[leaf-user] Dachstein-CD 1.0.2 + Qmail 1.03a Runaway condition
I am encountering a problem with adding the qmail.lrp package to my Dachstein-CD setup. I have tried both loading the package by floppy and by adding it to a custom copy of the CD. The problem manifests itself only on rebooting the router after adding qmail to the lrpkg.cfg file. If I load qmail manually by mounting the media and using lrpkg -i qmail all appears to be OK although I've not yet proved email functionality I'm not getting any errors. I can start and stop qmail using the init script. The initial start complains that the directories /var/log/smtp and /var/log/pop3 don't exist but it creates them with no further comments. However on rebooting the system I get through all the router configuration messages and am just about to enter the login password when the screen fills with scrolling messages complaining that the permissions on /var/log/smtp cannot be changed because it does not exist. I get the same message for /var/log/pop3 and possibly some other messages but everything is wizzing past so fast and the only way I could find to stop it is to give it the 3 fingered salute and catch the last few messages as it shuts down. I read Jacques user guide and can't see that I'm doing anything wrong but I do have one observation which I don't know the implications of: Jacques user guide states that the /etc/shadow entries should be as an example: alias:*:11096:0:9:7::: However the Dachstein-CD already has entries of: alias:*:10091:0:9:7::: I've tried changing these but it doesn't appear to make any difference to the problem I'm having. However which one is correct? Anyone out there added Qmail 1.03a to Dachstein-CD 1.0.2 and got it working without any undocumented tweaks to files? I.e. not in Jacques guide. Regards, Colin *** The information contained in this e-mail is confidential. It may also be legally privileged. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform RACAL INSTRUMENTS LTD. immediately by phoning +44 (0)1628 604455 (ask for the I.T. dept) and delete it and all copies from your system. *** --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Wisp on DiskOnChip
initrd works differently in WISP-Dist, binaries contained in it are not used by system after boot is finished and initrd is unmounted. So it is not backed up. Somebody else made WISP-Dist run on DoC though - I think Bao is the one who did it (sorry if I misspelled your name). Please check the archives. Patches welcome :) Rosa Nicolas wrote: Hi, I am trying to install wisp-2348 on a DiskOnChip. I've installed necessary modules, modified the scripts (root.dev.mk, root.linuxrc, modules) but I cannot save initrd. I am following the doc from Brad Fritz on installing bering on DiskonChip Can you tell me how to backup initrd ? --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Systems Engineer (RHCE) --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Dachstein-CD 1.0.2 + Qmail 1.03a Runaway condition
although i have no expierence setting up qmail, its possible it could be a couple of different problems, check the load order, you said in your email that you load qmail manually, if this is the case, make sure the qmail package is the last one loaded, just in case. if that doesn't work, load it manually, then do a full backup of the system, including logs, presumably that would create the entries when loaded next time. i don't know if this will actually fix the problem, but it might work... joey - Original Message - From: Wrigglesworth, Colin [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, November 26, 2002 8:06 AM Subject: [leaf-user] Dachstein-CD 1.0.2 + Qmail 1.03a Runaway condition I am encountering a problem with adding the qmail.lrp package to my Dachstein-CD setup. I have tried both loading the package by floppy and by adding it to a custom copy of the CD. The problem manifests itself only on rebooting the router after adding qmail to the lrpkg.cfg file. If I load qmail manually by mounting the media and using lrpkg -i qmail all appears to be OK although I've not yet proved email functionality I'm not getting any errors. I can start and stop qmail using the init script. The initial start complains that the directories /var/log/smtp and /var/log/pop3 don't exist but it creates them with no further comments. However on rebooting the system I get through all the router configuration messages and am just about to enter the login password when the screen fills with scrolling messages complaining that the permissions on /var/log/smtp cannot be changed because it does not exist. I get the same message for /var/log/pop3 and possibly some other messages but everything is wizzing past so fast and the only way I could find to stop it is to give it the 3 fingered salute and catch the last few messages as it shuts down. I read Jacques user guide and can't see that I'm doing anything wrong but I do have one observation which I don't know the implications of: Jacques user guide states that the /etc/shadow entries should be as an example: alias:*:11096:0:9:7::: However the Dachstein-CD already has entries of: alias:*:10091:0:9:7::: I've tried changing these but it doesn't appear to make any difference to the problem I'm having. However which one is correct? Anyone out there added Qmail 1.03a to Dachstein-CD 1.0.2 and got it working without any undocumented tweaks to files? I.e. not in Jacques guide. Regards, Colin *** The information contained in this e-mail is confidential. It may also be legally privileged. It is intended only for the stated addressee(s) and access to it by any other person is unauthorised. If you are not an addressee, you must not disclose, copy, circulate or in any other way use or rely on the information contained in this e-mail. Such unauthorised use may be unlawful. If you have received this e-mail in error, please inform RACAL INSTRUMENTS LTD. immediately by phoning +44 (0)1628 604455 (ask for the I.T. dept) and delete it and all copies from your system. *** --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Dachstein-CD 1.0.2 + Qmail 1.03a Runaway condition
Wrigglesworth, Colin wrote: I am encountering a problem with adding the qmail.lrp package to my Dachstein-CD setup. I have tried both loading the package by floppy and by adding it to a custom copy of the CD. The problem manifests itself only on rebooting the router after adding qmail to the lrpkg.cfg file. If I load qmail manually by mounting the media and using lrpkg -i qmail all appears to be OK although I've not yet proved email functionality I'm not getting any errors. I can start and stop qmail using the init script. The initial start complains that the directories /var/log/smtp and /var/log/pop3 don't exist but it creates them with no further comments. However on rebooting the system I get through all the router configuration messages and am just about to enter the login password when the screen fills with scrolling messages complaining that the permissions on /var/log/smtp cannot be changed because it does not exist. I get the same message for /var/log/pop3 and possibly some other messages but everything is wizzing past so fast and the only way I could find to stop it is to give it the 3 fingered salute and catch the last few messages as it shuts down. I read Jacques user guide and can't see that I'm doing anything wrong but I do have one observation which I don't know the implications of: Jacques user guide states that the /etc/shadow entries should be as an example: alias:*:11096:0:9:7::: However the Dachstein-CD already has entries of: alias:*:10091:0:9:7::: I've tried changing these but it doesn't appear to make any difference to the problem I'm having. However which one is correct? Anyone out there added Qmail 1.03a to Dachstein-CD 1.0.2 and got it working without any undocumented tweaks to files? I.e. not in Jacques guide. I have not added qmail to Dachstein, but I think I know what's going wrong. Dachstein uses a seperate partition for the log files, so /var/log is empty at boot (when the *.lrp files are automatically unpacked/installed). Init scripts mount the /var/log partition, and populate it with the required files/directories. The qmail package probably contains /var/log/smtp and /var/log/pop3 files, but they are getting over-written when the new /var/log partition is mounted. What I think is happening at boot-time: - Dachstein boots, loads the kernel, initial ramdisk (root.lrp) and runs the /linuxrc init script - linuxrc installs all packages, including qmail.lrp - The installation of qmail.lrp creates the desired files/directories in /var/log - linuxrc exits, and init takes over. - rcS.d scripts are run, creating a new ramdisk and mounting it at /var/log. This causes the existing /var/log/ files to dissappear - qmail init script runs, and qmail barfs on non-existant files. There are a couple of ways you can fix this. First, you can test for (and create if missing) the files you expect in the qmail init script. Make sure you get the ownership and permissions correct, or qmail will continue to complain. The clean way to do this, however, is to put a tar.gz file in /etc/ramdisk/. The files in this directory are uncompressed *AFTER* all additional run-time ramdisks are created and mounted, allowing you to populate /var/log (and any other directories that might be on their own ramdisk partiton) after system init. Simply create a tar.gz file with the required /var/log entries (use the existing log.tgz as an example), drop it in /etc/ramdisk/, and add it to the qmail file list so it will be backed up with the qmail.lrp package. For extra-credit, you can remove the /var/log entries from the qmail.lrp package so they won't be hanging around chewing up memory (NOTE: The /var/log files installed from the qmail.lrp package didn't entirely disappear, you just can't see them until you unmount /var/log. To test this, shutdown the logging daemons with svi sysklogd stop, and unmount /var/log...the missing qmail files should magically appear!). -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Need bcm5700.o with Bering 1.0-stable
Hi All, I am looking for driver bcm5700.o but I could not find it in Bering_1.0-stable_modules_2.4.18.tar.gz. Searching mail archive seem to indicate it exists, but I am new to Bering, I may very well look at wrong places. Any pointer is appreciated. Thanks. Winston --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Wisp on DiskOnChip
Rosa Nicolas wrote: I've installed necessary modules, modified the scripts (root.dev.mk, root.linuxrc, modules) but I cannot save initrd. I am following the doc from Brad Fritz on installing bering on DiskonChip Can you tell me how to backup initrd ? I think you want to build a new initrd.lrp when you say backing up. Following is what I do to modify the initrd. - Rename the initrd.lrp to initrd.gz - Gunzip the inirtd.gz - Mount the initrd through loopback - Make the changes to the mounted initrd filesystem - Umount the initrd filesystem - Gzip it and change the name to initrd.lrp Bao -- Best Regards. Bao C. Ha Hacom OpenBrick Distributor USA http://www.hacom.net voice: (310) 675-8221 fax: (310) 675-8225 8D66 6672 7A9B 6879 85CD 42E0 9F6C 7908 ED95 6B38 --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Problem booting Oxygen
Hi, I'm a newbie to this list so please be gentle on me. I've searched the list archives and haven't found a solution to my problem. I hope you can help. When booting Oxygen latest disk 1.68MB on my AMD Duron 850 / 256MB I get the following problem I get the Oxygen start-up screen where it prompts you for the type of boot you require. none net floppy large tiny serial But then I get the boot: prompt displayed as shown below boot: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t t t t t t t t t t t t t t t t t I don't get the same issue on my laptop and I've swapped the floppy drive on the Duron. help its driving me up the wall. Yours in advance Martin --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Problem booting Oxygen
Found it tried a different search link from the mailing lists page. Needed to comment out the serial line in syslinux.cfg Regards Martin -Original Message- From: Wheldon,M [mailto:[EMAIL PROTECTED]] Sent: 26 November 2002 17:57 To: [EMAIL PROTECTED] Subject: [leaf-user] Problem booting Oxygen Hi, I'm a newbie to this list so please be gentle on me. I've searched the list archives and haven't found a solution to my problem. I hope you can help. When booting Oxygen latest disk 1.68MB on my AMD Duron 850 / 256MB I get the following problem I get the Oxygen start-up screen where it prompts you for the type of boot you require. none net floppy large tiny serial But then I get the boot: prompt displayed as shown below boot: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t: t t t t t t t t t t t t t t t t t I don't get the same issue on my laptop and I've swapped the floppy drive on the Duron. help its driving me up the wall. Yours in advance Martin --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Using EISA Nics
I came across an old IBM PC320 Server (dual cpu, free gotta like it) Included was 6 EISA SMC nics, scsi hd cdrom Can anyone recommend a package that I might be utilize it to the max eg: xdsl - eth0, int net - eth1, webservers eth2, and so on Jim Better to be thought a fool than to speak and remove all doubt --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Wisp on DiskOnChip
--- Bao C. Ha [EMAIL PROTECTED] wrote: Rosa Nicolas wrote: I've installed necessary modules, modified the scripts (root.dev.mk, root.linuxrc, modules) but I cannot save initrd. I am following the doc from Brad Fritz on installing bering on DiskonChip Can you tell me how to backup initrd ? I think you want to build a new initrd.lrp when you say backing up. Following is what I do to modify the initrd. - Rename the initrd.lrp to initrd.gz - Gunzip the inirtd.gz - Mount the initrd through loopback - Make the changes to the mounted initrd filesystem - Umount the initrd filesystem - Gzip it and change the name to initrd.lrp Bao Do these steps have to be done everytime you backup wisp ? --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Mail Servers (was: Help!.... lrp_PING_HOSTS doesn't work why???)
Jacques- I'm using rc3. What is the distinction between the variable lrp_MAIL_SERVER in lrp.conf and the variable MAIL_SERVER in POSIXness.conf ? I set them both to the same value but was wondering if they are used in different ways or might conflict somehow. -John Le Samedi 9 Novembre 2002 08:08, Thitiporn Pornpirunrak a écrit : You don't tell us which version of LEAF you are using If you are using Bering rc4 my advice would be to check the following chapters of the documentation: http://leaf.sourceforge.net/devel/jnilo/bumail.html http://leaf.sourceforge.net/devel/jnilo/bisystem.html#AEN842 Please note that these instructions are Bering specific and only work with rc4. Jacques Hi all, Today I try to set my bering box to alert me when the connection from my firewall to router down. I found that in System Configuration and Master LRP Setting has lrp_PING_HOSTS option and I config them like this.. ## # Host SMTP server for the 'mail' command. If blank the host 'mail' is used. lrp_MAIL_SERVER=mail.mymail.com # Email address to use for notices and alerts. If blank alerts won't be sent. lrp_MAIL_ADMIN=[EMAIL PROTECTED] # Server that will be contacted via 'rdate' for the time service daily. # Turning this on also updates the CMOS clock lrp_DATE_SERVER=time.nuri.net # List of hosts to ping check. ADMIN will be sent mail if any fail. lrp_PING_HOSTS=1.1.1.1 ## I try to test my configuration by set lrp_PING_HOSTS=1.1.1.1 that my firewall should send mail to me because my firewall can't ping 1.1.1.1 absolutely. However I try to send mail from my firewall to my email manually by use mail command to make sure that my firewall can connect to my email server like this ## myfirewall: -root- # mail -s test [EMAIL PROTECTED] test ipsfw: -root- # ## When i check my email I found that that mail was sent to me. So now I don't know that why my firewall don't send email to me from lrp_PING_HOSTS option... Please help me. __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Need bcm5700.o with Bering 1.0-stable
Hi Winston Hi all Jacques compiled this drivers some weeks ago. It's compiled for RC4, but RC4 drivers works without problems with 1.0. bcm5700 driver link: http://leaf.sourceforge.net/devel/jnilo/bering/rc4/modules/2.4.18/kernel/dri vers/net/ Please note that this drivers uses the sources from the Compaq support site. I'm using it with the integrated gigabit module in the new ML370G3. -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP key is at: http://www.minola.ch/pgp/sminola.asc -- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Winston Hao Sent: Tuesday, November 26, 2002 5:39 PM To: Winston Hao NYSDEC Cc: [EMAIL PROTECTED] Subject: [leaf-user] Need bcm5700.o with Bering 1.0-stable Hi All, I am looking for driver bcm5700.o but I could not find it in Bering_1.0-stable_modules_2.4.18.tar.gz. Searching mail archive seem to indicate it exists, but I am new to Bering, I may very well look at wrong places. Any pointer is appreciated. Thanks. Winston --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] AVM FritzCard DSL
Hi all Is anyone using the FritzCard DSL from AVM (http://www.avm.de/en/products/FRITZdsl/FRITZ_Card_DSL/FRITZCard_DSL/index.h tml) with LEAF or another Linux distribution? I'd be very happy if someone can report success/failure to me. I'm planning to buy such a card and don't know it works with LEAF/Linux. (There are Linux drivers with sources) Thank you so long -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP key is at: http://www.minola.ch/pgp/sminola.asc -- --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] IP Tables question
Hi there I have a quick IP Tables question.
I have an SMTP server behind my firewall and I would like to deny all
outbound SMTP traffic except if it originates from my internal SMTP
server.
The current rule allows SMTP traffic outbound from any IP on the internal
network. (See below for the current rule.) Lets say that my internal SMTP
server is at IP: 192.168.1.67. What should the rules looks like? Can someone
help me out? I have gotten so used to working with Shorewall I can't
remember the proper syntax for a raw IP tables rule. :)
Currently I have these rules:
## SMTP
# Allow SMTP outbound from internal network.
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT
I need rules that allow SMTP outbound from 192.168.1.67 ONLY. (I would want
it to drop all SMTP traffic that is not originating from the SMTP server.)
Thanks in advance.
Troy
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] tcpdump of blocked packets?
where can the port sentry .lrp be obtained? TIA, matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Bacon Sent: Monday, November 25, 2002 11:18 AM To: [EMAIL PROTECTED] Subject: [leaf-user] tcpdump of blocked packets? I'm using port sentry on my LRP box. The otherday it blocked someone attempting to access port 1080 (not used), then port 25(redirect to our mail server). He came back the next day and tried port 25 again, but he was still blocked by the firewall rules. I thought I read somewhere there is a way to capture via tcpdump some of the packet information and write it to a file or syslog when a packet is dropped. Is this possible? Can someone point me in a direction for research? I'm feeling uneasy that I don't know what this person was/is attempting. Thank you in advance. Michael Bacon [EMAIL PROTECTED] Network Admin. Valley Medical Center, PPLC THE INFORMATION CONTAINED IN THIS E-MAIL IS CONFIDENTIAL AND INTENDED ONLY FOR THE USE OF THE INDIVIDUAL TO WHOM IT IS ADDRESSED. IF YOU ARE NOT THE INTENDED RECIPIENT, YOU ARE HEREBY NOTIFIED THAT ANY USE, DISSEMINATION, DISTRIBUTION OR COPYING OF THIS COMMUNICATION IS PROHIBITED. IF YOU HAVE RECEIVED THIS E-MAIL IN ERROR, PLEASE IMMEDIATELY NOTIFY THE SENDER BY RETURN E-MAIL OR CALL VALLEY MEDICAL CENTER, PLLC AT 1-888-884-4155, EXT 6203 AND DELETE THIS E-MAIL, ANY ATTACHMENTS, AND ALL COPIES. --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] IP Tables question
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
# accepts all established connections
# e.g. those initiated inside the firewall.
Troy Aden [EMAIL PROTECTED] on 11/26/2002 02:02:44 PM
To: Leaf-User (E-mail) [EMAIL PROTECTED]
cc:(bcc: Phillip Watts/austin/Nlynx)
Subject: [leaf-user] IP Tables question
Hi there I have a quick IP Tables question.
I have an SMTP server behind my firewall and I would like to deny all
outbound SMTP traffic except if it originates from my internal SMTP
server.
The current rule allows SMTP traffic outbound from any IP on the internal
network. (See below for the current rule.) Lets say that my internal SMTP
server is at IP: 192.168.1.67. What should the rules looks like? Can someone
help me out? I have gotten so used to working with Shorewall I can't
remember the proper syntax for a raw IP tables rule. :)
Currently I have these rules:
## SMTP
# Allow SMTP outbound from internal network.
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT
I need rules that allow SMTP outbound from 192.168.1.67 ONLY. (I would want
it to drop all SMTP traffic that is not originating from the SMTP server.)
Thanks in advance.
Troy
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] IP Tables question
Whoops, I didn't read the whole thing.
You would want to add:-s 192.168.1.67 to the outbound permit.
Troy Aden [EMAIL PROTECTED] on 11/26/2002 02:02:44 PM
To: Leaf-User (E-mail) [EMAIL PROTECTED]
cc:(bcc: Phillip Watts/austin/Nlynx)
Subject: [leaf-user] IP Tables question
Hi there I have a quick IP Tables question.
I have an SMTP server behind my firewall and I would like to deny all
outbound SMTP traffic except if it originates from my internal SMTP
server.
The current rule allows SMTP traffic outbound from any IP on the internal
network. (See below for the current rule.) Lets say that my internal SMTP
server is at IP: 192.168.1.67. What should the rules looks like? Can someone
help me out? I have gotten so used to working with Shorewall I can't
remember the proper syntax for a raw IP tables rule. :)
Currently I have these rules:
## SMTP
# Allow SMTP outbound from internal network.
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT
I need rules that allow SMTP outbound from 192.168.1.67 ONLY. (I would want
it to drop all SMTP traffic that is not originating from the SMTP server.)
Thanks in advance.
Troy
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] IP Tables question
Can you please show me where I need to add -s 192.168.1.67? I am assuming
that I can't just tack it onto the end of the rule. Should it look like
this?
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT -s 192.168.1.67
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT -s 192.168.1.67
Please demonstrate how this rule should look. It is the syntax that throws
me off.
Sorry to be a bother. Thanks.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 26, 2002 2:49 PM
To: Troy Aden
Cc: Leaf-User (E-mail)
Subject: Re: [leaf-user] IP Tables question
Whoops, I didn't read the whole thing.
You would want to add:-s 192.168.1.67 to the outbound permit.
Troy Aden [EMAIL PROTECTED] on 11/26/2002 02:02:44 PM
To: Leaf-User (E-mail) [EMAIL PROTECTED]
cc:(bcc: Phillip Watts/austin/Nlynx)
Subject: [leaf-user] IP Tables question
Hi there I have a quick IP Tables question.
I have an SMTP server behind my firewall and I would like to deny all
outbound SMTP traffic except if it originates from my internal SMTP
server.
The current rule allows SMTP traffic outbound from any IP on the internal
network. (See below for the current rule.) Lets say that my internal SMTP
server is at IP: 192.168.1.67. What should the rules looks like? Can someone
help me out? I have gotten so used to working with Shorewall I can't
remember the proper syntax for a raw IP tables rule. :)
Currently I have these rules:
## SMTP
# Allow SMTP outbound from internal network.
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT
I need rules that allow SMTP outbound from 192.168.1.67 ONLY. (I would want
it to drop all SMTP traffic that is not originating from the SMTP server.)
Thanks in advance.
Troy
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] IP Tables question
I believe that to do what you want, you just need to add a -d parameter to
the first rule and an -s parameter to the second rule. That is (using your
rules as the starting point):
# Allow SMTP outbound from only one host on the internal network.
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp -d 192.168.1.67 --sport 25
-m state --state ESTABLISHED -j ACCEPT
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp -s 192.168.1.67 --dport 25
-m state --state NEW,ESTABLISHED -j ACCEPT
I am assuming that after not matching these rules, SMTP traffic to/from
other internal servers will drop through to match other -j DENY rules; if
not, you'll need to add them as well. Something like this (following the
above pair):
# DENY all other SMTP traffic
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state
--state ESTABLISHED -j DENY
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j DENY
You can almost surely omit the state parameters in this second pair.
As always, I feel obliged to remind you that rules in isolation are unclear
in their effect; these rules will work only if they are not preceded in the
FORWARD table by any other rules that prevent the relevant traffic from
reaching them. (And that's the reason for the almost surely comment with
the second pair as well.)
At 02:02 PM 11/26/02 -0600, Troy Aden wrote:
Hi there I have a quick IP Tables question.
I have an SMTP server behind my firewall and I would like to deny all
outbound SMTP traffic except if it originates from my internal SMTP
server.
The current rule allows SMTP traffic outbound from any IP on the internal
network. (See below for the current rule.) Lets say that my internal SMTP
server is at IP: 192.168.1.67. What should the rules looks like? Can someone
help me out? I have gotten so used to working with Shorewall I can't
remember the proper syntax for a raw IP tables rule. :)
Currently I have these rules:
## SMTP
# Allow SMTP outbound from internal network.
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT
I need rules that allow SMTP outbound from 192.168.1.67 ONLY. (I would want
it to drop all SMTP traffic that is not originating from the SMTP server.)
--
---Never tell me the odds!
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
---
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] IP Tables question
At 02:40 PM 11/26/02 -0600, Troy Aden wrote:
Can you please show me where I need to add -s 192.168.1.67? I am assuming
that I can't just tack it onto the end of the rule.
Actually you can. iptables doesn't care about the order of parameters. But
as my prior reply noted, the first rule needs -d, not -s . So in that
sense, your sample below is incorrect.
Should it look like
this?
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT -s 192.168.1.67
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT -s 192.168.1.67
Please demonstrate how this rule should look. It is the syntax that throws
me off.
--
---Never tell me the odds!
Ray Olszewski -- Han Solo
Palo Alto, California, USA [EMAIL PROTECTED]
---
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] IP Tables question
Yes, that would work. -s is an reserved argument, and there is no order.
Whatever is aesthetically pleasing.
However, I do not understand your lines. I would allow outgoing by
iptables -A FORWARD -i $INTERNALDEVICE -s 192.168.1.67 -p tcp --dport 25 -j
ACCEPT
then have an ESTABLISHED, RELATED line to accept the responses.
Troy Aden [EMAIL PROTECTED] on 11/26/2002 02:40:42 PM
To: Phillip Watts/austin/Nlynx@Nlynx
cc: Leaf-User (E-mail) [EMAIL PROTECTED]
Subject: RE: [leaf-user] IP Tables question
Can you please show me where I need to add -s 192.168.1.67? I am assuming
that I can't just tack it onto the end of the rule. Should it look like
this?
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT -s 192.168.1.67
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT -s 192.168.1.67
Please demonstrate how this rule should look. It is the syntax that throws
me off.
Sorry to be a bother. Thanks.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 26, 2002 2:49 PM
To: Troy Aden
Cc: Leaf-User (E-mail)
Subject: Re: [leaf-user] IP Tables question
Whoops, I didn't read the whole thing.
You would want to add:-s 192.168.1.67 to the outbound permit.
Troy Aden [EMAIL PROTECTED] on 11/26/2002 02:02:44 PM
To: Leaf-User (E-mail) [EMAIL PROTECTED]
cc:(bcc: Phillip Watts/austin/Nlynx)
Subject: [leaf-user] IP Tables question
Hi there I have a quick IP Tables question.
I have an SMTP server behind my firewall and I would like to deny all
outbound SMTP traffic except if it originates from my internal SMTP
server.
The current rule allows SMTP traffic outbound from any IP on the internal
network. (See below for the current rule.) Lets say that my internal SMTP
server is at IP: 192.168.1.67. What should the rules looks like? Can someone
help me out? I have gotten so used to working with Shorewall I can't
remember the proper syntax for a raw IP tables rule. :)
Currently I have these rules:
## SMTP
# Allow SMTP outbound from internal network.
iptables -A FORWARD -i ${OUTSIDE_DEVICE} -p tcp --sport 25 -m state --state
ESTABLISHED -j ACCEPT
iptables -A FORWARD -o ${OUTSIDE_DEVICE} -p tcp --dport 25 -m state --state
NEW,ESTABLISHED -j ACCEPT
I need rules that allow SMTP outbound from 192.168.1.67 ONLY. (I would want
it to drop all SMTP traffic that is not originating from the SMTP server.)
Thanks in advance.
Troy
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
---
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] AVM FritzCard DSL
On Tue, 26 Nov 2002 20:48:36 +0100, you wrote: Hi all Is anyone using the FritzCard DSL from AVM (http://www.avm.de/en/products/FRITZdsl/FRITZ_Card_DSL/FRITZCard_DSL/index.h tml) with LEAF or another Linux distribution? I'd be very happy if someone can report success/failure to me. I'm planning to buy such a card and don't know it works with LEAF/Linux. (There are Linux drivers with sources) I have build a package already. I think it's time to release my packages soon! :) Cu -- Lars Kneschke CCNP --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Wisp on DiskOnChip
On Tue, Nov 26, 2002 at 11:28:00AM -0800, David Ondzes wrote: Following is what I do to modify the initrd. - Rename the initrd.lrp to initrd.gz - Gunzip the inirtd.gz - Mount the initrd through loopback - Make the changes to the mounted initrd filesystem - Umount the initrd filesystem - Gzip it and change the name to initrd.lrp Do these steps have to be done everytime you backup wisp ? No. They are only nedded when you make changes to the initrd.lrp. Bao -- Best Regards. Bao C. Ha Hacom OpenBrick Distributor USA http://www.hacom.net voice: (310) 675-8221 fax: (310) 675-8225 8D66 6672 7A9B 6879 85CD 42E0 9F6C 7908 ED95 6B38 --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] strange firewall logs
Try running a tcpdump on your firewall, then trace it from there backwards -Original Message- From: Arif Mamdani [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 26, 2002 07:16 To: Ray Olszewski Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] strange firewall logs On Monday, November 25, 2002, at 11:52 PM, Ray Olszewski wrote: But while those assumptions hold true for Linux traceroute (and even with it, most can be changed via command-line flags), other implementations of traceroute need not follow them. Were I to guess about this traffic, I'd suspect it is from one of those companies that say they measure network performance (and sell some service to optimize it). An alternative is some sort of preliminary to a DoS attack (at one packet every 4 seconds, this traffic itself is no DoS), but this seems a remote possibility. Nothing else (bsides traceroute) officially uses this port range, but I suppose some P2P service might make use of it in a traceroute-like manner. BTW, while the source address is neither ping-able nor reverse-resolvable, I can traceroute to it. You might do so to see how many hops from you it is (it is only 17 hops from me). It's 14 hops from me. As an added note, it's still going, I just checked my firewall stats page (Bering rc4 for what its worth), and i've got 196 hits from this IP for what that's worth. Also interesting is that according the ARIN's whois look-up, the block of IP that this is in apparently belongs to the Dell Computer Corporation -- is this some way of saying Dude! You're getting a Dell!? So yes, it's not a DOS, not even really close, though at 196 hits and counting, it's getting a bit annoying. More than anything else, I'd love to know what on earth it is, since if it's a traceroute, why does it keep repeating every minute or two. No one on my LAN is running any P2P apps (there's only three boxes connected :) ), so I think I can probably rule that out as a possibility -- I'm kind of at a loss. Of course at this point, i'm hoping that I've allocated enough memory for my log files, though I guess I'll find out :) -arif --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/l eaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] strange firewall logs
http://www.echogent.com/cgi-bin/fwlog.pl This is great page to analize this yourself. Andrey Arif Mamdani wrote: I'm hoping someone on the list can give me some insight into what's going on here. At first I thought that it might be a traceroute, but I was under the impression that traceroute would increment the destination port, which isn't happening. Any assistance would be appreciated. -arif here's the log: Nov 25 08:51:42 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=UDP SPT=56849 DPT=33435 LEN=8 Nov 25 08:51:46 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=UDP SPT=56849 DPT=33435 LEN=8 Nov 25 08:51:50 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=2 ID=0 PROTO=UDP SPT=56849 DPT=33435 LEN=8 Nov 25 08:51:54 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=3 ID=0 PROTO=UDP SPT=56849 DPT=33435 LEN=8 Nov 25 08:52:15 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=UDP SPT=56850 DPT=33435 LEN=8 Nov 25 08:52:19 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=UDP SPT=56850 DPT=33435 LEN=8 Nov 25 08:52:23 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=2 ID=0 PROTO=UDP SPT=56850 DPT=33435 LEN=8 Nov 25 08:52:27 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=3 ID=0 PROTO=UDP SPT=56850 DPT=33435 LEN=8 Nov 25 08:52:32 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=UDP SPT=56850 DPT=33435 LEN=8 Nov 25 08:52:36 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=0 PROTO=UDP SPT=56850 DPT=33435 LEN=8 Nov 25 08:52:40 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=2 ID=0 PROTO=UDP SPT=56850 DPT=33435 LEN=8 Nov 25 08:52:44 arif-host1 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:50:fc:59:16:5b:00:20:e0:35:18:25:08:00 SRC=143.166.34.130 DST=209.98.2.1 LEN=28 TOS=0x00 PREC=0x00 TTL=3 ID=0 PROTO=UDP SPT=56850 DPT=33435 LEN=8 it continues on this way till 8:53:50, then starts up again at 18:24:04, and stops at 18:25:48, then starts again at 21:34:39 and finally stops at 21:52:06 thanks again. -arif --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] tcpdump of blocked packets?
Here's one source: http://leaf.sourceforge.net/devel/thc/files/kwarchive/ I did a quick search on google for psentry.lrp Google is good :) Michael -Original Message- From: Matt Russell [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 26, 2002 11:07 AM To: Michael Bacon; [EMAIL PROTECTED] Subject: RE: [leaf-user] tcpdump of blocked packets? where can the port sentry .lrp be obtained? TIA, matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Bacon Sent: Monday, November 25, 2002 11:18 AM To: [EMAIL PROTECTED] Subject: [leaf-user] tcpdump of blocked packets? I'm using port sentry on my LRP box. The otherday it blocked someone attempting to access port 1080 (not used), then port 25(redirect to our mail server). He came back the next day and tried port 25 again, but he was still blocked by the firewall rules. I thought I read somewhere there is a way to capture via tcpdump some of the packet information and write it to a file or syslog when a packet is dropped. Is this possible? Can someone point me in a direction for research? I'm feeling uneasy that I don't know what this person was/is attempting. Thank you in advance. Michael Bacon [EMAIL PROTECTED] Network Admin. Valley Medical Center, PPLC THE INFORMATION CONTAINED IN THIS E-MAIL IS CONFIDENTIAL AND INTENDED ONLY FOR THE USE OF THE INDIVIDUAL TO WHOM IT IS ADDRESSED. IF YOU ARE NOT THE INTENDED RECIPIENT, YOU ARE HEREBY NOTIFIED THAT ANY USE, DISSEMINATION, DISTRIBUTION OR COPYING OF THIS COMMUNICATION IS PROHIBITED. IF YOU HAVE RECEIVED THIS E-MAIL IN ERROR, PLEASE IMMEDIATELY NOTIFY THE SENDER BY RETURN E-MAIL OR CALL VALLEY MEDICAL CENTER, PLLC AT 1-888-884-4155, EXT 6203 AND DELETE THIS E-MAIL, ANY ATTACHMENTS, AND ALL COPIES. --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html THE INFORMATION CONTAINED IN THIS E-MAIL IS CONFIDENTIAL AND INTENDED ONLY FOR THE USE OF THE INDIVIDUAL TO WHOM IT IS ADDRESSED. IF YOU ARE NOT THE INTENDED RECIPIENT, YOU ARE HEREBY NOTIFIED THAT ANY USE, DISSEMINATION, DISTRIBUTION OR COPYING OF THIS COMMUNICATION IS PROHIBITED. IF YOU HAVE RECEIVED THIS E-MAIL IN ERROR, PLEASE IMMEDIATELY NOTIFY THE SENDER BY RETURN E-MAIL OR CALL VALLEY MEDICAL CENTER, PLLC AT 1-888-884-4155, EXT 6203 AND DELETE THIS E-MAIL, ANY ATTACHMENTS, AND ALL COPIES. --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] tcpdump of blocked packets?
so i'm a little slow. =) thanks, matt -Original Message- From: Michael Bacon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 26, 2002 12:30 PM To: Matt Russell; [EMAIL PROTECTED] Subject: RE: [leaf-user] tcpdump of blocked packets? Here's one source: http://leaf.sourceforge.net/devel/thc/files/kwarchive/ I did a quick search on google for psentry.lrp Google is good :) Michael -Original Message- From: Matt Russell [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 26, 2002 11:07 AM To: Michael Bacon; [EMAIL PROTECTED] Subject: RE: [leaf-user] tcpdump of blocked packets? where can the port sentry .lrp be obtained? TIA, matt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Michael Bacon Sent: Monday, November 25, 2002 11:18 AM To: [EMAIL PROTECTED] Subject: [leaf-user] tcpdump of blocked packets? I'm using port sentry on my LRP box. The otherday it blocked someone attempting to access port 1080 (not used), then port 25(redirect to our mail server). He came back the next day and tried port 25 again, but he was still blocked by the firewall rules. I thought I read somewhere there is a way to capture via tcpdump some of the packet information and write it to a file or syslog when a packet is dropped. Is this possible? Can someone point me in a direction for research? I'm feeling uneasy that I don't know what this person was/is attempting. Thank you in advance. Michael Bacon [EMAIL PROTECTED] Network Admin. Valley Medical Center, PPLC THE INFORMATION CONTAINED IN THIS E-MAIL IS CONFIDENTIAL AND INTENDED ONLY FOR THE USE OF THE INDIVIDUAL TO WHOM IT IS ADDRESSED. IF YOU ARE NOT THE INTENDED RECIPIENT, YOU ARE HEREBY NOTIFIED THAT ANY USE, DISSEMINATION, DISTRIBUTION OR COPYING OF THIS COMMUNICATION IS PROHIBITED. IF YOU HAVE RECEIVED THIS E-MAIL IN ERROR, PLEASE IMMEDIATELY NOTIFY THE SENDER BY RETURN E-MAIL OR CALL VALLEY MEDICAL CENTER, PLLC AT 1-888-884-4155, EXT 6203 AND DELETE THIS E-MAIL, ANY ATTACHMENTS, AND ALL COPIES. --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html THE INFORMATION CONTAINED IN THIS E-MAIL IS CONFIDENTIAL AND INTENDED ONLY FOR THE USE OF THE INDIVIDUAL TO WHOM IT IS ADDRESSED. IF YOU ARE NOT THE INTENDED RECIPIENT, YOU ARE HEREBY NOTIFIED THAT ANY USE, DISSEMINATION, DISTRIBUTION OR COPYING OF THIS COMMUNICATION IS PROHIBITED. IF YOU HAVE RECEIVED THIS E-MAIL IN ERROR, PLEASE IMMEDIATELY NOTIFY THE SENDER BY RETURN E-MAIL OR CALL VALLEY MEDICAL CENTER, PLLC AT 1-888-884-4155, EXT 6203 AND DELETE THIS E-MAIL, ANY ATTACHMENTS, AND ALL COPIES. --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Wisp on DiskOnChip
I just finished an install of Bering on DoC following the users guide. It did not work first shot. Brad did point out that the nftla device is not listed in /var/lib/lrpkg/root.mount file. I did that too. I was parsing thro' Linuxrc when I saw the hack for DoC. It said the pkgpath declaration in syslinux.cfg should not be there for boot from DoC to work. I did that and I was home. I do not think this is documented in the user's manual though. I would not know if this applies to WISP too. Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bao C. Ha Sent: Tuesday, November 26, 2002 10:47 PM To: Rosa Nicolas Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] Wisp on DiskOnChip Rosa Nicolas wrote: I've installed necessary modules, modified the scripts (root.dev.mk, root.linuxrc, modules) but I cannot save initrd. I am following the doc from Brad Fritz on installing bering on DiskonChip Can you tell me how to backup initrd ? I think you want to build a new initrd.lrp when you say backing up. Following is what I do to modify the initrd. - Rename the initrd.lrp to initrd.gz - Gunzip the inirtd.gz - Mount the initrd through loopback - Make the changes to the mounted initrd filesystem - Umount the initrd filesystem - Gzip it and change the name to initrd.lrp Bao -- Best Regards. Bao C. Ha Hacom OpenBrick Distributor USA http://www.hacom.net voice: (310) 675-8221 fax: (310) 675-8225 8D66 6672 7A9B 6879 85CD 42E0 9F6C 7908 ED95 6B38 --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] WISP wireless AP
Greetings, I notice that there is hostap_cs.cfg in /etc/pcmcia in WISP. What do I have to do to make WISP to support AP for DWL 650 ? Thanks. Newton __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: Can't see my NICs / pci-scan.o? Status Update
Moved the NICs to a P233, tried configuring my Netgear FA310TX w/natsemi drivers as well as tulip. Chmod on both downloaded drivers to 644 - convinced I am missing something on configuration. Is there anything else 'required' to configure on the shorewall side, perhaps? Frustrated, because I can't remember what I did to finally get my NICs up running the 1st time... here is my messages log: Nov 26 20:57:44 firewall syslogd 1.3-3#31.slink1: restart. Nov 26 20:57:44 firewall kernel: klogd 1.3-3#31.slink1, log source = /proc/kmsg started. Nov 26 20:57:44 firewall kernel: Cannot find map file. Nov 26 20:57:44 firewall kernel: Loaded 2 symbols from 4 modules. Nov 26 20:57:44 firewall kernel: Linux version 2.4.18 (root@uml_woody) (gcc version 2.95.4 20011002 (Debian prerelease)) #1 Sun Nov 10 17:40:20 UTC 2002 Nov 26 20:57:44 firewall kernel: BIOS-provided physical RAM map: Nov 26 20:57:44 firewall kernel: BIOS-e820: - 0009fc00 (usable) Nov 26 20:57:44 firewall kernel: BIOS-e820: 0009fc00 - 000a (reserved) Nov 26 20:57:44 firewall kernel: BIOS-e820: 000e - 0010 (reserved) Nov 26 20:57:44 firewall kernel: BIOS-e820: 0010 - 0400 (usable) Nov 26 20:57:44 firewall kernel: BIOS-e820: fff8 - 0001 (reserved) Nov 26 20:57:44 firewall kernel: On node 0 totalpages: 16384 Nov 26 20:57:44 firewall kernel: zone(0): 4096 pages. Nov 26 20:57:44 firewall kernel: zone(1): 12288 pages. Nov 26 20:57:44 firewall kernel: zone(2): 0 pages. Nov 26 20:57:44 firewall kernel: Kernel command line: BOOT_IMAGE=linux initrd=initrd.lrp init=/linuxrc root=/dev/ram0 boot=/dev/fd0u1680:msdos PKGPATH=/dev/fd0u1680 LRP=root,etc,local,modules,iptables,pump,shorwall,dnscache,weblet Nov 26 20:57:44 firewall kernel: Initializing CPU#0 Nov 26 20:57:44 firewall kernel: Detected 232.883 MHz processor. Nov 26 20:57:44 firewall kernel: Console: colour VGA+ 80x25 Nov 26 20:57:44 firewall kernel: Calibrating delay loop... 463.66 BogoMIPS Nov 26 20:57:44 firewall kernel: Memory: 62308k/65536k available (907k kernel code, 2840k reserved, 232k data, 60k init, 0k highmem) Nov 26 20:57:44 firewall kernel: Dentry-cache hash table entries: 8192 (order: 4, 65536 bytes) Nov 26 20:57:44 firewall kernel: Inode-cache hash table entries: 4096 (order: 3, 32768 bytes) Nov 26 20:57:44 firewall kernel: Mount-cache hash table entries: 1024 (order: 1, 8192 bytes) Nov 26 20:57:44 firewall kernel: Buffer-cache hash table entries: 4096 (order: 2, 16384 bytes) Nov 26 20:57:44 firewall kernel: Page-cache hash table entries: 16384 (order: 4, 65536 bytes) Nov 26 20:57:44 firewall kernel: Intel Pentium with F0 0F bug - workaround enabled. Nov 26 20:57:44 firewall kernel: CPU: Intel Pentium MMX stepping 03 Nov 26 20:57:44 firewall kernel: Checking 'hlt' instruction... OK. Nov 26 20:57:44 firewall kernel: POSIX conformance testing by UNIFIX Nov 26 20:57:44 firewall kernel: PCI: PCI BIOS revision 2.10 entry at 0xfd9df, last bus=0 Nov 26 20:57:44 firewall kernel: PCI: Using configuration type 1 Nov 26 20:57:44 firewall kernel: PCI: Probing PCI hardware Nov 26 20:57:44 firewall kernel: Limiting direct PCI/PCI transfers. Nov 26 20:57:44 firewall kernel: Linux NET4.0 for Linux 2.4 Nov 26 20:57:44 firewall kernel: Based upon Swansea University Computer Society NET3.039 Nov 26 20:57:44 firewall kernel: Initializing RT netlink socket Nov 26 20:57:44 firewall kernel: Starting kswapd Nov 26 20:57:44 firewall kernel: pty: 256 Unix98 ptys configured Nov 26 20:57:44 firewall kernel: Serial driver version 5.05c (2001-07-08) with MANY_PORTS SHARE_IRQ DETECT_IRQ SERIAL_PCI enabled Nov 26 20:57:44 firewall kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A Nov 26 20:57:44 firewall kernel: ttyS02 at 0x03e8 (irq = 4) is a 16550A Nov 26 20:57:44 firewall kernel: Software Watchdog Timer: 0.05, timer margin: 60 sec Nov 26 20:57:44 firewall kernel: block: 128 slots per queue, batch=32 Nov 26 20:57:44 firewall kernel: RAMDISK driver initialized: 16 RAM disks of 4096K size 1024 blocksize Nov 26 20:57:44 firewall kernel: Floppy drive(s): fd0 is 1.44M Nov 26 20:57:44 firewall kernel: FDC 0 is a National Semiconductor PC87306 Nov 26 20:57:44 firewall kernel: NET4: Linux TCP/IP 1.0 for NET4.0 Nov 26 20:57:44 firewall kernel: IP Protocols: ICMP, UDP, TCP, IGMP Nov 26 20:57:44 firewall kernel: IP: routing cache hash table of 512 buckets, 4Kbytes Nov 26 20:57:44 firewall kernel: TCP: Hash tables configured (established 4096 bind 4096) Nov 26 20:57:44 firewall kernel: Linux IP multicast router 0.06 plus PIM-SM Nov 26 20:57:44 firewall kernel: ip_conntrack version 2.0 (512 buckets, 4096 max) - 312 bytes per conntrack Nov 26 20:57:44 firewall kernel: ip_tables: (C) 2000-2002 Netfilter core team Nov 26 20:57:44 firewall kernel: NET4: Unix domain sockets 1.0/SMP for Linux NET4.0. Nov 26 20:57:44 firewall kernel: RAMDISK: Compressed image found at
Re: [leaf-user] Wisp on DiskOnChip
Mohan et al, On Wed, 27 Nov 2002 05:54:07 +0530 Mohan wrote: I just finished an install of Bering on DoC following the users guide. It did not work first shot. Brad did point out that the nftla device is not listed in /var/lib/lrpkg/root.mount file. I did that too. I was parsing thro' Linuxrc when I saw the hack for DoC. It said the pkgpath declaration in syslinux.cfg should not be there for boot from DoC to work. I did that and I was home. I do not think this is documented in the user's manual though. Sounds like it is time for me to revisit that document using Bering 1.0-stable as a starting point. I think Jacques made adjustments to stable that make some of the steps I wrote about unncessary anyhow. The most recent version of that document (in DocBook) format is at: http://cvs.sf.net/cgi-bin/viewcvs.cgi/leaf/devel/bradfritz/bering_contrib/doc/budiskonchip.xml Patches or specific suggestions for improvements are *always* welcome, so feel free to send 'em my way directly or via the list if you have 'em. (That includes additions for WISP, which I haven't made time to play with yet.) --Brad --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Wisp on DiskOnChip
I was using rc4 wherein nftla was not included in root.mount file. 1.0-stable has nftla in the root.mount list. On rc4, I added it to the file and backed it up. I checked 1.0-stable and linuxrc says pkgpath must be removed for booting to happen. Cannot Linuxrc be modified to say that if pkgpath= or = nftla1, go to the hack you wrote in the else statement? It felt great when I was able to boot from the DoC. Thanks Brad. Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brad Fritz Sent: 27 November 2002 09:25 To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Wisp on DiskOnChip Mohan et al, On Wed, 27 Nov 2002 05:54:07 +0530 Mohan wrote: I just finished an install of Bering on DoC following the users guide. It did not work first shot. Brad did point out that the nftla device is not listed in /var/lib/lrpkg/root.mount file. I did that too. I was parsing thro' Linuxrc when I saw the hack for DoC. It said the pkgpath declaration in syslinux.cfg should not be there for boot from DoC to work. I did that and I was home. I do not think this is documented in the user's manual though. Sounds like it is time for me to revisit that document using Bering 1.0-stable as a starting point. I think Jacques made adjustments to stable that make some of the steps I wrote about unncessary anyhow. The most recent version of that document (in DocBook) format is at: http://cvs.sf.net/cgi-bin/viewcvs.cgi/leaf/devel/bradfritz/bering_contrib/do c/budiskonchip.xml Patches or specific suggestions for improvements are *always* welcome, so feel free to send 'em my way directly or via the list if you have 'em. (That includes additions for WISP, which I haven't made time to play with yet.) --Brad --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: Can't see my NICs / pci-scan.o? Status Update
Christian, On Tue, 26 Nov 2002 18:25:50 PST Christian Hoss wrote: Moved the NICs to a P233, tried configuring my Netgear FA310TX w/natsemi drivers as well as tulip. Chmod on both downloaded drivers to 644 - convinced I am missing something on configuration. What happens when you insmod the drivers manually? Is there anything else 'required' to configure on the shorewall side, perhaps? You didn't actually say what was wrong in the body of your message. I am assuming, from the subject, that the problem is the NICs are not recognized. If that's the case, shorewall does not have anything to do with it. If insmoding the drivers doesn't result in them showing up in the ip link output, there is a problem with the module you are using, the BIOS setup, or the hardware. If you want to see which PCI cards are visable to Bering on the PCI bus, you can download and install lspci.lrp from http://fritzfam.com/brad/leaftmp/ and run lspci to check. --Brad PGP FP: BEF3 1F93 9399 FD8B A7AA 932D B9A6 D18E 7E69 9F03 msg11312/pgp0.pgp Description: PGP signature
[leaf-user] cont'd strange firewall logs
Hey folks, So, i'm seeing the exact same hits in my firewall as I reported in my last message. Someone had suggested using tcpdump to see if i could figure out what was happening, and i'd be happy to do that, but can't find a tcpdump lrp for bering, so -- can someone point me to the appropriate package so i can try to figure what's going on here? thanks much, -arif --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] cont'd strange firewall logs
Check out http://www.monkeynoodle.org/lrp/lrp/packages/net-utils/tcpdump.lrp -Original Message- From: Arif Mamdani [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 27, 2002 06:20 To: [EMAIL PROTECTED] Subject: [leaf-user] cont'd strange firewall logs Hey folks, So, i'm seeing the exact same hits in my firewall as I reported in my last message. Someone had suggested using tcpdump to see if i could figure out what was happening, and i'd be happy to do that, but can't find a tcpdump lrp for bering, so -- can someone point me to the appropriate package so i can try to figure what's going on here? thanks much, -arif --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/l eaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] cont'd strange firewall logs
On Tuesday, November 26, 2002, at 11:41 PM, S Mohan wrote: www.monkeynoodle.org. You will need to download some libraries too. Not aware of the full dependency list but all that is required is available in the site. Mohan Got it, thanks much, I really appreciate the assistance. -arif --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
