Re: [leaf-user] block internet access except the email

[Liu Mei]

Thank you very much, Ray.

 To do what you want, you need to switch to using a
 proxy server on the 
 firewall, and blocking ALL direct access. This will
 let the firewall (or 
 whatever host runs the proxy server) allow or deny
 access based on URL, not 
 IP address. The well-known proxy servers are Squid
 and Junkbuster; there 
 has been at least one recent thread about Squid on
 this list.

I think I'd better use a proxy server instead of using
firewall rules.

Kind Regards,

Liumei

__
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos  More
http://faith.yahoo.com


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] 1680 floppy is not working for me! :(

[brosky]

On Mon, 7 Oct 2002, Patrick Teague wrote:

 Hello,

Hi,

I've encountered this problem too, and my mistake was that
i mounted with /dev/fd0, and, the corect way is to mount it with 
/dev/fd0u1680.


 
 I'm currently using Bering v1.0-rc3  it works great...  when it works.
 Anytime I want or need to make a change it's ok until I have to save to a
 floppy  then this causes all kinds of problems.  I can change 1440 floppies
 fine between all 5 of my computers with no problems.  However, when it comes
 to 1680 I get all kinds of screwy things...  here's the worste - on my
 mandrake 8.2 system I can format the floppy as 1680 no problem  dd the bin
 file no problem (as long as the floppy doesn't have a problem with 1680,
 this tends to require a 2 hour search through unformatted floppies).  Now
 comes the idiotic part
 
 1. whether I unmount the floppy or not, I remove it from the Mandrake 8.2
 system
 
 2. flip the read-only tab over so nothing can write to this floppy
 
 3. put it in my leaf box  boot the computer
 
 4. boot *usually* works fine (seems like 99% if created from linux box
 rather than windows)
 
 5. eject floppy  switch read-only tab back so it's writable
 
 6. insert into Mandrake 8.2 system (remount if I umounted)  do a dir
 contents of floppy is now completely unreadable, all garbage (like a dos
 system with a fs virus).  It also means I have to reboot the computer at
 this point to get it to unmount the floppy drive  Mandrake can't reboot
 by itself, I get to go walk over to the box  press the reset button.
 
 Strangely enough the floppy will still boot the leaf box...  If instead
 format  install the bin file, then proceed to modify the floppy (ie remove
 various lrp files I don't need  copy the needed lrp files to the floppy)
 I'm able to do so, but as soon as I try to use this newly modified floppy to
 boot the leaf box it gets to loading linux.  then says boot failure.
 The other message I get after having modified the floppy this way is the
 following -
 
 Unknown keyword in syslinux.cfg
 Unknown keyword in syslinux.cfg
 Unknown keyword in syslinux.cfg
 Unknown keyword in syslinux.cfg
 Unknown keyword in syslinux.cfg
 Missing parameter in syslinux.cfg
 Loading linuxReady.
 
 At which point it doesn't do anything  I have to go hit the reset button.
 This is after a long line of trying all sorts of things to get it to write
 correctly directly on the leaf box, but I get all sorts of problems with
 that...  Everything from grsec problems when trying to load various packages
 to getting such things as root.lrp (!nf)  (instead of the /dev/fd0u1680 that
 I should be getting).
 
 how can I go about making a 1440 bootable floppy for Bering ?  I went 
 downloaded syslinux off of kernel.org  tried using that with the kernel
 file from the floppy, but when I booted that it said it was booting SYSLINUX
 1.75 Mandrake 2.4.something or other.
 
 Any help with this would be much appreciated, thanks for letting me ramble
 
 Patrick
 
 
 
 
 ---
 This sf.net email is sponsored by:ThinkGeek
 Welcome to geek heaven.
 http://thinkgeek.com/sf
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
 



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering: Can't ping/connect to Firewall

[Quan Si Kwon]

Thanks again for the speedy response!

Okay! the routing tables of the Bering and SuSE hosts are as follows:

ip route show (Bering):
65.95.176.1 dev ppp0  proto kernel  scope link  src 65.95.176.89 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.254 
default via 65.95.176.1 dev ppp0 

ip route show (SuSE):
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.2 
default via 192.168.1.254 dev eth0 


The oddity of the Win2K host's routing table is probably because of the gateway for 
DFE-538TX (192.168.72.77) was 192.168.1.10, the IP of the other card (DFE-530TX). Here 
I thought the two cards in the Win2K host are in different subnet: 192.168.72.77/24 
and 192.168.1.10/24, I must route all traffic from 192.168.72.0/24 via 
192.168.72.77/24 using 192.168.1.10/24? I have since changed both cards' gateway to 
192.168.1.254 and come up the following results using ping and route print:

ping -c 2 192.168.1.254:
Pinging 192.168.1.254 with 32 bytes of data:
Request timed out.Request timed out.
Ping statistics for 192.168.1.254:Packets: Sent = 2, Received = 0, Lost = 2 (100% 
loss),Approximate round trip times in milli-seconds:Minimum = 0ms, Maximum =  0ms, 
Average =  0ms

route print:
===
Interface List
0x1 ... MS TCP Loopback interface
0x103 ...00 05 5d f5 f9 bf .. D-Link DFE-530TX PCI Fast Ethernet Adapter
0x104 ...00 50 ba 5b dc 86 .. D-Link DFE-538TX 10/100 Adapter
===
===
Active Routes:
Network DestinationNetmask  Gateway   Interface  Metric
  0.0.0.0  0.0.0.0192.168.1.254   192.168.72.77   1
  0.0.0.0  0.0.0.0192.168.1.254192.168.1.10   1
127.0.0.0255.0.0.0127.0.0.1   127.0.0.1   1
  192.168.1.0255.255.255.0 192.168.1.10192.168.1.10   1
 192.168.1.10  255.255.255.255127.0.0.1   127.0.0.1   1
192.168.1.255  255.255.255.255 192.168.1.10192.168.1.10   1
 192.168.72.0255.255.255.0192.168.72.77   192.168.72.77   1
192.168.72.77  255.255.255.255127.0.0.1   127.0.0.1   1
   192.168.72.255  255.255.255.255192.168.72.77   192.168.72.77   1
224.0.0.0224.0.0.0 192.168.1.10192.168.1.10   1
224.0.0.0224.0.0.0192.168.72.77   192.168.72.77   1
  255.255.255.255  255.255.255.255 192.168.1.10192.168.1.10   1
Default Gateway: 192.168.1.254
===
Persistent Routes:
  None

Thanks!
Quan Si Kwon


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] 3c509.o problem, compiling src for WISP-dist

[Dominik Strnad]

Hi,

I went into problems with 3c509.o module. I am using WISP-dist based on
kernel 2.4.18. After loading module system hangup for some non specific time
(around 1 minute) with kernel panic message. I am going to use sysmoops on
it
But I am 100% sure this that this problem is caused by that module. I tried
two 3coms 509B NICs, both previously used under linux and windows. I check
and set proper non conflicted io and irq, tested PnP and non Pnp modes.
Still getting same error. :-(

Because module 3c509.c isn't in origial distribution I am using binary which
I founded for Bearing (hope that I remember it well) which is based on same
kernel version. When I founded problems with that module I tried to compile
it by my own.

Unfortunatelly I founded another problems and not solution :-) Note that I
am just Linux user and not a developer. I am able to compile something,
sometimes, but...

I read that for development of leaf soomebody use UML debian slink distrib
with gcc 2.0. Can be that enviroment used for WISP development?

I instaled this and I have workin on my RH machine, mounted directory where
sources for Wisp-dist and 3c509.c are located, but I am not able to call gcc
to use wisp-dist kernel src files (home/wisp-dist/src) instead of slink src
(usr/include/linux) I tried -I switch (hope that this is the right switch)
but it didn't help.

Please can anybody describe which enviroment and how could be used for
compiling foor Leaf/wisp-dist ?

And if anybody have 3c509.o for this distribution, could you sended to me to
[EMAIL PROTECTED] ?

Thank you very much.

Litin




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] 1680 floppy is not working for me! :(

[Patrick Teague]

This might have been the problem when I was using the gui (KDE in Mandrake),
but when I had started using my leaf box, a couple times I had tried to
mount /dev/fd0 it caused all sorts of problems  generally wouldn't allow me
to even read the floppy if it even mounted.  Ever since then the only way I
mount floppies via console is
mount -t msdos /dev/fd0u1680 (or 1440, etc).

Thanks for the suggestion though :)

Patrick

- Original Message -
From: [EMAIL PROTECTED]
To: Patrick Teague [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Monday, October 07, 2002 2:36 AM
Subject: Re: [leaf-user] 1680 floppy is not working for me! :(


 On Mon, 7 Oct 2002, Patrick Teague wrote:

  Hello,

 Hi,

 I've encountered this problem too, and my mistake was that
 i mounted with /dev/fd0, and, the corect way is to mount it with
 /dev/fd0u1680.


 
  I'm currently using Bering v1.0-rc3  it works great...  when it works.
  Anytime I want or need to make a change it's ok until I have to save to
a
  floppy  then this causes all kinds of problems.  I can change 1440
floppies
  fine between all 5 of my computers with no problems.  However, when it
comes
  to 1680 I get all kinds of screwy things...  here's the worste - on my
  mandrake 8.2 system I can format the floppy as 1680 no problem  dd the
bin
  file no problem (as long as the floppy doesn't have a problem with 1680,
  this tends to require a 2 hour search through unformatted floppies).
Now
  comes the idiotic part
 
  1. whether I unmount the floppy or not, I remove it from the Mandrake
8.2
  system
 
  2. flip the read-only tab over so nothing can write to this floppy
 
  3. put it in my leaf box  boot the computer
 
  4. boot *usually* works fine (seems like 99% if created from linux box
  rather than windows)
 
  5. eject floppy  switch read-only tab back so it's writable
 
  6. insert into Mandrake 8.2 system (remount if I umounted)  do a
dir
  contents of floppy is now completely unreadable, all garbage (like a dos
  system with a fs virus).  It also means I have to reboot the computer at
  this point to get it to unmount the floppy drive  Mandrake can't
reboot
  by itself, I get to go walk over to the box  press the reset button.
 
  Strangely enough the floppy will still boot the leaf box...  If instead
  format  install the bin file, then proceed to modify the floppy (ie
remove
  various lrp files I don't need  copy the needed lrp files to the
floppy)
  I'm able to do so, but as soon as I try to use this newly modified
floppy to
  boot the leaf box it gets to loading linux.  then says boot
failure.
  The other message I get after having modified the floppy this way is the
  following -
 
  Unknown keyword in syslinux.cfg
  Unknown keyword in syslinux.cfg
  Unknown keyword in syslinux.cfg
  Unknown keyword in syslinux.cfg
  Unknown keyword in syslinux.cfg
  Missing parameter in syslinux.cfg
  Loading linuxReady.
 
  At which point it doesn't do anything  I have to go hit the reset
button.
  This is after a long line of trying all sorts of things to get it to
write
  correctly directly on the leaf box, but I get all sorts of problems with
  that...  Everything from grsec problems when trying to load various
packages
  to getting such things as root.lrp (!nf)  (instead of the /dev/fd0u1680
that
  I should be getting).
 
  how can I go about making a 1440 bootable floppy for Bering ?  I went 
  downloaded syslinux off of kernel.org  tried using that with the kernel
  file from the floppy, but when I booted that it said it was booting
SYSLINUX
  1.75 Mandrake 2.4.something or other.
 
  Any help with this would be much appreciated, thanks for letting me
ramble
 
  Patrick
 
 
 
 
  ---
  This sf.net email is sponsored by:ThinkGeek
  Welcome to geek heaven.
  http://thinkgeek.com/sf
  
  leaf-user mailing list: [EMAIL PROTECTED]
  https://lists.sourceforge.net/lists/listinfo/leaf-user
  SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
 



 ---
 This sf.net email is sponsored by:ThinkGeek
 Welcome to geek heaven.
 http://thinkgeek.com/sf
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html






---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Re: 3c509.o problem, compiling src for WISP-dist

[Vladimir I.]

I was told that only modules from Bering RC2 are compatible, make sure 
you use those if you don't want to compile module yourself.

Hint: If somebody is able to compile all modules using WISP-Dist's 
kernel and give them to me I'll be happy to place them on the website. :)

Dominik Strnad wrote:
 Hi,
 
 I went into problems with 3c509.o module. I am using WISP-dist based on
 kernel 2.4.18. After loading module system hangup for some non specific time
 (around 1 minute) with kernel panic message. I am going to use sysmoops on
 it
 But I am 100% sure this that this problem is caused by that module. I tried
 two 3coms 509B NICs, both previously used under linux and windows. I check
 and set proper non conflicted io and irq, tested PnP and non Pnp modes.
 Still getting same error. :-(
 
 Because module 3c509.c isn't in origial distribution I am using binary which
 I founded for Bearing (hope that I remember it well) which is based on same
 kernel version. When I founded problems with that module I tried to compile
 it by my own.
 
 Unfortunatelly I founded another problems and not solution :-) Note that I
 am just Linux user and not a developer. I am able to compile something,
 sometimes, but...
 
 I read that for development of leaf soomebody use UML debian slink distrib
 with gcc 2.0. Can be that enviroment used for WISP development?
 
 I instaled this and I have workin on my RH machine, mounted directory where
 sources for Wisp-dist and 3c509.c are located, but I am not able to call gcc
 to use wisp-dist kernel src files (home/wisp-dist/src) instead of slink src
 (usr/include/linux) I tried -I switch (hope that this is the right switch)
 but it didn't help.
 
 Please can anybody describe which enviroment and how could be used for
 compiling foor Leaf/wisp-dist ?
 
 And if anybody have 3c509.o for this distribution, could you sended to me to
 [EMAIL PROTECTED] ?
 
 Thank you very much.
 
 Litin
 
 


-- 
Best Regards,
Vladimir
Systems Engineer (RHCE)



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Re: 3c509.o problem, compiling src for WISP-dist

[Dominik Strnad]

Is there exist some cookbook how to compile them for wisp-dist kernel?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Vladimir I.
Sent: Monday, October 07, 2002 1:14 PM
To: Dominik Strnad
Cc: [EMAIL PROTECTED]
Subject: [leaf-user] Re: 3c509.o problem, compiling src for WISP-dist


I was told that only modules from Bering RC2 are compatible, make sure
you use those if you don't want to compile module yourself.

Hint: If somebody is able to compile all modules using WISP-Dist's
kernel and give them to me I'll be happy to place them on the website. :)

Dominik Strnad wrote:
 Hi,

 I went into problems with 3c509.o module. I am using WISP-dist based on
 kernel 2.4.18. After loading module system hangup for some non specific
time
 (around 1 minute) with kernel panic message. I am going to use sysmoops on
 it
 But I am 100% sure this that this problem is caused by that module. I
tried
 two 3coms 509B NICs, both previously used under linux and windows. I check
 and set proper non conflicted io and irq, tested PnP and non Pnp modes.
 Still getting same error. :-(

 Because module 3c509.c isn't in origial distribution I am using binary
which
 I founded for Bearing (hope that I remember it well) which is based on
same
 kernel version. When I founded problems with that module I tried to
compile
 it by my own.

 Unfortunatelly I founded another problems and not solution :-) Note that I
 am just Linux user and not a developer. I am able to compile something,
 sometimes, but...

 I read that for development of leaf soomebody use UML debian slink distrib
 with gcc 2.0. Can be that enviroment used for WISP development?

 I instaled this and I have workin on my RH machine, mounted directory
where
 sources for Wisp-dist and 3c509.c are located, but I am not able to call
gcc
 to use wisp-dist kernel src files (home/wisp-dist/src) instead of slink
src
 (usr/include/linux) I tried -I switch (hope that this is the right switch)
 but it didn't help.

 Please can anybody describe which enviroment and how could be used for
 compiling foor Leaf/wisp-dist ?

 And if anybody have 3c509.o for this distribution, could you sended to me
to
 [EMAIL PROTECTED] ?

 Thank you very much.

 Litin




--
Best Regards,
Vladimir
Systems Engineer (RHCE)



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Re: 3c509.o problem, compiling src for WISP-dist

[Vladimir I.]

Actually no cookbook is required, just follow standard 
procedures.

Grab the WISP-Dist kernel source from LEAF's website, untar it, 
select modules you want and do the usual make dep  make clean 
 make bzImage  make modules  make modules_install. Modules 
will turn up in respective /lib/modules subdirectory, be careful 
not to overwrite modules used by your current kernel (if you use 
the same version).

Dominik Strnad wrote about RE: [leaf-user] Re: 3c509.o problem, compiling src for 
WISP-dist:

 Is there exist some cookbook how to compile them for wisp-dist kernel?
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]On Behalf Of Vladimir I.
 Sent: Monday, October 07, 2002 1:14 PM
 To: Dominik Strnad
 Cc: [EMAIL PROTECTED]
 Subject: [leaf-user] Re: 3c509.o problem, compiling src for WISP-dist
 
 
 I was told that only modules from Bering RC2 are compatible, make sure
 you use those if you don't want to compile module yourself.
 
 Hint: If somebody is able to compile all modules using WISP-Dist's
 kernel and give them to me I'll be happy to place them on the website. :)
 
 Dominik Strnad wrote:
  Hi,
 
  I went into problems with 3c509.o module. I am using WISP-dist based on
  kernel 2.4.18. After loading module system hangup for some non specific
 time
  (around 1 minute) with kernel panic message. I am going to use sysmoops on
  it
  But I am 100% sure this that this problem is caused by that module. I
 tried
  two 3coms 509B NICs, both previously used under linux and windows. I check
  and set proper non conflicted io and irq, tested PnP and non Pnp modes.
  Still getting same error. :-(
 
  Because module 3c509.c isn't in origial distribution I am using binary
 which
  I founded for Bearing (hope that I remember it well) which is based on
 same
  kernel version. When I founded problems with that module I tried to
 compile
  it by my own.
 
  Unfortunatelly I founded another problems and not solution :-) Note that I
  am just Linux user and not a developer. I am able to compile something,
  sometimes, but...
 
  I read that for development of leaf soomebody use UML debian slink distrib
  with gcc 2.0. Can be that enviroment used for WISP development?
 
  I instaled this and I have workin on my RH machine, mounted directory
 where
  sources for Wisp-dist and 3c509.c are located, but I am not able to call
 gcc
  to use wisp-dist kernel src files (home/wisp-dist/src) instead of slink
 src
  (usr/include/linux) I tried -I switch (hope that this is the right switch)
  but it didn't help.
 
  Please can anybody describe which enviroment and how could be used for
  compiling foor Leaf/wisp-dist ?
 
  And if anybody have 3c509.o for this distribution, could you sended to me
 to
  [EMAIL PROTECTED] ?
 
  Thank you very much.
 
  Litin
 
 
 
 
 --
 Best Regards,
 Vladimir
 Systems Engineer (RHCE)
 
 
 
 ---
 This sf.net email is sponsored by:ThinkGeek
 Welcome to geek heaven.
 http://thinkgeek.com/sf
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
 

-- 
Best Regards,
Vladimir
Systems Engineer (RHCE)


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Re: 3c509.o problem, compiling src for WISP-dist

[Dominik Strnad]

IMHO if you developing in another distrib like slink is, you have to forced
gcc to use wisp-dist sources, unless it will use default usr/include/linux
kernel headers file.
Or am I wrong?

-Original Message-
From: Vladimir I. [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 07, 2002 1:35 PM
To: Dominik Strnad
Cc: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Re: 3c509.o problem, compiling src for WISP-dist


Actually no cookbook is required, just follow standard
procedures.

Grab the WISP-Dist kernel source from LEAF's website, untar it,
select modules you want and do the usual make dep  make clean
 make bzImage  make modules  make modules_install. Modules
will turn up in respective /lib/modules subdirectory, be careful
not to overwrite modules used by your current kernel (if you use
the same version).

Dominik Strnad wrote about RE: [leaf-user] Re: 3c509.o problem, compiling
src for WISP-dist:

 Is there exist some cookbook how to compile them for wisp-dist kernel?

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]]On Behalf Of Vladimir I.
 Sent: Monday, October 07, 2002 1:14 PM
 To: Dominik Strnad
 Cc: [EMAIL PROTECTED]
 Subject: [leaf-user] Re: 3c509.o problem, compiling src for WISP-dist


 I was told that only modules from Bering RC2 are compatible, make sure
 you use those if you don't want to compile module yourself.

 Hint: If somebody is able to compile all modules using WISP-Dist's
 kernel and give them to me I'll be happy to place them on the website. :)

 Dominik Strnad wrote:
  Hi,
 
  I went into problems with 3c509.o module. I am using WISP-dist based on
  kernel 2.4.18. After loading module system hangup for some non specific
 time
  (around 1 minute) with kernel panic message. I am going to use sysmoops
on
  it
  But I am 100% sure this that this problem is caused by that module. I
 tried
  two 3coms 509B NICs, both previously used under linux and windows. I
check
  and set proper non conflicted io and irq, tested PnP and non Pnp modes.
  Still getting same error. :-(
 
  Because module 3c509.c isn't in origial distribution I am using binary
 which
  I founded for Bearing (hope that I remember it well) which is based on
 same
  kernel version. When I founded problems with that module I tried to
 compile
  it by my own.
 
  Unfortunatelly I founded another problems and not solution :-) Note that
I
  am just Linux user and not a developer. I am able to compile something,
  sometimes, but...
 
  I read that for development of leaf soomebody use UML debian slink
distrib
  with gcc 2.0. Can be that enviroment used for WISP development?
 
  I instaled this and I have workin on my RH machine, mounted directory
 where
  sources for Wisp-dist and 3c509.c are located, but I am not able to call
 gcc
  to use wisp-dist kernel src files (home/wisp-dist/src) instead of slink
 src
  (usr/include/linux) I tried -I switch (hope that this is the right
switch)
  but it didn't help.
 
  Please can anybody describe which enviroment and how could be used for
  compiling foor Leaf/wisp-dist ?
 
  And if anybody have 3c509.o for this distribution, could you sended to
me
 to
  [EMAIL PROTECTED] ?
 
  Thank you very much.
 
  Litin
 
 


 --
 Best Regards,
 Vladimir
 Systems Engineer (RHCE)



 ---
 This sf.net email is sponsored by:ThinkGeek
 Welcome to geek heaven.
 http://thinkgeek.com/sf
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html


--
Best Regards,
Vladimir
Systems Engineer (RHCE)




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Re: 3c509.o problem, compiling src for WISP-dist

[Vladimir I.]

Dominik Strnad wrote about RE: [leaf-user] Re: 3c509.o problem, compiling src for 
WISP-dist:

 IMHO if you developing in another distrib like slink is, you have to forced
 gcc to use wisp-dist sources, unless it will use default usr/include/linux
 kernel headers file.

That may be required only when you're compiling standalone 
modules. Kernel itself does not require /usr/include/linux.

-- 
Best Regards,
Vladimir
Systems Engineer (RHCE)


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Shorewall Host File construction.

[Gavin . Bravery]

Hi people,

OK, excuse the ASCII art, this is the best I can manage!

In the below diagram, firewall 1 and 2 will be Bering RC3 boxes. Currently,
I have shorewall 1.3.7c, but it will be upgraded to 1.3.9a when I start
playing again.

I'm trying to configure a network as follows (yes I know I could do it
simpler but I'm playing!):

 ++
 |Internet|
 ++
  |
  |
  | ppp0 isp given
+--+ ++
|Firewall 2|-|  SMDZ  | 10.46.23.x
+--+eth1  10.46.23.x ++
  | eth0 10.0.1.1
  |
  |
 ++
 |  DMZ   | 10.0.1.x (going to include mail, dns, dhcp, web proxy etc)
 ++
  |
  |
  | eth2 10.0.1.5
+--+
|Firewall 1|
+--+
  | eth0 192.168.1.1
  |
  |
 ++
 |Internal|  192.168.1.x
 ++

And I am having a problem!

Firewall one's host file is fine, and seems to work ok, but I am unsure
what to put in the /etc/shorewall/hosts file to describe zones in Firewall
1.

DMZ and SDMZ are easy:
  dmz   eth2:10.0.1.0/24
  sdmz  eth2:10.46.23.0/24

But what do I put for net?
Neither of these lines, appeared to work:
  net   eth2:0.0.0.0/0,eth2:!10.0.1.0/24,eth2:!10.46.23.0/24
  net   eth2:!10.0.1.0/24,eth2:!10.46.23.0/24

Nor did splitting it up onto separate line:
  net   eth2:!10.0.1.0/24
  net   eth2:!10.46.23.0/24

How do I specify that the net zone is everything BUT 10.0.1.0/24 and
10.46.23.0/24 in hosts??

Thanks,

Gavin




Visit the Virgin Atlantic website for all the latest news and great
special offers - http://www.virgin.com/atlantic

This e-mail (and any attachments) may contain privileged and/or
confidential information. If you are not the intended recipient please
do not disclose, copy, distribute, disseminate or take any action in
reliance on it. If you have received this message in error please reply
and tell us and then delete all copies on your system. Any opinion on
or advice or information contained in this email is not necessarily that
of the owners or officers of this company.

Should you wish to communicate with us by e-mail, we cannot guarantee
the security of any data outside our own computer system



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] 1.68 Meg Floppy Image of CROM binary

[Roger E McClurg]

Charles,

I've got an old PC running the 1.02 Dachstein CD. It can't boot from the CD
so I use a floppy boot disk. Herein lies the problem. I am running IPSEC on
this machine and am just barely fitting the backups on the floppy. I'd like
to run a couple more applications on the PC but have no room to store the
configuration backups on the floppy.

Is there a 1.68 Meg floppy image of the CD boot binary available? If not
how do I go about creating such a beast?

As always, thanks for the help.

BTW. Have you had a chance to rebuild your network, or are your machines
still in the garage?

Roger



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] 1.68 Meg Floppy Image of CROM binary

[seanecovel]

I know this is probably blasphemy, but I'd use 
WinImage.  WinImage can read in your current diskette, 
then you can change the format to 1680 or 1722 and write 
it back out.  Then all you need to do is change the 
floppy device in the syslinux.cfg file.

To make life easier, I just added a second floppy drive 
to my firewall.  2 1440s can hold alot, and the format 
is more stable than the super floppy formats.
 
 Charles,
 
 I've got an old PC running the 1.02 Dachstein CD. It can't boot from the CD
 so I use a floppy boot disk. Herein lies the problem. I am running IPSEC on
 this machine and am just barely fitting the backups on the floppy. I'd like
 to run a couple more applications on the PC but have no room to store the
 configuration backups on the floppy.
 
 Is there a 1.68 Meg floppy image of the CD boot binary available? If not
 how do I go about creating such a beast?
 
 As always, thanks for the help.
 
 BTW. Have you had a chance to rebuild your network, or are your machines
 still in the garage?
 
 Roger
 
 
 
 ---
 This sf.net email is sponsored by:ThinkGeek
 Welcome to geek heaven.
 http://thinkgeek.com/sf
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Issues...

[James Williams]

Here is the syslinux.cfg

# syslinux.cfg file

# Kernel parameters:
#
#   BOOT=/dev/fd0u1680
#
#   Boot from the specified disk device (1.68M in this example).
#   The format of the disk (msdos) can be optionally specified by putting
#   ,msdos on the end.
#
#   If this parameter is missing, it will probably attempt to load
#   off of one of the hard drives (device 03:##) which is likely
#   NOT what you want.
#
#   If this parameter is missing, Oxygen will also try to load
#   configuration files from /dev/fd0u1680 - which may or may NOT
#   be what you want.
#
#   CONSOLE=ttyS0,9600
#   CONSOLE=tty0
#
#   This is a standard Linux kernel option, setting the console
#   to go to the first serial port at 9600 baud, and also to
#   the first virtual console.
#
#   This option affects messages from the kernel only; user programs
#   (including /linuxrc, /etc/init.d/rcS, /etc/init.d/rc, and init)
#   will send to their own TTYs.  They must send their output to
#   /dev/console for this option to work completely.
#
#   The last setting of the CONSOLE option will be the device
#   associated with /dev/console.
#
# Configuration parameters:
#
#   CONF=file
#
#   This defines which configuration file to use.  This is
#   a new item, and its format is defined in oxygen.cfg.
#
#    NOTE: ALMOST ALL OF THESE ARE BEING SUPERCEDED BY 
#      THE NEW OXYGEN CONFIGURATION FILE   
#      THEY WILL BE PHASED OUT AND REMOVED!!!  
#
#   LOGDISK=4
#
#   This sets the RAM disk size for /var/log to 4 megabytes in size.
#   Default setting is a 2 megabyte RAM disk for /var/log.
#
#   TMPDISK=8
#
#   This sets the RAM disk size for /tmp to 8 megabytes in size.
#   Default setting is not to create a separate /tmp RAM disk at all.
#
#   PKGPATH=tftp://somehost.home/lrp.conf
#
#   This sets the file to load for a list of packages to load via
#   tftp.  These are loaded after the boot disk is read.  This URL-style
#   can also be used with FTP (ftp://) or World-Wide Web (http://)
#   URLS.  The URL can be a directory, in which case the filename
#   lrp.conf is assumed.
#
#   PKGPATH=query://
#   PKGPATH=ask://
#
#   These pseudo-URLs will query the user (ask) for a URL (or URLs)
#   to load from.  The same rules of URLs above are valid for the URL
#   given in response to the query.
#
#   PKGPATH=/dev/fd0u1680:msdos
#
#   This determines where the disks are for loading packages, and
#   optionally, their format.  Notice the difference between this
#   and the BOOT parameter format: here, a colon (:) is used to
#   separate the format and disk device, and the comma (,) is used
#   to separate multiple data disks or other specifications (including
#   tftp).
#
#   PKGLIST=pkgfile.cfg
#
#   This specifies a file to be found on the mounted disk during
#   loading.  The file will contain a list of packages, either
#   specifically or by a wildcard specification.  URLs are NOT
#   presently recognized.
#
#   DHCP
#
#   This sets the system to bring up the network interface via DHCP for
#   package loading.  This is quite a different thing from whether or not
#   the system uses DHCP during normal operations.  To set this, configure
#   the /etc/rc.config.d/network.conf file as appropriate; see that file
#   for more information.
#
#   With the DHCP kernel parameter set, the system could potentially
#   still use a fixed address; however DHCP is required for network
#   loading of packages.
#
#   DHCP=eth1
#
#   This is an alternative form of the DHCP flag, which specifies
#   *which* interface to use to bring DHCP up for loading packages.
#   Again, this is quite different from the use of DHCP during
#   normal operations.
#
#   If you don't plan to load packages over the network, this
#   parameter can be left off.
#
#   DISKWAIT
#
#   This is used to make the boot process pause and wait for disk
#   insertion and a keypress after this is done.
#
#   IMAGE
#
#   This changes package loading subtly: rather than loading each
#   package from the disk one by one, it loads an image of the
#   disk into memory and loads from that.  This can speed up loading
#   from floppy disk.
#
#   VERBOSE
#
#   Turns on verbose reporting during boot (experimental).
#
#   BRLTTY=/dev/ttyS0
#
#   This activates BRLTTY (Braille TTY) support in LRP; the
#   parameter is the TTY device to which the Braille TTY
#   is attached.
#
#   The program brltty will have to be added to the base for
#   this to take effect; it also requires libm and libc++ to
#   work (neither of which is in the base).
#
#   This option is not yet fully functional; its support
#   is in 

Re: [leaf-user] Shorewall Host File construction.

[Tom Eastep]

[EMAIL PROTECTED] wrote:

 
 How do I specify that the net zone is everything BUT 10.0.1.0/24 and
 10.46.23.0/24 in hosts??
 

Put sdmz and dmz BEFORE net in the zones file then simply define net as

net eth2:0.0.0.0/0

-Tom
-- 
Tom Eastep\ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ [EMAIL PROTECTED]



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Shorewall Host File construction.

[Gavin . Bravery]

I thought I had done that, but I spotted it in documentation shortly after
I sent the email and I'm not sure any more.
I'll try it tonight (hopefully!).

Just to confirm, if include rules for smdz and dmz these will work instead
of the rules for net, right?

Thanks

Gavin

PS Any way of getting the firewall to forward DHCP request across to the
other subnet, or should I use dhcp relaying??!



   

  Tom Eastep   

  teastep@shorewalTo:   [EMAIL PROTECTED]  

  l.net   cc:   
[EMAIL PROTECTED]   
   Subject:  Re: [leaf-user] Shorewall 
Host File construction. 
  07/10/2002 14:13 

   

   







[EMAIL PROTECTED] wrote:


 How do I specify that the net zone is everything BUT 10.0.1.0/24 and
 10.46.23.0/24 in hosts??


Put sdmz and dmz BEFORE net in the zones file then simply define net as

net   eth2:0.0.0.0/0

-Tom
--
Tom Eastep\ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ [EMAIL PROTECTED]







Visit the Virgin Atlantic website for all the latest news and great
special offers - http://www.virgin.com/atlantic

This e-mail (and any attachments) may contain privileged and/or
confidential information. If you are not the intended recipient please
do not disclose, copy, distribute, disseminate or take any action in
reliance on it. If you have received this message in error please reply
and tell us and then delete all copies on your system. Any opinion on
or advice or information contained in this email is not necessarily that
of the owners or officers of this company.

Should you wish to communicate with us by e-mail, we cannot guarantee
the security of any data outside our own computer system



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Shorewall Host File construction.

[Tom Eastep]

[EMAIL PROTECTED] wrote:
 I thought I had done that, but I spotted it in documentation shortly after
 I sent the email and I'm not sure any more.
 I'll try it tonight (hopefully!).
 
 Just to confirm, if include rules for smdz and dmz these will work instead
 of the rules for net, right?
 

Yes --

-Tom
-- 
Tom Eastep\ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ [EMAIL PROTECTED]



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Re: 1.68 Meg Floppy Image of CROM binary

[Charles Steinkuehler]

 I've got an old PC running the 1.02 Dachstein CD. It can't boot from
the CD
 so I use a floppy boot disk. Herein lies the problem. I am running
IPSEC on
 this machine and am just barely fitting the backups on the floppy. I'd
like
 to run a couple more applications on the PC but have no room to store
the
 configuration backups on the floppy.

 Is there a 1.68 Meg floppy image of the CD boot binary available? If
not
 how do I go about creating such a beast?

There isn't a 1.68 Meg image of the CD Boot disk available, but it's a
minor tweak to turn a standard Dachstein disk into one (all packages are
identical between the CD and floppy versions of Dachstein...only
differences are boot options and media type).  Simply edit syslinux.cfg,
and set the PKGPATH parameter to include the CD-ROM
(PKGPATH=/dev/cdrom:iso9660).  Leave the BOOT= parameter as-is (should
be set to 1680K floppy if you start with a Dachstein floppy image), and
you're all set.

Of course, you'll probably want to replace the standard full packages
of etc, modules, etc. on the default Dachstein distribution with your
existing partial backups rather than re-create them from scratch.

As a bonus, your 1680K floppy will boot faster than the 1440K disk.
Since there's more data on each track, it takes fewer revolutions of the
floppy media to load the initial system image.

 As always, thanks for the help.

 BTW. Have you had a chance to rebuild your network, or are your
machines
 still in the garage?

I've got one or two systems back online, but not enough to do any real
test networks :

Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Re: 1.68 Meg Floppy Image of CROM binary

[Roger E McClurg]

Thanks for the info Charles. You always come through.

Best Regards,

Roger McClurg
[EMAIL PROTECTED]



   

Charles   

SteinkuehlerTo: Roger E McClurg [EMAIL PROTECTED]  

charles cc: [EMAIL PROTECTED] 

@steinkuehlerSubject: Re: 1.68 Meg Floppy Image of 
CROM binary 
.net  

   

10/07/02   

10:12 AM   

   

   





 I've got an old PC running the 1.02 Dachstein CD. It can't boot from
the CD
 so I use a floppy boot disk. Herein lies the problem. I am running
IPSEC on
 this machine and am just barely fitting the backups on the floppy. I'd
like
 to run a couple more applications on the PC but have no room to store
the
 configuration backups on the floppy.

 Is there a 1.68 Meg floppy image of the CD boot binary available? If
not
 how do I go about creating such a beast?

There isn't a 1.68 Meg image of the CD Boot disk available, but it's a
minor tweak to turn a standard Dachstein disk into one (all packages are
identical between the CD and floppy versions of Dachstein...only
differences are boot options and media type).  Simply edit syslinux.cfg,
and set the PKGPATH parameter to include the CD-ROM
(PKGPATH=/dev/cdrom:iso9660).  Leave the BOOT= parameter as-is (should
be set to 1680K floppy if you start with a Dachstein floppy image), and
you're all set.

Of course, you'll probably want to replace the standard full packages
of etc, modules, etc. on the default Dachstein distribution with your
existing partial backups rather than re-create them from scratch.

As a bonus, your 1680K floppy will boot faster than the 1440K disk.
Since there's more data on each track, it takes fewer revolutions of the
floppy media to load the initial system image.

 As always, thanks for the help.

 BTW. Have you had a chance to rebuild your network, or are your
machines
 still in the garage?

I've got one or two systems back online, but not enough to do any real
test networks :

Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)







---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] 1680 floppy is not working for me! :(

[Ray Olszewski]

Three thoughts ...

First, if you really require a 2 hour search through unformatted floppies 
to find one that the Mandrake host will format at 1680, then you either use 
an unusually bad selection of floppies or there is something wrong with the 
Mandrake host. (I get an *occasional* failure here, maybe 1%, but nothing 
like the failure rate your report implies, and I use the cheapest floppies 
I can find.)

So the first thing I'd investigate, in your position, is whether the floppy 
drive on the Mandrake host (or, less likely, the LEAF host) is marginal. 
Assuming Mandrake uses superformat to format 1680 floppies, what does it 
report about drive calibration at the start of the process? A more direct 
test would be to swap in a new floppy drive (a cheap test here in the US, 
where new drives sell for $US10).

Second, you say this about modifying the floppy:

Strangely enough the floppy will still boot the leaf box...  If instead
format  install the bin file, then proceed to modify the floppy (ie remove
various lrp files I don't need  copy the needed lrp files to the floppy)
I'm able to do so, but as soon as I try to use this newly modified floppy to
boot the leaf box it gets to loading linux.  then says boot failure.

On which host (Mandrake or LEAF) are you doing this modifying? This *might* 
be another symptom of a bad drive on the Mandrake (or the LEAF) host. Does 
your modifying involve either the kernel file or root.lrp (or any of the 
syslinux.* files)?

Third, you ask about making your own 1440 disk in this fashion:

how can I go about making a 1440 bootable floppy for Bering ?  I went 
downloaded syslinux off of kernel.org  tried using that with the kernel
file from the floppy, but when I booted that it said it was booting SYSLINUX
1.75 Mandrake 2.4.something or other.

I can't spot your problem when all you tell us is that you tried using 
that. Tell us what you did, and perhaps I or someone else here will be 
able to spot the problem. But from this description, I can only suggest 
that you read the man page for syslinux more carefully and try again.

At 12:39 AM 10/7/02 -0500, Patrick Teague wrote:
Hello,

I'm currently using Bering v1.0-rc3  it works great...  when it works.
Anytime I want or need to make a change it's ok until I have to save to a
floppy  then this causes all kinds of problems.  I can change 1440 floppies
fine between all 5 of my computers with no problems.  However, when it comes
to 1680 I get all kinds of screwy things...

[details deleted]



--
---Never tell me the odds!
Ray Olszewski   -- Han Solo
Palo Alto, California, USA[EMAIL PROTECTED]
---



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] (no subject)

[Johnnattanh 23]

Hi everyone,
Again somebody can tell me how to manage the routing protocols in a LRP/LEAF 
box. (RIP, OSPF, BGP, ISIS, maybe IGRP and EIGRP)
I think that the default routing protocol is RIP but only listen RIP advice 
or also send routing RIP advice.
I saw some modules named like ospf.o and igrp.o, but how can configure them.
If somebody have some information about it please tell me.
Thank you in advance.
 Johnnattanh

_
Send and receive Hotmail on your mobile device: http://mobile.msn.com



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Re: Bering: Can't ping/connect to Firewall

[Ray Olszewski]

I wish I could point out the source of your problem, but frankly, this 
latest report leaves me stumped. I am particularly puzzled by this 
combination of items:

(this from your latest e-mail)

 ip route show (SuSE):
 192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.2
 default via 192.168.1.254 dev eth0

and (this from the attachment to your prior e-mail)

 SuSE#ping -c 1 192.168.1.254
 PING 192.168.1.254 (192.168.1.254) from 192.168.1.2 : 56(84) bytes 
of data.
 From 192.168.1.2: icmp_seq=1 Destination Host Unreachable
 From 192.168.1.2 icmp_seq=1 Destination Host Unreachable

Since the SuSE host (192.168.1.2) has a route to the network that contains 
192.168.1.254, I don't understand why it reports Destination Host 
Unreachable. Perhaps someone else here can spot whatever I am overlooking. 
But I've run out of ideas. Sorry.

At 05:10 AM 10/7/02 -0400, Quan Si Kwon wrote:
Thanks again for the speedy response!

Okay! the routing tables of the Bering and SuSE hosts are as follows:

ip route show (Bering):
65.95.176.1 dev ppp0  proto kernel  scope link  src 65.95.176.89
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.254
default via 65.95.176.1 dev ppp0

ip route show (SuSE):
192.168.1.0/24 dev eth0  proto kernel  scope link  src 192.168.1.2
default via 192.168.1.254 dev eth0


The oddity of the Win2K host's routing table is probably because of the 
gateway for DFE-538TX (192.168.72.77) was 192.168.1.10, the IP of the 
other card (DFE-530TX). Here I thought the two cards in the Win2K host are 
in different subnet: 192.168.72.77/24 and 192.168.1.10/24, I must route 
all traffic from 192.168.72.0/24 via 192.168.72.77/24 using 
192.168.1.10/24? I have since changed both cards' gateway to 192.168.1.254 
and come up the following results using ping and route print:

ping -c 2 192.168.1.254:
Pinging 192.168.1.254 with 32 bytes of data:
Request timed out.Request timed out.
Ping statistics for 192.168.1.254:Packets: Sent = 2, Received = 0, 
Lost = 2 (100% loss),Approximate round trip times in 
milli-seconds:Minimum = 0ms, Maximum =  0ms, Average =  0ms

route print:
===
Interface List
0x1 ... MS TCP Loopback interface
0x103 ...00 05 5d f5 f9 bf .. D-Link DFE-530TX PCI Fast Ethernet 
Adapter
0x104 ...00 50 ba 5b dc 86 .. D-Link DFE-538TX 10/100 Adapter
===
===
Active Routes:
Network DestinationNetmask  Gateway   Interface  Metric
   0.0.0.0  0.0.0.0192.168.1.254   192.168.72.77   1
   0.0.0.0  0.0.0.0192.168.1.254192.168.1.10   1
 127.0.0.0255.0.0.0127.0.0.1   127.0.0.1   1
   192.168.1.0255.255.255.0 192.168.1.10192.168.1.10   1
  192.168.1.10  255.255.255.255127.0.0.1   127.0.0.1   1
 192.168.1.255  255.255.255.255 192.168.1.10192.168.1.10   1
  192.168.72.0255.255.255.0192.168.72.77   192.168.72.77   1
 192.168.72.77  255.255.255.255127.0.0.1   127.0.0.1   1
192.168.72.255  255.255.255.255192.168.72.77   192.168.72.77   1
 224.0.0.0224.0.0.0 192.168.1.10192.168.1.10   1
 224.0.0.0224.0.0.0192.168.72.77   192.168.72.77   1
   255.255.255.255  255.255.255.255 192.168.1.10192.168.1.10   1
Default Gateway: 192.168.1.254
===
Persistent Routes:
   None




--
---Never tell me the odds!
Ray Olszewski   -- Han Solo
Palo Alto, California, USA[EMAIL PROTECTED]
---



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] (no subject)

[Eric B Kiser]

Howdy Johnnattanh,

The old LRP mailing lists are virtually unused. Just wanted to let you know
before you got your hopes up about getting a response from that arena.

After rereading your last message I had thought that you were referring to
*.lrp packages. My mistake. I am not familiar with the modules that you are
referring to. If you could point me in the direction that you found them I
would appreciate it.

Default routing on all of the LEAF distributions is statically configured.
However you can add packages that will give you the ability to use various
dynamic routing protocols.

I recommend using zebra.lrp packaged by David Douthitt. It is based on
zebra-0.92 and supports bgp, ospf, and rip. I have had problems running it
on the LEAF Bering distro but I know of people that have used it with the
LEAF Oxygen distro with great success.

It can be found here: http://www.leaf-project.org/devel/ddouthitt/packages/

EIGRP is a cisco specific protocol. The only way to play with this is to
play with cisco.

I am currently working on an updated version of the zebra package. The new
version is built around the original modular concept that zebra was built on
and you will be able to load the different protocol daemons as independent
packages. Meaning that if you want bgp you would load the bgpd.lrp and do
not have to give up precious space to protocols that you may not want or
need.

Hope this was helpful,
Eric Kiser




-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Johnnattanh
23
Sent: Monday, October 07, 2002 10:54 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: [leaf-user] (no subject)




Hi everyone,
Again somebody can tell me how to manage the routing protocols in a LRP/LEAF
box. (RIP, OSPF, BGP, ISIS, maybe IGRP and EIGRP)
I think that the default routing protocol is RIP but only listen RIP advice
or also send routing RIP advice.
I saw some modules named like ospf.o and igrp.o, but how can configure them.
If somebody have some information about it please tell me.
Thank you in advance.
 Johnnattanh

_
Send and receive Hotmail on your mobile device: http://mobile.msn.com



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering: Can't ping/connect to Firewall

[Quan Si Kwon]

Since the SuSE host (192.168.1.2) has a route to the network that contains

192.168.1.254, I don't understand why it reports Destination Host 
Unreachable. Perhaps someone else here can spot whatever I am
overlooking. 
But I've run out of ideas. Sorry.

I might have solved the problem! The clue came from your second last
e-mail.
What I have done is altered the order of the two NIC cards being loaded by
the Kernel as follows:

Before:
3890
ne io=0x300 irq=3  #D-Link DE-220E Rev.B1 as eth0
de4x5  #D-Link DE-530T+ Rev.B2 as eth1

After:
de4x5
3890
ne io=0x300 irq=3 

So that eth0 is now loaded as DE-530T+ and eth1 is now loaded as DE-220E.
This can be confirmed by the change/swap in hardware addresses of the two
NIC cards in the Bering host using the command ip addr show:


3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:93:ba:3a brd ff:ff:ff:ff:ff:ff
4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:80:c8:35:c6:7b brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1

After the above change, ip route looks like this in the Bering host:
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.254 

However,eth0/ppp0 could no long connect to my ISP/ADSL (sympatico.ca) but
eth1 can now ping to Win2K, and SuSE hosts and vice versa!

The next step is trying to get another new card for the Bering host.

I will try to determine if the D-Link (DE-530T+) card or the drive de4x5.o
is at fault by swapping NIC cards with the Win2K/SuSE host.

But this would have to wait as I am off to Vancouver then Hong Kong
tomorrow morning (10/08) and will be back on 10/12. 

Once again thanks for your help. I shall report my findings later and buy
you a beer!
Quan Si Kwon


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] (no subject)

[Johnnattanh Hervé Rentería Rdz .]

Hello Eric, 
Well at this time I don't remember where I saw the modules but I'm going
to looking for them and I'll let you know if I find them.

Thank you for the information I'll try zebra. 

Yours
Johnnattanh 


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] ifconfig Explanation please.

[Troy Aden]

This is the ifconfig output from one of our Bering routers. Please note all
of the errors on eth1 and eth2. Can someone please explain this to me? Am I
to interpret these errors as a router problem or is it indicating some
network device is barfing out erroneous data on that subnet? Any ideas would
be appreciated. Thanks!


loLink encap:Local Loopback  
  inet addr:127.0.0.1  Mask:255.0.0.0
  UP LOOPBACK RUNNING  MTU:16436  Metric:1
  RX packets:364 errors:0 dropped:0 overruns:0 frame:0
  TX packets:364 errors:0 dropped:0 overruns:0 carrier:0
  Collisions:0 

eth0  Link encap:Ethernet  HWaddr 00:80:C8:CF:C8:61  
  inet addr: 192.168.141.1  Bcast:192.168.141.255
Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:148190074 errors:1 dropped:0 overruns:0 frame:0
  TX packets:150696043 errors:20 dropped:0 overruns:0 carrier:20
  Collisions:0 
  Interrupt:10 Base address:0x8000 

eth1  Link encap:Ethernet  HWaddr 00:80:C8:CF:C8:62  
  inet addr:192.168.142.1  Bcast:192.168.142.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:311524321 errors:667269 dropped:4 overruns:0
frame:667268
  TX packets:244260637 errors:6 dropped:0 overruns:0 carrier:6
  Collisions:0 
  Interrupt:11 Base address:0xa000 

eth2  Link encap:Ethernet  HWaddr 00:80:C8:CF:C8:63  
  inet addr:192.168.143.1  Bcast:192.168.143.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:5742144 errors:691 dropped:0 overruns:0 frame:1381
  TX packets:8793908 errors:0 dropped:0 overruns:0 carrier:0
  Collisions:74307 
  Interrupt:9 Base address:0xc000 

eth3  Link encap:Ethernet  HWaddr 00:80:C8:CF:C8:64  
  inet addr:192.168.147.1  Bcast:192.168.147.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:363126921 errors:1 dropped:0 overruns:0 frame:0
  TX packets:421969990 errors:33 dropped:0 overruns:0 carrier:33
  Collisions:0 
  Interrupt:5 Base address:0xe000 
 

Troy


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] block internet access except the email

[Erich Titl]

Liu

Liu Mei wrote the following at 05:55 07.10.2002:
Doesn't work. :-(

--- [EMAIL PROTECTED] wrote:
  trying using just the top level domain, IE yahoo.com
  and
  hotmail.com
 
  I haven't tried that, but its worth a shot.
 
  On Sun, 6 Oct 2002 17:04:35 -0700 (PDT)
   Liu Mei [EMAIL PROTECTED] wrote:
   Hi,
  
   If I only want to allow user to check their email
  on
   yahoo or hotmail, how should I setup the firewall?
  

OK they seem to be using a web based mail tool which makes the firewall set 
up tricky. You want to make all mail hosts available to your web browser 
either using port 80 or 443. And then think about port 25 and possibly 587.

The list here may not be complete but it's worth a try

Name:www.hotmail.com
Addresses:  64.4.52.7, 64.4.53.7, 64.4.43.7, 64.4.44.7
   64.4.45.7

Name:hotmail.com
Addresses:  64.4.53.7, 64.4.44.7

Name:mail.hotmail.com
Addresses:  64.4.50.7, 64.4.50.71, 64.4.49.7, 64.4.55.71
   64.4.55.135, 64.4.49.71, 64.4.49.135, 64.4.49.199

Name:yahoo.com
Addresses:  64.58.79.230, 66.218.71.198

Name:login.yahoo.akadns.net
Addresses:  64.58.76.99, 64.58.76.98
Aliases:  mail.yahoo.com, login.yahoo.com

Name:www.yahoo.akadns.net
Addresses:  66.218.71.80, 66.218.71.84, 66.218.71.87, 66.218.71.81
   66.218.71.89, 66.218.71.86, 66.218.71.83
Aliases:  www.yahoo.com


This of course is only a snapshot of the possible addresses, you may want 
to build something more more dynamic or then recheck in short intervals. 
And of course http access to mail does not look a lot different than to any 
old web page.

HTH

THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024  8D8A B7D4 FF9D 05B8 0A16



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] 486-SX and DachStein (latest 2.9.8)

[Burt Adjoodani]

Thanks in advance for any Help!  Great minds think a like!
I am trying to get a 486 SX up on a Dachstein LRP, unfortunately I get the
NO FPU message and she stops.
Does anybody have an image Called of course linux on the floppy that
doesn't need the co-processor ?
I hope this will be the only problem left to solve.
Maybe I should ask Father Stein. Charles, that is.
Will I have any other problems from using an SX after the linux kernel image
?
Are there any other tweaks needed ?
I have built numerous LRP Firewalls, routers and even a few 9100 port LRP
print servers.
Does anyone suggest a solution for an email proxy ?  I have been wanting to
set up 2 LRP's an incoming and an outgoing
email proxy LRP.  These both would be (bridged/invisible) and would log to a
different Linux server.
This way I can be 100% assured there is no spamming, relaying, etc. going
on.
LRP's are the handiest things since the pocket protector!
I would also love to be able to run a (vmware like) enviroment so I can roll
my own in the future.
This way I don't have to re-boot into a harddrive LRP, just to roll a new
kernel.  I lost my last HD LRP to a bad
power supply that caught fire.  (sometimes it is a bad idea to snip the
fans).  :-)
Vmware is just so stinkin slow and it costs $$$.

Sincerely,
Burt Adjoodani

PS: Knowledge is Power
Share I.T.
:-P to MegaShaft and Cisco!



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] ifconfig Explanation please.

[Ray Olszewski]

With absolutely zero information about the underlying networks, one can 
only guess about numbers of this sort. But with that disclaimer, my gut 
reaction is that the error and collision counts are within the normal range 
for fairly busy LANs.

To be specific, here is my guess about what we are looking at--

1. eth0 is your Internet connection, and it links the Bering router to some 
dedicated device like a DSL or cable modem. Since this tiny LAN has only 
two clients on it, and the slow data rates associated with Internet access, 
it doesn't push even the limits of a 10 Mbps connection, let alone 100 
Mbps. Consequently, negligible error and collision counts.

2. eth1 is a busy LAN (as a user of the router), with many clients and a 
lot of local traffic as well (perhaps a lot of WinXX hosts with SMB 
mounts), pushing the 10 or 100 Mbps limit, so generating some errors. They 
are well below 1% of packets so no big deal, unless you are seeing other 
performance problems on this LAN (in which case they might be an early 
warning of an overloaded Ethernet). The errors here are (if I recall 
correctly how to interpret this output -- I can't readily find a reference 
to check -- can someone else PLEASE help here?) the results of collisions 
between a packet from a client to the router and some other packet on the LAN.

3. eth2 is another LAN, but much less active (its RX traffic to the router 
is only about 2% of the volume seen on eth1), probably with way fewer 
clients than eth1. But traffic to the router is in bursts, creating 
collisions between RX and TX packets to/from the router. This may be your DMZ.

3. eth3 is still another LAN, about as busy (as a user of the router) as 
eth1, but with less local traffic. As a result, the LAN does not press its 
10 or 100 Mbps limit much, and there are few errors.

All this is just a guess, of course. Other variables might be whether they 
are 10 MBbps or 100 Mbps LANs, whether they use hubs or switches, how much 
uptime the packet counts cover, and even it they use something other than 
UTP wiring.

If I'm way off in describing the characteristics of any of these LANs 
(well, at least eth1 and eth2), then you may have a problem. But we'll need 
to know more about the characteristics of the networks to suggest anything 
specific.

If anyone knows enough to correct my interpretation of what the error and 
collision numbers actually mean, I'd really welcome hearing from him or her 
... especially if the correction includes a reference to appropriate 
documentation.

At 01:08 PM 10/7/02 -0600, Troy Aden wrote:
This is the ifconfig output from one of our Bering routers. Please note all
of the errors on eth1 and eth2. Can someone please explain this to me? Am I
to interpret these errors as a router problem or is it indicating some
network device is barfing out erroneous data on that subnet? Any ideas would
be appreciated. Thanks!


loLink encap:Local Loopback
   inet addr:127.0.0.1  Mask:255.0.0.0
   UP LOOPBACK RUNNING  MTU:16436  Metric:1
   RX packets:364 errors:0 dropped:0 overruns:0 frame:0
   TX packets:364 errors:0 dropped:0 overruns:0 carrier:0
   Collisions:0

eth0  Link encap:Ethernet  HWaddr 00:80:C8:CF:C8:61
   inet addr: 192.168.141.1  Bcast:192.168.141.255
Mask:255.255.255.0
   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
   RX packets:148190074 errors:1 dropped:0 overruns:0 frame:0
   TX packets:150696043 errors:20 dropped:0 overruns:0 carrier:20
   Collisions:0
   Interrupt:10 Base address:0x8000

eth1  Link encap:Ethernet  HWaddr 00:80:C8:CF:C8:62
   inet addr:192.168.142.1  Bcast:192.168.142.255  Mask:255.255.255.0
   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
   RX packets:311524321 errors:667269 dropped:4 overruns:0
frame:667268
   TX packets:244260637 errors:6 dropped:0 overruns:0 carrier:6
   Collisions:0
   Interrupt:11 Base address:0xa000

eth2  Link encap:Ethernet  HWaddr 00:80:C8:CF:C8:63
   inet addr:192.168.143.1  Bcast:192.168.143.255  Mask:255.255.255.0
   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
   RX packets:5742144 errors:691 dropped:0 overruns:0 frame:1381
   TX packets:8793908 errors:0 dropped:0 overruns:0 carrier:0
   Collisions:74307
   Interrupt:9 Base address:0xc000

eth3  Link encap:Ethernet  HWaddr 00:80:C8:CF:C8:64
   inet addr:192.168.147.1  Bcast:192.168.147.255  Mask:255.255.255.0
   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
   RX packets:363126921 errors:1 dropped:0 overruns:0 frame:0
   TX packets:421969990 errors:33 dropped:0 overruns:0 carrier:33
   Collisions:0
   Interrupt:5 Base address:0xe000




--
---Never tell me the odds!
Ray Olszewski   -- Han Solo

[leaf-user] Help for newbies...

[Gilberto de Freitas Mendes]

Interference for coexistence...

Anybody here has a information about this?


Thanks,




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] ifconfig Explanation please.

[Troy Aden]

Sorry for the lack of information. Here is the role of this router in our
network. 

Internet
PC001  -eth0 FIREWALL BOX (Not this router) eth1  switch
PC002  -eth0 BARE production ROUTER (This is the box I did the ifconfig
shown below) - switch --Windows clients 100 base-t network
-eth1 BARE production ROUTER (This is the box I did the ifconfig
shown below) - switch  --Windows clients 100 base-t network
-eth2 BARE production ROUTER (This is the box I did the ifconfig
shown below) - switch  --Windows clients 100 base-t network
-eth3 BARE production ROUTER (This is the box I did the ifconfig
shown below) - backbone switch gateway to other router.

Here is my ip route output table just to make it a little clearer.

255.255.255.255 dev eth3  scope link 
255.255.255.255 dev eth2  scope link 
255.255.255.255 dev eth1  scope link 
255.255.255.255 dev eth0  scope link 
192.168.147.0/24 dev eth3  proto kernel  scope link  src 192.168.147.1 
192.168.146.0/24 via 192.168.147.2 dev eth3 
192.168.145.0/24 via 192.168.147.2 dev eth3 
192.168.144.0/24 via 192.168.147.2 dev eth3 
192.168.143.0/24 dev eth2  proto kernel  scope link  src 192.168.143.1 
192.168.142.0/24 dev eth1  proto kernel  scope link  src 192.168.142.1 
192.168.141.0/24 dev eth0  proto kernel  scope link  src 192.168.141.1 
192.168.140.0/24 via 192.168.147.3 dev eth3 
default via 192.168.147.4 dev eth3 



 -Original Message-
From:   Ray Olszewski [mailto:[EMAIL PROTECTED]] 
Sent:   Monday, October 07, 2002 2:01 PM
To: Troy Aden; Leaf-User (E-mail)
Subject:Re: [leaf-user] ifconfig Explanation  please.

With absolutely zero information about the underlying networks, one can 
only guess about numbers of this sort. But with that disclaimer, my gut 
reaction is that the error and collision counts are within the normal range 
for fairly busy LANs.

To be specific, here is my guess about what we are looking at--

1. eth0 is your Internet connection, and it links the Bering router to some 
dedicated device like a DSL or cable modem. Since this tiny LAN has only 
two clients on it, and the slow data rates associated with Internet access, 
it doesn't push even the limits of a 10 Mbps connection, let alone 100 
Mbps. Consequently, negligible error and collision counts.

2. eth1 is a busy LAN (as a user of the router), with many clients and a 
lot of local traffic as well (perhaps a lot of WinXX hosts with SMB 
mounts), pushing the 10 or 100 Mbps limit, so generating some errors. They 
are well below 1% of packets so no big deal, unless you are seeing other 
performance problems on this LAN (in which case they might be an early 
warning of an overloaded Ethernet). The errors here are (if I recall 
correctly how to interpret this output -- I can't readily find a reference 
to check -- can someone else PLEASE help here?) the results of collisions 
between a packet from a client to the router and some other packet on the
LAN.

3. eth2 is another LAN, but much less active (its RX traffic to the router 
is only about 2% of the volume seen on eth1), probably with way fewer 
clients than eth1. But traffic to the router is in bursts, creating 
collisions between RX and TX packets to/from the router. This may be your
DMZ.

3. eth3 is still another LAN, about as busy (as a user of the router) as 
eth1, but with less local traffic. As a result, the LAN does not press its 
10 or 100 Mbps limit much, and there are few errors.

All this is just a guess, of course. Other variables might be whether they 
are 10 MBbps or 100 Mbps LANs, whether they use hubs or switches, how much 
uptime the packet counts cover, and even it they use something other than 
UTP wiring.

If I'm way off in describing the characteristics of any of these LANs 
(well, at least eth1 and eth2), then you may have a problem. But we'll need 
to know more about the characteristics of the networks to suggest anything 
specific.

If anyone knows enough to correct my interpretation of what the error and 
collision numbers actually mean, I'd really welcome hearing from him or her 
... especially if the correction includes a reference to appropriate 
documentation.

At 01:08 PM 10/7/02 -0600, Troy Aden wrote:
This is the ifconfig output from one of our Bering routers. Please note all
of the errors on eth1 and eth2. Can someone please explain this to me? Am I
to interpret these errors as a router problem or is it indicating some
network device is barfing out erroneous data on that subnet? Any ideas
would
be appreciated. Thanks!


loLink encap:Local Loopback
   inet addr:127.0.0.1  Mask:255.0.0.0
   UP LOOPBACK RUNNING  MTU:16436  Metric:1
   RX packets:364 errors:0 dropped:0 overruns:0 frame:0
   TX packets:364 errors:0 dropped:0 overruns:0 carrier:0
   Collisions:0

eth0  Link encap:Ethernet  HWaddr 

RE: [leaf-user] ifconfig Explanation please.

[Ray Olszewski]

OK. This is quite a bit different from my guess. Am I right in inferring 
from the routing table that the router you call PC101 is the default 
gateway (in the routing table as 192.168.147.4)? Doesn't really matter, I 
suppose, since whatever the device is, it is now clear that all these LANs 
reach the Internet by way of the network on eth3. And as I think more about 
it, this is more consistent with the packet counts on the various interfaces.

 From this info, and the packet counts, I'd still surmise that the errors 
on eth1 come from its hosts accessing the router a lot more than the hosts 
on eth0 or eth2. I'd still guess that there are a lot more hosts on eth1 
than eth2 (or at least a lot more that access the router), and that the 
eth2 traffic is very bursty, but from a relatively small number of hosts.

Finally, I'd guess that the router mostly connects the various hosts to the 
default gateway; this makes most of the traffic on eth3 be to and from the 
gateway, accounting for high loads there with few errors and no collisions. 
Actually, eth1 is the only (local - excluding eth3, that is) interface that 
generates more packets than it receives; might you have some server (mail, 
perhaps? or even DNS?) on it that accounts for the residue of router traffic?

All that said, though, the errors still look like they are within normal 
ranges, if we assume eth1 is the biggest and busiest LAN (regarding router 
traffic).

At 02:40 PM 10/7/02 -0600, Troy Aden wrote:
Sorry for the lack of information. Here is the role of this router in our
network.

Internet
PC001  -eth0 FIREWALL BOX (Not this router) eth1  switch
PC002  -eth0 BARE production ROUTER (This is the box I did the ifconfig
shown below) - switch --Windows clients 100 base-t network
 -eth1 BARE production ROUTER (This is the box I did the ifconfig
shown below) - switch  --Windows clients 100 base-t network
 -eth2 BARE production ROUTER (This is the box I did the ifconfig
shown below) - switch  --Windows clients 100 base-t network
 -eth3 BARE production ROUTER (This is the box I did the ifconfig
shown below) - backbone switch gateway to other router.

Here is my ip route output table just to make it a little clearer.

255.255.255.255 dev eth3  scope link
255.255.255.255 dev eth2  scope link
255.255.255.255 dev eth1  scope link
255.255.255.255 dev eth0  scope link
192.168.147.0/24 dev eth3  proto kernel  scope link  src 192.168.147.1
192.168.146.0/24 via 192.168.147.2 dev eth3
192.168.145.0/24 via 192.168.147.2 dev eth3
192.168.144.0/24 via 192.168.147.2 dev eth3
192.168.143.0/24 dev eth2  proto kernel  scope link  src 192.168.143.1
192.168.142.0/24 dev eth1  proto kernel  scope link  src 192.168.142.1
192.168.141.0/24 dev eth0  proto kernel  scope link  src 192.168.141.1
192.168.140.0/24 via 192.168.147.3 dev eth3
default via 192.168.147.4 dev eth3



  -Original Message-
From:   Ray Olszewski [mailto:[EMAIL PROTECTED]]
Sent:   Monday, October 07, 2002 2:01 PM
To: Troy Aden; Leaf-User (E-mail)
Subject:Re: [leaf-user] ifconfig Explanation  please.

With absolutely zero information about the underlying networks, one can
only guess about numbers of this sort. But with that disclaimer, my gut
reaction is that the error and collision counts are within the normal range
for fairly busy LANs.

To be specific, here is my guess about what we are looking at--

1. eth0 is your Internet connection, and it links the Bering router to some
dedicated device like a DSL or cable modem. Since this tiny LAN has only
two clients on it, and the slow data rates associated with Internet access,
it doesn't push even the limits of a 10 Mbps connection, let alone 100
Mbps. Consequently, negligible error and collision counts.

2. eth1 is a busy LAN (as a user of the router), with many clients and a
lot of local traffic as well (perhaps a lot of WinXX hosts with SMB
mounts), pushing the 10 or 100 Mbps limit, so generating some errors. They
are well below 1% of packets so no big deal, unless you are seeing other
performance problems on this LAN (in which case they might be an early
warning of an overloaded Ethernet). The errors here are (if I recall
correctly how to interpret this output -- I can't readily find a reference
to check -- can someone else PLEASE help here?) the results of collisions
between a packet from a client to the router and some other packet on the
LAN.

3. eth2 is another LAN, but much less active (its RX traffic to the router
is only about 2% of the volume seen on eth1), probably with way fewer
clients than eth1. But traffic to the router is in bursts, creating
collisions between RX and TX packets to/from the router. This may be your
DMZ.

3. eth3 is still another LAN, about as busy (as a user of the router) as
eth1, but with less local traffic. As a result, the LAN does not press its
10 or 100 Mbps limit much, and there are few errors.

All this is 

[leaf-user] via-rhine in WISP

[Homer Parker]

The VIA Eden motherboards have a VIA NIC in them (go figure! ;). After
finding out you don't just copy things to /lib/modules and backup as in
Bering, I'm asking 1) how to add modules, 2) can it be added in the
distro?

--- 
Homer Parker

http://www.homershut.net
telnet://bbs.homershut.net



msg10092/pgp0.pgp
Description: PGP signature

[leaf-user] Multiple Processors

[Roger E McClurg]

Charles,

Do you have any experience running Dachstein on a server with multiple
processors? I just got handed one and would love to be able to use both
processors to handle a large number of VPNs. With over 600 Meg of RAM it
should really sing.

Best Regards,

Roger



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering rc3 and 802.11 Security

[Rob Fegley]

OK, so I have setup Bering rc3 on a couple of boxes and simulated different speeds of 
Internet connectivity to test the IPSec (freeswan) implementation and am very pleased 
with the results.  Also, I am very happy with how easy the configuration is.  So, my 
question and situation pertaining to wireless is as follows.

I have the SMC 2602W, a PCI card which houses a SMC 2632 PCMCIA card, for which I seem 
to think that I'll be compiling the Atmel drivers since I haven't found any .lrp 
packages or .o drivers that are specific to this wireless chipset.  If this is wrong, 
please correct me.  In any event, what I wondering is what would be the best way to 
provide encryption, if not also authentication, in order to use wireless and be 
treated as a trusted host on my LAN.  I already know to just completely disregard 
WEP, as it appears to have been compromised to being the Worthless Encryption 
Protocol.  So, are there any wireless cards, besides Cisco, that are supported by 
LEAF, Bering, or just Linux that can do either the Extensible Authentication Protocol 
(EAP), or Cisco's variant, called LEAP?

Outside of L/EAP being available, I have run through several scenarios to consider, as 
follows:

--use MAC filtering in Shorewall to only allow specified wireless NICs to even pass 
packet filtering rules

--use DHCP, with the wireless card setup as a bridged interface -OR- use DHCP relay 
with the wireless card setup as a routed interface?

--use IPSec road-warrior configuration between trusted zones and wireless client(s), 
but will IPSec work if the client is on the same segment as my local LAN (in the case 
above where I presume to bridge the 802.11 with the LAN), assuming that I have a 
shorewall rule-set that only allows IPSec-specific traffic through?

Obviously, I would like to stay as close to convenience as possible without 
sacrificing any security.  Unfortunately, I think that the Bering support for L/EAP is 
currently non-existent, which makes IPSec the most secure choice, but I'm pondering 
the most functional, least complex solution that is available.

Additionally, if there are any horror stories about using (or trying to use) the SMC 
card that I mention, please advise on that as well, especially since I'd readily 
switch to any card that has better support, is easier to use, or has more 
functionality, especially since the prices of the 802.11b cards seem to have dropped 
steeply with the advent of 802.11a and 802.11g.

Any and all replies to my questions are welcome!  Thanks in advance...

Rob


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] via-rhine in WISP

[Homer Parker]

On Mon, 7 Oct 2002 16:28:19 -0500 Homer Parker [EMAIL PROTECTED]
wrote

   The VIA Eden motherboards have a VIA NIC in them (go figure! ;).
   After
 finding out you don't just copy things to /lib/modules and backup as in
 Bering, I'm asking 1) how to add modules, 2) can it be added in the
 distro?

OK, figured out how to get it... Actually, the biggest problem was it was
segfaulting because I was trying to use modules from Bering rc3... Would
still like to see it included by default ;)

--- 
Homer Parker

http://www.homershut.net
telnet://bbs.homershut.net

This e-mail message is 100% Microsoft free!

WARNING: THIS ACCOUNT BELONGS TO A RABID
ANTI-SPAMMER NET-NAZI DOT-COMMUNIST.

   /\
   \ / ASCII Ribbon Campaign
X  Against HTML Mail
   / \


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bridging on Bering.

[Dan Broscoi]

Hello leaf-user,

  I'm having a hard time to understand how bridging works...

  so far, i make it working, but it's kindda weird... so, here it is:

  I have a bering box, with 3 NIC's.
  eth0, eth2 are coaxial backbones, and eth1 is utp backbone
  I gave to coaxial false IP's (192.168.), and to UTP, real IP...

  Oh, i really don't know why i'm writing this e-mail, because it
  works, no problems, etc... except that all NIC's are in promisc
  mode, and i got some kind of tx errors, and some fog in my head,
  because i have several bridges in my LAN, but they are all build on
  my custom slackware-based distro, not on LRP...

  It would be a nice feature to LRP to implement the DOC's to some
  packages, and to add option to remove the documentation, so, after
  the user is cleared about what he is doing, to delete de help.


  bye.
  

-- 
Best regards,
 Dan  mailto:[EMAIL PROTECTED]




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html