<somiaj> takahiro: again just to make sure, he is using eth0 = internel network and eth1 = external(internet) <takahiro> ok ran it <takahiro> it gave me an error <somiaj> takahiro: what error? <takahiro> Using intrapositioned negation (`–option ! this`) is deprecated in favor of extrapositioned (`! –option this`). <somiaj> it wants you to change the line “iptables -A INPUT -m state –state NEW -i ! eth1 -j ACCEPT” to “iptables -A INPUT -m state –state NEW ! -i eth1 -j ACCEPT <takahiro> ok should i change it and run it again? <somiaj> one second <somiaj> takahiro: put the output of ‘iptables –list’ on a pastebin <takahiro> copy paste drives me nuts on linux <takahiro> everytime i highlight something, it destroys what i copied <somiaj> takahiro: you shouldn’t have to rerun the script, that looks more like a warning than an error. So I don’t think you need to rerun the script, just fix it <somiaj> takahiro: hmm, I find it the other way around, hitting ctrl-C to copy is extra pain <takahiro> http://dpaste.org/Kergb/ <somiaj> though I need to figure out that package to install as the multiple clipboars is annoying <takahiro> i downloaded clipboard manager <takahiro> but the hotkey doesn’t work <somiaj> takahiro: ok now ‘iptables -t nat list’ <takahiro> Bad argument list <somiaj> sorry, itptables -t nat –list <somiaj> well iptables spelled correctly <takahiro> http://dpaste.org/NVv9U/ <Frijolenstein> Are you tired of niggers? <Frijolenstein> I am! <Frijolenstein> That is why I joined Chimpout Forum! <somiaj> !ops its back <dpkg> Hydroxide, dondelelcaro, ):, helix, LoRez, RichiH, mentor, xk, abrotman, gravity, azeem, Maulkin, stew, peterS, Myon, Ganneff, weasel, zobel, themill, babilen: somiaj complains about: its back <somiaj> takahiro: looks ok, now do some testing, note you should test with only ips as you may not have dns on your internal network just yet <takahiro> ok <somiaj> takahiro: see if you can ping the debian box and ping some other ip on the internet from a computer on your lan <takahiro> yup i can ping the debian box <takahiro> that always worked <takahiro> i just couldn’t get it to ping outside the lan <grape_> My wifi card is playing peekaboo. Sometimes when I type lspci my wifi card shows up and sometimes it does not. Currently it does not. Any ideas? <takahiro> grape_, that happens with some of my usb devices <grape_> the card is internal <takahiro> somiaj, so the script is broken? <takahiro> i don’t know what to do <somiaj> takahiro: can you ping the ip from the debian box just fine (just makeing sure you didn’t pick a bad ip to ping) <takahiro> yeap <somiaj> takahiro: the outside one, also you switched eth0 and eth1 to correctly match your network? <takahiro> i can ping 8.8.8.8 <takahiro> yeah i changed the script <somiaj> takahiro: cat /proc/sys/net/ipv4/ip_forward (that says 1) <peterS> takahiro: I haven’t been following this whole time. have you enabled ip_forward? ‘cat /proc/sys/net/ipv4/ip_forward’ <peterS> ha, somiaj beat me to it <takahiro> yep <takahiro> it says 1 <takahiro> i also set the gateway on the laptop to the debian IP address <somiaj> takahiro: oh I just noticed an error in his script, “iptables -A FORWARD -i eth1 -o eth1 -j REJECT” — he used eth1 twice <peterS> the MASQUERADE in the nat POSTROUTING table should be sufficient without any rules in the default table at all. try it. iptables -F INPUT; iptables -F FORWARD <peterS> if that works, then think about putting those other rules back in <takahiro> huh <takahiro> so replace the MASQUERADE with FORWARD? <somiaj> good call peterS, flush your other tables like he suggested. Lets get masq working before we worry about basic security rules. <somiaj> no just run ‘iptables -F INPUT; iptables -F FORWARD’ and retry to ping the outside world <takahiro> ok <takahiro> still nothing… ICMP timeout <takahiro> does the router need to be configured differently? <takahiro> or do i need to make the debian box the wan connection? <somiaj> takahiro: is the router even routing, all the machines are on the internal part? <takahiro> right now it’s connected to a LAN port <takahiro> yeah <takahiro> all the machines are on the internal part <takahiro> and i have nothing connected to the WAN port on the router <takahiro> also all machines can ping each other <takahiro> i can ping the router (192.168.2.1) and the laptop (192.168.2.8) from debian <takahiro> and the laptop can also ping the router (192.168.2.1) and the debian box (192.168.2.2) <peterS> takahiro: I would start fresh. create a text file with 4 lines in it: *nat 
OSTROUTING ACCEPT [0:0] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT (those are 4 separate lines.) The eth0 is yo<peterS> takahiro: save that 4-line text file, then run ‘iptables-restore {filename}’ <somiaj> well then the router is just being a fancy switch, though I’m unsure if it would complicate things as it might be trying to send external requests to the wlan port. <takahiro> somiaj: it worked with Windows 7 Internet Connection Sharing <takahiro> somiaj: back when i had windows <somiaj> takahiro: follow peterS suggestion <somiaj> (though as a strange side note setting up my first IPMASQ is why I started using debian in 2000) <peterS> it really should be as simple as that 4-line file …. <takahiro> http://dpaste.org/8wY0w/ <lemar8> any issues with the new Icedove recently pushed ? <takahiro> now run that file on iptables-restore share-1.txt ? <peterS> takahiro: yes. try it: iptables-restore share-1.txt <somiaj> lemar8: have you checked the annoucment or bts. Sure known issues would be there. <takahiro> it says: iptables-restore: line 1 failed <peterS> takahiro: ahh – the *nat line has a space. remove the space <lemar8> somiaj: not yet, just installed the update in stable and now it’s erroring up on startup with a “symbol lookup error” <takahiro> Bad argument `COMMIT` Error occurred at line: 4 <peterS> bad argument, really? I wonder what that’s about <takahiro> i have no idea <somiaj> lemar8: I’d check the bts <lemar8> somiaj: thank you <somiaj> lemar8: and by installed the update, you mean the one on security.debian.org I hope. (: <lemar8> yes, the recent binary package just pushed <peterS> takahiro: http://dpaste.org/WasxW/ – it works for me <somiaj> yea I recall seeing the DSA lemar8 <peterS> takahiro: makes me wonder if your file is missing a line ending at the end of the file, or something silly like that <takahiro> ah <takahiro> i had a space after COMMIT <takahiro> still no connection on the laptop <peterS> takahiro: hmmm, let me have another look. I may have given you an invalid test case. <takahiro> eth0 is 192.168.2.2 <takahiro> is that okay? <peterS> takahiro: is that the internal side or the external side? <takahiro> internal side <peterS> the -o argument needs to be the external side <takahiro> trying again with eth1 <takahiro> OOHHH it worrrrrrrks <takahiro> i can ping the internetz <peterS> takahiro: ok so now that that works, do this: iptables-save test.txt <takahiro> ohh but no DNS <takahiro> Unknown arguments found on commandline <peterS> takahiro: oh, sorry, iptables-save > test.txt <peterS> it will produce a file of the same format as the one I had you write by hand, but a more complete version <peterS> this more complete version _may_ be required if you’re just bringing this stuff up at boot time <takahiro> cool <peterS> takahiro: what I suggest is to save that file – I call mine /etc/network/iptables.rules – and add a line to /etc/network/interfaces under either ‘iface eth0′ or ‘iface eth1′ or both: pre-up iptables-restore <peterS> takahiro: pre-up means ‘run the following command just before bringing a given interface up’ <peterS> or really, post-up is fine too, I’ve used that before <takahiro> ok <takahiro> so what do i need to make it ping google? <peterS> takahiro: the other thing to do is to edit /etc/sysctl.conf to add ‘net.ipv4.ip_forward = 1′ (I think there’s a commented-out line like that in there somewhere, or you can just add it to the end) <takahiro> is that another complex step? <peterS> wait, you said it works already <peterS> but you said DNS didn’t work <peterS> is that correct? <takahiro> yeah i can ping 8.8.8.8 but not www.google.com <peterS> so, on the client box, what does /etc/resolv.conf say for ‘nameserver’ lines? <takahiro> the client box is a mac <takahiro> and i set the gateway to 192.168.2.2 <peterS> ummm, so, uh, whatever Mac OS has for DNS server configuration <takahiro> i also set the /etc/resolv.conf on the mac to nameserver 192.168.2.2 <takahiro> but that didn’t help <peterS> no, 192.168.2.2 is your debian box, right? that probalby isn’t running a DNS server <peterS> set it to whatever /etc/resolv.conf on the debian box has in it <takahiro> ah okay <peterS> or, I mean, you _can_ run a DNS server on the debian box. but you don’t have to. <takahiro> is there a way to forward it? <peterS> only if the Mac client is using DHCP <takahiro> so that other computers who want to use the network don’t have to configure that <takahiro> oh i see <peterS> then the DHCP server can specify a list of DNS servers <peterS> and every client that uses DHCP will use that same list <takahiro> ohh so i can set that on the hardware router i suppose <takahiro> i have to decide which is more work <Moebius> question <peterS> well, yes … but if the Mac is behind a separate NAT like you’re doing there, it won’t be using DHCP from the router <Moebius> why does metacity’s compositing manager cause some tray probs, mainly Wine tray issue? <peterS> Moebius: I don’t use metacity, gnome, or compositing, so I hope someone else here can answer (: <Moebius> actually, almost all WMs cause tray to behave weird, mutter, compiz, metacity (under compositing manager) <Moebius> peterS, it’s alright <takahiro> i will go ask in the mac forum… /etc/resolv.conf isnt working even with the new ips <peterS> takahiro: I’m sure there’s a GUI way to set up a list of nameservers on OS X…. <takahiro> yeah i have OS X Lion <takahiro> i’ll have to see if any of my mac friends are awake <peterS> I don’t know how, as I don’t use OS X, but yeah, an OS X forum will be able to tell you <Moebius> so yeah.. for example.. when running compositing manager i may minimize/maximize tray of an app that’s running under Wine and both panels dissappear. <Moebius> compiz also has a little impact on wine tray… not that crucial, but still… when i minimize it, the tab still remains on the task panel until i click on it and it dissappears… <Moebius> sole metacity with no compositing manager on is perfect. None of such stuff. <Moebius> so the question is… why such “cool” things can’t handle simple stuff… <Moebius> that has always confused me.. <Moebius> the richer it is the more troubles you get. <Moebius> well.. actually Wine allegedly shouldn’t work properly with sophisticated WM’s, that’s true. <aristarchus> what is a good way to solve a “/dev/dsp: No such file or directory” error? <aristarchus> i have a soundcard that works fine with most programs <kevlarman> aristarchus: what program is this? <aristarchus> kevlarman: snes9x <peterS> aristarchus: the program is apparently wanting to use the OSS interface <kevlarman> aristarchus: either configure it to use alsa or find an emulator that supports alsa <takahiro> thanks for all your help peterS and somiaj <kevlarman> (i know zsnes does) <takahiro> biiiig help setting me up <peterS> aristarchus: try ‘modprobe snd-pcm-oss’ <peterS> takahiro: no problem <kevlarman> peterS: that’s a terrible idea <aristarchus> peterS: nothing <peterS> nothing as in no error? <peterS> ‘nothing’ is not very descriptive. if you mean ‘no change, software gives the same error as before’, say ‘no change’ <peterS> …or something <aristarchus> sorry <aristarchus> no output <peterS> ‘modprobe’ is supposed to give no output <peterS> the question is, did it fix snes9x <aristarchus> ooohhh <aristarchus> still no sound <peterS> I forgot to mention ‘modprobe’ has to be run as root, but apparently you did that, or it would have complained (: <aristarchus> ya <aristarchus> i got that through trial and error <kevlarman> aristarchus: the best solution is to use something that supports alsa (like zsnes) <aristarchus> kevlarman: i’m on amd64, i think zsnes is imcompatible <peterS> it’s possible snes9x has a mode to support alsa, but you have to wonder why the packager wouldn’t select alsa mode by default <kevlarman> it apparently doesn’t <bartley> “They mutilated your body. They messed up your mind. They crushed your spirit. They broke your heart. They carved you into a sexual zombie and created a monster within you. Then they deny — and relish — you<kevlarman> aristarchus: that’s news to me <kevlarman> aristarchus: i just ran it on 64 linux <aristarchus> oh ya? <peterS> aristarchus: so, does snes9x still complain about /dev/dsp or does it just work except without sound? <bartley> When you complained about being dead, your surgeons concealed the fact that they knowingly cut your sex nerves and altered your genitals. <kevlarman> peterS: at least suggest aoss(/padsp) instead of the module that steals the sound card <aristarchus> peterS: it is able to run, the in the console output, you see an error message about not finding /dev/dsp <aristarchus> so it runs w/o sound <aristarchus> i’m seeing something in the forums about: alsa-oss oss-compat <peterS> aristarchus: so in fact the ‘modprobe snd-pcm-oss’ did not change it at all? <aristarchus> peterS: doesn’t look like it <peterS> aristarchus: probably can ‘modprobe -r snd-pcm-oss’ then and look for alsa-oss stuff <peterS> aristarchus: apparently kevlarman can hook you up with the right commands to run to make that work. I don’t know them offhand. <aristarchus> peters: got it!! <aristarchus> peters: installing oss-compat fixed it <kevlarman> aristarchus: seriously though, zsnes or something that supports alsa <incog> yes helloó Ÿ <incog> as a gay black man, is debian the distro for me? <peterS> it is the distro for everybody <peterS> but then, so are a lot of other distributions <aristarchus> kevlarman: looks like it works now, thanks for your help <aristarchus> peters: thanks <peterS> no problem <incog> should i go for stable or testing? <kevlarman> aristarchus: now try playing any other sound while snes9x is running <peterS> kevlarman: assuming of course you _want_ to play other sounds while you’re using a game emulator <aristarchus> kevlarman: totem movie player just pauses <aristarchus> kevlarman: i think it can detect when a channel is in use <kevlarman> aristarchus: so you have pulse installed? <peterS> well, ok, not a game emulator per se, a platform emulator. but I believe it was almost exclusively used for games….. <aristarchus> peters: mario paint!! j/k <peterS> ha <somiaj> probabaly better than mspaint <peterS> yeah all it really needed was a super mario visicalc, right? so you could claim it was really a work computer? <kevlarman> somiaj: they aren’t competitors <aristarchus> kevlarman: yes, pulse is installed <kevlarman> aristarchus: just uninstall oss-compat and run snes9x with padsp <incog> is snes9x sdl? <kevlarman> incog: that’s zsnes <stacks`> with iptables if i wanted to block the ranges 166.(128-255).*.* would i use 166.128.0.0/9 or how would it go? like i know iptables -A input -s (IP) -d 0/0 -j DROP etc.. <mintux> I have two INTERNET connection that they are come from wired network (two modem connect to switch and come to my computer lan with different ip) so I switch between them.is it possible to use two internet conn<aristarchus> kevlarman: how do i specify padsp? <peterS> stacks`: sure. -A INPUT -s 166.128.0.0/9 -j DROP seems fine. you may need a -m tcp or something. <kevlarman> aristarchus: padsp snes9x <kevlarman> aristarchus: it’s a small shell script that LD_PRELOADS libpulsdsp <peterS> mintux: in theory yes. but it’s not trivial to set up, and telling apps which connection to use is also not trivial. <aristarchus> kevlarman: hey it works! <aristarchus> kevlarman: i can hear my metal blasting over the 16bit music <peterS> well, I mean, you can set up two default gateways, but selecting which one to use in a given application is the hard part. <mintux> peterS: is it possible in firefox use network proxy ? <peterS> don’t know, I’ve never used it <mintux> for example I run a virtual machine and send the INTERNET to browser <terr_> I need some advice on HPLIP I see version 3.112.2 is available but apparently only 2.8.6 is instalelld in the ;llatest debian. Besides which I’m on Sarge in this machine and its pretty old. Can I even run th<somiaj> terr_: probabaly should think about upgrading to a supported debian version. <somiaj> terr_: you may be able to backport things, but backporting to sarge may not be an easy task <terr_> somiaj: I’m in the process of building a new machine <terr_> somiaj: I’m upgrading anyways… I already have the new machine <somiaj> well if you want to upgrade that install go one release at a time <terr_> durn. I tried pining that printer and I’m getting a lot of packet loss. Its tyring to run 100base-T and likely the cable is not good enough. <terr_> There should be some way to force it to 10BaseT <massmc> hello <vbrummond> hello * jokar hello all <jokar> i want install cheops-ng on my debian 64 bit <jokar> i can’t finde any packahe <jokar> package* <jokar> configure: error: Could not find the gnomeConf.sh file that is generated by gnome-libs install <jokar> what should i do? <jokar> :-/ <jokar> anybody here? <phogg> jokar: no <jokar> 
<phogg> jokar: also, tried apt-get –reinstall gnome-libs ? <phogg> apt-get –reinstall install gnome-libs, I mean <jokar> no <jokar> i test it <phogg> might regenerate it <jokar> E: Unable to locate package gnome-libs <jokar> ? <jokar> can’t find <jokar> gnome-libs can’t find <pikefrog> debian seems to want to grant users permissions to access different optical devices iwth ACLs bypassing the group permissions <pikefrog> how do i control these acls <pikefrog> i dont know anythign about acls, where do i edit the policy or know what acls i have on my system <jokar> o/ phogg: <phogg> jokar: sorry, I misread your error <jokar> no problem <jokar> i can’t install it <jokar> gnome-libs not found <phogg> jokar: You need to figure out what package contains the bits of gnome libs that it wants <jokar> :-/ * bintut waves <jokar> phogg: can you install it? <phogg> jokar: I don’t even know what it is <jokar> if possible please test it <jokar> phogg: it is a network tools <jokar> cheops-ng <phogg> you might try the libgnome2-dev package, perhaps <bintut> anyone here uses TP-Link TL-WN821Nv3 802.11n USB adapter on debian squeeze? <jokar> phogg: i will test it <somiaj> bintut: grab the chipset from ‘lsusb’ and check the wiki, it contains instructions on many devices <bintut> i’m having an issue on my 802.11n usb adapter. the device is detected, the driver has been loaded but the actual interface is still absent. kindly check http://www.pastie.org/3351820 for more information. <somiaj> bintut: most likely are missing firmware, check dmesg <jokar> o/ phogg not installed <bintut> somiaj: kindly check http://www.pastie.org/3359478 <bintut> anyone here familiar in enabling and making an 802.11n usb adapter work on squeeze?
Feb 152012