RE: [leaf-user] Routing? problem

2005-11-10 Thread Bob Coffman Jr. - Info From Data
Erich,

Thanks for the reply!

I don't believe there is a shorewall problem.  I would expect (maybe
incorrectly) that shorewall clear would expose that.  When I tried that,
the problem persisted.

To dump traffic on eth2 - would I set a box running snort on that network
segment and capture everything?  What can I look for?

Since I'm dealing with a Cisco router - is there anything I can do on the
Leaf side to communicate routes between the two?  That is, assuming the
Cisco is advertising routes of course.

- Bob

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erich Titl
Sent: Wednesday, November 09, 2005 5:31 PM
To: Bob Coffman Jr. - Info From Data
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] Routing? problem


Bob

Bob Coffman Jr. - Info From Data wrote:
 ...
 
 24.123.47.72/30 dev eth0 proto kernel scope link src 24.123.47.74
(internet)
 10.1.30.0 via 10.1.1.1 dev eth2
 10.1.10.0 via 10.1.1.1 dev eth2
 10.1.20.0 via 10.1.1.1 dev eth2
 10.1.1.0/24 dev eth2 proto kernel scope link src 10.1.1.2 (cisco)
 10.1.2.0/24 dev eth1 proto kernel scope link src 10.1.2.1 (central office)
 
 If necessary or helpful, I can submit a full Shorewall problem report.  

Is there a shorewall problem?

Have you tried to dump the traffic on eth2?

cheers

Erich



---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


[leaf-user] DHCP issues

2005-11-10 Thread Julie S. Lin

Hi All,

can you kindly tell me what do I need to do to set DHCP working through 
my wireless bridge?
do I need to run the dhcp-helper application or dhcprelay? however, 
dhcphlpr.lrp and dhcpreli.lrp both do not
work if dhcpd is running.  i do not see a way to set a separate port in 
the init script. help!


--jsl



Date: Mon, 07 Nov 2005 14:21:28 -0800
From: Julie S. Lin [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Organization: Myvest 
To: leaf-user@lists.sourceforge.net

Subject: [leaf-user] issues with wireless bridging

Hi

I've got a dhcpd running on eth4 (wireless interface) on Bering 2.3
when I use a wireless card, it works fine; there is connectivity
and an address is handed out from my specificed dhcp range.

However, when I plug a machine into my wireless bridge
I get can not get ip address errors.  I'm not sure if it is a bridge
issue or a leaf issue, so I thought I'd ask here.

As far as I can tell, I've set everything up similar to what I had in 
Bering 1.2.  though I'm obviously missing something. Any advice greatly 
appreciated.  thanks.


--jsl





 





---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


RE: [leaf-user] Routing? problem

2005-11-10 Thread Bob Coffman Jr. - Info From Data
Ok, after a little more testing, I realized what I had done wrong.  The
Cisco had the wrong gateway address in it, and therefore it didn't know how
to send anything back through the LEAF box.  So simple

Thanks again Erich.

- Bob

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bob Coffman Jr.
- Info From Data
Sent: Thursday, November 10, 2005 8:30 AM
To: leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Routing? problem


Erich,

Thanks for the reply!

I don't believe there is a shorewall problem.  I would expect (maybe
incorrectly) that shorewall clear would expose that.  When I tried that,
the problem persisted.

To dump traffic on eth2 - would I set a box running snort on that network
segment and capture everything?  What can I look for?

Since I'm dealing with a Cisco router - is there anything I can do on the
Leaf side to communicate routes between the two?  That is, assuming the
Cisco is advertising routes of course.

- Bob

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erich Titl
Sent: Wednesday, November 09, 2005 5:31 PM
To: Bob Coffman Jr. - Info From Data
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] Routing? problem


Bob

Bob Coffman Jr. - Info From Data wrote:
 ...
 
 24.123.47.72/30 dev eth0 proto kernel scope link src 24.123.47.74
(internet)
 10.1.30.0 via 10.1.1.1 dev eth2
 10.1.10.0 via 10.1.1.1 dev eth2
 10.1.20.0 via 10.1.1.1 dev eth2
 10.1.1.0/24 dev eth2 proto kernel scope link src 10.1.1.2 (cisco)
 10.1.2.0/24 dev eth1 proto kernel scope link src 10.1.2.1 (central office)
 
 If necessary or helpful, I can submit a full Shorewall problem report.  

Is there a shorewall problem?

Have you tried to dump the traffic on eth2?

cheers

Erich



---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


Re: [leaf-user] DHCP issues

2005-11-10 Thread Eric Spakman
Hello Julie,

The dhcphlpr pasckage is the right one, the dhcpreli package is for ipsec
over dhcp support. The dhcphlpr package can be configured by setting the
right options in the default file, which can be found in the package
configuration menu in lrcfg.

Eric

 Hi All,


 can you kindly tell me what do I need to do to set DHCP working through my
 wireless bridge? do I need to run the dhcp-helper application or
 dhcprelay? however, dhcphlpr.lrp and dhcpreli.lrp both do not work if dhcpd
 is running.  i do not see a way to set a separate port in the init script.
 help!

 --jsl



 Date: Mon, 07 Nov 2005 14:21:28 -0800
 From: Julie S. Lin [EMAIL PROTECTED]
 Reply-To: [EMAIL PROTECTED]
 Organization: Myvest
 To: leaf-user@lists.sourceforge.net
 Subject: [leaf-user] issues with wireless bridging


 Hi


 I've got a dhcpd running on eth4 (wireless interface) on Bering 2.3
 when I use a wireless card, it works fine; there is connectivity and an
 address is handed out from my specificed dhcp range.

 However, when I plug a machine into my wireless bridge
 I get can not get ip address errors.  I'm not sure if it is a bridge
 issue or a leaf issue, so I thought I'd ask here.

 As far as I can tell, I've set everything up similar to what I had in
 Bering 1.2.  though I'm obviously missing something. Any advice greatly
 appreciated.  thanks.

 --jsl











 ---
 SF.Net email is sponsored by:
 Tame your development challenges with Apache's Geronimo App Server.
 Download
 it for free - -and be entered to win a 42 plasma tv or your very own
 Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php
 
 leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/






---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


[leaf-user] Bering uClibc HA

2005-11-10 Thread Markus Koelle
Hi,

can you give me some hints for a firewall/gateway HA solution based on
two Bering uClibc 2.3 boxes. I've seen keepalived.lrp, but for
connection state syncronisation I need also ct_sync kernel module from
netfilter-ha project. Can I get somewhere this kernel module for Bering
uClic 2.3? Has somebody a howto for a Bering uClibc HA solution?

Best regards
Markus Koelle


---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


Re: [leaf-user] Routing? problem

2005-11-10 Thread Erich Titl
Bob Coffman Jr. - Info From Data wrote:
 Erich,
 
 Thanks for the reply!
 
 I don't believe there is a shorewall problem.  I would expect (maybe
 incorrectly) that shorewall clear would expose that.  When I tried that,
 the problem persisted.
 
 To dump traffic on eth2 - would I set a box running snort on that network
 segment and capture everything?  What can I look for?

I typically use tcpdump and ethereal for this kind of analysis.

 
 Since I'm dealing with a Cisco router - is there anything I can do on the
 Leaf side to communicate routes between the two?  That is, assuming the
 Cisco is advertising routes of course.

I have never used it, but zebra should do the job.

cheers

Erich


---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


Re: [leaf-user] Bering uClibc HA

2005-11-10 Thread Jaime Nebrera
  Hi Markus,

 can you give me some hints for a firewall/gateway HA solution based on
 two Bering uClibc 2.3 boxes. I've seen keepalived.lrp, but for
 connection state syncronisation I need also ct_sync kernel module from
 netfilter-ha project. Can I get somewhere this kernel module for Bering
 uClic 2.3? Has somebody a howto for a Bering uClibc HA solution?

  ct_sync is really a mess, dont know many people that uses them.

-- 
Jaime Nebrera - [EMAIL PROTECTED]
Consultor TI - ENEO Tecnologia SL
Telf.- 619 04 55 18



---
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42 plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/