headers
Austin Denyer | 1 Apr 2008 23:07
X-Face

Re: Filesystem 'fun'.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Sun, 30 Mar 2008 10:18:19 -0400, Austin (Ozz) Denyer
<ozz <at> ozz.is-a-geek.net> wrote:
> 
> I have inherited partial control of a system that has a very large
> number of files in one directory.  Now that the number of files in that
> directory has hit 32k the underlying filesystem (ext3) will not allow
> the creation of any more files in that directory.
> 
> Does anyone know of a way to get ext3 to accept more than 32k files in
> one directory? Am I just gonna have to bite the bullet and migrate to
> XFS?  Note that splitting into multiple subdirectories is not an option
> for the moment due to the number of systems and scripts that rely on
> the current layout and would require modification.  
> 
> Any advice or pointers would be appreciated.

First of all, thanks to all who replied to this.

In my absence the other guy with access to the box re-formatted it with
xfs, and that appears to have alleviated the problem for now.

Even so, I am hoping to conduct some tests soon on a spare partition to
see if any of the proposed ext3 fixes would have worked.  I'll let
y'all know what I learn.

Thanks again for your help.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Paul Tiseo | 2 Apr 2008 23:48
Gravatar

untangle

Has anyone ever used Untangle?

www.untangle.com

It's basically a packaged set of FOSS apps. They charge for extras where the IP is licensed.

Any experiences? Any alternatives?

I have recently been pricing Watchguard's x5500e, Sonicwall's e5500 and Juniper's SSG520, and I am
disenchanted by the support/maintenance pricing.

_ alphadog
Permalink | Reply | 0 comments |
headers
William L. Thomson Jr. | 2 Apr 2008 23:59
Favicon

Re: untangle


On Wed, 2008-04-02 at 17:48 -0400, Paul Tiseo wrote:
>
> I have recently been pricing Watchguard's x5500e, Sonicwall's e5500
> and Juniper's SSG520, and I am disenchanted by the support/maintenance
> pricing.

I will never touch Sonicwalls because of the support/maintenance crap. I
had a client who against my recommendation bought one at like 2 times
normal retail price. Then was charged about the same for install. From
someone other than me :) Mostly to provide free wireless at a commercial
location and do filtering in between wired (office/pos) and wireless
(public/free) networks.

Wireless never worked. IMHO it seemed to be the receiver or transmitter.
I can't recall but one side would show nothing but errors. I tried to
call support. But they wouldn't even talk to me since the support
contract had expired. This is a brand new unit, ~9 months in use. But I
guess they only come with 30 days support?

They wanted $100 to renew the support contract, and for a years
coverage. At which time I could talk to support. If the unit was found
to be defective, they would replace the unit at no charge.

I yanked it, bought a wrt54g, and a wired version both for $100 :). Put
the wired, behind wireless, so it's firewalled from wireless net. Hooked
wireless up to modem, and everything worked perfectly on first go. No
need for support or a contract, etc.

Sure no spam, or etc filtering. I am not one to do that at the firewall
(Continue reading)

Permalink | Reply | 0 comments |
headers
DoyenGuy | 3 Apr 2008 01:25
Picon

Re: untangle

I downloaded their appliance which looked pretty cool.  It's free to
download, why don't you just download it?

If you have a machine that meets their minimum requirements that is.  I
didn't, and it didn't really run at all on a machine with 256 or 320MB
of RAM.  I was surprised too.  You really do need 1 GB to run this (or
whatever it is now).

As far as if it's any good, I don't know, I didn't get that far.  I got
to the rack part, which looked pretty cool, but it ended up just
thrashing the disk when I added a module/tried to configure it.

On Wed, 2008-04-02 at 17:48 -0400, Paul Tiseo wrote:
> Has anyone ever used Untangle?
> 
> www.untangle.com
> 
> It's basically a packaged set of FOSS apps. They charge for extras where the IP is licensed.
> 
> Any experiences? Any alternatives?
> 
> I have recently been pricing Watchguard's x5500e, Sonicwall's e5500 and Juniper's SSG520, and I am
disenchanted by the support/maintenance pricing.
> 
> _ alphadog
> _______________________________________________
> Jaxlug-list mailing list
> Jaxlug-list@...
> http://mailman.jaxlug.org/mailman/listinfo/jaxlug-list
(Continue reading)

Permalink | Reply | 2 comments |
headers
Paul Tiseo | 4 Apr 2008 04:29
Picon

RE: untangle

Well, Untangle seems recommended by many ex-Smoothwall contributors. Also,
IPCop, spun off from Smoothwall, seems like another viable FOSS option.
Endian Firewall is a third mention. Bitchin' appliances! But, when you go to
their home page and see "More datails" as a link, and other
spellcheck-correctable typos, you question their meticulousness... :)

I guess I'm wondering what, if anything, will I not be able to do with these
FOSS products that are on any of the three commercial models I am
considering?

-----Original Message-----
From: jaxlug-list-bounces@... [mailto:jaxlug-list-bounces@...]
On Behalf Of DoyenGuy
Sent: Wednesday, April 02, 2008 7:26 PM
To: Paul Tiseo
Cc: jaxlug-list@...
Subject: Re: [JAXLUG] untangle

I downloaded their appliance which looked pretty cool.  It's free to
download, why don't you just download it?

If you have a machine that meets their minimum requirements that is.  I
didn't, and it didn't really run at all on a machine with 256 or 320MB
of RAM.  I was surprised too.  You really do need 1 GB to run this (or
whatever it is now).

As far as if it's any good, I don't know, I didn't get that far.  I got
to the rack part, which looked pretty cool, but it ended up just
thrashing the disk when I added a module/tried to configure it.
(Continue reading)

Permalink | Reply | 1 comment |
headers
amilcar padilla | 4 Apr 2008 15:09
Picon

sudo & openldap

Hello lists.  Anyone had any luck implementing the sudo schema in an  
openldap server?

or running a samba pdc with openldap as the backend?

I have this running in a test environment with windows and linux  
clients and its working pretty well so far.  anyone used this setup in  
production?

~apadilla
Permalink | Reply | 2 comments |
headers
Nathan H. | 4 Apr 2008 18:23
Picon

OT: DC904 / Jax2600 Meeting Tonight

Hello All,
I know that some of you have attended the DC904 / Jax2600 meetings in the
past so I figured I would let you know that we are having a meeting tonight.
The details are:

Date: Friday April 4th 2008
Time: 6:30 PM
Location: Raglands in 5 Points

Anyone interested in some lively discussions around information security are
welcome to join. Even if you just wanted to come hang out, listen, and have
dinner with us that is fine too. Meetings have been spotty in the past due
to the fact a few of us have been traveling. We would like to get in to the
swing of regular meetings. If you have any questions please feel free to
contact me. Thanks.

--

-- 
Nathan H.
CISSP-ISSAP IEM IAM CEH GCFA CCSE
Founder
Hexagon Security Group
Permalink | Reply | 0 comments |
headers
Tim Holloway | 4 Apr 2008 21:01
Favicon

Re: sudo & openldap

Does this mean you finally got set up for ldap-based user
authentication?

I haven't been managing sudo via ldap, but the process seems simple
enough:

1. Add the sudo ldap schema to the /etc/openldap/schema directory of
your ldap server and restart ldap.

2. Add an cn=defaults,ou=sudoUsers to your domain. It has an objectClass
of sudoRole and sets your default sudo options, such as which hosts are
sudo-able.

3. Add an additional entry for each login ID that's sudo-capable. For
example "cn=apadilla,ou=sudoUsers,dc=visre,dc=com". Give it the entries
that override the defaults user options.

Steps 2 and 3 can be simplified by using the script that was created for
converting an /etc/sudoers into its LDIF equivalent and loading the
LDIF.

The target machines will require pam_ldap, but they already have that if
they can login against ldap. You should be able to just login and sudo
in the usual way.

On Fri, 2008-04-04 at 09:09 -0400, amilcar padilla wrote:
> Hello lists.  Anyone had any luck implementing the sudo schema in an  
> openldap server?
> 
> or running a samba pdc with openldap as the backend?
(Continue reading)

Permalink | Reply | 1 comment |
headers
Mike Walsh | 4 Apr 2008 04:59

Re: untangle

I've been using pfSense for several years now and have been very pleased 
with this BSD based firewall/router.

It won't do spam/virus filtering but it does do a great job with severl 
flavors of VPN's (IPSEC, OpenVPN, PPTP), QOS, installable packages, etc. 
In addition it will run as a LiveCD, an hard drive install, or on an 
embedded platform like a Wrap/Alix/Soekris box.

Also it's hard to beat the price (free).

Mike
Permalink | Reply | 0 comments |
headers
Deepan | 6 Apr 2008 22:46
Picon
Gravatar

Usenet Reader

Hi All,
Can someone suggest me application to browse and
send messages to Usenet? Also it would be great if
you can recommond some free quality usenet
servers. It will be great if I can install them
using yum or apt or port. I tried Unison, it
prompts me to buy. Google groups for usenet does
not let me send messages via email. Does other
apps do ? 
Regards 
Deepan 
Sudoku Solver: http://www.sudoku-solver.net/
Permalink | Reply | 4 comments |

Gmane