[leaf-user] Specifying directories in lrpkg.cfg
Hi all, I just created my first bering cd and it works like a charm. Still have a question though, I would like to add quite a few packages To the cd and organize them in subdirectories, so I was wondering if I could specify Subdirectories in lrpkg.cfg. In other words would root:f,etc:f,modules:f,local:f,subdir/tools/dns-utils:f Work?? Kim oppalfens Azlan Training ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering LEAF from hard disk
Have a look at the documentation http://leaf.sourceforge.net/devel/jnilo/bubooting.html#AEN969 You don't need a different kernel, just ide modules loaded. regards Dave - Original Message - From: Shawn R [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 17, 2002 12:30 AM Subject: [leaf-user] Bering LEAF from hard disk Hi, I'm trying to configure Bering LEAF to boot off a hard drive so I have more room (even a 1680K floppy isn't big enough). Do you know where I can get a precompiled 2.4.18 kernel with IDE support that I can use with it? I've tried compiling my own but every time I boot, I get: FAT: bogus logical sector size 0 Kernel panic: VFS: Unable to mount root fs on 01:00 I can send my config file if that will help. Thanks! --Shawn ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Specifying directories in lrpkg.cfg
Kim Oppalfens wrote: Hi all, I just created my first bering cd and it works like a charm. Still have a question though, I would like to add quite a few packages To the cd and organize them in subdirectories, so I was wondering if I could specify Subdirectories in lrpkg.cfg. In other words would root:f,etc:f,modules:f,local:f,subdir/tools/dns-utils:f Work?? I think it will not work, packages must be in the root directory. The path (which is the dev path) is specified as PKGPATH=... in syslinux.cfg fie. If I'm not wrong Bering RC2 uses 'find' to load modules but not to load packages. Kim oppalfens Azlan Training ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] bering rc2 ipsec
On Wed, 15 May 2002 13:58:09 -0500 Joey Officer [EMAIL PROTECTED] wrote: Coming a little late to the thread, but I was reading this message and had a question. I also get the rp_filter=0 ... etc... but I never really needed to fix that. I have since only made sure that the leftfirewall=yes option is set in ipsec.conf. Has anyone seen a true need to try and fix that error? Yes. It is documentented (tersely) at http://leaf.sourceforge.net/devel/jnilo/buipsec.html#AEN1214 I couldn't get mine to work without it. -- -- Chad Carr[EMAIL PROTECTED] -- ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Specifying directories in lrpkg.cfg
Kim, Looking at /linuxrc, it should be possible to do. You may run into issues with line length and have to move to lrpkg.cfg (I think that's the name) to accommodate this. Try it on a floppy based version. If it works, great. If it doesn't, you may have to make some changes to linuxrc (/var/lib/lrpkg/root.linuxrc is the actual file) to make it work. JamesS At 10:30 AM 5/17/02 +0200, Kim Oppalfens wrote: Hi all, I just created my first bering cd and it works like a charm. Still have a question though, I would like to add quite a few packages To the cd and organize them in subdirectories, so I was wondering if I could specify Subdirectories in lrpkg.cfg. In other words would root:f,etc:f,modules:f,local:f,subdir/tools/dns-utils:f Work?? Kim oppalfens Azlan Training ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-536605 ] Oxygen installation: howto location
Support Requests item #536605, was opened at 2002-03-28 20:22 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=536605group_id=13751 Category: Release/Branch: Oxygen Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Oxygen installation: howto location Initial Comment: I have downloaded the three version 1.8 Oxygen .bin files from LEAF. As I am new to Linux, and cannot locate the necessary HOWTO, can someone please help with the instruction on how to install Oxygen?. The three Oxygen files have been downloaded to a Windows system, and are to be installed to a seperate PC (that meets the minimum specified requirements). My hope is to create a bootable CD. I would appreciate any help. Many Thanks Greg G -- Comment By: Mike Noyes (mhnoyes) Date: 2002-05-17 07:38 Message: Logged In: YES user_id=39521 I'm closing this support request due to a lack of response from the person that opened it. -- Comment By: Mike Noyes (mhnoyes) Date: 2002-04-23 06:15 Message: Logged In: YES user_id=39521 This page may help you get started. http://leaf.sourceforge.net/mod.php?mod=userpagemenu=90001page_id=16 -- You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=536605group_id=13751 ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-539562 ] port forwarding
Support Requests item #539562, was opened at 2002-04-04 18:16 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=539562group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: port forwarding Initial Comment: I am running the dachstein firewall router and want to enable port forwarding of the IRLP. The ports to be enabled 2074 2075 15425 15426 15427 and 22. As set up I can log on 192.168.1.1 on the internal network but cannot do it through a external connection. Any info appreciated. IRLP is the Internet Repeater Linking Project. Thanks -- Comment By: Mike Noyes (mhnoyes) Date: 2002-05-17 07:40 Message: Logged In: YES user_id=39521 Would someone with port forwarding knowledge please address this support request? Thanks. -- Comment By: Nobody/Anonymous (nobody) Date: 2002-04-07 04:50 Message: Logged In: NO This text from correspondence with IRLP group. Subject: Re: firewall If your node is behind a firewall, the following TCP and UDP ports must be forwarded to it. TCP 23 (if you are running telnet) 22 (if you are running SSH) (PREFERRED) 15425 (IRLP control port) 15426 (IRLP control port) 15427 (IRLP control port) UDP 2074 (IRLP Audio) 2075 (IRLP Audio) The version of Dachstein is using sys linux 1.62 2001-04-24 and root version v4.0.6 From log: Apr 6 21:30:49 firewall kernel: Packet log: input DENY eth0 PROTO=6 142.163.19.66:1145 209.128.53.112:22 L=48 S=0x00 I=16177 F=0x4000 T=124 SYN (#42) Apr 6 21:30:52 firewall kernel: Packet log: input DENY eth0 PROTO=6 142.163.19.66:1145 209.128.53.112:22 L=48 S=0x00 I=16433 F=0x4000 T=124 SYN (#42) Apr 6 21:30:58 firewall kernel: Packet log: input DENY eth0 PROTO=6 142.163.19.66:1145 209.128.53.112:22 L=48 S=0x00 I=16689 F=0x4000 T=124 SYN (#42) Apr 6 21:31:11 firewall kernel: Packet log: input DENY eth0 PROTO=6 142.163.19.66:1145 209.128.53.112:22 L=48 S=0x00 I=16945 F=0x4000 T=124 SYN (#42) Apr 6 21:31:35 firewall kernel: Packet log: input DENY eth0 PROTO=6 142.163.19.66:1145 209.128.53.112:22 L=48 S=0x00 I=17457 F=0x4000 T=124 SYN (#42) Apr 6 21:31:38 firewall kernel: Packet log: input DENY eth0 PROTO=6 142.163.19.66:1145 209.128.53.112:22 L=48 S=0x00 I=17713 F=0x4000 T=124 SYN (#42) Apr 6 21:31:44 firewall kernel: Packet log: input DENY eth0 PROTO=6 142.163.19.66:1145 209.128.53.112:22 L=48 S=0x00 I=17969 F=0x4000 T=124 SYN (#42) Other correspondence: If you're running Red Hat 6.x on the router box, you will need to download and install ipmasqadm, to enable the port forwarding. This is a basic script and should give you the bare minimum to forward ports to the IRLP box.. You can add extra code to improve security or pass more protocols (read the IP Masquerade How To for more info). Note, you need to set the $INETIP and $IRLPIP variables to the correct values in your script, or when your connection comes up (if using PPP, DHCP or PPPoE). $INETIP is the public IP address of your firewall, and $IRLPIP is the internal IP address of the IRLP box itself. #!/bin/sh # setup IP Masquerade echo Enabling IP forwarding... echo '1' /proc/sys/net/ipv4/ip_forward echo 'Setting up firewall...' /sbin/ipchains -A input -j ACCEPT -i eth0 -s 0/0 67 -d 0/0 68 -p udp /sbin/ipchains -P forward DENY /sbin/ipchains -A forward -i eth0 -s 192.168.0.0/24 -j MASQ /usr/sbin/ipmasqadm portfw -f /usr/sbin/ipmasqadm portfw -a -P udp -L $INETIP 2074 -R $IRLPIP 2074 /usr/sbin/ipmasqadm portfw -a -P udp -L $INETIP 2075 -R $IRLPIP 2075 /usr/sbin/ipmasqadm portfw -a -P tcp -L $INETIP 15425 -R $IRLPIP 15425 /usr/sbin/ipmasqadm portfw -a -P tcp -L $INETIP 15426 -R $IRLPIP 15426 /usr/sbin/ipmasqadm portfw -a -P tcp -L $INETIP 15427 -R $IRLPIP 15427 # Add this line if you want to be able to SSH direct to the IRLP box (and are not using SSH on the router) /usr/sbin/ipmasqadm portfw -a -P tcp -L $INETIP 22 -R $IRLPIP 22 -- Comment By: Nobody/Anonymous (nobody) Date: 2002-04-06 14:01 Message: Logged In: NO I went to the IRLP site and it does not seem to document the port numbers with protocols. This is a VOIP system which doubtless uses a udp stream for the audio. If you can let us know which protocol each of the ports uses - the implementation of the port fowarding is trivial. Some of those ports will be udp and some will be tcp. Port 22 is ssh and I think I read somewhere that it does encryption for authenticaltion of the HAM users. Please provide more info. IRLP seems to have a better interface than I-LINK which does much the same thing under Windows. IRLP only runs on a Redhat box. -- Comment By:
[leaf-user] [ leaf-Support Requests-547477 ] Log messages. Customize
Support Requests item #547477, was opened at 2002-04-23 02:30 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=547477group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Log messages. Customize Initial Comment: Hi I am using Bering firewall and I've blocked traffic from my routers port 520. I'm asking what do I have to modify that that 520 port deny's are not logged to messages, cause it only floods that log? Please I've tried to gather that information but not successed. -- Comment By: Mike Noyes (mhnoyes) Date: 2002-05-17 07:45 Message: Logged In: YES user_id=39521 Have you looked at our FAQs? Specifically: FAQs sec09: Security Firewall Questions Answered Why am I getting floods of SYN/ACK packets to my DNS server? http://sourceforge.net/docman/display_doc.php?docid=4715group_id=13751 Let me know if this information helps. -- You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=547477group_id=13751 ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering, orinoco_cs: Request IRQ: Resource in use
! Hi I have been trying to set up Bering rc2 with Lucent PCI to PCMCIA adapter Orinoco Silver card. After reading the inst. installing packets to floppy I Have still problems: Starting PCMCIA services: modules Using /lib/modules/pcmcia/pcmcia_core.o Using /lib/modules/pcmcia/i82365.o PCI: Enabling device 00:0e.0. ( - 0002) PCI: No IRQ for interrupt PIN A of device 00:0e.0. please try using pci=biosirq Using /lib/modules/pcmcia/ds.o cardmgr cardmgr watching 1 sockets ...Validating interfaces file orinoco_cs: Request IRQ : Resource in use This also when unplugging plugging the wireless card. I found some inst. to put these to wireless.opt: PCIC_OPTS=irq_mode=0 CORE_OPTS=cb_pci_irq=11 but with CORE_OPTS I got pcmcia_core.o insmod invalid parameter cb_pci_irq unresolved symbols with drivers. What to add to make all work? The same machine with Win98 works with the adapter and silver card. - Sunpoint.net tiedottaa: Tiesitkö, että Sunpoint.netin käyttäjät voivat lukea sähköpostinsa myös WAP-puhelimella. http://www.sunpoint.net/SunAds/click.htm?mode=footerid=45jump=http%3A%2F%2Fwww.sunpoint.net%2Fwap%2F ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Specifying directories in lrpkg.cfg
Hello Kim, all you wrote Hi all, I just created my first bering cd and it works like a charm. great :=) Still have a question though, I would like to add quite a few packages To the cd and organize them in subdirectories, so I was wondering if I could specify Subdirectories in lrpkg.cfg. In other words would root:f,etc:f,modules:f,local:f,subdir/tools/dns-utils:f Work?? Yes and no . ( more no ;) ) THe pkg would be loaded , as this is done by gzip and tar, this programms get the complete path and file name As long as you don't want to do any configuration or backup, it should be ok but not advisable. The problem however is that you won't find a configuration menu nor the possibility to save your files. ! The path and file name are stored together as the package name. To show the configuration menu : The directory /var/lib/lrpkg is searced for files with the name package name.conf this is not found as your conf file is named dns-utils.conf and not subdir/tools/dns-utils.conf At the backup: the backup programm tries to find the file subdir/tools/dns- utils.list (which doesn't exist.) and the next problem shows up as soon as the programm tries to create /tmp/subdir/tools/dns-utils.lrp which also fails. If there are more people interested in getting this fixed, it could be done.but would require some rewriting in the backup programm, and in the initrd (linuxrc) possibly breaking compatibility with other leaf versions. Regards Eric Wolzak member of the Bering Crew ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-547477 ] Log messages. Customize
Support Requests item #547477, was opened at 2002-04-23 11:30 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=547477group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Log messages. Customize Initial Comment: Hi I am using Bering firewall and I've blocked traffic from my routers port 520. I'm asking what do I have to modify that that 520 port deny's are not logged to messages, cause it only floods that log? Please I've tried to gather that information but not successed. -- Comment By: Eric Wolzak (ericw) Date: 2002-05-17 20:57 Message: Logged In: YES user_id=15026 Hi, perhaps you made an typeing error. In Bering iptables is used. traffic is not denied ( as with ipchains) but dropped (DROP) or rejected (REJECT) You have to insert a line in the shorewall rules file in wicht you DROP or REJECT all traffic to port 520. If you don't give the log options ( :with loglevel) than this package will not be logged. It leaves the walking tree before the logging automatically occurs at the end. If the post is not opened by default, and you made a typo by writing this rule ( DENY) than the rest of the rules is checked, nothing aplies and you and up with an net2all:DROP or all2all:DROP logentry. Hope this answers your questions Info at http://shorewall.net/Documentation.htm#Rules Eriw Wolzak member of the Bering Crew. member of the bering crew -- Comment By: Mike Noyes (mhnoyes) Date: 2002-05-17 16:45 Message: Logged In: YES user_id=39521 Have you looked at our FAQs? Specifically: FAQs sec09: Security Firewall Questions Answered Why am I getting floods of SYN/ACK packets to my DNS server? http://sourceforge.net/docman/display_doc.php?docid=4715group_id=13751 Let me know if this information helps. -- You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=547477group_id=13751 ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] RE: Bering, orinoco_cs: Request IRQ: Resource in use
Pasi, The catch to this I believe is a problem with the TI controller chip on the adapter card. It's default configuration is wrong. If you edit the pcmcia file, it should look like this: PCMCIA=yes PCIC=i82365 PCIC_OPTS=irq_mode=0 CORE_OPTS= CARDMGR_OPTS= The catch is PCIC_OPTS. Try this setting and let us know if that doesn't fix it! Brock Date: Fri, 17 May 2002 19:24:49 +0300 To: [EMAIL PROTECTED] From: PASI RAUHANIEMI [EMAIL PROTECTED] Subject: [leaf-user] Bering, orinoco_cs: Request IRQ: Resource in use ! Hi I have been trying to set up Bering rc2 with Lucent PCI to PCMCIA adapter Orinoco Silver card. After reading the inst. installing packets to floppy I Have still problems: Starting PCMCIA services: modules Using /lib/modules/pcmcia/pcmcia_core.o Using /lib/modules/pcmcia/i82365.o PCI: Enabling device 00:0e.0. ( - 0002) PCI: No IRQ for interrupt PIN A of device 00:0e.0. please try using pci=biosirq Using /lib/modules/pcmcia/ds.o cardmgr cardmgr watching 1 sockets ...Validating interfaces file orinoco_cs: Request IRQ : Resource in use This also when unplugging plugging the wireless card. I found some inst. to put these to wireless.opt: PCIC_OPTS=irq_mode=0 CORE_OPTS=cb_pci_irq=11 but with CORE_OPTS I got pcmcia_core.o insmod invalid parameter cb_pci_irq unresolved symbols with drivers. What to add to make all work? The same machine with Win98 works with the adapter and silver card. ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] dnscache: fatal: $IP not set
Im running bering rc1 with dnscache. Installed per nilo site instructions, no problems. But when i enter dnscache at prompt i get dnscache: fatal: $IP not set. What could be causing this also cant see any logs generated from dnscache to verify that it is even working. ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Specifying directories in lrpkg.cfg
At 20:23 17/05/2002, Eric Wolzak wrote: Hello Kim, all Ok thanks for clearing that up, I already figured out that loading was not the issue (looking at linuxrc) but didn't think about backup config. It is not that much of a problem, I was just wondering wether it would work. Kim Oppalfens Azlan Training you wrote Hi all, I just created my first bering cd and it works like a charm. great :=) Still have a question though, I would like to add quite a few packages To the cd and organize them in subdirectories, so I was wondering if I could specify Subdirectories in lrpkg.cfg. In other words would root:f,etc:f,modules:f,local:f,subdir/tools/dns-utils:f Work?? Yes and no . ( more no ;) ) THe pkg would be loaded , as this is done by gzip and tar, this programms get the complete path and file name As long as you don't want to do any configuration or backup, it should be ok but not advisable. The problem however is that you won't find a configuration menu nor the possibility to save your files. ! The path and file name are stored together as the package name. To show the configuration menu : The directory /var/lib/lrpkg is searced for files with the name package name.conf this is not found as your conf file is named dns-utils.conf and not subdir/tools/dns-utils.conf At the backup: the backup programm tries to find the file subdir/tools/dns- utils.list (which doesn't exist.) and the next problem shows up as soon as the programm tries to create /tmp/subdir/tools/dns-utils.lrp which also fails. If there are more people interested in getting this fixed, it could be done.but would require some rewriting in the backup programm, and in the initrd (linuxrc) possibly breaking compatibility with other leaf versions. Regards Eric Wolzak member of the Bering Crew ___ Hundreds of nodes, one monster rendering program. Now that's a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: Re: [leaf-user] Is there a way to auto email log files
chuck [EMAIL PROTECTED] wrote: I created a package to do just that... e-mail log files to a single or multiple addresses and you can specify which files to send. Its called mailstats.lrp and can be found at http://www.vette66.com It requires a working SU command and MAIL command. Is there a way to tell if you already have the working su and mail commands already on your LEAF release? I see from http://lrp.steinkuehler.net/Packages/Utilities.htm I can get su and grep (mail) command for Dachstien. Dargon was asking about this on bering rc2. From Charle's site is says that grep(mail) is in Dachstein releases. I looked all around in bin and sbin directories of my running DCD 1.02. I could not find su. So I guess su is not included on the CD. So do I 1.) put su in /bin? 2.) edit /var/lib/lrpkg/root*list to add su? 3.) backup root.lrp? I ask all these questions because I was unsuccessful using ipmail out of KP Kirchdoerfer's modification to DCD 1.02 described at http://leaf.sourceforge.net/article.php?op=Printsid=30. The release notes suggested that there still is a problem with mail. Can anyone provides some more tips or links to mail configuration? My goal is to mail the dyanmaic ip address to another client. The client needs to ssh to backup files on a LEAF protected network. Thanks, Greg Morgan I expanded what was done by Charles and his mailonerr script. Hope this helps, vette66 (Chuck) - Original Message - From: Dragon Wood [EMAIL PROTECTED] snip I am using bering rc2. The /var/log directory gets filled up quickly. How can I set it up such that the files get automatically forwarded to an email address and deleted when gets to a certain size? ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: Bering UML
Le Vendredi 17 Mai 2002 17:47, vous avez écrit : I have been using the Oxygen LEAF distro, but was thinking about switching the Bering. I was following the instructions on setting up UML, but have run into a problem. I have successfully gotten UML to run with the slink root filesystem (root_fs_slink), but on the page about running Bering under UML you provide a link to a LEAF filesystem for UML. However the link points to the root_fs_slink.bz2 file. Therefore the remainder of the instructions on this page do not apply (eg. there is no startuml script on the image). I've looked around on the site, but have not been able to find a LEAF filesystem for UML. Do you have any suggestions or modifcations to the manual? Thanks Todd: You are right this part of the documentation is not up to date. So here is what you will have to do to run a virtual Bering 1/ Download the latest Bering image 2/ Download the latest UML kernel for Bering (2.4.18-21) and the corresponding modules file Both files are available in the LEAF download (1/ in the Bering section and 2/ in the Leaf_UML section). Check here: http://sourceforge.net/project/showfiles.php?group_id=13751 Download these 3 files in a specific non root account Create a 2M minix fs dd if=/dev/zero of=bering_uml.fs bs=1M count=2 mkfs.minix bering_uml.fs mkdir temp mount -o loop bering_uml.fs ./temp Copy in this file all the lrp packages (and nothing else) also copy the initrd.lrp file in the same dir where you have your UML kernel and your bering_uml.fs Create startup script: #!/bin/sh ./linuxuml-2.4.18-21 ubd0=bering_uml.fs initrd=initrd.lrp root=/dev/ram0 \ init=/linuxrc boot=/dev/ubd0:minix PKGPATH=/dev/ubd0 devfs=nomount \ LRP=root,etc,local,log,modules,shorwall make sure your script is chmod 755 (and also UML kernel) You may also need to update the modules.lrp file with the UML modules files Executing ./linuxuml will fire up your Bering router This does not take care of network connections. Refer to the UML documentation to see how that works Good luck Jacques ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] dnscache: fatal: $IP not set
Le Vendredi 17 Mai 2002 21:06, Jim Van Eeckhoutte a écrit : Im running bering rc1 with dnscache. Installed per nilo site instructions, no problems. But when i enter dnscache at prompt i get dnscache: fatal: $IP not set. What could be causing this also cant see any logs generated from dnscache to verify that it is even working. I think you are not starting up dnscache correctly. You should use the script: /etc/init.d/dnscache start Il you want to see the log, you have to install daemontl.lrp (See the doc) Jacques ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Is there a way to auto email log files
On Fri, 17 May 2002 12:32:09 PDT you wrote: Can anyone provides some more tips or links to mail configuration? This leaf-users mailing search returns a bunch of links that might be useful for debugging DCD mail problems. http://sourceforge.net/search/?forum_id=5483group_id=13751type_of_search=mlistsexact=1words=POSIXness+mail I don't have access to a DCD system right now to check specifics, but I thought most of the major POSIXness mail problem were worked out by v1.02. I use a line like: mail -s leaf fw01 log: $LOG $lrp_MAIL_ADMIN $LOG in the for LOG in $LOGFILES loop inside rotatelogs() in /etc/multicron-p to send logfiles from both Bering and Dachstein servers to me nightly. I don't remember it being necessary to make any changes to POSIXness.mail, but I could be wrong; it's been a long time ago. Be sure to set your mailserver in /etc/POSIXness.conf unless you use the -h option to mail to set your SMTP server. (There's a mail server variable in /etc/lrp.conf too, but I'm not sure if it's used for anything.) My goal is to mail the dyanmaic ip address to another client. The client needs to ssh to backup files on a LEAF protected network. It seems like you should be able to use the dhclient hooks and the the mail command to do exactly what you want. I've never played with the hooks though, so I'm afraid I can't be much help there. Hope that helps a little. Sorry for the lack of specifics. --Brad ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] SMTP 25
i have bering rc1 with shorewall (firewall wide open)and i cant seem to telnet mail.host.com 25. I can ping it and tracert it. Bering firewall is setup with dialup connection to verizon(ppp0) and masq(eth0)to lan. All computers behind the firewall get web and also can recieve mail (pop) but cant send(smtp). Please help. thank you ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-547477 ] Log messages. Customize
Support Requests item #547477, was opened at 2002-04-23 11:30 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=547477group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Log messages. Customize Initial Comment: Hi I am using Bering firewall and I've blocked traffic from my routers port 520. I'm asking what do I have to modify that that 520 port deny's are not logged to messages, cause it only floods that log? Please I've tried to gather that information but not successed. -- Comment By: Eric Wolzak (ericw) Date: 2002-05-17 20:59 Message: Logged In: YES user_id=15026 Hi, perhaps you made an typeing error. In Bering iptables is used. traffic is not denied ( as with ipchains) but dropped (DROP) or rejected (REJECT) You have to insert a line in the shorewall rules file in wicht you DROP or REJECT all traffic to port 520. If you don't give the log options ( :with loglevel) than this package will not be logged. It leaves the walking tree before the logging automatically occurs at the end. If the post is not opened by default, and you made a typo by writing this rule ( DENY) than the rest of the rules is checked, nothing aplies and you and up with an net2all:DROP or all2all:DROP logentry. Hope this answers your questions Info at http://shorewall.net/Documentation.htm#Rules Eriw Wolzak member of the Bering Crew. member of the bering crew -- Comment By: Eric Wolzak (ericw) Date: 2002-05-17 20:58 Message: Logged In: YES user_id=15026 Hi, perhaps you made an typeing error. In Bering iptables is used. traffic is not denied ( as with ipchains) but dropped (DROP) or rejected (REJECT) You have to insert a line in the shorewall rules file in wicht you DROP or REJECT all traffic to port 520. If you don't give the log options ( :with loglevel) than this package will not be logged. It leaves the walking tree before the logging automatically occurs at the end. If the post is not opened by default, and you made a typo by writing this rule ( DENY) than the rest of the rules is checked, nothing aplies and you and up with an net2all:DROP or all2all:DROP logentry. Hope this answers your questions Info at http://shorewall.net/Documentation.htm#Rules Eriw Wolzak member of the Bering Crew. member of the bering crew -- Comment By: Eric Wolzak (ericw) Date: 2002-05-17 20:57 Message: Logged In: YES user_id=15026 Hi, perhaps you made an typeing error. In Bering iptables is used. traffic is not denied ( as with ipchains) but dropped (DROP) or rejected (REJECT) You have to insert a line in the shorewall rules file in wicht you DROP or REJECT all traffic to port 520. If you don't give the log options ( :with loglevel) than this package will not be logged. It leaves the walking tree before the logging automatically occurs at the end. If the post is not opened by default, and you made a typo by writing this rule ( DENY) than the rest of the rules is checked, nothing aplies and you and up with an net2all:DROP or all2all:DROP logentry. Hope this answers your questions Info at http://shorewall.net/Documentation.htm#Rules Eriw Wolzak member of the Bering Crew. member of the bering crew -- Comment By: Mike Noyes (mhnoyes) Date: 2002-05-17 16:45 Message: Logged In: YES user_id=39521 Have you looked at our FAQs? Specifically: FAQs sec09: Security Firewall Questions Answered Why am I getting floods of SYN/ACK packets to my DNS server? http://sourceforge.net/docman/display_doc.php?docid=4715group_id=13751 Let me know if this information helps. -- You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=547477group_id=13751 ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-547477 ] Log messages. Customize
Support Requests item #547477, was opened at 2002-04-23 11:30 You can respond by visiting: http://sourceforge.net/tracker/?func=detailatid=213751aid=547477group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Log messages. Customize Initial Comment: Hi I am using Bering firewall and I've blocked traffic from my routers port 520. I'm asking what do I have to modify that that 520 port deny's are not logged to messages, cause it only floods that log? Please I've tried to gather that information but not successed. -- Comment By: Eric Wolzak (ericw) Date: 2002-05-17 20:59 Message: Logged In: YES user_id=15026 Hi, perhaps you made an typeing error. In Bering iptables is used. traffic is not denied ( as with ipchains) but dropped (DROP) or rejected (REJECT) You have to insert a line in the shorewall rules file in wicht you DROP or REJECT all traffic to port 520. If you don't give the log options ( :with loglevel) than this package will not be logged. It leaves the walking tree before the logging automatically occurs at the end. If the post is not opened by default, and you made a typo by writing this rule ( DENY) than the rest of the rules is checked, nothing aplies and you and up with an net2all:DROP or all2all:DROP logentry. Hope this answers your questions Info at http://shorewall.net/Documentation.htm#Rules Eriw Wolzak member of the Bering Crew. member of the bering crew -- Comment By: Eric Wolzak (ericw) Date: 2002-05-17 20:59 Message: Logged In: YES user_id=15026 Hi, perhaps you made an typeing error. In Bering iptables is used. traffic is not denied ( as with ipchains) but dropped (DROP) or rejected (REJECT) You have to insert a line in the shorewall rules file in wicht you DROP or REJECT all traffic to port 520. If you don't give the log options ( :with loglevel) than this package will not be logged. It leaves the walking tree before the logging automatically occurs at the end. If the post is not opened by default, and you made a typo by writing this rule ( DENY) than the rest of the rules is checked, nothing aplies and you and up with an net2all:DROP or all2all:DROP logentry. Hope this answers your questions Info at http://shorewall.net/Documentation.htm#Rules Eriw Wolzak member of the Bering Crew. member of the bering crew -- Comment By: Eric Wolzak (ericw) Date: 2002-05-17 20:58 Message: Logged In: YES user_id=15026 Hi, perhaps you made an typeing error. In Bering iptables is used. traffic is not denied ( as with ipchains) but dropped (DROP) or rejected (REJECT) You have to insert a line in the shorewall rules file in wicht you DROP or REJECT all traffic to port 520. If you don't give the log options ( :with loglevel) than this package will not be logged. It leaves the walking tree before the logging automatically occurs at the end. If the post is not opened by default, and you made a typo by writing this rule ( DENY) than the rest of the rules is checked, nothing aplies and you and up with an net2all:DROP or all2all:DROP logentry. Hope this answers your questions Info at http://shorewall.net/Documentation.htm#Rules Eriw Wolzak member of the Bering Crew. member of the bering crew -- Comment By: Eric Wolzak (ericw) Date: 2002-05-17 20:57 Message: Logged In: YES user_id=15026 Hi, perhaps you made an typeing error. In Bering iptables is used. traffic is not denied ( as with ipchains) but dropped (DROP) or rejected (REJECT) You have to insert a line in the shorewall rules file in wicht you DROP or REJECT all traffic to port 520. If you don't give the log options ( :with loglevel) than this package will not be logged. It leaves the walking tree before the logging automatically occurs at the end. If the post is not opened by default, and you made a typo by writing this rule ( DENY) than the rest of the rules is checked, nothing aplies and you and up with an net2all:DROP or all2all:DROP logentry. Hope this answers your questions Info at http://shorewall.net/Documentation.htm#Rules Eriw Wolzak member of the Bering Crew. member of the bering crew -- Comment By: Mike Noyes (mhnoyes) Date: 2002-05-17 16:45 Message: Logged In: YES user_id=39521 Have you looked at our FAQs? Specifically: FAQs sec09: Security Firewall Questions Answered Why am I getting floods of SYN/ACK packets to my DNS server? http://sourceforge.net/docman/display_doc.php?docid=4715group_id=13751 Let me know if this information helps.
Re: [leaf-user] SMTP 25
On Fri, 17 May 2002, Jim Van Eeckhoutte wrote: i have bering rc1 with shorewall (firewall wide open)and i cant seem to telnet mail.host.com 25. I can ping it and tracert it. Bering firewall is setup with dialup connection to verizon(ppp0) and masq(eth0)to lan. All computers behind the firewall get web and also can recieve mail (pop) but cant send(smtp). Please help. thank you Jim, I think your post is mis-leading. I think you were able to telnet to mail.shorewall.net 25; there is ONE smtp server that you can't telnet to, right? -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SMTP 25
On Fri, 17 May 2002 13:58:52 PDT Jim Van Eeckhoutte wrote: i have bering rc1 with shorewall (firewall wide open)and i cant seem to telnet mail.host.com 25. Are there any log messages in /var/log/messages that would indicate shorewall is blocking traffic to mail.host.com:25 ? If not, is mail.host.com the SMTP server verizon told you to use? It's possible that verizon may be blocking outbound SMTP traffic not bound for their relay in order to reduce spam. Earthlink dialup uses that technique and forces mail through mail.earthlink.net. --Brad ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SMTP 25
At 01:58 PM 5/17/02 -0700, Jim Van Eeckhoutte wrote: i have bering rc1 with shorewall (firewall wide open)and i cant seem to telnet mail.host.com 25. I can ping it and tracert it. What is mail.host.com and where it is located? For example, is it a DMZ server of yours on its own interface, using port-forwarding from the router? Is it your ISP's mail forwarder? Is it the router itself? Is it an off-LAN mail server at another site run by your company? Or is it something else? Is it the same machine from which the LAN clients receive their POP3 mail? If so, does the POP3 access program also use mail.host.com to identify the server, or something else? If you tell the SMTP client (which one is it, BTW?) to find the SMTP server by its actual IP address, does that do any better? Or can you telnet to its port 25 if you use its actual IP address? If it is your machine ... what OS does it run and what SMTP server package? Is it set up to do DNS resolution properly? Can the SMTP server telnet to its own port 25 successfully? If it is your ISP's machine ... does it require any authentication before accepting SMTP traffic for forwarding? Bering firewall is setup with dialup connection to verizon(ppp0) and masq(eth0)to lan. All computers behind the firewall get web and also can recieve mail (pop) but cant send(smtp). Please help. thank you -- Never tell me the odds!--- Ray Olszewski-- Han Solo Palo Alto, CA[EMAIL PROTECTED] ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SMTP 25
nothing in logs indicates blocking nor does verizon. I used mail.host as and example. - Original Message -- From: Brad Fritz [EMAIL PROTECTED] Date: Fri, 17 May 2002 16:30:01 -0500 On Fri, 17 May 2002 13:58:52 PDT Jim Van Eeckhoutte wrote: i have bering rc1 with shorewall (firewall wide open)and i cant seem to telnet mail.host.com 25. Are there any log messages in /var/log/messages that would indicate shorewall is blocking traffic to mail.host.com:25 ? If not, is mail.host.com the SMTP server verizon told you to use? It's possible that verizon may be blocking outbound SMTP traffic not bound for their relay in order to reduce spam. Earthlink dialup uses that technique and forces mail through mail.earthlink.net. --Brad ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SMTP 25
mail.host.com was an example of an outside smtp server. I cant telnet to any of them. I have no mail servers internally. Also have tried just ip address instead of FQN .. no go. All machines behind firewall are win2k and winME. -- Original Message -- From: Ray Olszewski [EMAIL PROTECTED] Date: Fri, 17 May 2002 14:33:53 -0700 At 01:58 PM 5/17/02 -0700, Jim Van Eeckhoutte wrote: i have bering rc1 with shorewall (firewall wide open)and i cant seem to telnet mail.host.com 25. I can ping it and tracert it. What is mail.host.com and where it is located? For example, is it a DMZ server of yours on its own interface, using port-forwarding from the router? Is it your ISP's mail forwarder? Is it the router itself? Is it an off-LAN mail server at another site run by your company? Or is it something else? Is it the same machine from which the LAN clients receive their POP3 mail? If so, does the POP3 access program also use mail.host.com to identify the server, or something else? If you tell the SMTP client (which one is it, BTW?) to find the SMTP server by its actual IP address, does that do any better? Or can you telnet to its port 25 if you use its actual IP address? If it is your machine ... what OS does it run and what SMTP server package? Is it set up to do DNS resolution properly? Can the SMTP server telnet to its own port 25 successfully? If it is your ISP's machine ... does it require any authentication before accepting SMTP traffic for forwarding? Bering firewall is setup with dialup connection to verizon(ppp0) and masq(eth0)to lan. All computers behind the firewall get web and also can recieve mail (pop) but cant send(smtp). Please help. thank you -- Never tell me the odds!--- Ray Olszewski-- Han Solo Palo Alto, CA [EMAIL PROTECTED] ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SMTP 25
At 03:18 PM 5/17/02 -0700, Jim Van Eeckhoutte wrote: mail.host.com was an example of an outside smtp server. I cant telnet to any of them. I have no mail servers internally. Also have tried just ip address instead of FQN .. no go. All machines behind firewall are win2k and winME. For how high a value of any? That is, how many different ones have you tried? Is one of them the one your ISP says you should use as its mail forwarder? What heppens if you try *my* mail server (comarre.com:25) ... at least we'll be able to look at both ends of that one! Is the result any different if you try to connect from the router itself? And just what *is* the result? Does it just sit there? Say Connection refused? Something else? Jim -- the direct answer is that we can't give you much help yet because you haven't told us very much. More details would help. -- Never tell me the odds!--- Ray Olszewski-- Han Solo Palo Alto, CA[EMAIL PROTECTED] ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: Re: [leaf-user] Is there a way to auto email log files
I do not know if this is exactly correct... I have SU in my /usr/sbin directory and I used the grep(mail) from Charles's site. Per your goal below, I have a package for emailing your IP address also, its called mailip.lrp. it uses the same SU and MAIL as the package that emails logfiles. Chuck - Original Message - From: Greg Morgan [EMAIL PROTECTED] To: [EMAIL PROTECTED]; chuck [EMAIL PROTECTED]; Dragon Wood [EMAIL PROTECTED] Sent: Friday, May 17, 2002 3:32 PM Subject: Re: Re: [leaf-user] Is there a way to auto email log files chuck [EMAIL PROTECTED] wrote: I created a package to do just that... e-mail log files to a single or multiple addresses and you can specify which files to send. Its called mailstats.lrp and can be found at http://www.vette66.com It requires a working SU command and MAIL command. Is there a way to tell if you already have the working su and mail commands already on your LEAF release? I see from http://lrp.steinkuehler.net/Packages/Utilities.htm I can get su and grep (mail) command for Dachstien. Dargon was asking about this on bering rc2. From Charle's site is says that grep(mail) is in Dachstein releases. I looked all around in bin and sbin directories of my running DCD 1.02. I could not find su. So I guess su is not included on the CD. So do I 1.) put su in /bin? 2.) edit /var/lib/lrpkg/root*list to add su? 3.) backup root.lrp? I ask all these questions because I was unsuccessful using ipmail out of KP Kirchdoerfer's modification to DCD 1.02 described at http://leaf.sourceforge.net/article.php?op=Printsid=30. The release notes suggested that there still is a problem with mail. Can anyone provides some more tips or links to mail configuration? My goal is to mail the dyanmaic ip address to another client. The client needs to ssh to backup files on a LEAF protected network. Thanks, Greg Morgan I expanded what was done by Charles and his mailonerr script. Hope this helps, vette66 (Chuck) - Original Message - From: Dragon Wood [EMAIL PROTECTED] snip I am using bering rc2. The /var/log directory gets filled up quickly. How can I set it up such that the files get automatically forwarded to an email address and deleted when gets to a certain size? ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SMTP 25
On Fri, 17 May 2002, Jim Van Eeckhoutte wrote: mail.host.com was an example of an outside smtp server. I cant telnet to any of them. I have no mail servers internally. Also have tried just ip address instead of FQN .. no go. All machines behind firewall are win2k and winME. Have you checked with your ISP to see if they block outgoing SMTP as an anti-spamming measure? -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Losing Connectivity on Static NAT'd System
Hi, I have a LEAF Bering 1.0-rc1 system (Shorewall 1.2.8) and have 5 static external IP addresses to use. One IP is the primary of the firewall, I am using proxy arp for three of the IP's (DMZ network servers), and static NAT for the last IP (internal network system). This is a similar setup to the newer example network in the Shorewall documentation. Everyting, seems to work just fine, with one exception. After a long period of idleness I find that I cannot connect to external and DMZ hosts from the statically NAT'd system, though it can connect to internal network hosts just fine. All other connections work as configured (DMZ-internal, internal (masq'd) -Internet, ...), so appears to be an issue specific to the static NAT. When the problem occurs I cannot make any TCP connections to the Internet, for example, from the static NAT'd PC. Also, if I ping an Internet host, from it the packets are dropped by the firewall: Shorewall:rfc1918:DROP:IN=eth0 OUT=eth0 SRC=static_nat_host DST=non-internal_network_host ... If I tracert (Windows tracroute, using ICMP) from this static_nat_host to the same non-internal_network_host, the tracert works and then everything works fine, thereafter, until I don't use the system for a while (ex: turn it off, go to sleep, come back in the morning). Just a guess: Is this an ARP issue with Shorwall? Your suggestions would be appreciated. Thanks, Brian ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: [Shorewall-users] Losing Connectivity on Static NAT'd System
On Fri, 17 May 2002, Brian Credeur wrote: Hi, I have a LEAF Bering 1.0-rc1 system (Shorewall 1.2.8) and have 5 static external IP addresses to use. One IP is the primary of the firewall, I am using proxy arp for three of the IP's (DMZ network servers), and static NAT for the last IP (internal network system). This is a similar setup to the newer example network in the Shorewall documentation. Everyting, seems to work just fine, with one exception. After a long period of idleness I find that I cannot connect to external and DMZ hosts from the statically NAT'd system, though it can connect to internal network hosts just fine. All other connections work as configured (DMZ-internal, internal (masq'd) -Internet, ...), so appears to be an issue specific to the static NAT. When the problem occurs I cannot make any TCP connections to the Internet, for example, from the static NAT'd PC. Also, if I ping an Internet host, from it the packets are dropped by the firewall: Shorewall:rfc1918:DROP:IN=eth0 OUT=eth0 SRC=static_nat_host DST=non-internal_network_host ... Do you have both sides of your firewall connected to the same hub or switch? -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] ___ Hundreds of nodes, one monster rendering program. Now thats a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Losing Connectivity on Static NAT'd System
I don't quite understand your trouble description, and the reason I don't is a nice example of why I try to discourage posters from editing reports to conceal non-secret material like IP addresses. You report the log entry for a failed ping as: Shorewall:rfc1918:DROP:IN=eth0 OUT=eth0 SRC=static_nat_host DST=non-internal_network_host ... But what is Shorewall *actually* reporting where you substituted static_nat_host ... the host's actual (private) IP address or the public IP address that the router is static-NAT'ing to the private address? I'd guess the second, since the router also thinks eth0 is both the source and the destination interface. But guessing wastes time. At 06:43 PM 5/17/02 -0500, Brian Credeur wrote: Hi, I have a LEAF Bering 1.0-rc1 system (Shorewall 1.2.8) and have 5 static external IP addresses to use. One IP is the primary of the firewall, I am using proxy arp for three of the IP's (DMZ network servers), and static NAT for the last IP (internal network system). This is a similar setup to the newer example network in the Shorewall documentation. Everyting, seems to work just fine, with one exception. After a long period of idleness I find that I cannot connect to external and DMZ hosts from the statically NAT'd system, though it can connect to internal network hosts just fine. All other connections work as configured (DMZ-internal, internal (masq'd) -Internet, ...), so appears to be an issue specific to the static NAT. When the problem occurs I cannot make any TCP connections to the Internet, for example, from the static NAT'd PC. Also, if I ping an Internet host, from it the packets are dropped by the firewall: Shorewall:rfc1918:DROP:IN=eth0 OUT=eth0 SRC=static_nat_host DST=non-internal_network_host ... If I tracert (Windows tracroute, using ICMP) from this static_nat_host to the same non-internal_network_host, the tracert works and then everything works fine, thereafter, until I don't use the system for a while (ex: turn it off, go to sleep, come back in the morning). Just a guess: Is this an ARP issue with Shorwall? Your suggestions would be appreciated. -- Never tell me the odds!--- Ray Olszewski-- Han Solo Palo Alto, CA[EMAIL PROTECTED] ___ Hundreds of nodes, one monster rendering program. Now that's a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html