[leaf-user] How do I set 50-line mode for VGA console (Bering uClibc 2.2b5)

[freeman groups]

For SSH  ttyS0 I can achieve this but I cannot figure out how to have 
my VGA monitor console on my Bering uClibc box give me 50 line display, 
akin to the DOS command mode con lines=50 cols=80

I've tried adding each of the following to isolinux.cfg (even separately 
testing with syslinux.cfg) but none had /any/ effect:
   vga=2
   vga=ask
   vga=ext
   vga=extended
   etc.

In my reading I've discovered that I may be in need of one or more of:
   setfont
   svgatextmode
   vidmode (aka rdev)
   fbset
but these all seem either unavailable or can't be found in handily, 
pre-compiled uClibc versions or appear to be unduly complex.

Is there an easy way to do what I want? Even a complex way?
Thanks for LEAF!
scott; canada

---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] How do I set 50-line mode for VGA console (Bering uClibc 2.2b5)

[Frank Dauer]

Hi,

 I've tried adding each of the following to isolinux.cfg (even 
 separately testing with syslinux.cfg) but none had /any/ effect:
 vga=2
 vga=ask
 vga=ext
 vga=extended
 etc.

as far as I can see the selection of vga modes is not compiled into
the default kernel. If you want your options to work you'll have to
build a new kernel for Bering with CONFIG_VIDEO_SELECT=y

Of course you could use the frame buffer device, which isn't compiled
into the default kernel, too

Bye,

Frank


---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21alloc_id040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Road-warrior trouble: was Please Help: How to turn on Nat Traversal in Bering?

[Tibbs, Richard]

-Original Message-
From: Erich Titl [mailto:[EMAIL PROTECTED] 
Sent: Monday, July 26, 2004 4:00 PM
To: Tibbs, Richard; [EMAIL PROTECTED]
Subject: RE: [leaf-user] Road-warrior trouble: was Please Help: How to turn on Nat 
Traversal in Bering?


Rick

At 19:56 26.07.2004, you wrote:
After long delay getting back to this...
Thanks, Erich!
Yes, nat_traversal=yes removes the [disabled] portion of the auth.log
record. This is on both firewalls below.

Mhhh, so nat-traversal is compiled in


But, I am having other problems with the home win2k machine. What I am 
doing is using Bering 1.2 at both home and work firewalls. Home is 
Bering 1.2 on two floppys, internal network 192.168.1.0/24, ext. static 
IP 216.12.x.y . Work firewall is Bering CD, internal 192.168.10.0/24 
external IP 137.45.w.z.

The setup is
W2k --- homefw --- internet ---university.net -- W2k --- ethsw --- 
workfw
--- int.subnet
^^ ^  ^
192.168.1.3  216.12.x.y   137.45.p.q  137.45.w.z 
192.168.10.0/24
Can't ping 192.168.10.13 Can ping 192.168.10.13

The symptom is that with identical road-warrior style configs on both 
W2K
machines, the results are different.  Also, the university has no firewall 
(checked with acad. Computing).
We have university laptops that we take home with the cisco ipsec client 
and I can attach these to the internal home network and connect up fine... 
So the university router ACLs appear to allow ipsec traffic in and out.

OK, but NAT occurs on both homefw _and_ workfw?
Rick:Yes, masquerading on outbound traffic (SNAT)

This is with outbound-filter (same on both win2k security settings) 
source = my ipaddress/32 dest= 192.168.10.0/24
out-tunnel = 137.45.192.69 --- work fw external IP

inbound-filter
source= 192.168.10.0/24
dest=my IP addresss/32
in-tunnel = 192.168.1.3 (ip address on home win2k machine)

Are these the Cisco settings, so the Cisco VPN client builds a tunnel to 
137.45.192.69?
Rick: Nope, the cisco client connects to, I suspect, a cisco router running a vpn 
server. 

I get no event errors in the Event Viewer, no shorewall log errors, but 
100% packet loss over all 12 pings.

Pings from where to where?
Rick: Pings from the win2k machine to a machine (192.168.10.13) on the office network.

The only salient differences seem to be that
1) in the inbound tunnel address is private address on home w2k, and
2) going trhough two firewalls instead of one.

Mhhh... at home your source address is in the 192.168.1.0/24 subnet, at 
work it is in the 137.45.x.y subnet
Rick: Yes. 

What about ipsec barf? Not that I am very good at deciphering it, but it 
holds a lot of information.
Rick: I will give that a try  get back to you later.

cheers

Erich

THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16




---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21alloc_id040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] ioperm

[Felix Theodor]

Hello,

I try to run this example in my leaf box.
And I get the message: ioperm: opperation not permit


thank you for any advice
felix


/*
 * example.c: very simple example of port I/O
 *
 * This code does nothing useful, just a port write, a
pause,
 * and a port read. Compile with `gcc -O2 -o example
example.c',
 * and run as root with `./example'.
 */

#include stdio.h
#include unistd.h
#include asm/io.h

#define BASEPORT 0x378 /* lp1 */

int main()
{
  /* Get access to the ports */
  if (ioperm(BASEPORT, 2, 1)) {perror(ioperm);
exit(1);}

  /* Set the data signals (D0-7) of the port to all
low (0) */
  outb(0, BASEPORT);

  /* Sleep for a while (100 ms) */
  usleep(10);

  /* Read from the status port (BASE+1) and display
the result */
  printf(status: %d\n, inb(BASEPORT + 1));

  /* We don't need the ports anymore */
  if (ioperm(BASEPORT, 3, 0)) {perror(ioperm);
exit(1);}

  exit(0);
}

/* end of example.c */ 








___
Gesendet von Yahoo! Mail - Jetzt mit 100MB Speicher kostenlos - Hier anmelden: 
http://mail.yahoo.de


---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] ioperm

[Luis.F.Correia]

 
Hi!

This is a GRSecurity issue, to protect system integrity, it forbids direct
I/O access.


Luis Correia   
Bering uClibc Team Member

PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 
Key Server: http://pgp.mit.edu


 -Original Message-
 From: Felix Theodor [mailto:[EMAIL PROTECTED] 
 Sent: Tuesday, July 27, 2004 1:08 PM
 To: [EMAIL PROTECTED]
 Subject: [leaf-user] ioperm
 
 Hello,
 
 I try to run this example in my leaf box.
 And I get the message: ioperm: opperation not permit
 
 
 thank you for any advice
 felix
 
 
 /*
  * example.c: very simple example of port I/O
  *
  * This code does nothing useful, just a port write, a
 pause,
  * and a port read. Compile with `gcc -O2 -o example
 example.c',
  * and run as root with `./example'.
  */
 
 #include stdio.h
 #include unistd.h
 #include asm/io.h
 
 #define BASEPORT 0x378 /* lp1 */
 
 int main()
 {
   /* Get access to the ports */
   if (ioperm(BASEPORT, 2, 1)) {perror(ioperm);
 exit(1);}
 
   /* Set the data signals (D0-7) of the port to all
 low (0) */
   outb(0, BASEPORT);
 
   /* Sleep for a while (100 ms) */
   usleep(10);
 
   /* Read from the status port (BASE+1) and display
 the result */
   printf(status: %d\n, inb(BASEPORT + 1));
 
   /* We don't need the ports anymore */
   if (ioperm(BASEPORT, 3, 0)) {perror(ioperm);
 exit(1);}
 
   exit(0);
 }
 
 /* end of example.c */ 
 
 
 
 
   
 
   
   
 ___
 Gesendet von Yahoo! Mail - Jetzt mit 100MB Speicher kostenlos 
 - Hier anmelden: http://mail.yahoo.de
 
 
 ---
 This SF.Net email is sponsored by BEA Weblogic Workshop
 FREE Java Enterprise J2EE developer tools!
 Get your free copy of BEA WebLogic Workshop 8.1 today.
 http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click
 --
 --
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
 


---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Bering-uClibc_2.2-beta5 w/ OpenVPN ver 1.6.0 Rev 1 Multiple Tunne l

[M Lu]

Yes, it is possible. For each tunnel you have one .conf file in
/etc/openvpn. The OpenVPN script will create the tunnels for you. You also
need to modify shorewall to allow the new tunnels. Do a search on the mail
archive on this topic.

M Lu


- Original Message - 
From: Chris Lee [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, July 27, 2004 12:36 AM
Subject: [leaf-user] Bering-uClibc_2.2-beta5 w/ OpenVPN ver 1.6.0 Rev 1
Multiple Tunne l


 Is it possible to setup more than can one OpenVPN tunnel per Server?
 If yes, how?

 i.e. Main Server --Tunnel upd:5000-- Server A
  ^--Tunnel upd:5001-- Server B
  ^--Tunnel upd:5002-- Server C

 I am using Bering-uClibc_2.2-beta5 w/ OpenVPN ver 1.6.0 Rev 1

 Many thanks in advance.

 Regards,
 Chris Lee


 ---
 This SF.Net email is sponsored by BEA Weblogic Workshop
 FREE Java Enterprise J2EE developer tools!
 Get your free copy of BEA WebLogic Workshop 8.1 today.
 http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Need advice to shoose solution

[Alexander Belck]

I need to connect several smal health offices to the center office in a secure
conection over the Internet.
I intend to use uBering as the firewall on each unit, but do not know what to
shoose to securely conect them.

There is stunel, pptp, IPSec, OpenVPN 

At the center office is a squid-proxy, the mail server and the database of the
administration software.
I think that only the access to the administration stuff must realy be secured,
as web and e-mail travels anyway over the unsecure internet.

I realy dont't know how to decide between them. Any guideline would be
apreciated.

Thanks,

Alex

--
ATIX Tecnologia e Com Ltda
Tel.: +55-(11) 4667-5900


This message was sent using IMP, the Internet Messaging Program.


---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Shorewall logs have bad dates in them

[John Desmond]

Sorry if this has been covered before. It looks like a
real obvious problem, but I'm all Google-eyed from
looking for it and couldn't find anything on it.

I'm using Shorewall 2.0.2f and the logs always have
Dec 31 19:00:00 for the date for REJECTS in the
all2all chain.

Example log from today:

Jul 27 11:50:56 firewall Shorewall:net2all:DROP:
IN=ppp0 OUT= MAC= SRC=219.150.118.21 DST=138.88.147.32
LEN=1147 TOS=00 PREC=0x00 TTL=107 ID=60031 CE
PROTO=UDP SPT=15008 DPT=1026 LEN=1127
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.185
LEN=331 TOS=00 PREC=0x00 TTL=64 ID=46672 CE DF
PROTO=UDP SPT=67 DPT=68 LEN=311
Dec 31 19:00:00 firewall Shorewall:all2all:REJECT: IN=
OUT=eth1 MAC= SRC=192.168.1.254 DST=192.168.1.185
LEN=331 TOS=00 PREC=0x00 TTL=64 ID=34851 CE DF
PROTO=UDP SPT=67 DPT=68 LEN=311
Jul 27 12:01:16 firewall Shorewall:net2all:DROP:
IN=ppp0 OUT= MAC= SRC=218.78.209.68 DST=138.88.147.32
LEN=1108 TOS=00 PREC=0x00 TTL=108 ID=48679 CE
PROTO=UDP SPT=18585 DPT=1026 LEN=1088

Have I misconfigured something?

-John



---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Road-warrior trouble: was Please Help: How to turn on Nat Traversal in Bering?

[Tibbs, Richard]

OK, at the end is the ipsec barf output (from home fw) for a few pings. 

So voluminous I snipped out much irrelevant stuff, but if anyone needs a section let 
me know.
I included the homefw config, which virtually identical to office except for the IPs. 
 
Interesting message from homefw = something about no NAT detected. That is technically 
correct, since both fw's are masquerading.  Maybe I need to figure out how to wrap the 
ipsec from win2k with UDP?

Any advice would be usefull.
TIA
Rick.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tibbs, Richard
Sent: Tuesday, July 27, 2004 7:47 AM
To: Erich Titl
Cc: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Road-warrior trouble: was Please Help: How to turn on Nat 
Traversal in Bering?




-Original Message-
From: Erich Titl [mailto:[EMAIL PROTECTED] 
Sent: Monday, July 26, 2004 4:00 PM
To: Tibbs, Richard; [EMAIL PROTECTED]
Subject: RE: [leaf-user] Road-warrior trouble: was Please Help: How to turn on Nat 
Traversal in Bering?


Rick

At 19:56 26.07.2004, you wrote:
After long delay getting back to this...
Thanks, Erich!
Yes, nat_traversal=yes removes the [disabled] portion of the auth.log 
record. This is on both firewalls below.

Mhhh, so nat-traversal is compiled in


But, I am having other problems with the home win2k machine. What I am
doing is using Bering 1.2 at both home and work firewalls. Home is 
Bering 1.2 on two floppys, internal network 192.168.1.0/24, ext. static 
IP 216.12.x.y . Work firewall is Bering CD, internal 192.168.10.0/24 
external IP 137.45.w.z.

The setup is
W2k --- homefw --- internet ---university.net -- W2k --- ethsw ---
workfw
--- int.subnet
^^ ^  ^
192.168.1.3  216.12.x.y   137.45.p.q  137.45.w.z 
192.168.10.0/24
Can't ping 192.168.10.13 Can ping 192.168.10.13

The symptom is that with identical road-warrior style configs on both
W2K
machines, the results are different.  Also, the university has no firewall 
(checked with acad. Computing).
We have university laptops that we take home with the cisco ipsec client 
and I can attach these to the internal home network and connect up fine... 
So the university router ACLs appear to allow ipsec traffic in and out.

OK, but NAT occurs on both homefw _and_ workfw?
Rick:Yes, masquerading on outbound traffic (SNAT)

This is with outbound-filter (same on both win2k security settings)
source = my ipaddress/32 dest= 192.168.10.0/24
out-tunnel = 137.45.192.69 --- work fw external IP

inbound-filter
source= 192.168.10.0/24
dest=my IP addresss/32
in-tunnel = 192.168.1.3 (ip address on home win2k machine)

Are these the Cisco settings, so the Cisco VPN client builds a tunnel to 
137.45.192.69?
Rick: Nope, the cisco client connects to, I suspect, a cisco router running a vpn 
server. 

I get no event errors in the Event Viewer, no shorewall log errors, but
100% packet loss over all 12 pings.

Pings from where to where?
Rick: Pings from the win2k machine to a machine (192.168.10.13) on the office network.

The only salient differences seem to be that
1) in the inbound tunnel address is private address on home w2k, and
2) going trhough two firewalls instead of one.

Mhhh... at home your source address is in the 192.168.1.0/24 subnet, at 
work it is in the 137.45.x.y subnet
Rick: Yes. 

What about ipsec barf? Not that I am very good at deciphering it, but it 
holds a lot of information.
Rick: I will give that a try  get back to you later. --- now homefw here, below:
lots of crud snipped out
# basic configuration
config setup
# THIS SETTING MUST BE CORRECT or almost nothing will work;
# %defaultroute is okay for most simple cases.
interfaces=ipsec0=eth0
# Debug-logging controls:  none for (almost) none, all for lots.
klipsdebug=none
plutodebug=none
# Use auto= parameters in conn descriptions to control startup actions.
plutoload=%search
plutostart=%search
# Close down old connection when new one using same ID shows up.
uniqueids=yes
nat_traversal=yes


# defaults for subsequent connection descriptions
conn %default
# How persistent to be in (re)keying negotiations (0 means very).
keyingtries=0
# RSA authentication with keys from DNS.
#authby=rsasig
#leftrsasigkey=%dns
#rightrsasigkey=%dns
authby=secret
left=216.12.22.89
leftsubnet=192.168.1.0/24
leftnexthop=%direct
leftfirewall=yes
pfs=yes
auto=add

conn road-warrior
right=%any


# connection description for (experimental!) opportunistic encryption
# (requires KEY record in your DNS reverse map; see doc/opportunism.howto)
conn me-to-anyone
#left=%defaultroute
#right=%opportunistic
# uncomment to enable incoming; change to auto=route for outgoing
#auto=add



# 

Re: [leaf-user] Shorewall logs have bad dates in them

[Tom Eastep]

John Desmond wrote:
Sorry if this has been covered before. It looks like a
real obvious problem, but I'm all Google-eyed from
looking for it and couldn't find anything on it.
I'm using Shorewall 2.0.2f and the logs always have
Dec 31 19:00:00 for the date for REJECTS in the
all2all chain.
I don't know the source of your problem but I can tell you that the 
version of Shorewall is irrelevant since Shorewall has nothing to do 
with generating or displaying dates in these log messages.

-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA  \ [EMAIL PROTECTED]

---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Shorewall logs have bad dates in them

[Erich Titl]

John
At 20:52 27.07.2004, you wrote:
John Desmond wrote:
Sorry if this has been covered before. It looks like a
real obvious problem, but I'm all Google-eyed from
looking for it and couldn't find anything on it.
I'm using Shorewall 2.0.2f and the logs always have
Dec 31 19:00:00 for the date for REJECTS in the
all2all chain.
I don't know the source of your problem but I can tell you that the 
version of Shorewall is irrelevant since Shorewall has nothing to do with 
generating or displaying dates in these log messages.
The puzzling thing is the time stamp, 5 hours off the 1st of january 
(probably UTC), somehow it looks like an empty date field converted somehow 
to east coast time 

A guess would be to ask around in the netfilter team.
Erich
THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16

---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21alloc_id040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Connecting to Exchange Server using VPN through Bering 2.0

[Darcy Parker]

Good day all,

Our network at work has MS Remote Access Server (RAS) running and I connect
to the network using MS VPN connection from my WinXP box at Home.  I am
going through a Bering uClibC 2.0 LRP box and this works no problem.
However, I can only make a single connection to the VPN.  A connection
attempt from a second machine also behind the FW fails.  Is this because of
masquerading?  Is there anyway to establish a connection from a second
machine behind the same firewall?

Best Regards,
Darcy



---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721alloc_id=10040op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html