Re: [leaf-user] Question about Dynamic DNS
At 02:07 5/05/2002, John Desmond wrote: I' ll tell you what I eventually did in a minute, but first I would like to stress that they are not to strict about their rule. That means they don't block your account after 1 or even 5 identical updates. The rule is their so that you don't write a script to update your ip every half an hour even if it hasn't changed. So unless you are planning to reboot quite often it isn't that much of a problem. (If you are planning to test some configuration changes you could disable ez-ipupdate for a while. This being said I went on looking for a clean solution eventually used the feature of ez-ipupdate to launch a program after every succesfull update. I wrote a script that will make a backup of the ez-ipupdate package every time ez-ipupdate updates my ip. This backup includes the cache file ez-ipupdate is using so the cache file will automaticly be restrored upon reboot. Kim I just got myself an account on dyndns.org and, as I wait for the FQDN to waft through the world's DNS servers, I thought I might ask how others have avoided dyndns abuse. They say they'll block your name if you automatically update their server with the same ip you had last time. I noticed that when I reboot the router I often receive the same ip as I had before. I guess ez-ipupdate caches the ip, but that gets lost on the reboot (ESBeta2). Has anyone developed some script to compare the interface ip to an ip received from a web-based ip checker before calling ez-ipupdate? -John __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] surge protection for UTP
Dan Lanciani suggested using fber optics -thank you for your efforts. That would be out of my budget, besides I have a WAP11 at the other end - would require a 'fiber to UTP' adaptor -making it further out of reach. The 'grounding solution' suggested below seems to have 2 problems, your advise will be valued: a. Running the cable underground will have no effect on reducing surge generated by near by lightening. b. Shielding a UTP cable will reduce the usable length of the cable to such an extent that my 100m will not work. Please correct me. I was hoping to build a 'home made' surge protector that I would use at both ends of the cable -something made of simple zener diods and fast melting fuses (and eventually small coils). If it is possible to buy it in the industrielised countries, we should be able to build it in a third world country. That was long, thanks for your patience. Milla --- John Desmond [EMAIL PROTECTED] wrote: Milla- Any chance you could run the cable underground or in a grounded pipe like for power cabling? -John --- Milla Yegurku [EMAIL PROTECTED] wrote: Hello everybody I run about 100m of UTP cable between LEAF router and my HUB. The cable is run out in the open space and is pron to frequent lightening. I live in a place where I can not buy commercial surge protectors for UTP. I am worried that the surge developped in the cable will destroy the equipment(s). Do any of you have any idea how I could build and use such devices with commonly available electronic components? Do you have any suggestions? Thankyou Milla __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering rc2 and scp
Jacques You are right -the log shows user connected and nothing more. That also proves the firewall not blocking the connection. Besides, ssh sessions do not have any problem in either versions. The client side gives up after 30s or so. May it an WinScp32 issue.. but then I reload your rc1 and like magic, it works. Annoying is not it? I use the same copy of sshd config file for both versions of Bering. Regards Milla --- Jacques Nilo [EMAIL PROTECTED] wrote: Milla Yegurku wrote: Hello everybody I could scp into Bering rc1. It would not work anymore with rc2. Why? user gets logged in OK and then it times out. I will appreciate help. I have no pb using scp here. Should work without any adjustment since by default the shorewall rules file allows connection from loc to fw on port 22 scp is used to transfer files not to get access to the router. For this function you have to use ssh. Any confusion at this stage ? If not what says syslog ? Jacques __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Module finder??
Hi all, Just wondering if a module finder service exists? Supposedly I have some sort of nic, which doesn't come with a linux module and the website of the manufacturer doesn't mention anything about linux neither. How would I go about finding the correct module? Does a list or search engine for such a thing exists? Or would I do what I usually do in Linux trouble and ask this or some other list? PS: It is just a hypothetical question, I am thinking about doing a presentation about leaf installation at work, and would like to find a nice solution for this problem. (Since I think it is the most difficult part in the installation if you don't have one of the standard modules included in most branches.) Kim Oppalfens MCT AZLAN -- Training ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] PPP over ATM with ADSL PCI card
It looks like I'm much closer now. Here is the syslog May 5 11:39:22 firewall kernel: PPP generic driver version 2.4.1 May 5 11:39:22 firewall kernel: PPP Deflate Compression module registered May 5 11:39:22 firewall kernel: HDLC line discipline: version $Revision: 3.3 $, maxframe=4096 May 5 11:39:22 firewall kernel: N_HDLC line discipline registered. May 5 11:39:22 firewall kernel: PPP BSD Compression module registered May 5 11:39:22 firewall kernel: unicorn_atm: unicorn $Revision: 0.2.3 $ time 09:17:44 May 5 2002 May 5 11:39:22 firewall kernel: unicorn_pci: unicorn_pci $Revision: 0.2.3 $ time 09:15:32 May 5 2002 May 5 11:39:22 firewall kernel: unicorn_pci: MSW parameters: May 5 11:39:22 firewall kernel: ActivationMode=4 May 5 11:39:22 firewall kernel: ActTimeout=1 May 5 11:39:22 firewall kernel: AutoActivation=1 May 5 11:39:22 firewall kernel: DebugLevel=0 May 5 11:39:22 firewall kernel: DownstreamRate=1 May 5 11:39:22 firewall kernel: unicorn_pci: ExchangeDelay=10 May 5 11:39:22 firewall kernel: FmPollingRate=1000 May 5 11:39:22 firewall kernel: g_RefGain=32 May 5 11:39:22 firewall kernel: g_Teqmode=7 May 5 11:39:22 firewall kernel: InitTimeout=2 May 5 11:39:22 firewall kernel: Interoperability=0 May 5 11:39:22 firewall kernel: unicorn_pci: LCD_Trig=15000 May 5 11:39:22 firewall kernel: LOS_LOF_Trig=5000 May 5 11:39:22 firewall kernel: LoopbackMode=0 May 5 11:39:22 firewall kernel: MswDebugLevel=2 May 5 11:39:22 firewall kernel: RetryTime=5000 May 5 11:39:22 firewall kernel: TrainingDelay=100 May 5 11:39:22 firewall kernel: unicorn_pci: useRFC019v=0 May 5 11:39:22 firewall kernel: useRFC029v=0 May 5 11:39:22 firewall kernel: useRFC040v=0 May 5 11:39:22 firewall kernel: useRFC041v=1 May 5 11:39:22 firewall kernel: unicorn_pci: useRFCFixedRate=1 May 5 11:39:22 firewall kernel: useVCXO=1 May 5 11:39:22 firewall kernel: _no_TS652=0 May 5 11:39:22 firewall kernel: unicorn_pci: driver parameters: DebugLevel=0 May 5 11:39:22 firewall kernel: unicorn_msw: FmPollingRate=1000ms,InitTimeout=2ms,ActTimeout=1 May 5 11:39:22 firewall kernel: unicorn_msw: AMU: ECI PATCH DISABLED May 5 11:39:22 firewall kernel: unicorn_msw: AFE MODE: 70134 May 5 11:39:22 firewall kernel: unicorn_pci: AdslStatus=1 May 5 11:39:22 firewall kernel: unicorn_msw: Current Modem State (3): ACTIVATING May 5 11:39:22 firewall kernel: unicorn_pci: MSW state: ACTIVATING May 5 11:39:22 firewall kernel: unicorn_msw: Event Reported (3): Initializing May 5 11:39:22 firewall kernel: unicorn_pci: MSW event: TO INITIALIZING May 5 11:39:22 firewall kernel: eth0: Setting 100mbps full-duplex based on auto-negotiated partner ability 45e1. May 5 11:39:22 firewall kernel: atm_connect (TX: cl 1,bw 0-0,sdu 16386; RX: cl 1,bw 0-0,sdu 1502,AAL 5) May 5 11:39:22 firewall kernel: unicorn_atm: ESI=00:f4:bc:6f:26:c9 May 5 11:39:23 firewall kernel: unicorn_msw: Current Modem State (6): INITIALIZING May 5 11:39:23 firewall kernel: unicorn_pci: MSW state: INITIALIZING May 5 11:39:25 firewall kernel: unicorn_msw: useRFCFixedRate (1) ENABLED: deactivate the RA mode in DMT mode May 5 11:39:29 firewall root: Shorewall Started May 5 11:39:29 firewall /usr/sbin/cron[1698]: (CRON) INFO (pidfile fd = 3) May 5 11:39:30 firewall /usr/sbin/cron[1702]: (CRON) STARTUP (fork ok) May 5 11:39:30 firewall kernel: unicorn_pci: upRate=679cells/s,downRate=1358cells/s May 5 11:39:30 firewall kernel: unicorn_pci: AdslStatus=1 May 5 11:39:30 firewall kernel: unicorn_msw: Event Reported (4): Showtime May 5 11:39:30 firewall kernel: unicorn_pci: MSW event: AMSW SHOWTIME May 5 11:39:30 firewall kernel: unicorn_msw: Current Modem State (9): SHOWTIME_L0 May 5 11:39:30 firewall kernel: unicorn_pci: MSW state: SHOWTIME L0 May 5 11:39:31 firewall pppd[713]: ioctl(PPPIOCSDEBUG): Invalid argument May 5 11:39:31 firewall pppd[713]: Connect: -- 0.38 May 5 11:39:31 firewall pppd[713]: ioctl(SIOCSIFMTU): Operation not supported by device May 5 11:39:31 firewall pppd[713]: Exit. May 5 11:39:31 firewall kernel: unicorn_atm: upstream_rate=287 Kbits/s,downstream_rate=575 Kbits/s May 5 11:39:39 firewall kernel: unicorn_msw: Bringing down line due to persistent: May 5 11:39:39 firewall kernel: unicorn_msw: NEAR_LOS = 5/NEAR_LCD = 5/NEAR_LCDI = 0 May 5 11:39:39 firewall kernel: FAR_LOS = 0 FAR_LCDI = 0 FAR_LCDNI = 0 May 5 11:39:39 firewall kernel: unicorn_pci: AMU_EVENT_SHUTDOWN May 5 11:39:42 firewall kernel: unicorn_pci: AdslStatus=2 May 5 11:39:43 firewall kernel: unicorn_pci: AdslStatus=1 May 5 11:39:43 firewall kernel: linrapi.c : xq_receive: no msg May 5 11:39:43 firewall kernel: unicorn_msw: Current Modem State (0): IDLE May 5 11:39:43 firewall kernel: unicorn_pci: MSW state: IDLE May 5 11:39:48 firewall kernel: unicorn_msw: AFE MODE: 70134 May 5 11:39:48 firewall kernel: unicorn_pci: AdslStatus=1 May 5 11:39:48 firewall kernel: unicorn_msw: Current Modem State (3): ACTIVATING May 5 11:39:48 firewall
RE: [leaf-user] Module finder??
How would I go about finding the correct module? Does a list or search engine for such a thing exists? I usually use this website to find the correct module. http://www.tldp.org/HOWTO/Ethernet-HOWTO-4.html I search for the manufacturer or the number on the chip. Example: 82557 gives me eepro100 --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP key is at: http://www.minola.ch/pgp/sminola.asc --- ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] PPP over ATM with ADSL PCI card
Le Dimanche 5 Mai 2002 14:34, Dave Anderson a écrit : It looks like I'm much closer now. Here is the syslog snip Then after ifdown ppp0;ifup ppp0 May 5 11:46:49 firewall pppd[1871]: Plugin /usr/lib/pppd/pppoatm.so loaded. May 5 11:46:49 firewall pppd[1871]: PPPoATM plugin_init May 5 11:46:49 firewall pppd[1871]: PPPoATM setdevname_pppoatm May 5 11:46:49 firewall pppd[1871]: PPPoATM setdevname_pppoatm - SUCCESS May 5 11:46:49 firewall pppd[1872]: pppd 2.4.0 started by root, uid 0 May 5 11:46:49 firewall kernel: atm_connect (TX: cl 1,bw 0-0,sdu 16386; RX: cl 1,bw 0-0,sdu 1502,AAL 5) May 5 11:46:49 firewall kernel: unicorn_atm: ESI=00:3c:10:cf:4e:d2 May 5 11:46:49 firewall kernel: unicorn_atm: upstream_rate=287 Kbits/s,downstream_rate=575 Kbits/s OK your DSL connection seems established :-) May 5 11:46:49 firewall pppd[1872]: ioctl(PPPIOCSDEBUG): Invalid argument May 5 11:46:49 firewall pppd[1872]: Connect: -- 0.38 May 5 11:46:49 firewall pppd[1872]: ioctl(SIOCSIFMTU): Operation not supported by device May 5 11:46:49 firewall pppd[1872]: Exit. OK the pb seems to be concentrated on ppp now switch to the b2 version. But rename it pppatm.lrp before using it... and let be know Jacques ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] PPP over ATM with ADSL PCI card
That version of pppd seems to working OK. May 5 13:11:59 firewall pppd[1742]: Plugin /usr/lib/pppd/pppoatm.so loaded. May 5 13:11:59 firewall pppd[1742]: PPPoATM plugin_init May 5 13:11:59 firewall pppd[1742]: PPPoATM setdevname_pppoatm May 5 13:11:59 firewall pppd[1742]: PPPoATM setdevname_pppoatm - SUCCESS May 5 13:11:59 firewall pppd[1743]: pppd 2.4.0b1 started by root, uid 0 May 5 13:11:59 firewall kernel: atm_connect (TX: cl 1,bw 0-0,sdu 16386; RX: cl 1,bw 0-0,sdu 1502,AAL 5) May 5 13:11:59 firewall kernel: unicorn_atm: ESI=00:e4:be:78:52:4d May 5 13:12:03 firewall kernel: unicorn_pci: upRate=679cells/s,downRate=1358cells/s May 5 13:12:03 firewall kernel: unicorn_pci: AdslStatus=1 May 5 13:12:03 firewall kernel: unicorn_msw: Event Reported (4): Showtime May 5 13:12:03 firewall kernel: unicorn_pci: MSW event: AMSW SHOWTIME May 5 13:12:03 firewall kernel: unicorn_msw: Current Modem State (9): SHOWTIME_L0 May 5 13:12:03 firewall kernel: unicorn_pci: MSW state: SHOWTIME L0 May 5 13:12:04 firewall kernel: unicorn_atm: upstream_rate=287 Kbits/s,downstream_rate=575 Kbits/s May 5 13:12:04 firewall pppd[1743]: using channel 3 May 5 13:12:04 firewall pppd[1743]: Using interface ppp0 May 5 13:12:04 firewall pppd[1743]: Connect: ppp0 -- 0.38 May 5 13:12:12 firewall kernel: unicorn_msw: Bringing down line due to persistent: May 5 13:12:12 firewall kernel: unicorn_msw: NEAR_LOS = 5/NEAR_LCD = 5/NEAR_LCDI = 0 May 5 13:12:12 firewall kernel: FAR_LOS = 0 FAR_LCDI = 0 FAR_LCDNI = 0 May 5 13:12:12 firewall kernel: unicorn_pci: AMU_EVENT_SHUTDOWN # cat /proc/net/atm/UNI* ADSL: status ATM ready, modem state SHOWTIME L0, US rate 287Kbits/s, DS rate 575Kbits/s Bridged: 00:19:ba:51:14:33 AAL5: tx 2859 ( 0 err ), rx 2852 ( 0 err, 0 drop ) I think this is as far as I'll get with the BT test account. I'm going to switch my dial-up over to adsl now, so I'll be disappearing from the internet for a while. Hopefully not too long ;-) thanks a lot for the help Dave - Original Message - From: Jacques Nilo [EMAIL PROTECTED] To: Dave Anderson [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Sunday, May 05, 2002 1:53 PM Subject: Re: [leaf-user] PPP over ATM with ADSL PCI card Le Dimanche 5 Mai 2002 14:34, Dave Anderson a crit : It looks like I'm much closer now. Here is the syslog snip Then after ifdown ppp0;ifup ppp0 May 5 11:46:49 firewall pppd[1871]: Plugin /usr/lib/pppd/pppoatm.so loaded. May 5 11:46:49 firewall pppd[1871]: PPPoATM plugin_init May 5 11:46:49 firewall pppd[1871]: PPPoATM setdevname_pppoatm May 5 11:46:49 firewall pppd[1871]: PPPoATM setdevname_pppoatm - SUCCESS May 5 11:46:49 firewall pppd[1872]: pppd 2.4.0 started by root, uid 0 May 5 11:46:49 firewall kernel: atm_connect (TX: cl 1,bw 0-0,sdu 16386; RX: cl 1,bw 0-0,sdu 1502,AAL 5) May 5 11:46:49 firewall kernel: unicorn_atm: ESI=00:3c:10:cf:4e:d2 May 5 11:46:49 firewall kernel: unicorn_atm: upstream_rate=287 Kbits/s,downstream_rate=575 Kbits/s OK your DSL connection seems established :-) May 5 11:46:49 firewall pppd[1872]: ioctl(PPPIOCSDEBUG): Invalid argument May 5 11:46:49 firewall pppd[1872]: Connect: -- 0.38 May 5 11:46:49 firewall pppd[1872]: ioctl(SIOCSIFMTU): Operation not supported by device May 5 11:46:49 firewall pppd[1872]: Exit. OK the pb seems to be concentrated on ppp now switch to the b2 version. But rename it pppatm.lrp before using it... and let be know Jacques ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Help with LaBrea - is it working?
OK, I opened port 80. Now I get the following log action: May 5 06:12:49 firewall sh-httpd[2284]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net May 5 06:12:54 firewall sh-httpd[2285]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net May 5 06:13:03 firewall sh-httpd[2286]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net I think I understand now, and I believe I'm trying to do something dumb. I am just a lowly home DSL customer with a single external IP. Now I'm thinking that LaBrea needs spare EXTERNAL IP addresses to do anything. That is, it needs to see incoming traffic on an external (real world) IP that is assigned to me, but I'm not using. I think the only traffic coming down my DSL line is directed at my single IP. Is this correct? I was thinking before that LaBrea could work with all my internal 192.168.1.xxx IPs, but maybe not... Jabez Jabez: Easy to do: you can adjust your firewall ruleset to let those packets destined for a webserver (ie, TCP-port 80) in. So, have the LEAF disk ACCEPT those packets, and let LaBrea tarpit them. Alternatively, to keep your LEAF disk lean, port-forward it's port 80 to port 80 on an internal machine that you have running LaBrea. Same effect... Since LaBrea is the only thing that receives the data connection, your overall security hit is reduced to the security of LaBrea. Which, in my understanding, has been pretty well scrutinized. Kinda fun, in a way. :) -Scott On Fri, 3 May 2002, Jabez McClelland wrote: --- Scott C. Best wrote: Jabez: Heya. As you probably know, that log looks like a CodeRed worm (an IIS web-server virus from early last year). It also looks like your firewall is simply blocking this packet before any other process can see it, including LaBrea. This seems to me a Good Thing. :) Thanks, Scott for responding... Yes I suppose it's a good thing - but an even better thing would be if LaBrea could catch that worm and hold onto it for some time, like it's supposed to do. Maybe the trick is to open up the firewall rules in order to get LaBrea to do its job? Nothing in the docs about that... Jabez __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Loading packages on bering
I want to load 20 packages, but on boot only 18 are installed. The next package is not installed. (error message nf!) Now, I am looking in linuxrc Sylvain ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Wireless and LAN bridge/hub?
Hey guys. I've got a mainly Windows network set up (non-NT and non-2k or XP...all 9x. They're fairly stable.) However, there's two groups, and they're on different ends of the building. Both have their own hub/switch. (currently they're switches, but I can change them to hubs, if for some reason, that must be done for this to work.) The two groups need to be able to talk to each other, but running a wire isn't an option due to various reasons, including aesthetic reasons. We have therefore decided to create a wireless link between them. I think I am correct in thinking that buying 2 Wireless Access Points (one for each hub/switch) is not only expensive, but would not achieve my goal. So I plan to buy 1 wireless access point, and 1 wireless PCI card. Access point goes into uplink on one hub/switch, and on the other end, I plan to have a LRP box that has the wireless card installed, with a normal wire LAN card. I hope to run a LEAF distro on this box, and all it would do is shunt all data fro eth0 to eth1 to the hub/switch, and from eth1 to eth0 (which then goes to the access point which will take care of the rest.) I was wondering if anyone had ever done this before... Could someone point me to some relevant docs, or recommend a particular distribution to use? (I'm sort of a Linux newbie, so if you could also include some instructions, that would be great.) Please point out any flaws in my design. Suggestions to better my method would be most appreciated. Greg ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Loading packages on bering
You did not tell what version you are using, some already have solution ready to work. The problem is the total line length 256 characters. Sorry I do not remember details at this time. This has been asked before. Give us the version and someone may give you the solution. Larry Platzek [EMAIL PROTECTED] On Sun, 5 May 2002, Sylvain Pelletier wrote: Date: Sun, 5 May 2002 16:38:28 +0200 From: Sylvain Pelletier [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [leaf-user] Loading packages on bering I want to load 20 packages, but on boot only 18 are installed. The next package is not installed. (error message nf!) Now, I am looking in linuxrc Sylvain ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Loading packages on bering v1.0-rc2
I use bering v1.0-rc2 I get this message only for the package 19 It's possible to bypass this limit or ... - Original Message - From: Ray Olszewski [EMAIL PROTECTED] To: Sylvain Pelletier [EMAIL PROTECTED] Sent: Sunday, May 05, 2002 5:16 PM Subject: Re: [leaf-user] Loading packages on bering At 04:38 PM 5/5/02 +0200, you wrote: I want to load 20 packages, but on boot only 18 are installed. The next package is not installed. (error message nf!) Now, I am looking in linuxrc Well ... nf! translates to not found. Do you get this message only for package #19, or for both #19 and #20? If the first, then you may be hitting the line-length limit for package lists (255 characters, I think). -- Never tell me the odds!--- Ray Olszewski-- Han Solo Palo Alto, CA[EMAIL PROTECTED] ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Loading packages on bering v1.0-rc2
At 17:46 5/05/2002, Sylvain Pelletier wrote: I use bering v1.0-rc2 I get this message only for the package 19 It's possible to bypass this limit or ... It is possible and even quite easy just create a file on your boot device called lrpkg.cfg and list all packages in there. Like pkg1,pkg2,..,pkg20 For more info check http://leaf.sourceforge.net/devel/jnilo/bubooting.html#AEN983 Don't worry if your not booting from cdrom most info there applies for you too. Kim Oppalfens MCT Azlan -Training - Original Message - From: Ray Olszewski [EMAIL PROTECTED] To: Sylvain Pelletier [EMAIL PROTECTED] Sent: Sunday, May 05, 2002 5:16 PM Subject: Re: [leaf-user] Loading packages on bering At 04:38 PM 5/5/02 +0200, you wrote: I want to load 20 packages, but on boot only 18 are installed. The next package is not installed. (error message nf!) Now, I am looking in linuxrc Well ... nf! translates to not found. Do you get this message only for package #19, or for both #19 and #20? If the first, then you may be hitting the line-length limit for package lists (255 characters, I think). -- Never tell me the odds!--- Ray Olszewski-- Han Solo Palo Alto, CA[EMAIL PROTECTED] ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Loading packages on bering
On Sun, 5 May 2002 08:11:25 -0700 (PDT) Larry Platzek [EMAIL PROTECTED] wrote: You did not tell what version you are using, some already have solution ready to work. The problem is the total line length 256 characters. Sorry I do not remember details at this time. This has been asked before. Give us the version and someone may give you the solution. If you are using Bering or Dachstein, try putting the packages you want to load, separated by commas, minus the extension, in lrpkg.cfg on your floppy. -- -- Chad Carr[EMAIL PROTECTED] -- ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re:[leaf-user] Wireless and LAN bridge/hub?
Greg Before you take the leap into wireless, do your homework to make sure you want to go down that path. You may be challenged by a number of issues, and it can get expensive to deal with some of them ( antennas, security, etc..) With that general caveat, my comments are inline with yours DATE: 05/05/2002 09:40:35SUBJECT: [leaf-user] Wireless and LAN bridge/hub? I've got a mainly Windows network set up (non-NT and non-2k or XP...all 9x. They're fairly stable.) However, there's two groups, and they're on different ends of the building. The type of network client is not too significant to this problem but the building layout and relative distances are critical. Please provide more details about distance, obstacles, type of building construction, etc.. Both have their own hub/switch. (currently they're switches, but I can change them to hubs, if for some reason, that must be done for this to work.) The type of network device should have no impact on this. The two groups need to be able to talk to each other, but running a wire isn't an option due to various reasons, including aesthetic reasons. We have therefore decided to create a wireless link between them. How fast does the link need to be to meet your requirements? Are you simply trying to share an internet connection, or are there two network workgroups that need to interact? If the distances are more than 100 feet, and/or there is any significant structure in between, wireless could become tricky to implement. Steel structures would be particularly difficult. If possible, borrow some wireless gear to test whether you can establish a link before comitting to a costly purchase. I think I am correct in thinking that buying 2 Wireless Access Points (one for each hub/switch) is not only expensive, but would not achieve my goal. So I plan to buy 1 wireless access point, and 1 wireless PCI card. Access point goes into uplink on one hub/switch, and on the other end, I plan to have a LRP box that has the wireless card installed, with a normal wire LAN card. I hope to run a LEAF distro on this box, and all it would do is shunt all data fro eth0 to eth1 to the hub/switch, and from eth1 to eth0 (which then goes to the access point which will take care of the rest.) You can use a peer-to-peer style wireless link directly between 2 LEAF devices, and avoid the access point entirely. Bridging vs. routing could be an obstacle. My impression is that bridging support in LEAF distros is kludgy, but i'm sure others on this list can speak to that issue. If you have to actually route traffic, it will complicate your life as far as Windows network browsing is concerned. Bering RC2 provides good support for PCMCIA and wireless devices, and I suggest you look at Bering as a starting point. I know it works... we are using it with Lucent/Avaya/Agere Orinoco wireless PCMCIA NICs. Selection of your wireless hardware will also be critical... not everything works as you might expect. Do your homework carefully (I can't stress that enough!!) Also, don't overlook the security issues... WEP is better than nothing, but it is not secure! You may require a VPN if your data is sensitive, and this will increase the processing requirements of your LEAF gateway. There are several good resources for information on wireless devices and linux, here is a good place to start: http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Wireless.html Good Luck! Henry ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-552613 ] initrd - increase rootfs size
Support Requests item #552613, was opened at 2002-05-05 11:31 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=552613group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: initrd - increase rootfs size Initial Comment: While loading additional packages (ipsec, sshd) from second floppy the root filesystem is going out of space. Moving the /lib + /usr folder into an alternate ramdisk filesystem has no success. I installed the Bering_1.0-rc2 2.4.18 distribution. At startup it mounts a ramdisk with a size of 6144K for root. How I inrcease the size of the root filesystem? I tried the syslinux.cfg parameter: ramdisk_size = 10240 and then default linux initrd=initrd.lrp ... root_size=09M temp_size=10M log_size=02M ... without success. The rootfs has still a size of 6M. -- You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=552613group_id=13751 ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-552613 ] initrd - increase rootfs size
Support Requests item #552613, was opened at 2002-05-05 20:31 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=552613group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: initrd - increase rootfs size Initial Comment: While loading additional packages (ipsec, sshd) from second floppy the root filesystem is going out of space. Moving the /lib + /usr folder into an alternate ramdisk filesystem has no success. I installed the Bering_1.0-rc2 2.4.18 distribution. At startup it mounts a ramdisk with a size of 6144K for root. How I inrcease the size of the root filesystem? I tried the syslinux.cfg parameter: ramdisk_size = 10240 and then default linux initrd=initrd.lrp ... root_size=09M temp_size=10M log_size=02M ... without success. The rootfs has still a size of 6M. -- Comment By: Eric Wolzak (ericw) Date: 2002-05-05 20:51 Message: Logged In: YES user_id=15026 In Linuxrc the system size can be changed manually by editing set SYSTSIZE=XXXM for the root partition a better solution is to use the following variables on the command line syst_size=xxxM for the System size = root partition tmp_size=xxxM for the size of /tmp log_size=xxxM for the size of /var/log good luck Eric Wolzak -- You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=552613group_id=13751 ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-552613 ] initrd - increase rootfs size
Support Requests item #552613, was opened at 2002-05-05 11:31 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=552613group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: initrd - increase rootfs size Initial Comment: While loading additional packages (ipsec, sshd) from second floppy the root filesystem is going out of space. Moving the /lib + /usr folder into an alternate ramdisk filesystem has no success. I installed the Bering_1.0-rc2 2.4.18 distribution. At startup it mounts a ramdisk with a size of 6144K for root. How I inrcease the size of the root filesystem? I tried the syslinux.cfg parameter: ramdisk_size = 10240 and then default linux initrd=initrd.lrp ... root_size=09M temp_size=10M log_size=02M ... without success. The rootfs has still a size of 6M. -- Comment By: Nobody/Anonymous (nobody) Date: 2002-05-05 12:04 Message: Logged In: NO Thanks ericv, I just found it in the archive: the correct parameter in syslinux.cfg for increasing the rootfs is syst_size=xxM root_size was wrong! and it is working! Johannes Koenigsmann, Hannover -- Comment By: Eric Wolzak (ericw) Date: 2002-05-05 11:51 Message: Logged In: YES user_id=15026 In Linuxrc the system size can be changed manually by editing set SYSTSIZE=XXXM for the root partition a better solution is to use the following variables on the command line syst_size=xxxM for the System size = root partition tmp_size=xxxM for the size of /tmp log_size=xxxM for the size of /var/log good luck Eric Wolzak -- You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=552613group_id=13751 ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-552613 ] initrd - increase rootfs size
Support Requests item #552613, was opened at 2002-05-05 11:31 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=552613group_id=13751 Category: Release/Branch: Bering Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: initrd - increase rootfs size Initial Comment: While loading additional packages (ipsec, sshd) from second floppy the root filesystem is going out of space. Moving the /lib + /usr folder into an alternate ramdisk filesystem has no success. I installed the Bering_1.0-rc2 2.4.18 distribution. At startup it mounts a ramdisk with a size of 6144K for root. How I inrcease the size of the root filesystem? I tried the syslinux.cfg parameter: ramdisk_size = 10240 and then default linux initrd=initrd.lrp ... root_size=09M temp_size=10M log_size=02M ... without success. The rootfs has still a size of 6M. -- Comment By: Mike Noyes (mhnoyes) Date: 2002-05-05 12:19 Message: Logged In: YES user_id=39521 Based on the most recent comment on this support request, it is our understanding that this matter has been addressed. Should you require further assistance from the LEAF project members, please submit a new support request. Thank you, leaf-project.org support -- Comment By: Nobody/Anonymous (nobody) Date: 2002-05-05 12:04 Message: Logged In: NO Thanks ericv, I just found it in the archive: the correct parameter in syslinux.cfg for increasing the rootfs is syst_size=xxM root_size was wrong! and it is working! Johannes Koenigsmann, Hannover -- Comment By: Eric Wolzak (ericw) Date: 2002-05-05 11:51 Message: Logged In: YES user_id=15026 In Linuxrc the system size can be changed manually by editing set SYSTSIZE=XXXM for the root partition a better solution is to use the following variables on the command line syst_size=xxxM for the System size = root partition tmp_size=xxxM for the size of /tmp log_size=xxxM for the size of /var/log good luck Eric Wolzak -- You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=552613group_id=13751 ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Help with LaBrea - is it working? (With one IP)
Here are my options for running LaBrea with only one IP; -i eth0 -l -p 8 -z -x -F /etc/LaBrea.bpf It has been while since I set it up (Thanks to Charles and Simons help) but if I remember right, the -x tells LaBrea to not capture an IP for it's use. The -F /etc/Labrea.bpf setting is just a file it refers to - if - the assigned I.P. from my ISP changes, not too sure if you would need that using DSL. I've set up LaBrea to monitor anything below port 1025 so it tarpits quite a bit of IP's on a daily basis. Here are a couple of entries in my syslog; May 5 11:53:42 firewall kernel: Packet log: input DENY eth0 PROTO=6 212.160.139.38:2916 24.118.176.41:21 L=60 S=0x00 I=12455 F=0x4000 T=46 SYN (#67) May 5 11:53:42 firewall /usr/sbin/LaBrea: Teergrubing: 212.160.139.38 2916 - 24.118.176.41 21 The first is just s SYN attempt against my firewall, the second is LaBrea kicking in and tarpitting (Terrgrubing) the offending IP. It also does the port 80 thing - which is what LaBrea was made for; May 5 13:18:06 firewall /usr/sbin/LaBrea: Teergrubing: 24.118.68.34 3941 - 24.118.176.41 80 May 5 13:19:09 firewall /usr/sbin/LaBrea: Teergrubing: 24.118.178.85 2413 - 24.118.176.41 80 May 5 13:19:36 firewall /usr/sbin/LaBrea: Teergrubing: 24.118.68.34 4015 - 24.118.176.41 80 May 5 13:21:06 firewall /usr/sbin/LaBrea: Teergrubing: 24.118.68.34 3916 - 24.118.176.41 80 There are some messages posted here from earlier this year that give excellent advise in using LaBrea with one IP. Try to do a search for them, but if you need further help yell and I will see what I can do. Good Luck, Steve On Sun, 5 May 2002 07:11:41 -0700 (PDT) Jabez McClelland [EMAIL PROTECTED] wrote: OK, I opened port 80. Now I get the following log action: May 5 06:12:49 firewall sh-httpd[2284]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net May 5 06:12:54 firewall sh-httpd[2285]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net May 5 06:13:03 firewall sh-httpd[2286]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net I think I understand now, and I believe I'm trying to do something dumb. I am just a lowly home DSL customer with a single external IP. Now I'm thinking that LaBrea needs spare EXTERNAL IP addresses to do anything. That is, it needs to see incoming traffic on an external (real world) IP that is assigned to me, but I'm not using. I think the only traffic coming down my DSL line is directed at my single IP. Is this correct? I was thinking before that LaBrea could work with all my internal 192.168.1.xxx IPs, but maybe not... Jabez Jabez: Easy to do: you can adjust your firewall ruleset to let those packets destined for a webserver (ie, TCP-port 80) in. So, have the LEAF disk ACCEPT those packets, and let LaBrea tarpit them. Alternatively, to keep your LEAF disk lean, port-forward it's port 80 to port 80 on an internal machine that you have running LaBrea. Same effect... Since LaBrea is the only thing that receives the data connection, your overall security hit is reduced to the security of LaBrea. Which, in my understanding, has been pretty well scrutinized. Kinda fun, in a way. :) -Scott On Fri, 3 May 2002, Jabez McClelland wrote: --- Scott C. Best wrote: Jabez: Heya. As you probably know, that log looks like a CodeRed worm (an IIS web-server virus from early last year). It also looks like your firewall is simply blocking this packet before any other process can see it, including LaBrea. This seems to me a Good Thing. :) Thanks, Scott for responding... Yes I suppose it's a good thing - but an even better thing would be if LaBrea could catch that worm and hold onto it for some time, like it's supposed to do. Maybe the trick is to open up the firewall rules in order to get LaBrea to do its job? Nothing in the docs about that... Jabez __ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED]
[leaf-user] bering bridge setup
Hi all! I am using bering beta4. I want to configure my box as an wireless access point. When booting, I get this error message: begin Configuring network interfaces: Operation failed. eth1: Setting Rx mode to 1 addresses. Don't seem to be have all the variables for br0/inet. done. end I can setup the bridge manually according to the Bridge-Howto. What am I missing? Manfred Here is my /etc/network/interfaces: # /etc/network/interfaces -- configuration file for LEAF network # J. Nilo, January 2002 # # Loopback interface. auto lo iface lo inet loopback # Step 1: configure external interface # uncomment/adjust one of the following 4 options # Option 1.1 (default): eth0 / dynamic IP from pump/dhclient auto eth0 iface eth0 inet dhcp # # Option 1.2: eth0 / Fixed IP (assumed to be 1.2.3.4). # (broadcast/gateway optional) #auto eth0 #iface eth0 inet static # address 1.2.3.4 # masklen 24 # broadcast 1.2.3.255 # gateway 1.2.3.1 # # Option 1.3: PPP/PPPOE (modem connected to eth0) #auto ppp0 #iface ppp0 inet ppp # pre-up ip link set eth0 up # provider dsl-provider eth0 # # Option 1.4: PPP modem #auto ppp0 #iface ppp0 inet ppp # provider provider # Step 2: configure internal interface # Default: eth1 / fixed IP = 192.168.1.254 auto eth1 iface eth1 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 # Step 3 (optionnal): configure DMZ # Default: eth2 / fixed IP = 192.168.1.100 #auto eth2 #iface eth2 inet static # address 192.168.1.100 # masklen 24 # broadcast 192.168.1.255 # gateway 192.168.1.254# Step 4 (optionnal): configure bridge auto wlan0 iface wlan0 inet static address 192.168.1.253 masklen 24 broadcast 192.168.1.255 # Step 4 (optionnal): configure a bridge auto br0 iface br0 inet static address 192.168.1.254 network 192.168.1.0 netmask 255.255.255.0 broadcast 192.168.1.255 gateway 192.168.1.1 bridge_ports eth1 wlan0 # ip link show: 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 4: eth0: BROADCAST,MULTICAST mtu 1500 qdisc pfifo_fast qlen 100 link/ether 08:00:2b:99:29:7e brd ff:ff:ff:ff:ff:ff 5: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:60:08:e7:bb:2b brd ff:ff:ff:ff:ff:ff 6: wlan0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:02:dd:30:be:46 brd ff:ff:ff:ff:ff:ff ip addr show: 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 4: eth0: BROADCAST,MULTICAST mtu 1500 qdisc pfifo_fast qlen 100 link/ether 08:00:2b:99:29:7e brd ff:ff:ff:ff:ff:ff 5: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:60:08:e7:bb:2b brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 6: wlan0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:02:dd:30:be:46 brd ff:ff:ff:ff:ff:ff inet 192.168.1.253/24 brd 192.168.1.255 scope global wlan0 brctl show: bridge name bridge id STP enabled interfaces -- Manfred Schuler E_Mail: mailto:[EMAIL PROTECTED] ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] DCD: Special Second External Interface ???
On Fri, 3 May 2002, Michael D. Schleif wrote: DCD: Special Second External Interface ??? [1] Summary diagram: +---+ | | | Remote Vendor| | Private Network | | | +---+ Florida ^ | Chicago v +---+ | | | ISDN Router | | Auto Dial, NAT, c. | | | +---+ ^ 192.168.14.252 | | 192.168.14.0/24 | v 192.168.14.254 +---+ | eth1 | ++ | | T-1 || | DCD wan1 |-| Internet | | | || | eth0 | ++ +---+ ^ 192.168.11.254 | v ++ ||- 192.168.10.0/24 | Internal | | Network | ||- 192.168.11.0/24 ++ ^ ^ | | | +- 192.168.12.0/24 | +- 192.168.13.0/24 [2] This Chicago DCD user has a fully functioning network -- everything below `eth1' in the diagram. [3] There is no problem exchanging data with their Florida vendor while the T-1 is working. ... through the T-1, so the florida network expects to route packets to chicago via the T-1, right? [4] When the T-1 goes down, Chicago must continue to be able to send data to Florida! [5] Prior to the T-1, all data exchange was done via ISDN -- so, that is already available. [6] All that is required to make (initiate?) the ISDN connection is to ping the ISDN Router -- while it is powered on ; [7] We are only interested in initiating connection from Chicago -- one-way. [8] Since this is point-to-point, firewall rules are not required; but, they are highly desirable. You should decide whether you want masquerading through 192.168.14.254 early on... you may need to hack the firewall/routing yourself either way. If you don't masq, the routing from the florida end may be more complicated. Remember that if you are not using masquerading or default routes, every router has to know how to route to every other router. [9] We should be able to use Andrew Hoying's ifcheck.lrp to automatically manage the routing tables -- shouldn't we? I haven't used it, but it sounds promising. Nor have I used ISDN. But I would guess there is an ifup-type script on the florida end. [10] I just spent six (6) hours trying to figure out how to add this design for eth1 to this existing DCD -- I am very frustrated! [11] How can this design be implemented under these conditions? I don't know. But I strongly suspect you will have to get cooperation on the florida side as far as routing goes. The fact that you did not provide any details for that end makes me wonder if you may not be putting enough energy into completing the circuit from that end. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Help with LaBrea - is it working?
Jabez: Heya. So you know up-front: I've not installed LaBrea on my systems here. I like the idea of it, of course, but haven't done anything about it. That being said, here's what I see below. Now that you've opened port-80, it looks like your sh-httpd process (which I believe is associated with the weblet app) is receiving these connection requests before your LaBrea process receives them. I would have thought that the sh-httpd process would listen to port-80 *only* on the internal interface, but maybe that's not the default (again, sorry, I don't use weblet here so I can't tell)... That being said, there's two ways you can use LaBrea correctly. First, as it was originally intended, you can have it listen to your internal network and to make it unmappable by routine network scanners. In this mode, LaBrea will populate all of the unused IP address space on your LAN with ghost machines, making it much more difficult for an attacker to gauge how many machines you're running and where to hit first. The second (and I think more interesting) mode is the ability of LaBrea to capture and hold connection attempts of Internet worms, such as CodeRed. In this mode, LaBrea should be configured to listen to port-80 on your external interface. From the outside, it will look and feel like an infinitely slow web server. A Worm-infected machine that tries to connect to as many machines as possible will be greatly slowed down when it comes across you. Once you know which mode you want to implement, it should be pretty straightforward to configure the tool to do it. Just post your config file and we can work through it. cheers, Scott On Sun, 5 May 2002, Jabez McClelland wrote: OK, I opened port 80. Now I get the following log action: May 5 06:12:49 firewall sh-httpd[2284]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net May 5 06:12:54 firewall sh-httpd[2285]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net May 5 06:13:03 firewall sh-httpd[2286]: refused connect from dsl092-171-025.wdc1.dsl.speakeasy.net I think I understand now, and I believe I'm trying to do something dumb. I am just a lowly home DSL customer with a single external IP. Now I'm thinking that LaBrea needs spare EXTERNAL IP addresses to do anything. That is, it needs to see incoming traffic on an external (real world) IP that is assigned to me, but I'm not using. I think the only traffic coming down my DSL line is directed at my single IP. Is this correct? I was thinking before that LaBrea could work with all my internal 192.168.1.xxx IPs, but maybe not... Jabez Jabez: Easy to do: you can adjust your firewall ruleset to let those packets destined for a webserver (ie, TCP-port 80) in. So, have the LEAF disk ACCEPT those packets, and let LaBrea tarpit them. Alternatively, to keep your LEAF disk lean, port-forward it's port 80 to port 80 on an internal machine that you have running LaBrea. Same effect... Since LaBrea is the only thing that receives the data connection, your overall security hit is reduced to the security of LaBrea. Which, in my understanding, has been pretty well scrutinized. Kinda fun, in a way. :) -Scott [old stuff deleted] ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] DCD: Special Second External Interface ???
Jeff Newmiller wrote: On Fri, 3 May 2002, Michael D. Schleif wrote: [ snip ] [3] There is no problem exchanging data with their Florida vendor while the T-1 is working. ... through the T-1, so the florida network expects to route packets to chicago via the T-1, right? This is only a failover scenario. Right now, we can get to Florida either of two ways: [a] via the T-1, or [b] via ISDN The ISDN setup works, if DCD is setup with it as the one and only external interface. In other words, we have had this working _without_ the T-1 and manually configure a replacement /etc/network.conf for ISDN to replace T-1. We have *not* been able to get the DCD to see _both_ wan1 and eth1 as equal external interfaces. That is what we need to do first . . . [ snip ] [8] Since this is point-to-point, firewall rules are not required; but, they are highly desirable. You should decide whether you want masquerading through 192.168.14.254 early on... you may need to hack the firewall/routing yourself either way. If you don't masq, the routing from the florida end may be more complicated. Remember that if you are not using masquerading or default routes, every router has to know how to route to every other router. Yes. Actually, the ISDN router has its own NAT. Don't forget, the ISDN is point-to-point, while the T-1 uses the internet to get to Florida. [ snip ] [11] How can this design be implemented under these conditions? I don't know. But I strongly suspect you will have to get cooperation on the florida side as far as routing goes. The fact that you did not provide any details for that end makes me wonder if you may not be putting enough energy into completing the circuit from that end. Routing is not currently an issue. As soon as even a broadcast packet gets to the ISDN router, it immediately dials out. The problem plaguing us right now is that we cannot see the ISDN router from our internal network; nor, can the ISDN router see our internal network. Yes, we can go back and forth between the DCD box and ISDN router; but, that does little good. Thank you, for your insights. Any other ideas? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Module finder??
Kim Oppalfens [EMAIL PROTECTED] wrote: Hi all, Just wondering if a module finder service exists? Supposedly I have some sort of nic, which doesn't come with a linux module and the website of the manufacturer doesn't mention anything about linux neither. How would I go about finding the correct module? Does a list or search engine for such a thing exists? Or would I do what I usually do in Linux trouble and ask this or some other list? Or learn how to cheat and user other Linux distribution's documentation. ;-) http://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/ref-guide/s1-modules-ethernet.html A good source of network driver information is located at http://www.scyld.com/network/. Other packages are being arranged by Pattrick Noyes on the LEAF site. But no module locator function exists as far as I know. Greg Morgan PS: It is just a hypothetical question, I am thinking about doing a presentation about leaf installation at work, and would like to find a nice solution for this problem. (Since I think it is the most difficult part in the installation if you don't have one of the standard modules included in most branches.) Kim Oppalfens MCT AZLAN -- Training ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] WRP - What's the magical ingredient to make it work?
I'm getting so frustrated with WRP that I'm about to chuck it out a 2nd story window. I just want a plain vanilla router from wireless to ethernet. All addresses are static (wireless=10.0.1.x, ethernet=192.168.1.x), I dont want dhcpd or any other sort of server. I dont want firewall either (not yet anyway). Hardware is 486dx4-100, 12m edo ram, maxtor isa-pcmcia (databook DB86082 chip), wavelan ieee pcmcia card, isa ne2000 clone (io=0x300,irq=10). Downloaded everything on the web page. put the packages into the /packages directory on the floppy and appear to be loaded ok. From the WRP image, I can get the NE2000 recognized (and can ping it) but nothing about the PCMCIA seems to work. From the pcmcia image, I can get the wavelan found (the lights dont come on as I expect them to but the driver appears to load), but the NE2000 doesnt get found. Anyone want to have a crack at what I'm doing wrong or not doing at all? klint. (I'll send the wrp.cfg file and floppy structure off list if it helps) +---+-+ : Klint Gore: Non rhyming: : EMail : [EMAIL PROTECTED] : slang - the: : Snail : A.B.R.I.: possibilities : : Mail University of New England : are useless : : Armidale NSW 2351 Australia : L.J.J. : : Fax : +61 2 6772 5376 : : +---+-+ ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] bering bridge setup
I am using bering beta4. You should not. Beta4 was beta :-). Switch to rc2. I want to configure my box as an wireless access point. Have you checked: http://leaf.sourceforge.net/devel/jnilo/buwireless.html When booting, I get this error message: begin Configuring network interfaces: Operation failed. eth1: Setting Rx mode to 1 addresses. Don't seem to be have all the variables for br0/inet. done. end I can setup the bridge manually according to the Bridge-Howto. Yes. In this case do not use the bridge section of the interfaces file. Comment them out. What am I missing? What are your trying to achieve ? Jacques ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
