Server is back up

Chris Shoemaker c.shoemaker at cox.net
Sun Jan 15 20:06:06 EST 2006


On Sun, Jan 15, 2006 at 07:42:58PM -0500, Derek Atkins wrote:
> Quoting Chris Shoemaker <c.shoemaker at cox.net>:
> 
> >Thanks for upgrading the server, Derek.
> 
> You're welcome.  I'm still working out the kinks.  I'm also waiting for
> the 2.6.15 kernel to get released by Fedora so I can re-install the
> iptables ssh protections (the ipt_recent module has been broken in all
> 2.6 kernels)...

I didn't know about ipt recent.  I've been using:
-A RH-Firewall-1-INPUT -i eth0 -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -m recent --set --name sshscans
-A RH-Firewall-1-INPUT -m recent --rcheck --seconds 60 --hitcount 5 --name sshscans -j LOG --log-prefix "SSH attack: "
-A RH-Firewall-1-INPUT -m recent --rcheck --seconds 60 --hitcount 5 --name sshscans -j DROP

But I can't say I'm totally satisfied with it.  It seems to interact
poorly with X11 forwarding.

I've done some searching for a better solution but nothing jumped out.
If you find something that works well, I'd be interested in trying it
out here if you'd share the rules.

I'm also waiting for an FC4-blessed 2.6.15-1, because it has a vgacon
double-scan fix that's been biting me since 2.6.14.

> 
> >I noticed that there's a new version of trac installed.  I notice
> 
> Yes.  FC4 comes with 0.9.3, so it auto-upgraded during the install.
> 
> >several changes I like, but one I don't.  I'm finding it difficult to
> >read the diff format in the changeset view.  The red/green/black
> >contrast is just way too subtle.  I don't remember what the old format
> >was, but I never had any trouble reading it.  It was probable like a
> >unified diff.  Is there an option to use the "old" format?
> 
> I honestly have no idea if that's controllable or how.  I'm willing to
> make the change if you tell me what I need to change.  Did you try selecting
> the side-by-side mode in the changeset viewer?  There's also the 
> "unified diff" link at the bottom of the changeset.

Oh, I didn't see those.  That's good enough for me.

-chris


More information about the gnucash-devel mailing list