dxtr: Do some support now :D
***: LT has joined #arpnetworks
sentabi_co has joined #arpnetworks
jwfoxjr has quit IRC (Ping timeout: 258 seconds)
jwfoxjr has joined #arpnetworks
sentabi_co has quit IRC (Ping timeout: 264 seconds)
sentabi_co has joined #arpnetworks
schmir has joined #arpnetworks
visinin has quit IRC (Quit: sleep)
sentabi_co has quit IRC (Ping timeout: 272 seconds)
sentabi_co has joined #arpnetworks
sentabi_co has quit IRC (Ping timeout: 240 seconds)
sentabi_co has joined #arpnetworks
schmir has quit IRC (Read error: Connection reset by peer)
schmir has joined #arpnetworks
infrared: up_the_irons: thanks :)
***: schmir has quit IRC (Ping timeout: 240 seconds)
schmir has joined #arpnetworks
sentabi_co has quit IRC (Ping timeout: 272 seconds)
sentabi_co has joined #arpnetworks
infrared has quit IRC (Quit: leaving)
schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
sentabi_co has quit IRC ()
schmir has quit IRC (Ping timeout: 260 seconds)
schmir has joined #arpnetworks
heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
jwfoxjr has quit IRC (Remote host closed the connection)
ziyourenxiang has joined #arpnetworks
cedwards: I have a pf question for those that are more experienced with pf than I (read: everyone).
***: ziyourenxiang has quit IRC (Quit: ziyourenxiang)
mhoran: We might have an answer.
cedwards: I use BIND locally in a forward-only configuration.
my forwarders are 8.8.8.8 and 8.8.4.4 (Google).
The oddity that I'm trying to understand / resolve is this output in my daily logs:
http://pastebin.com/mxVDuNGG
if I'm initiating the connection I wouldn't think there would be problems getting back in. If they are initiating a connection, 1) why? 2) sholud that be something I let through?
and if so how to I allow randomized destination ports, or do I set a source port allow rule?
leander: with udp there is no such thing as a connection or session
this seems so be the return traffic that contains the answer of your dns queries
http://www.openbsd.org/faq/pf/filter.html#udpstate describes this more detailed
cedwards: the strange thing is that DNS is functioning as I would expect.
so I'm sure some/most requests are being answered and returned properly.
I just started noticing those lines in my logs though, so I thought it was worth looking into.
leander: could also be that this is return dns traffic that arrives after the timeout is reached
cedwards: in which case it's harmless
leander: yes
you could increase the timeout in PF
default is 10 seconds
cedwards: doesn't sound like it's too critical. I may just watch it and see if it keeps up.
I've found a few more pf related lines in my logs. I think I need to learn how to read this output better.
***: RandalSchwartz has quit IRC (Quit: updating OS)
RandalSchwartz has joined #arpnetworks
RandalSchwartz: Yeay - upgraded to 8.0-release-p3
Had troubles booting the box though... maybe I was just impatient
looked like it was sitting at the freebsd boot menu
so I hard-cycled it one more time, and everything worked the second time
***: vtoms has joined #arpnetworks
cedwards: mine didn't seem to have any problems coming up, thankfully.
RandalSchwartz: well - yeah, the smaller $20 VPS worked just fine
maybe the big 200GB disk took a bit to verify
anyway, I'm now at least protected against the latest OPIE potential attack
***: schmir has quit IRC (Ping timeout: 265 seconds)
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
LT has quit IRC (Quit: Leaving)
cedwards has quit IRC (Quit: leaving)
cedwards has joined #arpnetworks
vtoms has quit IRC (Quit: Leaving.)
jdoe: RandalSchwartz: haven't bothered rebooting yet. The kernel patch bit doesn't actually affect me.
RandalSchwartz: you're not using anything with logins?
jdoe: opie isn't a kernel patch
the kernel patch is for the nfs fix
RandalSchwartz: have you restarted the services then?
so they link to the new shared lib?
cedwards: my box just went crazy and I had to hard-boot it. strange.
jdoe: it's already disabled for ossh, I don't use ftp
so I should be safe on that front too.
at least, that's my understanding.
gotta say though, I love how freebsd doesn't have a kernel patch every 30 seconds.
bob^^: freebsd <3
***: viq has quit IRC (Quit: Shin! Shin! Sei! Kyu! Sai!)
cedwards: zfs ftw
I just did some major maintenance on my webserver, and the whole time I was thinking to myself "I did a snapshot yesterday. No need to worry"
jdoe: cedwards: tell that to Joyent ;)
cedwards: man it is _so_ dead at work today.
RandalSchwartz: three day weekend
cedwards: my boss started his on Wed.
jdoe: quiet here too.
RandalSchwartz: "a little TOO quiet...."
***: vinnyt has joined #arpnetworks
vinnyt has quit IRC (Client Quit)
vinnyt has joined #arpnetworks
vinnyt has quit IRC (Client Quit)
visinin has joined #arpnetworks
RandalSchwartz: is it too early to say Gary Coleman died of some sort of different stroke?
mike-burns: Nah, we just said that at work.
RandalSchwartz: heh
so I wasn't the only one thinking it
I wonder if the press is very careful not to call it a Stroke for that reason
jdoe: I doubt it. Headlines are written for pagerank not to be clever, they're clearly trying to cash in on the highly desired "intercranial hemorrhage" search market...
RandalSchwartz: "stroke 'em if you got 'em"
visinin: aw dude come on :(
we don't need to bring sexism into this
RandalSchwartz: heh - looks like the tweet crowd beat me too it
"Gary Coleman used to be under 4 feet. Now he's four feet under!"
***: cedwards has quit IRC (Quit: leaving)
cedwards has joined #arpnetworks
cmeiklejohn has quit IRC (Ping timeout: 260 seconds)
cedwards: wish me luck. doing a perl5.8 -> 5.10 port upgrade on one of my jails.
-: RandalSchwartz cues the jailhouse blues music
***: visinin has quit IRC (Quit: leaving)
jdoe: hrm...
***: bob^^ has quit IRC (Quit: Changing server)
bob^^ has joined #arpnetworks
AndrewBC has quit IRC (Ping timeout: 248 seconds)
AndrewBC_ has joined #arpnetworks
AndrewBC_ is now known as AndrewBC
heavysixer has quit IRC (Quit: heavysixer)
BarberRonny has quit IRC (Quit: leaving)
infrared has joined #arpnetworks
infrared: hi
cedwards: hi
***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
heavysixer has quit IRC (Quit: heavysixer)
jdoe: whee.
RandalSchwartz: whee!
jdoe: hrm.
I thought File::Fetch was core... maybe only in 5.12 :/
RandalSchwartz: never
jdoe: hrm
File::Fetch was new in 5.10
... so why doesn't my 5.10 install have it.
oh it does.
... but my shebang is /usr/bin, not /opt/csw/bin
... and /usr/bin is 5.8
-: jdoe very, very slowly connects the dots.
jdoe: ugh. Speaking of very slowly, perl 5.8.4 was released April 23rd, 2004.
naturally, it's the default perl in the OpenSolaris dev builds...
***: cedwards has quit IRC (Quit: leaving)