[leaf-user] sending Email from Bering 1.2
Hi All, how can I let my Bering 1.2 send me a email eg. with the logs? Thanks Felix __ Gesendet von Yahoo! Mail - http://mail.yahoo.de Logos und Klingeltöne fürs Handy bei http://sms.yahoo.de --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Problem IPSec with Bering
Hello, I have a problem with IPSec on Bering router. I have one router/firewall (Bering) with 2.4.18 kernel. The Lan is 192.168.1.0 /24 (address of the router : 192.168.1.254) . The external IP address is 172.16.10.1 (mask 255.255.0.0). I have IPSec version 1.97. The other router is a Bering router with 2.4.20 kernel. The Lan is 10.0.0.0/8 (address of the router : 10.0.0.83). The external IP address is 172.16.10.4 (mask 255.255.0.0). I have IPSec version 1.99.6.2. The ipsec.conf file on the first router is : config setup # THIS SETTING MUST BE CORRECT or almost nothing will work; # %defaultroute is okay for most simple cases. interfaces=%defaultroute # Debug-logging controls: "none" for (almost) none, "all" for lots. klipsdebug=none plutodebug=all # Use auto= parameters in conn descriptions to control startup actions. plutoload=%search plutostart=%search # defaults for subsequent connection descriptions conn %default # How persistent to be in (re)keying negotiations (0 means very). keyingtries=0 # connection de test entre Bic et Exodus conn Bic-Exodus left=%defaultroute leftsubnet=192.168.1.0/24 leftnexthop= right=172.16.10.4 rightsubnet=10.0.0.0/8 rightnexthop= auto=start authby=rsasig leftrsasigkey=0sAQOKGduouVCa7t6wwdgCbdJfT7q7eH59KBU8Cey6Ikohq3FQffLKIhvbihcklXX91ZZXzXADRkagdyDkJ9dqCp7RHiiQOd1gRI3Gf4m1d9ZFHv0gm0oHnVBjqJwA+whugOQDCEh3Ya884y2qdz7cW+2VYfTehWwFVw+JVTMNSKv/hw== rightrsasigkey=0sAQOH3JtWlFtIDdAmhgcUz2U+jqEP7iyUTz6pO03hB++wQYMY2JI2d5PgC96HTs0DdLrJAgAcwjRJ4vSSOZejifbQVCCIFVmbWImdoh8BB5IOizW/Jkerp6Mr3L+VlBUoUCPAWrx5OvqcBsIuP7ySy9CgtrJc1YkFc0cV9tMQvkbgGQ== The ipsec.conf on the second router is : # basic configuration config setup # THIS SETTING MUST BE CORRECT or almost nothing will work; # %defaultroute is okay for most simple cases. interfaces=%defaultroute # Debug-logging controls: "none" for (almost) none, "all" for lots. klipsdebug=none plutodebug=all # Use auto= parameters in conn descriptions to control startup actions. plutoload=%search plutostart=%search # defaults for subsequent connection descriptions conn %default # How persistent to be in (re)keying negotiations (0 means very). keyingtries=0 # connection de test entre Bic et Exodus conn Bic-Exodus left=172.16.10.1 leftsubnet=192.168.1.0/24 leftnexthop= right=%defaultroute rightsubnet=10.0.0.0/8 rightnexthop= auto=start authby=rsasig leftrsasigkey=0sAQOKGduouVCa7t6wwdgCbdJfT7q7eH59KBU8Cey6Ikohq3FQffLKIhvbihcklXX91ZZXzXADRkagdyDkJ9dqCp7RHiiQOd1gRI3Gf4m1d9ZFHv0gm0oHnVBjqJwA+whugOQDCEh3Ya884y2qdz7cW+2VYfTehWwFVw+JVTMNSKv/hw== rightrsasigkey=0sAQOH3JtWlFtIDdAmhgcUz2U+jqEP7iyUTz6pO03hB++wQYMY2JI2d5PgC96HTs0DdLrJAgAcwjRJ4vSSOZejifbQVCCIFVmbWImdoh8BB5IOizW/Jkerp6Mr3L+VlBUoUCPAWrx5OvqcBsIuP7ySy9CgtrJc1YkFc0cV9tMQvkbgGQ== When I look the route on the routers, everything seem ok. When I look the syslog on the first router, I have this : Oct 17 12:26:17 exodus ipsec__plutorun: 104 "Bic-Exodus" #1: STATE_MAIN_I1: initiate Oct 17 12:26:17 exodus ipsec__plutorun: 106 "Bic-Exodus" #1: STATE_MAIN_I2: sent MI2, expecting MR2 Oct 17 12:26:17 exodus ipsec__plutorun: 108 "Bic-Exodus" #1: STATE_MAIN_I3: sent MI3, expecting MR3 Oct 17 12:26:17 exodus ipsec__plutorun: 004 "Bic-Exodus" #1: STATE_MAIN_I4: ISAKMP SA established Oct 17 12:26:17 exodus ipsec__plutorun: 112 "Bic-Exodus" #2: STATE_QUICK_I1: initiate Oct 17 12:26:17 exodus ipsec__plutorun: 004 "Bic-Exodus" #2: STATE_QUICK_I2: sent QI2, IPsec SA established When I look the syslog on the second router, I have this : Oct 17 14:27:44 bic kernel: IPSEC EVENT: KLIPS device ipsec0 shut down. So the problem seems to be on the second router. But I don't have any idea about the origin of the problem. Does somebody can help me? Regards --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] sending Email from Bering 1.2
Hi Felix On Fri, 17 Oct 2003 12:40:40 +0200 (CEST), Felix Theodor <[EMAIL PROTECTED]> wrote: Hi All, how can I let my Bering 1.2 send me a email eg. with the logs? If you've got your POSIXness settings right (see the lrcfg menu, System settings), the mail command will work: mail -s "LEAF log file" [EMAIL PROTECTED] will send syslog.0 to your email address. You could also edit /etc/crontab to make this happen automatically at whatever time you want. hope that helps Julian -- [EMAIL PROTECTED] www.ljchurch.co.uk --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] sending Email from Bering 1.2
You have to modify /etc/POSIXness.conf to setup mail settings and then modify /etc/crontab to add a line such as 30 12 * * * rootmail -a "/var/log/*.log" [EMAIL PROTECTED] This mean mail all log at 12.30pm everyday Huy - Original Message - From: "Felix Theodor" <[EMAIL PROTECTED]> To: "USER LEAF" <[EMAIL PROTECTED]> Sent: Friday, October 17, 2003 11:40 AM Subject: [leaf-user] sending Email from Bering 1.2 > Hi All, > > how can I let my Bering 1.2 send me a email eg. with > the logs? > > > Thanks > > Felix > > __ > > Gesendet von Yahoo! Mail - http://mail.yahoo.de > Logos und Klingeltöne fürs Handy bei http://sms.yahoo.de > > > --- > This SF.net email is sponsored by: SF.net Giveback Program. > SourceForge.net hosts over 70,000 Open Source Projects. > See the people who have HELPED US provide better services: > Click here: http://sourceforge.net/supporters.php > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Error while trying to compile the kernel
Hi, I´m trying to build a 2.4.20 kernel for Bering_uClibc_2.0 with the instructions given in http://cvs.sourceforge.net/viewcvs.py/leaf/src/bering-uclibc/configs/kernel/ 2.4.20/ They read: "As root, unpack in /usr/src 1/ A fresh 2.4.20 linux kernel from http://www.kernel.org 2/ super-freeswan 1.99.6.2 from http://www.freeswan.ca/code/superfreeswan (if needed) 3/ pcmcia-cs 3.2.4 from http://pcmcia-cs.sf.net (if needed) Then apply the following patches sequence: gunzip helpers-2.4.20.patch.gz -c | patch -p1 gunzip ebtables-v2.0.003_vs_2.4.20.diff.gz -c | patch -p1 ... " My problem is that I just can´t apply the patches. I get the messages "helpers-2.4.20.patch.gz: not in gzip format" Is the patch corrupt? Am I doing something wrong? Thanks in advance. Guillermo --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Access files on internal machine
At 10:44 PM 10/16/2003 -0700, M Lu wrote: Thank you Sean and Ray. I would like to install VNSTAT (http://torus.lnet.lut.fi/vnstat/) on the router to monitor network traffic. It has to maintain a database and I do not have nor want to use hard-disk in my router. I could add another floppy but I do not like the idea of write/read with floppy, very hardware error-prone. So I am thinking about being able to write and read to/from a remote machine. I think Jacques has samba.lrp and I think I can use smbclient to mount a system from remote Linux or Windows. I never use smbclient, only smbserver, so just wonder if it is possible. No (or at least I think the answer is no). I don't use smbclient either, but I do have it installed on a workstation, and its man page says it provides "ftp-like access". I don't see any options for mounting smb filesystems, only for getting directories, doing puts and gets, and other ftp-style stuff. I believe you need to add kernel support for smb filesystems, at which point either mount or smbmount will let you mount a remote SMB share on the LEAF router. Not having done it (that is, I've done this with Debian servers, but not with LEAF), I don't know if doing it with Bering requires a kernel recompile or if it can be done with modules ... though I do see an smbfs.o module in Bering's modules tarball, which is encouraging. --- This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Error while trying to compile the kernel
Am Freitag, 17. Oktober 2003 16:09 schrieb Guillermo Hechem: > Hi, > > I´m trying to build a 2.4.20 kernel for Bering_uClibc_2.0 with the > instructions given in > http://cvs.sourceforge.net/viewcvs.py/leaf/src/bering-uclibc/configs/kernel >/ 2.4.20/ > They read: > > "As root, unpack in /usr/src > 1/ A fresh 2.4.20 linux kernel from http://www.kernel.org > 2/ super-freeswan 1.99.6.2 from http://www.freeswan.ca/code/superfreeswan > (if needed) > 3/ pcmcia-cs 3.2.4 from http://pcmcia-cs.sf.net (if needed) > > Then apply the following patches sequence: > > gunzip helpers-2.4.20.patch.gz -c | patch -p1 > gunzip ebtables-v2.0.003_vs_2.4.20.diff.gz -c | patch -p1 > ... > " > > My problem is that I just can´t apply the patches. I get the messages > "helpers-2.4.20.patch.gz: not in gzip format" > Is the patch corrupt? Am I doing something wrong? Maybe your file is corrupt; fresh from cvs: #file helpers-2.4.20.patch.gz helpers-2.4.20.patch.gz: gzip compressed data, deflated, original filename, `helpers-2.4.20.patch', last modified: Fri Nov 29 13:38:35 2002, os: Unix kp --- This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Error while trying to compile the kernel
Yep, it was my mistake while downloading the patch. Sorry! -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] nombre de K.-P. Kirchdörfer Enviado el: Friday, October 17, 2003 12:11 PM Para: Guillermo Hechem; [EMAIL PROTECTED] Asunto: Re: [leaf-user] Error while trying to compile the kernel Am Freitag, 17. Oktober 2003 16:09 schrieb Guillermo Hechem: > Hi, > > I´m trying to build a 2.4.20 kernel for Bering_uClibc_2.0 with the > instructions given in > http://cvs.sourceforge.net/viewcvs.py/leaf/src/bering-uclibc/configs/kernel >/ 2.4.20/ > They read: > > "As root, unpack in /usr/src > 1/ A fresh 2.4.20 linux kernel from http://www.kernel.org > 2/ super-freeswan 1.99.6.2 from http://www.freeswan.ca/code/superfreeswan > (if needed) > 3/ pcmcia-cs 3.2.4 from http://pcmcia-cs.sf.net (if needed) > > Then apply the following patches sequence: > > gunzip helpers-2.4.20.patch.gz -c | patch -p1 > gunzip ebtables-v2.0.003_vs_2.4.20.diff.gz -c | patch -p1 > ... > " > > My problem is that I just can´t apply the patches. I get the messages > "helpers-2.4.20.patch.gz: not in gzip format" > Is the patch corrupt? Am I doing something wrong? Maybe your file is corrupt; fresh from cvs: #file helpers-2.4.20.patch.gz helpers-2.4.20.patch.gz: gzip compressed data, deflated, original filename, `helpers-2.4.20.patch', last modified: Fri Nov 29 13:38:35 2002, os: Unix kp --- This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] sending Email from Bering 1.2
Hello felix you've got allready some answers, don't forget to open the firewall to connect to the net for mail . See : instructions at : http://leaf.sourceforge.net/doc/guide/bumail.html Regards Eric Wolzak member of the bering Crew > Hi All, > > how can I let my Bering 1.2 send me a email eg. with > the logs? > > > Thanks > > Felix --- This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] WAP
Thaks for answer. I'll be experimenting tomorrow. So you suggesting to plug cable form third NIC to normal plug not WAN plug and than that should work like switch with 2 UTPs outs and WiFi out. That sounds right. My thinking was that wired lan is 192.168.1.201/24 and WiFi on third interface DMZ with 192.168.0.0/24. I run static IPs on my LAN so lack of DHCP is no problem. I need to make mt three interfaces image and make some changes. Thanks for help again. Andrey Ray Olszewski wrote: At 10:08 PM 10/16/2003 -0400, C. Dummy wrote: I bought D-link 714 P+. There is no option to disable firewall on this router.From FAQ: You cannot disable the firewall on the router. D-Link routers use *NAT* (Network Address Translation) which allows multiple hosts to share a single address and make many concurrent connections. All D-Link routers have a DMZ option which will open all incoming ports to a single computer on your local network. That gives me connection to one computer using firewall from Bering box. I'm not sure if double NAT is good. There would be NAT from Bering box and than NAT from Router. Unless Bering box will treat router as a single IP adress and Router will NAT wireless machines. Anybody has any ideas how to make all these connections. I have Bering (1.2) box, running 3 computers on switch. Simple two interface setup. I need WAP for 2 laptops at the pick to browse internet. From what I read I should switch to 3 interfaces setup and put WiFi router on third NIC in DMZ. That would give me double NAT. Will this work? Should I try different setup? Andrey Well ... one option that will probably work is to use the device just as a WAP and ignore the router part entirely. I'm assuming here that the 714 has both wireless and UTP ports on the internal side (I have a 713P here, and that's what it has). To do this, you connect the LEAF router to an internal UTP port on the D-Link and make sure the LEAF interface you use is on the same network as the wireless hosts. You also need to tell the wireless hosts that the LEAF router, not the D-Link, is their default gateway, whch may mean you cannot use the D-Link for DHCP assignment. It's not so much that you "disable" the firewall as that it is that you just don't connect the external interface to anything. I haven't run this WAP recently, but when I did, this sort of configuration worked for me. I also used a double-NAT variant of the sort you describe, and that worked too (but I didn't test it with anything tricky or demanding). As to whether to put the WAP on the LAN or on a DMZ arrangement ... that depends on the general security model you use with your LAN. There is no short, one-size-fits-all answer to that one. --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email sponsored by: Enterprise Linux Forum Conference & Expo The Event For Linux Datacenter Solutions & Strategies in The Enterprise Linux in the Boardroom; in the Front Office; & in the Server Room http://www.enterpriselinuxforum.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
