RE: [leaf-user] New Problem with UClibc syslinux

[Luis.F.Correia]

Hi! 

 -Original Message-
 From: Tibbs, Richard [mailto:[EMAIL PROTECTED] 
 Sent: Wednesday, November 30, 2005 12:01 AM
 To: M Lu; Leaf-User (E-mail)
 Subject: RE: [leaf-user] New Problem with UClibc syslinux
 
 Ah! Looks like leaf.cfg has changed from the Bering 1.2 days.
 My leaf.cfg with uclibc looks like below, but I will try one 
 like yours.

It has... for a long time now...

You could have just read the Bering uClibc Instalation guide,
all is explained there.


Luis Correia   
Bering uClibc Team Member

PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 
Key Server: http://pgp.mit.edu





---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] New Problem with UClibc syslinux

[Eric Spakman]

Hello Richard,

 Strange thing is the leaf.cfg packages load, while everything beyond
 local in syslinux LRP= (see below) does not. Thx. Rick

That has probably something todo with the maximum line length in
syslinux.cfg and why we use leaf.cfg instead :-)

Eric





---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] New Problem with UClibc syslinux

[Charles Steinkuehler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Tibbs, Richard wrote:

| Ah! Looks like leaf.cfg has changed from the Bering 1.2 days.
| My leaf.cfg with uclibc looks like below, but I will try one like yours.
|
| Strange thing is the leaf.cfg packages load, while everything beyond
| local in syslinux LRP= (see below) does not.
| Thx. Rick
|
| LRP=$KCMD_LRP libc207
| LRP=$LRP libssl
| LRP=$LRP liblzo
| LRP=$LRP openvpnz

Looks like your syslinux.cfg kernel command line is longer than 256
characters (a kernel limit), so probably the stuff past local is getting
chopped off.  Run cat /proc/cmdline to see what got passed to the kernel.

It's probably just your bad luck that the 256 character limit hit right at
the end of local, making it harder to debug.  The length limit on the kernel
commandline string is the reason for the leaf.cfg file.

- --
Charles Steinkuehler
[EMAIL PROTECTED]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDjZYALywbqEHdNFwRAh4jAJ4qGgTW9t/JwptF3jsRoWL2LOD5FwCeNAOD
UajrYPEog0Km92S3YODjisQ=
=5qO9
-END PGP SIGNATURE-


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] New Problem with UClibc syslinux

[Tibbs, Richard]

According to editpadlite, the kernel line is 253 chars...
I will read the installation guide for a change.

Rick.

-Original Message-
From: Charles Steinkuehler [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 30, 2005 7:07 AM
To: Tibbs, Richard
Cc: Leaf-User (E-mail)
Subject: Re: [leaf-user] New Problem with UClibc syslinux

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Tibbs, Richard wrote:

| Ah! Looks like leaf.cfg has changed from the Bering 1.2 days.
| My leaf.cfg with uclibc looks like below, but I will try one like
yours.
|
| Strange thing is the leaf.cfg packages load, while everything beyond
| local in syslinux LRP= (see below) does not.
| Thx. Rick
|
| LRP=$KCMD_LRP libc207
| LRP=$LRP libssl
| LRP=$LRP liblzo
| LRP=$LRP openvpnz

Looks like your syslinux.cfg kernel command line is longer than 256
characters (a kernel limit), so probably the stuff past local is getting
chopped off.  Run cat /proc/cmdline to see what got passed to the
kernel.

It's probably just your bad luck that the 256 character limit hit right
at
the end of local, making it harder to debug.  The length limit on the
kernel
commandline string is the reason for the leaf.cfg file.

- --
Charles Steinkuehler
[EMAIL PROTECTED]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDjZYALywbqEHdNFwRAh4jAJ4qGgTW9t/JwptF3jsRoWL2LOD5FwCeNAOD
UajrYPEog0Km92S3YODjisQ=
=5qO9
-END PGP SIGNATURE-


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37alloc_id865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] New Problem with UClibc syslinux

[Charles Steinkuehler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Tibbs, Richard wrote:

| According to editpadlite, the kernel line is 253 chars...

It's the actual kernel command line you have to worry about, not the line in
syslinux.cfg.  Check /proc/cmdline to see exactly what the kernel *THINKS*
the command line is to verify if you are or are not running into the 256
character limit.  IIRC, syslinux prepends some things to the command line it
passes to the kernel.

...regardless, it sounds like proper use of leaf.cfg (rather than
syslinux.cfg) is the solution to your problem.

- --
Charles Steinkuehler
[EMAIL PROTECTED]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDja8MLywbqEHdNFwRApWyAKCPZstjRl28mlTdnzXwKGXLjw3VWACg/Pt5
dleieUAVJyhzUVBzodUyrqU=
=6JmJ
-END PGP SIGNATURE-


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] New Problem with UClibc syslinux

[Tibbs, Richard]

Charles is right. 
In uclibc (I am using 2.2.3) there seems to be extra stuff prepended to
the kernel cmdline. Different than Bering 1.2.

Also, it seems that if I use the leaf.cfg format
LRP=root,config,etc,local,libc207,modules,mawk,
 lpthread,ipsec,libcrpto,shorwall,dnscache,
 dhcpd,libssl,liblzo,libm,libpcap,openvpnz

One needs *all* the packages.  At first I began LRP=libc207,modules...
but uclibc could not find root thru local, so I added them as above.
Hope this helps other uclibc newbies.

thanks all.

Rick.


-Original Message-
From: Charles Steinkuehler [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 30, 2005 8:54 AM
To: Tibbs, Richard
Cc: Leaf-User (E-mail)
Subject: Re: [leaf-user] New Problem with UClibc syslinux

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Tibbs, Richard wrote:

| According to editpadlite, the kernel line is 253 chars...

It's the actual kernel command line you have to worry about, not the
line in
syslinux.cfg.  Check /proc/cmdline to see exactly what the kernel
*THINKS*
the command line is to verify if you are or are not running into the 256
character limit.  IIRC, syslinux prepends some things to the command
line it
passes to the kernel.

...regardless, it sounds like proper use of leaf.cfg (rather than
syslinux.cfg) is the solution to your problem.

- --
Charles Steinkuehler
[EMAIL PROTECTED]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFDja8MLywbqEHdNFwRApWyAKCPZstjRl28mlTdnzXwKGXLjw3VWACg/Pt5
dleieUAVJyhzUVBzodUyrqU=
=6JmJ
-END PGP SIGNATURE-


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37alloc_id865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Firewall testing?

[Jim Ford]

Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the helpful 
folk
on this forum), I'd like to see just how secure it appears from the outside. 
There are 
various sites, some of them commercial, that give a free firewall security test.
I've tried some of them and they give varying results. I'm also aware that it's 
in the
interest of the commercial sites to say that my firewall is insecure - so they 
can
sell me their solution!

Any recommendations (or is it good enough for me to nmap from outside)?

Jim Ford



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] Firewall testing?

[Tom Eastep]

On Wednesday 30 November 2005 10:09, Jim Ford wrote:
 Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the
 helpful folk on this forum), I'd like to see just how secure it appears
 from the outside. There are various sites, some of them commercial, that
 give a free firewall security test. I've tried some of them and they give
 varying results. I'm also aware that it's in the interest of the commercial
 sites to say that my firewall is insecure - so they can sell me their
 solution!

 Any recommendations (or is it good enough for me to nmap from outside)?

You need to carefully evaluate all results -- see Shorewall FAQ 4 and it's 
related sub-FAQs. 

If you don't understand a particular report, I recommend running tcpdump on 
your firewall while doing the scan to verify that the probes are actually 
reaching your firewall and that they are not being responded to by an 
intermediate router.

-Tom
-- 
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA  \ [EMAIL PROTECTED]
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key


pgpQskrtbwHhW.pgp
Description: PGP signature

Re: [leaf-user] Firewall testing?

[Marko Nurmenniemi]

Tom Eastep wrote:


On Wednesday 30 November 2005 10:09, Jim Ford wrote:
 


Now I'm all snug and cosy behind my Leaf Bering firewall (thanks to the
helpful folk on this forum), I'd like to see just how secure it appears
from the outside. There are various sites, some of them commercial, that
give a free firewall security test. I've tried some of them and they give
varying results. I'm also aware that it's in the interest of the commercial
sites to say that my firewall is insecure - so they can sell me their
solution!

Any recommendations (or is it good enough for me to nmap from outside)?
   



You need to carefully evaluate all results -- see Shorewall FAQ 4 and it's 
related sub-FAQs. 

If you don't understand a particular report, I recommend running tcpdump on 
your firewall while doing the scan to verify that the probes are actually 
reaching your firewall and that they are not being responded to by an 
intermediate router.


-Tom
 


grc.com makes analyse but doesn't sell services.

-M


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] RouterBoard 24 4-port NIC driver for Bering uClibc driver?

[Paul Zimm]

Where can I find a RouterBoard 24 Nic driver compiled for Bering uClibc?

will one of the drivers included with Bering work for this board? It is 
a 4-port nic uses chip marked dp83815


Marv Horst


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] RouterBoard 24 4-port NIC driver for Bering uClibc driver?

[Arne Bernin]

On Wed, 2005-11-30 at 14:17 -0500, Paul Zimm wrote:
Hi Paul,

 will one of the drivers included with Bering work for this board? It is 
 a 4-port nic uses chip marked dp83815
 

try natsemi.o which is included in the modules tarball (or generate your
new modules.lrp via http://www.ucbering.de/cgi-bin/modules.cgi

 Marv Horst

--arne


-- 
Arne Bernin [EMAIL PROTECTED]

http://www.ucBering.de





---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/