The set-up to the question is I picked up a decently modern wireless router to play with. I allow no connection to the internet (nothing in the WAN port). I have a couple of computers I can connect to the wired ports of the router (assign static IPs within the subnet but outside the DHCP range). These machines (both *NIX boxes) will provide services such as a web server and a mud/game server. The router will allow open access to anyone who wants to connect (I want to provide my own content for experimentation). Since I have physical control of the hardware I'm not too worried about security.
Initially I'd like to be able to redirect all http traffic not bound for my web server to my web server. For example someone trying to get to Google will get my info page instead. But if someone were trying to access a different page on the same machine would still be able to connect.
I've done the RTFM thing and got confused. The manual seems to dance around the issue but doesn't seem to say anything which looks to be appropriate. The firewall is used mainly to filter incoming (from the WAN port) traffic. IP filters control the outbound (to the WAN port) filtering. The routing page talks about routing requests to a specific IP outside the LAN side. Virtual servers route requests from the WAN side to a specific LAN address. The port forwarding section looked more like an extension to the firewall page.
Here is what I'd like to do graphically.
Rule 1: LAN requests non-192.168.X.Y web page --> Router says "You must mean 192.168.X.Y" --> Router sends traffic to 192.168.X.Y/index.html Rule 2: LAN requests 192.168.X.Y/whatever.html --> Router passes along the request to 192.168.X.Y web server
The question is how can I do this? I know I've missed something, but the manual didn't seem to help. I'll admit to not checking Google, but I'm not sure what search terms to use.
This ties in with the wireless questions I was asking a couple of months ago. After I get this working I'll be looking at authentication for other services and extending the range of coverage.
Later Mike
Hi Mike,
What you want to do goes way beyond what most low end routers are designed to do. As you suggest the rules are applied to traffic coming into the WAN port and not local traffic. Your proposal also is not just IP routing but is also URL routing(i.e more like a proxy).
The port 80 redirect is available in the mods to the Linksys router via firmware replacement(an exmaple is openwrt.org)
-- Bill
Mike Pfaiffer wrote:
The set-up to the question is I picked up a decently modern wireless router to play with. I allow no connection to the internet (nothing in the WAN port). I have a couple of computers I can connect to the wired ports of the router (assign static IPs within the subnet but outside the DHCP range). These machines (both *NIX boxes) will provide services such as a web server and a mud/game server. The router will allow open access to anyone who wants to connect (I want to provide my own content for experimentation). Since I have physical control of the hardware I'm not too worried about security.
Initially I'd like to be able to redirect all http traffic not bound for my web server to my web server. For example someone trying to get to Google will get my info page instead. But if someone were trying to access a different page on the same machine would still be able to connect.
I've done the RTFM thing and got confused. The manual seems to dance around the issue but doesn't seem to say anything which looks to be appropriate. The firewall is used mainly to filter incoming (from the WAN port) traffic. IP filters control the outbound (to the WAN port) filtering. The routing page talks about routing requests to a specific IP outside the LAN side. Virtual servers route requests from the WAN side to a specific LAN address. The port forwarding section looked more like an extension to the firewall page.
Here is what I'd like to do graphically.
Rule 1: LAN requests non-192.168.X.Y web page --> Router says "You must mean 192.168.X.Y" --> Router sends traffic to 192.168.X.Y/index.html Rule 2: LAN requests 192.168.X.Y/whatever.html --> Router passes along the request to 192.168.X.Y web server
The question is how can I do this? I know I've missed something, but the manual didn't seem to help. I'll admit to not checking Google, but I'm not sure what search terms to use.
This ties in with the wireless questions I was asking a couple of months ago. After I get this working I'll be looking at authentication for other services and extending the range of coverage.
Later Mike
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
yeah -- like Bill says -- you want to use a customized firmware to perform that function.
Check out a few micro builds ... a couple I've used are below -- you didn't say what hardware you have, but check the following:
dd-wrt: http://www.dd-wrt.com/wiki/index.php/Supported_Devices openwrt: http://oldwiki.openwrt.org/TableOfHardware.html
you would probably like dd-wrt -- it is very user friendly and provides alot of functionality ... a small screenshot of one of my dd-wrt router configs is attached -- (I don't have that service enabled)
openwrt has a large collection (and I mean large!) of downloadable programs cross-compiled for the various supported platforms... both have ssh and http control.
Dan.
On Tue, Jun 16, 2009 at 7:00 PM, Bill Reidbillreid@shaw.ca wrote:
Hi Mike,
What you want to do goes way beyond what most low end routers are designed to do. As you suggest the rules are applied to traffic coming into the WAN port and not local traffic. Your proposal also is not just IP routing but is also URL routing(i.e more like a proxy).
The port 80 redirect is available in the mods to the Linksys router via firmware replacement(an exmaple is openwrt.org)
-- Bill
Mike Pfaiffer wrote:
The set-up to the question is I picked up a decently modern wireless router to play with. I allow no connection to the internet (nothing in the WAN port). I have a couple of computers I can connect to the wired ports of the router (assign static IPs within the subnet but outside the DHCP range). These machines (both *NIX boxes) will provide services such as a web server and a mud/game server. The router will allow open access to anyone who wants to connect (I want to provide my own content for experimentation). Since I have physical control of the hardware I'm not too worried about security.
Initially I'd like to be able to redirect all http traffic not bound for my web server to my web server. For example someone trying to get to Google will get my info page instead. But if someone were trying to access a different page on the same machine would still be able to connect.
I've done the RTFM thing and got confused. The manual seems to dance around the issue but doesn't seem to say anything which looks to be appropriate. The firewall is used mainly to filter incoming (from the WAN port) traffic. IP filters control the outbound (to the WAN port) filtering. The routing page talks about routing requests to a specific IP outside the LAN side. Virtual servers route requests from the WAN side to a specific LAN address. The port forwarding section looked more like an extension to the firewall page.
Here is what I'd like to do graphically.
Rule 1: LAN requests non-192.168.X.Y web page --> Router says "You must mean 192.168.X.Y" --> Router sends traffic to 192.168.X.Y/index.html Rule 2: LAN requests 192.168.X.Y/whatever.html --> Router passes along the request to 192.168.X.Y web server
The question is how can I do this? I know I've missed something, but the manual didn't seem to help. I'll admit to not checking Google, but I'm not sure what search terms to use.
This ties in with the wireless questions I was asking a couple of months ago. After I get this working I'll be looking at authentication for other services and extending the range of coverage.
Later Mike
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Dan Keizer wrote:
yeah -- like Bill says -- you want to use a customized firmware to perform that function.
Check out a few micro builds ... a couple I've used are below -- you didn't say what hardware you have, but check the following:
dd-wrt: http://www.dd-wrt.com/wiki/index.php/Supported_Devices openwrt: http://oldwiki.openwrt.org/TableOfHardware.html
you would probably like dd-wrt -- it is very user friendly and provides alot of functionality ... a small screenshot of one of my dd-wrt router configs is attached -- (I don't have that service enabled)
openwrt has a large collection (and I mean large!) of downloadable programs cross-compiled for the various supported platforms... both have ssh and http control.
Dan.
If it works with my D-Link (see the reply to Bill) I can see where I have a lot more reading and research to do. I'll have to look at alternative firmware.
Since I'm slowly getting into this sort of thing user friendly is a big bonus.
Later Mike
On Tue, Jun 16, 2009 at 7:00 PM, Bill Reidbillreid@shaw.ca wrote:
Hi Mike,
What you want to do goes way beyond what most low end routers are designed to do. As you suggest the rules are applied to traffic coming into the WAN port and not local traffic. Your proposal also is not just IP routing but is also URL routing(i.e more like a proxy).
The port 80 redirect is available in the mods to the Linksys router via firmware replacement(an exmaple is openwrt.org)
-- Bill
Mike Pfaiffer wrote:
The set-up to the question is I picked up a decently modern wirelessrouter to play with. I allow no connection to the internet (nothing in the WAN port). I have a couple of computers I can connect to the wired ports of the router (assign static IPs within the subnet but outside the DHCP range). These machines (both *NIX boxes) will provide services such as a web server and a mud/game server. The router will allow open access to anyone who wants to connect (I want to provide my own content for experimentation). Since I have physical control of the hardware I'm not too worried about security.
Initially I'd like to be able to redirect all http traffic not boundfor my web server to my web server. For example someone trying to get to Google will get my info page instead. But if someone were trying to access a different page on the same machine would still be able to connect.
I've done the RTFM thing and got confused. The manual seems to dancearound the issue but doesn't seem to say anything which looks to be appropriate. The firewall is used mainly to filter incoming (from the WAN port) traffic. IP filters control the outbound (to the WAN port) filtering. The routing page talks about routing requests to a specific IP outside the LAN side. Virtual servers route requests from the WAN side to a specific LAN address. The port forwarding section looked more like an extension to the firewall page.
Here is what I'd like to do graphically.Rule 1: LAN requests non-192.168.X.Y web page --> Router says "You must mean 192.168.X.Y" --> Router sends traffic to 192.168.X.Y/index.html Rule 2: LAN requests 192.168.X.Y/whatever.html --> Router passes along the request to 192.168.X.Y web server
The question is how can I do this? I know I've missed something, butthe manual didn't seem to help. I'll admit to not checking Google, but I'm not sure what search terms to use.
This ties in with the wireless questions I was asking a couple ofmonths ago. After I get this working I'll be looking at authentication for other services and extending the range of coverage.
Later Mike
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Agreed. What you are wanting is sort of like a captive portal. But this is easier done using squid in transparent mode with a custom redirector script (which I've done for April fools pranks so I know it works).
On 16-Jun-09, at 7:00 PM, Bill Reid wrote:
Hi Mike,
What you want to do goes way beyond what most low end routers are designed to do. As you suggest the rules are applied to traffic coming into the WAN port and not local traffic. Your proposal also is not just IP routing but is also URL routing(i.e more like a proxy).
The port 80 redirect is available in the mods to the Linksys router via firmware replacement(an exmaple is openwrt.org)
-- Bill
Mike Pfaiffer wrote:
The set-up to the question is I picked up a decently modern wireless router to play with. I allow no connection to the internet (nothing in the WAN port). I have a couple of computers I can connect to the wired ports of the router (assign static IPs within the subnet but outside the DHCP range). These machines (both *NIX boxes) will provide services such as a web server and a mud/game server. The router will allow open access to anyone who wants to connect (I want to provide my own content for experimentation). Since I have physical control of the hardware I'm not too worried about security.
Initially I'd like to be able to redirect all http traffic not bound for my web server to my web server. For example someone trying to get to Google will get my info page instead. But if someone were trying to access a different page on the same machine would still be able to connect.
I've done the RTFM thing and got confused. The manual seems to dance around the issue but doesn't seem to say anything which looks to be appropriate. The firewall is used mainly to filter incoming (from the WAN port) traffic. IP filters control the outbound (to the WAN port) filtering. The routing page talks about routing requests to a specific IP outside the LAN side. Virtual servers route requests from the WAN side to a specific LAN address. The port forwarding section looked more like an extension to the firewall page.
Here is what I'd like to do graphically.
Rule 1: LAN requests non-192.168.X.Y web page --> Router says "You must mean 192.168.X.Y" --> Router sends traffic to 192.168.X.Y/index.html Rule 2: LAN requests 192.168.X.Y/whatever.html --> Router passes along the request to 192.168.X.Y web server
The question is how can I do this? I know I've missed something, but the manual didn't seem to help. I'll admit to not checking Google, but I'm not sure what search terms to use.
This ties in with the wireless questions I was asking a couple of months ago. After I get this working I'll be looking at authentication for other services and extending the range of coverage.
Later Mike
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Sean Cody wrote:
Agreed. What you are wanting is sort of like a captive portal. But this is easier done using squid in transparent mode with a custom redirector script (which I've done for April fools pranks so I know it works).
Sounds interesting. I wanted to answer all the responses before I left for the day. I'd like to hear the details though...
Later Mike
On 16-Jun-09, at 7:00 PM, Bill Reid wrote:
Hi Mike,
What you want to do goes way beyond what most low end routers are designed to do. As you suggest the rules are applied to traffic coming into the WAN port and not local traffic. Your proposal also is not just IP routing but is also URL routing(i.e more like a proxy).
The port 80 redirect is available in the mods to the Linksys router via firmware replacement(an exmaple is openwrt.org)
-- Bill
Mike Pfaiffer wrote:
The set-up to the question is I picked up a decently modern wireless router to play with. I allow no connection to the internet (nothing in the WAN port). I have a couple of computers I can connect to the wired ports of the router (assign static IPs within the subnet but outside the DHCP range). These machines (both *NIX boxes) will provide services such as a web server and a mud/game server. The router will allow open access to anyone who wants to connect (I want to provide my own content for experimentation). Since I have physical control of the hardware I'm not too worried about security.
Initially I'd like to be able to redirect all http traffic not bound for my web server to my web server. For example someone trying to get to Google will get my info page instead. But if someone were trying to access a different page on the same machine would still be able to connect.
I've done the RTFM thing and got confused. The manual seems to dance around the issue but doesn't seem to say anything which looks to be appropriate. The firewall is used mainly to filter incoming (from the WAN port) traffic. IP filters control the outbound (to the WAN port) filtering. The routing page talks about routing requests to a specific IP outside the LAN side. Virtual servers route requests from the WAN side to a specific LAN address. The port forwarding section looked more like an extension to the firewall page.
Here is what I'd like to do graphically.
Rule 1: LAN requests non-192.168.X.Y web page --> Router says "You must mean 192.168.X.Y" --> Router sends traffic to 192.168.X.Y/index.html Rule 2: LAN requests 192.168.X.Y/whatever.html --> Router passes along the request to 192.168.X.Y web server
The question is how can I do this? I know I've missed something, but the manual didn't seem to help. I'll admit to not checking Google, but I'm not sure what search terms to use.
This ties in with the wireless questions I was asking a couple of months ago. After I get this working I'll be looking at authentication for other services and extending the range of coverage.
Later Mike
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
I am trying to find a good backup method for my Mac hard drives.
For Windoze, I discovered that the best method was to boot to a Fedora Core rescue CD, and use the dd command to block copy a disk or partition from one [removable] drive to another.
On my Mac, I am switching to an alternate boot drive so that I can copy my usual boot drive to a third drive using the dd command from the Terminal. However, I am encountering an IO error, and there are differences between the original and the copy as shown using FileMerge.
Carbon Copy Cloner failed to complete the task after encountering an IO error. At present, I can't get it to work at all.
On a Unix based system such as the Mac, should file level copies be adequate? This clearly did not work in Windoze - it seemed that hidden files wouldn't copy, and/or references in the target partition would still point to items in the source partition.
Any suggestions re how to make a clone of my boot drive would be appreciated.
-Dan
Dan Martin GP Hospital Practitioner ummar143@shaw.ca (204) 831-1746 answering machine always on
Dan Martin wrote:
On a Unix based system such as the Mac, should file level copies be adequate?
For the most part. Especially if you backup the partition tables too. I recommend rdiff-backup, it works great and can copy locally or to remote sites over ssh.
Any suggestions re how to make a clone of my boot drive would be appreciated.
Is clonezilla what your looking for?
"Clonezilla, <snip snip> allows you to do bare metal backup and recovery. "
On Fri, Jul 24, 2009 at 00:29, Robert Keizer robert@cluenet.org wrote:
Dan Martin wrote:
On a Unix based system such as the Mac, should file level copies be adequate?
For the most part. Especially if you backup the partition tables too. I recommend rdiff-backup, it works great and can copy locally or to remote sites over ssh.
Any suggestions re how to make a clone of my boot drive would be appreciated.
Is clonezilla what your looking for? http://clonezilla.org/
There are some problems with backing up a Mac (largely thanks to the HFS+ file system). The problem is very similar to backing up any UNIX filesystem that stores additional metadata beyond the basic stat(2) fields. Linux ACLs, for example, or even worse, EAs (which are often used to store ACLs) are not necessarily backed up correctly by [pick your favorite backup tool]. Most versions of GNU tar can backup ext3 and XFS ACLs & EAs, and EAs on any filesystem with compatible APIs, but from version to version there are various limitations that must be addressed. Many versions of cpio(1) don't handle EAs or ACLs. Pax(1) was written to address many of these issues but for incomprehensible reasons isn't present on many UNIX systems.
Anyway, two (dated, but still relevant) articles on Mac backups:
http://blog.plasticsfuture.org/2006/03/05/the-state-of-backup-and-cloning-to... http://blog.plasticsfuture.org/2006/04/23/mac-backup-software-harmful http://www.shirt-pocket.com/SuperDuper/SuperDuperDescription.html http://www.bombich.com/software/ccc.html **note that Bombich disagrees with the test results in the first two articles.
Both SuperDuper and CCC are availabe at no charge for personal use... if you don't back up your mac already, USE ONE!
Note also that many external USB & Firewire drives (esp. LaCie branded-drives) come with OS X backup software preloaded.
FWIW, we use SuperDuper at work and are happy with it.
-Montana
On Fri, Jul 24, 2009 at 12:42 AM, Adam Thompson athompso@athompso.netwrote:
On Fri, Jul 24, 2009 at 00:29, Robert Keizer robert@cluenet.org wrote:
Dan Martin wrote:
On a Unix based system such as the Mac, should file level copies be adequate?
For the most part. Especially if you backup the partition tables too. I recommend rdiff-backup, it works great and can copy locally or to remote sites over ssh.
Any suggestions re how to make a clone of my boot drive would be appreciated.
Is clonezilla what your looking for? http://clonezilla.org/
There are some problems with backing up a Mac (largely thanks to the HFS+ file system). The problem is very similar to backing up any UNIX filesystem that stores additional metadata beyond the basic stat(2) fields. Linux ACLs, for example, or even worse, EAs (which are often used to store ACLs) are not necessarily backed up correctly by [pick your favorite backup tool]. Most versions of GNU tar can backup ext3 and XFS ACLs & EAs, and EAs on any filesystem with compatible APIs, but from version to version there are various limitations that must be addressed. Many versions of cpio(1) don't handle EAs or ACLs. Pax(1) was written to address many of these issues but for incomprehensible reasons isn't present on many UNIX systems.
Anyway, two (dated, but still relevant) articles on Mac backups:
http://blog.plasticsfuture.org/2006/03/05/the-state-of-backup-and-cloning-to... http://blog.plasticsfuture.org/2006/04/23/mac-backup-software-harmful http://www.shirt-pocket.com/SuperDuper/SuperDuperDescription.html http://www.bombich.com/software/ccc.html **note that Bombich disagrees with the test results in the first two articles.
Both SuperDuper and CCC are availabe at no charge for personal use... if you don't back up your mac already, USE ONE!
Note also that many external USB & Firewire drives (esp. LaCie branded-drives) come with OS X backup software preloaded.
-- -Adam Thompson athompso@athompso.net
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Further to my adventures attempting to clone the boot drive of my Mac ...
I attempted cloning using dd - the idea being that a block copy would avoid any issues with metadata that might be encountered using file transfers. I/O errors were encountered (I believe a read on the source drive was cited).
CCC failed in block mode, and subsequently defaulted to file mode in spite of copying between identical types of drives. Then it failed in file mode.
SuperDuper (copies in file mode only) appeared to have no difficulty - though the target drive would not boot until I did it a second time. I have since made more copies which appear to boot. Given previous failures, I am not sure how much to trust that I have a faithful reproduction of the source drive (not that I have any other real choices).
I assume there is(are) bad block(s) on the source drive. Given the size of modern drives (this one a Seagate 750GB), statistically I expect bad blocks.
In general, shouldn't bad blocks be hidden by the firmware on the drive? I thought there was an internal mapping mechanism on the drive to exclude the use of bad blocks, which was invisible to even low level use such as the dd command.
Failing this, such as 'when good blocks go bad', the filesystem (HFS+ and I presume most other modern filesystems) will catalog any known bad blocks to avoid using them for files.
Should I be trying to return a warrantied drive after read errors occur? Discard it if it is not warrantied?
If the filesystem has isolated all bad blocks on the source drive, then dd conv=noerror should work so long as there are no bad blocks on the target drive. Does conv=noerror pad the missing/unreadable data so that the ends of the source and data drive/partitions 'line up'? HFS+ stores important info in the last 2 sectors.
After cloning, how do you verify identical file contents between clones? After a file level copy using SuperDuper, a comparison using FileMerge shows that many files do not match (I booted to one, so Spotlight data will differ). I think FileMerge complains about identical identifying data between the clones that it is asked to compare, though there is no problem mounting identical clones.
Since I happened to be at an Apple Store in Minneapolis, I purchased DiskTools Pro, which is advertised to "fix bad sectors" - identifying which files are affected by them. I am not sure how much to trust it, especially with destructive operations like defrag. I hope to try the "fix bad sectors" soon. Does anyone have experience with DiskTools Pro?
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
My understanding is that modern hard drives detect bad sectors and substitute ones from a set of 'spares', but when they run out of spares, well... time to get a new drive. Replace it on warranty if you can, but either way, the drive is done for. If you can do a file-based backup more than once, you can checksum the files and compare the checksums to see if the copies are good (or at least failed in the same place), but yeah, it's hard to tell how trustworthy the data is at that point, hence all the urging to start doing backups before this happens. Kevin
On Wed, Aug 19, 2009 at 10:59 AM, Dan Martin ummar143@shaw.ca wrote:
Further to my adventures attempting to clone the boot drive of my Mac ...
I attempted cloning using dd - the idea being that a block copy would avoid any issues with metadata that might be encountered using file transfers. I/O errors were encountered (I believe a read on the source drive was cited).
CCC failed in block mode, and subsequently defaulted to file mode in spite of copying between identical types of drives. Then it failed in file mode.
SuperDuper (copies in file mode only) appeared to have no difficulty - though the target drive would not boot until I did it a second time. I have since made more copies which appear to boot. Given previous failures, I am not sure how much to trust that I have a faithful reproduction of the source drive (not that I have any other real choices).
I assume there is(are) bad block(s) on the source drive. Given the size of modern drives (this one a Seagate 750GB), statistically I expect bad blocks.
In general, shouldn't bad blocks be hidden by the firmware on the drive? I thought there was an internal mapping mechanism on the drive to exclude the use of bad blocks, which was invisible to even low level use such as the dd command.
Failing this, such as 'when good blocks go bad', the filesystem (HFS+ and I presume most other modern filesystems) will catalog any known bad blocks to avoid using them for files.
Should I be trying to return a warrantied drive after read errors occur? Discard it if it is not warrantied?
If the filesystem has isolated all bad blocks on the source drive, then dd conv=noerror should work so long as there are no bad blocks on the target drive. Does conv=noerror pad the missing/unreadable data so that the ends of the source and data drive/partitions 'line up'? HFS+ stores important info in the last 2 sectors.
After cloning, how do you verify identical file contents between clones? After a file level copy using SuperDuper, a comparison using FileMerge shows that many files do not match (I booted to one, so Spotlight data will differ). I think FileMerge complains about identical identifying data between the clones that it is asked to compare, though there is no problem mounting identical clones.
Since I happened to be at an Apple Store in Minneapolis, I purchased DiskTools Pro, which is advertised to "fix bad sectors" - identifying which files are affected by them. I am not sure how much to trust it, especially with destructive operations like defrag. I hope to try the "fix bad sectors" soon. Does anyone have experience with DiskTools Pro?
Dan Martin GP Hospital Practitioner Computer Scientist ummar143@shaw.ca (204) 831-1746 answering machine always on
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
On 2009-07-23 Dan Martin wrote:
On my Mac, I am switching to an alternate boot drive so that I can copy my usual boot drive to a third drive using the dd command from the Terminal. However, I am encountering an IO error, and there are differences between the original and the copy as shown using FileMerge.
You can get by IO errors with conv=noerror, which I use for all my dd clones:
dd if=/dev/sda of=wherever conv=noerror bs=1M
Also handy with sysresccd.org boot (and other live cds) is you can start the nic and dd over the network:
dd if=/dev/sda conv=noerror | ssh root@yourfs 'cat > /tmp/image.dd'
or, why not store the img compressed:
dd if=/dev/sda conv=noerror | gzip -c9 | ssh root@yourfs 'cat
/tmp/image.dd.gz'
Of course, this all works better when your source CPU is fast and network is fast. You could move the gzip to the server if it has a faster cpu... or bzip... or...
Dan Martin wrote:
Any suggestions re how to make a clone of my boot drive would be appreciated.
Since nobody else has mentioned it, asr(8) should be able to make a clone of your boot drive (though you'll have to boot of your OS install disk open a terminal there).
http://www.manpagez.com/man/8/asr/
Peter
Bill Reid wrote:
Hi Mike,
What you want to do goes way beyond what most low end routers are designed to do. As you suggest the rules are applied to traffic coming into the WAN port and not local traffic. Your proposal also is not just IP routing but is also URL routing(i.e more like a proxy).
I wasn't really thinking along the lines of a proxy. It makes sense though. While I was half asleep last night I was thinking it might be easy to connect a computer to the WAN port to pretend it's the internet. It could then redirect all traffic back to the web server on the LAN. Maybe this is what Sean was talking about. I'm not sure.
The port 80 redirect is available in the mods to the Linksys router via firmware replacement(an exmaple is openwrt.org)
I can see how that would be useful in this situation. It could be redirected and fail with a 404 which could be redirected to the info page.
I'm using a D-Link 655. Would that make a difference?
-- Bill
Mike Pfaiffer wrote:
The set-up to the question is I picked up a decently modernwireless router to play with. I allow no connection to the internet (nothing in the WAN port). I have a couple of computers I can connect to the wired ports of the router (assign static IPs within the subnet but outside the DHCP range). These machines (both *NIX boxes) will provide services such as a web server and a mud/game server. The router will allow open access to anyone who wants to connect (I want to provide my own content for experimentation). Since I have physical control of the hardware I'm not too worried about security.
Initially I'd like to be able to redirect all http traffic notbound for my web server to my web server. For example someone trying to get to Google will get my info page instead. But if someone were trying to access a different page on the same machine would still be able to connect.
I've done the RTFM thing and got confused. The manual seems todance around the issue but doesn't seem to say anything which looks to be appropriate. The firewall is used mainly to filter incoming (from the WAN port) traffic. IP filters control the outbound (to the WAN port) filtering. The routing page talks about routing requests to a specific IP outside the LAN side. Virtual servers route requests from the WAN side to a specific LAN address. The port forwarding section looked more like an extension to the firewall page.
Here is what I'd like to do graphically.Rule 1: LAN requests non-192.168.X.Y web page --> Router says "You must mean 192.168.X.Y" --> Router sends traffic to 192.168.X.Y/index.html Rule 2: LAN requests 192.168.X.Y/whatever.html --> Router passes along the request to 192.168.X.Y web server
The question is how can I do this? I know I've missed something,but the manual didn't seem to help. I'll admit to not checking Google, but I'm not sure what search terms to use.
This ties in with the wireless questions I was asking a couple ofmonths ago. After I get this working I'll be looking at authentication for other services and extending the range of coverage.
Later Mike
Roundtable mailing list Roundtable@muug.mb.ca http://www.muug.mb.ca/mailman/listinfo/roundtable
Mike Pfaiffer wrote:
I'm using a D-Link 655. Would that make a difference?
Here is the list of D-Link routers from the Openwrt site. The 655 is not on the list.
http://oldwiki.openwrt.org/Hardware(2f)DLink.html
-- Bill
Bill Reid wrote:
Mike Pfaiffer wrote:
I'm using a D-Link 655. Would that make a difference?Here is the list of D-Link routers from the Openwrt site. The 655 is not on the list.
http://oldwiki.openwrt.org/Hardware(2f)DLink.html
-- Bill
I guess in six months it will be there.
Still, Seans idea about using a proxy might be interesting. I could tell the router the machine is a gateway then I won't have to redirect port 80 because it'll already be going to the proxy. From there I can mangle the URL and send it back through the router. Does that sound about right?
Later Mike
Yes, I am hanging my head in shame for not having backed up.
An error by NetBeans trashed a number of scripts that I have spent weeks writing. Not in the trash, so I assume that it rm's things - apparently without warning when I attempted to rename a project.
Does anyone have suggestions about how to recover the files, commercially or otherwise?
Dan Martin GP Hospital Practitioner ummar143@shaw.ca (204) 831-1746 answering machine always on
Dan Martin wrote:
Yes, I am hanging my head in shame for not having backed up.
An error by NetBeans trashed a number of scripts that I have spent weeks writing. Not in the trash, so I assume that it rm's things - apparently without warning when I attempted to rename a project.
Does anyone have suggestions about how to recover the files, commercially or otherwise?
Dan Martin GP Hospital Practitioner ummar143@shaw.ca (204) 831-1746 answering machine always on
I seem to remember the OS X man page for rm showed an rm -W option (not available in Linux) which will recover named files.
Later Mike
-
Adam Thompson -
Bill Reid -
Dan Keizer -
Dan Martin -
Kevin McGregor -
Mike Pfaiffer -
Montana Quiring -
Peter O'Gorman -
Robert Keizer -
Sean Cody -
Trevor Cordes