[Leaf-user] How can I find pppoe modules and related scripts for Dachstein floppy boot?
Don't know if this made it to the list before; but I wanted to start a new thread. I am using the Dachstien floppy boot image (rc2) . I have seen mail on the list about the Dachstein CD image, including some scripts (init adsl-start) referred to that allow pppoe to a dsl provider to be configured on an external interface. But, what is on the CD may not be on the floppy image. At this very moment, the Dachstein floppy boot does not appear to be happy with the CDROM in my IBM Aptiva , which is to become a firewall for my home network. Hence I would like to boot from floppy, if possible. Can someone point me to the init and adsl-start scripts somewhere on the web? Is there a pppoe module or package that is needed? I have read the Dachstein firewall setup by Charles Steinkuehler, and looked in the appropriate directories for a pppoe client module, but I can't find one. I have read the various xDSL how-tos, and Networking how-tos. They are not specific to the Dachstien environment, however, and I cannot figure out how to proceed. My configuration is the Aptiva with two Netgear FA311's (eth0 external, eth1 internal). I am connecting to Bellsouth's DSL service through an Alcatel Speed Touch home ethernet dsl modem. Works greate thru my Suse box with roaring penguin, and of course via windoze box. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] RE:DMZ hoses Box
Having recently been there, I'll give it a shot :) a) Make sure you open the ports to the outside world b) Assuming a PRIVATE dmz, make sure and uncomment one or more of the DMZ servers definitions, which generate the portfw rules You should be able to determine what's going on by looking at the firewall rules .. the portfw rule was giving me problems until I realized it was generated before I had a good IP from the isdn modem -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Andrew WehnerSent: Sunday, December 16, 2001 11:13 AMTo: [EMAIL PROTECTED]Subject: [Leaf-user] RE:DMZ hoses Box Okay, checked cards, ok, but still no love. I swapped cards with another box and router can see everything. Can't seem to get DMZ to outside world. Added a route to eth2, turned on DMZ (NAT). Not sure where to go with this next. Do I need to set up port forwarding rules to this segment, or are they on by default? I understand how to open and forward ports in the 192.168.1.x segment, but the DMZ section is not as clear.
Re: [Leaf-user] How can I find pppoe modules and related scripts for Dachstein floppy boot?
Hello Richard Don't know if this made it to the list before; but I wanted to start a new thread. I am using the Dachstien floppy boot image (rc2) . I have seen mail on the list about the Dachstein CD image, including some scripts (init adsl-start) referred to that allow pppoe to a dsl provider to be configured on an external interface. But, what is on the CD may not be on the floppy image. At this very moment, the Dachstein floppy boot does not appear to be happy with the CDROM in my IBM Aptiva , which is to become a firewall for my home network. Hence I would like to boot from floppy, if possible. Can someone point me to the init and adsl-start scripts somewhere on the web? Is there a pppoe module or package that is needed? with the version of Charles, you can use the roaring penguin package, that you can find at kenneth hadley's and the littlebit tuned one on my page http://leaf.sourceforge.net/devel/khadley/packages.html http://leaf.sourceforge.net/devel/ericw/package/pppoe.lrp Next to the pppoe.lrp you will need the ppp.lrp you can also find at kenneth page. I don't know if Charles has ppp included or as I suppose it is avalaible as a module. You certainly can take this from the CD The modules you 'll need are: slhc.o ppp.o ppp_deflate.o ??? bsd_comp.o ?? I am not sure the last two are really necessary. For pppoe itself you don't need a module as with the roaring penguin programm, you use a programm in user space On kenneth page there is also a short introduction on how to install the package. It is not very difficult. The modules you can find under the following adress (without wrap) http://leaf.sourceforge.net/devel/cstein/files/diskimages/dachstein- CD/CD-Contents/lib/modules/net/ I have read the Dachstein firewall setup by Charles Steinkuehler, and looked in the appropriate directories for a pppoe client module, but I can't find one. I have read the various xDSL how-tos, and Networking how-tos. They are not specific to the Dachstien environment, however, and I cannot figure out how to proceed. My configuration is the Aptiva with two Netgear FA311's (eth0 external, eth1 internal). I am connecting to Bellsouth's DSL service through an Alcatel Speed Touch home ethernet dsl modem. Works greate thru my Suse box with roaring penguin, and of course via windoze box. Good luck Eric Wolzak http://leaf.sourceforge.net/devel/ericw ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] RESOLVED: LEAF development box, 2.2.19 kernel cannot use old ide hdd???
Michael D. Schleif wrote: I am building a development box with slink. The system is up and functioning; but, now, I need to implement a 2.2.19 kernel. It builds successfully; but, has problems at bootup. The system: Pentium 150 64MB RAM /dev/sda1 - swap /dev/sda2 - / /dev/scd0 - cdrom /dev/hdb1 - /usr/local Under the original slink, *ALL* of this functions properly! My new (2.2.19) kernel properly recognizes everything *except* /dev/hdb1: ``Checking all file systems . . . Parallelizing fsck version 1.12 (9-Jul-98) fsck.ext2: Operation not supported by devices while trying to open /dev/hdb1 /dev/hdb1: The superblock could not be read or does not describe a correct ext2 filesystem ...'' [ snip ] For the archives: Pertinent system details: Asus P55TVP4 mainboard, latest official BIOS w/Intel 430VX PCI chipset Quantum LPS270A IDE hdd (/dev/hdb1) Through rigorous testing, the following .config lines must be set differently than the stock 2.2.19-3-LEAF kernel: CONFIG_BLK_DEV_HD=n CONFIG_BLK_DEV_HD_IDE=n CONFIG_BLK_DEV_IDE=y CONFIG_BLK_DEV_IDEDISK=y This could be due to either the mainboard or hdd, or both ; NOTE: It's been along time since I've been bitten by this; but, it is absolutely imperative that one of the 'make config' processes be run prior to any 'make zImage', when run on a brand new, pristine /usr/src/linux -- otherwise, 'make __Image' will *not* work ; -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Announcement - DachStein PPPoE
Announcement - DachStein PPPoE EigerStein2BETA PPPoE v.0.4 is officially discontinued from the viewpoint of its maintainer (which is me). With the release of DachStein and a combined CDROM/Floppy aproach a new Image is available from my site that contains PPPoE suport based on the DachStein v.1.02 image available at http://leaf.sourceforge.net/devel/cstein/files/diskimages/dachstein/dachstei n-v1.0.2-1680.bin Also for those who whould like to use DachStein v.1.02 CD I have instructions on my web site on how to setup the CD image with PPPoE support (these instructions are how the Diskette image on my site was created) If you would like to use either the DachStein v.1.02 PPPoe Diskette image or would like to read instructions on how to setup PPPoE with the DachStein v.1.02 CD please visit my site. http://leaf.sourceforge.net/devel/khadley/ If anyone has any problems or suggestions please hesitate to email me =) __ Kenneth Hadley LEAF developer [EMAIL PROTECTED] ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
SSH issues - was RE: [Leaf-user] OpenSSH Solved
Sorry the advisory that I remembered seeing was this one not the one listed below but both seem to have some relevance. http://www.cert.org/advisories/CA-2001-35.html Ken -Original Message- From: Jeff Newmiller [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Newmiller Sent: Sunday, December 16, 2001 1:19 AM To: Ken Cc: Leaf User Support List Subject: Re: [Leaf-user] OpenSSH Solved - was Dachstien Documentation Idiosyncrasies On Sat, 15 Dec 2001, Ken wrote: [...] I find it interesting that OpenSSH works with Putty when they explicitly say on their website that they do NOT support OpenSSH unless Jacques Nilo's version of OpenSSH just degrades itself to use ssh v1 or v2 when attaching from Putty. It may be that we are not getting all the features of OpenSSh we think we are getting. Don't know, and in my case (closed internal network no ssh from external) I don't really care. It is more of a learning experience then a necessity for me. Still interested if the CIAC bulletin has caught anyone's attention to check if we have a security hole. The website is http://www.ciac.org/ciac/bulletins/m-026.shtml Well, a) you would have to be using multiple logins (which I think is true with weblet) b) an untrusted person would have to know or be able to set the password for that account. They rate it medium. For LEAF, I think it looks even less critical. I think it is more important to not use login access from outside your LAN at all anyway. If you want to come in from outside, use public-key access. The exact verbiage from the Putty website (could just be an out of date FAQ - hey, how often could that happen?) http://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html#A .1.2 A.1.2 Does PuTTY support reading OpenSSH or ssh.com SSHv2 private key files? Not at present. OpenSSH and ssh.com have totally different formats for private key files, and neither one is particularly pleasant, so PuTTY has its own. We do plan to write a converter at some stage. Seems pretty clear to me. They don't support the file format for OpenSSH private key files. That would mean... don't try to create a v2 private key file using OpenSSH and transfer it to a Winbox and expect to be able to use it with Putty. Says nothing about compatibility with v1 private key files, or with on-the-wire public key exchanges. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Memory Warning Yellow too quick? - Clearer now
Sorry for wasting the bandwidth on this issue. I later realized that in three out of four refreshes of the webpage the light was green and the fourth one was yellow. Re-reading the included note helped to explain the reason for the yellow light. Possibly this could be specifically spelled out in the Note: for us newbies who don't know that This behavior is perfectly normal, and reflects the dynamic, multi-tasking nature of linux. means you gonna see yellow lights now and then. Also explaining exactly what the threshold is and if there is a way to set it to not be so sensitive. Not exactly sure what I would do if I saw a red light or at what point I might see a red light and/or what the implications would be. i.e. Am I running too many packages, is my memory going bad, did my log files fill up, is my ramdisk misallocated? Just some thoughts. Ken Message: 9 From: Ken [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Sat, 15 Dec 2001 22:46:32 -0500 Subject: [Leaf-user] Memory Warning Yellow too quick? I guess I don't really know what the memory stoplight is trying to tell me but I have a strange occurrence in that they light is Yellow and when I click on it inside it is green 'ok' and shows the following: :: Memory Status :: Sat Dec 15 22:40:47 EST 2001 firewall Memory Status: ok Free Memory 38 % of your system memory is currently used. 9000 K bytes available 1472 K bytes free NOTE: You may notice changes in the memory status, especially if you are near one of the threshold levels, as memory is allocated and freed to run the web server. This behavior is perfectly normal, and reflects the dynamic, multi-tasking nature of linux. Details: total:used:free: shared: buffers: cached: Mem: 14729216 13438976 1290240 6791168 5836800 1871872 Swap:000 MemTotal: 14384 kB MemFree: 1260 kB MemShared: 6632 kB Buffers: 5700 kB Cached:1828 kB SwapTotal:0 kB SwapFree: 0 kB I think I have 16 M RAM but I forget right now what it is and I don't particularly want to reboot. Do I need to re-allocate something or change where I store things. Any hints or should I just not worry about it? By the way the light comes up green first then goes to yellow less than an hour after a reboot. Ken ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] fa311.o my results - was Resolution: Why cant I ping on Dachstein rc2?
However, since installing Dachstein CD I have re-booted many times through the installation process and EVERY time I have re-booted the card came up fine. Don't exactly know what changed but it is much better. Updated dhclient package and NIC drivers... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] standalone dachstein cd
Q: The 'bootdisk.bin' image is (after much playing) a dos image of some type, mountable through a msdos loop. I tried at the start to use Winimage and mkisofs to make my own image with no avail. Exactly what are you (Charles) using to make the msdos image? I started with a blank floppy, ran syslinux to make it bootable, and created a disk image file of it to use for boot floppies. From that point, I mount it using the loopback driver (mount -t msdos -o loop bootdisk.bin /mnt), and simply add/remove/edit files as necessary (all this on my Debian Slink development system). Q: I can load packages out of the 'syslinux.cfg' file fine up to the 255 character line limit, which is where I'm at now. I noticed that the cd had a 'lrpkg.cfg' file in the root directory and I went to use this to bypass the character limit in 'syslinux.cfg', it will not override 'syslinux.cfg' on a stand-alone cd like it did with a config floppy. If it does, I haven't been able to figure out the right combination. Can '/lrpkg.cfg' on the cd do this? If so what is the proper way of doing it? Yes...the init scripts look to the boot device for lrpkg.cfg and pkgpath.cfg, so you simply need to make the CD-ROM the boot device. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Dachstein + pcmcia/wireless lan
Hi! i am using the LRP since a long time with my LAN connection to the Internet. Now i am helping a friend to install a WLAN router using Dachstein. I heard that there is a lrp package for pcmcia and wlan but most of the DL links go to ftp://lachniet.com/pub/lrp/ which is down... :( So i got the modules and config files from some other sites and it seamed to work... The ISA-PCMCIA card is recogniced (Ricoh) by the i82365 driver and cardmgr finds a card... But doesnet get and information about what kind of card it is... cardmgr says something like No product information availible (dont have logs now, because the PC is not here...). Another problem: i found a pcmcia.lrp package with a /etc/init.d/pcmcia startup script in the web. But this one needs fgrep. If anyone has a LRP (Dachstein, Kernel 2.2.19) compatible executable please send it to me! thx the config files should be OK i think... the problem is that the pcmcia card (a Lucent/Orinono Gold) is not recognized... but why? mabye someone has a package that worked with this hardware /etc/pcmcia/config : # Device driver definitions [...] device wvlan_cs class network module wvlan_cs [...] card Lucent Technologies WaveLAN/IEEE Adapter version Lucent Technologies, WaveLAN/IEEE bind wvlan_cs Thanks for the help! cya Daniel Peters ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] DachStein 1.0.2 - stopping martian loggin
Hi Charles, Thanks again fro all the great work on Eiger and DachStein, they are both working really well for me. After a bit of fighting and learning of ipchains, I gotten a couple of sucesses here while trying to fix some problems. The first was that I could not port forward SSH to an internal box with either Eiger or Dach. I had the proper stuff uncommented in /etc/network.conf, but it just didn't work. I ended up having to do the following: ipchains -I input -i eth0 -j ACCEPT -p tcp -s 0/0 -d 0/0 24 to get the rule early enough in the input chain to be effective. But I think this is actually too early now, since I'm bypassing some of the good input rules. My ipchains ruleset looks like this now: # ipchains -L input Chain input (policy DENY): target prot opt sourcedestination ports ACCEPT tcp -- anywhere anywhere any - 24 DENY udp -- 10.2.0.1 anywhere any - bootps DENY icmp l- anywhere anywhere redirect DENY icmp l- anywhere anywhere timestamp-request DENY icmp l- anywhere anywhere timestamp-reply DENY all l- 0.0.0.0 anywhere n/a DENY all l- 255.255.255.255 anywhere n/a DENY all l- localnet/8 anywhere n/a DENY all l- BASE-ADDRESS.MCAST.NET/4 anywhere n/a DENY all -- 10.0.0.0/8 anywhere n/a DENY all -- 172.16.0.0/12anywhere n/a DENY all -- 192.168.0.0/16 anywhere n/a DENY all l- 0.0.0.0/8anywhere n/a DENY all l- 128.0.0.0/16 anywhere n/a DENY all l- 191.255.0.0/16 anywhere n/a DENY all l- 192.0.0.0/24 anywhere n/a DENY all l- 223.255.255.0/24 anywhere n/a DENY all l- 240.0.0.0/4 anywhere n/a DENY all l- 192.168.1.0/24 anywhere n/a DENY all l- 24-240-176-224.hsacorp.net anywhere n/a REJECT all l- anywhere localnet/8n/a REJECT all l- anywhere 192.168.1.0/24n/a REJECT tcp -- anywhere anywhere any - netbios-ns REJECT tcp -- anywhere anywhere any - 135 REJECT udp -- anywhere anywhere any - netbios-ns REJECT udp -- anywhere anywhere any - 135 REJECT tcp -- anywhere anywhere any - netbios-dgm:netbios-ssn REJECT udp -- anywhere anywhere any - netbios-dgm REJECT udp -- anywhere anywhere netbios-ns:netbios-dgm - any REJECT udp -- anywhere anywhere 135 - any REJECT tcp -- anywhere anywhere netbios-ns:netbios-ssn - any REJECT tcp -- anywhere anywhere 135 - any ACCEPT tcp -- anywhere anywhere any - ssh REJECT tcp -- anywhere anywhere any - auth ACCEPT tcp -- anywhere anywhere any - 1024:65535 REJECT udp l- anywhere anywhere any - snmp:snmp-trap ACCEPT udp -- anywhere anywhere any - domain ACCEPT udp -- anywhere anywhere any - bootpc DENY udp -- anywhere anywhere any - bootps ACCEPT udp -- anywhere anywhere any - 1024:65535 ACCEPT icmp -- anywhere anywhere any - any ACCEPT ospf -- anywhere anywhere n/a DENY all l- anywhere anywhere n/a REJECT udp l- anywhere anywhere any - snmp:snmp-trap REJECT udp l- anywhere anywhere snmp:snmp-trap - any ACCEPT all -- anywhere anywhere n/a The second problem was that I was getting tons and tons of the following messages in the /var/log/[messages,kern.log,syslog] files: Dec 16 20:42:22 jfsgw kernel: Packet log: input DENY eth0 PROTO=17 10.2.0.1:67 255.255.255.255:68 L=350 S=0x00 I=22593 F=0x T=255 (#9) Dec 16 20:42:22 jfsgw kernel:
Re: [Leaf-user] Announcement - DachStein PPPoE
Just downloaded the floppy .bin , built a 1680 fd (on suse box) popped it in the Aptiva doorstop, and away we went! This is truly cookin' as a firewall. My hat goes off to all of you. I still had to replace the natsemi.o module with my own compiled a few days ago. Not sure what would be different, but my natsemi.o is about 2K bytes larger than the one that ships in your current image. (most important it works for my fa311 boards.) Alltogether a fantastic accomplishment. I am writing this from the e-e-evil windoze box, but soon we will have a more purely linux network here. Thanks again. Kenneth Hadley wrote: Announcement - DachStein PPPoE EigerStein2BETA PPPoE v.0.4 is officially discontinued from the viewpoint of its maintainer (which is me). With the release of DachStein and a combined CDROM/Floppy aproach a new Image is available from my site that contains PPPoE suport based on the DachStein v.1.02 image available at http://leaf.sourceforge.net/devel/cstein/files/diskimages/dachstein/dachstei n-v1.0.2-1680.bin Also for those who whould like to use DachStein v.1.02 CD I have instructions on my web site on how to setup the CD image with PPPoE support (these instructions are how the Diskette image on my site was created) If you would like to use either the DachStein v.1.02 PPPoe Diskette image or would like to read instructions on how to setup PPPoE with the DachStein v.1.02 CD please visit my site. http://leaf.sourceforge.net/devel/khadley/ If anyone has any problems or suggestions please hesitate to email me =) __ Kenneth Hadley LEAF developer [EMAIL PROTECTED] ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] DachStein 1.0.2 - stopping martian loggin
Great job of posting the pertinent information for debugging, John. To save bandwidth, I've snipped some of the less important stuff in my reply below. On Sun, 16 Dec 2001 20:38:51 EST John Stoffel wrote: The first was that I could not port forward SSH to an internal box with either Eiger or Dach. I had the proper stuff uncommented in /etc/network.conf, but it just didn't work. I ended up having to do the following: ipchains -I input -i eth0 -j ACCEPT -p tcp -s 0/0 -d 0/0 24 Looks like the problem is you're forwarding port 24 to port 22 (ssh) on 192.168.1.6, but, in the absence of the above rule, you are blocking port 24. More below... to get the rule early enough in the input chain to be effective. But I think this is actually too early now, since I'm bypassing some of the good input rules. Probably so. My ipchains ruleset looks like this now: # ipchains -L input Chain input (policy DENY): target prot opt sourcedestination ports ACCEPT tcp -- anywhere anywhere any - 24 [ snip ] ACCEPT tcp -- anywhere anywhere any - ssh [ snip ] Interesting bits pulled up from the network.conf I snipped out below... EXTERN_TCP_PORTS=0/0_ssh INTERN_SSH_SERVER=192.168.1.6 # Internal SSH server to make available EXTERN_SSH_PORT=24 # External port to use for internal SSH access The any - ssh ACCEPT is created by EXTERN_TCP_PORTS=0/0_ssh The correct adjustment to your network.conf settings depends on whether or not you run sshd on your firewall and allow connections from external nets. If you do, you probably want EXTERN_TCP_PORTS=0/0_24 0/0_ssh EXTERN_SSH_PORT=24 If not, you can probably leave EXTERN_TCP_PORTS alone and comment EXTERN_SSH_PORT back out like so: EXTERN_TCP_PORTS=0/0_ssh # EXTERN_SSH_PORT=24 (Note that you can still ssh to the internal address of the firewall from your internal network even if you forward port 22 on the external interface to an internal host.) The second problem was that I was getting tons and tons of the following messages in the /var/log/[messages,kern.log,syslog] files: Dec 16 20:42:22 jfsgw kernel: Packet log: input DENY eth0 PROTO=17 10.2.0.1:67 255.255.255.255:68 L=350 S=0x00 I=22593 F=0x T=255 (#9) Dec 16 20:42:22 jfsgw kernel: Packet log: input DENY eth0 PROTO=17 10.2.0.1:67 255.255.255.255:68 L=350 S=0x00 I=22595 F=0x T=255 (#9) Dec 16 20:42:49 jfsgw kernel: Packet log: input DENY eth0 PROTO=2 192.168.100.1:65535 224.0.0.1:65535 L=28 S=0xC0 I=0 F=0x T=1 (#11) Dec 16 20:44:22 jfsgw kernel: Packet log: input DENY eth0 PROTO=17 10.2.0.1:67 255.255.255.255:68 L=344 S=0x00 I=22697 F=0x T=255 (#9) Dec 16 20:44:30 jfsgw kernel: Packet log: input DENY eth0 PROTO=17 10.2.0.1:67 255.255.255.255:68 L=344 S=0x00 I=22700 F=0x T=255 (#9) Even though I had the settings to turn off the logging of martians. I I'm guessing here, but I'd bet the *IP_KRNL_LOGMARTIANS flags that I assume you're referring to only affect if the kernel spits out messages like so: Aug 17 12:49:35 systenrouter kernel: ll header: ff ff ff ff ff ff 00 50 ba b5 27 04 08 00 Aug 17 12:49:36 systenrouter kernel: martian source abcdef01 for abcdefff, dev eth1 when a packet that arrives on an interface destined for an address, broadcast or otherwise, the interface in question isn't supposed to serve. Since the five packets above are broadcast to everyone using 255.255.255.255 and 224.0.0.1, the kernel isn't really surprised to see them hitting eth0. They may not even be considered martians. (Someone who's more familiar with martians, please step in and correct me if necessary.) ended up changing the /etc/ipfilters.conf file so that in the 'stopMartians' function, I didn't bother to log packets for the RFC 1918, 1627 and 1597 blocks. I just removed the '-l' flag from those three lines, saved /etc o floppy and rebooted. You could probably achieve the same effect by adjusting the value of the SILENT_DENY variable in /etc/network.conf . [ remaining statements and questions snipped since they're *much* more in Charles' ballpark ] Hope that helps show ways you can use network.conf to achieve some of the things you did manually with ipchains. --Brad ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: [LRP] FA311
Carlos: You can find the natsemi driver on Donald Becker's site http://scyld.com, but you will need to compile it for your version of Linux. All instructions for compiling are with the driver. When I tried to use the FA311 driver that comes with the card, it would not run. It kept telling me that I must have kernel version 2.2-15. So that is why I am using the natsemi driver. Also remember to load pci-scan before natsemi. Robert Chambers CaMiX CaMiX wrote: I'm using LRP on a Pentium 90 with 16mb ram that I found in the garbage. I thought that this machine would be perfect for this type of project. Well I need some help with the drivers. The version of LRP 2.9.8 that I'm using runs off of 2.2.16-1 kernel and I can't get the module I need for this kernel. Some people have told me to use pci-scan.o (which I have) with the natsemi.o module (which I don't have). Another solution is to use Netgear's new fa311.o (version 2.0) but I can't find that compiled for the 2.2.16-1 kernel either. The other thing I don't know is if I do go with the fa311.o driver will I need to use pci-scan.o module as well? If anyone can give me some advice or just compile the code for me and put it somewhere for me to grab I would appreciate it. Or if anyone could give me some advice on how to compile the code myself that would be good to. Or if someone could also tell me what other NIC's I should go with other than these which would give me the least amount of trouble, but hey trouble can be fun as long as you learn something outta it. Thanks, CaRLoS _ Join the world's largest e-mail service with MSN Hotmail. http://www.hotmail.com ___ linux-router maillist - [EMAIL PROTECTED] http://www.linuxrouter.org/mailman/listinfo/linux-router ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Dachstein 1.0.2 with PPPoE
Is there a minimum cpu requirement for Dachstein? Since I was using a Windows machine to extract the file and create the floppy disk, I booted the floppy in the Windows machine which is a PII 400 mhz and configured Dachstein for my connection. When I booted my LRP machine with the Dachstein disk it stopped at loading Linux. My Lrp machine is a 486 DLC - 40. I know I know I need to upgrade my LRP at least to a Pentium. Ken Hadley and I have talked about the PPPoE download speed being limited by the speed of the cpu. :-[ Robert Chambers ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
RE: [Leaf-user] Dachstein 1.0.2 with PPPoE
The 486 dlc was an odd beast without an fpu. You need a kernel with built-in 387 emulation. -Richard -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Robert Chambers Sent: Sunday, December 16, 2001 8:22 PM To: leaf Subject: [Leaf-user] Dachstein 1.0.2 with PPPoE Is there a minimum cpu requirement for Dachstein? Since I was using a Windows machine to extract the file and create the floppy disk, I booted the floppy in the Windows machine which is a PII 400 mhz and configured Dachstein for my connection. When I booted my LRP machine with the Dachstein disk it stopped at loading Linux. My Lrp machine is a 486 DLC - 40. I know I know I need to upgrade my LRP at least to a Pentium. Ken Hadley and I have talked about the PPPoE download speed being limited by the speed of the cpu. :-[ Robert Chambers ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: port-forwarding DS 1.01?
On Sun, 16 Dec 2001, Jack Coates wrote: Is there a known problem with Dachstein 1.01 and port forwarding? My installation doesn't, and ls /proc/net/ip_masq makes me think it won't ever: app icmp tcp udp I'll try out the 1.02 kernel, but thought I'd ask while I'm at it. no soap here either. -- Jack Coates Monkeynoodle: A Scientific Venture... ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
