Re: [leaf-user] Bell Business Internet service and LEAF
I'm using Bering with a Bell reseller here in Pickering. Though mine is a resold residential service, my understanding is that we'll have the same setup hardware. Yup, I'm using PPPoeE. Suggested settings? Where to begin... Are you already up and running and looking for extra settings for your firewall? I'm not the guy to ask. If you want some heads-up about how you would go about accomplishing it, using what I expect Bell will give you as a modem (SpeedTouch Home) I can give you all the details regarding how I did it. Because the Alcatel (or rather, the dual-ip addy of the Alcatel STHome modem) is seemingly not common it will take a non-standard config. But once it's up and running it's sweet... scott Stephen Lee wrote: Hi, Anyone here using Bering with Bell's business high speed DSL service in Ontario, Canada? Is PPPoE used and if so, any suggested settings for Bering1.0? Thanks, Stephen --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Trouble with virgin setup of Bering 1.0, on PPPoEDSL (Alcatel SpeedTOuch Home modem) - fixed followup
Folks, thanks for all the leads. As it turned out it was the gateway of 172.16.0.254, under eth0, in /etc/interfaces that was giving me the grief. Regarding some of the suggestions presented... - In my case I definitly need the 'auto eth0' (et al) entry in /etc/interfaces. If I don't have it then I get nowhere. This corresponds to my XP system, where if I have disabled my local LAN I can no longer use the PPPoE connection. - I am able to keep the norfc1918 parameters (in some configs). - I was able to keep my gateway (PPP peer) dynamic and not have to code it it --- my default gateway does become provided by the pppd daemon so no special config need there. Here's the details of my config: iNet | | = === Alcatel STHome DSL modem = = ^ = = | = =172.16.0.254 v = = ^^ || vv == Bering 1.0 Router === == =eth0ppp0= == = 172.16.0.1/24 64.39.y.z = = via STATIC via PPPoE = == == = 192.168.0.254/24 = = via STATIC, 10.0.0.254/24 = = + DHCP Server via STATIC = =eth1 eth2 = == ^ ^ | | v v PrivateDMZ Lan LAN Note: I decided to create a new zone, called 'mod', to reflect the rfc1918 connection between the router and the DSL modem. === /root # grep -v # /etc/network/interfaces === auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 172.16.0.1 masklen 24 broadcast 172.16.0.255 auto ppp0 iface ppp0 inet ppp pre-up ip link set eth0 up provider dsl-provider eth0 auto eth1 iface eth1 inet static address 192.168.0.254 masklen 24 broadcast 192.168.0.255 auto eth2 iface eth2 inet static address 10.0.0.254 masklen 24 broadcast 10.0.0.255 === /root # grep -v # /etc/ppp/peers/dsl-provider === plugin /usr/lib/pppd/pppoe.so name [EMAIL PROTECTED] noipdefault defaultroute hide-password lcp-echo-interval 20 lcp-echo-failure 3 connect /bin/true noauth persist mtu 1492 === /root # grep -v # /etc/ppp/options === asyncmap 0 auth crtscts lock hide-password modem proxyarp lcp-echo-interval 30 lcp-echo-failure 4 noipx === /root # grep -v # /etc/shorewall/zones === mod Modem Alcatel DSL Modem via eth0 net Net Internet via ppp0 locLocalLocal networks via eth1 dmz DMZ DMZ via eth2 === /root # grep -v # /etc/shorewall/interfaces === net ppp0- blacklist,routefilter,norfc1918 modeth0detectroutestopped,blacklist,routefilter loceth1detectroutestopped,dhcp dmzeth2detect === /root # grep -v # /etc/shorewall/policy === loc mod ACCEPT locnetACCEPT netallDROPinfo allallREJECTinfo === /root # grep -v # /etc/shorewall/rules === ACCEPT fwnet tcp 53 ACCEPTfw netudp53 ACCEPTloc fwtcp22 ACCEPTloc fwudp53 ACCEPTloc fwtcp80 === /root # grep -v # /etc/shorewall/masq === ppp0eth1 eth0eth1 === /root # cat /etc/shorewall/rfc1918 === no changes to default Bering setup! === === Regarding the file: /etc/shorewall/shorewall.conf Just make sure that the setting below is activated: CLAMPMSS=Yes === === === /root # ip addr show === 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback
Re: [leaf-user] Bell Business Internet service and LEAF
I have set up Bering on Bell DSL. Following the user guide works pretty straight forward. However, when it came to using the username/password for connection, there was a point I wasn't aware of and it made the difference between connecting and not connecting. There are two files where to enter this information. From work here, I cannot recall but I believe it is in the Modules - PPPoE setup. One file you enter the various possible logins you could use (ie; username/password). The other is where you indicate which username you wish to login with. Other than that, the preconfigured defaults worked fine for me. === Work: http://www.olgclotteries.com [EMAIL PROTECTED] 888-345-7568 ext. 2205 Personal: http://www.mullan.ca [EMAIL PROTECTED] MSN:[EMAIL PROTECTED] === Stephen Lee [EMAIL PROTECTED]To: Leaf-user [EMAIL PROTECTED] Sent by: cc: [EMAIL PROTECTED]Subject: [leaf-user] Bell Business Internet service and LEAF ceforge.net 28-01-2003 02:40 AM Hi, Anyone here using Bering with Bell's business high speed DSL service in Ontario, Canada? Is PPPoE used and if so, any suggested settings for Bering1.0? Thanks, Stephen --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-675725 ] IPSEC error messages (SourceForge.net)
Initial Comment: I'm using the uclibc version of Bering (1.0.2) and am attempting to use ipsec. I've downloaded ipsec.o from http://leaf.sourceforge.net/devel/jnilo/bering/latest/module s/2.4.18/kernel/net/ipsec and placed it into the /lib/modules directory. I've modified /etc/modules to load the module on startup. When the system boots I receive three errors as follows: /sbin/ipsec: /lib/ipsec/eroute : not found /sbin/ipsec: /lib/ipsec/spi : not found /sbin/ipsec: /lib/ipsec/tncfg : not found snip -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-27 17:07 Message: Logged In: YES user_id=176069 Ipsec that you are using is compiled with glibc-2.0.7 instead of uClibcthus the lib errors. You can use an ipsec package if one is available in the uClibc cvs area of the LEAF site or compile your own with uClibc. There are many script changes to the ipsec package, so if you compile your own, you will probably want to change out the old libs with the freshly compiled ones. ~Lynn Avants If you wish to package ipsec or ipsec509 for uClibc bering, I have a little development environment to do so that you night be inserested in. It is still a little hairier than I would like due to lack of time, but contact me off list if you are interested. -- --- Chad Carr [EMAIL PROTECTED] --- msg12527/pgp0.pgp Description: PGP signature
[leaf-user] Nice tool
Hi! Thanks again for the previous help, but i've got one more ;-) I've found a very powerful tool on http://www.dest-unreach.org/socat/ (for testing purposes), but i'm unable to compile (cause of the missing linux box), could somebody help me? Thanks in advance, Gerd __ The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Help with BellSouth DSL in Atlanta and PPPoA?
I'm trying to setup our location in Atlanta with Bering (have 3 others running else where in the country). The router is a Cayman 3220H which I set to bridge mode using instructions on the Cayman (now Netoptia website) and then began setting up Bering. BellSouth tech support is telling me the service is PPPoE, but the router is showing different settings they what they expect. Based on the Cayman settings it appears to me to be PPPoA (the ATM Configuration screens has one interface defined as ppp-llc). I was working with the PPPoE and now PPPoA Bering setups without any success yet. Does anyone have this service in the Atlanta area that can confirm if it is PPPoA and give me any hints? I'm calling BellSouth again... Thanks, Todd --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA?
Making a little progress. I was able to confirm in the Cayman router setup that it is in fact PPPoA and not PPPoE so at least I can focus getting the PPPoA up. I'm using the Bering User's Guide PPPoA Configuration section which uses an ATM/PCI card vs. I have the Cayman attached to eth0. I'm not sure how I should be defining interfaces the example is: auto lo ppp0 eth0 iface lo inet loopback iface ppp0 inet ppp provider dsl-provider iface eth0 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 What I want to do is: auto lo iface lo inet loopback auto ppp0 iface ppp0 inet ppp provider dsl-provider eth0 - auto eth1 iface eth1 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 But the older ppp that you need for pppatm doesn't seem to support the eth0 parameter. Should the internal be eth0 or eth1? Any ideas or direction would be greatly appreciated. Thanks, Todd -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Todd Pearsall Sent: Tuesday, January 28, 2003 10:53 AM To: [EMAIL PROTECTED] Subject: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? I'm trying to setup our location in Atlanta with Bering (have 3 others running else where in the country). The router is a Cayman 3220H which I set to bridge mode using instructions on the Cayman (now Netoptia website) and then began setting up Bering. BellSouth tech support is telling me the service is PPPoE, but the router is showing different settings they what they expect. Based on the Cayman settings it appears to me to be PPPoA (the ATM Configuration screens has one interface defined as ppp-llc). I was working with the PPPoE and now PPPoA Bering setups without any success yet. Does anyone have this service in the Atlanta area that can confirm if it is PPPoA and give me any hints? I'm calling BellSouth again... Thanks, Todd --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA?
On Tue, 2003-01-28 at 07:52, Todd Pearsall wrote: snip I was working with the PPPoE and now PPPoA Bering setups without any success yet. Does anyone have this service in the Atlanta area that can confirm if it is PPPoA and give me any hints? I'm calling BellSouth again... Have you seen this site on configuring the Cayman for BellSouth? http://www.netopia.com/en-us/support/technotes/hardware/CQG_122.html?print=yes It includes info on bridging. Stephen --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Socks5 error
Yesterday I tried to run socks5.lrp on my Bering box and I could not surf the Web with my browser with proxy. The config file is the same as the one I used to run on my previous Daschetein. I thought maybe I need to open some ports from FW to NET, but I found the following errors in my log: Jan 27 21:27:14 router Socks5[12812]: Auth Failed: (192.168.9.202:2453) What wrong did I do? I do not set any authentication in my config. It is below START /etc/socks5.conf # Interface lines are of the form: # interface dest-host dest-port interface-address #interface 192.168.0. - eth* #permit - - - - - - set SOCKS5_BINDINTFC 192.168.9.254:1080 set SOCKS5_NOIDENT interface 192.168.9. - eth1 interface - - eth0 auth 192.168.9. - - permit - - 192.168.9. - - - - END - Thank you. --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA?
Todd, Why do you want the Bering box to make the PPP connection to your ISP instead of the router? I have the same router with BellSouth DSL in Raleigh and would like to help, but I guess I am not clear on what you are trying to accomplish. Chris Blackmon -Original Message- From: Todd Pearsall [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 11:05 AM To: [EMAIL PROTECTED] Subject: RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? Making a little progress. I was able to confirm in the Cayman router setup that it is in fact PPPoA and not PPPoE so at least I can focus getting the PPPoA up. I'm using the Bering User's Guide PPPoA Configuration section which uses an ATM/PCI card vs. I have the Cayman attached to eth0. I'm not sure how I should be defining interfaces the example is: auto lo ppp0 eth0 iface lo inet loopback iface ppp0 inet ppp provider dsl-provider iface eth0 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 What I want to do is: auto lo iface lo inet loopback auto ppp0 iface ppp0 inet ppp provider dsl-provider eth0 - auto eth1 iface eth1 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 But the older ppp that you need for pppatm doesn't seem to support the eth0 parameter. Should the internal be eth0 or eth1? Any ideas or direction would be greatly appreciated. Thanks, Todd -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Todd Pearsall Sent: Tuesday, January 28, 2003 10:53 AM To: [EMAIL PROTECTED] Subject: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? I'm trying to setup our location in Atlanta with Bering (have 3 others running else where in the country). The router is a Cayman 3220H which I set to bridge mode using instructions on the Cayman (now Netoptia website) and then began setting up Bering. BellSouth tech support is telling me the service is PPPoE, but the router is showing different settings they what they expect. Based on the Cayman settings it appears to me to be PPPoA (the ATM Configuration screens has one interface defined as ppp-llc). I was working with the PPPoE and now PPPoA Bering setups without any success yet. Does anyone have this service in the Atlanta area that can confirm if it is PPPoA and give me any hints? I'm calling BellSouth again... Thanks, Todd --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] undying PPPoE?
On Tuesday 28 January 2003 07:53, Alex Rhomberg wrote: We use PPPoE from a Bering firewall for our Internet connection, with a static IP address. The problem is that some times, the pppd stops. I set it up to restart the connection automatically (persist). I tested it with temporarily unplugging the modem, and the connection is restarted nicely. However, about once a week, the link fails (probably a provider problem) Try this thread: it was posted about two days ago by me. http://sourceforge.net/mailarchive/message.php?msg_id=3638347 -- -- Arcana --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA?
On Tue, 2003-01-28 at 08:05, Todd Pearsall wrote: Making a little progress. I was able to confirm in the Cayman router setup that it is in fact PPPoA and not PPPoE so at least I can focus getting the PPPoA up. I'm using the Bering User's Guide PPPoA Configuration section which uses an ATM/PCI card vs. I have the Cayman attached to eth0. I'm not sure how I should be defining interfaces the example is: auto lo ppp0 eth0 iface lo inet loopback iface ppp0 inet ppp provider dsl-provider iface eth0 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 What I want to do is: auto lo iface lo inet loopback auto ppp0 iface ppp0 inet ppp provider dsl-provider eth0 - auto eth1 iface eth1 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 But the older ppp that you need for pppatm doesn't seem to support the eth0 parameter. Should the internal be eth0 or eth1? Any ideas or direction would be greatly appreciated. I recently setup a Bering box on Sprint DSL in Florida (thanks to James Sturdevant). They use PPPoE but all of the PPPoE stuff was taken care of by the modem (XyZel) so I simply turned on the modem's bridge mode and configured the bering box as a normal eth0,eth1 setup with no PPP stuff. The only bit of black magic to get the whole thing working was to power cycle the LAN switch. Stephen --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bell Business Internet service and LEAF
On Tue, 2003-01-28 at 05:46, John Mullan wrote: I have set up Bering on Bell DSL. Following the user guide works pretty straight forward. However, when it came to using the username/password for connection, there was a point I wasn't aware of and it made the difference between connecting and not connecting. There are two files where to enter this information. From work here, I cannot recall but I believe it is in the Modules - PPPoE setup. One file you enter the various possible logins you could use (ie; username/password). The other is where you indicate which username you wish to login with. Other than that, the preconfigured defaults worked fine for me. Are you refering to both menu items under pppoe configuration files corresponding to /etc/ppp/peers/dsl-provider and /etc/ppp/pap-secrets respectively? I take it then that Bell uses PPPoE with PAP? Thanks, Stephen --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-675725 ] IPSEC error messages
Support Requests item #675725, was opened at 2003-01-27 22:05 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=675725group_id=13751 Category: packages Group: None Status: Open Priority: 5 Submitted By: Bob Dushok (bdushok) Assigned to: Mike Noyes (mhnoyes) Summary: IPSEC error messages Initial Comment: I'm using the uclibc version of Bering (1.0.2) and am attempting to use ipsec. I've downloaded ipsec.o from http://leaf.sourceforge.net/devel/jnilo/bering/latest/module s/2.4.18/kernel/net/ipsec and placed it into the /lib/modules directory. I've modified /etc/modules to load the module on startup. When the system boots I receive three errors as follows: /sbin/ipsec: /lib/ipsec/eroute : not found /sbin/ipsec: /lib/ipsec/spi : not found /sbin/ipsec: /lib/ipsec/tncfg : not found Similar errors referring to the files /lib/ipsec/spi and /lib/ipsec/tncfg appear on shutdown. My copy of ipsec.lrp was downloaded from http://cvs.sourceforge.net/cgi- bin/viewcvs.cgi/leaf/bin/packages/uclibc/0_9_15/ipsec.lrp Is this the correct version to be used with the ipsec.o file I downloaded for the uclibc Bering release? I have verified the /sbin/ipsec binary is present and working. For example, /sbin/ipsec barf works perfectly. The binaries at /lib/ipsec appear to be the problem. For example, /lib/ipsec/eroute prints: /lib/ipsec/eroute: not found. I receive this error when I attempt to execute any of the three files mentioned in the error above. The files appear to be elf executables. Are there any specific libraries needed for these executables? I can only find a reference to mawk, which I've loaded by including in the LRP line within my syslinux.cfg file. Thanks, Bob -- Comment By: KP Kirchdörfer (kapeka) Date: 2003-01-28 18:24 Message: Logged In: YES user_id=204664 The ipsec.lrp you've downloaded _is_ compiled with uClibc. Can you verify that ipsec.o is loaded? I don't load it from /etc/modules, instead it's loaded from /etc/init.d/ipsec start. hope that helps kp -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 00:07 Message: Logged In: YES user_id=176069 Ipsec that you are using is compiled with glibc-2.0.7 instead of uClibcthus the lib errors. You can use an ipsec package if one is available in the uClibc cvs area of the LEAF site or compile your own with uClibc. There are many script changes to the ipsec package, so if you compile your own, you will probably want to change out the old libs with the freshly compiled ones. ~Lynn Avants -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=675725group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA?
Thanks for the reply. I want to set up this office be able to join the vpn with 2 other Leaf routers and support road warrior VPN users. If been reading about their VPN add-on for the Cayman (SafeHarbour) and it sounds like I could use that to connect to the other offices for $40 per tunnel, but but 5-15 road warriors will get pricy, vs free like the other offices. I was trying to set the Cayman as bridge and do all the routing with Bering which I *assumed* meant Bering would have to bring up the PPPoA connection as well. I'd love to be wrong ;). Thanks, Todd -Original Message- From: Chris Blackmon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 11:35 AM To: 'Todd Pearsall' Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? Todd, Why do you want the Bering box to make the PPP connection to your ISP instead of the router? I have the same router with BellSouth DSL in Raleigh and would like to help, but I guess I am not clear on what you are trying to accomplish. Chris Blackmon -Original Message- From: Todd Pearsall [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 11:05 AM To: [EMAIL PROTECTED] Subject: RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? Making a little progress. I was able to confirm in the Cayman router setup that it is in fact PPPoA and not PPPoE so at least I can focus getting the PPPoA up. I'm using the Bering User's Guide PPPoA Configuration section which uses an ATM/PCI card vs. I have the Cayman attached to eth0. I'm not sure how I should be defining interfaces the example is: auto lo ppp0 eth0 iface lo inet loopback iface ppp0 inet ppp provider dsl-provider iface eth0 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 What I want to do is: auto lo iface lo inet loopback auto ppp0 iface ppp0 inet ppp provider dsl-provider eth0 - auto eth1 iface eth1 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 But the older ppp that you need for pppatm doesn't seem to support the eth0 parameter. Should the internal be eth0 or eth1? Any ideas or direction would be greatly appreciated. Thanks, Todd -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Todd Pearsall Sent: Tuesday, January 28, 2003 10:53 AM To: [EMAIL PROTECTED] Subject: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? I'm trying to setup our location in Atlanta with Bering (have 3 others running else where in the country). The router is a Cayman 3220H which I set to bridge mode using instructions on the Cayman (now Netoptia website) and then began setting up Bering. BellSouth tech support is telling me the service is PPPoE, but the router is showing different settings they what they expect. Based on the Cayman settings it appears to me to be PPPoA (the ATM Configuration screens has one interface defined as ppp-llc). I was working with the PPPoE and now PPPoA Bering setups without any success yet. Does anyone have this service in the Atlanta area that can confirm if it is PPPoA and give me any hints? I'm calling BellSouth again... Thanks, Todd --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA?
Sounds like you have a static IP at this location then. I believe you can let the Cayman take care of the DSL connection and just forward UDP port 500 and protocol 50 from the Cayman to the Bering box and achieve the desired result. Since you will be NATing the ports, don't forget to use ipsecnat for the TYPE column in the Shorewall Tunnels file. I have a Bering-FreeS/WAN Net-to-Net VPN using BellSouth DSL (dynamic IP and a Cayman) on one end and a T1 with a static IP on the other end and it works great. Chris -Original Message- From: Todd Pearsall [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 1:17 PM To: 'Chris Blackmon' Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? Thanks for the reply. I want to set up this office be able to join the vpn with 2 other Leaf routers and support road warrior VPN users. If been reading about their VPN add-on for the Cayman (SafeHarbour) and it sounds like I could use that to connect to the other offices for $40 per tunnel, but but 5-15 road warriors will get pricy, vs free like the other offices. I was trying to set the Cayman as bridge and do all the routing with Bering which I *assumed* meant Bering would have to bring up the PPPoA connection as well. I'd love to be wrong ;). Thanks, Todd -Original Message- From: Chris Blackmon [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 11:35 AM To: 'Todd Pearsall' Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? Todd, Why do you want the Bering box to make the PPP connection to your ISP instead of the router? I have the same router with BellSouth DSL in Raleigh and would like to help, but I guess I am not clear on what you are trying to accomplish. Chris Blackmon -Original Message- From: Todd Pearsall [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 11:05 AM To: [EMAIL PROTECTED] Subject: RE: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? Making a little progress. I was able to confirm in the Cayman router setup that it is in fact PPPoA and not PPPoE so at least I can focus getting the PPPoA up. I'm using the Bering User's Guide PPPoA Configuration section which uses an ATM/PCI card vs. I have the Cayman attached to eth0. I'm not sure how I should be defining interfaces the example is: auto lo ppp0 eth0 iface lo inet loopback iface ppp0 inet ppp provider dsl-provider iface eth0 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 What I want to do is: auto lo iface lo inet loopback auto ppp0 iface ppp0 inet ppp provider dsl-provider eth0 - auto eth1 iface eth1 inet static address 192.168.1.254 masklen 24 broadcast 192.168.1.255 But the older ppp that you need for pppatm doesn't seem to support the eth0 parameter. Should the internal be eth0 or eth1? Any ideas or direction would be greatly appreciated. Thanks, Todd -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Todd Pearsall Sent: Tuesday, January 28, 2003 10:53 AM To: [EMAIL PROTECTED] Subject: [leaf-user] Help with BellSouth DSL in Atlanta and PPPoA? I'm trying to setup our location in Atlanta with Bering (have 3 others running else where in the country). The router is a Cayman 3220H which I set to bridge mode using instructions on the Cayman (now Netoptia website) and then began setting up Bering. BellSouth tech support is telling me the service is PPPoE, but the router is showing different settings they what they expect. Based on the Cayman settings it appears to me to be PPPoA (the ATM Configuration screens has one interface defined as ppp-llc). I was working with the PPPoE and now PPPoA Bering setups without any success yet. Does anyone have this service in the Atlanta area that can confirm if it is PPPoA and give me any hints? I'm calling BellSouth again... Thanks, Todd --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM +
[leaf-user] pop-ups
Is there any way to use a Linux router to block popups? --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] pop-ups
On Tue, 2003-01-28 at 10:44, [EMAIL PROTECTED] wrote: Is there any way to use a Linux router to block popups? Phillip, A web proxy might. Alternately, consider switching to a browser that will disable them. -- Mike Noyes mhnoyes @ users.sourceforge.net http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ http://sitedocs.sf.net/ http://ffl.sf.net/ --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] how to send mail with ssmtp?
I tried: echo test | ssmtp [EMAIL PROTECTED] ssmtp: can't open the smtp port (25) on mailhost. or like it works with Qmail: echo to:[EMAIL PROTECTED] | ssmtp ssmtp: no recipients supplied: no mail will be sent. What's wrong or how to send correctly from commanline? My ssmtp.conf has: mailhub=mail.myisp.net, but it looks like ssmtp cannot connect. Sending mail with qmail smtproutes (mail.myisp.net) works. What's WRONG with ssmtp? - Sunpoint.net ilmoittaa: Sunpoint.netistä saat luotettavan sähköpostiosoitteen maksutta. http://www.sunpoint.net/SunAds/click.htm?mode=footerid=67jump=http%3A%2F%2Fwww.sunpoint.net --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bell Business Internet service and LEAF
On Tue, 2003-01-28 at 08:48, Stephen Lee wrote: On Tue, 2003-01-28 at 05:46, John Mullan wrote: I have set up Bering on Bell DSL. Following the user guide works pretty straight forward. However, when it came to using the username/password for connection, there was a point I wasn't aware of and it made the difference between connecting and not connecting. There are two files where to enter this information. From work here, I cannot recall but I believe it is in the Modules - PPPoE setup. One file you enter the various possible logins you could use (ie; username/password). The other is where you indicate which username you wish to login with. Other than that, the preconfigured defaults worked fine for me. Are you refering to both menu items under pppoe configuration files corresponding to /etc/ppp/peers/dsl-provider and /etc/ppp/pap-secrets respectively? I take it then that Bell uses PPPoE with PAP? One other thing ;-) What did you adjust in the ISP Login Script for the PPP module? Do I need to enter a phone number? Thanks for your help! Stephen --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Nice tool
On Tuesday 28 January 2003 09:49 am, [EMAIL PROTECTED] wrote: Hi! Thanks again for the previous help, but i've got one more ;-) I've found a very powerful tool on http://www.dest-unreach.org/socat/ (for testing purposes), but i'm unable to compile (cause of the missing linux box), could somebody help me? There are tons of dependancies. Your best bet would be with someone with an Oxygen development tree. I sure don't have the dependancies with my devel system.if it will compile at all on glibc-2.0.7 (kind-of doubtful). Maybe someone else has better insight or a system to try it. -- ~Lynn Avants Linux Embedded Appliance Firewall developer http://leaf.sourceforge.net --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-594097 ] Dachstein will not start on 486/100.....
Support Requests item #594097, was opened at 2002-08-12 10:57 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=594097group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Closed Priority: 5 Submitted By: Dion Bird (dionb98) Assigned to: Mike Noyes (mhnoyes) Summary: Dachstein will not start on 486/100. Initial Comment: Dachstein will not start on my 486 DX4/100 with 32MB of RAM. Here is a summary of the boot process before it locks up. IP Filters: [IP Forwarding: DISABLED] flushed SIOCGIFFLAGS: Operation not supported by device Bind socket to interface: Operation not supported by device exiting Starting Network: [IP Always Defrag: ENABLED] IP filters: firewall [IP Forwarding: ENABLED] Loopback interface: lo Starting interface: Cannot find device eth1 SIOCGIFFLAGS: Operation not supported by device eth1 Hostname: firewall Static NS: 2 hosts At this point the cursor just sits and flashes. On my other systems the disk will boot completely, with the summary I have provided, same as what's written above. (Including the operation not supported by device stuff) Any insight on why it won't continue past this point on the 486? As I said before it is a 486 DX4/100 with 32MB RAM. I have stripped it down to just the PCI video card and the PCI NIC card. I've tried booting it with no NIC card, and 1 card and 2 cards. If I boot the system under Windows 98, it will detect the network cards so they appear to be functioning. I would appreciate any suggestions you have. Dion -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 16:56 Message: Logged In: YES user_id=176069 I am closing this request due to lack of a response. If there are still any issues, please open a new request. -- Comment By: magic freeman (kiwispaniol) Date: 2002-11-16 04:21 Message: Logged In: YES user_id=650015 hi Dion sorry for asking about other stuff does this Dachstein supports dial on demand (56k modem) today is the first time i read about it, i cant find more info about it. cheers mate freeman -- Comment By: Nobody/Anonymous (nobody) Date: 2002-08-14 09:30 Message: Logged In: NO Have you configured the NIC's with DOS?, What is the make and model of your NIC's Are you loading the right drivers? example: NE2000-pci = pciscan + 8390 + ne2k-pci modules to load. Is your BIOS set to PNP os? Peter -- Comment By: Lynn Avants (guitarlynn) Date: 2002-08-13 22:41 Message: Logged In: YES user_id=176069 Some old BIOS's do not detect the larger floppy format that the LEAF distro's use. A BIOS update may or may not allow for the larger format and I do not know of a definate fix that works for this problem. You may need to reduce your LEAF disk to fit on a 1.44M formatted disk or use a different machine. Unfortunately this is the best advice I can give on this one. I hope it helps, ~Lynn -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=594097group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-599512 ] Weblet won't load from CD ROM
Support Requests item #599512, was opened at 2002-08-23 22:35 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=599512group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Weblet won't load from CD ROM Initial Comment: I'm having a problem loading the Weblet module from the CD-ROM. I've done a search in the archives, but have found anything quite like this... When I use an unaltered ISO file weblet loads fine. When I try adding a LRP to my lrpkg.cfg, the Weblet package will not load and I get repeating cdrom_decode_status errors. I have tired moving the postion of the weblet in my list and each time all the packages load until it gets to this one. If I take the weblet listing out, everything loads fine. Any ideas? -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:04 Message: Logged In: YES user_id=176069 It sounds as if there is a error in your syslinux.cfg file, a possible corrupted weblet, a conflict between the CD and floppy files, or something else I am not aware of. Due to the lack of response for an extended time, I am closing this request. If there is still an issue, please open a new request. ~Lynn -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=599512group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] distribution for flash + 2.4.20 + iptables (no shorewall)
Hi gang, What would be the best distribution to use on a flash + 2.4.x system? I like Bering, but I am going to be setting up linux routers with BGP so I don't want to experiment with learning shorewall on these systems. Space is not an issue as I have 256-mb flash cards. Thanks much for your time, Peter PS - is there a way to turn off Shorewall or run my own iptables rules in Bering? That would be fine. --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] distribution for flash + 2.4.20 + iptables (no shorewall)
Hello Peter, I have been looking for a similar answer but have yet to find a good solution because I want to add a JVM to my flash based linux. I think the best bet might be LFS (Linux From Scratch) --- Peter Mueller [EMAIL PROTECTED] wrote: Hi gang, What would be the best distribution to use on a flash + 2.4.x system? I like Bering, but I am going to be setting up linux routers with BGP so I don't want to experiment with learning shorewall on these systems. Space is not an issue as I have 256-mb flash cards. Thanks much for your time, Peter PS - is there a way to turn off Shorewall or run my own iptables rules in Bering? That would be fine. --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] distribution for flash + 2.4.20 + iptables (no shorewall)
--- Peter Mueller [EMAIL PROTECTED] wrote: Hi gang, What would be the best distribution to use on a flash + 2.4.x system? Bering and WISP-dist are the only 2.4.x kernel LEAF variants. WISP is primarily for wireless and is a CF/IDE image. Bering will do about anything you set it up to do. like Bering, but I am going to be setting up linux routers with BGP so I don't want to experiment with learning shorewall on these systems. Space is not an issue as I have 256-mb flash cards. Just remove the Shorewall package. PS - is there a way to turn off Shorewall or run my own iptables rules in Bering? That would be fine. Yep, remove the shorewall package from syslinux.cfg on your actual disk. You may need to backup etc.lrp or root.lrp to save your firewall rules. -- ~Lynn Avants Linux Embedded Appliance Firewall developer http://leaf.sourceforge.net --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] distribution for flash + 2.4.20 + iptables (noshorewall)
--On Tuesday, January 28, 2003 6:35 PM -0800 Peter Mueller [EMAIL PROTECTED] wrote: What would be the best distribution to use on a flash + 2.4.x system? I like Bering, but I am going to be setting up linux routers with BGP so I don't want to experiment with learning shorewall on these systems. Space is not an issue as I have 256-mb flash cards. If you understand enough to create your own secure firewall using iptables, then I'm amazed that you feel the need to post on a mailing list to learn how to omit one small package (Shorewall) from a simple floppy-based Linux distribution (Bering). Nevertheless, I offer my (tongue in cheek) help: a) Remove the shorewall package from syslinux.cfg b) Remove shorwall.lrp from your floppy/CF/IDE image. c) Develop your own .lrp package that is secure and easy to configure in the face of changing firewalling/gateway requirements. c) Replace Shorewall with your own package on your floppy/CF/IDE image. d) Add your package to syslinux.cfg. e) Test that your package actually works with Bering; fix and repeat this step as necessary (and you will have to repeat this step with each Bering upgrade). f) Test to ensure that your package backs up your firewall configuration when you select 'Backup' from the lrcfg menu (I'm sure you know how to make your package appear in the backup menu) g) Test to ensure that restoring your package restores your iptables configuration If you think that the above two steps are trivial, browse the LEAF and Shorewall list archives. h) Submit your package to 1000s of people on the internet over a period of 12 to 18 months to validate its flexibility, usability and security. i) Use what you learn in that 12 to 18 month period to improve your package to make it more flexible, easier to use and more secure. You're right -- it is so simple that I can't understand why anyone struggles with learning shorewall on these systems... :-) -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline,\ http://www.shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-609807 ] unable to browse internet thru client
Support Requests item #609807, was opened at 2002-09-16 02:23 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=609807group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: unable to browse internet thru client Initial Comment: i tried to save the text file as suggested but it only created garbage folders..so unable to include the files.. eth0 = 202.187.248.3 (public ip) am able to ping to the web from the router pc.. eth1 = 196.9.200.1 am able to ping this ip from a client pc.. but when i browse the internet from the client pc i will get error 404 file not found.. -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:12 Message: Logged In: YES user_id=176069 You have changed your private subnet and likely not changed it in all the required places; one of which is dnscache. You should make the proper modifications to all the proper places if you do NOT use the default subnet for the LAN side of the router. I am closing this request due to lack of response for an extended time. If this did not resolve the issue, please open a new request. -- Comment By: Matt Schalit (rogermatt) Date: 2002-09-20 14:40 Message: Logged In: YES user_id=144016 Try the commands: ip addr show /tmp/output echo /tmp/output ip route show /tmp/output mount -t msdos /dev/fd0u1680 /mnt cp /tmp/output /mnt umount /mnt Then remove the floppy and put it in a windows box that has access to the net, open the output file in wordpad and copy and paste the output into here so we can see your setup. Also tell us your LEAF flavor, version, if you're using the 196.9.200.0 network that belongs to Dimension Data in South Africa for a reason, what modifications you've done to your LEAF to make it work with that public network, and any relevant messages in your syslog. Regards, Matthew -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=609807group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-615630 ] FTP on Bering
Support Requests item #615630, was opened at 2002-09-27 14:07 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=615630group_id=13751 Category: Release/Branch: Bering Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: FTP on Bering Initial Comment: I recive this message on syslog when I try to connect to a FTP-server on my subnet; Sep 27 21:00:21 firewall kernel: Shorewall:all2all:REJECT:IN=eth1 OUT= MAC=00:a0:24:4e:c5:e6:00:e0:18:53:6c:d8:08:00 SRC=192.168.1.3 DST=80.213.84.219 LEN=48 TOS=0x10 PREC=0x00 TTL=128 ID=26385 DF PROTO=TCP SPT=3964 DPT=21 WINDOW=16384 RES=0x00 SYN URGP=0 Shorewall rules look like this; DNATnet loc:192.168.1.200:21 tcp 21 I used to have a limited access to my server; then i used this rule DNAT net;external ip-adress loc:192.168.1.200:21 tcp 21 so - all i did, was to remove the external ip to allow everybody to access my ftp-server...now, nobody gets through.any ideas?? PS! thanx for u're support tom -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:13 Message: Logged In: YES user_id=176069 Based on the most recent comment on this support request, it is our understanding that this matter has been addressed. Should you require further assistance from LEAF project members, please submit a new support request. Thank you, leaf-project.org support -- Comment By: Nobody/Anonymous (nobody) Date: 2002-09-27 14:54 Message: Logged In: NO OK - thanx! -- Comment By: Tom Eastep (teastep) Date: 2002-09-27 14:16 Message: Logged In: YES user_id=6546 Please read FAQ #2 - http://www.shorewall.net/FAQ.htm#faq2 -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=615630group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-617946 ] Can't ping/connect to firewall
Support Requests item #617946, was opened at 2002-10-03 02:20 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=617946group_id=13751 Category: Release/Branch: Bering Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Can't ping/connect to firewall Initial Comment: Hi, I am new to Linux (six months), and am trying to setup a Linux Router using Bering_1.0- rc3_img_bering_1680.exe. I have followed the Bering Installation/Users Guide step-by-step to setup the router using mostly default settings where possible. My problem is that my local LAN (192.168.1.0/24) cannot ping and/or connect to the Bering/Shorewall firewall? The following is the configuration of my LAN at the moment: Win2000P Bering +---+ + + LAN2-| 192.168.72.74 | | eth0:65.95.176.193 |--- PPPoE/ADSL | | || | 192.168.1.10 |-xLink RJ45-| eth1:192.168.1.254 | | | || +---+ + + On the Bering LRP, I can ping (1) eth0, (2) eth1, and the Internet, except when I tried to ping loc:192.168.1.10, I receive the following message: PING 192.168.1.10 (192.168.1.10): 56 data bytes --- 192.168.1.10 ping statistics --- 2 packets transmitted, 0 packets received, 100% packet loss I think it is something to do with either (1) iptables or (2) shorewall. But I don't have the necessary knowledge to fix it. Other information: uname -a: Linux firewall 2.4.18 #4 Sun Jun 9 09:46:15 CEST 2002 i486 unknown ip addr show: 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:35:c6:7b brd ff:ff:ff:ff:ff:ff 4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:80:c8:93:ba:3a brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 5: ppp0: POINTOPOINT,MULTICAST,NOARP,UP mtu 1492 qdisc pfifo_fast qlen 3 link/ppp inet 65.95.176.193 peer 65.95.176.1/32 scope global ppp0 ip route show: 65.95.176.1 dev ppp0 proto kernel scope link src 65.95.176.193 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254 default via 65.95.176.1 dev ppp0 iptables -L: Chain INPUT (policy DROP) target prot opt source destination ACCEPT ah -- anywhere anywhere ppp0_inah -- anywhere anywhere eth1_inah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:INPUT:REJECT:' reject ah -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU ppp0_fwd ah -- anywhere anywhere eth1_fwd ah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:FORWARD:REJECT:' reject ah -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT ah -- anywhere anywhere DROP icmp -- anywhere anywhere state INVALID ACCEPT icmp -- anywhere anywhere fw2net ah -- anywhere anywhere all2allah -- anywhere anywhere common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:OUTPUT:REJECT:' reject ah -- anywhere anywhere Chain all2all (3 references) target prot opt source destination ACCEPT ah -- anywhere anywhere state RELATED,ESTABLISHED common ah -- anywhere anywhere LOGah -- anywhere anywhere LOG level info prefix `Shorewall:all2all:REJECT:' reject ah -- anywhere anywhere Chain common (5 references) target prot opt source destination icmpdeficmp --
[leaf-user] [ leaf-Support Requests-620235 ] CD image for WISP
Support Requests item #620235, was opened at 2002-10-08 08:54 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=620235group_id=13751 Category: None Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Nobody/Anonymous (nobody) Summary: CD image for WISP Initial Comment: Is there a bootable CD image for the WISP branch? Where can I find info on how to make such an image? It would make it much easier to experiment with it on simple PC boxes... Thanks -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:29 Message: Logged In: YES user_id=176069 I don't believe there have been any other requests for WISP, but your request has been duely noted. Sometime in the future a CD image may be available if someone develops one. Thanks for the suggestion. -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=620235group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-624181 ] unable to insmod realtek module
Support Requests item #624181, was opened at 2002-10-16 11:17 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=624181group_id=13751 Category: Release/Branch: Dachstein Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: unable to insmod realtek module Initial Comment: I could not get the NIC with chipset rtl8139c to work under Linux LRP. It complained when I loaded the module 8139.o which I download from the LEAF site. Received following messages after invoking insmod rtl8139:- Using /lib/modules/rtl8139.o insmod: can't handle sections of type 1647181921 insmod: Could not load the module: No such file or directory The rtl8139.o does exist in /lib/modules. I have installed the RedHat 6.2 on the PC and it can recognize the realtek NIC. I will include their files for your viewing. Please email to [EMAIL PROTECTED] It is dougV V, not W -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:37 Message: Logged In: YES user_id=176069 You most likely didn't load pciscan.o first. I am closing this request due to lack of response, if there is still an issue please open a new request. -- Comment By: Li Tin Ove Weedle (litinoveweedle) Date: 2002-10-17 03:48 Message: Logged In: YES user_id=630836 You have to get rtl8139.o and place it to the /lib/modules There are two choices. First you will fing binary rtl8139.o compiled for your dachstein distribution (for proper kernel version) or you have to find rtl8139.c C source code file and kernel source files and compile module. You can succesfully use your RH to do this. like: You have to have kernel source codes for Dachstein or find out which version of kernel your dachstein LRP use and visit www.kernel.org to get same version kernel sources. Unpack to your RH to /usr/src/dachstein There should be source for rtl8139 (rtl8139.c) included in sources from kernel.org. (if you unpack it properly it should stay in /usr/src/dachstein/drivers/net ) If not visit www.scyld.com and search for net-drivers-3-1-1.gz unpack fing rtl8139.c and place it to /usr/src/dachstein/drivers/net . Then switch to that directory and compile modules by gcc -DMODULE -D__KERNEL__ -O6 -c rtl8139.c - I/usr/src/dachstein This produce rtl8139.o which you can test by INSMOD rtl8139.o (test on Dachstein) You can compile on any Linux distribution with gcc instaled, I did it on RH too Litin -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=624181group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-630851 ] Traffic shaping in Bering
Support Requests item #630851, was opened at 2002-10-29 20:28 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=630851group_id=13751 Category: Release/Branch: Bering Group: None Status: Closed Priority: 5 Submitted By: Ernest Fontes (ef11) Assigned to: Mike Noyes (mhnoyes) Summary: Traffic shaping in Bering Initial Comment: First let me express my amazement and gratitude to all the talented developers along the path to Bering 1.0-rc4. I love open source and the creativity it encourages. I've used Bering rc3 for several months now and love it. I've poured over the documentation and bootstrapped myself enough to add and remove packages and modules, etc. I've even added the lrpstat package to my router so I have mesmerizing stripcharts of traffic. A true lava lamp if I've ever seen one! The feature I now drool over is traffic shaping. I have a family of five and we're stuck sharing a dial-up modem. Sad, I know, but actually workable. To make it more workable I'd like to shape traffic so that I can start a long download, at low priority, so that it will yield whenever interactive traffic needs some space. I tried a tcstart file under shorewall in RC3 but dropped it after getting constant error messages. I was encouraged to see mention that the RC4 included a version of tc patched for htb (version 2) (section 12.11 in the Information on packages provided in the Bering...). So I dug right in and added tc.lrp to my router and then tried the first parts of T. Eastep's script. Still the same error messages: RTNETLINK: invalid argument I know I'm not giving much detail right now but before I spend more time on this I'd like to know if it can work and if I'm anywhere close to the correct path. Thanks in advance. Ernie -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:41 Message: Logged In: YES user_id=176069 Based on the most recent comment on this support request, it is our understanding that this matter has been addressed. Should you require further assistance from LEAF project members, please submit a new support request. Thank you, leaf-project.org support -- Comment By: Tom Eastep (teastep) Date: 2002-10-29 21:02 Message: Logged In: YES user_id=6546 Are you loading the appropriate kernel modules? I don't know how Jacques is building his rc4 kernel but I can envision you needing to load both sch_sfq and sch_htb. You may need more modules if the basic QoS capability is also modularized. -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=630851group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-639240 ] internet sharing with 56k modem
Support Requests item #639240, was opened at 2002-11-15 22:38 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=639240group_id=13751 Category: Release/Branch: Oxygen Group: None Status: Closed Priority: 5 Submitted By: magic freeman (kiwispaniol) Assigned to: Mike Noyes (mhnoyes) Summary: internet sharing with 56k modem Initial Comment: Does LEAF (Oxygen) or others versions, supports internet sharing with Dialup (56kmodem) Cheers -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:43 Message: Logged In: YES user_id=176069 Yes it does, with the proper configuration and if your modem is supported by Linux/Oxygen. I am closing this request due to lack of response, please open a new one if there are still issues. -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=639240group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-665799 ] Filtering bridge stopped working after upgrade to 2.4.20
Support Requests item #665799, was opened at 2003-01-10 09:26 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=665799group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Garrett Martin (garrettm) Assigned to: Mike Noyes (mhnoyes) Summary: Filtering bridge stopped working after upgrade to 2.4.20 Initial Comment: I have a Bering box with 3 3com 905ctx NIC eth0= monitoring only eth1 and eth2 are bridged I have been running the same config since RC2, and have upgraded to each RC and finally stable without a problem. Once the box was upgraded to 2.4.20 Kernel, modules, and IPTables (1.2.7a) the bridge would not filter anymore. The result is all traffic is allowed, and there is no logging or current connection information except on eth0. I have rolled back to Shorewall 1.3.10, thinking it might be a shorewall issue, but that didnt fix the problem. I rolled back to STABLE-1 and upgraded to shorewall 1.3.12 and everything works again, so I assume the problem is with the 2.4.20 kernel, 1.2.7a iptables, or bridge.o Any help is appreciated... Thanks in advance. -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:45 Message: Logged In: YES user_id=176069 I'll see if Jacques or one of the other Bering developers are aware of this. This should be resolved and appears to be a kernel issue. -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=665799group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-597193 ] Commercial Support
Support Requests item #597193, was opened at 2002-08-19 10:15 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=597193group_id=13751 Category: Release/Branch: Bering Group: None Status: Closed Priority: 5 Submitted By: Nobody/Anonymous (nobody) Assigned to: Mike Noyes (mhnoyes) Summary: Commercial Support Initial Comment: What is the commercial support that the features document stated? (Noted below) Support Vast resources, and HOWTO's. Active mailing list. Commercial software support and hardware solutions available. Bobby -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 21:08 Message: Logged In: YES user_id=176069 ref. 1397 This has been corrected. Thank-you Mike. -- Comment By: Mike Noyes (mhnoyes) Date: 2002-08-19 10:35 Message: Logged In: YES user_id=39521 Interesting. We may want to remove the last sentence from docid 1397. However, we have links to hardware vendors, and some of our members offer consulting services. Maybe this change would be appropriate: Hardware solutions and consulting services are available. Opinions or suggestions are welcome. ref. docid 1379 http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/doc/docmanager/ hardware vendors http://leaf-project.org/links.php?op=viewlinkcid=8 -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=597193group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-668950 ] UML - Probs starting Bering
Support Requests item #668950, was opened at 2003-01-16 02:43 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=668950group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Mathias Leinmueller (mleinmueller) Assigned to: Jacques Nilo (jnilo) Summary: UML - Probs starting Bering Initial Comment: Hi, I am trying to run Bering in UML. UML itself works when I try it with root_woody_fs. When starting Bering (built according to http://leaf.sourceforge.net/devel/jnilo/uml05.html) I get the errors below. Could anybody give me a hint how to solve the problem? Thanks. Mat Linux version 2.4.19-5um ([EMAIL PROTECTED]) (gcc version 2.96 2731 (Red Hat Linux 7.1 2.96-81)) #2 Mon Sep 16 15:41:15 EDT 2002 On node 0 totalpages: 8192 zone(0): 8192 pages. zone(1): 0 pages. zone(2): 0 pages. Kernel command line: ubd0=Bering_fs initrd=initrd.lrp root=/dev/ram0 init=/linuxrc boot=/dev/ubd0:minix PKGPATH=/dev/ubd0 devfs=nomount LRP=root,etc,local,log,modules,shorwall Calibrating delay loop... 68.48 BogoMIPS Memory: 29788k available Dentry cache hash table entries: 4096 (order: 3, 32768 bytes) Inode cache hash table entries: 2048 (order: 2, 16384 bytes) Mount-cache hash table entries: 512 (order: 0, 4096 bytes) Buffer-cache hash table entries: 1024 (order: 0, 4096 bytes) Page-cache hash table entries: 8192 (order: 3, 32768 bytes) Checking for host processor cmov support...No Checking for host processor xmm support...No Checking that ptrace can change system call numbers...OK Checking that host ptys support output SIGIO...No, enabling workaround Checking that host ptys support SIGIO on close...No, enabling workaround POSIX conformance testing by UNIFIX Linux NET4.0 for Linux 2.4 Based upon Swansea University Computer Society NET3.039 Initializing RT netlink socket Starting kswapd VFS: Diskquotas version dquot_6.4.0 initialized Journalled Block Device driver loaded devfs: v1.12a (20020514) Richard Gooch ([EMAIL PROTECTED]) devfs: boot_options: 0x0 Installing knfsd (copyright (C) 1996 [EMAIL PROTECTED]). pty: 256 Unix98 ptys configured RAMDISK driver initialized: 16 RAM disks of 4096K size 1024 blocksize loop: loaded (max 8 devices) Universal TUN/TAP device driver 1.5 (C)1999-2002 Maxim Krasnyansky SCSI subsystem driver Revision: 1.00 NET4: Linux TCP/IP 1.0 for NET4.0 IP Protocols: ICMP, UDP, TCP IP: routing cache hash table of 512 buckets, 4Kbytes TCP: Hash tables configured (established 2048 bind 2048) NET4: Unix domain sockets 1.0/SMP for Linux NET4.0. Initializing software serial port version 1 mconsole (version 2) initialized on /root/.uml/YccNSi/mconsole Partition check: ubda: unknown partition table UML Audio Relay Initializing stdio console driver RAMDISK: Compressed image found at block 0 Freeing initrd memory: 401k freed FAT: bogus logical sector size 0 UMSDOS: msdos_read_super failed, mount aborted. FAT: bogus logical sector size 0 FAT: bogus logical sector size 0 Kernel panic: VFS: Unable to mount root fs on 01:00 -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=668950group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [ leaf-Support Requests-665799 ] Filtering bridge stopped working after upgrade to 2.4.20
Support Requests item #665799, was opened at 2003-01-10 09:26 You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=665799group_id=13751 Category: Release/Branch: Bering Group: None Status: Open Priority: 5 Submitted By: Garrett Martin (garrettm) Assigned to: Jacques Nilo (jnilo) Summary: Filtering bridge stopped working after upgrade to 2.4.20 Initial Comment: I have a Bering box with 3 3com 905ctx NIC eth0= monitoring only eth1 and eth2 are bridged I have been running the same config since RC2, and have upgraded to each RC and finally stable without a problem. Once the box was upgraded to 2.4.20 Kernel, modules, and IPTables (1.2.7a) the bridge would not filter anymore. The result is all traffic is allowed, and there is no logging or current connection information except on eth0. I have rolled back to Shorewall 1.3.10, thinking it might be a shorewall issue, but that didnt fix the problem. I rolled back to STABLE-1 and upgraded to shorewall 1.3.12 and everything works again, so I assume the problem is with the 2.4.20 kernel, 1.2.7a iptables, or bridge.o Any help is appreciated... Thanks in advance. -- Comment By: Lynn Avants (guitarlynn) Date: 2003-01-28 20:45 Message: Logged In: YES user_id=176069 I'll see if Jacques or one of the other Bering developers are aware of this. This should be resolved and appears to be a kernel issue. -- You can respond by visiting: https://sourceforge.net/tracker/?func=detailatid=213751aid=665799group_id=13751 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html