Hello Group, Building a new 1U server, I have iso images (stock), rh9 and rh 7.3. I thought I remember reading troubles with the stock RH9 Kernel. I was inclined to load RH9, latest shorewall, with running squid proxy with squidguard, pptp with poptop and multiple vpn pptp access with poptop running on the firewall as well as samba for file sharing and vpn access. Trying to avoid the long ISO image download to use what I have. I cant remember kernel version with the redhat iso I have with RH 9 But I can remember that it was not the latest kernel and I was buggy. Wondering which version you would recommend. I hope this is not off the focus of the list. Thanks, Mike PS I have not actually tried RH 8 or 9 in a production environment. I have plenty of RH 7.3 experiance I have tryed RH9 in test servers only.
On Mon, 15 Sep 2003, Mike wrote:> Hello Group, > Building a new 1U server, > I have iso images (stock), rh9 > and rh 7.3. > I thought I remember reading > troubles with the stock RH9 > Kernel. >The REJECT NetFilter target is broken in RH9 RedHat kernels. I normally use RH kernels but I''m currently running a locally built 2.4.21 kernel to avoid this problem. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
----- Original Message ----- From: "Tom Eastep" <teastep@shorewall.net> Subject: Re: [Shorewall-users] New Shorewall Box> On Mon, 15 Sep 2003, Mike wrote: > > Hello Group, > > Building a new 1U server, > > I have iso images (stock), rh9 > > and rh 7.3. > > I thought I remember reading > > troubles with the stock RH9 > > Kernel. > >> The REJECT NetFilter target is broken in RH9 RedHat kernels. Inormally> use RH kernels but I''m currently running a locally built 2.4.21 kernelto> avoid this problem.I recommend what I''m running: Mandrake 9.1, Kernel 2.4.21-0.13mdk, iptables 1.2.8, Shorewall 1.4.6c - mostly installable via RPMs provided by MandrakeSoft. Running fine and reliable. It''s no problem to compile anything on this box, as it comes with a full environment. MandrakeSoft is quite busy marketing the product on CDD, although it''s available for free as download. I''m not really affected by the above bug as I usually drop what I don''t want, not reject. Or am I missing something here? Regards, Robert Kehl PS: Wow, {line width:30} - never saw that beforehand, are you on a 8" screen? ;-)
On Tue, 16 Sep 2003, Robert Kehl wrote:> > I''m not really affected by the above bug as I usually drop what I don''t > want, not reject. Or am I missing something here? >With the bug, you will have problems accessing services that use auth (ident) unless your run an identd or unless you allow TCP port 113 inbound. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
----- Original Message ----- From: "Robert Kehl" <mailinglists@robertkehl.de> To: "Shorewall Users Mailing List" <shorewall-users@lists.shorewall.net> Sent: Monday, September 15, 2003 4:49 PM Subject: Re: [Shorewall-users] New Shorewall Box ----- Original Message ----- From: "Tom Eastep" <teastep@shorewall.net> Subject: Re: [Shorewall-users] New Shorewall Box> On Mon, 15 Sep 2003, Mike wrote: > > Hello Group, > > Building a new 1U server, > > I have iso images (stock), rh9 > > and rh 7.3. > > I thought I remember reading > > troubles with the stock RH9 > > Kernel. > >> The REJECT NetFilter target is broken in RH9 RedHatkernels. I normally> use RH kernels but I''m currently running a locally built2.4.21 kernel to> avoid this problem.I recommend what I''m running: Mandrake 9.1, Kernel 2.4.21-0.13mdk, iptables 1.2.8, Shorewall 1.4.6c - mostly installable via RPMs provided by MandrakeSoft. Running fine and reliable. It''s no problem to compile anything on this box, as it comes with a full environment. MandrakeSoft is quite busy marketing the product on CDD, although it''s available for free as download. I''m not really affected by the above bug as I usually drop what I don''t want, not reject. Or am I missing something here? Regards, Robert Kehl PS: Wow, {line width:30} - never saw that beforehand, are you on a 8" screen? ;-) I am a Redhat Fan myself, I noticed that I have my wrap at 30 thanks I am loading Rh 9 right now as we speak will upgrade the kernel after as I don''t have the source yet it would just be nice to have the upgraded kernel already. Thanks you guys, Mike __________________________________________ Shorewall-users mailing list Post: Shorewall-users@lists.shorewall.net Subscribe/Unsubscribe: http://lists.shorewall.net/mailman/listinfo/shorewall-users Support: http://www.shorewall.net/support.htm FAQ: http://www.shorewall.net/FAQ.htm
> On Mon, 15 Sep 2003, Mike wrote: > >> Hello Group, >> Building a new 1U server, >> I have iso images (stock), rh9 >> and rh 7.3. >> I thought I remember reading >> troubles with the stock RH9 >> Kernel. >> > > The REJECT NetFilter target is broken in RH9 RedHat kernels. I normally > use RH kernels but I''m currently running a locally built 2.4.21 kernel to > avoid this problem.Beside NPTL support, current RedHat kernels for RedHat 7.x are all the same like RedHat 9. So, expect the same bug in 7.3 too. Simon> > -Tom > -- > Tom Eastep \ Shorewall - iptables made easy > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: > http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >
Hello Tom, I went to rpmfind.net and installed this kernel in RH9 [root@localhost root]# uname -r 2.4.22-1.2040.nptl I was curiuos what the nptl kernels are? Tryed to read about it with no success :( Thanks Mike
On Wed, 2003-09-17 at 15:34, Mike wrote:> I went to rpmfind.net and installed this kernel in RH9 > [root@localhost root]# uname -r > 2.4.22-1.2040.nptl > I was curiuos what the nptl kernels are?I don''t know. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
On Thu, 2003-09-18 at 06:34, Mike wrote:> Hello Tom, > I went to rpmfind.net and installed this kernel in RH9 > [root@localhost root]# uname -r > 2.4.22-1.2040.nptl > I was curiuos what the nptl kernels are? > Tryed to read about it with no success :( >Native Posix Threading Library. -- http://www.shorewall.net Shorewall, for all your firewall needs
Hi Mike, Monday, September 15, 2003, 3:20:58 PM, you wrote: M> Hello Group, M> Building a new 1U server, M> I have iso images (stock), rh9 M> and rh 7.3. M> I thought I remember reading M> troubles with the stock RH9 M> Kernel. All kernels of all versions have bugs. Since the release of RH9 there have been several kernel updates. These updates are very easy available through red hat''s up2date service. It''s completely immaterial what kernel RH9 ships with, since I always immediately update it anyways. Get it installed. Get it updated. THEN move forward with everything else.