RE: [leaf-user] New Problem with UClibc syslinux
Hi! -Original Message- From: Tibbs, Richard [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 30, 2005 12:01 AM To: M Lu; Leaf-User (E-mail) Subject: RE: [leaf-user] New Problem with UClibc syslinux Ah! Looks like leaf.cfg has changed from the Bering 1.2 days. My leaf.cfg with uclibc looks like below, but I will try one like yours. It has... for a long time now... You could have just read the Bering uClibc Instalation guide, all is explained there. Luis Correia Bering uClibc Team Member PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 Key Server: http://pgp.mit.edu --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
RE: [leaf-user] New Problem with UClibc syslinux
Hello Richard, Strange thing is the leaf.cfg packages load, while everything beyond local in syslinux LRP= (see below) does not. Thx. Rick That has probably something todo with the maximum line length in syslinux.cfg and why we use leaf.cfg instead :-) Eric --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] New Problem with UClibc syslinux
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tibbs, Richard wrote: | Ah! Looks like leaf.cfg has changed from the Bering 1.2 days. | My leaf.cfg with uclibc looks like below, but I will try one like yours. | | Strange thing is the leaf.cfg packages load, while everything beyond | local in syslinux LRP= (see below) does not. | Thx. Rick | | LRP=$KCMD_LRP libc207 | LRP=$LRP libssl | LRP=$LRP liblzo | LRP=$LRP openvpnz Looks like your syslinux.cfg kernel command line is longer than 256 characters (a kernel limit), so probably the stuff past local is getting chopped off. Run cat /proc/cmdline to see what got passed to the kernel. It's probably just your bad luck that the 256 character limit hit right at the end of local, making it harder to debug. The length limit on the kernel commandline string is the reason for the leaf.cfg file. - -- Charles Steinkuehler [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFDjZYALywbqEHdNFwRAh4jAJ4qGgTW9t/JwptF3jsRoWL2LOD5FwCeNAOD UajrYPEog0Km92S3YODjisQ= =5qO9 -END PGP SIGNATURE- --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
RE: [leaf-user] New Problem with UClibc syslinux
According to editpadlite, the kernel line is 253 chars... I will read the installation guide for a change. Rick. -Original Message- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 30, 2005 7:07 AM To: Tibbs, Richard Cc: Leaf-User (E-mail) Subject: Re: [leaf-user] New Problem with UClibc syslinux -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tibbs, Richard wrote: | Ah! Looks like leaf.cfg has changed from the Bering 1.2 days. | My leaf.cfg with uclibc looks like below, but I will try one like yours. | | Strange thing is the leaf.cfg packages load, while everything beyond | local in syslinux LRP= (see below) does not. | Thx. Rick | | LRP=$KCMD_LRP libc207 | LRP=$LRP libssl | LRP=$LRP liblzo | LRP=$LRP openvpnz Looks like your syslinux.cfg kernel command line is longer than 256 characters (a kernel limit), so probably the stuff past local is getting chopped off. Run cat /proc/cmdline to see what got passed to the kernel. It's probably just your bad luck that the 256 character limit hit right at the end of local, making it harder to debug. The length limit on the kernel commandline string is the reason for the leaf.cfg file. - -- Charles Steinkuehler [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFDjZYALywbqEHdNFwRAh4jAJ4qGgTW9t/JwptF3jsRoWL2LOD5FwCeNAOD UajrYPEog0Km92S3YODjisQ= =5qO9 -END PGP SIGNATURE- --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] New Problem with UClibc syslinux
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tibbs, Richard wrote: | According to editpadlite, the kernel line is 253 chars... It's the actual kernel command line you have to worry about, not the line in syslinux.cfg. Check /proc/cmdline to see exactly what the kernel *THINKS* the command line is to verify if you are or are not running into the 256 character limit. IIRC, syslinux prepends some things to the command line it passes to the kernel. ...regardless, it sounds like proper use of leaf.cfg (rather than syslinux.cfg) is the solution to your problem. - -- Charles Steinkuehler [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFDja8MLywbqEHdNFwRApWyAKCPZstjRl28mlTdnzXwKGXLjw3VWACg/Pt5 dleieUAVJyhzUVBzodUyrqU= =6JmJ -END PGP SIGNATURE- --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
RE: [leaf-user] New Problem with UClibc syslinux
Charles is right. In uclibc (I am using 2.2.3) there seems to be extra stuff prepended to the kernel cmdline. Different than Bering 1.2. Also, it seems that if I use the leaf.cfg format LRP=root,config,etc,local,libc207,modules,mawk, lpthread,ipsec,libcrpto,shorwall,dnscache, dhcpd,libssl,liblzo,libm,libpcap,openvpnz One needs *all* the packages. At first I began LRP=libc207,modules... but uclibc could not find root thru local, so I added them as above. Hope this helps other uclibc newbies. thanks all. Rick. -Original Message- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 30, 2005 8:54 AM To: Tibbs, Richard Cc: Leaf-User (E-mail) Subject: Re: [leaf-user] New Problem with UClibc syslinux -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tibbs, Richard wrote: | According to editpadlite, the kernel line is 253 chars... It's the actual kernel command line you have to worry about, not the line in syslinux.cfg. Check /proc/cmdline to see exactly what the kernel *THINKS* the command line is to verify if you are or are not running into the 256 character limit. IIRC, syslinux prepends some things to the command line it passes to the kernel. ...regardless, it sounds like proper use of leaf.cfg (rather than syslinux.cfg) is the solution to your problem. - -- Charles Steinkuehler [EMAIL PROTECTED] -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFDja8MLywbqEHdNFwRApWyAKCPZstjRl28mlTdnzXwKGXLjw3VWACg/Pt5 dleieUAVJyhzUVBzodUyrqU= =6JmJ -END PGP SIGNATURE- --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_idv37alloc_id865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] Firewall testing?
Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the helpful folk on this forum), I'd like to see just how secure it appears from the outside. There are various sites, some of them commercial, that give a free firewall security test. I've tried some of them and they give varying results. I'm also aware that it's in the interest of the commercial sites to say that my firewall is insecure - so they can sell me their solution! Any recommendations (or is it good enough for me to nmap from outside)? Jim Ford --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Firewall testing?
On Wednesday 30 November 2005 10:09, Jim Ford wrote: Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the helpful folk on this forum), I'd like to see just how secure it appears from the outside. There are various sites, some of them commercial, that give a free firewall security test. I've tried some of them and they give varying results. I'm also aware that it's in the interest of the commercial sites to say that my firewall is insecure - so they can sell me their solution! Any recommendations (or is it good enough for me to nmap from outside)? You need to carefully evaluate all results -- see Shorewall FAQ 4 and it's related sub-FAQs. If you don't understand a particular report, I recommend running tcpdump on your firewall while doing the scan to verify that the probes are actually reaching your firewall and that they are not being responded to by an intermediate router. -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key pgpQskrtbwHhW.pgp Description: PGP signature
Re: [leaf-user] Firewall testing?
Tom Eastep wrote: On Wednesday 30 November 2005 10:09, Jim Ford wrote: Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the helpful folk on this forum), I'd like to see just how secure it appears from the outside. There are various sites, some of them commercial, that give a free firewall security test. I've tried some of them and they give varying results. I'm also aware that it's in the interest of the commercial sites to say that my firewall is insecure - so they can sell me their solution! Any recommendations (or is it good enough for me to nmap from outside)? You need to carefully evaluate all results -- see Shorewall FAQ 4 and it's related sub-FAQs. If you don't understand a particular report, I recommend running tcpdump on your firewall while doing the scan to verify that the probes are actually reaching your firewall and that they are not being responded to by an intermediate router. -Tom grc.com makes analyse but doesn't sell services. -M --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] RouterBoard 24 4-port NIC driver for Bering uClibc driver?
Where can I find a RouterBoard 24 Nic driver compiled for Bering uClibc? will one of the drivers included with Bering work for this board? It is a 4-port nic uses chip marked dp83815 Marv Horst --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] RouterBoard 24 4-port NIC driver for Bering uClibc driver?
On Wed, 2005-11-30 at 14:17 -0500, Paul Zimm wrote: Hi Paul, will one of the drivers included with Bering work for this board? It is a 4-port nic uses chip marked dp83815 try natsemi.o which is included in the modules tarball (or generate your new modules.lrp via http://www.ucbering.de/cgi-bin/modules.cgi Marv Horst --arne -- Arne Bernin [EMAIL PROTECTED] http://www.ucBering.de --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/