RE: [leaf-user] Martians - Why??? narp??? Backdoor??
Thanks, but no. I have identified the offending computer. What I am looking for is for more information about martians (rules that determine that there is a martian so I can track down why this packets are seen as martians) and some way to find out the offending program. My users are using M$ OSs. Until a couple of weeks ago everything was OK, so I asume a self administrator using some nice feature program. Also I would like to know if I eventually can filter out this packets. Silent deny is for tcp/udp packets and this are arp!!! Thanks -Mensaje original- De: Kelly D. Wason [mailto:[EMAIL PROTECTED]] Enviado el: Wednesday, May 01, 2002 09:20 Para: Sergio Morilla Asunto: RE: [leaf-user] Martians - Why??? narp??? Backdoor?? I ran into this problem one time when I inadvertently connected eth0 back to my hub on the private network (I think that is what I did-- anyway it was a cabling problem) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sergio Morilla Sent: Tuesday, April 30, 2002 6:47 AM To: Leaf-user@lists. sourceforge. net (E-mail) Subject: [leaf-user] Martians - Why??? narp??? Backdoor?? Hi, I have a very long rate of this martians in my logs. Apr 30 08:08:06 tptrtr kernel: martian source for ff01a8c0, dev eth1 Apr 30 08:08:06 tptrtr kernel: ll header: ff ff ff ff ff ff 00 50 04 a4 f2 09 08 00 Translated ff01a8c00.0.0.0 for 192.168.1.255 ff ff ff ff ff ff 00 50 04 a4 f2 09 08 00(TCP) Why is this a martian??? I guess it´s for the source address. Is this right?? If not, why?? I've tracked down the offending machine. How do I get the program generating them??? Using Etherape I managed to track this packets as narp (NBMA Address Resolution Protocol RFC1735)packets. NBMA stands for Non-Broadcast, Multi-Access !!! Any hints on what this may be?? Any backdoor??? Hao can I just ignore this packets so the not fill my logs??? -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] network design
Hi! I have a question considering the setup up of my network. I am running a linux box which is acting as both a server to several diskless X-terminals (www.ltsp.org rules ;) and as a samba server to a single windows host. I used a dedicated box running eigerstein beta2 for internat access via dialup modem connection. Now I am going to switch to an ADSL connection, which made me reconsider my setup, since the default setup will include a USB modem (and the gateway box is a 486dx without USB). Old setup: __ | dialup internet connection | | on LEAF-Box| -- | | --- | Hub |-[samba/X-Apps server] | | | |-[windows host] | | | |-[X-Terminal host] | | | |-[another X-Terminal host] | | | |-[...] --- What I was thinking about (especially since the cabling is a little complicated, since hosts are spread around in 3 rooms) is the following setup: alternative 1: _ | ADSL access via USB Modem | - | | __ | samba/X-app server | ||-eth0--[windows client (doesn't need inet access] -- | eth1 | --- | Hub | | |-[X-Terminal host] | | | |-[another X-Terminal host] | | | |-[...] --- This would obviously have the advantages: a) windows host physically on different subnet (can firewall off anything except samba access) b) terminals on different subnet (can firewall off anything except X-traffic and ftp access to X-Terminal floppys) disadvantage: linux client apps running on gateway machine alternative 2: _ | ADSL access via USB Modem | - | | __| | LEAF box (optional) |---eth0--[windows host (without internet access] | | | |---eth1--[samba/X-app server] --- | | eth2 | --- | Hub | | |-[X-Terminal host] | | | |-[another X-Terminal host] | | | |-[...] --- this obviously includes the advantages of (1), however could mean that I will either need another NIC and more expensively a LEAF box with USB or a maybe troublesome to get ethernet connected ADSL modem and yet another NIC. Please give me opinions if you think the alternatives are better that my current setup (I am almost sure ;) and if the second one is worthwhile or if you have other suggestions. thanks Fabian -- Fabian Linzberger - mobile: ++4369919568768 mail: [EMAIL PROTECTED] - icq: 102927865 - jabber: [EMAIL PROTECTED] Fighting for Socialism: www.worldsocialist-cwi.org - www.slp.at Do yourself a favor - use and support Debian GNU/Linux - www.debian.org ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [Leaf-user] Packages (.lrp) list updated
On Wed, 2002-05-01 at 13:36, Kim Oppalfens wrote: At 21:31 12/04/2002, Mike Noyes wrote: Hi everyone, I just finished adding descriptions versions original webpage for all the packages on the html list. Kim, Great. :-) Your hard work has saved me considerable time. You can see the results here: http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/bin/packages/glibc-2.0/ I can quite easily convert the excell sheet to a comma seperated value list and will probably send it in this way to mike so that he can add his glibc data. Please send me a CSV copy off list. Thanks again for taking the time to do this. :-) -- Mike Noyes [EMAIL PROTECTED] http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] [OT] Recommendations for minimal Linux?
Sorry to be (way) off topic here, but I was wondering if anyone on this list has any experience to share on the subject of minimal linux versions, for something other than routing/firewall purposes? Not that far off topic. The F (or Firewall) part of LEAF (Linux Embedded Appliance Firewall) was never cast in stone, and there's actually been discussion on the developer list about changing it to Foundation or Framework or similar. This hasn't happened mainly because of the political issues with changing a SF Project's stated purpose once it's created. I'm currently engaged in a project to control an external piece of equipment via the parallel port. For this purpose I'm going to set up an old 486 (or whatever), stripped of everything but: A floppy drive One NIC Sounds like a pretty basic system. I hope there's a CPU and some memory! :-) -at this point I have the external equipment built (basically a stepper motor, and two switches). I have the (electronic) interface to the parport ready. As well as the c-routines to access the stuff. Now, before I press on and start programming, I'd like to get the controlling host set up. And this is where I'd like some input: Most of the minimal Linuces I'm aware of, are of the 'router/firewall' or 'rescue system' variety. So is anyone aware of a version that is already oriented towards the role of 'device-controller'? I think you're barking up the wrong tree to some extent. Your software turns a linux platform into a device controller for your device, so rather than a linux optimized for controlling devices, you need a linux version that suits both your software, and the hardware environment available...more on this in a bit... Alternatively, does someone have any bright ideas, towards adapting something like f.x. Dachstein for my purpose? Traits I'm looking for: - Must fit on a single (possibly superformatted) floppy. - Should provide some sort of shell (until I get around to turning the programs into C or something, everything will be scripts) - (preferrably) some kind of webserver (for the purpose of making certain variables accessible/changeable, from machines on the LAN) The first two traits describe the linux platform you need. Pretty much *ANY* of the firewall/rescue type floppy disk linux's should work well for you with a bit of customization. The only thing that makes Dachstein a firewall release, is the fact that there are some network scripts run at init that configure a bunch of networking stuff, and build a firewall ruleset. You can easily completely disable *ALL* firewall rule generation in network.conf, or remove the firewall setup scripts entirely, replacing the whole thing with a simple script to configure your one interface (or just launch a dhcp client, if you've got a dhcp server on your LAN). Anyway, when looking at the various single-disk linux options, there are a few things you might want to check for that could make your job easier: init: Some of the single-disk linux disto's come with a customized or minimal version of init. Dachstein (and all other LEAF disto's, AFAIK) comes with standard SysV init, and supports the /etc/rc?.d runlevel directories, making it easy to get your custom program(s) running automatically. cron: Since you're talking about an alarm type function, you may find cron handy if you don't want to keep track of time in your application. Again, cron is included on Dachstein and other LEAF disto's. Runtime Environment: You only mention the requirement for a shell, but there are probably other things you need as well. Look for a disto that contains any particular applications (sed, grep, cut, whatever) you require, and any particular libraries your code needs access to. You can add these yourself if something is missing, but ideally you want as much as possible included out of the box. I think Dachstein, Bering, Oxygen, and most any of the myriad other single-disk disto's would likely work fine for your application. I'd probably pick one based on either your current experience (ie stick with what you know), or what you would like to learn (ie I've been itching to try out that Bering release). In short, what I want is to create a mechanism that will emulate the sunrise, by slowly opening the blind, and thus (hopefully) more gently awake at 'dawn'... Any thoughts/ideas/advice welcome You might also want to consider using some X-10 controllers, and slowly turning on a light (or lights). You can get all the bits pieces at radio-shack, and you can still controll it with linux... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing
Re: [leaf-user] Martians - Why??? narp??? Backdoor??
Well, /usr/src/linux/net/ipv4/route.c implements the rules, but won't help tell you what is generating the martians. For that, don't you need a packet sniffer like tcpdump? -Richard On Thursday 02 May 2002 05:16 am, Sergio Morilla wrote: Thanks, but no. I have identified the offending computer. What I am looking for is for more information about martians (rules that determine that there is a martian so I can track down why this packets are seen as martians) and some way to find out the offending program. My users are using M$ OSs. Until a couple of weeks ago everything was OK, so I asume a self administrator using some nice feature program. Also I would like to know if I eventually can filter out this packets. Silent deny is for tcp/udp packets and this are arp!!! Thanks -Mensaje original- De: Kelly D. Wason [mailto:[EMAIL PROTECTED]] Enviado el: Wednesday, May 01, 2002 09:20 Para: Sergio Morilla Asunto: RE: [leaf-user] Martians - Why??? narp??? Backdoor?? I ran into this problem one time when I inadvertently connected eth0 back to my hub on the private network (I think that is what I did-- anyway it was a cabling problem) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sergio Morilla Sent: Tuesday, April 30, 2002 6:47 AM To: Leaf-user@lists. sourceforge. net (E-mail) Subject: [leaf-user] Martians - Why??? narp??? Backdoor?? Hi, I have a very long rate of this martians in my logs. Apr 30 08:08:06 tptrtr kernel: martian source for ff01a8c0, dev eth1 Apr 30 08:08:06 tptrtr kernel: ll header: ff ff ff ff ff ff 00 50 04 a4 f2 09 08 00 Translated ff01a8c00.0.0.0 for 192.168.1.255 ff ff ff ff ff ff 00 50 04 a4 f2 09 08 00(TCP) Why is this a martian??? I guess it´s for the source address. Is this right?? If not, why?? I've tracked down the offending machine. How do I get the program generating them??? Using Etherape I managed to track this packets as narp (NBMA Address Resolution Protocol RFC1735)packets. NBMA stands for Non-Broadcast, Multi-Access !!! Any hints on what this may be?? Any backdoor??? Hao can I just ignore this packets so the not fill my logs??? -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Martians - Why??? narp??? Backdoor??
Thanks!!! I'll look into route.c to see why are they being generated!! Does anybody know how to discard them so the don't show in hte logs. excerpt from /etc/network.conf # Kernel logging of spoofed packets by default for interfaces - YES/NO DEF_IP_KRNL_LOGMARTIANS=YES # Kernel logging of spoofed packets on this interface - YES/NO eth0_IP_KRNL_LOGMARTIANS=YES /excerpt Set the default and/or per-interface flags to NO to control martian logging. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] just checking - firewall
I know this is probably a very elementary question, but I want to verify. If I want to use the LEAF without any firewall properties all I have to do is change the line IPFILTER_SWITCH=FIREWALL to IPFILTER_SWITCH=NONE in network.conf ? Correct? Thanks, David ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] THANK YOU!
Hello, I just wanted to say thanks to all of the people, but especially Charles and Lynn, who have helped me in creating a single floppy, Dachsein based, VPN capable, DHCP(client and server ) and DNS(cache and authoritative), firewall. I know this is a duplication of Lynn's work, but I felt that if I was to support it I should know enough about it to build it on my own. Anyway...Thank You Jason L. Massey ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Martians - Why??? narp??? Backdoor??
Charles, This would disable martian loggin, and I would like to retain the ability of loggin martians, but I have this computer storming my network and filling my logs. I was able to track down the offending machine, so I would like to do something like SILENT_DENY but for this narp packets while I continue trying to find out the offending program. Thanks Any Thoughts?? -Mensaje original- De: Charles Steinkuehler [mailto:[EMAIL PROTECTED]] Enviado el: Thursday, May 02, 2002 16:12 Para: Sergio Morilla CC: Leaf-user@lists. sourceforge. net (E-mail) Asunto: Re: [leaf-user] Martians - Why??? narp??? Backdoor?? Thanks!!! I'll look into route.c to see why are they being generated!! Does anybody know how to discard them so the don't show in hte logs. excerpt from /etc/network.conf # Kernel logging of spoofed packets by default for interfaces - YES/NO DEF_IP_KRNL_LOGMARTIANS=YES # Kernel logging of spoofed packets on this interface - YES/NO eth0_IP_KRNL_LOGMARTIANS=YES /excerpt Set the default and/or per-interface flags to NO to control martian logging. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Martians - Why??? narp??? Backdoor??
This would disable martian loggin, and I would like to retain the ability of loggin martians, but I have this computer storming my network and filling my logs. I was able to track down the offending machine, so I would like to do something like SILENT_DENY but for this narp packets while I continue trying to find out the offending program. I'm not sure if ipchains input rule gets the packets before the kernel flags it as a martian, but I think it does. If so, a simple ipchains -I input -j DROP details command will get rid of the log issues temporarily. Obviously, setup details to match the narp packets (ie source IP, protocol number, port number). Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering bootable cd (Help)
Hi all, I am trying to create a bering bootable cd, but can't quite get it to work. I must admit that I created my own kernel which probably doesn't make life easier. I created the initrd.lrp myself and have done everything in the users manual to create the cd. So far, I managed to get the cd to boot, but I am still having to problems. When loading the ide-probe-mod module I get a message stating that ide0 ide1 are already busy that probe is as a result skipped. (this could be because I compiled quite some idestuff in the kernel) Btw the new kernel was necessary to boot from flashmodule from apacer which is an idedrive. At the end of /boot/etc/modules isofs.o is trying to load. I said trying, because it is failing stating insmod: init_modules isofs.o device or resource busy Afterwards I get the tempfs linuxrc Installing packages : (all my packages are the (nf!) or not found I get a kernel panic stating that I tried to kill init. If I use all the same .lrp files kernel on the flash module everything runs fine except for the above mentioned ide-probe isofs problem. Which isn't a real concern when booting from the module. Any help greatly appreciated. Kim ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering bootable cd (Help)
Hello Kim I am trying to create a bering bootable cd, but can't quite get it to work. I must admit that I created my own kernel which probably doesn't make life easier. I created the initrd.lrp myself and have done everything in the users manual to create the cd. So far, I managed to get the cd to boot, but I am still having to problems. When loading the ide-probe-mod module I get a message stating that ide0 ide1 are already busy that probe is as a result skipped. (this could be because I compiled quite some idestuff in the kernel) Try to remove or uncomment the modules. Btw the new kernel was necessary to boot from flashmodule from apacer which is an idedrive. At the end of /boot/etc/modules isofs.o is trying to load. I said trying, because it is failing stating insmod: init_modules isofs.o device or resource busy Did you use your own created modules, or did you download the modules ( in that case you could have a problem due to the fact that the modules on the bering site, are from a patched kernel. Afterwards I get the tempfs linuxrc Installing packages : (all my packages are the (nf!) or not found I get a kernel panic stating that I tried to kill init. It seems that your cdrom is not recognized that reason the packages are not found. If I use all the same .lrp files kernel on the flash module everything runs fine except for the above mentioned ide-probe isofs problem. Which isn't a real concern when booting from the module. I expect that you included the flash rom ide support in the kernel itself. After you boot from the ide-rom, can you mount the cdrom or at least try to insmod the modules from boot/lib one by one and try to mount the cdrom then. Perhaps a conflict betweeen the ide driver for the cdrom and the disk ( Master slave conflict ? ) Hope I have given you a few hints where you might look for a solution. Any help greatly appreciated. Kim regards to all Eric Wolzak Member of the Bering Crew http://leaf.sf.net/devel/jnilo/bering http://leaf.sf.net/devel/ericw ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: lrp fax package
On Thu, 2 May 2002, Heinz Bruederlin wrote: Hello Jack, is there any LRP Package to receive Faxes on a ISDN-Card or Fax-Modem ? Thanks Heinz I don't know. Your best bet is the leaf-user list; I've cc'd them. -- Jack Coates Monkeynoodle: A Scientific Venture... ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Symbol spectrum24 2Mbps wireless card package?
Has anyone compiled or know of a LRP package for Symbol spectrum24 2Mbps wireless card? Thought I should ask before I re-invent the so called wheel. Can't find anything searching Google. thanks Steve Nicholson ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Help with LaBrea - is it working?
Hello, I just finished installing LaBrea in my Dachstein firewall, and I'm not sure it's actually working. Can someone help? The install seemed to go smoothly, and it seems to be running, but I'm not getting any messages in syslog when a port scan comes in. Just the usual: May 2 03:27:23 firewall kernel: Packet log: input DENY eth0 PROTO=6 66.13.219.74:3816 66.92.149.119:80 L=48 S=0x00 I=31217 F=0x4000 T=114 SYN (#40) May 2 03:27:26 firewall kernel: Packet log: input DENY eth0 PROTO=6 66.13.219.74:3816 66.92.149.119:80 L=48 S=0x00 I=31660 F=0x4000 T=114 SYN (#40) Shouldn't there be some activity from LaBrea on this type of scan? The version I installed was obtained from Charles Steinkuehler's site - v. 2.2, I believe. I followed the advice and installed ifconfig.lrp and made sure eth0 went into promiscuous mode. Here's an excerpt from my boot up syslog: May 1 23:43:07 firewall /usr/sbin/LaBrea: Initiated on interface eth0 May 1 23:43:07 firewall kernel: LaBrea uses obsolete (PF_INET,SOCK_PACKET) May 1 23:43:07 firewall kernel: device eth0 entered promiscuous mode May 1 23:43:07 firewall kernel: device eth0 left promiscuous mode May 1 23:43:09 firewall kernel: device eth0 entered promiscuous mode If I do a ps -ef, I get 822 root S /usr/sbin/LaBrea -i eth0 -l -p 8 -z which says to me LaBrea is running with logging turned on. I didn't mess with any of the settings in /etc/init.d/LaBrea - just used whathever was there already. For reference, my kernel is: Linux version 2.2.19-3-LEAF (root@debian) (gcc version 2.7.2.3) #1 Sat Dec 1 12:15:05 CST 2001 Can someone shed some light? Thanks! Jabez __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Sentinel IPSec RSASIG questions (easy???)
Howdy, I got the pre-shared key to work, so of course now it is time to fix what's working and try RSA. Ok, just a few simple questions I hope: 1) Sentinel: Once a certificate is generated with an associated name, and I export the public key, when it is put into ipsec.conf, do I put an 0s or 0x in front of it (I suspect an 0s - zero s that is)? 2) Dachstein IPSec: If I understand this correctly, is the hostname of the machine somehow encoded into the public/private key pair? And if so, how do I control the name - I presume it should be an FQDN... I guess I could just change the hostname to the FQDN... I am also presuming that I have to set leftid (points to the local subnet). 3) If you are not using a CA, does it really matter what the FQDN is? Does IPSec at any time check it against a DNS if it has a @ prefix? Thanks for your patience and help, Jon ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering bootable cd (Help)
Comments inline Try to remove or uncomment the modules. Ok I' ll try that and see what happens. Btw the new kernel was necessary to boot from flashmodule from apacer which is an idedrive. At the end of /boot/etc/modules isofs.o is trying to load. I said trying, because it is failing stating insmod: init_modules isofs.o device or resource busy Did you use your own created modules, or did you download the modules ( in that case you could have a problem due to the fact that the modules on the bering site, are from a patched kernel. I used downloaded versions, but I used the same patches for the kernel so I don't think that is the problem, especially in combination with the next comment. (read on) Afterwards I get the tempfs linuxrc Installing packages : (all my packages are the (nf!) or not found I get a kernel panic stating that I tried to kill init. It seems that your cdrom is not recognized that reason the packages are not found. If I use all the same .lrp files kernel on the flash module everything runs fine except for the above mentioned ide-probe isofs problem. Which isn't a real concern when booting from the module. I expect that you included the flash rom ide support in the kernel itself. After you boot from the ide-rom, can you mount the cdrom or at least try to insmod the modules from boot/lib one by one and try to mount the cdrom then. Perhaps a conflict betweeen the ide driver for the cdrom and the disk ( Master slave conflict ? ) Hope I have given you a few hints where you might look for a solution. After I boot all modules are loaded (according to lsmod) except for isofs.o. If i try to insmod isofs.o I get the same problem, but a mount -t iso9660 /dev/cdrom /mnt works like a charm. So I think I can conclude that there is nothing wrong with the modules, can't I? I am affraid this also rules out master/slave problems. Correction this definitely rules out master/slave since flashrom is on ide channel 0 cdrom on ide channel 1. I didn't include ideflash support in the kernel by the way, the apacer module uses the ide specifiaction and does not need anything special to work. Kim - This mail sent through Tiscali Webmail (http://webmail.tiscali.be) ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: lrp fax package
Aanhalen Jack Coates [EMAIL PROTECTED]: On Thu, 2 May 2002, Heinz Bruederlin wrote: Hello Jack, is there any LRP Package to receive Faxes on a ISDN-Card or Fax-Modem Yes there is, check http://leaf-project.org/devel/ddouthitt/packages/efax.lrp Have fun. Kim ? Thanks Heinz I don't know. Your best bet is the leaf-user list; I've cc'd them. -- Jack Coates Monkeynoodle: A Scientific Venture... ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html - This mail sent through Tiscali Webmail (http://webmail.tiscali.be) ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html