Re: [leaf-user] New to LEAF Bering, new a bit of direction
2) I needed to add another user to the system (myself) but su is not installed, so I can't su to root to do remote administration. How can I add additional tools such as su? There is no apt-get. Do I just find the source compile it and in 4K chunks add it? http://leaf.sourceforge.net/devel/cstein/Packages/Utilities.htm There is certainly no apt-get on this small of an OS. -- ~Lynn Avants Linux Embedded Firewall Project developer http://leaf.sourceforge.net --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Does Leaf support QOS ?
Hello ! Does Leaf support QOS ? And how do I enable/configure it? Thanx --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] New to LEAF Bering, new a bit of direction
David At 21:06 16.02.2003 -0700, you wrote: Hi All, I've just installed leaf Bering on 2 PC's. The are going to be firewalls/IpSec VPN tunnels for a friend, after a bit of stumbling I've managed to get them set up to boot from an IDE disk (later to be booted from flash). I read the install instructions and most of the user guide, any other suggestions on reading materials for the basic distro. I've not gotten to the firewall yet but the directions for that look pretty comprehensive. But I need to remotely manage these boxes. So I installed the entire family of packages for ssh, sshd, ssh-keygen, etc. I've gotten ssh working. This has generated a couple of questions for me (If tried to look in the archives of this list but the list archives are VERY slow, don't know if thats normal or just today). Anyway here come the questions, and help or directions to reading materials would be great: 1) There is very little room in / partition about 4 1K sectors. Each time I've filled up the 4 blocks and saved what I was doing and rebooted resulted in 4 more 1K sectors. How can I increase the space while I'm adding software and configuring things? It it truly a pain in the tail to reboot every 4K. This is a parameter you can set in syslinux.cfg, IIRC it is syst_size. Here is the line from my syslinux,cfg: default linux initrd=initrd.lrp init=/linuxrc root=/dev/ram0 boot=/dev/fd0u1680:msdos PKGPATH=/dev/cdrom:iso9660,/dev/fd0u1680:msdos LRP=root,etc,local,modules syst_size=10M 2) I needed to add another user to the system (myself) but su is not installed, so I can't su to root to do remote administration. How can I add additional tools such as su? There is no apt-get. Do I just find the source compile it and in 4K chunks add it? I belive the best thing you can do without adding su is to allow ssh using RSA authentication only for root. I would disable password authentication once the keys are set up. 3) I've never had to do host keys and the like for sshd. Any suggestions for how to generate the necessary keys to get sshd to run, right now it shuts down because it it's missing some basic host key stuff. This may be part of your distribution and transparent to you. If you installed sshkey.lrp the command is /usr/bin/makekey, it creates the necessary host keys for your LEAF firewall. HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Changes in WISP-Dist
Does the same thing happen with the latest image? Jim TerWee wrote about Re: [leaf-user] Changes in WISP-Dist: Setting up multiple mac addresses under the MAC Filter doesn't work. Has been this way for quite a while now just never got around to mentioning it before. If you just set one mac address it's fine if you change to use multiple mac's it will error out when the macs load Jim -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] VTUN for Bering
Hi, Does anybody know if there exists a VTUN.lrp package? It doesn't exist in the LRP/LEAF modules list, so I was wondering if anybody had tried it? A friend of mine wants me to join his VPN, but they don't use IPSec, they use VTUN :( Jim. --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Changes in WISP-Dist
Ok, I have take look and it seems to be working, showing signal levels etc. What is the problem that you experience? Vladimir I. wrote: wispdist wrote about Re: [leaf-user] Changes in WISP-Dist: I have build 2516 installed on two routers now and have found the wavemon seems to be broken. -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering v1.1 available
I couldn't agree with you more, Mike! Bering is a tremendous product and the support offered by you people (Jacques, Eric, Tom, Lynn, Jeff, etc., etc.) who really know this product, Linux, networking, etc. is fabulous. Thank you all so much for your efforts!!! Best Regards, Craig Caughlin -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jacques Nilo Sent: Sunday, February 16, 2003 1:50 PM To: leaf-user; [EMAIL PROTECTED] Subject: [leaf-user] Bering v1.1 available Check: http://leaf.sourceforge.net/article.php?sid=70 Jacques --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] m0n0wall vs. Bering
Hi all, Has anyone seen the release of m0n0wall for the net4501? I am quite impressed with the user interface, however depressed with the lack of control/customizability with it. Is there any sort of Web Configuration GUI in the works for Bering? I'm sure this question has been asked many times before. TIA...Steve --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Read-only Soekris type appliances for LEAF?
Hi folks, Are there any new Soekris type appliances for LEAF? I mean, I've seen previous posts to the group and it seems like these compact flash, etc. type devices have a disadvantage that floppy disk and CD versions of LEAF don't have...they can't be made read only. I like the svelte little enclosures, etc. but if they can't be made read-only, that seems like a disadvantage. I remember some people even attempting to modify some DOM or CF (I forget which), but has anyone had any success? Comments? Thanks, Craig --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] BellSouth.net ADSL - Which Image do you use?
Hello All! I'm wondering which image folks here are using with Bellsouth.net FastAccess service? I've been using the EigerStein2Beta contributed image from http://leaf.sourceforge.net/devel/cstein/contrib_disk_images.htm for quite some time now. I'm considering moving to a HDD bootable image, and am wondering if the group has any recommendations for upgrading or moving to a new image during this transition? Thanks All! Chris Hackett --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering v1.1 Winimage problems
Excited that 1.1 became available that same day that I needed to build new Baring system from scratch I quickly downloaded the winimage and started to successfully create disks. All went well until I tried to back-up the packages I'd altered. On every occasion it claimed the disks had got sector problems on just about every sector. It seems odd that such problems occurred only during the package back-up and not during the disk creation. Just to check, I've retried this operation several times with no problems with 1.0 on the same machine using the same batch of disks, but can replicate the problem every time with the 1.1 image. Any suggestions? Please. . . Adrian --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Secondary SMTP server for Bering
Hello! I need to build several secondary mail servers that I will be distributing around the city. I'm very happy with my LEAF boxes ( based on mini-ITX motherboards, small cases and *no* moving parts at all...) and I would like to use LEAF for this application as well. Does anyone have a suggestion for a simple and secure SMTP server package that can be easily set up to act as a secondary mail server for Bering? Thank you, Tim Massey --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Read-only Soekris type appliances for LEAF?
Craig Craig Caughlin wrote the following at 17:41 17.02.2003: Hi folks, Are there any new Soekris type appliances for LEAF? I mean, I've seen previous posts to the group and it seems like these compact flash, etc. type devices have a disadvantage that floppy disk and CD versions of LEAF don't have...they can't be made read only. I like the svelte little enclosures, etc. but if they can't be made read-only, that seems like a disadvantage. I remember some people even attempting to modify some DOM or CF (I forget which), but has anyone had any success? Comments? You can find my old DOM report at http://luna.think.ch/leaf/ADM else look into the archies [leaf-devel] write protected DOM/ADM http://www.mail-archive.com/leaf-devel@lists.sourceforge.net/msg05788.html HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Read-only Soekris type appliances for LEAF?
On Mon, 2003-02-17 at 08:41, Craig Caughlin wrote: Are there any new Soekris type appliances for LEAF? I mean, I've seen previous posts to the group and it seems like these compact flash, etc. type devices have a disadvantage that floppy disk and CD versions of LEAF don't have...they can't be made read only. I like the svelte little enclosures, etc. but if they can't be made read-only, that seems like a disadvantage. I remember some people even attempting to modify some DOM or CF (I forget which), but has anyone had any success? Comments? Craig, You may find this post to our devel list interesting. [leaf-devel] write protected DOM/ADM http://www.mail-archive.com/leaf-devel@lists.sourceforge.net/msg05788.html -- Mike Noyes mhnoyes @ users.sourceforge.net http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ http://sitedocs.sf.net/ http://ffl.sf.net/ --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] m0n0wall vs. Bering
Jaime, On Mon, 17 Feb 2003 18:48:57 GMT Jaime Nebrera Herrera wrote: Could you provide the link for m0n0wall?, I didnt know about this distribution. The URL is: http://neon1.net/m0n0wall/ The soekris-tech thread announcing the m0n0wall beta starts with: http://lists.soekris.com/pipermail/soekris-tech/2003-February/001836.html --Brad --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering v1.1 Winimage problems
Le Lundi 17 Février 2003 18:06, Adrian Wooster a écrit : Excited that 1.1 became available that same day that I needed to build new Baring system from scratch I quickly downloaded the winimage and started to successfully create disks. All went well until I tried to back-up the packages I'd altered. On every occasion it claimed the disks had got sector problems on just about every sector. It seems odd that such problems occurred only during the package back-up and not during the disk creation. Just to check, I've retried this operation several times with no problems with 1.0 on the same machine using the same batch of disks, but can replicate the problem every time with the 1.1 image. Adrian The only difference I see between 1.0 and 1.1 is that the 1.1 disk image is nearly full. So if you added extra stuff without some clean-up you could run into trouble. I have no problem here downloading the winimage exe file, creating the 1.1 1680K disk image, setting up the key parameters (modules, keymap and the like) and saving the corresponding packages. Any one from the list having similar problems ? Jacques --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] VTUN for Bering
Le Lundi 17 Février 2003 14:34, James Neave a écrit : Hi, Does anybody know if there exists a VTUN.lrp package? Yes. Check: http://leaf.sourceforge.net/devel/jnilo/packages/vtund.lrp Jacques It doesn't exist in the LRP/LEAF modules list, so I was wondering if anybody had tried it? A friend of mine wants me to join his VPN, but they don't use IPSec, they use VTUN :( Jim. --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Does Leaf support QOS ?
Le Lundi 17 Février 2003 09:55, Jeroen Steenhuis (Dutch Plating Power BV) a écrit : Hello ! Does Leaf support QOS ? And how do I enable/configure it? Bering does. Check Tom's page about traffic shapping http://www.shorewall.net/traffic_shaping.htm Bering 1.0 is compiled with htb2 support (needs to be added as an extra module) Bering 1.1 is compiled with htb3 (now provided with the 2.4.20 kernel) You will need the corresponding tc.lrp package. More info here: http://luxik.cdi.cz/~devik/qos/htb/ I am stiil looking for a volunteer to write a Bering user's guide chapter about traffic shaping :-) Jacques Thanx --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Testing dial-up modem
I'm new to LEAF, using Bering 1.1, and attempting to set it up for a serial modem (exterior), with two ethernet interfaces. I've got a booting distro, but there seems to be problems talking to the modem. While I learn about PPP, can someone point me to a way to verify the serial interface is actually detected, and is in fact talking to the modem? Thank you --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] m0n0wall vs. Bering
http://neon1.net/m0n0wall -Original Message- From: Jaime Nebrera Herrera [mailto:[EMAIL PROTECTED]] Sent: Monday, February 17, 2003 1:49 PM To: Bihari, Steve; '[EMAIL PROTECTED]' Subject: Re: [leaf-user] m0n0wall vs. Bering Hi, Has anyone seen the release of m0n0wall for the net4501? I am quite impressed with the user interface, however depressed with the lack of control/customizability with it. Is there any sort of Web Configuration GUI in the works for Bering? I'm sure this question has been asked many times before. Could you provide the link for m0n0wall?, I didnt know about this distribution. Thanks. -- Jaime Nebrera - [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] WISP-Dist
Did you try upgrading your card's firmware? What firmware do you use currently? What is the chipset - Prism2, Prism2.5? Something like this might happen during big load, especially with small packets. Unfortunately almost all 802.11b chipsets (ADM8211 is an exception) uses PIO which is very CPU-inefficient. Under big load everything gets really nasty (like lost interrupts) and I saw some similar problems with Cisco 350 cards. wispdist wrote: On another subject from time to time one of the radio cards stops responding resulting in an error msg that fills the /var/log/messages file the error msg contains: kernel: netcs1: prism2_interrupt: hw not ready; skipping events 0x This only happens with a card in AP mode and only when I am using both pcmcia slots ( 2-slot soekris boards ) I wrote a monitoring script that checks the /var/log/messages file once per minute for this error msg prism2_interrupt: hw not ready; skipping events and does the following if it is found cardctl suspend sleep 1 cardctl resume sleep 1 sleep 10 echo . /var/log/messages this last line clears the log file so this monitoring script does not go into a loop. This power-cycles the radio cards and everything starts working again. This without having to reboot the unit. J. -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Re: [leaf-devel] Bering v1.1 available
Only one word Jacques : BRAVO ! And many thanks, of course, to you and your team. Best Regards, Francois BERGERET, France. -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]De la part de Mike Noyes Envoyé : lundi 17 février 2003 04:01 À : Jacques Nilo Cc : leaf-user; [EMAIL PROTECTED] Objet : [leaf-user] Re: [leaf-devel] Bering v1.1 available On Sun, 2003-02-16 at 13:49, Jacques Nilo wrote: Check: http://leaf.sourceforge.net/article.php?sid=70 Jacques, Eric, Tom, and the rest of the people who make Bering possible; Thank you. I greatly appreciate the time and effort you put into Bering. -- Mike Noyes mhnoyes @ users.sourceforge.net http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ http://sitedocs.sf.net/ http://ffl.sf.net/ --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Update: Short term LEAF project goals
This is an unofficial message to let folks know what the short term goals are for the LEAF project, the hot topics being developed, just in case you're not monitoring the leaf-devel list. I wasn't asked to write this, but I figured it'd might help a bit. Please toss in your comments if you'd like. More communication is welcome. LEAF is a loose collection of kind people who share a common interest in embedded Linux. There's no top-down organization here, per se, but rather the following ideas are what people are most excited about and working on. They are listed in an order that likely denotes their place in our unoffical roadmap. The point here being that it'd be tough to build a GUI admin system when you know there's a new package system coming out shortly: 1) Central configuration database 2) Central package repository 3) New package system 4) GUI preconfig 5) GUI admin Central Configuartion Database This is a way of storing the variables and values that make your LEAF box unique, like your IP addresses, in one single location and making a new command, perhaps leaf-cdb, that is used to access the db. Values like IP, netmask,and hostname that are common across packages will be listed once. No more entering the same data 5 times across 5 packages! The current idea is to use a stucture similar to the linux /proc set of subdirectories. Another idea is to burp that structure out of an xml database, perhaps stored remotely. Simplicity is a main goal of this project, a goal that contrasts with XML to some extent, but XML may be essential for GUI admin. Central Package Repository === No more looking all over our website for packages. All of them will now be stored in a single repository. Probably still fat16 with 8.3 filenames. Not sure. New Package System == A new package system would use the new central-db to get it's values from. We are interested in making the packages a LOT smarter and making it possible to load them from remote locations. A smart package contains a manifest of all it's variables and all possible values, offering that information to and incorporating those into the central-db. The run-time files that each package uses, the ones we customize nowadays like /etc/dnscache/env/IP, will be generated at boot time in the future, similarly to the way the /etc/rc?.d directories are generated on the fly now. This packaging system will require each package to provide a template of it's dynamic files. Templates are like mad-libs. You get the values out of the db, and once you fill them in, it's funny. GUI Pre-rollout Config == We are thinking it'd be cool, if you wanted to, to download a fat CD of everything LEAF on it, burn the thing, and use it to build yourself a custom LEAF floppy. You'd do this before you rollout that floppy to the LEAF box. You could save your changes. You could upgrade to a new LEAF version seamlessly. We could make the pre-config program a Java GUI, a Python GUI, or a Web/Cgi thing. This is very dependant on new packages and a new central-db. GUI Admin === Everyone likes how weblet can show us information, but can we use it to administer our LEAF boxes? A lot of people would like to do something like that. But weblet/cgi requires a lot of shell scripts on the LEAF box. Plus there are security and space concerns. We are far away from settling anything on this or choosing the best app to use, but I have suggested a Java app rather than a weblet based approach. Python has also been suggested. Now the more capable one makes the GUI, the more it increases exponentially in complexity to build and use. We'll have to make sacrifices and assumptions about how easy this should be for users. Some tough decisions! But, if we used XML as the foundation of our central-db, then a Java or Python app could query that XML and generate the admin pages on the fly. No more changing the GUI because ntpdate added another variable. The GUI would just be written to create the fields and field-value options that the XML database told it to, on the fly. If the ntpdate package starts with a properly written manifest, everything else is automatic! That deserves a tiny w00t w00t. okey naw, matthew --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Update: Short term LEAF project goals
On Mon, 2003-02-17 at 10:39, Matt Schalit wrote: This is an unofficial message to let folks know what the short term goals are for the LEAF project, the hot topics being developed, just in case you're not monitoring the leaf-devel list. I wasn't asked to write this, but I figured it'd might help a bit. Please toss in your comments if you'd like. More communication is welcome. Matt, Very nice summary. Very nice indeed. :-) -- Mike Noyes mhnoyes @ users.sourceforge.net http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ http://sitedocs.sf.net/ http://ffl.sf.net/ --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bearing 1.1 winimage problems UPDATE
First of all - I want to support all the other comments on 1.1 release. I'm a huge fan and have a growing base of customers who love it. So on that basis I'm hopefully this is not a trivial finger issues on my part. My head is getting scrambled at this point, but I can't see that I'm doing anything wrong. Excited that 1.1 became available that same day that I needed to build new Baring system from scratch I quickly downloaded the winimage and started to successfully create disks. All went well until I tried to back-up the packages I'd altered. On every occasion it claimed the disks had got sector problems on just about every sector. Just to check, I've retried this operation several times with no problems with 1.0 on the same machine using the same batch of blank disks, but can replicate the problem every time with the 1.1 image. I've even redownloaded the image from multiple mirrors. I'm trying to load CD ROM support to load additional lrps from bigger medium. At this stage, all I'm doing is: $ mount -t msdos /dev/fd0 /mnt $ cp /mnt/*.o /boot/lib/modules/. $ umount /mnt $ lrcfg Option 3.2 to edit initrd modules file Nothing new is run at this stage, just simple used everyday commands. Returning to the backup package screen and attempting to back-up anything screws the floppy with sector errors everywhere. Help please. Adrian --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Update: Short term LEAF project goals
I'd also suggest a change in lrp packaging by which the modules required for a package to run is bundled with the lrp. Installing the lrp will also insmod the module automatically. A depmod kind of facility will make it easy to use/ configure LEAF. I just finished seeing monowall and the screenshots are great. It is just what I had in mind and Eric Wolzak has asked for ideas too. The monowall interface encapsulates most requirements. It may do good to invite Michael - the monowall author to participate here. Apart from what has been listed below, the GUI must have a webmin like definition to allow authors to write new package screens easily and confirm to a standard. If this is done, then changing themes will change the look and feel across all packages. We also need to look at SSL support if web based administration is contemplated. Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Matt Schalit Sent: Tuesday, February 18, 2003 12:10 AM To: [EMAIL PROTECTED] Subject: [leaf-user] Update: Short term LEAF project goals This is an unofficial message to let folks know what the short term goals are for the LEAF project, the hot topics being developed, just in case you're not monitoring the leaf-devel list. I wasn't asked to write this, but I figured it'd might help a bit. Please toss in your comments if you'd like. More communication is welcome. LEAF is a loose collection of kind people who share a common interest in embedded Linux. There's no top-down organization here, per se, but rather the following ideas are what people are most excited about and working on. They are listed in an order that likely denotes their place in our unoffical roadmap. The point here being that it'd be tough to build a GUI admin system when you know there's a new package system coming out shortly: 1) Central configuration database 2) Central package repository 3) New package system 4) GUI preconfig 5) GUI admin Central Configuartion Database This is a way of storing the variables and values that make your LEAF box unique, like your IP addresses, in one single location and making a new command, perhaps leaf-cdb, that is used to access the db. Values like IP, netmask,and hostname that are common across packages will be listed once. No more entering the same data 5 times across 5 packages! The current idea is to use a stucture similar to the linux /proc set of subdirectories. Another idea is to burp that structure out of an xml database, perhaps stored remotely. Simplicity is a main goal of this project, a goal that contrasts with XML to some extent, but XML may be essential for GUI admin. Central Package Repository === No more looking all over our website for packages. All of them will now be stored in a single repository. Probably still fat16 with 8.3 filenames. Not sure. New Package System == A new package system would use the new central-db to get it's values from. We are interested in making the packages a LOT smarter and making it possible to load them from remote locations. A smart package contains a manifest of all it's variables and all possible values, offering that information to and incorporating those into the central-db. The run-time files that each package uses, the ones we customize nowadays like /etc/dnscache/env/IP, will be generated at boot time in the future, similarly to the way the /etc/rc?.d directories are generated on the fly now. This packaging system will require each package to provide a template of it's dynamic files. Templates are like mad-libs. You get the values out of the db, and once you fill them in, it's funny. GUI Pre-rollout Config == We are thinking it'd be cool, if you wanted to, to download a fat CD of everything LEAF on it, burn the thing, and use it to build yourself a custom LEAF floppy. You'd do this before you rollout that floppy to the LEAF box. You could save your changes. You could upgrade to a new LEAF version seamlessly. We could make the pre-config program a Java GUI, a Python GUI, or a Web/Cgi thing. This is very dependant on new packages and a new central-db. GUI Admin === Everyone likes how weblet can show us information, but can we use it to administer our LEAF boxes? A lot of people would like to do something like that. But weblet/cgi requires a lot of shell scripts on the LEAF box. Plus there are security and space concerns. We are far away from settling anything on this or choosing the best app to use, but I have suggested a Java app rather than a weblet based approach. Python has also been suggested. Now the more capable one makes the GUI, the more it increases exponentially in complexity to build and use. We'll have to make sacrifices and assumptions about how easy this should be for users. Some tough decisions! But, if we used XML as the foundation
Re: [leaf-user] Bearing 1.1 winimage problems UPDATE
On Monday 17 February 2003 01:12 pm, Adrian Wooster wrote: First of all - I want to support all the other comments on 1.1 release. I'm a huge fan and have a growing base of customers who love it. Glad to hear it! Excited that 1.1 became available that same day that I needed to build new Baring system from scratch I quickly downloaded the winimage and started to successfully create disks. All went well until I tried to back-up the packages I'd altered. On every occasion it claimed the disks had got sector problems on just about every sector. Just to check, I've retried this operation several times with no problems with 1.0 on the same machine using the same batch of blank disks, but can replicate the problem every time with the 1.1 image. I've even redownloaded the image from multiple mirrors. I'm trying to load CD ROM support to load additional lrps from bigger medium. At this stage, all I'm doing is: $ mount -t msdos /dev/fd0 /mnt $ cp /mnt/*.o /boot/lib/modules/. $ umount /mnt $ lrcfg Option 3.2 to edit initrd modules file Check what the desitination of the backup is. The default is probably not the media your attempting to backup to. There is a huge difference to the backup program between fd0 (1440) and fd0u1680 floppy format sizes. -- ~Lynn Avants Linux Embedded Firewall Project developer http://leaf.sourceforge.net --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: LEAF/LRP
Malek Peter Ghantous wrote: Hi, Thanks for your site! We now have an LRP box acting as a gateway to our Telstra ADSL line - but I have a question! First I should tell you that we're using the Eigerstein2Beta image with pppoe contributed by Kenneth Hadley (I tried contacting him at the link but it didn't work). I installed the module for our intel etherexpresspro100 cards and configured the adsl and left it at that. Now here's my question: do we actually have a firewall running? I did NOT select firewall in the adsl-setup program because I assumed that the LEAF disk image already had one configured. I know all the necessary software is there (ipchains etc) but I'd like to know whether or not firewalling is active or not, and Kenneth didn't really mention it in his very short instruction file. (As a matter of fact I had to go through several other files to know what to do, but his image was the only one that actually worked!) I'd rather not select firewalling from the adsl-setup program if possible as I've had trouble connecting when it has been turned on. If you could clarify this (even with a yes or no) I would be very grateful. I'm pretty sure you have a firewall, but I haven't tried Kenneth's image personally, and you'll want to verify this for yourself anyway. Run net ipfilter list at the command line, and you'll get a list of the currently installed IPChains rules, along with currently implemented port-forwarding settings. This will verify you have a firewall running, and allow you to analyze it's characteristics, to see if it is doing what you want. Alternatively, you can directly run ipchains -nvL, and get just the firewall rules, without the port-forwarding information. -- Charles Steinkuehler [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Secondary SMTP server for Bering
[EMAIL PROTECTED] wrote: Charles Steinkuehler [EMAIL PROTECTED] wrote on 02/17/2003 02:10:51 PM: You'll also need some sort of non-volitle memory (hdd, flash, etc) for a mail queue. Note that flash tends to be quite slow on writes, which could be a problem for a mail queue (depnding on how much traffic you get), but you should have no problem with using a small HDD. My plan was to use a 128MB Flash drive. Volume will be low (maybe 25-50 messages an hour) and because these are backup mail servers, I should not depend on them except when the primary server is down. 128MB should be plenty of storage space, even if the primary server is down for some time. I didn't think that flash would be a problem in this situation. In your opinion, will it? I would definately test this before relying on it in production, and I think it will depend a lot on exactly which flash product you use. Some flash drives can stall for several seconds at a time (or more) while doing garbage collection. -- Charles Steinkuehler [EMAIL PROTECTED] --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Cisco VPN client through (Dachstein) LRP
On Monday 17 February 2003 11:16 am, [EMAIL PROTECTED] wrote: Lynn, I added the rules you suggested. The net ipfilter list output is added at the end of this email. Still no connection. It all helps and thanks for your input. At least now I know how to export the output of 'net ipfilter list'. Protocol 51 is still not open, but you have opened proto 47 (GRE). Are you running a PPTP tunnel as well (Uses GRE)? I know that someone reported needing to open GRE to make an IPSec connection to a Cisco box, but I really doubt it since GRE is not a part of the IPSec protocol in any RFC that exists. The problem that particular person had was entering the wrong username/password IIRC. Send a copy of your /etc/network.conf file and I'll see if I can fix it for you (off-list). There is something in there that isn't right. Where exactly is this error coming from? Not the LEAF box, correct! Correct, these messages came from the Cisco client log. Ok, so your initializing the connection to the Cisco, but the replies from the Cisco don't get back to your LAN machine. There should be denied packets in your Dachstein logs if this is the case. Chain input (policy DENY: 2 packets, 726 bytes): pkts bytes target prot opttosa tosx ifname mark outsize sourcedestination ports 0 0 ACCEPT udp -- 0xFF 0x00 eth0 0.0.0.0/0 0.0.0.0/0 * - 500 0 0 ACCEPT 50 -- 0xFF 0x00 eth0 0.0.0.0 12.237.136.59 n/a 0 0 ACCEPT 47 -- 0xFF 0x00 eth0 0.0.0.0 Masq-ed 0.0.0.0/0 500 - * PortFW: prot localaddrrediraddr lportrport pcnt pref UDP 12.237.136.59192.168.1.3 500 500 1010 Other than that I can't say, unless there is something Cisco-specific that I am not aware of. I would check your logs for a denied packet or two from the Cisco VPN end-point. -- ~Lynn Avants Linux Embedded Firewall Project developer http://leaf.sourceforge.net --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Changes in WISP-Dist
Sure does The message you get is iwconfig netcs0 mode Master [: customer2: unexpected operator iwpriv netcs0 maccmd 1 What I did in this case was just uncomment the two examples you had in the ethers file Also on the wavemon I see the following error netcs0 (WE) : Buffer for request 8B0B too small (0436) fatal error: could not get range information Jim TerWee Does the same thing happen with the latest image? Jim TerWee wrote about Re: [leaf-user] Changes in WISP-Dist: Setting up multiple mac addresses under the MAC Filter doesn't work. Has been this way for quite a while now just never got around to mentioning it before. If you just set one mac address it's fine if you change to use multiple mac's it will error out when the macs load Jim -- Best Regards, Vladimir Systems Engineer (RHCE) --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Jim TerWee | Our capacity for understanding is [EMAIL PROTECTED] | inversely proportional to how Invisimax| much we think we know. The more I | know, the more I don't know! --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bearing 1.1 winimage problems UPDATE
Adrian, As Jaques already mentioned check your space. I was able to recreate your issue based on not having enough space on the diskette to fit the ide-* modules. After removing ppp.lrp pppoe.lrp and pump.lrp ( I have static IP addresses, don't remove if you need dhcp client support ). I had plenty of room for the ide modules and no more supposed bad sectors. Best, Steve On Mon, 2003-02-17 at 12:12, Adrian Wooster wrote: First of all - I want to support all the other comments on 1.1 release. I'm a huge fan and have a growing base of customers who love it. So on that basis I'm hopefully this is not a trivial finger issues on my part. My head is getting scrambled at this point, but I can't see that I'm doing anything wrong. Excited that 1.1 became available that same day that I needed to build new Baring system from scratch I quickly downloaded the winimage and started to successfully create disks. All went well until I tried to back-up the packages I'd altered. On every occasion it claimed the disks had got sector problems on just about every sector. Just to check, I've retried this operation several times with no problems with 1.0 on the same machine using the same batch of blank disks, but can replicate the problem every time with the 1.1 image. I've even redownloaded the image from multiple mirrors. I'm trying to load CD ROM support to load additional lrps from bigger medium. At this stage, all I'm doing is: $ mount -t msdos /dev/fd0 /mnt $ cp /mnt/*.o /boot/lib/modules/. $ umount /mnt $ lrcfg Option 3.2 to edit initrd modules file Nothing new is run at this stage, just simple used everyday commands. Returning to the backup package screen and attempting to back-up anything screws the floppy with sector errors everywhere. Help please. Adrian --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Using a wireless router with LEAF (Dachstein, Bering)
On Mon, 10 Feb 2003 23:38:29 -0500 Peter Nosko [EMAIL PROTECTED] wrote pn] Thanks Ray, Lynn and Todd for your replies! pn] Yes, what I want is simply an access point for my notebook PC. Not just to be more mobile in the house, but one of the few irritants with my notebook is that the NIC connector on the left side near the front. What a PITA. pn] Todd, you mentioned you did this with a D-Link model. The Linksys has a WAN port, 4 LAN ports and an uplink port (shares port 4). Is this similar to yours? Are you saying that I can just connect my current laptop connector into one of the LAN ports and it will act as a hub with wireless access? I didn't see any notes about this in the users guide. pn] One last concern (paranoia) of mine is (of course) security. I want to be reasonably certain no one else can connect (I'm in an apartment-style condo) to this access point or monitor the wireless traffic. A separate subnet that can't get to my internal network would make the connection effectively useless for me too. pn] I'm not as concerned about a slight price difference. Is anyone here using the D-Link DLINK XTREME G WIRELESS ACCESS POINT 11G DWL2000AP with the DLINK XTREME G WIRELESS ACCESS POINT 11G DWL2000AP? Do you trust the security provided by it? pn] TIA for feedback. I had some extra Cisco cards laying around, so I stuck on of them in my Bering box.. Gave it a diferent subnet and used the MAC authentication in Shorewall... I haven't played with sniffing yet to see how secure it is... I am using WEP, for what it's worth.. If I need it more secure, I'll just IPSec the connection... It's just the kids surfing the net, so I'm not overly worried about the sniffing, just the neighbors stealing my bandwidth... --- Homer Parker /\ ASCII Ribbon Campaign \ / No HTML/RTF in email http://www.homershut.net x No Word docs in email telnet://bbs.homershut.net/ \ Respect for open standards Bill Gates reports on security progress made and the challenges ahead. -- Microsoft's Homepage, on the day an SQL Server bug crippled large sections of the Internet. msg13160/pgp0.pgp Description: PGP signature
