On Tue, 7 Mar 2006 05:52:20 +0100 (MET) "Michael Bonert" <sparcc@gmx.net> wrote: > I recently upgraded my testing distribution and got a lot of headaches. > > ----------------------------- > SHOREWALL > Lately, the shorewall versions changed so much that I couldn't ignore > changes (in the config) anymore. Shorewall was crashing my computer on > shutdown. > > On shutdown I was getting something like this: > ----- > Shorewall:net2all:DROP:IN=eth0 > OUT=MAC=ff:ff:ff:ff:ff:ff:00:06:25:f0:a9:d3:08:026369 PROTO=UDP SPT=29943 > DPT=152 LEN=128 > ----- this is shorewall logging its dropped packets, afaik. Of course, I don't use shorewall, but used to see similar output from iptables. > I couldn't do anything about it. It seemed to be stuck in a loop... where > the numbers after 'SPT=' where increasing. > > Unplugging the network cable-- stopped the loop... no more text was printed > to the screen. That said, I never regained enough control to kill the > process or finish the shutdown and had reach for the power switch to kill > the machine 'cause there was no other way to do ANYTHING. I could type > things in and they did display in 'tty1' but had no effect-- I didn't have a > command line. When I switched to the other terminals tty2, tty3 etc... the > keyboard didn't seem to have any effect-- it did not register anything at > the login (I could only switch to another terminal). > > I'm sure it was shorewall... 'cause if I did "shorewall stop" and then > shutdown I didn't have problems with shorewall. clearly, shorewall isn't shutting down properly, though why its not responding to the terminal sending out kill signals is an interesting question. Is there a Kxxshorewall in /etc/rc6.d? you might need an update-rc.d shorewall defaults to set those shutdown links properly. Again, i don't use shorewall, so I'm guessing. > > I wish there were better defaults for the shorewall set-up. At the moment > one gets the 'shorewall.conf' in '/etc/shorewall' -- but nothing else. The > other config files are hidden away in > '/usr/share/doc/shorewall/default-config' and need modification to make the > system run. > > Why make this complicated? > I think installing shorewall was a big freaking headache and I was annoyed > that I had to redo it lately. maybe try some other firewall? > > Quite aside from the above problem, I have the impression shorewall makes me > more insecure-- as judged by Shields Up -- https://grc.com/x/ne.dll?bh0bkyd2 > If I shutdown shorewall and run the sequence at Shields Up --- I get all > green. With the config I copied from Mandrake-- I get one blue port (closed > (green) vs. hidden (blue)). this is misleading. grc.com is geared to Windows. In windows, if you can see the port, then you can get in... In linux, this is not the case. Just because your firewall says, "yes I exist" on a particular port doesn't mean you are at risk. A > > ----------------------------- > CLOCK TROUBLES > With the recent upgrade there is some sort of universal time eastern > standard time conflict. My computer when I boot-up has the clock turned > back 5 hours (the difference between Greenwich and where I live --with DST > compensation). > > I wish the upgrade were more intelligent... or that the questions that dealt > with this was at higher level. I remember setting some sort of > configuration for apt-get/package configuration... when I installed Debian. > I have the impression-- this detail about the clock got buried somewhere in > a lower level. > > >From my install notes I know that I didn't set the clock to GMT. However, > it seems Debian (on start-up) now sets my clock back the time difference to > GMT. It is as if it assumes my computer is set to GMT and it has to turn > the clock back to get eastern daylight savings time (EDT). > > > ----------------------------- > TOMCAT4 > Is giving me grief on shutdown. Like shorewall... it seems to hang the > machine on shutdown. > I suspect this a problem not many people encounter-- 'cause most people that > run a web server don't restart their machine often. (I'm not running a web > server-- just using my machine to as a develop platform.) > > I haven't figure-out all the details on this one. I do know that if I kill > the tomcat tasks-- and then shutdown the shutdown goes smoothly. If I don't > stop tomcat the machine hangs in shutdown. this may be related to your shorewall problem. some processes aren't shutting down properly. no help I know, but there it is. A > > > Michael > > > ======================================== > System/Hardware > ======================================== > Toshiba Satellite A20 -- A20-31Q: 2.53GHz > (PSA20C-0231Q) > http://www.toshiba.ca/web/specifications.grp?lg=en§ion=1&group=1&product=1912&part=1772 > > Processor: Intel Pentium IV, 2.53GHz > Memory: 512 MB > > Linux version 2.6.11-1-686 (dannf@firetheft) (gcc version 3.3.6 (Debian > 1:3.3.6-6)) #1 Mon Jun 20 22:00:38 MDT 2005 > > Distribution: Debian GNU/Linux Testing (Etch) > Desktop: KDE 3.5.1 > > Install details can be found here: > http://individual.utoronto.ca/bonert/debian_install.html > > > -- > Bis zu 70% Ihrer Onlinekosten sparen: GMX SmartSurfer! > Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer > > > -- > To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org >
Attachment:
pgpapXlQY6NEv.pgp
Description: PGP signature