Re: [Leaf-user] Getting Dachsein to work
Vince Schiller wrote: I abandoned Eiger and now have attempted Dachstein. I am a little confused by the error message I am getting. No subnet declaration for 'eth1' (0.0.0.0). Please write a subnet declaration in your dhcpd.conf file for the network segment to which eht1 is attached. I've reviewed the file and am uncertain how to write this subnet declaration. The help file suggests that I may need to edit /etc/init.d/dhcpcd as well. I've tried various changes to be sure that all the hardware is working. I am at a loss for how to edit the files. I would appreciate any help I can get on this. Thank you. vince Do you really need dhcpd for your system/systems? If you already have manually assigned ip addresses for your internal machines then having this package would be unecessary. Just edit the syslinux.cfg file and remove dhcpd. On the other hand, it's asking you to submit a subnet segment, like 192.168.0.0, 10.0.0.0, etc. so that it can configure itself and hand out addresses to your machines...Charles has a page for dhcpd, too. http://lrp.steinkuehler.net/Packages/dhcpd.htm -- Patrick Benson Stockholm, Sweden ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Walk-list
If anyone wants a project, you could work on adapting the walklist
function
to support missing numbers and send me the code...
Right now I don't see who to avoid the problem unless you impose some
sort of maximum variable count. The walk_list condition is designed to
stop via
while
eval ITEM=\$$BASENAME$x
[ $ITEM != ]
do
I grepped walk_list in /etc and found 10 instances in both ipfilter.conf
and network.conf. Suppose you set a max list variable size to 20. I
might loose a few pico seconds off my life but how long will that take
lrp to boot for each call to walk_list configured with a max list
variable this big? Wouldn't 20 more than cover all the lists that LRP
uses?
I really dislike the idea of a limit on the number of potential items, but I
also really dislike the fact that a missing number causes walk_list to stop.
Both behaviors seems un-expected, and therefore increasing confusion.
I was intending something like:
for VAR in `set | sed -n /^$BASENAME/{s/=.*//;p;} | sort`
The older versions of LRP/LEAF didn't have a working sort command, so there
was no way to put the variables in the proper order before. Dachstein
includes the functional busybox sort command.
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
___
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Getting Dachsein to work
I abandoned Eiger and now have attempted Dachstein. I am a little confused by the error message I am getting. No subnet declaration for 'eth1' (0.0.0.0). Please write a subnet declaration in your dhcpd.conf file for the network segment to which eht1 is attached. I've reviewed the file and am uncertain how to write this subnet declaration. The help file suggests that I may need to edit /etc/init.d/dhcpcd as well. I've tried various changes to be sure that all the hardware is working. I am at a loss for how to edit the files. I would appreciate any help I can get on this. Thank you. If you're just starting with a Dachstein image, this error indicates your internal network card is not configured. You probably need to load the proper kernel module for your network card(s). Edit /etc/modules to control which modules to load. If you're lucky, the module(s) you need will already be on the disk. If not, you'll have to download them and add them to your floppy. More detailed directions are available in the readme file on the floppy. You can find out which kernel module your network cards require from section 4 of the linux Ethernet-HOWTO: http://www.linuxdoc.org/HOWTO/Ethernet-HOWTO.html Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Getting Dachsein to work
I was a complete LRP newbie and this website helped me immensely. http://leaf.sourceforge.net/pub/doc/guide/install-eigerstein/eiger-contents. html -Original Message- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 06, 2001 7:57 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject:Re: [Leaf-user] Getting Dachsein to work I abandoned Eiger and now have attempted Dachstein. I am a little confused by the error message I am getting. No subnet declaration for 'eth1' (0.0.0.0). Please write a subnet declaration in your dhcpd.conf file for the network segment to which eht1 is attached. I've reviewed the file and am uncertain how to write this subnet declaration. The help file suggests that I may need to edit /etc/init.d/dhcpcd as well. I've tried various changes to be sure that all the hardware is working. I am at a loss for how to edit the files. I would appreciate any help I can get on this. Thank you. If you're just starting with a Dachstein image, this error indicates your internal network card is not configured. You probably need to load the proper kernel module for your network card(s). Edit /etc/modules to control which modules to load. If you're lucky, the module(s) you need will already be on the disk. If not, you'll have to download them and add them to your floppy. More detailed directions are available in the readme file on the floppy. You can find out which kernel module your network cards require from section 4 of the linux Ethernet-HOWTO: http://www.linuxdoc.org/HOWTO/Ethernet-HOWTO.html Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Weblet doesn't work in Dachstein 1.0.2
Upgraded from Dachstein rc2 to 1.0.2. Now the weblet-server doesn't work anymore. Netscape: The document contained no data. Opera: Simply hangs. Daemon.log shows that I tried to connect to the server. So the server is running. -- Best regards, M@X. * Climate Control Psychedelic Soundscapes - http://go.to/cchq/ * Linux Shell Scripts RPM Software Packages - http://go.to/conmen/ ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Weblet doesn't work in Dachstein 1.0.2
Check I the weblet.conf and make sure that u have you Network IP listed as machines that can connnect to the weblet server -Original Message- From: Maxim Heijndijk [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 06, 2001 16:10 To: Leaf-user Mailing List Subject: [Leaf-user] Weblet doesn't work in Dachstein 1.0.2 Upgraded from Dachstein rc2 to 1.0.2. Now the weblet-server doesn't work anymore. Netscape: The document contained no data. Opera: Simply hangs. Daemon.log shows that I tried to connect to the server. So the server is running. -- Best regards, M@X. * Climate Control Psychedelic Soundscapes - http://go.to/cchq/ * Linux Shell Scripts RPM Software Packages - http://go.to/conmen/ ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Weblet doesn't work in Dachstein 1.0.2
Upgraded from Dachstein rc2 to 1.0.2. Now the weblet-server doesn't work anymore. Netscape: The document contained no data. Opera: Simply hangs. Daemon.log shows that I tried to connect to the server. So the server is running. Hmm...it works on my test systems here. Have you made any changes to your internal network settings? Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] SNMP Monitoring of Dachstein
I have some basic SNMP monitoring of my Dachstein machines working using the old SNMP package and MRTG. With these I keep a constant graph of the activities of eth0, eth1 and ipsec0 on both ends of my test VPN tunnel. I converted to net-snmp and everything is still working (thanks people for standards). My next task is to add monitoring of the memory, CPU, and RAM disks. The result would be a single web page which provides a continuous graph of the health of the LEAF boxes. You can see at a glance where something may be going wrong. Since MRTG also does such a nice job of keeping a running summary of the data on a daily, weekly, monthly and yearly basis. You can also use the data to predict when you may need to make changes on a system. Others have setup MRTG to do this kind of thing on their Linux servers. I was wondering if anyone here have already done something similar and have some MRTG scripts that work with the net-snmp mibs that they can share, or maybe just some pointers. When I'm done I'll give what I have to Charles. He needs some more packages to fill up that Dachstein CD. ;-) Roger ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2 copies of etc in backup (Was: Migrating Dachstein1.0.2-CD to harddrive?)
On Thu, 2001-12-06 at 07:01, Charles Steinkuehler wrote: It should be pretty much exactly like running Eiger off a HDD or flash. One added benifit to Dachstein: it already has support for boot-time loading of modules (see the SCSI section of my HDD HOWTO). This means you can simply put modules in /boot/lib/modules, edit /boot/etc/modules, backup root, and support whatever wacky hardware you want to boot from... I noticed that on the CD the /lib branch is uncompressed and so under the ISO9660 type the file names can be longer than the 8+3 DOS limitation. If I format the HDD as an MSDOS partition then the uncompressed files are limited to 8+3. Do I need to format the drive as vfat to preserve the long filenames or is there some mechanism which untars a tgz archive into the minix fs for the /lib branch? I'd just revert back to the 'normal' way of installing modules. Copy the modules you need from the CD (or web-site, or wherever is convinent) to /lib/modules of your RAMDISK (it NOT the HDD), and do a full backup of modules to your hard-drive. There's still full support for the previous method of putting modules in modules.lrp (/lib/modules of the expanded ramdisk)...the support for loading modules directly off the CD is simply for convinence. Of course, if you wanted, you could make an ext2 partition on your HDD that contained the modules, and load them from there using the ! directives, but that seems like overkill... Much better, thanks! Routing and mosts packages working fine except for backup. For some reason there are 2 listings for etc in the backup menu. Selecting either copy results in Could not mount backup device. In this case it is /dev/hda1 on the HDD. Other packages like root and modules backup fine. I checked syslinux.cfg and there is only 1 occurance of etc loaded. Why 2 copies of etc? Thanks, Stephen ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SNMP Monitoring of Dachstein
I have some basic SNMP monitoring of my Dachstein machines working using the old SNMP package and MRTG. With these I keep a constant graph of the activities of eth0, eth1 and ipsec0 on both ends of my test VPN tunnel. I converted to net-snmp and everything is still working (thanks people for standards). My next task is to add monitoring of the memory, CPU, and RAM disks. The result would be a single web page which provides a continuous graph of the health of the LEAF boxes. You can see at a glance where something may be going wrong. Since MRTG also does such a nice job of keeping a running summary of the data on a daily, weekly, monthly and yearly basis. You can also use the data to predict when you may need to make changes on a system. Others have setup MRTG to do this kind of thing on their Linux servers. I was wondering if anyone here have already done something similar and have some MRTG scripts that work with the net-snmp mibs that they can share, or maybe just some pointers. When I'm done I'll give what I have to Charles. He needs some more packages to fill up that Dachstein CD. ;-) I've setup minimal monitoring of memory and disk usage using OID's already supported by the older SNMP package (do an snmpwalk to find interesting things to monitor). I haven't actually switched to net-snmp yet (although I have verified it's working), although the intent is to be able to monitor things like CPU web-server load. I've also started playing with OpenNMS (http://www.opennms.org), but don't have anything working yet...looks pretty cool, though. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2 copies of etc in backup (Was: Migrating Dachstein1.0.2-CD to harddrive?)
Much better, thanks! Routing and mosts packages working fine except for backup. For some reason there are 2 listings for etc in the backup menu. Selecting either copy results in Could not mount backup device. In this case it is /dev/hda1 on the HDD. Other packages like root and modules backup fine. I checked syslinux.cfg and there is only 1 occurance of etc loaded. Why 2 copies of etc? Packaging info come from: /var/lib/lrpkg/packages -and- /var/lib/lrpkg/backdisk as well as the individual package files in /var/lib/lrpkg. Somehow, one (or more) of these files has probably gotten confused. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] SNMP Monitoring of Dachstein
[EMAIL PROTECTED] wrote: I have some basic SNMP monitoring of my Dachstein machines working using the old SNMP package and MRTG. With these I keep a constant graph of the activities of eth0, eth1 and ipsec0 on both ends of my test VPN tunnel. I converted to net-snmp and everything is still working (thanks people for standards). My next task is to add monitoring of the memory, CPU, and RAM disks. Others have setup MRTG to do this kind of thing on their Linux servers. I was wondering if anyone here have already done something similar and have some MRTG scripts that work with the net-snmp mibs that they can share, or maybe just some pointers. Maybe this is out of line here, or maybe not. Here we use NetSaint to monitor many systems. It would be quite simple to set up a monitoring system to check for CPU, disk space, memory - whatever you want. All you need is an ssh server on the LEAF side and scripts that give one line of info and return 0 for OK, 1 for WARNING, and 2 for CRITICAL Then you run your script using SSH. Of course, NetSaint is for system critical conditions, and isn't for performance monitoring, though the latest versions offer the ability to store performance data (but not process it). MRTG is more of a history, and NetSaint is a snapshot in time. Sort of like the difference between a balance sheet and an income statement :) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2 copies of etc in backup (Was: MigratingDachstein1.0.2-CD to harddrive?)
On Thu, 2001-12-06 at 08:40, Charles Steinkuehler wrote: Much better, thanks! Routing and mosts packages working fine except for backup. For some reason there are 2 listings for etc in the backup menu. Selecting either copy results in Could not mount backup device. In this case it is /dev/hda1 on the HDD. Other packages like root and modules backup fine. I checked syslinux.cfg and there is only 1 occurance of etc loaded. Why 2 copies of etc? Packaging info come from: /var/lib/lrpkg/packages -and- /var/lib/lrpkg/backdisk as well as the individual package files in /var/lib/lrpkg. Somehow, one (or more) of these files has probably gotten confused. /var/lib/lrpkg/packages has 1 copy of etc but /var/lib/lrpkg/backdisk has 2 copies. I deleted 1 copy and backed-up root but upon reboot I get 2 copies again. Am I backing-up the wrong package? Thanks, Stephen ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2 copies of etc in backup (Was: MigratingDachstein1.0.2-CD to harddrive?)
/var/lib/lrpkg/packages has 1 copy of etc but /var/lib/lrpkg/backdisk has 2 copies. I deleted 1 copy and backed-up root but upon reboot I get 2 copies again. Am I backing-up the wrong package? System details, please. Please list EXACTLY which version you started with, what changes (if any) were made to any of the init scripts, and what parameters are being passed to your kernel by the boot-loader (cat /proc/cmdline). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2 copies of etc in backup (Was:MigratingDachstein1.0.2-CD to harddrive?)
On Thu, 2001-12-06 at 10:27, Charles Steinkuehler wrote: /var/lib/lrpkg/packages has 1 copy of etc but /var/lib/lrpkg/backdisk has 2 copies. I deleted 1 copy and backed-up root but upon reboot I get 2 copies again. Am I backing-up the wrong package? System details, please. Please list EXACTLY which version you started with, what changes (if any) were made to any of the init scripts, and what parameters are being passed to your kernel by the boot-loader (cat /proc/cmdline). DS-CD 1.0.2. Files copied onto dos-formatted flashcard and syslinux'd. modules from /lib/modules on the cd copied to the ramdisk under /lib/modules and backed-up. cat /proc/cmdline: BOOT_IMAGE=linux append=load_ramdisk=1 initrd=root.lrp initrd_archive=minix ramdisk_size=12288 root=/dev/ram0 boot=/dev/hda,msdos PKGPATH=/dev/hda1:msdos LRP=etc,ramlog,local,modules,dhclient,dhcpd,dnscache,sshd,sshkey,weblet,tinydns No changes to initscripts. The one thing I did not do was to remove the loading of the cdrom drivers in linuxrc. One other problem: I have no /var/log Stephen ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2 copies of etc in backup (Was:MigratingDachstein1.0.2-CD to harddrive?)
On Thu, 2001-12-06 at 10:45, Stephen Lee wrote: On Thu, 2001-12-06 at 10:27, Charles Steinkuehler wrote: /var/lib/lrpkg/packages has 1 copy of etc but /var/lib/lrpkg/backdisk has 2 copies. I deleted 1 copy and backed-up root but upon reboot I get 2 copies again. Am I backing-up the wrong package? System details, please. Please list EXACTLY which version you started with, what changes (if any) were made to any of the init scripts, and what parameters are being passed to your kernel by the boot-loader (cat /proc/cmdline). DS-CD 1.0.2. Files copied onto dos-formatted flashcard and syslinux'd. modules from /lib/modules on the cd copied to the ramdisk under /lib/modules and backed-up. cat /proc/cmdline: BOOT_IMAGE=linux append=load_ramdisk=1 initrd=root.lrp initrd_archive=minix ramdisk_size=12288 root=/dev/ram0 boot=/dev/hda,msdos PKGPATH=/dev/hda1:msdos LRP=etc,ramlog,local,modules,dhclient,dhcpd,dnscache,sshd,sshkey,weblet,tinydns No changes to initscripts. The one thing I did not do was to remove the loading of the cdrom drivers in linuxrc. One other problem: I have no /var/log But, if I create /var/log then syslog populates the directory with logs. Stephen ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] established connections after client has disconnected
hello list i run an old version from charles steinkuehler (thank you, charles) on my gateway/firewall - works perfectly. there are a couple of servers masqueraded behind it to which specific ports are forwarded to. following problem occurs: host A from the outside connects to a service on the masqueraded server; host A disconnects (power off, programm shutdown, network failure) ; the masqueraded server keeps the connection - netstat says the connection is ESTABLISHED (as opposed to being FIN_WAIT2). is it possible that the firewall is blocking some sort of tcp or icmp communication that prevents such connections from being quickly identified as not functional? eventually these connections do get closed, but this takes time. are there some parameters to tune? i do not know the internals of the tcp/ip protocol well enough... maybe it is something really simple. hints are greatly appreciated. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] PPPoE DNS problem, Help please.
I am using EigerStein_contrib_img_pppoe-beta0.4.exe I am having trouble getting the nameservers from my ISP known by LRP. Example ping www.yahoo.com yields: ping: unknown host www.yahoo.com What else must I do? I would like the address's picked up from ppp so when they change I don't have to do anything. I have set:USEPEERDNS=yes in etc/ppp/ppp0e.conf # cat /etc/resolv.conf # This file was generated by /etc/rcS.d/S39network. It may be overwritten! search private.network nameserver 192.168.1.254 nameserver 127.0.0.1 FYI I have found that to get this image to connect to a Bell ADSL modem on startup I had to create a file called /etc/ppp/firewall-masq and back it up with the ppp stuff. Thanks Regards, Kevin ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: PPPoE DNS problem, Help please.
I am using EigerStein_contrib_img_pppoe-beta0.4.exe I am having trouble getting the nameservers from my ISP known by LRP. Example ping www.yahoo.com yields: ping: unknown host www.yahoo.com What else must I do? I would like the address's picked up from ppp so when they change I don't have to do anything. I have set:USEPEERDNS=yes in etc/ppp/ppp0e.conf # cat /etc/resolv.conf # This file was generated by /etc/rcS.d/S39network. It may be overwritten! search private.network nameserver 192.168.1.254 nameserver 127.0.0.1 FYI I have found that to get this image to connect to a Bell ADSL modem on startup I had to create a file called /etc/ppp/firewall-masq and back it up with the ppp stuff. Try setting CONFIG_DNS=NO in /etc/network.conf... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] established connections after client has disconnected
following problem occurs: host A from the outside connects to a service on the masqueraded server; host A disconnects (power off, programm shutdown, network failure) ; the masqueraded server keeps the connection - netstat says the connection is ESTABLISHED (as opposed to being FIN_WAIT2). is it possible that the firewall is blocking some sort of tcp or icmp communication that prevents such connections from being quickly identified as not functional? eventually these connections do get closed, but this takes time. are there some parameters to tune? i do not know the internals of the tcp/ip protocol well enough... maybe it is something really simple. hints are greatly appreciated. This is normal. When the remote system dies, there's no way for the near end to immediately tell if it crashed, got it's network cable cut, had the maid trip over the power cord, or just isn't sending any information. Eventually, your local server will send a packet to the far end (maybe sooner, maybe later...depends on the protocol you're running, if you're in the middle of doing anything interesting, and what your TCP connection keep-alive timers are set to). If no response is heard from the far end, eventually the remote system is marked as unreachable, and the connection is destroyed. Note that even in the middle of an active conversation, there's no method (short of a timeout, or out of band communication) to figure out if the remote system suddenly went offline or if something else is wrong. Maybe it just got busy and isn't talking to the 'net for a while (ie someone stuck a CD-ROM into your NT based server :-), or maybe an intermediate route on the internet went down, and packets will be re-routed in a couple seconds automatically. TCP includes advanced mechanisms for dealing with dropped packets, random delays, and just about any odd thing that can happen to packets between point A and point B. While you can play with the settings for the various timeouts and protocol settings to try and tweak performance, you probably need a much better understanding of TCP, and a REALLY good reason to try and do so. If you don't know EXACTLY what you're doing, you'll probably just make things much worse... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2 copies of etc in backup (Was:MigratingDachstein1.0.2-CD to harddrive?)
System details, please. Please list EXACTLY which version you started with, what changes (if any) were made to any of the init scripts, and what parameters are being passed to your kernel by the boot-loader (cat /proc/cmdline). DS-CD 1.0.2. Files copied onto dos-formatted flashcard and syslinux'd. modules from /lib/modules on the cd copied to the ramdisk under /lib/modules and backed-up. cat /proc/cmdline: BOOT_IMAGE=linux append=load_ramdisk=1 initrd=root.lrp initrd_archive=minix ramdisk_size=12288 root=/dev/ram0 boot=/dev/hda,msdos PKGPATH=/dev/hda1:msdos LRP=etc,ramlog,local,modules,dhclient,dhcpd,dnscache,sshd,sshkey,weblet,tiny dns No changes to initscripts. The one thing I did not do was to remove the loading of the cdrom drivers in linuxrc. One other problem: I have no /var/log But, if I create /var/log then syslog populates the directory with logs. Very strange (the no /var/log part)...this indicates the init scripts for the ramlog package are not running. Exactly why is another matter. Assuming your hardware is OK (run memtest86 to check your ram), the only thing I see that creates a warning flag is your boot PKGPATH settings. Both point to /dev/hda: boot=/dev/hda,msdos PKGPATH=/dev/hda1:msdos One of these devices is invalid, and it's probably the boot device. You might try removing the PKGPATH variable (or setting it back to /dev/cdrom), since you only have one place to load packages from, and that's the boot device. Also, remember you can't do partial backups if you aren't loading the main package from one location, and storing backups in another (which it doesn't look like you're doing), so do full backups of everything or you'll break stuff. Let me know what happens when you change the boot PKGPATH settings. If things still arn't working, scroll back once your system's booted and report what linuxrc outputs when it's extracting the packages... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] port forwarding and opening ports
How do I open ports and forward in Dachstein CD 1.0.2 ? I finally got this thing workin hehehe. This is so exciting.
[Leaf-user] PPPoE interface IP address
I am using EigerStein_contrib_img_pppoe-beta0.4.exe
I am having trouble getting the network.conf script to pick up the PPPoE
address from the ISP and defining $EXTERN_IP for the rest of the script. I
think it may be a timing issue, as I can run the part of the script that
extracts the $EXTERN_IP after the LRP is booted and it is OK. The
$EXTERN_IP ends up getting defined as 192.168.254.254 which messes up the
port forwarding stuff.
The portion of network.conf is below. How could I remedy this?
Thanks,
Kevin
###
# ADSL-Startup (not pretty but it works)
###
adsl-start
###
# IP Filter setup - can pull in settings from above
###
# Set up the basic type of filtering. Can be one of (none|router|firewall)
# You must load the ip_masq_* modules to enable full IP masquerading, and
# ip_masq_portfw if you want to forward external ports pop-3, mtp, www
# to internal machines below.
IPFILTER_SWITCH=firewall
# This set of variables is used with both sets of filters
SNMP_BLOCK=YES # Block all SNMP (YES/NO)
# List of IP Nos used for SNMP management
SNMP_MANAGER_IPS=
# Fair Queuing support
# List of Mark values
MRK_CRIT=1 # Critical traffic, routing, DNS
MRK_IA=2# Interactive traffic - telnet, ssh, IRC
# List of traffic types and maps to mark
values
# Setting this variable turns on the
# fairq chain
CLS_FAIRQ=${MRK_CRIT}_89_0/0 ${MRK_CRIT}_udp_0/0_route
${MRK_CRIT}_tcp_0/0_bgp
${MRK_CRIT}_tcp_0/0_domain ${MRK_CRIT}_udp_0/0_domain
${MRK_IA}_tcp_0/0_telnet $
{MRK_IA}_tcp_0/0_ssh
# This set of variables is used with the basic routing filter setup
# This set of variables is used with a basic IP masquerading firewall setup
#Notation - IP addresses/masklen
#
# NOTE: Do NOT turn on the DMZ network or ANY external port masquerading/
# port forwarding when EXTERN_DYNADDR is on because some security
# leaks will result. You may also want to limit the external open
# ports to domain (UDP) for DNS. Anyhow, these features are not that
# usable unless you have a static external address
#
#EXTERN_IF=eth0 # External Interface
EXTERN_IF=ppp0# External Interface
# Start of changes by Charles Steinkuehler for DHCP
#
# Added for DHCP support
# Setting this to YES causes the script to read EXTERN_IP directly from
# the interface
EXTERN_DHCP=YES # - YES/NO
# The interface to configure via dhcp
IF_DHCP=$EXTERN_IF
# If YES, your firewall filters use 0/0 for your IP address, instead of your
# actual IP address. Set this to NO for typical ethernet setups, even if
you
# are using DHCP
# External Address dynamically assigned
EXTERN_DYNADDR=YES # - YES/NO
# -- OR --
#EXTERN_IP=0.0.0.0 # External Interface IP number
# If external interface is DHCP, read the IP address
# This should probably be moved to the init.d network script, but it seemed
# I put it here for now, as it is more obvious what it is doing, in case it
# messes something else up.
if [ $EXTERN_DHCP = YES ] || \
[ $EXTERN_DHCP = Yes ] || \
[ $EXTERN_DHCP = yes ]; then
# This computes the IP address of $EXTERN_IF
# Grep extracts just the line(s) with IP address information from the
output
# of ip addr. The first sed gets rid of all but the first line (in case
# there are several IP addresses for some reason), and next sed extracts
# just the IP address in dot quad notation.
EXTERN_IP=`ip addr list label $EXTERN_IF | \
grep inet | \
sed '1!d' | \
sed 's/^[^.0-9]*\([.0-9]*\).*$/\1/'`
# Debugging - Remove if you like
echo Extern IP: $EXTERN_IP
# If the external address is not configured, use a bogus address for the
# external interface to prevent a bunch of (harmless) errors that spit out
# when the IPCHAINS script is called.
if [ x$EXTERN_IP = x ]; then
EXTERN_IP=192.168.254.254
fi
fi
___
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] very large /var/log/wtmp
I saw a posting a few weeks ago of someone who was having this problem. I don't ever remember seeing an answer. This is a new clean Dachstein 1.01 installation. Been up for just shy of 3 days. Here is an ls of my /var/log directory. firewall: -root- # ls -l -rw-r-1 root adm777216 Dec 6 07:07 auth.log -rw-r-1 root adm 1024 Dec 6 07:21 daemon.log -rw-r-1 root adm 11264 Dec 5 12:38 daemon.log.0 -rw-r-1 root adm 0 Dec 6 06:42 daemon.log.1.gz -rw-r-1 root adm 1119 Dec 5 06:42 daemon.log.2.gz -rw-r-1 root adm 0 Dec 6 06:42 debug -rw-r-1 root adm 0 Dec 5 06:42 debug.0 -rw-r-1 root adm20 Dec 6 06:42 debug.1.gz -rw-r-1 root adm 161 Dec 5 06:42 debug.2.gz -rw-r-1 root adm 757 Dec 6 13:18 kern.log -rw-r-1 root adm 0 Dec 5 06:42 kern.log.0 -rw-r-1 root adm 176 Dec 6 06:42 kern.log.1.gz -rw-r-1 root adm 2192 Dec 5 06:42 kern.log.2.gz -rw-r-1 root root0 Dec 6 20:24 lastlog -rw-r-1 root adm 852 Dec 6 16:36 messages -rw-r-1 root adm 239 Dec 6 04:36 messages.0 -rw-r-1 root adm 243 Dec 6 06:42 messages.1.gz -rw-r-1 root adm 2135 Dec 5 06:42 messages.2.gz -rw-r-1 root adm 0 Dec 6 06:42 ppp.log -rw-r-1 root adm 0 Dec 5 06:42 ppp.log.0 -rw-r-1 root adm20 Dec 6 06:42 ppp.log.1.gz -rw-r-1 root adm20 Dec 5 06:42 ppp.log.2.gz -rw-r-1 root adm 0 Dec 6 06:42 pslave.log -rw-r-1 root adm 0 Dec 5 06:42 pslave.log.0 -rw-r-1 root adm20 Dec 6 06:42 pslave.log.1.gz -rw-r-1 root adm20 Dec 5 06:42 pslave.log.2.gz -rw-r-1 root adm 0 Nov 13 1997 setuid.changes -rw-r-1 root adm 2048 Dec 6 07:30 syslog -rw-r-1 root adm 13312 Dec 5 12:38 syslog.0 -rw-r-1 root adm 3542 Dec 6 06:42 syslog.1.gz -rw-r-1 root adm 3587 Dec 5 06:42 syslog.2.gz -rw-r-1 root adm 0 Dec 6 06:42 user.log -rw-r-1 root adm 0 Dec 5 06:42 user.log.0 -rw-r-1 root adm20 Dec 6 06:42 user.log.1.gz -rw-r-1 root adm20 Dec 5 06:42 user.log.2.gz -rw-r-1 root root 7438080 Dec 6 20:30 wtmp As you can see my wtmp file is 7.5 MB. Anyone have any thoughts? Or what more info should I provide. Thanks. Rich __ Do You Yahoo!? Send your FREE holiday greetings online! http://greetings.yahoo.com ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Eiger2beta w/PPPoP not renewing ipfilters with dhcp change and Junkbuster start-up issue
I am running the Eiger2Beta v4 with PPPoP from Ken on a two floppy set-up. I have added and upgraded a few packages to this original single disk. I had to recreate both floppy disk over the weekend. I am running the following packages: NameVersionDescription ===-==-= root3.1.0 etc 3.1.0 log 3.1.0 local 3.1.0 Local package. This package does not contain a modules 3.1.0 Modules package. Contains kernel modules and u ppp 2.3.11 PPPd Deamon for Dial-Up pppoe 2.6Roaring Penguin PPPoE Client LRP Package dhcpd 2.0pl5 dhcpd - Autoconfigure client machines dnscache1.05 dnscache - Provide a local DNS cache psentry 1.0If this package failed to load, please create weblet 1.2.0 weblet - LRP status via a small web server sshd2.9p1 OpenSSH sshd daemon. jbuster oidentd 1.6.0 There shouldn't be any configuration needed un dns_flood PS - the DNS_Flood file is just a menu hack I added to add IP's via the lrcfg menu. Kernel version and modules used/loaded: Kernel: Linux version 2.2.16 (root@debian) (gcc version 2.7.2.3) #1 Sun Jun 11 11:33:38 CDT 2000 Installed Modules: vfat9548 0 (unused) ip_masq_mfw 3076 0 ip_masq_portfw 2296 0 (unused) ip_masq_autofw 2356 0 (unused) ip_masq_user2636 0 (unused) ip_masq_cuseeme 852 0 (unused) ip_masq_vdolive 1068 0 (unused) ip_masq_raudio 2820 0 (unused) ip_masq_quake 1108 0 (unused) ip_masq_irc 1300 0 ip_masq_icq12968 0 (unused) ip_masq_h3232868 0 (unused) ip_masq_ftp 2352 0 ne 6276 2 83906220 0 [ne] bsd_comp3652 0 (unused) ppp_deflate20836 2 [bsd_comp] ppp20828 0 (unused) slhc4408 0 [ppp_deflate ppp] Number 1 - When I get a new IP address, the ipforward rules do not flush and reload. I just received a new IP overnight and now my packetfilter log file still shows the wrong IP address. This is from my syslog file: Dec 5 00:40:01 amberton adsl-connect: ADSL connection lost; attempting re-connection. Dec 5 00:40:55 amberton pppd[4393]: pppd 2.3.11 started by root, uid 0 Dec 5 00:40:55 amberton pppd[4393]: Using interface ppp0 Dec 5 00:40:56 amberton pppd[4393]: Connect: ppp0 -- /dev/ttyp0 Dec 5 00:40:56 amberton pppoe[4395]: PADS: Service-Name: '' Dec 5 00:40:56 amberton pppoe[4395]: PPP session is 130 Dec 5 00:41:12 amberton pppd[4393]: Remote message: CHAP authentication success, unit 243 Dec 5 00:41:13 amberton pppd[4393]: Cannot determine ethernet address for proxy ARP Dec 5 00:41:13 amberton pppd[4393]: local IP address 65.80.88.239 Dec 5 00:41:13 amberton pppd[4393]: remote IP address 65.80.88.1 Dec 5 00:45:00 amberton /USR/SBIN/CRON[4419]: (root) CMD (/etc/multicron-p) Dec 5 00:48:44 amberton kernel: Packet log: input DENY ppp0 PROTO=6 65.80.20.97:3235 65.80.88.239:80 L=48 S=0x00 I=34363 F=0x4000 T=119 SYN (#85) I had to Putty into the box, and flush/reload the ipfilters to get the correct IP address to show on the packetfilter web page. Has anyone found a fix to this or is this normal? Number 2 - Junkbuster does not load at bootup, I have to putty into the box and issue junkbuster /etc/junkbuster/config at the console to get it up and running. The web site states it needs SU to work. I tried the SU file from Charles' web site, however that did not work for me. Where would I add this to the start-up script to auto issue if it has a power failure? Thanks for any suggestions/help. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Serial ports Dachstein
Hi all, I am trying to set up a serial terminal output to be read by hyperterm in windows. Thia will allow me to configure the firewall without reattaching a monitor and keyboard. The How tos look super simple and Charles has set it up so I should just be able to uncomment a single line in the inittab file and have it working but alas I never seem to get that lucky. I have tried several cables/ null modem adapters to no avail. I tested the ports with a DOS utility that uses a loopback plug and they work OK. They only thing left I can see to check is the address and IRQ of the ports or perhaps my NIC's. I think they may conflict. How can I find what the NIC's are set to in Linux or DOS? They are 3 Com 3c509's. Is there a way to verify that the ports are configured properly and how do I change the address / IRq that Linux writes to if I have to alter the port hardware address. Thanks, Kor Krofft ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] very large /var/log/wtmp
On 12/6/01 at 5:38 PM, Richard Burt [EMAIL PROTECTED] wrote: I saw a posting a few weeks ago of someone who was having this problem. I don't ever remember seeing an answer. This is a new clean Dachstein 1.01 installation. Been up for just shy of 3 days. As you can see my wtmp file is 7.5 MB. Anyone have any thoughts? Or what more info should I provide. Thanks. wtmp is used by the last command (that is -- probaby -- /bin/last); try it. You might want to check the help for a way to limit the number of entries to list (I don't remember what it was, but it can be done). Then you can see what is filling your wtmp file. -- David Douthitt UNIX Systems Administrator HP-UX, Unixware, Linux [EMAIL PROTECTED] ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] (no subject)
This is filling up my logs. Should I be worried, is it something that I shouldn't have logged? Dec 7 01:06:34 router kernel: Packet log: input DENY eth0 PROTO=17 24.216.46.129:67 255.255.255.255:68 L=330 S=0x00 I=26282 F=0x T=255 (#42) smime.p7s Description: application/pkcs7-signature
Re: [Leaf-user] Serial ports Dachstein
On Thu, 6 Dec 2001, guitarlynn wrote: On Thursday 06 December 2001 22:18, you wrote: . They only thing left I can see to check is the address and IRQ of the ports or perhaps my NIC's. I think they may conflict. How can I find what the NIC's are set to in Linux or DOS? They are 3 Com 3c509's. Is there a way to verify that the ports are configured properly and how do I change the address / IRq that Linux writes to if I have to alter the port hardware address. You have to set these particular cards with a linux utility by Donald Becker or use the old 3c5x9cfg utility from 3com in DOS. You can pick up the DOS utility and get direct instruction for setting up these cards at http://www.geocities.com/guitarlynn/3c509.html . Likely, if they are from a Windows box, PnP is enable which won't work with Linux at all. Just reconfigure them to eth0 (io=300 irq=10) eth1 (io=320 irq=320) and disable PnP. And leave the /etc/modules line bare... just 3c509, no io or irq. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] (no subject)
On Fri, 7 Dec 2001, Brian Camp wrote: This is filling up my logs. Should I be worried, is it something that I shouldn't have logged? Dec 7 01:06:34 router kernel: Packet log: input DENY eth0 PROTO=17 24.216.46.129:67 255.255.255.255:68 L=330 S=0x00 I=26282 F=0x T=255 (#42) The latter. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2 copies of etc in backup(Was:MigratingDachstein1.0.2-CD to harddrive?)
On Thu, 2001-12-06 at 13:02, Charles Steinkuehler wrote: System details, please. Please list EXACTLY which version you started with, what changes (if any) were made to any of the init scripts, and what parameters are being passed to your kernel by the boot-loader (cat /proc/cmdline). DS-CD 1.0.2. Files copied onto dos-formatted flashcard and syslinux'd. modules from /lib/modules on the cd copied to the ramdisk under /lib/modules and backed-up. cat /proc/cmdline: BOOT_IMAGE=linux append=load_ramdisk=1 initrd=root.lrp initrd_archive=minix ramdisk_size=12288 root=/dev/ram0 boot=/dev/hda,msdos PKGPATH=/dev/hda1:msdos LRP=etc,ramlog,local,modules,dhclient,dhcpd,dnscache,sshd,sshkey,weblet,tiny dns No changes to initscripts. The one thing I did not do was to remove the loading of the cdrom drivers in linuxrc. One other problem: I have no /var/log But, if I create /var/log then syslog populates the directory with logs. Very strange (the no /var/log part)...this indicates the init scripts for the ramlog package are not running. Exactly why is another matter. Assuming your hardware is OK (run memtest86 to check your ram), the only thing I see that creates a warning flag is your boot PKGPATH settings. Both point to /dev/hda: boot=/dev/hda,msdos PKGPATH=/dev/hda1:msdos One of these devices is invalid, and it's probably the boot device. You might try removing the PKGPATH variable (or setting it back to /dev/cdrom), since you only have one place to load packages from, and that's the boot device. Also, remember you can't do partial backups if you aren't loading the main package from one location, and storing backups in another (which it doesn't look like you're doing), so do full backups of everything or you'll break stuff. Let me know what happens when you change the boot PKGPATH settings. If things still arn't working, scroll back once your system's booted and report what linuxrc outputs when it's extracting the packages... Oops! I forgot to add the ramlog.lrp package to the flash HDD. My flash card is 8meg so only a subset of the CD packages would fit on it. No more duplicate etc lines in the backup list and /var/log/ works now. The /proc/cmdline is: BOOT_IMAGE=linux append=load_ramdisk=1 initrd=root.lrp initrd_archive=minix ramdisk_size=12288 PKGPATH=/dev/cdrom:iso9660 root=/dev/ram0 boot=/dev/hda1,msdos LRP=etc,ramlog,local,modules,dhclient,dhcpd,dnscache,sshd,sshkey,weblet,tinydns and the lrpkg.cfg is: etc,ramlog,local,modules,dhclient,dhcpd,dnscache,weblet,tinydns,sshd,sshkey,libz The effects were sure interesting when ramlog.lrp was specifed but the package itself was missing. Thanks, as usual, for your product and your help, Charles. Stephen ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Making a Dachstein CD
I have deen making my own Dachstein CDs using your iso file. I burn a CD from it, copy it to disk, and than make the additions I need. This works fine except that dashes get converted to underscores in my resulting CD. What option do you use with mkisofs to keep this from happening to you? The mkisofs command I use is in the readme file on the CD. Looks like I'm running V1.13: debian:~# mkisofs --version mkisofs 1.13 (i586-pc-linux-gnu) Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] New package - and some fixes
There is now a new package at http://leaf.sourceforge.net/pub/oxygen/packages ntpclient.lrp It is a small NTP client used to set the clock from a reliable time source on the Internet. I also fixed many packages; about a dozen or so had errors... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re:
Am I the doofus or what? My only excuse is, when my lrpkg.cfg looks like this, it is easy to miss one: etc,local,bash,bwidth22,daemontl,djbutils,dhclient,dhcpd,dnscache,ifconfig,libdb,libm,libpcap,libz,lncurses,lrdline2,mawk,modules,netsnmpd,netsnmpu,ramlog,rsync,sftp,ssh,sshd,tcpdump,tinydns,vim,weblet Thank you . . . Charles Steinkuehler wrote: Did you see my post about net-snmp? This package requires libdb.so.2 which is not part of the libraries on the Dachstein CD. I found the file on the Debian web site in the libdb++ package. Did you include it in either of your net-snmp packages? If not, what do you think about making libdb++ an LRP package? I just grabbed David's libdb package and added it to the CD. We're still getting this: ``Starting snmpd: /usr/sbin/snmpd: error in loading shared libraries libm.so.6: cannot open shared object file: No such file or directory'' We have loaded libdb.lrp; yet, this: root@trout:/root # ls -al `find / | grep libm` -rw-r--r--1 root root 104192 Feb 20 1999 /usr/local/lib/libm-2.0.7.so lrwxrwxrwx1 root root 13 Dec 5 06:59 /usr/local/lib/libm.so.6 - libm-2.0.7.so What to do? How about loading libm.lrp? It's on the CD... -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re:
My only excuse is, when my lrpkg.cfg looks like this, it is easy to miss one: etc,local,bash,bwidth22,daemontl,djbutils,dhclient,dhcpd,dnscache,ifconfig,l ibdb,libm,libpcap,libz,lncurses,lrdline2,mawk,modules,netsnmpd,netsnmpu,raml og,rsync,sftp,ssh,sshd,tcpdump,tinydns,vim,weblet The output of lrpkg -l is easier to read and more accurate... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
