Re: [leaf-user] System for 500 users and 20MB download
Hi, You don't say what this router is going to do. OK, more detailed this time. I dont have the exact specifications but will try to explain it the better I can. First of all, I have very few information yet. A frien of us that is helping organicing a local Computer Party asked us if we wanted to cooperative placing a Lince system in it. They are just designing the infraestructure and for us being in such a party would mean a lot of publicity and a real hard test for our little system. This system will manage the Internet access of around 500 users and servers in a Computer Party. Other servers will provide the needed services (FTP; DHCP, Quake,...) This system just needs to be the last frontier. This system has 3 Realtek ethernet interfaces. One will go to the WAN link (20MB) and the other two I dont know yet. The servers wont provide access from the Internet, so dont know if they will need a DMZ. The system will do firewalling to the ouside and HTB (or CBQ if too hard for CPU) based QoS. All the inside computers will have a real public IP so NAT wont be needed. Just that. Inside we will have very expensive and intelligent equipment from Cisco (dont know the models yet). I guess all internall 100MB traffic will be managed by them. So the LEAF system only needs to manage the internet bandwith. A little ASCII art :) INTERNET | | 20 MB | LEAF | | DMZ--- | 100 MB | | Cisco (s) | | | | | | | | | | | | | | | | | | 100 MB Internal servers and clients Do you want 500 users to have simultaneous Internet access? Yes With Nat? No DCHP? No With two cards, 2 Lans? The board has 3 ethernets, but dont know the exact configuration yet (with DMZ or two internal). I guess that placing both as internal will force the system to manage a 100MB stream and this will be surelly blow in peaces. So or DMZ or just leave the third interface unused. On a single T1? It will be a single connection, dont know the typeyet. Are you going to chain together 50 to 100 hubs? I guess they are going to chain toguether SWITCHES and use real Cisco routers. A Via 533 is not going to service 100MBS total bandwith. I saw that. That is why the system is just in the border to manage only 20MB. All internal traffic will be managed by dedicated equipment from Cisco. And this sounds like downtown collision city. All the infraestructure will be conmutated. We have other options. We could use the same system but with 2x Intel Ethernet 10/100 and 1x Intel 10/100/1000, we could use one with 512 MB RAM or we could update the CPU to a VIA C3 800. I just one to know if the other box will be enough. Thanks in advance. Regards. -- Jaime Nebrera - [EMAIL PROTECTED] --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] modules aren't loading at boot
Hi all, What could be the reason why two modules might not load at boot? When I mount the media manually and lrpkg -i the .lrp's everything seems fine. If nobody has any ideas, how do I turn up logging so that I can at least have a starting point of where I'm going wrong? Thanks P # cat /mnt/syslinux.cfg display syslinux.dpy timeout 0 default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 boot=/dev/hda1:msdos PKGPATH=/dev/hda1 LRP=root,etc,local,modules,iptables,iptutil,ncurses,bash,netstatn,nettools,n tpdate,snarf,libc225,libm,libz,libpopt,libcrpto,libssl2,ssh,sshd,kpalived,ze bra,bgpd --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] modules aren't loading at boot
Hi Peter, Is it the last two packages in the LRP= line in the syslinux.cfg file that are not loading? I have noticed that when this line gets too long the end is not processed! I would be interested to know if there is a simple solution to this. Cheers, Tim - Original Message - From: Peter Mueller [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 05, 2003 10:09 AM Subject: [leaf-user] modules aren't loading at boot Hi all, What could be the reason why two modules might not load at boot? When I mount the media manually and lrpkg -i the .lrp's everything seems fine. If nobody has any ideas, how do I turn up logging so that I can at least have a starting point of where I'm going wrong? Thanks P # cat /mnt/syslinux.cfg display syslinux.dpy timeout 0 default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 boot=/dev/hda1:msdos PKGPATH=/dev/hda1 LRP=root,etc,local,modules,iptables,iptutil,ncurses,bash,netstatn,nettools,n tpdate,snarf,libc225,libm,libz,libpopt,libcrpto,libssl2,ssh,sshd,kpalived,ze bra,bgpd --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] modules aren't loading at boot
Peter and Tim, Peter Mueller wrote: What could be the reason why two modules might not load at boot? I think you mean packages. Modules usually refers to the blah.o kernel modules that go in /lib/modules . When I mount the media manually and lrpkg -i the .lrp's everything seems fine. [..] default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 boot=/dev/hda1:msdos PKGPATH=/dev/hda1 LRP=root,etc,local,modules,iptables,iptutil,ncurses,bash,netstatn,nettools,ntpdate,snarf,libc225,libm,libz,libpopt,libcrpto,libssl2,ssh,sshd,kpalived,zebra,bgpd Wow. That one is definitely over the ~256 character line limit... On Wed, 05 Feb 2003 11:19:57 GMT Tim Scott replied: Hi Peter, Is it the last two packages in the LRP= line in the syslinux.cfg file that are not loading? I have noticed that when this line gets too long the end is not processed! I would be interested to know if there is a simple solution to this. There is. Check out http://leaf.sourceforge.net/devel/jnilo/bubooting.html#AEN1155 and read about using a lrpkg.cfg file instead of PKGPATH. (Even though lrpkg.cfg is described in the CD-ROM booting docs, it's not boot-media specific.) HTH, Brad --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] modules aren't loading at boot
The max size of the line is 255 characters. Suggest you use lrpkg.cfg file and place the rest of the line after the LRP= in syslinux.cfg as a single line in this file. It will go thro'. Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Scott Sent: 05 February 2003 16:50 To: Peter Mueller; [EMAIL PROTECTED] Subject: Re: [leaf-user] modules aren't loading at boot Hi Peter, Is it the last two packages in the LRP= line in the syslinux.cfg file that are not loading? I have noticed that when this line gets too long the end is not processed! I would be interested to know if there is a simple solution to this. Cheers, Tim - Original Message - From: Peter Mueller [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 05, 2003 10:09 AM Subject: [leaf-user] modules aren't loading at boot Hi all, What could be the reason why two modules might not load at boot? When I mount the media manually and lrpkg -i the .lrp's everything seems fine. If nobody has any ideas, how do I turn up logging so that I can at least have a starting point of where I'm going wrong? Thanks P # cat /mnt/syslinux.cfg display syslinux.dpy timeout 0 default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 boot=/dev/hda1:msdos PKGPATH=/dev/hda1 LRP=root,etc,local,modules,iptables,iptutil,ncurses,bash,netstatn,nettools,n tpdate,snarf,libc225,libm,libz,libpopt,libcrpto,libssl2,ssh,sshd,kpalived,ze bra,bgpd --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering uClibc - ulogd: load_plugins: /usr/lib/ulogd/ulog_*.so- File not found
Eric Spakman wrote: It seems you need MySQL and PostgressSQL to compile the specific plugins and I have neither of them on my development machine... I made a new ulogd.mk and attached it, maybe you can try this one. My only other guess would be that configure cannot find the mysql and pgsql paths, you could try to set them also (but it is strange that it works with glibc). I tried the new ulogd.mk but unfortunately results are almost the same for both MYSQL and PGSQL plugins [File not found]. The difference is that for pgsql I get File not found for BASE.so and PGSQL.so and for mysql File not found is only for MYSQL.so. I don't know exactly how the two database applets interact with MySQL and Postgress. You could also look at the config.log for errors after you build the sources. config.log looks the same for uClibc and glibc. I'll try to ask the author of ulogd, maybe he has an idea. Thank you very much for your help. lwd. --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering uClibc - ulogd: load_plugins: /usr/lib/ulogd/ulog_*.so - File not found
On Wednesday 05 February 2003 11:10 am, Laurentiu Drob wrote: I tried the new ulogd.mk but unfortunately results are almost the same for both MYSQL and PGSQL plugins [File not found]. The difference is that for pgsql I get File not found for BASE.so and PGSQL.so and for mysql File not found is only for MYSQL.so. It sounds as if your shared libraries are compiled for a path that are NOT where the libraries are actually stored at on the LEAF box. This is likely a compile time option. -- ~Lynn Avants Linux Embedded Firewall Project developer http://leaf.sourceforge.net --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Corrections to Creating a Firewall Using Dachstein
I was following the Creating a firewall using Dachstein document in http://leaf.sourceforge.net/pub/doc/guide/install-dachstein/ds-contents.html and I found a couple of bugs. As I haven't found a e-mail address to send bugs to, I thought I should share it... Creating a Firewall Using Dachstein Version 0.1 Modify your Firewall for a Static Internal IP Address http://leaf.sourceforge.net/pub/doc/guide/install-dachstein/ds-intstatic.html Step 14 refers to eth1_BROADCAST and it should refer to INTERN_NET. Step 15 refers to eth1_BROADCAST and it should refer to INTERN_IP. -- signature.asc Description: This is a digitally signed message part
Re: [leaf-user] uClibc udhcp package? and uClibc Bering problems
On Tuesday 04 February 2003 06:56 pm, Ping Kwong wrote: I'm running Bering-uClibc 1.1 and having some minor problems. First of all, I do have a request. Does anyone have a packaged udhcp.lrp for this distribution? I'm only aware of Lynn Avants' for LEAF in general and for specifically for Dachstein located in these places http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/leaf/devel/gui tarlynn/udhcp.lrp?rev=1.3 http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/*checkout*/leaf/devel/gui tarlynn/udhcp.lrp.dachstein?rev=1.3 , respectively. It is a slightly outdated (about 10mos) from the current source which is located here: http://udhcp.busybox.net/source/udhcp-0.9.8.tar.gz I went ahead and compiled the updated sources combined and seperate. I haven't tested any of them and I need to redo them to fix the default script files (or add command-line opts) to drop them in the existing package. The sizes come in at 19200 seperate and 30k combined. It doesn't appear to have much in the way of additions (other than a larger size). Is anyone having problems with the existing package? I don't have the environment to compile with uClibc, but it should compile with no problem from what I see. -- ~Lynn Avants Linux Embedded Firewall Project developer http://leaf.sourceforge.net --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] need to connect to corp sidewinder firewall
On Mon, 2003-02-03 at 06:47, Don Seiler wrote: I'm getting formatting errors with your emails. Pine says Formatting error: Non-hexadecimal character in QP encoding. So the second part of your response was cut off. Everyone, This is a known problem, and is being worked on by the SourceForge staff. If you have any additional information that may assist them in correcting the problem, please add a comment to the tracker below. Thanks. [ 652897 ] Master bug report: Tagline ads break MIME handling https://sourceforge.net/tracker/?func=detailatid=21aid=652897group_id=1 -- Mike Noyes mhnoyes @ users.sourceforge.net http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ http://sitedocs.sf.net/ http://ffl.sf.net/ --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Update of IPv6 packages
Hi, Just in case you're interested in IPv6 and LEAF. I have updated the ipv6 package on my page (http://www.xs4all.nl/~dorus/linux/leaf.html) with the netstat application. Furthermore ipv6 versions of the dnscache and tinydns packages are available. All apps are compiled against uClibc 0.9.15. For those not yet running Bering-uClibc a package with the necessary libraries is also provided. Comments are welcome. - Eric de Thouars --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] uClibc udhcp package? and uClibc Bering problems
I tried to use a package made by K.-P. Kirchdörfer based on your original package and I haven't had any luck on the client or the server end. The default configs weren't configured for Bering or even LEAF but after making some adjustments I didn't have any luck with it. -Ping -Original Message- I went ahead and compiled the updated sources combined and seperate. I haven't tested any of them and I need to redo them to fix the default script files (or add command-line opts) to drop them in the existing package. The sizes come in at 19200 seperate and 30k combined. It doesn't appear to have much in the way of additions (other than a larger size). Is anyone having problems with the existing package? I don't have the environment to compile with uClibc, but it should compile with no problem from what I see. -- ~Lynn Avants Linux Embedded Firewall Project developer http://leaf.sourceforge.net --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Log Interpretation Please
Feb 4 17:29:52 Nimrod kernel: Packet log: input REJECT eth1 PROTO=17 10.10.10.2:4813 10.0.0.14:161 L=84 S=0x00 I=58236 F=0x T=128 (#39) This is a machine broadcasting/requesting SNMP service. Are one of your boxes managing the ouside router or being polled for SNMP info? The only thing currently behind the firewall is an NT4 box for testing purposes. I checked it under control panel services for SNMP but there wasn't anything listed. Feb 4 17:30:11 Nimrod kernel: Packet log: input DENY eth0 PROTO=17 192.168.1.1:520 192.168.1.255:520 L=72 S=0x00 I=14429 F=0x T=48 (#38) Feb 4 17:30:37 Nimrod kernel: Packet log: input DENY eth0 PROTO=17 This is the RIP routing protocol. [snipped info.] RIP is harmless to you since it's blocked and the concern with SNMP on your internal machine lies in why it's running SNMP (and to where???). To stop logging these packets, find (all) the applicable places where these are DENY'ed are get rid of the -l (for logging) in the rule(s). I added: SILENT_DENY=17_192.168.1.1_520 to network.conf and that seemed to stop it from being logged. Is this fix okay to do? I tried: SILENT_DENY=17_10.10.10.2_161 but it didn't seem to do anything. Lynn's suggestion above is asking me to edit the ipfilters.conf file, right? Also, I'm now getting the following message in my logs that I wasn't getting before (at least I didn't notice them before): input DENY eth0 PROTO=17 0.0.0.0:68 255.255.255.255:67 L=338 S=0x00 I=0 F=0x T=128 (#5) --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
FW: [leaf-user] modules aren't loading at boot
Brad Mohan, I think you mean packages. Modules usually refers to the blah.o kernel modules that go in /lib/modules . Yes, of course. Sorry, it was a very late for me. http://leaf.sourceforge.net/devel/jnilo/bubooting.html#AEN1155 and read about using a lrpkg.cfg file instead of PKGPATH. (Even though lrpkg.cfg is described in the CD-ROM booting docs, it's not boot-media specific.) Sweet! fixed, it works!! Thanks for the quick comments. Might I suggest that this 255-character limit section be put into the IDE-hd and other media sections? Thanks again Peter --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Log Interpretation Please
Chris, On Wed, 05 Feb 2003 13:38:32 PST Chris Low wrote: Feb 4 17:29:52 Nimrod kernel: Packet log: input REJECT eth1 PROTO=17 10.10.10.2:4813 10.0.0.14:161 L=84 S=0x00 I=58236 F=0x T=128 (#39) This is a machine broadcasting/requesting SNMP service. Are one of your boxes managing the ouside router or being polled for SNMP info? The only thing currently behind the firewall is an NT4 box for testing purposes. I checked it under control panel services for SNMP but there wasn't anything listed. This is a WAG, but sometimes M$ machines will spew SNMP requests to printers they have configured. I suspect the SNMP service is a daemon that listens for requests, not an agent which polls SNMP-enabled devices. Is 10.10.10.2 the NT server's address? Do you recognize the 10.0.0.14 address? [RIP SILENT_DENY question snipped since I don't know the answer.] Also, I'm now getting the following message in my logs that I wasn't getting before (at least I didn't notice them before): input DENY eth0 PROTO=17 0.0.0.0:68 255.255.255.255:67 L=338 S=0x00 I=0 F=0x T=128 (#5) A machine on the network hooked to eth0 (typically the external interface) is requesting a DHCP lease. It doesn't have an address yet, so it uses the address 0.0.0.0 and broadcasts the request to everyone who is listening (255.255.255.255). HTH, Brad --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Log Interpretation Please
Thanks, Brad Feb 4 17:29:52 Nimrod kernel: Packet log: input REJECT eth1 PROTO=17 10.10.10.2:4813 10.0.0.14:161 L=84 S=0x00 I=58236 F=0x T=128 (#39) This is a machine broadcasting/requesting SNMP service. Are one of your boxes managing the ouside router or being polled for SNMP info? The only thing currently behind the firewall is an NT4 box for testing purposes. I checked it under control panel services for SNMP but there wasn't anything listed. This is a WAG, but sometimes M$ machines will spew SNMP requests to printers they have configured. I suspect the SNMP service is a daemon that listens for requests, not an agent which polls SNMP-enabled devices. Is 10.10.10.2 the NT server's address? Do you recognize the 10.0.0.14 address? Yep the NT's address is 10.0.0.2, the printer it would connect to when it was outside of the firewall had the static ip 192.168.1.11. I don't recognize the .14 address. The only other thing with a 10.10.10. address should be eth1 on the firewall, which is 10.10.10.254. input DENY eth0 PROTO=17 0.0.0.0:68 255.255.255.255:67 L=338 S=0x00 I=0 F=0x T=128 (#5) A machine on the network hooked to eth0 (typically the external interface) is requesting a DHCP lease. It doesn't have an address yet, so it uses the address 0.0.0.0 and broadcasts the request to everyone who is listening (255.255.255.255). Okay, so I can safely ignore it then. The machines outside of the firewall should all be getting their DHCP leases from our ISP's router. --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering, Diagnosing Weblet LRP status warnings
I have the following message Thu Feb 6 09:49:28 UTC 2003 firewall Firewall Status: error You have 438 denied or rejected packets in your recent packet logs. See the messages in the log files for details Or check the hits sorted by port or by IP adress and when I look at the log file this is what it has (excerpt) Feb 6 08:31:05 firewall kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:60:08:08:6d:f3:00:03:4b:ab:10:0e:08:00 SRC=144.134.250.37 DST=203.217.17.249 LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=41523 DF PROTO=TCP SPT=1146 DPT=3511 WINDOW=8192 RES=0x00 SYN URGP=0 Feb 6 08:31:08 firewall kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:60:08:08:6d:f3:00:03:4b:ab:10:0e:08:00 SRC=144.134.250.37 DST=203.217.17.249 LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=45107 DF PROTO=TCP SPT=1146 DPT=3511 WINDOW=8192 RES=0x00 SYN URGP=0 sorted by port hits port Service 42 1080 28 8080 webcache 28 6552 28 23 telnet sorted by ip address Hits IP-Adress Date 406 193.163.220.4 Feb 6 7 24.192.28.48 Feb 6 6 202.129.102.26 Feb 6 6 144.134.250.37 Feb 6 4 192.168.1.254 Feb 6 3 24.123.122.189 Feb 6 3 203.59.187.164 Feb 6 3 203.45.122.188 Feb 6 what does it mean?? am i being attacked or is it something in shorwall that I have not configured properly? Ta _ Tired of spam? Get advanced junk mail protection with MSN 8. http://join.msn.com/?page=features/junkmail --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] conf.modules or modules.conf on Bering RC3
Stephen, How do I use /etc/modules to do the following, like what conf.modules does: alias eth0 orinoco alias eth1 tulip alias eth2 ne2000 io=3e0 alias eth3 ne2000 io=2e0 Thanks. Newton --- Stephen Lee [EMAIL PROTECTED] wrote: On Tue, 2003-02-04 at 21:38, wing newton wrote: Greetings, I have tried both conf.modules and modules.conf on Bering RC3. It does not seem to be working ! Any hint ? I just want to bring up my wireless pcmcia orinoco as eth0 and my tulip pci ethernet as eth1. Is there an alternative way to do it in Bering ? Note that Bering RC3 automatically assign tulip as eth0 and pcmcia orinoco as eth1. Try /etc/modules. Better yet, use lrcfg and select Packages - Modules - Modules, edit that and then backup. Stephen --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] conf.modules or modules.conf on Bering RC3
On Wed, 2003-02-05 at 14:37, wing newton wrote: Stephen, How do I use /etc/modules to do the following, like what conf.modules does: alias eth0 orinoco alias eth1 tulip alias eth2 ne2000 io=3e0 alias eth3 ne2000 io=2e0 I don't think you can do it that way. I don't fully understand the ethx numbering scheme but it has something to do with their ordering in pci slots and possibly which module is called first in /etc/modules. Since the orinoco card is pcmcia (yes?) it will probably (guess on my part) be assigned eth0. According to the Bering docs, you are suppose to declare the orinoco module from the pcmcia package and not from /etc/modules. As for declaring io and irq values, see examples in /etc/modules. Stephen --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering, Diagnosing Weblet LRP status warnings
Hello Brian the actuall number of packet logs is not that important. for example edonky and programms like that make a lot connection trys Your summary shows that almost all connections came from 193.163.220.4 proxy-scanner.eris.dk The intersting thing would be to see what kind of packages the ones from or to this ip are. I have the following message Thu Feb 6 09:49:28 UTC 2003 firewall Firewall Status: error You have 438 denied or rejected packets in your recent packet logs. See the messages in the log files for details Or check the hits sorted by port or by IP adress and when I look at the log file this is what it has (excerpt) Feb 6 08:31:05 firewall kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:60:08:08:6d:f3:00:03:4b:ab:10:0e:08:00 SRC=144.134.250.37 DST=203.217.17.249 LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=41523 DF PROTO=TCP SPT=1146 DPT=3511 WINDOW=8192 RES=0x00 SYN URGP=0 token apart this means at feb 6 08:31:05 the Shorewall chain net2all DROP dropped a package comeing from the eth0 interface (IN=eth0) and was mend for the firewall ( OUT= ) (info on eth0 MAC=00:60:08:08:6d:f3:00:03:4b:ab:10:0e:08:00) The source addres from this package was: SRC=144.134.250.37 and the destination ( DST=203.217.17.249) which should have been your external ip at that moment. The protocoll was TCP the src port 1146 and the destination port 3511 further Package information : length 48 Type of service 00 Timetolive 120The syn bit was set so it was a start of communication ( LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=41523 DF PROTO=TCP SPT=1146 DPT=3511 WINDOW=8192 RES=0x00 SYN URGP=0 ) You should read now some of the denyed or dropped packages from the 193.163.220.4 host. It might seem that you have outgoing connections to this host that are blocked ( IN= resp OUT= ) and if the ports are changeing ( than it might be a scan) or that it is allways the same port that tries to connect ( for example with a configuration error) - hits port Service 42 1080 28 8080 webcache 28 6552 28 23 telnet sorted by ip address Hits IP-Adress Date 406 193.163.220.4 Feb 6 7 24.192.28.48 Feb 6 6 202.129.102.26 Feb 6 6 144.134.250.37 Feb 6 4 192.168.1.254 Feb 6 3 24.123.122.189 Feb 6 3 203.59.187.164 Feb 6 3 203.45.122.188 Feb 6 what does it mean?? am i being attacked or is it something in shorwall that I have not configured properly? good luck Eric Wolzak member of the bering crew --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering 1.0: ntpsimpl.lrp - Polling NTP Servers too frequently
Hi fellow LEAF'ers I was recently contacted by the admin of my NTP service who informed me that he had been receiving a large increase in NTP requests from various sources to his servers lately. (Note: I did contact him before I started using his service.) I've checked the documentation on http://www.eecis.udel.edu/~ntp/documentation.html but can't seem to find out where I can check (and decrease if necessary) the poll intervals.. does anyone know where I should be looking Also: Is it possible to use ntpdate to update my routers time once (say in the morning) and get ntpsimpl to look at the system (cmos) clock instead of polling the servers listed in ntpsimpl config files... If so, can someone point me in the right direction to achieving this I would be most appreciative.. Note: I've currently disabled ntpsimpl until I can resolve this issue Thanks Again!!! And Happy LEAF'ing 'Jay' --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] wisp-dist bld 2397 losing prism2_interrupt
I am currently using the soekris two slot boards and when I run two radio
cards at once I see two problems.
1. sometimes I get the following error in the /var/log/messages
Feb 5 15:16:10 HiGu{GeRh}-GaGr-OrCo-Ca-bsr0-AP1 kernel: netcs1:
prism2_interrupt: hw not ready; skipping events 0x8000
Feb 5 15:16:10 HiGu{GeRh}-GaGr-OrCo-Ca-bsr0-AP1 kernel: netcs1:
prism2_interrupt: hw not ready; skipping events 0x
This only happens when the card is in AP mode. All radio associations and
data stop. A restart fixes the problem until it happens again. I have had
a few units do this about once a month.
Also, it has only happened when using two radio cards at once
2. When trying to view the associations list, I can only view one card (
when both are in AP mode w/ different channels and essid's ).
both cards are working and radios are associating and traffic working.
But, in the /proc/net/prism2 directory I have two wlan0 listings. since
they are the same name, I cannot look at one of them. It appears the one I
can cd into is a race condition.So I cannot get to the second card's
settings.
Any ideas?
thanx
J.
---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering 2.4.20 kernel
Jaques (or someone with a working development environment), I'm in the middle of switching to the 2.4.20 kernel for Bering v1.0-stable but my development machine is down right now so I can't recompile the kernel at the moment. The Soekris Net4501 box needs the kernel compiled with the processor type specified at ELAN to fix a couple of known imcompatabilities with the elan chipset it uses (different clock frequencies and some other misc stuff). Can someone with a working development environment please recompile the 2.4.20 kernel with the necessary bering patches for the ELAN processor target and post it to sourceforge when they have the time? Thanks a bunch...Michael Bonner --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] uClibc udhcp package? and uClibc Bering problems
On Wednesday 05 February 2003 03:30 pm, Ping Kwong wrote: I tried to use a package made by K.-P. Kirchdörfer based on your original package and I haven't had any luck on the client or the server end. The default configs weren't configured for Bering or even LEAF but after making some adjustments I didn't have any luck with it. http://leaf.sourceforge.net This option added to the /etc/init.d/udhcpc file should correct the error: -s, --script=file Run file at dhcp events (default: /usr/share/udhcpc/default.script) So, find this change, and not the fix at the last option (NOTE- this is all one line): /usr/sbin/udhcpc -i $interface -H $HOSTNAME -n -p /var/run/udhcpc.pid \ $D_CLIENTNAME $D_ASK_IP -script=/etc/udhcpc.script --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering 1.0: ntpsimpl.lrp - Polling NTP Servers too frequently
Jay, On Thu, 06 Feb 2003 12:21:24 +1100 Jay Langford wrote: I was recently contacted by the admin of my NTP service who informed me that he had been receiving a large increase in NTP requests from various sources to his servers lately. (Note: I did contact him before I started using his service.) I've checked the documentation on http://www.eecis.udel.edu/~ntp/documentation.html but can't seem to find out where I can check (and decrease if necessary) the poll intervals.. does anyone know where I should be looking Not positive, but maxpoll: http://www.eecis.udel.edu/~ntp/ntp_spool/html/confopt.html might do what you want. Also: Is it possible to use ntpdate to update my routers time once (say in the morning) and get ntpsimpl to look at the system (cmos) clock instead of polling the servers listed in ntpsimpl config files... If so, can someone point me in the right direction to achieving this I would be most appreciative.. Again this is mostly speculation, but... Commenting out the server directives in ntp.conf should prevent ntpd from polling other servers. I assume (but you know what they say about that) ntpd uses the local system time when there are no external servers to consult. A line like: 04 20 * * * rootntpdate some.ntp.server hwclock --systohc in /etc/crontab will sync your system and hardware clocks with some.ntp.server every morning at 4:20am. --Brad --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Using a wireless router with LEAF (Dachstein, Bering)
Not sure if this is what you want to do but... I recently wanted to add some wireless nodes to my existing wired network. What I really needed was just an Access Point that I would hang off a drop in the middle of the house to get wireless service through the house. When I looked around the wireless routers were cheaper and more readily available the wireless access points so I bought one (D-Link). Since I didn't need the router functions thanks to LEAF I turned off DHCP serving, assigned it an IP on my network for management and plugged a cable from the my switch into one of the LAN ports and left the WAN port empty. It works fine as a access point and has three free ports I can use for the computer and PS2 near the access point. - Todd - Original Message - From: Peter Nosko [EMAIL PROTECTED] To: leaf [EMAIL PROTECTED] Sent: Tuesday, February 04, 2003 7:34 PM Subject: [leaf-user] Using a wireless router with LEAF (Dachstein, Bering) Hi all. What's the simplest way to go about this? I'd like to cut the tether to my notebook. Is it as simple as hooking up the router off the hub on my internal network and letting it create a separate subnet? Thanks. = - Peter Nosko ([EMAIL PROTECTED]) This is a good place for a tagline. __ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering uClibc - ulogd: load_plugins: /usr/lib/ulogd/ulog_*.so- File not found
Lynn Avants wrote: It sounds as if your shared libraries are compiled for a path that are NOT where the libraries are actually stored at on the LEAF box. This is likely a compile time option. The error message says: ... ulogd.c:449 load_plugins: /usr/lib/ulogd/ulogd_MYSQL.so - File not found and that's where all the plugins are: in /usr/lib/ulogd/. All plugins specified in ulogd.conf are loaded [BASE, LOGEMU,... those from ulogd-0.98/extensions directory], except MYSQL or PGSQL :( May be ulogd_MYSQL.so is not a shared library, although it looks like one :) Who knows ... Best regards, lwd. --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering 1.0: ntpsimpl.lrp - Polling NTP Servers too frequently
Jay At 12:21 06.02.2003 +1100, you wrote: Hi fellow LEAF'ers I was recently contacted by the admin of my NTP service who informed me that he had been receiving a large increase in NTP requests from various sources to his servers lately. (Note: I did contact him before I started using his service.) I've checked the documentation on http://www.eecis.udel.edu/~ntp/documentation.html but can't seem to find out where I can check (and decrease if necessary) the poll intervals.. does anyone know where I should be looking Also: Is it possible to use ntpdate to update my routers time once (say in the morning) and get ntpsimpl to look at the system (cmos) clock instead of polling the servers listed in ntpsimpl config files... If so, can someone point me in the right direction to achieving this I would be most appreciative.. I am not using ntpsimpl on my firewall but runing ntpd on an internal machine. This should not make a difference though. The ntpd normally does not put a heavy load on the uplink servers as the (default) minimum polling interval is 64s. So if you are running a ntpd on your Bering box that should be OK. All your other systems should now query your Bering system for time. That way your above stratum NTP server should be happy and the administrator will not complain. Cheers Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
