Up and running. Cooler than hammered Catshit(tm). Vastly easier than i''d expected. ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/
On Mon, 6 May 2002, John Andersen wrote:> > Up and running. > > Cooler than hammered Catshit(tm). > > Vastly easier than i''d expected. >Thanks for the update, John. I''ll remove the conflict rule from my RPM .spec file since there is also a run-time check against the kernel version. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
On 6 May 2002 at 17:31, Tom Eastep wrote:> On Mon, 6 May 2002, John Andersen wrote: > > > > > Up and running. > > > > Cooler than hammered Catshit(tm). > > > > Vastly easier than i''d expected. > > > > Thanks for the update, John. I''ll remove the conflict rule from my RPM > .spec file since there is also a run-time check against the kernel > version.I susequently used the tar rather than forcing the rpm. It would be nice to use the rpm, but not essential. Any pointers to the manual section where I can indicate not to log specific types of connections that are rejected? (ident rejects are obsuscating my logs as a result of internal pop requests). ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/
On Mon, 6 May 2002, John Andersen wrote:> > Any pointers to the manual section where I can indicate > not to log specific types of connections that are rejected? > (ident rejects are obsuscating my logs as a result of internal > pop requests). >Just add a non-logging REJECT rule to the /etc/shorewall/rules file. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
On 6 May 2002 at 17:38, Tom Eastep wrote:> On Mon, 6 May 2002, John Andersen wrote: > > > > > Any pointers to the manual section where I can indicate > > not to log specific types of connections that are rejected? > > (ident rejects are obsuscating my logs as a result of internal > > pop requests). > > > > Just add a non-logging REJECT rule to the /etc/shorewall/rules file.Yup, that killed them off. Thanks. ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/
Tom Eastep wrote:> On Mon, 6 May 2002, John Andersen wrote: > > > > > Up and running. > > > > Cooler than hammered Catshit(tm). > > > > Vastly easier than i''d expected. > > > > Thanks for the update, John. I''ll remove the conflict rule from my RPM > .spec file since there is also a run-time check against the kernel > version.Is that really necessary? There is obviously something wrong with John''s system, since the only kernel package he has is kernel-source (unless of course SuSE doesn''t use a kernel fileset). Why wouldn''t someone else have run into this problem with SuSE? IMHO the RPM check is a good idea to make sure that people can''t install it on older distros. Paul http://paulgear.webhop.net P.S. John, try "rpm --rebuilddb" sometime and see if that gives you anything different.
On Wed, 8 May 2002, Paul Gear wrote:> > Is that really necessary? There is obviously something wrong with John''s > system, since the only kernel package he has is kernel-source (unless of > course SuSE doesn''t use a kernel fileset). Why wouldn''t someone else > have run into this problem with SuSE? IMHO the RPM check is a good idea > to make sure that people can''t install it on older distros. >I''m leaving in the iptables dependency and presumbably the distros make iptables dependent on what ever the ^%$# they call their kernel RPM. On names all begin with "k_". -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
On 8 May 2002 at 5:59, Paul Gear wrote:> Tom Eastep wrote: > > > On Mon, 6 May 2002, John Andersen wrote: > > > > > > > > Up and running. > > > > > > Cooler than hammered Catshit(tm). > > > > > > Vastly easier than i''d expected. > > > > > > > Thanks for the update, John. I''ll remove the conflict rule from my RPM > > .spec file since there is also a run-time check against the kernel > > version. > > Is that really necessary? There is obviously something wrong with John''s > system, since the only kernel package he has is kernel-source (unless of > course SuSE doesn''t use a kernel fileset). Why wouldn''t someone else have > run into this problem with SuSE? IMHO the RPM check is a good idea to > make sure that people can''t install it on older distros. > > Paul > http://paulgear.webhop.net > > P.S. John, try "rpm --rebuilddb" sometime and see if that gives you > anything different.Not necessary, I checked on the CDs direct from SuSE. That is not the name they use in their distro for the kernal package. Besides, if you download the kernel source from kernel.org or somewhere and build a 2.4 kernel on a 2.0 machine you would still be blocked from installing the RPM because the rpm database would still say 2.0. The running kernal should be detected with uname -a instead of what the rpm database says. ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/
John Andersen wrote:> ... > > P.S. John, try "rpm --rebuilddb" sometime and see if that gives you > > anything different. > > Not necessary, I checked on the CDs direct from SuSE. > That is not the name they use in their distro for the > kernal package.Fair enough.> ... > Besides, if you download the kernel source from kernel.org > or somewhere and build a 2.4 kernel on a 2.0 machine > you would still be blocked from installing the RPM because > the rpm database would still say 2.0. > > The running kernal should be detected with uname -a instead > of what the rpm database says.I think if people are going to do that, they should have to install the tarball version. If you''re going to use RPM, you should do it right. You can always override with --nodeps. (Incidentally, did anyone suggest that you try that?) Paul http://paulgear.webhop.net
On 8 May 2002 at 6:11, Paul Gear wrote: > > The running kernal should be detected with uname -a instead> > of what the rpm database says. > > I think if people are going to do that, they should have to install the > tarball version. If you''re going to use RPM, you should do it right. You > can always override with --nodeps. (Incidentally, did anyone suggest that > you try that?)Yup, If you wade thru the whole thread, you will see where Tom suggested that, and that''s what I did, so I''m a happy camper right now. It would be nice to have the rpm work, but the tarball is just as easy. ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/
On Tue, 7 May 2002, Tom Eastep wrote:> > I''m leaving in the iptables dependency and presumbably the distros make > iptables dependent on what ever the ^%$# they call their kernel RPM. On > names all begin with "k_". >Hmmm - something went missing there :-) On the SuSE FTP site in the 7.3 directory, it appears that all of the kernel RPMs begin with "k_". It is odd that we''ve only seen one instance of failure with the RPM though.... Anyone else on the list had problems (or success) with the 1.2.13 RPM on SuSE 7.3? -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net
On 7 May 2002 at 13:26, Tom Eastep wrote:> On Tue, 7 May 2002, Tom Eastep wrote: > > > > > I''m leaving in the iptables dependency and presumbably the distros make > > iptables dependent on what ever the ^%$# they call their kernel RPM. On > > names all begin with "k_". > > > > Hmmm - something went missing there :-) > > On the SuSE FTP site in the 7.3 directory, it appears that all of the > kernel RPMs begin with "k_". It is odd that we''ve only seen one instance > of failure with the RPM though.... > > Anyone else on the list had problems (or success) with the 1.2.13 RPM on > SuSE 7.3?I''d also ask if Anyone else who is running an SMP SuSE kernel? They have three varieties of those, smp, psmp (sans PAE needed for vmware) and a 2.2 smp kernel. ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/
John Andersen wrote: [...]> > I''d also ask if Anyone else who is running an SMP SuSE kernel? > > They have three varieties of those, > smp, > psmp (sans PAE needed for vmware) > and a 2.2 smp kernel.yes, I checked on another machine which is running SuSE 7.1 and has this package from initial install: lx_sus24-2.4.0.SuSE-5 We are not running a SuSE kernel anymore but this package remained. Same conflict occurs as with Johns kernel. Christian