From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1S0Xe9-0008T6-4b for garchives@archives.gentoo.org; Thu, 23 Feb 2012 12:19:41 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id D7F67E094F; Thu, 23 Feb 2012 12:19:31 +0000 (UTC) Received: from smtpq3.tb.mail.iss.as9143.net (smtpq3.tb.mail.iss.as9143.net [212.54.42.166]) by pigeon.gentoo.org (Postfix) with ESMTP id CBF9CE0CC3 for ; Thu, 23 Feb 2012 12:18:32 +0000 (UTC) Received: from [212.54.42.134] (helo=smtp3.tb.mail.iss.as9143.net) by smtpq3.tb.mail.iss.as9143.net with esmtp (Exim 4.71) (envelope-from ) id 1S0Xd2-0003hx-9D for gentoo-user@lists.gentoo.org; Thu, 23 Feb 2012 13:18:32 +0100 Received: from 5ed027d6.cm-7-1a.dynamic.ziggo.nl ([94.208.39.214] helo=data.antarean.org) by smtp3.tb.mail.iss.as9143.net with esmtp (Exim 4.71) (envelope-from ) id 1S0Xd2-0003FL-1T for gentoo-user@lists.gentoo.org; Thu, 23 Feb 2012 13:18:32 +0100 Received: from localhost (localhost [127.0.0.1]) by data.antarean.org (Postfix) with ESMTP id 861002A06 for ; Thu, 23 Feb 2012 13:24:23 +0100 (CET) X-Virus-Scanned: amavisd-new at antarean.org Received: from data.antarean.org ([127.0.0.1]) by localhost (data.antarean.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2Tfn5WkfKqAu for ; Thu, 23 Feb 2012 13:24:22 +0100 (CET) Received: from www.antarean.org (net.antarean.org [10.10.11.5]) by data.antarean.org (Postfix) with ESMTP id E347B2149 for ; Thu, 23 Feb 2012 13:24:21 +0100 (CET) Received: from 62.140.137.90 (SquirrelMail authenticated user joost) by www.antarean.org with HTTP; Thu, 23 Feb 2012 13:24:22 +0100 Message-ID: <17bbc4cc7a2508027b97d17852478509.squirrel@www.antarean.org> In-Reply-To: <20120223132503.6cd2fcde@khamul.example.com> References: <4F45F490.2020504@waagmeester.co.za> <201202230826.00642.michaelkintzios@gmail.com> <4F45FE1F.9070006@waagmeester.co.za> <20120223091734.2aa3d6d0@hactar.digimed.co.uk> <4F461983.8080100@waagmeester.co.za> <20120223130822.1a260044@khamul.example.com> <4F462019.4020703@waagmeester.co.za> <20120223132503.6cd2fcde@khamul.example.com> Date: Thu, 23 Feb 2012 13:24:22 +0100 Subject: Re: [gentoo-user] SOLVED gentoo-sources menuconfig feature/weirdness From: "J. Roeleveld" To: gentoo-user@lists.gentoo.org User-Agent: SquirrelMail/1.4.21 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 X-Priority: 3 (Normal) Importance: Normal Content-Transfer-Encoding: quoted-printable X-Ziggo-spambar: / X-Ziggo-spamscore: -0.9 X-Ziggo-spamreport: BAYES_00=-1.9,FSL_RCVD_USER=0.001,KHOP_DYNAMIC=0.001,RDNS_DYNAMIC=0.982,T_RP_MATCHES_RCVD=-0.01 X-Ziggo-Spam-Status: No X-Spam-Status: No X-Spam-Flag: No X-Archives-Salt: 9afb8724-a4fa-4fcf-bd61-16ca19990dfd X-Archives-Hash: f05c971fe8d65508efa4a5064e02fbc1 On Thu, February 23, 2012 12:25 pm, Alan McKinnon wrote: > Just don't do what I did earlier: sit in Joburg and configure the > firewall on a Xen host in deepest darkest Africa where there's no > tarred roads to get to it. How did you get the server there? Flown it in? I've seen the roads in Africa and those are difficult to navigate... (The tarmac'd ones are decent though) > Check the iptables config three times, > plus get your colleagues to look it over as well. We all signed off on > it. > > Guess what? Yup, you got it. We all missed something and now we are > locked out. Remember, it's in deepest darkest Africa. That's why I like the "ADMINISABSENTMINDED" option in the Shorewall config. It doesn't kill existing connections. I always test a new remote connection prior to closing the one I used to change it with. If I do accidentally kill my existing connection, the "safe_restart" option will cause it to roll-back if I don't accept the new settings before a time-out. -- Joost