[leaf-user] copying files to your firewall.
I am currently running Bering Uclibc on a system that uses a CF Disk as the boot media. This disk is inside of the case and thus updating any software means pulling the system offline unracking it and opening the box up. About 20 minutes worth of work. Besides ssh does anyone have a secure means of transfer to bering. Bossman doesn't even want to have an ssh client on the firewall that can scp out to a single IP address. Because of this I am pretty much limited to a serial connection to the box. Any suggestions at all would be greatly appreciated. --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Orinoco card not coming up fully
dave, i would also check to make sure that the wireless card is in the right mode (ad-hoc, manual, ap, etc...) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of David Mcguire Sent: Monday, July 14, 2003 8:03 AM To: [EMAIL PROTECTED] Subject: [leaf-user] Orinoco card not coming up fully I've finally figured out the PCMCIA problems, the wireless files, and a few other missing links for my Bering 1.2 router, and now I'm down to the wireless card. Specs: eepro100 on eth0 orinoco gold on eth1 system booting from hd, other specs on hardware seem ok The machine comes up fine. I get two 'high beeps' from the card on initial startup. However, dhcpd doesn't work, says eth1 is 0.0.0.0 and needs to be configured. In daemon.log, I have my listing of ./network start eth1 but it never completes. If I run iwconfig it hangs the system and the easiest way to break out of it is to restart the system. If I run ./network stop eth1 then run iwconfig, I get the 'no wireless extensions' error, but eth1 does show up. running ./network start eth1 I get an 'operation not supported by device'. If I rmmod, then insmod, orinoco_cs and re-run ./network start eth0, it comes up with an IP address in ifconfig but it doesn't actually send a radio signal. I'm using a 'bare' wireless.opts file, BTW. Even after that, I still can't run iwconfig eth1, it just hangs. I don't know what I did wrong. Has anyone else run into this? Dave __ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] copying files to your firewall.
On 14 Jul 2003, Charles Holbrook wrote: I am currently running Bering Uclibc on a system that uses a CF Disk as the boot media. This disk is inside of the case and thus updating any software means pulling the system offline unracking it and opening the box up. About 20 minutes worth of work. Besides ssh does anyone have a secure means of transfer to bering. Bossman doesn't even want to have an ssh client on the firewall that can scp out to a single IP address. Because of this I am pretty much limited to a serial connection to the box. Any suggestions at all would be greatly appreciated. If Bossman is not comfortable with ssh, then I can't imagine why he would be amenable to any other file transfer mechanism. He will just have to pay for your 20*n minutes worth of work. --- Jeff NewmillerThe . . Go Live... DCN:[EMAIL PROTECTED]Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/BatteriesO.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --- --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] essid and ip problem
Bering 1.2, Orinoco silver cards in a Soekris Net 4501 box.. Having a problem getting the essid to work, and get an ip assigned to the radio :( Here's what I have: /etc/network/interfaces: auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp auto eth1 iface eth1 inet static address 192.168.2.151 masklen 24 iface eth2 inet static address 192.168.3.1 masklen 25 wireless_mode ad_hoc wireless_essid private wireless_key s:priva wireless_channel 11 # iwconfig lono wireless extensions. dummy0no wireless extensions. eth0 no wireless extensions. eth1 no wireless extensions. eth2IEEE 802.11-DS ESSID: Nickname:HERMES I Mode:Managed Frequency:2.422GHz Access Point: 00:00:00:00:00:00 Bit Rate:11Mb/s Tx-Power=15 dBm Sensitivity:1/3 Retry limit:4 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality:0/92 Signal level:134/153 Noise level:134/153 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 # ip addr 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:00:24:c0:9c:1c brd ff:ff:ff:ff:ff:ff inet 192.168.1.120/24 brd 192.168.1.255 scope global eth0 4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:00:24:c0:9c:1d brd ff:ff:ff:ff:ff:ff inet 192.168.2.151/24 scope global eth1 5: eth2: BROADCAST,MULTICAST mtu 1500 qdisc noop qlen 100 link/ether 00:60:1d:23:7e:bb brd ff:ff:ff:ff:ff:ff When I restart the pcmcia service, it looks as if it loads ok, no errors, and I get the single solid light on the radio that I would expect.. I have the other end of the link to configure yet, so I'm not sure if it is associating or not.. --- Homer Parker /\ ASCII Ribbon Campaign \ / No HTML/RTF in email http://www.homershut.net x No Word docs in email telnet://bbs.homershut.net/ \ Respect for open standards Bill Gates reports on security progress made and the challenges ahead. -- Microsoft's Homepage, on the day an SQL Server bug crippled large sections of the Internet. pgp0.pgp Description: PGP signature
[leaf-user] eagle.lrp for SAGEM F@ST 800 USB modem available
If you want to connect your LEAF Bering router to the Internet via a DSL modem based on the Anolog chipset Eagle 8051. The Sagem [EMAIL PROTECTED] 800 modem as well as USRobotics DSL modems are based on this chipset. However, only the [EMAIL PROTECTED] 800 as been fully tested (thanks to Mathieu for his help on this) The doc is here: http://leaf.sourceforge.net/doc/guide/bueagle.html Jacques --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] copying files to your firewall.
I take it you don't have a floppy in the machine? Also, I don't have ssh on my box, but I do have sshd and I scp stuff to the box all the time. You can set it up to only listen to the internal interface. But, you seem to already know that. I think Jeff is right, if BBM (Big BossMan) don't want to allow ssh(d) on the box, he best set aside $$$ for downtime and your labor. Tony - Original Message - From: Charles Holbrook [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, July 14, 2003 11:39 AM Subject: [leaf-user] copying files to your firewall. I am currently running Bering Uclibc on a system that uses a CF Disk as the boot media. This disk is inside of the case and thus updating any software means pulling the system offline unracking it and opening the box up. About 20 minutes worth of work. Besides ssh does anyone have a secure means of transfer to bering. Bossman doesn't even want to have an ssh client on the firewall that can scp out to a single IP address. Because of this I am pretty much limited to a serial connection to the box. Any suggestions at all would be greatly appreciated. --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: can only ping assigned IP -- fixed!
WoooWhooo! Celebration at my place. Bering is the winner! I can connect and ping everywhere. Major step forward. previous: With this suggestion, I think it's time to cut run from EigerStein --- Bering. You concur? Thanks for the help. Let me give it a try and I'll be back to you. Hopefully with success. Go Well -- Bob Peterson Now, I feel like the happy couple in the back of the bus at the end of The Graduate. They say, Now what? Things I've noticed: 1) When the system boots, it insists on dialing out. It does connect, but I would rather a pppd demand. I can turn this off by adding to '/etc/ppp/peers/provider' -- demand, but then 'pon provider' fails to launch and spawns a new '/usr/sbin/pppd' each try without connecting. Also '/etc/ppp/no_ppp_on_boot' does exist. My reading says this should prevent the on-boot dial out. Hmmm? 1a) Without '/usr/ppp/peers/provider' -- demand, when the system goes off line, then the modem responds to a ping request, dials out and pings correctly. This is the big success. 2) Bering does not report to the screen or to any log file the nifty connect info I get from my Slackware9.0 box, thus: Using interface ppp0 Connect: ppp0 -- /dev/ttyS1 local IP address 206.166.57.178 remote IP address 206.166.57.162 Should I see any/that messages about addresses? I tried adding to '/etc/ppp/peers/provider' -- icpc-accept-local and icpc-accept-remote, but it flat out didn't like that. H, again? Oppps, I just found it -- /var/log/daemon.log. Anyway to send it to the screen? 3) Third, h? Now what? What to do to enable the firewall to respond to other boxes on my LAN, to dial out, and connect for them. Something must be done on the other machines so they know to talk to firewall for their outside connection. Yes? Also, I can correctly ping all my machines on my LAN, which are listed in '/etc/hosts'. 4) Last, h? '/usr/sbin/ipmasqadm' does not exist. Should it? And is it need for the masq kinda stuff? Now I'm into new, uncharted waters. So, again, here's hoping for some final help, then I'll go away for good or at least a long time. You all have been really helpful and I appreciate the support. Go Well -- Bob Peterson Again, here is the diagnostic stuff: 0) 'uname -a': Linux firewall 2.4.20 #1 Sun May 11 18:53:34 CEST 2003 i586 unknown 1) 'ip addr show /mnt/ip_addr.txt': 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 52:54:40:21:30:31 brd ff:ff:ff:ff:ff:ff inet 192.168.100.1/24 brd 192.168.100.255 scope global eth0 4: ppp0: POINTOPOINT,MULTICAST,NOARP,UP mtu 1500 qdisc pfifo_fast qlen 3 link/ppp inet 206.166.57.176 peer 206.166.57.162/32 scope global ppp0 2) 'ip route show /mnt/ip_route.txt': 206.166.57.162 dev ppp0 proto kernel scope link src 206.166.57.176 192.168.100.0/24 dev eth0 proto kernel scope link src 192.168.100.1 default via 206.166.57.162 dev ppp0 3) 'ifconfig' (installed 'netutils.lrp'): loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 eth0 Link encap:Ethernet HWaddr 52:54:40:21:30:31 inet addr:192.168.100.1 Bcast:192.168.100.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 Interrupt:11 Base address:0x280 ppp0 Link encap:Point-to-Point Protocol inet addr:206.166.57.174 P-t-P:206.166.57.162 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:4 errors:2 dropped:0 overruns:0 frame:0 TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 Collisions:0 4) 'route': Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface user-162.charle * 255.255.255.255 UH0 00 ppp0 localnet* 255.255.255.0 U 0 00 eth0 default user-162.charle 0.0.0.0 UG0 00 ppp0 ?s: who is user-162.charle? And what does he do for a living? 5) do not exist: '/usr/sbin/ipmasqadm', '/proc/net/ip_masq/autofw', 'ipchains' -- Why not? And is this okay? Stuff you probably already know: 1) When configure Shorewall -- masq: entry 8, not 7 2) When configure Shorewall -- interfaces: it does not like OPTIONS --
[leaf-user] Now On-Line but big trouble...
Hello, I am using the older LRP 2.9.4 and now after creating my Router image for an analog modem it does not work correctly: Config: eth0NW 192.168.1.64 IP 192.168.1.65 BC 192.168.1.95 NM 255.255.255.224 IP-Masquerading active ppp0idle300 demand Problem 1: Does not dialin on demand from network. If I do a 'ping -c 1 www.bundesregierung.de' on the router it logs in and all is working fine inclusive the network... (I can write/send this message) Problem 2: The idle tome is ignored !!! grrr !!! - quiet expensive ! Question 1: Does anyone have a working ppp-router and give me a link to it ? With a 33600 BpS Modem I can not surf very much and downloading the whole leaf mirror is not... Thanks Michelle -- Registered Linux-User #280138 with the Linux Counter, http://counter.li.org. +--+ | Michelle's Internet-ServiceInh. Michelle Konzack| | FunkLAN-Providerin | +--+ --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] ez-ipupdate
ez-ipupdate won't work for me. Yes that's vague... When I run it manually, I recieve the following errors: connect: Connection refused error connecting to members.dyndns.org:80 Internet connectivity is not a problem. However I am curious about name resolution being a possible problem. It seems to take a while to accomplish that like 10-20 seconds. I'm more curious if anyone on the list knows if this program requires a port to be open on the firewall, or is it supposed to works as is. Sorry if this doesn't belong here but think it might be a firewall issue, -- PAGE,RAYMOND --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] ez-ipupdate
On Mon, 2003-07-14 at 15:52, PAGE,RAYMOND wrote: ez-ipupdate won't work for me. Yes that's vague... When I run it manually, I recieve the following errors: connect: Connection refused error connecting to members.dyndns.org:80 Internet connectivity is not a problem. However I am curious about name resolution being a possible problem. It seems to take a while to accomplish that like 10-20 seconds. I'm more curious if anyone on the list knows if this program requires a port to be open on the firewall, or is it supposed to works as is. Sorry if this doesn't belong here but think it might be a firewall issue, Assuming that you are running Bering: a) The error message says that ez-ipupdate can't connect to port 80 at members.dyndns.org. b) ez-ipupdate runs on the firewall. c) members.dyndns.org is in the 'net' zone. So connecting from the firewall to the net zone to port 80 needs this rule: ACCEPT fw net tcp 80 This stuff really is very simple -Tom -- Tom Eastep\ Shorewall - iptables made easy Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] essid and ip problem
Hello, eth2 IEEE 802.11-DS ESSID: Nickname:HERMES I Mode:Managed Frequency:2.422GHz Access Point: 00:00:00:00:00:00 Bit Rate:11Mb/s Tx-Power=15 dBm Sensitivity:1/3 Retry limit:4 RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality:0/92 Signal level:134/153 Noise level:134/153 Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 This shows that your wireless settings were not implemented properly. You can try manually setting the ESSID and MODE of your wireless card using 'iwconfig'. Once working, and I'm positive it will, you can double check what went wrong with your Bering conf settings/scripts. HTH - Vic - Message: 8 Date: Mon, 14 Jul 2003 14:41:58 -0500 From: Homer Parker [EMAIL PROTECTED] To: [EMAIL PROTECTED] Organization: Homer's Hut Subject: [leaf-user] essid and ip problem --CSxC6xdV,f/g=.,Y Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Bering 1.2, Orinoco silver cards in a Soekris Net 4501 box.. Having a problem getting the essid to work, and get an ip assigned to the radio :( Here's what I have: [SNIPPED] When I restart the pcmcia service, it looks as if it loads ok, no errors, and I get the single solid light on the radio that I would expect.. I have the other end of the link to configure yet, so I'm not sure if it is associating or not.. --- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing more. Download eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html