RE: [leaf-user] Backing up .lrp with Bering CD
I think you can still set the destination by using the d in the backup menu then use the c for custom. If you don't add an entry for fd0 in your isolinux.cfg you probably won't be able to take advantage of the overriding capabilities of the lrpkg.cfg file. Check http://leaf.sourceforge.net/devel/jnilo/bubooting.html more specifically section 9.5 for more info on lrpkg.cfg Kim Oppalfens -- Origineel Bericht -- From: Craig [EMAIL PROTECTED] To: LEAF [EMAIL PROTECTED] Subject: [leaf-user] Backing up .lrp with Bering CD Date: Sun, 18 Aug 2002 16:45:02 -0700 Hi folks, I notice that I don't have an option to back up packages to a floppy disk from the main menu with my Bering CD. Do I need to modify my isolinux.cfg file and somehow add a /dev/fd0 entry to allow for this or is there something else I need to do? Below is my isolinux.cfg file entries. Thank you. Craig display syslinux.dpy timeout 0 default linux initrd=initrd.lrp init=/linuxrc root=/dev/ram0 boot=/dev/cdrom:iso9660 PKGPATH=/dev/cdrom:iso9660 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Unknown traffic on firewall
On Sun, 18 Aug 2002, Greg Morgan wrote: Manfred Schuler wrote: Hi all, in the last few weeks I discovered some unknown traffic on my firewall. I inserted a rule to log all traffic on the input and output chains and found that the incoming packet is neither rejected nor denied, but answered by the firewall. I am using a stock eigerstein2beta firewall with no port redirection and no additional ports opened. What I don't understand is why the packets are not denied and who is responding to this packets. snip Manfred, I've never seen these ports before, but hey with 65K available port numbers, there are all kinds of services available. ;-) I was curious so I spent some time looking into your question. I may or may not have answered the question for you, but I guess it did give me a chance to get up on the soap box. :- (evil grin) Careful... it looks unsteady up there... don't use a weak foundation... A port is also called a service. Not correctly. A service is the program that responds when the port is accessed. The services are defined in /etc/services. This file defines your mapping of services to ports. The fact that we usually stick with the one provided is beside the point, and we (and certainly the untrusted masses out there) may choose to modify it at any time, so all our interpolations from ports in the firewall log is just overly-educated guesswork. :) A protocol, which you failed to define in context... tcp and udp are the most common protocols in the Internet Protocol sense of the word, and if you are only interested in vanilla internet activity it is easy to forget that others exist that don't even include the concept of ports. Many people also regard http and ftp and CIFS as protocols, but that is a confusingly different usage of the term than the one you are referring to. The only way to be sure which protocols help define a socket is to refer to the software documentation for your networking stack, because sockets are not limited even to the Internet Protocol... they can be used with Appletalk, IPX, or even internal communications methods that are not network related. plus, a port number, and an ip address equals a socket that an application uses to talk to another application. Via tcp or udp. Other protocols may omit the port and still have sockets. In fact, the ports defined by udp may be assigned to completely different services than the ports defined by tcp, though in the typical case for a given port number only the tcp or udp version is actually used and the other is reserved to avoid confusion. All this information is supplied in case you didn't know this. The socket is a software construct that is not really necessary to understand in order to read a firewall log. Nice background if you know it, but not germane to any of the points you make after this, regrettably confusing if described correctly, and unfortunately wrong if presented too simplistically. I'd say that you didn't realize that you are running some sort of peer to peer file sharing service, or you are running one and didn't know the mechanics of how it works. Perhaps you are running Kazaa? I think you are on target from this point forward. [Very nice subsequent analysis based on ip addresses and ports omitted.] --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering: pump renew after extended outage
My Internet provider had a extended outage this weekend. Pump tried to renew the leases a couple of times but when my privider finally got the network running again pump had given up and did not renew the DHCP lease. What setting should I change in Bering to prevent this from happening again. I am running Bering 1.0 RC3. /Tobbe --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] LCD display
You can get libncurs.lrp from David Douthitt package area or you can download my lcd.lrp which does not require libncurses and is updated to the stable lcdproc branch. David's Package area: http://leaf.sourceforge.net/devel/ddouthitt/packages/libncurs.lrp My LCD version: http://www.geocities.com/lfcorreia/lcd.lrp.tgz Please remove the '.TGZ' extension. Geocities does not allow it. -Original Message- From: antken [mailto:[EMAIL PROTECTED]] Sent: Monday, August 19, 2002 12:44 AM To: Charles Steinkuehler Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] LCD display hi, Thanks for that it was a really big help, the second link you gave me was the most useful i wired up the display, as your instructions suggested pluged it in switched the computer on, so far so good. No bad smells, and none of the IC's on the back of the PCB were getting hot. but i was only getting 16 big black squares on the screen, and i thought, damn it broken, but thanks to the link you gave me i nw know it works fine! over the next few days i am going to neaten up the wires and take a few photos and put them up on a website some place for every one to see. just a quick question: as i was panicking, and wondering if i had blown up the lcd display i tryed the LCDd program from your site, it said that it wanted the libncurses.so. do you know where i can get a copy for an i386 machine? thanks antken At 16:46 18/08/2002 -0500, you wrote: this LCD display that you can wire up, it says winamp LCD at the bottom of charles' diagram, and in some descriptions i have seen. my question is this, when pluged into a windows box and when winamp is running what is it supposed to say or do? It will display various status info on the LCD Display. Do a google search for winamp LCD, and check the following sites: http://www.mobydisk.com/mobyware/mobylcdvis.html http://www.markuszehnder.ch/projects/lcdplugin/ I don't actually run winamp, so I'm not sure if you have to use a plug-in, or if some LCD support is built-in to winamp already...the above links are for plug-ins, and are what turned up first on my google search. Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] wisp and dns/dhcp
I'm not sure I understand your problem exactly. 1) Where do you run ez-ipupdate? 2) From where you cannot ping? 3) To check whether SSH packets reach the WISP-Dist router, run tcpdump: tcpdump -n port 22 David Ondzes wrote: I am having trouble reaching my wisp box (v2290) from the outside via ssh. I currently have a SMC residential gateway sitting off of my cable modem. my wisp box is one of its dhcp clients with fixed ip address (192.168.0.22). I have the SMC setup to do virtual server, basically port forwarding. I have all traffic set to port 2006 redirected to my wisp box on port 22. I know sshd is working on wisp box because I can use putty and connect to it from an internal machine. I think it is a dns problem because ez-ipuodate complains about gethostbyname failing and I can not ping any sites by name. I have manually set the default gateway and dhcp server with wdistconfig with the information I get ipconfig /all on windows. Shouldn't I be getting dns and default gateway from the dhcp server ? Should I not set it manually ? If there are some commands I can run to make it easier to solve this problem please let me know. I have the ifconfig.lrp installed if that command produces better output then ip command. Thanks in advance for your help David Ondzes [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-596917 ] Can not forward port 21
Support Requests item #596917, was opened at 2002-08-18 16:05 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=596917group_id=13751 Category: Release/Branch: Bering Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Can not forward port 21 Initial Comment: I am running a simple setup. Just one IP address in the and one out to the ftp box. I can not get passed the firewall. I keep getting: Aug 18 06:06:03 firewall kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:10:4b:98:14:ab:00:02:3b:01:c9:a9:08:00 SRC=151.164.1.7 DST=64.123.80.250 LEN=79 TOS=0x00 PREC=0x00 TTL=250 ID=2532 DF PROTO=UDP SPT=24863 DPT=53 LEN=59 I have the correct rule in place but it is not going to my internal box. DNAT net dmz:192.168.1.50 tcp 21 -- Comment By: Mike Noyes (mhnoyes) Date: 2002-08-19 04:46 Message: Logged In: YES user_id=39521 Based on the most recent comment on this support request, it is our understanding that this matter has been addressed. Should you require further assistance from the LEAF project members, please submit a new support request. Thank you, leaf-project.org support -- Comment By: Nobody/Anonymous (nobody) Date: 2002-08-18 20:40 Message: Logged In: NO Tom helped me with this problem. Everything is working now. Thanks -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=596917group_id=13751 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-568227 ] eth1, 64MB CompactFLASH IDE problem?
Support Requests item #568227, was opened at 2002-06-12 14:01 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=568227group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: eth1, 64MB CompactFLASH IDE problem? Initial Comment: I am trying to install DachStien on a 64MB CompactFLASH IDE drive, but I must use eth1 as my connection to the Internet. Where do I make the proper changes from eth0 to eth1? Thank you for your time and efforts. Regards, Don Carrico -- Comment By: Mike Noyes (mhnoyes) Date: 2002-08-19 04:52 Message: Logged In: YES user_id=39521 I'm closing this support request due to a lack of response from the person that opened it. -- Comment By: Lynn Avants (guitarlynn) Date: 2002-08-05 15:29 Message: Logged In: YES user_id=176069 This will be a *major* hurdle to accomplish with Dachstein because of the default scripting in network.conf and ipfilter.conf. It can be done, but this would be *much* easier to accomplish with Bering. Bering can be put on IDE/CF disks as well. Check the Bering Users Manual at: http://leaf.sourceforge.net/devel/jnilo -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=568227group_id=13751 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Help with bering, SNAT and DNAT
Hello! I'm a new Bering user.I'm using the last version(RC 3), and I need some help. We're trying to make a little strange setup in our network, and I can't find much information about this theme. We have 2 servers, each with a default gateway, and we're trying to add a new gateway via an adsl connection. The problem is that every connection that gets in by the bering server, as it is an external conection, gets out by the server default gateway(different ip),so external-server connection doesn't work. We'd like to make snat+dnat translation (masquerading and port forwarding) with the connections from internet to the bering to usal ports (web, pop, ...). We're not building a DMZ because all the company's info is at those servers,and we can't afford buying more servers:) So the question is: Can I make snat+dnat to the same connection? Is there any other non-intrusive solution, so I can continue testing the firewall without touching anything at the servers until I'm sure I can use the Bering router/firewall only? Thanks Barney --- Tiscali, el líder europeo de acceso a internet, te ofrece: ¡¡¡ Tiscali Tarifa Plana Premium; la primera Tarifa Plana con llamadas gratis !!! ¡ Descúbrela AHORA ! https://alta.tiscali.es:4430/tiscalitp/home.jsp --- --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-571927 ] bug #521382 should be re opened
Support Requests item #571927, was opened at 2002-06-20 19:20 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=571927group_id=13751 Category: Release/Branch: Oxygen Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: David Douthitt (ddouthitt) Summary: bug #521382 should be re opened Initial Comment: bug #521382 needs to be re opened.. I went to go and update my disks with the latest oxygen but i still see the same problem with ipmask script inside of root.lrp its missing a critical mask i will manualy fix my versions but this should be fixed in the current distribution so it does not need patching every time.. -- Comment By: Mike Noyes (mhnoyes) Date: 2002-08-19 04:56 Message: Logged In: YES user_id=39521 Based on the most recent comment on this support request, it is our understanding that this matter has been addressed. Should you require further assistance from the LEAF project members, please submit a new support request. Thank you, leaf-project.org support -- Comment By: David Douthitt (ddouthitt) Date: 2002-06-20 20:07 Message: Logged In: YES user_id=81521 I forgot to explain... ipmask in older versions of Oxygen was a shell function in a script. Newer versions contain a binary program /bin/ipmask which does the same thing but so much more. ipmask will return all sorts of data from an IP address for use by scripts. -- Comment By: David Douthitt (ddouthitt) Date: 2002-06-20 20:05 Message: Logged In: YES user_id=81521 # ipmask 172.16.3.4 -m 255.255.255.240 IP Address: 172.16.3.4 Official name: adcserv.cuna.com Network range: 172.16.3.1 - 172.16.3.14 Broadcast address: 172.16.3.15 Broadcast address (BSD): 172.16.3.0 CIDR: 172.16.3.0/28 Subnet mask: 255.255.255.240 Cisco wildcard mask: 0.0.0.15 Network: 172.16.3.0 Hexadecimal: AC100304 (reversed: 040310AC) Decimal Address: 2886730500 # ipmask ipmask version 0.33, Copyright (C) 2001 David Douthitt [EMAIL PROTECTED] ipmask comes with ABSOLUTELY NO WARRANTY; for details see the COPYING file that accompained this distribution. This is free software, and you are welcome to redistribute it under the terms of GNU PUBLIC LICENSE. Usage: ipmask [ -BbCcinrsxNmopR ] ip [ -m netmask ] ip may be a hex IP address, dotted-quad (n.n.n.n), or a CIDR spec (n.n.n.n/x) Display Options: -B Display only broadcast address (BSD - obsolete) -b Display only broadcast address -C Display only Cisco wildcard mask -c Display only CIDR -i Display only IP -n Display only network address -d Display only decimal address -r Display only range of valid addresses -s Display subnet mask only -x Display only hexadecimal IP Modifiers: -N No name lookups -m Use this net mask -o Official name (do a name lookup) -p Pretty formatted display of all results -R Hexadecimal IP address is in reversed order -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=571927group_id=13751 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-581150 ] How to SAVE changes on a boot floppy
Support Requests item #581150, was opened at 2002-07-13 15:54 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=581150group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: How to SAVE changes on a boot floppy Initial Comment: The instructions for configuring the config files ALWAYS state to Backup at certain points. (after changing config files) The warning at the beginning of the instructions says NOT to backup onto the boot floppy. Backing up to an alternate floppy results in errors. Rebooting loads default config values (not our network) How and/or where do I backup the config using a single boot disk? -- Comment By: Mike Noyes (mhnoyes) Date: 2002-08-19 05:02 Message: Logged In: YES user_id=39521 I'm closing this support request due to a lack of response from the person that opened it. -- Comment By: Lynn Avants (guitarlynn) Date: 2002-08-05 15:32 Message: Logged In: YES user_id=176069 You should save the changes to the boot floppy. If you let us know where the documentation indicates that this is a bad idea, we can fix this statement. Also the image and version number you are using will be needed to do this correctly. Thanks! -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=581150group_id=13751 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-587696 ] Why am I connecting to these ports??
Support Requests item #587696, was opened at 2002-07-28 07:10 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=587696group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Why am I connecting to these ports?? Initial Comment: This was in my Masqueraded Connections section of my LEAF weblet interface (I added port info I found): tcp 235:58.66 192.168.1.1 66.187.232.21 2355 - 21 (61000) David Weinstein [EMAIL PROTECTED] psdbserver 2355/tcp psdbserver tcp 236:13.22 192.168.1.1 152.2.210.81 2362 - 21 (61005) Charles Scott Roberson [EMAIL PROTECTED] digiman 2362/tcp digiman digiman 2362/udp digiman tcp 236:08.95 192.168.1.1 18.29.1.67 2359 - 21 (61003) Peter Frankenberg [EMAIL PROTECTED] flukeserver 2359/tcp FlukeServer flukeserver 2359/udp FlukeServer Any reason for concern?? Any feedback would be greatly appreciated! [EMAIL PROTECTED] -- Comment By: Mike Noyes (mhnoyes) Date: 2002-08-19 05:05 Message: Logged In: YES user_id=39521 Based on the most recent comment on this support request, it is our understanding that this matter has been addressed. Should you require further assistance from the LEAF project members, please submit a new support request. Thank you, leaf-project.org support -- Comment By: Nobody/Anonymous (nobody) Date: 2002-08-06 00:28 Message: Logged In: NO You are connect to ftp sites not telnet. telnet = 23 ftp =21. The ports you have looked up appear to be source ports and are not really relevant in this case. The first address is ftp.redhat.com The second one is ibiblio.org. The third one is a mirror of rpmfind.net So I would say no no reason for concern, someone is connecting to three ftp servers thats all. Kim Oppalfens -- Comment By: Lynn Avants (guitarlynn) Date: 2002-08-05 15:38 Message: Logged In: YES user_id=176069 Your LAN computer @192.168.1.1 is connecting to the telnet port of the remote ip addresses listed in the last column. Why this is happening depends on what is going on with you LAN computer. YOU are initiating this connection, not the remote host. I hope this helps, -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=587696group_id=13751 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-593730 ] wisp-dist hard drive
Support Requests item #593730, was opened at 2002-08-11 11:49 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=593730group_id=13751 Category: Release/Branch: Bering Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Vladimir Ivaschenko (hzdrus) Summary: wisp-dist hard drive Initial Comment: Can't I install wisp-dist on a regular hard drive? When I try to I get an init not found kernel panic. Try passing init= . I would like to add more features to the system and try it out before going through the steps of a flashdisk. Thank you, Tom Johnson -- Comment By: Mike Noyes (mhnoyes) Date: 2002-08-19 05:06 Message: Logged In: YES user_id=39521 Based on the most recent comment on this support request, it is our understanding that this matter has been addressed. Should you require further assistance from the LEAF project members, please submit a new support request. Thank you, leaf-project.org support -- Comment By: Vladimir Ivaschenko (hzdrus) Date: 2002-08-12 03:59 Message: Logged In: YES user_id=558953 Yes, just follow procedures for manual partitioning and installation as documented on the LEAF website's WISP-Dist section. -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=593730group_id=13751 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] wisp and dns/dhcp
I have two problem... 1) I can not ssh into my wisp box from the outside. It looks like my problem. 2) I can not resolve hostnames from my wisp box. Should dhcp supply my wisp box with dhs server and default gateway info ? Or should I enter it with wdistconfig ? I'm not sure I understand your problem exactly. 1) Where do you run ez-ipupdate? 2) From where you cannot ping? 3) To check whether SSH packets reach the WISP-Dist router, run tcpdump: tcpdump -n port 22 David Ondzes wrote: I am having trouble reaching my wisp box (v2290) from the outside via ssh. I currently have a SMC residential gateway sitting off of my cable modem. my wisp box is one of its dhcp clients with fixed ip address (192.168.0.22). I have the SMC setup to do virtual server, basically port forwarding. I have all traffic set to port 2006 redirected to my wisp box on port 22. I know sshd is working on wisp box because I can use putty and connect to it from an internal machine. I think it is a dns problem because ez-ipuodate complains about gethostbyname failing and I can not ping any sites by name. I have manually set the default gateway and dhcp server with wdistconfig with the information I get ipconfig /all on windows. Shouldn't I be getting dns and default gateway from the dhcp server ? Should I not set it manually ? If there are some commands I can run to make it easier to solve this problem please let me know. I have the ifconfig.lrp installed if that command produces better output then ip command. Thanks in advance for your help David Ondzes [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Systems Engineer (RHCE) David Ondzes [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] wisp and dns/dhcp
David Ondzes wrote: I have two problem... 1) I can not ssh into my wisp box from the outside. Did you run tcpdump as I suggested? It looks like my problem. 2) I can not resolve hostnames from my wisp box. Should dhcp supply my wisp box with dhs server and default gateway info ? Or should I enter it with wdistconfig ? Default gateway will be supplied by DHCP, however you have to enter DNS manually. I'm not sure I understand your problem exactly. 1) Where do you run ez-ipupdate? 2) From where you cannot ping? 3) To check whether SSH packets reach the WISP-Dist router, run tcpdump: tcpdump -n port 22 David Ondzes wrote: I am having trouble reaching my wisp box (v2290) from the outside via ssh. I currently have a SMC residential gateway sitting off of my cable modem. my wisp box is one of its dhcp clients with fixed ip address (192.168.0.22). I have the SMC setup to do virtual server, basically port forwarding. I have all traffic set to port 2006 redirected to my wisp box on port 22. I know sshd is working on wisp box because I can use putty and connect to it from an internal machine. I think it is a dns problem because ez-ipuodate complains about gethostbyname failing and I can not ping any sites by name. I have manually set the default gateway and dhcp server with wdistconfig with the information I get ipconfig /all on windows. Shouldn't I be getting dns and default gateway from the dhcp server ? Should I not set it manually ? If there are some commands I can run to make it easier to solve this problem please let me know. I have the ifconfig.lrp installed if that command produces better output then ip command. Thanks in advance for your help David Ondzes [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Systems Engineer (RHCE) David Ondzes [EMAIL PROTECTED] -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Backing up .lrp with Bering CD
Hi folks, I tried backing up .lrp packages from the main lrcfg menu by selecting option d, but unfortunately you get an Unknown package! error instead of being able to select your floppy drive. I then recreated another Bering CD with the package path statement in my isolinux.cfg file to look like- PKGPATH=/dev/cdrom:iso9660,/dev/fd0:msdos but that doesn't work either. Is there another way to enable your floppy drive as a backup destination option using a bootable CD??? Thank you...have a great week! Craig --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Anyone tried USR2415 card in Dachstein?
Hi, Wondered if anyone has tried the US Robotics 2415 combined PCI adapter and 802.11b PC Card in a Dachstein box? A post on Seattlewireless says this Prism 2.5 chipset card works with the deprecated wvlan_cs driver so I'm wondering if this will work on Dachstein, where there only seems to be a wavelan.o module. See: http://lrp.steinkuehler.net/files/diskimages/dachstein-CD/CD-Contents/lib/mo dules/net/ Manufacturer's page is: http://www.usrobotics.com/products/networking/wireless-product.asp?sku=USR2415 I'm seeing a $76 price on it - prior to $30 mail in rebate - at: http://www.ecost.com/ecost/shop/detail.asp?dpno=975350 Thanks! Lee --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Anyone tried USR2415 card in Dachstein?
Lee- I briefly had one working in WISP-DIST using the hostap_plx driver, BUT you need to upgrade the firmware on the card for all the goodies to work. I purchased the combo pack from TigerDirect for $80 which includes two PCI/Wifi cards (USR 2415 and 2445). They seem to be an Intersil 2.5 reference implementation and could probably be flashed with any Intersil firmware. The one strange thing is that the 2415 is a 5v part whereas the 2445 is a 3.3v part. Dunno why USR did this... Mine were shipped with firmware 0.7 or 0.8, USR has an upgrade to 1.03 availible. You, of course, need winblows to flash the card. Good luck. Z On Mon, 2002-08-19 at 10:41, Lee Kimber wrote: Hi, Wondered if anyone has tried the US Robotics 2415 combined PCI adapter and 802.11b PC Card in a Dachstein box? A post on Seattlewireless says this Prism 2.5 chipset card works with the deprecated wvlan_cs driver so I'm wondering if this will work on Dachstein, where there only seems to be a wavelan.o module. See: http://lrp.steinkuehler.net/files/diskimages/dachstein-CD/CD-Contents/lib/mo dules/net/ Manufacturer's page is: http://www.usrobotics.com/products/networking/wireless-product.asp?sku=USR2415 I'm seeing a $76 price on it - prior to $30 mail in rebate - at: http://www.ecost.com/ecost/shop/detail.asp?dpno=975350 Thanks! Lee --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] wisp and dns/dhcp
Hi Vladimir At 15:29 19.08.2002, you wrote: David Ondzes wrote: I have two problem... 1) I can not ssh into my wisp box from the outside. Did you run tcpdump as I suggested? It looks like my problem. 2) I can not resolve hostnames from my wisp box. Should dhcp supply my wisp box with dhs server and default gateway info ? Or should I enter it with wdistconfig ? Default gateway will be supplied by DHCP, however you have to enter DNS manually. Why is this so, when option domain-name-servers ip-address [, ip-address... ]; The domain-name-servers option specifies a list of Domain Name System (STD 13, RFC 1035) name servers available to the client. Servers should be listed in order of preference. Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-597193 ] Commercial Support
Support Requests item #597193, was opened at 2002-08-19 08:15 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=597193group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Commercial Support Initial Comment: What is the commercial support that the features document stated? (Noted below) Support Vast resources, and HOWTO's. Active mailing list. Commercial software support and hardware solutions available. Bobby -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=597193group_id=13751 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] wisp and dns/dhcp
Default gateway will be supplied by DHCP, however you have to enter DNS manually. Why is this so, when option domain-name-servers ip-address [, ip-address... ]; The domain-name-servers option specifies a list of Domain Name System (STD 13, RFC 1035) name servers available to the client. Servers should be listed in order of preference. Yes, DHCP server can send the DNS settings, however in WISP-Dist pump is run with -d command. If you want you can modify the /etc/network/ifup script and remove -d option from pump parameters. Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Backing up .lrp with Bering CD
Hello Craig , in the backup menu the options provided directly are only the one you are booting or getting package from. It is however no problem to backup to another medium To backup for example package 3 to a floppy do the following in the backup menu d 3 Set Backup Destination 1) fd0u1680 msdos c) custom destination q) quit selection: c Device [fd0]: now you put in the device name without any /dev stuff before. to backup to a 1,44 floppy in drive 2 ( /dev/fd1u1440) Device [fd0]: fd1u1440 Filesystem : msdos now you will return to the backup menu wit fd1u1440 as backup device. Something to improve is take the new medium in the device to choose ( uptome ;) ) PS it could be interesting for you to do a partial backup, only write the configuration files to disk Good Luck Eric Wolzak member of the bering crew Hi folks, I notice that I don't have an option to back up packages to a floppy disk from the main menu with my Bering CD. Do I need to modify my isolinux.cfg file and somehow add a /dev/fd0 entry to allow for this or is there something else I need to do? Below is my isolinux.cfg file entries. Thank you. Craig display syslinux.dpy timeout 0 default linux initrd=initrd.lrp init=/linuxrc root=/dev/ram0 boot=/dev/cdrom:iso9660 PKGPATH=/dev/cdrom:iso9660 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-597193 ] Commercial Support
Support Requests item #597193, was opened at 2002-08-19 08:15 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=597193group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Commercial Support Initial Comment: What is the commercial support that the features document stated? (Noted below) Support Vast resources, and HOWTO's. Active mailing list. Commercial software support and hardware solutions available. Bobby -- Comment By: Mike Noyes (mhnoyes) Date: 2002-08-19 08:35 Message: Logged In: YES user_id=39521 Interesting. We may want to remove the last sentence from docid 1397. However, we have links to hardware vendors, and some of our members offer consulting services. Maybe this change would be appropriate: Hardware solutions and consulting services are available. Opinions or suggestions are welcome. ref. docid 1379 http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/doc/docmanager/ hardware vendors http://leaf-project.org/links.php?op=viewlinkcid=8 -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=597193group_id=13751 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Completely clearing portfw rules
I am having a problem on eigerstein and ipchains concerning port forwarding tables. There is an amateur radio app called echolink that is basically Speak Freely VOiP. It uses udp ports 5198 5199 for audio and control. On my leaf I normally have those ports portfw'ed to my 192.168.2.235 Windows laptop, echolink only runs on Windows. I am porting the app to Linux on my 192.168.2.205 machine. Ok, I want to test it. I ipmasqadm portfw -f to clear the rules forwarding udp 5198/99 to .235 and re-enter the rules to port forward the ports to .205. Now this is the strange part. If I haven't had much traffic with another external IP address on those ports when forwarding was to .235, everything is fine, 5198/99 packets now go to .205. However, if I had already received a number of packets from another host, the udp 5198/99 packets from that host host STILL go to the .235 Windows machine. Doing a ipmasqadm portfw -l shows no rules to forward ANYTHING to .235. But, they still go to .235 and 5198/98 packets from other hosts go to .205! !! I have to restart the LEAF box to get ALL 5198/99 packets to go to the .205 machine. Am I missing something about how to completely clear the rules tables? -- Jeff [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] LCDproc package for Bering
Hi! As I replied earlier to a LCD related question, I have for compiled lcdproc from the stable branch. It is available for download at: http://www.geocities.com/lfcorreia/lcd.lrp.tgz http://www.geocities.com/lfcorreia/lcd.lrp.tgz Please remove the '.TGZ' extension as Geocities does not allow it. There are two main places to change config, one in the startup script for the client, lcdproc and other in the lcdd.conf file for the server. I know, I should have made a proper webpage but I have not had the time to properly activate my developer area... Vacation spoils a lot of things :) Luis Correia PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 Key Server: http://pgp.mit.edu http://pgp.mit.edu --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Backing up .lrp with Bering CD
On Mon, 19 Aug 2002, Craig wrote: Hi folks, I tried backing up .lrp packages from the main lrcfg menu by selecting option d, but unfortunately you get an Unknown package! error instead of being able to select your floppy drive. No, I don't. _I_ enter d etc and then return, and it brings up a menu. I then recreated another Bering CD with the package path statement in my isolinux.cfg file to look like- PKGPATH=/dev/cdrom:iso9660,/dev/fd0:msdos but that doesn't work either. Maybe not in isolation... Is there another way to enable your floppy drive as a backup destination option using a bootable CD??? Did you declare forward or reverse preference in your pkgpath.lrp file? http://leaf-project.org/devel/jnilo/bubooting.html Thank you...have a great week! You too. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] wisp and dns/dhcp
So if I want dns information from my dhcp server then I just need to modify ifup script. What do I need to do in wdistconfig ? Do I leave the dns default gateway entry blank ? --- Vladimir I. [EMAIL PROTECTED] wrote: Default gateway will be supplied by DHCP, however you have to enter DNS manually. Why is this so, when option domain-name-servers ip-address [, ip-address... ]; The domain-name-servers option specifies a list of Domain Name System (STD 13, RFC 1035) name servers available to the client. Servers should be listed in order of preference. Yes, DHCP server can send the DNS settings, however in WISP-Dist pump is run with -d command. If you want you can modify the /etc/network/ifup script and remove -d option from pump parameters. Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html __ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Completely clearing portfw rules
On Mon, 19 Aug 2002, Jeff wrote: I am having a problem on eigerstein and ipchains concerning port forwarding tables. There is an amateur radio app called echolink that is basically Speak Freely VOiP. It uses udp ports 5198 5199 for audio and control. On my leaf I normally have those ports portfw'ed to my 192.168.2.235 Windows laptop, echolink only runs on Windows. I am porting the app to Linux on my 192.168.2.205 machine. Ok, I want to test it. I ipmasqadm portfw -f to clear the rules forwarding udp 5198/99 to .235 and re-enter the rules to port forward the ports to .205. Now this is the strange part. If I haven't had much traffic with another external IP address on those ports when forwarding was to .235, everything is fine, 5198/99 packets now go to .205. However, if I had already received a number of packets from another host, the udp 5198/99 packets from that host host STILL go to the .235 Windows machine. Doing a ipmasqadm portfw -l shows no rules to forward ANYTHING to .235. But, they still go to .235 and 5198/98 packets from other hosts go to .205! !! I have to restart the LEAF box to get ALL 5198/99 packets to go to the .205 machine. Am I missing something about how to completely clear the rules tables? I don't think so. What you seem to be missing is the difference between forwarding rules and masquerading connections. I don't know of a way to clear out the masquerading connections with ipchains, but you can change the timeout values with ipchains -M -S tcp tcpfin udp Another puzzle is how to query what the actual timeout values _are_... I only know how to change the values. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Backing up .lrp with Bering CD
Hi Craig, Read again my two or three last messages for you... You will finished to have the same files as me ! Best Regards, Francois BERGERET, France. -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]De la part de Craig Envoye : lundi 19 aout 2002 15:42 A : LEAF Objet : [leaf-user] Backing up .lrp with Bering CD Hi folks, I tried backing up .lrp packages from the main lrcfg menu by selecting option d, but unfortunately you get an Unknown package! error instead of being able to select your floppy drive. I then recreated another Bering CD with the package path statement in my isolinux.cfg file to look like- PKGPATH=/dev/cdrom:iso9660,/dev/fd0:msdos but that doesn't work either. Is there another way to enable your floppy drive as a backup destination option using a bootable CD??? Thank you...have a great week! Craig --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] DHCP Leases
I'm running Bering RC3. I have an internal net that my fw is supplying dhcp
service to on eth3. I also need to get a dhcp lease on my INTERNET access
connections (eth0, eth1 and eth4). They are supposed to be a 2 year lease
(sorta static-IP). Eth4 seems to be getting the 2 year lease, eth0 and eth1
lose their IP# after 12 hours.
Right now I'm running both pump and dhcpd packages.
My ISP is telling me - Looking at the DHCP log, it appears that a 2 year
lease is assigned, then quickly changed to 12 hours. They made a couple of
changes on the scope, but we can't figure out why you are the only one with
these symptoms.
Where can I see the information (Lease duration) that I am being given?
Is it possible that the Bering fw is modifying the lease time?
Thanks,
Harold Miller
--
/etc/pump.conf contains:
retries 3
script /etc/pump.shorewall
device eth0 {
nodns
}
device eth1 {
nodns
}
device eth4 {
nodns
}
-
/etc/dhcpd.conf contains:
dynamic-bootp-lease-length 604800;
max-lease-time 1209600;
subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.254;
option domain-name private.network;
option domain-name-servers 192.168.2.254,66.169.254.29,66.169.254.30;
range 192.168.2.1 192.168.2.199;
}
---
/etc/default/pump contains:
IFACES=eth0,eth1,eth4
/etc/network/interfaces contains:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet dhcp
auto eth2
iface eth2 inet static
address 192.168.10.254
masklen 24
broadcast 192.168.10.255
auto eth3
iface eth3 inet static
address 192.168.2.254
masklen 24
broadcast 192.168.2.255
auto eth4
iface eth4 inet static
address 68.116.40.4
masklen 24
broadcast 68.116.40.255
gateway 68.116.40.1
---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Completely clearing portfw rules
On Monday 19 August 2002 11:35, Jeff wrote: I have to restart the LEAF box to get ALL 5198/99 packets to go to the .205 machine. Am I missing something about how to completely clear the rules tables? Are you give the command: svi ipfilter reload This flushes the filtering rules and reloads them. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Unknown traffic on firewall
This would make an excellent FAQ. If one of you would like to write it up and finish it, I would be more than willing to format it and submit it. On Monday 19 August 2002 01:34, Jeff Newmiller wrote: On Sun, 18 Aug 2002, Greg Morgan wrote: Manfred Schuler wrote: Hi all, in the last few weeks I discovered some unknown traffic on my firewall. I inserted a rule to log all traffic on the input and output chains and found that the incoming packet is neither rejected nor denied, but answered by the firewall. I am using a stock eigerstein2beta firewall with no port redirection and no additional ports opened. What I don't understand is why the packets are not denied and who is responding to this packets. snip Manfred, I've never seen these ports before, but hey with 65K available port numbers, there are all kinds of services available. ;-) I was curious so I spent some time looking into your question. I may or may not have answered the question for you, but I guess it did give me a chance to get up on the soap box. :- (evil grin) Careful... it looks unsteady up there... don't use a weak foundation... A port is also called a service. Not correctly. A service is the program that responds when the port is accessed. The services are defined in /etc/services. This file defines your mapping of services to ports. The fact that we usually stick with the one provided is beside the point, and we (and certainly the untrusted masses out there) may choose to modify it at any time, so all our interpolations from ports in the firewall log is just overly-educated guesswork. :) A protocol, which you failed to define in context... tcp and udp are the most common protocols in the Internet Protocol sense of the word, and if you are only interested in vanilla internet activity it is easy to forget that others exist that don't even include the concept of ports. Many people also regard http and ftp and CIFS as protocols, but that is a confusingly different usage of the term than the one you are referring to. The only way to be sure which protocols help define a socket is to refer to the software documentation for your networking stack, because sockets are not limited even to the Internet Protocol... they can be used with Appletalk, IPX, or even internal communications methods that are not network related. plus, a port number, and an ip address equals a socket that an application uses to talk to another application. Via tcp or udp. Other protocols may omit the port and still have sockets. In fact, the ports defined by udp may be assigned to completely different services than the ports defined by tcp, though in the typical case for a given port number only the tcp or udp version is actually used and the other is reserved to avoid confusion. All this information is supplied in case you didn't know this. The socket is a software construct that is not really necessary to understand in order to read a firewall log. Nice background if you know it, but not germane to any of the points you make after this, regrettably confusing if described correctly, and unfortunately wrong if presented too simplistically. I'd say that you didn't realize that you are running some sort of peer to peer file sharing service, or you are running one and didn't know the mechanics of how it works. Perhaps you are running Kazaa? I think you are on target from this point forward. [Very nice subsequent analysis based on ip addresses and ports omitted.] - -- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k - -- --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 - --- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390
Re: [leaf-user] Unknown traffic on firewall
I think it's already covered in the Firewall FAQ, but I agree that Greg's coverage of sockets would be helpful. Perhaps a diff to the firewall FAQ? Jack On Mon, 2002-08-19 at 11:45, guitarlynn wrote: This would make an excellent FAQ. If one of you would like to write it up and finish it, I would be more than willing to format it and submit it. On Monday 19 August 2002 01:34, Jeff Newmiller wrote: On Sun, 18 Aug 2002, Greg Morgan wrote: Manfred Schuler wrote: Hi all, in the last few weeks I discovered some unknown traffic on my firewall. I inserted a rule to log all traffic on the input and output chains and found that the incoming packet is neither rejected nor denied, but answered by the firewall. I am using a stock eigerstein2beta firewall with no port redirection and no additional ports opened. What I don't understand is why the packets are not denied and who is responding to this packets. snip Manfred, I've never seen these ports before, but hey with 65K available port numbers, there are all kinds of services available. ;-) I was curious so I spent some time looking into your question. I may or may not have answered the question for you, but I guess it did give me a chance to get up on the soap box. :- (evil grin) Careful... it looks unsteady up there... don't use a weak foundation... A port is also called a service. Not correctly. A service is the program that responds when the port is accessed. The services are defined in /etc/services. This file defines your mapping of services to ports. The fact that we usually stick with the one provided is beside the point, and we (and certainly the untrusted masses out there) may choose to modify it at any time, so all our interpolations from ports in the firewall log is just overly-educated guesswork. :) A protocol, which you failed to define in context... tcp and udp are the most common protocols in the Internet Protocol sense of the word, and if you are only interested in vanilla internet activity it is easy to forget that others exist that don't even include the concept of ports. Many people also regard http and ftp and CIFS as protocols, but that is a confusingly different usage of the term than the one you are referring to. The only way to be sure which protocols help define a socket is to refer to the software documentation for your networking stack, because sockets are not limited even to the Internet Protocol... they can be used with Appletalk, IPX, or even internal communications methods that are not network related. plus, a port number, and an ip address equals a socket that an application uses to talk to another application. Via tcp or udp. Other protocols may omit the port and still have sockets. In fact, the ports defined by udp may be assigned to completely different services than the ports defined by tcp, though in the typical case for a given port number only the tcp or udp version is actually used and the other is reserved to avoid confusion. All this information is supplied in case you didn't know this. The socket is a software construct that is not really necessary to understand in order to read a firewall log. Nice background if you know it, but not germane to any of the points you make after this, regrettably confusing if described correctly, and unfortunately wrong if presented too simplistically. I'd say that you didn't realize that you are running some sort of peer to peer file sharing service, or you are running one and didn't know the mechanics of how it works. Perhaps you are running Kazaa? I think you are on target from this point forward. [Very nice subsequent analysis based on ip addresses and ports omitted.] - -- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k - -- --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 - --- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the
Re: [leaf-user] Unknown traffic on firewall
Whoops, sorry Jack sending to the list On Monday 19 August 2002 13:53, Jack Coates wrote: I think it's already covered in the Firewall FAQ, but I agree that Greg's coverage of sockets would be helpful. Perhaps a diff to the firewall FAQ? Good idea! I'll look into it! -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Backing up .lrp with Bering CD
Hi Craig, Francois, Jeff and list
To change a destination you have to specify for what package you want
a different backup.
So d followed by the name or the number of the package.
To backup etc you have to put:
Selection d 3
then you will have the destination available.
I mentioned in my previous post that a custom destination is not saved
and so it doesn't show up the next time you want to change a
destination.
I have a fix for this that will be included in the next release
change
/usr/bin/lrcfg.back
in function SetDest()
line 132: change
qt mv $CONFF $CONFB
sed ${PKGn}s:=.*\$:=-t $FS /dev/$DEV: $CONFB $CONFF
qt rm $CONFB
---
to
qt mv $CONFF $CONFB
sed ${PKGn}s:=.*\$:=-t $FS /dev/$DEV: $CONFB $CONFF
if ! `grep -q $DEV $FS $LRPKG/pkgpath.disks`;then
echo $DEV $FS $LRPKG/pkgpath.disks
fi
qt rm $CONFB
in Text if the backup device $FS is not yet in the pkgpath disk than
insert it.
.
Backup root.lrp after this change.
Attention this is only necessary to keep the custom destination also for
the next package. Backing up does function allready
Regards
Eric Wolzak
member of ther Bering team
Hi folks,
I tried backing up .lrp packages from the main lrcfg menu by selecting
option d, but unfortunately you get an Unknown package! error
instead of being able to select your floppy drive. I then recreated
another Bering CD with the package path statement in my isolinux.cfg
file to look like- PKGPATH=/dev/cdrom:iso9660,/dev/fd0:msdos but that
doesn't work either. Is there another way to enable your floppy drive as
a backup destination option using a bootable CD??? Thank you...have a
great week!
Craig
---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
---
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] More bering/ipsec questions
Hello all, I've got bering 1.0rc3 with ipsec509 up and running off a dual floppy install, but I'm having a bit of trouble. I'm using SSH Sentinal to connect from a win98 machine, and on the first connection, it works great; however, any connection attempts after that fail until I reset the firewall. Auth.log reports the following from the failed attempts: -- Aug 18 12:27:09 firewall Pluto[4101]: ERROR: roadwarrior 207.137.114.112 #8: sendto on eth0 to 207.137.114.112:500 failed in STATE_MAIN_R0. Errno 1: Operation not permitted Aug 18 12:27:14 firewall Pluto[4101]: ERROR: roadwarrior 207.137.114.112 #3: sendto on eth0 to 207.137.114.112:500 failed in EVENT_RETRANSMIT. Errno 1: Operation not permitted -- I've read (from guitarlynn's docs) that using leftfirewall=yes in the ipsec.conf can cause dropped tunnels to hang. Can this be what is happening here? If so, what manual rules should be added to shorewall to support ipsec connections? Thanks, -Jeff Lush --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] More bering/ipsec questions
On Mon, 19 Aug 2002, Jeff Lush wrote: Hello all, I've got bering 1.0rc3 with ipsec509 up and running off a dual floppy install, but I'm having a bit of trouble. I'm using SSH Sentinal to connect from a win98 machine, and on the first connection, it works great; however, any connection attempts after that fail until I reset the firewall. Auth.log reports the following from the failed attempts: -- Aug 18 12:27:09 firewall Pluto[4101]: ERROR: roadwarrior 207.137.114.112 #8: sendto on eth0 to 207.137.114.112:500 failed in STATE_MAIN_R0. Errno 1: Operation not permitted Aug 18 12:27:14 firewall Pluto[4101]: ERROR: roadwarrior 207.137.114.112 #3: sendto on eth0 to 207.137.114.112:500 failed in EVENT_RETRANSMIT. Errno 1: Operation not permitted -- I've read (from guitarlynn's docs) that using leftfirewall=yes in the ipsec.conf can cause dropped tunnels to hang. Can this be what is happening here? If so, what manual rules should be added to shorewall to support ipsec connections? http://www.shorewall.net/IPSEC.htm. PLEASE folks -- at least _try_ to find this kind of thing on the Shorewall site before posting. -Topm -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Backing up .lrp with Bering CD
Hey Eric, That sounds great! I won't hold you to it...but when do you think that may be updated in Bering? Will you post to the group so we'll know? Thank you! Craig --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Backing up .lrp with Bering CD
Hi all folks ! Cool Eric, This will be a good features for the future Bering release. I have not noted this little desagrement before your explanation... This must be help some guys, isn'it Craig ;-)) Thanks for your effort to explain us your script ! Best Regards, Francois BERGERET, France. -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]De la part de Eric Wolzak Envoye : lundi 19 aout 2002 21:33 A : [EMAIL PROTECTED]; [EMAIL PROTECTED] Objet : RE: [leaf-user] Backing up .lrp with Bering CD Hi Craig, Francois, Jeff and list ... SNIP SNIP SNIP ... --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Apache Web Server Behind Private DMZ
Thanks Jeff, I can stop banging my head against the wall now. Robert -Original Message- From: Jeff Newmiller [mailto:[EMAIL PROTECTED]] Sent: Sunday, August 18, 2002 7:15 PM To: Robert Williams Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] Apache Web Server Behind Private DMZ On Sun, 18 Aug 2002, Robert Williams wrote: Hi all, I am attempting to set up an apache web server on a DMZ. I am using Dachstien 1.02 which has been working flawlessly for months and months. My question is this. I am I supposed to be able to access my web server from my private network via the external IP address? No, you are not supposed to be able to. If I should be able to I have a config problem that I just can't figure out. You don't. Use the internal address from internal clients. Use your own internal dns server (such as tinydns) to lie about the ip address of the external name to your internal clients if you need to. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] IPSec doesn't found public interface - RESOLVED -
Hi Chad, Thanks for your corrected /usr/lib/ipsec/_startklips file. It is ok now. But I have another error, may be a bad parameter in my IPSec config files. I have not the time this days to check it more... I will start another request thread whan I will seen what is the problem. Thanks for your efforts. Best Regards, Francois BERGERET, France. Chad Carr [EMAIL PROTECTED] # BEGIN /usr/lib/ipsec/_startklips # #!/bin/sh # KLIPS startup script # Copyright (C) 1998, 1999, 2001, 2002 Henry Spencer. # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the # Free Software Foundation; either version 2 of the License, or (at your # option) any later version. See http://www.fsf.org/copyleft/gpl.txt. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # RCSID $Id: _startklips,v 1.6.2.6 2002/06/21 05:05:01 mcr Exp $ ... SNIP SNIP SNIP ... --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Backing up .lrp with Bering CD
Hi Eric, You'd probably spot this on your own, but I just wanted to let you know that you have a typographical error in your script syntax...you have if the backup device $FS is not yet in the pkgpath disk than insert it., but it should be if the backup device $FS is not yet in the pkgpath disk then insert it. (then instead of than). Have a great week! :-) Craig --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] WISP-Dist issues
I made the sleep change, which worked. However I now have a new problem. The wireless signal flakes whenever there is a load on it. My SNR jumps from 13 to 4 and I start dropping packets. I tried using a new card thinking it was a firmware issue, but get the same results. Does the distro have a wvlan_cs driver or strickly the orinoco_cs? Thanks, -Tom - Original Message - From: Vladimir I. [EMAIL PROTECTED] To: Thomas Johnson [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Sunday, August 18, 2002 1:40 PM Subject: Re: [leaf-user] WISP-Dist issues Thomas Johnson wrote about Re: [leaf-user] WISP-Dist issues: Ok, I installed the new distro. It fixed the default gateway device, but I still have the latter issues: /sbin/parproute stop /etc/init.d/parpbridge stop /etc/init.d/parpbridge start I have to run these commands after login in order to bridge between the two interfaces. I assume it is because the network starts before the pcmcia does, which is my wireless card. Can I move the pcmcia startup so that it starts before the network does, and if so how? I think this would resolve the issue. Hmm, parpbridge is started with a level of 15; PCMCIA is on the level 13. However cardmgr goes into background, may be there is not enough time before parprouted started. Add sleep 3 before the line echo -n parprouted start-stop-daemon --start --quiet --exec /sbin/parprouted $IFACES in the start section of /etc/init.d/parpbridge. Please let me know if it will help. Thanks, -Tom - Original Message - From: Vladimir I. [EMAIL PROTECTED] To: Thomas Johnson [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Sunday, August 18, 2002 10:46 AM Subject: Re: [leaf-user] WISP-Dist issues Thomas Johnson wrote about [leaf-user] WISP-Dist issues: First let me commend the people who did this distro. Works very well. Thanks. :) /etc/init.d/parpbridge start Once I do that all works great, which is an accomplishment as I am using an Orinoco card that everyone says can't do bridging. That is a known issue with the 2290 image. 2312 test image, available from http://www.hazard.maks.net/wisp-dist/downloads, should fix this problem as it explicitly asks for a default gateway interface during network configuration. Please try it (you will have to reselect default gateway). -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Repetitive firewall message
Hi folks, I get, sometimes, dozens of this firewall message- Aug 19 13:43:38 clonebox kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:20:40:3f:e8:43:08:00 SRC=192.168.100.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0xC0 TTL=1 ID=0 PROTO=2 and I'm not sure if it's something I should be concerned with or not. Also, is there any good information ( web site, book, etc.) that anyone's aware of that might help me understand, piece by piece, what my firewall log messages mean? Thank you as always! Craig --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Repetitive firewall message
On Mon, 19 Aug 2002, Craig wrote: Hi folks, I get, sometimes, dozens of this firewall message- Aug 19 13:43:38 clonebox kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= MAC=01:00:5e:00:00:01:00:20:40:3f:e8:43:08:00 SRC=192.168.100.1 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0xC0 TTL=1 ID=0 PROTO=2 and I'm not sure if it's something I should be concerned with or not. Also, is there any good information ( web site, book, etc.) that anyone's aware of that might help me understand, piece by piece, what my firewall log messages mean? Thank you as always! It's your cable modem (or whatever you have hanging off the front of your firewall). The solution is the same as listed in FAQ # 14 (http://www.shorewall.nat/FAQ.htm#faq14). -Tom -- Tom Eastep\ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Netstat missing?
Hey all, I just started using WISP and I was a bit astonished to see that netstat is no where to be found on the WISP distribution. It's just a bit disconcerting to me not to be able to list all the active connection information. Anyone have a suggestion or a workaround? Thanks, Pat --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Netstat missing?
On Mon, 19 Aug 2002 18:30:35 -0400 you wrote: Hey all, I just started using WISP and I was a bit astonished to see that netstat is no where to be found on the WISP distribution. It's just a bit disconcerting to me not to be able to list all the active connection information. Anyone have a suggestion or a workaround? Probably not the best workaround, but you can cat /proc/net/netstat to get the raw data. There's also a netstat.lrp listed in http://leaf.sourceforge.net/pub/packages-list.txt at http://leaf-project.org/devel/ddouthitt/packages/netstat.lrp . IIRC, it works fine with Bering. --Brad --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Unknown traffic on firewall
On 19 Aug 2002, Jack Coates wrote: I think it's already covered in the Firewall FAQ, but I agree that Greg's coverage of sockets would be helpful. Perhaps a diff to the firewall FAQ? What FAQ? I am not familiar with this Firewall FAQ. Jack On Mon, 2002-08-19 at 11:45, guitarlynn wrote: This would make an excellent FAQ. If one of you would like to write it up and finish it, I would be more than willing to format it and submit it. I think there were a series of issues here, so there may be a series of FAQs. On Monday 19 August 2002 01:34, Jeff Newmiller wrote: On Sun, 18 Aug 2002, Greg Morgan wrote: Manfred Schuler wrote: Hi all, in the last few weeks I discovered some unknown traffic on my firewall. I inserted a rule to log all traffic on the input and output chains and found that the incoming packet is neither rejected nor denied, but answered by the firewall. I am using a stock eigerstein2beta firewall with no port redirection and no additional ports opened. What I don't understand is why the packets are not denied and who is responding to this packets. snip Manfred, I've never seen these ports before, but hey with 65K available port numbers, there are all kinds of services available. ;-) I was curious so I spent some time looking into your question. I may or may not have answered the question for you, but I guess it did give me a chance to get up on the soap box. :- (evil grin) Careful... it looks unsteady up there... don't use a weak foundation... A port is also called a service. Not correctly. A service is the program that responds when the port is accessed. Q: What is a port? A: In the Transmission Control Protocol (TCP) and Unreliable Datagram Protocol (UDP) protocols commonly used within the Internet Protocol (IP), a port is a number used to help distinguish the origin and/or destinations of packets. Ports are related to IP addresses in a manner similar to the way apartment numbers are related to the address of the apartment building. Q: What is a service? A: A service is a program that responds when communication (one or more packets) arrives at the destination ip with a particular port number. For example, the Apache web server may be configured to respond to tcp packets that specify destination port 80. Alternatively, the sh-httpd web server may be used instead, with essentially similar results. More confusingly, the sshd Secure Shell Daemon may be configured to respond to port 80, though this will naturally yield very different results. This might be done by a LEAF user to let her get out of a particularly constrictive firewall at work that allows web browsing but denies outbound ssh connections to their typical port 22 destination. Whether this is a danger to the work network depends on what this user does with this connection. The services are defined in /etc/services. This file defines your mapping of services to ports. The fact that we usually stick with the one provided is beside the point, and we (and certainly the untrusted masses out there) may choose to modify it at any time, so all our interpolations from ports in the firewall log is just overly-educated guesswork. :) Q: What is /etc/services? A: This file is used to define a mapping between tcp and udp port numbers, and short names for the services that typically respond at those ports. Note that this file does not indicate which services actually respond to those ports, since that is defined by starting the various programs that provide those services. Many programs refer to this file when you are expected to specify a port number, so that you can specify the text name of the service as a syntactic convenience rather than typing a number. A protocol, which you failed to define in context... tcp and udp are the most common protocols in the Internet Protocol sense of the word, and if you are only interested in vanilla internet activity it is easy to forget that others exist that don't even include the concept of ports. Many people also regard http and ftp and CIFS as protocols, but that is a confusingly different usage of the term than the one you are referring to. The only way to be sure which protocols help define a socket is to refer to the software documentation for your networking stack, because sockets are not limited even to the Internet Protocol... they can be used with Appletalk, IPX, or even internal communications methods that are not network related. Q: What is a protocol? A: In the context of firewalls, a protocol is an agreed language by which information may be exchanged. Typically, operating system software must peel off the packet wrapper information one layer at a time, keeping track of which protocol is wrapped using information found in the wrapper (header), and as necessary
Re: [leaf-user] Unknown traffic on firewall
On Mon, 2002-08-19 at 17:25, Jeff Newmiller wrote: On 19 Aug 2002, Jack Coates wrote: I think it's already covered in the Firewall FAQ, but I agree that Greg's coverage of sockets would be helpful. Perhaps a diff to the firewall FAQ? What FAQ? I am not familiar with this Firewall FAQ. http://www.monkeynoodle.org/lrp/lrp-firewall-faq.html of course :-) However, I just looked for it under the leaf.sourceforge.net documents tree and cannot find it. I will see what I can do about fixing that tonight... Jack On Mon, 2002-08-19 at 11:45, guitarlynn wrote: This would make an excellent FAQ. If one of you would like to write it up and finish it, I would be more than willing to format it and submit it. I think there were a series of issues here, so there may be a series of FAQs. On Monday 19 August 2002 01:34, Jeff Newmiller wrote: On Sun, 18 Aug 2002, Greg Morgan wrote: Manfred Schuler wrote: Hi all, in the last few weeks I discovered some unknown traffic on my firewall. I inserted a rule to log all traffic on the input and output chains and found that the incoming packet is neither rejected nor denied, but answered by the firewall. I am using a stock eigerstein2beta firewall with no port redirection and no additional ports opened. What I don't understand is why the packets are not denied and who is responding to this packets. snip Manfred, I've never seen these ports before, but hey with 65K available port numbers, there are all kinds of services available. ;-) I was curious so I spent some time looking into your question. I may or may not have answered the question for you, but I guess it did give me a chance to get up on the soap box. :- (evil grin) Careful... it looks unsteady up there... don't use a weak foundation... A port is also called a service. Not correctly. A service is the program that responds when the port is accessed. Q: What is a port? A: In the Transmission Control Protocol (TCP) and Unreliable Datagram Protocol (UDP) protocols commonly used within the Internet Protocol (IP), a port is a number used to help distinguish the origin and/or destinations of packets. Ports are related to IP addresses in a manner similar to the way apartment numbers are related to the address of the apartment building. Q: What is a service? A: A service is a program that responds when communication (one or more packets) arrives at the destination ip with a particular port number. For example, the Apache web server may be configured to respond to tcp packets that specify destination port 80. Alternatively, the sh-httpd web server may be used instead, with essentially similar results. More confusingly, the sshd Secure Shell Daemon may be configured to respond to port 80, though this will naturally yield very different results. This might be done by a LEAF user to let her get out of a particularly constrictive firewall at work that allows web browsing but denies outbound ssh connections to their typical port 22 destination. Whether this is a danger to the work network depends on what this user does with this connection. The services are defined in /etc/services. This file defines your mapping of services to ports. The fact that we usually stick with the one provided is beside the point, and we (and certainly the untrusted masses out there) may choose to modify it at any time, so all our interpolations from ports in the firewall log is just overly-educated guesswork. :) Q: What is /etc/services? A: This file is used to define a mapping between tcp and udp port numbers, and short names for the services that typically respond at those ports. Note that this file does not indicate which services actually respond to those ports, since that is defined by starting the various programs that provide those services. Many programs refer to this file when you are expected to specify a port number, so that you can specify the text name of the service as a syntactic convenience rather than typing a number. A protocol, which you failed to define in context... tcp and udp are the most common protocols in the Internet Protocol sense of the word, and if you are only interested in vanilla internet activity it is easy to forget that others exist that don't even include the concept of ports. Many people also regard http and ftp and CIFS as protocols, but that is a confusingly different usage of the term than the one you are referring to. The only way to be sure which protocols help define a socket is to refer to the software documentation for your networking stack, because sockets are not limited even to the Internet Protocol... they can be used with Appletalk, IPX, or even internal communications
[leaf-user] Booting from hard disk.
Hi all: I guess this is an often asked question. I'm trying to prepare a hdd for bering boot. I booted the system from a floppy, loaded ide-mod.o, ide-disk.o and ide-probe-mod.o into /boot/lib/modules, enumerated them in /boot/etc/modules. I did a manual insmod and then am able to mount the hdd. Did syslinux, xfr of linux and edited syslinux.cfg to point pkgpath and boot to /dev/hda1. I backed up the current config using d l chda1:msdos and the package got backed up fully. I edited linuxrc to show verbose messages before backing up. When I boot, the boot device is not recognised. The system hangs after generating /dev directory and trying to load boot. Obviously, the disk is not getting recognised. Since the system is going to linuxrc, ide drivers would have got loaded after initrd. In may earlier attempt I got errors here as I had included the .o extension in the /boot/etc/modules file. Thus I know the drivers are getting loaded now - no error msgs. Maybe /dev/hda1 is not accessible! Why? I can mount and access thro' commandline. Thanks in advance. I guess I'm missing something simple or trivial. I followed bubooting.html in the bering site. Mohan --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] wisp and dns/dhcp
The domain-name-servers option specifies a list of Domain Name System (STD 13, RFC 1035) name servers available to the client. Servers should be listed in order of preference. Yes, DHCP server can send the DNS settings, however in WISP-Dist pump is run with -d command. If you want you can modify the /etc/network/ifup script and remove -d option from pump parameters. I modified ifup as you suggested and removed the entries in wdistconfig, saveconfig and rebooted and still can not resolve any names.ping is say host lookup named failed. BTW - is there a script package for LEAF ? Any ideas what could be wrong ? My windows box, which is also a dhcp client has no problem resolving hostnames. David Ondzes [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
script.lrp package (was: [leaf-user] wisp and dns/dhcp)
On Mon, 19 Aug 2002 22:46:24 -0400 David Ondzes wrote: BTW - is there a script package for LEAF ? I'll bite: http://www.google.com/search?q=script.lrp - http://www.monkeynoodle.org/lrp/lrp/packages/sys-utils - http://www.monkeynoodle.org/lrp/lrp/packages/sys-utils/script.lrp or: http://leaf-project.org/pub/packages-list.html - http://leaf-project.org/devel/ddouthitt/packages/ - http://leaf-project.org/devel/ddouthitt/packages/script.lrp *But*, they're both compiled for glibc 2.1: tar tvfz /tmp/script.lrp | grep 2.1.3.so -rwxr-xr-x root/root 8892 2001-08-31 22:56:08 usr/lib/libutil-2.1.3.so so they won't work on on a stock Bering install: # script script: error in loading shared libraries /usr/lib/libutil.so.1: undefined symbol: getpt Sorry. Might be a nice package to have. I wonder if someone with a glibc 2.0 development system handy would be willing to compile it for glibc 2.0? ;) --Brad --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] More bering/ipsec questions
On Mon, 19 Aug 2002 13:07:45 -0700 (PDT) Tom Eastep [EMAIL PROTECTED] wrote: http://www.shorewall.net/IPSEC.htm. PLEASE folks -- at least _try_ to find this kind of thing on the Shorewall site before posting. Hey! I have a crazy idea! Why don't Lynn and I point to your site in our docs? -- Chad Carr [EMAIL PROTECTED] --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
