RE: [Leaf-user] Bering with SSH and TinyDNS
On Mon, 2002-03-25 at 21:11, Richard Doyle wrote: Run telnet over a secure zebedee tunnel between the internal box and the firewall. It is much smaller than any current sshd tunnel (my zebedee + telnetd package weighs 66896 bytes, compiled under uClibc). That's cool. Is there an lrp package for this combo? Where? Thanks! Stephen No LRPs as far as I know, but zebedee looks as if it were tailor-made for LEAFoid devices. I don't have a slink development environment any more, but the sources are readily available from http://www.winton.org.uk/zebedee/download.html, including zebedee-2.2.2, blowfish-0.9.5a and zlib-1.1.4 (actually you'll need zlib-1.1.3 until the author releases a patched version of zebedee). I used a telnetd from http://cvs.uclinux.org/cgi-bin/cvsweb/userland/ that compiled under uClibc, but you'll probably find more recent versions that work with glibc. I use this setup on a couple of single-floppy firewalls derived from LRP 2.9.8, using a 2.4.17 kernel without LRP patches but with a couple of tc patches, current versions of uClibc, BusyBox and TinyLogin; with Shorewall, Weblet lite, ppp it fits on a 1440 floppy. -Richard ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Can LEAF do this?
CS Comments inline, preceeded by CS Now I'm wondering if LEAF can do the following: -a PC with more than 3 Ethernet cards (min. 3, expected 5-6) CS Not a problem...I've got several routers with 5 10/100 ports. There are reports of 11+ port systems... -one ETH-port is the external port (ethernet-to-ethernet routing, no modems connectet to a serial port) -the other ports are internal ports CS This is easy to do, and is supported by the setup scripts of Dachstein. Simply add multiple networks to the INTERN_NET= variable in network.conf. By default, they will all be masqueraded to the internet (or upstream port), and therefore connected to the outside world, but traffic will not be forwarded between the various internal ports unless you explicitly create forwarding rules allowing it. -each internal port -has his own private IP-network -can access anything outside the ext. port. -can access a ftp-service on the LEAF-machine -cannot access another internal network CS All of this is easy as well, with the exception of FTP services. Typically, you don't run an FTP service on your router/firewall, but you should be able to get this going if you really want to. I'd suggest using a seperate FTP server, however. Optional (in descendig order): -the LEAF-Machine makes DHCP for each int. Port (note: each int. port should have his own subnet) CS Just create an appropriate dhcpd.conf file... -traffic stats like MRTG for each int. and the external port CS Not a problem if you load the SNMP package (and know how to configure MRTG :) -speed limiting for an individual int. port (ex: ETH1 max 128kb) -or traffic priority (ex: ETH1 P1 / ETH2 P2 / ETH3 P2 ...) CS There is built-in support for some aspects of QoS (Quality of Service) and traffic shaping. You can do about anything you want if you're willing to create custom rules. Note the floppy version of Dachstein does not come with a QoS enabled kernel by default (due to size), but a kernel with full QoS and advanced routing support is available. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: porting scripts from ifconfig and awk to iproute and sed
* Charles Steinkuehler ([EMAIL PROTECTED]) wrote: I am going to try to do this. I think I am mostly done. Any advice on getting rid of the expr commands that are doing math? See the ash/bash man page. You can do simple math with $(( )) expansion (add, sub, multiply, divide), although numbers are limited in range...ie: echo 2 + 2 = $(( 2 + 2 )) Thanks. I saw that in the man page just as I got your mail. I have been looking at more sh documentation. It really doesn't pay to try to do these things halfway, esp. with shell scripting. Just more heartache. The IFS/set solution you gave me works great, except for one unintended consequence: it seems that everytime I run test on a file path, it parses the path elements into separate args. Let me just tell you a little about some hilarious shell scripting antics, because anyone who has done this before will laugh. I solved the problem above by capturing the value of IFS into a variable called oldIFS so I could use it later, then adding my delimiter like so: oldIFS=$IFS IFS=$IFS/ I then proceeded to set IFS back to the old value after I got done, like so (thinking I had the problem licked): IFS=oldIFS Only to find that I still had my error. Strangely, when I echo'ed the value of the path variable, it showed up like this: pr c/sys/net/ipv4/c nf/ipsec0/rp_fi ter Whacky! Of course, for any shell scripting newbies who might be reading this escapade in the future from the archives, what is should have done is actually dereference the variable in question, rather than set IFS to the sequence of letters in the name of my variable! Like this: IFS=$oldIFS Thanks, Charles. I should be done in the next few days. --- Chad Carr [EMAIL PROTECTED] --- ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Traffic Shaping using TC
Hi Simon, hi all slow - with a default setup my ftp server went from 40-43 K/s to 8-12 K/s. How are you connecting to your FTP server? Is this server located on your LAN, your DMZ or on the internet? You wrote that you portforward to an internal box. Is this internal box the FTP server? If yes, where is your client then? Looks your setup like this: My client -- internet -- Leaf box which is running my script -- FTP server ? Are you always talking about KBits/s if you write K/s? If yes, I assume that you're using a dial-up connection!? Well, I'm not sure if my script runs well with PPP (dial-up) connections becaus of the different MTU values. Please tell me more about your setup and what exactly goes wrong, and in which direction (up- or download)? I'm sure we can fix your problems. BTW: I didn't notice ANY problems yet and I'm even running a DMZ. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -Original Message- From: Simon Bolduc [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 3:56 PM To: [EMAIL PROTECTED] Subject: RE: [Leaf-user] Traffic Shaping using TC I installed the script - and certain parts work - but somethings got really slow - with a default setup my ftp server went from 40-43 K/s to 8-12 K/s. While that doesn't really concern me it is a little frustrating. I also tried (to no avail) to add rules that would govern traffic that uses both UDP and TCP port 412 (thats the port I'm sending from internally and receiving to internally) which are both port forwarded to an internal box. This box also runs other 'net services so I can't just throw the IP into the filter and make it work that way. The rules I added were (just as I test setup - I know it'd be abismally slow - but they should indicate that I have set things up correctly) are: tc class add dev $EXTERN_IF parent 1:1 classid 1:30 cbq rate 40kbit / allot 1600 prio 3 avpkt 1000 bounded tc qdisc add dev $EXTERN_IF parent 1:30 handle 30: sfq perturb 10 tc filter add dev $EXTERN_IF parent 1:0 protocol ip prio 25 u32 match / ip dport 0x019c 0x flowid 1:30 and I moved the bulk class/filter to 1:40 I'm afraid I may have done this on the wrong interface - and I'm not sure whether this rule actually has to come before the high priority class or not as I think the first filter/class that applies to a packet is used. Also I'm unsure of how to specify a group of ports like the passive ones used for ftp would be setup. Through your script I've learned a lot more about Traffic shaping but obviously not enough. S ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering Firewall without NAT
Have made significant progress since Dan and Tom posted some tips. I have set the internal interface to a RFC1918 ip and the external to a x.y.z.3 with gw=x.y.z.1. I have managed to get the firewall going happily enough by using shorewalls ProxyARP but I was wondering about Toms suggestion of using : echo 1 /proc/sys/net/ipv4/config/all/proxy_arp to work for all machines behind the firewall. I did this and then replaced the route for 134.36.22. addresses to use the internal interface rather than the external interface but wasnt able to see in or out of the firewall. Its not really a problem to list the machines in the ProxyARP file I was just curious. Cheers for the help, Jonathan -- Dr Jonathan Monk, Dundee Satellite Receiving Station University of Dundee, Dundee, DD1 4HN tel: 44 (0)1382 344409 fax: 44 (0)1382 345415 e-mail [EMAIL PROTECTED] http://www.sat.dundee.ac.uk ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] RE: Bering from CD
Hello, But coming back to the original question, if Bering does not fit on one single floppy, how to proceed to build a bootable CD-ROM using the multiple floppies ? Regards, Christian - Grenoble - Original Message - From: Luis.F.Correia [EMAIL PROTECTED] To: 'Przemyslaw Rudy' [EMAIL PROTECTED] Cc: LEAF [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 12:51 PM Subject: [Leaf-user] RE: Bering from CD Ok, Do the following: Prepare two 1.44 floppies, format them, and syslinux floppy 1 then copy linux, syslinux.cfg, syslinux.dpy and initrd.lrp to floppy 1 then copy all other *.lrp to floppy 2. Edit syslinux.cfg, replace /dev/fd0u1680 by /dev/fd0, add an entry after init=/linuxrc , 'diskwait=yes'. also, add additional .lrp files to LRP= line Try to boot this floppy set. It should prompt you to change floppies and then boot. Configure everything as usual. If you need to backup initrd.lrp, remember to change floppies first!!! Cheers -Original Message- From: Przemyslaw Rudy [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 10:27 AM To: Luis.F.Correia Subject: Bering from CD Luis.F.Correia wrote: Wait a bit, documentation is being written. :) Hi. I am just considering the Berign with sshd and of course what I have came across is the lack of floppy place. The only way I see now is to use Bering on CD. Could you send me any of your ideas related to making CD for Bering, if you have any yet? I think that, even if you have the CD doc in some like rubbish form, it would make me a bit closer to this issue. Thanks in advance. Przemek ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] RE: Bering from CD
Using multiple floppies enables you to thorougly test your setup. Then after you have everything working as you like, you can go to the next step, where you will burn the CD. -Original Message- From: Christian HOSTELET [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 5:11 PM To: Luis.F.Correia; 'Przemyslaw Rudy' Cc: LEAF Subject: Re: [Leaf-user] RE: Bering from CD Hello, But coming back to the original question, if Bering does not fit on one single floppy, how to proceed to build a bootable CD-ROM using the multiple floppies ? Regards, Christian - Grenoble - Original Message - From: Luis.F.Correia [EMAIL PROTECTED] To: 'Przemyslaw Rudy' [EMAIL PROTECTED] Cc: LEAF [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 12:51 PM Subject: [Leaf-user] RE: Bering from CD Ok, Do the following: Prepare two 1.44 floppies, format them, and syslinux floppy 1 then copy linux, syslinux.cfg, syslinux.dpy and initrd.lrp to floppy 1 then copy all other *.lrp to floppy 2. Edit syslinux.cfg, replace /dev/fd0u1680 by /dev/fd0, add an entry after init=/linuxrc , 'diskwait=yes'. also, add additional .lrp files to LRP= line Try to boot this floppy set. It should prompt you to change floppies and then boot. Configure everything as usual. If you need to backup initrd.lrp, remember to change floppies first!!! Cheers -Original Message- From: Przemyslaw Rudy [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 10:27 AM To: Luis.F.Correia Subject: Bering from CD Luis.F.Correia wrote: Wait a bit, documentation is being written. :) Hi. I am just considering the Berign with sshd and of course what I have came across is the lack of floppy place. The only way I see now is to use Bering on CD. Could you send me any of your ideas related to making CD for Bering, if you have any yet? I think that, even if you have the CD doc in some like rubbish form, it would make me a bit closer to this issue. Thanks in advance. Przemek ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Traffic Shaping using TC
When I'm talking about 8-12 K/s I mean Kilobytes per second. My connection is Cable with 384 Kilobits /s up, and 3 Megabits/s down. The FTP client is running on another ISP entirely so it looks like: My Client - LEAF box (no QoS) - Internet - DCD box (QoS running) - Server There is no DMZ in place. So thats what the FTP looks like. The other issue is the following: I have a file sharing program (family members getting music and such) that uses both TCP and UDP ports in order to communicate. The Port that I use is 412 TCPUDP and is forwarded to a server not in a DMZ. My main goal is to limit the sending capabilities of the program to a value that is very low so it doesn't interfere with other more important outgoing information i.e. FTP, Mail, VPN. Any ideas or help would be appreciated. S From: Sandro Minola [EMAIL PROTECTED] To: Simon Bolduc [EMAIL PROTECTED], Leaf-User [EMAIL PROTECTED] Subject: RE: [Leaf-user] Traffic Shaping using TC Date: Tue, 26 Mar 2002 18:04:58 +0100 Hi Simon, hi all slow - with a default setup my ftp server went from 40-43 K/s to 8-12 K/s. How are you connecting to your FTP server? Is this server located on your LAN, your DMZ or on the internet? You wrote that you portforward to an internal box. Is this internal box the FTP server? If yes, where is your client then? Looks your setup like this: My client -- internet -- Leaf box which is running my script -- FTP server ? Are you always talking about KBits/s if you write K/s? If yes, I assume that you're using a dial-up connection!? Well, I'm not sure if my script runs well with PPP (dial-up) connections becaus of the different MTU values. Please tell me more about your setup and what exactly goes wrong, and in which direction (up- or download)? I'm sure we can fix your problems. BTW: I didn't notice ANY problems yet and I'm even running a DMZ. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -Original Message- From: Simon Bolduc [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 3:56 PM To: [EMAIL PROTECTED] Subject: RE: [Leaf-user] Traffic Shaping using TC I installed the script - and certain parts work - but somethings got really slow - with a default setup my ftp server went from 40-43 K/s to 8-12 K/s. While that doesn't really concern me it is a little frustrating. I also tried (to no avail) to add rules that would govern traffic that uses both UDP and TCP port 412 (thats the port I'm sending from internally and receiving to internally) which are both port forwarded to an internal box. This box also runs other 'net services so I can't just throw the IP into the filter and make it work that way. The rules I added were (just as I test setup - I know it'd be abismally slow - but they should indicate that I have set things up correctly) are: tc class add dev $EXTERN_IF parent 1:1 classid 1:30 cbq rate 40kbit / allot 1600 prio 3 avpkt 1000 bounded tc qdisc add dev $EXTERN_IF parent 1:30 handle 30: sfq perturb 10 tc filter add dev $EXTERN_IF parent 1:0 protocol ip prio 25 u32 match / ip dport 0x019c 0x flowid 1:30 and I moved the bulk class/filter to 1:40 I'm afraid I may have done this on the wrong interface - and I'm not sure whether this rule actually has to come before the high priority class or not as I think the first filter/class that applies to a packet is used. Also I'm unsure of how to specify a group of ports like the passive ones used for ftp would be setup. Through your script I've learned a lot more about Traffic shaping but obviously not enough. S _ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering Firewall without NAT
- Original Message - From: Jonathan Monk [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 9:11 AM Subject: Re: [Leaf-user] Bering Firewall without NAT Have made significant progress since Dan and Tom posted some tips. I have set the internal interface to a RFC1918 ip and the external to a x.y.z.3 with gw=x.y.z.1. I have managed to get the firewall going happily enough by using shorewalls ProxyARP but I was wondering about Toms suggestion of using : echo 1 /proc/sys/net/ipv4/config/all/proxy_arp to work for all machines behind the firewall. I did this and then replaced the route for 134.36.22. addresses to use the internal interface rather than the external interface but wasnt able to see in or out of the firewall. I don't understand that part -- can you elaborate? Why the routing change? What does wasn't able to see in or out of the firewall mean? (what level of analysis did you do?) -Tom ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] RE: Bering from CD
OK Luis, But I can't believe that the content of the two or more floppies can be simply copied to a CD to make it bootable and have a Bering system boots up. That would be too easy :-) Some questions come to my mind: * Should I add other modules (ide.lrp, a cd-rom driver, etc...) ? * How to modify syslinux.cfg ? (what is the device name instead of the usual /dev/fd0u1680 ?) As anyone done this process and wants to share experience ? Christian - Grenoble - Original Message - From: Luis.F.Correia [EMAIL PROTECTED] To: LEAF [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 6:19 PM Subject: RE: [Leaf-user] RE: Bering from CD Using multiple floppies enables you to thorougly test your setup. Then after you have everything working as you like, you can go to the next step, where you will burn the CD. -Original Message- From: Christian HOSTELET [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 5:11 PM To: Luis.F.Correia; 'Przemyslaw Rudy' Cc: LEAF Subject: Re: [Leaf-user] RE: Bering from CD Hello, But coming back to the original question, if Bering does not fit on one single floppy, how to proceed to build a bootable CD-ROM using the multiple floppies ? Regards, Christian - Grenoble - Original Message - From: Luis.F.Correia [EMAIL PROTECTED] To: 'Przemyslaw Rudy' [EMAIL PROTECTED] Cc: LEAF [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 12:51 PM Subject: [Leaf-user] RE: Bering from CD Ok, Do the following: Prepare two 1.44 floppies, format them, and syslinux floppy 1 then copy linux, syslinux.cfg, syslinux.dpy and initrd.lrp to floppy 1 then copy all other *.lrp to floppy 2. Edit syslinux.cfg, replace /dev/fd0u1680 by /dev/fd0, add an entry after init=/linuxrc , 'diskwait=yes'. also, add additional .lrp files to LRP= line Try to boot this floppy set. It should prompt you to change floppies and then boot. Configure everything as usual. If you need to backup initrd.lrp, remember to change floppies first!!! Cheers -Original Message- From: Przemyslaw Rudy [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 10:27 AM To: Luis.F.Correia Subject: Bering from CD Luis.F.Correia wrote: Wait a bit, documentation is being written. :) Hi. I am just considering the Berign with sshd and of course what I have came across is the lack of floppy place. The only way I see now is to use Bering on CD. Could you send me any of your ideas related to making CD for Bering, if you have any yet? I think that, even if you have the CD doc in some like rubbish form, it would make me a bit closer to this issue. Thanks in advance. Przemek ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] RE: Bering from CD
Cristian, do not bother yet to put it all on a CD. Instead, wait for the proper instrucions. I'm working closely with Jacques in order to bring you the best info. Meanwhile test everithing using the 2 floppy setup. you should have over 800K more in the second floppy to fill up with more packages. So, it is my opinion that one should not rush into burning the files onto the CD. I have a lot of real work to do now. This is as you know, easter week. Everyone wants all done before the end of the week, and my attention is towards real work. Since this will be a long weekend, I hope to have everything done by then. Please be patient. -Original Message- From: Christian HOSTELET [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 5:43 PM To: Luis.F.Correia; LEAF Subject: Re: [Leaf-user] RE: Bering from CD OK Luis, But I can't believe that the content of the two or more floppies can be simply copied to a CD to make it bootable and have a Bering system boots up. That would be too easy :-) Some questions come to my mind: * Should I add other modules (ide.lrp, a cd-rom driver, etc...) ? * How to modify syslinux.cfg ? (what is the device name instead of the usual /dev/fd0u1680 ?) As anyone done this process and wants to share experience ? Christian - Grenoble - Original Message - From: Luis.F.Correia [EMAIL PROTECTED] To: LEAF [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 6:19 PM Subject: RE: [Leaf-user] RE: Bering from CD Using multiple floppies enables you to thorougly test your setup. Then after you have everything working as you like, you can go to the next step, where you will burn the CD. -Original Message- From: Christian HOSTELET [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 5:11 PM To: Luis.F.Correia; 'Przemyslaw Rudy' Cc: LEAF Subject: Re: [Leaf-user] RE: Bering from CD Hello, But coming back to the original question, if Bering does not fit on one single floppy, how to proceed to build a bootable CD-ROM using the multiple floppies ? Regards, Christian - Grenoble - Original Message - From: Luis.F.Correia [EMAIL PROTECTED] To: 'Przemyslaw Rudy' [EMAIL PROTECTED] Cc: LEAF [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 12:51 PM Subject: [Leaf-user] RE: Bering from CD Ok, Do the following: Prepare two 1.44 floppies, format them, and syslinux floppy 1 then copy linux, syslinux.cfg, syslinux.dpy and initrd.lrp to floppy 1 then copy all other *.lrp to floppy 2. Edit syslinux.cfg, replace /dev/fd0u1680 by /dev/fd0, add an entry after init=/linuxrc , 'diskwait=yes'. also, add additional .lrp files to LRP= line Try to boot this floppy set. It should prompt you to change floppies and then boot. Configure everything as usual. If you need to backup initrd.lrp, remember to change floppies first!!! Cheers -Original Message- From: Przemyslaw Rudy [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 10:27 AM To: Luis.F.Correia Subject: Bering from CD Luis.F.Correia wrote: Wait a bit, documentation is being written. :) Hi. I am just considering the Berign with sshd and of course what I have came across is the lack of floppy place. The only way I see now is to use Bering on CD. Could you send me any of your ideas related to making CD for Bering, if you have any yet? I think that, even if you have the CD doc in some like rubbish form, it would make me a bit closer to this issue. Thanks in advance. Przemek ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] RE: Bering from CD
It's just that my system is ready with the two floppies and I would like to generate a CD. But I'm not in hurry... CS You might take a look at the Dachstein CD, to see how it's done. I suggest using CD-RW disks until you get something close to working, unless you like having lots of coasters! You will need to add the IDE, CD-ROM, and ISO-FS modules to your root ramdisk image, and get linuxrc to load them before it tries to install pacakges. There are hooks for this in the Dachstein init scripts, but I'm not sure if these are still there in bering (I really need to find time to get a bering system up running). You should start by trying to make a bootable floppy disk that can load packages from the CD-ROM disk. The CD-ROM boots by using a floppy disk image, so once you get your system booting with a floppy CD setup, you can burn a bootable CD using your floppy as a boot image. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] RE: Bering from CD
Your instructions are close enough for Bering. But... I will use isolinux to boot it directly from the CD. My test setup is looking good. I have some bugs still... Over the weekend all will be uncovered. Even if I don't get around my bugs, I'll publish the results. Cheers -Original Message- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 26, 2002 6:15 PM To: Christian HOSTELET; Luis.F.Correia; LEAF Subject: Re: [Leaf-user] RE: Bering from CD It's just that my system is ready with the two floppies and I would like to generate a CD. But I'm not in hurry... CS You might take a look at the Dachstein CD, to see how it's done. I suggest using CD-RW disks until you get something close to working, unless you like having lots of coasters! You will need to add the IDE, CD-ROM, and ISO-FS modules to your root ramdisk image, and get linuxrc to load them before it tries to install pacakges. There are hooks for this in the Dachstein init scripts, but I'm not sure if these are still there in bering (I really need to find time to get a bering system up running). You should start by trying to make a bootable floppy disk that can load packages from the CD-ROM disk. The CD-ROM boots by using a floppy disk image, so once you get your system booting with a floppy CD setup, you can burn a bootable CD using your floppy as a boot image. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Missing ipfwd source file.
I need the file ipfwd.so from /usr/lib/ipmasqadm for kernel 2.2.19-3 if anyone could send it to me. I tried to compile it myself but can't get it to link properly on my Red Hat 7.2 boxen to compile. Thanks, Steve ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Leaf Speed and workload
Hi everyone, I'm relatively new to Leaf but a veteran tech/programmer/etc/etc. For Charles S. Could you please tell me (if you know) the cpu's cache size and the amount of memory in the Athlon machine. For everyone Would a dual cpu system (AMD or Intel) increase the usability of a firewall/router box? How about when running Intruder detection or IPsec? Is it feasible to use a lrp box as a border gateway router, either internal or external? Any help would be appreciated greatly. Thanks Michael Parker [EMAIL PROTECTED] ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Leaf Speed and workload
For Charles S. Could you please tell me (if you know) the cpu's cache size and the amount of memory in the Athlon machine. Um...which athlon machine? All my LEAF systems are currently running on pretty dated Pentium-1 class systems. For everyone Would a dual cpu system (AMD or Intel) increase the usability of a firewall/router box? Probably, although you'll need to migrate to a system based on the 2.4 kernel to see much improvement in networking performance. Most of the networking code in 2.2 kernels isn't multi-processor aware/capable. How about when running Intruder detection or IPsec? Is it feasible to use a lrp box as a border gateway router, either internal or external? It's quite feasible to use LRP/LEAF boxes as a border gateway router...that's how most LEAF boxes are used. For use as an internal router, you'll have to decide if the performance is high enough for your needs. You'll need fast hardware to route multiple 100MBit ethernet segments at full speed, and I'm not sure you could get wire-speed Giga-bit ethernet even with fast hardware...at the least, you'll want fast/wide PCI, and preferrably multiple fast/wide PCI or PCI-X busses, if you're really trying to route at Giga-bit speeds. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: Bering with SSH and TinyDNS
Hello, I'm less lucky than you, because having a laptop I need pcmcia stuff as well as ppp/pppoe and I was unable to have sshd coexisted on the same floppy. Christian - Grenoble - Original Message - From: John Stauffer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, March 26, 2002 8:49 PM Subject: [Leaf-user] Re: Bering with SSH and TinyDNS Hello, I am running Bering 1.0 rc1 with the following on 1- 1680 floppy and have no problems getting sshd on. Dnscache.lrp Etc.lrp Initrd.lrp Ldlinux.sys Libz.lrp Linux Local.lrp Log.lrp Modules.lrp Pump.lrp Root.lrp Shorwall.lrp Sshd.lrp Syslinux.cfg Weblet.lrp I have about 2kb left and this has everything I need for my setup and it works great. Hope this helps. John ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Booting via USB
I was thinking of trying a USB memory stick for leaf (bering and oxygen). Just curious if anyone else has tried this? and if so what pitfalls did you encounter. I already know that only current(?) motherboards support booting via USB, I'll still be using an old P166, so I assume I'll need a bootdisk to boot the USB. Am I close? Thanks for any info, Scott ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Leaf Speed and workload
Maybe this will help. I stole this snip from an email on the zebra mailing list. [begin_snip/] this box is a PIII 733Mhz with 256M ram. Detected 731.483 MHz processor. Console: colour VGA+ 80x25 Calibrating delay loop... 1458.17 BogoMIPS Memory: 255024k/262080k available (1286k kernel code, 6668k reserved, 458k data, 312k init, 0k highmem) Interfaces in use are as follows: 2 - Fore/Marconi LE155 OC3 ATM NICs 2 - NetGear GA620 Gigabit Ethernet NICs 1 - Intel Ethernet Pro 100 Fast Ethernet NIC The box is running the 2.4.x kernel [/end_snip] The owner of the above box has maintained in the past that he has not seen any throughput problems. hope this help, Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Charles Steinkuehler Sent: Tuesday, March 26, 2002 2:44 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [Leaf-user] Leaf Speed and workload For Charles S. Could you please tell me (if you know) the cpu's cache size and the amount of memory in the Athlon machine. Um...which athlon machine? All my LEAF systems are currently running on pretty dated Pentium-1 class systems. For everyone Would a dual cpu system (AMD or Intel) increase the usability of a firewall/router box? Probably, although you'll need to migrate to a system based on the 2.4 kernel to see much improvement in networking performance. Most of the networking code in 2.2 kernels isn't multi-processor aware/capable. How about when running Intruder detection or IPsec? Is it feasible to use a lrp box as a border gateway router, either internal or external? It's quite feasible to use LRP/LEAF boxes as a border gateway router...that's how most LEAF boxes are used. For use as an internal router, you'll have to decide if the performance is high enough for your needs. You'll need fast hardware to route multiple 100MBit ethernet segments at full speed, and I'm not sure you could get wire-speed Giga-bit ethernet even with fast hardware...at the least, you'll want fast/wide PCI, and preferrably multiple fast/wide PCI or PCI-X busses, if you're really trying to route at Giga-bit speeds. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] RE: Bering from CD
Hi --__--__-- Message: 4 From: Charles Steinkuehler [EMAIL PROTECTED] To: Christian HOSTELET [EMAIL PROTECTED], Luis.F.Correia [EMAIL PROTECTED], LEAF [EMAIL PROTECTED] Subject: Re: [Leaf-user] RE: Bering from CD Date: Tue, 26 Mar 2002 12:15:16 -0600 It's just that my system is ready with the two floppies and I would like to generate a CD. But I'm not in hurry... CS You might take a look at the Dachstein CD, to see how it's done. I suggest using CD-RW disks until you get something close to working, unless you like having lots of coasters! You will need to add the IDE, CD-ROM, and ISO-FS modules to your root ramdisk image, and get linuxrc to load them before it tries to install pacakges. It might be even interesting to look into the isolinux stuff. This removes the need for floppy images completely. IMHO this makes the creation of a CD much easier. It is part of the syslinux stuff and can be found at http://syslinux.zytor.com Good luck Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Documentation ISDN on Bering
Hello everybody We have another Chapter for our Bering User Guide ready. this describes the use of bering to make a ppp connection with the help of a passive ISDN card you can find it at http://leaf.sourceforge.net/devel/jnilo/busers04.html Any comments and additions are welcome Jacques and Eric the Bering crew :) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Dachstein RAID and Compaq SmartArray ?
Can you advise whether it is feasible to use the Dachstein 1.02 RAID enabled kernel to build a bootable floppy that will be capable of mounting and reading an ext2 partition on a pair of mirrored SCSI drived connected to a Compaq SmartArray 2/P controller? ( Almost a simple rescue disk) Are additional/specific drivers required for this controller, or is the RAID support built-in to the kernel all that is required? I made a quick attempt to do this by substituting your RAID-IDE kernel. Dachstein boots OK, but I can't seem to locate a mountable device to use, other than fd0 and hda(IDE CD-ROM). I'm not sure about this. If you're using software RAID, the RAID kernel (and whaever driver works for your SCSI controller) is all that's required. Probably, the Compaq SmartArray controller requires a special driver, and takes care of the raid issues itself. If so, if the driver is part of the normal kernel tree, you should simply be able to load support for it like any other SCSI card, and access any RAID partitions the card is configured for. See my Hard-Disk-HOWTO for details on adding SCSI support at runtime (besides the driver for the SCSI card, you need to load the 3 or so modules that add SCSI support to the kernel). The worst case is if your card is one of the funky hybrid raid cards. Kind of like winmodems, these cards provide hardware acceleration for the RAID functions, but require OS drivers to actually talk to the RAID device properly. If your card is one of these (I don't know about the compaq card, but most of the Adaptec raid-port cards fall into this catagory), you're probably not looking at a good chance for success, unless you're already running linux on the system, in which case you can probably track down drivers somewhere for making a boot/rescue disk. NOTE: A quick search on the compaq site turns up the cpqarray driver page on SF, which is apparently a driver for this controller: http://sourceforge.net/projects/cpqarray/ Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Serial question
I know I am forgetting something but I can't get my new Dachstein install working with the serial port. I decided to replace my beta version with a new DS boot image. Everything works but I can't get my serial port to terminal working. It worked with my old disk but not now. I loaded serial.o in /lib/modules I setup the getty line in /etc/inittab (uncommented and set T0:ttyS0 115200... added ttyS0 to securetty ran insmod serial added serial to the list of modules in /etc/modules Now T0 keeps respawning and will not work. What have I missed? The system is a pentium 200 with two intel eepro100 cards. Is there a way to check the irq assigned to the NICs? Thank you, Kory Krofft ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Dachstein RAID and Compaq SmartArray ?
It looks like you are confirming my fears... this could be an uphill battle. snip NOTE: A quick search on the compaq site turns up the cpqarray driver page on SF, which is apparently a driver for this controller: http://sourceforge.net/projects/cpqarray/ Actually, good news. A bit more digging, and it looks like the older version of the cpqarray driver was called smart2, and is in the 2.2.19 kernel tree already. The driver code indicates it talks to your SmartArray 2/P card. While I don't have this driver pre-compiled, you can pretty easily build a new kernel from my Dachstein-source, and simply add the smart2 driver to your kernel configuration. In the process, you could build-in SCSI support if you want to make your boot-time life a bit easier :) Saddly, the source indicates you have to re-build the whole kernel, even if you compile the driver as a module... Details on building the kernel can be found in the kernel readme: http://lrp.steinkuehler.net/files/kernels/Dachstein-source/README Note that you don't need a particular version of linux or specific C libraries to build the kernel...just a working gcc that can compile the kernel (kgcc on recent RedHat boxes, gcc on most other systems). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Serial question
Kory... I went through the same thing about a week ago. Assuming that you are using the floppy-disk version of Dachstein rather than Dachstein-CD, the problem exists because the Dachstein-small kernel on the floppy doesn't have serial support rolled into it. Download one of the available Dachstein-normal kernels from Charles' web site and that should take care of it. I used WINIMAGE to transfer this to my floppy disk image, then renamed it linux. Also refer to Charles' serial how-to for additional details if you are still stuck. Good Luck! FROM: Kory KrofftDATE: 03/26/2002 15:44:59SUBJECT: [Leaf-user] Serial question I know I am forgetting something but I can't get my new Dachstein install working with the serial port. I decided to replace my beta version with a new DS boot image. Everything works but I can't get my serial port to terminal working. It worked with my old disk but not now. I loaded serial.o in /lib/modules I setup the getty line in /etc/inittab (uncommented and set T0:ttyS0 115200... added ttyS0 to securetty ran insmod serial added serial to the list of modules in /etc/modules Now T0 keeps respawning and will not work. What have I missed? The system is a pentium 200 with two intel eepro100 cards. Is there a way to check the irq assigned to the NICs? Thank you, Kory Krofft ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
