[leaf-user] new WISP-Dist build 2546
Hello All, A new WISP-Dist test build (2546) is available from http://www.hazard.maks.net/wisp-dist/downloads/. I did stress testing of Prism and Cisco cards on Soekris and Teletronics boards and found several stability issues in the drivers. The good news is it seems that I've been able to overcome them. Hostap driver is reverted to an old version used in 2.4.18-based WISP-Dist releases, as new one from CVS seems to be very unstable, at least in slow motherboards. Cisco driver was updated to the new version Cisco released a couple of days, and looks to be quite stable as well (the previous Cisco driver could end up with card being locked up and not able to send anything). Also trafshow utility is included. This is a quite useful utility to look at per-host traffic statistics, especially if your system is not powerful enough to run ntop. -- Best Regards, Vladimir Ivaschenko Thunderworx - Systems Engineer (RHCE) --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] dachstein NTP Internal Time Server - EXTERNAL ports now open
All - A quick update, I inserted into network.conf, down about line 323, the list of servers matching the list from the ntpsimpl conf from the setup package menu. ie: EXTERN_UPD_PORT0=0/0 domain EXTERN_UDP_PORT1=0/0 bootpc EXTERN_UDP_PORT2=www.xxx.yyy.zzz/24 ntp EXTERN_UDP_PORT3=aaa.bbb.ccc.ddd/24 ntp etc. The linux clock (date) and cmos clock (hwclock --show) are probably within a millisecond of each other and no doubt very close to real time, and the drift log has begun to show a real value instead of 0.0 so I'm pretty sure the daemon is up, running and doing its job. My M$ machine still cannot sync with the DS firewall with a unable to contact server and a mandrake 9.0 box with netdate 192.168.1.254 run from root gets connection refused. Looks like I'm still lost as how to open the internal port 123 for the time server. R - Bill __ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] dachstein NTP Internal Time Server - EXTERNAL portsnow open
William Brinkman wrote: snip My M$ machine still cannot sync with the DS firewall with a unable to contact server and a mandrake 9.0 box with netdate 192.168.1.254 run from root gets connection refused. Looks like I'm still lost as how to open the internal port 123 for the time server. Port 123 for internal systems should be open already. I strongly suspect either your M$ machine is looking for a different flavor of time-server (ie something other than NTP), or the NTP package you're running does not implement the server functions (I'm not personally familiar with the NTP software you're using). It's also possible you need to configure your ntp software to listen to the internal NIC. You can check which programs are listening on which IP's with the netstat command: netstat -lnp Look for UDP port 123, and make sure it's either listening on 0.0.0.0 (all IP's), or the IP of your internal interface. If nothing is listening on that port, you either need different NTP software to support the server portion of NTP, or have some kind of configuration problem. -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] dachstein NTP Internal Time Server - udp internal port looks open
Thank you Charles for the excellent lead! I took your advice and did a #netstat -ldp | more and got the following lines concerning port 123 (with apologies for the formatting problems): proto recv-Q send-Q local addr foreign addr state PID/Pgrm name udp 0 0 192.168.1.254:123 0.0.0.0:* 1063/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 1063/ntpd udp 0 00.0.0.0:123 0.0.0.0:* 1063/ntpd Nothing is in the state column although 'LISTEN' appears with port 53, 1023, and 80. I'm no expert but I get the idea that 'LISTEN'should have been in the 'state' column. I will start looking at the conf file and see if I missed something in the conf to enable the server function. R - Bill --- Charles Steinkuehler [EMAIL PROTECTED] wrote: Port 123 for internal systems should be open already. I strongly suspect either your M$ machine is looking for a different flavor of time-server (ie something other than NTP), or the NTP package you're running does not implement the server functions (I'm not personally familiar with the NTP software you're using). It's also possible you need to configure your ntp software to listen to the internal NIC. You can check which programs are listening on which IP's with the netstat command: netstat -lnp Look for UDP port 123, and make sure it's either listening on 0.0.0.0 (all IP's), or the IP of your internal interface. If nothing is listening on that port, you either need different NTP software to support the server portion of NTP, or have some kind of configuration problem. -- Charles Steinkuehler __ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] dachstein NTP Internal Time Server - udp internalport looks open
William Brinkman wrote: Thank you Charles for the excellent lead! I took your advice and did a #netstat -ldp | more and got the following lines concerning port 123 (with apologies for the formatting problems): proto recv-Q send-Q local addr foreign addr state PID/Pgrm name udp 0 0 192.168.1.254:123 0.0.0.0:* 1063/ntpd udp 0 0 127.0.0.1:123 0.0.0.0:* 1063/ntpd udp 0 00.0.0.0:123 0.0.0.0:* 1063/ntpd Nothing is in the state column although 'LISTEN' appears with port 53, 1023, and 80. I'm no expert but I get the idea that 'LISTEN'should have been in the 'state' column. I will start looking at the conf file and see if I missed something in the conf to enable the server function. http://groups.yahoo.com/group/wheelhorsegardentractors/links Don't knock yourself out about the missing listen. UDP is a stateless protocol, so *NO* UDP entries in the netstat output will have anything in the state column. States only make sense for TCP. It looks like your server is listening to the internal interface, and there are no firewall rules blocking any access from internal networks to the firewall itself, so unless you did something really wacky to the ipchains rules, that's not your problem either. I'd make sure your windows client is actually talking NTP, rather than one of the other (typically simpler) time protocols. -- Charles Steinkuehler [EMAIL PROTECTED] --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] CUSeeMe
Morning all. Can anyone give me any advice on getting CUSeeMe running through Bering 1? My Googling seems to indicate there are some patches required but I couldn't find anything compiled. Can anyone recommend a source of the modules I would need? Or a source of information? Thanks. --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] dachstein NTP Internal Time Server - Any Bering Folks using this?
Thank you Charles for the expert advice on upd. I did a little more snooping and turns out #netdate command (linux box) is port 37 while ntp is port 123. (I realize I'm beginning to sound like a total moron and should have done the homework and rtfmed). I downloaded a program called automachron for the M$ box (which looks pretty good for free) that specifically calls out which port it plans to connect to, 37 or 123. I asked it to hit the firewall 192.168.1.254 and received Error: 192.168.1.254 (123) - Socket Error: Valid name, no data record of requested type. Asking it to look at a 'real' server under the various protocols (v1,v2,v3,v4) produced the desired result of providing information to update the time. The LEAF Time in Bearing 14.5 Subsection indicates that the combination of libm.lrp and ntpsimpl.lrp can be used to create a time server. The paper then explicitly says to open the firewall with: ACCEPT loc fw upd ntp (to query the Bering time server for local net). I did NOT attempt to improve the standard firewall rules so your comment below saying the internal network should be able to access the firewall should still be valid. Maybe a little more snooping in the ntpsimpl.lrp documentation is the next step. Thank you for your valued comments and opinions. R - Bill --- Charles Steinkuehler [EMAIL PROTECTED] wrote: Don't knock yourself out about the missing listen. UDP is a stateless protocol, so *NO* UDP entries in the netstat output will have anything in the state column. States only make sense for TCP. It looks like your server is listening to the internal interface, and there are no firewall rules blocking any access from internal networks to the firewall itself, so unless you did something really wacky to the ipchains rules, that's not your problem either. I'd make sure your windows client is actually talking NTP, rather than one of the other (typically simpler) time protocols. -- Charles Steinkuehler __ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Samba issues
When using smb-2b.lrp to run a Samba server I couldn't get Windows XP clients to connect, so I decided to compile some of the latest versions (2.2.3a, 2.2.7a, 2.2.8) of Samba to use. However with these new versions I get the following error when trying to login from any client (Win2K, smbclient): build_sam_account: smbpasswd database is corrupt! username someuser not in unix passwd database! The odd thing is that the user does exist in /etc/passwd, and everything worked fine before with smb-2b.lrp (version 2.0.4b). Similarly, when using smbpasswd to add a user I get the error message: User someotheruser does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user. Failed to modify password entry for user someotheruser I've statically compiled these new versions so it shouldn't be a library issue. Has anybody had any success using Samba (other than the smb-2.lrp smb-2b.lrp packages) or knows what the problem might be? Has anybody had success connecting with WinXP clients when using the smb-2.lrp or smb-2b.lrp packages? Any help/guesses would be greatly appreciated. -- --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] dachstein NTP Internal Time Server - Up and running
All, I put the NTP rpm in my mandrake 9.0 linux box. Set the ntp.conf server to 192.168.1.254 (firewall address). Inserted a /etc/ntp.drift and put a 1 in the file. Started the ntpd daemon. Tested out the troubleshooting guide and on the mandrake box tried a: # ntpq -p 192.168.1.254 The results indicated that the firewall was doing its job as a time server. The display indicated every server I had in the conf file of the fire wall as well as detailed statistics on how much they vary from each other. Now the strange part: From the M$ box, using Automachron time update software, the time will sync fine to the mandrake box, but still has the socket error for the firewall. Looks like I need to test some other software that will be more forgiving with the firewall. __ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Samba issues
On Sunday 16 March 2003 08:19 pm, Spiro Philopoulos wrote: When using smb-2b.lrp to run a Samba server I couldn't get Windows XP clients to connect, so I decided to compile some of the latest versions (2.2.3a, 2.2.7a, 2.2.8) of Samba to use. However with these new versions I get the following error when trying to login from any client (Win2K, smbclient): build_sam_account: smbpasswd database is corrupt! username someuser not in unix passwd database! The odd thing is that the user does exist in /etc/passwd, and everything worked fine before with smb-2b.lrp (version 2.0.4b). Similarly, when using smbpasswd to add a user I get the error message: User someotheruser does not exist in system password file (usually /etc/passwd). Cannot add account without a valid local system user. Failed to modify password entry for user someotheruser I've statically compiled these new versions so it shouldn't be a library issue. Has anybody had any success using Samba (other than the smb-2.lrp smb-2b.lrp packages) or knows what the problem might be? Has anybody had success connecting with WinXP clients when using the smb-2.lrp or smb-2b.lrp packages? Any help/guesses would be greatly appreciated. You need to setup a home directory for each of the users and login under that username(s) and set the password. Linux/Samba uses shadow-passwords instead of the old passwd file. This is likely the source of your errors. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://www.guitarlynn.homelinux.org:81 --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] CUSeeMe
On Sunday 16 March 2003 07:15 pm, David Pitts wrote: Morning all. Can anyone give me any advice on getting CUSeeMe running through Bering 1? My Googling seems to indicate there are some patches required but I couldn't find anything compiled. Can anyone recommend a source of the modules I would need? Or a source of information? You'll need to use h323 support, IIRC. There should be ipmasq/iptables modules (or config) to add/use this support. BTW, did the updated udhcp package work better for you? -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://www.guitarlynn.homelinux.org:81 --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html