Package Inspection
by Roland Käser
Hi all
I know this would rater belong to the user list but I'm not a subscriber
of this list so I try to post it here.
I need a package inspection tool for a very large firewall project. The
ipt_string functionality does not longer exist in the iptables
implementation of the kernel 2.6 so I need a other tool which drops all
packages or communication parts which contains dangerous contents. I've
searched a lot of websites but I couldn't find anything which reliabley
implements a such function. Is there somebody which has experiences in
these field and can advise me? This functionality should been
implemented on a Fedora 2 machine which stands in the front of the
application level firewalls to prevent its from traffic which is not
productive.
Many Thanks
Roland Kaeser
--
Roland Käser
Fulachstr. 197
8200 Schaffhausen
Webmaster www.Israel-Jugendtag.ch
******************************************
** Schon vom Israel-Jugendtag gehört? **
******************************************
www.israel-jugendtag.ch
This e-mail is confidential. It may be read, copied and used only by the
intended recipient. If you have received it in error, please contact the
sender immediately by return e-mail or by telephoning.Please then delete
the e-mail and do not disclose its contents to any person. We believe,
but do not warrant, that this e-mail and any attachments are virus free.
You should take full responsibility for virus checking.
19 years, 3 months
HAL ejects
by Peter Backlund
Here's something I'd like to see in FC4: unmount-on-eject via HAL. I'm
talking about automatic unmounting CD/DVD when you press the eject
button, like the ancient "supermount". Is this within the scope of HAL?
/Peter
19 years, 3 months
Re: rawhide report: 20050121 changes
by sangu
Use pixelsize than size because of
https://bugzilla.mozilla.org/show_bug.cgi?id=236739#c5
2005-01-26 (수), 10:37 +0100, Nicolas Mailhot 쓰시길:
> Le mardi 25 janvier 2005 à 22:48 -0600, Jason L Tibbitts III a écrit :
>
> > Things may be different on CRTs; I haven't tried to use one in years.
> > However, the mere suggestion that the possibility of using antialiased
> > fonts in text applications should be avoided simply because you think
> > bitmaps are sufficient is ludicrous. You can still use bitmap fonts
> > through fontconfig if you like, so you don't lose anything.
>
> Anyway the whole argument doesn't stand because you have all the
> tunables needed in fontconfig to fine-tune what kind of AA you want at
> what sizes in a per-user and per-font basis.
>
> <match target="font">
> <test qual="any" name="size" compare="more">
> <double>8</double>
> </test>
> <test qual="any" name="size" compare="less">
> <double>14</double>
> </test>
> <edit name="antialias" mode="assign">
> <bool>false</bool>
> </edit>
> </match>
>
> (elapsed time : 3 min in google)
>
> --
> fedora-devel-list mailing list
> fedora-devel-list(a)redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-devel-list
19 years, 3 months
2.6.10-1.737 smp kernel crashes.
by Kim Lux
I'm not sure if this is the right list, but I'll post here anyway as it
is not a user or config issue associated with FC3 operation and 2.6.10
kernels are kind of FC4 stuff ?
Anyway... the 2.6.10-1.737 smp kernel is NOT stable on my laptop. It
does a hard kernel crash (ie total machine lockup, cannot start a new
session). This has happened 3x when websurfing with Konqueror. It
seems to occur when performing socket communications ie immediately
after double clicking a link, but that is just a quick observation.
I've run 2.6.10-1.727 since it became available on the same machine
without any issues. I've reverted back to it.
Hope this helps.
--
Kim Lux, Diesel Research Inc.
19 years, 3 months
Please Help!: Server crash whit kernel BUG at lib/radix-tree.c
by Dario Lesca
Hi, and sorry for my bad english :-(
It is possible, from the follow info take from /var/log/message after a
system crash, know why my server crash ?
---------------------------------
Jan 25 11:18:00 payprox kernel: ------------[ cut here ]------------
Jan 25 11:18:00 payprox kernel: kernel BUG at lib/radix-tree.c:575!
Jan 25 11:18:00 payprox kernel: invalid operand: 0000 [#1]
Jan 25 11:18:00 payprox kernel: SMP
Jan 25 11:18:00 payprox kernel: Modules linked in: ipt_limit loop tun
md5 ipv6 autofs4 i2c_dev i2c_core ipt_TOS ipt_MASQUERADE ipt_REDIRECT
ipt_REJECT ipt_pkttype ipt_LOG ipt_state ipt_multiport ipt_conntrack
iptable_mangle ip_nat_irc ip_nat_tftp ip_nat_ftp iptable_nat
ip_conntrack_irc ip_conntrack_tftp ip_conntrack_ftp ip_conntrack
iptable_filter ip_tables sunrpc button battery ac uhci_hcd ehci_hcd
snd_via82xx snd_ac97_codec snd_pcm_oss snd_mixer_oss snd_pcm snd_timer
snd_page_alloc gameport snd_mpu401_uart snd_rawmidi snd_seq_device snd
soundcore r8169 via_rhine mii sk98lin floppy dm_snapshot dm_zero
dm_mirror xfs dm_mod sata_via libata i2o_block i2o_core sd_mod scsi_mod
Jan 25 11:18:00 payprox kernel: CPU: 1
Jan 25 11:18:00 payprox kernel: EIP: 0060:[<c01b28db>] Not tainted
VLI
Jan 25 11:18:00 payprox kernel: EFLAGS: 00010046 (2.6.9-1.724_FC3smp)
Jan 25 11:18:00 payprox kernel: EIP is at __lookup_tag+0x5e/0x108
Jan 25 11:18:00 payprox kernel: eax: ffffffff ebx: 80000000 ecx:
00000020 edx: 00000000
Jan 25 11:18:00 payprox kernel: esi: c15be900 edi: 01000000 ebp:
00000000 esp: f7c63de8
Jan 25 11:18:00 payprox kernel: ds: 007b es: 007b ss: 0068
Jan 25 11:18:00 payprox kernel: Process pdflush (pid: 47,
threadinfo=f7c63000 task=f7c32130)
Jan 25 11:18:00 payprox kernel: Stack: 05fffffa f8ae1b04 00000020
00000000 f7c63eac 00000000 0000000e d95dc870
Jan 25 11:18:00 payprox kernel: dc6cc6ac c01b29c2 0000000e
f7c63e20 00000000 f7c63eac 00001000 00000000
Jan 25 11:18:00 payprox kernel: d95dc86c f7c63eac f7c63e94
c013a957 0000000e 00000000 f7c63e94 f7c63ea4
Jan 25 11:18:00 payprox kernel: Call Trace:
Jan 25 11:18:00 payprox kernel: [<f8ae1b04>]
_pagebuf_ioapply+0x288/0x290 [xfs]
Jan 25 11:18:00 payprox kernel: [<c01b29c2>]
radix_tree_gang_lookup_tag+0x3d/0x53
Jan 25 11:18:00 payprox kernel: [<c013a957>]
find_get_pages_tag+0x28/0x66
Jan 25 11:18:00 payprox kernel: [<c0142be3>]
pagevec_lookup_tag+0x1b/0x22
Jan 25 11:18:00 payprox kernel: [<c0170b7b>]
mpage_writepages+0x2bb/0x314
Jan 25 11:18:00 payprox kernel: [<f8ae6038>] xfs_bdstrat_cb+0x35/0x38
[xfs]
Jan 25 11:18:00 payprox kernel: [<f8ae066d>] linvfs_writepage+0x0/0xc6
[xfs]
Jan 25 11:18:00 payprox kernel: [<f8add5b9>]
xfs_inode_flush+0x1bd/0x1c9 [xfs]
Jan 25 11:18:00 payprox kernel: [<c011cac8>]
find_busiest_group+0xf1/0x2df
Jan 25 11:18:00 payprox kernel: [<c016f3fc>]
__sync_single_inode+0x5f/0x1c0
Jan 25 11:18:00 payprox kernel: [<c016f78f>] sync_sb_inodes+0x1a7/0x274
Jan 25 11:18:00 payprox kernel: [<c013f6ec>] pdflush+0x0/0x1e
Jan 25 11:18:00 payprox kernel: [<c016f8ed>] writeback_inodes+0x91/0xde
Jan 25 11:18:00 payprox kernel: [<c013ee6d>] wb_kupdate+0x7b/0xde
Jan 25 11:18:00 payprox kernel: [<c013f658>] __pdflush+0xec/0x180
Jan 25 11:18:00 payprox kernel: [<c013f706>] pdflush+0x1a/0x1e
Jan 25 11:18:00 payprox kernel: [<c013edf2>] wb_kupdate+0x0/0xde
Jan 25 11:18:00 payprox kernel: [<c013f6ec>] pdflush+0x0/0x1e
Jan 25 11:18:00 payprox kernel: [<c0131181>] kthread+0x73/0x9b
Jan 25 11:18:00 payprox kernel: [<c013110e>] kthread+0x0/0x9b
Jan 25 11:18:00 payprox kernel: [<c01041f1>]
kernel_thread_helper+0x5/0xb
Jan 25 11:18:00 payprox kernel: Code: 83 e5 3f 89 6c 24 08 83 fd 3f 77
49 8b 54 24 30 8b 4c 24 08 8d 04 d6 0f a3 88 04 01 00 00 19 c0 85 c0 74
11 83 7c 8e 04 00 75 2a <0f> 0b 3f 02 3f 82 2d c0 eb 20 b8 01 00 00 00
0f b6 0c 24 d3 e0
Jan 25 16:22:48 payprox syslogd 1.4.1: restart.
----------
Now, after reboot, I get some of this OOPS......
Is a hardware problem?
-----------------------------------------------
Jan 25 17:01:02 payprox kernel: Unable to handle kernel paging request
at virtual address 01000004
Jan 25 17:01:02 payprox kernel: printing eip:
Jan 25 17:01:02 payprox kernel: c015cf8a
Jan 25 17:01:02 payprox kernel: *pde = 2e7ef001
Jan 25 17:01:02 payprox kernel: Oops: 0000 [#5]
Jan 25 17:01:02 payprox kernel: SMP
Jan 25 17:01:02 payprox kernel: Modules linked in: tun md5 ipv6 autofs4
ipt_TOS ipt_MASQUERADE ipt_REDIRECT ipt_REJECT ipt_pkttype ipt_LOG
ipt_limit ipt_state ipt_multiport ipt_conntrack iptable_mangle
ip_nat_irc ip_nat_tftp ip_nat_ftp iptable_nat ip_conntrack_irc
ip_conntrack_tftp ip_conntrack_ftp ip_conntrack iptable_filter ip_tables
sunrpc video button battery ac uhci_hcd ehci_hcd i2c_viapro i2c_core
snd_via82xx snd_ac97_codec snd_pcm_oss snd_mixer_oss snd_pcm snd_timer
snd_page_alloc gameport snd_mpu401_uart snd_rawmidi snd_seq_device snd
soundcore r8169 via_rhine mii sk98lin floppy dm_snapshot dm_zero
dm_mirror xfs dm_mod sata_via libata i2o_block i2o_core sd_mod scsi_mod
Jan 25 17:01:02 payprox kernel: CPU: 0
Jan 25 17:01:02 payprox kernel: EIP: 0060:[<c015cf8a>] Not tainted
VLI
Jan 25 17:01:02 payprox kernel: EFLAGS: 00010206 (2.6.10-1.741_FC3smp)
Jan 25 17:01:02 payprox kernel: EIP is at link_path_walk+0x7c5/0xb9c
Jan 25 17:01:02 payprox kernel: eax: c196b710 ebx: cbb0569d ecx:
00000000 edx: 01000000
Jan 25 17:01:02 payprox kernel: esi: c1972e50 edi: cbb0569d ebp:
edd7af58 esp: edd7aec8
Jan 25 17:01:02 payprox kernel: ds: 007b es: 007b ss: 0068
Jan 25 17:01:02 payprox kernel: Process id (pid: 8018,
threadinfo=edd7a000 task=f721e530)
Jan 25 17:01:02 payprox kernel: Stack: c01453fb 00000000 ef5c4f28
eee22030 efbaaa6c f7fe8300 00000101 ef63a00c
Jan 25 17:01:02 payprox kernel: c1968e00 c196b710 cbb0569d
00000006 ef63a006 00de53a4 edd7a000 edd7af58
Jan 25 17:01:02 payprox kernel: 000001b6 ef63a000 c015d674
ef63a000 00000000 000001b6 edd7af58 c015dcc0
Jan 25 17:01:02 payprox kernel: Call Trace:
Jan 25 17:01:02 payprox kernel: [<c01453fb>] handle_mm_fault+0xbd/0x175
Jan 25 17:01:02 payprox kernel: [<c015d674>] path_lookup+0x144/0x174
Jan 25 17:01:02 payprox kernel: [<c015dcc0>] open_namei+0x8d/0x58b
Jan 25 17:01:02 payprox kernel: [<c0150f10>] filp_open+0x23/0x3c
Jan 25 17:01:02 payprox kernel: [<c01b49c4>]
strncpy_from_user+0x37/0x56
Jan 25 17:01:02 payprox kernel: [<c0151228>] sys_open+0x31/0x7d
Jan 25 17:01:02 payprox kernel: [<c0103c97>] syscall_call+0x7/0xb
Jan 25 17:01:02 payprox kernel: Code: c0 84 c0 74 07 89 d0 e8 a9 b3 00
00 89 1e e9 04 ff ff ff 89 ea 89 f0 e8 00 f7 ff ff e9 9a 03 00 00 8b 45
00 8b 50 48 85 d2 74 17 <8b> 4a 04 85 c9 74 10 8d 54 24 28 ff d1 85 c0
89 c3 0f 88 af 03
------------------------------
Pleas, help me.
Many thanks
--
Dario Lesca <d.lesca(a)solinos.it>
19 years, 3 months
stock kernel 2.6.10 reboots after selinux
by Jean-Luc Fontaine
I tried to recompile the stock 2.6.10 kernel (from kernel.org, no patches) on my
IBM X40 laptop (very nice machine by the way), by copying the stock .config from
the latest Fedora kernel and pruning a few harwdare items that obviously do not
exist on my PC.
When I boot, I get a bunch of selinux messages, then immediately after a
"Restarting system..." message, which indeed does what it says...
This is not very important, so please do not spend time on this, but if you
could point the right direction in my research for solving this problem...
Many thanks in advance,
--
Jean-Luc
19 years, 3 months
Re: udev: Directory for custom device nodes.
by Rahul Sundaram
Hi
>
> right, but this won't make its way in the upstream udev tarball, cause not all
> distributions have/use MAKEDEV and the start_udev is fedora specific anyway.
ok. are you aware of what other distro do resolve the problem you are
currently trying to solve. just curious on how they manage to do
without things like makedev and start_udev when you have to manually
create device nodes
>
> that could be changed..
> /etc/udev/init-makedev.d
>
this looks a better thing to do for me.
--
Regards,
Rahul Sundaram
19 years, 3 months