Re: [leaf-user] DNS request timed out
Craig At 01:10 10.07.2002, you wrote: >Hi folks, >For those who have replied, I'm running the vanilla, Dachstein CD. The >only thing I have changed from the default configuration is to uncomment >the correct NIC drivers, and changed the root password. That's it. I've >left everything else alone..."if it ain't broke..." you know the rest! >:-) kindly give us some more information please see http://leaf.sourceforge.net/mod.php?mod=userpage&menu=11&page_id=4 for details regards Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] IPSEC Howto for LRP
This is it, thanks to all who answered! Wonderful work guys and girls. Lynn's howto with Chad's windows setup info makes a great combo. IPSEC Its working!! Thanks heaps, Matt > > I think the doc you are talking about is this ipsec howto, courtesy of > > Lynn Avants, which describes four different scenarios for > > ipsec setup. I > > cannot, however, find it anywhere on the site. Lynn? Have a > > link for us > > to the current version? > > > > Also, perhaps we should consider merging the documents, since > > mine is a > > little light on actual ipsec configuration, but has some > > pretty good stuff > > on certificates and Windows 2000 configuration. > > > > Or we can just steal each other's good parts and have two docs in > > different places! > > > > Thanks, > > Chad > > > > > > > > # start of HowTo ### > > > > # Basic IPSec VPN HowTo ## > > By Lynn Avants > > > > Virtual Private Networking (aka "VPN") is very popular for low-cost > > connections > > between remote offices, employees that need a connection to > > the company > > LAN from home, --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] daemon vs. savelog ???
Jeff Newmiller wrote: > > On Tue, 9 Jul 2002, Charles Steinkuehler wrote: [ snip ] > > > After savelog rotates the logfile, $DAEMON is writing to logfile.0, > > > instead of logfile. Obviously, this is not acceptable ;< > > > > > > I assume that this has something to do with the original redirected > > > output keeping logfile open, even during the rename to logfile.0 > > > > Correct...the file-handle used to log the daemon's output doesn't "go > > bad" just because another process renamed the file. > > > > > is there a workaround? > > > > Yes...you have to get your process to close the log-file and re-open it > > (so it starts writing to logfile, rather than logfile.0). Since it > > sounds like you're doing the logging at the shell level, you'll probably > > just want to effectively do a "restart"...this can be handled using the > > savelog scripts by providing a command to execute after rotating the > > logs (ie: svi mydaemon restart). > > or just split the output and write it line-by-line... if you don't mind > the timestamping offered by syslogd, you can use something like > > # $DAEMON 2>&1 | streamlog > > ---streamlog--- > #!/bin/sh > # streamlog - splits a stream and logs each line of stdin with logger > > IFS='' > while read lin; do > logger -p local1.user "$lin" > done > --- Yes, this is my preferred solution -- thank you. Although, logger is not a good choice for this app, the message stream is pretty lean and re-starting the app at log rotation was far more distasteful For those wondering, this is a cleanup and enhancement to my ntpclnt.lrp that Charles wants to include in the next version of dcd. -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] eth1:Tx timeout! Resetting card
On Tue, 9 Jul 2002 21:15:23 -0700 "Brock Nanson" <[EMAIL PROTECTED]> wrote: > The Lucent is NOT a PRISM2 card. The orinoco_cs driver will work with > many PRISM2 cards, but I think what this suggests is that the > /etc/pcmcia/config file is being checked and the wrong card is found. I > don't know if that is causing your problem, but who knows ;-). I had my > configuration miss my card at first too, so I deleted all the extra > entries from the file... didn't need the other stuff anyway as I won't > be using other cards. It eventually settled on using the right entry. http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/ http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Linux.Wireless.drivers.html#WavelanIEEE -- Chad Carr [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] bering, pcmcia, wireless, and bridge
Mark, you can add bridge_maxwait xxx to the interfaaces file at the bridge config. Maybe this can help. Manfred Mark A Nordstrand schrieb: > > Manfred, > > Have the eth entries commented out and the bridge > entry uncommented in /etc/network/interfaces. My > poking around in if-pre-up.d/bridge has > /proc/net/dev empty (or with out any eth entries). > As a guess, this is because pcmcia either hasn't > run or isn't finished. My gut tells me this is > the root of the problem. Further poking around > confirms this as I see the bridge scripts exiting > before hearing the beeps (and messages) from pcmcia. > > Manfred Schuler wrote: > > > > Mark, > > > > bridge configuration is done in /etc/network/interfaces. > > At the end of the file is an example bridge configuration > > In the bridge_ports line you list the devices you want to > > bridge, normally your internal interfaces. > > These devices must not be configured, so comment out the > > respective lines. > > Backup etc. > > > > In the file /etc/network/if-pre-up.d/bridge > > > > the line > > brctl addif $IFACE $i && ip set dev $i up > > should read > > brctl addif $IFACE $i && ip link set dev $i up > > > > Change this and backup bridge. > > > -- > Mark -- Manfred Schuler E_Mail: mailto:[EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] bering, pcmcia, wireless, and bridge
Manfred, Added a maxwait of 600 and a -x to the sh to see what's going on. The for loop on `brctl showstp...` isn't being entered, so $BREADY is still true and this kicks it out of the while loop. Manfred Schuler wrote: > > Mark, > you can add bridge_maxwait xxx to the interfaaces file > at the bridge config. > Maybe this can help. > > Manfred > -- Mark --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Newbie Status
Many thanks to those of you who gave valuable answers, especially Ray, Kim and Phillip. I'm currently running Dachstein, because I don't think the default Bering dist will run on my 486CPU (2.4 kernel?) Someone correct me if I'm wrong. So that leaves me using Seattle Firewall as my firewall software. I havn't figgered out how to put additional lrp's on my boot floppy. I may detour long enuff to boot off of one of the little IDE hard drives in the box. 1) The NetGear FA311 uses the NatSemi.O module. The only wierdness I see is that the MAC address returned by the ip command do not match those the NetGear DIAG software reports. 2) All 4 cards are now recognized by the O/S and are ping-able. IRQ's and I/O's looks good 3) The card connected to the Cable modem fired out a DHCP request, and properly implemented the returned address/gateway/DNS infoprmation. 4) The card connected to the internall net is answering DHCP requests and assigning addresses in the correct range. (192.168.2.1--199) 5)No firewall rules appear to be set up yet (ipchains reports all ACCEPT and no rules) 6) I can't (yet) ping from inside MASQ'd net to outside world. This is my next chore. Will this version accept the firewall rules set I have running on my older IPCHAINS box? Thanks again. When I get ready to drop multiple IP's on each ethernet port (OLD dedicated IP's need to be replaced with new dedicated IP's, and some are main DNS servers), I expect things to get wierd again, and I may holler here So much power on a floppy. The only REALLY SCARY time was before my first cup of coffee this morning when I had to boot my main development (WINDOWS) box, cause of a stupid vanishing mouse pointer... Up popped Dachstein, and it completely booted into firewall mode. No errors. No floppy in the drive. I thought all 40 gigs of code/ apps/ docs was GONE! Then I found the CD I burned yesterday still in the CD/R/W drive...(WHEW) what a rush! harold -- This message has been scanned for viruses and dangerous content by NW.NET's MailScanner, and is believed to be clean. --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Newbie Status
On Wed, 10 Jul 2002, Harold Miller wrote: > I'm currently running Dachstein, because I don't think the default Bering > dist will run on my 486CPU (2.4 kernel?) Someone correct me if I'm wrong. I use 486's with Bering. --- Jeff NewmillerThe . . Go Live... DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] seting up networking...
Bering rc2
This is the general procedure I use to bring up networking... I
understand there is a way to bring up an interface to listen to an
entire subnet, not just an address. Can someone help me with the ip
syntax?
Thanks,
// George
down () {
d=`ip -o link show | cut -d: -f2`
for i in $d ; do
ip addr flush $i
ip link set $i down
done
}
up () {
ip link set lo up
ip link set eth0 up
ip link set eth1 up
ip addr add 127.0.0.1/8 label lo dev lo
ip addr add 192.168.2.66/24label eth0 dev eth0
ip addr add 10.1.1.1/8 label eth1 dev eth1
ip route add 127/8 via 127.0.0.1 table main
}
case "$1" in
start)
down
up
;;
stop)
down
;;
restart)
down
up
;;
*)
echo "Usage: /etc/init.d/network.sh {start|stop|restart}"
exit 1
esac
exit 0
--
GEORGE GEORGALIS, System Admin/Architectcell: 347-451-8229
Security Services, Web, Mail,mailto:[EMAIL PROTECTED]
File, Print, DB and DNS Servers. http://www.galis.org/george
---
This sf.net email is sponsored by:ThinkGeek
Two, two, TWO treats in one.
http://thinkgeek.com/sf
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering: bridge.lrp package updated
This bridge.lrp package should replace the one provided with any version of Bering prior to and including rc3. It fixes the following errors: 1) /var/lib/lrpkg/bridge.conf now points to the proper bridge scripts 2) The /etc/network/if-pre-up.d/bridge script is fixed 3) /var/lib/lrpkg/bridge.version set to 0.9.5 corresponding to the version of bridge-utils used to compile brctl Thanks to Allessandro Renieri and Manfred Shuler for spoting those bugs. The update is available in the Bering update directory: http://leaf.sourceforge.net/devel/jnilo/bering/update/bridge/ Any volunteer around to write up the bridge section of Bering user's guide ? Jacques --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering: shorwall.lrp package updated with 1.3.3 version
Tom recently updated its shorewall package to version 1.3.3. See: http://www.shorewall.net The corresponding version for Bering is now available in the Bering update directory. It has been built following the procedure described here: http://leaf.sourceforge.net/devel/jnilo/bishorwall.html It also include the new two-interfaces sample files with updated comments introduced with version 1.3.2 IMPORTANT: You must update the root.lrp package before doing any backup of this new shorwall.lrp. See the README.txt in the Bering update directory: http://leaf.sourceforge.net/devel/jnilo/bering/update/shorewall/ Jacques --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Newbie Status
Bering will run on 486. Bering has netfilter and iptables. Worth moving up to after you get your bearings. --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] bridge update? still not working.....
Grabbed the new lrp posted recently hoping it was in response to problems I have been seeing with bridge, pcmcia, and wireless. if-up.d/bridge still falls through the for loop at the bottom. It does work fine if I log in afterwards and stop and restart the network. -- Mark Linux, it is now safe to turn ON your computer. --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Status
OK, I threw away a days worth of work, and switched to Bering. It looks like it's operational. I still have a ways to go. It seems that it takes a LONG time to back up all to a floppy (hour+??) Any suggestions? I got nothing out of the masqueraded systems untill I typed 'shorewall start' in the LEAF box. Where is that command normally executed? Again, thanks. Any of ya swing thru S. Oregon, stop by and I'll buy ya a beer. :) harold -- This message has been scanned for viruses and dangerous content by NW.NET's MailScanner, and is believed to be clean. --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] seting up networking...
On Wed, 10 Jul 2002, George Georgalis wrote:
> Bering rc2
>
> This is the general procedure I use to bring up networking... I
> understand there is a way to bring up an interface to listen to an
> entire subnet, not just an address.
Are you thinking of proxy-arp?
http://www.shorewall.net/Documentation.htm#ProxyArp
> Can someone help me with the ip syntax?
Why are you re-inventing the network scripts?
It hardly looks like Bering when you do this. See below...
>
> Thanks,
> // George
>
>
>
> down () {
> d=`ip -o link show | cut -d: -f2`
> for i in $d ; do
> ip addr flush $i
> ip link set $i down
> done
> }
>
> up () {
> ip link set lo up
> ip link set eth0 up
> ip link set eth1 up
> ip addr add 127.0.0.1/8 label lo dev lo
> ip addr add 192.168.2.66/24label eth0 dev eth0
> ip addr add 10.1.1.1/8 label eth1 dev eth1
> ip route add 127/8 via 127.0.0.1 table main
> }
>
> case "$1" in
> start)
> down
> up
> ;;
>
> stop)
> down
> ;;
>
> restart)
> down
> up
> ;;
>
> *)
> echo "Usage: /etc/init.d/network.sh {start|stop|restart}"
> exit 1
> esac
> exit 0
How about:
---/etc/network/interfaces---
# Loopback interface.
auto lo
iface lo inet loopback
#...
# Option 1.2: eth0 / Fixed IP (assumed to be 1.2.3.4).
# (broadcast/gateway optional)
auto eth0
iface eth0 inet static
address 192.168.2.66
masklen 24
broadcast 192.168.2.255
#gateway 192.168.2.1
# ...
# Step 2: configure internal interface
# Default: eth1 / fixed IP = 192.168.1.254
auto eth1
iface eth1 inet static
address 10.1.1.1
masklen 8
broadcast 10.255.255.255
-
and use Shorewall, removing the "norfc1918" option.
---
Jeff NewmillerThe . . Go Live...
DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go...
Live: OO#.. Dead: OO#.. Playing
Research Engineer (Solar/BatteriesO.O#. #.O#. with
/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
---
---
This sf.net email is sponsored by:ThinkGeek
Two, two, TWO treats in one.
http://thinkgeek.com/sf
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Problem with 2.4.x kernel Linmodem drivers & unknown IRQ conflicts
Hello, I've been trying to get some Linmodem drivers to work correctly with Bering 1.0-rc3. The drivers work on my p350 with RedHat installed with both the 2.4.0 & 2.4.9-13 kernels. After compiling I end up with 2 files - pctel.o & ptserial.o. I've put both of these in /lib/modules & made changes to /etc/modules (is this the right place?). I've tried listing them before the network module (tulip.o, which it does load), between the network module & the ppp modules (slhc, ppp_generic, ppp_async, & ppp_deflate), & after the ppp modules. Going through syslog it seems to do some strange things, but syslog looks the same no matter where I list the 2 modules - ... VFS: Disk change detected on device fd(2,44) Linux Tulip driver version 0.9.15-pre9 (Nov 6, 2001) PCI: Found IRQ 11 for device 00:0e.0 IRQ routing confliect for 00:0e.0, have irq5, want irq 11 eth0: ADMtek Comet rev 17 at 0xca81b000, 00:03:6D:14:4B:88, IRQ 5. CSLIP: code copyright 1989 Regents of the University of California PPP generic driver version 2.4.1 PPP Deflate Compression module registered .. This is on the exact same system I've been running RedHat on (I wanted to test it on a system I knew worked). My only problem is I'm unsure where RedHat has the startup modules listed or else I'd check that to see how it loads these modules & in what order. eth0 is a LinkSys EtherFast 10/100 LAN Card & the drivers disk has tulip.c (I did not compile this though, I used the tulip.o in the Bering Modules tar). I've also tried to view 192.168.0.254 because the weblet module is running, but I get an error saying it can't find the server. 192.168.0.254:80 brings up an invalid syntax error, & pinging it times out. I would try pinging out, but I'm unfamiliar with the linux networking tools :( Patrick --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] seting up networking...
On Wed, Jul 10, 2002 at 05:42:43PM -0700, Jeff Newmiller wrote: >On Wed, 10 Jul 2002, George Georgalis wrote: > >> Bering rc2 >> >> This is the general procedure I use to bring up networking... I >> understand there is a way to bring up an interface to listen to an >> entire subnet, not just an address. > >Are you thinking of proxy-arp? > >http://www.shorewall.net/Documentation.htm#ProxyArp > Interesting, but not what I had in mind. I'm using nat for a dmz and rather than bring up an each available ip as an alias, I thought there was a way to bring up the subnet and let iptables take over from there. >> Can someone help me with the ip syntax? > >Why are you re-inventing the network scripts? > >It hardly looks like Bering when you do this. See below... There are a few reasons I did it this way. I started to use shorewall but found it more complicated to learn than the iptables scripts alone, especially because the rules will change often, remotely, via scripts, to manage new hosts; seemed easier just to scp an iptables script and execute regularly with cron. Oh, I saved a lot of space not using the shorewall.lrp too, enough to fit in sshd.lrp which is a necessity because there is no room for a video card, only interfaces. I guess that explains why I use the network script too, saving space on the floppy. I think I'm going to make a basic network.sh, and scp the larger one to the running image. Thanks, // George -- GEORGE GEORGALIS, System Admin/Architectcell: 347-451-8229 Security Services, Web, Mail,mailto:[EMAIL PROTECTED] File, Print, DB and DNS Servers. http://www.galis.org/george --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] bridge update? still not working.....
On Wednesday 10 July 2002 18:29, Mark A Nordstrand wrote: > Grabbed the new lrp posted recently hoping it was > in response to problems I have been seeing with > bridge, pcmcia, and wireless. > > if-up.d/bridge still falls through the for loop > at the bottom. It does work fine if I log in > afterwards and stop and restart the network. It sounds like an interface or protocol is loading in "init" out of order if everything is functioning correctly. On another note, I believe WISP avoided mixing routed and bridged interfaces for core functionality problems. I seem to remember someone saying that the kernel could not do both on the same interface... thus the reason for WISP using WAN routing protocols instead of bridging. ProxyARP is another story, but a very different function from true Bridging. I guess it would be easier to help if I new exactly what you are trying to do you've hinted at your setup without being clear and simply stating it. We see a lot of confusion on the list over this simple fact... quite often it amounts to different terminology. Looking for some more info.. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Status
On Wednesday 10 July 2002 18:16, Harold Miller wrote: > It seems that it takes a LONG time to back up all to a floppy > (hour+??) Any suggestions? Seems like a long time to me, what are you backing up??? > I got nothing out of the masqueraded systems untill I typed > 'shorewall start' in the LEAF box. Where is that command normally > executed? /etc/init.d/shorewall What does your /etc/networking/interfaces file look like... this is probably where the error is or in the Shorewall config. > Again, thanks. Any of ya swing thru S. Oregon, stop by and I'll buy > ya a beer. :) beer... ;-) -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] seting up networking...
On Wednesday 10 July 2002 20:52, George Georgalis wrote: > Interesting, but not what I had in mind. I'm using nat for a dmz and > rather than bring up an each available ip as an alias, I thought > there was a way to bring up the subnet and let iptables take over > from there. You can set an interface as an entire subnet w/o alias'ing. Your interface must have atleast one set address for routing to work. You seem to be looking at something more along the lines of WAN routing. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] seting up networking...
--On Wednesday, July 10, 2002 21:13:53 -0500 guitarlynn <[EMAIL PROTECTED]> wrote: > On Wednesday 10 July 2002 20:52, George Georgalis wrote: >> Interesting, but not what I had in mind. I'm using nat for a dmz and >> rather than bring up an each available ip as an alias, I thought >> there was a way to bring up the subnet and let iptables take over >> from there. > > You can set an interface as an entire subnet w/o alias'ing. Your > interface must have atleast one set address for routing to work. > You seem to be looking at something more along the lines of > WAN routing. He may be refering to the MIRROR target -- that code must still be in Patch-O-Matic since my 1.2.6a iptables doesn't mention it under "man iptables". AFAICT though, the MIRROR target only takes care of the NAT table stuff -- it doesn't make your external NIC magically start responding for an entire subnet. -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] seting up networking...
On Wed, Jul 10, 2002 at 07:30:39PM -0700, Tom Eastep wrote: > > >--On Wednesday, July 10, 2002 21:13:53 -0500 guitarlynn ><[EMAIL PROTECTED]> wrote: > >> On Wednesday 10 July 2002 20:52, George Georgalis wrote: >>> Interesting, but not what I had in mind. I'm using nat for a dmz and >>> rather than bring up an each available ip as an alias, I thought >>> there was a way to bring up the subnet and let iptables take over >>> from there. >> >> You can set an interface as an entire subnet w/o alias'ing. Your >> interface must have atleast one set address for routing to work. >> You seem to be looking at something more along the lines of >> WAN routing. > >He may be refering to the MIRROR target -- that code must still be in >Patch-O-Matic since my 1.2.6a iptables doesn't mention it under "man >iptables". AFAICT though, the MIRROR target only takes care of the NAT >table stuff -- it doesn't make your external NIC magically start responding >for an entire subnet. I think Lynn described exactly what I'm looking for, set up an interface as an entire subnet and an address in that net for routing. I don't mind specifying each ip in iptables rules (I'm generating the tables from a db), but I would like to avoid an alias for each internet ip. Not sure of the syntax though. // George -- GEORGE GEORGALIS, System Admin/Architectcell: 347-451-8229 Security Services, Web, Mail,mailto:[EMAIL PROTECTED] File, Print, DB and DNS Servers. http://www.galis.org/george --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Adding routes
I've got a Bering RC2 setup that I need to add a static route to, but I can't figure out where to add it... I know what I need, just not sure where is the proper place to implement... Any help appreciated.. --- Homer Parker (The Bogus One) http://www.homershut.net telnet://bbs.homershut.net This e-mail message is 100% Microsoft free! WARNING: THIS ACCOUNT BELONGS TO A RABID ANTI-SPAMMER NET-NAZI DOT-COMMUNIST. /"\ \ / ASCII Ribbon Campaign X Against HTML Mail / \ msg07944/pgp0.pgp Description: PGP signature
Fwd: Re: [leaf-user] bridge update? still not working.....
Thanks Jim! -- Forwarded Message -- Subject: Re: [leaf-user] bridge update? still not working. Date: Wed, 10 Jul 2002 23:35:56 -0500 From: "Jim TerWee" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> I have used Bering alot as a bridge with pcmcia and ethernet. What I had to do was edit the modutils in /etc/init.d and add a sleep 5 at the beginning this gives the pcmcia a chance to load before the scripts start running. What you will see otherwise is that the bridge will start to load before pcmcia has initialized and it misses the interface. That would be why you can do a reload after you log in and it will work. This little tweak makes a lot of the pcmcia stuff work better. I am sending this to you directly so you can pass this onto the list as for some reason the list serv really doesn't like my email server Jim TerWee --- -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by:ThinkGeek PC Mods, Computing goodies, cases & more http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] seting up networking...
I'm sorry George, upon re-reading my post I found a unintended typo that is probably mis-leading you. The corrected sentence would have been: > ><[EMAIL PROTECTED]> wrote: > >> You cannot set an interface as an entire subnet w/o alias'ing. Your ^^ > >> interface must have atleast one set address for routing to work. > >> You seem to be looking at something more along the lines of > >> WAN routing. My apologies for the mistake. :-( > >> On Wednesday 10 July 2002 20:52, George Georgalis wrote: > >>> Interesting, but not what I had in mind. I'm using nat for a dmz > >>> and rather than bring up an each available ip as an alias, I > >>> thought there was a way to bring up the subnet and let iptables > >>> take over from there. Although the closest options I could think of to do this of this nature would be to attempt to declare the subnet in "eth0_EXTRA_IP_ADDR=" option of Dachstein or run all external http traffic through a web-proxy like Squid and redirect to the proper DMZ server. I hope this helps, -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by:ThinkGeek PC Mods, Computing goodies, cases & more http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
