[tech] whats happened

Grahame Bowland grahame at angrygoats.net
Fri Nov 21 04:16:33 WST 2003


On Fri, Nov 21, 2003 at 01:23:21AM +0800, Bernard Blackham wrote:
> Brain dump:
> 
>  - removed a bunch of system gids from NIS, as they were clashing
>    and contained no actual users. pre-change version is in
>    /var/yp/src/group.presystemripout. I don't *think* this should
>    break anything, but if it does, just put the offending ones back.
> 
>  - dispense is happy again. Took some hacking to get it to work
>    properly, but it'll get a rewrite these holidays. I promise :)
> 
>  - door should open too. hasn't been tested though.
> 
>  - IMAP server is now dovecot. It's more secure, faster, and doesn't
>    let people crawl all over mooneye's filesystem
> 
>  - firewalls on all the reinstalled machines are in
>    /etc/init.d/ucc-fw . They're pretty tight, so if something
>    network related isn't working, it's most probably this.
>    They are activated from /etc/rcS.d/S41ucc-fw, and also when
>    bringing up the world-accessible aliases (ssh, telnet,
>    flame-tunnel), to make sure the NAT stuff works.
> 
> Methinks that's all for now.

In /etc/init.d/ucc-fw:
    # and now the v6 firewall.

    ip6tables -F
    ip6tables -P INPUT DROP
    ip6tables -P OUTPUT DROP
    ip6tables -P FORWARD DROP

Style *grin*

Thanks for all your work Bernard and everyone else that 
got UCC back. Sorry for not helping much, I'll erm, help 
more in future :-)




More information about the tech mailing list