Linux-Networking Digest #541, Volume #10 Thu, 18 Mar 99 15:13:38 EST
Contents:
Wuftp and Samba ([EMAIL PROTECTED])
Re: setting: how to send mail behind firewall ("Terry East")
Re: pppd LCP problem with kernel 2.2 (Clifford Kite)
Re: Smbmount problem ("Terry East")
Clone or Alias ? ("Mihai Petre")
Re: Firewalls and limiting open ports ("John Hardin")
Strange script problems in rc.firewall (Wim Van Dijck)
Re: innd question (Luca De Vitis - De Whiskey's -)
Re: What is the best Linux to install? (Eric Larson)
Re: Where to get TCP/IP network programming info?? (Todd Condroski)
Re: in.telnetd problem ("Terry East")
Linux NCPFS slowness with CVS imports ([EMAIL PROTECTED])
Re: Apache server setup on Redhat 5.2 (D J)
Re: Help with fetchmail. ("John Hardin")
Re: The truth about the Pentium III chip and ID --- **boycott info** (Stuart R.
Fuller)
Re: Help - "private" ip address conflict using ip masq. ("David Reed")
Re: dhcp (Bill Anderson)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: Wuftp and Samba
Date: Thu, 18 Mar 1999 18:47:58 GMT
Greetings:
I have a RHL5.2 box that functions as my anonymous ftp and web server. The
rest of my network is a single NT domain. I am using the updated/patched
wuftp and Samba 2.0.3.
I want to set up samba to allow access to the /home/ftp heirarchy for my local
NT users. More spefically, I want to create a share to allow only local NT
machines to connect and be able to read/write to /home/ftp/pub and
/home/ftp/incoming
I have been able to create the share under samba with guest permissions/logon
using nobody as the user, but obviously the ownership and group permissions
are set up for anonymous ftp and I can only access the directorys as if I
were anon ftp'd to the site.
What is the best way to provide the service? Change /home/ftp acls? Set up a
different smb share?
TIA
Dennis Pantazis
[EMAIL PROTECTED]
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Terry East" <[EMAIL PROTECTED]>
Subject: Re: setting: how to send mail behind firewall
Date: Thu, 18 Mar 1999 18:37:29 +0200
You need to give access to users on your network. Assuming you are using
sendmail , the simplest way is to
$ cat 192 > /etc/mail/ip_allow
This says that all foreigners with ip addresses starting 192 are allowed to
use sendmail as an smtp relay.
Wilson Lam wrote in message
<01be70da$cd422c40$[EMAIL PROTECTED]>...
>Hi,
>I am using redhat 5.2 (linux 2.0.36) and rinetd to setup a firewall
>and ip port forward.
>The email server is also a linux box in the private network.
>
>The situation is that:
>I can receive mail from the outside world.
>I can send mail out to outside within the email server.
>But I cannot send mail from a PC within the private network via
>the email server. The mail returned with error from the destination
>server:
>======================
>Delivery has failed on the enclosed message for the following
>reasons reported either by the mail delivery system on the mail
>relay host or by the local TCP/IP transport module:
>
> 551 <[EMAIL PROTECTED]>... we do not relay
>======================
>
>My /etc/rinetd.conf is:
>0.0.0.0 25 192.168.1.8 25
>0.0.0.0 80 192.168.1.8 80
>
>
>Where 192.168.1.8 is the email server.
>
>Is there anything that I am missing to set?
>Any suggestion is much appreciated!
>
>Wilson Lam
------------------------------
From: [EMAIL PROTECTED] (Clifford Kite)
Subject: Re: pppd LCP problem with kernel 2.2
Date: 18 Mar 1999 09:42:34 -0600
Clifford Kite ([EMAIL PROTECTED]) wrote:
: Absolutely correct, good point. ATW1s95=45 reports the modem connection
: speed and error correction progress. And yes, I looked it up in the manuel
: - just as I always have to do. :)
Hmm.. I did post this quite awhile back but I didn't post this *copy*
of it. Just for the record.
--
Clifford Kite <[EMAIL PROTECTED]> Not a guru. (tm)
------------------------------
From: "Terry East" <[EMAIL PROTECTED]>
Subject: Re: Smbmount problem
Date: Thu, 18 Mar 1999 18:47:32 +0200
you need a later version of samba (2.0.x on) for use in the 2.2.x kernels.
If you already have it the format of smbmount has changed to
smbmount //server/cdrive -c '/mount /mnt/win98'
dooogh! wrote in message <7cmq0n$jh8$[EMAIL PROTECTED]>...
>Hello all,
>
> Just installed a fresh 2.2.3 kernel. It all went really good. The only
>problem is that smbmount won't work anymore. Its the same config I used
with
>2.0.36 kernel. Keeps saying invalid argument. I used the same command line
>argument ...
>
>smbmount //server/cdrive /mnt/win98 -c linuxbox -n
>
> Yes i have the /mnt/win98 dir in structure. Did the new kernel change
>permissions, or do I need to upgrade samba or something? Please help!!!
>
>
> Thanks!
>
>
------------------------------
From: "Mihai Petre" <[EMAIL PROTECTED]>
Subject: Clone or Alias ?
Date: 18 Mar 1999 16:48:20 GMT
Hi,
In rh 5.2 on the interfaces tab I have buttons like
Add,Edit,Clone,Alias.....
What's the diference between them ?
Thanx
Mihai
------------------------------
From: "John Hardin" <[EMAIL PROTECTED]>
Subject: Re: Firewalls and limiting open ports
Date: Thu, 18 Mar 1999 11:18:50 -0800
Geert Altena wrote in message <7cqop1$nuh$[EMAIL PROTECTED]>...
>AndrewJF(nospam)@atlasbiz.com (Andy) writes:
>
>>How can i set up my linux box so that it acts as a firewall by
>>limiting all the ports bar ftp, http, and telnet plus a few others.
>>All the computers on the network have valid ip numbers, and we are on
>>a permanent leased line.
>
>How 'bout this?
>ftp://sunsite.unc.edu/Linux/docs/HOWTO/Firewall-HOWTO
>and
>man ipfwadm
You might also want to look at
http://www.wolfenet.com/~jhardin/ipfwadm.html for a GUI wrapper around
ipfwadm.
--
John Hardin KA7OHZ [EMAIL PROTECTED]
pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
=======================================================================
If you spend any time administering Windows NT, you're far too
familiar with the Blue Screen of Death (BSOD) ...
- "MSDN Flash" email newsletter, 2/9/1999
------------------------------
From: Wim Van Dijck <[EMAIL PROTECTED]>
Crossposted-To: be.comp.os.linux,comp.os.linux.setup,alt.os.linux
Subject: Strange script problems in rc.firewall
Date: Thu, 18 Mar 1999 17:51:29 +0100
Hi all,
I installed a firewall according to the TrinityOS. First, it had a small
rc.firewall script given, to test the system, and that worked fine. But
the real rc.firewall won't work: the stated variables doesn't seem to
get accepted.... A consequence of this is that the following ipfwadm
command lines don't work. When I enter the variables (eg intip, extip
etc), and then manually enter the command lines, there aren't any
problems. How is it that the variables in a script are not being used???
How do I solve this? My firewall gives nothing but a bunch of error
messages, like 'ipfwadm: host/network "" not found'....
Thanks in advance,
Wim
------------------------------
From: [EMAIL PROTECTED] (Luca De Vitis - De Whiskey's - )
Crossposted-To: comp.os.linux.questions,comp.os.linux.admin,comp.os.linux.help
Subject: Re: innd question
Date: 18 Mar 1999 16:42:31 GMT
Reply-To: [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>, SickPuppy wrote:
>Simply, how do I stop the daemon within the shell?
>
>I'm a recovering MSaholic and would like to cease all newsfeed requests
>until I get a better understanding of Linux, httpd/Apache, and ftpd.
>Currently I'm showing requests in my syslog (which are getting an
>unknown host result). I can't use X at the moment because of a video
>card incompatibly. I can't even get a VGA server running (real ugly).
>
------------------------------
From: [EMAIL PROTECTED] (Eric Larson)
Crossposted-To:
alt.os.linux,comp.os.linux,comp.os.linux.misc,comp.os.linux.setup,comp.os.linux.redhat,alt.os.linux.slackware
Subject: Re: What is the best Linux to install?
Date: Thu, 18 Mar 1999 19:37:51 GMT
Reply-To: [EMAIL PROTECTED]
I was much impressed with SUSE, however I have a Thinkpad 365 Laptop
on which the X config utils for SUSE failed miserably. To get it
working I 1) installed RedHat 2) saved the X config files to a floppy,
3) reinstalled SUSE, copied the files over.
For a newbie who might have a hardware collection that is off the
Linux mainstream, I might recommend RedHat. The big disadvantage to
this is no KDE. From what I have seen Gnome 1.0 isn't ready for prime
time.
I use a subscription option too - it keeps things under control. Linux
is advancing to rapidly (overall a good thing) to try to surf the
upgrade wave.
On Sat, 13 Mar 1999 10:45:00 -0600, Jerry Lynn Kreps
<[EMAIL PROTECTED]> wrote:
>Richard wrote in message <[EMAIL PROTECTED]>...
> >I am trying to install the newest and the best linux on
> >100+ workstation. What would be the best one to choose
> >in terms of standard, support, and setup?
> >
> >Any ideas would be appreciated.
> >
------------------------------
From: Todd Condroski <[EMAIL PROTECTED]>
Subject: Re: Where to get TCP/IP network programming info??
Date: Thu, 18 Mar 1999 13:39:09 -0600
Get "Internetworking with TCP/IP - Vol. III" by Comer. You'll be writing
clients and servers in no time. It explains all the socket commands
necessary for writing clients and servers, and of course it includes how to
use gethostbyname() (which actually is quite simple)..
Todd
[EMAIL PROTECTED] wrote:
> Hi all,
> I was just wondering where can I get information on TCP/IP
> programming? I mean something like how do i use the command
> GetHostByName( .......), etc. I remember seeing manuals for those when I
> was back in university doing network programming. I was searching
> through some RFCs, but I dont see any docs that show that.
>
> Anyone knows where to get those? Any info is greatly appreciated.
> Thanks.
>
> p/s: Please cc a reply to [EMAIL PROTECTED] . T.Q.
>
> Rgds,
> CH
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Terry East" <[EMAIL PROTECTED]>
Subject: Re: in.telnetd problem
Date: Thu, 18 Mar 1999 18:49:51 +0200
Try adding an entry in /etc/hosts.allow for all the subnets that need to
connect
JCA wrote in message <[EMAIL PROTECTED]>...
>
> I am runnning kernel 2.0.33 and everything seems to be okay, with
>the exception of the in.telnetd daemon. Incoming telnet calls are
>systematically rejected, but if I telnet to myself it works all right;
>i.e. I get the prompt and can login with no problems.
>
> Has anybody got any insights to explain what is going on, and how to
>fix the problem?
>
>
>
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.netware.connectivity
Subject: Linux NCPFS slowness with CVS imports
Date: Thu, 18 Mar 1999 15:57:22 GMT
Hallo!
We're using NCPFS here to connect Linux machines to a NetWare 4.11
server. The server has a 25GB volume with about a million directory
entries on it, and 200MB RAM. Server utilization is usually low,
there are about 10 connections at any time. The Linux (2.0.35) machine
runs the CVS version control system.
The problem occurs when we run CVS to update a large tree. CVS being
dim-witted does not know how to lock files, so it therefore moves files
about, giving them temporary names like ",file.c," and later moving
those files back to "file.c,v". After doing a few (tens of) files in
this way, the whole process turns very slow all of a sudden.
With a packet sniffer I can clearly see NCPFS trying to move a
(read-only) file; it first tries the move, decides it can't do it and
then removes the write protection from the destination file, deletes
it and then does the rename operation.
The rename call takes a *very* *long* time to execute -- when issued
the file server immediately sends back a 0x9999 packet (saying it's
working on the rename), which causes NCPFS to send another copy of
the same request, which causes the server to send another 0x9999 packet.
Then NCPFS understands that it will have to wait, and it patiently
does so for about FOUR SECONDS. Then finally the file server responds
with a packet saying the original request was performed without error.
Here is what NDIR /VOL says:
> Total volume space: 26,582,592 100.00%
> Space used by 1,006,846 entries: 13,904,000 52.30%
> Deleted space not yet purgeable: 0 0.00%
> ------------- --------
> Space remaining on volume: 12,678,592 47.70%
> Space available to FAV: 12,678,592 47.70%
>
> Maximum directory entries: 1,961,472
> Available directory entries: 954,626 48.67%
>
> Space used if files were not compressed: 9,433,088
> Space used by compressed files: 3,741,184
> -------------
> Space saved by compressing files: 5,691,904 60.34%
>
> Uncompressed space used: 15,507,648
>
> Name spaces loaded: OS/2
The directories in which the files live have no special trustee rights or flag
settings.
I have a few questions here:
1. Is this number of files a problem with NetWare 4.11?
2. Is renaming a large number of files on long name space a problem?
3. Is NCPFS to blame for any of this?
4. <this question removed by the NSA>
5. We are thinking of upgrading to NetWare 5. Is NSS better for
systems with very large numbers of files?
Regards,
Frank
========================================================================
Frank A. Vorstenbosch <SPAM_ACCEPT="NONE"> Mobile: +44-976-430 569
Wimbledon, London SW19 Home: +44-181-544 1865
[EMAIL PROTECTED] Office: +44-181-636 3391
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (D J)
Crossposted-To: alt.linux,alt.os.linux
Subject: Re: Apache server setup on Redhat 5.2
Date: Thu, 18 Mar 1999 16:57:07 GMT
So......
If I assign it a name, what will happen. (It wont find it in it's dns
server will it?)
On Tue, 16 Mar 1999 00:23:34 GMT, Mike Jackson
<[EMAIL PROTECTED]> wrote:
>Just install RH5.2, it'll install Apache by default, the only major problem is
>when
>you have a dynamic IP address, you'll have to change the Apache config file for
>
>the server name (assign a name, it tries to get the name from the dns). And
>once
>you've got RH installed, and Apache starts successfully, then just connect to
>your
>ISP and away you go.
>
>Grant Peters wrote:
>
>> Can anyone suggest where I can look to get ideas on setting up an Apache
>> server on Redhat 5.2? Do I need any special hardware to make my web server
>> available or do I just connect to my ISP?
------------------------------
From: "John Hardin" <[EMAIL PROTECTED]>
Subject: Re: Help with fetchmail.
Date: Thu, 18 Mar 1999 11:26:52 -0800
Andrew Higgs wrote in message <[EMAIL PROTECTED]>...
>I have fetchmail retrieving mail from a mail box. This is working fine,
but
>I would like it to split up the aliases. What would be the easiest way to
>do this?
Read the fetchmail documentation about multidrop mailboxes.
The general consensus, though, is that procmail is the proper tool to use
for this.
--
John Hardin KA7OHZ [EMAIL PROTECTED]
pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
=======================================================================
In the Lion
the Mighty Lion
the Zebra sleeps tonight... (with apologies to Robert Johns)
------------------------------
From: [EMAIL PROTECTED] (Stuart R. Fuller)
Subject: Re: The truth about the Pentium III chip and ID --- **boycott info**
Reply-To: [EMAIL PROTECTED]
Date: Thu, 18 Mar 1999 17:00:03 GMT
Michael Barnes ([EMAIL PROTECTED]) wrote:
: Every MODEM has a MAC address also...so your friends pc is nicless, but not
: macless
: As far as I know you cannot network anywhere without a mac address since
: IP's map directly to machine addresses at lower levels to identify your
: particular machine on any network. So, if your connected to any network via
: any hardware device (router, switch, modem, nic) those devices must have mac
: addresses.
Thank you for playing. Please come back when you have a clue, however.
Modems do not have MAC addresses. Period, end of discussion.
A MAC address is the address of a network interface, such as Ethernet, Token
Ring, FDDI, etc. that is used to identify that interface from other interfaces
on a local network.
An IP address is the address of a machine, or network interface, that is used
to identify that machine from other machines on a TCP/IP network, such as the
Internet.
There exists a protocol, ARP (Address Resolution Protocol) that is used to
associate an IP address for a machine with that machine's interface MAC
address. This is necessary, since the actual hardware for the network
interface works with the MAC address, not the IP address.
The reason that modems don't have MAC addresses is that they are
point-to-point devices. That is, you typically will dial into a router of
some type. If you have a fixed IP address, your system will identify itself
to the router, and the router will know that if it has a packet to send to
your system, it knows which port your modem is connected to. If you don't
have a fixed IP address, the router will assign you one, and remember what it
assigned you.
Remember, a modem is a device that converts digital signals of 1 and 0 to
tones that can travel across some analog medium, such as a phone line or cable
TV wire. Modem is short for MOdulator (convert from Digital to Analog) and
DEModulator (convert back again).
Stu
------------------------------
From: "David Reed" <[EMAIL PROTECTED]>
Subject: Re: Help - "private" ip address conflict using ip masq.
Date: Thu, 18 Mar 1999 19:55:20 GMT
Doh! It's a typo in my post - I am indeed masking 192.168.1.0.
Thanks for catching that.
>> ipfwadm -F -a accept -m -S 192.168.0.0/24 -D 0.0.0.0/0
>
>192.168.0.0/24 a typo or shouldn't you masq 192.168.1.0/24 ???
>
>leo
>
>
------------------------------
From: Bill Anderson <[EMAIL PROTECTED]>
Subject: Re: dhcp
Date: Thu, 18 Mar 1999 19:55:08 +0000
Lord Spurius wrote:
>
> I have a dhcp hang on bootup using redhat 5.2
> I've never messed with altering what happens at boot before and don't
> know how
> I don't want dhcp spawned at boot; its trying to spawn before my pcmcia
> card is detected anyways
>
> - Spurius
option 1:
Turn off the 'activate at boot option' in netcfg
option 2:
Edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file (this seems ot
be what option 1 above does)
option 3:
Delve in to the rc files and reorder the process.
Bill
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
