--- | Log | opened Sun Jul 07 00:00:08 2019 |
--- | Day | changed Sun Jul 07 2019 |
00:00 | -!- | Dataforce [~dataforce@dataforce.org.uk] has quit [Remote host closed the connection] |
00:00 | -!- | Dataforce [~dataforce@dataforce.org.uk] has joined #linode |
00:00 | -!- | Dataforce is "Shane "Dataforce" Mc Cormack" on #linode #bitlbee #oftc @#DMDirc |
00:12 | -!- | zed91 [~oftc-webi@drmons0552w-134-41-127-229.dhcp-dynamic.fibreop.ns.bellaliant.n] has joined #linode |
00:12 | -!- | zed91 is "OFTC WebIRC Client" on #linode |
00:12 | <zed91> | hi |
00:13 | <zed91> | i want to activate my account please |
00:13 | <dwfreed> | LouWestin: the default iptables command maps iptables syntax to nftables rules under the hood |
00:14 | <zed91> | i want to activate my account sir ! |
00:15 | -!- | zed91 [~oftc-webi@drmons0552w-134-41-127-229.dhcp-dynamic.fibreop.ns.bellaliant.n] has quit [] |
00:16 | -!- | Dataforce [~dataforce@dataforce.org.uk] has quit [Remote host closed the connection] |
00:16 | <dwfreed> | LouWestin: note that if you use netfilter-persistent, you'll need to blacklist iptable_filter and ip6table_filter to prevent the warning message about the legacy rules still existing |
00:25 | <LouWestin> | Dwfreed: ok thanks! I was testing out a ip rule translator. I’ll stick with setting up iptables for now, then I can always change it |
00:25 | <LouWestin> | Later on |
00:26 | <dwfreed> | there's a translator that ships with the nft-compat tools |
00:27 | <dwfreed> | iptables-restore-translate will output the nft syntax for the ruleset (but it won't apply it, so it's not a restore in that sense) |
00:27 | <dwfreed> | iptables-translate will take an iptables command line and convert it to an nft command line |
00:28 | <dwfreed> | and s/iptables/ip6tables/ for IPv6, as you might expect |
00:29 | <LouWestin> | That’s what I meant. I’ll finish up the new server tomorrow. |
00:30 | <dwfreed> | note that it doesn't handle ipsets at all |
00:30 | <dwfreed> | annoyingly |
00:31 | <LouWestin> | I mean the iptables-translate |
00:33 | <LouWestin> | I’m trying to recall what rules I have. Basically what Linode has recommended, just what ports are needed |
00:33 | <dwfreed> | sudo iptables-save |
00:33 | <dwfreed> | or sudo iptables -S |
00:33 | <dwfreed> | (assuming you don't have any non-filter rules; most people don't) |
00:35 | <LouWestin> | I don’t think so. Just allow port whatever and deny certain things |
02:00 | -!- | _eyepulp [~eyepulp@50-83-205-92.client.mchsi.com] has quit [Ping timeout: 480 seconds] |
04:03 | -!- | thiras [~thiras@195.174.215.70] has joined #linode |
04:03 | -!- | thiras is "Ant" on #debian #linode #tami |
05:02 | -!- | |GIG-1 [~MYOB@158.115.253.31] has joined #linode |
05:02 | -!- | |GIG-1 is "J" on #moocows #linode |
05:02 | -!- | |GIG [~MYOB@158.115.253.31] has quit [Remote host closed the connection] |
05:29 | -!- | Omochao is "Fenhl" on #debian |
05:29 | -!- | Omochao [sid30770@id-30770.stonehaven.irccloud.com] has joined #linode |
05:50 | -!- | |GIG-1 [~MYOB@158.115.253.31] has quit [Quit: irc.usairc.org ( USA IRC )] |
05:50 | -!- | |GIG [~MYOB@158.115.253.31] has joined #linode |
05:50 | -!- | |GIG is "J" on #linode #moocows |
05:59 | -!- | noob [~oftc-webi@2a01:7e01::f03c:91ff:fe57:de90] has joined #linode |
05:59 | -!- | noob is "OFTC WebIRC Client" on #linode |
05:59 | -!- | noob is now known as Guest6865 |
06:02 | -!- | Guest6865 is now known as noobie |
06:05 | <noobie> | r there more newbs here ? |
06:15 | -!- | qwebirc70753 [~oftc-webi@2a01:7e01::f03c:91ff:fe57:de90] has joined #linode |
06:15 | -!- | qwebirc70753 is "OFTC WebIRC Client" on #linode |
06:16 | <qwebirc70753> | kewl |
06:16 | <noobie> | OK |
06:17 | -!- | qwebirc70753 [~oftc-webi@2a01:7e01::f03c:91ff:fe57:de90] has quit [Remote host closed the connection] |
06:18 | -!- | qwebirc37399 [~oftc-webi@2a01:7e01::f03c:91ff:fe57:de90] has joined #linode |
06:18 | -!- | qwebirc37399 is "OFTC WebIRC Client" on #linode |
06:18 | <qwebirc37399> | well |
06:19 | <qwebirc37399> | I came via https://webchat.oftc.net/?randomnick=1&channels=linode&uio=Mj10cnVlJjQ9dHJ1ZSY5PXRydWUmMTA9dHJ1ZSYxMT01MSYxMj10cnVlce |
06:19 | <qwebirc37399> | in case ure interested... |
06:19 | -!- | qwebirc59029 [~oftc-webi@2a01:7e01::f03c:91ff:fe57:de90] has joined #linode |
06:19 | -!- | qwebirc59029 is "OFTC WebIRC Client" on #linode |
06:19 | <qwebirc59029> | I clicked this: https://webchat.oftc.net/?randomnick=1&channels=linode&uio=Mj10cnVlJjQ9dHJ1ZSY5PXRydWUmMTA9dHJ1ZSYxMT01MSYxMj10cnVlce |
06:20 | <qwebirc37399> | impressive |
06:24 | <qwebirc59029> | ... |
06:25 | <qwebirc37399> | . |
06:26 | -!- | qwebirc59029 [~oftc-webi@2a01:7e01::f03c:91ff:fe57:de90] has quit [Quit: Page closed] |
06:26 | -!- | noobie [~oftc-webi@2a01:7e01::f03c:91ff:fe57:de90] has quit [Quit: Page closed] |
06:39 | -!- | darwin [d@melik.windwireless.net] has quit [Ping timeout: 480 seconds] |
07:13 | -!- | qwebirc37399 [~oftc-webi@2a01:7e01::f03c:91ff:fe57:de90] has quit [Quit: Page closed] |
07:53 | -!- | kaare__ [~kaare@cpe-66-65-89-106.nyc.res.rr.com] has joined #linode |
07:53 | -!- | kaare__ is "Kaare Rasmussen" on #linode |
09:17 | -!- | V-Pariah [viciouspar@c-24-61-207-78.hsd1.ma.comcast.net] has quit [Ping timeout: 480 seconds] |
09:31 | -!- | V-Pariah [viciouspar@c-24-61-207-78.hsd1.ma.comcast.net] has joined #linode |
09:31 | -!- | V-Pariah is "Vicious Pariah" on #linode |
11:53 | -!- | Dataforce [~dataforce@dataforce.org.uk] has joined #linode |
11:53 | -!- | Dataforce is "Shane "Dataforce" Mc Cormack" on #linode #bitlbee #oftc @#DMDirc |
12:02 | -!- | alan [~oftc-webi@107-179-235-11.cpe.teksavvy.com] has joined #linode |
12:02 | -!- | alan is "OFTC WebIRC Client" on #linode |
12:03 | <alan> | https://sandbox.primitiv.media/install/ I'm having issues setting up this app, I haven't had this issue before with this same app |
12:03 | <alan> | even with 777 it doesn't work |
12:04 | <millisa> | as always - what do your logs say |
12:04 | <grawity> | what is the actual issue |
12:05 | <gparent> | what if I told you 777 made you lose time not save time |
12:54 | -!- | NomadJim [~Jim@2001:5b0:2d1f:6b38:8422:fc87:fd66:acf5] has quit [Read error: Connection reset by peer] |
12:59 | <alan> | sorry I got busy |
13:12 | <kharlan11> | app don't work is the issue grawity |
13:18 | <alan> | there's no errors in the log |
13:18 | <alan> | it doesn't attempt to do anything as they are not detecting the proper permissions |
13:20 | <alan> | m wordpress website is also having issues so I believe it's a server misconfiguration |
13:21 | -!- | thiras [~thiras@195.174.215.70] has quit [Ping timeout: 480 seconds] |
13:21 | <alan> | or the permisisons aren't set properly for any web folder |
13:21 | -!- | cps [~cps@c-73-133-107-201.hsd1.md.comcast.net] has quit [Read error: No route to host] |
13:21 | -!- | cps [~cps@c-73-133-107-201.hsd1.md.comcast.net] has joined #linode |
13:21 | -!- | cps is "Chris Smolinski" on #linode |
13:22 | -!- | thiras [~thiras@195.174.215.70] has joined #linode |
13:22 | -!- | thiras is "Ant" on #debian #linode #tami |
13:23 | -!- | descender [~heh@2406:3003:206f:397b:bd1b:645f:b723:8f30] has quit [Ping timeout: 480 seconds] |
13:25 | <millisa> | so look at the permissions/ownership. Pick one of the files/dirs it is complaining about and look at it with something like 'namei -l /path/to/fileordir' |
13:25 | <alan> | easiest is index.php |
13:25 | <alan> | it's in the root folder |
13:25 | <alan> | I gave it 777 |
13:25 | <millisa> | Pick one of the files/dirs it is complaining about and look at it with something like 'namei -l /path/to/fileordir' |
13:27 | <alan> | 4 -rwxrwxrwx. 1 sandbox.primitiv sftp 1736 Jul 6 15:42 index.php |
13:27 | <LouWestin> | Isn’t having 777 dangerous since that’s giving public write access? |
13:29 | <alan> | of course, for this purpose I'm trying to find out the issue |
13:29 | <alan> | in this case 777 doesn't help or make it worse |
13:30 | <alan> | so what would be my next step change ownership? |
13:30 | -!- | lex [~lex@162.253.11.220] has joined #linode |
13:30 | -!- | lex is "Despite All My Rage.." on #linode |
13:30 | -!- | lex is now known as Guest6884 |
13:31 | <LouWestin> | .... ownership/group change first, than play with the permissions |
13:31 | <LouWestin> | I mentioned this yesterday. |
13:32 | <alan> | nginx isrunning the web server |
13:32 | <alan> | if I'm not mistaken |
13:32 | <alan> | but when I tried changing the group to nginx nothing changed |
13:32 | <millisa> | what user is the php-fpm service running as |
13:33 | -!- | wheatie [~lex@000129c9.user.oftc.net] has quit [Ping timeout: 480 seconds] |
13:34 | <alan> | what command to I run same one but with php-fpm at the end? |
13:34 | <millisa> | look in your php-fpm conf for the pool you are using and/or look at the process list if you aren't running it in ondemand |
13:35 | <alan> | ps -ef|grep php-fpm? |
13:35 | <LouWestin> | 777 is like sticking a fork in an outlet to see if it’s live... don’t do that! lol |
13:35 | <LouWestin> | Gotta go back to work now. |
13:36 | <millisa> | php-fpm -tt <--- that should dump out your current config |
13:37 | <alan> | https://bpaste.net/show/XGEQ |
13:37 | <alan> | www? |
13:37 | <alan> | is that correct |
13:37 | <alan> | sorry nginx** |
13:37 | <millisa> | that appears to be your only pool. and you have it running as nginx. |
13:37 | <alan> | user and group for www is nginx |
13:38 | <millisa> | so for php-fpm to write to those files dirs, the nginx user would have to have write access |
13:38 | <millisa> | are you using selinux? |
13:38 | <alan> | I'm not sure, if so I haven't touched it |
13:38 | <millisa> | sestatus |
13:38 | <alan> | i just ran chown sandbox.primitiv:nginx -R on public_html |
13:38 | <alan> | still the same |
13:39 | <millisa> | chown nginx:nginx /path/to/that/index.php |
13:39 | <alan> | she's enabled |
13:40 | <alan> | kay so now that i ran nginx:nginx |
13:40 | <alan> | one of the files appears to be green |
13:40 | <alan> | or pass |
13:41 | <alan> | idk why |
13:41 | <alan> | the /index doesnt work still |
13:41 | <millisa> | You can try turning off selinux temporarily with 'setenforce 0' |
13:42 | <alan> | that made them all green lol |
13:42 | <alan> | letm e try something else |
13:43 | <millisa> | well, if you want to keep selinux on, you'd probably need to change the context on some of those files/dirs |
13:43 | <alan> | what do you mean by context |
13:44 | <millisa> | https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security-enhanced_linux/chap-security-enhanced_linux-selinux_contexts |
13:45 | <millisa> | this talks about viewing existing and making changes https://www.thegeekdiary.com/understanding-selinux-file-labelling-and-selinux-context/ |
13:46 | <alan> | would you recommend having selinux at all? |
13:48 | <millisa> | couldn't advise on that. depends on your requirements/policies. I personally don't use it in most places since it doesn't address my problems... |
13:48 | <millisa> | a proselinux person would tell you, keep it, it adds security, fix your contexts. |
13:49 | <millisa> | other side is it adds complexity, not a lot of gain over what it address in already existing methods, get off my lawn |
13:49 | <millisa> | if you want selinux on a linode, you have to run the distribution kernel... |
13:49 | <millisa> | (unless that's changed recently). so take that however you want |
13:51 | <millisa> | you have a good example of how it might save you someday. you've got your php processes running as nginx, you've gone and thrown 777's around to let anyone write to places, so someone finding a compromised package in this 'nextwhatever' thing you're trying to install |
13:51 | <millisa> | could potentially write to everywhere you've given too much permissions |
13:51 | <millisa> | unless you had selinux there to stop that from happening |
13:52 | <alan> | that' a good point |
13:52 | <alan> | I don;t understand the changing context thing though |
13:53 | <alan> | i ran id Z |
13:53 | <alan> | unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 |
13:53 | <alan> | got that |
13:53 | <millisa> | this thread is about wordpress but gives a very similar issue: https://forums.fedoraforum.org/showthread.php?288728-SELinux-not-allowing-write-access-to-php-fpm-for-wp-content-uploads |
13:56 | <alan> | so would there be error logs in my selinux log then pertaining to the issue im having? |
13:56 | <millisa> | probably in /var/log/audit |
13:57 | <millisa> | not sure if it's the same in every distribution, recent redhat type systems would be /var/log/audit/audit.log |
13:57 | <alan> | https://bpaste.net/show/L-DG |
13:58 | <alan> | this seems like the error in fact |
13:58 | <alan> | or one of them |
13:58 | <millisa> | would not doubt it |
13:58 | <alan> | su -c "chcon -R -h -t httpd_sys_script_rw_t /opt/nginx/html/wp/wp-content/uploads" the link you sent for wordpress suggest to run this |
14:00 | <millisa> | that's doing a recurive change context on that dir to that httpd_ type |
14:00 | <millisa> | top of the hour, garage cleaning time. |
14:03 | <alan> | it worked :P |
14:03 | <alan> | !point millisa |
14:04 | <alan> | !point millisa |
14:04 | <alan> | am I doing it work again? |
14:06 | <alan> | !point: millisa |
14:06 | <alan> | why cant i give her a point |
14:07 | <Zr40> | the bot isn't here |
14:21 | <alan> | my wordpress still fails |
14:31 | <alan> | nvm wordpress is fixed xD |
14:33 | <alan> | https://sandbox.primitiv.media/ the login page or signup cannot be found I'm not sure why |
14:38 | -!- | Netsplit synthon.oftc.net <-> coherence.oftc.net quits: Louis6321, chesty, soxyfox, gko, Luckst0r_, internat, JamesTK, MrPPS, dannyAAM, wcpan, (+3 more, use /NETSPLIT to show all of them) |
14:38 | -!- | Netsplit over, joins: wcpan, wraeth, gko, dannyAAM |
14:38 | -!- | Luckst0r [~luckst0r@stuff.is.heaps.lol] has joined #linode |
14:38 | -!- | wcpan is "wcpan" on #linode #debian #dot |
14:38 | -!- | wraeth is "wraeth" on #linode #oftc |
14:38 | -!- | Netsplit over, joins: internat |
14:38 | -!- | Luckst0r is "luckst0r" on #linode |
14:38 | -!- | Netsplit over, joins: troy |
14:38 | -!- | troy is "troy" on #linode #debian |
14:38 | -!- | Netsplit over, joins: JamesTK |
14:38 | -!- | JamesTK is "James Taylor https://jtaylor.id.au" on #linode #bitlbee @#digitalocean #Corsair |
14:40 | -!- | md_5 [~md_5@marius.md-5.net] has joined #linode |
14:40 | -!- | md_5 is "Got ZNC?" on #virt #linode |
14:40 | -!- | Netsplit over, joins: chesty |
14:40 | -!- | chesty is "chesty" on #linode #moocows |
14:40 | -!- | Netsplit over, joins: soxyfox |
14:40 | -!- | MrPPS [~MrPPS@bnc.d0xed.com] has joined #linode |
14:40 | -!- | MrPPS is "MrPPS" on #oftc #linode |
14:42 | -!- | Netsplit over, joins: Louis6321 |
14:43 | -!- | ronnie [~oftc-webi@cpe-67-10-121-157.gt.res.rr.com] has joined #linode |
14:43 | -!- | ronnie is "OFTC WebIRC Client" on #linode |
14:45 | <ronnie> | Hello. I have a linode that I resized to an 8GB plan (was originally created on the 2GB plan). |
14:46 | <ronnie> | The system is running Ubuntu 16.04 and shows 49412400kb (approximately 50GB). How do I expand the Partition? |
14:48 | -!- | ronnie [~oftc-webi@cpe-67-10-121-157.gt.res.rr.com] has quit [] |
16:40 | -!- | aspis [~aspis@0001b93f.user.oftc.net] has quit [Ping timeout: 480 seconds] |
16:45 | -!- | aspis [~aspis@0001b93f.user.oftc.net] has joined #linode |
16:45 | -!- | aspis is "aspis" on #linode |
16:50 | -!- | emil [~emil@pool-173-76-27-80.bstnma.fios.verizon.net] has joined #linode |
16:50 | -!- | emil is "emil" on #linode |
16:50 | <emil> | Is this the official linode channel? |
16:56 | -!- | honestemu [~oftc-webi@pool-173-76-27-80.bstnma.fios.verizon.net] has joined #linode |
16:56 | -!- | honestemu is "OFTC WebIRC Client" on #linode |
16:56 | -!- | emil [~emil@pool-173-76-27-80.bstnma.fios.verizon.net] has left #linode [] |
16:57 | <honestemu> | Anyone here have a mailserver set up through linode? |
16:57 | <honestemu> | I recently upgraded my Debian version. |
16:58 | <honestemu> | I hooked it up to my gmail. But I keep getting a SSL error: Leaf certificate is expired" |
16:58 | <honestemu> | I was able to renew the certificates successfully. |
16:58 | <honestemu> | I tried googling the error, but I couldn't find a solution. |
17:10 | <nate> | I feel like a lot more context is needed, particularly your context of "hooked it up to gmail" and what software exactly is throwing the error and if it's still doing it after you renewed the certificates. If not then I would say the issue was your certificate was expired |
17:10 | -!- | thiras [~thiras@195.174.215.70] has quit [Remote host closed the connection] |
17:12 | -!- | thiras [~thiras@195.174.215.70] has joined #linode |
17:12 | -!- | thiras is "Ant" on #tami #linode #debian |
17:14 | <honestemu> | nate: I added it under the "Check mail from other accounts" in gmail. |
17:15 | <dwfreed> | are you using postfix and dovecot? |
17:15 | <honestemu> | Yup. |
17:15 | <dwfreed> | did you reload postfix and dovecot *both* after renewing the cert? |
17:16 | <honestemu> | dwfreed: Yup. |
17:16 | <honestemu> | That's systemctl restart dovecot, right? |
17:17 | <honestemu> | This is the error I got from gmail when trying to check mail from my mail server: Server returned error: "SSL error: Leaf certificate is expired" |
17:18 | <honestemu> | Can an incorrect password throw this error? |
17:18 | <honestemu> | I'm wondering if maybe I have my password wrong. |
17:21 | <dwfreed> | that message would have nothing to do with incorrect password |
17:22 | <dwfreed> | what is your Linode's IP address? |
17:23 | <honestemu> | 66.228.40.92 |
17:24 | <dwfreed> | Dovecot has not picked up the updated certificate; you should check its configuration to ensure it's pointing at the right files |
17:25 | <dwfreed> | if you're using certbot, the files it points at should be symlinks to the most recently generated certificate |
17:26 | <honestemu> | dwfreed: Good point. |
17:26 | <honestemu> | I see this when tailing the mail logs |
17:27 | <honestemu> | Jul 7 17:25:12 pestilence dovecot: pop3-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=2607:f8b0:4864:20::d27, lip=2600:3c03::f03c:91ff:fe73:127c, TLS: Disconnected, session=<dd179h2N/JUmB/iwSGQAIAAAAAAAAA0n> |
17:27 | <honestemu> | I'll investigate. |
17:27 | <honestemu> | Thanks for the help! |
17:28 | -!- | honestemu [~oftc-webi@pool-173-76-27-80.bstnma.fios.verizon.net] has quit [Quit: Page closed] |
17:28 | <dwfreed> | his nick reminds me of Honest Abe |
18:18 | -!- | andyzwieg103 [~Thunderbi@66-168-56-133.static.mdsn.wi.charter.com] has quit [Quit: andyzwieg103] |
18:29 | <millisa> | !point dwfreed |
18:29 | <millisa> | (RIP: Linbot) |
18:30 | <dwfreed> | mcintosh: ^^^ RIP linbot |
18:30 | <Peng> | linodebot is on Freenode |
18:30 | <Peng> | RIP OFTC |
18:41 | -!- | zimmedon [~zimmedon@zimmedon.com] has quit [Quit: Kernel panic - not syncing: Attempted to kill init!] |
19:21 | -!- | darwin [d@melik.windwireless.net] has joined #linode |
19:21 | -!- | darwin is "Darwin of The Elves" on #linode #bitlbee |
19:54 | -!- | _eyepulp [~eyepulp@50-83-205-92.client.mchsi.com] has joined #linode |
19:54 | -!- | _eyepulp is "eyepulp" on #linode |
20:00 | -!- | Guest6371 [~fifrdisro@2001:470:1af1:101::82e] has quit [Remote host closed the connection] |
20:00 | -!- | sm[m] [~simonmicm@2001:470:1af1:101::382b] has quit [Remote host closed the connection] |
20:00 | -!- | DennyFuchs[m] [~fuchsmatr@2001:470:1af1:101::c2f] has quit [Remote host closed the connection] |
20:00 | -!- | frailty [~frailtyma@2001:470:1af1:101::1972] has quit [Remote host closed the connection] |
20:00 | -!- | io____[m] [~iomatrixo@2001:470:1af1:101::2cc5] has quit [Remote host closed the connection] |
20:00 | -!- | mcintosh[m] [~mcintoshm@2001:470:1af1:101::4a9] has quit [Remote host closed the connection] |
20:00 | -!- | tomchen[m] [~tomchenma@2001:470:1af1:101::528] has quit [Remote host closed the connection] |
20:00 | -!- | fifr[m]1 [~fifrmatri@2001:470:1af1:101::3157] has quit [Remote host closed the connection] |
20:00 | -!- | Geezus42[m] [~geezus42m@2001:470:1af1:101::2ff] has quit [Write error: connection closed] |
20:00 | -!- | capuk[m] [~capukmatr@2001:470:1af1:101::8f1] has quit [Write error: connection closed] |
20:00 | -!- | lpalgarvio[m] [~lpalgarvi@2001:470:1af1:101::2e1] has quit [Remote host closed the connection] |
20:00 | -!- | intheclouddan[m] [~intheclou@2001:470:1af1:101::5ce] has quit [Remote host closed the connection] |
20:00 | -!- | jfred[m] [~jonterrac@2001:470:1af1:101::c] has quit [Remote host closed the connection] |
20:00 | -!- | eatonphil[m] [~eatonphil@2001:470:1af1:101::1368] has quit [Remote host closed the connection] |
20:00 | -!- | tomami[m] [~tomamimat@2001:470:1af1:101::fd] has quit [Remote host closed the connection] |
20:02 | <alan> | Ikaros: var countrytaxrate = ; is this valid? |
20:06 | -!- | _eyepulp [~eyepulp@50-83-205-92.client.mchsi.com] has quit [Ping timeout: 480 seconds] |
20:16 | -!- | alan [~oftc-webi@107-179-235-11.cpe.teksavvy.com] has quit [Quit: Page closed] |
20:17 | -!- | Geezus42[m] [~geezus42m@2001:470:1af1:101::2ff] has joined #linode |
20:17 | -!- | Geezus42[m] is "@Geezus42:matrix.org" on #linode #mm |
20:27 | -!- | kaare__ [~kaare@cpe-66-65-89-106.nyc.res.rr.com] has quit [Ping timeout: 480 seconds] |
20:44 | -!- | thiras [~thiras@195.174.215.70] has quit [Ping timeout: 480 seconds] |
20:47 | -!- | nthao414 [~oftc-webi@41.251.200.109] has joined #linode |
20:47 | -!- | nthao414 is "OFTC WebIRC Client" on #linode |
20:49 | -!- | nthao414 [~oftc-webi@41.251.200.109] has quit [] |
20:50 | -!- | zineb [~zineb@41.251.200.109] has joined #linode |
20:50 | -!- | zineb is "realname" on #linode |
20:51 | <zineb> | If i close my account and I have a 20$ coupon, and in my "Uninvoiced Balance" 10$ do I have to pay or the coupon is sufficient |
20:53 | -!- | zineb [~zineb@41.251.200.109] has quit [] |
20:53 | <dwfreed> | zineb: you mean you have a $20 credit on your account? |
20:53 | <dwfreed> | and gone |
21:09 | <LouWestin> | I translated iptables into NFT from linodes guide https://pastebin.com/EeXiQ7dd |
21:09 | <LouWestin> | I belive some of the rules could be condensed better |
21:10 | <LouWestin> | For all my hard work I'm going to setup a Pateon account with a goal of $1 billion dollars |
21:22 | <LouWestin> | and here's the NFT translation for IPv6 https://pastebin.com/YEEWJpWA |
21:37 | <LouWestin> | Ok for some reason any nft ip6 rules I add gives me the error, could not preocess rule: no such file or directory |
21:38 | <LouWestin> | Here's the error in full context https://pastebin.com/7u8EYLE6 |
21:46 | <retro|blah> | I have not worked with nftables, but I would want to verify that the filter table and INPUT chain exist for the ip6 family. (You might do something similar when troubleshooting iptables) |
21:49 | -!- | fstd [~fstd@xdsl-87-79-99-127.nc.de] has joined #linode |
21:49 | -!- | fstd is "fstd" on #oftc #linode #debian #kernelnewbies |
21:56 | <LouWestin> | basically I just translated the ip6table rule into nft using ip6tables-translate so it's possible there's an error in translation |
21:56 | -!- | fstd_ [~fstd@xdsl-89-0-49-249.nc.de] has quit [Ping timeout: 480 seconds] |
21:57 | <retro|blah> | OK, but that doesn't address what I suggested. |
22:01 | <LouWestin> | Ok, sorry responded too quickly |
22:02 | <LouWestin> | I'm looking into that |
22:11 | -!- | DarwinElf [d@melik.windwireless.net] has joined #linode |
22:11 | -!- | DarwinElf is "Darwin of The Elves" on #linode #bitlbee |
22:11 | -!- | darwin [d@melik.windwireless.net] has quit [Remote host closed the connection] |
22:11 | -!- | DarwinElf is now known as darwin |
22:22 | <LouWestin> | Alright, I'll have to revisit it later. I think I'll run with iptables for now like dwfreed sugguested |
22:42 | -!- | jas4711 [~smuxi@155.4.17.2] has quit [Ping timeout: 480 seconds] |
22:53 | -!- | jas4711 is "Simon Josefsson" on #debian |
22:53 | -!- | jas4711 [~smuxi@155.4.17.2] has joined #linode |
23:08 | <LouWestin> | I flushed out my iptables which kicked me out of the terminal, but for some reason i'm trying to add the rules back in with lish, but they're not entering in |
23:14 | <retro|blah> | I'm not sure what "they're not entering in" means. |
23:17 | <gparent> | i cant get a lock |
23:18 | <LouWestin> | I ended up rebooting the server. The rules weren't showing up |
23:18 | <LouWestin> | which the reboot fixed it. |
--- | Log | closed Mon Jul 08 00:00:47 2019 |