[Leaf-user] OT: Now here's an interesting auction
First, Hi to all the recently displaced (?) LRP list members, glad to join you over here. Second, sorry about the off topic post, but have a look at this enterprising lad: http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=1245384063 Has anyone tried this freesco yet? I am not interested in using it, but I am interested in the web config they tout. That would be interesting considering they say it runs in as little as 6 MB. Later Tony ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] OT: Now here's an interesting auction
Yeah, I know. How he makes money selling those escapes me. The key lies in the fact that there is some soft of setup script that runs and asks questions to help you set it up to your situation (according to the freesco site). However, freesco seems rather limited compared to the various LEAF/LRP distributions. Now, that probably makes the writing of the setup script easier (less it does, less variables to configure I would think). I think I will take a look and see exactly how friendly the dist. is and if there are any good ideas that may add and extend the various LRP flavors. Later, Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Hilton Travis > Sent: Saturday, June 16, 2001 20:48 > To: [EMAIL PROTECTED] > Subject: RE: [Leaf-user] OT: Now here's an interesting auction > > > ... And he thinks he's doing himself a service by going to > the effort of > getting, configuring and testing, and selling these boxes for fifty > bucks? Man, you gotta be mad to try to make money THAT way! > > Regards, > Hilton > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]] On Behalf Of Tony > > Sent: Sunday, 17 June 2001 1:09 AM > > > > First, Hi to all the recently displaced (?) LRP list members, > > glad to join you over here. Second, sorry about the off > > topic post, but have a look at this enterprising lad: > > > > http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=1245384063 > > > > > > Has anyone tried this freesco yet? I am not interested in using > > it, but I am interested in the web config they tout. That would > > be interesting considering they say it runs in as little as 6 MB. > > > > Later > > > > Tony > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Now here's an interesting auction
Morning all, I think some of you missed my point. I am not really interested in using freesco, more to the point: 1. It was interesting to see someone trying to make a go of selling computers with a floppy based firewall. 2. Since they claim it runs in 6 MB, I would be interested in seeing how they have the web-based setup routine work in the limited space. 3. I wonder if the web based setup would be something that could be adapted to LRP without alot of overhead (mainly space requirements). I am glad to see some have used it before. My question to you all is, what is the setup routine like? Was it comprehensive? Was it web-based or text-based? I have only tried Oxygen's setup a couple of times, and it is effective, but unless you know the layout of the system and where you should edit for your situation, it can be a little difficult to configure. Now, in all honesty, I have not RTFM's, I have "perused" them and thought I could figure it out as I went. I was only half effective in that approach. The weird thought I had was what if, like in Oxygen, you had a basic boot disk, then you loaded whatever data disk you wanted, followed only on the initial boot, a setup diskette. The setup diskette would do the grunt work of setting up the basic system (web-based with brief explanations on the various screens of what needed to go where). Then you could use the package system to setup the individual packages as needed. I hope all that made some sense, and more importantly, I hope I have my facts straight on Oxygen since I have only used it twice like I said. It took me about a week the first time I tried LRP to figure out that when I rebooted, the settings weren't being saved (ramdisk...D'OH!). If I am wrong, or misguided, I apologize and would appreciate being pointed in the right direction. Thanks, Tony P.S. The DNS scans have faded out for the most part, but it seems to be tied to that damn X-10 advertisement. Whenever I have one pop up, I get scanned. I can go for a week or two, nothing, then boom, scan-o-rama. I implemented the filter pointing to an external file with the IP's listed and that has taken care of it. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of kp vander > kleut > Sent: Sunday, June 17, 2001 06:38 > To: [EMAIL PROTECTED] > Cc: David Zilm > Subject: Re: [Leaf-user] Now here's an interesting auction > > > Hi, > > last I checked (some months ago) Freesco did only Modem > (PPP)lines, no dsl > or cable or ethernet, running on a 2.0.36 kernel. their > webconfig is a nice > setup though slightly confusing at times. Didn't try to find out more > because I prefer 2.2.* kernels and use a cable modem. if you > decide to try > and adept some of it for LRP I would be intrested of course > (as would others > I presume). > I read through their site quickly and found a newer release > than the one I > saw some time back, they apperently support eth-eth and cable > nowadays, > maybe I'll take another shot at it. I couldn't find a kernel > version in > their docs quickly, don't now whether they use ipchains or > tables. (They do > have a nice setup manual) > Good luck > Greetings Peter vanderkleut > > > - Original Message - > From: "David Zilm" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Sunday, June 17, 2001 10:42 AM > Subject: [Leaf-user] Now here's an interesting auction > > > > > > > Message: 1 > > > From: "Tony" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Date: Sat, 16 Jun 2001 11:08:31 -0400 > > > Subject: [Leaf-user] OT: Now here's an interesting auction > > > Reply-To: [EMAIL PROTECTED] > > > > > > First, Hi to all the recently displaced (?) LRP list > members, glad to > > > join you over here. Second, sorry about the off topic > post, but have a > > > look at this enterprising lad: > > > > > > http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=1245384063 > > > > > > Has anyone tried this freesco yet? I am not interested > in using it, but > > > I am interested in the web config they tout. That would > be interesting > > > considering they say it runs in as little as 6 MB. > > > > > > Later > > > > > > Tony > > > > > > > Yes. It works, but in my experience 8MB would be the limit > these days. > You > > cant load any additional monitoring functions in 12MB, so > 6MB is just a > bit > > wishful thinking. > > > > 32MB SDRAM should permit some utilities (like top, > accounting etc) to also > &
RE: [Leaf-user] Now here's an interesting auction
I think what you were thinking of was the modmaker, which made the modules on the fly for what you needed. That thing has been dead since before I logged onto the list (May 2000). That was for the old 2.9.4 which ran the 2.0.36 kernel (I think that was the kernel). All that has been solved by the repositories like Charles has on his site. Later Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > James Barrett > Sent: Monday, June 18, 2001 07:54 > To: [EMAIL PROTECTED] > Subject: Re: [Leaf-user] Now here's an interesting auction > > > I remember there used to be those places where you entered > what you wanted > and an image was built for you -- do they still exist anywhere? > > Thanks, > > http://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Junkbust & Squid-2
Good Morning, Is it my imagination, or does Junkbust and Squid-2 not configured to show up in the package menu of lrcfg? The files seem to be in place, and I can edit them by navigating to their respective directory, so that isn't a problem. I was just surprised to see them not listed for config in lrcfg. Thanks Tony ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] HD Booting with SCSI disk mod loading problem
Evenin All, I have a chicken/egg problem. I am following the HD install advanced section, and have included the code into the spot above the boot line option. I can get the modules loaded by running the script manually once I am booted into the env. However, here is the problem. That script relies on /sbin/insmod being loaded before it is run (obviously). Insmod is loaded in the modules.lrp package, which can't be loaded because the HD isn't mounted yet because it needs the SCSI modules loaded which can't be loaded because the package they're in comes later.see the problem I am having? Can I move insmod into a different package that gets loaded first? What will that break? Has this been discussed before and I am just dense? I assume moving it would include editing the modules.list and the other package.list file to include the directory in backupsright? Thanks a bunch, Tony ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Chicken/egg problem
Sorry about that previous post. Two or three paragraphs down answered the question (D'OH!). I read that thing through and missed it. thanks, Tony ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] HD Booting with SCSI disk mod loading problem
Good Morning, Na, I have all the modules, just was at a loss how to get /sbin/insmod to load in root.lrp instead of modules.lrp. I had no idea that it was as simple as deleting the lines /sbin/insmod and /sbin/rmmod from /var/lib/lrpkg/modules.list. This forces the files to be backed up with root.lrp hence, loading when I need them to. Believe me, last night I was thinking"How the hell did Charles get his RAID to work?" ...he would have faced the same problem I was. A little more investigating did the trick. Charles, you may want to add that advice again about removing the lines right under the code as well as later in the document. It was mentioned almost in passing, kinda like oh by the way, you'll need to do this of course. Subtlety goes right over my head, I need the clue bat upside the head. Later Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Luis.F.Correia > Sent: Friday, June 22, 2001 04:20 > To: '[EMAIL PROTECTED]' > Subject: RE: [Leaf-user] HD Booting with SCSI disk mod loading problem > > > Maybe your problem is as simple as having the relevant scsi module > compiled in the kernel. > > This means of course you should recompile the kernel in order to have > the module as part o the kernel. > > I recall a similar problem with RedHat that if the module were not in > the initrd archive (similar to our root.lrp), scsi boot was > not possible. > > Hope this sheds some light to your problem. > > p.s. maybe someone on the list could compile a costum kernel > for you... > > -Original Message- > From: Tony [mailto:[EMAIL PROTECTED]] > Sent: Friday, June 22, 2001 4:13 AM > To: [EMAIL PROTECTED] > Subject: [Leaf-user] HD Booting with SCSI disk mod loading problem > > > Evenin All, > > I have a chicken/egg problem. > > I am following the HD install advanced section, and have included the > code into the spot above the boot line option. I can get the modules > loaded by running the script manually once I am booted into the env. > > However, here is the problem. That script relies on > /sbin/insmod being > loaded before it is run (obviously). Insmod is loaded in the > modules.lrp package, which can't be loaded because the HD > isn't mounted > yet because it needs the SCSI modules loaded which can't be loaded > because the package they're in comes later.see the problem I am > having? > > Can I move insmod into a different package that gets loaded > first? What > will that break? Has this been discussed before and I am > just dense? I > assume moving it would include editing the modules.list and the other > package.list file to include the directory in backupsright? > > Thanks a bunch, > > Tony > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] HD Booting with SCSI disk mod loading problem
Ah, I see, in other words, no need to worry about loading modules, they'd be in the kernel already See what I mean about being subtle? Sometimes I can be as thick as a brick Thanks Luis, Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Luis.F.Correia > Sent: Friday, June 22, 2001 08:41 > To: '[EMAIL PROTECTED]' > Subject: RE: [Leaf-user] HD Booting with SCSI disk mod loading problem > > > No, I have a bad english :) > > What I mean was: > > If you compile a NEW kernel with the scsi module as (*) > instead of (M), > it is part of the kernel. > > That was what I meant with my previous email... > > -Original Message- > From: Tony [mailto:[EMAIL PROTECTED]] > Sent: Friday, June 22, 2001 12:52 PM > To: [EMAIL PROTECTED] > Subject: RE: [Leaf-user] HD Booting with SCSI disk mod loading problem > > > Good Morning, > > Na, I have all the modules, just was at a loss how to get /sbin/insmod > to load in root.lrp instead of modules.lrp. I had no idea that it was > as simple as deleting the lines /sbin/insmod and /sbin/rmmod from > /var/lib/lrpkg/modules.list. This forces the files to be > backed up with > root.lrp hence, loading when I need them to. > > Believe me, last night I was thinking"How the hell did Charles get > his RAID to work?" ...he would have faced the same problem I was. A > little more investigating did the trick. > > Charles, you may want to add that advice again about removing > the lines > right under the code as well as later in the document. It > was mentioned > almost in passing, kinda like oh by the way, you'll need to do this of > course. Subtlety goes right over my head, I need the clue bat upside > the head. > > Later > > Tony > > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > Luis.F.Correia > > Sent: Friday, June 22, 2001 04:20 > > To: '[EMAIL PROTECTED]' > > Subject: RE: [Leaf-user] HD Booting with SCSI disk mod > loading problem > > > > > > Maybe your problem is as simple as having the relevant scsi module > > compiled in the kernel. > > > > This means of course you should recompile the kernel in > order to have > > the module as part o the kernel. > > > > I recall a similar problem with RedHat that if the module > were not in > > the initrd archive (similar to our root.lrp), scsi boot was > > not possible. > > > > Hope this sheds some light to your problem. > > > > p.s. maybe someone on the list could compile a costum kernel > > for you... > > > > -Original Message- > > From: Tony [mailto:[EMAIL PROTECTED]] > > Sent: Friday, June 22, 2001 4:13 AM > > To: [EMAIL PROTECTED] > > Subject: [Leaf-user] HD Booting with SCSI disk mod loading problem > > > > > > Evenin All, > > > > I have a chicken/egg problem. > > > > I am following the HD install advanced section, and have > included the > > code into the spot above the boot line option. I can get > the modules > > loaded by running the script manually once I am booted into the env. > > > > However, here is the problem. That script relies on > > /sbin/insmod being > > loaded before it is run (obviously). Insmod is loaded in the > > modules.lrp package, which can't be loaded because the HD > > isn't mounted > > yet because it needs the SCSI modules loaded which can't be loaded > > because the package they're in comes later.see the problem I am > > having? > > > > Can I move insmod into a different package that gets loaded > > first? What > > will that break? Has this been discussed before and I am > > just dense? I > > assume moving it would include editing the modules.list and > the other > > package.list file to include the directory in backupsright? > > > > Thanks a bunch, > > > > Tony > > > > > > > > ___ > > Leaf-user mailing list > > [EMAIL PROTECTED] > > http://lists.sourceforge.net/lists/listinfo/leaf-user > > > > ___ > > Leaf-user mailing list > > [EMAIL PROTECTED] > > http://lists.sourceforge.net/lists/listinfo/leaf-user > > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] HD Booting with SCSI disk mod loading problem
Speaking of SCSI HD's, does anyone know a way to spin down the drive after it has served its purpose? I have seen a couple of old programs that say they can do this, but they are for the 2.0.x kernel. I wrote the author of hdpram and asked if his program will spin down a SCSI drive and he stated no, that it wouldn't work but a small C program interfacing with the sg.o module could do the trick. Any ideas? Thanks Tony ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] HD Booting with SCSI disk mod loading problem
Well Thank you for the immediate response! Part of the confusion on my part was I never totally understood how the packages worked. I knew that some parts belonged to some packages, but until I had to worry about it.I didn't. I took it on faith, you guys [developers] knew what to do, and I wasn't curious. But, as is often the case, I need to know how this stuff works inside and out if I insist on customizing the release for my situation. It's the best way to learn I guess. Thanks again, Tony P.S. Does anyone have the hardware tools package (hwtools_0.5-0.2.deb) from Debian installed? Could you send me the binaries? I don't want to install Debian just to extract a couple of binaries and I can't find out how the hell you can extract them without dpkg. > > Thanks for the feedback, and I'll update the HOWTO making the > insmod/rmmod > change more prominent. The "mentioned in passing" aspect is > due to the fact > that I've been running systems set to load modules at boot (and hence > including insmod/rmmod in root.lrp) for ages with my LRP-CD disto... > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] OT: KVM switches
I just went through that same problem of crappy video. What resolution are you using and how long is your cables? Are you getting ghosting? If so, shitcan those cheap ass cables and get one that is shielded. I just picked up a ps/2 set from cyberguys.com for $23 bucks and it solved all the problems. BTW, I am using an OmniView SE 4 port. I use the other crappy cables for text based machines that don't need high resolution. Later Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Peter Nosko > Sent: Monday, June 25, 2001 17:48 > To: Leaf-User > Subject: [Leaf-user] OT: KVM switches > > > pn] Does anyone here use a KVM switch for GUI workstations? > I use the old > manual switch boxes for my LRP machines because quality video > needs are low. > But I've been using a Belkin Omni-Cube 4-port for X/Linux and > Windows boxes > and am unsatisfied with the video degradation. I'd > appreciate any feedback > on reasonably-priced KVM switches with decent video > performance. Thanks. > > --- > Peter Nosko > > > _ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] OT: KVM switches
This seems obvious, but I have to ask Your monitor isn't sitting next to a humongous UPS is it? I had the same problem at work, with the wavy lines, and it was because it was near a Compaq 2000 VA UPS. I think I got brain cancer sitting near that damn thing. That, BTW wasn't on a KVM, the monitor was sitting on the machine, with the KVM right next to it (mission critical no less). Moving it solved the wavies Later Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Peter Nosko > Sent: Monday, June 25, 2001 20:12 > To: [EMAIL PROTECTED] > Subject: RE: [Leaf-user] OT: KVM switches > > > pn] What I've noticed is more important than the specific > resolution/refresh > rate is that all devices attached should use as similar as possible a > resolution/refresh rate. But I still notice (most on the > Win2K Server) > several areas on the screen that "waver", similar to the way > you see heat > rising off a road surface. I consider spending more, but I > want to make > sure that throwing money at the problem will actually solve it. > > > > Sam Slade Said: > > > > I also use the Belkin Omni-View, PS2, with 6 foot cables. > As long as I > > stay with no higher than 1024x760 the video is okay. So I've been > > looking also, but the real good ones that work cost many > times the price > > of the Omni-View, and I haven't seen a decently priced > switch either. > > > >Sam Slade > > > > Peter Nosko wrote: > > > > > > pn] Does anyone here use a KVM switch for GUI workstations? I > > use the old > > > manual switch boxes for my LRP machines because quality video > > needs are low. > > > But I've been using a Belkin Omni-Cube 4-port for X/Linux and > > Windows boxes > > > and am unsatisfied with the video degradation. I'd appreciate > > any feedback > > > on reasonably-priced KVM switches with decent video > > performance. Thanks. > > > > > > --- > > > Peter Nosko > > > > > > _ > > > Do You Yahoo!? > > > Get your free @yahoo.com address at http://mail.yahoo.com > > > > > > ___ > > > Leaf-user mailing list > > > [EMAIL PROTECTED] > > > http://lists.sourceforge.net/lists/listinfo/leaf-user > > > > ___ > > Leaf-user mailing list > > [EMAIL PROTECTED] > > http://lists.sourceforge.net/lists/listinfo/leaf-user > > > > > _ > Do You Yahoo!? > Get your free @yahoo.com address at http://mail.yahoo.com > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Firewall testing
netstat -an ought to do it. Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of > Sean E. Covel > Sent: Saturday, June 09, 2001 14:52 > To: [EMAIL PROTECTED] > Subject: [Leaf-user] Firewall testing > > > I've been conversing with the "Expert Team" at PC Flank > (http://www.pcflank.com./) about their scanner. So far they > have asked > for additional information about my firewall, but have not > defended the > results. > > So How can I verify that a certain port is/is not open? > The report > I got noted port 3128 (which Firewall Forensics says is "squid") was > "open". Later in the report it said all the trojan ports were open > (27374, 12345, 1243, 31337, 12348) (I doubt it!) How can I be sure? > > As far as the "spoofing" and why they would want to do it... Anyone > running portsentry? Ever gone up against "Shields Up" or > "DSL Reports" > tests? What happens? After a few scans from the same IP, they end up > in hosts.deny and a firewall rule is added, both automatically. Once > that is done, further scanning is moot. My first run against PcFlank > noted more ports open than what I listed above, so I checked out my > network.conf. The variables EXTERN_UDP_PORTS and EXTERN_TCP_PORT had > some ports listed (_domain _ntp _bootpc)(_smtp). I cleaned those up > (had to leave _bootpc(?) for dnsclient) and the next scan listed fewer > ports. Neither "Shields Up" or "DSL Reports" got far enough along in > their scans before portsentry kicked in to see those other ports! > > So, once again, how do I tell for sure if the above listed ports are > open/visible/stealth? > > Thanks, > > Sean > > P.S. Did you run the "advanced" test. Take a look at your > logs. What > a mess! What does it all mean. Did LRP really pass the test? > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Help with DNS error logs on Eiger2Beta with PPPoP Attn; Charles or Victor
Below is a copy of the message from the old LRP mailing list. = Message: 12 Date: Wed, 16 May 2001 14:45:04 -0700 From: Victor McAllister <[EMAIL PROTECTED]> To: Linux Router Project <[EMAIL PROTECTED]> Subject: Re: [LRP] All threads regarding port 53 TCP John Desmond wrote: > Somebody said: > > > Some load balancing systems will generate TCP/53 > > requests > > > to your name server in order to identify your > > virtual > > > location on the Internet. > > Is it possible that the DNS requests that dnscache > makes causes LRP to look like a nameserver? > > By the way, I've haven't used any workstations behind > the LRP since morning of 5/11 and I've gotten the > following DNSpam: 5/11 21:38:54, 5/11 23:53:15, and > 5/12 10:36:25. Nothing since then. > -John I run Eiger and added a version of Charles' script into /etc/ipfilter.conf here: # Clear any garbage rules out of the filters ipfilter_flush # Block known IPs who do TCP port 53 floods # Added to block list of IPs on 4/15/2001 IP_LIST="`cat /etc/dns_floods`" for IP in $IP_LIST ; do $IPCH -I input -j DENY -p tcp -s $IP/32 -d $EXTERN_IP/32 53 -i $EXTERN_IF done ; unset IP It adds 22 rules to the input filter. You can still tell if you have been hit because the number of DENYed packets is available when you look at the input filter list. (You can use weblet to view this). Probably just eliminates the 100k log entries since they were being DENYed anyway before. === Now, from what I noticed, the line : $IPCH -I input -j DENY -p .etc is wrapped by my mail client (or the mail server, whatever the hell). I remove the LF/CR or whatever with delete, and it works great. Also, the other thing I found is that there is a few places in the ipfilter.conf that flushes all the rules. Make sure you place it in the right spot or one of the later flushes will remove your hard work. Tinker with it and you will get it going! Later, Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Kevin > Sent: Thursday, July 05, 2001 06:59 > To: [EMAIL PROTECTED] > Subject: FW: [Leaf-user] Help with DNS error logs on Eiger2Beta with > PPPoP Attn; Charles or Victor > > > > -Original Message- > From: Kevin [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, July 04, 2001 11:51 AM > To: Leaf-User@Lists. Sourceforge. Net > Subject: Re: [Leaf-user] Help with DNS error logs on Eiger2Beta with > PPPoP Attn; Charles or Victor > > > HELP!! > > I tried to search via Geocrawler for DNS and Scripts and it found > nothing...ouch > > Any help on the script to run to stop this logging? > > Thanks > > > Message: 4 > Date: Tue, 03 Jul 2001 18:24:36 -0700 > From: Victor McAllister <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: [Leaf-user] Help with DNS error logs on > Eiger2Beta with PPPoP > Reply-To: [EMAIL PROTECTED] > > 64.37.200.46 is one of the IPs used by some companies for > geographic load > balancing. A whole list of machines all hit your port 53 at > the same time. > It > doesn't do any damage, but the log entries can run to 100k or more. > I use Charles' little script to modify the firewall to not > log this garbage. > There was a message on this lit a couple of days ago with the > script for > esb2... If you can't find -- holler. > > > I need some help in not logging the following DNS error types: > > > > Packet log: input DENY ppp0 PROTO=6 64.37.200.46:41613 > 66.20.176.251:53 > L=44 > > S=0x00 I=0 F=0x T=242 (#42) > > > > I am using the Eiger2beta with PPPoP from Ken on a two > floppy disk set-up. > > > > I have a dsncache.lrp module running and have three IP's for the DNS > servers > > to ensure these all find a way home. > > > > from /etc/network.conf > > DNS0=192.168.1.254 > > DNS1=205.152.0.20 > > DNS2=205.152.0.5 > > > > What else is needed to help? > > > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > http://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] A small snippet of code for review
I apologize in advance for posting something that is probably more of
use in the developer's list, but I want the maximum eyeballs to look and
tell me a few things.
First, can anyone tell me if this code depends on libraries that have
been removed from LEAF? I am running the pre-release EigerStien 2.2.19
copy. When I compile this code on a Debian development box, it seems to
run OK, then when I move it to the router, it gives me a segmentation
fault. I can't even get it to tell me how to use it (i.e. #:sdmotor )
without it dieing.
Second, has anyone a better way to spin down a SCSI drive that throws
heat like the sun? I have a full-size Seagate that has a whine worse
than my wife, and throws heat like a bastard. After I load from the
drive, I want to power it down. Any suggestions?
Thanks in advance
Tony
>/*
> * sdmotor - start/stop scsi drive spindle
> */
>
>#include
>#include
>#include
>#include
>#include
>
>struct s {
> int inlen,
> outlen;
> charcdb[6];
>};
>
>main( int argc, char *argv[])
>{
> struct sc;
>
> memset( &c, 0, sizeof c);
> c.cdb[0] = 0x1B;
> if (argc != 2)
> return (usage( ));
> if (strcmp( argv[1], "start") == 0)
> c.cdb[4] = 1;
> else if (strcmp( argv[1], "stop") != 0)
> return (usage( ));
> if (ioctl( 0, SCSI_IOCTL_SEND_COMMAND, &c) == 0)
> return (0);
> fprintf( stderr, "ioctl failed (%s)\n", strerror( errno));
> return (1);
>}
>
>usage( )
>{
>
> fprintf( stderr, "usage: sdmotor { start | stop }\n");
> return (2);
>}
___
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] A small snippet of code for review
Thank you Charles for some feedback, Comments noted below <> > > To see which libraries you need, run: > > ldd sdmotor > The results are libc.so.6 and ld-linux.so.2 I assume with updated versions of these, it would work? I also assume, if I downgraded my install (see below) to 2.1, then I would be compiling against compatible versions of these libs? What if I updated the libs on the LRP machine? Would I break anything with newer libs? I would assume backward compatibility would be the name of the game, but this is new ground for me. > on your debin box. Since you're program's crashing (not > generating an error > about a missing library), you probably are linking against > the wrong version > of the standard C library. Are you compiling on Debian 2.1? > Nope, 2.2r3 from April, 01 > Also, you may need to make sure your kernel has the SCSI > support modules > loaded... Yup, got that covered. > > Do what I do...don't buy Seagate drives ;-) $4.00, new in box with a write-protect jumper. I didn't realize I could cook on the damn thing while it was running. And the noiseoi! > > IIRC, there are some usermode programs to do this sort of > thing with SCSI > drives. I don't remember off-hand what the programs called, > but a bit of > searching should turn up something. You might also take a > look at noflushd: > http://freshmeat.net/projects/noflushd/ Will do! Thanks! Tony ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] A small snippet of code for review
Charles, LEAF list members, Archive readers, FYI, Charles is 'da man! If anyone wants to spin down a SCSI drive with the new version of EigerStein2 [ver 2.2.19] (at least a Seagate drive on an Adaptec 2940 AU adapter), version 1.8.3 of noflushd is what you want. Previous versions didn't support SCSI disks (from the release notes) and versions after were compiled with libc5 support, which seems to seg dump all over the place. So, I can put it to sleep after I get everything loaded. WOOHOO! Now all I have to do is configure the box, set the write prevent jumper, and I'm off to the races. The advantages of a HD, with the security of a mechanical write-prevent. Does it get any better? [if not, shoot me now] Thanks for the help Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Charles > Steinkuehler > Sent: Tuesday, July 10, 2001 09:45 > To: [EMAIL PROTECTED] > Subject: Re: [Leaf-user] A small snippet of code for review > > > > > To see which libraries you need, run: > > > > > > ldd sdmotor > > > > > > > The results are libc.so.6 and ld-linux.so.2 > > > > I assume with updated versions of these, it would work? I > also assume, > > if I downgraded my install (see below) to 2.1, then I would > be compiling > > against compatible versions of these libs? > > > > What if I updated the libs on the LRP machine? Would I > break anything > > with newer libs? I would assume backward compatibility would be the > > name of the game, but this is new ground for me. > > You can't replace your existing libc librarie with the new > ones, or all your > existing apps will segfault. I don't know off-hand if you > can have both new > and old libraries present, but if they don't conflict (in > name-space), and > if you've got enough disk space, you can have both the new > and old glibc > present. > > > > on your debin box. Since you're program's crashing (not > > > generating an error > > > about a missing library), you probably are linking against > > > the wrong version > > > of the standard C library. Are you compiling on Debian 2.1? > > > > Nope, 2.2r3 from April, 01 > > This is the problem. The c libraries are different, which is > why you're > getting the segfault. > > > > Do what I do...don't buy Seagate drives ;-) > > > > $4.00, new in box with a write-protect jumper. I didn't > realize I could > > cook on the damn thing while it was running. And the noiseoi! > > Now you know why they were $4 :) Some of the Seagate drives > I've worked > with sound like jet engines, and they whine so loudly you > think they're > going to explode into a million pieces... > > If noflushd will work for you, you may be able to grab a pre-compiled > version from an old Debian CD or archive somewhere, and avoid > compiling > all-together... > > Good luck! > > Charles Steinkuehler > [EMAIL PROTECTED] > > > ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] tmp dir fills with weblet crap, cron to remove?
Quick question, Is there some script somewhere that will clean out the tmp directory that is scheduled to run periodically? I am running EigerStein Beta2 and checked multicron and didn't see anything for the tmp dir. I have a load of crap from weblet (tmp files) that take up a fair amount of space, and I periodically remove it with rm sh-*. I figured before I cob something together to do automagically this for me, I should ask. Perhaps something is scheduled to do this for me and it's misfiring. Thanks, Tony ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] FYI on saving CD configs to floppy
Bravo on the new CD release! I love this new release, it was quite easy to setup. I did however, run into a problem saving configs to floppy that I didn't see in any messages. I thought an FYI for the archives would be good idea. I have a Packard Hell computer, Packmate 6200 (stop laughing), and surprisingly, it boots from the CD, even though there is no setting for that in the BIOS. Anyway, if I had the BIOS set to try A then C, when I used the backup command in lrcfg to set a new destination for config files, it would not show the floppy as a choice. I had to use custom. It would ask for the destination and file system which default to fd0 and msdos, so far so good. Then when I tried to backup that package, it would error with "could not mount device". Yet, I could manually mount the floppy no problem. I don't know why, but I set the BIOS to boot only from the C drive, and when I tried to set a custom destination, the floppy showed up as an option, and everything is peachy. I looked at the lrcfg.back code and tried to see why it would give me gas about not finding the device, but I couldn't see why it would error. It works just fine now, with no problems. Hope that helps someone. Later Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Charles > Steinkuehler > Sent: Friday, November 16, 2001 11:07 > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: [Leaf-user] Announcing official release of Dachstein-CD > > > The official release (v1.0.1) of Dachstein-CD is now > available for download > from the usual places: > slow: > http://lrp.steinkuehler.net/files/diskimages/dachstein-CD/ > fast: > http://lrp1.steinkuehler.net/files/diskimages/dachstein-CD/ > http://lrp2.steinkuehler.net/files/diskimages/dachstein-CD/ > > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] FYI on saving CD configs to floppy
I tried to enter not only the default it was offering me [fd0] but also overriding it with /dev/fd0, but it told me there was no such device or some such nonsense. All this is moot, from the sounds of it anyway, if v1.0.1 fixes it. Thanks again for the hard work! Tony > > CS> This is a known bug with all versions prior to v1.0.1. > The problem is with /usr/sbin/lrcfg.back, which was setting the actual > backup device to "fd0" and not "/dev/fd0" when you entered a custom backup > target. The /dev/ portion of all devices is not displayed to save screen space... > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] AMD PCNET
First, I don't have a Compaq running LEAF, but I do have NIC cards that have the same chipset. Have you tried the PCNet32 module? Another that works for the VLB cards that I have that use the PCNet chip is the lance.o module. Supposedly the PCNet32 module should work for me, but it doesn't. The lance.o is a generic replacement from what I understand. Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Sergio > Morilla > Sent: Friday, November 23, 2001 10:35 > To: Leaf-user@lists. sourceforge. net (E-mail) > Subject: [Leaf-user] AMD PCNET > > > Hi all, > > I have an old Compaq 5100 with an embedded AMD PCNET ethernet card. > Does anybody know if which module to use and if this is a PCI card?? > > Thanks in advance > > > > Sergio D. Morilla > > [EMAIL PROTECTED]Sán Martín > 647 Piso 2 > SistemasC1004AAM - > Buenos Aires > Tipoiti SATIC Argentina > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > <>
RE: [Leaf-user] tcp packets to dns port
Hi Tim, Yeah, you have it rightback in April and May the discussion took place. It was finally tracked down to some annoying pop-up ads like the X-10 ad that triggered a flurry of DNS hits to locate an ad server close to your location. I can't remember the name of the company who had this brainstorm (30+ hits in 3 seconds?!?! WTF?). But, if you had any popups lately, then I bet this is the cause of the log entries. Later Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Hicks > Sent: Thursday, September 27, 2001 19:16 > To: Charles Steinkuehler; [EMAIL PROTECTED] > Subject: [Leaf-user] tcp packets to dns port (was Re: Dachstein-pr3 > available) > > Charles, > > that's great. All the dmz problems appear to have gone away, > and everything > seems to be working as it should. Thanks very much. > > I do have one niggle though. My logs have quickly filled up > with this sort > of thing... > > Sep 27 23:45:02 glenmore kernel: Packet log: input DENY eth0 PROTO=6 > 203.208.128.70:35587 213.105.191.213:53 L=44 S=0x00 I=0 > F=0x T=242 (#47) > Sep 27 23:45:02 glenmore kernel: Packet log: input DENY eth0 PROTO=6 > 202.139.133.129:56100 213.105.191.213:53 L=44 S=0x00 I=0 > F=0x T=239 > (#47) > Sep 27 23:45:02 glenmore kernel: Packet log: input DENY eth0 PROTO=6 > 203.194.166.182:43201 213.105.191.213:53 L=44 S=0x00 I=0 > F=0x T=232 > (#47) > Sep 27 23:45:02 glenmore kernel: Packet log: input DENY eth0 PROTO=6 > 203.208.128.70:35613 213.105.191.213:53 L=44 S=0x00 I=0 > F=0x T=242 (#47) > > > I realise that these are tcp packets inbound to my dns port > (53), but they > don't appear to be from the dns root-servers (which was the > case last time > something like this happened). I seem to remember a thread > on either this, > or the linux-router list that discussed something like this a > little while > ago. If I remember correctly, the conclusion was that it was > down to some > flakey sort of load-balancing system, but I could be wrong on that. I > searched the lists on geocrawler, but I couldn't turn up what > I was looking > for. > > I just want to check if I'm better opening up tcp_port_53, or simply > silently denying all these packets? If I deny them, isn't there a > possibility of certain dns queries failing if the response is > too large? If > I open the port, do I leave myself in more insecure position, > given that I > (think I) have a program that is listening on this port i.e. dnscache. > > cheers > > tim > > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] OT: Verilink ESF T1 CSU
I know this is off-topic, but I have 4 AT&T Paradyne (made by Verilink) ESF T1 CSU's that someone sent me by mistake. I won an auction for a router, and they sent me these. Anyway, if someone on the list could use these, drop me a private e-mail and they can be yours for the cost of shipping. Don't ask me how the hell they work, I know they act as a termination for a T1. But setting up is your deal, not mine. No tech support included with these! Thanks, Tony [EMAIL PROTECTED] ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Testing help needed
Is it just me that's wondering, but why do you need a journaling filesystem for a firewall that runs in RAM? I can understand (I guess) if you are using it for a stripped down server application like smtp server, or whateverbut I was under the impression that a journaling filesystem's best attribute was crash recovery because of the way it writes to disk. For a database app server, or smtp server, I can see the benefits. But, again, as a router that loads a minimal filesystem, why go to the bother? Later Tony > The existing 2.2.19 kernel trees won't correctly load some of > the filesystem modules, which appears to be an interaction between the > openwall patches and the reiserfs patch. > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-devel] RE: [Leaf-user] Testing help needed
Ah, I see. I thought perhaps I was missing something. > > The sort answer is because I wanted to play with it :) > I experiment like that also. Now I understand. I thought perhaps I had my head somewhere and missed a whole shift in direction with the filesystems. > There *are* a bunch of valid reasons to run a journaling > filesystem on a thin server, and I do use my disto's for more than just > firewalls, but for a router, JFFS is probably more important than something like > reiserfs or ext3. > And I agree. Like I said in my first post, if your machines are doing other things, especially with HD's, I see why you would want to use a JFS. I guess I don't completely understand why you need a JFFS for something that under normal circumstances, isn't written to physically. If you have a crash/powerdown situation, with resumtion of service, you just reload your image and continue to firewall/route. Would the JFFS be in play to preserve the logs? If so, wouldn't it be easier/safer/more secure to forward them to an internal syslog server? Again, I am not trying to critique, more just trying to understand why. Hell, if you saw some of the crap I implement just to try it, you'd think I _like_ frustration and extra work :-) Later, Tony ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-devel] [Leaf-user] Testing help needed
All valid points, I hadn't thought of those reasons. Thanks Tony > > On Sat, 1 Dec 2001, Tony wrote: > > > > > I guess I don't completely understand why you need a JFFS for > > something that under normal circumstances, isn't written to > > physically. If you have a crash/powerdown situation, with resumption > > of service, you just reload your image and continue to > > firewall/route. Would the JFFS be in play to preserve the logs? > > If so, wouldn't it be easier/safer/more secure to forward them to an > > internal syslog server? > > > > I like doing this, but there are concerns with doing it in > anything less > than a perfectly trusted environment: If your log host is unavailable, > you're not logging; if malicious listeners are on the LAN, > they can see > everything you log (could be quite useful when scanning or rooting a > server); if malicious users are on the LAN, they can flood > the listening > syslog server and prevent real logs from getting through. > > syslog-ng is supposed to fix a lot of these problems, but I've never > gotten around to taking a look at it. > > -- > Jack Coates > Monkeynoodle: A Scientific Venture... > > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] CPU loading monitor
Ya gotta load the lncurses.lrp library. Later Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Kevin Kropf > Sent: Wednesday, December 19, 2001 00:17 > To: 'Kenneth Hadley'; Leaf-User (E-mail) > Subject: RE: [Leaf-user] CPU loading monitor > > > I get the following error: > > # top > top: error in loading shared libraries > libncurses.so.4: cannot open shared object file: No such file > or directory > > Help... > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Kenneth > Hadley > Sent: Tuesday, December 18, 2001 8:49 PM > To: [LEAF-user] > Subject: Re: [Leaf-user] CPU loading monitor > > > Not that im aware of, though I do know that I a have a top > (which can watch > CPU usage among other things) package on my site under the > packages section > ( http://leaf.sourceforge.net/devel/khadley/ ) and yes, I am > doing shameless > advertising ;-) > > -Kenneth Hadley > > > - Original Message - > From: "Kevin Kropf" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]>; "Leaf-User (E-mail)" > <[EMAIL PROTECTED]> > Sent: Tuesday, December 18, 2001 5:32 PM > Subject: RE: [Leaf-user] CPU loading monitor > > > Has anyone made an lrpStat.lrp? > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of KP > Kirchdörfer > Sent: Tuesday, December 18, 2001 3:31 PM > To: [EMAIL PROTECTED]; Leaf-User (E-mail) > Subject: Re: [Leaf-user] CPU loading monitor > > > Am Dienstag, 18. Dezember 2001 21:58 schrieb Kevin Kropf: > > Is anyone aware of a CPU monitor for LRP that I could use to > > see what my box is doing? > > lrpStat from > > http://leaf.sourceforge.net/devel/hejl > > Read there about using the C-program lrpStat instead of > stat.sh, which is > used in weblet from dachstein. > > kp > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Is this newbie even in the right ballpark with LEAF?
But, isn't LEAF limited to 64M for the ramdisk? MINIX is the filesys right? And I thought that was limited to 64M total. Now, 64M with the PIII and some quality PCI cardsshould be more than enough for what he needs. I know 3com and Intel have cards with the 3DES decoding chips onboard to offload the work, but I don't know if they work with Linux (I know they work with W2K). I looked at 3com's site, and they have beta version drivers for the 2.2 and 2.4 kernels, but I am not totally sure they support the offloading of the encryption/decryption and tcp checksum calcs. If they did, then you could get away with even less CPU. Later Tony [snip] > > You're talking about > > Low end Intel High End Intel > - > 233 MHz Cpu733 MHz Cpu > 3 Mbps 3DES throughput 95 Mbps 3DES throughput > > That's a big difference. I'm sure you could put together > a LEAF box with a PIII 800 and 512 MB ram, but you're asking > for other companies solutions, and I'll let someone else > answer that. I'd like to think a LEAF box could keep > up until it's compared to some fancy hardware with a modified > PCI bus or multiple PCI buses. > > Good Luck, > Matthew ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Dachstein-CD V1.0.2 Available
Hi All,
I have a question Charles, how/where is the /dev/cdrom symlink created? I took a
stock version of your 1.0.2 image and modified it to fit my needs (i.e. set a root
passwd, included some other packages like psentry, setup network config for my net,
stuff like that). I then did full backups of the packages to floppy. I then created
an image with the updated *.lrp files from the floppy overwriting the default packages
on the CD.
When I reboot, all my settings are there, but the /dev/cdrom symlink is missing and
everything is trying to load from /dev/hda. I could just reset the modules to point
to /dev/hda and probably be happy, but I was wondering what went wrong, and if I can
just find it and fix it, that would be easier than burning a bunch of cd's
experimenting.
Thanks
Tony
{snip}
>The main changes include the inclusion of net-snmp (modified
> version of
> Andrew Hoying's package), an update to the latest kernel (2.2.19-3),
> modifications to the init-scripts and general configuration
> to intelligently
> create and use /dev/cdrom (which will hopefully avoid the
> requirement for
> most folks to customize their PKGPATH), and a minor tweak to
> /etc/network.conf.
___
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Dachstein-CD V1.0.2 Available
[snip] > > The /dev/cdrom symlink is created in the /linuxrc script, but > the actual code to do this is in /var/lib/lrpkg/root.dev.mk Found it, thanks! > > This should be part of the root.lrp package, which is part of > the bootable floppy disk image embedded on the CD-ROM (or on your boot > floppy, if you're not booting directly from the CD). Ok, next question. I update and backup my root.lrp to floppy. When I reboot, it does not read my root.lrp from the floppy, all my settings (i.e. my .ssh directory in /root) is missing. So, what the heck am I missing? I don't have to use that root.lrp to burn a new cd in order to use the it, do I? I know I must be missing something simple. Thanks and Happy Holidays! Tony > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Dachstein-CD V1.0.2 Available
CS> Actually, if you really want to us a new root.lrp, you do have to burn it to a new CD (or boot off a floppy disk containing the new root.lrp). As an alternative, you can add root.lrp to the package list (LRP=root,...), but this is kind of klunky, and I'm not sure a system setup this way would properly backup root.lrp a second time. Nope, it don't work. I thought I'd try that after I messaged the group, and what I got was 2 listings for root, neither of which would mount the diskette to backup. Even though the destination was the floppy, and it was not mounted, backup failed. CS> Probably the best solution would be to add the contents you wish to backup (ie either the /root directory or the /root/.ssh directory) to a package other than root (like sshd or local) and backup that package. Ah, yet another way to skin the cat CS> To add files to a package for backup, simply add the file/directory specifier (shell wildcards are OK) to the /var/lib/lrpkg/.list file. If you want to include the files in a partial backup, you'll need to add them to the /var/lib/lrpkg/.local file as well. See the CD-ROM readme for details on the .local file format, although you probably just need to add an "I" in front of the filespec you used in the .list file (ie "I ") for the .local file. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) Thank you sir for the pointers. Later Tony ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Help with a webserver on a DMZ network.
I am just starting to setup a DMZ, but I have a few questions on your setup,
the are noted below
>
>
> # Set EXTERN_IP to "DYNAMIC" if you need the rules to read the IP from the
> # interface, but you arn't using DHCP (ie PPPoE and dialup users)
> EXTERN_IP=PUBLIC IP
> ^^
What's the purpose of this entry? From what I see in the network.conf file,
the line above
should take care of business:
# External Interface IP number...the default should be fine for most folks
#eval EXTERN_IP=\"\${"$EXTERN_IF"_IPADDR:-""}\"
[snip]
>
> ## UDP Services open to outside world
> # Space seperated list: srcip/mask_dstport
> # NOTE: bootpc port is used for dhcp client
> EXTERN_UDP_PORTS="0/0_80"
>
And why do you have udp 80 open? Webservers use tcp.
>
> # TCP services open to outside world
> # Space seperated list: srcip/mask_dstport
> EXTERN_TCP_PORTS="0/0_80"
>
Good
I don't know that much about setting up a DMZ (yet) but this is what jumps
out at me as strange in the setup. I hope this is somewhat helpful.
Later
Tony
___
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Strange error messages
Funny, I had 2 Boca VLB cards that used the lance.o module in a 486DX100 with 24M, and heat buildup caused them to give error messages just like that. How do I know it was heat? ***It only happened in the summer. ***When I took the cover off the machine, it ran fine. ***When I installed a second fan the problems went away. I tried replacing the cards but still had the same errors until I changed the interior temp. Give that a try. Later, Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Scott Coley > Sent: Wednesday, January 23, 2002 6:22 PM > To: [EMAIL PROTECTED] > Subject: [Leaf-user] Strange error messages > > > I used to run Mike Leone's PPPoE Materhorn image on a 486/100 with 16 > megs of ram and had no problems. I upgraded my motherboard to a P90 > with 24 megs of ram and now I'm getting some strange error message > like the following > > Jan 23 18:08:08 marchwarden kernel: eth0: Bus master arbitration failure, > status > 8cf2. > Jan 23 18:08:09 marchwarden kernel: eth0: Tx FIFO error! Status 02e2. > Jan 23 18:08:12 marchwarden last message repeated 7 times > Jan 23 18:08:12 marchwarden kernel: eth0: Bus master arbitration failure, > status > 8cf2. > Jan 23 18:08:12 marchwarden in.telnetd[786]: connect from 192.168.1.1 > Jan 23 18:08:13 marchwarden kernel: eth0: Tx FIFO error! Status 02e2. > Jan 23 18:08:15 marchwarden last message repeated 4 times > Jan 23 18:08:15 marchwarden kernel: eth0: Tx FIFO error! Status 06e2. > Jan 23 18:08:16 marchwarden kernel: eth0: Tx FIFO error! Status 02e2. > Jan 23 18:08:17 marchwarden kernel: eth0: Tx FIFO error! Status 02e2. > Jan 23 18:08:17 marchwarden kernel: eth0: Tx FIFO error! Status 06e2. > Jan 23 18:08:17 marchwarden kernel: eth0: Tx FIFO error! Status 02e2. > > > I have no idea as to what's causing the problem. I'm using 2 Compaq > 10 megabit Netelligent ISA Ethernet cards equipped with the PCNet-ISA II > (Lance compatible) chip. > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] NIC card offer to list members
Just in case anyone needs some cards, I have a buttload of 3c509-TP ISA cards that I would share with any list members that want some. You pay shipping and I'll give you a couple no charge(max 3 per person please). These cards have tested fine, but I have not tested every single one. I don't want to warranty these since I am giving them away. But like I said, I tested over 40 of these cards with not one failure. The only thing I ask is you pay for priority mail (since I have the boxes already and it will make my life 10x easier) and you use it on a LEAF system :-) Drop me a private e-mail and we can work out the details. Later, Tony [EMAIL PROTECTED] PS I also have a few RACAL ISA cards that were in the same bunch, if you would prefer some of thoselet me know. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] changing internal subnet addrs on Dachstein
Don't forget hosts.allow Later Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Christopher > Holmes > Sent: Sunday, February 03, 2002 5:34 PM > To: [EMAIL PROTECTED] > Subject: [Leaf-user] changing internal subnet addrs on Dachstein > > > I just changed the internal network address on my Dachstein box. > > I changed the 192.168.1.xx to 192.168.5.xx in... > > /etc/dhcpd.conf > /etc/network.conf > /etc/sh-httpd.conf > > /etc/ipfilter.conf looked OK as-is. > > I backed up packages etc, dhcpd, & weblet. Everything works fine except I > can't get the weblet page to display. > > What did I miss? > > Chris > > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] DMZ Options - additional questions
Good Evening, I would like to build on this DMZ discussion and combine it with a post that Matt had a few days ago. My situation is that I am going to impliment a DMZ with the private switch, and have a second firewall (MS ISA server) between the DMZ and internal network. Here is a lame pic of what I want to do: Internet | | | |eth0 (IP assigned from RR) LRP Box | | | |eth1(192.168.1.2) | | | |_ 192.168.1.0/24 DMZ | eth2 (192.168.1.3) | 192.168.1.1 ISA ext. nic 192.168.0.1 ISA int. network | | Internal network (192.168.0.0/24) OK, now what I was thinking was, that the eth1 and eth2 would be on the same subnet. This way, updating the web server from the internal network would be fairly easy, because the internal nets default gateway is the ISA server, and the external nic on the ISA server has a default gateway of the LRP box. Same with the DMZ box. Assuming they penetrate the LRP box and hack the DMZ server, they are still removed from the internal net by the ISA server. I want to allow the DMZ box access to a Access database on the internal network (read only) and the DMZ box also needs access to relay SMTP messages to an internal Exchange box. The DMZ box is a W2K server running IIS and SMTP w/ ISA's message screener. (Everything is patched :-) Anyway, what do you all think? Any flaws you can see in this plan? I appreciate all the feedback you can give Thanks Tony > > > " Whether you want a DMZ or not (YES, PROXY, NAT, PRIVATE, NO) " > > > > Proxy > > NAT > > Private... > > > > Does PRIVATE mean, that i have a DMZ, but with PRIVATE ip ranges etc, > > YES - This is a traditional "routed" DMZ...your ISP routes a block of IP's > to the external interface of your firewall > > PROXY - A "Proxy-ARP" DMZ...used if you've got a block of static IP's from > your ISP. The firewall essentially "glues together" two identical network > segments, allowing your DMZ systems to be configured with public > IP's (just > like they were connected directly to your upstream modem), but > still having > the protection of a firewall. > > NAT - Similar to a Proxy-ARP setup, but uses static-NAT > translation instead. > Each DMZ system is configured with a private IP, and a > translation table is > built, converting public IP's to the private IP of your DMZ systems. > > PRIVATE - This architecture is unique...it port-forwards specific services > to DMZ machines, which have private IP's. The main benifit is you don't > have to have multiple IP's assigned to be able to implement this form of > DMZ. > > NO - No DMZ > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] DMZ Options - additional questions
Good Morning, I am resending a message that got no response the last time, I would appreciate any input anyone might have. I am going to try and impliment this on Sunday. Thanks in advance Tony Good Evening, I would like to build on this DMZ discussion and combine it with a post that Matt had a few days ago. My situation is that I am going to impliment a DMZ with the private switch, and have a second firewall (MS ISA server) between the DMZ and internal network. Here is a lame pic of what I want to do: Internet | | | |eth0 (IP assigned from RR) LRP Box | | | |eth1(192.168.1.2) | | | |_ 192.168.1.0/24 DMZ | eth2 (192.168.1.3) | 192.168.1.1 ISA ext. nic 192.168.0.1 ISA int. network | | Internal network (192.168.0.0/24) OK, now what I was thinking was, that the eth1 and eth2 would be on the same subnet. This way, updating the web server from the internal network would be fairly easy, because the internal nets default gateway is the ISA server, and the external nic on the ISA server has a default gateway of the LRP box. Same with the DMZ box. Assuming they penetrate the LRP box and hack the DMZ server, they are still removed from the internal net by the ISA server. I want to allow the DMZ box access to a Access database on the internal network (read only) and the DMZ box also needs access to relay SMTP messages to an internal Exchange box. The DMZ box is a W2K server running IIS and SMTP w/ ISA's message screener. (Everything is patched :-) Anyway, what do you all think? Any flaws you can see in this plan? I appreciate all the feedback you can give Thanks Tony > > > " Whether you want a DMZ or not (YES, PROXY, NAT, PRIVATE, NO) " > > > > Proxy > > NAT > > Private... > > > > Does PRIVATE mean, that i have a DMZ, but with PRIVATE ip ranges etc, > > YES - This is a traditional "routed" DMZ...your ISP routes a block of IP's > to the external interface of your firewall > > PROXY - A "Proxy-ARP" DMZ...used if you've got a block of static IP's from > your ISP. The firewall essentially "glues together" two identical network > segments, allowing your DMZ systems to be configured with public > IP's (just > like they were connected directly to your upstream modem), but > still having > the protection of a firewall. > > NAT - Similar to a Proxy-ARP setup, but uses static-NAT > translation instead. > Each DMZ system is configured with a private IP, and a > translation table is > built, converting public IP's to the private IP of your DMZ systems. > > PRIVATE - This architecture is unique...it port-forwards specific services > to DMZ machines, which have private IP's. The main benifit is you don't > have to have multiple IP's assigned to be able to implement this form of > DMZ. > > NO - No DMZ > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] cable modem and NAT
Bullshitthat's what I am doing. And, as a matter of fact, they even suggested using a linksys firewall with the 4 port switch. I guess they don't want to field LEAF questions ;-) Later Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Thursday, April 04, 2002 5:00 PM To: [EMAIL PROTECTED] Subject: [Leaf-user] cable modem and NAT My boss wants to put a linux router behind his Road Runner(the ISP) cable modem so he can have a decent firewall and possibly port forwarding. RoadRunner says he can't do NAT. Is that just smoke? How would they know? TIA, Phil ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] internal NAT question
Would not the ipchains/iptables rules be applied? Could you not say forward only traffic from external_ip/32 to internal_server/32 port 3389 or whatever and essentially say, yeah, this port is open but only for this one client on the internet? All others would be rejected/denied. Or am I mistaken, and that port forwarding bypasses all rules. Thanks, Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steve Fink Sent: Friday, April 26, 2002 3:55 PM To: LEAF-List Subject: RE: [Leaf-user] internal NAT question Phillip, The security implications are the same as having that port on that machine exposed directly to the internet. Example: Portforwarding port 3389 ( Terminal Server ) from the firewall to port 3389 on a NT/2000 system behind the firewall. Terminal Server is totally exposed, it's like taking a pipe and tunneling all communications on port 3389 to the NT/2000 system. So if there is a vulnerability in Terminal Server ( which there is ) then Terminal Server is suceptable to this vulnerability, despite the fact that you have the firewall in place. During a scan of your firewall ( with port forwarding enabled on port 3389 ) you would see that port 3389 was open and accepting connections. So you would know that there was a Terminal Server connection there, but the TCP/IP signature and timing would look like a Linux box. Opening a Terminal Server connection to the box would bring up a Terminal Server login screen to a potential intruder. Then he/she could attempt to gain access using any other information that could be gleened from the scan, and possibly guess usernames/passwords etc, or use a known Terminal Server vulnerability to gain access. So in short, port forwarding is creating a tunnel from your firewall into the internal system. Any traffic directed at your firewall on that port will be transferred directly to the internal system. Hope this helps, Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, April 26, 2002 9:12 AM To: [EMAIL PROTECTED] Subject: [Leaf-user] internal NAT question I have situations in which my vpn router is a peer to a proxy server. The proxy server is the default gateway for the servers behind it. Therefore I use NAT on the internal interface to force traffic to the servers back through the router. This is approximately the same thing as port forwarding. Does anyone know of any security implications in this? Thanx. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] internal NAT question
Oh good grief, don't apologize! I didn't take offense. I didn't realize that ipmasqadm portfw bypassed ipchains. Actually, I am glad I know that now since I was thinking of using port forwarding for a couple of servers, I will think twice now. Thanks, Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steve Fink Sent: Saturday, April 27, 2002 12:46 PM To: Tony; LEAF-List Subject: RE: [Leaf-user] internal NAT question Group, Sorry for the unintentional curtness of this post I'm a bit decaffinated. Humbly, Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steve Fink Sent: Saturday, April 27, 2002 10:22 AM To: Tony; LEAF-List Subject: RE: [Leaf-user] internal NAT question Tony, The use of ipmasqadm portfw allows the packets to pass untouched by ipchains. Steve -Original Message- From: Tony [mailto:[EMAIL PROTECTED]] Sent: Friday, April 26, 2002 5:09 PM To: Steve Fink; LEAF-List Subject: RE: [Leaf-user] internal NAT question Would not the ipchains/iptables rules be applied? Could you not say forward only traffic from external_ip/32 to internal_server/32 port 3389 or whatever and essentially say, yeah, this port is open but only for this one client on the internet? All others would be rejected/denied. Or am I mistaken, and that port forwarding bypasses all rules. Thanks, Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Steve Fink Sent: Friday, April 26, 2002 3:55 PM To: LEAF-List Subject: RE: [Leaf-user] internal NAT question Phillip, The security implications are the same as having that port on that machine exposed directly to the internet. Example: Portforwarding port 3389 ( Terminal Server ) from the firewall to port 3389 on a NT/2000 system behind the firewall. Terminal Server is totally exposed, it's like taking a pipe and tunneling all communications on port 3389 to the NT/2000 system. So if there is a vulnerability in Terminal Server ( which there is ) then Terminal Server is suceptable to this vulnerability, despite the fact that you have the firewall in place. During a scan of your firewall ( with port forwarding enabled on port 3389 ) you would see that port 3389 was open and accepting connections. So you would know that there was a Terminal Server connection there, but the TCP/IP signature and timing would look like a Linux box. Opening a Terminal Server connection to the box would bring up a Terminal Server login screen to a potential intruder. Then he/she could attempt to gain access using any other information that could be gleened from the scan, and possibly guess usernames/passwords etc, or use a known Terminal Server vulnerability to gain access. So in short, port forwarding is creating a tunnel from your firewall into the internal system. Any traffic directed at your firewall on that port will be transferred directly to the internal system. Hope this helps, Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Friday, April 26, 2002 9:12 AM To: [EMAIL PROTECTED] Subject: [Leaf-user] internal NAT question I have situations in which my vpn router is a peer to a proxy server. The proxy server is the default gateway for the servers behind it. Therefore I use NAT on the internal interface to force traffic to the servers back through the router. This is approximately the same thing as port forwarding. Does anyone know of any security implications in this? Thanx. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [leaf-user] Dachstein CD iso problem (kind off)
So perhaps I am stating the obvious, but have you considered it's a bad burn? Just because you can read some files doesn't mean all will be readable. I ran into the same problem with full distros. The download MD5 was fine, but when I burned them some files were not readable but I was able to boot and start the install (isn't that always the way, 3/4 into the install..."I'm sorry, I can't find this very important file, please insert the install disk and hit enter") Later Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stefke Sent: Thursday, May 30, 2002 2:23 AM To: guitarlynn Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Dachstein CD iso problem (kind off) Lynn, > Well, the modules are not in a package on the CD, but rather a folder > named modules. This is fine on the .iso format, but will not work > on a msdos formatted harddrive because of DOS fs limitations. > You will need to transfer the modules on the CD to the "/lib/modules" > directory, change the "bang" command in /etc/modules to reflect that > the modules are now in "/lib/modules", and do a full backup of the > "modules" package. > > I hope this helps! > -- > > ~Lynn Avants > aka Guitarlynn I realies that, problem is I can't read those modules from the cd. On a normal (slackware :-) ) linux system, I mounted the iso image. When I try just to copy everything under /mnt/lib/modules to another disk on my normal system I get the same error. So the real problem isn't getting those modules ON my firewall system, but getting those modules FROM the CD. Thanx anyway, Stefaan ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Dachstein CD iso problem (kind off)
Ah, I see. Well, I am using the image from the website burned on a CD and it's working for me. But, the image was downloaded months ago. If it was changed, then all bets are off. Thanks Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stefke Sent: Thursday, May 30, 2002 8:36 AM To: Tony; Stefke Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Dachstein CD iso problem (kind off) Tony, It isn't a "burn". It's just the image file I mounted under Linux with : mount -o loop imagefile.iso /mnt I solved the problem. Just downloaded the kernel file from Charles website, and untarred the modules from there. Still want someone to verify the iso-image that's on the website. Stefaan > > So perhaps I am stating the obvious, but have you considered it's a bad > burn? > > Later > > Tony > Stefaan ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] WISP and orinoco wireless?
Vlad Thanks for the update, also I can tell you that the card from TT are not exactly the same as the one s from Zcomax/Demarc. We have a level of quality the cards must meet and pay for this service, this will be very prevalent on the 200mW cards. FYI we also have the PCMCIA adaptors available. Also yes I can 100% confirm the heating problem on the Senao cards, we found this out while doing FCC testing on our cards. We test many while we where there, we notices the 200mW Senao droped to 110mW when they got hot. Sincerely Tony Morella Demarc Technology Group Office: 908-996-7995 Cell: 908-246-9170 Fax: 908-847-0202 email: [EMAIL PROTECTED] http://www.demarctech.com Wireless Solution Provider -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Vladimir I. Sent: Tuesday, July 23, 2002 10:30 AM To: Zachariah Mully Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] WISP and orinoco wireless? Not all Prism cards are born equal. :-) How everything performs depends on the hardware and firmware used. The one I use and test come from Teletronics/Zcomax (XI-300) and Demarctech. I prefer to use PCMCIA-PCI adapter instead of PLX (I use the one from Teletronics). I know that D-Link 650 (not the plus version, which is based on another chipset) gives problems for some people, but I suspect it may depend on the motherboard used. Beware of the 200mw Senao cards which recently appeared on the market. They are for light office use only and quickly overheat. Zachariah Mully wrote: > > Vladimir- > Is there a problem with PLX based cards? Just wondering because I > picked up a set of USR prism based cards with PLX PCI adapters (model > 2445, $80 for two, one with an external antenna on a 4ft extension, > from > TigerDirect) with the intention of using them with WISP. I was going to > start working on the node tonight, but would greatly appreciate any tips > for working with these cards. > > Thanks, > Zack > > On Tue, 2002-07-23 at 09:24, Vladimir I. wrote: > >>Do you know if this card utilizes something like PLX adapter or has an >>PCMCIA-PCI bridge? >> >>Basicly, please tell the model of the card. >> > > > -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] WISP and orinoco wireless?
Vlad The Symbol cards design is not what we have :) Our cards use the Prism 2.5 MAC and are 100% compatible with any Prism driver, but we have different second stage internal AMP's and RF chips that make this a much better quality cards that the ones based on the Prism 2.5 ref design. Sincerely Tony Morella Demarc Technology Group Office: 908-996-7995 Cell: 908-246-9170 Fax: 908-847-0202 email: [EMAIL PROTECTED] http://www.demarctech.com Wireless Solution Provider -Original Message- From: Vladimir I. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 23, 2002 11:21 AM To: Tony Cc: 'Zachariah Mully'; [EMAIL PROTECTED] Subject: Re: [leaf-user] WISP and orinoco wireless? Yes, sure I wasn't specific. Cards sold by DemarcTech are completely different design than XI-300. Symbol also has 100mW Spectrum24 Prism-based cards; I might be wrong but I think that DemarcTech cards are based on the same design. Tony wrote: > Vlad > > Thanks for the update, also I can tell you that the card from TT are > not exactly the same as the one s from Zcomax/Demarc. We have a level > of quality the cards must meet and pay for this service, this will be > very prevalent on the 200mW cards. FYI we also have the PCMCIA > adaptors available. > > Also yes I can 100% confirm the heating problem on the Senao cards, we > found this out while doing FCC testing on our cards. We test many > while we where there, we notices the 200mW Senao droped to 110mW when > they got hot. > > Sincerely > Tony Morella > Demarc Technology Group > Office: 908-996-7995 > Cell: 908-246-9170 > Fax: 908-847-0202 > email: [EMAIL PROTECTED] > http://www.demarctech.com > Wireless Solution Provider > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Vladimir > I. > Sent: Tuesday, July 23, 2002 10:30 AM > To: Zachariah Mully > Cc: [EMAIL PROTECTED] > Subject: Re: [leaf-user] WISP and orinoco wireless? > > > Not all Prism cards are born equal. :-) How everything performs > depends on the hardware and firmware used. The one I use and test come > from Teletronics/Zcomax > (XI-300) and Demarctech. I prefer to use PCMCIA-PCI adapter instead of > PLX (I > use the one from Teletronics). > > I know that D-Link 650 (not the plus version, which is based on > another > chipset) > gives problems for some people, but I suspect it may depend on the > motherboard used. > > Beware of the 200mw Senao cards which recently appeared on the market. > They are for light office use only and quickly overheat. > > Zachariah Mully wrote: > >>Vladimir- >> Is there a problem with PLX based cards? Just wondering because > > I > >>picked up a set of USR prism based cards with PLX PCI adapters (model >>2445, $80 for two, one with an external antenna on a 4ft extension, >>from >>TigerDirect) with the intention of using them with WISP. I was going > > to > >>start working on the node tonight, but would greatly appreciate any > > tips > >>for working with these cards. >> >>Thanks, >>Zack >> >>On Tue, 2002-07-23 at 09:24, Vladimir I. wrote: >> >> >>>Do you know if this card utilizes something like PLX adapter or has >>>an PCMCIA-PCI bridge? >>> >>>Basicly, please tell the model of the card. >>> >> >> >> > > -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] file system problems.
Screw winzip, use PowerArchiver (www.powerarchiver.com). It supports all the usual types (i.e. zip) as well as RAR, TAR, GZIP...etc. It will allow you to create TAR files on W2K ( I just tried it to make sure). It also supports ACE, CAB and other formats. Check it out. Later, Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Eric B Kiser Sent: Friday, September 06, 2002 2:59 AM To: [EMAIL PROTECTED] Subject: RE: [leaf-user] file system problems. I just checked the help file for WinZip 8.0 and it states... [snip] TAR, Z, GZ, TAZ, and TGZ files are often found on Unix-based Internet sites. TAR stands for Tape ARchive. The TAR format does not provide compression; it is used only to group files. GZ and Z files are gzip files. GZ and Z files cannot contain multiple files. TAZ and TGZ files are TAR files compressed in the gzip format. Since almost all new archives are created in Zip format, WinZip does not provide facilities to add to or create files in these formats (however, all other WinZip functions are supported). WinZip does not use external programs when working with files in these formats. Copyright © 1991-2000 by WinZip Computing, Inc. All rights reserved. [/snip] Regards, Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of S Mohan Sent: Friday, September 06, 2002 12:58 AM To: guitarlynn; [EMAIL PROTECTED] Subject: RE: [leaf-user] file system problems. Winzip reads tar but does not write tar. Saving is in zip format perforce. If I'm wrong, please let me know. Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of guitarlynn Sent: 06 September 2002 09:42 To: [EMAIL PROTECTED] Subject: Re: [leaf-user] file system problems. On Thursday 05 September 2002 22:59, S Mohan wrote: > In the recent past, we have seen a lot of mail on partition size and > associated problems. I initially had problems with MSDOS 8.3 name > format and had to go thro' renaming object files. If we take the > netfilter objects, it is particularly difficult with the long names > where the difference comes only beyond the 8th character. Why not just tar the modules and stick the tar file on the floppy? WinZIP supports tar, doesn't it? ;-) -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Follow-up on archive programs for Windows
I grabbed this from the FAQ on what formats power archiver (www.powerarchiver.com) supports: == Q: Does PowerArchiver support other archive formats besides ZIP? A: Yes, in addition to ZIP files, PowerArchiver currently supports creating and working with CAB, LHA (LZH), TAR, TAR.GZ, TAR.BZ2, and BH (BlakHole) archives, and supports reading and extracting RAR (version 1, 2 & 3), ARJ, ARC, ACE (version 1 & 2), GZIP, BZIP2, and ZOO archives. PowerArchiver also has complete built-in support for XXE, UUE AND MIME (base64) Internet encoded files. No, I have no connection with these guys at all other than being a registered, happy user. Hope this helps, Tony --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] ORIENT BANK OF NIGERIA INVITES YOU
Goodie Goodie Goodie I'm rich! I'm rich HAHAHA, where's the phone so I can call my boss and tell her I quit!!! Stinking Rich Tony "Take this job and shove itI ain't workin here no mo'..." -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of BELLO MOHAMMED Sent: Friday, September 06, 2002 2:57 PM To: [EMAIL PROTECTED] Subject: [leaf-user] ORIENT BANK OF NIGERIA INVITES YOU Greetings, I am Mohammed Bello, Bank Manager of ORIENT BANK OF NIGERIA, Lagos Branch. --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] backup bug in bering/shorwall?
Good Evening, I am putting together a bering fw (rc-3) with the latest version of shorwall. I am making a CD bootable with the packages I need from J-Nilo's instructions. What I am doing is starting with default files, modifying for my setup and doing a full backup to diskette. When I get the setup just right, burn a new CD with the setup and all my config's in place. Now, the funny part. When I make the changes to shorewall, and do a full backup to the floppy, it is losing the /var/lib/shorewall directory and all the contents. I have verified they are listed in the shorwall.list = firewall: -root- # cat shorwall.list etc/init.d/shorewall etc/shorewall sbin/shorewall var/lib/shorewall var/lib/lrpkg/shorwall.* = Also, I read a thread on the shorwall user list regarding this, but it was mentioned that the /var/lib/shorewall entry was missing in the .list file, which you can see above, I have. Any ideas? Thanks, Tony --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] backup bug in bering/shorwall?
DO'H! Sorry, I didn't think to look in there, that was it. Thanks! Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brad Fritz Sent: Sunday, September 08, 2002 8:53 PM To: Tony Cc: Leaf-User Subject: Re: [leaf-user] backup bug in bering/shorwall? Hi Tony, On Sun, 08 Sep 2002 17:13:21 -0400 Tony wrote: > Good Evening, > > I am putting together a bering fw (rc-3) with the latest version of > shorwall. I am making a CD bootable with the packages I need from J-Nilo's > instructions. What I am doing is starting with default files, modifying > for my setup and doing a full backup to diskette. When I get the setup just > right, burn a new CD with the setup and all my config's in place. > > Now, the funny part. When I make the changes to shorewall, and do a full > backup to the floppy, it is losing the /var/lib/shorewall directory and all > the contents. I have verified they are listed in the shorwall.list > = > firewall: -root- > # cat shorwall.list > etc/init.d/shorewall > etc/shorewall > sbin/shorewall > var/lib/shorewall > var/lib/lrpkg/shorwall.* > > = > > Also, I read a thread on the shorwall user list regarding this, but it was > mentioned that the /var/lib/shorewall entry was missing in the .list file, > which you can see above, I have. > > Any ideas? Not positive, but this sounds like the typical LEAF with shorewall >= 1.3.3 problem. Have you edited root.exclude.list to remove the /var/lib/shorewall entry? Full instructions at http://shorewall.net/errata.htm#Upgrade . --Brad --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] OT: Won't boot if headless
Some motherboards (my Zeos 486 for example) have just a field that says "keyboard" where you can set enable/disable. For the longest time, I had no idea why you'd want to disable a keyboard (and how you'd re-enable it once it's disabled). Silly me. Disable the *search* for a keyboard on boot; if it's there, use it.if not, then the machine doesn't worry about it. Finally, if it is such a pain to get it to boot without a keyboard, why not get a compact one, plug it in and just set it aside? Changing motherboards seems extreme and expensive compared to a $10 compact, low-tech solution. Good Luck Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ewald Wasscher Sent: Tuesday, September 24, 2002 4:26 PM To: Warren Post Cc: leaf-user Subject: Re: [leaf-user] OT: Won't boot if headless On Tue, 2002-09-24 at 22:04, Warren Post wrote: > This is a hardware problem, not a LEAF problem. But perhaps someone has > faced this issue before. > > Now that I have sshd working on our Dachstein box I want to > run it headless. Only now do I discover that it won't boot unless I plug > a keyboard back in. As a workaround I've got an old keyboard that > doesn't work very well plugged into the box, but that is both an > inelegant solution and a temptation to idle fingers. And our frequent > power outages mean that the box must reboot often and reliably. > > I suspect that the problem is hardwired and the only solution is to > change the motherboard. (I see no BIOS settings that should affect the > keyboard.) But somebody prove me wrong, please. In many bioses there is an option like "Halt on:" where you can choose if your machine should refuse booting if it has no keyboard, no videocard etc, or that it should boot without those. You should be able to find more information in the manual of the mainboard. For most mainboards the manual can be found at the manufacturer's website if you don't have it anymore. Ewald Wasscher --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] What's this guy trying?
Microsoft SQL server listens on that port (1433)...there's a worm going around that is looking for unprotected SQL server hosts. Hopefully this doesn't wrap: http://securityresponse.symantec.com/avcenter/venc/data/digispid.b.worm.html Hope that helps Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL PROTECTED] Sent: Monday, October 14, 2002 6:09 PM To: Jon Clausen; [EMAIL PROTECTED] Subject: Re: [leaf-user] What's this guy trying? port 1433.. isn't that Citrix or more specifically the ICA protocol. Or was it VNC... joey On Mon, 14 Oct 2002 23:29:42 +0200 Jon Clausen <[EMAIL PROTECTED]> wrote: > Logged into a remote Dachstein box to check up on > something else, and I > see huge amounts of denied packets in > /var/log/messages... > > Connection attempts from f.x: > > 10.131.224.1:3 -> 62.243.222.62:1 > ^^unknown^^ ^^my remote^^ > > I see a bunch of these from different IPs (that is, from > port 3 to port > 1)... dunno what to make of that, but then there's this > guy: > > # grep 65.82.107.120 $_ | nl > 1 Oct 14 15:05:56 skilderhus kernel: Packet log: > input DENY eth0 > PROTO=1 65.82.107.120:5 62.243.222.62:0 L=56 S=0x00 > I=5685 F=0x T=45 > (#2) > > > ... > >164 Oct 14 15:06:07 skilderhus kernel: Packet log: > input DENY eth0 > PROTO=1 65.82.107.120:5 62.243.222.62:0 L=56 S=0x00 > I=5866 F=0x T=45 > (#2) > > is this some kind of DoS? Am I under attack, or is it > just some > misconfigured box? > > I nmapped the IP, and the only thing that came up was: > Port State Service > 1433/tcp openms-sql-s > > -so I'm guessing it's a zombie windows host... (?) > > TIA > > Jon Clausen --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] OT: Cisco IGS Multiprotocol Router Bridge
Hi Gang, Does anyone have any interest in this piece of hardware? If so, it's yours for the cost of shipping. It has the serial and token ring connectors on the back, along with an aux and console port. I have no documentation and can not help you set it up. I don't have token ring at the house, and doubt I will be installing it anytime soon. If you know how to use it, and _can_ use it, drop me a private e-mail and we can go from there. Now back you your regularly scheduled program already in progress Thanks, Tony --- This sf.net email is sponsored by: See the NEW Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Does this indicate I've been hacked?
Well, my thought is...why not just reboot to be sure. I mean, your LEAF box is running out of RAM disk right? The disk is write protected isn't it? Now, that doesn't mean that it can't happen again, so I would continue to investigate but I would copy all relevant log files to a disk and reboot. Later Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Lynn Avants Sent: Tuesday, January 07, 2003 11:46 PM To: leaf-user Subject: Re: [leaf-user] Does this indicate I've been hacked? On Tuesday 07 January 2003 01:08 pm, Dennis Stephens wrote: > Saw the following in my syslog > > Jan 3 15:17:12 ardentpursuit portsentry[1120]: attackalert: External > command run for host: 218.156.227.172 using command: "/root/add2chain > 218.156.227.172 12345" > > Did that command actually run, or did portsentry prevent it from running? Well, a Google search didn't come up with anything but Win32 exploits and there are (normally) no services running/listening to port 12345 on a LEAF box. The ip MX is owned by Korea Telecom. I don't run portsentry, so I'm not familiar with the output from it. I would definately take a look in your /root directory, but I would doubt your hackeddepending on what LEAF system and add-on packages you're using/config. In any case, I would do a thorough look at the box to make sure, unless somebody has any better insight into this. -- ~Lynn Avants Linux Embedded Appliance Firewall developer http://leaf.sourceforge.net --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Does this indicate I've been hacked?
Hi Lynn, When you say you, you mean the original poster...right? I was responding to him. Anyway, I think your approach would be a better one, backup the whole disk to a blank diskette, reboot the original disk and then you have a snapshot and can compare while returning to a safe condition. That was my first thought was to get back to safe ASAP and save the logs for ip addys and such. I like your approach better. Just as quick, and more complete. Later Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Lynn Avants Sent: Wednesday, January 08, 2003 10:26 AM To: leaf-user Subject: Re: [leaf-user] Does this indicate I've been hacked? On Wednesday 08 January 2003 07:42 am, Tony wrote: > Well, my thought is...why not just reboot to be sure. I mean, your LEAF > box is running out of RAM disk right? All LEAF variants do, you haven't stated what you are specifically using. > The disk is write protected isn't it? Only you can answer that, personally I generally use Cd's or CF cards. > Now, that doesn't mean that it can't happen again, so I would continue > to investigate but I would copy all relevant log files to a disk and > reboot. The log files won't generally indicate anything that was _successful_. I would back _everything_ up on another disk and check the packages from another box.definately root.lrp. I haven't heard of a LEAF firewall that has been compromised in over 3 years now, but you haven't given any ideas of what you've actually setup other than it is LEAF. You may be running telnet to the internet for all I know at this point. I wouldn't expect much more help unless you can give us a lot more specific information than what you have. I would tend to think that you possibly have a compromised box on your LAN or someone is attempting to attack your firewall, but I don't know anything about your system. -- ~Lynn Avants Linux Embedded Appliance Firewall developer http://leaf.sourceforge.net --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Does this indicate I've been hacked?
Hi Brad, I know, hence my last sentence :-) Later, Tony On Wed, 08 Jan 2003 08:42:33 EST Tony wrote: > Well, my thought is...why not just reboot to be sure. I mean, your LEAF box > is running out of RAM disk right? The disk is write protected isn't it? > Now, that doesn't mean that it can't happen again, so I would continue to > investigate but I would copy all relevant log files to a disk and reboot. The problem with that approach is that it a) erases the logs of the incident (unless you save offline copies first) and b) prevents all further forensic analysis. Granted, in some situations those aren't concerns of the firewall administrator. --Brad --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] 2 3com etherlink III cards
Eyal, Do you mean the 3c509 or the 3c905 module? You stated 905 below, and 509 in one of your previous posts. I don't know about the 905 module, but the 3c509.o most certainly does take the argument. That is what I am using right now and without it, the probe finds only one card. Later, Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Eyal Lebedinsky Sent: Saturday, January 11, 2003 5:27 PM To: Leaf-User Subject: Re: [leaf-user] 2 3com etherlink III cards Tony wrote: > > Whatcha need to do is tell the modules file to search for more than the > first one it finds. > > You can do that by specifying the io addys (io=0x200,0x220,etc) or IRQ > (IRQ=5,7,9,etc). I am rather sure that 3c905 does not accept 'io='. Use the 'irq=' with a list. -- Eyal Lebedinsky ([EMAIL PROTECTED]) <http://samba.org/eyal/> --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: Follow up to: Re: [leaf-user] Does this indicate I've been hacked?
Glad to hear it all worked out OK. I had a feeling it would. >As final replies: >> The disk is write protected isn't it? >I normally just boot the disk and then eject it until it is needed again. Now, it's just me, but I write protect it after I do any and all backups, then leave it in. If the power fails, or I need to reboot, then I don't have to make a trip over and push the diskette in. Later Tony --- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] 2 3com etherlink III cards
OK, I have to do some testing here. What I thought were 3c509 cards are SMC-Ultra cards in my setup. Perhaps I am wrong with the arguments the 3c509 module takes. I thought for sure it took the io arg, but examining the code as well as the other input from people like Jeff and Brad make me inclined to think I am wrong. If I am Eyal, I apologize :) I will have to convince myself when I get some time by setting up a box with the 509 cards. Thanks for all the replies. Later, Tony --- This SF.NET email is sponsored by: FREE SSL Guide from Thawte are you planning your Web Server Security? Click here to get a FREE Thawte SSL guide and find the answers to all your SSL security issues. http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] satellite with bering
HI Andrew, Is it a two way connection, or do you have to dial up the ISP with a modem for the return trip? What about the lag? Is there one? If so, how long is it usually? I am happy with cable modem right now, but the idea of satellite, especially two way sat. with the same speed and low latency would be very interesting. Thanks Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Andrew GRAY Sent: Saturday, January 25, 2003 6:52 AM To: 'Paonia Ezrine'; [EMAIL PROTECTED] Subject: RE: [leaf-user] satellite with bering I have a Dachstien CD box running Satellite from iHug here in Australia. I simply downloaded the drivers from the ISPs web site for the Kernel version and installed them. The system has been up for over a month and works well when the ISP gives us a link from the satellite. Andrew Gray -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Paonia Ezrine Sent: Saturday, 25 Jan 2003 10:47 To: [EMAIL PROTECTED] Subject: [leaf-user] satellite with bering I am thinking about getting oneway satellite internet access from http://www.nebulink.com or http://www.copperlink.net/satnet/index.shtml (they both resell the same service). I am wondering if anyone has gotten this to work with bering or any of the other similar fw's out there. If so please let me know how you did it etc. thanks Paonia --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] ide disk insmod errors :(:(:(
Are you declaring them in the same order as the FAQ? Tony > > > DONE , but same prob :( and same insmod answers ... > thanks for your help > > --- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] ide disk insmod errors :(:(:(
I'm sorry, but I thought the link in the parent message was this one: http://leaf.sourceforge.net/devel/jnilo/bucdrom.html, I was confused. You may want to try the order that is listed in the above link, and see if it helps any. Thanks, Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of > [EMAIL PROTECTED] > Sent: Thursday, June 05, 2003 4:05 PM > To: Victor McAllister > Cc: [EMAIL PROTECTED] > Subject: Re: [leaf-user] ide disk insmod errors :(:(:( > > > Surlignage Victor McAllister <[EMAIL PROTECTED]>: > > > [EMAIL PROTECTED] wrote: > > > > >PKGPATH=/dev/fd0u1680 > > > >LRP=root,etc,local,modules,iptables,keyboard,shorwall,ulogd,dnsca > che,weblet,tc, > q > > >os-htb,hdsupp > > > > > >in /etc/boot/modules i copy the ide-mod.o, ide-disk.o and the > > ide-probe-mod.o > > >modules. > > > > > > > > copy the modules to /boot/lib/modules > > declare them in /boot/etc/modules throught the initrd package > > configuration. > > > > see: > > > > http://leaf.sourceforge.net/devel/jnilo/bubooting.html#AEN1157 > > > > remove unused programs from your disk before backing up initrd > > > > > > >declared through the initrd package configuration menu and backup the > > >initrd.lrp package > > >according to the faq. > > http://leaf.sourceforge.net/devel/jnilo/bubooting.html > > > > > >but not working , so whats wrong , thanks for any help > > > > > > > > > > > Victor McAllister > > > copy the modules to /boot/lib/modules > declare them in /boot/etc/modules throught the initrd package > configuration. > > DONE , but same prob :( and same insmod answers ... > thanks for your help > > > > > > > > --- > This SF.net email is sponsored by: Etnus, makers of TotalView, The best > thread debugger on the planet. Designed with thread debugging features > you've never dreamed of, try TotalView 6 free at www.etnus.com. > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] weblet/sed question
Good Evening all, I'm sorry to ask a question like this, but here goes. I want to expand weblet a little and would like some pointers. I'm currently running weblet 1.2 under Bering v1.1. I like the screens where you can view the hits by either port or sorted IP address. What I want to do is, add the functionality of the IP address screen to the port screen. On the IP screen, the addresses are clickable to view the actual hits the IP was associated with. What I would like to do is have the ports be clickable to view a sorted list of IP addresses. So if I clicked port 53, I could get a listing of all the IP's who hit that port. I could then get the offending IP's without having to plow through the current IP list to see who hit what port. Did I describe that clearly enough? I viewed the code to see how the different pages are rendered and how the sub routines are called, but I don't really know sed. I'm not sure where to start. Any pointers would be helpful. Thanks Tony --- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] weblet extension version 2
HI Eric and Jeff, Thanks Eric for the code, this is half of what I was looking for, Jeff gave the other half. If you use the proverb: Give a man a fish, he eats today Teach a man to fish, he eats forever you both gave me one of those lines and I appreciate it. But, I do have some questions about the code, I can get the portsort section to work (from a previous e-mail, but the ipsort section is giving me the headers, but no data under it. I have some observations, but should I move this discussion to the devel list? I don't want to clog up this list with any more messages than necessary. Please advise, and I can pick up with my observations. Thanks, Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of eric wolzak > Sent: Saturday, May 31, 2003 12:26 PM > To: Tony; Leaf-User > Subject: Re: [leaf-user] weblet extension version 2 > > > Hello Tony > > > Another variant is to change in the file viewhits the option ipsort to > - > ipsort) > HEAD=' Hits > IP-Adress ' > > AUS="`grep "DPT=$content " /var/log/messages |\ > sed 's/.*SRC=\(.* \)DST.*$/ href=viewhits?x_\1>\1<\/a><\/td><\/td><\/tr>/'| > sort -n | uniq -c |sort -rn|\ > sed 's/^// > s/ ;; > --- > this is a little bit slower but let you click on each ip address > that tried > to connect to the certain port and shows the messages that it caused, > including those to another port > > Regards > Eric Wolzak > member of the bering crew > > --- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] weblet extension version 2
Hi Ken, Yeah, actually I picked that up. What happened was I was missing a backtick that somehow dropped off when I pasted the code into the window. Thanks, Tony P.S. Thanks for that lookup code, that's also helpful. I had thought about that, but didn't want to push my luck. ;-) > -Original Message- > From: Ken Marshall [mailto:[EMAIL PROTECTED] > Sent: Monday, June 02, 2003 11:55 AM > To: 'Tony'; 'eric wolzak'; 'Leaf-User' > Cc: [EMAIL PROTECTED] > Subject: RE: [leaf-user] weblet extension version 2 > > > Hi Tony, > > I tried this code as well and I think that you have to substitute > /var/log/shorewall.log for /var/log/messages in the code that > Eric provided. > It didn't work for me until I made this change. Perhaps an older > version of > Bering or Dach used the messages file to log packets, hence the confusion. > Please correct me if I'm wrong, Eric. > > Thanks, > Ken > > --- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] LRP
> > political statement - the comment itself has been treated more > carefully in > > terms of "free speach" - very american - I appreciated that. > > pn] Hey, I'm all for freedom of speech. He had every right to do > what he did on his domain. With > that freedom comes responsibility and accountability. I also > appreciated the freedom others > exercised that day or shortly thereafter. ;) > And your right to Freedom of Association. As did I. Tony --- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: Trouble getting started
I don't remember what dist you're running, but I assume it's a recent one with Shorewall? Have you declared both interfaces? If you run lsmod, you should see something like: ip_nat_irc 2032 0 (unused) ip_nat_ftp 2672 0 (unused) ip_conntrack_irc2144 0 (unused) ip_conntrack_ftp2848 0 (unused) 3c509 6564 2 Do you? Thanks Tony - Original Message - From: "Somerlot, Chris" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, June 25, 2003 11:21 AM Subject: [leaf-user] Re: Trouble getting started > Still can't get it going. I have loaded the module for the 3c509 driver, > (I'm using 2 ISA 3c509B cards) but only get 1 showing up in ip addr: > > 1: lo: mtu 16436 qdisc noqueue > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 brd 127.255.255.255 scope host lo > 2: dummy0: mtu 1500 qdisc noop > link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff > 3: eth0: mtu 1500 qdisc pfifo_fast qlen 100 > link/ether 00:a0:24:12:bd:9c brd ff:ff:ff:ff:ff:ff > > nothing in ip route. The meassages log shows the driver is loaded: > > Jun 24 21:53:30 firewall syslogd 1.3-3#31.slink1: restart. > Jun 24 21:53:30 firewall kernel: klogd 1.3-3#31.slink1, log source = > /proc/kmsg started. > Jun 24 21:53:30 firewall kernel: No module symbols loaded. > Jun 24 21:53:30 firewall kernel: BIOS-provided physical RAM map: > Jun 24 21:53:30 firewall kernel: 32MB LOWMEM available. > Jun 24 21:53:30 firewall kernel: Initializing CPU#0 > Jun 24 21:53:30 firewall kernel: Memory: 30128k/32768k available (948k > kernel code, 2252k reserved, -1176k data, 64k init, 0k highmem) > Jun 24 21:53:30 firewall kernel: Dentry cache hash table entries: 4096 > (order: 3, 32768 bytes) > Jun 24 21:53:30 firewall kernel: Inode cache hash table entries: 2048 > (order: 2, 16384 bytes) > Jun 24 21:53:30 firewall kernel: Intel Pentium with F0 0F bug - workaround > enabled. > Jun 24 21:53:30 firewall kernel: Checking 'hlt' instruction... OK. > Jun 24 21:53:30 firewall kernel: PCI: PCI BIOS revision 2.10 entry at > 0xfd9a1, last bus=0 > Jun 24 21:53:30 firewall kernel: PCI: Using configuration type 1 > Jun 24 21:53:30 firewall kernel: PCI: Probing PCI hardware > Jun 24 21:53:30 firewall kernel: Limiting direct PCI/PCI transfers. > Jun 24 21:53:30 firewall kernel: Linux NET4.0 for Linux 2.4 > Jun 24 21:53:30 firewall kernel: Based upon Swansea University Computer > Society NET3.039 > Jun 24 21:53:30 firewall kernel: Serial driver version 5.05c (2001-07-08) > with MANY_PORTS SHARE_IRQ DETECT_IRQ SERIAL_PCI enabled > Jun 24 21:53:30 firewall kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A > Jun 24 21:53:30 firewall kernel: ttyS01 at 0x02f8 (irq = 3) is a 16550A > Jun 24 21:53:30 firewall kernel: Real Time Clock Driver v1.10e > Jun 24 21:53:30 firewall kernel: Software Watchdog Timer: 0.05, timer > margin: 60 sec > Jun 24 21:53:30 firewall kernel: Floppy drive(s): fd0 is 1.44M > Jun 24 21:53:30 firewall kernel: FDC 0 is a National Semiconductor PC87306 > Jun 24 21:53:30 firewall kernel: NET4: Linux TCP/IP 1.0 for NET4.0 > Jun 24 21:53:30 firewall kernel: IP Protocols: ICMP, UDP, TCP, IGMP > Jun 24 21:53:30 firewall kernel: IP: routing cache hash table of 512 > buckets, 4Kbytes > Jun 24 21:53:30 firewall kernel: TCP: Hash tables configured (established > 2048 bind 2048) > Jun 24 21:53:30 firewall kernel: NET4: Unix domain sockets 1.0/SMP for Linux > NET4.0. > Jun 24 21:53:30 firewall kernel: RAMDISK: Compressed image found at block 0 > Jun 24 21:53:30 firewall kernel: Freeing initrd memory: 401k freed > Jun 24 21:53:30 firewall kernel: Freeing unused kernel memory: 64k freed > Jun 24 21:53:30 firewall kernel: 3c509.c:1.19 16Oct2002 [EMAIL PROTECTED] > Jun 24 21:53:30 firewall kernel: http://www.scyld.com/network/3c509.html > > the ip tables shows: > > Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > > Chain POSTROUTING (policy ACCEPT 1 packets, 60 bytes) > pkts bytes target prot opt in out source > destination > > Chain OUTPUT (policy ACCEPT 1 packets, 60 bytes) > pkts bytes target prot opt in out source > destination > > > and the shorewall status shows > > snip > Chain eth0_fwd (0 references) > pkts bytes target prot opt in out source > destination > 0 0 dynamicall -- * * 0.0.0.0/0 > 0.0.0.0/0 > 0 0 rfc1918all -- * * 0.0.0.0/0 > 0.0.0.0/0 state NEW > > Chain eth0_in (0 references) > pkts bytes target prot opt in out source > destination
RE: [leaf-user] Re: Trouble getting started
Nope, I thought that too. I was mistaken. I confused that driver with another card's driver I was using (smc-ultra). The 509 driver will find all the cards inside the box. Here is an abbreviated copy of what my dmesg looks like: PIIX3: not 100% native mode: will probe irqs later hda: MATSHITA CR-581, ATAPI CD/DVD-ROM drive ide0 at 0x1f0-0x1f7,0x3f6 on irq 14 hda: ATAPI 4X CD-ROM drive, 128kB Cache Uniform CD-ROM driver Revision: 3.12 VFS: Can't find a Minix or Minix V2 filesystem on device 03:00. FAT: bogus logical sector size 0 VFS: Can't find a valid FAT filesystem on dev 03:00. eth0: 3c5x9 at 0x200, 10baseT port, address 00 20 af 9e f4 2e, IRQ 5. 3c509.c:1.19 16Oct2002 [EMAIL PROTECTED] http://www.scyld.com/network/3c509.html eth1: 3c5x9 at 0x280, 10baseT port, address 00 20 af 9f 16 09, IRQ 7. 3c509.c:1.19 16Oct2002 [EMAIL PROTECTED] http://www.scyld.com/network/3c509.html klips_info:ipsec_init: KLIPS startup, FreeS/WAN IPSec version: 1.99 = Notice the two cards listed. Are you sure both cards are working? Have you used 3com's DOS config program to set them up, make sure there are no conflicts with the irq or the io addresses? Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Stefaan Van > Dooren > Sent: Thursday, June 26, 2003 3:22 AM > To: [EMAIL PROTECTED] > Subject: RE: [leaf-user] Re: Trouble getting started > > > If I remember correctly, if you have more then one 3C509, you'll have to > specify the io & irq for both cards when you load the module. It > only probs > for one card automagically. > > Stefaan > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Somerlot, Chris > Sent: woensdag 25 juni 2003 17:22 > To: '[EMAIL PROTECTED]' > Subject: [leaf-user] Re: Trouble getting started > > > Still can't get it going. I have loaded the module for the 3c509 driver, > (I'm using 2 ISA 3c509B cards) but only get 1 showing up in ip addr: > > 1: lo: mtu 16436 qdisc noqueue > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 brd 127.255.255.255 scope host lo > 2: dummy0: mtu 1500 qdisc noop > link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff > 3: eth0: mtu 1500 qdisc pfifo_fast qlen 100 > link/ether 00:a0:24:12:bd:9c brd ff:ff:ff:ff:ff:ff > > nothing in ip route. The meassages log shows the driver is loaded: > > Jun 24 21:53:30 firewall syslogd 1.3-3#31.slink1: restart. > Jun 24 21:53:30 firewall kernel: klogd 1.3-3#31.slink1, log source = > /proc/kmsg started. Jun 24 21:53:30 firewall kernel: No module symbols > loaded. Jun 24 21:53:30 firewall kernel: BIOS-provided physical RAM map: > Jun 24 21:53:30 firewall kernel: 32MB LOWMEM available. > Jun 24 21:53:30 firewall kernel: Initializing CPU#0 > Jun 24 21:53:30 firewall kernel: Memory: 30128k/32768k available (948k > kernel code, 2252k reserved, -1176k data, 64k init, 0k highmem) > Jun 24 21:53:30 firewall kernel: Dentry cache hash table entries: 4096 > (order: 3, 32768 bytes) > Jun 24 21:53:30 firewall kernel: Inode cache hash table entries: 2048 > (order: 2, 16384 bytes) > Jun 24 21:53:30 firewall kernel: Intel Pentium with F0 0F bug - workaround > enabled. > Jun 24 21:53:30 firewall kernel: Checking 'hlt' instruction... OK. > Jun 24 21:53:30 firewall kernel: PCI: PCI BIOS revision 2.10 entry at > 0xfd9a1, last bus=0 > Jun 24 21:53:30 firewall kernel: PCI: Using configuration type 1 > Jun 24 21:53:30 firewall kernel: PCI: Probing PCI hardware > Jun 24 21:53:30 firewall kernel: Limiting direct PCI/PCI transfers. > Jun 24 21:53:30 firewall kernel: Linux NET4.0 for Linux 2.4 > Jun 24 21:53:30 firewall kernel: Based upon Swansea University Computer > Society NET3.039 > Jun 24 21:53:30 firewall kernel: Serial driver version 5.05c (2001-07-08) > with MANY_PORTS SHARE_IRQ DETECT_IRQ SERIAL_PCI enabled > Jun 24 21:53:30 firewall kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A > Jun 24 21:53:30 firewall kernel: ttyS01 at 0x02f8 (irq = 3) is a 16550A > Jun 24 21:53:30 firewall kernel: Real Time Clock Driver v1.10e > Jun 24 21:53:30 firewall kernel: Software Watchdog Timer: 0.05, timer > margin: 60 sec > Jun 24 21:53:30 firewall kernel: Floppy drive(s): fd0 is 1.44M > Jun 24 21:53:30 firewall kernel: FDC 0 is a National > Semiconductor PC87306 > Jun 24 21:53:30 firewall kernel: NET4: Linux TCP/IP 1.0 for NET4.0 > Jun 24 21:53:30 firewall kernel: IP Protocols: ICMP, UDP, TCP, IGMP > Jun 24 21:53:30 firewall kernel: IP: routing cache hash table of 512 > buckets, 4Kbytes > Jun 24 21:53:30 firewall kernel: TCP: Hash tables configured (established > 2048 bind 2048) > Jun 24 21:53:30 firewall ker
Re: [leaf-user] copying files to your firewall.
I take it you don't have a floppy in the machine? Also, I don't have ssh on my box, but I do have sshd and I scp stuff to the box all the time. You can set it up to only listen to the internal interface. But, you seem to already know that. I think Jeff is right, if BBM (Big BossMan) don't want to allow ssh(d) on the box, he best set aside $$$ for downtime and your labor. Tony - Original Message - From: "Charles Holbrook" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, July 14, 2003 11:39 AM Subject: [leaf-user] copying files to your firewall. > I am currently running Bering Uclibc on a system that uses a CF Disk as > the boot media. This disk is inside of the case and thus updating any > software means pulling the system offline unracking it and opening the > box up. About 20 minutes worth of work. Besides ssh does anyone have a > secure means of transfer to bering. Bossman doesn't even want to have > an ssh client on the firewall that can scp out to a single IP address. > Because of this I am pretty much limited to a serial connection to the > box. Any suggestions at all would be greatly appreciated. > > > > --- > This SF.Net email sponsored by: Parasoft > Error proof Web apps, automate testing & more. > Download & eval WebKing and get a free book. > www.parasoft.com/bulletproofapps1 > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing & more. Download & eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Now On-Line but big trouble...
Have you tried running tcpdump or something similar to see where they are originating from, where they are going and what ports are involved? Tony > > But what can make this traffic !!! > > All 90-150 seconds I have around 5-12 packages TX and 2-4 packages RX > --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Now On-Line but big trouble...
You got my other message though, didn't you? With the pointers to the downloadable lrps of tcpdump and libpcap? Let me know and I can resend Thanks Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Michelle > Konzack > Sent: Sunday, July 20, 2003 6:49 PM > To: leaf-user > Subject: RE: [leaf-user] Now On-Line but big trouble... > > > Am 12:52 2003-07-20 -0400 hat Tony geschrieben: > > > >Have you tried running tcpdump or something similar to see where they are > >originating from, where they are going and what ports are involved? > > > >Tony > > No I have not... > > because I curently no running SLINK-System (HD crash) > and can not build new LRP 2.9.4 Packages... > > Michelle > > -- > Registered Linux-User #280138 with the Linux Counter, http://counter.li.org. +--+ | Michelle's Internet-ServiceInh. Michelle Konzack| | FunkLAN-Providerin | +--+ --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Now On-Line but big trouble...
And I'm resending this one as well OK, you need libpcap.lrp, and you can get that here: http://leaf-project.org/devel/ddouthitt/packages/ and you can grab the tcpdump.lrp in the same directory. That should set you up Tony > -Original Message- > From: Michelle Konzack [mailto:[EMAIL PROTECTED] > Sent: Sunday, July 20, 2003 1:07 PM > To: Tony > Subject: RE: [leaf-user] Now On-Line but big trouble... > > > Am 12:52 2003-07-20 -0400 hat Tony geschrieben: > > > >Have you tried running tcpdump or something similar to see where they are > >originating from, where they are going and what ports are involved? > > > >Tony > > tcpdump on LRP 2.9.4 ??? > Is there a tcpdump.lrp ? > > Hmmm, not that I know. > > Michelle > > -- > Registered Linux-User #280138 with the Linux Counter, http://counter.li.org. +--+ | Michelle's Internet-ServiceInh. Michelle Konzack| | FunkLAN-Providerin | +--+ --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Now On-Line but big trouble...
I am resending this message, but including the group as well this time. http://leaf.sourceforge.net/pub/packages-list.html as long as the glibc library is the same (2.0.7), I don't see why any of these wouldn't work. I think you need another library, but I can't remember which one. Same rules apply though. I'd install it and see what it complains about not being installed, then grab that. Tony > -Original Message- > From: Michelle Konzack [mailto:[EMAIL PROTECTED] > Sent: Sunday, July 20, 2003 1:07 PM > To: Tony > Subject: RE: [leaf-user] Now On-Line but big trouble... > > > Am 12:52 2003-07-20 -0400 hat Tony geschrieben: > > > >Have you tried running tcpdump or something similar to see where they are > >originating from, where they are going and what ports are involved? > > > >Tony > > tcpdump on LRP 2.9.4 ??? > Is there a tcpdump.lrp ? > > Hmmm, not that I know. > > Michelle > > -- > Registered Linux-User #280138 with the Linux Counter, http://counter.li.org. +--+ | Michelle's Internet-ServiceInh. Michelle Konzack| | FunkLAN-Providerin | +--+ --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Quick question about Weblet/Bering UClibc
Good evening, I have a quick question about the pretty firewall logs screen in the weblet version that ships with UClibc v1.2.1. The parsefw file, is that a compiled program, or a shell script? I want to make sure it's not corrupt, and also, if it is a compiled program, I assume it would require UClibc libraries to be present to run? I'm trying to add this to a bering v1.1 firewall I have running now, and have copied the relevant files and made all the relevant changes to properly reference the files needed. Long and short of it, if I try to run the relevant command: cat /var/log/shorewall.log | /var/sh-www/cgi-bin/parsefw I am getting: firewall: -root- # cat /var/log/shorewall.log | var/sh-www/cgi-bin/parsefw /var/sh-www/cgi-bin/parsefw: not found Now, this is the dir listing: firewall: -root- # v -rwxr-xr-x1 sh-httpd adm 2452 Mar 15 04:01 checkdisk -rwxr-xr-x1 sh-httpd adm 1935 Aug 17 16:06 checkfw -rwxr-xr-x1 sh-httpd adm 2243 Mar 15 04:06 checkmem -rwxr-xr-x1 sh-httpd adm 9320 Mar 24 16:27 parsefw -rwxr-xr-x1 sh-httpd adm 636 Mar 15 04:35 viewfw -rwxr-xr-x1 sh-httpd adm 2491 Aug 17 16:23 viewhits -rwxr-xr-x1 sh-httpd adm 1804 Mar 15 04:33 viewhits.bak -rwxr-xr-x1 sh-httpd adm 835 Aug 17 16:34 viewlogs lrwxrwxrwx1 root root8 Aug 17 16:46 viewlogs-snort -> viewlogs lrwxrwxrwx1 root root8 Aug 17 16:46 viewlogs-www -> viewlogs -rwxr-xr-x1 sh-httpd adm 738 Aug 17 15:50 viewlogs.backup -rwxr-xr-x1 sh-httpd adm 1575 Mar 15 04:58 viewmasq -rwxr-xr-x1 sh-httpd adm 947 Mar 15 05:01 viewnet -rwxr-xr-x1 sh-httpd adm 808 Mar 23 08:37 viewshorewall -rwxr-xr-x1 sh-httpd adm 1026 Mar 15 05:05 viewsys -rwxr-xr-x1 sh-httpd adm 2648 Mar 14 06:24 weblet.functions As you can see, the file is there, the group and owner are proper, the file is executable (I even tried chmod 777 on it to make sure) and yet it still tells me it can't find the file. I would think if it was a library issue, it would have crapped out with a segfault or something. Any help would be appreciated. Thanks Tony --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Quick question about Weblet/Bering UClibc
Thanks Luis! I had no idea UClibc would not segfault. I appreciate the info, Tony <> > > It is a compiled program and requires the proper uClibc libs... > > > > > I'm trying to add this to a bering v1.1 firewall I have > > running now, and > > have copied the relevant files and made all the relevant > > changes to properly > > reference the files needed. Long and short of it, if I try to run the > > relevant command: > > > > cat /var/log/shorewall.log | /var/sh-www/cgi-bin/parsefw > > > > I am getting: > > > > firewall: -root- > > # cat /var/log/shorewall.log | var/sh-www/cgi-bin/parsefw > > /var/sh-www/cgi-bin/parsefw: not found > > If you get this, the the libs are not present. > > With uClibc it is not mandatory that you get a segfault :) > --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Operation not supported by device
HI guys, Are the two nics recognized? (i.e. what is the output of ip addr show). I do not believe you need the tulip and the natsemi modules loaded. Check the Ethernet How-To at the LDP to see what modules support what cards and whether or not the PCI-Scan module is needed (I don't think it is needed on all PCI cards). You can also read the modules.dep to see if PCI-Scan is needed. Hope that helps somewhat Tony - Original Message - From: "Simon Bolduc" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, August 21, 2003 2:11 PM Subject: Re: [leaf-user] Operation not supported by device > Hey Darcy > > Try loading the pci-scan module as well. I believe this is needed for most > (all?) PCI nics. > > Simon > > Original Message Follows > From: Darcy Parker <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: [leaf-user] Operation not supported by device > Date: Thu, 21 Aug 2003 02:00:48 -0600 > > Good day listers, > > I ma trying to set up a leaf-bering (1.2) FW. I have the following two > NICs > > 3C905-TXIRQ10 D800 > 3C905-TXIRQ9D400 > > I am loading the following modules > > 3c59x.o > netsemi.o > tulip.o > > When it gets to configuing the NICs I get the following errors > > insmodinit_module:netsemi:operation not supported by device > tulipinit_module:tulip:operation not supported by device > > Does this mean the only driver I need is 3c59x? Am I missing something else > here? > > Best Regards, > Darcy Parker > > > > > --- > This SF.net email is sponsored by: VM Ware > With VMware you can run multiple operating systems on a single machine. > WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines > at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > _ > Add photos to your e-mail with MSN 8. Get 2 months FREE*. > http://join.msn.com/?page=features/featuredemail > > > > --- > This SF.net email is sponsored by: VM Ware > With VMware you can run multiple operating systems on a single machine. > WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines > at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] RE: [leaf-devel] Quick question about Weblet/Bering UClibc
HI Sean, Actually, I was using the file from the UClibc dist on a regular Bering (Glibc 2.0.7) dist. I wasn't seeing a segfault, so I figured it was an HTML error (I was also tweaking the weblet app). The funny thing is, I downloaded the source for parsefw to my development box running in UML, and I could not get it to compile. It was crapping out because it didn't want to process include/parse.h (Nothing to be done for make all in /include or something close to that). When it got into the src directory, main.c was complaining it needed parse.h. I haven't tried tracking that problem down yet. Thanks Tony > -Original Message- > From: Sean [mailto:[EMAIL PROTECTED] > Sent: Wednesday, August 20, 2003 11:12 PM > To: 'Tony' > Cc: 'Leaf-User' > Subject: RE: [leaf-devel] Quick question about Weblet/Bering UClibc > > > parsefw is a C program. It needs C libraries. Can you copy the file > onto a full distro and do a >file parsefw and see what it says? It > might be corrupt. Can you copy the file from another version of the > firewall and try to run that. > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Tony > > Sent: Sunday, August 17, 2003 10:26 PM > > To: LEAF-Dev > > Cc: Leaf-User > > Subject: [leaf-devel] Quick question about Weblet/Bering UClibc > > > > > > Good evening, > > > > I have a quick question about the pretty firewall logs screen > > in the weblet version that ships with UClibc v1.2.1. The > > parsefw file, is that a compiled program, or a shell script? > > I want to make sure it's not corrupt, and also, if it is a > > compiled program, I assume it would require UClibc libraries > > to be present to run? > > > > I'm trying to add this to a bering v1.1 firewall I have > > running now, and have copied the relevant files and made all > > the relevant changes to properly reference the files needed. > > Long and short of it, if I try to run the relevant command: > > > > cat /var/log/shorewall.log | /var/sh-www/cgi-bin/parsefw > > > > I am getting: > > > > firewall: -root- > > # cat /var/log/shorewall.log | var/sh-www/cgi-bin/parsefw > > /var/sh-www/cgi-bin/parsefw: not found > > > > Now, this is the dir listing: > > firewall: -root- > > # v > > -rwxr-xr-x1 sh-httpd adm 2452 Mar 15 04:01 checkdisk > > -rwxr-xr-x1 sh-httpd adm 1935 Aug 17 16:06 checkfw > > -rwxr-xr-x1 sh-httpd adm 2243 Mar 15 04:06 checkmem > > -rwxr-xr-x1 sh-httpd adm 9320 Mar 24 16:27 parsefw > > -rwxr-xr-x1 sh-httpd adm 636 Mar 15 04:35 viewfw > > -rwxr-xr-x1 sh-httpd adm 2491 Aug 17 16:23 viewhits > > -rwxr-xr-x1 sh-httpd adm 1804 Mar 15 04:33 viewhits.bak > > -rwxr-xr-x1 sh-httpd adm 835 Aug 17 16:34 viewlogs > > lrwxrwxrwx1 root root8 Aug 17 16:46 > > viewlogs-snort -> > > viewlogs > > lrwxrwxrwx1 root root8 Aug 17 16:46 > > viewlogs-www -> > > viewlogs > > -rwxr-xr-x1 sh-httpd adm 738 Aug 17 15:50 > > viewlogs.backup > > -rwxr-xr-x1 sh-httpd adm 1575 Mar 15 04:58 viewmasq > > -rwxr-xr-x1 sh-httpd adm 947 Mar 15 05:01 viewnet > > -rwxr-xr-x1 sh-httpd adm 808 Mar 23 08:37 viewshorewall > > -rwxr-xr-x1 sh-httpd adm 1026 Mar 15 05:05 viewsys > > -rwxr-xr-x1 sh-httpd adm 2648 Mar 14 06:24 > > weblet.functions > > > > As you can see, the file is there, the group and owner are > > proper, the file is executable (I even tried chmod 777 on it > > to make sure) and yet it still tells me it can't find the file. > > > > I would think if it was a library issue, it would have > > crapped out with a segfault or something. > > > > Any help would be appreciated. > > > > Thanks > > > > Tony > > > > > > > > > > --- > > This SF.Net email sponsored by: Free pre-built ASP.NET sites > > including Data Reports, E-commerce, Portals, and Forums are > > available now. Download today and enter to win an XBOX or > > Visual Studio .NET. > > http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet > _072303_01/01 > > ___ > leaf-devel mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-devel > > --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] OT - How many users will a T1 line service?
> In fact, if it's JUST for web, open up 80, 443 > and only what you need, otherwise, getting it locked down once it opens, > will be almost impossible. > I take it you mean impossible from a political point of view, not technical...right? Once they've tasted the fruit of unlimited access, they will be much less willing to give it up. Tony --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering lost it's NICs
That's odd, I have two Bering installations, one regular, once UClibc and both are running 3Com 509B cards. Are your cards the 509 or 509B? I'm not having any problems, but i have access to both type of cards. I could try to recreate the problem at my end with a test machine to narrow down the problem. Let me know all the specs on hardware so I can try to duplicate your machine as closely as possible. Thanks Tony - Original Message - From: "Roger E McClurg" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, September 03, 2003 10:00 AM Subject: RE: [leaf-user] Bering lost it's NICs > I reported this same problem some months ago. I used Dachstein for a year > with no problem. As soon as I changed over to Bering 1.2 the internal NIC > would cease responding after it got any kind of a load. Transferring a 1 > meg file would do it. No one on the list seemed to have the problem except > me. > > It looks like the problem is in the Bering drivers for the particular > NICs. The NIC that had the problem for me was a 3Com 3C509. I tried > downloading the drivers from the Bering site again just to be sure I > didn't have a corrupted driver (Yep, I made sure they were for the same > kernel). No matter the driver I had the exact same problem. > > I didn't have the time keep slogging at the problem, so I went back to > Dachstein and the problem went away. Eventually I loaded Bering on a > different computer with newer NICs and had no problems at all. > > Roger > > >To: [EMAIL PROTECTED] > >Subject: RE: [leaf-user] Bering lost it's NICs > >From: "J. James" <[EMAIL PROTECTED]> > >Date: Tue, 02 Sep 2003 09:44:23 +0300 > > > >Hi > > > >It's nice to see someone else also having the same problem... I'm sorry: > I > >just read about a pop star visiting a local jail and the first thing he > >said to the audience was "nice to see so many of you here today" ;-) > > > >> I have the same problem from Bering V1.1 and now Bering V1.2. > >> All nics ok except eth0 with PPPoE providers, on two differents boxes > >> ... > >> Are you using PPPoE ? > > > >No. And maybe I should also tell that I've used the same hardware with > the > >old LRP firewall with no problems. > > > >But surely we can't be the only two unlucky Bering users - can we? Any > help > >would be greatly appreciated. After all I chose Linux/Bering for it's > >stability. > > > > > > > --- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] WAP
Uhhh, those are subnets. I've heard of scopes only when referencing DHCP/BOOTP for the range of IP's to be serviced. If you're using NetBIOS, which you're not from the looks of it, the scope IDs are further described in RFCs 1001/1002. The scope IDs and subnets are similar concepts, but used with different protocols. Tony <<>> > > These are scopes ; > > 10/8 > 172.16.1/24 > 192.168.0.0/24 > > You may run multiple scopes on one subnet(network cable/switch/NIC) and > add rules about who may talk to who. > It can be complicated at first, but it is very powerful, and much easier > than heaps of iptables entries. > > > > /steve --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Problem accessing weblet from internal network
Check your hosts.deny, and you should adjust your weblet config file to reflect your internal network. Default is for an internal network of 192.168.1.0/24 which you don't have anymore. Tony > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Robert > McRostie > Sent: Monday, September 08, 2003 3:27 AM > To: [EMAIL PROTECTED] > Subject: [leaf-user] Problem accessing weblet from internal network > > > Hello All, > After having little success in working out why i can not access > weblet from my internal network here are some of the outputs from > the box. It is a Bering version 1.2 running a dailup and one > ethernet link. --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Firewall Getting Hammered.
Joe, Are you implementing a blacklist with Shorewall? Just add the offending SRC addys to your list and refresh. If they're spamming you with Messenger spam, why would you want them connecting to any legitimate services you have running? I figure if they're lowlifes to begin with, they can do without knowing our servers exist. Good Luck Tony Julian Church wrote: Hi Joe On Mon, 06 Oct 2003 20:23:58 -0500, j d <[EMAIL PROTECTED]> wrote: Anyway, in the last two days I've had a lot of hits on my external eth0 from these two sources (x.x.x.x is my eth0 address leased from the upstream DNS server via pump): Oct 5 07:43:33 cerberus Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:00:bc:11:17:0c:00:04:28:25:9c:54:08:00 SRC=61.143.182.138 DST=x.x.x.x LEN=550 TOS=00 PREC=0x00 TTL=50 ID=0 DF PROTO=UDP SPT=30110 DPT=1026 LEN=530 and Oct 5 08:02:58 cerberus Shorewall:net2all:DROP: IN=eth0 OUT= MAC=00:00:bc:11:17:0c:00:04:28:25:9c:54:08:00 SRC=210.5.22.10 DST=x.x.x.x LEN=367 TOS=00 PREC=0x00 TTL=242 ID=620 PROTO=UDP SPT=32775 DPT=1026 LEN=347 A few informative links here: http://www.google.com/search?q=UDP+1026 Looks like M$ Messenger Service spam. cheers Julian --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] RE: can't ping dmz <-> loc
<>> You state here your subnets are 192.168.1.0/24 and 192.168.10.0/24 > 192.168.1.0/24 dev eth1 proto kernel scope link src > 192.168.1.254 > 192.168.10.0/24 dev eth2 proto kernel scope link > src 192.168.10.100 > 128.142.112.0/20 dev eth0 proto kernel scope link > src 128.142.121.254 > default via 128.142.112.1 dev eth0 <> Yet below, you state eth2 = 192.168.1.100 > > i don't have a /etc/network.conf ? > this is the default /etc/interfaces, > as i understand, i can't have dmz on same network > as the loc > here it is 192.168.1.x for both the dmz and loc ?? > > auto eth1 > iface eth1 inet static > address 192.168.1.254 > masklen 24 > broadcast 192.168.1.255 > auto eth2 > iface eth2 inet static > address 192.168.1.100 > masklen 24 > broadcast 192.168.1.255 If this is true, that's your problem. Your routing table doesn't match your interfaces table. What is the result of "ip addr show"? Tony --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Question on Shorewall/blacklist/DNAT
Good Morning, I have the latest version of Bering UlibC with shorewall 1.4.5. I also run a DMZ with an ftp server. The DNAT rule logs at the info level so I can see who is accessing the server. I have blacklisted China and Korea according to http://www.okean.com/asianspamblocks.html Now, last night, I get a hit from: Dec 21 01:09:40 firewall kernel: Shorewall:net_dnat:DNAT:IN=eth0 OUT= MAC=00:20:af:9f:15:ff:00:09:12:85:08:70:08:00 SRC=210.82.163.1 DST=66.67.173.226 LEN=60 TOS=0x10 PREC=0x00 TTL=38 ID=24530 DF PROTO=TCP SPT=3457 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0 But, my blacklist includes 210.82.0.0/15 Also, my shorewall log shows no hit which I didn't expect to, and the counter in "shorewall status" shows one hit for that range. My question is, did he get blocked or allowed access? It looks as thought he got access. Thanks, Tony --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Question on Shorewall/blacklist/DNAT
Yup, did all that. The actual file reads: net eth0detect dhcp,routefilter,norfc1918,blacklist loc eth1detect dmz eth2detect And the ip's are showing up in the shorewall status under the blacklist column. Thanks Tony Victor McAllister wrote: Tony wrote: Good Morning, I have the latest version of Bering UlibC with shorewall 1.4.5. I also run a DMZ with an ftp server. The DNAT rule logs at the info level so I can see who is accessing the server. I have blacklisted China and Korea according to http://www.okean.com/asianspamblocks.html Now, last night, I get a hit from: Dec 21 01:09:40 firewall kernel: Shorewall:net_dnat:DNAT:IN=eth0 OUT= MAC=00:20:af:9f:15:ff:00:09:12:85:08:70:08:00 SRC=210.82.163.1 DST=66.67.173.226 LEN=60 TOS=0x10 PREC=0x00 TTL=38 ID=24530 DF PROTO=TCP SPT=3457 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0 But, my blacklist includes 210.82.0.0/15 Also, my shorewall log shows no hit which I didn't expect to, and the counter in "shorewall status" shows one hit for that range. My question is, did he get blocked or allowed access? It looks as thought he got access. Thanks, Tony Did you actually put the word blacklist in the interfaces file /etc/shorewall/interfaces net ppp0norfc1918,blacklist as welll as fil out the list of IPs to blacklist then do a backup and a shorewall restart --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Question on Shorewall/blacklist/DNAT
OK, so what you're saying is the packet was logged up in the pre-routing NAT section before it got dropped by the blacklisting filter at the Forward section? Thanks, Tony Tom Eastep wrote: <> No. Blacklist rules are enforced in the 'filter' table whereas DNAT is logged out of the 'nat' table. See http://www.shorewall.net/NetfilterOverview.html -Tom --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] e1000 module (version 4.3.15) for Dachstein?
I don't have specific info for that card, but when I've had cards that have been acting that way, it's either been that the card was conflicting with another device, or that the module needs the io address specified. Hope that helps somewhat. Tony - Original Message - From: "Miguel De Avila" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 22, 2003 1:53 PM Subject: [leaf-user] e1000 module (version 4.3.15) for Dachstein? > Does anyone have the compiled e1000 module (version 4.3.15) for the Intel > Pro/1000 MT Dual Port nic? I believe that the 4.3.15 version of the driver > is the most recent one for 2.2 kernels. > > I'm using Dachstein v1.0.2, which has version 3.0.16. Unfortunately when I > try and load the module I get > >insmod: init_module: e1000: Device or resourrce busy. > > I'm running on a Dell PowerEdge 650. I'm hoping that a new version of the > driver will do the trick. > > thanks, > > Miguel DeAvila > > _ > Check your PC for viruses with the FREE McAfee online computer scan. > http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 > > > > --- > This SF.net email is sponsored by: IBM Linux Tutorials. > Become an expert in LINUX or just sharpen your skills. Sign up for IBM's > Free Linux Tutorials. Learn everything from the bash shell to sys admin. > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Where to get libs for Bering uClibc ???
UlibC is a replacement for GlibC. Perhaps UlibC doesn't support GLIBC_PRIVATE call? Have you tried asking the UlibC people how to resolve this error? I suspect they could be of more specific help. Now, as a disclaimer, I'm not a library expert either, and certainly can't speak for any of the other people on the list...this was my best guess at a sloution. Tony - Original Message - From: "Hugues Belanger" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, January 06, 2004 2:12 PM Subject: [leaf-user] Where to get libs for Bering uClibc ??? > Hi all, > > I see most people are not interested in helping me. I'm trying to add java > support to Bering for a little demo we are doing and I'm having a [EMAIL PROTECTED] > of of > time doing it. Excuse my ignorance, but I'm not linux expert...! > > I'm trying to add libpthread and libdl from a redhat 7.3 distro and I'm > getting this error when calling /usr/local/j2re/bin/java : > > /lib/libc.so.6: version `GLIBC_PRIVATE' not found (required by > /lib/libpthread.so.0) > > Please help > > Hugues > > > > --- > This SF.net email is sponsored by: IBM Linux Tutorials. > Become an expert in LINUX or just sharpen your skills. Sign up for IBM's > Free Linux Tutorials. Learn everything from the bash shell to sys admin. > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering can't handle Dell GX150 integrated Ethernet?
Wouldn't this be accomplished in the modules config, where you identify the modules you want to load? = #ne2k-pci # card1,card2 #ne io=0x300,0x350 = As I found out, some modules (3c509 for example) don't take these arguments, some modules do (smc-ultra). I would grab the source for the modules and read it to see if there are any clues in there. Good Luck Tony Henning Jebsen wrote: With Bering, using the 3c59x.o module found via the Bering installation guide, neither interface is brought up. Did you try to append a boot-Parameter like ether=0,0,eth0 ether=0,0,eth1 The exact syntax for ether= may be found in the ethernet-howto: snip There are two ways that you can enable auto-probing for the second (and third, and...) card. The easiest method is to pass boot-time arguments to the kernel, which is usually done by LILO. Probing for the second card can be achieved by using a boot-time argument as simple as ether=0,0,eth1. In this case eth0 and eth1 will be assigned in the order that the cards are found at boot. Say if you want the card at 0x300 to be eth0 and the card at 0x280 to be eth1 then you could use LILO: linux ether=5,0x300,eth0 ether=15,0x280,eth1 snip good luck --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] LEAF and H323
HI Stelios, I have one question in line Stelios Koroneos wrote: Robert, Here is what i did to get netmeeting going through Bering 1.2 In the modules i have declared the following (remove the ftp and irc modules if you don't need them) # Masquerading 'helper' modules # Other modules available in bering/modules/net/ipv4/netfilter ip_conntrack_ftp ip_conntrack_irc ip_conntrack_h323 ip_nat_ftp ip_nat_irc ip_nat_h323 and in shorewall rules you have to add the following (I assume you are NATing you connection) DNATawmn1 loc:192.168.1.3tcp 1720- 10.18.213.1 where awmn1 is your interaced name ] What is an interaced name? loc:192.168.1.3 is the local machine where the netmeeting calls will be directed and 10.18.213.1 is your outside network address The above set up works well on a wireless network with 3 interfaces, accepting and placing netmeeting calls. What it does not do, is work well with a Gatekeeper (when calling or receiving calls from VOIP telephones or other Netmeeting pc's using a Gatekeeper) but this is a problem that the Gatekepper has with NAT firewalls in general... Stelios Thanks, Tony --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] LEAF and H323
Oi! I feel stupidI see now Thanks! Tony Stelios Koroneos wrote: where awmn1 is your interaced name ] I think Stelios meant "interface" but his keyboard bounced :-) Human operator error... system halted... please reboot operator :-) --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Here is how to use Bering as a bridge with shorewall.
I have a few questions regarding this... Now, if I have this figured correctly, the bridge is transparent to your ISP, so you would need another host behind the bridge to have an address, correct? The use I have in mind would be statically assigned. Also, I would expect the bridge still to work without having an IP assigned to the bridge (if the only reason to have the IP is for management) if you connect via serial cable for management, right? Finally, the firewalling aspect of the bridge only works in the FORWARD chain, right? DNAT and SNAT and all that won't work correctly would it? All I want to do is have the bridge do some rough filtering for me, alot of the background noise such as SQL sweeps and backdoor checking. Perhaps an IDS such as Snort, but I don't know yet. Thanks, Tony Tom Eastep wrote: On Mon, 15 Mar 2004 [EMAIL PROTECTED] wrote: I see I misread the shorewall requirement line on that page. What extra does full bridge functionaliy give? I don't completely understand how briding works, just how I made it work with shorewall and bering. The bering user guide said that bridging and shorewall don't work which is why I assumed that shorewall 2.0 had been the difference. I make the statement that Shorewall doesn't work with bridging because prior to the availability of the experimental code, it was not possible to associate a Shorewall zone with a bridge port. Nevertheless, as you and others have discovered, it is possible to associate a zone with the bridge itself and using ip-address or MAC filtering, it is even possible to control traffic through the bridge. The new bridge code which will be released in Shorewall 2.0.1 will allow you to associate zones with bridge ports. That is made possible by the fact that the physdev match capability is available as a standard part of the 2.6 kernels (it is still an add-on under 2.4). -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: Which Distro for This Firewall/Router?
HI Calvin, Bering and Bering uClibc are kissing cousins, so what you find in the original Bering docs are relevant to Bering uClibc. Any differences are noted in the uClibc docs. Check out: http://leaf.sourceforge.net/doc/guide/binstall.html - Bering Install guide http://leaf.sourceforge.net/doc/guide/busers.html - Bering Users Guide http://leaf.sourceforge.net/doc/guide/buc-install.html - Bering-uClibc Installation Guide http://leaf.sourceforge.net/doc/guide/buc-user.html - Bering-uClibc User's Guide As far as your requirements, I think you'll find either to be up to snuff, with the exception there is no web based configuration at this time. All CLI baby Don't forget to backup your disk after making changes, as they will be lost upon reboot if you don't. Good Luck Tony Calvin Webster wrote: Well, I've gotten no responses from the list so I think I'm going with the "Bering-uClibc" distribution since it seems to be more actively maintained than most of the others and apparently can handle the multiple interfaces I'll need. Hopefully, someone will chime in with some pointers when they get the time. From what I've found so far, there is precious little "real" documentation on installation, configuration, and implementation. A nice HTML or PDF User Guide would be nice. Thanks in advance for any suggestions. :-) --Cal Webster On Tue, 2004-03-16 at 18:17, Calvin Webster wrote: I've been looking over the LEAF distros for a candidate to build a set of border firewall/routers. They are to replace existing devices built with PC hardware and commercial DOS-based firewall software. I have several questions. Here are a few to start: 1. Given the details below, which distro would be most appropriate? 2. Given the firewall/routing requirements, which dynamic routing protocols would be recommended. 3. Suggestions on configuring IPSEC VPNs over the untrusted networks? I have given an outline of the project below. This is a fictitious network, but representative of the real project. Details of infrastructure have been obfuscated, but the outline describes project parameters. Please let me know if I've left out anything. Thanks! --Cal Webster There are 4 devices, one in each building at our site. Two of the new firewalls will run on the older hardware, while the other two will run on recently purchased hardware stored in DiskOnChip. Eventually, I want to replace all older platforms with newer machines and run them from DiskOnChip or straight Flash memory. I have some 40 GB hard drives installed in the new machines on which I plan to build the custom kernels and setup the services for testing. Old Hardware Platform: Generic Desktop Chassis AMD K6-2 336 MHz CPU 1MB cache 128 MB RAM 2 GB HDD 1.44 FDD 4 3c905 NICs New Hardware Platform: Cyber Research 2U rack-mount passive backplane chassis CPTD CEL/COP-850 All-In-One Single Board Computer PIII 850 MHz 100 MHz front side bus Intel 82558 10/100-TX (integrated) 768 MB RAM 256 MB DiskOnChip 1.44 FDD USB 4 3C905-TX NIC's I began building one new machine with RedHat Linux 8 but had to put the project on hold after finally getting the drivers to work with DiskOnChip. Here is a summary of the functionality required: Firewall: stateful packet inspection NAT/PAT IPSEC Auth IPSEC VPN tunneling Router: BGP RIP Logging to external syslog server https/ssh configuration/management tool Port Knocking to trigger remote vpn/ssh access Optional user authentication to access Internet Block outbound traffic by IP,subnet,user,port Block all inbound traffic from untrusted networks except that which is initiated from inside Allow all traffic between trusted networks. Fastest available link should be chosen when redundant paths exist. Here is a sketch of the network: DSL = 500 Kbps ADSL Link RF1 = 100 Mbps RF Wireless direct point-to-point link RF2 = 1.5 Mbps RF Wireless direct point-to-point link ISP = 2 Mbps Cable ISP PLANn = Fast Ethernet Private LANs within buildings at site. [PLAN2] [PLAN2] [Remote User] | | | [PLAN1] | [PLAN1] | | | | || [Internet] | | || | Building A Building B| [Firewall 1]<-[RF1]->[Firewall 2]<--->[ISP] ^ \/ ^ \ \ / / \ [DSL][DSL]/ \ \ / / \ \ [Internet] / / \ \ | / / \ \ | / / \
Re: [leaf-user] dachstein & vt100 emulation
TeraTerm Pro? Putty? Tony - Original Message - From: "Arnold Wiegert" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, April 20, 2004 12:28 PM Subject: [leaf-user] dachstein & vt100 emulation > Hi all > > I'm still running Dachstein, but would like to use a serial line to > access the 'box' from a Windows machine. > > Since I haven't found a good & free VT100 emulation program, I've used > and older modem program which does a pretty good job, except for the > page up and down keys. > > They work well enough in the editor at the console but not in the editor > when run on a serial link. > > What am I missing? > > TIA, > Arnold > > > > --- > This SF.Net email is sponsored by: IBM Linux Tutorials > Free Linux tutorial presented by Daniel Robbins, President and CEO of > GenToo technologies. Learn everything from fundamentals to system > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Stumped trying to get Bering uClibc 2.2.0b4 interfaces to "light up"
Hi John, Did you set the cards up with PNP turned off? Are you sure nothing is conflicting with the io addresses or the IRQ's? Also, what does the interfaces config file hold? I believe from memory it's in lfcfg>networks>#1 (interfaces) Thanks Tony --- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] NIC Module?
What is the output of ls in the /lib/modules directory? Did you actually
place the module in /lib/modules? Or, if using a CD ROM, reference the path
to the module?
Remember, if you move a module into /lib/modules, you have to backup the
floppy or you're just wasting your time.
Good luck
Tony
- Original Message -
From: "Andrew Nance" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, October 29, 2004 3:48 PM
Subject: RE: [leaf-user] NIC Module?
> It's me again, trying to get the Kingston KNE111TX working
> I am running Bering-uClibc 2.2.0
> With a 3 nic setup:
> Eth0 is internet - currently Realtek 8029(AS){trying to switch to
Kingston}
> Eth1 is lan - currently Realtek 8139
> Eth2 is dmz - currently Realtek 8139
>
> My system was working fine before, but I wanted to replace my eth0 nic
> (8029) with this Kingston KNE111TX because it has activity led's. I like
to
> watch the blinking lights.
> I simply swopped the eth0 nic and unremarked tulip module but it still
> doesn't work yet. Any help is greatly appreciated.
>
> Modules loaded are:
> Crc32
> 8390
> ne2k-pci
> mii
> 8139too
> tulip
>
> Here are my outputs:
>
> uname -a
> Linux firewall 2.4.26 #1 Mon Jun 28 20:08:59 CEST 2004 i686 unknown
>
> ip route show
> 24.227.166.192/29 dev eth0 proto kernel scope link src 24.227.166.194
> 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254
> default via 24.227.166.193 dev eth0
>
> ip addr show
> 1: lo: mtu 16436 qdisc noqueue
> link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
> inet 127.0.0.1/8 scope host lo
> 2: dummy0: mtu 1500 qdisc noop
> link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
> 3: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:c0:26:62:82:20 brd ff:ff:ff:ff:ff:ff
> inet 24.227.166.194/29 brd 24.227.166.255 scope global eth0
> 4: eth1: mtu 1500 qdisc pfifo_fast qlen 1000
> link/ether 00:05:5d:4b:e3:6e brd ff:ff:ff:ff:ff:ff
> inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1
>
> LSMOD
> Module Size Used byNot tainted
> softdog 1508 1
> ipt_state336 2
> ipt_helper 464 0 (unused)
> ipt_conntrack820 0
> ipt_REDIRECT 544 0 (unused)
> ipt_MASQUERADE 1056 0 (unused)
> ip_nat_irc 2152 0 (unused)
> ip_nat_ftp 2792 0 (unused)
> iptable_nat15716 2 [ipt_REDIRECT ipt_MASQUERADE ip_nat_irc
> ip_nat_ftp]
> ip_conntrack_irc2876 1
> ip_conntrack_ftp3484 1
> ip_conntrack 18312 2 [ipt_state ipt_helper ipt_conntrack
> ipt_REDIRECT ipt_MASQUERADE ip_nat_irc ip_nat_ftp iptable_nat
> ip_conntrack_irc ip_conntrack_ftp]
> 8139too12584 2
> mii 2108 0 [8139too]
> 83905784 0
> crc32 2648 0 [8139too 8390]
>
>
>
> ---
> This SF.Net email is sponsored by:
> Sybase ASE Linux Express Edition - download now for FREE
> LinuxWorld Reader's Choice Award Winner for best database on Linux.
> http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
>
> leaf-user mailing list: [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/leaf-user
> SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
---
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Fwd: Does Leaf works on VMWARE
/me taps mike"is this thing on?" ===repost I don't have VMware, but I do have Virtual PC and have some experience with this. First, just rename the bin file to iso, no big deal. Second, does VMware allow the specification of using a floppy image? Virtual PC does, so I point the floppy to the extracted bootdisk.ima and the CD to the ISO image and it's all good. When you save the configuration, it'll add the db files to the bootdisk.ima file. When you want to burn a CD, I extract the files from the ISO, putting them in a folder called LEAF. I rename the original bootdisk.ima file to bootdisk.ima.original. Then I fire up Nero or Roxio and make a bootable CD using my modified bootdisk.ima file for the floppy image. This makes configuring the system so much easier than doing it onsite with the customer breathing over you. Good luck, Tony ram wrote: >> Check that you don't have a problem with the .iso image >> itself. Burn it to CD, does it boot? Check the md5 sum. >> >> Does the VMWare Server user/group have access all the >> way along the path to the .iso >> >> Are there any problems with virtual or physical nics you >> are giving the VM access to. >> > > > > Hi > > i have seen its downloaded with .bin File > yes iam running vmware as Local user, so Administrator have Full rights to > access the Files > > .bin is the ISO image, i see i have downloaded the other ISO, they are > coming with .ISO image. why is here Bin ? > > > No i have not tried that Burning CD, since i have option of > installtion using ISO image, dont want to waste Another CD > (may be i could do the last option) > > > ram > - > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > > - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Does Leaf works on VMWARE
The bootdisk.ima file on my ISO (ver 3.0.1) is a 1.44 floppy image. Bob Coffman Jr - Info From Data wrote: > The bootdisk image file will not work on VMWare because VMWare chokes on the > odd floppy size. > > What I do to get this working: > > 1. Create new Linux VM with a small hard disk. > 2. Boot to DOS floppy with syslinux/fdisk/format on it. Create DOS > partition, format it, syslinux it. > 3. Boot with a network boot disk (ie. Bart's) and copy the contents of the > boot floppy and the initrd.lrp with hard disk support in it (available from > http://leaf.cvs.sourceforge.net/leaf/bin/packages/uclibc-0.9/28/initrd_ide.l > rp?view=log.) Also, this would be a good time to get the pcnet32.o, mii.o, > and crc32.o module files copied (the latter two are probably included in the > distribution). > 4. Modify leaf.cfg: > PKGPATH="/dev/hda1:msdos" > 5. Modify syslinux.cfg: > default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 > LEAFCFG=/dev/hda1:msdos > > Boot it up and start configuring > > > > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of M Lu > Sent: Monday, January 29, 2007 6:27 PM > To: ram; leaf-user@lists.sourceforge.net > Subject: Re: [leaf-user] Does Leaf works on VMWARE > > > Try to get the bootdisk.ima from the ISO and tell your VMWare to boot from > that floppy image. > > Another solution is to extract all files and then rebuild the ISO with > 'mkisofs' > > > > - Original Message - > From: "ram" <[EMAIL PROTECTED]> > To: > Sent: Monday, January 29, 2007 4:18 PM > Subject: [leaf-user] Does Leaf works on VMWARE > > > >> Hi >> >> Does Leaf works on VMWARE >> >> i have download and try to install, >> when i start the Virtual Machine after selecting ISO image >> i get Boot Error >> >> any help >> >> ram >> -- >> >> > > > - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Fwd: Cable Modem speeds with Bering-uClibc
Andrew Haninger wrote:
> On 2/25/07, George Metz <[EMAIL PROTECTED]> wrote:
>
>> This is almost certainly an issue of half vs. full duplex. The only
>> reason a hub would cause a problem is if you were using a hub to connect
>> the router and the cablemodem. If the cablemodem is directly connected
>> to the LEAF box, you should have no collisions at all showing up,
>> because the SB4200 is usually capable of 100BaseTX Full Duplex.
>>
George is correct. I saw a similar issue with my business's switch. It
was set to force 100M Full duplex and the cards on the machines were set
to auto. They weren't switching to Full Duplex so while everything
worked, it was slow and very heavy with errorsspecifically overruns
and collisions. Once I set the cards to match, there are very few (VERY
few, a few dozen per 10M of traffic)
> Here's my structure:
>
> {Internet}-SB4200-3c509-LEAF-3c509-3Com 10/100 Hub-WinXP
>
> The SB4200 is directly connected (via Cat 5) to the LEAF box. The
> 3c509B's default to half-duplex. When I use ethtool to force them to
> full (eth0 and eth1) the speeds are no different.
>
>
So what was the output to the ip -s command? Without this, you're
assuming there's no difference.
Did you boot into a DOS environment and check the cards with the 3com
program?
>> Speaking of which, check your provider's top available speeds.
>>
> I'm with RoadRunner in the central Ohio area. I've just spent maybe 10
> minutes browsing their site and I'm unable to find their listed top
> speed. However, I'm fairly certain that it is only 5Mb/s. That is
> around the speed I got on the speed tests when I connected the modem
> to my laptop.
>
> As far as I know, my 3c509B's should be able to easily handle those speeds.
>
> Andy
>
Did you try dslreports.com to check what your neighbors might have
reported for their speeds?
They also have a speed test available in their tools section.
Make one change, then test, then another, then test.
Record the results so you can be sure of what's happening.
Don't rely on your memory.
Good Luck,
Tony
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/
Re: [leaf-user] Cable Modem speeds with Bering-uClibc
Exactly Bob, and this was why Andrew, I suggested using the DOS utility to force half-duplex, full duplex with testing performed each time. And as far as the networking terms go, errors = bad. Pretty simple. As you can see with your test, every one of those errors are overruns. 3: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:20:af:17:57:b2 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 741077003 1773743 18161 0 18161 0 TX: bytes packets errors dropped carrier collsns 438580149 852431 0 0 219 2150 4: eth1: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:20:af:3f:53:d4 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 440479032 855735 42710 42710 TX: bytes packets errors dropped carrier collsns 680103683 783492 0 0 0 4193 Andrew, you've spent this much time with this, what's another 20 minutes with the DOS utility (which was designed for that card) to change the settings? Tony Bob Coffman Jr - Info From Data wrote: > One thing to check is that your NICs are negotiating duplex properly. > > > - > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys-and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > > - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
