[leaf-user] ALEXANDRE MARNET
http://cormoranogroup.eu/home.php -- leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] What's the current way to save your changes?
Thanks for the feedback. I'm using the Bering-uClibc_3.1.1-beta1_iso_bering-uclibc.iso for creating my bootable CD. After burning the CD, I see a syslinux.cfg in the CD root. In this file it has an entry: LEAFCFG=/dev/fd0:msdos PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660 1.) Can I just create a leaf.cfg file on a blank floppy, and Bering will read this during the boot process? 2.) Do I need to create a leaf.cfg on the floppy with all of the same entries as the one from the CD, or do I only need a specific entry(s)? (I'd like to declare more packages, and I see the only packages that are declared, by default, on the CD are: LRP=root,config,etc,modules,dropbear) 3.) For my initial Bering setup, do I need any other files on the floppy (syslinux.cfg, etc., etc.), or just leaf.cfg? Thank you, Craig Virus checked by G DATA AntiVirus Version: AVK 18.4154 from 16.06.2008 - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] What's the current way to save your changes?
Hi folks, I'm setting up a new LEAF box, and I'm using the latest Bering-uClibc 3.1.1 beta CD. I have the typical, cable modem scenario (dhcp address from my ISP). I've looked around the newsgroup postings and I've looked at the documentation, but I haven't seen anything specific to this setup (but maybe I've just overlooked it): 1.)If you're using the Bering-uClibc CD, how do you make changes and then back those up? 2.) Do you just use a floppy disk and all of your changes will be backed up it via the built-in scripts? Or do you have to, somehow, specify you want to back up your changes to a floppy? 3.) When you back up to the floppy, upon reboot the floppy files will supersede any files / configuration on the CD? Is that right? I think this is the way things work, but I'd just like to confirm this before I pull my hair out. Also, the last time I set up Bering-uClibc CD (Version 3.0), the only other configuration I needed to make from the default Bering CD was to the dnsmasq.conf file. In order to use dhcpc and use the integrated dhcp daemon, dnsmasq.conf had to have the following entry: resolv-file=/etc/dhcpc/resolv.conf and dhcp-range=192.168.1.1,192.168.1.199,12h 4.) Do I still need to do this also? :-) Thank you, Craig Virus checked by G DATA AntiVirus Version: AVK 18.4146 from 15.06.2008 - Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] changes in syslinux don't affect boot
Hey, I'm trying to exactly the same thing. Where do you find the bootdisk.img file, because I don't see it??? I'm using ISOBuster (Windows) to open up the Bering .iso. Thank you! Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rafael Oliveira Sent: Wednesday, April 25, 2007 6:44 AM To: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] changes in syslinux don't affect boot Ok... The problem was the syslinux.cfg used at the boot. If you mount the boodisk.img and change the syslinux.cfg inside, it works. :) 2007/4/24, Rafael Oliveira [EMAIL PROTECTED]: Hi, I'm trying to setup a firewall based only on CD. I think floppies get damaged very easily. So I did the following: I used the floppy image to configure the system and get the modified configdb.lrp. I used the cdrom image and used with configdb.lrp, and changes in syslinux.cfg to get the system running. It goed wrong. I tryed changing the leaf.cfg but the boot stage looks for leaf.cfg on the floppy. On Bearing-uClibc_3.1-beta1 the cd's syslinux.cfg holds LEAFCFG=/dev/fd0:msdos to load the leaf.cfg on the floppy. So I tryed changing /dev/fd0:msdos to /dev/cdrom:iso9660 but I got nothing. The boot stage looked for a floppy disk. The changes on params in syslinux.cfg don't seems to affect the boot process at all. If I can't change the LEAFCFG I can't load the configdb.cfg in the CD. Looks like the kernel params are built-in in some place I don't know. How can I get my Bering to load the configdb.cfg in the CD?? I greatly appreciate any feedback. P.S. Sorry for my english. I'm not a native english speaker. -- Rafael Araújo Santana de Oliveira -- Rafael Araújo Santana de Oliveira - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] Stock Bering-uClibc 3.0 .iso isn't loading all packages???
Hi folks, Happy Holidays to you all! :-) O.K., I'm feeling pretty stupid. Rather than creating my own CD from scratch, I've downloaded the provided Bering-uClibc_3.0_iso_bering-uclibc-iso.bin (from 3 different mirrors), but it doesn't seem to be loading all of the packages. When I compare the lrcfg menu submenus of my working Bering (that runs from a floppy) to the .iso Bering - there seems to be quite a few packages missing??? For example, under the Package Configuration menu, the only things that are displayed are: config modules (no dhcpd, shorewall, ulogd, etc., etc., etc.) All I've done is downloaded the file, rename it with an .iso extension, and burned it with Nero. What am I (like a bonehead, I'm sure) doing wrong??? Thank you all, Craig - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Stock Bering-uClibc 3.0 .iso isn't loading allpackages???
Thank you, KP...you're right; I didn't see that! :-) Thank you, Sir! Happy Holidays to you!!! Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of KP Kirchdoerfer Sent: Monday, December 25, 2006 11:48 AM To: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] Stock Bering-uClibc 3.0 .iso isn't loading allpackages??? Am Montag, 25. Dezember 2006 17:00 schrieb Craig Caughlin: Hi folks, Happy Holidays to you all! :-) O.K., I'm feeling pretty stupid. Rather than creating my own CD from scratch, I've downloaded the provided Bering-uClibc_3.0_iso_bering-uclibc-iso.bin (from 3 different mirrors), but it doesn't seem to be loading all of the packages. When I compare the lrcfg menu submenus of my working Bering (that runs from a floppy) to the .iso Bering - there seems to be quite a few packages missing??? For example, under the Package Configuration menu, the only things that are displayed are: config modules (no dhcpd, shorewall, ulogd, etc., etc., etc.) All I've done is downloaded the file, rename it with an .iso extension, and burned it with Nero. What am I (like a bonehead, I'm sure) doing wrong??? You haven't read the documentation, or you overlooked the following: Step 3: Adding packages and backup configuration Packages can be added or removed in a flexibel way by declaring/undeclaring them in leaf.cfg on a new formatted floppy. Additionally your configuration settings for all packages can be stored on the same floppy. Declaring packages Edit leaf.cfg on a blank formatted floppy disk, add your packages to LRP and change PKGPATH to point to your CDROM and the floppy device. LRP=root config etc local modules iptables dnsmasq keyboard shorwall ulogd libz mawk libssl libm ezipupd dropbear webconf ppp pppoe libpcap PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660 syst_size=8M log_size=2M Note: The order in PKGPATH is important! The leftmost entry will be loaded last - so your packages will be load first from CDROM and then from /dev/fd0. This will overwrite the configuration with the settings you stored on the floppy. Save your configuration You can save your configuration changes onto the floppy, you have declared leaf.cfg. kp - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] CD hangs at LINUXRC: Loaded Packages
In my case, there is. Unfortunately, the default Bering .iso won't boot on my box. Also, I've never figured out why, but when I create my own CD (using the old Bering instructions)...it boots much, much, faster than the new .iso. I'm not sure why, but that's the way it is. Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kwon Sent: Saturday, December 23, 2006 9:09 PM To: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] CD hangs at LINUXRC: Loaded Packages Hi folks, I'm trying to create a bootable CD, and the CD boots fine, but hangs at: There really is no need to create your own CD! I just burn the .iso image to a CD and save all my config files to a 1.44 floppy. Merry Christmas and Happy New Year! Cheers! - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] CD hangs at LINUXRC: Loaded Packages
Thanks Ciao. Unfortunately, it doesn't seem like that was my problem. I've edited my files using Ultra Edit 32 (which is supposed to respect the Unix format), I edited them directly on the Bering box itself, and I've even downloaded the stock Bering .iso and tried using those files directly...but no success. The box still hangs at the same place. As a side note, the old how-to-create a Bering CD instructions say to rename the syslinux.cfg to isolinux.cfg before creating your CD. I see the stock .iso uses a syslinux.cfg. Curiously, when I use that file as is (without renaming it), the boot process crashes and I get a kernel panic! How odd??? Suggestions??? Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mailing Lists Sent: Sunday, December 24, 2006 12:39 AM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] CD hangs at LINUXRC: Loaded Packages Take a look to your leaf.cfg Probably it is in windows format (cr/lf) and not in unix format (lf only) Happy holidays Ciao Gianni Craig Caughlin ha scritto: Hi folks, I'm trying to create a bootable CD, and the CD boots fine, but hangs at: LINUXRC: Loaded Packages My isolinux.cfg looks like: display syslinux.dpy timeout 0 append reboot=bios default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 LEAFCFG=/dev/cdrom:iso9660 And the only change to my leaf.cfg looks like: # The first entry is the backup device. # The path is parsed in reversed order, packages on the first device listed will be loaded last. #PKGPATH=/dev/fd0u1680:msdos PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660 The command I'm executing to create the .iso is: mkisofs -o bering.iso -b isolinux.bin -c isolinux.cat -V Bering -no-emul-boot -relaxed-filenames -boot-load-size 4 -boot-info-table -hide isolinux.bin -l diskcontent Any idea what might be causing my boot problem? Thank you, Craig - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] No DHCP address to the DMZ :-(
Hi folks, Happy Holidays. :-) I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the web, etc. work great. Now, I'm trying to set up a wireless router in my DMZ, and it's not getting a dynamic IP address (I have confirmed this by connecting a laptop via crossover cable directly to the DMZ NIC). Here's my scenario: 1. I'm using the new, Bering uClibc 3.0 2. ip addr show displays: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0 eth1: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 eth2: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2 3. I uncommented the DMZ section of /etc/network/interfaces 4. I have the following changes to Shorewall: /etc/shorewall/zones - Uncommented the DMZ line /etc/shorewall/policy - DMZ NET ACCEPT /etc/shorewall/rules - DNS/ACCEPT dmz fw, Ping/ACCEPT dmz fw, and ACCEPT fw dmz icmp /etc/shorewall/interfaces - dmz eth2 detect dhcp /etc/shorewall/masq - Unchanged /etc/shorewall/routestopped - Unchanged 5. Should I connect the wireless router to eth2 via a regular CAT5 cable, or should I use a crossover cable? Suggestions? Comments? Thank you all. Craig - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] No DHCP address to the DMZ :-(
Hi Eric, The only thing I have done to get things up and running is: I've uncommented dhcp-range=192.168.1.1,192.168.1.199,12h in the /etc/dnsmasq.conf file. Do I need to do something different? Also, should I add another interface in /etc/dhcpc/config ? I see at the bottom it says, # Add other interfaces here *) ;; Should I add eth2? What does the syntax look like?: # Add other interfaces here *) eth2 ;; Is that right (and/or do I even need to worry about it?)? Thank you! :-) Craig -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 10:35 AM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Hi folks, Happy Holidays. :-) Happy Holidays to you ;-) I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the web, etc. work great. Now, I'm trying to set up a wireless router in my DMZ, and it's not getting a dynamic IP address (I have confirmed this by connecting a laptop via crossover cable directly to the DMZ NIC). Here's my scenario: 1. I'm using the new, Bering uClibc 3.0 2. ip addr show displays: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0 eth1: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 eth2: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2 3. I uncommented the DMZ section of /etc/network/interfaces 4. I have the following changes to Shorewall: /etc/shorewall/zones - Uncommented the DMZ line /etc/shorewall/policy - DMZ NET ACCEPT /etc/shorewall/rules - DNS/ACCEPT dmz fw, Ping/ACCEPT dmz fw, and ACCEPT fw dmz icmp /etc/shorewall/interfaces - dmz eth2 detect dhcp /etc/shorewall/masq - Unchanged /etc/shorewall/routestopped - Unchanged How did you configure your dhcp server (I guess dnsmasq)? Did you add a dhcp range for the 192.168.1.0 network? 5. Should I connect the wireless router to eth2 via a regular CAT5 cable, or should I use a crossover cable? For a router - router or router - pc connection you need a cross cable, if you use a switch a straight cable should be used. Suggestions? Comments? Thank you all. Craig Eric - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] No DHCP address to the DMZ :-(
Unfortunately, no. :-( I've even tried changing cables to be sure it wasn't a simple problem like that (even though they're brand new cables). Suggestions? Thank you, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Spakman Sent: Saturday, December 23, 2006 11:07 AM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Hi Eric, The only thing I have done to get things up and running is: I've uncommented dhcp-range=192.168.1.1,192.168.1.199,12h in the /etc/dnsmasq.conf file. Do I need to do something different? No, that's enough to serve dhcp addresses. Also, should I add another interface in /etc/dhcpc/config ? I see at the bottom it says, # Add other interfaces here *) ;; Should I add eth2? What does the syntax look like?: # Add other interfaces here *) eth2 ;; Is that right (and/or do I even need to worry about it?)? This is the configuration of dhcpcd, the dhcp client. You don't need to worry about that. Thank you! :-) Is it working now in the dmz? Craig Eric -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 10:35 AM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Hi folks, Happy Holidays. :-) Happy Holidays to you ;-) I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the web, etc. work great. Now, I'm trying to set up a wireless router in my DMZ, and it's not getting a dynamic IP address (I have confirmed this by connecting a laptop via crossover cable directly to the DMZ NIC). Here's my scenario: 1. I'm using the new, Bering uClibc 3.0 2. ip addr show displays: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0 eth1: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 eth2: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2 3. I uncommented the DMZ section of /etc/network/interfaces 4. I have the following changes to Shorewall: /etc/shorewall/zones - Uncommented the DMZ line /etc/shorewall/policy - DMZ NET ACCEPT /etc/shorewall/rules - DNS/ACCEPT dmz fw, Ping/ACCEPT dmz fw, and ACCEPT fw dmz icmp /etc/shorewall/interfaces - dmz eth2 detect dhcp /etc/shorewall/masq - Unchanged /etc/shorewall/routestopped - Unchanged How did you configure your dhcp server (I guess dnsmasq)? Did you add a dhcp range for the 192.168.1.0 network? 5. Should I connect the wireless router to eth2 via a regular CAT5 cable, or should I use a crossover cable? For a router - router or router - pc connection you need a cross cable, if you use a switch a straight cable should be used. Suggestions? Comments? Thank you all. Craig Eric - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] No DHCP address to the DMZ :-(
Wow, thanks everyone. :-) I like kp's idea of creating a separate subnet for the DMZ (e.g: 192.168.2.0). Do I do that all through dnsmasq.conf?...or are there changes I need to make to shorewall as well? Thank you, Craig -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 11:24 AM To: Craig Caughlin Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Unfortunately, no. :-( I've even tried changing cables to be sure it wasn't a simple problem like that (even though they're brand new cables). Suggestions? A few things to check: Do you have an ip connection at all? Try to give the system a fixed ip address and run ping. If that works, enable dhcp on that system again and look if dhcp traffic isn't blocked. This can be done with 'shorewall hits', but it's better to use tcpdump to 'snif' the traffic. Thank you, Craig Eric -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 11:07 AM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Hi Eric, The only thing I have done to get things up and running is: I've uncommented dhcp-range=192.168.1.1,192.168.1.199,12h in the /etc/dnsmasq.conf file. Do I need to do something different? No, that's enough to serve dhcp addresses. Also, should I add another interface in /etc/dhcpc/config ? I see at the bottom it says, # Add other interfaces here *) ;; Should I add eth2? What does the syntax look like?: # Add other interfaces here *) eth2 ;; Is that right (and/or do I even need to worry about it?)? This is the configuration of dhcpcd, the dhcp client. You don't need to worry about that. Thank you! :-) Is it working now in the dmz? Craig Eric -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 10:35 AM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Hi folks, Happy Holidays. :-) Happy Holidays to you ;-) I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the web, etc. work great. Now, I'm trying to set up a wireless router in my DMZ, and it's not getting a dynamic IP address (I have confirmed this by connecting a laptop via crossover cable directly to the DMZ NIC). Here's my scenario: 1. I'm using the new, Bering uClibc 3.0 2. ip addr show displays: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0 eth1: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 eth2: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2 3. I uncommented the DMZ section of /etc/network/interfaces 4. I have the following changes to Shorewall: /etc/shorewall/zones - Uncommented the DMZ line /etc/shorewall/policy - DMZ NET ACCEPT /etc/shorewall/rules - DNS/ACCEPT dmz fw, Ping/ACCEPT dmz fw, and ACCEPT fw dmz icmp /etc/shorewall/interfaces - dmz eth2 detect dhcp /etc/shorewall/masq - Unchanged /etc/shorewall/routestopped - Unchanged - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] No DHCP address to the DMZ :-( Solved!!!
Hi folks, Yippee!!! That solved it!!! Thank you Eric, KP, and Brett. One final question, if I may. Rather than having my wireless router hanging out there as the proverbial low hanging fruit, I'd like to protect it just like my internal LAN. Which shorewall config settings of the LAN do I need to duplicate for the DMZ to achieve this??? Thank you all for your continued help! :-) Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Spakman Sent: Saturday, December 23, 2006 1:02 PM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Wow, thanks everyone. :-) I like kp's idea of creating a separate subnet for the DMZ (e.g: 192.168.2.0). Do I do that all through dnsmasq.conf?...or are there changes I need to make to shorewall as well? You have to make them in /etc/network/interfaces: auto eth1 iface eth1 inet static address 192.168.1.254 netmask 255.255.255.0 broadcast 192.168.1.255 auto eth2 iface eth2 inet static address 192.168.2.254 netmask 255.255.255.0 broadcast 192.168.2.255 And if you want to have dhcp on both networks you have to do something like this in dnsmasq.conf: dhcp-range=192.168.1.1,192.168.1.199,12h dhcp-range=192.168.2.1,192.168.2.199,12h In shorewall it's important in above case to have both loc eth1 detect dhcp and dmz eth2 detect dhcp in the shorewall/interfaces file. Eric Thank you, Craig -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 11:24 AM To: Craig Caughlin Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Unfortunately, no. :-( I've even tried changing cables to be sure it wasn't a simple problem like that (even though they're brand new cables). Suggestions? A few things to check: Do you have an ip connection at all? Try to give the system a fixed ip address and run ping. If that works, enable dhcp on that system again and look if dhcp traffic isn't blocked. This can be done with 'shorewall hits', but it's better to use tcpdump to 'snif' the traffic. Thank you, Craig Eric -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 11:07 AM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Hi Eric, The only thing I have done to get things up and running is: I've uncommented dhcp-range=192.168.1.1,192.168.1.199,12h in the /etc/dnsmasq.conf file. Do I need to do something different? No, that's enough to serve dhcp addresses. Also, should I add another interface in /etc/dhcpc/config ? I see at the bottom it says, # Add other interfaces here *) ;; Should I add eth2? What does the syntax look like?: # Add other interfaces here *) eth2 ;; Is that right (and/or do I even need to worry about it?)? This is the configuration of dhcpcd, the dhcp client. You don't need to worry about that. Thank you! :-) Is it working now in the dmz? Craig Eric -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Saturday, December 23, 2006 10:35 AM To: Craig Caughlin Cc: leaf-user@lists.sourceforge.net Subject: Re: [leaf-user] No DHCP address to the DMZ :-( Hi Craig, Hi folks, Happy Holidays. :-) Happy Holidays to you ;-) I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the web, etc. work great. Now, I'm trying to set up a wireless router in my DMZ, and it's not getting a dynamic IP address (I have confirmed this by connecting a laptop via crossover cable directly to the DMZ NIC). Here's my scenario: 1. I'm using the new, Bering uClibc 3.0 2. ip addr show displays: eth0: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0 eth1: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 eth2: mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2 3. I uncommented the DMZ section of /etc/network/interfaces 4. I have the following changes to Shorewall: /etc/shorewall/zones - Uncommented the DMZ line /etc/shorewall/policy - DMZ NET ACCEPT /etc/shorewall/rules - DNS/ACCEPT dmz fw, Ping/ACCEPT dmz fw, and ACCEPT fw dmz icmp /etc/shorewall/interfaces - dmz eth2 detect dhcp /etc/shorewall/masq - Unchanged /etc/shorewall/routestopped - Unchanged - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business
[leaf-user] CD hangs at LINUXRC: Loaded Packages
Hi folks, I'm trying to create a bootable CD, and the CD boots fine, but hangs at: LINUXRC: Loaded Packages My isolinux.cfg looks like: display syslinux.dpy timeout 0 append reboot=bios default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 LEAFCFG=/dev/cdrom:iso9660 And the only change to my leaf.cfg looks like: # The first entry is the backup device. # The path is parsed in reversed order, packages on the first device listed will be loaded last. #PKGPATH=/dev/fd0u1680:msdos PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660 The command I'm executing to create the .iso is: mkisofs -o bering.iso -b isolinux.bin -c isolinux.cat -V Bering -no-emul-boot -relaxed-filenames -boot-load-size 4 -boot-info-table -hide isolinux.bin -l diskcontent Any idea what might be causing my boot problem? Thank you, Craig - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] CD hangs at LINUXRC: Loaded Packages
Hi folks, I'm trying to create a bootable CD, and the CD boots fine, but hangs at: LINUXRC: Loaded Packages My isolinux.cfg looks like: display syslinux.dpy timeout 0 append reboot=bios default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 LEAFCFG=/dev/cdrom:iso9660 And the only change to my leaf.cfg looks like: # The first entry is the backup device. # The path is parsed in reversed order, packages on the first device listed will be loaded last. #PKGPATH=/dev/fd0u1680:msdos PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660 The command I'm executing to create the .iso is: mkisofs -o bering.iso -b isolinux.bin -c isolinux.cat -V Bering -no-emul-boot -relaxed-filenames -boot-load-size 4 -boot-info-table -hide isolinux.bin -l diskcontent Any idea what might be causing my boot problem? Thank you, Craig - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] gendropbearkeys not working?
Hi folks, I'm upgrading to the new, Bering uClibc 3.0, and the gendropbearkeys command (script) doesn't seem to be working?...or is it me (like I'm doing something wrong, which is likely)??? :-) Thank you, Craig - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] gendropbearkeys not working? Forget it :-)
Duhhh, I see that the keys are now generated automatically: dropbear - keys are automatically created when they not exist, the gendropbearkeys script is removed. Suggested by Paul Traina Sorry about that. Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Craig Caughlin Sent: Friday, December 22, 2006 3:21 PM To: leaf-user@lists.sourceforge.net Subject: [leaf-user] gendropbearkeys not working? Hi folks, I'm upgrading to the new, Bering uClibc 3.0, and the gendropbearkeys command (script) doesn't seem to be working?...or is it me (like I'm doing something wrong, which is likely)??? :-) Thank you, Craig - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] DNS problems?
Hi Eric, Hmmm, this looks suspicious. cat /var/log/daemon.log showed this entry (among others): failed to access /etc/dhcpc/resolve.conf: no such file or directory Thank you, Craig -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 31, 2006 12:07 AM To: Craig Caughlin Cc: 'Leaf-User ' Subject: Re: [leaf-user] DNS problems? Hi Craig, What is the output of daemon.log if you restart it? (svi dnsmasq restart) Hi folks, I made the changes that Eric suggested, and I still can't resolve names. I see in this document: http://leaf.sourceforge.net/doc/bk02ch13s08.html it references changing the /etc/shorwall/rules to allow access to ports 67 68. Unfortunately, there doesn't seem to be such an entry line in Shorewall. Therefore change /etc/shorewall/rules as shown below: # uncomment to use dnsmasq's dhcpd in your LAN ACCEPT loc fwudp 67,68 H. Might there be something else with Shorewall I need to look at? I'm a bit rusty in this area, but the follwing line in the rules file should be the way it works with the latest shorewall versions: # Accept DNS connections from the firewall to the network # and from the local network to the firewall (in case dnsmasq is used) DNS/ACCEPT fw net DNS/ACCEPT loc fw Suggestions? Thank you all. Craig Eric - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] DNS problems?...SOLVED!
Hi folks, KP was exactly correct...I had: resolve-file=/etc/dhcpc/resolv.conf and not resolv-file=/etc/dhcpc/resolv.conf Thank you, gentlemen, for your help. And for what it's worth...you guys (the entire Bering team, and Tom too) do a heck-of-a-job. This is a great work of art! Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of KP Kirchdoerfer Sent: Tuesday, October 31, 2006 5:55 AM To: leaf-user@lists.sourceforge.net Cc: Eric Spakman; Craig Caughlin Subject: Re: [leaf-user] DNS problems? Hi the name of the option and the file has been that often mistyped in the mails, I'm suspicious it might be wrong in the dnsmasq.conf as well. It is: resolv-file=/etc/dhcpc/resolv.conf and not resolve-file or resolve.conf. kp Am Dienstag, 31. Oktober 2006 14:41 schrieb Eric Spakman: Hi Craig, That's strange, does the /etc/dhcpc/resolv.conf file exist (and are you using dhcpcd.lrp)? Eric Hi Eric, Hmmm, this looks suspicious. cat /var/log/daemon.log showed this entry (among others): failed to access /etc/dhcpc/resolve.conf: no such file or directory Thank you, Craig -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 31, 2006 12:07 AM To: Craig Caughlin Cc: 'Leaf-User ' Subject: Re: [leaf-user] DNS problems? Hi Craig, What is the output of daemon.log if you restart it? (svi dnsmasq restart) Hi folks, I made the changes that Eric suggested, and I still can't resolve names. I see in this document: http://leaf.sourceforge.net/doc/bk02ch13s08.html it references changing the /etc/shorwall/rules to allow access to ports 67 68. Unfortunately, there doesn't seem to be such an entry line in Shorewall. Therefore change /etc/shorewall/rules as shown below: # uncomment to use dnsmasq's dhcpd in your LAN ACCEPT loc fwudp 67,68 H. Might there be something else with Shorewall I need to look at? I'm a bit rusty in this area, but the follwing line in the rules file should be the way it works with the latest shorewall versions: # Accept DNS connections from the firewall to the network # and from the local network to the firewall (in case dnsmasq is used) DNS/ACCEPT fw net DNS/ACCEPT loc fw Suggestions? Thank you all. Craig Eric - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] DNS problems?
Hi folks, I'm guessing I don't have DNS (dnqmasq) set up correctly on the new Bering. I can reach the internet (like Google for example) just fine by using its IP address (66.102.7.99), but I can't otherwise. I set up the new Bering (Bering-uClibc_3.0-beta2) dnsmasq just like my old Bering (2.4.20 I believe), but it doesn't seem to work. Here's what I did: 1.) I uncommented the filterw2k line 2.) I changed the resolve-file= line to read: resolve-file=/etc/dhcpc/resolv.conf 3.) I uncommented the dhcp-range= line 4.) I uncommented the dhcp-leasefile= line I've looked at the documentation for setting up dnsmasq, but I guess I'm missing something. :-( Suggestions??? Thank you...have a great week! Craig - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] DNS problems?
Hi folks, I made the changes that Eric suggested, and I still can't resolve names. I see in this document: http://leaf.sourceforge.net/doc/bk02ch13s08.html it references changing the /etc/shorwall/rules to allow access to ports 67 68. Unfortunately, there doesn't seem to be such an entry line in Shorewall. Therefore change /etc/shorewall/rules as shown below: # uncomment to use dnsmasq's dhcpd in your LAN ACCEPT loc fwudp 67,68 H. Might there be something else with Shorewall I need to look at? Suggestions? Thank you all. Craig -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Monday, October 30, 2006 8:05 AM To: [EMAIL PROTECTED] Cc: 'Leaf-User ' Subject: Re: [leaf-user] DNS problems? Hello Craig, The only modification necessary, if you use dhcpc and want the integrated dhcp daemon, is: resolve-file=/etc/dhcpc/resolv.conf and dhcp-range=192.168.1.1,192.168.1.199,12h See also: http://leaf.sourceforge.net/doc/bk02ch13.html (especially http://leaf.sourceforge.net/doc/bk02ch13s08.html and http://leaf.sourceforge.net/doc/bk02ch13s05.html) Eric Thanks, Luis. The only reason I made these changes is because my old Bering worked just fine this way...so I thought that must be why my new Bering doesn't! :-) I guess I'm wrong. Should I change things back to their default settings and then start troubleshooting from there? Do you think the default Bering DNS functionality should work out of the box without need for modifications for cable internet service (which is what I have)? Thank you, Craig -- Original message -- From: Luis.F.Correia [EMAIL PROTECTED] Hi! -Original Message- From: Craig Caughlin [mailto:[EMAIL PROTECTED] Sent: segunda-feira, 30 de Outubro de 2006 14:16 To: 'Leaf-User (E-mail)' Subject: [leaf-user] DNS problems? Hi folks, I'm guessing I don't have DNS (dnqmasq) set up correctly on the new Bering. I can reach the internet (like Google for example) just fine by using its IP address (66.102.7.99), but I can't otherwise. I set up the new Bering (Bering-uClibc_3.0-beta2) dnsmasq just like my old Bering (2.4.20 I believe), but it doesn't seem to work. Here's what I did: 1.) I uncommented the filterw2k line 2.) I changed the resolve-file= line to read: resolve-file=/etc/dhcpc/resolv.conf Why this change? Which program fills this file with valid data? If you are using PPPoE, and if 'peerdns' is defined, you may use the /etc/ppp/resolv.conf instead. 3.) I uncommented the dhcp-range= line 4.) I uncommented the dhcp-leasefile= line I've looked at the documentation for setting up dnsmasq, but I guess I'm missing something. :-( Suggestions??? Thank you...have a great week! Craig Luis Correia --- -- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=12164 2 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] Netgear FA311 driver
Hi folks, I'm trying to set up the new Bering-uClibc 3.0-beta-2, and I'm having difficulty finding the right NIC driver. All of my NICs in the box are the same; they're Netgear FA311s. I've tried the natsemi driver, the tulip driver, and the crc32 driver with both...but no luck. Suggestions? Thank you, Craig - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
Re: [leaf-user] Netgear FA311 driver
Hi Arne, ip addr show reveals that I do have ip addresses! :-) (I guess I forgot the crc32 driver). 1.) But, I can't surf the web. Do I need to do anything with DNS? 2.) Also, I get a LWP is undefined - Using LRP package list (whatever this means). 3.) Finally, what do I need to do to log into the web interface? I have set up dropbear (gendropbearkeys), and then backed it up. 192.168.1.254 prompts me for a user name and password, but it doesn't want to take: root / (mypassword). O.K., call me stupid :-) What am I doing wrong? Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Arne Bernin Sent: Sunday, October 29, 2006 11:47 AM To: Leaf-User (E-mail) Subject: Re: [leaf-user] Netgear FA311 driver On Sun, 2006-10-29 at 11:24 -0800, Craig Caughlin wrote: Hi folks, I'm trying to set up the new Bering-uClibc 3.0-beta-2, and I'm having difficulty finding the right NIC driver. All of my NICs in the box are the same; they're Netgear FA311s. I've tried the natsemi driver, the tulip driver, and the crc32 driver with both...but no luck. Suggestions? hmm. the natsemi driver should be ok for these cards (at least that is what i have read). I assume, you load crc32 first... did you get any error messages ? -- Arne Bernin [EMAIL PROTECTED] http://www.ucBering.de - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] Boot error with Bering-uClibc_3.0-beta2_iso_bering-uclibc-iso.bin
Hi folks, I'm sorry for the post because I'm sure I'm doing something realy dumb; no matter what I try, I can't get the Bering-uClibc_3.0-beta2_iso_bering- uclibc-iso.bin to boot. I've renamed it with an .iso extension, burned it to a CD, tried booting with VMWare...but no dice. I can't seem to get it to boot. What am I doing wrong? Thank you, Craig - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] configconfigdb(nf!)db error message(?) on boot
Hi folks, I'm trying to set up the latest greatest Bering. I'm booting Bering-uClibc_3.0-beta2 from a floppy, and I get the following message on boot: configconfigdb(nf!)db Is this an error (it looks like it is)? How do I correct it? Thank you, Craig - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642 leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
[leaf-user] Provide DHCP address ONLY to predetermined MAC address?
Hi folks, Can you set up the latest Bering to provide addresses to ONLY a predetermined list of MAC addressed clients? It seems like I remember someone doing something similar to this a while back, but I can't find a posting on it. I found something very similar (http://www.mail-archive.com/leaf-user@lists.sourceforge.net/msg15044.html), but I didn't know if the setup would be the same since the new Bering uses dnsmasq to provide LAN DHCP services. Thank you, Craig --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95alloc_id396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Provide DHCP address ONLY to predetermined MAC address?
Cool. Hey, thanks for the tip, Eric. :-) In your example, you assign the same IP address to the same MAC address. I guess what I'm wondering is: Can you have your LAN clients receive a random address from a pool of DHCP addresses? What I'm hoping to do is: replace my company's hokey Windoze DHCP server with LEAF/Bering. Windoze can do the same thing you're suggesting; it can tie a DHCP reservation to a MAC address, but you can't give an address out of a pool, at random, for a predetermined MAC address client. It's not that robust, and I'm hoping Bering is! I work for a bank, and federal auditors will be concerned that someone could, in theory, bring in a laptop...plug it into an available CAT5 outlet and wreak havoc on my network. Comments/suggestions? Thank you, Craig -Original Message- From: Eric Spakman [mailto:[EMAIL PROTECTED] Sent: Thursday, April 14, 2005 1:35 PM To: leaf-user@lists.sourceforge.net Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] Provide DHCP address ONLY to predetermined MAC address? Hello Craig, Things like this are possible with setting config options like this (some examples from the dnsmasq.conf file): # Always allocate the host with ethernet address 11:22:33:44:55:66 # The IP address 192.168.0.60 #dhcp-host=11:22:33:44:55:66,192.168.0.60 # Never offer DHCP service to a machine whose ethernet # address is 11:22:33:44:55:66 #dhcp-host=11:22:33:44:55:66,ignore You can set multiple dhcp-host lines and there are more examples in this file to finetune the behaviour. You can get more info on the dnsmasq site (http://thekelleys.org.uk/dnsmasq/doc.html) or ask questions on the dnsmasq list (they probably know more about it than me :-) Eric Spakman - Hi folks, Can you set up the latest Bering to provide addresses to ONLY a predetermined list of MAC addressed clients? It seems like I remember someone doing something similar to this a while back, but I can't find a posting on it. I found something very similar (http://www.mail-archive.com/leaf- [EMAIL PROTECTED]/msg15044.html), but I didn't know if the setup would be the same since the new Bering uses dnsmasq to provide LAN DHCP services. Thank you, Craig --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95alloc_id396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Provide DHCP address ONLY to predetermined MAC address?
Oh, I agree completely. It just seems like a quick dirty method to keep the auditors that I've personally met (who, IMHO, are not the sharpest knives in the drawer) happy. I like method number 2, but Bering doesn't support that..does it??? If it does, well hey, tell me more! I'll be on that like white on rice. Thank you, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Spakman Sent: Thursday, April 14, 2005 2:38 PM To: [EMAIL PROTECTED] Cc: leaf-user@lists.sourceforge.net Subject: RE: [leaf-user] Provide DHCP address ONLY to predetermined MAC address? Hello Craig, I understand what you are trying to do, but it goes beyond my knowledge of the dnsmasq setup. It's also a weak security method, you only prevent someone getting an ip address if the mac address is not listed in a dhcp pool. Someone who wants to get access can easely spoof a mac address or take a fixed ip address in the subnet. A better method for securing a network against unwanted access with a laptop is by using 802.1x (Validated Network Access). Where the laptop is authenticated against Radius via the switch and Active Directory to give access on hardware level (network link). It does this by checking the machine level name/password (not the user name/password), which is stored in AD, and some other values and (fully) opens the switch port when everything is allright. Eric --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] A couple of odd behavior issues???
Thanks, Mike. Yeah, I'm still puzzled because although my network connectivity seems to work fine...I can't imagine why I only see eth0. H. I'm also puzzled why my weblet seems to work from the floppy, but not the CD. I've seen posts from people where a .lrp package won't load because not enough memory was allocated in the leaf.cfg file, so I guess I'll try to increase that parameter and see what happens. Thanks again, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Leone Sent: Monday, February 21, 2005 5:17 PM Cc: LEAF Subject: Re: [leaf-user] A couple of odd behavior issues??? Luis.F.Correia wrote: Hi! answer to question 1 -Original Message- From: Craig Caughlin [mailto:[EMAIL PROTECTED] Sent: Thursday, February 17, 2005 3:04 AM To: LEAF Subject: [leaf-user] A couple of odd behavior issues??? Hi folks, I'm having a little seemingly odd behavior maybe someone can help me with. 1.) If I ps ax | grep eth, I only see eth0, there's no eth1. I should see both, shouldn't I? I'm using the dnsmasq.lrp package and its if you are using ADSL, then your network device is ppp0 Not always correct. If your ADSL connection uses PPPOE, then you would be correct. However, I have an ADSL connection, that does not use PPPOE. So I have 2 eth interfaces. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95alloc_id396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] A couple of odd behavior issues???
Hi folks, I'm having a little seemingly odd behavior maybe someone can help me with. 1.) If I ps ax | grep eth, I only see eth0, there's no eth1. I should see both, shouldn't I? I'm using the dnsmasq.lrp package and its built-in DHCP functionality to service my LAN. 2.) If I boot from the floppy, I can access the firewall log pages at: http://192.168.1.254, but not if I boot from my CD. After booting from the CD and then examining the backup feature of the lrcfg menu, the weblet.lrp package doesn't appear to be loading (for some unknown reason to me) if I boot from the CD. 3.) Should I be using the lrpkg.cfg on my CD, and not the leaf.cfg? Here's what I did: I set up a new box and I started with the latest Bering-uClibc_2.2.3_img_bering-uclibc-1680.exe. I made a floppy and got everything working using it and the latest Shorewall. Then, I made a bootable CD using the files from the floppy. Here's the leaf.cfg from the floppy: LRP=root config etc local modules iptables dhcpcd shorwall ulogd dnsmasq dropbear sh-httpd weblet PKGPATH=/dev/fd0u1680:msdos And here's the leaf.cfg from the CD: LRP=root config etc local modules iptables dhcpcd shorwall ulogd dnsmasq dropbear sh-httpd weblet PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660 Suggestions??? Thank you, Craig --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Error message: .../shorewall/shorewall.conf: not found
Hi folks, I'm setting up a new Bering-uClibc 2.2.3 box, and I've added Tom's latest stable shorwall.lrp package to it before starting any setup. I've got my NICs configured (both use DHCP), and both NICs receive their addresses fine. However...I have no internet access. :-( When I try to ping a FQDN (www.google.com) or an address from the firewall, neither work. When the box boots, I get a couple of error messages: 1.) No policy defined from the zone fw to zone net and 2.) /etc/shorewall/shorewall.conf: 1: /shorewall/shorewall.conf: not found. I've carefully looked at both the Bering-uClibc Installation Guide and Tom's instructions and tried to follow the instructions, but I guess I'm missing something. Suggestions? Thank you, Craig --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95alloc_id396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Error message: .../shorewall/shorewall.conf: not found
Hey, good call, Tom. That solved the /etc/shorewall/shorewall.conf: 1: /shorewall/shorewall.conf: not found error message (I saw Andrea Galmacci's post, too.). My policy file looks pretty vanilla: #SOURCE DESTPOLICY LOG LIMIT:BURST # LEVEL loc net ACCEPT net all DROPULOG # If you want open access to the Internet from your Firewall # remove the comment from the following line. #fw net ACCEPT #LAST LINE -- DO NOT REMOVE Any other suggestions? Thank you, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Eastep Sent: Sunday, February 13, 2005 1:03 PM To: Craig Caughlin; LEAF Subject: Re: [leaf-user] Error message: .../shorewall/shorewall.conf: not found Tom Eastep wrote: Craig Caughlin wrote: Hi folks, I'm setting up a new Bering-uClibc 2.2.3 box, and I've added Tom's latest stable shorwall.lrp package to it before starting any setup. I've got my NICs configured (both use DHCP), and both NICs receive their addresses fine. However...I have no internet access. :-( When I try to ping a FQDN (www.google.com) or an address from the firewall, neither work. When the box boots, I get a couple of error messages: 1.) No policy defined from the zone fw to zone net and Sounds like you have an empty policy file -- that's puzzling since the policy file in my .lrp is fully populated. 2.) /etc/shorewall/shorewall.conf: 1: /shorewall/shorewall.conf: not found. I wouldn't know how to produce that error message if I wanted to... Ah -- I'll bet that you didn't download the corrected shorewall.conf file available in the 'errata/LRP' subdirectory of the download directory. -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95alloc_id396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] DNS problems?
Hi folks, I'm not sure if this is related to my other hiccups, but I don't think so. My problem is that I don't seem to be able to resolve DNS names. I can connect to web sites if I know their IP address, but I can't ping anyone via FQDN either from my LAN or from the firewall. Suggestions? Thank you, Craig --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_ide95alloc_id396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] DNS problems?
Hi folks, Thank you for the reply, Gene. I actually discovered two things I was doing wrong. 1.) I had assumed I needed to use the dhcpd.lrp package that I used to use when I no longer used pump.lrp to service my LAN DHCP clients. Obviously, I didn't need to do that. I didn't realize that the dnsmasq.lrp package has a dhcp feature (for my LAN side of things) built in. So...I first removed the dhcpd.lrp package. Then... 2.) I uncommented and then modified the resolv-file=/etc/dhcpc/resolv.conf and the dhcp-range=192.168.1.1,192.168.1.199,12h lines in the /etc/dnsmasq.conf file. Presto, chango...now it works! :-) Thank you Gene and Tom for your input. Have a great week. Best Regards, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gene Smith Sent: Sunday, February 13, 2005 3:37 PM To: Craig Caughlin Cc: LEAF Subject: Re: [leaf-user] DNS problems? Craig Caughlin wrote, On 02/13/2005 05:22 PM: Hi folks, I'm not sure if this is related to my other hiccups, but I don't think so. My problem is that I don't seem to be able to resolve DNS names. I can connect to web sites if I know their IP address, but I can't ping anyone via FQDN either from my LAN or from the firewall. Suggestions? Thank you, Craig Are you running a dns server (e.g., dnscache) on the firewall or are you requesting dns directly from outside? -gene --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Upgrading shorewall.lrp clarification
Hi folks, I just wanted a little clarification. I'm setting up a new Bering-uClibc 2.2.3 box, and it's included version of Shorewall is 2.0.15. I want to include Tom's latest shorewall.lrp file, 2.2.0. Do I just need to replace the existing .lrp file on my boot media and follow the instructions for its setup at: http://shorewall.net/two-interface.htm or are there instructions somewhere else I should be looking at? I only ask because Tom said to Be sure to pay careful attention to the section entitled Issues when migrating from Shorewall 2.0 to Shorewall 2.2. Forgive me if that seems like a stupid question (but I just want to be sure I'm clear), but if I'm replacing the entire .lrp I don't need to be concerned with upgrade instructions, right??? Thank you, Craig --- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag--drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Upgrading shorewall.lrp clarification
O.K., please forgive me...now I'm really feeling stupid. Where do I find just the .lrp file??? I find the shorewall-lrp-2.2.0.tgz file, but it unzips to be shorewall-lrp-2.2.0.tar. Do I just rename it to shorewall.lrp, or am I missing something??? Thank you, Craig --- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag--drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] multiple addresses
Hi Al, It's not very often I can contribute to the group, but I had identically the same problem. Here's what I did: auto eth0 iface eth0 inet static address 46.60.172.201 netmask 255.255.255.0 broadcast 46.60.172.255 gateway 46.60.172.254 # Additional IP addresses up ip addr add 46.60.172.202/24 brd 46.60.172.255 dev eth0 label eth0:0 up ip addr add 46.60.172.203/24 brd 46.60.172.255 dev eth0 label eth0:1 up ip addr add 46.60.172.204/24 brd 46.60.172.255 dev eth0 label eth0:2 Then be sure to back up. Hope this helps! Cheers, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ALParada Sent: Tuesday, January 18, 2005 2:48 PM To: leaf-user@lists.sourceforge.net Subject: [leaf-user] multiple addresses Hello, Exactly how do you add mutiple ip addresses to the same interface? I tried adding this under network config/interfaces: # Configure Interface auto eth1 iface eth1 inet static address 192.168.1.155 netmask 255.255.255.0 broadcast 192.168.1.0 gateway 192.168.1.1 auto eth1:0 iface eth1 inet static address 192.168.2.155 netmask 255.255.255.0 broadcast 192.168.2.0 When I restarted networking I had lost all my addresses. I did an ip addr and they were all gone. I commented the second address and did a: ip addr add 192.168.2.155/24 brd 192.168.1.255 dev eth0 label eth0:0 and it worked. Since I don't want to do this everytime I reboot what am I doing wrong and how do I fix it? TIA. --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Creating bootable CD error-LRP= is empty or unset...
Hi folks, O.K., I'm stumped. :-) I'm trying to create a bootable CD. I've read the threads about this error message, and followed the instructions (http://leaf.sourceforge.net/doc/guide/bucdrom.html and http://leaf.sourceforge.net/doc/guide/bucu-ide.html) in every combination I can create, and still no success. My CD boots fine, but ultimately gives the error: LINUXRC: PKGPATH is empty or unset. Can not install packages. .:285: Can't open /var/lib/lrpkg/root.dev.own Kernel panic! Attempted to kill init! I started with a floppy disk. I have copied all of my floppy files to a directory, renamed syslinux.cfg to isolinux.cfg, and then deleted ldlinux.sys. To create my CD, I issue this command: mkisofs -o bering.iso -b isolinux.bin -c isolinux.cat -no-emul-boot -boot-load-size 4 -boot-info-table -hide isolinux.bin -l diskcontent. The contents of my isolinux.cfg file is: display syslinux.dpy timeout 0 default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0 LEAFCFG=/dev/fd0:msdos The contents of my leaf.cfg file is (I've removed the commented lines): VERBOSE=1 LRP=root config etc local modules iptables dhcpcd keyboard shorwall ulogd dnsmasq dropbear sh-httpd weblet PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660 syst_size=6M log_size=2M I've tried the LRP= line both with and without parenthesis, no luck. Suggestions??? Happy holidays :-) Craig --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Creating bootable CD error-LRP= is empty or unset...
Hi Luis, I downloaded the Bering-uClibc_2.2.2_iso_bering-uclibc-iso.bin and I've tried using the initrd.lrp package right out of the .iso image and I've tried using the initrd_ide_cd.lrp (renamed to just initrd.lrp), and neither seem to work. Do you think it's something else really simple like the fact that I've edited my files on a Windows box? Also, I see the Bering-uClibc_2.2.2_iso_bering-uclibc.iso file has an lrpkg.cfg file within it, which I do not have in my diskcontent directory that I'm making my CD from. Do I need that file? Thank you, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Luis.F.Correia Sent: Wednesday, December 15, 2004 12:42 AM To: LEAF Subject: RE: [leaf-user] Creating bootable CD error-LRP= is empty or unset... Hi! -Original Message- From: Craig Caughlin [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 15, 2004 3:30 AM To: LEAF Subject: [leaf-user] Creating bootable CD error-LRP= is empty or unset... Hi folks, O.K., I'm stumped. :-) I'm trying to create a bootable CD. I've read the threads about this error message, and followed the instructions (http://leaf.sourceforge.net/doc/guide/bucdrom.html and http://leaf.sourceforge.net/doc/guide/bucu-ide.html) in every combination I can create, and still no success. My CD boots fine, but ultimately gives the error: LINUXRC: PKGPATH is empty or unset. Can not install packages. .:285: Can't open /var/lib/lrpkg/root.dev.own Kernel panic! Attempted to kill init! I started with a floppy disk. I have copied all of my floppy files to a directory, renamed syslinux.cfg to isolinux.cfg, and then deleted ldlinux.sys. To create my CD, I issue this command: mkisofs -o bering.iso -b isolinux.bin -c isolinux.cat -no-emul-boot -boot-load-size 4 -boot-info-table -hide isolinux.bin -l diskcontent. Did you use initrd_cd.lrp, or the standard one? You must have the ide related modules loaded. Luis Correia Bering uClibc Team Member PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 Key Server: http://pgp.mit.edu --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Where's the NIC drivers?
Hmmm, am I missing something? I'm trying to set up Bering-uClibc 2.2.2, and I can't figure out how / where to specify which NIC driver(s) to load. Can someone tell me which file(s) I need to edit and which directory I'll need to copy drivers to should the default install not have my needed driver? Thank you, Craig P.S. Did this change? In my old version of Bering I could edit this from the lrcfg main menu. Just curious. Have a great week! --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Where's the NIC drivers?
Thank you, Jaap. O.K., that's what I thought. But here's the odd part; I have an /etc/modules file and a /lib/modules directory IF I use the Bering-uClibc 2.2.2 floppy image, but not the CD .iso. Is something missing, or am I doing something wrong? Thanks, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jaap Eldering Sent: Monday, December 06, 2004 7:03 AM To: LEAF Subject: Re: [leaf-user] Where's the NIC drivers? On Mon, Dec 06, 2004 at 06:22:57AM -0800, Craig Caughlin wrote: Hmmm, am I missing something? I'm trying to set up Bering-uClibc 2.2.2, and I can't figure out how / where to specify which NIC driver(s) to load. Can someone tell me which file(s) I need to edit and which directory I'll need to copy drivers to should the default install not have my needed driver? Thank you, Craig P.S. Did this change? In my old version of Bering I could edit this from the lrcfg main menu. Just curious. You have to configure this in the file /etc/modules, which should be (almost) the same as in Bering. Modules configured here, are loaded from /lib/modules, so if your NIC's driver (module) is not present, you should copy it from the modules tarball to /lib/modules. Jaap --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] DMZ clarification?
Hi folks, Regarding the proper setup of a DMZ; as a general rule, computers within DMZ's are no more trusted by the internal LAN(s) than are any other computers on the internet. Some of the configuration settings on the firewall are just a little more relaxed to allow boxes in your DMZ to be accessed by computers outside your network. Is that an accurate interpretation? I want to set up a DMZ using the latest Bering, and the above is what I want to achieve. If I follow Tom's documentation on setting up a DMZ...that will be the net result, won't it? Comments...suggestions??? Thank you, Craig --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Please be kind to the Newbie!!
Hi Andrew, I think I can help you with the additional IP addresses. I struggled with trying to figure that out, but with some help from the group...I got mine working. I had 5 static IP addresses assigned to me too, so in the /etc/network/interfaces file (Option 1, and then 1 again from the main lrcfg menu), I made the following entries (after commenting out the iface eth0 inet dhcp entry) : auto eth0 iface eth0 inet static address 46.60.172.201 netmask 255.255.255.0 broadcast 46.60.172.255 gateway 46.60.172.254 # Additional static IP addresses up ip addr add 46.60.172.202/24 brd 46.60.172.255 dev eth0 label eth0:0 up ip addr add 46.60.172.203/24 brd 46.60.172.255 dev eth0 label eth0:1 up ip addr add 46.60.172.204/24 brd 46.60.172.255 dev eth0 label eth0:2 Just substitute your IP addresses for my entries and that should work. Then, back up the etc package from the main menu and reboot. When Bering is back up and running, issue the ip addr command from the command line, and you should see your original IP address and the additional ones you've assigned as well. Hopefully, this makes sense. If not just let me know. Good luck, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, July 01, 2004 2:51 PM To: [EMAIL PROTECTED] Subject: [leaf-user] Please be kind to the Newbie!! Hi everyone, I was trying to setup a very simple firewall and then build up from there. I am using Bering uClibc 2.1.2 my setup is a cable modem with a static IP (I actually have 5 ip's but i'm trying to keep it simple to start) going to the firewall in the first nic port, then from the firewall's second nic port to a switch (because i don't own a crossover cable), then to a laptop. I have been messing around with Network configurations: interfaces file. From step 1 I have tried to setup option 1.2 but i don't understand the settings completely since they look a little different from my standard Linksys router. What do I fill in for address, broadcast, and gateway? My Isp gave me a subnet mask of 255.255.255.248 with my static ips. I used to input dns1 and dns2 in my Linksys Router, do i still have to do this? Then for step 2 I left it alone (default settings looked ok to me) for eth 1. I thought i would first try to get on the internet with the laptop but it doesn't get to the internet. Is there a simple setting I need to change to fix this? I don't even know if the nics are talking to the LEAF? How do I know which is Eth1 and Eth0? Is there a way to determine if leaf has installed the nic cards properly or at all? I didn't load any special drivers because it looked like maybe they will work if the nics are common enough. I haven't messed with anything else in the system. do i need to change some settings in shorewall in order for the laptop to access the internet? Then of course there are the laptop settings, I am running Windows XP Pro. I have given it the following fixed ip settings: ip address: 192.168.1.5 seb net mask: 255.255.255.0 default gateway: 192.168.1.1 DNS1 and DNS2: the supplied info from my ISP btw, how do I change the login and password when LEAF boots up? Please be kind to the noob, I really want to learn this and I really appreciate all the detail and over-simplification you can stand to type. I know a very little about Routing, less about firewalls, and absolutely nothing about Linux. I have been sucking on the Microsoft tit forever. Thank you in advance, Andrew The best thing to hit the Internet in years - Juno SpeedBand! Surf the Web up to FIVE TIMES FASTER! Only $14.95/ month - visit www.juno.com to sign up today! --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by Black Hat Briefings Training. Attend Black Hat Briefings Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering uClib does not find NICs
Hey Arnold, I wonder if you need to us the pci-scan.o module, and make the pci-scan entry right above your NIC declaration(s) in the /etc/modules file??? Mine looks like: # Those realtek based NICs need mii module #mii #8139cp #8139too #eepro100 #epic100 #pcnet32 #viarhine #winbond-840 # PCI ethernet cards #3c59x pci-scan natsemi #tulip ...etc., etc... Just a thought. Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Arnold Wiegert Sent: Wednesday, April 07, 2004 10:59 AM To: [EMAIL PROTECTED] Subject: [leaf-user] Bering uClib does not find NICs After using my firewall for some time on Dachstein, I wanted to upgrade to Bering because it has some features I can't find for Dachstein - such as a time server. So, seeing Bering uClib seems to be getting all the attention these days, I tried it, but had no luck in getting it to recognize my NICs. One is a PCI Surecom EP325 - ne2000 compatible - so I selected 8390.o and ne2k-pci.o. The other is an old IBM (Lan/Tastic based) NIC - so I used ne.o io=0x300 (as per setup). When I use Bering 1.2 with the same modules selected and it does find them. What gives? What am I missing. Another thing: my old Dachstein FW uses older Cabletron E2100 and SMC-Ultra NICs, again, using Bering 1.2 seems to find them given the proper modules, while Bering uClib does not - using the same modules. Arnold --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70alloc_id638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Shorewall affiliation with commercial product?
Hi folks, A while back I remember someone's post (probably Toms) saying that Shorewall had been integrated within a commercial firewall product...but I'll be darned if I can remember any more specifics that this. Does this sound familiar??? Thanks, Craig --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70alloc_id638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Shorewall affiliation with commercial product?
Hey, thanks Tom! Have a great day! Craig -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED] Sent: Sunday, April 04, 2004 10:58 AM To: Craig Caughlin Cc: LEAF Subject: Re: [leaf-user] Shorewall affiliation with commercial product? Craig Caughlin wrote: Hi folks, A while back I remember someone's post (probably Toms) saying that Shorewall had been integrated within a commercial firewall product...but I'll be darned if I can remember any more specifics that this. Does this sound familiar??? Shorewall is the basis for Mandrake's MNF. -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Linux magazine LEAF versus CISCO article?
Hi folks, Management wants to buy a CISCO PIX firewall because they have no confidence in a free firewall product. I've told them to reconsider and thought it would help if I could find that article in Linux magazine that compared the two...but I can't find which month/year it was. Does anyone know which month and year that was??? Thank you. Craig --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70alloc_id638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Linux magazine LEAF versus CISCO article?
Thank you, Geroge! Have a great weekend. Craig --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Suggestions for a difficult password?
Hi folks, I'd like to set a very difficult password for my Bering-uClibc 2.1-rc1 box (for obvious reasons), and I'm open to suggestions. :-) I think (unless I've overlooked something) that I'm limited to an 8 character password, but are there any unusual and/or obscure keyboard combinations I could use to create a very difficult password??? Thank you, Craig --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Difficulty assigning multiple IP addresses
Thank you Erich Ronny! Ronny, Yes since you ask a question like that i guess you typed ip addr add.etc.etc in shell instead of adding to interfaces file ???...that's exactly what I did. I was concerned about what to back up, but Charles told me to back up etc.lrp to save my changes. Thank you both! Best regards, Craig --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Difficulty assigning multiple IP addresses
Hi everyone! O.K. Per Charles Tom's suggestions (thank you, gentlemen), I decided to try and assign my additional IP addresses in the /etc/network/interfaces. I tried to assign them in, at first, 2 different ways...neither one of which worked. I tried: auto eth0 iface eth0 inet static address 66.60.172.201 netmask 255.255.255.0 broadcast 66.60.172.255 gateway 66.60.172.205 auto eth0:0 iface eth0 inet static address 66.60.172.202 netmask 255.255.255.0 broadcast 66.60.172.255 auto eth0:1 iface eth0 inet static address 66.60.172.203 netmask 255.255.255.0 broadcast 66.60.172.255 Etc, etc... And then a subtle variation: auto eth0 iface eth0 inet static address 66.60.172.201 netmask 255.255.255.0 broadcast 66.60.172.255 gateway 66.60.172.205 auto eth0 iface eth0:0 inet static address 66.60.172.202 netmask 255.255.255.0 broadcast 66.60.172.255 auto eth0 iface eth0:1 inet static address 66.60.172.203 netmask 255.255.255.0 broadcast 66.60.172.255 Etc, etc... But neither way worked. The good new is that Tom's suggestion of ip addr add 66.60.172.202/24 brd 66.60.172.255 \dev eth0 label eth0:0, etc works great. I can immediately ping all addresses, and ip addr lists them all. Yippee! But, I don't know what to back up (which .lrp package) to save my changes??? Also, what file(s) were modified by using this method(out of curiosity)? Finally, I have a box on the local LAN that will host a web server, and has MS Terminal Services running on that I want to be able to connect to, so my guess is that I need to follow Tom's FAQ 1c and make entries like: In /etc/shorewall/rules: #ACTION SOURCEDESTPROTO DEST PORT(S) DNAT net loc:192.168.1.201 tcp 80 DNAT net loc:192.168.1.201 tcp 1494 DNAT net loc:192.168.1.201 tcp 3389 Does this look right? Thank you all for your help! Craig --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70alloc_id638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Difficulty assigning multiple IP addresses
Hi folks, I'm trying (with no success) to assign multiple IP addresses to eth0 on my Bering-uClibc 2.1-rc1 box. At Tom's suggestion, I have read (studied really) his instructions at: http://www.shorewall.net/shorewall_setup_guide.htm. I have been assigned by our network admin the following addresses: 66.60.172.201-204, Gateway 205. In /etc/shorewall/masq I have made the following entry: #INTERFACE SUBNET ADDRESS eth0:0 eth166.60.172.201-66.60.172.204 When I save the file, restart shorewall, and issue the ip addr command I'm expecting to see the additional addresses but here's what I get: 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:a0:cc:d3:c2:14 brd ff:ff:ff:ff:ff:ff inet 66.60.172.201/24 brd 66.60.172.255 scope global eth0 inet 66.60.172.204/24 brd 66.60.172.255 scope global secondary eth0:0 4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:a0:cc:52:07:52 brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 5: eth2: BROADCAST,MULTICAST mtu 1500 qdisc noop qlen 1000 link/ether 00:a0:cc:d3:cf:40 brd ff:ff:ff:ff:ff:ff When I try to ping the addresses, I can ping only 66.60.172.201 but nothing else. In the /etc/network/interfaces file, I have eth0 statically set to 66.60.172.201, and I use the dhcpd for assigning local addresses. I'm stumped...any suggestions??? P.S. One thing I did gave me, what *I* think, was a really unusual result: I had initially set eth0's static address as 66.60.172.204, and when I tried to ping 66.60.172.201...here's what I got: G:\WINNT\system32ping 66.60.172.201 Pinging 66.60.172.201 with 32 bytes of data: Reply from 66.60.172.204: Destination host unreachable. Reply from 66.60.172.204: Destination host unreachable. Reply from 66.60.172.204: Destination host unreachable. Reply from 66.60.172.204: Destination host unreachable. Ping statistics for 66.60.172.201: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms Is that really odd...or is it me??? :-) I see there's no packet loss...but I also can't reach the box. H. Thank you as always, Craig --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70alloc_id638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Network time synchronization
Hi folks, This is what I did...and it seems to work O.K. I'm on the West Coast (Sacramento, CA): Place this entry in the TZ file: PST+8PDT,M4.1.0/2,M10.5.0/2 Then, end the line with a newline character (hit enter, or it might not work correctly) if you're using Bering-uClibc. Place the following entries in Shorewall, and then back up! ACCEPT fw net udp ntp (if you want to query an external NTP server) ACCEPT loc fw udp ntp (if you want to query your Bering box time server) Cheers, Craig --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70alloc_id638op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Burning a CD from the new bootable ISO image?
Hi folks, I'm sorry for asking, and I'm sure it's really bonehead.how do I actually burn a CD from the new bootable Bering-uClibc_2.1_iso_bering-uclibc-iso.bin file? (I typically use Roxio within Windows if that helps). Thank you! Craig --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] How to use multiple IP addresses?
Hi everyone! Happy New Year! My ISP has assigned the following IP addresses to me: 66.60.172.201,202,203, and 204- and my Gateway is: 66.60.172.254. I've looked carefully at the existing documentation, but I don't see how to use multiple IP addresses with Bering. I'm sure I'll have to modify Shorewall as well, but I don't know how utilize multiple, static IP addresses. I'll use Bering's default, dhcpd on my LAN side. I'm certainly not afraid of reading if someone can point me to any reference(s). Can somebody give me some hints??? :-) Thank you, Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] How to use multiple IP addresses?
Thank you, Tom. Happy New Year! Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Eastep Sent: Sunday, January 04, 2004 6:59 PM To: Craig Caughlin Cc: LEAF (LEAF) Subject: Re: [leaf-user] How to use multiple IP addresses? On Sun, 4 Jan 2004, Craig Caughlin wrote: Hi everyone! Happy New Year! My ISP has assigned the following IP addresses to me: 66.60.172.201,202,203, and 204- and my Gateway is: 66.60.172.254. I've looked carefully at the existing documentation, but I don't see how to use multiple IP addresses with Bering. I'm sure I'll have to modify Shorewall as well, but I don't know how utilize multiple, static IP addresses. I'll use Bering's default, dhcpd on my LAN side. I'm certainly not afraid of reading if someone can point me to any reference(s). Can somebody give me some hints??? :-) http://www.shorewall.net/shorewall_setup_guide.htm -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Hanging bootable CD at RAMDISK
Hi folks, Happy New Year! I'm making a new Bering-uClibc CD, but I've done it the old way-as outlined in the Bering users' guide written by Jacques Eric (only because that's the way I've always done it). My CD boot fine, but hangs at: RAMDISK: Compressed image found at block 0. Any suggestions on what I might check? Thank you, Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Setting time/date clarification
Hi folks, Hey, thanks Erich. I forgot to ask you: I *think* I know what the ntpdate package is for (updating the firewall itself), what's the ntpsimpl package for? Thank you, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erich Titl Sent: Tuesday, December 30, 2003 12:39 AM To: [EMAIL PROTECTED] Subject: RE: [leaf-user] Setting time/date clarification I know it is bad karma to reply to ones own messages, but then I must have eaten really rotten things before I wrote this At 00:37 30.12.2003 +0100, Erich Titl wrote: ... Normally /etc/TZ is read at system boot. You can set TZ manually for your terminal session or add it to your .profile file. I would just set it, save etc.lrp and reboot. Please discard the above statement, someone must have swamped the local supermarket with bad weed. /etc/TZ is normally used at session start to initialise the TZ variable. Sorry for the noise Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id78alloc_id371op=ick leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id78alloc_id371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Setting time/date clarification
Hi folks, I'm trying to set up Bering-uClibc 2.0.1 to have the most accurate time/date functionality, and it seems from the docs that to do so is using the ntpdate.lrp package (which requires the libm.lrp package). 1.) Would using these packages be the most accurate timekeeping method for Bering? I have included both packages, placed an NTP server entry in the ntp-servers file, and placed the following entries in my Shorewall zones file per Bering documentation: ACCEPT fw net udp ntp (if you want to query an external NTP server) ACCEPT loc fw udp ntp (if you want to query your Bering box time server) When I issue the date command, Bering shows:Mon Dec 29 16:28:21 UTC 2003 2.) After reading the Bering documentation, I'm confused on how to adjust this for my time zone (I'm in Sacramento, California) 3.) Once adjusted, will Bering automatically adjust for Daylight Savings Time? Thank you, Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Setting time/date clarification
Hi folks, (Please forgive me if this gets posted twice-the previous message seemed to bounce back to me for some reason) I'm trying to set up Bering-uClibc 2.0.1 to have the most accurate time/date functionality, and it seems from the docs that to do so is using the ntpdate.lrp package (which requires the libm.lrp package). 1.) Would using these packages be the most accurate timekeeping method for Bering? I have included both packages, placed an NTP server entry in the ntp-servers file, and placed the following entries in my Shorewall zones file per Bering documentation: ACCEPT fw net udp ntp (if you want to query an external NTP server) ACCEPT loc fw udp ntp (if you want to query your Bering box time server) When I issue the date command, Bering shows:Mon Dec 29 16:28:21 UTC 2003 2.) After reading the Bering documentation, I'm confused on how to adjust this for my time zone (I'm in Sacramento, California) 3.) Once adjusted, will Bering automatically adjust for Daylight Savings Time? Thank you, Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Setting time/date clarification
Thank you, Erich I had looked at the link that you pointed me to (thank you, though.), and that's what I found confusing. I assume :-) that you need to complete both Steps 5.1 5.2. Right??? On that assumption, I don't know if it's correct, but I made an entry in the /etc/TZ that is: PST8PDT 1.) In Section 5.2, I see reference to the TZ variable. Does the variable already exist, or does it need to be created? Where do I create it? Thank you, Craig -Original Message- From: Erich Titl [mailto:[EMAIL PROTECTED] Sent: Monday, December 29, 2003 9:03 AM To: Craig Caughlin Subject: Re: [leaf-user] Setting time/date clarification Craig At 08:35 29.12.2003 -0800, you wrote: Hi folks, I'm trying to set up Bering-uClibc 2.0.1 to have the most accurate time/date functionality, and it seems from the docs that to do so is using the ntpdate.lrp package (which requires the libm.lrp package). I suggest ntpdate to set the time and ntpsimpl to keep the time 1.) Would using these packages be the most accurate timekeeping method for Bering? Well a few well maintained cesium atomic clocks might do better ;-) see http://tycho.usno.navy.mil/clocks.html I have included both packages, placed an NTP server entry in the ntp-servers file, and placed the following entries in my Shorewall zones file per Bering documentation: ACCEPT fw net udp ntp (if you want to query an external NTP server) ACCEPT loc fw udp ntp (if you want to query your Bering box time server) When I issue the date command, Bering shows:Mon Dec 29 16:28:21 UTC 2003 2.) After reading the Bering documentation, I'm confused on how to adjust this for my time zone (I'm in Sacramento, California) Setting local time offset is done differently in Bering and Bering-uClibc see http://leaf.sourceforge.net/doc/guide/buci-tz.html 3.) Once adjusted, will Bering automatically adjust for Daylight Savings Time? see above HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id78alloc_id371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] How to debug boot up?
Thank you, Lynn. Configure dhcpcd to use an interface like eth0. How do I do that? (I'm sorry for what is probably a really simple question) Thank you, Ray. Let me see if I can answer some of your questions. 1.)Are these messages really complete? That is, does Bering's syslog really not timestamp messages? Are they sequential, or is there stuff in between? And are there no prior messages from dhcpcd or dhcpcd.exe? Answer: I have ommitted the timestamps, but yes, these are the last two messages of /var/log/syslog. 2.)Is the dhcp option specified for eth0 in /etc/network/interfaces (this is the as-shipped setting)? Answer: Yes 3.)Is the eth0 interface present on the system? (ip link show) Answer: Yes 4.)Last but not least ... how do you know that DHCP leases are available on the external interface? Could there be a probem external to the LEAF system (bad cable, bad DSL/cable modem, MAC-address-authentication issue with the ISP, etc.)? Answer: I have connected directly to my cable modem, and to a hub attached to my existing Bering box (which works perfectly, but uses pump and dhcpd)...neither way was I able to get an address. I'm looking on the web for instructions on how to configure dhcpcd to use an interface as Lynn suggested, but haven't been able to find anything. Best Regards, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lynn Avants Sent: Wednesday, December 24, 2003 11:05 AM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] How to debug boot up? On Wednesday 24 December 2003 10:15 am, Craig Caughlin wrote: Merry Christmas! Likewise. :) dhcpcd is loading on boot, but dhcpcd is not running according to ps ax and /var/log/syslog indicates a couple of error messages: dhcpcd[15761] : timed out waiting for a valid DHCP server dhcpcd.exe: wrong interface name Suggestions? Configure dhcpcd to use an interface like eth0. Right now it isn't using any interface ( ie... ). -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] How to debug boot up?
Hi everyone! Thank you Lynn Luis (Happy Holidays! :-)) for your suggestions. You were right, Lynn. I had packages that weren't loading. Oddly enough, due to simply bad floppy disks. Now, I have the basic disk almost working. It will provide addresses for my LAN, but it won't grab an address to the WAN. All three of my NICs are the same type, same driver used. Strange. Hmmm, I've scratched my head, and can't think why. lrpkg.cfg looks like: root,config,etc,local,modules,iptables,dhcpd,dhcpcd,shorwall,ulogd,dnsca che,dropbear,weblet Here's the output of ps -ax | grep eth 6218 root408 S /usr/sbin/dhcpd -q eth1 And here's ip addr 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff 3: eth0: BROADCAST,MULTICAST mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:a0:cc:d3:c2:14 brd ff:ff:ff:ff:ff:ff 4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:a0:cc:52:07:52 brd ff:ff:ff:ff:ff:ff inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1 5: eth2: BROADCAST,MULTICAST mtu 1500 qdisc noop qlen 100 link/ether 00:a0:cc:d3:cf:40 brd ff:ff:ff:ff:ff:ff Any ideas why eth0 isn't getting an address? To refresh your memory, I'm creating a Bering-uClibc 2.0 with it's default packages. Thank you for your help suggestions. Best Regards, Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] NIC driver for Netgear FA310TX / Bering-uClibc 2.0?
Hi folks, I can't get my NICs to initialize. I'm using Bering-uClibc (from Bering-uClibc_2.0_img_bering-uclibc-1680.exe) and 3 Netgear FA310TX (Rev-D2)cards. I've tried using both the natsemi.o tulip.o drivers by themselves and with the pci-scan.o driver, none of which work. I would be happy to provide any futher info. Any suggestions? Thank you, Happy Holidays! Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] How to debug boot up?
Hi folks, I'm trying to set up a new Bering-uClibc v 2.0 firewall, and I'm getting an error message(s) that I think are related to dnscache (which, of course, scroll by so quickly I can't be sure :-). How do find out which package(s) I'm having problems with? I wrote the dmesg to a file, and then examined it...but I don't see any reference to the packages that loaded at boot or the (nf!) message(s) that scroll by. Suggestions? Thank you, Happy Holidays! Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Why run Squid in the DMZ?
Hi folks, I see in Tom's documentation for Shorewall that he runs Squid transparently on a box in his DMZ rather than on his LAN, and I'm just curious why? Thank you, Happy Holidays! Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Necessary to comment out /var/lib/shorewall ?
Hi Joey, Thanks for the response. There's no specific reason. It may be that I made a note to myself to comment this out, perhaps because I may have needed to do this with a previous version of Shorewall...but maybe I don't need to bother with it using the current (1.4.8.) version of Shorewall. I'm not familiar with what this entry specifically does, so I thought I'd ask someone much more astute than myself. :-) Comments? Thank you, Craig -Original Message- From: Joey Officer [mailto:[EMAIL PROTECTED] Sent: Thursday, December 11, 2003 6:15 PM To: Craig Caughlin; LEAF (LEAF) Subject: RE: [leaf-user] Necessary to comment out /var/lib/shorewall ? Is there a specific reason you can remember for attempting to comment out the shorewall entry? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Craig Caughlin Sent: Thursday, December 11, 2003 9:34 AM To: LEAF (LEAF) Subject: [leaf-user] Necessary to comment out /var/lib/shorewall ? Hi folks, I'm setting up a new Bering 1.2 firewall, and in my notes to myself I have a note to either remove (or in this case I simply commented out) the /var/lib/shorewall entry that is within the root.exclude.list file. Do I need to do this or just don't bother? Thank you, Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Necessary to comment out /var/lib/shorewall ?
Hi folks, I'm setting up a new Bering 1.2 firewall, and in my notes to myself I have a note to either remove (or in this case I simply commented out) the /var/lib/shorewall entry that is within the root.exclude.list file. Do I need to do this or just don't bother? Thank you, Craig --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering as VPN endpoint or pass-through?
Hi folks, I would like to be able to connect my home computer to my office, via VPN of course. My home LAN is behind a Bering firewall. My office runs a Microsoft ISA server product. I'm looking for feedback: Should I configure Bering to be my VPN endpoint for my home LAN or should I configure it to simply pass-through and have my home computer be the endpoint (if you will) of my VPN? Is there any advantages or disadvantages one way or the other that anyone can think of? I seem to remember Jeff Newmiller mentioning some time back he's nervous allowing ANY traffic through a firewall, so that's why I ask. Thank you for your input. Best Regards, Craig --- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering Citrix WinFrame?
Hi folks, My wife has a computer that needs to access a server at her workplace running Citrix WinFrame. Does anyone know: will I have to open a port on Bering in order for the signal to pass through? I know Citrix runs on port 1494, but I'm not sure if I'll need to modify my Bering 1.2 firewall for success. Comments??? Thank you, Craig --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering Citrix WinFrame?
Thank you Bob! I'm not sure I understand what you mean, though. I have the default Bering firewall...how would I know if it allows outbound connections? Thank you, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Coffman - Info From Data Corporation Sent: Thursday, October 16, 2003 7:16 AM To: Craig Caughlin; LEAF (LEAF) Subject: RE: [leaf-user] Bering Citrix WinFrame? If your Bering Firewall allows outbound connections it will work. At her workplace, they will have to make the server available for connections on that port. - Bob Coffman -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Craig Caughlin Sent: Thursday, October 16, 2003 9:39 AM To: LEAF (LEAF) Subject: [leaf-user] Bering Citrix WinFrame? Hi folks, My wife has a computer that needs to access a server at her workplace running Citrix WinFrame. Does anyone know: will I have to open a port on Bering in order for the signal to pass through? I know Citrix runs on port 1494, but I'm not sure if I'll need to modify my Bering 1.2 firewall for success. Comments??? Thank you, Craig --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net hosts over 70,000 Open Source Projects. See the people who have HELPED US provide better services: Click here: http://sourceforge.net/supporters.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] OT - How many users will a T1 line service?
Hi folks (and David, too), Mostly just web access. Thank you, Craig -Original Message- From: David I.S. Mandala [mailto:[EMAIL PROTECTED] Sent: Saturday, August 30, 2003 3:54 PM To: Craig Caughlin Subject: Re: [leaf-user] OT - How many users will a T1 line service? That highly depends upon he expected usage. Are they just going to browse the web and pop email or are they going to do heavy downloading and/or audio streaming? Davidm On Sat, 2003-08-30 at 17:08, Craig Caughlin wrote: Hi folks, I'm working on a little project with a school district, and I'm wondering if anyone has an idea (or firsthand experience) how many users that you might reasonably expect either a full T1 line or fractional T1 line to provide internet service for??? I need to do some financial planning and I'm trying to factor in how much our internet access is going to cost :-) Thank you, Craig --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] OT - How many users will a T1 line service?
Hi folks, I'm working on a little project with a school district, and I'm wondering if anyone has an idea (or firsthand experience) how many users that you might reasonably expect either a full T1 line or fractional T1 line to provide internet service for??? I need to do some financial planning and I'm trying to factor in how much our internet access is going to cost :-) Thank you, Craig --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] VPN security issue? Slightly O/T...
Hi Eric, Thanks for the response. I think I'm like Alex, I don't quite understand what you mean when you say Then the entire Internet gets access to the other side of your VPN without having to compromise your system. Could you explain that a little bit? Thank you. Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric B Kiser Sent: Monday, July 28, 2003 8:23 PM To: 'LEAF (LEAF)' Subject: RE: [leaf-user] VPN security issue? Slightly O/T... It gets even worse if routing is turned ON. Then the entire Internet gets access to the other side of your VPN without having to compromise your system. Regards, Eric - Eric B Kiser, CISSP VP of Information Technology NetOps Training Solutions - -Original Message- From: [EMAIL PROTECTED] [mailto:leaf-user- [EMAIL PROTECTED] On Behalf Of Scott Sent: Monday, July 28, 2003 6:47 PM To: Craig Caughlin; LEAF (LEAF) Subject: Re: [leaf-user] VPN security issue? Slightly O/T... The only thing I can think of is if the given box's connection has been compermised, then the attacker would also have access to the systems on the other side ot the VPN. - Original Message - From: Craig Caughlin [EMAIL PROTECTED] To: LEAF (LEAF) [EMAIL PROTECTED] Sent: Monday, July 28, 2003 3:35 PM Subject: [leaf-user] VPN security issue? Slightly O/T... Hi folks, I seem to remember a while back reading somewhere (likely either here at the newsgroup or perhaps a Microsoft security bulletin?) that it's a SIGNIFICANT security problem if you have an active VPN connection on a given box and can browse the internet at the same time. It was my understanding that either one is fine...but not both at the same time. Does this sound familiar to anyone? I also don't remember why it posed such a gaping security problem, per se. Comments??? Thank you, Craig --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click- url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click- url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01 /01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] VPN security issue? Slightly O/T...
Hi folks, Hey Lynn, I like your response, you can't run a VPN w/o internet access can you? :) I guess what I really meant was that it's my understanding that the security risk lies in being able to connect to your remote network via VPN (of course), and still being able to browse the internet as you normally would. It's been my understanding that you should be able to do one...but not both at the same time. Is that right? Cheers, Craig --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] VPN security issue? Slightly O/T...
Hi folks, I seem to remember a while back reading somewhere (likely either here at the newsgroup or perhaps a Microsoft security bulletin?) that it's a SIGNIFICANT security problem if you have an active VPN connection on a given box and can browse the internet at the same time. It was my understanding that either one is fine...but not both at the same time. Does this sound familiar to anyone? I also don't remember why it posed such a gaping security problem, per se. Comments??? Thank you, Craig --- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] VPN advice - What's your opinion?
Hi folks, I'm trying to sort out in my mind my options for VPN access. I have my simple home LAN (2 Windows boxes behind a Bering 1.2 box) that needs to access other Windows based LANs via VPN using IPSec (not PPTP), one of the LANs is behind a Cisco router and the other behind a Windows ISA server. I see Tom's documentation clearly says: If IPSEC is being used then only one system may connect to the remote gateway and there are firewall configuration requirements as follows: ACTION SOURCE DESTINATION PROTOCOLPORT CLIENTPORT ORIGINALDEST DNATnet:192.0.2.224 loc:192.168.1.12 50 DNATnet:192.0.2.224 loc:192.168.1.12udp 500 If you want to be able to give access to all of your local systems to the remote network, you should consider running a VPN client on your firewall. As starting points, see http://www.shorewall.net/Documentation.htm#Tunnels or http://www.shorewall.net/PPTP.htm. Here's my question: Both of the boxes on my LAN need VPN access to the remote LANS, but not at the same time, necessarily. Is there any reason (advantages / disadvantages) I would want to implement a VPN client on my Bering firewall -vs- Toms simple configuration. If I set up the VPN client on Bering, do you anticipate any obscure configuration issues since my LAN connection point would be my Bering box and the other side would be a Cisco router or Windows ISA server? Your comments and suggestions are most welcomed! Thank you...have a great weekend. Craig --- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here: http://www.vmware.com/wl/offer/345/0 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Creating a bootable USB device?
Hi folks, Can someone tell me how to actually burn the Bering .iso image to a USB device? I have one of the little USB plug and pray drives I would like to boot Bering from. I normally use Roxio to burn my bootable CD's, but Roxio (apparently) will only burn to a CD drive. P.S. I have a RedHat box I can use if that makes things easier. Thanks, Craig --- This SF.net email is sponsored by: eBay Get office equipment for less on eBay! http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering_1.1_modules_2.4.20.tar.gz compatible with Bering uClibc 1.1.1?
Hi folks, Are the modules and packages within the Bering_1.1_modules_2.4.20.tar.gz compatible with Bering uClibc 1.1.1?...or is there a separate tarball of modules and packages for that version of Bering? Thank you, Craig --- This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger for complex code. Debugging C/C++ programs can leave you feeling lost and disoriented. TotalView can help you find your way. Available on major UNIX and Linux platforms. Try it free. www.etnus.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering bootable cd problem
Hi Jeremy, Does the CD boot...but fails to completely load and then you get the kernel panic error? Did you include the rw parameter in your isolinux.cfg file? (I missed that at first and had the same problem). My isolinux.cfg file looks like: display syslinux.dpy timeout 0 default linux rw initrd=initrd.lrp init=/linuxrc root=/dev/ram0 boot=/dev/cdrom:iso9660 PKGPATH=/dev/cdrom:iso9660 Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jeremiah Fisher Sent: Friday, March 28, 2003 9:28 AM To: [EMAIL PROTECTED] Subject: [leaf-user] Bering bootable cd problem I'm attempting to move a Bering 1.1 installation from floppies to a bootable CD-ROM. I've been through the instructions at http://leaf.sourceforge.net/devel/jnilo/bucdrom.html several times. Everything looks correct, but the machine won't boot. It halts on these lines: FAT: Bogus Logical Sector Size 0 Kernel Panic: VFS: Unable to mount root fs on 01:00 Bering works fine from floppies. I've tested this CD-ROM on another machine with the same results. Thanks in advance Jeremy -- Jeremiah Fisher Systems Administrator / Software Engineer [EMAIL PROTECTED] (814) 861.4520 UtiliVision, Inc. --- This SF.net email is sponsored by: The Definitive IT and Networking Event. Be There! NetWorld+Interop Las Vegas 2003 -- Register today! http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: The Definitive IT and Networking Event. Be There! NetWorld+Interop Las Vegas 2003 -- Register today! http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering NAT Traversal stuff
Hi folks, Alex - So there's no package that I need I need for Super-FreeS/WAN?...it's already included (compiled?) within your kernel...is that right? Is there any documentation you can refer me to that would help me set up my Bering and take advantage of the NAT traversal? :-) Thank you very much! Craig -Original Message- From: Alex Rhomberg [mailto:[EMAIL PROTECTED] Sent: Thursday, March 20, 2003 7:16 AM To: Craig Caughlin; LEAF-user Subject: AW: [leaf-user] Bering NAT Traversal stuff Alex - One final question: Is there a .lrp package for the Super FreeS/WAN, or is it compiled within the kernel on your site? Is all I need to do what you mention, You should be able to use the kernel, modules and ipsec.lrp on my page without a recompile. Don't forget to replace all modules in /boot/lib/modules (initrd.lrp) and /lib/modules (modules.lrp).??? For Super-FreeS/WAN, you need the kernel, the ipsec.lrp package and the modules, but not more. I might eventually rename the package and call it sfsipsec.lrp or something like that (I hate 8.3 filenames) - Alex --- This SF.net email is sponsored by: Tablet PC. Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering NAT Traversal stuff
Hi folks, 1.) Do I understand it correctly that the latest Bering(s)(Bering-uClibc Bering) both support NAT traversal? I'm a little confused because of the earlier post entitled Bering 1.1 and NAT-Traversal that referred to Alex Rhomberg's LEAF Page at http://leaf-project.org/mod.php?mod=userpagemenu=1402page_id=49 seemed to suggest you might need to do something different if you wanted your Bering box to support traversal. 2.) Is it difficult (or even possible) to connect to a box behind Bering using IPSec? (I have a Windows 2000 Server on my LAN that I would like to securely connect to.) I see that Jacques says NAT-Traversal patch allows FreeS/WAN to be used behind any NAT device by encapsulating ESP in UDP., so is it a *better* approach to securely connect to my Bering box (but then how do you browse your LAN?), or should I try to connect to the box directly, since FreeS/WAN will now NAT traverse? Thank you for your input! Craig --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering NAT Traversal stuff
Hi folks, Thank you Alex for your input! Do I need to do a kernel recompile and stuff like that (it seems like I do), or do I simply download your kernel, the new IPSec.lrp package, necessary modules...and then substitute those in place on my current working Bering CD? Thank you! Craig -Original Message- From: Alex Rhomberg [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 19, 2003 7:19 AM To: Craig Caughlin; LEAF Subject: AW: [leaf-user] Bering NAT Traversal stuff 1.) Do I understand it correctly that the latest Bering(s)(Bering-uClibc Bering) both support NAT traversal? I'm a little confused because of the earlier post entitled Bering 1.1 and NAT-Traversal that referred to Alex Rhomberg's LEAF Page at http://leaf-project.org/mod.php?mod=userpagemenu=1402page_id=49 seemed to suggest you might need to do something different if you wanted your Bering box to support traversal. Bering 1.1 should support NAT traversal, but there still seem to be some problems. I use my own kernel available on the page you referenced, and I have tested it successfully with NAT traversal, plus it includes some more stuff (ipsec algorithm patches and some netfilter things) 2.) Is it difficult (or even possible) to connect to a box behind Bering using IPSec? (I have a Windows 2000 Server on my LAN that I would like to securely connect to.) I see that Jacques says NAT-Traversal patch allows FreeS/WAN to be used behind any NAT device by encapsulating ESP in UDP., That's the point of IPSec, secure connections to boxes behind firewalls. NAT Traversal is needed for this setup: Server --- Bering --- Internet --- NAT-box --- IPSec Client If your IPSec Client uses a public IP address, you don't need nat traversal. It doesn't matter if your Bering box does NAT for your server, as through the tunnel, you will address the server by its private address without NAT - Alex --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering NAT Traversal stuff
Hi folks, Alex - One final question: Is there a .lrp package for the Super FreeS/WAN, or is it compiled within the kernel on your site? Is all I need to do what you mention, You should be able to use the kernel, modules and ipsec.lrp on my page without a recompile. Don't forget to replace all modules in /boot/lib/modules (initrd.lrp) and /lib/modules (modules.lrp).??? Thank you. Craig --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] rw parameter necessary for bootable CD?
Hi folks, I couldn't get my new Bering CD to boot. I remembered from an earlier post that one Bering user noted he had to modify his isolinux.cfg file to look like default linux rw initrd=initrd.lrp ... by including the rw value. What puzzles me is that Jacques' documentation doesn't mention this being necessary, and I personally have never had to include this parameter when I've made my Bering CD's in the past, and they've seemed to work fine until now. Comments??? Thank you. Craig --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] My weblet doesn't work :-(
Hi folks, I've made a new Bering CD, made it just like I've always done in the past...but when I open my browser and try to view the weblet (http://192.168.1.254/)... I get a Cannot find server message. Suggestions? Thank you. Craig --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] LEAF as an ISP?
Hey Lance, Why not just VPN to the box behind Bering: If the box is running XP-Pro, enable remote desktop and surf away. If the box is either Windows 2000 Server or Advanced Server, enable Terminal Services on the box, Terminal Service into it, and then surf away? Best Regards, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Lance Dunn Sent: Tuesday, March 18, 2003 1:39 AM To: [EMAIL PROTECTED] Subject: [leaf-user] LEAF as an ISP? As a user of Bering (and happily) I have a pretty simple setup: Internet = Cable Modem = Eth0 NIC = LEAF = Eth1 NIC = Hub = 3 Windows computers What I would like to do is complicate the issue. Is it possible to add an auto-answer modem (not a WinModem) to the LEAF computer and have a remote computer dial up the LEAF modem and then have the remote computer be routed to the INTERNET? This would save me having to pay for another ISP that I can access from remote locations. Any thoughts... --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] rw parameter necessary for bootable CD?
Alex, O.K., I'm confused. Why does it work without the rw parameter if you're using a floppy disk...but not a CD? Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Alex Rhomberg Sent: Tuesday, March 18, 2003 8:04 AM To: Craig Caughlin; LEAF Subject: AW: [leaf-user] rw parameter necessary for bootable CD? Betreff: [leaf-user] rw parameter necessary for bootable CD? The rw parameter is not needed for the 2.4.18 kernel (Bering 1.0), but it is needed for newer kernels (2.4.20 of Bering 1.1), starting with 2.4.19 or 2.4.20. - Alex --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.net email is sponsored by: Does your code think in ink? You could win a Tablet PC. Get a free Tablet PC hat just for playing. What are you waiting for? http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Help Loading drivers
Hi folks, I'm using what I think is Donald Becker's natsemi.o driver, which I understand needs to have the pci-scan.o loaded first. How do I do that???...do I just make an entry in the appropriate file above the natsemi.o or is there something else I need to do??? Thank you. Craig --- This SF.net email is sponsored by:Crypto Challenge is now open! Get cracking and register here for some mind boggling fun and the chance of winning an Apple iPod: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering v1.1 available
I couldn't agree with you more, Mike! Bering is a tremendous product and the support offered by you people (Jacques, Eric, Tom, Lynn, Jeff, etc., etc.) who really know this product, Linux, networking, etc. is fabulous. Thank you all so much for your efforts!!! Best Regards, Craig Caughlin -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jacques Nilo Sent: Sunday, February 16, 2003 1:50 PM To: leaf-user; [EMAIL PROTECTED] Subject: [leaf-user] Bering v1.1 available Check: http://leaf.sourceforge.net/article.php?sid=70 Jacques --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Read-only Soekris type appliances for LEAF?
Hi folks, Are there any new Soekris type appliances for LEAF? I mean, I've seen previous posts to the group and it seems like these compact flash, etc. type devices have a disadvantage that floppy disk and CD versions of LEAF don't have...they can't be made read only. I like the svelte little enclosures, etc. but if they can't be made read-only, that seems like a disadvantage. I remember some people even attempting to modify some DOM or CF (I forget which), but has anyone had any success? Comments? Thanks, Craig --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering print server set-up
Hi Brad and folks, My BIOS parallel port setting is 378/IRQ7, the Onboard Parallel Mode setting is currently set to ECP (whatever that means - my BIOS choices are: Manual, EPP, ECP, and ECP/EPP), and ECP Mode Use DMA setting is 3. This should mean that I wouldn't need to load the parport_pc module with the other parameters per your suggestion, doesn't it? This is a fairly new board and processor (Intel 1.2 Ghz Celeron) that I assembled specifically to be my Bering box, so its BIOS settings are pretty flexible. I'm sorry...can you tell me how to issue the cat commands before and after the modules (I don't know how to do that :-( ) Thank you all for your help and suggestions! Craig -Original Message- From: Brad Fritz [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 4:23 PM To: Craig Caughlin Cc: LEAF Subject: Re: [leaf-user] Bering print server set-up Craig, On Thu, 23 Jan 2003 10:53:39 PST Craig Caughlin wrote: Hey Brad, Thanks for all the suggestions!!! Here are my results below, and it seems like my problem is that my box cannot create /dev/lp0: error 16??? Is that right? Any suggestions? Thank you very much! That's not a good sign. A hunch tells me it might be an interrupt conflict or I/O problem. Does your BIOS let you enable and disable the parallel port? If so, is it enabled? Does the BIOS have interrupt and/or I/O settings for it? You may need to load the parport_pc module with: insmod parport_pc io=0x378 irq=7 (Assuming your parallel port is using the IO port at 0x378 and IRQ 7. More info at, including a description of the /proc/sys/dev/parport tree at : http://dan.drydog.com/docs/redhat/kernel-doc-2.4.18/parport.txt ) Also, what is the output of cat /proc/interrupts and cat /proc/ioports both before and after loading the modules. --Brad Craig [very complete reply to debugging suggestions snipped] --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering print server set-up
Hi folks, I've carefully followed the instructions at http://www.mysunrise.ch/users/cmu/dachlpd.htm to set up my Bering box as a print server, but it doesn't work (I can't print). I was getting some insmod error messages, and determined I was using the wrong parport.o, parport_pc.o, and lp.o drivers (from an older Bering version). It seems like I've seen posted here on the group a comment that the drivers you use MUST match your kernel version. So, I downloaded both the Bering_1.0-stable_modules_2.4.18.tar.gz Bering_1.0-stable_modules_2.4.20.tar.gz module packages (drivers?) from http://sourceforge.net/project/showfiles.php?group_id=13751 , and I've used the parport.o, parport_pc.o, and lp.o drivers from the 2.4.18 package, but I still can't print. How do I know if I'm using drivers from the right package? H, I can't seem to figure out what I'm doing wrong. Does Shorewall have anything to do with this? Thank you! Craig --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering print server set-up
Hey Brad, Thanks for all the suggestions!!! Here are my results below, and it seems like my problem is that my box cannot create /dev/lp0: error 16??? Is that right? Any suggestions? Thank you very much! Craig -Original Message- From: Brad Fritz [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 23, 2003 8:56 AM To: Craig Caughlin Cc: LEAF Subject: Re: [leaf-user] Bering print server set-up Craig, On Thu, 23 Jan 2003 07:10:18 PST Craig Caughlin wrote: Hi folks, I've carefully followed the instructions at http://www.mysunrise.ch/users/cmu/dachlpd.htm to set up my Bering box as a print server, but it doesn't work (I can't print). I was getting some insmod error messages, and determined I was using the wrong parport.o, parport_pc.o, and lp.o drivers (from an older Bering version). It seems like I've seen posted here on the group a comment that the drivers you use MUST match your kernel version. True. So, I downloaded both the Bering_1.0-stable_modules_2.4.18.tar.gz Bering_1.0-stable_modules_2.4.20.tar.gz module packages (drivers?) from http://sourceforge.net/project/showfiles.php?group_id=13751 , and I've used the parport.o, parport_pc.o, and lp.o drivers from the 2.4.18 package, Good start. Was there any output when you insmod'ed them? but I still can't print. How do I know if I'm using drivers from the right package? If you're using Bering 1.0-stable, Bering_1.0-stable_modules_2.4.18.tar.gz contains the correct modules. As a general rule, if insmod does not complain about unresolved symbols, barf nasty error messages on the console, or lock up the machine you're _usually_ okay. If you're not feeling brave with your up-all-year firewall :-), you should verify they were built from the same source tree and config as your kernel. For the case of Bering, that's probably documented in the Bering install or user's guide somewhere, but there is a chance it might not be as the 2.4.20 kernel was added after most of the current docs were written. H, I can't seem to figure out what I'm doing wrong. Does Shorewall have anything to do with this? Thank you! If you are running tests from another host it could be. Here's how I would debug it: 1) Verify the modules are properly loaded: lsmod | grep -e parport -e lp The three modules you loaded should show up. Here's what I see: # lsmod | grep -e parport -e lp lp 5580 1 parport_pc 15476 1 parport12096 1 [lp parport_pc] parport12096 1 [lp parport_pc] 2) Check to see if you have parport entries in the /proc filesystem: find /proc/ -name 'parport*' Many drivers, including parport.o IIRC, add entries to the /proc filesystem when they are loaded. Here's what I see: # find /proc/ -name 'parport*' /proc/sys/dev/parport /proc/sys/dev/parport/parport0 3) Verify you have a /dev/lp0 device: ls -l /dev/lp0 Should look something like: brad@boxer:~$ ls -al /dev/lp0 crw-rw1 root lp 6, 0 Jun 13 2001 /dev/lp0 Here's what I have: # ls -l /dev/lp0 crw-rw-rw-1 root root 6, 0 Jan 23 22:57 /dev/lp0 4) Test printing from the firewall: (echo foo; echo bar; echo) /dev/lp0 The page may not eject, but if the printer does anything that's a good sign. Here's what happened: (echo foo; echo bar; echo) /dev/lp0 cannot create /dev/lp0: error 16 5) Verify that the daemon is started: svi p910nd stop; svi p910nd start ps -ef | grep p910 Here's what I have: clonebox: -root- # svi p910nd stop; svi p910nd start Starting print server LPT1 ready LPT2 ready LPT3 ready clonebox: -root- # ps -ef | grep p910 6492 root 1636 S/usr/sbin/p9100d 0 26431 root 1116 S/usr/sbin/p9100d 0 6) Verify the daemon is bound to port 9100 (0x238C in hex): cat /proc/net/tcp | grep -i 238C Here's what I have: clonebox: -root- # cat /proc/net/tcp | grep -i 238c 0: :238C : 0A : 00: 00 5425 1 c1265b20 300 0 0 2 -1 7) Verify you can connect to that port from the print server: nc 192.168.1.254 9100 Here's what I get - No response 8) Run tail -f /var/log/syslog on the print server and then verify you can connect to port 9100 from the printing client: telnet 192.168.1.254 9100 or nc 192.168.1.254 9100 (Watch for shorewall messages in the tail -f output as you attempt the connection.) Here's what I have: clonebox: -root- # tail -f /var/log/syslog Jan 24 01:48:32 clonebox kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:02:e3:1d:e2:a5:00:09:b6:6a:14:54:08:00 SRC=134.184.125.206 DST=12.246.108.54 LEN=74 TOS=0x00 PREC=0x00 TTL=109 ID=10376 PROTO=UDP SPT=1848 DPT=3481 LEN=54 Jan 24 02:00:01 clonebox /USR/SBIN/CRON[23162]: (root) CMD (/etc/multicron-p) Jan 24 02:15:01 clonebox /USR/SBIN/CRON[17317]: (root) CMD
[leaf-user] root.dev.mk file backup?
Hi folks, I've tried to back up the root.dev.mk and the root.dev.mod files (I'm trying to make my Bering box a print server) by backing up the initrd, root, etc, local, and modules packages from the main menu...but, somehow, these two files are not being backed up. When I reboot, the changes haven't been saved! H...what am I overlooking? Thank you. Craig --- This SF.net email is sponsored by: Scholarships for Techies! Can't afford IT training? All 2003 ictp students receive scholarships. Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more. www.ictp.com/training/sourceforge.asp leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering print server set-up
Hi folks, Are the instructions at: http://www.mysunrise.ch/users/cmu/dachlpd.htm applicable to Bering as well as Dachstein...or do they differ (in what way)? Do you have to close printer ports 9100, 9101, and 9102 on the external interfaces as indicated in Step 5 (I don't see that I have an ipfilter.conf file in Bering)? Any other suggestions, tips, etc. would (as always) be greatly appreciated. Thank you. Craig --- This SF.net email is sponsored by: Scholarships for Techies! Can't afford IT training? All 2003 ictp students receive scholarships. Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more. www.ictp.com/training/sourceforge.asp leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering DMZ set-up questions
Hi folks! I have carefully read Tom's Shorewall guide, but have a couple of questions. First, when you set up a DMZ with Bering / Shorewall, are boxes within the DMZ completely unprotected in that they have no ipchain rules, etc. that protect them (even if to only a small degree)...or are boxes in the DMZ pretty much completely open to attack? Second, I noticed that Tom has made a three-interfaces.tgz file that (apparently) has all of the necessary files / modifications within it. Is that really all I need to do to set up a basic DMZ?, i.e copy the files within .tgz package over to Bering and backup?...that sort of thing? Thank you, have a great weekend! Best Regards, Craig --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] eth1: increased Tx threshold message?
Hi folks, I've just set up a new Bering box, and I've never seen this message before. What is it? Thank you, have a great weekend! Best Regards, Craig --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Could not mount the boot device error message-SOLVED (Bad CD drivers?)
Hi folks, I got my CD to boot successfully when I used the old Bering CD drivers that I had used before. Evidently, there is something about the ones that I downloaded from http://leaf.sourceforge.net/devel/jnilo/bering/latest/modules/2.4.20/ker nel/drivers/ that either my new Bering box or its CD-Rom doesn't like. That's puzzling to me that the newer ones didn't want to work. Have a great weekend! Best Regards, Craig -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Craig Caughlin Sent: Thursday, January 09, 2003 7:50 PM To: LEAF Subject: [leaf-user] Could not mount the boot device error message Hi folks, I'm making a new Bering bootable CD, and I think I have followed the step by step instructions in the Bering user's guide exactly, and I get this error message: end_request: I/O error, dev 02:00 (floppy), sector 0 end_request: I/O error, dev 02:00 (floppy), sector 0 LINUXRC: Could not mount the boot device. Can't install packages. Kernel Panic: Attempted to kill init! I've made a bootable CD before, but I'm obviously forgetting something. Suggestions? Best Regards, Craig --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bad Bering natsemi.o driver?
Hi folks, I'm preparing a new box with the latest, stable Bering and I'm wondering if the driver might be bad? I downloaded the natsemi.o driver for the Netgear FA311 NICs I have from http://leaf.sourceforge.net/devel/jnilo/bering/latest/modules/2.4.20/net /, and when I use it, only eth0 is detected and not eth1 as well. Fortunately, I have another natsemi.o driver that apparently I downloaded at some point in the past and it seems to work fine with both NICs. I wanted to bring this to the groups' attention if the driver that's posted is in fact (somehow) defective??? Comments??? Best Regards, Craig --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html