Linux-Networking Digest #567, Volume #12 Sun, 12 Sep 99 23:13:33 EDT
Contents:
Re: masquerading incoming http requests? (Rod Smith)
Re: SupraMax PCI Modem under Red Hat 5.2 (Greg Madden)
Re: NFS Solution to mount: Program Not Registered(portmap bug?) (L J Bayuk)
Re: DEC DC21041 Network Card (Doug Craig)
Netscape 4.61 crashes when running JAVA (Jason Saunders)
Re: Fetchmail: fetching for multiple users in one pass (DanH)
Getting linux to notice 3Com Etherlink III ([EMAIL PROTECTED])
Debian: Telnet and firewall (DHCP) problems (Shannon Daryl Richard)
Apache, ASP, and ODBC ("Tim Bishop")
Re: Netscape 4.6 + JAVA -> freezes (John Soltow)
redhat 6.0 ("Calvyn Du Toit")
Re: Have I been hacked? (John Soltow)
Re: Win95 Printserver ("Dan G.")
Win95 Printserver (PST)
Re: Have I been hacked? (Heywood Jablome)
Re: nslookup resolves, ping doesn't (Bernd Eckenfels)
Ethernet Config
Re: PPP connections and DNS servers (root)
FTP script? (Martin Lemenu)
----------------------------------------------------------------------------
Reply-To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED] (Rod Smith)
Subject: Re: masquerading incoming http requests?
Date: Mon, 13 Sep 1999 00:20:51 GMT
[Posted and mailed]
In article <[EMAIL PROTECTED]>,
Jason Rosenberg <[EMAIL PROTECTED]> writes:
> I have asked this question indirectly as part of several
> other posts, but can't seem to get much interest.
>
> So I'll try to be a bit more direct here.
>
> I want to have a web-server running on a machine on my
> internal net which doesn't have an official external IP address.
> Is this possible.
Yes. As others have pointed out, you can do this by mucking with
ipchains. You can also do it, though, by using xinetd, which is a
replacement package for inetd (it does a job that's roughly comparable to
the combination of inetd and TCP Wrappers, but with some differences).
As to a question you posed in a followup post, you can't have the system
direct a request by directory names in the URL, at least not when using
ipchains or xinetd as the method of redirection. You can, though, use the
port number as a method of redirecting. For instance, you could use the
"standard" HTTP port of 80 for the "non-masqueraded" server:
http://www.foo.bar
or
http://www.foo.bar
and configure ipchains or xinetd to redirect something from another port
to the server running on your internal network:
http://www.foo.bar:8080
The internal computer might or might not listen on port 8080; you could
redirect the query on 8080 to the internal machine's port 80.
--
Rod Smith
[EMAIL PROTECTED]
http://members.bellatlantic.net/~smithrod
Author of _Special Edition Using Corel WordPerfect 8 for Linux_, from Que
------------------------------
Date: Sat, 11 Sep 1999 22:37:02 -0800
From: Greg Madden <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup,comp.os.linux.misc
Subject: Re: SupraMax PCI Modem under Red Hat 5.2
No. I just replaced an older supra express on a machine that I had been
using NT. Hopefully I can find a windows machine to put it in.
------------------------------
From: [EMAIL PROTECTED] (L J Bayuk)
Subject: Re: NFS Solution to mount: Program Not Registered(portmap bug?)
Date: 13 Sep 1999 00:30:42 GMT
[EMAIL PROTECTED] wrote:
>After trying to follow the NFS-HOWTO I kept getting that message even
>though I figured I had all correctly setup.
>
>Turns out that I guess portmap can't handle DNS lookups on
>hosts.allow/hosts.deny checks. I say this because upto a moment ago I
>had been using names. All other services handled this fine.
>
>However, I kept seeing, upon an attempted mount, in my server logs:
>
>Sep 12 00:40:19 xxservernamexx portmap[1428]: connect from xxclientIP#xx
>to dump(): request from unauthorized host
>
>Immediately after I changed the hosts.allow entries to IP#s and tried
>mount, it worked.
>
>I would think portmap SHOULD handle DNS lookups in hosts.allow, I mean
>it doesn't have a problem with /etc/exports! It's still names there.
This is documented in the portmapper man page:
In order to avoid deadlocks, the portmap program does not attempt to look
up the remote host name or user name, nor will it try to match NIS net-
groups. The upshot of all this is that only network number patterns will
work for portmap access control.
I guess the deadlock could occur if you are using NIS for hostname
resolution, and a host lookup in the access file could result in
a call back to the portmapper.
------------------------------
From: Doug Craig <[EMAIL PROTECTED]>
Subject: Re: DEC DC21041 Network Card
Date: Mon, 13 Sep 1999 00:31:16 GMT
Hi John,
I had exactly the same problem you described with my Digital NIC card a
few weeks ago. I also suspected problems with the tulip driver contained
in the distribution and I checked the
http://cesdis.gsfc.nasa.gov/linux/drivers/test/tulip.c
website site and found the file corrupted (displaying garbage) about at the
70% mark of the file. Did this file get included in the official Red
Hat distribution? I don't know, but the file at the cesdis website looks
as though is O.K. now and you may want to try to download it and then
follow the directions at
http://cesdis.gsfc.nasa.gov/linux/misc/modules.html to compile and install
the module. If you are lazy like me, you may want to blow a few bucks and
buy another NIC card on the top of the Red Hat compatibitity list like the
3com509 card. Good luck!
John Ireland wrote:
> Hi
>
> I'm having problems configuring a Digital Equipment network adapter card
> with a DC DEC21041 chipset on RedHat Linux 6.0. The PC is an Intel based
> Digital 3000 Pentium II 266MHz.
>
> During installation of Linux I choose the option to configure a LAN, I
> assign the card an IP number etc, it detects the card and says it will
> assign the card the TULIP driver. So far so good.
>
> Although once Linux is up and running I have no success configuring the
> card, the following happens;
>
> 1) I use the ifconfig command but eth0 is not mentioned.
> 2) I try configuring the card (even though installation detected it and
> gave it a driver)
> with ifconfig [options] and it says "resource temporarily unavailable".
> 3) tried eth0 up, but get message "resource temporarily unavailable".
> 4) /proc/pci shows up the card.
> 5) I went into /etc/conf.modules and changed to the de4x5 driver (also
> supposed to be compatible) with no success.
> 6) tried while card had cable plugged in and without the cable.
>
> I have a feeling there is something wrong with the TULIP driver, as my
> NIC with a RealTek RTL8029(AS) chipset works fine with the ne2k-pci
> driver on RedHat Linux 6.0.
>
> If anyone knows how to fix this it would be much appreciated.
>
> Thanks in advance.
>
> John Ireland
>
================== Posted via CNET Linux Help ==================
http://www.searchlinux.com
------------------------------
From: Jason Saunders <[EMAIL PROTECTED]>
Subject: Netscape 4.61 crashes when running JAVA
Date: Mon, 13 Sep 1999 00:31:15 GMT
I'm currently running Netscape 4.61 under Linux, and it works fine as long
as I have Java switched off. As soon as I switch Java on and view a page
with Java on it, Netscape crashes once it has loaded the Java applet. This
also happened with earlier version of Netscape.
I have MISC binary support enabled in the kernel (I'm running 2.2.12). Do I
need jdk installed? If so, which version? Could it be some other reason?
Thanks,
J
================== Posted via CNET Linux Help ==================
http://www.searchlinux.com
------------------------------
From: DanH <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux
Subject: Re: Fetchmail: fetching for multiple users in one pass
Date: Sun, 12 Sep 1999 20:15:29 -0400
Frank v Waveren wrote:
>
> In article <Z8WC3.48955$[EMAIL PROTECTED]>,
> "YouDontKnowWho" <[EMAIL PROTECTED]> writes:
> > How can we get fetchmail to, in one pass, check the e-mail account on
> > our ISP for each of our users and locally distribute the e-mail
> > appropriately? Can fetchmail be set up to do that? We would like to
> > have a single configuration file that tells fetchmail what to check
> > and who to give the resulting e-mail to. That way, setting e-mail
> > delivery for new users on the system involves just adding a new line
> > to the configuration file.
> >
> > If fetchmail cannot do this, is there anything out there that can do
> > this?
>
> I think fetchmail can. Have you tried using fetchmailconf? This makes
> fetchmail configuration a lot easier. IIRC, you can enter a remote pop/imap/etc
> account, and a local user it's got to be addressed to.
Yes, fetchmail can do that. You only have to have one user do the
fetching. I've got it set up to find about a dozen POP accounts for
four users on the local system and it works wonderfully.
poll isp.one.com with proto POP3
user "user1" there with password "theykilledkenney" is jlseagull
here options fetchall
user "user2" there with password "johnisdead" is abbyroad here
options fetchall
add as many 'poll' lines with as you want and have as many user lines
under each as you want.
fetchmailconf makes it a breeze.
Dan
--
UNIX - Not just for vestal virgins anymore
Linux - Choice of a GNU generation
------------------------------
From: [EMAIL PROTECTED]
Subject: Getting linux to notice 3Com Etherlink III
Date: Mon, 13 Sep 1999 00:51:59 GMT
Well, it seems that despite what the previous posting said, Red Hat 6.0
installer DID find my SMC card after all. But it didn't find my 3Com
Etherlink III Adapter Driver -- so what do I do to get that one noticed?
Thanks again,
-ML
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Shannon Daryl Richard)
Subject: Debian: Telnet and firewall (DHCP) problems
Date: 13 Sep 1999 01:12:31 GMT
I'm using Debian Linux kernal v 2.0.36
Upon Install of the telnet Daemon and config of it I can't seem to get it
to work, mind you it is better for security reasons, but it would be nice
to connect from the out site
I'm using IP masquarading<sp?> and am trying to setup a firewall using
ipfwadm but when I setup the security it all works. Except the DHCP ip
that I should get when the machine starts
So my guess would be that I need a ipfwadm command line that will allow a
DHCP ip request
any help would be apreciated
personal E-mail would be apreciated, but I think I'll be reading this
newgroup for a while, as I'm doing many other things with this linux box
thanks for any help
Shannon
------------------------------
From: "Tim Bishop" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.install,alt.os.linux.redhat
Subject: Apache, ASP, and ODBC
Date: Mon, 13 Sep 1999 02:20:49 +0100
I'm currently running Microsoft IIS4 using ASP and ODBC to use an Access
database. What I would like to do is move this to my Apache webserver, but I
don't really want to recode it all and maintain two databases.
I could cope with rewriting the webpage, but I would really like to be able
to use the one database. Can I access an ODBC connection on an NT Server
from the Apache webserver ?
Is it possible to use ASP on Apache ? If not, then I suppose there is a
'similar' type of thing that I can use, but I don't know what I'm looking
for !
Any advice would be appreciated, or links to documents with more
information.
Thanks everyone,
Tim Bishop.
------------------------------
From: John Soltow <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,netscape.public.mozilla.java
Subject: Re: Netscape 4.6 + JAVA -> freezes
Date: Sun, 12 Sep 1999 21:38:58 -0400
Troy Carter wrote:
> In addition to the font fix, also make sure you have the following env
> variable set (in your bashrc, for instance):
>
> MOZILLA_HOME=/usr/local/netscape export MOZILLA_HOME
>
> (replace /usr/local/netscape with your path to your netscape
> installation)
>
Hmmm, I don't have that set and it's working. What does this variable do? Just
wondering what other problems I'm having that I haven't noticed yet.
John
------------------------------
From: "Calvyn Du Toit" <[EMAIL PROTECTED]>
Subject: redhat 6.0
Date: Thu, 2 Sep 1999 19:14:06 +0200
ive just setup 2 linux machines running rh6 with kernel 2.2.5, in a windows
nt domain with win 98 clients, sama is working fine with the nt machines
but the 98 machines complain that the network is busy when trying to connect
to samba, the other strange thing is that if i try and ftp or telnet either
from the 98/nt into the lnux machine or from linux to the other linux
machine, there is a considerable delay, +- 1 minute, though if i telnet
ftp to the machine itself its instant,
any ideas what could be wrong, Im dumbfounded.
Regards
------------------------------
From: John Soltow <[EMAIL PROTECTED]>
Subject: Re: Have I been hacked?
Date: Sun, 12 Sep 1999 21:44:20 -0400
TURBO1010 wrote:
> Update to my situation, yesterday I saw a telnet session in the log files,
> which they were able to connect. Somehow, they created a regular account,
> and an account with permissions equivalent to root. How in the world did
> they gain access without me knowing? How can I prevent this in the future?
> Any suggestions are appreciated.
>
Someone pointed me to https://www.seifried.org/ for documentation on
security. One of the things he discusses is what services to disable in
/etc/inetd.conf.
John
------------------------------
Reply-To: "Dan G." <[EMAIL PROTECTED]>
From: "Dan G." <[EMAIL PROTECTED]>
Subject: Re: Win95 Printserver
Date: Sun, 12 Sep 1999 19:57:14 -0600
I would like to know as well!
PST wrote in message <[EMAIL PROTECTED]>...
>Could it be possible to have a Win95 comp act as a Printserver for a Linux
>comp, the Gateway comp and actual server of the network?
------------------------------
From: PST <[EMAIL PROTECTED]>
Subject: Win95 Printserver
Date: Mon, 13 Sep 1999 04:02:20 +0300
Could it be possible to have a Win95 comp act as a Printserver for a Linux
comp, the Gateway comp and actual server of the network?
------------------------------
Date: Mon, 13 Sep 1999 12:07:20 +1000
From: Heywood Jablome <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Have I been hacked?
What exactly is your setup? Are you running a big LAN or just one from home??
TURBO1010 wrote:
> Update to my situation, yesterday I saw a telnet session in the log files,
> which they were able to connect. Somehow, they created a regular account,
> and an account with permissions equivalent to root. How in the world did
> they gain access without me knowing? How can I prevent this in the future?
> Any suggestions are appreciated.
>
> Rod Smith <[EMAIL PROTECTED]> wrote in message
> news:tqCB3.695$[EMAIL PROTECTED]...
> > [Posted and mailed]
> >
> > In article <7r6mp2$2dk$[EMAIL PROTECTED]>,
> > "TURBO1010" <[EMAIL PROTECTED]> writes:
> > > Enlighten me, what are TCP/Wrappers? I masquerade 2 machines behind my
> > > linux, I can't have anything blocking them from getting on the net.
> >
> > TCP Wrappers is a daemon (tcpd) that sits between inetd and the daemon
> > that handles a specific service. The TCP Wrappers package uses rules laid
> > out in /etc/hosts.allow and /etc/hosts.deny to allow or deny specific
> > computers or networks to connect to specific services. TCP Wrappers
> > doesn't affect outgoing connections, just the connections coming in to any
> > servers you run, and then only servers run via TCP Wrappers are affected.
> >
> > > A Guy Called Tyketto <[EMAIL PROTECTED]> wrote in message
> > > news:j_xB3.19470$[EMAIL PROTECTED]...
> > >> -----BEGIN PGP SIGNED MESSAGE-----
> > >> Hash: SHA1
> > >>
> > >> [EMAIL PROTECTED] wrote:
> > >> >
> > >> > I'm no guru, but may i suggest you look into using TCPwrappers? It
> helps
> > >> > prevent unwanted logins, from what i understand.
> > >> >
> > >> > -jeff
> > >>
> > >> Not only that, but IPChains as well, so you can set up minimal
> > >> firewalling rules, to block connections or attacks from a certain site,
> > >> to a certain port. But, DEFINITELY get TCPWrappers working. they will
> > >> help you a lot. You may want to check into the Linux Administrators
> > >> Security Guide, at https://www.seifried.org. Best piece of work I've
> > >> seen for security so far. Worked well in securing my network.
> > >>
> > >> BL.
> > >> - --
> > >> Brad Littlejohn | Email:
> > > [EMAIL PROTECTED]
> > >> Unix Systems Administrator, |
> > > [EMAIL PROTECTED]
> > >> WebMaster, NewsMaster.. Smeghead! :) |
> > > http://www.omnilinx.net/~tyketto
> > >> PGP: 1024/E9DF4D85 67 6B 33 D0 B9 95 F4 37 4B D1 CE BD 48 B0 06 93
> > >>
> > >> -----BEGIN PGP SIGNATURE-----
> > >> Version: GnuPG v1.0.0 (GNU/Linux)
> > >> Comment: For info see http://www.gnupg.org
> > >>
> > >> iD8DBQE31m1SyBkZmuMZ8L8RAg5pAKDxmi0mSfb0tChTrQy7XEGZX+HH7wCfUJNZ
> > >> BelG+BYRa+slOS21Eq0/Nyg=
> > >> =LNC8
> > >> -----END PGP SIGNATURE-----
> > >
> > >
> > >
> >
> > --
> > Rod Smith
> > [EMAIL PROTECTED]
> > http://members.bellatlantic.net/~smithrod
> > Author of _Special Edition Using Corel WordPerfect 8 for Linux_, from Que
--
Aluminium makes up almost 8% of the earths crust.
------------------------------
From: Bernd Eckenfels <[EMAIL PROTECTED]>
Subject: Re: nslookup resolves, ping doesn't
Date: 13 Sep 1999 02:00:23 GMT
Ludger Solbach <[EMAIL PROTECTED]> wrote:
> It is. It contains valid settings for "search" and "nameserver".
How about /etc/nsswitch.conf
hosts: files dns
and/or /etc/host.conf?
order hosts,bind
Greetings
Bernd
------------------------------
From: <[EMAIL PROTECTED]>
Subject: Ethernet Config
Date: Mon, 13 Sep 1999 02:31:15 GMT
Hello...
I have recently downloaded Phatlinux and I have been having problem with
my ethernet card (which is common problem, but).
Some info:
My ethernet card is 3com, I have correct driver for it, and I have it
included as a module in kernel, which is than recompiled and it works
fine, everything but the ethernet card...
On the start-up, the card begins initialization (I guess the driver is
called up), but it can not initialize it. When using info from xwindows,
my card is displayed with all the right info (same like in win), but it is
not initialized nor it can be used.
Thank you for any help in advance.
Sincerely, Bojan Baros
================== Posted via CNET Linux Help ==================
http://www.searchlinux.com
------------------------------
From: root <[EMAIL PROTECTED]>
Subject: Re: PPP connections and DNS servers
Date: Mon, 13 Sep 1999 02:44:08 GMT
Major thank yous go out to everyone who replied.
I changed the nameserver entries in /etc/resolv.conf to 203.63.15.1 and
192.189.54.17, and I added my isp domain to search, and its now working
perfectly.
Thanks again
Tom
------------------------------
From: Martin Lemenu <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: FTP script?
Date: Sun, 12 Sep 1999 22:18:37 -0400
Hey!
I've been trying to automate a file transfer to another system via FTP.
I heard you could use a file (.netrc) that can automate logging and
execute commands. But I cannot make it work. There also seems to be a
way to do macros through options of FTP. But I can't find any helpful
documentation on any of these methods. Can any one tell me a way to just
"put" a file via ftp?
Any documentation, links or tips would be greatly appreciated.
Martin
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
