[leaf-user] PoPToP server Configuration on Bering
Hello All, I have read the shorewall documentation (Thanks Tom), installed all the modules, packages etc to get poptop working except I need to know about the OS's etc/network/interfaces file. Presumably every client ( I really only expect 1) needs its own interface definition e.g. ppp[0-x]. Especially if shorewall is to distinguish between clients (which may be unecessary). None of the PPTP docs I read, said anything about modifying this file. Certainly at least one entry is needed but how I formulate it seems mysterious to me. Any help in this regard would be most appreciated. Rogan Lynch PC Consultant ICQ: 3929901 --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] FORW: CERT Advisory CA-2002-23 Multiple Vulnerabilities In OpenSSL
Mike Noyes <[EMAIL PROTECTED]> writes: > > > > Argh. I tried to forward the below CERT advisory to the list yesterday but > > > > it was rejected because I used a MIME-based forward. The list rejects such > > > > posts without bouncing them back to you, which is quite broken behavior, > > > > thus I need to re-compose this intoductory text. > > > > > > You can submit a bug report against Mailman here: > > > > > Thanks, Mike. I appreciate the links. > > > > Not ever having administered a Mailman list, I wasn't sure whether the lack > > of a bounce was a configuration problem or a bug, but I'll trust your > > implication that it's the latter. > > > > I've now submitted a bug report -- thanks again for pointing me to the right > > place. > > Dan, > I have no way of knowing if it's a bug or not. I doubt it's a > configuration problem by the SourceForge staff list admins or myself > (list manager). The behavior you describe above may be normal for > Mailman 2.0.9-sf.net. > > You may find this Mailman FAQ I wrote useful. > http://www.python.org/cgi-bin/faqw-mm.py?req=all#3.10 > > Also note: Mailman 2.1 is in beta right now, and may incorporate > enhanced rejection messages. As you guessed, Mike, this is fixed (only) in Mailman 2.1. Here's the response to my bug report: >Comment By: Barry A. Warsaw (bwarsaw) Date: 2002-08-07 14:58 Message: Logged In: YES user_id=12800 This won't be changed for MM2.0.x but it already works this way in Mailman 2.1. The original message is contained in the rejection notice as an attachment. No doubt the SourceForge staff will move to 2.1 once it's stable. -- Dan Harkless [EMAIL PROTECTED] http://harkless.org/dan/ --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Dead boot disk
"Kevin" <[EMAIL PROTECTED]> writes: > WinImage on a dos/win box supports reading and writting to 1680 formats on > floppy > > Start WinImage, Disk>Format Disk> Select Non Standard Format 1.68 MB to > format the floppy > > when finished insert into the linux box, lrcfg, backup > > after you have saved your files, use WinImage to READ the disk and SAVE a > backup on your pc. > > I do this after making config changes on the router and always have a > back-up if something goes haywire Rather than reading and writing the entire floppy after each change, it takes less time to simply keep a duplicate floppy (or pair of floppies, for dual-floppy configs), and make each lrcfg package backup to both the main and backup floppies, one after another. -- Dan Harkless [EMAIL PROTECTED] http://harkless.org/dan/ --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Flash disk problem
On Monday 12 August 2002 05:59, Luis.F.Correia wrote: > You must boot from MSDOS6.x. Nope, but you must drop the lock if using a Win9x boot disk, however using msdos6.x is easier... check Charles harddrive howto. > Then use syslinux with '-s' flag. > > I even had to use syslinux 2.00-pre6 because my CF refused to boot > with other older versions of syslinux. I've done about 20 CF disks with syslinux 1.66 (as have other people I know). Some later releases may not work as I haven't used a later version. > One other thing, try to use the device as primary master. It works a > LOT better. Yep, setting up a non-*nix based OS to boot from a non-primary partition is asking for frustration! The 25Meg partition limit with the DOS fs is a commonly forgotten limitation when using larger disks. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering cd without shorewall
Hi Abjin: I agree with Cass. I did learn ipchains and iptables the hard way. It gave me a good understanding of how ip filtering takes place. However, at the end of the day, I would have written a fw script generator if I needed to maintain or implement the same stuff regularly. While I feel a it is better to know what is happenning below the surface in order to debug in case something goes wrong, using tools that make the job easier is a good route especially for opensource. More users will mean more requests and hence better maturity of the tool. Furthermore, this will allow you to leverage on the learnings that others have garnered. If this sounded like preaching, forgive me - I feel great being part of the opensource community as a user - I'm not a developer. Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Cass Tolken Sent: 13 August, 2002 6:28 AM To: Abjin M H; Leaf Subject: Re: [leaf-user] Bering cd without shorewall Hi Abjin, --- Abjin M H <[EMAIL PROTECTED]> wrote: > Hi, > > Is it possible to run Bering cd and iptables without shorewall. If > possible in which file should I write iptables/nat scripts. I suppose you can take out "shorwall" (note no "e") from the LRP=... in the syslinux.cfg file and then create your own package with your own scripts. But I'd have to ask why? Shorewall is one of the best features of Bering. It really does make iptables easy, easy enough for this newbie to understand ;). -- Cass __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Lost root password :(
> -Original Message- > From: Jeff Newmiller [mailto:[EMAIL PROTECTED]] > Sent: Sunday, August 11, 2002 17:23 > To: Peter Nosko > Charles Steinkuehler contends that windows sometimes screws up fat disks > when it writes to them. Also, disks do die, though I am not sure how old > the floppy in question is. I have actually given up on floppies because > of dust problems... I use flashdisks or hard drives. > > Not really. Depends on the history of use and abuse of the disk in > question as to where it happend, but it sounds like it is hosed at this > point. Get off it what you can by mounting as 1680 in Linux, and start a > fresh disk. pn] Sure enough, the diskette has problems. I created a new one via Charles' .exe and it dd'ed just fine using 1680. All the files from the original disk copied fine on a Windows box, so maybe I didn't lose anything (other than the root password). THANKS! I'll try your procedure tomorrow (later today). Gotta get some shut-eye! --- Peter Nosko --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering cd without shorewall
On Mon, 12 Aug 2002, Abjin M H wrote: > Hi, > > Is it possible to run Bering cd and iptables without shorewall. Yes, but you are on your own. Shorewall provides the iptables/nat support in Bering. > If possible in which file should I write iptables/nat > scripts. You will need to build your own package that includes an appropriate startup script to replace the Shorewall functionality, something like the /etc/init.d/shorewall script. --- Jeff NewmillerThe . . Go Live... DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering cd without shorewall
On Mon, Aug 12, 2002 at 06:55:05PM -0600, Abjin M H wrote: >Hi, > >Is it possible to run Bering cd and iptables without shorewall. If possible in which >file should I write iptables/nat >scripts. > if you put your firewall script in in /etc/init.d/ and add a line like this RCDLINKS='0,K31 1,K31 2,S29 3,S29 4,S29 5,S29 6,K20' the rc*.d symlinks will be generated automatically same with your network script, here's how I control the interfaces... down () { d=`ip -o link show | cut -d: -f2` for i in $d ; do ip addr flush $i ip link set $i down done } up () { ip link set lo up ip link set eth0 up ip link set eth1 up ip link set eth2 up ip link set eth3 up ip addr add 127.0.0.1/8 label lodev lo ip addr add 11.22.33.44/27 label eth0 dev eth0 # ISP ip addr add 192.168.0.1/24 label eth1 dev eth1 # LAN ip addr add 10.0.0.1/8 label eth2 dev eth2 # DMZ ip addr add 10.0.0.2/8 label eth2:1dev eth2 # an alias ip route add 0/0via 11.22.33.1 table main } case "$1" in start) down up ;; stop) down ;; restart) down up ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 esac // George -- GEORGE GEORGALIS, System Admin/Architectcell: 347-451-8229 Security Services, Web, Mail,mailto:[EMAIL PROTECTED] File, Print, DB and DNS Servers. http://www.galis.org/george --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering cd without shorewall
On Mon, 12 Aug 2002, Cass Tolken wrote: > I suppose you can take out "shorwall" (note no "e") from the LRP=... in > the syslinux.cfg file and then create your own package with your own > scripts. But I'd have to ask why? I wanted to ask the same question but then I'm a bit biased :-) -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering cd without shorewall
Hi Abjin, --- Abjin M H <[EMAIL PROTECTED]> wrote: > Hi, > > Is it possible to run Bering cd and iptables without shorewall. If possible > in which file should I write iptables/nat > scripts. I suppose you can take out "shorwall" (note no "e") from the LRP=... in the syslinux.cfg file and then create your own package with your own scripts. But I'd have to ask why? Shorewall is one of the best features of Bering. It really does make iptables easy, easy enough for this newbie to understand ;). -- Cass __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering cd without shorewall
Hi, Is it possible to run Bering cd and iptables without shorewall. If possible in which file should I write iptables/nat scripts. Thanks for any help. Abjin --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering 1.0rc3 - RoadRunnerCable, connection suddenlyfails
I used the natsemi.o from Bering. They posted a new driver (thanks, Jacques!) and everything's been fine since. http://leaf.sourceforge.net/devel/jnilo/bering/latest/contrib/drivers/scyld/ If that is your problem, you could recompile it yourself. The instructions for setting up a development environment on your client box were posted shortly after the fix. Harry lbilyeu wrote: > Note: Harry Kitt's message & his problem > "driver appeared to work, but would randomly drop the connection. > Probably not recompiled for the Bering's kernel/compiler." > ---was because he used drivers from his Dachstein disk. > > I've tried editing shorewall to use each of them as the external > interface to make sure it wasn't a card specific problem. > Firewall's internal eth always works, I can always ping the numerical > address of the firewall from internal machines. And I can always reach > weblet. > ---They all passed the diagnostics from RealTek rtl8019.exe when > booted from a DOS floppy. > ---They are all set to jumpered mode (not PNP) and physically set the > jumpers. > > quoting guitarLynn "What exact model/make card are you using a > lot of "compatible" > cards aren't even compatible at all. " > --Each of them has the Novell YES logo silk-screened onto the NIC's > board. > > "you will also need > to load the "mii" module as well." > ---These are ISA rtl8019 cards. I've never heard of needing mii.o > ---Is it something new? > > As to what make & Model, > --- one of them is a Farallon 8019, > the other two weren't proud enough to put their names on the board. > I assume they were relying on the NovellYES logo. > > I'll pull the machine apart & get more identifiers from the cards > later tonight. > > > > --- > This sf.net email is sponsored by:ThinkGeek > Welcome to geek heaven. > http://thinkgeek.com/sf > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Annoying duplex errors
> Ok, I'm game. I can look at my nic card lights to know if I'm at 10 or 100, but > how do I figure out if I'm half duplex or full duplex? I'm running Bering rc-2 > with 3c59x.o. It depends...check the logs for driver messages, and look for a low-level diagnostic utility for your NIC driver. If you using Dan Becker's NIC drivers, you can find several utility programs here: http://www.scyld.com/diag/ You probably want mii-diag and vortex-diag... NOTE: This will tell you if you're half or full duplex ON YOUR END, but not necessarily what you're attached to (the only info you'll get about the far end is from auto-negotiation messages, if the far end supports it, and even that could be mis-leading or wrong, since a lot of early hardware didn't do auto-negotiation properly). If your ISP's hardware does not properly support auto-negotiation (highly likely, given your description of the troubles you're having), you will have to find out from them what you're hooked to, or make an educated guess by forcing half and full duplex on your end, and seeing what sorts of errors crop up. > And a related question: how do I measure dropped packets, etc.? I don't have a > netstat on this system. :-( I think the 2.4 kernels still have /proc/net/dev... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Windows XP attacking my firewall?
i suppose it would've been a little more helpful for me to detail that, sorry :( 192.0.1.7 is the firewall's IP, 192.0.1.11 is the XP machine. FYI, I have two other winxp machines that are NOT showing up in the logs. eth0 is my internal network, eth1 is the external. thanks guys- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Scott C. Best Sent: Monday, August 12, 2002 11:42 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] Windows XP attacking my firewall? Matt: That's an interesting firewall log. Two quick questions spring to mind: 1. The source-IP is 192.0.1.11, the dest is 192.0.1.7, but this is coming in on the eth0 interface of your firewall. So... how does your LEAF firewall connected to your WinXP box? I'm presuming that 192.0.1.11is the WinXP box, but I can't tell what LEAF's eth0 IP address is. 2. UDP port 1900 is Universal Plug&Pray (UPnP) not ssdp. The original releases of WinXP had a vulnerability with this service. But since the traffic is all local (192.0.1.x for both source and dest) I doubt it's an attack; it's probably just normal UPnP activity. Still, it'd help to know: which is your WinXP machine? -Scott > in /var/log/syslog i get the following error repeated three times every 25 > seconds: > > Aug 9 15:45:23 firewall kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= > MAC=00:04:76:e2:6c:6c:00:40:95:30:aa:71:08:00 SRC=192.0.1.11 DST=192.0.1.7 > LEN=160 TOS=0x00 PREC=0x00 TTL=128 ID=10522 PROTO=UDP SPT=1037 DPT=1900 > LEN=140 > > a quick look on the TCP/IP common port listings suggests that this is due to > ssdp. would that make sense? should i be authorizing a port on the firewall > to allow XP to do this? --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Kernel compile in Bering
On Mon, 12 Aug 2002, brooksp5 wrote: > Hi all, > Just a quick question about compiling a kernel for Bering. > Is it possible to compile a kernel with built in support for interface > cards -thus removing the requirement of defining the drivers as modules. In most cases, yes, but... > I will be running it off a 32MB CF card so I am not worried about the > kernel size. ... I don't understand why you have to eliminate modules if diskspace is not an issue. Arguments to modify the behavior of drivers compiled into the kernel must be passed through the boot loader. I have found methods for loading modules to be much more consistent and maintainable than the methods available to compiled-in drivers. But, I have not used FDDI, so specific driver characteristics could override this general observation. > Specifically I want to enable FDDI support, I have enabled it on my Mandrake > system, but now want to make a Bering router to connect to a FDDI network. > I have found some references to Token Ring in some of the early Linux Router > information but nothing about FDDI. > Any help or comments will be very appreciated. --- Jeff NewmillerThe . . Go Live... DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Annoying duplex errors
> Look at the docs: > > "0x82 > Out of window collision. This typically occurs when *some other* > (emphasis added) Ethernet host is incorrectly set to full duplex > on a half duplex network. " > > "Both of these errors are the result of network errors that should > be corrected. They do not represent driver malfunction." > > So, I suspect that the problem is on the other end of the wire. [Therefore] > changing my end will accomplish nothing except breaking what I already have > in place. I suppose I could open a dialogue to my brain-dead ISP (but, I repeat > myself) and get nowhere, but why? > > I'd jusd like to get rid of the messages. I suppose I could try my hand at re- > writing the driver, but ... > > | When transmit errors occour on LAN, it means that there ARE hardware > | problems. > > But not on my machine, I suspect. > > | I can understand that since everything works quite well on your > | internal net and all connections to the internet, your wish is to > | have those messages removed. > > | But removing the messages 'per se' does not solve your problem. > > Why not? The messages are precisely the problem. Removing the messages would > solve the problem nicely. > > "if it ain't broke, don't fix it." > > | Please explain us more about your setup. > > Sure: internal LAN talks to one NIC on the router; the other NIC talks to the > ISP which routes for the internet. Don't be so quick to state that there's nothing broken. Just because traffic is flowing doesn't mean it flowing optimally. If you have an ethernet link with two ends mis-matched for duplex, everything will appear to work fine (you'll just get the annoying errors in your logs, along with TX and/or RX errors, and high numbers for collisions) until you start pushing the bandwidth limit of the link, at which point things can rapidly degenerate to where you're available bandwidth is getting eaten-up by re-transmissions (kind of an ethernet duplex equivalent of a broadcast storm). I had a similar problem when hooking up to a Cogent 100MBit ethernet drop. The switches used by Cogent didn't auto-negotiate properly, so my firewall NIC was stuck in half duplex, while the Cogent end was running full duplex. To fix the problem (and it *IS* a problem), I had to download/compile one of the utilities from the sycld site (I run Dan Becker's Tulip drivers on most of my Dachstein boxes), and use it to force the link to 100 MBit full duplex. Once I did this, everything was peachy...no more TX/RX errors or collisions, and no more weird log messages. You may be having a similar problem, in which case I urge you to actually fix it, rather than simply ignore or disable the error messages.Find out what you're hooked to on the ISP end...at least to the level of 10/100 MBit, full/half duplex. Compare this to the link status on your end, and force your end to match, if required. Auto-negotiation is wonderful when everything works, but if you're hooked to something that doesn't support auto-negotiation (like a lot of the fixed speed/duplex switches used by ISP's, where shaving every buck off equipment cost matters), it's frequently necessary to bypass auto-negotiation and "peg" a specific set of operating parameters, so don't just ignore those error warnings. Your network will thank you every time it's carrying a heavy traffic load. :-) Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Windows XP attacking my firewall?
Matt: That's an interesting firewall log. Two quick questions spring to mind: 1. The source-IP is 192.0.1.11, the dest is 192.0.1.7, but this is coming in on the eth0 interface of your firewall. So... how does your LEAF firewall connected to your WinXP box? I'm presuming that 192.0.1.11is the WinXP box, but I can't tell what LEAF's eth0 IP address is. 2. UDP port 1900 is Universal Plug&Pray (UPnP) not ssdp. The original releases of WinXP had a vulnerability with this service. But since the traffic is all local (192.0.1.x for both source and dest) I doubt it's an attack; it's probably just normal UPnP activity. Still, it'd help to know: which is your WinXP machine? -Scott > in /var/log/syslog i get the following error repeated three times every 25 > seconds: > > Aug 9 15:45:23 firewall kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= > MAC=00:04:76:e2:6c:6c:00:40:95:30:aa:71:08:00 SRC=192.0.1.11 DST=192.0.1.7 > LEN=160 TOS=0x00 PREC=0x00 TTL=128 ID=10522 PROTO=UDP SPT=1037 DPT=1900 > LEN=140 > > a quick look on the TCP/IP common port listings suggests that this is due to > ssdp. would that make sense? should i be authorizing a port on the firewall > to allow XP to do this? --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Annoying duplex errors
Luis.F.Correia wrote (on Mon, Aug 12, 2002 at 05:19:08PM +0100): | My friend, if you are receiving odd kernel errors, it is either a | faulty NIC or a puzzled driver. Or an unhappy router on the other end. Or other faulty hosts on the (outside) subnet - both things I cannot control. | I know that 'cause I once had the same problem. | | You know, most of us use rather old NIC's gathered from old PC's. | At least I do. If you got that card from one of these old doorstop | computers, who can assure you that it has no problems? I bought two brand new 3com's for this project. | Or it could be a faulty cable, or a problem on your HUB/Switch port. I have one cable, leading to the ISP. Swapping the cable helps not. Look at the docs: "0x82 Out of window collision. This typically occurs when *some other* (emphasis added) Ethernet host is incorrectly set to full duplex on a half duplex network. " "Both of these errors are the result of network errors that should be corrected. They do not represent driver malfunction." So, I suspect that the problem is on the other end of the wire. [Therefore] changing my end will accomplish nothing except breaking what I already have in place. I suppose I could open a dialogue to my brain-dead ISP (but, I repeat myself) and get nowhere, but why? I'd jusd like to get rid of the messages. I suppose I could try my hand at re- writing the driver, but ... | When transmit errors occour on LAN, it means that there ARE hardware | problems. But not on my machine, I suspect. | I can understand that since everything works quite well on your | internal net and all connections to the internet, your wish is to | have those messages removed. | But removing the messages 'per se' does not solve your problem. Why not? The messages are precisely the problem. Removing the messages would solve the problem nicely. "if it ain't broke, don't fix it." | Please explain us more about your setup. Sure: internal LAN talks to one NIC on the router; the other NIC talks to the ISP which routes for the internet. | Luis.F.Correia wrote (on Mon, Aug 12, 2002 at 04:31:12PM +0100): | | Well... you could also try using another NIC driver for your board. | | | | I guess that the 'vortex' series loosely identifies a 3Com card. | | | | There are a large number of cards that work with that driver. I also | | recall that Donald Becker wrote drivers for those cards. | | | | Try other drivers and if all still goes wrong, you could also try | | another NIC... | | But it's not the NIC or the drivers; they all work splendidly. | | I just want to suppress those error messages ... | | | [Bering rc2] | | | | ... getting lots of errors in both syslog and kern.log: | | | | Aug 12 11:21:21 yoreach kernel: eth0: Transmit error, Tx status | | register 82. Aug 12 11:21:21 yoreach kernel: Probably a duplex mismatch. | See | | Documentation/networking/vortex.txt | | Aug 12 11:21:21 yoreach kernel: Flags; bus-master 1, dirty 3351435(11) | | current 3351435(11) | | Aug 12 11:21:21 yoreach kernel: Transmit list vs. c3bf14c0. | | Aug 12 11:21:21 yoreach kernel: 0: @c3bf1200 length 8036 status | | 00010036 | | Aug 12 11:21:21 yoreach kernel: 1: @c3bf1240 length 8036 status | | 00010036 | | | | etc., etc. filling up the logs. | | | | I've read the vortex page, and I think that those packets are | | spurious; since the firewall works quite well, thank you, changing the | | duplex mode of my network card seems not to be in order. | | | | But the messages are quite a bother, and they exhaust the log | | filesystem. | | | | Is there anyway to supress these error messages, short of turning off | | logging altogether? -- _ Nachman Yaakov Ziskind, EA, LLM [EMAIL PROTECTED] Attorney and Counselor-at-Law http://yankel.com Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] PPPoE in WISP
Hi, Has anyone configured PPPoE in WISP the Server and the Client, i have found that the WISP distribution does not include PPPoE although it says so, maybe I am wrong. I have been trying to put packages on it but it seems i did not find appropriate ones. Most anyoing thing is that you have info on all other LEAF distributions only WISP is somwhat set aside as appears like GHOST package in LEAF family, since it has joined the family. I wanted to put some other extra packages in the distribution such as BASH, FTP. Also one more thing it says it supports the Cisco Aironet but it does recognize it. Still havent tried the Prism Cards. Best regards Armend Zeqiraj, --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Windows XP attacking my firewall?
On Mon, 12 Aug 2002, Matt Russell wrote: > This is UPNP -- you must have an old version of Shorewall as later > versions had an entry for this in the common.def file. You can kill these > by creating /etc/shorewall/common (if that file isn't there already) and > add the following to it: > > run_iptables -A common -p UDP --dport 1900 -j DROP > > Or upgrade your Shorewall. > One more thing -- if you create a new /etc/shorewall/common, the last line of that file should be . /etc/shorewall/common.def -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Windows XP attacking my firewall?
you are the man. thank you. FYI bering is version rc-2. thanks- matt -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 10:04 AM To: Matt Russell Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] Windows XP attacking my firewall? On Mon, 12 Aug 2002, Matt Russell wrote: > in /var/log/syslog i get the following error repeated three times every 25 > seconds: > > Aug 9 15:45:23 firewall kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= > MAC=00:04:76:e2:6c:6c:00:40:95:30:aa:71:08:00 SRC=192.0.1.11 DST=192.0.1.7 > LEN=160 TOS=0x00 PREC=0x00 TTL=128 ID=10522 PROTO=UDP SPT=1037 DPT=1900 > LEN=140 > > a quick look on the TCP/IP common port listings suggests that this is due to > ssdp. would that make sense? should i be authorizing a port on the firewall > to allow XP to do this? > This is UPNP -- you must have an old version of Shorewall as later versions had an entry for this in the common.def file. You can kill these by creating /etc/shorewall/common (if that file isn't there already) and add the following to it: run_iptables -A common -p UDP --dport 1900 -j DROP Or upgrade your Shorewall. -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Annoying duplex errors
My friend, if you are receiving odd kernel errors, it is either a faulty NIC or a puzzled driver. I know that 'cause I once had the same problem. You know, most of us use rather old NIC's gathered from old PC's. At least I do. If you got that card from one of these old doorstop computers, who can assure you that it has no problems? Or it could be a faulty cable, or a problem on your HUB/Switch port. When transmit errors occour on LAN, it means that there ARE hardware problems. I can understand that since everything works quite well on your internal net and all connections to the internet, your wish is to have those messages removed. But removing the messages 'per se' does not solve your problem. Please explain us more about your setup. -Original Message- From: Nachman Yaakov Ziskind [mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 5:05 PM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Annoying duplex errors Luis.F.Correia wrote (on Mon, Aug 12, 2002 at 04:31:12PM +0100): | Well... you could also try using another NIC driver for your board. | | I guess that the 'vortex' series loosely identifies a 3Com card. | | There are a large number of cards that work with that driver. I also | recall that Donald Becker wrote drivers for those cards. | | Try other drivers and if all still goes wrong, you could also try | another NIC... But it's not the NIC or the drivers; they all work splendidly. I just want to suppress those error messages ... | [Bering rc2] | | ... getting lots of errors in both syslog and kern.log: | | Aug 12 11:21:21 yoreach kernel: eth0: Transmit error, Tx status | register 82. Aug 12 11:21:21 yoreach kernel: Probably a duplex mismatch. See | Documentation/networking/vortex.txt | Aug 12 11:21:21 yoreach kernel: Flags; bus-master 1, dirty 3351435(11) | current 3351435(11) | Aug 12 11:21:21 yoreach kernel: Transmit list vs. c3bf14c0. | Aug 12 11:21:21 yoreach kernel: 0: @c3bf1200 length 8036 status | 00010036 | Aug 12 11:21:21 yoreach kernel: 1: @c3bf1240 length 8036 status | 00010036 | | etc., etc. filling up the logs. | | I've read the vortex page, and I think that those packets are | spurious; since the firewall works quite well, thank you, changing the | duplex mode of my network card seems not to be in order. | | But the messages are quite a bother, and they exhaust the log | filesystem. | | Is there anyway to supress these error messages, short of turning off | logging altogether? | | NYZ -- _ Nachman Yaakov Ziskind, EA, LLM [EMAIL PROTECTED] Attorney and Counselor-at-Law http://yankel.com Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Multiple Subnets
On Mon, 12 Aug 2002, Nixon, Anthony S. wrote: > Hello, > > I am using the Bering version of LEAF (a most excellent creation I might > add). I have multiple subnets on my LAN, but do not know how to set up the > firewall for this? The firewall sits on a 192.168.1.0/24 subnet and my users > are on 192.168.2.0/24 and 192.168.3.0/24 respectively. I am used to using > Red Hat and creating the static-routes file in /etc/sysconfig. How is this > done under Bering (debian dist) and can it be set up with the Shorewall > package? Any help would be appreciated. > For Shorewall: In /etc/shorewall/masq, you'll need three entries -- one for each subnet (Shorewall can only detect a single subnet). Assuming that your external interface is eth0: eth0192.168.1.0/24 eth0192.168.2.0/24 eth0192.168.3.0/24 In /etc/shorewall/interfaces (assuming your internal interface is eth1): loc eth1192.168.1.255,192.168.2.255,192.168.3.255 The latter just causes Shorewall to drop the broadcasts from all three subnets rather than logging them. -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Annoying duplex errors
Luis.F.Correia wrote (on Mon, Aug 12, 2002 at 04:31:12PM +0100): | Well... you could also try using another NIC driver for your board. | | I guess that the 'vortex' series loosely identifies a 3Com card. | | There are a large number of cards that work with that driver. I also | recall that Donald Becker wrote drivers for those cards. | | Try other drivers and if all still goes wrong, you could also try | another NIC... But it's not the NIC or the drivers; they all work splendidly. I just want to suppress those error messages ... | [Bering rc2] | | ... getting lots of errors in both syslog and kern.log: | | Aug 12 11:21:21 yoreach kernel: eth0: Transmit error, Tx status register 82. | Aug 12 11:21:21 yoreach kernel: Probably a duplex mismatch. See | Documentation/networking/vortex.txt | Aug 12 11:21:21 yoreach kernel: Flags; bus-master 1, dirty 3351435(11) | current 3351435(11) | Aug 12 11:21:21 yoreach kernel: Transmit list vs. c3bf14c0. | Aug 12 11:21:21 yoreach kernel: 0: @c3bf1200 length 8036 status | 00010036 | Aug 12 11:21:21 yoreach kernel: 1: @c3bf1240 length 8036 status | 00010036 | | etc., etc. filling up the logs. | | I've read the vortex page, and I think that those packets are spurious; | since the firewall works quite well, thank you, changing the duplex mode of | my network card seems not to be in order. | | But the messages are quite a bother, and they exhaust the log filesystem. | | Is there anyway to supress these error messages, short of turning off | logging altogether? | | NYZ -- _ Nachman Yaakov Ziskind, EA, LLM [EMAIL PROTECTED] Attorney and Counselor-at-Law http://yankel.com Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Windows XP attacking my firewall?
On Mon, 12 Aug 2002, Matt Russell wrote: > in /var/log/syslog i get the following error repeated three times every 25 > seconds: > > Aug 9 15:45:23 firewall kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= > MAC=00:04:76:e2:6c:6c:00:40:95:30:aa:71:08:00 SRC=192.0.1.11 DST=192.0.1.7 > LEN=160 TOS=0x00 PREC=0x00 TTL=128 ID=10522 PROTO=UDP SPT=1037 DPT=1900 > LEN=140 > > a quick look on the TCP/IP common port listings suggests that this is due to > ssdp. would that make sense? should i be authorizing a port on the firewall > to allow XP to do this? > This is UPNP -- you must have an old version of Shorewall as later versions had an entry for this in the common.def file. You can kill these by creating /etc/shorewall/common (if that file isn't there already) and add the following to it: run_iptables -A common -p UDP --dport 1900 -j DROP Or upgrade your Shorewall. -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-594097 ] Dachstein will not start on 486/100.....
Support Requests item #594097, was opened at 2002-08-12 15:57 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=213751&aid=594097&group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Open Priority: 5 Submitted By: Dion Bird (dionb98) Assigned to: Mike Noyes (mhnoyes) Summary: Dachstein will not start on 486/100. Initial Comment: Dachstein will not start on my 486 DX4/100 with 32MB of RAM. Here is a summary of the boot process before it locks up. IP Filters: [IP Forwarding: DISABLED] flushed SIOCGIFFLAGS: Operation not supported by device Bind socket to interface: Operation not supported by device exiting Starting Network: [IP Always Defrag: ENABLED] IP filters: firewall [IP Forwarding: ENABLED] Loopback interface: lo Starting interface: Cannot find device "eth1" SIOCGIFFLAGS: Operation not supported by device eth1 Hostname: firewall Static NS: 2 hosts At this point the cursor just sits and flashes. On my other systems the disk will boot completely, with the summary I have provided, same as what's written above. (Including the operation not supported by device stuff) Any insight on why it won't continue past this point on the 486? As I said before it is a 486 DX4/100 with 32MB RAM. I have stripped it down to just the PCI video card and the PCI NIC card. I've tried booting it with no NIC card, and 1 card and 2 cards. If I boot the system under Windows 98, it will detect the network cards so they appear to be functioning. I would appreciate any suggestions you have. Dion -- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=213751&aid=594097&group_id=13751 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Annoying duplex errors
Well... you could also try using another NIC driver for your board. I guess that the 'vortex' series loosely identifies a 3Com card. There are a large number of cards that work with that driver. I also recall that Donald Becker wrote drivers for those cards. Try other drivers and if all still goes wrong, you could also try another NIC... -Original Message- From: Nachman Yaakov Ziskind [mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 4:24 PM To: [EMAIL PROTECTED] Subject: [leaf-user] Annoying duplex errors [Bering rc2] ... getting lots of errors in both syslog and kern.log: Aug 12 11:21:21 yoreach kernel: eth0: Transmit error, Tx status register 82. Aug 12 11:21:21 yoreach kernel: Probably a duplex mismatch. See Documentation/networking/vortex.txt Aug 12 11:21:21 yoreach kernel: Flags; bus-master 1, dirty 3351435(11) current 3351435(11) Aug 12 11:21:21 yoreach kernel: Transmit list vs. c3bf14c0. Aug 12 11:21:21 yoreach kernel: 0: @c3bf1200 length 8036 status 00010036 Aug 12 11:21:21 yoreach kernel: 1: @c3bf1240 length 8036 status 00010036 etc., etc. filling up the logs. I've read the vortex page, and I think that those packets are spurious; since the firewall works quite well, thank you, changing the duplex mode of my network card seems not to be in order. But the messages are quite a bother, and they exhaust the log filesystem. Is there anyway to supress these error messages, short of turning off logging altogether? NYZ -- _ Nachman Yaakov Ziskind, EA, LLM [EMAIL PROTECTED] Attorney and Counselor-at-Law http://yankel.com Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Annoying duplex errors
[Bering rc2] ... getting lots of errors in both syslog and kern.log: Aug 12 11:21:21 yoreach kernel: eth0: Transmit error, Tx status register 82. Aug 12 11:21:21 yoreach kernel: Probably a duplex mismatch. See Documentation/networking/vortex.txt Aug 12 11:21:21 yoreach kernel: Flags; bus-master 1, dirty 3351435(11) current 3351435(11) Aug 12 11:21:21 yoreach kernel: Transmit list vs. c3bf14c0. Aug 12 11:21:21 yoreach kernel: 0: @c3bf1200 length 8036 status 00010036 Aug 12 11:21:21 yoreach kernel: 1: @c3bf1240 length 8036 status 00010036 etc., etc. filling up the logs. I've read the vortex page, and I think that those packets are spurious; since the firewall works quite well, thank you, changing the duplex mode of my network card seems not to be in order. But the messages are quite a bother, and they exhaust the log filesystem. Is there anyway to supress these error messages, short of turning off logging altogether? NYZ -- _ Nachman Yaakov Ziskind, EA, LLM [EMAIL PROTECTED] Attorney and Counselor-at-Law http://yankel.com Economic Group Pension Services http://egps.com Actuaries and Employee Benefit Consultants --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: SMTP problem (was: [leaf-user] (no subject))
> Sorry, /etc/network.conf reads Version 1.3.2, September 29, 2001 > > The e-mail sent from outside (Yahoo) appears in OUR sendmail queue when it > gets deferred with the message: > stat=Deferred: Connection timed out with XX.XXX.XXX.XX (our firewall > address). > > The sendmail (8.11) is not doing anything non-standard. Just the basic > configuration. OK, when you say "OUR sendmail queue", is that the machine behind the Dachstein firewall, or are you running a large network where "OUR sendmail queue" is a corperate-wide mail reciever, which re-directs mail to multiple secondary MTA's? Assuming the former, mail *IS* actually getting to your system, but sendmail is apparently not correctly configured to recognize the addresses as being local. Instead, it sounds like sendmail is trying to relay your messages to what it thinks is their correct final destination, which is your firewall address (which you presumably have listed in an MX record for your domain). Connecting to a port-forwarded service via it's external IP from within the internal network, which is what your sendmail system is trying to do (ie it's trying to talk to itself, via the port-forwarding setup on the firewall) won't work (at least not without some packet routing gymnastics :-), so as far as sendmail is concerned, it can't talk to the "authoritative" MTA, and even if it could, you'd just wind up with a mail loop. You need to check your sendmail configuration, and try running some tests on the e-mail addresses you're using to send mail. I strongly suspect you'll find an error in the sendmail setup that's causing addresses to not be treated as local. You'll have to dig through the sendmail docs for the test procedures (or maybe a kind soul on list will have helpful info)...I'm more familiar with exim and qmail...haven't done any hands-on configuration of sendmail for 2-3 years (and I have yet to unpack my O'Reilly "bat" book from a recent move :-) > Under "TCP servers open to the outside world" we have: > EXTERN_SMTP_PORTS = "0/0_ntp 0/0_smtp" > > and under "UDP servers open to the outside world" we have: > EXTERN_UDP_PORTS = "0/0_domain 0/0_bootpc 0/0_ntp" Looks OK, assuming EXTERN_SMTP_PORTS is actually EXTERN_TCP_PORTS... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] maybe OT, where can you resolve ip to mailadresses?
I use to have a link to a site which "collected" ip + fqdn + mail. This was useful for tracking scanners, of course the link has long been lost, does someone know of such a site and willing to share the info? Thanks Peter --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Multiple Subnets
At the shorewall website, They have the perfect document on how to do just what u want www.shorewall.net -Original Message- From: Nixon, Anthony S. [mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 16:45 To: '[EMAIL PROTECTED]' Subject: [leaf-user] Multiple Subnets Hello, I am using the Bering version of LEAF (a most excellent creation I might add). I have multiple subnets on my LAN, but do not know how to set up the firewall for this? The firewall sits on a 192.168.1.0/24 subnet and my users are on 192.168.2.0/24 and 192.168.3.0/24 respectively. I am used to using Red Hat and creating the static-routes file in /etc/sysconfig. How is this done under Bering (debian dist) and can it be set up with the Shorewall package? Any help would be appreciated. Regards - Shon --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: SMTP problem (was: [leaf-user] (no subject))
Thanks for responding. I'm afraid, though, that your response leaves unanswered many of the questions I asked. See below. At 08:48 AM 8/12/02 -0400, Craig Heil wrote: >We are running Linux version 2.2.19-3-LEAF with the default firewalling. This statement does not identify the LEAF version. LEAF versions have names like Dachstein, Oxygen, and Bering. Which are you using, and is it a floppy or a CD-based version? >The >LAN is using NAT. We are able to send mail to the server by adding the >server name to the hosts file on the network machines. I assume you mean here that you can send mail out through your on-LAN server from workstations on the LAN. Please correct me if this interpretation is wrong. >We are able to send >mail out to external mailers (Yahoo, AOL), We can send mail from user to >user inside the network. And just to be clear ... the mail server is a different host from the LEAF firewall, right? What Linux distro does it run, what kernel version, and what MTA? >However, when sending TO the internal network the >mail gets to the sendmail mail queue then gets deferred due to the >mailserver's inability to contact the sending MTA. Once again, I must ask: do you mean the sendmail queue on the on-LAN server? If so, this description is very puzzling. In order for the complete message to reach the on-LAN server, it has to make several responses to the sending MTA (responding to the HELO, RCPT, and MAIL messages) before the actual piece of e-mail (the DATA message) is sent. So we need a better explanation of the problem than "gets deferred due to the mailserver's inability to contact the sending MTA". Of course, you might mean something else. If so, please explain it more clearly. Also, if I have interpreted this correctly ... what is sendmail *supposed* to do with these messages? Deliver them to on-server accounts (to be read using POP3, IMAP, or shell logins)? Send them on to the workstations (how ... what MTAs are the workstations running)? Do the messages coming from outside have To: FQNs (I mean the part after the @) that are the same as the ones used on messages that originate internally? How does the server resolve names (since you mention needing to add its name to the hosts files on workstations, it sounds like you are not running on-LAN DNS)? I ask all this stuff because when mail is stuck in the sendmail queue, that usually indicates a problem contacting the *destination* MTA, not the *source* MTA. To be sure that the problem is with the *sending* MTA, as you write: from off-LAN, if you telnet to port 25 and send a message using the various smtp commands manually, at what point does the interchange fail? >The openings in the firewall for smtp are: >EXTERN_SMTP_PORTS = "0/0_ntp 0/0_smtp" >and >INTERN_SMTP_SERVER = 10.0.0.XXX This no doubt relates to whichever LEAF version you are running, but without knowing which version that is, I cannot really comment on it. A couple of quick comments, though -- 1. Listing the ntp port as an external smtp port seems odd, no matter what version you are using. 2. The INTERN_SMTP_SERVER needs a complete IP address, not "10.0.0.XXX". (I assume you are not being silly enough to think that you need to protect yourself by keeping a *private-range* IP address secret from us.) Here we would benefit from seeing the actual firewall ruleset, not just a couple of config-file lines. Next time, post the unedited output of "ipchains -nvL" if you want actual troubleshooting help with respect to the ruleset you have installed. >As far as the ISP, that is not the case for us. We can run anything on our >pipe. However, we are still only testing the server so the mail will come >from [EMAIL PROTECTED] until we are ready to go live. The only >thing could be some strange name service rule that picks up on that unknown >private.network. I don't understand this last part. If all mail is coming from "[EMAIL PROTECTED]", how are you doing off-LAN tests? If you are spoofing the source when doing off-LAN tests, then is it possible that you are hitting your MTA's anti-relaying or anti-SPAM rules rather than having a LEAF-related problem? If so, you need to get advice from a support list for your MTA, not from LEAF. >-Original Message- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED]]On Behalf Of Ray Olszewski >Sent: Friday, August 09, 2002 5:02 PM >To: Craig Heil; [EMAIL PROTECTED] >Subject: Re: SMTP problem (was: [leaf-user] (no subject)) [old stuff deleted] -- ---"Never tell me the odds!" Ray Olszewski -- Han Solo Palo Alto, California, USA[EMAIL PROTECTED] --- --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf
[leaf-user] Multiple Subnets
Hello, I am using the Bering version of LEAF (a most excellent creation I might add). I have multiple subnets on my LAN, but do not know how to set up the firewall for this? The firewall sits on a 192.168.1.0/24 subnet and my users are on 192.168.2.0/24 and 192.168.3.0/24 respectively. I am used to using Red Hat and creating the static-routes file in /etc/sysconfig. How is this done under Bering (debian dist) and can it be set up with the Shorewall package? Any help would be appreciated. Regards - Shon --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Windows XP attacking my firewall?
in /var/log/syslog i get the following error repeated three times every 25 seconds: Aug 9 15:45:23 firewall kernel: Shorewall:all2all:REJECT:IN=eth0 OUT= MAC=00:04:76:e2:6c:6c:00:40:95:30:aa:71:08:00 SRC=192.0.1.11 DST=192.0.1.7 LEN=160 TOS=0x00 PREC=0x00 TTL=128 ID=10522 PROTO=UDP SPT=1037 DPT=1900 LEN=140 a quick look on the TCP/IP common port listings suggests that this is due to ssdp. would that make sense? should i be authorizing a port on the firewall to allow XP to do this? --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: SMTP problem (was: [leaf-user] (no subject))
> We are running Linux version 2.2.19-3-LEAF with the default firewalling. The > LAN is using NAT. We are able to send mail to the server by adding the > server name to the hosts file on the network machines. We are able to send > mail out to external mailers (Yahoo, AOL), We can send mail from user to > user inside the network. However, when sending TO the internal network the > mail gets to the sendmail mail queue then gets deferred due to the > mailserver's inability to contact the sending MTA. This is still somewhat confusing. The e-mail gets to the sendmail queue on *WHICH* machine...the remote sender or the local reciever? Your description above makes it sound like your local mailserver cannot connect to the remote system which is trying to send mail, which doesn't make much sense to me. Please provide more details about exactly how you're trying to send mail, and any non-standard checks you're doing on your local mail-server (ie: ident check, SMTP verify to validate sender e-mail address, etc). Remember, all we know about your setup is what's in your e-mail... > The openings in the firewall for smtp are: > EXTERN_SMTP_PORTS = "0/0_ntp 0/0_smtp" This is very confusing. Looks like you're using one of my Dachstein releases, based on the kernel version, but the above configuration variable does not exist in the Dachstein firewall scripts. Even worse, I can't tell it was a simple typo, since you're mixing UDP and TCP protocols on the same line. If I'm reading between the lines properly, you need something like: EXTERN_UDP_PORTS="0/0_ntp" EXTERN_TCP_PORTS="0/0_smtp" Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Flash disk problem
I'm through. Problem was with Win 98 dos disk. I tried dos 6.22 boot disk and all went thro' fine. PC ATA as primary master - installed dos and booted with dos. PC ATA installed as secondary master - installed dos and booted with dos. Then I tried dos version of syslinux on PC ATA primary master, booted with floppy and xfrd all files to hda1, modified syslinux.cfg. Had a problem in booting - system was asking for floppy0 and gave kernel panic. Figured it has something to do with disk not being recognised. Included ide-mod, ide-disk and ide-probe in /boot/etc/modules, copied the files to /boot/lib/modules directory and backed up the packages to hda1. I was home. Thanx a ton to all those who helped me out. The pointer of using MSDOS 6.22 was very useful. Thankfully I did not have to go thro' a compile of syslinux on RH and then do a system xfr. Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Cass Tolken Sent: 11 August, 2002 10:59 PM To: S Mohan; 'Leaf' Subject: Re: [leaf-user] Flash disk problem Hi S Mohan, --- S Mohan <[EMAIL PROTECTED]> wrote: > I'm trying to load bering on a PC ATA Flash card. I've a Adtron drive > and a Sandisk 8MB card. It is getting recognised as a drive and I'm > able to fdisk and format the drive. It is secondary master. I'm able > to mount it as /dev/hdc1 in bering too. However, I'm not able to boot! > I initially tried syslinux and it gave an error :unable to lock drive > for exclusive access. I did a lock c: and then tried syslinux. Same > error. I then booted up the system with a Win98 DOS floppy, did a sys > c: and copied the floppy contents to the flash card. It did not boot > up in DOS too. Sys did not give an error unlike syslinux. I had the same "unable to lock drive for exclusive access." error message when I tried using the dos version of syslinux. It worked great with the linux version. I first tried using the syslinux binary from my RH box but that didn't work with either Bering or Tom's Root Boot floppies. What I wound up doing is downloading the source for syslinux to my full linux box and compiling it statically linked. IIRC, I think I just added a -static as a compiler option in the Makefile. > Any pointers? Is it that I'm up the wrong alley and ATA Flash disks > are not bootable? Also for booting dos, have you tried fdisk /mbr before the sys c: ? Other than that... I don't know if it'll make a difference but maybe try it as primary master? Hope this helps. -- Cass __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Kernel compile in Bering
I guess you can grab the current Bering config file from http://leaf.sourceforge.net/devel/jnilo/bering/latest/Bering_1.0-rc3.config Download the corresponding kernel version, 2.4.18, add or remove whatever you want and compile your new replacment kernel. Then, good luck :) -Original Message- From: brooksp5 [mailto:[EMAIL PROTECTED]] Sent: Monday, August 12, 2002 2:36 PM To: [EMAIL PROTECTED] Subject: [leaf-user] Kernel compile in Bering Hi all, Just a quick question about compiling a kernel for Bering. Is it possible to compile a kernel with built in support for interface cards -thus removing the requirement of defining the drivers as modules. I will be running it off a 32MB CF card so I am not worried about the kernel size. Specifically I want to enable FDDI support, I have enabled it on my Mandrake system, but now want to make a Bering router to connect to a FDDI network. I have found some references to Token Ring in some of the early Linux Router information but nothing about FDDI. Any help or comments will be very appreciated. Thanks Paul --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Kernel compile in Bering
Hi all, Just a quick question about compiling a kernel for Bering. Is it possible to compile a kernel with built in support for interface cards -thus removing the requirement of defining the drivers as modules. I will be running it off a 32MB CF card so I am not worried about the kernel size. Specifically I want to enable FDDI support, I have enabled it on my Mandrake system, but now want to make a Bering router to connect to a FDDI network. I have found some references to Token Ring in some of the early Linux Router information but nothing about FDDI. Any help or comments will be very appreciated. Thanks Paul --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: SMTP problem (was: [leaf-user] (no subject))
We are running Linux version 2.2.19-3-LEAF with the default firewalling. The LAN is using NAT. We are able to send mail to the server by adding the server name to the hosts file on the network machines. We are able to send mail out to external mailers (Yahoo, AOL), We can send mail from user to user inside the network. However, when sending TO the internal network the mail gets to the sendmail mail queue then gets deferred due to the mailserver's inability to contact the sending MTA. The openings in the firewall for smtp are: EXTERN_SMTP_PORTS = "0/0_ntp 0/0_smtp" and INTERN_SMTP_SERVER = 10.0.0.XXX As far as the ISP, that is not the case for us. We can run anything on our pipe. However, we are still only testing the server so the mail will come from [EMAIL PROTECTED] until we are ready to go live. The only thing could be some strange name service rule that picks up on that unknown private.network. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ray Olszewski Sent: Friday, August 09, 2002 5:02 PM To: Craig Heil; [EMAIL PROTECTED] Subject: Re: SMTP problem (was: [leaf-user] (no subject)) At 03:18 PM 8/9/02 -0400, Craig Heil wrote: >The firewall has been in place for some time working great. We recently >began testing an internal mail server. >It has been tested internally fine. It can also send mail externally fine. >However, even though we have opened up the SMTP port everywhere in the >firewall, when you send mail outside to the machine, sendmail gets it into >the mail queue but then the message is deferred since it cannot talk back >through the firewall. The error message reads "(Deferred: Connection timed >out with XXX.XXX.XXX.XXX.)" where the XXX's are the firewall real-world IP >address. The port forwarding is also set up on the SMTP port. We have >checked through the config and found nothing that helps. Please advise. We need a bit more detail to be able to help. First, what version of LEAF are you using? Second, are you using its default firewalling or one of the drop-in firewall options? And am I correct in assuming that your LAN is NAT'd? Third, you say you "have opened up the SMTP port everywhere in the firewall" but that your internal SMTP server is failing because "it cannot talk back through the firewall". Given the error message you quote, the reasonable inference is that the second of your two statements is correct, which suggests that the first is wrong. So ... *how* did you open the SMTP port? Fourth, might your ISP be the actual culprit here? I've heard of (but not actually seen) ISPs that block incoming traffic to port 25 at their customers' IP addresses, in order to force the customers to use the ISP's mail servers as (POP3 or IMAP) relays. Finally, could you take another shot at explaining the circumstances under which the SMTP server fails to deliver? I read what you wrote to mean that if somebody tries to send an email to [EMAIL PROTECTED], where yourdomaim.com resolves to the IP address of your firewall, then the message gets stuck in the MTA (e.g., sendmail) queue of the sending machine (or whatever it uses as a relay for outgoing mail). That is, the "sendmail" you refer to is -NOT- the MTA you are running on your mail server. But that interpretation involves a lot of reading between the lines, so your confirming or correcting it would be worth while. -- ---"Never tell me the odds!" Ray Olszewski -- Han Solo Palo Alto, California, USA[EMAIL PROTECTED] --- --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering 1.0rc3 - RoadRunnerCable, connection suddenly fails
Note: Harry Kitt's message & his problem "driver appeared to work, but would randomly drop the connection. Probably not recompiled for the Bering's kernel/compiler." ---was because he used drivers from his Dachstein disk. I've tried editing shorewall to use each of them as the external interface to make sure it wasn't a card specific problem. Firewall's internal eth always works, I can always ping the numerical address of the firewall from internal machines. And I can always reach weblet. ---They all passed the diagnostics from RealTek rtl8019.exe when booted from a DOS floppy. ---They are all set to jumpered mode (not PNP) and physically set the jumpers. quoting guitarLynn "What exact model/make card are you using a lot of "compatible" cards aren't even compatible at all. " --Each of them has the Novell YES logo silk-screened onto the NIC's board. "you will also need to load the "mii" module as well." ---These are ISA rtl8019 cards. I've never heard of needing mii.o ---Is it something new? As to what make & Model, --- one of them is a Farallon 8019, the other two weren't proud enough to put their names on the board. I assume they were relying on the NovellYES logo. I'll pull the machine apart & get more identifiers from the cards later tonight. --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Flash disk problem
Hi! I had the very same problem. You must boot from MSDOS6.x. Then use syslinux with '-s' flag. I even had to use syslinux 2.00-pre6 because my CF refused to boot with other older versions of syslinux. One other thing, try to use the device as primary master. It works a LOT better. -Original Message- From: S Mohan [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 11, 2002 2:48 PM To: 'Leaf' Subject: [leaf-user] Flash disk problem I'm trying to load bering on a PC ATA Flash card. I've a Adtron drive and a Sandisk 8MB card. It is getting recognised as a drive and I'm able to fdisk and format the drive. It is secondary master. I'm able to mount it as /dev/hdc1 in bering too. However, I'm not able to boot! I initially tried syslinux and it gave an error :unable to lock drive for exclusive access. I did a lock c: and then tried syslinux. Same error. I then booted up the system with a Win98 DOS floppy, did a sys c: and copied the floppy contents to the flash card. It did not boot up in DOS too. Sys did not give an error unlike syslinux. Any pointers? Is it that I'm up the wrong alley and ATA Flash disks are not bootable? Mohan --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-593730 ] wisp-dist hard drive
Support Requests item #593730, was opened at 2002-08-11 18:49 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=213751&aid=593730&group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: wisp-dist hard drive Initial Comment: Can't I install wisp-dist on a regular hard drive? When I try to I get an init not found kernel panic. Try passing init= . I would like to add more features to the system and try it out before going through the steps of a flashdisk. Thank you, Tom Johnson -- >Comment By: Vladimir Ivaschenko (hzdrus) Date: 2002-08-12 10:59 Message: Logged In: YES user_id=558953 Yes, just follow procedures for manual partitioning and installation as documented on the LEAF website's WISP-Dist section. -- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=213751&aid=593730&group_id=13751 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-593730 ] wisp-dist hard drive
Support Requests item #593730, was opened at 2002-08-11 18:49 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=213751&aid=593730&group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) >Assigned to: Vladimir Ivaschenko (hzdrus) Summary: wisp-dist hard drive Initial Comment: Can't I install wisp-dist on a regular hard drive? When I try to I get an init not found kernel panic. Try passing init= . I would like to add more features to the system and try it out before going through the steps of a flashdisk. Thank you, Tom Johnson -- Comment By: Vladimir Ivaschenko (hzdrus) Date: 2002-08-12 10:59 Message: Logged In: YES user_id=558953 Yes, just follow procedures for manual partitioning and installation as documented on the LEAF website's WISP-Dist section. -- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=213751&aid=593730&group_id=13751 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html