1267142462 Q * fleischergesell Ping timeout: 480 seconds 1267144927 J * petzsch ~markus@dslb-094-222-103-145.pools.arcor-ip.net 1267145127 M * Bertl off to bed now .. have a good one everyone! 1267145138 N * Bertl Bertl_zZ 1267145322 Q * petzsch Quit: Leaving. 1267145389 Q * bonbons Quit: Leaving 1267145523 Q * dowdle Remote host closed the connection 1267154743 J * derjohn_foo ~aj@pD95FCE20.dip.t-dialin.net 1267155176 Q * derjohn_mob Ping timeout: 480 seconds 1267156892 Q * Piet Remote host closed the connection 1267157805 J * Piet ~Piet__@7R1AAAAWA.tor-irc.dnsbl.oftc.net 1267159220 Q * quasisane Read error: Operation timed out 1267160881 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1267161922 Q * BenG Remote host closed the connection 1267163879 Q * derjohn_foo Ping timeout: 480 seconds 1267164251 J * sharkjaw ~gab@90.149.121.45 1267164836 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1267165422 Q * BenG Quit: I Leave 1267166735 Q * ensc Remote host closed the connection 1267166745 J * ensc ~irc-ensc@93.159.121.26 1267168218 J * ghislain ~AQUEOS@adsl2.aqueos.com 1267169344 J * ncopa ~ncopa@ti211310a081-0715.bb.online.no 1267170132 M * arekm Bertl_zZ: /home/users/arekm/rpm/BUILD/kernel-nogrsecurity-2.6.33/linux-2.6.33/mm/memcontrol.c: In function ‘mem_cgroup_stat_read_mapped’: 1267170135 M * arekm /home/users/arekm/rpm/BUILD/kernel-nogrsecurity-2.6.33/linux-2.6.33/mm/memcontrol.c:580: error: ‘MEM_CGROUP_STAT_MAPPED_FILE’ undeclared (first use in this function) 1267170196 M * arekm Bertl_zZ: now it's MEM_CGROUP_STAT_FILE_MAPPED 1267170389 Q * ncopa Ping timeout: 480 seconds 1267170543 J * ncopa ~ncopa@63.24.34.95.customer.cdi.no 1267170675 M * ghislain oh 2.6.33 is out and allready a patch :) , got to see what's new in this kernel version 1267170765 N * Bertl_zZ Bertl 1267170770 M * Bertl morning folks! 1267170792 M * ghislain morning bertl 1267170801 M * Bertl arekm: ah, yeah, there is nothing better than consistancy :) 1267170813 M * ghislain i continue to have crashes so i look for every new bit in kernel news lol 1267170830 M * Bertl what kind of crashes? 1267170845 M * Bertl the probably nic related type? 1267170860 M * ghislain still the same kernel panic everything froze, yes probably 1267170886 M * Bertl as I said, try to switch the nic for a test 1267170910 M * ghislain i cannot do that on all machine, those hosted i have no choice but using the integrated ones :( 1267170946 M * Bertl a single, crashing machine is enough to test the theory 1267170990 M * Bertl if it work with a different nic, you can bug the driver maintainers (intel folks), if it fails too, you have to look for other causes 1267171125 M * ghislain yes 1267171272 M * ghislain do you done some new test on 2.6.32 you had some perf issue before 1267171282 M * ghislain i wonder if you still have them 1267171329 M * Bertl not sure I will do them now that 2.6.33 is out, but we'll see 1267171346 M * ghislain lol of course np 1267171400 J * grobie ~grobie@tyr.schnuckelig.eu 1267171445 M * ghislain 2.6.32 will be lts, will you update the patch for it as time goes by ? 1267171490 M * Bertl as it seems that debian plans to go for 2.6.32, very likely 1267171520 M * ghislain ok thanks 1267172032 J * fleischergesell ~fleischer@dslb-084-063-124-125.pools.arcor-ip.net 1267172336 J * derjohn_foo ~aj@139.12.1.252 1267173432 M * arekm /home/users/arekm/rpm/BUILD/kernel-nogrsecurity-2.6.33/linux-2.6.33/drivers/infiniband/core/addr.c:254: error: too few arguments to function ‘ipv6_dev_get_saddr’ 1267173534 M * Bertl I'll fix it immediately, but you have to test on infiniband for me :) 1267173598 M * arekm added NULL as last arg for now 1267173608 M * arekm and I don't have infiniband hw 1267173669 M * Bertl yeah, NULL is correct, see the first argument 1267173690 M * Bertl it always uses the init network context too, i.e. not network context aware (mainline) 1267174380 P * _mart Leaving 1267174581 M * ghislain bertl: the 2.6.33 compil failed, smae error as arekm about 'MEM_CGROUP_STAT_MAPPED_FILE' undeclared :) just fyi 1267174748 M * Bertl yeah, already fixed in my tree, will be in the next upload 1267174756 M * ghislain ok :) 1267174770 M * Bertl just change the name as arekm suggested 1267174805 J * mugwump ~samv@watts.utsl.gen.nz 1267175561 Q * weasel Quit: Reconnecting 1267175565 J * weasel ~weasel@weasel.noc.oftc.net 1267176644 Q * marcin Ping timeout: 480 seconds 1267176695 J * thierryp ~thierry@zankai.inria.fr 1267176803 J * BenG ~bengreen@cpc2-aztw22-2-0-cust521.aztw.cable.virginmedia.com 1267178434 J * marcin ~marcin@flip.wutanic.com 1267178619 J * barismetin ~barismeti@zanzibar.inria.fr 1267178801 J * vserver_guy ~vserver@mirror.sonassi.com 1267178807 M * vserver_guy Hi guys, 1267178827 M * vserver_guy has anyone come across this error before (when entering a vServer) [vserver X enter] 1267178834 M * vserver_guy shell-init: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory 1267178842 M * Guy- yes 1267178863 M * Guy- vserver_guy: it means the cwd of the shell you launched vserver enter from no longer exists 1267178922 M * vserver_guy lol - gotcha 1267178926 M * vserver_guy I'm a fool! 1267179074 M * vserver_guy thanks! 1267179874 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267180569 Q * marcin Ping timeout: 480 seconds 1267180594 Q * balbir Ping timeout: 480 seconds 1267180631 J * petzsch ~markus@dslb-092-078-157-030.pools.arcor-ip.net 1267180637 Q * vserver_guy 1267180770 J * marcin ~marcin@flip.wutanic.com 1267180938 J * gnuk ~F404ror@pla93-3-82-240-11-251.fbx.proxad.net 1267181222 J * balbir ~balbir@122.172.57.2 1267182201 Q * petzsch Quit: Leaving. 1267183775 M * geb hi 1267183904 M * geb i have a not so vserver related question: 1267183912 M * geb i have a host with ~30 vs (a full /27) 1267183925 M * geb when i used to receive a lot of bruteforce on the range, the graphs ( http://supervision.toile-libre.org/munin/toile-libre.org/garage.toile-libre.org.html ) lets appear some load of the system and a large decrease of the entropy pool 1267183992 M * Bertl get a sound card :) 1267184001 M * geb ? 1267184023 M * Bertl audio input from the datacenter is a good source of entropy 1267184029 M * geb haha 1267184044 M * Mr_Smoke Sounds like fun :) 1267184047 M * geb yeah, in the same timeframe users told me that they had problems with ssh (being unable to connect etc) can't the decrease of the entropy pool being the cause of the problem ? 1267184067 M * Mr_Smoke Yeah I had a similar problem once 1267184091 M * geb is there something else i can do ( adding a sound card in the 1u looks a bit difficult...) 1267184121 M * Mr_Smoke Dunno about that. Even on not-so-loaded servers, I never hit the bottom of the pool 1267184153 M * Bertl geb: maybe it already has a sound card on-board? 1267184177 M * Bertl anyway, you could as well put some entropy source somewhere on the net and feed that into the pool 1267184198 M * fback geb: or dedicated pci riser to install the card horizontally 1267184201 M * Bertl another excellent source of entropy is radioactive decay 1267184218 M * geb haha :) 1267184223 M * Bertl (you can get that from a typical smoke detector :) 1267184255 M * fback or usb-based audio card :) 1267184290 M * geb i am not sure that the DC's owner will love the ideas :) 1267184315 M * geb but i am not sure that the problem with users unable to connect with sshd (looks to use only /dev/urandom) is related , do you think it is ? 1267184363 M * Bertl it might be, the urandom makes the problem less common, but still, if the pool is depleted, ssh(d) comes to a halt 1267184386 M * Mr_Smoke Doesn't network activity generate entropy, too ? 1267184406 M * fback Mr_Smoke: i think it doesn't by default 1267184415 M * Mr_Smoke Hm. 1267184426 M * Mr_Smoke I wonder where I get my entropy from then Oo 1267184446 M * geb it looks that ssh bruteforce (with net activity, and lot of logs writing) toke more entropy that it generate :( 1267184597 M * fback I have hardware-based source of entrophy :-) 1267184675 M * fback geb: use some tool to ignore traffic from broken hosts? 1267184715 M * fback (i'm using denyhosts, but saw also other tools based on iptables) 1267184735 M * geb yeah i thought about it, but ... i don't like a lot the idea, it is a bid intrusive to do some filtering on the host ... 1267184753 M * geb a bit* 1267184833 M * Mr_Smoke fail2ban for the win. 1267185529 Q * marcin Ping timeout: 480 seconds 1267185572 M * BenG Morning all, I can't seem to get packets redirected the way I want today 1267185606 M * BenG I want to take all the traffic from one IP address and point it towards a vserver guest 1267185614 M * BenG any ideas? 1267185622 M * Mr_Smoke Do it right ? 1267185623 M * Mr_Smoke :) 1267185626 M * harry then for christ's sake, bitchslap those packets upside the head so hard they have no clue where to go, and you redirect them properly! 1267185675 M * harry that's probably not with redirect, but dnat 1267185703 J * marcin ~marcin@213.227.92.113 1267185705 M * BenG same machine and same subnet, redirect and dnat don't like it 1267185728 M * BenG and I can't find the bitchslap manpage anywhere :S 1267185738 M * harry ? 1267185749 M * harry same machine? 1267185753 M * harry what exactly is it you want? 1267185777 M * harry outside traffic to redirected to ? 1267185811 M * BenG yep, that's it 1267185828 M * Mr_Smoke What's the guest IP ? RFC1918 or public ? 1267185842 M * harry iptables -t nat -A PREROUTING --destination -j DNAT --to-destination 1267185847 M * BenG on my test they are both RFC1918 1267185858 M * Mr_Smoke Yup, DNAT works for me too 1267185869 M * harry that's what i use 1267185882 M * harry for every service, a different guest, and redirect ports to guests 1267185909 M * Mr_Smoke Although I must admit I find it easier today to just bind a public IP, but that's another discussion 1267185930 M * harry true 1267185948 M * harry Mr_Smoke: that's easier, but less flexible 1267185966 M * Mr_Smoke True. I'm just spoiled with a cheap /28 so I enjoy that :) 1267185974 M * harry me too 1267185976 M * harry but still... 1267186004 Q * bonbons Quit: Leaving 1267186219 Q * marcin Ping timeout: 480 seconds 1267186306 M * BenG okay, for what I want to do I end up with: 1267186310 M * BenG iptables -t nat -A PREROUTING -i --destination 192.168.1.18 -j DNAT --to 192.168.1.31 1267186321 M * BenG which gives me no bananas 1267186388 M * Mr_Smoke Well 1267186403 M * Mr_Smoke You are expecting data on 192.168.1.18 ? 1267186407 M * Mr_Smoke So it's just local stuff ? 1267186445 M * BenG yeah, for the moment, but I hope to use in on a internet facing setup later 1267186486 M * BenG I want to browse http on 192.168.1.18, whereas apache is bound to 192.168.1.31 1267186497 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267186651 M * Mr_Smoke Hm well 1267186668 M * Mr_Smoke Appart from using goot old tcpdump iptables counters to figure out what's happening, I dunno 1267186676 M * Mr_Smoke The classic "Works For Me" applies here :/ 1267186923 M * BenG "iptables -t nat -A PREROUTING -i --destination 192.168.1.18 -j DNAT --to 192.168.1.31" don't know how the -i got stuck in there 1267186958 M * Mr_Smoke Hm hadn't noticed 1267186967 M * Mr_Smoke That's bound to mess it up right ? 1267186975 M * Mr_Smoke What interface did it get applied to ? 1267187464 M * BenG didn't work, flushed it all anyway 1267187490 M * BenG in any case, seems to work somewhat now, I was trying to access it from the machine itself 1267187503 M * BenG rebooted, tried again, looks okay 1267187677 M * BenG ah, I see the problem I was having, I added the IP earlier with "ip addr add" 1267187687 M * BenG hoping to add it to the host 1267187717 M * BenG but it seems the DNAT rules don't interact with it in the same way as they do for the hosts canonical IP 1267187923 M * BenG okay, so, the DNAT rule wasn't working on the secondary IP I set up, but worked fine for the primary 1267187926 M * BenG no idea why 1267187933 M * BenG probably the way iptables works 1267188061 M * BenG Mr_Smoke, harry, cheers for keeping me sane there 1267188074 M * BenG in my hour of need 1267188083 M * BenG or 25mins anyway :) 1267188727 M * Mr_Smoke hmm 1267188751 M * Mr_Smoke BenG: I don't believe the way the IP address was added should have any impact on the way DNAT would use it 1267188785 M * Mr_Smoke Most likely the -i was causing the mess 1267188797 M * BenG when created with ip addr add it doesn't work 1267188809 M * BenG when created with ifconfig eth0:0 it does 1267188818 M * Mr_Smoke Hm 1267188825 M * Mr_Smoke What version of iptables is this ? 1267188852 M * BenG 1.4.2 1267188876 M * Mr_Smoke Weird. I never had such an issue 1267188892 M * Mr_Smoke Then again, I rarely DNAT from/to the same host using private ips :p 1267188907 M * BenG another mess was that I was trying to access the websites from the same box, which wasn't going to work 1267188909 M * Mr_Smoke tcpdump would help, but as long as you(ve got it working .... 1267188921 M * Mr_Smoke Ah, that I wouldn't know :) 1267188952 M * BenG by the time I tried tcpdump, I realized that it was actually working 1267188977 M * BenG ah, but I could try it in the case were it doesn't work 1267188984 M * BenG see how that looks 1267189015 M * BenG I think though I have working set of commands, so I'll document them 1267189024 M * BenG that'll do 1267189027 M * Mr_Smoke Nice :) 1267189117 J * ViRUS ~mp@p579B5A34.dip.t-dialin.net 1267189148 Q * bonbons Quit: Leaving 1267189282 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267189388 Q * jrdnyquist Quit: Leaving 1267189983 J * jrdnyquist ~jrdnyquis@slayer.caro.net 1267190054 Q * BenG Quit: I Leave 1267190336 J * tpo ~tpo@cable-dynamic-87-245-106-94.shinternet.ch 1267190804 J * marcin ~marcin@flip.wutanic.com 1267191712 J * marcin_ ~marcin@flip.wutanic.com 1267191718 Q * marcin Read error: Connection reset by peer 1267194602 Q * sharkjaw Remote host closed the connection 1267195357 Q * balbir Read error: Connection reset by peer 1267196021 Q * ViRUS Quit: If there is Artificial Intelligence, then there's bound to be some artificial stupidity. (Thomas Edison) 1267196219 J * balbir ~balbir@122.172.57.78 1267196240 Q * Piet Remote host closed the connection 1267196300 J * Piet ~Piet__@7R1AAABLN.tor-irc.dnsbl.oftc.net 1267196413 Q * balbir Read error: Connection reset by peer 1267196435 Q * derjohn_foo Ping timeout: 480 seconds 1267196750 J * petzsch ~markus@dslb-092-078-157-030.pools.arcor-ip.net 1267197376 J * the_hydra ~mulyadi@111.94.14.158 1267197395 J * balbir ~balbir@122.172.56.113 1267199855 Q * tpo Ping timeout: 480 seconds 1267200580 M * ncopa I have uploaded alpine-vserver-1.10_rc3 1267200589 M * ncopa it includes debootstrap 1267200623 M * ncopa i realized that alpine really has something to offer as vserver guest 1267200638 M * ncopa debian guest is 130MB 1267200644 M * ncopa alpine is 2-3MB 1267200651 M * ncopa thats the base system 1267200676 M * ncopa so if you want run each service in separate vserver alpine might be an alternative 1267200748 M * ncopa the alpine-vserver iso is really nice for playing around and testing vserver features 1267200761 M * ncopa boot up to having first guest running takes 2 minutes 1267201025 M * Bertl I asked yesterday, what exactly is alpine-vserver-1.10_rc3? 1267201053 M * Bertl I guess it is some kind of micro distro? 1267201284 Q * balbir Read error: Connection reset by peer 1267201738 M * Bertl okay, off for now .. bbl 1267201745 N * Bertl Bertl_oO 1267202155 J * balbir ~balbir@122.172.107.230 1267202264 Q * barismetin Quit: Leaving... 1267202321 J * nono_ ~gomes@libation.ircam.fr 1267202362 Q * nono_ 1267202622 M * ncopa alpine-vserver is a "live cd" for vserver hosts 1267202652 Q * fleischergesell Ping timeout: 480 seconds 1267202670 M * ncopa you boot cdrom (or usb) and can immediatly create vserver guests 1267202687 M * ncopa you can configure network, mount /vserver partition to disk array 1267202694 M * ncopa and install vserver guests on disk 1267202716 M * ncopa then you save your configuration on usb 1267202729 M * ncopa so for next reboot from cdomr you get everything back as it was 1267202827 Q * DreamerC Quit: leaving 1267203242 Q * balbir Ping timeout: 480 seconds 1267203522 Q * ncopa Quit: Ex-Chat 1267203536 J * DreamerC ~DreamerC@122-116-181-118.HINET-IP.hinet.net 1267203684 J * dowdle ~dowdle@scott.coe.montana.edu 1267203894 J * balbir ~balbir@122.172.58.74 1267205079 Q * thierryp Ping timeout: 480 seconds 1267205295 J * Piet_ ~Piet__@7R1AAABSA.tor-irc.dnsbl.oftc.net 1267205594 Q * Piet Ping timeout: 480 seconds 1267205605 J * imcsk8 ~ichavero@148.229.1.11 1267205730 Q * Hunger Ping timeout: 480 seconds 1267206123 J * Hunger ~Hunger@Hunger.hu 1267208054 Q * the_hydra Quit: Leaving 1267208383 Q * gnuk Quit: NoFeature 1267208548 M * ghislain rahhhhhh debian kernel build is incompatible with 2.6.33 ..... 1267208562 M * ghislain life sucks 1267208564 M * ghislain ;) 1267209738 J * derjohn_foo ~aj@e180193243.adsl.alicedsl.de 1267210008 Q * FloodServ synthon.oftc.net services.oftc.net 1267210142 J * FloodServ services@services.oftc.net 1267211059 N * DoberMann[ZZZzzz] DoberMann[PullA] 1267211171 J * thierryp ~thierry@home.parmentelat.net 1267212029 Q * thierryp Quit: ciao folks 1267216630 J * tpo ~tpo@cable-dynamic-87-245-106-94.shinternet.ch 1267217312 Q * Bushmills Quit: Leaving. 1267217336 J * Bushmills ~l@scarydevilmonastery.net 1267219927 Q * bonbons Remote host closed the connection 1267220135 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267220304 Q * bonbons Remote host closed the connection 1267220603 J * bonbons ~bonbons@2001:960:7ab:0:2c0:9fff:fe2d:39d 1267224881 J * harobed_ ~harobed@arl57-1-82-231-110-14.fbx.proxad.net 1267225090 Q * petzsch Quit: Leaving. 1267225985 Q * harobed_ Ping timeout: 480 seconds