[leaf-user] copy Bering floppy to CF card
Hello List, Right now I am running a Bering uclib firewall from a floppy. I am thinking of buying an IDE CF reader to boot the firewall from a CF card. What would be the easiest way to copy the contents of my current Bering floppy to a CF card which is mounted as /dev/hda1 and to make the CF card bootable? Thanks for any help. Regards Chera Bekker --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] DNAT rule
Hello Marko,
>> host computername{ hardware ethernet 00:00:00:00:00:00; fixed-address
>> 192.168.x.x;
>> }
>>
>>
>> Don't forget to change the relevant variables to suit your network
>> first.
>>
>>
> What is the difference between that and putting the line
> "dhcp-host=00:50:BF:xx:xx:xx,hannibal,192.168.xxx.xxx"
> in to /etc/dnsmasq.conf?
>
There is no functional difference, only the different program used to
accomplish the same (dhcpd verus dnsmasq).
Eric
---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/
[leaf-user] Lots of port probes.
I'm seeing lots of probes, mainly UDP, targetting ports 1025 to 1032 on my firewall. I've had a look at grc.com (very informative) and it seems that these ports are targetted by trojans. Is what I'm seeing an attempt to see if a trojan has opened any of these ports? Wish I could understand what's going on. Sometimes I feel I should just shrug my shoulders and put my trust in Tom Eastep's excellent work, but I feel that _some_ knowlege gives me at least a little power over the brds out there! Jim Ford P.S. I'm just a hairy arsed mechanical engineer. Nut and bolts are my stock-in-trade not bits and bytes! --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Lots of port probes.
On Sunday 11 December 2005 06:56, Jim Ford wrote: > I'm seeing lots of probes, mainly UDP, targetting ports 1025 to 1032 on my > firewall. I've had a look at grc.com (very informative) and it seems that > these ports are targetted by trojans. Is what I'm seeing an attempt to see > if a trojan has opened any of these ports? > Yes -- it's just noise. To cut down on the amount of clutter appearing in my firewall log, I silently blacklist certain traffic. In shorewall.conf, I set BLACKLIST_LOGLEVEL="". Then in /etc/shorewall/blacklist, I have the equivalent of: 0.0.0.0/0 tcp 57 0.0.0.0/0 tcp 1023 0.0.0.0/0 udp 1025:1032 0.0.0.0/0 udp 1434 0.0.0.0/0 tcp 1433 0.0.0.0/0 tcp 2745 0.0.0.0/0 tcp 3127 0.0.0.0/0 tcp 3410 0.0.0.0/0 tcp 4899 0.0.0.0/0 tcp 5554 0.0.0.0/0 tcp 8081 0.0.0.0/0 tcp 9898 -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key pgpRvlX4Iz2As.pgp Description: PGP signature
Re: [leaf-user] RE: Bering uClibc Package Updates
Hi Paul, > Has anyone looked at the Debian ucf package? If not, they should. I > think it could be easily modified to work in a leaf package environment as > an extension to lrcfg. > I took a quick look, but I'm not sure if if can be easely modified (at least not by me :)) It heavely depends on bash and Debian debconf. But maybe parts of it are usable. Eric --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] copy Bering floppy to CF card
Hello Chera, The easiest way is to use initrd_ide.lrp (with ide boot modules) from: http://leaf.sourceforge.net/bering-uclibc/index.php?module=pagemaster&PAGE_user_op=view_page&PAGE_id=3&MMN_position=3:3 if you are using Bering-uClibc 2.3.x If you are using Bering-uClibc 2.2.x, you can find initrd_ide with 2.4.26 modules in: http://cvs.sourceforge.net/viewcvs.py/leaf/bin/packages/uclibc-0.9/20/2.4.26/ Rename the initrd_ide.lrp package to initrd.lrp Read the documentation on "http://leaf.sourceforge.net/doc/guide/buci-ide.html"; on how to setup Bering-uClibc to use on CF. You can use the configured packages from your floppy, so you shouldn't have to change a lot. Eric > Hello List, > > > Right now I am running a Bering uclib firewall from a floppy. I am > thinking of buying an IDE CF reader to boot the firewall from a CF card. > What would be the easiest way to copy the contents of my current Bering > floppy to a CF card which is mounted as /dev/hda1 and to make the CF card > bootable? > > Thanks for any help. > > > Regards > > > Chera Bekker > > > > > --- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log > files for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click > > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > > --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] syslog message: firewall kernel: ip_conntrack: table full, dropping packet.
Hello List, I have noticed that when running a p2p client behind my Bering firewall my syslog gets flooded with the message: |firewall kernel: ip_conntrack: table full, dropping packet.| || Allmost all entries in /proc/net/ip_conntrack pointed to the internal machine running the client. |I noticed that the value in |/proc/sys/net/ipv4/ip_conntrack_max was set to 1024. I have increased this value to 4096 which seems to have put a (temporary?) lid on things. My question is if the increase in the number of connections will somehow have a negative impact on the performance of the firewall? Any information is appreciated. Regards Chera Bekker --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] syslog message: firewall kernel: ip_conntrack: table full, dropping packet.
Hello Chera, There is some information about this setting in the following Bering-uClibc guide and the links section in this guide. http://leaf.sourceforge.net/doc/guide/bucu-conntrack.html Eric > Hello List, > > > I have noticed that when running a p2p client behind my Bering firewall > my syslog gets flooded with the message: > > |firewall kernel: ip_conntrack: table full, dropping packet.| > || > Allmost all entries in /proc/net/ip_conntrack pointed to the internal > machine running the client. > > |I noticed that the value in |/proc/sys/net/ipv4/ip_conntrack_max was > set to 1024. I have increased this value to 4096 which seems to have put a > (temporary?) lid on things. My question is if the increase in the > number of connections will somehow have a negative impact on the > performance of the firewall? > > Any information is appreciated. > > > Regards > > > Chera Bekker > > > > > > > --- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log > files for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click > > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > > --- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
