[leaf-user] lets talk about something--anything!

2005-06-28 Thread cpu memhd 
Only 64 messages this month. Are less and less people using leaf, what
is going on with everyone? I have been slowley rolling out leaf boxes
to about 16 locations. I couldn't have asked for a better
firewall/router. I'd like to very much thank the leaf developers for
their continued efforts. -cpu




 
Yahoo! Sports 
Rekindle the Rivalries. Sign up for Fantasy Football 
http://football.fantasysports.yahoo.com


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] lets talk about something--anything!

2005-06-28 Thread Matthew Pozzi 
Well here is one to ask about!

My uclibc router has been playing up of late, its loosing its networking. So
much so that an svi networking restart comes up with no IP addresses. Ifdown
then ifup of the individual interfaces will work.

The DSL connection will come up but it will show the output that should be
going to logs on /dev/console, same with mgetty, its coming up on the screen
too. Its most frustrating, I think there is a logging issue and a networking
issue. Time to back it allup and start again otherwise.

Regards,
Matt  

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of cpu memhd
 Sent: Tuesday, June 28, 2005 4:55 PM
 To: leaf-user@lists.sourceforge.net
 Subject: [leaf-user] lets talk about something--anything!
 
 Only 64 messages this month. Are less and less people using 
 leaf, what is going on with everyone? I have been slowley 
 rolling out leaf boxes to about 16 locations. I couldn't have 
 asked for a better firewall/router. I'd like to very much 
 thank the leaf developers for their continued efforts. -cpu



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] lets talk about something--anything!

2005-06-28 Thread James Neave 
Maybe it's been perfected? ^^

Jim.

-Original Message-
From: cpu memhd [mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 07:55
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] lets talk about something--anything!

Only 64 messages this month. Are less and less people using leaf, what
is going on with everyone? I have been slowley rolling out leaf boxes
to about 16 locations. I couldn't have asked for a better
firewall/router. I'd like to very much thank the leaf developers for
their continued efforts. -cpu

The information in this email is confidential and may be legally privileged.  
It is intended solely for the addressee.  Access to this email by anyone else 
is unauthorised.

If you are not the intended recipient, any disclosure, copying, distribution or 
any action taken or omitted to be taken in reliance on it is prohibited and may 
be unlawful.

The contents of an attachment to this email may contain software viruses that 
could damage your own computer systems.  Whilst The Spur Group of Companies has 
taken every precaution to minimise the risk, we cannot accept liability for any 
damage that you sustain as a result of software viruses.



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] lets talk about something--anything!

2005-06-28 Thread Arne Bernin 
On Tue, 2005-06-28 at 17:56 +1000, Matthew Pozzi wrote:
 Well here is one to ask about!
 
 My uclibc router has been playing up of late, its loosing its networking. So
 much so that an svi networking restart comes up with no IP addresses. Ifdown
 then ifup of the individual interfaces will work.
 
 The DSL connection will come up but it will show the output that should be
 going to logs on /dev/console, same with mgetty, its coming up on the screen
 too. Its most frustrating, I think there is a logging issue and a networking
 issue. Time to back it allup and start again otherwise.
 

hmm. could be that klogd or syslog are not running. You should get rid
of the messages with a dmesg -n 1 on your console...
Sounds like Problems with your start scripts, but that's nothing new to
you, i suppose.
Which Version of bering-uclibc are you using ?
if you make a ps on your router, do you see /sbin/syslogd
and /sbin/klogd ?

 Regards,
 Matt  


--arne
-- 
Arne Bernin [EMAIL PROTECTED]

http://www.ucBering.de





---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread ciprian niculescu 
i coulndt get it to work, the only answer that i got was to RTFM, i did 
i reask still nothing, so ill put debian :P but leaf sounded nice


c

P.S. with this small amount of mails i forgot to unsubscribe :)

James Neave wrote:

Maybe it's been perfected? ^^

Jim.

-Original Message-
From: cpu memhd [mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 07:55

To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] lets talk about something--anything!

Only 64 messages this month. Are less and less people using leaf, what
is going on with everyone? I have been slowley rolling out leaf boxes
to about 16 locations. I couldn't have asked for a better
firewall/router. I'd like to very much thank the leaf developers for
their continued efforts. -cpu

The information in this email is confidential and may be legally privileged.  
It is intended solely for the addressee.  Access to this email by anyone else 
is unauthorised.

If you are not the intended recipient, any disclosure, copying, distribution or 
any action taken or omitted to be taken in reliance on it is prohibited and may 
be unlawful.

The contents of an attachment to this email may contain software viruses that 
could damage your own computer systems.  Whilst The Spur Group of Companies has 
taken every precaution to minimise the risk, we cannot accept liability for any 
damage that you sustain as a result of software viruses.



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] lets talk about something--anything!

2005-06-28 Thread David Pitts 
 
LEAF is very nice!  I started as a Linux newbie (still applies!!) but I
managed with the help of this list to set up a firewall/router on an old
Pentium with DHCP, VPN and SSH all on a 1.44 floppy!!  Works like a
bought one!  And much more fun to play with!!

Thanks folks.

PS.  Its about time I upgraded to a later version so I thought maybe
some nice words (but very true!!) might make you all more likely to help
when I need it!!

PS   That was a joke!

David Pitts  

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of ciprian
niculescu
Sent: Tuesday, 28 June 2005 5:22 PM
To: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] lets talk about something--anything!

i coulndt get it to work, the only answer that i got was to RTFM, i did
i reask still nothing, so ill put debian :P but leaf sounded nice

c

P.S. with this small amount of mails i forgot to unsubscribe :)

James Neave wrote:
 Maybe it's been perfected? ^^
 
 Jim.
 
 -Original Message-
 From: cpu memhd [mailto:[EMAIL PROTECTED]
 Sent: 28 June 2005 07:55
 To: leaf-user@lists.sourceforge.net
 Subject: [leaf-user] lets talk about something--anything!
 
 Only 64 messages this month. Are less and less people using leaf, what

 is going on with everyone? I have been slowley rolling out leaf boxes 
 to about 16 locations. I couldn't have asked for a better 
 firewall/router. I'd like to very much thank the leaf developers for 
 their continued efforts. -cpu
 
 The information in this email is confidential and may be legally
privileged.  It is intended solely for the addressee.  Access to this
email by anyone else is unauthorised.
 
 If you are not the intended recipient, any disclosure, copying,
distribution or any action taken or omitted to be taken in reliance on
it is prohibited and may be unlawful.
 
 The contents of an attachment to this email may contain software
viruses that could damage your own computer systems.  Whilst The Spur
Group of Companies has taken every precaution to minimise the risk, we
cannot accept liability for any damage that you sustain as a result of
software viruses.
 
 
 
 ---
 SF.Net email is sponsored by: Discover Easy Linux Migration Strategies

 from IBM. Find simple to follow Roadmaps, straightforward articles, 
 informative Webcasts and more! Get everything you need to get up to 
 speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click
 --
 -- leaf-user mailing list: leaf-user@lists.sourceforge.net 
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/




---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread cpu memhd 
Hello James! If software is like fine art then nothing is finished
(perfected), only abandoned. There is always something to improve. But
in lots of ways, leaf does appear to be complete. The only thing
lacking perhaps, is better usability, not features. It seems that
upgrading a leaf box can be quite a challenge for many. Though I must
say, it is not a big deal for me, due the extensive changes I've made
(read, bastardization :).

Anyhow, I feel that lrcfg is in need of a major overhaul. I’m sure many
will disagree, but, you can’t start/stop services from within lrcfg.
And it would be nice to be able to save a package while in a package
menu (incidentally, I added this capability :). Another problem with
lrcfg is that once you have more than 20 config options they scroll off
the screen.

Btw, you had mentioned something a while back about a high-level tool
that could setup/configure a leaf box from A-to-Z. I was working on
wizard-like setup tool that could run off a bootable CD, but ultimately
decided it probably wasn’t what people wanted. I base this theory on
the fact that few people request this sort of thing and the fact that
Lince never really took off, what do you think? –cpu

James Neave wrote:

Maybe it's been perfected? ^^

Jim.



__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] lets talk about something--anything!

2005-06-28 Thread cpu memhd 
Hello Cirian, which lex system do you have? Sorry it didn’t work out. I
must admit, getting leaf to boot of an ide device was a pain for me.
Honestly, it took several days, lots of hours. Of course, once you
figure it out, it is much too easy. -cpu

ciprian niculescu wrote:

 i coulndt get it to work, the only answer that i got was to RTFM, i
did i reask still nothing, so ill put debian :P but leaf sounded nice

 c

 P.S. with this small amount of mails i forgot to unsubscribe :)



__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] lets talk about something--anything!

2005-06-28 Thread Matthew Pozzi 
Arne, one thing I like best about Leaf is this userlist! Leaf is great too.

Its uclibc 2.2 btw.

Yes to syslog and kogd running they are there. Its is strange, I was going
to do some raidn gon loggin to decipher these conf files and understand just
what was happening in there.

The networking has me perplexed, it ran for nearly 100 days with one IP
address on a dynamic service, wonderful in truth. The it started playing up,
nothing I can recall was done to make it do this. So much so that getting
rp-pppoe to get a new address is a manual process now, and after that the
console is useless as the output from rp-pppoe comes to the console.

I will find out what is happening. It does sound like startup scripts, but
why is doing this to me, its such a woderfully complicated little system and
it does so much,

Matt 

 ---
 hmm. could be that klogd or syslog are not running. You 
 should get rid of the messages with a dmesg -n 1 on your console...
 Sounds like Problems with your start scripts, but that's 
 nothing new to you, i suppose.
 Which Version of bering-uclibc are you using ?
 if you make a ps on your router, do you see /sbin/syslogd 
 and /sbin/klogd ?
 



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] lets talk about something--anything!

2005-06-28 Thread James Neave 
Hi,

As a software developer, I know all about finishing software. :)

I remember that. That stemmed from being stuck in a windows only
environment and the thought of upgrading our Bering (1.0 I believe,
maybe 1.1) router to include latest kernel and security related patches
gives me the screaming heebee jeebees.

We're running in not broken, so don't even think about touching it mode.

I guess it's probably not possible, but I was pondering at that time on
a way to automagically create the latest packages with old configuration
intact. Which you can't.

Technically I'm still (STILL!) working on multi house wireless networks
with multiple shared internet connections. Although we very rarely get
any time to work on it anymore, as soon as the kitchen is refurbished we
have sworn to work on it every Wednesday evening. 8D

Another feature we're looking at adding is multicast routing across VPN
tunnels. This will allow mDNS and other zero conf stuff to work across
our big net and switch on iTunes sharing between our subnets. I think.
:S
That all seems still very bleeding edge in Linux. Is there an
mrouted.lrp about?

We've managed to finally connect two houses, get ADSL working in linux
(we cheated and bought Ethernet ADSL modems, no firewall, no NAT, just
single IP DHCP) as well as 802.11b (cheated again, used an AP as a
wireless Ethernet bridge)

It's all over one ADSL line though. LARTC says how we set the rest up
although everything kinda points to none of this working very well with
such a low number of users (route caching :( ). Plus we have to patch
and recompile the kernel to get failover working for if a connection
goes down @

Erik Spakman offered to do the compiling for us though, which I will
take him up on, one day... when I'm old and grey at this rate. :P

Regards,

Jim.

-Original Message-
From: cpu memhd [mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 10:33
To: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] lets talk about something--anything!

Hello James! If software is like fine art then nothing is finished
(perfected), only abandoned. There is always something to improve. But
in lots of ways, leaf does appear to be complete. The only thing
lacking perhaps, is better usability, not features. It seems that
upgrading a leaf box can be quite a challenge for many. Though I must
say, it is not a big deal for me, due the extensive changes I've made
(read, bastardization :).

Anyhow, I feel that lrcfg is in need of a major overhaul. I'm sure many
will disagree, but, you can't start/stop services from within lrcfg.
And it would be nice to be able to save a package while in a package
menu (incidentally, I added this capability :). Another problem with
lrcfg is that once you have more than 20 config options they scroll off
the screen.

Btw, you had mentioned something a while back about a high-level tool
that could setup/configure a leaf box from A-to-Z. I was working on
wizard-like setup tool that could run off a bootable CD, but ultimately
decided it probably wasn't what people wanted. I base this theory on
the fact that few people request this sort of thing and the fact that
Lince never really took off, what do you think? -cpu

James Neave wrote:

Maybe it's been perfected? ^^

Jim.



__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

The information in this email is confidential and may be legally privileged.  
It is intended solely for the addressee.  Access to this email by anyone else 
is unauthorised.

If you are not the intended recipient, any disclosure, copying, distribution or 
any action taken or omitted to be taken in reliance on it is prohibited and may 
be unlawful.

The contents of an attachment to this email may contain software viruses that 
could damage your own computer systems.  Whilst The Spur Group of Companies has 
taken every precaution to minimise the risk, we cannot accept liability for any 
damage that you sustain as a result of software viruses.



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread ciprian niculescu 
i dont find the reference, but the chipset is via vt8601A with a via c3 
eden cpu http://www.silink.fr/produits/docs/stc_net.pdf


i tried to boot from the flash disk, when i have time i said ill try 
with a standard ide drive, and/or put another linux on it debian/rh as i 
boot on pxe so i can do a standard linux install


any help on why the flash don't boot, or at least how to check more 
deeplly, would be nice


C

cpu memhd wrote:

Hello Cirian, which lex system do you have? Sorry it didn’t work out. I
must admit, getting leaf to boot of an ide device was a pain for me.
Honestly, it took several days, lots of hours. Of course, once you
figure it out, it is much too easy. -cpu

ciprian niculescu wrote:



i coulndt get it to work, the only answer that i got was to RTFM, i


did i reask still nothing, so ill put debian :P but leaf sounded nice


c

P.S. with this small amount of mails i forgot to unsubscribe :)





__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread giovanni 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I use Bering 1.0  stable on that machine.
There are some issues: read carefully the manual that explains how to
boot from the ide (it is on the second IDE iface but at boot time it is
viewed as the first) This affects ALL booting from IDE disks/flash on
that machine: luckily this may be the default setting.
On syslinux.cfg you must address as:
boot=/dev/hdc1:msdos PKGPATH=/dev/hdc1
Remember that you need ide modules into initd.lrp
(to make this you must uncompress initrd.lrp then mount as loop the
uncompressed image ancd then put ide-mod.o ide-disk.o ide-probe-mod.o
into the directory mountpoint/boot/lib/modules and their names into
the file mountpoint/boot/etc/modules then umount and recompress)
This for bering 1.0-stable: it is so stable that I'm not planning to use
a newer one for the moment.

Hope this can help

Giovanni

ciprian niculescu wrote:
 i dont find the reference, but the chipset is via vt8601A with a via c3
 eden cpu http://www.silink.fr/produits/docs/stc_net.pdf
 
 i tried to boot from the flash disk, when i have time i said ill try
 with a standard ide drive, and/or put another linux on it debian/rh as i
 boot on pxe so i can do a standard linux install
 
 any help on why the flash don't boot, or at least how to check more
 deeplly, would be nice
 
 C
 
 cpu memhd wrote:
 
 Hello Cirian, which lex system do you have? Sorry it didn’t work out. I
 must admit, getting leaf to boot of an ide device was a pain for me.
 Honestly, it took several days, lots of hours. Of course, once you
 figure it out, it is much too easy. -cpu

 ciprian niculescu wrote:


 i coulndt get it to work, the only answer that i got was to RTFM, i


 did i reask still nothing, so ill put debian :P but leaf sounded nice

 c

 P.S. with this small amount of mails i forgot to unsubscribe :)





 __
 Do You Yahoo!?
 Tired of spam?  Yahoo! Mail has the best spam protection around
 http://mail.yahoo.com

 ---
 SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
 from IBM. Find simple to follow Roadmaps, straightforward articles,
 informative Webcasts and more! Get everything you need to get up to
 speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click
 
 leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/
 
 
 
 ---
 SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
 from IBM. Find simple to follow Roadmaps, straightforward articles,
 informative Webcasts and more! Get everything you need to get up to
 speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click
 
 leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/
 
 
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCwSwH8hC8JHP3DDQRAr//AKCYGu10jB1GhabozB6glQHpzhxMPwCgodoX
TXBXPoGmAjrhSiBcoFSbvVM=
=MOYg
-END PGP SIGNATURE-


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread cpu memhd 
I don't know how frequently LARTC is updated, but it looks like a work
in progress. Not to say it's bad, it is very good, just sometimes
incomplete. I briefly looked into multicast routing to setup broadcast
gre tunnels but quickly realized I was about to swim with sharks
(recompile kernel or somewhere in that realm, etc). Not that I'd have a
problem with that, but I've made enough changes to my leaf kernel
already. I still drool over the La Brea tarpit netfilter patch, but I
have to hold back. Eventually I will get that going, along with a nosey
shorewall.log-snopping awk daemon that will do wonderful things to
those who even dare look at my router :)

Anyway, technically it's quite possible to create a leaf upgrade tool,
but practically speaking, I also think it's impossible. It would be too
time consuming. Beta testing could go on forever. At the very least,
something to replace the config files and a few other key
considerations might be reasonable. Leaf is pretty much like the full
distros where everything is afforded to you. This is why I decided to
use it. Astaro, Mandrake MNF, Smoothwall et al are simply what me the
vendor thinks a firewall should be...and here is the config tool, take
it or leave it. In order to upgrade a system, boundaries must be in
place. But there are no boundaries here to begin with.

Regardless, I'd say that at the very, very least... a CF/HDD image
would make things a lot easier for a lot of people. -cpu

James Neave wrote:

Hi,

As a software developer, I know all about finishing software. :)

I remember that. That stemmed from being stuck in a windows only
environment and the thought of upgrading our Bering (1.0 I believe,
maybe 1.1) router to include latest kernel and security related
patches
gives me the screaming heebee jeebees.

We're running in not broken, so don't even think about touching it
mode.

I guess it's probably not possible, but I was pondering at that time
on
a way to automagically create the latest packages with old
configuration
intact. Which you can't.

Technically I'm still (STILL!) working on multi house wireless
networks
with multiple shared internet connections. Although we very rarely get
any time to work on it anymore, as soon as the kitchen is refurbished
we
have sworn to work on it every Wednesday evening. 8D

Another feature we're looking at adding is multicast routing across
VPN
tunnels. This will allow mDNS and other zero conf stuff to work across
our big net and switch on iTunes sharing between our subnets. I think.
:S
That all seems still very bleeding edge in Linux. Is there an
mrouted.lrp about?

We've managed to finally connect two houses, get ADSL working in linux
(we cheated and bought Ethernet ADSL modems, no firewall, no NAT, just
single IP DHCP) as well as 802.11b (cheated again, used an AP as a
wireless Ethernet bridge)

It's all over one ADSL line though. LARTC says how we set the rest up
although everything kinda points to none of this working very well
with
such a low number of users (route caching :( ). Plus we have to patch
and recompile the kernel to get failover working for if a connection
goes down @

Erik Spakman offered to do the compiling for us though, which I will
take him up on, one day... when I'm old and grey at this rate. :P

Regards,

Jim.



__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Network Configuration Ideas

2005-06-28 Thread Robert K Coffman Jr - Info From Data Corporation 
Ok, since CPU asked.

I didn't want to put this on list, because it isn't a Leaf question per se,
however I'm struggling with what to do with this.

In the simplest terms possible, I have a 4 subnet network, with each subnet
at a different physical location.  Location 1 has the internet connection,
and the core server (read:Citrix) for all the other locations.

Internet connectivity is via a proxy server on the location 1 subnet.  I
would like to eliminate the proxy, and replace it with Leaf with no proxy.
The problem is, is that this would give anyone in Location 1 two routes off
their network.  The connections to the remote subnets are via T1 and they
all connect to location 1 via a Cisco router which has no free connections.

Must have goals:  eliminate proxy server, provide one route off of the
Location 1 subnet.
Would like goals:  Avoid having Leaf as failure point between subnet 1 and
the remote subnets.  Avoid purchasing a new Cisco router.

Unfortunately, it seems that my best option would be to put another adapter
in the Leaf router, and renumber subnet 1, so that everything converges at
leaf on the old subnet 1 address.  However, since I'm using old commodity
hardware for that task, and internet connectivity is less important to the
business than the connectivity between the locations, I would love to keep
this from becoming a point of failure.

Any ideas on what to do here?  Or have I exhausted my options and I need to
violate one of my would like goals?  I don't know Cisco, but I suspect if
I did I could make short work of this problem.

- Bob Coffman



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Re: lets talk about something--anything!

2005-06-28 Thread Michelle Konzack 
Am 2005-06-27 23:54:44, schrieb cpu memhd:
 Only 64 messages this month. Are less and less people using leaf, what
 is going on with everyone? I have been slowley rolling out leaf boxes

Because LEAF has not satisfait me ?

I was continuing LRP 2.9.4 to 2.9.5 and 3.0.0
and in 2003-04 I had 4.0.0 running.

Now, since around 10 month I am using a full
GNU/Linux distri as router. 

 to about 16 locations. I couldn't have asked for a better
 firewall/router. I'd like to very much thank the leaf developers for
 their continued efforts. -cpu

Greetings
Michelle

-- 
Linux-User #280138 with the Linux Counter, http://counter.li.org/
Michelle Konzack   Apt. 917  ICQ #328449886
   50, rue de Soultz MSM LinuxMichi
0033/3/8845235667100 Strasbourg/France   IRC #Debian (irc.icq.com)


signature.pgp
Description: Digital signature

RE: [leaf-user] Network Configuration Ideas

2005-06-28 Thread James Neave 
Hi,

When you say two routes, do you mean:

1: NATed behind the LEAF box.
2: Through a Citrix session.

When you say you don't want LEAF as a single failure point, do you mean
you don't want LEAF to be a NAT'ing firewall for you internet connection
as well as performing the routing and/or tunnelling between your
subnets?

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 13:57
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] Network Configuration Ideas

Ok, since CPU asked.

I didn't want to put this on list, because it isn't a Leaf question per
se,
however I'm struggling with what to do with this.

In the simplest terms possible, I have a 4 subnet network, with each
subnet
at a different physical location.  Location 1 has the internet
connection,
and the core server (read:Citrix) for all the other locations.

Internet connectivity is via a proxy server on the location 1 subnet.  I
would like to eliminate the proxy, and replace it with Leaf with no
proxy.
The problem is, is that this would give anyone in Location 1 two routes
off
their network.  The connections to the remote subnets are via T1 and
they
all connect to location 1 via a Cisco router which has no free
connections.

Must have goals:  eliminate proxy server, provide one route off of the
Location 1 subnet.
Would like goals:  Avoid having Leaf as failure point between subnet 1
and
the remote subnets.  Avoid purchasing a new Cisco router.

Unfortunately, it seems that my best option would be to put another
adapter
in the Leaf router, and renumber subnet 1, so that everything converges
at
leaf on the old subnet 1 address.  However, since I'm using old
commodity
hardware for that task, and internet connectivity is less important to
the
business than the connectivity between the locations, I would love to
keep
this from becoming a point of failure.

Any ideas on what to do here?  Or have I exhausted my options and I need
to
violate one of my would like goals?  I don't know Cisco, but I suspect
if
I did I could make short work of this problem.

- Bob Coffman


The information in this email is confidential and may be legally privileged.  
It is intended solely for the addressee.  Access to this email by anyone else 
is unauthorised.

If you are not the intended recipient, any disclosure, copying, distribution or 
any action taken or omitted to be taken in reliance on it is prohibited and may 
be unlawful.

The contents of an attachment to this email may contain software viruses that 
could damage your own computer systems.  Whilst The Spur Group of Companies has 
taken every precaution to minimise the risk, we cannot accept liability for any 
damage that you sustain as a result of software viruses.



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] Network Configuration Ideas

2005-06-28 Thread Robert K Coffman Jr - Info From Data Corporation 
Route 1:  Via Leaf (or currently a Routefinder acting as a proxy) 10.0.0.250
- Internet
Route 2:  Via Cisco to the remote subnets - 10.0.0.1 - Remote subnets

When you say you don't want LEAF as a single failure point, do you mean you
don't want LEAF to be a NAT'ing firewall for you internet connection as well
as performing the routing and/or tunnelling between your subnets?

Exactly.  As much as I know that Leaf is completely capable of performing
this function, it just introduces another failure point to their network
that I don't want.

Thanks -

Bob Coffman

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Neave
Sent: Tuesday, June 28, 2005 9:06 AM
To: Robert K Coffman Jr - Info From Data Corporation;
leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas


Hi,

When you say two routes, do you mean:

1: NATed behind the LEAF box.
2: Through a Citrix session.

When you say you don't want LEAF as a single failure point, do you mean you
don't want LEAF to be a NAT'ing firewall for you internet connection as well
as performing the routing and/or tunnelling between your subnets?

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 13:57
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] Network Configuration Ideas

Ok, since CPU asked.

I didn't want to put this on list, because it isn't a Leaf question per se,
however I'm struggling with what to do with this.

In the simplest terms possible, I have a 4 subnet network, with each subnet
at a different physical location.  Location 1 has the internet connection,
and the core server (read:Citrix) for all the other locations.

Internet connectivity is via a proxy server on the location 1 subnet.  I
would like to eliminate the proxy, and replace it with Leaf with no proxy.
The problem is, is that this would give anyone in Location 1 two routes off
their network.  The connections to the remote subnets are via T1 and they
all connect to location 1 via a Cisco router which has no free connections.

Must have goals:  eliminate proxy server, provide one route off of the
Location 1 subnet. Would like goals:  Avoid having Leaf as failure point
between subnet 1 and the remote subnets.  Avoid purchasing a new Cisco
router.

Unfortunately, it seems that my best option would be to put another adapter
in the Leaf router, and renumber subnet 1, so that everything converges at
leaf on the old subnet 1 address.  However, since I'm using old commodity
hardware for that task, and internet connectivity is less important to the
business than the connectivity between the locations, I would love to keep
this from becoming a point of failure.

Any ideas on what to do here?  Or have I exhausted my options and I need to
violate one of my would like goals?  I don't know Cisco, but I suspect if
I did I could make short work of this problem.

- Bob Coffman


The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee.  Access to this email by anyone
else is unauthorised.

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it is prohibited
and may be unlawful.

The contents of an attachment to this email may contain software viruses
that could damage your own computer systems.  Whilst The Spur Group of
Companies has taken every precaution to minimise the risk, we cannot accept
liability for any damage that you sustain as a result of software viruses.



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from
IBM. Find simple to follow Roadmaps, straightforward articles, informative
Webcasts and more! Get everything you need to get up to speed, fast.
http://ads.osdn.com/?ad_idt77alloc_id492op=ick

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Lince future (was lets talk about something--anything!)

2005-06-28 Thread Jaime Nebrera 
  Hi all,

  As main coordinator of Lince project (Juan Jesus is its main
developer) I want to comment on future of Lince as it has been mentioned
in this list latelly.

  Some of the features some people are asking about in the list (mainly
easy perdurable updates and flexibility) have been incorporated in
Lince, but this release has not been made public. The reason? In this
time our company has gone a major redo and has been very hard to explain
to our business angels that it was a good idea to release to the public
something we have done and are charging our clients :)

  In this time we have been mainly busy discussing this, and at the end
we have reached an agreement. Most probably we will release to the
public old releases and keep current ones to our paid customers. We are
planning on a new public release in about a week or so.

  So whats new in Lince?

  1) As said when Lince was born, we keep to the idea of including more
software than standard leaf. The reason is we use Compact Flash as
storage system and this days 128MB is really cheap. So some decisions
and features are not very polished, we could reduce space a bit more,
but frankly, we dont care we have plenty of space to use :) Currently we
are migrating Lince from a Leaf based glibc distro to a GNAP uClibc
based distro (Gentoo), so this public release might be one of the latest
to be done based on Debian.

  2) Even when we think of Lince as a whole (firmware) sometimes we have
needed to include extra packages, thats why is still compatible with old
lrp style packages (Now supports cloop, cramfs and lrp packages).

  3) We have developed our own propietary Management App in JAVA called
MarteGUI. Currently it manages all aspects of Lince. Still, its possible
to use Lince without this management app (actually, thats what we
release to the public). This app is done in such a way that we dont need
to modify the core system. We pack Lince and this app in some hardware
appliances that we sell to our clients (as a box or as a managed
service). You can see pictures of the boxes and software in
www.eneotecnologia.com/mambo/ - Hardware / Software. BTW, the app is in
english too and we are seeking for resellers :)

  4) Lince (core) currently has the following features:

  * Standard and bridged system
  * Advanced firewall (Shorewall 2.4)
  * QoS
  * NetFlow Probe
  * Automatic update (via http)
  * Web proxy and filtering
  * Web user auth (LDAP, MSAD)
  * High availability (VRRP and STP)
  * Load Balancing (IPVS)
  * IPSec VPN

  All of them are managed from the GUI but can be managed without it.

  We are releasing this to the public again as a way to foster
development around Lince. If we have success on this and some people
step forward and give us a hand, we will continue releasing Lince to the
public. We could even pay for this help for long term contributers with
our software :) If not, well we will need to discuss this topic again
with the investors :(

  5) We are currently working on:

  * Snort Inline integration
  * IPVS syncronization between different load balancers

  As said, we intend to stay using Debian for a short time, just until
we get GNAP working properly. That means porting to 2.6 and many others,
but this needs a different email :)

  What do you think? Good enough to increase the emails in the
list? :

  Regards

-- 
Jaime Nebrera - [EMAIL PROTECTED]
Consultor TI - ENEO Tecnologia SL
Telf.- 95 455 40 62 - 619 04 55 18



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] Network Configuration Ideas

2005-06-28 Thread James Neave 
Er,

Wait, is this what you mean?

If there were two routers in subnet1, one to the internet (LEAF) and one
to the other subnets (Cisco), then two routes would have to be added to
the client machines and you don't want that (sounds nasty)?

Whereas if you made the LEAF box route the traffic from subnet1 to
subnet2 via the Cisco you would have 2 points of failure for traffic
between the LEAF box and the Cisco. But this would give you one default
route on the client boxes which is really what Windows likes.

Now do I get you?

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 14:50
To: leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas

Route 1:  Via Leaf (or currently a Routefinder acting as a proxy)
10.0.0.250
- Internet
Route 2:  Via Cisco to the remote subnets - 10.0.0.1 - Remote subnets

When you say you don't want LEAF as a single failure point, do you mean
you
don't want LEAF to be a NAT'ing firewall for you internet connection as
well
as performing the routing and/or tunnelling between your subnets?

Exactly.  As much as I know that Leaf is completely capable of
performing
this function, it just introduces another failure point to their network
that I don't want.

Thanks -

Bob Coffman

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Neave
Sent: Tuesday, June 28, 2005 9:06 AM
To: Robert K Coffman Jr - Info From Data Corporation;
leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas


Hi,

When you say two routes, do you mean:

1: NATed behind the LEAF box.
2: Through a Citrix session.

When you say you don't want LEAF as a single failure point, do you mean
you
don't want LEAF to be a NAT'ing firewall for you internet connection as
well
as performing the routing and/or tunnelling between your subnets?

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 13:57
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] Network Configuration Ideas

Ok, since CPU asked.

I didn't want to put this on list, because it isn't a Leaf question per
se,
however I'm struggling with what to do with this.

In the simplest terms possible, I have a 4 subnet network, with each
subnet
at a different physical location.  Location 1 has the internet
connection,
and the core server (read:Citrix) for all the other locations.

Internet connectivity is via a proxy server on the location 1 subnet.  I
would like to eliminate the proxy, and replace it with Leaf with no
proxy.
The problem is, is that this would give anyone in Location 1 two routes
off
their network.  The connections to the remote subnets are via T1 and
they
all connect to location 1 via a Cisco router which has no free
connections.

Must have goals:  eliminate proxy server, provide one route off of the
Location 1 subnet. Would like goals:  Avoid having Leaf as failure point
between subnet 1 and the remote subnets.  Avoid purchasing a new Cisco
router.

Unfortunately, it seems that my best option would be to put another
adapter
in the Leaf router, and renumber subnet 1, so that everything converges
at
leaf on the old subnet 1 address.  However, since I'm using old
commodity
hardware for that task, and internet connectivity is less important to
the
business than the connectivity between the locations, I would love to
keep
this from becoming a point of failure.

Any ideas on what to do here?  Or have I exhausted my options and I need
to
violate one of my would like goals?  I don't know Cisco, but I suspect
if
I did I could make short work of this problem.

- Bob Coffman


The information in this email is confidential and may be legally
privileged.
It is intended solely for the addressee.  Access to this email by anyone
else is unauthorised.

If you are not the intended recipient, any disclosure, copying,
distribution
or any action taken or omitted to be taken in reliance on it is
prohibited
and may be unlawful.

The contents of an attachment to this email may contain software viruses
that could damage your own computer systems.  Whilst The Spur Group of
Companies has taken every precaution to minimise the risk, we cannot
accept
liability for any damage that you sustain as a result of software
viruses.


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_idt77alloc_id492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] Network Configuration Ideas

2005-06-28 Thread Robert K Coffman Jr - Info From Data Corporation 
Right on!  

Thanks for taking time to understand this

- Bob

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Neave
Sent: Tuesday, June 28, 2005 10:10 AM
To: Robert K Coffman Jr - Info From Data Corporation;
leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas


Er,

Wait, is this what you mean?

If there were two routers in subnet1, one to the internet (LEAF) and one to
the other subnets (Cisco), then two routes would have to be added to the
client machines and you don't want that (sounds nasty)?

Whereas if you made the LEAF box route the traffic from subnet1 to subnet2
via the Cisco you would have 2 points of failure for traffic between the
LEAF box and the Cisco. But this would give you one default route on the
client boxes which is really what Windows likes.

Now do I get you?

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 14:50
To: leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas

Route 1:  Via Leaf (or currently a Routefinder acting as a proxy) 10.0.0.250
- Internet
Route 2:  Via Cisco to the remote subnets - 10.0.0.1 - Remote subnets

When you say you don't want LEAF as a single failure point, do you mean
you
don't want LEAF to be a NAT'ing firewall for you internet connection as well
as performing the routing and/or tunnelling between your subnets?

Exactly.  As much as I know that Leaf is completely capable of performing
this function, it just introduces another failure point to their network
that I don't want.

Thanks -

Bob Coffman

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Neave
Sent: Tuesday, June 28, 2005 9:06 AM
To: Robert K Coffman Jr - Info From Data Corporation;
leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas


Hi,

When you say two routes, do you mean:

1: NATed behind the LEAF box.
2: Through a Citrix session.

When you say you don't want LEAF as a single failure point, do you mean you
don't want LEAF to be a NAT'ing firewall for you internet connection as well
as performing the routing and/or tunnelling between your subnets?

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 13:57
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] Network Configuration Ideas

Ok, since CPU asked.

I didn't want to put this on list, because it isn't a Leaf question per se,
however I'm struggling with what to do with this.

In the simplest terms possible, I have a 4 subnet network, with each subnet
at a different physical location.  Location 1 has the internet connection,
and the core server (read:Citrix) for all the other locations.

Internet connectivity is via a proxy server on the location 1 subnet.  I
would like to eliminate the proxy, and replace it with Leaf with no proxy.
The problem is, is that this would give anyone in Location 1 two routes off
their network.  The connections to the remote subnets are via T1 and they
all connect to location 1 via a Cisco router which has no free connections.

Must have goals:  eliminate proxy server, provide one route off of the
Location 1 subnet. Would like goals:  Avoid having Leaf as failure point
between subnet 1 and the remote subnets.  Avoid purchasing a new Cisco
router.

Unfortunately, it seems that my best option would be to put another adapter
in the Leaf router, and renumber subnet 1, so that everything converges at
leaf on the old subnet 1 address.  However, since I'm using old commodity
hardware for that task, and internet connectivity is less important to the
business than the connectivity between the locations, I would love to keep
this from becoming a point of failure.

Any ideas on what to do here?  Or have I exhausted my options and I need to
violate one of my would like goals?  I don't know Cisco, but I suspect if
I did I could make short work of this problem.

- Bob Coffman


The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee.  Access to this email by anyone
else is unauthorised.

If you are not the intended recipient, any disclosure, copying, distribution
or any action taken or omitted to be taken in reliance on it is prohibited
and may be unlawful.

The contents of an attachment to this email may contain software viruses
that could damage your own computer systems.  Whilst The Spur Group of
Companies has taken every precaution to minimise the risk, we cannot accept
liability for any damage that you sustain as a result of software viruses.


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from
IBM. Find simple to follow Roadmaps, straightforward articles, informative
Webcasts and more! Get

RE: [leaf-user] Network Configuration Ideas

2005-06-28 Thread James Neave 
Hurray!

Er, what was the question again?

Kidding.

Right

Instead of the two points of failure solution, is it possible to:

1) Have the Cisco router as the default route for subnet1 
2) Have the following routing table on the Cisco:

Arbitrary numbers:
subnet1 = 10.1.0.0/16
subnet2 = 10.2.0.0/16
subnet3 = 10.3.0.0/16
subnet4 = 10.4.0.0/16
Cisco1 = 10.1.0.1
LEAF box = 10.1.0.2

Source  DestGateway
10.1.0.0/16 10.2.0.0/16 10.2.0.1
10.1.0.0/16 10.3.0.0/16 10.3.0.1
10.1.0.0/16 10.4.0.0/16 10.4.0.1
10.1.0.0/16 default 10.1.0.2

Which is a backwards two points of failure solution. But the two points
of failure, the Cisco and the LEAF box, are between subnet1 and the
internet, not subnet1 and subnetN. And the internet is less important
than the inter-site connectivity.

Bearing mind I don't know anything about these Cisco things. They run on
voodoo as far as I know.

OR

Throw away the Cisco and just use LEAF! :D

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 15:32
To: James Neave; leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas

Right on!  

Thanks for taking time to understand this

- Bob

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Neave
Sent: Tuesday, June 28, 2005 10:10 AM
To: Robert K Coffman Jr - Info From Data Corporation;
leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas


Er,

Wait, is this what you mean?

If there were two routers in subnet1, one to the internet (LEAF) and one
to
the other subnets (Cisco), then two routes would have to be added to the
client machines and you don't want that (sounds nasty)?

Whereas if you made the LEAF box route the traffic from subnet1 to
subnet2
via the Cisco you would have 2 points of failure for traffic between the
LEAF box and the Cisco. But this would give you one default route on the
client boxes which is really what Windows likes.

Now do I get you?

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 14:50
To: leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas

Route 1:  Via Leaf (or currently a Routefinder acting as a proxy)
10.0.0.250
- Internet
Route 2:  Via Cisco to the remote subnets - 10.0.0.1 - Remote subnets

When you say you don't want LEAF as a single failure point, do you mean
you
don't want LEAF to be a NAT'ing firewall for you internet connection as
well
as performing the routing and/or tunnelling between your subnets?

Exactly.  As much as I know that Leaf is completely capable of
performing
this function, it just introduces another failure point to their network
that I don't want.

Thanks -

Bob Coffman

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Neave
Sent: Tuesday, June 28, 2005 9:06 AM
To: Robert K Coffman Jr - Info From Data Corporation;
leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Network Configuration Ideas


Hi,

When you say two routes, do you mean:

1: NATed behind the LEAF box.
2: Through a Citrix session.

When you say you don't want LEAF as a single failure point, do you mean
you
don't want LEAF to be a NAT'ing firewall for you internet connection as
well
as performing the routing and/or tunnelling between your subnets?

Regards,

James.

-Original Message-
From: Robert K Coffman Jr - Info From Data Corporation
[mailto:[EMAIL PROTECTED] 
Sent: 28 June 2005 13:57
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] Network Configuration Ideas

Ok, since CPU asked.

I didn't want to put this on list, because it isn't a Leaf question per
se,
however I'm struggling with what to do with this.

In the simplest terms possible, I have a 4 subnet network, with each
subnet
at a different physical location.  Location 1 has the internet
connection,
and the core server (read:Citrix) for all the other locations.

Internet connectivity is via a proxy server on the location 1 subnet.  I
would like to eliminate the proxy, and replace it with Leaf with no
proxy.
The problem is, is that this would give anyone in Location 1 two routes
off
their network.  The connections to the remote subnets are via T1 and
they
all connect to location 1 via a Cisco router which has no free
connections.

Must have goals:  eliminate proxy server, provide one route off of the
Location 1 subnet. Would like goals:  Avoid having Leaf as failure point
between subnet 1 and the remote subnets.  Avoid purchasing a new Cisco
router.

Unfortunately, it seems that my best option would be to put another
adapter
in the Leaf router, and renumber subnet 1, so that everything converges
at
leaf on the old subnet 1 address.  However, since I'm using old
commodity
hardware for that task, and internet connectivity is less important to
the
business

Re: [leaf-user] Lince future (was lets talk about something--anything!)

2005-06-28 Thread Paul Traina 

Jaime Nebrera wrote:

  Some of the features some people are asking about in the list (mainly
easy perdurable updates and flexibility) have been incorporated in
Lince, but this release has not been made public. The reason? In this
time our company has gone a major redo and has been very hard to explain
to our business angels that it was a good idea to release to the public
something we have done and are charging our clients :)


Do you have a strategy for doing this while remining compliant with the 
terms of the software you have licensed (the GPL)?


Netgear and linksys are two very profitable organizations who produce 
GPL derived router products and release the source code and development 
kits for their GPL based products.



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] Leaf guide - Available on Archive.org

2005-06-28 Thread groups, freeman 

You can get a Nov 2004 version of the guide from here:
http://web.archive.org/web/20041106175146/http://leaf-project.org/doc/guide/leaf-guide-collection.pdf

(When sites/pages can't be found on the net but you know they used to be 
there, archive.org is your friend.)


scott; canada

Fabricio Vargas wrote:


Hi

Could anyone send me the leaf guide collection in PDF format?

link http://www.leaf-project.org/doc/guide/leaf-guide-collection.pdf does
not work



Thanks

Fabricio Vargas




---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] Lince future (was lets talk about something--anything!)

2005-06-28 Thread Jaime Nebrera 
  Hi Paul,

 Do you have a strategy for doing this while remining compliant with the 
 terms of the software you have licensed (the GPL)?

  Yes, we have been very careful on that. Actually all of the code in
the core system (what you know as Lince) is under GPL, LGPL, BSD
except antivirus (if used). We have done some improvements to some of
the GPL apps used but they are in the core too as GPL (of course).

  MarteGUI is just a manager that connects to a system, donwloads a
config database, parses new configuration files, copies them to the
system and restarts services as needed. In essence, it mimics the
commands the admin executes. That way we dont have problems with GPL.

 Netgear and linksys are two very profitable organizations who produce 
 GPL derived router products and release the source code and development 
 kits for their GPL based products.

  Actually we are thinking on using their hardware to port our software
solution. BTW, we have done the same with a Crossbeam X40 system :)

  Regards

-- 
Jaime Nebrera - [EMAIL PROTECTED]
Consultor TI - ENEO Tecnologia SL
Telf.- 95 455 40 62 - 619 04 55 18



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] Lince future (was lets talk about something--anything!)

2005-06-28 Thread Paul Traina 
Cool, glad to hear it.  Getting slammed with the Oh crap, we're 
polluted thing at the last minute can really cause heartburn.


Paul



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] [Slightly OT] ICMP et al

2005-06-28 Thread Erich Titl 

Hi folks

As the subject suggests, this is a bit off topic, but as a LEAF system 
is involved please excuse me.
I am baffled by the behaviour of a M$ application (IIS) on a customer 
network.
This network is a hub and spoke structure built with Bering glibc 
routers. Some of the locations use DSL, others cable modem. The spokes 
are IPSEc connections to the hub network. In The hub network there is a 
IIS server with a WEB application.
A client system on one of the client networks requests a page (or rather 
a web based application) on the server. I can observe the normal packet 
flow between client and server untilthe server tries to send a 
packet of size 1452 bytes to the client (with DF bit set). I _believe_ 
IPSEC decides that this packet is too large to be passed to the other 
side so the Bering system sends an ICMP fragmentation needed package to 
the server with a size proposal of 1319 bytes.


I would expect the server to reduce the packet size accordingly but 
helas it does not. Am I just naive to expect M$ to follow or is it 
compulsory only to respect ICMP?


Thanks

Erich



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread Eric Spakman 
Hello CPU,

Regardless, I'd say that at the very, very least... a CF/HDD image
would make things a lot easier for a lot of people. -cpu

Bering-uClibc provides initrd packages for HDD/CF, CD and USB (stick) booting. 
The only thing you have to do is put syslinux on your boot device.

Eric



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] [Slightly OT] ICMP et al

2005-06-28 Thread Robert K Coffman Jr - Info From Data Corporation 
What version of Windows?

One remote possibility:  http://support.microsoft.com/kb/q244539/

- Bob Coffman

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erich Titl
Sent: Tuesday, June 28, 2005 2:25 PM
To: leaf-user-lists.sourceforge.net
Subject: [leaf-user] [Slightly OT] ICMP et al


Hi folks

As the subject suggests, this is a bit off topic, but as a LEAF system 
is involved please excuse me.
I am baffled by the behaviour of a M$ application (IIS) on a customer 
network.
This network is a hub and spoke structure built with Bering glibc 
routers. Some of the locations use DSL, others cable modem. The spokes 
are IPSEc connections to the hub network. In The hub network there is a 
IIS server with a WEB application.
A client system on one of the client networks requests a page (or rather 
a web based application) on the server. I can observe the normal packet 
flow between client and server untilthe server tries to send a 
packet of size 1452 bytes to the client (with DF bit set). I _believe_ 
IPSEC decides that this packet is too large to be passed to the other 
side so the Bering system sends an ICMP fragmentation needed package to 
the server with a size proposal of 1319 bytes.

I would expect the server to reduce the packet size accordingly but 
helas it does not. Am I just naive to expect M$ to follow or is it 
compulsory only to respect ICMP?

Thanks

Erich



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from
IBM. Find simple to follow Roadmaps, straightforward articles, informative
Webcasts and more! Get everything you need to get up to speed, fast.
http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] [Slightly OT] ICMP et al

2005-06-28 Thread Erich Titl 

Bob

Robert K Coffman Jr - Info From Data Corporation wrote:

What version of Windows?


2003 server. I left that to the windoze guys.

The point is IMHO the Bering box sends a correct ICMP message to the 
server indicating the need for fragmentation and the server just could 
not care less.


Thanks

Erich





---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] [Slightly OT] ICMP et al

2005-06-28 Thread Erich Titl 

Charles

Charles Steinkuehler wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

... |
| I would expect the server to reduce the packet size accordingly but
| helas it does not. Am I just naive to expect M$ to follow or is it
| compulsory only to respect ICMP?

You have to have Path MTU discovery enabled:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/randz/protocol/path_mtu_discovery.asp 



quote
# EnablePMTUBHDetect. This value adjusts the PMTU discovery algorithm to 
attempt to detect noncompliant routers, also called PMTU black hole 
routers. PMTU black hole detection is disabled by default but can be 
enabled by adding this value to the registry key and setting it to 1.
# EnablePMTUDiscovery. This value enables or disables the PMTU discovery 
mechanism, helping to diagnose problems with black hole routers. PMTU 
discovery is enabled by default but can be disabled by adding this value 
to the registry key and setting it to 0.


PMTU discovery is enabled so that the two sides of a conversation can 
negotiate the most efficient MTU. When PMTU discovery is disabled, an 
MSS of 536 bytes and an MTU of 540 bytes are used for all nonlocal 
destination addresses.

/quote

This definitely is not the case, as the address is non local and the 
size is  540





...and you have to enable the appropriate ICMP message to pass through all
routers involved (many folks just 'black hole' all ICMP traffic, and assume
there are no side effects, like broken Path MTU discovery).


The next hop router from the server generates the apropriate ICMP message.



NOTE:  The MS page above indicates Microsoft is doing the proper thing with
Path MTU discovery, but that's for server 2003.  IIRC, you had to 
explicitly

enable PMTU discovery for older (ie: 2K  maybe XP) Microsoft systems
(motto: We can steal^h^h^h^h^h appropriate the BSD networking stack, but we
still don't know how to do TCP/IP...besides, who uses a WAN!?!).


Well  yes.

thanks

Erich



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] Network Configuration Ideas

2005-06-28 Thread Robert K Coffman Jr - Info From Data Corporation 
Thanks James and Charles for your excellent emails on this topic.

You have solidified my feeling that the Cisco is the key to the whole
scenario.  I guess I'll have to approach it from that perspective.  Its
probably a good thing, since a) I know no Cisco and b) nobody knows the
password to the Cisco.  But I have a method to reset it.  If I screw it up,
hello new Leaf router!

Thanks!

- Bob Coffman



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

LEAF on WRAP box - was Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread M Lu 
As we are encouraged to talk about anything, I just want to ask questions 
regarding running LEAF on an embedded PC. I would like to move my LEAF on an 
old PC to a smaller device, such as WRAP box. The good news is that there is 
some documentation about how to set it up, so I hope I can somehow manage 
it.


But regarding hardware I cannot imagine it well. Because I have to order 
on-line, I would like to know what pieces I need to order. I would like to 
have 3 LAN and one wireless if possible. In case of wireless, do I have to 
buy the card from them or can I use other cards I can buy locally (in 
BestBuy, CompUSA etc)? How do I have screen/keyboard with that etc? Could 
anybody explain me a little bit to me, a hardware-dumb person?


Thank you.









---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: LEAF on WRAP box - was Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread Martin Hejl 

M Lu wrote:
As we are encouraged to talk about anything, I just want to ask 
questions regarding running LEAF on an embedded PC. I would like to move 
my LEAF on an old PC to a smaller device, such as WRAP box. The good 
news is that there is some documentation about how to set it up, so I 
hope I can somehow manage it.


But regarding hardware I cannot imagine it well. Because I have to order 
on-line, I would like to know what pieces I need to order. I would like 
to have 3 LAN and one wireless if possible. In case of wireless, do I 
have to buy the card from them or can I use other cards I can buy 
locally (in BestBuy, CompUSA etc)? How do I have screen/keyboard with 
that etc? Could anybody explain me a little bit to me, a hardware-dumb 
person?


Thank you.
First off, I don't actually _own_ a WRAP board (I own several soekris 
boards, and I most likely will order a few WRAP boards some time soon, 
but so far, all that I've actually used are soekris boards), so take all 
of what I say with the proverbial grain of salt. But I think I can 
shed at least a little light on your questions - and hopefully somebody 
else will be able to provide a more complete answer.


There's no need to worry about screen/keyboards - those kinds of things 
run off a serial console - so simply plug in any PC or Laptop using a 
crossover serial cable, and you can control it using a serial terminal 
(minicom if you're using Linux, or one of the various tools on Windows - 
I recommend teraterm, since it's free and works, which can't be said of 
Hyperterminal, at least in my experience). The biggest hurdle here is 
finding the proper terminal settings (default should be 9600 8N1 - but 
as I said, I haven't used a WRAP box yet). It _should_ be mentioned in 
the manual though.


Regarding the wireless stuff - as far as I know, all WRAP boards come 
with mini-pci slots (I don't recall any with PC-Card slots) - so buying 
equipment at Best Buy might be a challenge (but who knows - it's been a 
while since I shopped there, so they might even have mini-pci equipment 
these days). If you don't mind ordering online, you can find mini-pci 
gear at various places - like http://www.netgate.com/ 
http://www.demarctech.com/ or http://metrix.net/metrix/ (and tons of 
other places too - those are just as an example, off the top of my 
head). Getting mini-pci stuff at larger chains can often be difficult, 
mainly because they usually don't sell the antenna+pigtail needed (at 
least here in Germany). I've used the cards from netgate with great 
success on various soekris boxes (and netgate now even sells WRAP 
boxes...), but that obviously doesn't mean that other sources don't work 
just as well.


One last bit of advice - when using embedded boards like the WRAP (or 
the soekris boards), make sure you get a suitable power supply 
(preferrably the one the maker of the board suggests, not something you 
happen to have lying around in your electronics junk box). Most of the 
problems I've seen on the various mailing lists are due to marginal 
power supplies (marginal in the sense that they provide enough power for 
average usage, but fail and cause the box to crash/lock up if for some 
reason power consumption jumps up).


To get going (the easy way), the only thing else you need is a CF card 
reader (if you don't want to boot with PXE - I don't know if the WRAP 
boards support that), so you can transfer the base image to the compact 
flash card (it's also convenient to get your box back up and running if 
you've mis-configured it in a way that it will no longer boot - it's 
happened to me a few times, and being able to pop in the CF into my 
desktop and fix things saved a lot of time).


I hope that helps

Martin


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: LEAF on WRAP box - was Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread Erich Titl 

M Lu wrote:
As we are encouraged to talk about anything, I just want to ask 
questions regarding running LEAF on an embedded PC. I would like to move 
my LEAF on an old PC to a smaller device, such as WRAP box. The good 
news is that there is some documentation about how to set it up, so I 
hope I can somehow manage it.


But regarding hardware I cannot imagine it well. Because I have to order 
on-line, I would like to know what pieces I need to order. I would like 
to have 3 LAN and one wireless if possible. In case of wireless, do I 
have to buy the card from them or can I use other cards I can buy 
locally (in BestBuy, CompUSA etc)? 


You could, but pricewise I have not found any better for mini-PCI. The 
CM9 Atheros card works pretty well with the madwifi driver.


cheers
Erich





---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] lets talk about something--anything!

2005-06-28 Thread and hansen 

--- cpu memhd wrote:

 Only 64 messages this month. Are less and less
 people using leaf, what
 is going on with everyone? I have been slowley
 rolling out leaf boxes
 to about 16 locations. I couldn't have asked for a
 better
 firewall/router. I'd like to very much thank the
 leaf developers for
 their continued efforts. -cpu
 

The same big thanks from a happy leaf-bering user in
denmark
when the beast is running there is nothing to discuss,
but when shit hits the fan, I´ll let you know ;)

Best Regards
Lasse Jensen



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread cpu memhd 
Hello Eric,

I know these packages exist and it is easy to setup. But there are
still too many steps envolved for the average n00b. Consider for a
moment, a prospective user: one must first decide which packages to
use:

dropbear/openssh? ipsec/openvpn? dhcpcd/dnsmasq?
shorwall.lrp/iptables.lrp (confusing for those who don't [yet] know
shorewall is a highlevel frontend to iptablets)

Once this is determined, one has to shuffle disks and type all those
strange/foreign unix commands (4.3. Create a bootable HD). Run
syslinux, copy/modify syslinux.cfg and leaf.cfg. One simple typo and
the system won't boot. Where to seek help; the leaf mailing list? I
doubt it. This is too intimidating already.

Anyhow, I guess what I'm really suggesting is to have a standard
(8-12MB?) CF/HD image with the package-equivalent of say a snapgear or
m0n0wall. Enough to boot a feature rich leaf distro. -cpu


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Re: lets talk about something--anything!

2005-06-28 Thread kwon 

On 6/28/2005 02:54, cpu memhd wrote:

Only 64 messages this month. Are less and less people using leaf, what
is going on with everyone? I have been slowley rolling out leaf boxes
to about 16 locations. I couldn't have asked for a better
firewall/router. I'd like to very much thank the leaf developers for
their continued efforts. -cpu


I am using Leaf and have rolled out six leaf boxes so far!



---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread Adam Niedzwiedzki 
Hmm how about someone compiling a ulogd module for bering-uclibc that has 
mysql support so I can have shorewall log packets to mysql :)

Could make some very nice php web graphing to go with it..

*grin*

I have tried but not being a programmer, really have no idea what I'm doing

Cheers
Ad 




---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] lets talk about something--anything!

2005-06-28 Thread Adam Niedzwiedzki 

Hmm let me rephrase that..

Not knowing what to do with ulogd *grin*, I know my way round php/mysql just 
fine.
So I'm just after ulogd compiled with the mysql plugin working. (something 
about static linking but I have no idea what that means).


Then I can build my own php/mysql interface LOL..

*ugh* it's been a long day...

Ad
- Original Message - 
From: Adam Niedzwiedzki [EMAIL PROTECTED]

To: leaf-user@lists.sourceforge.net
Sent: Wednesday, June 29, 2005 2:52 PM
Subject: Re: [leaf-user] lets talk about something--anything!


Hmm how about someone compiling a ulogd module for bering-uclibc that has 
mysql support so I can have shorewall log packets to mysql :)

Could make some very nice php web graphing to go with it..

*grin*

I have tried but not being a programmer, really have no idea what I'm 
doing


Cheers
Ad


---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/





---
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477alloc_id=16492op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/