1351558887 Q * isAAAc Quit: Konversation terminated! 1351559172 Q * clopez Ping timeout: 480 seconds 1351561572 J * cuba33ci_ ~cuba33ci@1-164-210-115.dynamic.hinet.net 1351561923 Q * cuba33ci Ping timeout: 480 seconds 1351561924 N * cuba33ci_ cuba33ci 1351564423 Q * cuba33ci Read error: Connection reset by peer 1351564515 J * cuba33ci ~cuba33ci@114-25-202-71.dynamic.hinet.net 1351564665 J * fisted_ ~fisted@xdsl-87-78-141-179.netcologne.de 1351564946 Q * nlm_ Remote host closed the connection 1351565070 Q * fisted Ping timeout: 480 seconds 1351565070 N * fisted_ fisted 1351566310 J * cuba33ci_ ~cuba33ci@114-36-226-140.dynamic.hinet.net 1351566660 Q * cuba33ci Ping timeout: 480 seconds 1351566666 N * cuba33ci_ cuba33ci 1351574641 M * Bertl off to bed now ... have a good one everyone! 1351574647 N * Bertl Bertl_zZ 1351575464 Q * FireEgl Read error: Connection reset by peer 1351576321 J * FireEgl FireEgl@2001:470:e5ad:1:d46c:729:8fb6:6dcf 1351577423 J * sannes ~ace@cm-84.211.87.28.getinternet.no 1351580133 J * Ghislain ~aqueos@adsl1.aqueos.com 1351580383 Q * ensc|w Remote host closed the connection 1351580393 J * ensc|w ~ensc@www.sigma-chemnitz.de 1351581616 M * fr00d Hello 1351581681 M * fr00d I have a vserver here which says Adress already in use when starting proftpd. I cannot see any binding within the vserver or within the host for this ip and port. Is there a tool to show alle IP/Port bindings of all vservers and the hosting server? 1351582896 J * kir ~kir@swsoft-msk-nat.sw.ru 1351582918 M * daniel_hozac ncontext --nid 1 --migrate -- vcontext --xid 1 --migrate -- netstat -pnlt 1351583469 Q * kir Ping timeout: 480 seconds 1351584221 J * kir ~kir@swsoft-msk-nat.sw.ru 1351584705 Q * kir Ping timeout: 480 seconds 1351585507 J * kir ~kir@swsoft-msk-nat.sw.ru 1351586083 Q * kir Ping timeout: 480 seconds 1351586705 J * kir ~kir@swsoft-msk-nat.sw.ru 1351587250 Q * kir Ping timeout: 480 seconds 1351588417 Q * fisted Quit: leaving 1351588577 J * kir ~kir@swsoft-msk-nat.sw.ru 1351588596 Q * Aiken Remote host closed the connection 1351588635 J * dna ~dna@35-172-103-86.dynamic.dsl.tng.de 1351588731 J * fisted ~fisted@xdsl-87-78-141-179.netcologne.de 1351589060 Q * kir Ping timeout: 480 seconds 1351589436 J * BenG ~bengreen@cpc29-aztw23-2-0-cust144.18-1.cable.virginmedia.com 1351589697 J * kir ~kir@swsoft-msk-nat.sw.ru 1351590420 Q * kir Ping timeout: 480 seconds 1351591046 J * kir ~kir@swsoft-msk-nat.sw.ru 1351591046 Q * Romster Read error: Connection reset by peer 1351591618 Q * kir Ping timeout: 480 seconds 1351592261 J * kir ~kir@swsoft-msk-nat.sw.ru 1351592606 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com 1351592623 J * clopez ~clopez@fanzine.igalia.com 1351593411 Q * Romster Quit: kernel update 1351593460 Q * fisted Ping timeout: 480 seconds 1351593653 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com 1351595959 Q * Romster Read error: Connection reset by peer 1351596012 J * Romster ~romster@202.168.100.149.dynamic.rev.eftel.com 1351597105 Q * sannes Ping timeout: 480 seconds 1351597194 Q * ircuser-1 Ping timeout: 480 seconds 1351598904 Q * BenG Quit: I Leave 1351600648 J * ircuser-1 ~ircuser-1@35.222-62-69.ftth.swbr.surewest.net 1351601821 J * nlm_ ~nlm@host127.186-108-245.telecom.net.ar 1351602778 N * Bertl_zZ Bertl 1351602781 M * Bertl morning folks! 1351602891 M * Ghislain morning bertl ! 1351604143 Q * nkukard Ping timeout: 480 seconds 1351604448 J * quasisane ~sanep@c-24-218-184-186.hsd1.nh.comcast.net 1351605048 Q * nlm_ Ping timeout: 480 seconds 1351607891 Q * dna Quit: Verlassend 1351608010 J * nlm_ ~nlm@host127.186-108-245.telecom.net.ar 1351608071 P * kir PING 1351608071 1351609954 Q * geos_one Remote host closed the connection 1351610769 M * Bertl off for now ... bbl 1351610773 N * Bertl Bertl_oO 1351611975 J * nkukard ~nkukard@41-133-237-213.dsl.mweb.co.za 1351612036 N * ensc Guest3751 1351612045 J * ensc ~irc-ensc@p54ADE40A.dip.t-dialin.net 1351612455 Q * Guest3751 Ping timeout: 480 seconds 1351613499 J * geos_one ~chatzilla@80.123.185.198 1351616715 J * bonbons ~bonbons@2001:960:7ab:0:b899:8a22:ecd:ded7 1351616797 J * wombat555 ~chatzilla@c-24-34-74-228.hsd1.ma.comcast.net 1351616804 M * wombat555 We're trying to ssh to a vserver guest on a cloud server at Terremark working from http://linux-vserver.org/Networking_vserver_guests. Terremark has a public/private IP paradym, where through their interface you can start an "on the fly" SSL/VPN and then on the public side expose a public IP and assign it ports. This means you cannot assign the public port to the vserver guest IP. 1351616930 M * wombat555 Not sure how to trouble shoot this. Right now getting a message that says "No more authentication methods to try. 1351616932 M * wombat555 Permission denied (publickey)." We are using a set of steps to build vservers locally and can get to them via the internet by mapping a port on a home router. We use the same steps up in the cloud, so think the ssh error may be misleading 1351617023 M * wombat555 If we do "iptables -t nat -L -v -n" on the host, we get (for this post, we're disguising the public IP): iptables -t nat -L -v -n 1351617025 M * wombat555 Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) 1351617027 M * wombat555 pkts bytes target prot opt in out source destination 1351617028 M * wombat555 145 7540 DNAT tcp -- * * !192.168.1.0/24 0.0.0.0/0 tcp dpt:222 to:192.168.1.1:22 1351617030 M * wombat555 Chain POSTROUTING (policy ACCEPT 4 packets, 280 bytes) 1351617031 M * wombat555 pkts bytes target prot opt in out source destination 1351617033 M * wombat555 10 710 SNAT all -- * * 192.168.1.0/24 !192.168.1.0/24 to:xxx.xxx.xxx.xxx 1351617034 M * wombat555 Chain OUTPUT (policy ACCEPT 14 packets, 990 bytes) 1351617036 M * wombat555 pkts bytes target prot opt in out source destination 1351617050 M * daniel_hozac are you specifying port 222? 1351617061 M * wombat555 Yes - on the public ip 1351617072 M * wombat555 ....and 22 on the guest 1351617103 M * daniel_hozac so when you ssh, you do ssh -p 222? 1351617141 M * wombat555 Yes - ssh -X -v -p 222 user@xxx.xxx.xxx.xxx 1351617177 M * daniel_hozac did you configure ssh to only allow public keys? 1351617204 M * wombat555 I think so....can double check sshd_config 1351617260 M * wombat555 Hang on... 1351618979 M * wombat555 Sorry - back: here's the sshd_config: # Package generated configuration file 1351618981 M * wombat555 # See the sshd_config(5) manpage for details 1351618983 M * wombat555 # What ports, IPs and protocols we listen for 1351618984 M * wombat555 Port 22 1351618986 M * wombat555 # Use these options to restrict which interfaces/protocols sshd will bind to 1351618988 M * wombat555 #ListenAddress :: 1351618990 M * wombat555 1351618991 M * wombat555 ListenAddress 192.168.1.1 1351618993 M * wombat555 Protocol 2 1351618994 M * wombat555 # HostKeys for protocol version 2 1351618996 M * wombat555 HostKey /etc/ssh/ssh_host_rsa_key 1351618997 M * wombat555 HostKey /etc/ssh/ssh_host_dsa_key 1351618999 M * wombat555 #Privilege Separation is turned on for security 1351619000 M * wombat555 UsePrivilegeSeparation yes 1351619002 M * wombat555 # Lifetime and size of ephemeral version 1 server key 1351619003 M * wombat555 KeyRegenerationInterval 3600 1351619005 M * wombat555 ServerKeyBits 768 1351619007 M * wombat555 # Logging 1351619008 M * wombat555 SyslogFacility AUTH 1351619010 M * wombat555 LogLevel INFO 1351619011 M * wombat555 # Authentication: 1351619013 M * wombat555 LoginGraceTime 120 1351619014 M * wombat555 PermitRootLogin no 1351619016 M * wombat555 StrictModes no 1351619017 M * wombat555 RSAAuthentication yes 1351619019 M * wombat555 PubkeyAuthentication yes 1351619020 M * wombat555 AuthorizedKeysFile %h/.ssh/authorized_keys 1351619022 M * wombat555 # Don't read the user's ~/.rhosts and ~/.shosts files 1351619023 M * wombat555 IgnoreRhosts yes 1351619025 M * wombat555 # For this to work you will also need host keys in /etc/ssh_known_hosts 1351619026 M * wombat555 RhostsRSAAuthentication no 1351619028 M * wombat555 # similar for protocol version 2 1351619029 M * wombat555 HostbasedAuthentication no 1351619031 M * wombat555 # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication 1351619032 M * wombat555 #IgnoreUserKnownHosts yes 1351619034 M * wombat555 # To enable empty passwords, change to yes (NOT RECOMMENDED) 1351619035 M * wombat555 PermitEmptyPasswords yes 1351619037 M * wombat555 # Change to yes to enable challenge-response passwords (beware issues with 1351619038 M * wombat555 # some PAM modules and threads) 1351619040 M * wombat555 ChallengeResponseAuthentication no 1351619041 M * wombat555 # Change to no to disable tunnelled clear text passwords 1351619043 M * wombat555 PasswordAuthentication no 1351619044 M * wombat555 # Kerberos options 1351619046 M * wombat555 #KerberosAuthentication no 1351619047 M * wombat555 #KerberosGetAFSToken no 1351619049 M * wombat555 #KerberosOrLocalPasswd yes 1351619050 M * wombat555 #KerberosTicketCleanup yes 1351619052 M * wombat555 # GSSAPI options 1351619054 M * wombat555 #GSSAPIAuthentication no 1351619055 M * wombat555 #GSSAPICleanupCredentials yes 1351619057 M * wombat555 X11Forwarding yes 1351619058 M * wombat555 X11DisplayOffset 10 1351619060 M * wombat555 PrintMotd no 1351619061 M * wombat555 PrintLastLog yes 1351619063 M * wombat555 TCPKeepAlive yes 1351619064 M * wombat555 #UseLogin no 1351619066 M * wombat555 #MaxStartups 10:30:60 1351619067 M * wombat555 #Banner /etc/issue.net 1351619069 M * wombat555 # Allow client to pass locale environment variables 1351619070 M * wombat555 AcceptEnv LANG LC_* 1351619072 M * wombat555 Subsystem sftp /usr/lib/openssh/sftp-server 1351619073 M * wombat555 # Set this to 'yes' to enable PAM authentication, account processing, 1351619075 M * wombat555 # and session processing. If this is enabled, PAM authentication will 1351619076 M * wombat555 # be allowed through the ChallengeResponseAuthentication and 1351619078 M * wombat555 # PasswordAuthentication. Depending on your PAM configuration, 1351619079 M * wombat555 # PAM authentication via ChallengeResponseAuthentication may bypass 1351619081 M * wombat555 # the setting of "PermitRootLogin without-password". 1351619082 M * wombat555 # If you just want the PAM account and session checks to run without 1351619084 M * wombat555 # PAM authentication, then enable this but set PasswordAuthentication 1351619085 M * wombat555 # and ChallengeResponseAuthentication to 'no'. 1351619087 M * wombat555 UsePAM yes 1351619088 M * wombat555 X11UseLocalhost no 1351619090 M * wombat555 XAuthLocation /usr/bin/xauth 1351619091 M * wombat555 AllowUsers x2gousers user 1351619126 M * wombat555 PS - this is the sshd_config for the vserver guest. Also FYI, my understanding is that Ping isn't necessarily a great test, but the documentation says you should be able to ping out from the vserver guest, and that doesn't work (service ssh status says ssh is running on the guest). 1351619214 M * Bertl_oO (please use paste.linux-vserver.org for everything longer than 3 lines) 1351619220 N * Bertl_oO Bertl 1351619240 M * Bertl wombat555: did you check the actual packets with tcpdump on the host? 1351619745 M * wombat555 Sorry about the long post - will use paste.linux-vserver.org going forward. 1351619770 M * wombat555 And no, did not check the actual packets with tcpdump on the host- assume that's the next step to do? 1351619831 M * Bertl well, it should be the first one if something unexpected happens 1351619856 M * wombat555 Thanks Bertl...hang on... 1351619867 M * Bertl also, make sure to disable any firewall while testing 1351619883 M * Bertl especially inbound traffic is normally blocked by default 1351621269 M * wombat555 Have posted tcpdump at http://paste.linux-vserver.org/23035. Wasn't sure how long to let it run....and hope disguising addresses doesn't cause a problem. As best I know (which may be the problem) our home router (linksys) shouldn't be a problem - only IPTables are on host created from vserver guest post mentioned earlier (no iptables on guest). Don't know if Terremark firewalls may be an... 1351621271 M * wombat555 ...issue.... 1351621473 J * fisted ~fisted@xdsl-87-78-9-80.netcologne.de 1351621488 M * Bertl well, what did you test there? 1351621507 M * Bertl we see traffic from and to port 222 which looks fine 1351621670 M * Bertl i.e. something answers at this port, now what is the actual problem? 1351621931 M * wombat555 Am trying to ssh to guest (ssh -X -v -p 222 collins.p@204.51.98.223) and am getting debug1: Trying private key: /home/soho/.ssh/id_dsa 1351621933 M * wombat555 debug1: No more authentication methods to try. 1351621935 M * wombat555 Permission denied (publickey). And overly long post showed sshd_config for guest. 1351621962 M * Bertl what does the debug on the server say? 1351621982 M * Bertl (i.e. from sshd on the guest) 1351622072 M * wombat555 hang on... 1351622421 M * wombat555 Sorry Bertl - do you mean from /var/log/auth.log on the guest? There are a number of lines at the bottom there: Oct 30 18:39:02 vserverxx sshd[7258]: Did not receive identification string from xx.xx.4.2. Is that what you meant? 1351622458 M * Bertl no, stop sshd inside the guest, start it with -D -d 1351622471 M * wombat555 OK...hang on... 1351622472 M * Bertl try one connect, and record the output of sshd 1351622997 M * wombat555 Sorry, afraid I'm lost. On Guest, stop ssh (service ssh stop). Start it with "service ssh start -D -d" and get root@vserverxx:/# service ssh start -D -d 1351622999 M * wombat555 Starting OpenBSD Secure Shell server: sshd 1351623043 M * wombat555 Then try to connect from client. Connection fails. Same Starting OpenBSD Secure Shell server: sshd stays on guest terminal. Is there a file being created I need to find? 1351623045 M * Bertl after the service stop, try `which sshd` -D -s 1351623054 M * wombat555 OK.. 1351623060 M * Bertl -D -d I mean 1351623242 M * daniel_hozac wombat555: have you setup key authentication? 1351623254 M * daniel_hozac set permissions on authorized_keys and .ssh correctly? 1351623314 M * wombat555 Another post...http://paste.linux-vserver.org/23036. I can "undisguise" the ip at the bottom.....it's not one I recognize as the private for the host but within the same sort of address range... 1351623366 M * wombat555 duh...disguised it in last line, but not line before so it's there... 1351623423 M * wombat555 Could this be some sort of firewall at Terremark (over which we'll have no control)? 1351623443 M * daniel_hozac no 1351623448 M * daniel_hozac it's getting connected 1351623454 M * wombat555 OK 1351623455 M * daniel_hozac your authentication just doesn't work. 1351623458 M * Bertl try the sshd debug run 1351623495 M * Bertl in 99% of all ssh problems, sshd clearly says what goes wrong 1351623713 M * wombat555 again, newbie question: on server, do "service sshd -d", try to connect, then report results? 1351623744 M * Bertl service is a wrapper, it won't pass any arguments to the actual program 1351623763 M * Bertl you simply want to stop the service, and start sshd manually with -D and -d 1351623782 M * wombat555 OK....hang on (again) 1351623793 M * Bertl you could also hack the scripts to add those options of course, but no point in doing that for a test run 1351624430 Q * clopez Ping timeout: 480 seconds 1351624436 M * ard [18:44] AllowUsers x2gousers user 1351624453 M * ard and then trying to login as colling wouldn't actually work I guess 1351624545 A * ard would remove that line from the sshd config 1351624601 M * ard Or add collins.p to the AllowUsers line 1351624825 M * ard yes, thinking about it, keep the AllowUsers, but only have accounts there that should actually be able to log in... 1351625104 A * ard at least had a real networking problem 1351625158 M * ard the intel gigabit nic broke in such a way that the driver didn't notice it, except for getting a lot of high system cpy usage... 1351625269 M * ard Probably the drivers was spinlocked waiting on the card to give some status info, but suddenly that card didn't give that info anymore. 1351625296 M * ard Hard to pinpoint, but in the end there is nothing else failing. 1351625478 M * wombat555 Yes - I think the AllowUsers is OK... disguising real user names... 1351625509 M * Bertl do you have the debug run by now? 1351625640 M * wombat555 OK - so on guest did /etc/init.d/ssh start -D -d Then tried to connect (failed). Then did `which sshd` -D -d...is that right? if so, will post results 1351625651 M * Bertl *sigh* 1351625680 M * Bertl service ssh stop 1351625687 M * Bertl `which sshd` -D -d 1351625696 M * Bertl then connect to the guest and record the output 1351626162 M * wombat555 Hope I did it right...http://paste.linux-vserver.org/23037 1351626190 M * wombat555 Appreciate the help... 1351626481 M * Bertl doesn't look like you got an ssh connection 1351626552 M * wombat555 I think that's right - on client times out with "public key" error, but I don't think it's an sshd_config problem... 1351626570 M * Bertl probably not, looks more like firewall to me 1351626585 M * Bertl (or incomplete S/DNAT if that is involved) 1351626604 J * vspas ~vspas@82-169-243-226.ip.telfort.nl 1351626616 M * wombat555 Could it be a Terremark firewall (they are the cloud provider). If it's a problem there... 1351626631 M * Bertl try again, same procedure, this time, use tcpdump on the host to dump the actual packets 1351626713 M * wombat555 OK...really appreciate you're help(!). FYI - am working off of http://linux-vserver.org/Networking_vserver_guests....and can post the iptable commands we used if you want. Let me try last suggestion.... 1351627073 J * Aiken ~Aiken@2001:44b8:2168:1000:21f:d0ff:fed6:d63f 1351627363 M * wombat555 TCPdump: http://paste.linux-vserver.org/23038 1351627410 M * wombat555 FYI - on host started tcpdump, then on guest did procedure (including trying to connect from client)...when connect failed, stopped tcpdump on host and copied output. Hope that's right... 1351627525 M * Bertl try with tcpdump -vvnei eth0 (or whatever the interface is) 1351627541 M * wombat555 OK... 1351627558 M * Bertl you can also limit it to packets involving the port 1351627967 M * wombat555 Next post with tcpdump -vvnei eth0 (not sure, but don't think I tried to limit packets involving the port): http://paste.linux-vserver.org/23039 1351628075 M * Bertl something on the host seems to drop your packets, are you sure that the host is not running a firewall? 1351628107 M * daniel_hozac Bertl: what makes you say that? it looks to me like it gets the connection fine. 1351628129 M * Bertl not the incoming ones, the outgoing ones 1351628149 M * Bertl thus ssh tries to connect over and over again 1351628161 M * Bertl and sshd doesn't receive an identification 1351628161 M * wombat555 Not to my knowledge, but could be wrong....has iptables and have been using "defaults" other than iptable commands we are using. Let me post iptables -t nat -L 1351628180 M * Bertl run iptables-save and upload that 1351628195 M * wombat555 OK... 1351628222 M * Bertl daniel_hozac: so either the packets are dropped or incorrectly natted 1351628233 M * daniel_hozac Bertl: looks to me like it gets the packets and it just doesn't know how to authenticate 1351628239 M * daniel_hozac e.g., the user doesn't have keys. 1351628256 M * Bertl so why would sshd not even receive an ident string? 1351628318 M * Bertl all I see in the tcpdump is the same 'syn' over and over 1351628328 M * Bertl each one gets acked but nothing else happens 1351628389 M * Bertl daniel_hozac: where in the tcpdump do you see an authentication attempt? 1351628468 M * daniel_hozac 42-49 1351628519 M * wombat555 Next post (iptables_save and iptables -t nat -L -v -n....) http://paste.linux-vserver.org/23040 1351628525 M * Bertl 52 bytes is the syn, 40 bytes is the ack, no data there, no? 1351628645 M * wombat555 Is line with destination 0.0.0.0/0 the problem? 1351628664 M * Bertl wombat555: do you have another machine on the same lan? 1351628675 M * Bertl i.e. the 192.168.1.0/24 1351628738 M * wombat555 Up on the cloud server, no, but my local lan yes... 1351628785 M * wombat555 Have tried other IPs on cloud server, vserver guest for what it's worth like 10.1.1.1 1351628789 M * Bertl anything in /var/log/messages on the guest? 1351628796 M * wombat555 Hang on... 1351628906 M * Bertl anything in /etc/hosts.deny ? 1351629111 M * wombat555 Trying to post /var/log/messages from guest and am getting: Your post could not be processed. It looks like spam. 1351629332 M * wombat555 Will try var/log/messages again in a minute....http://paste.linux-vserver.org/23041 shows /etc/hosts.deny for guest, but I think it's the same for the host as well. 1351629506 M * wombat555 Something about /var/log/messages from guest that paste.linux-server.org thinks is spam... 1351629664 M * wombat555 Will post last few lines from guest's /var/log/messages here.... 1351629665 M * wombat555 Oct 30 17:18:58 vserver18 kernel: Kernel logging (proc) stopped. 1351629673 M * wombat555 Oct 30 17:18:58 vserver18 rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="3819" x-info="http://www.rsyslog.com"] exiting on signal 15. 1351629679 M * wombat555 Oct 30 17:19:02 vserver18 kernel: imklog 4.6.4, log source = /proc/kmsg started. 1351629686 M * wombat555 Oct 30 17:19:02 vserver18 rsyslogd: [origin software="rsyslogd" swVersion="4.6.4" x-pid="5060" x-info="http://www.rsyslog.com"] (re)start 1351629741 M * wombat555 I think this sequence of log entries keeps repeating... 1351629754 M * Bertl try to ssh from the host to the guest instead from outside 1351629772 M * Bertl (also with the -D -d debug options) 1351629818 M * wombat555 Don't have ssh running on host (hope that was clear from earlier in this session...) but can set it up 1351629828 M * Bertl please do so 1351629833 M * Bertl ssh not sshd 1351629871 M * wombat555 OK, hang on 1351630614 M * wombat555 http://paste.linux-vserver.org/23042 Connecting from host to guest (ssh -X -v -p 22 user@192.168.1.1 ), think connection was made. FYI - couldn't do anything once connected (e.g., ls -la) but login prompt changed to user name... is connecting progress? 1351630745 M * Bertl yep, that looks like a proper ssh connection to me 1351630828 M * wombat555 cool...so am I doing something wrong in terms of IP tables? FYI, I think you've said it's not a very good test, but once inside the guest I can't ping the outside...nor as you've been working so hard to help me solve, ssh from the outside. 1351630862 M * Bertl well, ping is icmp, and you do not even handle that with your iptables entries 1351630877 M * wombat555 OK... 1351630883 M * Bertl so, as I already said, and you already know, ping is a bad test for this part 1351630937 M * Bertl I have to leave right now, but I'll be back in a few hours, I'd suggest to test with a simple telnet server (or even netcat on the guest) as I still suspect that packets are mangled or intercepted to the outside 1351630960 M * Bertl normally the next step would be to test the iptables stuff from a second machine in the same lan 1351630969 M * wombat555 What time is it your time? Must be very late? 1351631002 M * Bertl local time is 10pm, but don't worry, I'll be back later 1351631008 M * wombat555 Will see what I can do while your gone - you're help is so valuable - in all sincerity, you're a prince 1351631030 M * wombat555 Even if I can't spell 1351631034 M * Bertl no problem, you're welcome! 1351631249 M * Bertl off for now ... bbl 1351631253 N * Bertl Bertl_oO 1351632694 Q * bonbons Quit: Leaving 1351637381 P * vspas 1351637902 Q * micah Remote host closed the connection 1351637906 J * micah ~micah@199.254.238.47 1351638806 Q * FireEgl Read error: Connection timed out 1351638925 M * wombat555 l 1351639828 J * FireEgl FireEgl@2001:470:e5ad:1:dd38:e5d1:6562:1e23