Re: [leaf-user] IDE HD only for booting and switch to standby
- Original Message - From: Ronny Aasen [EMAIL PROTECTED] To: Dietmar Gaar [EMAIL PROTECTED] Subject: Re: [leaf-user] IDE HD only for booting and switch to standby I do exactly this. i copy hdparm from my redhat 80 workstation to /sbin/hdparm on my bering and add a line in /etc/init.d/rmnologin that say /sbin/hdparm -y /dev/hda --cut-- Hi, thanks for you answer. I´ve tried your solution with an new Bering 1.1 Disk - it works great ;-) My Problem is that my live-system is a Bering uClibc Disk and i was not able to find a compiled uClibc hdparm-binary nor have a clue how to do this without creating a whole development environment ;-) regards, Dietmar -- +++ GMX - Mail, Messaging more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] [bug] Dachstein with IPSEC image
Maybe it will help anyone else. I've had problems with using the dachstein image with ipsec that's on http://lrp.steinkuehler.net/contrib_disk_images.htm Problem The situation where it failed was on creating a firewall that would access the internet with NAT (aka masquerading) and another network through IPsec (non masqueraded). I wanted to use the configuration IPFILTER_SWITCH=firewall with the IPsec tunnel. It wouldn't work. From the logs on both firewalls the tunnel was created but no traffic went through. Solution I checked the rules and, after a lot of tweaking, I discovered that I needed to add rules to ipchains to allow forwarding between the subnets behind the firewalls. In my specific case the networks were: 192.168.0.0/16 and 192.168.31.0/24. So I created the file /etc/ipchains.forward with the following content: ipchains -I forward 2 -s 192.168.0.0/16 -d 192.168.31.0/24 -j ACCEPT ipchains -I forward 3 -s 192.168.31.0/24 -d 192.168.0.0/16 -j ACCEPT Well, this is just in case it can be useful for anyone else. I have no idea how to do it, but should this be integrated on the image configuration ? -- João Miguel Neves signature.asc Description: This is a digitally signed message part
RE: [leaf-user] IDE HD only for booting and switch to standby
Does this mean I can use any RH8.0 586 utility binary freely with Bering so long as the modules are already loaded? I could figure out modules required using depmod - can't I? Mohan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dietmar Gaar Sent: 20 February 2003 16:10 To: [EMAIL PROTECTED] Subject: Re: [leaf-user] IDE HD only for booting and switch to standby - Original Message - From: Ronny Aasen [EMAIL PROTECTED] To: Dietmar Gaar [EMAIL PROTECTED] Subject: Re: [leaf-user] IDE HD only for booting and switch to standby I do exactly this. i copy hdparm from my redhat 80 workstation to /sbin/hdparm on my bering and add a line in /etc/init.d/rmnologin that say /sbin/hdparm -y /dev/hda --cut-- Hi, thanks for you answer. I´ve tried your solution with an new Bering 1.1 Disk - it works great ;-) My Problem is that my live-system is a Bering uClibc Disk and i was not able to find a compiled uClibc hdparm-binary nor have a clue how to do this without creating a whole development environment ;-) regards, Dietmar -- +++ GMX - Mail, Messaging more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Changing /dev/root Size
Hi All, I'm not too familiar with initrd or Bering (yet). Does anyone know how to change the tmpfs from the default 6MB. I am running out of space on /dev/root and need to increase it. TIASteve --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Cable modem ip change hangs system
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jonathan_Portwood Sent: Wednesday, February 19, 2003 5:38 PM To: [EMAIL PROTECTED] Subject: RE: [leaf-user] Cable modem ip change hangs system Using pump - if my ip changed or I manually released it, I couldn't renew it. Pump failed everytime. It only worked on boot up and when it automatically renewed a lease after 12 hours. Then I realized I was using ipsec. When I released my ip - eth0 would be released, but ipsec0 wouldn't. That's because I cheated using ipsec with a dynamic ip - assigning it %defaultroute in the config files. Good to at least hear someone else has had this problem. However, I'm not using ipsec. I also switched to dhclient at the same time. So, I brought down ipsec and was able to renew/release with dhclient all day long. So, I cheat again - and if dhclient determines my ip has changed - I just restart ipsec. I haven't tested with pump, but I suspect that my ipsec0 was really causing havoc when my eth0 lost its ip. I think I could go back to pump if I just don't use ipsec. You might try using dhclient - some people say that one or the other works better with certain dhcp servers. In my case it seems to work ok for me. I was thinking of trying dhclient too, since I'm booting Bering from a hard disk and space is not a problem. I've read somewhere that some old versions of pump had trouble getting an ip from Roadrunner, but I assumed those problems had been fixed. Who knows - problems like this are very hard to track down. Jim --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
AW: [leaf-user] Changing /dev/root Size
I'm not too familiar with initrd or Bering (yet). Does anyone know how to change the tmpfs from the default 6MB. I am running out of space on /dev/root and need to increase it. That's probably the most FAQ here :-) Use the syst_size parameter, see http://leaf.sourceforge.net/devel/jnilo/biaddrm.html#AEN632 - Alex --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] [bug] Dachstein with IPSEC image
João Miguel Neves wrote: Solution I checked the rules and, after a lot of tweaking, I discovered that I needed to add rules to ipchains to allow forwarding between the subnets behind the firewalls. In my specific case the networks were: 192.168.0.0/16 and 192.168.31.0/24. So I created the file /etc/ipchains.forward with the following content: ipchains -I forward 2 -s 192.168.0.0/16 -d 192.168.31.0/24 -j ACCEPT ipchains -I forward 3 -s 192.168.31.0/24 -d 192.168.0.0/16 -j ACCEPT Well, this is just in case it can be useful for anyone else. I have no idea how to do it, but should this be integrated on the image configuration ? The default firewall scripts have hooks to call custom code if you need to do something not possible with just the /etc/network.conf variables. With a default Dachstein system, you could simply put the rules above into /etc/ipchains.forward, and your custom rules will be added automatically when reloading the firewall rules. Note you can also use the -b switch (bidirectional) to ipchains to reduce the above to a single rule, and in the /etc/ipchains.forward file, you should probably use the predefined IPCH environment variable, resulting in: $IPCH -I forward -j ACCEPT -s 192.168.0.0/16 -d 192.168.31.0/24 -b This is how I add the required forwarding rules to my firewall, but if the rule is simply for your VPN connection, you can specify the [left|right]firewall=yes setting in your ipsec connection definition, and the ipsec scripts will automatically add the required forwarding rules when the connection is brought up. This might be required if (for example) you had public IP's on both sides of the VPN link, and didn't want traffic going across the 'net unencrypted until the VPN tunnel comes up. With private IP's, this isn't as much of an issue (the default Dachstein firewall will prevent any private IP traffic from leaving the firewall unless it's tunneled through something like ipsec). Also, if you use the [left|right]firewall setting in ipsec.conf, you have to stop ipsec if you want to modify your firewall rules, ie: svi ipsec stop net ipfilter reload svi ipsec start Which is one nice thing about using ipchains.forward to implement the forwarding rules, you can simply net ipfilter reload to change firewall rules, and your IPSec link will continue to work. -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Changing /dev/root Size
Wow! That was easy. Thanks ! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Alex Rhomberg Sent: Thursday, February 20, 2003 8:45 AM To: Steve Bihari; [EMAIL PROTECTED] Subject: AW: [leaf-user] Changing /dev/root Size I'm not too familiar with initrd or Bering (yet). Does anyone know how to change the tmpfs from the default 6MB. I am running out of space on /dev/root and need to increase it. That's probably the most FAQ here :-) Use the syst_size parameter, see http://leaf.sourceforge.net/devel/jnilo/biaddrm.html#AEN632 - Alex --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] newbie question.
Hello there. I have a quick newbie question here. I would just like to know the CLI Command that I use to show the output below. I am assuming that it is some variation of Ip addr . Thanks in advance. What command will give me this output that I see in weblet? 1: lo: mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 RX: bytes packets errors dropped overrun mcast 93612 0 0 0 0 TX: bytes packets errors dropped carrier collsns 93612 0 0 0 0 2: dummy0: mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 0 00 0 0 0 TX: bytes packets errors dropped carrier collsns 0 00 0 0 0 3: eth0: mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:01:02:bf:93:54 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 56930223 943192 0 0 0 0 TX: bytes packets errors dropped carrier collsns 215592 1956 0 0 0 12 4: eth1: mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:01:03:de:b2:25 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 907155 117560 0 0 0 TX: bytes packets errors dropped carrier collsns 21208576348 0 0 0 0 --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] newbie question.
Troy Aden wrote: What command will give me this output that I see in weblet? 1: lo: mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 RX: bytes packets errors dropped overrun mcast 93612 0 0 0 0 TX: bytes packets errors dropped carrier collsns 93612 0 0 0 0 ip -s link show -Tom -- Tom Eastep\ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] newbie question.
Hello Troy Hello there. I have a quick newbie question here. I would just like to know the CLI Command that I use to show the output below. I am assuming that it is some variation of Ip addr . almost correct ;) #ip -s link show the -s option includes the statistics Eric Wolzak member of the Bering Crew --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Shorewall Web GUI
I know this question has probably been posted many times before, but I can't seem to find any solution out there. Does anyone know if there is a publicly available Web-based GUI for shorewall? If so, what's a good one to use? TIA...Steve --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Update: Short term LEAF project goals
Lynn Avants wrote: I just didn't know how tunneling methods were integrated into Java other than possibly a call built-into the source. I think I'm back to my previous question, aren't these tunnel programs run as seperate apps from the GUI? What I mean is, there aren't any applications out there that need to know or be configured to use an encrypted tunnel, they just open a socket like they normally do. The tunnel is created in advance of the GUI ever running, isn't that the idea, and the GUI never knows about it. I may be wrong, but unless there's a decision to use the built-in java SSL or SSH calls as versus a seperate tunnel, java doesn't have a role in the security aspect. regards, matthew --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Shorewall Web GUI
Bihari, Steve wrote: I know this question has probably been posted many times before, but I can't seem to find any solution out there. So you were looking for information about Shorewall and didn't consult the Shorewall FAQ?? (http://www.shorewall.net/FAQ.htm) -- your question is FAQ #12. Does anyone know if there is a publicly available Web-based GUI for shorewall? If so, what's a good one to use? The latest Webmin version supports Shorewall (http://www.webmin.com) but Webmin under Bering is a tall order given the Perl requirement. -Tom -- Tom Eastep\ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] IDE HD only for booting and switch to standby
Hi Dietmar, My Problem is that my live-system is a Bering uClibc Disk and i was not able to find a compiled uClibc hdparm-binary nor have a clue how to do this without creating a whole development environment ;-) I can give it a shot tomorrow evening (CET). I've made the hdsupp package (with fdisk and so on) for bering uClibc, and I guess hdparm would fit in there too (as I recall, we even discussed that among the uClibc developers, but decided against putting that in, since we didn't see much use for it (none of us is using real HDs, only CF discs, which is probably why we didn't see much use for it.)) I'll let you know when I have a binary (I'm afraid I won't be able to test it, since none of my uClibc boxes have a harddisk). Martin --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Need advice on wireless LAN segment
Folks- I am currently using Bering to protect a simple home LAN: Internet | ADSL | Bering | Hub | | PCs (2: 1 Win 1 Lin) I have to move my Linux machine into a room that has no easy way to get Cat 5 to it. I'm thinking about getting a couple of Linksys wireless ethernet bridges and using their point-to-point capability to connect the Linux box to the LAN and to disallow other (bad boyz) to attach. [Or so the brochure would have me believe.] My first shot at it looks like this: Internet | ADSL | Bering | Hub --- WET11 . . . WET11 --- PC(Lin) | PC (Win) Assuming this works, how can I encrypt all the traffic across that link? Is IPSec a reasonable solution here? Does the LAN-attached WET11 need to be hung off the Bering box instead of the hub? (The FreeS/WAN documentation has about two sentences that apply to this situation and it shows a gateway machine on the LAN side.) Would IPSec encrypt *all* the ethernet chatter on the link (as, I guess, WEP does) or just that associated with a particular session with another box on the LAN? -John __ Do you Yahoo!? Yahoo! Tax Center - forms, calculators, tips, more http://taxes.yahoo.com/ --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Shorewall Web GUI
Hello Steve I know this question has probably been posted many times before, but I can't seem to find any solution out there. Does anyone know if there is a publicly available Web-based GUI for shorewall? If so, what's a good one to use? I have an alpha weblet version that among others supports parts of shorewall rules, masq, zones and interfaces. But take care this uses Get and the weblet has to run as root to change some of the settings As we are trying to update the configuration database, the weblet will be also changed So no guarantee ;) http://leaf.sourceforge.net/devel/ericw/bering/weblet.lrp some information about the change of the setting in inetd you can find at my site http://leaf.sourceforge.net/devel/ericw Regards Eric Wolzak member of the bering Crew --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] IDE HD only for booting and switch to standby
Martin Hejl wrote: I can give it a shot tomorrow evening (CET). I've made the hdsupp package (with fdisk and so on) for bering uClibc, and I guess hdparm would fit in there too (as I recall, we even discussed that among the uClibc developers, but decided against putting that in, since we didn't see much use for it (none of us is using real HDs, only CF discs, which is probably why we didn't see much use for it.)) I'll let you know when I have a binary (I'm afraid I won't be able to test it, since none of my uClibc boxes have a harddisk). You should be able to test it. hdparm will dump a report on pretty much any IDE device. While you won't be able to test spinning down your flash disk, you can run lots of other tests. I personally find hdparm useful for any system running IDE devices, if for nothing else than to verify IDE modes, dma usage (or not), read-ahead, multi-sector operation, and the speed tests. All of these should work on pretty much any IDE device, not just a mechanical hard-disk. -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Shorewall Web GUI
I forgot to mention that, yes, I was aware of the Webmin version :) -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 20, 2003 1:54 PM To: Bihari, Steve Cc: '[EMAIL PROTECTED]' Subject: Re: [leaf-user] Shorewall Web GUI Bihari, Steve wrote: I know this question has probably been posted many times before, but I can't seem to find any solution out there. So you were looking for information about Shorewall and didn't consult the Shorewall FAQ?? (http://www.shorewall.net/FAQ.htm) -- your question is FAQ #12. Does anyone know if there is a publicly available Web-based GUI for shorewall? If so, what's a good one to use? The latest Webmin version supports Shorewall (http://www.webmin.com) but Webmin under Bering is a tall order given the Perl requirement. -Tom -- Tom Eastep\ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Shorewall Web GUI
Thanks so much ! -Original Message- From: Eric Wolzak [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 20, 2003 3:03 PM To: Bihari, Steve; [EMAIL PROTECTED] Subject: Re: [leaf-user] Shorewall Web GUI Hello Steve I know this question has probably been posted many times before, but I can't seem to find any solution out there. Does anyone know if there is a publicly available Web-based GUI for shorewall? If so, what's a good one to use? I have an alpha weblet version that among others supports parts of shorewall rules, masq, zones and interfaces. But take care this uses Get and the weblet has to run as root to change some of the settings As we are trying to update the configuration database, the weblet will be also changed So no guarantee ;) http://leaf.sourceforge.net/devel/ericw/bering/weblet.lrp some information about the change of the setting in inetd you can find at my site http://leaf.sourceforge.net/devel/ericw Regards Eric Wolzak member of the bering Crew --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: Java and encrypted tunnels for LEAF configuration
On Thu, 20 Feb 2003 10:28:29 PST Matt wrote: Lynn Avants wrote: I just didn't know how tunneling methods were integrated into Java other than possibly a call built-into the source. I think I'm back to my previous question, aren't these tunnel programs run as seperate apps from the GUI? I suppose you could just use a native stunnel, lsh/ssh, putty/plink, or zebedee binary to setup the tunnel and then send standard Java socket communications over that tunnel. A more platform independent, and arguably more elegant, solution would be to use the Java TLS, SSH2, or Zedebee libraries to do it all in Java. Here are links for the java libraries that support those protocols: SSL/TLS: Bundled with v1.4 and available as an add-on for earlier JREs. http://java.sun.com/products/jsse/ SSH2: JCraft's JSch http://www.jcraft.com/jsch/ Zedebee: jzbd http://sourceforge.net/projects/zebedee These libraries should make it straightforward to create the client-side portion of a platform-independent application or (signed) applet for remotely configuring a LEAF server. aside Personally, I am more interested in a platform-independent tool for pre-deployment configuration...if I ever find the time and motivation simultaneously, I hope to write one. /aside --Brad --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Telnet question
Hi I am trying to install telnet on my bering 1.0 box. I have got the Telnet.lrp package installed, i have setup inetd.conf and securetty. When I try to telnet in I get a message saying error in loading shared libraries and libncurses.s0.4: cannot open sgared object file: no such file or directory And then the client disconects. Any thoughts/ideas? Cheers Jon 1395WU/2.12yrs --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Telnet question
On Thu, 20 Feb 2003, Jon Aubrey de Lavenu wrote: Hi I am trying to install telnet on my bering 1.0 box. Obligatory security warning: Telnet (the client) is a useful tool for poking at cleartext protocols. Using it for anything else is pointless... ssh is so much more flexible and secure that telnet is obsolete for normal communication needs. I don't think it is wise to equip a firewall to poke at cleartext protocols, but some people might. I have got the Telnet.lrp package installed, Where did the package come from? Was it http://leaf.sourceforge.net/devel/thc/files/kwarchive/telnet.lrp? i have setup inetd.conf and securetty. That is confusing. Those need to be setup on the machine you are connecting TO, not the machine you are connecting FROM. When I try to telnet in I am assuming from Bering to something inside your network... I get a message saying error in loading shared libraries and libncurses.s0.4: cannot open sgared object file: no such file or directory Well, it looks like you should find libncurses. Have you looked at the bottom of the page at http://leaf.sourceforge.net/devel/thc/files/kwarchive/? And then the client disconects. It is not clear that the client ever attempted to connect. Any thoughts/ideas? I am confused, and am hoping you will just use ssh. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering/Shorewall and alias interfaces
Hello all, I have managed to set a virtual/alias interface in the Bering distrib but shorewall complains and tells me that I have an illegal character in the interface and says no aliases. IS there a way around this... Cheers --- Thomas Fischer, MCSE mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Apple, WinNT, e-Mail, Groupware mailto:[EMAIL PROTECTED] --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering Kernel Source?
Thanks Peter, Just one more question: I've downloaded the source for kernel 2.4.20 from kernel.org. I'm assuming that using the config file that you pointed me to, adjusted so that the Math-Emulation flag is on, I should be able to build the kernel that I need? The patches that were in the 1.1 directory: bridge-nf-0.0.7-against-2.4.19.diff.gz grsecurity-1.9.9c-2.4.20.patch.gz helpers-2.4.20.patch.gz linux-2.4.19-openssl-0.9.6b-mppe.patch.gz I assume that I apply all of these to the 2.4.20 source that I've obtained? Is that correct? I guess I'm a little confused as some of these patches appear to be for 2.4.19... Once I've done all that, I'm also assuming that I can use the precompiled modules for 2.4.20 without having to worry about recompiling them too. Could someone let me know if I'm way off track here? Thanks Nick -Original Message- From: Peter Mueller [mailto:[EMAIL PROTECTED]] Sent: 19 February 2003 00:59 To: 'Nick Taylor'; [EMAIL PROTECTED] Subject: RE: [leaf-user] Bering Kernel Source? Hi Nick, I'd like to try Bering, but only have a 486SX to try it out on, so I believe that I'll need to recompile the kernel. I think this is correct, Bering is compiled for 486DX by default.. The only sources that I can find are for 2.4.18, which was for Bering 1.0-RC1. Will this work with 1.1, or will I need to get the source for 2.4.20? http://leaf.sourceforge.net/devel/jnilo/bering/latest/ specifically, http://leaf.sourceforge.net/devel/jnilo/bering/latest/developm ent/kernel/Ber ing-2.4.20.config and the packages from the image file are what you'll need. Not having tried it, can a 2.4 kernel be recompiled to work on a 486SX, or am I going to slam into a brick-wall straight away on that front? I think you should be O.K. as long as you recompile your kernel. Hope that helps, Peter --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering/Shorewall and alias interfaces
Thomas V. Fischer wrote: Hello all, I have managed to set a virtual/alias interface in the Bering distrib but shorewall complains and tells me that I have an illegal character in the interface and says no aliases. IS there a way around this... Please see the Shorewall FAQ (http://www.shorewall.net/FAQ.htm#faq18 -Tom -- Tom Eastep\ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering Kernel Source?
Hi Nick, I've downloaded the source for kernel 2.4.20 from kernel.org. great I'm assuming that using the config file that you pointed me to, adjusted so that the Math-Emulation flag is on, I should be able to build the kernel that I need? mod it however you'd like, but be a little careful with the modules like iptables (leave them the way they are unless you want to create a custom modules.lrp). The patches that were in the 1.1 directory: bridge-nf-0.0.7-against-2.4.19.diff.gz grsecurity-1.9.9c-2.4.20.patch.gz helpers-2.4.20.patch.gz linux-2.4.19-openssl-0.9.6b-mppe.patch.gz I didn't apply these to mine, but you might want them. I know the openssl-mppe patch is for PPTP functionality and the bridge-nf is some kind of unusual bridging patch. By looking at the source or using google you can probably find out what the other two are fairly quickly. I assume that I apply all of these to the 2.4.20 source that I've obtained? Is that correct? I guess I'm a little confused as some of these patches appear to be for 2.4.19... Usually when you see older versions in a CURRENT directory it means the patches will apply cleanly to the current. So in this case I would assume the 2.4.19's will apply against 2.4.20. Once I've done all that, I'm also assuming that I can use the precompiled modules for 2.4.20 without having to worry about recompiling them too. yes, AFAIK. if you have problems you can always make modules and replace the problem modules with ones from your specific build. Could someone let me know if I'm way off track here? AFAIK you're ok.. you're pretty much doing what I did and it worked for me. Hopefully we're not both off track. ;) P --- This SF.net email is sponsored by: SlickEdit Inc. Develop an edge. The most comprehensive and flexible code editor you can use. Code faster. C/C++, C#, Java, HTML, XML, many more. FREE 30-Day Trial. www.slickedit.com/sourceforge leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html