On Wednesday 10 December 2008, Dave Feustel wrote: >On Wed, Dec 10, 2008 at 08:54:41AM -0500, Gene Heskett wrote: >> And the cups update to fix a denial of service that yumex did last night, >> now is a denial of service, my logs are drowning in: > >Can you add a rule to your firewall that drops all IP6 traffic? I do not run a firewall between the boxes on my local net, which is behind a dd-wrt install on an x86 box, the best kept secret firewall ever. So there is not a fireall involved in the paths around here in any direction but the internet, and certainly not between the server and client pieces of amanda all running on the same machine. The point being that I have not configured anything here to use the ipv6 addressing conventions. Not samba, not cups, and not amanda, so where is it coming from and how to I turn it off. Or, alternatively, since I use hosts files first, dnsmasq second (which I'm not sure I understand yet) and all failed dns requests are delivered to the box running dd-wrt, which in urn fwds them to the verizon servers it gets assigned by PPPoE, how do I go about setting up valid, private addresses that are the same as a 192.168.*.* address is for ipv4? Hmm, dnsmasq is unk, lemme stop it. And start nscd in its place since it has always worked. Nope, same error timeout, the amanda client cannot talk to the amanda server, on the same machine. Now I've made another discovery. I cannot disable the ipv6 address as shown in an ifconfig report in ifcfg-eth0. I can edit it and change IPV6INIT from no to yes and back to no, with a restart after every edit, and still an ipv6 address is being configured in both lo and eth0. Is this: # Do not remove the following line, or various programs # that require network functionality will fail. 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 192.168.XX.XX coyote.coyote.den coyote etc etc for the rest of my local network A valid hosts file format for localhost? I had found the machines FQDN included in the 127.0.0.1 aliases a few days ago, and since that is separate from the address assigned to that machine.domain.name, I took it out. A leftover from the FU8 install I assume, and one I'd consider to be more breakage, according to the file, set by network manager, which I don't use. Am I wrong, and I need to redefine the FQDN as an alias in the 127.0.0.1 line? If thats the case, this is IMO, a security hole. What were they thinking? Amanda has always considered that a no-no and refuses to do some things because of it when it finds a dle defined as localhost instead of the FQDN or a valid alias to that FQDN. It is one of the foundation stones designed to prevent data theft by recovery on a machine that may not be the machine the backup represents. Localhost can of course be any machine. Plenty of unanswered questions above. Whats the best fix? Thanks. -- Cheers, Gene "There are four boxes to be used in defense of liberty: soap, ballot, jury, and ammo. Please use in that order." -Ed Howdershelt (Author) The best cure for insomnia is to get a lot of sleep. -- W. C. Fields -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
