RE: [leaf-user] weblet

2004-08-12 Thread Chris Lee 
Dear  Livio,

Thanks for your suggestion, I almost forgot ssh port fordwaring feature. :^)
Working great now. 

Just for your info: weblet default use port 80 

Regards,
Chris Lee

> 
> I wouldn't go this way.
> 
> Just get ssh up and running on the WAN interface and redirect 
> the weblet port(Is it port 5000?)


---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] syst_size not working in leaf.cfg

2004-08-12 Thread Peter Mueller 
> I'm using the Bering-uClibc_2.2-rc1  
>  _img_bering-uclibc-1680.exe?download> 
> floppy image. When I attempt to change the
> root file system size ( syst_size=12M ) in leaf.cfg I get an 
> error ( for 
> mount option 'size' )
> and the root file system gets sized at 4M, which causes 
> problems. I need 
> more than
> the 6M default root file system size.

I'm sure there's a better way, but I ran into something of the same problem.
I put the parameters into syslinux.cfg and that worked for me.  E.g.:

serial 0 19200
display syslinux.dpy
timeout 0
default bzimage initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0
syst_size=20M log_size=20M tmpfs_size=256M LEAFCFG=/dev/hda1:msdos


---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] CISCO 1600 Router Replacment

2004-08-12 Thread Ray Olszewski 
Thanks for the additional details, Chris. As you'll see in my comments 
below, you don't need LEAF to do "everything" the Cisco can do. What you 
need is much easier to achieve than some of us had guessed based on your 
earlier, more general question. Whether LEAF (or any Linux-based routing) 
is a good choice for this setting, though, remains uncertain, due to some 
residual vagueness in your report.

At 03:54 PM 8/12/2004 +0800, Chris Lee wrote:
Dear Ray,
Thanks for your reply.
Here is the existing setup
Internet --> NetDSL Cable Modem --> CISCO Router --> Intranet
What I want is:
Internet --> NetDSL Cable Modem --> leaf  --> Intranet
There is two port (DSL, Ethernet) for ARESCOM NetDSL 1000 Cable Modem, which
I think work like this:
ISP --> DSL port --> NetDSL --> Ethernet --> CISCO 1605 Ethernet port 1
For CISCO, it only use two port, Ethernet Port 1 (From NetDSL) and Ethernet
Port 0 to Internat Hub.
OK. This is good. You are not using any of the more esoteric interface 
possibilities available with the 1600 series (ISDN, DS1), so the concerns 
raised in yesterday's messages are irrelevant to your actual needs. At the 
physical interface level, the router exchange should be a straight swap.

As I don't know how to config CISCO, I use Getif to peek the config via
SNMP.
Is SNMP important to your requirements? I believe LEAF *can* provide SNMP 
(I know Linux can, but I don't recall if the required stuff has been 
packaged for, for example, Beting-uClibc). But SNMP is not a particular 
strength of Linux or LEAF.

For Interface, it show:
descr.  ip address
Ethernet0   10.0.108.254/255.255.255.0
203.198.77.78/255.255.240
Ethernet1   172.23.76.154/255.255.255.252
Tunnel5 192.168.79.94/255.255.255.252
I think Ethernet1 is the WAN IP address?? And don't know what is Tunnel5?
From examination of your routing table below, I'd infer that
A. Your LAN uses two address ranges:
10.0.108.0/24 -- a private range that needs to be NAT'd
203.198.77.78/27 -- a public range that can be routed
directly (without NAT)
B. Your physical external network is 172.23.76.152/30. I suspect that this 
communicates with the DSL modem, which probably has IP address 
172.23.76.153. It in turn routes to the external private address range 
172.16.0.0/20, whcih you ISP probably uses for some internal purposes.

C. Your "true" external connection (the one with your default gateway) is 
the Tunnel1 interface. From its name, I'd guess it is some sort of VPN. 
There are many "standards" for VPNs, and there is no way to know if you can 
use LEAF, or even Linux in any form, with yours until you find out what 
sort of VPN this is. You find this out from your ISP. Also note that this 
"true" external connection is a private-range address. Your ISP is doing 
something special with this ... either upstream NAT'ing, though your use of 
a real /28 internal network makes this unlikely, or some non-standard 
routing ... to let it connect to the Internet. Before you switch routers, 
you simply must get your ISP to explain what it is doing here.


For Address:
int.address/mask
1   10.0.108.254/255.255.255.0
5   172.23.76.154/255.255.255.252
4   192.168.79.94/255.255.255.252
1   203.198.77.78/255.255.255.240
* Don't know what int. column stand for?
For Routing Table:
int.dest.   next hopmasktype
proto   age
4   0.0.0.0 192.168.79.94   0.0.0.0 direct
local   0
1   10.0.108.0  203.198.77.78   255.255.255.0   direct
local   0
0   172.16.0.0  172.23.76.153   255.240.0.0 indirect
local   10
0   172.22.254.49   172.23.76.153   255.255.255.255 indirect
local   11
2   172.23.76.152   172.23.76.154   255.255.255.252 direct  local   0
4   192.168.79.92   192.168.79.94   255.255.255.252 direct  local   0
1   203.198.77.64   203.198.77.78   255.255.255.240 direct  local   0
First I want leaf to peform normat NAT router for range of internet ip
address
No problem. This is one of the main things stock LEAF, any variant, does,
Then, I want to setup SNMP to collect networking perform per ip
As I said above, SNMP support is not s strength of Linux. It can be done, 
and probably some LEAF variants support SNMP. But "collect networking 
perform per ip" is a wee bit vague as to details, so I can't say how easy 
it would be to do what you actually want (or to replicate whatever the 
Cisco is now doing for you).

Finally, setup QOS for each ip.
Some LEAF variants support this in some fashions. Again, you'll want to be 
a bit more specific about what you hope to accomplish (or what you're doing 
now, if the Cisco does this) to get good feedback.



---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off

[leaf-user] syst_size not working in leaf.cfg

2004-08-12 Thread Paul Zimm 
I'm using the Bering-uClibc_2.2-rc1  
 
floppy image. When I attempt to change the
root file system size ( syst_size=12M ) in leaf.cfg I get an error ( for 
mount option 'size' )
and the root file system gets sized at 4M, which causes problems. I need 
more than
the 6M default root file system size.
 


---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] CISCO 1600 Router Replacment

2004-08-12 Thread George Metz 
Chris Lee wrote:
As I don't know how to config CISCO, I use Getif to peek the config via
SNMP.
For Interface, it show:
descr.  ip address
Ethernet0   10.0.108.254/255.255.255.0
203.198.77.78/255.255.240
Ethernet1   172.23.76.154/255.255.255.252
Tunnel5 192.168.79.94/255.255.255.252
I think Ehternet1 is the WAN IP address?? And don't know what is Tunnel5?
Woopsie. Tunnel5 is your default gateway interface. It's either an IPSec 
or PPTP tunnel from your location back you your ISP, and that means a 
couple of things:

1. Your ISP is likely to get grouchy if they don't own the system 
connecting to them via the tunnel;

2. You'll need the information your ISP is using to form the tunnel, 
obtainable probably from the ISP only, especially if you're not familiar 
with configuring a Cisco.

First I want leaf to peform normat NAT router for range of internet ip
address
Then, I want to setup SNMP to collect networking perform per ip
Finally, setup QOS for each ip.
It is possible?
It is, but is there any reason that it HAS to replace the Cisco? LEAF 
would work quite well sitting right behind the Cisco, and while it might 
be a bit redundant, at least you wouldn't have to worry about your ISP 
wanting access to your firewall - something nearly guaranteed to mess it up.

You might get lucky and have a good ISP who would be willing to work 
with you on the subject, so it can't hurt to ask them - you'd need to 
get all the tunnel info anyhow - but from personal experience, most 
commercial internet companies are really leery of letting their 
customers control whatever the inbound side of the line is connected to, 
simply because it makes their lives far harder.

---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] CISCO 1600 Router Replacment

2004-08-12 Thread Livio Ravetto 
hi Chris, List
regarding the SNMP stuff, I am afraid I cannot answer. I don't know if leaf is capable 
of doing this. (might be)
for what is of NAT'ing the LAN, it is quite easy.
and for QoS, you wouldn't normaly have to worry about this. Shorewall can do this 
(check shorewall.net for more details) or should I say there are some parameters in 
shorewall relating to QoS. Tom E is the best to reply on that one.
Cheers
Livio

---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] weblet

2004-08-12 Thread Livio Ravetto 
<<<
hi,
Is it possible to connect weblet via internet and password protected?
Regards,
Chris Lee

I wouldn't go this way.
Just get ssh up and running on the WAN interface and redirect the weblet port(Is it 
port 5000?)
in other words, from a unix command line:
ssh -L5000:127.0.0.1:5000 root@
then on YOUR local machine, go into the browser and type 

http://127.0.0.1:5000
you should get what you want without opening yet another port on the firewall.
you may have to configure your exception list on your browser.
The ssh command means "connect as user root to firewall ip xxx.xxx.xxx.xxx setting up a 
tunnel from port 5000 to remote port 5000"

---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] weblet

2004-08-12 Thread Chris Lee 
hi,

Is it possible to connect weblet via internet and password protected?

Regards,
Chris Lee


---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] CISCO 1600 Router Replacment

2004-08-12 Thread Chris Lee 
Dear Ray,

Thanks for your reply.

Here is the existing setup

Internet --> NetDSL Cable Modem --> CISCO Router --> Intranet

What I want is:

Internet --> NetDSL Cable Modem --> leaf  --> Intranet


There is two port (DSL, Ethernet) for ARESCOM NetDSL 1000 Cable Modem, which
I think work like this:
ISP --> DSL port --> NetDSL --> Ethernet --> CISCO 1605 Ethernet port 1

For CISCO, it only use two port, Ethernet Port 1 (From NetDSL) and Ethernet
Port 0 to Internat Hub.

As I don't know how to config CISCO, I use Getif to peek the config via
SNMP.

For Interface, it show:

descr.  ip address
Ethernet0   10.0.108.254/255.255.255.0
203.198.77.78/255.255.240

Ethernet1   172.23.76.154/255.255.255.252

Tunnel5 192.168.79.94/255.255.255.252

I think Ehternet1 is the WAN IP address?? And don't know what is Tunnel5?

For Address:
int.address/mask
1   10.0.108.254/255.255.255.0
5   172.23.76.154/255.255.255.252
4   192.168.79.94/255.255.255.252
1   203.198.77.78/255.255.255.240

* Don't know what int. column stand for?

For Routing Table:
int.dest.   next hopmasktype
proto   age
4   0.0.0.0 192.168.79.94   0.0.0.0 direct
local   0
1   10.0.108.0  203.198.77.78   255.255.255.0   direct
local   0
0   172.16.0.0  172.23.76.153   255.240.0.0 indirect
local   10
0   172.22.254.49   172.23.76.153   255.255.255.255 indirect
local   11
2   172.23.76.152   172.23.76.154   255.255.255.252 direct  local   0
4   192.168.79.92   192.168.79.94   255.255.255.252 direct  local   0
1   203.198.77.64   203.198.77.78   255.255.255.240 direct  local   0

First I want leaf to peform normat NAT router for range of internet ip
address
Then, I want to setup SNMP to collect networking perform per ip
Finally, setup QOS for each ip.

It is possible?

Regards,
Chris Lee


---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift.
http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html