I recently upgraded my testing distribution and got a lot of headaches. ----------------------------- SHOREWALL Lately, the shorewall versions changed so much that I couldn't ignore changes (in the config) anymore. Shorewall was crashing my computer on shutdown.
On shutdown I was getting something like this: ----- Shorewall:net2all:DROP:IN=eth0 OUT=MAC=ff:ff:ff:ff:ff:ff:00:06:25:f0:a9:d3:08:026369 PROTO=UDP SPT=29943 DPT=152 LEN=128 ----- I couldn't do anything about it. It seemed to be stuck in a loop... where the numbers after 'SPT=' where increasing. Unplugging the network cable-- stopped the loop... no more text was printed to the screen. That said, I never regained enough control to kill the process or finish the shutdown and had reach for the power switch to kill the machine 'cause there was no other way to do ANYTHING. I could type things in and they did display in 'tty1' but had no effect-- I didn't have a command line. When I switched to the other terminals tty2, tty3 etc... the keyboard didn't seem to have any effect-- it did not register anything at the login (I could only switch to another terminal). I'm sure it was shorewall... 'cause if I did "shorewall stop" and then shutdown I didn't have problems with shorewall. I wish there were better defaults for the shorewall set-up. At the moment one gets the 'shorewall.conf' in '/etc/shorewall' -- but nothing else. The other config files are hidden away in '/usr/share/doc/shorewall/default-config' and need modification to make the system run. Why make this complicated? I think installing shorewall was a big freaking headache and I was annoyed that I had to redo it lately. Quite aside from the above problem, I have the impression shorewall makes me more insecure-- as judged by Shields Up -- https://grc.com/x/ne.dll?bh0bkyd2 If I shutdown shorewall and run the sequence at Shields Up --- I get all green. With the config I copied from Mandrake-- I get one blue port (closed (green) vs. hidden (blue)). ----------------------------- CLOCK TROUBLES With the recent upgrade there is some sort of universal time eastern standard time conflict. My computer when I boot-up has the clock turned back 5 hours (the difference between Greenwich and where I live --with DST compensation). I wish the upgrade were more intelligent... or that the questions that dealt with this was at higher level. I remember setting some sort of configuration for apt-get/package configuration... when I installed Debian. I have the impression-- this detail about the clock got buried somewhere in a lower level. >From my install notes I know that I didn't set the clock to GMT. However, it seems Debian (on start-up) now sets my clock back the time difference to GMT. It is as if it assumes my computer is set to GMT and it has to turn the clock back to get eastern daylight savings time (EDT). ----------------------------- TOMCAT4 Is giving me grief on shutdown. Like shorewall... it seems to hang the machine on shutdown. I suspect this a problem not many people encounter-- 'cause most people that run a web server don't restart their machine often. (I'm not running a web server-- just using my machine to as a develop platform.) I haven't figure-out all the details on this one. I do know that if I kill the tomcat tasks-- and then shutdown the shutdown goes smoothly. If I don't stop tomcat the machine hangs in shutdown. Michael ======================================== System/Hardware ======================================== Toshiba Satellite A20 -- A20-31Q: 2.53GHz (PSA20C-0231Q) http://www.toshiba.ca/web/specifications.grp?lg=en§ion=1&group=1&product=1912&part=1772 Processor: Intel Pentium IV, 2.53GHz Memory: 512 MB Linux version 2.6.11-1-686 ([EMAIL PROTECTED]) (gcc version 3.3.6 (Debian 1:3.3.6-6)) #1 Mon Jun 20 22:00:38 MDT 2005 Distribution: Debian GNU/Linux Testing (Etch) Desktop: KDE 3.5.1 Install details can be found here: http://individual.utoronto.ca/bonert/debian_install.html -- Bis zu 70% Ihrer Onlinekosten sparen: GMX SmartSurfer! Kostenlos downloaden: http://www.gmx.net/de/go/smartsurfer -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
