| 00:02.47 | lagnus | hello? |
| 00:03.00 | lagnus | living? |
| 02:50.47 | *** join/#gllug Leeds (~richardc@www.scorefive.com) |
| 05:23.24 | *** join/#gllug PcSett (~Don@host86-162-31-32.range86-162.btcentralplus.com) |
| 05:25.09 | *** part/#gllug PcSett (~Don@host86-162-31-32.range86-162.btcentralplus.com) |
| 05:57.37 | Cope | dying |
| 06:31.30 | AndyMillar | too much hooch? |
| 07:06.38 | Cope | never hooches... just fails to be funny |
| 07:07.04 | Cope | oooh |
| 07:07.17 | Cope | breakfast time in the canteen! yummy food and hott ladies! |
| 07:07.21 | Cope | dashes |
| 07:10.56 | AndyMillar | :p |
| 07:18.38 | *** join/#gllug ChoHag (~mking@109-170-148-201.xdsl.murphx.net) |
| 07:23.13 | *** join/#gllug alexaj (~alexaj@81-178-209-1.dsl.pipex.com) |
| 07:38.32 | morsing | alexaj! |
| 07:38.49 | hali | argh, we have two new spanish guys in the office... hearing them speak does my head in |
| 07:39.18 | hali | it's about 50% english with a very rough spanish accent and 50% turbo spanish |
| 07:39.35 | morsing | Headphones |
| 07:39.42 | hali | good idea |
| 07:39.51 | hali | time for some run to the hills |
| 07:44.49 | alexaj | morsing ! |
| 07:46.21 | morsing | In Debian -> interfaces file, how do I set-up multiple addresses per interface without getting interface aliases? Can I just do multiple 'address' statements per 'iface'? |
| 07:46.59 | morsing | It seems rather un-documented |
| 07:50.48 | ChoHag | <Pimp> The client can pay up to £350. |
| 07:50.54 | ChoHag | <Job spec> Initially the budget goes up to £400 |
| 08:00.51 | *** join/#gllug alexaj (~alexaj@81-178-209-1.dsl.pipex.com) |
| 08:06.52 | morsing | alexaj! |
| 08:08.25 | *** join/#gllug gmarkall (~graham@84.45.235.192) |
| 08:09.54 | ChoHag | Yes, xfce, I did actually want the panel vertically through the middle of the screen. |
| 08:15.00 | *** join/#gllug stu_ (~stu@dyn1242-128.vpn.ic.ac.uk) |
| 08:22.38 | morsing | stu_! |
| 08:22.40 | morsing | gmarkall! |
| 08:38.20 | gmarkall | morsing! stu_! |
| 09:05.37 | *** join/#gllug Nafallo (~nafallo@ubuntu/member/nafallo) |
| 09:15.21 | morsing | Nafallo! |
| 10:44.26 | morsing | I can't find any evidence or documentation that getaddrinfo() on Linux should pick IPv6 over IPv4. Is this the case? Things seem to always go the Ipv6 route but would like to verify it's by design and not luck... |
| 10:56.51 | Azundris | Use the source? |
| 10:58.24 | antiphase | CAI |
| 11:00.15 | antiphase | http://www.rfc-editor.org/rfc/rfc3484.txt |
| 11:00.20 | antiphase | USe the RFCs, Luke |
| 11:01.53 | antiphase | I meant GAI of course. Typing phail |
| 11:02.18 | antiphase | man 5 gai.conf |
| 11:02.37 | antiphase | I'm not sure why I'm helping someone who couldn't use Google to get them out of a wet paper bag |
| 11:03.45 | Azundris | Why would you need Google to get out of a wet paper bag? |
| 11:19.06 | Cope | is hot |
| 11:33.27 | morsing | shags Cope |
| 11:35.22 | AndyMillar | :op |
| 11:37.38 | *** join/#gllug gmarkall (~graham@84.45.235.192) |
| 11:39.18 | morsing | gmarkall! |
| 11:42.49 | Cope | hands morsing KY |
| 11:42.55 | Cope | please be more gentle |
| 11:59.43 | *** join/#gllug dick_turpin (~sales@host217-34-163-30.in-addr.btopenworld.com) |
| 12:18.22 | *** join/#gllug dick_tur1in (~sales@host217-34-163-30.in-addr.btopenworld.com) |
| 14:19.46 | *** join/#gllug Leeds (~richardc@pcd417142.netvigator.com) |
| 14:40.55 | morsing | Leeds! |
| 14:50.06 | *** join/#gllug PcSett (~Don@host86-162-31-32.range86-162.btcentralplus.com) |
| 14:51.01 | *** part/#gllug PcSett (~Don@host86-162-31-32.range86-162.btcentralplus.com) |
| 15:29.41 | ArsonaL | morsing! |
| 15:29.46 | morsing | ArsonaL!!!!!!!!!!! |
| 15:29.57 | ArsonaL | that was fast |
| 15:30.00 | *** join/#gllug sabinef72 (~sabinef72@sabinef72.ipv6.popipo.fr) |
| 15:30.03 | morsing | sabinef72:! |
| 15:30.11 | ArsonaL | do you have a pc speaker beep when someone says your name? |
| 15:30.36 | morsing | No |
| 15:30.49 | ArsonaL | I do :$ |
| 15:31.03 | morsing | I've never been able to get it to work :( |
| 15:33.29 | ArsonaL | haha, I just sent my tax stuff back to Canada |
| 15:33.33 | ArsonaL | this was the reply: |
| 15:33.41 | ArsonaL | (16:31:52) Robert: u sure pay a lot of tax |
| 15:36.04 | morsing | ArsonaL: ...? |
| 15:39.54 | *** join/#gllug zooz (~zooz@host86-161-205-103.range86-161.btcentralplus.com) |
| 15:51.15 | morsing | zooz! |
| 15:57.27 | ArsonaL | I was referncing that the tax here in the UK is substantially higher than Canada |
| 15:57.59 | morsing | Ok - would be fun to tell the guy that tax in the UK is substantially lower than the rest of western Europe... |
| 15:58.09 | morsing | Would give him a heart attack ;) |
| 16:05.03 | *** join/#gllug sabinef72 (~sabinef72@ns.popipo.fr) |
| 16:10.04 | murb | ArsonaL: hmm canada has a higher margianl rate of tax if you run a company. |
| 16:10.48 | zooz | are here any iptables gurus? |
| 16:10.59 | zooz | got stuck understanding how iptables increases counters |
| 16:11.26 | ChoHag | http://www.youtube.com/watch?v=TywmpMQYojs |
| 16:11.29 | antiphase | State your question, peon |
| 16:11.33 | ChoHag | The Assumption Song |
| 16:13.19 | zooz | right :-) |
| 16:13.21 | zooz | http://p.defau.lt/?ObvzGn7iYVzxa_j9OVvrUw |
| 16:14.00 | zooz | <PROTECTED> |
| 16:14.15 | zooz | while they are only increasing in Chain SYN_ACCEPT if I initiate a connection to 22/tcp |
| 16:15.00 | antiphase | wonders why you're doing it in the first place |
| 16:15.19 | zooz | to save lots of typing ? |
| 16:16.22 | antiphase | The best way to save lots of typing is to ACCEPT all packets which are in state ESTABLISHED or RELATED then assume all the rest are connection attempts |
| 16:16.39 | zooz | sure, that's what I do |
| 16:16.53 | antiphase | So why do you check twice if they're new connections as well? |
| 16:17.07 | zooz | what do you mean? |
| 16:17.28 | zooz | -m state --state NEW is not the same as -m state --state NEW -p tcp --syn |
| 16:17.41 | antiphase | --state NEW and --syn are equivalent if I'm not mistaken, and if you accept established/related connections, you can assume all other packets are connection attempts without testing them |
| 16:17.55 | zooz | no, you are wrong re NEW |
| 16:18.14 | antiphase | You obviously know more than me then |
| 16:18.41 | zooz | state NEW matches new connections attempts even if packets arrive with SYN flag unset and e.g. ACK set |
| 16:18.57 | zooz | which is obviously not a new connection attempt |
| 16:19.06 | antiphase | --state INVALID -j DROP |
| 16:19.08 | antiphase | Job done |
| 16:19.15 | antiphase | guesses |
| 16:19.18 | zooz | nope |
| 16:19.22 | antiphase | What are you trying to do then? |
| 16:19.25 | zooz | INVALID does not match the above |
| 16:19.41 | zooz | INVALID does not match new connections with ACK flag set on |
| 16:19.54 | antiphase | Neither does the TCP stack |
| 16:20.02 | antiphase | accept them |
| 16:20.21 | zooz | sure, but why would you let them through? |
| 16:20.40 | antiphase | I don't. I probably generate RSTs in response to them |
| 16:20.53 | antiphase | Keeps people guessing |
| 16:21.07 | antiphase | If you're that paranoid, you should odrop everything and permit only from known sources |
| 16:21.19 | zooz | yeah, that generates much more unnecessary traffic |
| 16:21.37 | zooz | that's what I do pretty much |
| 16:21.59 | zooz | but my question was why the counters are increasing in INPUT chain target SYN_ACCEPT? |
| 16:23.24 | antiphase | Because it matches all inbound port 22 traffic to that interface and address |
| 16:23.58 | antiphase | too tired today so will be quiet |
| 16:24.59 | zooz | right |
| 16:25.09 | antiphase | All traffic will generate hits on the INPUT rule, and all new connection attempts will generate hits on the SYN_ACCEPT rule and then be accepted by default |
| 16:25.34 | antiphase | s/All/All TCP\/22/ |
| 16:25.36 | zooz | I moved the rule which accepts ESTABLISHED,RELATED to the top and now SYN_ACCEPT target in INPUT does not get increased |
| 16:26.09 | zooz | it only does if I actually generate a new 22/tcp connection to that IP address |
| 18:09.01 | *** join/#gllug Mohan (~nixh0st@unaffiliated/mohan) |
| 19:09.11 | *** join/#gllug lagnus (~lagnus@88-96-64-203.dsl.zen.co.uk) |
| 19:40.39 | *** join/#gllug ___marcus (~marcus@lenny.uk-debtcollection.com) |
| 20:29.24 | *** join/#gllug lagnus (~lagnus@88-96-64-205.dsl.zen.co.uk) |
| 21:57.50 | *** join/#gllug s___marcu (~marcus@lenny.uk-debtcollection.com) |
| 22:41.24 | *** join/#gllug zooz (~zooz@host86-161-202-225.range86-161.btcentralplus.com) |