[leaf-user] Re: Wisp-dist, VTun, Bridge
Tue, Jul 16, 2002 at 08:48:34PM -0700 Brock Nanson wrote about Wisp-dist, VTun, Bridge > Internet > | > Router > | > BridgeBox 200.100.10.1 (VTun endpoint) > | > Access Point, ROR, whatever 192.168.0.1 192.168.0.2 LEAFBridge (VTun > End)---Client 200.100.10.2 > | > 192.168.0.y LEAFBridge(VTun End) > | > Client 200.100.10.x Hi, If I understand your scenario correctly, you do not need VTun here at all. Just turn on bridging (parprouted is integrated in the 2290 build) on all of the intermediatory routers. L3 bridging that is used by WISP-Dist should work together with L2 bridging used by ROR without problems. Then the client having an IP address 200.100.10.x will be able to ping and route through 200.100.10.1. You can use VTun, but I think in this case it will only make things more complicated than necessary. > > I'm to the point where I think that I can do at least one client using VTun > and proxy arp(?). The idea being that I bridge with the regular eth card > and the tap device so that the wireless card doesn't knowingly break it's > commandment not to pass a MAC other than it's own. That is, a bridge flows > through the tunnel and out a bridge on the other end. What I don't know and > really need to know is: > > 1) If I have multiple tap devices, can I build multiple bridges, one for > each tap combined with the SAME eth device? > 2) Will Wisp-Dist do this as it is configured in the latest release? > 3) Will parprouted do a better job of this? Will it work on the > Wisp-Dist? > 4) Is this an insane idea with no hope of success? > > All comments are welcome! > > Brock > -- Best Regards Vladimir Ivaschenko http://www.hazard.maks.net/ --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] problem starting ipsec with bering rc3
> > anyone have ipsec working on bering RC3 > yes it works flawlessly here on nic's i have problem with xdsl > interfaces tho. > > veryfy that you have correct settings in shorewall > espesially, zones interfaces and tunnels. > > mvh > Ronny Aasen Ronny: Thanks for this reassuring info :-) Are you using the 1.97 or the 1.98b ipsec.lrp package ? I have got no feedback at all on 1.98b. Anyone around using it successfully (no news = good news ???) See: http://leaf.sourceforge.net/article.php?sid=47 Jacques -- Profitez de l'offre exceptionnelle Tiscali ! "Internet Gratuit le Jour" Cliquez ici, http://register.tiscali.fr/forfaits_ls/ Offre soumise à conditions. --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] problem starting ipsec with bering rc3
On Wed, 2002-07-17 at 12:39, Jacques Nilo wrote: > > > > anyone have ipsec working on bering RC3 > > > yes it works flawlessly here on nic's i have problem > with xdsl > > interfaces tho. > > > > veryfy that you have correct settings in shorewall > > espesially, zones interfaces and tunnels. > > > > mvh > > Ronny Aasen > Ronny: > Thanks for this reassuring info :-) > Are you using the 1.97 or the 1.98b ipsec.lrp package ? > I have got no feedback at all on 1.98b. Anyone around > using it successfully (no news = good news ???) # ipsec --version Linux FreeS/WAN 1.97 i will test 1.98b against 1.97 today or tomorrow probably. mvh Ronny Aasen --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] problem starting ipsec with bering rc3
On 17 Jul 2002 08:44:39 +0200 "Ronny Aasen" <[EMAIL PROTECTED]> wrote: > On Tue, 2002-07-16 at 14:24, Marco Cintolesi wrote: > > When i try to start ipsec (/etc/init.d/ipsec start) i have the error: > > > > Unable to determine address of 'eth0', then ipsec0 interface dont go > > up. > > > > I tried with: > > > > interfaces="%defaultroute" > > and > > interfaces="ipsec0=eth0" > > > > but no luck.. > > i have mawk.lrp succesfully installed with ipsec.lrp and module > > ipsec.o ok(with insmod i can load it without problems) > > same problem with the new packages on the Bering update page. > > > > anyone have ipsec working on bering RC3 > > > > Thanks > > Marco > > yes it works flawlessly here on nic's i have problem with xdsl > interfaces tho. On the xdsl interfaces, do you have the same problem as Marco is having, i.e. _startklips detects eth0 as your %defaultroute instead of ppp0? This is a problem. It should not be happening. Could you send a barf of your failed xdsl attempts? -- Chad Carr [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] problem starting ipsec with bering rc3
On Wed, 2002-07-17 at 15:04, Chad Carr wrote: > On 17 Jul 2002 08:44:39 +0200 > "Ronny Aasen" <[EMAIL PROTECTED]> wrote: > > > On Tue, 2002-07-16 at 14:24, Marco Cintolesi wrote: > > > When i try to start ipsec (/etc/init.d/ipsec start) i have the error: > > > > > > Unable to determine address of 'eth0', then ipsec0 interface dont go > > > up. > > > > > > I tried with: > > > > > > interfaces="%defaultroute" > > > and > > > interfaces="ipsec0=eth0" > > > > > > but no luck.. > > > i have mawk.lrp succesfully installed with ipsec.lrp and module > > > ipsec.o ok(with insmod i can load it without problems) > > > same problem with the new packages on the Bering update page. > > > > > > anyone have ipsec working on bering RC3 > > > > > > Thanks > > > Marco > > > > yes it works flawlessly here on nic's i have problem with xdsl > > interfaces tho. > > On the xdsl interfaces, do you have the same problem as Marco is having, > i.e. _startklips detects eth0 as your %defaultroute instead of ppp0? > > This is a problem. It should not be happening. Could you send a barf of > your failed xdsl attempts? no it detects ppp0 as %defaultroute but it dosn't detect an address on ppp0. the output of "ipsec setup restart" is ipsec_setup: Stopping FreeS/WAN IPsec... ipsec_setup: stop ordered, but IPsec does not appear to be running! ipsec_setup: doing cleanup anyway... ipsec_setup: Starting FreeS/WAN IPsec 1.97... ipsec_setup: Using /lib/modules/ipsec.o ipsec_setup: unable to determine address of `ppp0' I can't provide the barf yet, since the person having this box is on vacation and i don't have a adsl line here. (howcome everyone's on vacation except me ) mvh Ronny Aasen --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering and Masquerading
I am having a similar problem as in the following post: >On Thu, 4 Jul 2002, Luigi Capriotti wrote: >> I'm trying to configure Bering with masqueraded subnets (by means of >> shorewall), but as soon as I put a line in the masq file I receive this: >> >> iptables: invalid arguments >> >> By stepping into the shorewall file I've realised that the offending >> command is the following: >> >> iptables -t nat -A POSTROUTING -s 192.168.1.128/25 -d 0.0.0.0/0 -o eth0 >> -j MASQUERADE >> >> (where 192.168.1.128/25 is my local net on eth1) >> >> and specifically the problematic argument is -j MASQUERADE. >> >> Given the fact that all iptables modules are included in the kernel by >> design, what's the clue, please? >> > >Hmmm -- sure looks like your kernel doesn't have nat support. Does "grep >ip_nat_protocol_register /proc/ksyms" return anything? > >-Tom >-- >Tom Eastep\ Shorewall - iptables made easy >AIM: tmeastep \ http://www.shorewall.net >ICQ: #60745924 \ [EMAIL PROTECTED] My problematic line is: iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE Which gives me the same error message: iptables: Invalid argument I have looked in /proc/ksyms, and ip_nat_protocol_register is not there. I have built my own kernel using a vanila 2.4.18 kernel tree. On the other hand, I am certain that I have not missed any NAT related kernel configuration options. The output of a "grep ip_nat /proc/ksyms" gives me: c022d070 ip_nat_setup_info_Rf24f02af c022c73c ip_nat_helper_register_R6f4a7751 c022c844 ip_nat_helper_unregister_R5498c7d6 c022c17c ip_nat_expect_register_R94552a50 c022c1b4 ip_nat_expect_unregister_R6ff63254 c022c944 ip_nat_cheat_check_R1e4e73a8 c022c220 ip_nat_mangle_tcp_packet_R69b3a8b1 c022c5ec ip_nat_seq_adjust_Rb5b764fc c022c698 ip_nat_delete_sack_Rab840625 At the end of this message is a sample from my kernel config file. Which kernel option is supposed to provide the ip_nat_protocol_register function?? I am obviously missing something, because the kernel that is bundled with the Bering 1.0_rc3 package does not have this problem, and yet I cannot see any significant differences between the config files (assuming that the Bering_1.0-rc1_kernel_2.4.18.bz2 file contains the latest one, since that seems to be the only one available for download). Curiously, on a perhaps unrelated note, my pppd seems to be complaining that PPP is not supported by my kernel either, and yet I have included that as well. This system is essentially an upgrade from a 2.2.19 kernel, which I had no problems with. Thank you Patrick # # Networking options # CONFIG_PACKET=y CONFIG_PACKET_MMAP=y CONFIG_NETLINK_DEV=y CONFIG_NETFILTER=y # CONFIG_NETFILTER_DEBUG is not set CONFIG_FILTER=y CONFIG_UNIX=y CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_FWMARK=y CONFIG_IP_ROUTE_NAT=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_TOS=y # CONFIG_IP_ROUTE_VERBOSE is not set # CONFIG_IP_ROUTE_LARGE_TABLES is not set # CONFIG_IP_PNP is not set CONFIG_NET_IPIP=y CONFIG_NET_IPGRE=y CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y CONFIG_IP_PIMSM_V1=y CONFIG_IP_PIMSM_V2=y # CONFIG_ARPD is not set # CONFIG_INET_ECN is not set CONFIG_SYN_COOKIES=y # # IP: Netfilter Configuration # CONFIG_IP_NF_CONNTRACK=y CONFIG_IP_NF_FTP=y CONFIG_IP_NF_IRC=y # CONFIG_IP_NF_QUEUE is not set CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MATCH_LIMIT=y CONFIG_IP_NF_MATCH_MAC=y CONFIG_IP_NF_MATCH_MARK=y CONFIG_IP_NF_MATCH_MULTIPORT=y CONFIG_IP_NF_MATCH_TOS=y CONFIG_IP_NF_MATCH_AH_ESP=y CONFIG_IP_NF_MATCH_LENGTH=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_MATCH_TCPMSS=y CONFIG_IP_NF_MATCH_STATE=y # CONFIG_IP_NF_MATCH_UNCLEAN is not set # CONFIG_IP_NF_MATCH_OWNER is not set CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_TARGET_REJECT=y # CONFIG_IP_NF_TARGET_MIRROR is not set CONFIG_IP_NF_NAT=y CONFIG_IP_NF_NAT_NEEDED=y CONFIG_IP_NF_TARGET_MASQUERADE=y CONFIG_IP_NF_TARGET_REDIRECT=y # CONFIG_IP_NF_NAT_SNMP_BASIC is not set CONFIG_IP_NF_NAT_IRC=y CONFIG_IP_NF_NAT_FTP=y CONFIG_IP_NF_MANGLE=y CONFIG_IP_NF_TARGET_TOS=y CONFIG_IP_NF_TARGET_MARK=y CONFIG_IP_NF_TARGET_LOG=y # CONFIG_IP_NF_TARGET_ULOG is not set # CONFIG_IP_NF_TARGET_TCPMSS is not set CONFIG_IPV6=m ... --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] CF and HD on same IDE channel
Hi Anyone else tried using Bering with a hard disk (master) and CompactFlash (slave) on the same IDE channel. Let me explain: I have a remote Warehouse using thin clients to connect to a server at the Head Office via a 64kbit leased line. They want a digital camera, but have no means of getting images from the camera to their file directories. I've got a fair amount of experience of using Bering, not only as a firewall, but as a toolkit for building network devices out of junk 486s. So I thought I'd put Bering on to a hard disk with sshd and smb-2b and fit a CompactFlash reader in the 5.25 inch bay. Just plug in the card, switch the PC on, map a drive across and hey-presto! The trouble is the old 486s only have one IDE interface. When I try and boot the machine I get complaints about unknown partition labels, bogus logical sectors and not being able to find valid FAT filesystems. The hard disk boots fine when it's on its own, the CF is definitely the slave, HDA & HDB are identified correctly during the boot sequence by Bering. I've now tried 4 different PCs, 3 hard disks and 2 different makes of CF/IDE adapter. Basically, if the two devices are on the same ide channel they don't work. They work fine as masters on separate ide channels. BTW, I've also managed to achieve the desired result using a Hard Disk and an external USB CF reader. Ideally, I want to use the slimline 486s, they look smart as well as being small. The other PCs, especially, the one with USB is a bit of overkill. I tried Dachstein this afternoon and this works with both devices on the same IDE channel, unfortunately I've messed up the network settings for the moment. Ideally I'd like to stick with Bering as that is where most of my experience is. The question is: is this likely to be a kernel issue? Am I not loading enough modules? - I have the standard IDE stuff in /boot/lib/modules plus vfat. Anyone got any similar experiences? had success? I suspect I'm on my own here. Best Darren --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering and Masquerading
On Wed, 17 Jul 2002, Patrick Tessier wrote: > I am having a similar problem as in the following post: > > > My problematic line is: > iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE > > Which gives me the same error message: > iptables: Invalid argument > > I have looked in /proc/ksyms, and ip_nat_protocol_register is not there. I > have built my own kernel using a vanila 2.4.18 kernel tree. On the other > hand, I am certain that I have not missed any NAT related kernel > configuration options. > > The output of a "grep ip_nat /proc/ksyms" gives me: > c022d070 ip_nat_setup_info_Rf24f02af > c022c73c ip_nat_helper_register_R6f4a7751 > c022c844 ip_nat_helper_unregister_R5498c7d6 > c022c17c ip_nat_expect_register_R94552a50 > c022c1b4 ip_nat_expect_unregister_R6ff63254 > c022c944 ip_nat_cheat_check_R1e4e73a8 > c022c220 ip_nat_mangle_tcp_packet_R69b3a8b1 > c022c5ec ip_nat_seq_adjust_Rb5b764fc > c022c698 ip_nat_delete_sack_Rab840625 > You are using module symbol versioning which is causing the extra information on the end of each function's name. > At the end of this message is a sample from my kernel config file. Which > kernel option is supposed to provide the ip_nat_protocol_register function?? > I am obviously missing something, because the kernel that is bundled with the > Bering 1.0_rc3 package does not have this problem, and yet I cannot see any > significant differences between the config files (assuming that the > Bering_1.0-rc1_kernel_2.4.18.bz2 file contains the latest one, since that > seems to be the only one available for download). Your config looks ok. > > Curiously, on a perhaps unrelated note, my pppd seems to be complaining that > PPP is not supported by my kernel either, and yet I have included that as > well. This system is essentially an upgrade from a 2.2.19 kernel, which I had > no problems with. > Do you have a version of pppd that's compatible with a 2.4 kernel? Have you installed all of the user-space libraries for iptables? -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering and Masquerading
Le Mercredi 17 Juillet 2002 17:42, Patrick Tessier a écrit : > At the end of this message is a sample from my kernel config file. Which > kernel option is supposed to provide the ip_nat_protocol_register > function?? I am obviously missing something, because the kernel that is > bundled with the Bering 1.0_rc3 package does not have this problem, and yet > I cannot see any significant differences between the config files (assuming > that the Bering_1.0-rc1_kernel_2.4.18.bz2 file contains the latest one, > since that seems to be the only one available for download). rc3 config file is available as usual: http://leaf.sourceforge.net/devel/jnilo/bering/latest/Bering_1.0-rc3.config The kernel patches are here: http://leaf.sourceforge.net/devel/jnilo/bering/latest/patches/kernel/ > Curiously, on a perhaps unrelated note, my pppd seems to be complaining > that PPP is not supported by my kernel either, and yet I have included that > as well. This system is essentially an upgrade from a 2.2.19 kernel, which > I had no problems with. You have to use a version of ppp working with 2.4.x kernels. The one provided on Bering floppy should be tested first. Several flavours are also available with Bering. See: http://leaf.sourceforge.net/devel/jnilo/bipackages.html#AEN755 Jacques --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] CF and HD on same IDE channel
> I tried Dachstein this afternoon and this works with both devices on the same > IDE channel, unfortunately I've messed up the network settings for the > moment. Ideally I'd like to stick with Bering as that is where most of my > experience is. The question is: is this likely to be a kernel issue? Probably a kernel level driver issue. Which modules and/or kernel are you using with Dachstein that works? IIRC (I'd have to look at the .config files to be sure), if you are installing IDE modules at run-time with Dachstein, they are *NOT* doing any advanced chipset or DMA support, while if you use the kernel with IDE compiled in, lots more fancy IDE stuff is enabled. This could be at least one major source of difference, besides the 2.2 vs 2.4 kernel. > Am I not loading enough modules? - I have the standard IDE stuff in /boot/lib/modules > plus vfat. I'm not real familiar with the 2.4 kernels...you might check the Documentation directory of a 2.4. source tree and see if you can gleen any info about the various IDE drivers. I'd think you *SHOULD* be able to get your 486 system to work with 2.4 if it works with the Dachstein 2.2 kernel...the 486 era systems had the simplest IDE interfaces (no DMA, no high-speed transfer modes, just a couple of chip-select-decodes of the disk controller address space and some bus transcievers). If not, it definately sounds like a bug... > Anyone got any similar experiences? had success? I suspect I'm on > my own here. No experience or success here, but I'll still try to help :-P Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Default Route
Still moving forward. Using Bering-RC3. Setting up a firewall to serve a masq'd windows subnet and several (DMZ) INET servers. Changed primary interface from DHCP to static IP (yeah!!) But to make it work I have to type: ip route add default via xxx.xxx.xxx.xxx (my gateway) How / where should I add this command to my startup? What should I backup when done? :) Thanks Harold Miller -- This message has been scanned for viruses and dangerous content by NW.NET's MailScanner, and is believed to be clean. --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Proxy-Arp
OK, I have 2 servers I want to connect to the net, through my Bering RC3 firewall. I have been told that static IP's are assigned. Let's call em 99.99.99.2 for the firewall and .3 and .4 for the servers. The remote gateway is .1. I have added the servers to the proxy-arp file in Shorewall. Their eth port on the firewall is 198.162.10.254 (eth2) How do I set the routing on the servers? Do I set the gateway to 198.162.10.254, or to 99.99.99.1 ? I can't ping the servers from the firewall. I can ping the server from the server. Anything special on firewall rules for proxy-arp interfaces? They are in my DMZ. I want to offer them some protection, as their functions will be limited to DNS/HTTP and DNS/SMTP Thanks, harold miller -- This message has been scanned for viruses and dangerous content by NW.NET's MailScanner, and is believed to be clean. --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] CF and HD on same IDE channel
Charles Any assistance is appreciated, but don't bust a gut - if the worst comes to the worst I'll use a Dell Dimension for the PC or figure out how to use Dachstein properly. I used the 2.2.19-3-LEAF-normal-IDE.zImage.upx from your site as the image to get IDE going on the box. This has all the IDE stuff compiled in right? No need for modules. On Bering I load ide-mod,ide-disk and ide-probe-mod from /boot/lib/modules using the initrd package as per the Bering Docs. I believe the config file for Jacques' Bering kernel is available on the LEAF site somewhere. Given I've tried it on a range of kit from 486 up to PIII 450MHz, the problem doesn't seem to be hardware related. I haven't tried putting two hard disks on the same channel yet. I think what I also need to do is to work out what is the least amount of info I need to put in Dachstein networks.conf to get a single interface running on eth0 with no firewall, routing, etc. I commented so much out this afternoon in a hurry that I've messed it up. I'm going to replace it with the original at work tomorrow and start reading the docs. I'll also start looking at a development environment for Bering. I feel a kernel compile around the corner. Many thanks Darren On Wednesday 17 Jul 2002 9:04 pm, you wrote: > > I tried Dachstein this afternoon and this works with both devices on > > the same > > > IDE channel, unfortunately I've messed up the network settings for the > > moment. Ideally I'd like to stick with Bering as that is where most of > > my > > > experience is. The question is: is this likely to be a kernel issue? > > Probably a kernel level driver issue. Which modules and/or kernel are > you using with Dachstein that works? IIRC (I'd have to look at the > .config files to be sure), if you are installing IDE modules at run-time > with Dachstein, they are *NOT* doing any advanced chipset or DMA > support, while if you use the kernel with IDE compiled in, lots more > fancy IDE stuff is enabled. This could be at least one major source of > difference, besides the 2.2 vs 2.4 kernel. > > > Am I not loading enough modules? - I have the standard IDE stuff in > > /boot/lib/modules > > > plus vfat. > > I'm not real familiar with the 2.4 kernels...you might check the > Documentation directory of a 2.4. source tree and > see if you can gleen any info about the various IDE drivers. I'd think > you *SHOULD* be able to get your 486 system to work with 2.4 if it works > with the Dachstein 2.2 kernel...the 486 era systems had the simplest IDE > interfaces (no DMA, no high-speed transfer modes, just a couple of > chip-select-decodes of the disk controller address space and some bus > transcievers). If not, it definately sounds like a bug... > > > Anyone got any similar experiences? had success? I suspect I'm on > > my own here. > > No experience or success here, but I'll still try to help :-P > > Charles Steinkuehler > http://lrp.steinkuehler.net > http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] IP Route
where can I get iproute.lrp for bering router? GD --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] IP Route
On Wed, 17 Jul 2002, Godfried Duodu wrote: > where can I get iproute.lrp for bering router? I don't know what "iproute.lrp" is... never heard of it. However, if you are wondering about iproute2, the advanced kernel routing configuration program known as "ip", it is built into Bering (root.lrp). The only other "iproute" I have heard of is a DOS-based router package... obviously a completely different idea than Bering. --- Jeff NewmillerThe . . Go Live... DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Proxy-Arp
On Wed, 17 Jul 2002, Webmaster - Mars Society wrote: > OK, I have 2 servers I want to connect to the net, through my Bering RC3 > firewall. I have been told that static IP's are assigned. > Let's call em 99.99.99.2 for the firewall and .3 and .4 for the servers. The > remote gateway is .1. I have added the servers to the proxy-arp file in > Shorewall. Their eth port on the firewall is 198.162.10.254 (eth2) > > How do I set the routing on the servers? Do I set the gateway to > 198.162.10.254, or to 99.99.99.1 ? I can't ping the servers from the > firewall. I can ping the server from the server. > The following from the Shorewall Proxy ARP pages should give you all the clue you need: "The lower systems (130.252.100.18 and 130.252.100.19) should have their subnet mask and default gateway configured exactly the same way that the Firewall system's eth0 is configured." > Anything special on firewall rules for proxy-arp interfaces? They are in my > DMZ. I want to offer them some protection, as their functions will be > limited to DNS/HTTP and DNS/SMTP > You might want to look at my DMZ ruleset: http://www.shorewall.net/myfiles.htm. -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: UML-LEAF filesystem
Le Mardi 16 Juillet 2002 20:33, vous avez écrit : Hi Vic My UML doc is really outdated. I'll try to uptade it over the WE. Basically you have to create your Bering LEAF fs yourself. The procedure is as follow: 1/ creates a 2M minix file on the same dir as your linux-uml kernel dd if=/dev/zero of=bering_fs bs=512k count=4 mkfs.minix bering_fs 2/ Mount a Bering image and bering_fs mount -o loop -t msdos Bering_1.0-rc3... /mnt1 mount -o loop bering_fs /mnt2 3/ Copy the *.lrp files to bering_fs cp /mnt1/*.lrp /mnt2 You need to have initrd.lrp in the same level dir as the uml-kernel & bering_fs cp /mnt1/initrd.lrp . 4/ Umount mnt1 and mnt2 5/ Creates the startuml script : [leaf@linux uml]$ cat startuml #!/bin/sh ./linuxuml-2.4.18-21 ubd0=bering_fs initrd=initrd.lrp root=/dev/ram0 \ init=/linuxrc boot=/dev/ubd0:minix PKGPATH=/dev/ubd0 devfs=nomount \ LRP=root,etc,local,log,modules,shorwall [leaf@linux uml]$ Et voila ! ./startuml should fire up your virtual router Good luck Jacques > G'Day Jacques, > > Firstly, congratulations and thanks on the Bering-LEAF build! It's just > what I need for my setup at home, and I'll get straight into working on it > when I get back home to Australia (I'm working in the US for a few weeks). > > For another project, I would like to experiment with LEAF under UML, and > have downloaded one of the UML kernels from SourceForge. However, I > can't find the LEAF-UML filesystem (leaf_fs) you refer to in your HOWTO! > > I have downloaded the Debian/slink filesystem, but it does not seem very > applicable to what I am trying to do... Can you help me locate the > leaf_fs filesystem? Is there a process I can use to build one from a > Bering floppy disk image? > > Thanks and regards, > Vic Cross --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] DHCP Stuff
Hi. Me again! By way of a reminder, I am the bloke who has a perfectly functional Eigerstein box who wants to upgrade to Dachstein or Bering but found that Dachstein would recognise the NICs and run the tulip driver as required, find a good 10baseT link beat, but then DHClient couldn't pick up IP info and DHCP isn't serving IP info internally. I have been playing around with this router of mine with the following results: 1. I couldn't find any DHClient and DHCPD logs. Is that significant? When the box boots progress info DOES appear on the screen. 2. I tried the Dachstein distro that has been set up for Bigpond cable but that was the same. 3. I tried Bering rc3 and that was the same as well. Could it be that the firewall is blocking the DHCP data from the ISP? They're broadcasting on 10.96.4.1. That would assume that the Dachstein filters were different to the Eigerstein filters and that Shorewall was blocking the same packets as Dachstein. Any ideas?? Thanks for your help. David Pitts IT Services Manager Reid Library University of Western Australia Ph: 61 (08) 9380 3492Fax: 61 (08) 9380 1012 Email: [EMAIL PROTECTED] -Original Message- From: guitarlynn [mailto:[EMAIL PROTECTED]] Sent: Monday, 15 July 2002 10:51 AM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] DHCP Stuff On Sunday 14 July 2002 21:45, David Pitts wrote: > It is Bigpond I connect to and I do get denied packets and martians > when I connect with Eigerstein. I'm not sure I am using the Dachstein > supplied with BPALogin. Can you give a link? I will get it and try > it. It is linked with a text file for setup from this page: http://leaf.sourceforge.net/devel/cstein/contrib_disk_images.htm > Thanks again for your help with this. NP -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] DHCP Stuff
On Thu, 18 Jul 2002, David Pitts wrote: > Could it be that the firewall is blocking the DHCP data from the ISP? > They're broadcasting on 10.96.4.1. That would assume that the Dachstein > filters were different to the Eigerstein filters and that Shorewall was > blocking the same packets as Dachstein. > > Any ideas?? > The default Bering Shorewall config has the external interface (eth0) configured with 'norfc1918' and RFC 1918 addresses are checked before UDP ports 67 and 68 (DHCP). So it may help to remove the 'norfc1918' from the eth0 entry in /etc/shorewall/interfaces. -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] (still more) bering pcmcia wireless bridge
In the interest of trying to get this working, I'm looking at bring this up manually. As I do this I realize I really don't have a good feel for the ip command. Can anyone point me to good reference? -- Mark --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] (still more) bering pcmcia wireless bridge
On Wed, 2002-07-17 at 21:01, Mark A Nordstrand wrote: > In the interest of trying to get this working, I'm > looking at bring this up manually. As I do this I > realize I really don't have a good feel for the ip > command. Can anyone point me to good reference? Mark, Have you looked at our Web Links? Main / Linux Documentation http://leaf-project.org/links.php?op=viewlink&cid=4 Also, Lynn wrote a FAQ that may help. http://sourceforge.net/docman/display_doc.php?docid=9267&group_id=13751 -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] (still more) bering pcmcia wireless bridge
On Wed, 17 Jul 2002 23:01:32 CDT Mark Nordstrand wrote: > In the interest of trying to get this working, I'm > looking at bring this up manually. As I do this I > realize I really don't have a good feel for the ip > command. Can anyone point me to good reference? A google search for site:leaf.sourceforge.net "ip command" reference yields http://leaf.sourceforge.net/devel/msensney/ with a PDF titled "IP Command Reference" that should do the trick if you don't mind a PDF. Direct URL is http://leaf.sourceforge.net/devel/msensney/ip-cref.pdf --Brad --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: IP Route
Le Jeudi 18 Juillet 2002 00:52, Godfried Duodu a écrit : > where can I get iproute.lrp for bering router? > GD There is no iproute.lrp package: the ip program is provided with root.lrp and tc is provided with tc.lrp Jcaques --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] (still more) bering pcmcia wireless bridge
Le Jeudi 18 Juillet 2002 06:01, Mark A Nordstrand a écrit : > In the interest of trying to get this working, I'm > looking at bring this up manually. As I do this I > realize I really don't have a good feel for the ip > command. Can anyone point me to good reference? http://snafu.freedom.org/linux2.2/iproute-notes.html Jacques --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering pcmcia package
Hi there, On the Bering installation guide page: http://leaf.sourceforge.net/devel/jnilo/bipackages.html In the pcmcia section, the following link is broken: http://leaf.sourceforge.net/devel/jnilo/bering/latest/packages/pcmcia_full.lrp Anyone know where this file exists? If so, does it contain the 3c589_cs.o and pcnet_cs.o modules? I'd like to see if I can get my old 486 laptop going with a couple of old pcmcia nics that use those modules. Thanks for any help! __ Do You Yahoo!? Yahoo! Autos - Get free new car price quotes http://autos.yahoo.com --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
