Re: firewall setup xdsl: eth0/eth1/ppp0?

2003-11-06 Thread Andreas Bohnert 
Doug MacFarlane wrote:

On Wed, 05 Nov 2003 01:15:18 -0900, Ken Irving wrote:

 

On Wed, Nov 05, 2003 at 09:52:42AM +0100, Andreas Bohnert wrote:
   

Hi,
  I don't know how to setup my firewall for my new xdsl connection. I
saw some posting concerning adsl, so maybe there are some
people, who know how to handle this.
 

I'm not sure what you're talking about, with xdsl and lokal, but I'd
recommend the shorewall firewall.
   

I, too, can strongly endorse shorewall.
 

yes, I will have a look at shorewall. it is mentioned many times.

Fundamentally, your internal interface is eth0 and external is ppp0, which
I assume is a pppoe interface, and not pptp like you said.  The pppoe
protocol does NOT use the ethernet interface's IP address for
communications.
it is pptp. pppoe is very common but in austria we use mostly pptp.
I have to setup the ppp daemon and connect with pptp 'router-ip'.
but maybe with pptp the ethernet interface's IP address will also not be 
used..


 Most implementations don't even require it to be
configured with one.  The only way anyone is going to be able to route
traffic to eth1 with a 10. address on it is if they source-route it all
the way AND your, their, and all the ISP's in between, have configured
their routers poorly.
So, setup shorewall with eth0 as the internal, lan, or local interface,
and ppp0 as the external or internet interface.
If you are really paranoid, setup eth1 as a dmz interface, and don't
accept anything into or out of the dmz.
madmac

 

thanks, I will try that!
andreas




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

firewall setup xdsl: eth0/eth1/ppp0?

2003-11-05 Thread Andreas Bohnert 
Hi,
   I don't know how to setup my firewall for my new xdsl connection. I 
saw some posting concerning adsl, so maybe there are some 
people, who know how to handle this.

   here is my situation:

   eth0 is connect to my private network (192.168.0.1).
   my eth1 gets an lokal ip from my xdsl router (subnet 10.x.x.x).
   than I have to build up a tunnel connection with my router with pptp.
   now I have ppp0, which is my xdsl interface.
  
   this works fine, but now I have to setup my firewall!
  
   I know ppp0 is my external interface now, but what about eth1 (which 
is connect to my router)?
   I looked around and some people say, they setup the firewall like this:
   eth0 (private)   = FW_DEV_INT
   eth1 (connect to router) = FW_DEV_INT !!
   ppp0 (xdsl)  = FW_DEV_EXT
  
   but somehow I think, eth1 should be FW_DEV_EXT as well, because it's 
phyiscally connected to the internet.
   also, what about the firewall between ppp0 and eth1 - it shouldn't 
block communication.
  
   so, what do you think, if I configure eth1 as external?

   thanks for any advice!

andreas



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: FIXED: can't start KDE as user

2003-11-03 Thread Andreas Bohnert 
check your diskspace as well!
I had the same situation, and found that my harddisk was nearly full.
After cleaning up, I was able to login as a normal user again
good luck
andreas
Arne Goetje wrote:

On Monday 03 November 2003 15:03, Paul Scott wrote:
 

Paul Scott wrote:

I installed the fixed libc6 without seeming to fix the KDE problem.

I looked at Debian-KDE found a reference to
http://wiki.debian.net/?DebianKDE where I found libsensors-1debian1
 which is missing from sid.  Clicking
that link will D/L it which can be installed with dpkg.  Then you can
install kde-core from sid and maybe that will fix it for you as it did for
me.  It may take a couple of login's before KDE3 shows up in the list and
maybe two logins to KDE3 before it works.
   

That didn't do it for me yet... but I found another interesting thing:
is it correct that the permissions on /usr/X11R6/bin is 700?
I get complains from Xsession that it cannot find certain scripts in that 
directory...

I guess xserver-common sets this permissio as I first chose 'root only' at the 
question who should be able to start the xserver... I later changed it to 
'anyone', but it seems that didn't fix the permissions...

If this can be confirmed it should be a bug in the xserver-common script.

Cheers
Arne
 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Configure PnP Card before Kernel loads modules

2003-10-30 Thread Andreas Bohnert 
thanks andreas,
I will try that.
stupid question:

is sound-slot-0 just a random name?

about the kernel question:
I''m using the 2.4.18 kernel, but he does not auto configure my card - 
maybe this is switched of by default and I have to configure it (good tip!)

thanks
andreas
Andreas Janssen wrote:

Modules from /etc/modules are loaded by /etc/init.d/modutils which is
symlinked to /etc/rcS.d/S20modutils. If you want to have your script
run before that, symlink it to /etc/rcS.d/S??modutils where ?? is less
than 20.
If instead you used update-modules to add a line

alias sound-slot-0 modulename

to /etc/modules.conf, the driver will be loaded when needed.

By the way, are using kernel 2.2 or 2.4? 2.4 has improved isa pnp
support, /maybe/ you won't need to run isapnptools.
best regards
   Andreas Janssen
 



--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Configure PnP Card before Kernel loads modules

2003-10-30 Thread Andreas Bohnert 
Hi,

I have an old but still pretty good ISA PnP Soundcard (EWS64XL) . Now I 
have to initialize the card at boot time BEFORE the kernel loads the 
moduls, otherwise the (sound-)modul will mess up my configuration.  
Which boot script allows me to do some action before the kernel starts 
to load the modules??

In detail:
if have a script (|/etc/init.d/isapnp|) which looks like that:
#! /bin/sh
# /etc/init.d/isapnp: configure Plug and Play boards
test -x /sbin/isapnp || exit 0
/sbin/isapnp /etc/isapnp.conf
exit 0
and a startup script which looks like that:

# Configure the isa plug and play boards before loading
# modules. Need to do this before loading modules to get
# a chance of configuring and starting PnP boards before
# the drivers mess all this up.
#
if [ -x /etc/init.d/isapnp ]
then
 /etc/init.d/isapnp start
thanke for any advice!
andreas
i worked according to the very good tutorial form Marcus Brinkmann:
http://www.tldp.org/HOWTO/Soundblaster-AWE.html#toc2




--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Fw: Plattenfehler

2003-10-27 Thread Andreas Bohnert 
nein, christian hat schon recht:
ein cp -a funtkioniert auf den ersten blick, aber es gibt kleinere probleme:

 ich hab das auch versucht und konnte nicht mehr mit einem normalen user
 unter kde einloggen.
 schau mal, ob das bei dir geht.

 weiss denn jemand, wie man richtig einen clone herstellt?

 gruss
 andreas

> - Original Message - 
> From: "Roland M. Kruggel" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, October 27, 2003 3:21 PM
> Subject: Re: Plattenfehler
>
>
> Am Montag Oktober 27 2003 00:38 schrieb Christian Schmidt:
> > Roland M. Kruggel schrieb/wrote:
> > > Ich habe folgendes vor.
> > > Neue Platte einbauen. Partitionieren, Filesystem aufspielen.
> > > cp -a alteplatte neueplatte.
> >
> > Und schon sind die Zugriffsrechte auf dem Zielvolume dahin...
>
> Nein. Alles da. Hat wunderbar funktioniert.
>
> > > Danach müssten alle Daten auf der neuen Platte vorhanden sein.
> > > Jetzt müsste ich aber lilo aufrufen. Wie sag ich es jetzt lilo das
> > > er nicht die alte platte nimmt sondern die neue Platte?
> >
> > man chroot.
>
> Das leben ist doch soo einfach - wenn man es weis :)
>
> Danke allen für die Hilfe. System ist auf neuer Platte. Verlußtfrei!
>
>
> cu
>
> -- 
> Roland Kruggel mailto: [EMAIL PROTECTED]
> System: AMD 1200Mhz, Debian woody, 2.4.20, KDE 3.1.4
>
>
> -- 
> Haeufig gestellte Fragen und Antworten (FAQ):
> http://www.de.debian.org/debian-user-german-FAQ/
>
> Zum AUSTRAGEN schicken Sie eine Mail an
> [EMAIL PROTECTED]
> mit dem Subject "unsubscribe". Probleme? Mail an
[EMAIL PROTECTED]
> (engl)
>


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Video/grabber devices

2003-10-27 Thread Andreas Bohnert 



Hi,
 
how can i find out, which device names are mapped 
to my video hardware.
I have a WinTv ToGo grabber card and of course my 
video card.
Is my video automatically mapped to 
/dev/video0?
 
I don't know where to look up.
 
Thanks,
Andreas

reanimate old kernel?

2003-10-17 Thread Andreas Bohnert 




Hi,
 
on my vanilla woody 
system i compiled a 2.4.14 kernel and builded a debian 
package.
After some tests I sucessfully removed the package and tried to reanimate 
to old 2.2.20 kernel again.
 
I created a symbolic link /vmlinuz to my old 
kernel. After the reboot the 2.2.20 kernel shows up but I get also lots of 
errors concerning the moduls.
How can I tell the system to use the old moduls 
again?
 
Thanks for any advice
Andreas