Re: [leaf-user] RealTek nic problem
On Thursday 12 June 2003 03:40 pm, [EMAIL PROTECTED] wrote: > I have a NIC with a RealTek chipset that in "full" linux distributions > works with the 8139too module. > In Bering 1.2 I loded the mii.o module then when I try to load the > 8139too.o module I got the error: > insmod: init_module: 8139too.o: Operation not supported by device > > What am I missing ? A dependant module like possibly pci-scan.o and mii.o, IIRC, the /etc/modules file listed the dependant modules next to the actual NIC module. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] FreeSWAN Configurator?
On Thursday 12 June 2003 08:22 am, [EMAIL PROTECTED] wrote: > Anyone know of a GUI or HTML configurator for > FreeSWAN IPSec? > Does Webmin address this service? Not that I know of, sorry. :( -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Hard Disk setup
On Thursday 12 June 2003 10:38 pm, Mike Koceja wrote: > I didn't exceed the 255 character limit I'm under it. > Thanks anyway Then something else is borked. When the packages load during boot, do you get a ""? If so, the packages are not loading. A copy of your syslinux.cfg and any error messages would be most useful in locating the problem. Thanks! -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Pump renewing lease too quickly and filling the log
On Thursday 12 June 2003 12:32 am, David Jardine wrote: > My situation is as follows:- > > The modem manages a pppoa connection with my ISP. > Bering uses pump to communicate with the modem. > > In general terms, this setup is working and I have full access to the > internet from the machines on the internal network and from the LRP box. > > The problem is two-fold in that my daemon.log file is growing at an > alarming rate with messages from the pump daemon. The first reason that > this is causing a problem is that each lease renewal is causing 25 to 30 > lines to be written in the log. The second reason that this is causing > a problem is that for some reason pump renewal is firing every 45 > seconds or so. I can't say that I've heard of a pppoX connection using dhcp (pump), which is rather non-existant with any form of ppp. This would lead me to assume that possibly the modem is acting as a NAT'ing router with a dhcp-server built in. Can we get a copy of the pump messaeges to clear things up? -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] pcmcia wlan configure ?
hi i have bering 1.2 , wlan pcmcia card (i think it is prism 2 or 2.5 chip) and i try install this card in hostap mod. i download pcmcia_hostap.lrp rename as pcmcia and add to ldlinux.cfg LRP=root,etc,local,modules,pcmcia,ulogd,weblet when rebooting .. i see this messages Starting PCMCIA services: modules Using /lib/modules/pcmcia/pcmcia_core.o Using /lib/modules/pcmcia/i82365.o Using /lib/modules/pcmcia/ds.o cardmgr. cardmgr[29637]: watching 2 sockets what modul i need for my pcmcia card ? i try use prism2_cs.o but it is not work .. when i use insmod prism2_cs.o i get this messages insmod: unresolved symbol p80211netdev_hwremoved insmod: unresolved symbol p802addr_to_str insmod: unresolved symbol register_wlandev insmod: unresolved symbol p80211netdev_rx insmod: unresolved symbol unregister_wlandev insmod: unresolved symbol wlan_setup insmod: unresolved symbol wlan_unsetup How can i configure this pcmcia card ? very thanks !! tn --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] RealTek nic problem
In /etc/modules it appears to depend only on mii.o that I loaded. Anny further sugestion ? Alex Cópia Lynn Avants <[EMAIL PROTECTED]>: > On Thursday 12 June 2003 03:40 pm, [EMAIL PROTECTED] wrote: > > I have a NIC with a RealTek chipset that in "full" linux > distributions > > works with the 8139too module. > > In Bering 1.2 I loded the mii.o module then when I try to load the > > 8139too.o module I got the error: > > insmod: init_module: 8139too.o: Operation not supported by device > > > > What am I missing ? > > A dependant module like possibly pci-scan.o and mii.o, IIRC, the > /etc/modules file listed the dependant modules next to the actual > NIC module. > -- > ~Lynn Avants > Linux Embedded Appliance Firewall Developer > http://leaf.sourceforge.net > http://guitarlynn.homelinux.org:81 > > > --- > This SF.NET email is sponsored by: eBay > Great deals on office technology -- on eBay now! Click here: > http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] ip_nat_h323 and ip_conntrack_h323 in Leaf wisp kernel.
Hi, just a simple ask to Vladimir, where did you take this modules??? Is from http://roeder.goe.net/~koepi/newnat.html ??? And works audio and video in netmeeting/gnomemeeting ok?? Thanks. Samuel Abreu --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] netsnmpd.lrp and nettrapd.lrp problem
I capied these lrps onto my boot media and set them up in lrpkg.cfg. However when Bering-Uclibc 1.2 loads I get a failure on both packages. netsnmpd says that /usr/sbin/snmpd: No Such file or Directory. The file exists but I get the same error when trying to run it as ./snmpd in the /usr/sbin directory nettrapd does the same thing. I thought this might of been because the config file was not in the correct place, but both config scripts are in /etc/snmp both are set up with the default script. Are there any modifications that I have to make to get this to work? Or is there a dependency lrp that I need to install before these two to get them to work. --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] renamed ssh VNC
Darcy Parker wrote: Message: 1 Date: Wed, 11 Jun 2003 23:26:16 +0200 From: Patrick Benson <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Shorewall Rules and TightVNC I would also suggest the same option Lars proposed, use ssh and portforwarding with ssh acting as the tunnel. Some of the advantages are disabling passwords and using RSAauthentication which can be configured in your sshd_config file, averting the password cracking problem. A properly configured sshd_config file is a powerful complement for your security setup. Another advantage is that you will only be using the ssh port for the connection, instead of opening the standard vnc 5800,5900 ports..and you can use the compression option as well. There's a pretty good tutorial at the realvnc site on how to go about it: http://www.uk.research.att.com/vnc/sshvnc.html Regards, -- Patrick Benson Stockholm, Sweden Good day Patrick and Lars, As I am fairly new to this, I would appreciate a bit more help. I did read the article above and a few others but I am not 100% sure that I am doing everything correct. I have sshd 3.4p1 OpenSSH sshd daemon installed and I have created the keys. I can access the fw using putty from both loc and from net Something that bothered me was the fact that when I connected from the net all I had to do was trust the connection to be accepted then I logged on as root provided my password and I was at the lrcfg screen. I looked at the sshd server system wide configuration file but did not know what to change to prevent just anyone from logging on. Also for rules in shorewall I have ACCEPTlocfwtcp22 ACCEPTnetfwtcp22 do I add ACCEPTnetloctcp22 I want to use the web based TightVNC client on the net to connect to the TightVNC server on loc. Can this be accomplished using port forwarding ? I would normally type http://xxx.xxx.xxx.xxx:5800 in a web browser to connect to the TightVNC server. Would I specify port 22 here instead of port 5800? Any help is appreciated. Best Regards, Darcy Parker How can the firewall know if it is supposed to answer port 22 or forward it to your internal machine? The firewall is already responding to port 22 from the Internet and the local network. It cannot also forward it. You have two choices. 1. Configure your ssh VNC tunnel to use another port - say port 24. Add the shorewall configuration for that port. 2. Configure /etc/ssh/sshd_config to respond to a different port. You would also have to configure your ssh client program to use that port when connecting to the firewall. Change the two rules above to the tcp port that sshd answers on. -- Victor McAllister --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] netsnmpd.lrp and nettrapd.lrp problem
Looks like the problem I am having is because there are no MIB structure txt files in the lrp itself. Was this by design, meaning I have to find a 4.2.6 box to copy them off of and modify the lrp. Or is it set up to use a nonstandard form of the mib structure txt files? On Fri, 2003-06-13 at 11:06, Charles Holbrook wrote: > I capied these lrps onto my boot media and set them up in lrpkg.cfg. > However when Bering-Uclibc 1.2 loads I get a failure on both packages. > > netsnmpd says that /usr/sbin/snmpd: No Such file or Directory. The file > exists but I get the same error when trying to run it as ./snmpd in the > /usr/sbin directory > > nettrapd does the same thing. > > I thought this might of been because the config file was not in the > correct place, but both config scripts are in /etc/snmp both are set up > with the default script. Are there any modifications that I have to > make to get this to work? Or is there a dependency lrp that I need to > install before these two to get them to work. > > > > > > --- > This SF.NET email is sponsored by: eBay > Great deals on office technology -- on eBay now! Click here: > http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] ip_nat_h323 and ip_conntrack_h323 in Leaf wisp kernel.
Actually it wasn't an easy to task to compile these modules, at least at the time I was doing it. You can get them from newnat patches from iptables. Samuel Abreu de Paula wrote: Hi, just a simple ask to Vladimir, where did you take this modules??? Is from http://roeder.goe.net/~koepi/newnat.html ??? And works audio and video in netmeeting/gnomemeeting ok?? Thanks. Samuel Abreu --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Best Regards, Vladimir Ivaschenko Thunderworx - Senior Systems Engineer (RHCE) --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] getting dhcpd to serve two networks
Hi Victor and all Leaf friends,
My Bering V1.1 is using several networks, two are dhcpd using :
#!/bin/sh
# This shell script takes care of starting dhcpd.
# Koon Wong <[EMAIL PROTECTED]>, June 1999
# Modified for linux 2.2 by Charles Steinkuehler, Jan 2000
RCDLINKS="2,S30 3,S30 6,K30"
# Add interfaces, separated by a space (ie "eth0 eth1")
# Typically your internal interface: eth1 for cable modems/DSL, or
# eth0 for ppp/dialup
ifs="eth1 eth2" <
It works well.
Best Regards,
Francois BERGERET,
France.
> -Message d'origine-
> De : [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] la part de Victor
> McAllister
> Envoyé : jeudi 12 juin 2003 19:38
> À : leaf-user
> Objet : [leaf-user] getting dhcpd to serve two networks
>
>
> How do I get dhcpd to listen on eth1 and eth2
>
> here is a clipping from my dhcpd.conf
>
> dynamic-bootp-lease-length 604800;
> max-lease-time 1209600;
>
> subnet 192.168.1.0 netmask 255.255.255.0 {
> option routers 192.168.1.254;
> option domain-name "private.network";
> option domain-name-servers 192.168.1.254;
> range 192.168.1.10 192.168.1.100;
>
> host victormc {
> hardware ethernet 00:a0:cc:d9:24:7b;
> fixed-address 192.168.1.1;
> }
> }
> subnet 192.168.2.0 netmask 255.255.255.0 {
> option routers 192.168.2.254;
> option domain-name "dmz.network";
> option domain-name-servers 192.168.1.254;
> range 192.168.2.8 192.168.2.10;
>
> host penguin {
> hardware ethernet 00:a0:cc:d9:20:ff;
> fixed-address 192.168.2.7;
> }
> }
>
> when I start dhcpd it always says listening on eth1 only.
>
> What am I doing wrong?
>
> --
> Victor McAllister
>
>
>
>
> ---
> This SF.NET email is sponsored by: eBay
> Great deals on office technology -- on eBay now! Click here:
> http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
>
> leaf-user mailing list: [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/leaf-user
> SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
>
---
This SF.NET email is sponsored by: eBay
Great deals on office technology -- on eBay now! Click here:
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Dual Netgear FA310TX cards on Bering 1.2
Hi, I'm trying to get Bering 1.2 running using all the default options. The only problem I'm having is getting it to recognize my network cards. I have two Netgear FA310TX cards using the tulip module, but when I boot I get an "Operation failed" error when tries to do "Configuring network interfaces". Adding the pci-scan module helps (the firewall couldn't ping itself without it), but still no dice. Please help! TIA, -geoff --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Dual Netgear FA310TX cards on Bering 1.2
hi, there are two tulip drivers in the modules package. try the other one. i am using the same cards with the module that is sized 49501 (dont recall right now which is which) brett --- Geoff Catlin <[EMAIL PROTECTED]> wrote: > Hi, I'm trying to get Bering 1.2 running using all > the default options. The > only problem I'm having is getting it to recognize > my network cards. I have > two Netgear FA310TX cards using the tulip module, > but when I boot I get an > "Operation failed" error when tries to do > "Configuring network interfaces". > Adding the pci-scan module helps (the firewall > couldn't ping itself without > it), but still no dice. Please help! TIA, > > -geoff > > > > --- > This SF.NET email is sponsored by: eBay > Great deals on office technology -- on eBay now! > Click here: > http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 > > leaf-user mailing list: > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html __ Do you Yahoo!? Yahoo! Calendar - Free online calendar with sync to Outlook(TM). http://calendar.yahoo.com --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] RealTek nic problem
On Friday 13 June 2003 08:41 am, [EMAIL PROTECTED] wrote: > In /etc/modules it appears to depend only on mii.o that I loaded. > > Anny further sugestion ? It's _really_, _really_ hard to say. You have the disk and all the configuration there and all I have seen is a couple of interpretations made by you. It would not be any different if I was to ask you what was wrong with my car because I hear a noise under the hood.. I am truly stabbing in the dark w/o better diagnogstics as requested by the SR-FAQ linked at the bottom of _every_ post to this list. It's likely the reason no one else has replied (they have _no_ actual information from the box to work with). That being said (as clearly as I can in a nice way). Assuming you are using modules from the correct kernel tarball, I would say that you are likely _not_ using a 8139 chipset, which can be verified by looking at the NIC itself (the chip will have a marking like 'rtl8139' on it. This idea is based from the results that I get insmod'ing the same modules on my machine w/o a 8139 card and the fact that several people have reported the same problem with the ne2k-pci card using the 8139too module (which they also claimed worked with another full distribution). Personally I would try the pci-scan.o, 8390.o, and ne2k-pci.o modules (assuming Becker modules) it sure won't hurt to try. Though this same thing has been reported before, there is absolutely no way the 8139too module should _ever_ work with a 'ne' chipsetthese are entirely different and non-compatible chipsets. Either way, the chip should be marked with the proper identification if you take a look at it. Otherwise, we'll need diagnostic information to be of any help! ;) -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] RealTek nic problem
> In /etc/modules it appears to depend only on mii.o that I loaded. Download the bering .config and try compiling the 8139 driver into the kernel. You could also try downloading Donald Becker's driver's from scyld and patching that into your kernel. (Like Lynn says, don't forget pci-scan!) --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] RealTek nic problem
Le Vendredi 13 Juin 2003 21:45, Peter Mueller a écrit : > > In /etc/modules it appears to depend only on mii.o that I loaded. > > Download the bering .config and try compiling the 8139 driver into the > kernel. You could also try downloading Donald Becker's driver's from scyld > and patching that into your kernel. (Like Lynn says, don't forget > pci-scan!) Donald Becker's drivers are available in the kernel/net Bering modules directory Jacques --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] vnc + ssh (was Re: leaf-user digest, Vol 1 #1825 - 4 msgs)
Darcy Parker wrote: > Good day Patrick and Lars, > > As I am fairly new to this, I would appreciate a bit more help. I did read > the article above and a few others but I am not 100% sure that I am doing > everything correct. Hi Darcy, Trust me, you're not the only one who has encountered this.. :) It's quite a simple solution but can be difficult to grasp at first. > I have sshd 3.4p1 OpenSSH sshd daemon installed and I have created the keys. > I can access the fw using putty from both loc and from net > Something that bothered me was the fact that when I connected from the net > all I had to do was trust the connection to be accepted then I logged on as > root provided my password and I was at the lrcfg screen. There are several ways in order to do this, since we all have our own solutions, depending on what type of internal network, operating systems we are using, you might, in the end, prefer to do it in a way other than the way I may be doing it. Personally, I prefer to portforward ssh to an internal FreeBSD box, using a normal user account and su to my Dachstein router. I avoid root + password directly to the router from the outside because of various flaws that were detected 1-2 yrs. ago, it's just a precaution that I prefer. > I looked at the sshd server system wide configuration file but did not know > what to change to prevent just anyone from logging on. Since you have an identity, dsa key that no one else should have access to it would be preferable to disable passwords altogether and only use RSAauthentication. Some of my sshd_config file looks like this: PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes PasswordAuthentication no So when I log on I have to give my pass phrase and no passwords will do if that should fail, not even root login is allowed. > Also for rules in shorewall I have > > ACCEPTlocfwtcp22 > ACCEPTnetfwtcp22 > > do I add > > ACCEPTnetloctcp22 > > I want to use the web based TightVNC client on the net to connect to the > TightVNC server on loc. Can this be accomplished using port forwarding ? If you want to portforward ssh to your internal server it would look like this, I believe, (I still use Seawall on Dachstein): DNATnet loc: tcp ssh > I would normally type http://xxx.xxx.xxx.xxx:5800 in a web browser to > connect to the TightVNC server. Would I specify port 22 here instead of > port 5800? The ssh connection is transparent so don't have to do anything with ssh ports once you have forwarded the vnc ports with the ssh connection. When you start the vncserver on the remote machine you will see a message which would look like this: $ vncserver New 'X' desktop is my.network.domain:1 The number 1 is your first screen that will be listening on ports 5801, 5901. Do "netstat -an" and you will see that this will be confirmed. The next vncserver will be my.network.domain:2, listening on ports 5802, 5902 and so on. This depends on how your local machine is connecting to the remote machine acting as the vncserver. You will have to read the tutorial, once again, to realize what you are really trying to do, it takes some time getting used to it. What you are actually doing is using the remote server as a local screen, using the ssh tunnel to act as a secure route for the vnc connection. Take a look, once more, at the subtitle "More advanced use" - http://www.uk.research.att.com/vnc/sshvnc.html - since that example is closest to your solution. Good Luck! -- Patrick Benson Stockholm, Sweden --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] PPTP loging
On Thursday 12 June 2003 02:45 pm, Jørn Eriksen wrote: > Hi there, > > Would there be anyone that uses Leaf as a dial-in unit that have created a > special log script? What I'm after is something that can tell me when a > user login into PPTP and exited > > The easy part is the grep the log and get when they logged in - however - > it's a bit more tricky to get when they logged out.. Hopfully someone has > allready invented this "wheel" :-) There has been an application or two posted in the past that does the type of logging you want. Likely the easiest way to do this otherwise is to add a script to the ifup/ifdown PPP scripts that 'echo' the desired information to a log file of your choice. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --- This SF.NET email is sponsored by: eBay Great deals on office technology -- on eBay now! Click here: http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
