * julius_ ~julius@p57B26F3F.dip.t-dialin.net 1204373986 Q * Julius Ping timeout: 480 seconds 1204375263 J * friendly12345 ~friendly@ppp59-167-75-63.lns1.mel6.internode.on.net 1204375274 Q * friendly12345 Remote host closed the connection 1204375349 Q * JonB Quit: This computer has gone to sleep 1204375768 J * ard ~ard@gw-tweakb16.kwaak.net 1204375997 J * nebuchadnezzar ~nebu@zion.asgardr.info 1204376029 J * brc bruce@megarapido.cliquerapido.com.br 1204376605 J * JonB ~NoSuchUse@77.75.164.169 1204377532 T * * http://linux-vserver.org/ | latest stable 2.2.0.6, 2.0.3-rc3, devel 2.3.0.32, stable+grsec 2.2.0.6 | util-vserver-0.30.214 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki,a 1204377532 T * ChanServ - 1204377640 Q * Aiken Remote host closed the connection 1204378072 T * * http://linux-vserver.org/ | latest stable 2.2.0.6, 2.0.3-rc3, devel 2.3.0.32, stable+grsec 2.2.0.6 | util-vserver-0.30.214 | libvserver-1.0.2 & vserver-utils-1.0.3 | He who asks a question is a fool for a minute; he who doesn't ask is a fool for a lifetime -- share the gained knowledge on the Wiki,a 1204378072 T * ChanServ - 1204378581 J * ftx ~ftx@dslb-084-062-245-210.pools.arcor-ip.net 1204383765 Q * CyberMonk Ping timeout: 480 seconds 1204384611 J * CyberMonk ~mail@2001:5c0:84dc:1:2::39 1204384662 J * dna ~dna@242-228-dsl.kielnet.net 1204385713 J * FireEgl FireEgl@adsl-220-213-237.bhm.bellsouth.net 1204388433 Q * rgl Ping timeout: 480 seconds 1204389806 J * DuckMaster ~Duck@81.57.39.234 1204389806 Q * duckx Read error: Connection reset by peer 1204390873 Q * JonB Quit: This computer has gone to sleep 1204391425 J * morten ~hahnomat@f053146222.adsl.alicedsl.de 1204391427 M * morten hey guys! 1204391769 M * morten can i prevent a guest of using the hosts swap space? 1204392380 M * Bertl not really 1204392593 J * JonB ~NoSuchUse@77.75.164.169 1204393274 Q * dna Quit: Verlassend 1204393437 J * dna ~dna@242-228-dsl.kielnet.net 1204393562 J * ftx_ ~ftx@dslb-084-062-236-048.pools.arcor-ip.net 1204393977 Q * ftx Ping timeout: 480 seconds 1204394935 M * morten Bertl: hm.. you see any chance to do this without big effort? 1204395007 M * morten that would make sense when you have "confidential" guests 1204395751 M * morten a solution would be to crypt the hosts swapfs 1204396096 M * Bertl 'confidential' stuff should be locked in memory 1204396122 M * Bertl to hope for 'not swapping out stuff' is not really a good idea 1204396131 M * Bertl unless you disable swapping completely 1204396840 M * morten yes, my thought.. ;-) 1204397304 N * DoberMann DoberMann[PullA] 1204397562 M * morten ok, cya later guys 1204397563 Q * morten 1204398172 J * Aiken ~james@ppp118-208-56-200.lns4.bne1.internode.on.net 1204400317 J * mcp ~hightower@wolk-project.de 1204400921 J * Piet ~piet@tor.noreply.org 1204401164 J * chigital ~chigital@p4FE5E341.dip.t-dialin.net 1204401533 J * yarihm ~yarihm@247-58-239-77-pool.cable.fcom.ch 1204402138 J * hparker ~hparker@linux.homershut.net 1204402505 J * Blissex ~Blissex@82-69-39-138.dsl.in-addr.zen.co.uk 1204403068 J * awk ~awk@security.web.za 1204403951 Q * yarihm Quit: This computer has gone to sleep 1204404459 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1204404853 Q * Piet Remote host closed the connection 1204404924 J * Piet ~piet@tor.noreply.org 1204404970 J * hijacker_ ~Lame@87-126-142-51.btc-net.bg 1204405072 J * Viper0482 ~Viper0482@p579823B5.dip.t-dialin.net 1204405368 J * Piet_ ~piet@tor.noreply.org 1204405518 J * sladen paul@starsky.19inch.net 1204405762 Q * Piet Ping timeout: 480 seconds 1204406937 Q * julius_ Ping timeout: 480 seconds 1204407161 J * julius_ ~julius@p57B26F3F.dip.t-dialin.net 1204407284 Q * Viper0482 Quit: one day, i'll find this peer guy and then i'll reset his connection!! 1204407329 Q * fatgoose Quit: fatgoose 1204407475 J * fatgoose ~samuel@76-10-149-199.dsl.teksavvy.com 1204407617 Q * marl Ping timeout: 480 seconds 1204408603 Q * chigital Ping timeout: 480 seconds 1204408729 Q * hijacker_ Quit: Leaving 1204409224 Q * JonB Quit: This computer has gone to sleep 1204411340 Q * julius_ Remote host closed the connection 1204412108 Q * fatgoose Quit: fatgoose 1204412495 J * dna_ ~dna@242-228-dsl.kielnet.net 1204412880 Q * dna Ping timeout: 480 seconds 1204415301 J * yarihm ~yarihm@247-58-239-77-pool.cable.fcom.ch