2012-07-14T00:19:37 AAAAAAAAAAAAAAAAA 2012-07-14T00:20:09 ok, I need to add another network to my firewall's internal interface, ipconfig eth1:0 address netmask first right? 2012-07-14T00:22:31 :q 2012-07-14T00:26:52 *** NotLarry has quit IRC (Read error: Connection reset by peer) 2012-07-14T00:45:14 *** NotLarry has joined #se2600 2012-07-14T00:49:14 If your distro has static files you can configure that with, you just populate the values, and run `ifconfig eth0:1 up`. It'll figure out the rest 2012-07-14T01:10:43 *** rangerz1 has joined #se2600 2012-07-14T01:12:01 *** kive has quit IRC (Ping timeout: 246 seconds) 2012-07-14T01:12:29 *** kive has joined #se2600 2012-07-14T01:12:30 *** ChanServ sets mode: +o kive 2012-07-14T01:12:43 *** rangerz has quit IRC (Ping timeout: 246 seconds) 2012-07-14T05:00:55 *** NotLarry has quit IRC (Ping timeout: 265 seconds) 2012-07-14T06:24:55 *** NotLarry has joined #se2600 2012-07-14T06:31:09 just gonna leave this here. http://i.imgur.com/mBrm7.gif 2012-07-14T06:36:35 *** ladymerl1n has joined #se2600 2012-07-14T06:38:37 *** ladymerlin has quit IRC (Ping timeout: 240 seconds) 2012-07-14T06:53:42 this would be the one morning that dolemite doesn't get on here quickly 2012-07-14T06:53:43 if at all 2012-07-14T07:23:41 Oh, and I have no clue what's going on with the errors on the dreamhost site for the demo. I tried to use AddType application/json to the .htaccess file, but then I get an Internal Server Error 2012-07-14T07:48:10 we'll check it in a few minutes 2012-07-14T12:06:39 Dolemite: if you're generating json, you need to ensure that you're explicitly generating the header 2012-07-14T12:07:10 Google Chrome always pays attention to that header and will explicitly disallow things from being interpreted which have the wrong header 2012-07-14T12:07:11 https://www.owasp.org/index.php/HTML5_Security_Cheat_Sheet 2012-07-14T12:07:47 s/explicitly/implicitly/ 2012-07-14T12:51:31 *** Genphlux has joined #se2600 2012-07-14T13:30:42 hmm so XBMC for android 2012-07-14T13:30:46 interesting, lol 2012-07-14T13:32:20 especially since content providers in android are so well designed with the "i don't care where on the disk it is, just so long as i can get to it when I want, etc" 2012-07-14T13:40:14 well that is a kick in the pants 2012-07-14T13:40:22 gamestop has nexus 7 for sale 2012-07-14T13:41:52 google really fumbled the sale of the nexus 7, you have to pay tax and shipping when you order it through play store 2012-07-14T13:41:53 http://www.androidcentral.com/nexus-7-tablet-hitting-few-lucky-hands-already 2012-07-14T13:42:36 yeah the gamestop in ohio has them for sale (i just called that one b/c i remember my old work phone #, lol) 2012-07-14T15:09:04 *** ladymerl1n is now known as ladymerlin 2012-07-14T15:09:14 *** ChanServ sets mode: +o ladymerlin 2012-07-14T15:12:16 http://www.collegehumor.com/video/6789072/dora-the-explorer-movie-trailer-with-ariel-winter lol 2012-07-14T15:12:17 Title: Dora the Explorer Movie Trailer (with Ariel Winter) - CollegeHumor Video (at www.collegehumor.com) 2012-07-14T15:12:27 friends with kids post some interesting links, lol 2012-07-14T16:22:47 *** rangerz1 has quit IRC (Read error: Connection reset by peer) 2012-07-14T17:17:49 Fuck win: http://www.giantfreakinrobot.com/sci/rollsroyce-engineers-build-model-jet-engine-legos.html 2012-07-14T17:17:50 Title: Rolls-Royce Engineers Build A Model Jet Engine Out Of Legos | Giant Freakin Robot (at www.giantfreakinrobot.com) 2012-07-14T17:18:00 Fucking even. This thing's awesome. 2012-07-14T17:25:34 Dagmar: you up? 2012-07-14T17:31:46 I am now. 2012-07-14T17:47:21 hey, Dagmar, I need your help, read you messages please sir. 2012-07-14T17:48:51 oh, that sucks. my wife just pointed out the braves game is in widescreen on fox and the sides are cut off. Guess where the score is shown... 2012-07-14T18:08:18 So what is the problem? 2012-07-14T18:10:04 can't reach the 192.169 network from outside. 2012-07-14T18:10:38 That's normal. 2012-07-14T18:10:41 or from the firewall 2012-07-14T18:10:58 I was trying to forward a port to it from the firewall. 2012-07-14T18:11:06 Did you make sure the device has _routes_ for the other networks? 2012-07-14T18:11:21 I tried a route add 2012-07-14T18:11:24 let me check again 2012-07-14T18:11:27 Otherwise it's sending out of network traffic to the default gateway 2012-07-14T18:11:37 ...which may or may not be dropping them 2012-07-14T18:11:58 192.168.0.0 * 255.255.255.0 U 0 0 0 eth1 2012-07-14T18:12:18 though the interface is eth1:0, is that my problem? 2012-07-14T18:12:34 This technology confuses me. 2012-07-14T18:12:53 WHAT interface? 2012-07-14T18:13:27 internal network interface 2012-07-14T18:13:52 Okay so you have two interfaces on this machine? I have no idea what the topology is 2012-07-14T18:14:11 ok, eth0 is outside world, eth1 is inside. 2012-07-14T18:14:22 ...and this is an AP, so... two interfaces? Which one is wireless? 2012-07-14T18:14:24 I added eth1:0 with the 192 network (I thought) 2012-07-14T18:14:29 no wireless on this box 2012-07-14T18:14:38 Oh it's *just* a host 2012-07-14T18:14:39 this is a firewall 2012-07-14T18:14:50 Pastebin the routing table 2012-07-14T18:14:52 it is just a box to run iptables 2012-07-14T18:16:22 http://pastebin.com/0z3LAur0 2012-07-14T18:16:23 Title: ~$ route Kernel IP routing table Destination Gateway Genmask - Pastebin.com (at pastebin.com) 2012-07-14T18:16:49 wtf are the tun devices connected to? 2012-07-14T18:17:25 I'd rather not say. 2012-07-14T18:17:40 So what traffic is coming to this machine that doesn't work? 2012-07-14T18:17:59 I want to ssh to the 192.168 network from the outside. 2012-07-14T18:18:07 It should function fine from the outside network for anything going to it's external interface 2012-07-14T18:18:15 Well, it's not osmething you can route. Ever. 2012-07-14T18:18:32 IANA private netblocks are non-routeable across the internet 2012-07-14T18:19:08 You'd need to add a route for the 192.168.0.0/16 pointing directly to that machine's external interface using it as a gateway 2012-07-14T18:19:10 ok, in my iptables I assign port X to forward to 198.168.0.x port 22. 2012-07-14T18:19:34 THat's more or less normal port forwarding 2012-07-14T18:20:07 You'd connect to the exernal interface address from outside 2012-07-14T18:20:49 Whatever the hell eth0 is bound to 2012-07-14T18:20:51 yeah, I'll have to look at this some more. 2012-07-14T18:20:55 eth0 is the world, 2012-07-14T18:21:01 I think you may just be doing it all entirely wrong. 2012-07-14T18:21:06 No offense. 2012-07-14T18:21:10 I just want to be able to talk to 192.168 from the box. 2012-07-14T18:21:27 I don't know what I am doing, thus the cry for help:) 2012-07-14T18:22:14 Okay, so do me this... Scribble up a map of that local network segment as you feel it should operate. Annotate everything you think needs annotations. 2012-07-14T18:22:50 Either it will become obvious to you what thing you've gotten mixed up, or I'll show you what we need to do to fix it 2012-07-14T18:23:13 A box with a bunch of interface is very easy to get confused on. Heh. I do the map thing frequently. 2012-07-14T18:24:03 I am slightly covereed with loose hair and need to take a quick shower. I was just cutting my hair when I saw your call 2012-07-14T18:24:48 I get to go teach ice how to drive a stick shift, bbl 2012-07-14T18:43:43 Have fun bouncing around in first gear. :) 2012-07-14T18:44:52 yeah,no lie 2012-07-14T18:45:03 right now we are in a thunder storm, so I'm giving it a few 2012-07-14T18:45:46 ok, so I still have to create an eth1:0 to get the firewall to talk to the second network on the internal interface right? 2012-07-14T18:46:02 I can't say because I don't clearly know what you're doing yet 2012-07-14T18:46:15 It's not actually necessary to create more than one virtual interface for a number of thigns 2012-07-14T18:47:02 Ok, I have one nic card, it connects to a switch. machines on that switch have ip addresses on 10.10.0 and 192.168.0.0 I want the nic card to talk to both networks 2012-07-14T18:47:32 Okay, so you are saying you want an IP addressible interface *in* both of those networks, then 2012-07-14T18:47:38 ipconfig eth1 is address 192.168.0.x 2012-07-14T18:47:46 ...and you've only one physical network 2012-07-14T18:47:52 i create eth1:0 on 10.10 right? 2012-07-14T18:47:53 connection 2012-07-14T18:47:56 yes 2012-07-14T18:48:06 Yeah, but, this is not the way you do routing 2012-07-14T18:48:16 the other network connection goes to the world. I'm not worried about them. 2012-07-14T18:54:05 sigh 2012-07-14T18:54:13 I need to buy new running shears 2012-07-14T18:54:43 running shears help networking? 2012-07-14T18:55:21 If you're making your maps with yarn and tacks on a corkboard 2012-07-14T18:55:42 ive been driking so may not be following this conversation accurately 2012-07-14T18:55:55 d 2012-07-14T18:56:13 That's okay, he's been learning bad practices from the office 2012-07-14T18:56:21 damn yarn and tack maps are hardcore 2012-07-14T18:57:04 I take it you've never written server names on stickynotes, threw them up on a corkboard, and connected them via yarn networks, then 2012-07-14T18:58:12 no. my networks arent that big, i stick with pen and paper 2012-07-14T18:58:23 but then i dont have a chalkboard 2012-07-14T18:58:40 no, I have no pictures, no yarn, no tacks. 2012-07-14T18:58:45 I see a pack of darts. 2012-07-14T18:59:06 I'm downloading a windows iso now to replace it:) 2012-07-14T19:00:13 I'm on the toilet and I'm using tp and fecies to write this out on the wall. one server, one nic, one switch two ap connected to the switch. one ap is on 10.10.0.0 the other is on 192.168.0.0 I want to reach both from original box. 2012-07-14T19:00:23 It is a small diagram but it smells of shit. 2012-07-14T19:00:37 same vlan? 2012-07-14T19:01:05 no vlan set 2012-07-14T19:01:31 from the 192.168 ap I can talk to everything 2012-07-14T19:01:48 According to that you need to make sure the server has routes that go to the Aps 2012-07-14T19:02:06 not sure about linux. i have a similiar setup at my office. in windows i can add the second ip on the interface with no gateway and it will see both networks 2012-07-14T19:04:18 http://pastebin.com/TwArQJgX 2012-07-14T19:04:19 Title: eth0 Link encap:Ethernet HWaddr 00:08:a1:18:d7:b7 inet addr:x - Pastebin.com (at pastebin.com) 2012-07-14T19:04:27 I just don't see what I did wrong. 2012-07-14T19:04:40 brb, connecting to the other ap 2012-07-14T19:05:44 ok, on the 192.168 network now. 2012-07-14T19:06:19 so both talk to the same router to get to the internet? 2012-07-14T19:07:07 ok, nevermind 2012-07-14T19:07:16 ok 2012-07-14T19:07:19 All irrelevent 2012-07-14T19:08:47 so on a sidenote, you ever do anything with that helicopter you had at carolinacon? (i picked one up but havent had a chance to do much with it besides log in to it.) 2012-07-14T19:09:40 not yet. I have actually been over my head busy. Wife has been sick and I have had to take over being the adult. 2012-07-14T19:10:46 ah that sucks. 2012-07-14T19:10:58 So I did everything correct, with the exception of pluggint into the internet port on the 192.168 ap instead of an ethernet port. so it grabbed a 10.10 address. Kind of explained why there was no route to host:) 2012-07-14T19:11:15 Well, yeah, I never intended to even come close to being an adult. 2012-07-14T19:14:11 yup, iptables is forwarding the way I needed. I can now work on the box from the car while the kid drives around the neighborhood. thanks again and later all. 2012-07-14T19:15:54 later 2012-07-14T19:35:55 *** rangerz has joined #se2600 2012-07-14T21:44:44 *** Dickie has quit IRC (Ping timeout: 250 seconds) 2012-07-14T21:46:53 *** Dickie has joined #se2600 2012-07-14T21:46:53 *** ChanServ sets mode: +o Dickie 2012-07-14T22:06:03 If yer netblocks were set up correctly, iptables wouldn't even be involved for simple routing 2012-07-14T22:07:18 *** brimstone has quit IRC (Remote host closed the connection) 2012-07-14T22:07:28 *** Dickie has quit IRC (Ping timeout: 244 seconds) 2012-07-14T22:08:45 *** brimstone has joined #se2600 2012-07-14T22:08:46 *** brimstone has quit IRC (Changing host) 2012-07-14T22:08:46 *** brimstone has joined #se2600 2012-07-14T22:08:46 *** ChanServ sets mode: +o brimstone 2012-07-14T22:20:17 *** Dickie has joined #se2600 2012-07-14T22:20:18 *** ChanServ sets mode: +o Dickie 2012-07-14T22:22:23 *** K4k has joined #se2600 2012-07-14T22:22:30 *** K4k has joined #se2600 2012-07-14T22:24:38 *** K4k has quit IRC (Client Quit) 2012-07-14T22:27:41 *** K4k has joined #se2600 2012-07-14T22:28:52 *** K4k has quit IRC (Client Quit) 2012-07-14T22:31:09 *** K4k has joined #se2600 2012-07-14T22:33:00 *** K4k has joined #se2600 2012-07-14T22:40:52 *** sasquatc4 has quit IRC (Quit: Leaving) 2012-07-14T22:42:19 *** Dickie has quit IRC (Ping timeout: 265 seconds) 2012-07-14T22:46:54 *** opticron has quit IRC (Ping timeout: 260 seconds) 2012-07-14T22:47:11 *** opticron has joined #se2600 2012-07-14T22:47:19 *** ChanServ sets mode: +o opticron 2012-07-14T22:50:31 *** sasquatc4 has joined #se2600 2012-07-14T22:50:31 *** ChanServ sets mode: +o sasquatc4 2012-07-14T22:52:19 *** Dickie has joined #se2600 2012-07-14T22:52:19 *** ChanServ sets mode: +o Dickie 2012-07-14T22:52:43 *** RangerZ1 has joined #se2600 2012-07-14T22:52:50 *** RangerZ1 has left #se2600