[leaf-user] Missing Logs ???
Hello :) I finally got everything set up (fixed my problems with the 1680 disks, used my new computer's floppy drive to write & used new disks I just bought). Even got 1 of my eth cards working I was having problems with. I've got to say the firewall is great, had a friend run nmap against me & he couldn't find anything. I'm currently running Bering 1.0 rc3 & have been using the smaller version of weblet. My problem is that for some reason after a couple days of being up, both the Firewall & RAM Disk traffic lights end up being red &/or yellow, sometimes I can see stuff in the logs & other times it doesn't seem to have anyting in the logs. Then after another day or 2 all 3 lights are green! & there's absolutely nothing in any of the logs I've checked, there's not even anything in any of the backup logs... Even after I connect to DALnet (which does close to 40-50 hits to make sure you don't have any vulnerability spots) I still got nothing in the logs. What gives? Any help would be appreciated as I've had fun recently going through alot of security info & finding out why all the hits & what people are trying to find. Not to mention I'd like to find out if this really is someone cracking my firewall & erasing all the logs! Which brings me to another point... where can I find some docs on setting up my leaf box so that it sends all it's logs to another computer? One of the security measures I found somewhere suggested having all your machines write their logs to 1 dedicated log computer, making it harder for crackers to erase their crack thanks! Patrick --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Missing Logs ???
Switch to Bering 1.0-stable. The log rotation is fixed. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 27, 2002 1:15 PM To: [EMAIL PROTECTED] Subject: [leaf-user] Missing Logs ??? Hello :) I finally got everything set up (fixed my problems with the 1680 disks, used my new computer's floppy drive to write & used new disks I just bought). Even got 1 of my eth cards working I was having problems with. I've got to say the firewall is great, had a friend run nmap against me & he couldn't find anything. I'm currently running Bering 1.0 rc3 & have been using the smaller version of weblet. My problem is that for some reason after a couple days of being up, both the Firewall & RAM Disk traffic lights end up being red &/or yellow, sometimes I can see stuff in the logs & other times it doesn't seem to have anyting in the logs. Then after another day or 2 all 3 lights are green! & there's absolutely nothing in any of the logs I've checked, there's not even anything in any of the backup logs... Even after I connect to DALnet (which does close to 40-50 hits to make sure you don't have any vulnerability spots) I still got nothing in the logs. What gives? Any help would be appreciated as I've had fun recently going through alot of security info & finding out why all the hits & what people are trying to find. Not to mention I'd like to find out if this really is someone cracking my firewall & erasing all the logs! Which brings me to another point... where can I find some docs on setting up my leaf box so that it sends all it's logs to another computer? One of the security measures I found somewhere suggested having all your machines write their logs to 1 dedicated log computer, making it harder for crackers to erase their crack thanks! Patrick --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] D Link 520+
On Mon, 2002-11-25 at 22:46, wing newton wrote: > How about the latest version of DWL 650 ? Is there an > AP driver for the latest 650 which is no longer using > the Intersil chipset ? > > Thanks. Sorry I didn't get back to you sooner. From what I've heard, the newest revisions of the DWL-650 don't use the Intersil chipset, I could be wrong, best call Dlink about it. The linux-wlan-ng page has a pretty good summary of what cards are Intersil Prism based: http://www.linux-wlan.com/linux-wlan/ Good luck. Z --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Missing Logs ???
Great... has anyone written a bash script to copy needed setup files to disk so I don't have to redo everything? :) Patrick - Original Message - From: "Luis.F.Correia" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 27, 2002 7:51 AM Subject: RE: [leaf-user] Missing Logs ??? > Switch to Bering 1.0-stable. > > The log rotation is fixed. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, November 27, 2002 1:15 PM > To: [EMAIL PROTECTED] > Subject: [leaf-user] Missing Logs ??? > > > Hello :) > > I finally got everything set up (fixed my problems with the 1680 disks, used > my new computer's floppy drive to write & used new disks I just bought). > Even got 1 of my eth cards working I was having problems with. I've got to > say the firewall is great, had a friend run nmap against me & he couldn't > find anything. > > I'm currently running Bering 1.0 rc3 & have been using the smaller version > of weblet. My problem is that for some reason after a couple days of being > up, both the Firewall & RAM Disk traffic lights end up being red &/or > yellow, sometimes I can see stuff in the logs & other times it doesn't seem > to have anyting in the logs. Then after another day or 2 all 3 lights are > green! & there's absolutely nothing in any of the logs I've checked, > there's not even anything in any of the backup logs... Even after I connect > to DALnet (which does close to 40-50 hits to make sure you don't have any > vulnerability spots) I still got nothing in the logs. > > What gives? Any help would be appreciated as I've had fun recently going > through alot of security info & finding out why all the hits & what people > are trying to find. Not to mention I'd like to find out if this really is > someone cracking my firewall & erasing all the logs! > > Which brings me to another point... where can I find some docs on setting > up my leaf box so that it sends all it's logs to another computer? One of > the security measures I found somewhere suggested having all your machines > write their logs to 1 dedicated log computer, making it harder for crackers > to erase their crack > > thanks! > > Patrick > > > > > --- > This SF.net email is sponsored by: Get the new Palm Tungsten T > handheld. Power & Color in a compact size! > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > --- > This SF.net email is sponsored by: Get the new Palm Tungsten T > handheld. Power & Color in a compact size! > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > > > --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] WISP wireless AP
If it's DWL650+ then it's not supported, because it is based on a different chipset (TI) wing newton wrote: Greetings, I notice that there is hostap_cs.cfg in /etc/pcmcia in WISP. What do I have to do to make WISP to support AP for DWL 650 ? Thanks. Newton __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Systems Engineer (RHCE) --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Missing Logs ???
Patrick, To answer your first question about the warning lights, if you are using a cable modem, this is normal because of the cable modem works. Your broadband provider rountinely talks to your modem to determine if it's still there. These messages can appear as hits. To be sure when the firewall light is red, click on it. Then sort the hits by IP address. Most of the time you will notice that the majority of hits comes from several machines on the same domain 123.123.xxx.xxx. These are most likely your broadband provider servers. To be sure, you can look up the owner. I use www.arin.net. Enter some of the addresses in the search prompt and it should return the owner. Usually this appears like: Broadband company 123.123.1.1-123.127.255.255 etc. About your second question: Bering 1.0-rc3 had a bug in it where the logs were not being saved. There are two solutions: 1) Jacques posted a fix on leaf.sourceforge.net under the Bering 1.0-rc3 messages. 2) Upgrade to a higher version of Bering. rc4 and stable are good candidates. About your third question: I really don't think anyone is erasing your log files. But if you really are paranoid about some accessing your firewall, you can write-protect your floppies so that the intruder can't really change your configuration permanently. A little paranoia is a healthy thing. To get to your log files, you will need the sftp.lrp module. Configure it then save your changes to your floppies. On another machine set up a cron job to routinely sftp into your firewall and get the logs. Minh -- Message: 11 Reply-To: <[EMAIL PROTECTED]> From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Date: Wed, 27 Nov 2002 07:15:09 -0600 Subject: [leaf-user] Missing Logs ??? Hello :) I finally got everything set up (fixed my problems with the 1680 disks, used my new computer's floppy drive to write & used new disks I just bought). Even got 1 of my eth cards working I was having problems with. I've got to say the firewall is great, had a friend run nmap against me & he couldn't find anything. I'm currently running Bering 1.0 rc3 & have been using the smaller version of weblet. My problem is that for some reason after a couple days of being up, both the Firewall & RAM Disk traffic lights end up being red &/or yellow, sometimes I can see stuff in the logs & other times it doesn't seem to have anyting in the logs. Then after another day or 2 all 3 lights are green! & there's absolutely nothing in any of the logs I've checked, there's not even anything in any of the backup logs... Even after I connect to DALnet (which does close to 40-50 hits to make sure you don't have any vulnerability spots) I still got nothing in the logs. What gives? Any help would be appreciated as I've had fun recently going through alot of security info & finding out why all the hits & what people are trying to find. Not to mention I'd like to find out if this really is someone cracking my firewall & erasing all the logs! Which brings me to another point... where can I find some docs on setting up my leaf box so that it sends all it's logs to another computer? One of the security measures I found somewhere suggested having all your machines write their logs to 1 dedicated log computer, making it harder for crackers to erase their crack thanks! Patrick __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Missing Logs ???
> About your third question: I really don't think > anyone is erasing your log files. But if you really > are paranoid about some accessing your firewall, you > can write-protect your floppies so that the intruder > can't really change your configuration permanently. A > little paranoia is a healthy thing. I don't think someone is really erasing them either because as I had stated, I had a friend run nmap & he couldn't find anything so I'm closed to most of the script kiddies. And as to write-protecting the floppies, I do & for actually making changes to the floppies... because the floppy drives on my leaf box are of an older variety they don't play nice with the 1680 format, they can read it, but they tear up the disk writing it. All leaf disks are now written only on my programming computer with a much newer floppy drive that plays nice with 1680. This also prevents the possibilty of someone hacking the firewall & changing things while I'm trying to save stuff to the floppy (if you really want to be that paranoid). > To get to your log files, you will need the sftp.lrp > module. Configure it then save your changes to your > floppies. On another machine set up a cron job to > routinely sftp into your firewall and get the logs. Ok, sounds good... I'm guessing this goes along with the ssh.lrp package (which I've already set up) & I'm guessing sftp also comes in the ssh package in most distros? Now all I need is a newbie help file on setting up a cron job... any suggestions? :) > Minh thanks much Patrick [original message snipped] --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Missing Logs ???
the cron part would actually need to call a script. I believe what you would do is setup a cron on both sides, tar the files, into one, file have sftp (or even ssh copy) grab the file and decompress on the archiving machine. as for cron itself, man cron is extremely informative, and I'm not being a smart ass, it is very thorough. joey - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, November 27, 2002 11:29 AM Subject: Re: [leaf-user] Missing Logs ??? > > About your third question: I really don't think > > anyone is erasing your log files. But if you really > > are paranoid about some accessing your firewall, you > > can write-protect your floppies so that the intruder > > can't really change your configuration permanently. A > > little paranoia is a healthy thing. > > I don't think someone is really erasing them either because as I had stated, > I had a friend run nmap & he couldn't find anything so I'm closed to most of > the script kiddies. And as to write-protecting the floppies, I do & for > actually making changes to the floppies... because the floppy drives on my > leaf box are of an older variety they don't play nice with the 1680 format, > they can read it, but they tear up the disk writing it. All leaf disks are > now written only on my programming computer with a much newer floppy drive > that plays nice with 1680. This also prevents the possibilty of someone > hacking the firewall & changing things while I'm trying to save stuff to the > floppy (if you really want to be that paranoid). > > > To get to your log files, you will need the sftp.lrp > > module. Configure it then save your changes to your > > floppies. On another machine set up a cron job to > > routinely sftp into your firewall and get the logs. > > Ok, sounds good... I'm guessing this goes along with the ssh.lrp package > (which I've already set up) & I'm guessing sftp also comes in the ssh > package in most distros? Now all I need is a newbie help file on setting up > a cron job... any suggestions? :) > > > Minh > > thanks much > Patrick > > > [original message snipped] > > > > > --- > This SF.net email is sponsored by: Get the new Palm Tungsten T > handheld. Power & Color in a compact size! > http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Something to add to the Developer's Guide
Hey, I was stumbling around looking to see if I could find the information again, but it seems to have disappeared (or I'm not looking in the right places?) I was looking to find out how exactly the .lrp packages are put together, compressed I mean. I ask because I "tar xvzf bridge.lrp" into a temp directory, then turned around & did "tar cvzf bridge2.lrp etc usr var" & it ended up being 274B larger than the original file... Am I missing something? I'm currently running Mandrake 8.2. Patrick I thought maybe I'd try to update my leaf via my development computer, but guess not ? --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Something to add to the Developer's Guide
On Wed, 27 Nov 2002 [EMAIL PROTECTED] wrote: > Hey, > > I was stumbling around looking to see if I could find the information again, > but it seems to have disappeared (or I'm not looking in the right places?) > I was looking to find out how exactly the .lrp packages are put together, > compressed I mean. I ask because I "tar xvzf bridge.lrp" into a temp > directory, then turned around & did "tar cvzf bridge2.lrp etc usr var" & it > ended up being 274B larger than the original file... > > Am I missing something? I'm currently running Mandrake 8.2. I don't usually worry about a byte here or a byte there, but for compatibility you really should use compression level 9. $ cd bridge2 $ tar c etc usr var | gzip -9 - >../bridge2.lrp $ cd .. > Patrick > > I thought maybe I'd try to update my leaf via my development computer, but > guess not ? Some people do. I find it makes more sense to change the router and use the built-in backup anyway because I can test changes easily and it is always ready to reboot. --- Jeff NewmillerThe . . Go Live... DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] scp for bering package backup
Hi everybody I hacked the Bering backup scripts so that they allow a backup custom destination of 'scp'. This makes the backup go to /tmp and then subsequently to the host/directory as specified in a few additional entries in /etc/lrp.conf. The following files are affected: /usr/sbin/lrcfg.back /usr/sbin/lrcfg.back.script /etc/lrp.conf You can find these in my CVS tree at http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/devel/etitl/bering/ It reflects partially the directory structure of a Bering LEAF router. These changes are based on my 1.0_rc3 installation, I don't know if Jacques made changes here to the stable Version but the modifications should be pretty easy to port. Barf if there is anything unclear, else have fun Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Missing Logs ???
Sftp uses ssh protocols. It should be found with all the optional Bering lrp modules. I might be wrong about sftp, though. I read up some more, and it appears that sftp cannot pass the password through batch (non-interactive) mode. This is probably a security risk. I however think that there is an alternative which may be harder. You may be able to grab the logs through http. Since you can view the logs (0-3) through the weblet, you can use lynx to grab the contents of the log and then pipe to a file. The only problem with this is that I don't know on what time basis the logs rotate. Suppose the logs rotate every day (easiest example) first you need to setup a script on your logging machine to run lynx: --- #!bin/sh cd /logdirectory rm -f oldlogfiles lynx -dump http://firewall/logs/log1 >> logfile1 lynx -dump http://firewall/logs/log2 >> logfile2 . . . Then you need to edit your crontab file to run it every day. - 0 0 * * * /directory/scriptfile - If the logs don't rotate on a time basis, then the solution is a bit tricky. I would need some more info on how it works, but you could just grab the logs every day and then use perl or some other script to determine if the log is new and decide to save it or trash it. My preference is java since I know it best. You could then add the script to the crontab file. Minh -- Message: 6 Reply-To: <[EMAIL PROTECTED]> From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Subject: Re: [leaf-user] Missing Logs ??? Date: Wed, 27 Nov 2002 11:29:32 -0600 > About your third question: I really don't think > anyone is erasing your log files. But if you really > are paranoid about some accessing your firewall, you > can write-protect your floppies so that the intruder > can't really change your configuration permanently. A > little paranoia is a healthy thing. I don't think someone is really erasing them either because as I had stated, I had a friend run nmap & he couldn't find anything so I'm closed to most of the script kiddies. And as to write-protecting the floppies, I do & for actually making changes to the floppies... because the floppy drives on my leaf box are of an older variety they don't play nice with the 1680 format, they can read it, but they tear up the disk writing it. All leaf disks are now written only on my programming computer with a much newer floppy drive that plays nice with 1680. This also prevents the possibilty of someone hacking the firewall & changing things while I'm trying to save stuff to the floppy (if you really want to be that paranoid). > To get to your log files, you will need the sftp.lrp > module. Configure it then save your changes to your > floppies. On another machine set up a cron job to > routinely sftp into your firewall and get the logs. Ok, sounds good... I'm guessing this goes along with the ssh.lrp package (which I've already set up) & I'm guessing sftp also comes in the ssh package in most distros? Now all I need is a newbie help file on setting up a cron job... any suggestions? :) > Minh thanks much Patrick [original message snipped] --__--__-- Message: 7 Reply-To: "Joey Officer" <[EMAIL PROTECTED]> From: "Joey Officer" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> Subject: Re: [leaf-user] Missing Logs ??? Date: Wed, 27 Nov 2002 13:01:43 -0600 the cron part would actually need to call a script. I believe what you would do is setup a cron on both sides, tar the files, into one, file have sftp (or even ssh copy) grab the file and decompress on the archiving machine. as for cron itself, man cron is extremely informative, and I'm not being a smart ass, it is very thorough. joey __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] zebra ospf routing problem
I am running wisp-dist release 2002-09-21(2348) I have been running the ospfd with zebra and it seemed to start out working fine. however, over time one of the units will drop all learned routes and all other routers on the system lose the learned routes from that router as well. usually if I restart zebra ( /etc/init.d/zebra restart) all routes come back and propagate thru the network within 40 to 60 seconds. Also, sometimes a single route will not propagate thru the network. I have 7 routers in the network and when the ospf works it's great. But I have had to restart too many times now. I have set the router-id manually on each unit to make sure there were no duplicate router-id's. Also, I have several IP addresses on each interface. Anyone having any issues with this? Or any ideas ? --Jay --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Network package loading
With all the consideration of network package loading and backup, I'll chip in my $0.02. This is a development method so I'm also sending this via the leaf-devel list, where it technically should be discussed. First of all, David D wrote apkg to approach many shortcomings in lrpkg. Network loading of packages is one of the additions, so I would highly suggest anyone seriously looking into adding this support check out the apkg SRC code. Second, the PXE bootloader is offered as an option to Syslinux for loading of images (and possibly packages) over a network. This method uses sftp, which is supported most OS's. I would imagine that David has used this method with apkg, though I can't confirm it. I can't see a reason that any other method would work cleaner w/o needing to re-write existing code and methods available for the same purpose. I would also imagine that you can find some links for documentation of this method from openbrick.org which offers Bering booted in this manner. Happy hunting! ;-) -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] shorewall
I'm trying to move from Dachstein to Bering but I have to rewrite few rules. Is autofw and portfw from Dachstein , DNAT in Shorewall or there is a difference? Andrey --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: shorewall
--On Wednesday, November 27, 2002 8:48 PM -0500 "C. Dummy" <[EMAIL PROTECTED]> wrote: I'm trying to move from Dachstein to Bering but I have to rewrite few rules. Is autofw and portfw from Dachstein , DNAT in Shorewall or there is a difference? Andrey It is dangerous to try to map these different notions, but: DNAT is roughly the equivalent of portfw plus a bunch of accept rules; iptables is stateful and has a very simple model for its rules while ipchains presents an absurd gauntlet of rules that each packet has to pass through, not to mention another series that treplies must negotiate. In other words, a single Shorewall DNAT rule performs portforwarding and passes the traffic to/from the server -- in ipchains, you had to have a portfw rule PLUS a set of ipchains rules to move the packets through your firewall. There is no direct analog of autofw in Bering. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: teastep \ http://shorewall.sf.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: shorewall
That's what I thought . So DNAT replaces both rules in some way. So for my son's Starcraft game. In Dachstein: ipmasqadm autofw -A -r udp 6112 6112 -h 192.168.1.202 -v ipmasqadm autofw -A -r tcp 6112 6112 -h 192.168.1.202 -v in Shorewall DNATnetloc:192.168.1.202 udp 6112 DNATnetloc:192.168.1.202 tcp 6112 Andrey Tom Eastep wrote: --On Wednesday, November 27, 2002 8:48 PM -0500 "C. Dummy" <[EMAIL PROTECTED]> wrote: I'm trying to move from Dachstein to Bering but I have to rewrite few rules. Is autofw and portfw from Dachstein , DNAT in Shorewall or there is a difference? Andrey It is dangerous to try to map these different notions, but: DNAT is roughly the equivalent of portfw plus a bunch of accept rules; iptables is stateful and has a very simple model for its rules while ipchains presents an absurd gauntlet of rules that each packet has to pass through, not to mention another series that treplies must negotiate. In other words, a single Shorewall DNAT rule performs portforwarding and passes the traffic to/from the server -- in ipchains, you had to have a portfw rule PLUS a set of ipchains rules to move the packets through your firewall. There is no direct analog of autofw in Bering. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: teastep \ http://shorewall.sf.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: shorewall
--On Wednesday, November 27, 2002 10:15 PM -0500 "C. Dummy" <[EMAIL PROTECTED]> wrote: That's what I thought . So DNAT replaces both rules in some way. So for my son's Starcraft game. In Dachstein: ipmasqadm autofw -A -r udp 6112 6112 -h 192.168.1.202 -v ipmasqadm autofw -A -r tcp 6112 6112 -h 192.168.1.202 -v in Shorewall DNATnetloc:192.168.1.202 udp 6112 DNATnetloc:192.168.1.202 tcp 6112 That would be my guess -- no guarantees :-) -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: teastep \ http://shorewall.sf.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: shorewall
Last question tonight. I'm trying to add printer package p9100.lrp from http://pigtail.net/LRP/printsrv/ this package works no problem on Dachstein. Needs some editing network.conf line: #$IPCH -A input -j ACCEPT -p tcp -s 0/0 -d $EX_IP 1024:65535 -i $EXTERN_IF has to be commented out a nd 2 new line s added below $IPCH -A input -j ACCEPT -p tcp -s 0/0 -d $EX_IP 1024:9099 -i $EXTERN_IF $IPCH -A input -j ACCEPT -p tcp -s 0/0 -d $EX_IP 9103:65535 -i $EXTERN_IF Should this go to policy or rules? This should: close printer ports 9100,9101, and 9102 on external interface. What rule that would be? Andrey Tom Eastep wrote: --On Wednesday, November 27, 2002 10:15 PM -0500 "C. Dummy" <[EMAIL PROTECTED]> wrote: That's what I thought . So DNAT replaces both rules in some way. So for my son's Starcraft game. In Dachstein: ipmasqadm autofw -A -r udp 6112 6112 -h 192.168.1.202 -v ipmasqadm autofw -A -r tcp 6112 6112 -h 192.168.1.202 -v in Shorewall DNATnetloc:192.168.1.202 udp 6112 DNATnetloc:192.168.1.202 tcp 6112 That would be my guess -- no guarantees :-) -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: teastep \ http://shorewall.sf.net ICQ: #60745924 \ [EMAIL PROTECTED] Tom Eastep wrote: --On Wednesday, November 27, 2002 10:15 PM -0500 "C. Dummy" <[EMAIL PROTECTED]> wrote: That's what I thought . So DNAT replaces both rules in some way. So for my son's Starcraft game. In Dachstein: ipmasqadm autofw -A -r udp 6112 6112 -h 192.168.1.202 -v ipmasqadm autofw -A -r tcp 6112 6112 -h 192.168.1.202 -v in Shorewall DNATnetloc:192.168.1.202 udp 6112 DNATnetloc:192.168.1.202 tcp 6112 That would be my guess -- no guarantees :-) -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: teastep \ http://shorewall.sf.net ICQ: #60745924 \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] boot from HDD - error - Device not configured
Bering v1.0-stable AMD 586 24M ram 200M HDD I followed the LRP Hard Disk HOWTO at http://leaf.sourceforge.net/pub/doc/howto/LRPHardDiskHOWTO.txt I have been able to successfully mount a hard disk partition once leaf has booted from floppy but I am having trouble getting the boot from HDD going. I have turned on VERBOSE and DEBUG in /linuxrc and put a couple more debug lines in it. My linuxrc.cfg (on hda1) has; default linux initrd=initrd.lrp init=/linuxrc root=/dev/ram0 boot=/dev/hda1:msdos PKGPATH=/dev/fd0u1680 LRP=root,etc,local,modules,iptables,ppp,pppoe,hdsupp_s,shorwall,dnscache,weblet (all on one line) I also tried removing the PKGPATH part as suggested in the "booting Bering from a M-Systems DiskOnChip" howto at; http://cvs.sf.net/cgi-bin/viewcvs.cgi/leaf/devel/bradfritz/bering_contrib/doc/bud iskonchip.xml?rev=1.2&content-type=text/vnd.viewcvs-markup and tried with PKGPATH=/dev/hda1 On boot with no floppy in the drive, Just prior to the mount command /dev contains; brw-r- 1 0 0 3, 1 Nov 28 14:27 /dev/hda1 this looks OK to me. When it gets to the point of trying to mount the boot device around line 184 of linuxrc using the command; mount -r -t msdos /dev/hda1 /var/lib/lrpkg/mnt mount gives the error message; mount: Mounting /dev/hda1 on /var/lib/lrpkg/mnt failed: Device not configured My searching has shown this message in relation to CDROMs - when there is no CD in the drive. Not sure what to try next, any clues would be most appreciated. Thanks in advance Andrew Braund --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] zebra ospf routing problem
> Anyone having any issues with this? Or any ideas ? Sounds like the routing tables are filling a "non-critical" ram-disk (/var, /tmp ???) and crashing it. These ramdisks roll-over and come back up, but the information is lost as far as the contained information is concerned. I'd monitor the %used of these ramdisks to test these. Because of the dynamic nature of routing protocols, this is likely if many routes are added or changed over a period of time. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] logs from cron using ssh (was: Missing Logs)
I'm probably venturing off topic a bit here, but for an example of how to pull logs using ssh from cron, read on... In the last day or two, Minh wrote: MD> To get to your log files, you will need the sftp.lrp MD > module. And Patrick replied: > Ok, sounds good... I'm guessing this goes along with the ssh.lrp > package (which I've already set up) & I'm guessing sftp also comes > in the ssh package in most distros? Now all I need is a newbie > help file on setting up a cron job... any suggestions? :) On Wed, 27 Nov 2002 13:43:52 PST Minh wrote: > Sftp uses ssh protocols. It should be found with all > the optional Bering lrp modules. > > I might be wrong about sftp, though. I read up some > more, and it appears that sftp cannot pass the > password through batch (non-interactive) mode. This > is probably a security risk. The best way to use ssh, scp or sftp--all three can be used to copy files--in an unattended fashion is with keys. The technique I would use (there are other variations that would work) is to create a key pair to be used only for pulling logs. Save the private key without a passphrase on a trusted computer. Then use .ssh/authorized_keys on the firewall to limit that key to only running one command. Below is an example that is partially untested. I know the technique works, but I may have made typos or slight syntax errors. On the firewall in ~/.ssh/authorized_keys either in the root account or another account that has access to the log files: command="tar c /var/log/*.0 | gzip -c -",no-pty,no-port-forwarding,\ no-X11-forwarding,no-agent-forwarding ssh-dss [the key here] >From the trusted computer run: ssh -i key_for_pulling_logs user@thefirewall \ > log_archive-`date -d yesterday +%Y%m%d`.tar.gz manually or via cron. It takes a bit of reading and practice to get familiar with ssh and public key authentication, but if you do much *nix system administration, it's *definitely* worth knowing. --Brad --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: shorewall
$IPCH -A input -j ACCEPT -p tcp -s 0/0 -d $EX_IP 1024:9099 -i $EXTERN_IF $IPCH -A input -j ACCEPT -p tcp -s 0/0 -d $EX_IP 9103:65535 -i $EXTERN_IF Should this go to policy or rules? This should: close printer ports 9100,9101, and 9102 on external interface. What rule that would be? Andrey In the past, i've run a similar setup, and those ports should already be closed on the external interface. You will however need to make sure that you've enabled access to those ports on the internal interface. I believe you can put that in rules, so: ACCEPT loc fw tcp 9100 -arif --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] boot from HDD - error - Device not configured
On Wednesday 27 November 2002 22:49, Andrew Braund wrote: > Bering v1.0-stable > AMD 586 24M ram 200M HDD > > I followed the LRP Hard Disk HOWTO at > http://leaf.sourceforge.net/pub/doc/howto/LRPHardDiskHOWTO.txt > > I have been able to successfully mount a hard disk partition > once leaf has booted from floppy but I am having trouble getting > the boot from HDD going. Things are slightly different with Bering, you would have been better off using the IDE information included in the Bering Users Manual. I believe the mistake your making is not having the IDE modules included in initrd which will require creating a new/modified initrd. W/o this support on boot, no packages can be loaded via IDE drives. -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] boot from HDD - error - Device not configured
On Thu, 28 Nov 2002 15:19:13 +1030 Andrew Braund wrote: > Bering v1.0-stable > AMD 586 24M ram 200M HDD > > I followed the LRP Hard Disk HOWTO at > http://leaf.sourceforge.net/pub/doc/howto/LRPHardDiskHOWTO.txt The Bering User Guide section 9.4 at: http://leaf.sf.net/devel/jnilo/bubooting.html#AEN1119 is probably a more appropriate reference for Bering. > I have been able to successfully mount a hard disk partition > once leaf has booted from floppy but I am having trouble getting > the boot from HDD going. > > I have turned on VERBOSE and DEBUG in /linuxrc > and put a couple more debug lines in it. > > My linuxrc.cfg (on hda1) has; > default linux initrd=initrd.lrp > init=/linuxrc root=/dev/ram0 boot=/dev/hda1:msdos > PKGPATH=/dev/fd0u1680 > LRP=root,etc,local,modules,iptables,ppp,pppoe,hdsupp_s,shorwall,dnscache,web >let > (all on one line) > > I also tried removing the PKGPATH part as suggested in the > "booting Bering from a M-Systems DiskOnChip" howto at; > http://cvs.sf.net/cgi-bin/viewcvs.cgi/leaf/devel/bradfritz/bering_contrib/doc >/bud > iskonchip.xml?rev=1.2&content-type=text/vnd.viewcvs-markup Removing PKGPATH shouldn't be necessary. That was a kludge to work around issues with old versions of the DoC nftla drivers that only allow a DoC partition to be mounted once. The IDE drivers shouldn't complain about mounting one partition in two places simultaneously. > and tried with PKGPATH=/dev/hda1 > > > On boot with no floppy in the drive, > Just prior to the mount command > /dev contains; > brw-r- 1 0 0 3, 1 Nov 28 14:27 /dev/hda1 > this looks OK to me. > > When it gets to the point of trying to mount the boot device > around line 184 of linuxrc using the command; > > mount -r -t msdos /dev/hda1 /var/lib/lrpkg/mnt > > mount gives the error message; > > mount: Mounting /dev/hda1 on /var/lib/lrpkg/mnt failed: Device not configured > > My searching has shown this message in relation to CDROMs - when > there is no CD in the drive. > > Not sure what to try next, any clues would be most appreciated. Sounds like the modules might not be loading. Do you have the lines: ide-mod ide-disk ide-probe-mod in /boot/etc/modules and the module files: ^ ide-mod.o ide-disk.o ide-probe-mod.o in /boot/lib/modules ? ^ If you have DEBUG and VERBOSE set (and possibly even without them set), you should see the insmods during boot and some information about the drive. Hope that helps. --Brad --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] IPv6 on Bering box Status
Hi, as I wrote in previous days, I'm trying to run IPv6 support on my Bering box. There is my current "development" status: I've upgraded to Bering 1.0-stable (imho not necessary, because there was the same problem as with recently used version 1.0-rc1). The problem was on the side of IPv6 provider. So, I can use IPv6 from my Bering box to the world and back. I can ping6 everywhere. I've compiled ip6tables statically an ran it successfully. I have following goals now: - routing from internal network to external network - sshd with IPv6 support I tried IPv6 routing yesterday, but unsuccessfully. There was some strange errors (Host unreachable or Hop limit) etc (between my computer in local network and my Bering box). I will inform you about my status in next days. Radim --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] zebra ospf routing problem
Hi Jay, This question is probably best posed to the zebra mailing list. You can register for that here: http://www.zebra.org/mailing.html. You did not say what version of ospfd you are using but I would definitely recommend getting at least the latest standard release, zebra-0.93b. If you want to build your own package the tarball is located here: ftp://ftp.zebra.org/pub/zebra/. You can also try the most recent tarball put together by Paul Jakma. It includes a whole bunch of patches that have yet to be accepted into the standard zebra distribution. (They are notoriously slow about integrating any new patches.) The only warning about this is apparently one of the patches Paul uses breaks IPv6 in zebra. For IPv4 it seems to be well tested and resolves a number of ospf problems. Once again, if you want to build your own package you can find his tarball here: http://people.ie.alphyra.com/~paulj/zebra/2002/. As a note: The Paul Jakma release is more than likely what I am going to use for my next set of packages specifically because of all the ospf bug fixes that it has. The only reason that I have not moved to this already is I have not had the time to verify whether the "vanMaarseveen_patch" actually breaks anything with IPv6 or not. Last that I saw this is still speculative. Or you can grab my package located at: http://www.eric.kiser.com/download.htm. I would recommend using the one that is listed under "Zebra-0.93b *.lrp Packages (zebra-0.93b-gv.0.05)". Compared to my most recent version, zebra-0.93b-gv.0.07, it is smaller and it is only missing support for MPLS. Best of luck and let us know what resolves the issue for you. Regards, Eric Kiser -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of wispdist Sent: Wednesday, November 27, 2002 7:05 PM To: Leaf-user Subject: [leaf-user] zebra ospf routing problem I am running wisp-dist release 2002-09-21(2348) I have been running the ospfd with zebra and it seemed to start out working fine. however, over time one of the units will drop all learned routes and all other routers on the system lose the learned routes from that router as well. usually if I restart zebra ( /etc/init.d/zebra restart) all routes come back and propagate thru the network within 40 to 60 seconds. Also, sometimes a single route will not propagate thru the network. I have 7 routers in the network and when the ospf works it's great. But I have had to restart too many times now. I have set the router-id manually on each unit to make sure there were no duplicate router-id's. Also, I have several IP addresses on each interface. Anyone having any issues with this? Or any ideas ? --Jay --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Get the new Palm Tungsten T handheld. Power & Color in a compact size! http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
