Linux-Networking Digest #525, Volume #10 Wed, 17 Mar 99 05:13:49 EST
Contents:
Re: IPCHAINS_PROBLEM (Patrick Paysant)
Cable Modems & Linux (Phrostbit)
nagging ppp prob ("Ju")
Re: IP Forwarding via Command Prompt ("比卡超")
IP Forwarding Problem, HELP !!! ("比卡超")
Re: MAC and Linux (Reine Stenberg)
Linux as PCNFS-server... (Stefan Traber)
Re: Looking for strong ruleset ( rc.firewall ) for IPCHAINS and MASQ (Bond Masuda)
Multiple token-ring adaptors ("Terry East")
Re: Sextuple Boot ("Rick Droske")
Re: Machine name themes - what do you use? (Michael Proto)
----------------------------------------------------------------------------
From: Patrick Paysant <[EMAIL PROTECTED]>
Subject: Re: IPCHAINS_PROBLEM
Date: Wed, 17 Mar 1999 09:13:42 +0100
Ok, that's good. Your kernel is configured with firewall.
Just download ipchains and ipchains-scripts at :
ftp://ftp.weisshuhn.de/pub/linux/ipchains/ftp.rustcorp.com/
compile, install,and now, read HOWTO :
http://www.rustcorp.com/linux/ipchains/HOWTO.html
Goo luke
Patrick
[EMAIL PROTECTED] wrote:
> I compiled the new kernal (2.2.3) and as the HOW-TO says : " You need a
> kernel which has the new IP firewall chains in it. You can tell if the
> kernel you are running right now has this installed by looking for the file
> `/proc/net/ip_fwchains'. If it exists, you're in." Well I have this file
> but it has a 0 byte count. I am unsure if it is supposed to be this way. I
> have not been able to get a response from any type of Chains command. Do I
> need to also get the RPM for IPCHAINS? Where am I going wrong?
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Phrostbit)
Subject: Cable Modems & Linux
Reply-To: [EMAIL PROTECTED]
Date: Wed, 17 Mar 1999 08:11:39 GMT
I am considering using my Redhat 5.1 box as a Proxy server and
Firewall on my home LAN for my cable modem ... has anyone attempted
this??? What are some things I should be aware of or watch out for???
THanks,
Phrosty
------------------------------
From: "Ju" <[EMAIL PROTECTED]>
Subject: nagging ppp prob
Date: Wed, 17 Mar 1999 01:29:45 -0700
This newbie upgraded to redhat5.1, but is still having the same old problem,
lack of understanding.
How does one set ppp0 active? I have a US robotics pnp modem. There is ome
little thing just isn't configured properly.
When I run /etc/ppp/ppp-on, the system logs on to my ISP but disconnects
within 10 secs. Running /etc/ppp/ppp-off in that brief time or any other
time gives the error that ppp0 interface is not active. I'm not sure if my
understanding of this is even half right. I'm reading as much as I can but
that gets confusing sometimes.
Using minicom I can log on to my ISP (university) and use Lynx, hee haw. I'm
assuming that lynx is on my machine but I think that I'm logged on as a
telnet dumb terminal. So I know the hookup can work. When I run ppp-on from
the command line, what am I supposed to get? I'm assuming a hookup with no
interaction.
They have a dead link where the Linux ppp hookup was explained and isn't
going to be anymore, sheeesh.
I'd love to get the netscape browser to work. How?
cheers Jullian
------------------------------
From: "比卡超" <[EMAIL PROTECTED]>
Subject: Re: IP Forwarding via Command Prompt
Date: Wed, 17 Mar 1999 14:54:36 +0800
I got the same IP Forwarding problem, too !!!
Here is the detail:
+-----------------------------------------------------------------------+
| Linux Box
|
| with 2 NICs
|
+------------------------------+-------+-------------------------------+
| eth0 | | eth1
|
| 10.131.12.50 | | 192.168.0.1 |
+---------------+--------------+ +----------------+--------------+
| |
| |
+---------------+--------------+ +----------------+--------------+
| Internet | | CWin98 Client
|
+------------------------------+ | ---------------------------
|
| with gateway
|
| = 192.168.0.1
|
+---------------+---------------+
I want to let my CWin98 client connect to internet through Linux Box.
So, I set the gateway of the CWin98 client as eth1(192.168.0.1).
"IPv4 forward" is enabled in the Linux Box.
When I use browser to view Homepage, it appear as "Test Page for Red Hat
Linux's Apache Installation".
The HTML content is as following:
##It Worked!
##If you can see this, it means that the installation of the Apache software
on this Red Hat Linux system was successful. You may now add content to this
directory and replace this page.
##--------------------------------------------------------------------------
======
##If you are seeing this instead of the content you expected, please contact
the administrator of the site involved. If you send mail about this to the a
uthors of the Apache software or Red Hat Software, who almost certainly have
nothing to do with this site, your message will be ignored.
##--------------------------------------------------------------------------
======
##The Apache documentation has been included with this distribution.
##For documentation and information on Red Hat Linux, please visit the web
site of Red Hat Software. The manual for Red Hat Linux is available here.
##You are free to use the image below on an Apache-powered web server.
Thanks for using Apache!
##You are free to use the image below on a Red Hat Linux-powered web server.
Thanks for using Red Hat Linux!
Besides, I cannot ping IP of those machine in the internet.
Would anyone has got idea of what else I need to do ?
Please offer your help !!!
Thank you
Chris Hanrahan 撰寫於文章 <36ef1b04.2483591@news>...
> I'm using RedHat 5.2 and am comfortable setting up IP
>Forwarding using the netcfg tool in X Windows. However, I'd like to
>be able to accomplish the same thing via the command line. I tried
>editing /etc/sysconfig/network and set FORWARD_IPV4 to yes, however,
>the box still would not route. Are there other places that I must
>make changes ? Once the device driver for an ethernet card is
>installed, what's the procedure for configuring the IP address etc.
>for that Interface. The only way that I know is to add the proper
>ifconfig statements to the /etc/rc.d/rc.local file, but clearly, there
>is another way, since after using X to accomplish the same thing,
>rc.local is untouched. Can someone point me in the right direction ?
>
>
>Thanks
>
>Chris Hanrahan
>[EMAIL PROTECTED]
------------------------------
From: "比卡超" <[EMAIL PROTECTED]>
Subject: IP Forwarding Problem, HELP !!!
Date: Wed, 17 Mar 1999 14:59:04 +0800
I got the same IP Forwarding problem, too !!!
Here is the detail:
+-----------------------------------------------------------------------+
| Linux Box
|
| with 2 NICs
|
+------------------------------+-------+-------------------------------+
| eth0 | | eth1
|
| 10.131.12.50 | | 192.168.0.1 |
+---------------+--------------+ +----------------+--------------+
| |
| |
+---------------+--------------+ +----------------+--------------+
| Internet | | CWin98 Client
|
+------------------------------+ | --------------------------- |
| with gateway
|
| = 192.168.0.1
|
+---------------+---------------+
I want to let my CWin98 client connect to internet through Linux Box.
So, I set the gateway of the CWin98 client as eth1(192.168.0.1).
"IPv4 forward" is enabled in the Linux Box.
When I use browser to view Homepage, it appear as "Test Page for Red Hat
Linux's Apache Installation".
The HTML content is as following:
##It Worked!
##If you can see this, it means that the installation of the Apache software
on this Red Hat Linux system was successful. You may now add content to this
directory and replace this page.
##--------------------------------------------------------------------------
======
##If you are seeing this instead of the content you expected, please contact
the administrator of the site involved. If you send mail about this to the a
uthors of the Apache software or Red Hat Software, who almost certainly have
nothing to do with this site, your message will be ignored.
##--------------------------------------------------------------------------
======
##The Apache documentation has been included with this distribution.
##For documentation and information on Red Hat Linux, please visit the web
site of Red Hat Software. The manual for Red Hat Linux is available here.
##You are free to use the image below on an Apache-powered web server.
Thanks for using Apache!
##You are free to use the image below on a Red Hat Linux-powered web server.
Thanks for using Red Hat Linux!
Besides, I cannot ping IP of those machine in the internet.
Would anyone has got idea of what else I need to do ?
Please offer your help !!!
Thank you
------------------------------
From: Reine Stenberg <[EMAIL PROTECTED]>
Subject: Re: MAC and Linux
Date: Wed, 17 Mar 1999 09:51:02 +0100
Shutting down SMB is not an alternative I'm afraid since we also have NT
workstations which will need to access the server.
Also, we want to use quota to prevent users to use up all the disk.
>From what I've heard, Appletalk is noisy on the network. Is this correct ?
Rod Smith wrote:
> You might want to look into installing netatalk on the Linux box. This
> will let Linux "talk" AppleTalk, the Mac's native networking language.
> You could then shut down the SMB services entirely (assuming they're not
> being used by other machines).
>
> --
> Rod Smith
> [EMAIL PROTECTED]
> http://www.channel1.com/users/rodsmith
> NOTE: Remove the "uce" word from my address to mail me
------------------------------
From: Stefan Traber <[EMAIL PROTECTED]>
Subject: Linux as PCNFS-server...
Date: Wed, 17 Mar 1999 09:04:50 +0100
This is a multi-part message in MIME format.
==============5BAA7000F53309247E4C76FA
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hello,
i'm trying to set up a Linux PCNFS-server. The problem i'm having is
that the directory exported to the Windows clients is (and must be) a
VFAT Partition. This however causes problems since the VFAT partition
can not handle different user and group ids. When i try and write to
this partition from a Windows client, i get null-length files and
error-messages saying that i don't have the correct access-rights.
My fstab entry for this partition looks like this:
/dev/hda1 /local/lw_c vfat rw,auto,umask=0000 0 0
What seemed to (partly) help with this problem was the following entry:
/dev/hda1 /local/lw_c vfat rw,auto,umask=0000,gid=100,uid=500 0 0
(however for only this one special user.)
Does anyone have any ideas here?
Thanks in advance for any help,
Stefan
==============5BAA7000F53309247E4C76FA
Content-Type: text/x-vcard; charset=us-ascii;
name="s.traber.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Stefan Traber
Content-Disposition: attachment;
filename="s.traber.vcf"
begin:vcard
n:Traber;Stefan
tel;cell:+49-170-4777707
tel;fax:+49-711-82143486
tel;work:+49-711-82142838
x-mozilla-html:FALSE
org:Alcatel;Service Export - VS/S5-2
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
fn:Stefan Traber
end:vcard
==============5BAA7000F53309247E4C76FA==
------------------------------
From: Bond Masuda <[EMAIL PROTECTED]>
Crossposted-To: comp.security.firewalls
Subject: Re: Looking for strong ruleset ( rc.firewall ) for IPCHAINS and MASQ
Date: Wed, 17 Mar 1999 09:38:27 GMT
Hello,
Please see my post a few days back... I wrote a script about a week ago
that I posted. So far, from the comments I've gotten, it's pretty
secure... at least no one has responded with a major flaw in it. The
script isn't exactly DHCP friendly.. as I wrote it for static IP. But
you can add a few lines to it to accept arguments to change your
external IP by passing it as an argument.
It was posted to comp.security.firewalls.
D.
Wadels wrote:
>
> I once downloaded and used a long (thorough) rc.firewall ruleset for
> ipfwadm, which worked well on Caldera OpenLinux. But I needed DHCPcd, so had
> to upgrade to RedHat, and went straight to kernel 2.2.3. I finally have the
> networking up, but can't find a comparable ruleset for IPCHAINS (and lost my
> old script, so I can't translate it with the wrapper).
>
> The rc.firewall script ver. 1.5.1 from Freshmeat.net seems so small and
> less DHCPcd friendly. Does anyone know where I can get a more powerful
> script? It needn't support nfs, coda, XWindow ports, etc, just basic web and
> e-mail services, very securely.
>
> Thanks!
------------------------------
From: "Terry East" <[EMAIL PROTECTED]>
Subject: Multiple token-ring adaptors
Date: Tue, 16 Mar 1999 15:42:03 +0200
Hi all
Several weeks ago I posted a request asking for help in installing multiple
ibm token ring adaptors on my linux system running redhat 5.2 (kernel
2.0.36-0.7). Several people emailed me privately asking if I had found a
solution. I have finally found the solution and thought I would share it
with others in need of the same solution.
Delving into the kernel source for ibmtr.c on version 2.2.1 I found that
support for multiple nics had been added. However this meant upgrading to
version 2.2.x to test that if it worked, a daunting task without plenty of
help. Fortunatelly that help was supplied through this newsgroup (thanks to
all who supplied an address
http://charlotte.redhat.com/support/docs/rhl/kernel-2.2/kernel2.2-upgrade.ht
ml was the one I used and the transition was very smooth).
Terry East
------------------------------
From: "Rick Droske" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.ms-windows.nt.admin.security,comp.os.ms-windows.nt.admin.networking,comp.os.netware.misc
Subject: Re: Sextuple Boot
Date: Tue, 16 Mar 1999 23:07:15 -0500
Well if thats what you call a debate I wont expect much. But lets see.
lets start with your first reply on this thread.
> You're right, NT's boot loader couldn't see the Linux partition on my
> computer.
It can - you just have to be a little tricky at making it work.
My NT machine boots straight into Linux from the NT loader. No hassles, no
problems.
Email if you want the exact method.
DAzzA
Yes. you wouldn't want to post the "tricky" method for the general public.
Someone, perhaps one of the evil threatening NT users who this group is
meant for, might steal some of your hard eaned "tricky"
knowledge.
As for the rest of your diatribe its a whole lot of who cares as far as a
real enterprise type server goes. I have set up lots of NT servers that do
all of the important things you mentioned and never crash.
By the by I notice you fail to even mention what OS you do run.
Or how many users it supports. I suspect you run it in your basement
for your own amusement.
You are getting close to my point tho by using such a "busy" server as a
router as well. I can see using a dedicated PC as a router
(and NT does it quite well) but why? Can't budget a dedicated piece of
hardware?
NT can run more than one thing very well (and what any of this has to do
with a 390 mainframe I certainly dont understand). My point was that when
people complain about NT crashing it is usually someone like you.
When you ask them what their server is doing its always something like your
response or worse.
"Well its my only server so of course its the PDC and the WINS server
and oh yeah DNS, my boss wanted groupware so I installed a beta
version of Exchange server that I dont really understand, and we needed an
"Intranet" so I downloaded a web server. We had to split the network into 2
subnets so I added a NIC and Enabled IP forwarding cuase I didn't want to
buy a router and then theres the two client/server apps my buddy from
college did for us, they needed that
SQL 7.0 eval edition..............."
Same kind of do it for free thing you espouse (and its actually easier, just
as free for the most part, and works better on NT) . Then it crashes and
its usually some non-MS software that does it, something someone found for
free and then they cry?
Don't get me wrong, I don't think MS is the be all and end all. I'm
just tired of people like you coming to newsgroups like this and putting it
down with no real experience in either it or an alternative
(which you dont even name).
I assume you mean linux and if you do i'm also tired of you college kids
that learn a little unix and then start squealing about how much better it
is when you know squat about it or ant other system in a real world
installation.
I await your "debate" response and expect little.
DaZZa <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>On Mon, 15 Mar 1999, Rick Droske wrote:
>
><sarcasim>
>Oh goodie, another NT vs XX debate. What _fun_
></sarcasim>
>
>> In my experience NT only crashes when administered by people that don't
know
>> what they are doing, or are trying to use too many of it myriad
>> possibilities on one machine, or have loaded who knows what ot the many
>> possible applications onto it
>
>Your experience is vastly different to mine, then.
>
>NT is the be all and end all of operating systems. Microsoft tells me so.
>So why CAN'T I do "too many of its myriad possibilities" on one machine?
>
>Bwahahahaha!
>
>NT runs fune - as long as it only does one thing at a time. Can we spell
>IBM 390's, boys and girls?
>
>> Most Linux machines do nothing but serve files, maybe web, maybe dns and
>> SQL. My NT servers doing only this never crash either.
>
>Lessee.
>
>Fileserver {goes without saying}
>IP Masquerading {P NAT, if you prefer the term}.
>Web server {Apache - the worlds fastest web server}
>Web proxy/cache {Squid - free software}
>Bootp/DHCP server {because WindoZe clients won't use real BootP}
>Net terminal {including X-Windows and Netscape}
>IRC server {Local network, net connected when required}
>Print spooler/server {Epson Stylus Colour 850}
>Router {3 networks, 2 network cards and a dialup, IP and IPX}
>Firewall {IP, net access blocking and controlling}
>AMD K6-2/300 with 64 meg of RAM, and about 10 gig of hard disk space.
>
>Try getting your famed NT server doing all that in the same hardware
>without it crashing {hell, if you can even get it STARTED I'll be
>impressed}.
>
>To quote the great Remo Williams.
>
>Blow it out your ears.
>
>I 'aint impressed by NT. I never will be.
>
>DaZZa
>
------------------------------
From: [EMAIL PROTECTED] (Michael Proto)
Crossposted-To:
vmsnet.networks.misc,microsoft.public.windowsnt.domain,comp.unix.solaris,comp.os.os2.networking.server,comp.os.ms-windows.nt.admin.networking,comp.infosystems.www.servers.unix,comp.protocols.tcp-ip.domains
Subject: Re: Machine name themes - what do you use?
Date: 17 Mar 1999 08:51:07 GMT
On Tue, 16 Mar 1999 00:45:19 -0500, Wesley W. Garland <[EMAIL PROTECTED]> wrote:
>
>We use characters from the series "Incarnations of Immortality", by
>Piers Anthony on our internal (non-internet-accessible) LAN.
>
>The domain we use internally is immortal.ca, and machines have names
>like Charon, Thanatos, Clotho, Gaea, Atropos, Mars, Nox, Satan,
>God, Jehova, etc.
>
We're using characters from Douglass Adams' _Hitchhikers' Guide to the
Galaxy_. Marvin, Ford, Arthur, Zaphod, etc...
Mike
--
-] Michael Proto [-
-] MCP [-
-] Happy Linux user since 1997 [-
ERROR: REALITY.SYS Corrupted! Reboot universe? (Y/n)
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
