from:"Craig Caughlin"

[leaf-user] ALEXANDRE MARNET

2010-04-23 Thread Craig Caughlin

http://cormoranogroup.eu/home.php

--

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] What's the current way to save your changes?

2008-06-16 Thread Craig Caughlin

Thanks for the feedback.

I'm using the Bering-uClibc_3.1.1-beta1_iso_bering-uclibc.iso for creating
my bootable CD.

After burning the CD, I see a syslinux.cfg in the CD root. In this file it
has an entry:

LEAFCFG=/dev/fd0:msdos PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660

1.) Can I just create a leaf.cfg file on a blank floppy, and Bering will
read this during the boot process?

2.) Do I need to create a leaf.cfg on the floppy with all of the same
entries as the one from the CD, or do I only need a specific entry(s)?
(I'd like to declare more packages, and I see the only packages that are
declared, by default, on the CD are: LRP=root,config,etc,modules,dropbear)

3.) For my initial Bering setup, do I need any other files on the floppy
(syslinux.cfg, etc., etc.), or just leaf.cfg?

Thank you, 
Craig



Virus checked by G DATA AntiVirus
Version: AVK 18.4154 from 16.06.2008


-
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] What's the current way to save your changes?

2008-06-15 Thread Craig Caughlin

Hi folks,
I'm setting up a new LEAF box, and I'm using the latest Bering-uClibc 3.1.1
beta CD. I have the typical, cable modem scenario (dhcp address from my
ISP).

I've looked around the newsgroup postings and I've looked at the
documentation, but I haven't seen anything specific to this setup (but maybe
I've just overlooked it):

1.)If you're using the Bering-uClibc CD, how do you make changes and then
back those up?
2.) Do you just use a floppy disk and all of your changes will be backed up
it via the built-in scripts? Or do you have to, somehow, specify you want to
back up your changes to a floppy?
3.) When you back up to the floppy, upon reboot the floppy files will
supersede any files / configuration on the CD? Is that right?

I think this is the way things work, but I'd just like to confirm this
before I pull my hair out.

Also, the last time I set up Bering-uClibc CD (Version 3.0), the only other
configuration I needed to make from the default Bering CD was to the
dnsmasq.conf file.

In order to use dhcpc and use the integrated dhcp daemon, dnsmasq.conf had
to have the following entry: 

resolv-file=/etc/dhcpc/resolv.conf and
dhcp-range=192.168.1.1,192.168.1.199,12h

4.) Do I still need to do this also?

:-)

Thank you,
Craig



Virus checked by G DATA AntiVirus
Version: AVK 18.4146 from 15.06.2008


-
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] changes in syslinux don't affect boot

2007-04-28 Thread Craig Caughlin

Hey, I'm trying to exactly the same thing.

Where do you find the bootdisk.img file, because I don't see it??? I'm using
ISOBuster (Windows) to open up the Bering .iso.

Thank you!

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rafael
Oliveira
Sent: Wednesday, April 25, 2007 6:44 AM
To: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] changes in syslinux don't affect boot

Ok... The problem was the syslinux.cfg used at the boot.
If you mount the boodisk.img and change the syslinux.cfg inside, it works.
:)

2007/4/24, Rafael Oliveira [EMAIL PROTECTED]:
 Hi,

 I'm trying to setup a firewall based only on CD. I think floppies get
 damaged very easily. So I did the following:
 I used the floppy image to configure the system and get the modified
 configdb.lrp.
 I used the cdrom image and used with configdb.lrp, and changes in
 syslinux.cfg to get the system running.

 It goed wrong.

 I tryed changing the leaf.cfg but the boot stage looks for leaf.cfg on
 the floppy. On Bearing-uClibc_3.1-beta1 the cd's syslinux.cfg holds
 LEAFCFG=/dev/fd0:msdos to load the leaf.cfg on the floppy.

 So I tryed changing /dev/fd0:msdos to /dev/cdrom:iso9660 but I got
 nothing. The boot stage looked for a floppy disk.

 The changes on params in syslinux.cfg don't seems to affect the boot
 process at all. If I can't change the LEAFCFG I can't load the
 configdb.cfg in the CD. Looks like the kernel params are built-in in
 some place I don't know.

 How can I get my Bering to load the configdb.cfg in the CD??

 I greatly appreciate any feedback.

 P.S. Sorry for my english. I'm not a native english speaker.
 --
 Rafael Araújo Santana de Oliveira



-- 
Rafael Araújo Santana de Oliveira

-
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Stock Bering-uClibc 3.0 .iso isn't loading all packages???

2006-12-25 Thread Craig Caughlin

Hi folks,
Happy Holidays to you all! :-)

O.K., I'm feeling pretty stupid.

Rather than creating my own CD from scratch, I've downloaded the provided
Bering-uClibc_3.0_iso_bering-uclibc-iso.bin (from 3 different mirrors), but
it doesn't seem to be loading all of the packages. When I compare the lrcfg
menu  submenus of my working Bering (that runs from a floppy) to the .iso
Bering - there seems to be quite a few packages missing??? For example,
under the Package Configuration menu, the only things that are displayed
are: config  modules (no dhcpd, shorewall, ulogd, etc., etc., etc.)

All I've done is downloaded the file, rename it with an .iso extension, and
burned it with Nero.

What am I (like a bonehead, I'm sure) doing wrong???

Thank you all,
Craig


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] Stock Bering-uClibc 3.0 .iso isn't loading allpackages???

2006-12-25 Thread Craig Caughlin

Thank you, KP...you're right; I didn't see that! :-)

Thank you, Sir!

Happy Holidays to you!!!

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of KP
Kirchdoerfer
Sent: Monday, December 25, 2006 11:48 AM
To: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] Stock Bering-uClibc 3.0 .iso isn't loading
allpackages???

Am Montag, 25. Dezember 2006 17:00 schrieb Craig Caughlin:
 Hi folks,
 Happy Holidays to you all! :-)

 O.K., I'm feeling pretty stupid.

 Rather than creating my own CD from scratch, I've downloaded the provided
 Bering-uClibc_3.0_iso_bering-uclibc-iso.bin (from 3 different mirrors),
but
 it doesn't seem to be loading all of the packages. When I compare the
lrcfg
 menu  submenus of my working Bering (that runs from a floppy) to the .iso
 Bering - there seems to be quite a few packages missing??? For example,
 under the Package Configuration menu, the only things that are displayed
 are: config  modules (no dhcpd, shorewall, ulogd, etc., etc., etc.)

 All I've done is downloaded the file, rename it with an .iso extension,
and
 burned it with Nero.

 What am I (like a bonehead, I'm sure) doing wrong???

You haven't read the documentation, or you overlooked the following:

Step 3: Adding packages and backup configuration
Packages can be added or removed in a flexibel way by declaring/undeclaring 
them in leaf.cfg on a new formatted floppy.
Additionally your configuration settings for all packages can be stored on
the 
same floppy.

Declaring packages
Edit leaf.cfg on a blank formatted floppy disk, add your packages to LRP and

change PKGPATH to point to your CDROM and the floppy device.
LRP=root config etc local modules iptables dnsmasq keyboard shorwall ulogd 
libz mawk libssl libm ezipupd dropbear webconf ppp pppoe libpcap
PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660
syst_size=8M
log_size=2M

Note: The order in PKGPATH is important!

The leftmost entry will be loaded last - so your packages will be load first

from CDROM and then from /dev/fd0. This will overwrite the configuration
with 
the settings you stored on the floppy.

Save your configuration
You can save your configuration changes onto the floppy, you have declared 
leaf.cfg.

kp

-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] CD hangs at LINUXRC: Loaded Packages

2006-12-24 Thread Craig Caughlin

In my case, there is. Unfortunately, the default Bering .iso won't boot on
my box. Also, I've never figured out why, but when I create my own CD (using
the old Bering instructions)...it boots much, much, faster than the new
.iso. I'm not sure why, but that's the way it is.

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kwon
Sent: Saturday, December 23, 2006 9:09 PM
To: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] CD hangs at LINUXRC: Loaded Packages

 Hi folks,
 I'm trying to create a bootable CD, and the CD boots fine, but hangs at:
 
There really is no need to create your own CD! I just burn the .iso image to
a CD and save all my config files to a 1.44 floppy. Merry Christmas and
Happy New Year! Cheers!


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] CD hangs at LINUXRC: Loaded Packages

2006-12-24 Thread Craig Caughlin

Thanks Ciao.

Unfortunately, it doesn't seem like that was my problem. I've edited my
files using Ultra Edit 32 (which is supposed to respect the Unix format),
I edited them directly on the Bering box itself, and I've even downloaded
the stock Bering .iso and tried using those files directly...but no
success. The box still hangs at the same place.

As a side note, the old how-to-create a Bering CD instructions say to
rename the syslinux.cfg to isolinux.cfg before creating your CD. I see the
stock .iso uses a syslinux.cfg. Curiously, when I use that file as is
(without renaming it), the boot process crashes and I get a kernel panic!
How odd???

Suggestions???

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mailing Lists
Sent: Sunday, December 24, 2006 12:39 AM
To: Craig Caughlin
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] CD hangs at LINUXRC: Loaded Packages

Take a look to your leaf.cfg
Probably it is in windows format (cr/lf) and not in unix format (lf only)

Happy holidays
Ciao
Gianni


Craig Caughlin ha scritto:
 Hi folks,
 I'm trying to create a bootable CD, and the CD boots fine, but hangs at:
 
 LINUXRC: Loaded Packages
 
 My isolinux.cfg looks like:
 
 display syslinux.dpy
 timeout 0 
 append reboot=bios
 default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0
 LEAFCFG=/dev/cdrom:iso9660
 
 And the only change to my leaf.cfg looks like:
 
 # The first entry is the backup device. 
 # The path is parsed in reversed order, packages on the first device
listed
 will be loaded last.
 #PKGPATH=/dev/fd0u1680:msdos
 PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660
 
 The command I'm executing to create the .iso is:
 
 mkisofs -o bering.iso -b isolinux.bin -c isolinux.cat -V Bering
 -no-emul-boot -relaxed-filenames -boot-load-size 4 -boot-info-table -hide
 isolinux.bin -l diskcontent
 
 Any idea what might be causing my boot problem?
 
 Thank you,
 Craig
 
 
 -
 Take Surveys. Earn Cash. Influence the Future of IT
 Join SourceForge.net's Techsay panel and you'll get the chance to share
your
 opinions on IT  business topics through brief surveys - and earn cash
 http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
 
 leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/

-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] No DHCP address to the DMZ :-(

2006-12-23 Thread Craig Caughlin

Hi folks,
Happy Holidays. :-)

I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the
web, etc. work great. 

Now, I'm trying to set up a wireless router in my DMZ, and it's not getting
a dynamic IP address (I have confirmed this by connecting a laptop via
crossover cable directly to the DMZ NIC). Here's my scenario:

1. I'm using the new, Bering uClibc 3.0
2. ip addr show displays:

eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff
inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0

eth1:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1

eth2:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2

3. I uncommented the DMZ section of /etc/network/interfaces
4. I have the following changes to Shorewall:

/etc/shorewall/zones - Uncommented the DMZ line
/etc/shorewall/policy - DMZ  NET  ACCEPT
/etc/shorewall/rules - DNS/ACCEPT dmz  fw, Ping/ACCEPT dmz  fw, and ACCEPT
fw dmz  icmp
/etc/shorewall/interfaces - dmz eth2 detect dhcp
/etc/shorewall/masq - Unchanged
/etc/shorewall/routestopped - Unchanged

5. Should I connect the wireless router to eth2 via a regular CAT5 cable, or
should I use a crossover cable?

Suggestions? Comments?

Thank you all.

Craig


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] No DHCP address to the DMZ :-(

2006-12-23 Thread Craig Caughlin

Hi Eric,
The only thing I have done to get things up and running is:

I've uncommented dhcp-range=192.168.1.1,192.168.1.199,12h in the
/etc/dnsmasq.conf file. Do I need to do something different?

Also, should I add another interface in /etc/dhcpc/config ? I see at the
bottom it says, # Add other interfaces here
*)
;;

Should I add eth2? What does the syntax look like?:

# Add other interfaces here
*)
eth2
;;

Is that right (and/or do I even need to worry about it?)?

Thank you! :-)

Craig

-Original Message-
From: Eric Spakman [mailto:[EMAIL PROTECTED] 
Sent: Saturday, December 23, 2006 10:35 AM
To: Craig Caughlin
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] No DHCP address to the DMZ :-(

Hi Craig,

Hi folks,
Happy Holidays. :-)

Happy Holidays to you ;-)

I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the
web, etc. work great. 

Now, I'm trying to set up a wireless router in my DMZ, and it's not getting
a dynamic IP address (I have confirmed this by connecting a laptop via
crossover cable directly to the DMZ NIC). Here's my scenario:

1. I'm using the new, Bering uClibc 3.0
2. ip addr show displays:

eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff
inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0

eth1:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1

eth2:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2

3. I uncommented the DMZ section of /etc/network/interfaces
4. I have the following changes to Shorewall:

/etc/shorewall/zones - Uncommented the DMZ line
/etc/shorewall/policy - DMZ  NET  ACCEPT
/etc/shorewall/rules - DNS/ACCEPT dmz  fw, Ping/ACCEPT dmz  fw, and
ACCEPT
fw dmz  icmp
/etc/shorewall/interfaces - dmz eth2 detect dhcp
/etc/shorewall/masq - Unchanged
/etc/shorewall/routestopped - Unchanged

How did you configure your dhcp server (I guess dnsmasq)? Did you add 
a dhcp range for the 192.168.1.0 network?

5. Should I connect the wireless router to eth2 via a regular CAT5 cable,
or
should I use a crossover cable?

For a router - router or router - pc connection you need a cross cable,
if you use a switch a straight cable should be used.

Suggestions? Comments?

Thank you all.

Craig

Eric


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share
your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] No DHCP address to the DMZ :-(

2006-12-23 Thread Craig Caughlin

Unfortunately, no. :-(

I've even tried changing cables to be sure it wasn't a simple problem like
that (even though they're brand new cables).

Suggestions?

Thank you,
Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eric Spakman
Sent: Saturday, December 23, 2006 11:07 AM
To: Craig Caughlin
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] No DHCP address to the DMZ :-(

Hi Craig,

Hi Eric,
The only thing I have done to get things up and running is:

I've uncommented dhcp-range=192.168.1.1,192.168.1.199,12h in the
/etc/dnsmasq.conf file. Do I need to do something different?

No, that's enough to serve dhcp addresses.

Also, should I add another interface in /etc/dhcpc/config ? I see at the
bottom it says, # Add other interfaces here
*)
;;

Should I add eth2? What does the syntax look like?:

# Add other interfaces here
*)
eth2
;;

Is that right (and/or do I even need to worry about it?)?

This is the configuration of dhcpcd, the dhcp client. You don't need 
to worry about that.

Thank you! :-)

Is it working now in the dmz?

Craig

Eric

-Original Message-
From: Eric Spakman [mailto:[EMAIL PROTECTED] 
Sent: Saturday, December 23, 2006 10:35 AM
To: Craig Caughlin
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] No DHCP address to the DMZ :-(

Hi Craig,

Hi folks,
Happy Holidays. :-)

Happy Holidays to you ;-)

I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the
web, etc. work great. 

Now, I'm trying to set up a wireless router in my DMZ, and it's not
getting
a dynamic IP address (I have confirmed this by connecting a laptop via
crossover cable directly to the DMZ NIC). Here's my scenario:

1. I'm using the new, Bering uClibc 3.0
2. ip addr show displays:

eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff
inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0

eth1:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1

eth2:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2

3. I uncommented the DMZ section of /etc/network/interfaces
4. I have the following changes to Shorewall:

/etc/shorewall/zones - Uncommented the DMZ line
/etc/shorewall/policy - DMZ  NET  ACCEPT
/etc/shorewall/rules - DNS/ACCEPT dmz  fw, Ping/ACCEPT dmz  fw, and
ACCEPT
fw dmz  icmp
/etc/shorewall/interfaces - dmz eth2 detect dhcp
/etc/shorewall/masq - Unchanged
/etc/shorewall/routestopped - Unchanged

How did you configure your dhcp server (I guess dnsmasq)? Did you add 
a dhcp range for the 192.168.1.0 network?

5. Should I connect the wireless router to eth2 via a regular CAT5 cable,
or
should I use a crossover cable?

For a router - router or router - pc connection you need a cross cable,
if you use a switch a straight cable should be used.

Suggestions? Comments?

Thank you all.

Craig

Eric


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share
your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] No DHCP address to the DMZ :-(

2006-12-23 Thread Craig Caughlin



Wow, thanks everyone. :-)

I like kp's idea of creating a separate subnet for the DMZ (e.g:
192.168.2.0).

Do I do that all through dnsmasq.conf?...or are there changes I need to make
to shorewall as well?

Thank you,
Craig

-Original Message-
From: Eric Spakman [mailto:[EMAIL PROTECTED] 
Sent: Saturday, December 23, 2006 11:24 AM
To: Craig Caughlin
Subject: Re: [leaf-user] No DHCP address to the DMZ :-(

Hi Craig,

Unfortunately, no. :-(

I've even tried changing cables to be sure it wasn't a simple problem like
that (even though they're brand new cables).

Suggestions?

A few things to check:
Do you have an ip connection at all? Try to give the system a fixed 
ip address and run ping.
If that works, enable dhcp on that system again and look if dhcp 
traffic isn't blocked. This can be done with 'shorewall hits', but 
it's better to use tcpdump to 'snif' the traffic.

Thank you,
Craig

Eric

-Original Message-
From: Eric Spakman [mailto:[EMAIL PROTECTED] 
Sent: Saturday, December 23, 2006 11:07 AM
To: Craig Caughlin
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] No DHCP address to the DMZ :-(

Hi Craig,

Hi Eric,
The only thing I have done to get things up and running is:

I've uncommented dhcp-range=192.168.1.1,192.168.1.199,12h in the
/etc/dnsmasq.conf file. Do I need to do something different?

No, that's enough to serve dhcp addresses.

Also, should I add another interface in /etc/dhcpc/config ? I see at the
bottom it says, # Add other interfaces here
*)
;;

Should I add eth2? What does the syntax look like?:

# Add other interfaces here
*)
eth2
;;

Is that right (and/or do I even need to worry about it?)?

This is the configuration of dhcpcd, the dhcp client. You don't need 
to worry about that.

Thank you! :-)

Is it working now in the dmz?

Craig

Eric

-Original Message-
From: Eric Spakman [mailto:[EMAIL PROTECTED] 
Sent: Saturday, December 23, 2006 10:35 AM
To: Craig Caughlin
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] No DHCP address to the DMZ :-(

Hi Craig,

Hi folks,
Happy Holidays. :-)

Happy Holidays to you ;-)

I'm using the new, Bering uClibc 3.0, and my LAN connections to/from the
web, etc. work great. 

Now, I'm trying to set up a wireless router in my DMZ, and it's not
getting
a dynamic IP address (I have confirmed this by connecting a laptop via
crossover cable directly to the DMZ NIC). Here's my scenario:

1. I'm using the new, Bering uClibc 3.0
2. ip addr show displays:

eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff
inet 67.164.217.61/23 brd 255.255.255.255 scope global eth0

eth1:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1

eth2:  mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.100/24 brd 192.168.1.255 scope global eth2

3. I uncommented the DMZ section of /etc/network/interfaces
4. I have the following changes to Shorewall:

/etc/shorewall/zones - Uncommented the DMZ line
/etc/shorewall/policy - DMZ  NET  ACCEPT
/etc/shorewall/rules - DNS/ACCEPT dmz  fw, Ping/ACCEPT dmz  fw, and
ACCEPT
fw dmz  icmp
/etc/shorewall/interfaces - dmz eth2 detect dhcp
/etc/shorewall/masq - Unchanged
/etc/shorewall/routestopped - Unchanged


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] No DHCP address to the DMZ :-( Solved!!!

2006-12-23 Thread Craig Caughlin

Hi folks,
Yippee!!! That solved it!!! Thank you Eric, KP, and Brett.

One final question, if I may. Rather than having my wireless router hanging
out there as the proverbial low hanging fruit, I'd like to protect it
just like my internal LAN.

Which shorewall config settings of the LAN do I need to duplicate for the
DMZ to achieve this???

Thank you all for your continued help! :-)

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eric Spakman
Sent: Saturday, December 23, 2006 1:02 PM
To: Craig Caughlin
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] No DHCP address to the DMZ :-(

Hi Craig,


 Wow, thanks everyone. :-)


 I like kp's idea of creating a separate subnet for the DMZ (e.g:
 192.168.2.0).


 Do I do that all through dnsmasq.conf?...or are there changes I need to
 make to shorewall as well?

You have to make them in /etc/network/interfaces:
auto eth1
iface eth1 inet static
address 192.168.1.254
netmask 255.255.255.0
broadcast 192.168.1.255

auto eth2
iface eth2 inet static
address 192.168.2.254
netmask 255.255.255.0
broadcast 192.168.2.255


And if you want to have dhcp on both networks you have to do something
like this in dnsmasq.conf:
dhcp-range=192.168.1.1,192.168.1.199,12h
dhcp-range=192.168.2.1,192.168.2.199,12h

In shorewall it's important in above case to have both
loc eth1 detect dhcp
and
dmz eth2 detect dhcp

in the shorewall/interfaces file.

Eric

 Thank you,
 Craig


 -Original Message-
 From: Eric Spakman [mailto:[EMAIL PROTECTED]
 Sent: Saturday, December 23, 2006 11:24 AM
 To: Craig Caughlin
 Subject: Re: [leaf-user] No DHCP address to the DMZ :-(


 Hi Craig,


 Unfortunately, no. :-(


 I've even tried changing cables to be sure it wasn't a simple problem
 like that (even though they're brand new cables).

 Suggestions?


 A few things to check:
 Do you have an ip connection at all? Try to give the system a fixed
 ip address and run ping. If that works, enable dhcp on that system again
 and look if dhcp traffic isn't blocked. This can be done with 'shorewall
 hits', but it's better to use tcpdump to 'snif' the traffic.

 Thank you,
 Craig


 Eric


 -Original Message-
 From: Eric Spakman [mailto:[EMAIL PROTECTED]
 Sent: Saturday, December 23, 2006 11:07 AM
 To: Craig Caughlin
 Cc: leaf-user@lists.sourceforge.net
 Subject: Re: [leaf-user] No DHCP address to the DMZ :-(


 Hi Craig,


 Hi Eric,
 The only thing I have done to get things up and running is:


 I've uncommented dhcp-range=192.168.1.1,192.168.1.199,12h in the
 /etc/dnsmasq.conf file. Do I need to do something different?


 No, that's enough to serve dhcp addresses.


 Also, should I add another interface in /etc/dhcpc/config ? I see at
 the bottom it says, # Add other interfaces here *)
 ;;


 Should I add eth2? What does the syntax look like?:


 # Add other interfaces here
 *)
 eth2 ;;


 Is that right (and/or do I even need to worry about it?)?


 This is the configuration of dhcpcd, the dhcp client. You don't need
 to worry about that.

 Thank you! :-)


 Is it working now in the dmz?


 Craig


 Eric


 -Original Message-
 From: Eric Spakman [mailto:[EMAIL PROTECTED]
 Sent: Saturday, December 23, 2006 10:35 AM
 To: Craig Caughlin
 Cc: leaf-user@lists.sourceforge.net
 Subject: Re: [leaf-user] No DHCP address to the DMZ :-(


 Hi Craig,


 Hi folks,
 Happy Holidays. :-)


 Happy Holidays to you ;-)


 I'm using the new, Bering uClibc 3.0, and my LAN connections
 to/from the web, etc. work great.

 Now, I'm trying to set up a wireless router in my DMZ, and it's not

 getting
 a dynamic IP address (I have confirmed this by connecting a laptop
 via crossover cable directly to the DMZ NIC). Here's my scenario:

 1. I'm using the new, Bering uClibc 3.0
 2. ip addr show displays:


 eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
 link/ether 00:02:e3:1d:e2:a5 brd ff:ff:ff:ff:ff:ff inet
 67.164.217.61/23 brd 255.255.255.255 scope global eth0


 eth1:  mtu 1500 qdisc pfifo_fast qlen 1000
 link/ether 00:02:e3:23:c1:1f brd ff:ff:ff:ff:ff:ff inet
 192.168.1.254/24 brd 192.168.1.255 scope global eth1


 eth2:  mtu 1500 qdisc pfifo_fast qlen 1000
 link/ether 00:02:e3:22:a0:51 brd ff:ff:ff:ff:ff:ff inet
 192.168.1.100/24 brd 192.168.1.255 scope global eth2


 3. I uncommented the DMZ section of /etc/network/interfaces
 4. I have the following changes to Shorewall:


 /etc/shorewall/zones - Uncommented the DMZ line
 /etc/shorewall/policy - DMZ  NET  ACCEPT
 /etc/shorewall/rules - DNS/ACCEPT dmz  fw, Ping/ACCEPT dmz  fw,
 and
 ACCEPT

 fw dmz  icmp /etc/shorewall/interfaces - dmz eth2 detect dhcp
 /etc/shorewall/masq - Unchanged
 /etc/shorewall/routestopped - Unchanged



 -
  Take Surveys. Earn Cash. Influence the Future of IT
 Join SourceForge.net's Techsay panel and you'll get the chance to share
 your opinions on IT  business

[leaf-user] CD hangs at LINUXRC: Loaded Packages

2006-12-23 Thread Craig Caughlin

Hi folks,
I'm trying to create a bootable CD, and the CD boots fine, but hangs at:

LINUXRC: Loaded Packages

My isolinux.cfg looks like:

display syslinux.dpy
timeout 0 
append reboot=bios
default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0
LEAFCFG=/dev/cdrom:iso9660

And the only change to my leaf.cfg looks like:

# The first entry is the backup device. 
# The path is parsed in reversed order, packages on the first device listed
will be loaded last.
#PKGPATH=/dev/fd0u1680:msdos
PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660

The command I'm executing to create the .iso is:

mkisofs -o bering.iso -b isolinux.bin -c isolinux.cat -V Bering
-no-emul-boot -relaxed-filenames -boot-load-size 4 -boot-info-table -hide
isolinux.bin -l diskcontent

Any idea what might be causing my boot problem?

Thank you,
Craig


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] CD hangs at LINUXRC: Loaded Packages

2006-12-23 Thread Craig Caughlin

Hi folks,
I'm trying to create a bootable CD, and the CD boots fine, but hangs at:

LINUXRC: Loaded Packages

My isolinux.cfg looks like:

display syslinux.dpy
timeout 0
append reboot=bios
default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0
LEAFCFG=/dev/cdrom:iso9660

And the only change to my leaf.cfg looks like:

# The first entry is the backup device. 
# The path is parsed in reversed order, packages on the first device listed
will be loaded last.
#PKGPATH=/dev/fd0u1680:msdos
PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660

The command I'm executing to create the .iso is:

mkisofs -o bering.iso -b isolinux.bin -c isolinux.cat -V Bering
-no-emul-boot -relaxed-filenames -boot-load-size 4 -boot-info-table -hide
isolinux.bin -l diskcontent

Any idea what might be causing my boot problem?

Thank you,
Craig


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] gendropbearkeys not working?

2006-12-22 Thread Craig Caughlin

Hi folks,
I'm upgrading to the new, Bering uClibc 3.0, and the gendropbearkeys
command (script) doesn't seem to be working?...or is it me (like I'm doing
something wrong, which is likely)???

:-)

Thank you,
Craig


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] gendropbearkeys not working? Forget it :-)

2006-12-22 Thread Craig Caughlin

Duhhh, I see that the keys are now generated automatically:

dropbear - keys are automatically created when they not exist, the
gendropbearkeys script is removed. Suggested by Paul Traina

Sorry about that.

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Craig Caughlin
Sent: Friday, December 22, 2006 3:21 PM
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] gendropbearkeys not working?

Hi folks,
I'm upgrading to the new, Bering uClibc 3.0, and the gendropbearkeys
command (script) doesn't seem to be working?...or is it me (like I'm doing
something wrong, which is likely)???

:-)

Thank you,
Craig


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT  business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] DNS problems?

2006-10-31 Thread Craig Caughlin

Hi Eric,
Hmmm, this looks suspicious. 

cat /var/log/daemon.log showed this entry (among others): failed to access
/etc/dhcpc/resolve.conf: no such file or directory

Thank you,
Craig



-Original Message-
From: Eric Spakman [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, October 31, 2006 12:07 AM
To: Craig Caughlin
Cc: 'Leaf-User '
Subject: Re: [leaf-user] DNS problems?

Hi Craig,

What is the output of daemon.log if you restart it? (svi dnsmasq restart)

 Hi folks,
 I made the changes that Eric suggested, and I still can't resolve names. I
  see in this document: http://leaf.sourceforge.net/doc/bk02ch13s08.html
 it references changing the /etc/shorwall/rules to allow access to ports 67
 
 68. Unfortunately, there doesn't seem to be such an entry line in
 Shorewall.

 Therefore change /etc/shorewall/rules as shown below:


 # uncomment to use dnsmasq's dhcpd in your LAN
 ACCEPT  loc   fwudp 67,68


 H. Might there be something else with Shorewall I need to look at?

I'm a bit rusty in this area, but the follwing line in the rules file
should be the way it works with the latest shorewall versions:
#  Accept DNS connections from the firewall to the network
#  and from the local network to the firewall (in case dnsmasq is used)
DNS/ACCEPT   fw  net
DNS/ACCEPT   loc fw


 Suggestions?

 Thank you all.

 Craig

Eric


-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] DNS problems?...SOLVED!

2006-10-31 Thread Craig Caughlin

Hi folks,
KP was exactly correct...I had: resolve-file=/etc/dhcpc/resolv.conf and not
resolv-file=/etc/dhcpc/resolv.conf

Thank you, gentlemen, for your help. And for what it's worth...you guys (the
entire Bering team, and Tom too) do a heck-of-a-job. This is a great work of
art!

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of KP
Kirchdoerfer
Sent: Tuesday, October 31, 2006 5:55 AM
To: leaf-user@lists.sourceforge.net
Cc: Eric Spakman; Craig Caughlin
Subject: Re: [leaf-user] DNS problems?

Hi

the name of the option and the file has been that often mistyped in the
mails, 
I'm suspicious it might be wrong in the dnsmasq.conf as well.

It is:
resolv-file=/etc/dhcpc/resolv.conf 

and not resolve-file or resolve.conf.


kp

Am Dienstag, 31. Oktober 2006 14:41 schrieb Eric Spakman:
 Hi Craig,

 That's strange, does the /etc/dhcpc/resolv.conf file exist (and are you
 using dhcpcd.lrp)?

 Eric

  Hi Eric,
  Hmmm, this looks suspicious.
 
 
  cat /var/log/daemon.log showed this entry (among others): failed to
  access /etc/dhcpc/resolve.conf: no such file or directory
 
 
  Thank you,
  Craig
 
 
 
 
  -Original Message-
  From: Eric Spakman [mailto:[EMAIL PROTECTED]
  Sent: Tuesday, October 31, 2006 12:07 AM
  To: Craig Caughlin
  Cc: 'Leaf-User '
  Subject: Re: [leaf-user] DNS problems?
 
 
  Hi Craig,
 
 
  What is the output of daemon.log if you restart it? (svi dnsmasq
restart)
 
  Hi folks,
  I made the changes that Eric suggested, and I still can't resolve
names.
  I
  see in this document: http://leaf.sourceforge.net/doc/bk02ch13s08.html
  it references changing the /etc/shorwall/rules to allow access to ports
  67 
  68. Unfortunately, there doesn't seem to be such an entry line in
  Shorewall.
 
 
  Therefore change /etc/shorewall/rules as shown below:
 
 
 
  # uncomment to use dnsmasq's dhcpd in your LAN
  ACCEPT  loc   fwudp 67,68
 
 
 
  H. Might there be something else with Shorewall I need to look at?
 
  I'm a bit rusty in this area, but the follwing line in the rules file
  should be the way it works with the latest shorewall versions: #
  Accept DNS connections from the firewall to the network
  #  and from the local network to the firewall (in case dnsmasq is
  used) DNS/ACCEPT   fw  net
  DNS/ACCEPT   loc fw
 
  Suggestions?
 
 
  Thank you all.
 
 
  Craig
 
  Eric
 
 
 
 
-
   Using Tomcat but need to do more? Need to support web services,
  security? Get stuff done quickly with pre-integrated technology to make
  your job easier Download IBM WebSphere Application Server v.1.0.1 based
  on Apache Geronimo
  http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642
  
  leaf-user mailing list: leaf-user@lists.sourceforge.net
  https://lists.sourceforge.net/lists/listinfo/leaf-user
  Support Request -- http://leaf-project.org/

 -
 Using Tomcat but need to do more? Need to support web services, security?
 Get stuff done quickly with pre-integrated technology to make your job
 easier Download IBM WebSphere Application Server v.1.0.1 based on Apache
 Geronimo
 http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642
 
 leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/

-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job
easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] DNS problems?

2006-10-30 Thread Craig Caughlin

Hi folks,
I'm guessing I don't have DNS (dnqmasq) set up correctly on the new Bering.
I can reach the internet (like Google for example) just fine by using its IP
address (66.102.7.99), but I can't otherwise.

I set up the new Bering (Bering-uClibc_3.0-beta2) dnsmasq just like my old
Bering (2.4.20 I believe), but it doesn't seem to work.

Here's what I did: 

1.) I uncommented the filterw2k line
2.) I changed the resolve-file= line to read:
resolve-file=/etc/dhcpc/resolv.conf
3.) I uncommented the dhcp-range= line
4.) I uncommented the dhcp-leasefile= line

I've looked at the documentation for setting up dnsmasq, but I guess I'm
missing something. :-(

Suggestions???

Thank you...have a great week!

Craig


-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] DNS problems?

2006-10-30 Thread Craig Caughlin

Hi folks,
I made the changes that Eric suggested, and I still can't resolve names. I
see in this document: http://leaf.sourceforge.net/doc/bk02ch13s08.html it
references changing the /etc/shorwall/rules to allow access to ports 67 
68. Unfortunately, there doesn't seem to be such an entry line in Shorewall.


Therefore change /etc/shorewall/rules as shown below:

# uncomment to use dnsmasq's dhcpd in your LAN
ACCEPT  loc   fwudp 67,68

H. Might there be something else with Shorewall I need to look at?

Suggestions?

Thank you all.

Craig

-Original Message-
From: Eric Spakman [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 30, 2006 8:05 AM
To: [EMAIL PROTECTED]
Cc: 'Leaf-User '
Subject: Re: [leaf-user] DNS problems?

Hello Craig,

The only modification necessary, if you use dhcpc and want the integrated
dhcp daemon, is:
resolve-file=/etc/dhcpc/resolv.conf
and
dhcp-range=192.168.1.1,192.168.1.199,12h

See also:
http://leaf.sourceforge.net/doc/bk02ch13.html
(especially http://leaf.sourceforge.net/doc/bk02ch13s08.html and
http://leaf.sourceforge.net/doc/bk02ch13s05.html)

Eric

 Thanks, Luis.


 The only reason I made these changes is because my old Bering worked just
 fine this way...so I thought that must be why my new Bering doesn't!
 :-) I guess I'm wrong.


 Should I change things back to their default settings and then start
 troubleshooting from there? Do you think the default Bering DNS
 functionality should work out of the box without need for modifications
 for cable internet service (which is what I have)?

 Thank you,
 Craig



 -- Original message --
 From: Luis.F.Correia [EMAIL PROTECTED]

 Hi!


 -Original Message-
 From: Craig Caughlin [mailto:[EMAIL PROTECTED]
 Sent: segunda-feira, 30 de Outubro de 2006 14:16
 To: 'Leaf-User (E-mail)'
 Subject: [leaf-user] DNS problems?


 Hi folks,
 I'm guessing I don't have DNS (dnqmasq) set up correctly on
 the new Bering. I can reach the internet (like Google for example) just
 fine by using its IP address (66.102.7.99), but I can't otherwise.

 I set up the new Bering (Bering-uClibc_3.0-beta2) dnsmasq
 just like my old Bering (2.4.20 I believe), but it doesn't seem to
 work.

 Here's what I did:


 1.) I uncommented the filterw2k line
 2.) I changed the resolve-file= line to read:
 resolve-file=/etc/dhcpc/resolv.conf

 Why this change?
 Which program fills this file with valid data?


 If you are using PPPoE, and if 'peerdns' is defined, you may
 use the /etc/ppp/resolv.conf instead.


 3.) I uncommented the dhcp-range= line
 4.) I uncommented the dhcp-leasefile= line


 I've looked at the documentation for setting up dnsmasq, but
 I guess I'm missing something. :-(


 Suggestions???


 Thank you...have a great week!


 Craig


 Luis Correia


 ---
 --
 Using Tomcat but need to do more? Need to support web services,
 security? Get stuff done quickly with pre-integrated technology to make
 your job easier Download IBM WebSphere Application Server v.1.0.1 based
 on Apache Geronimo
 http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=12164
 2
 
  leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/



 -
  Using Tomcat but need to do more? Need to support web services,
 security? Get stuff done quickly with pre-integrated technology to make
 your job easier Download IBM WebSphere Application Server v.1.0.1 based on
 Apache Geronimo
 http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642
 
 leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/





-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Netgear FA311 driver

2006-10-29 Thread Craig Caughlin

Hi folks,
I'm trying to set up the new Bering-uClibc 3.0-beta-2, and I'm having
difficulty finding the right NIC driver.

All of my NICs in the box are the same; they're Netgear FA311s. I've tried
the natsemi driver, the tulip driver, and the crc32 driver with both...but
no luck.

Suggestions?

Thank you,
Craig
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] Netgear FA311 driver

2006-10-29 Thread Craig Caughlin

Hi Arne,
ip addr show reveals that I do have ip addresses! :-) (I guess I forgot
the crc32 driver). 

1.) But, I can't surf the web. Do I need to do anything with DNS? 
2.) Also, I get a LWP is undefined - Using LRP package list (whatever this
means). 
3.) Finally, what do I need to do to log into the web interface? I have set
up dropbear (gendropbearkeys), and then backed it up. 192.168.1.254 prompts
me for a user name and password, but it doesn't want to take: root /
(mypassword).

O.K., call me stupid :-)

What am I doing wrong?

Craig


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Arne Bernin
Sent: Sunday, October 29, 2006 11:47 AM
To: Leaf-User (E-mail)
Subject: Re: [leaf-user] Netgear FA311 driver

On Sun, 2006-10-29 at 11:24 -0800, Craig Caughlin wrote:
 Hi folks,
 I'm trying to set up the new Bering-uClibc 3.0-beta-2, and I'm having
 difficulty finding the right NIC driver.
 
 All of my NICs in the box are the same; they're Netgear FA311s. I've tried
 the natsemi driver, the tulip driver, and the crc32 driver with both...but
 no luck.
 


 Suggestions?

hmm. the natsemi driver should be ok for these cards (at least that is
what i have read). I assume, you load crc32 first... did you get any
error messages ?

-- 
Arne Bernin [EMAIL PROTECTED]

http://www.ucBering.de




-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job
easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Boot error with Bering-uClibc_3.0-beta2_iso_bering-uclibc-iso.bin

2006-10-26 Thread Craig Caughlin

Hi folks,
I'm sorry for the post because I'm sure I'm doing something realy dumb; no
matter what I try, I can't get the Bering-uClibc_3.0-beta2_iso_bering-
uclibc-iso.bin to boot. I've renamed it with an .iso extension, burned it to
a CD, tried booting with VMWare...but no dice. I can't seem to get it to
boot.

What am I doing wrong?

Thank you,
Craig
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] configconfigdb(nf!)db error message(?) on boot

2006-10-26 Thread Craig Caughlin

Hi folks,
I'm trying to set up the latest  greatest Bering. I'm booting
Bering-uClibc_3.0-beta2 from a floppy, and I get the following message on
boot: configconfigdb(nf!)db

Is this an error (it looks like it is)? How do I correct it?

Thank you,
Craig
-
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnkkid=120709bid=263057dat=121642

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Provide DHCP address ONLY to predetermined MAC address?

2005-04-14 Thread Craig Caughlin

Hi folks,
Can you set up the latest Bering to provide addresses to ONLY a
predetermined list of MAC addressed clients? It seems like I remember
someone doing something similar to this a while back, but I can't find a
posting on it. I found something very similar
(http://www.mail-archive.com/leaf-user@lists.sourceforge.net/msg15044.html),
but I didn't know if the setup would be the same since the new Bering uses
dnsmasq to provide LAN DHCP services.

Thank you,
Craig



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95alloc_id396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Provide DHCP address ONLY to predetermined MAC address?

2005-04-14 Thread Craig Caughlin

Cool. Hey, thanks for the tip, Eric. :-)

In your example, you assign the same IP address to the same MAC address. I
guess what I'm wondering is: Can you have your LAN clients receive a random
address from a pool of DHCP addresses? 

What I'm hoping to do is: replace my company's hokey Windoze DHCP server
with LEAF/Bering. Windoze can do the same thing you're suggesting; it can
tie a DHCP reservation to a MAC address, but you can't give an address out
of a pool, at random, for a predetermined MAC address client. It's not that
robust, and I'm hoping Bering is! I work for a bank, and federal auditors
will be concerned that someone could, in theory, bring in a laptop...plug
it into an available CAT5 outlet and wreak havoc on my network.
Comments/suggestions?

Thank you,
Craig


-Original Message-
From: Eric Spakman [mailto:[EMAIL PROTECTED] 
Sent: Thursday, April 14, 2005 1:35 PM
To: leaf-user@lists.sourceforge.net
Cc: [EMAIL PROTECTED]
Subject: Re: [leaf-user] Provide DHCP address ONLY to predetermined MAC
address?


Hello Craig,

Things like this are possible with setting config options like this 
(some examples from the dnsmasq.conf file):

# Always allocate the host with ethernet address 11:22:33:44:55:66 # The IP
address 192.168.0.60 #dhcp-host=11:22:33:44:55:66,192.168.0.60

# Never offer DHCP service to a machine whose ethernet
# address is 11:22:33:44:55:66 #dhcp-host=11:22:33:44:55:66,ignore

You can set multiple dhcp-host lines and there are more examples in 
this file to finetune the behaviour. 

You can get more info on the dnsmasq site 
(http://thekelleys.org.uk/dnsmasq/doc.html) or ask questions on the 
dnsmasq list (they probably know more about it than me :-)

Eric Spakman


-
Hi folks,
Can you set up the latest Bering to provide addresses to ONLY a
predetermined list of MAC addressed clients? It seems like I remember
someone doing something similar to this a while back, but I can't 
find a
posting on it. I found something very similar
(http://www.mail-archive.com/leaf-
[EMAIL PROTECTED]/msg15044.html),
but I didn't know if the setup would be the same since the new Bering 
uses
dnsmasq to provide LAN DHCP services.

Thank you,
Craig



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95alloc_id396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Provide DHCP address ONLY to predetermined MAC address?

2005-04-14 Thread Craig Caughlin

Oh, I agree completely. It just seems like a quick  dirty method to keep
the auditors that I've personally met (who, IMHO, are not the sharpest
knives in the drawer) happy.

I like method number 2, but Bering doesn't support that..does it??? If it
does, well hey, tell me more! I'll be on that like white on rice.

Thank you,
Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eric Spakman
Sent: Thursday, April 14, 2005 2:38 PM
To: [EMAIL PROTECTED]
Cc: leaf-user@lists.sourceforge.net
Subject: RE: [leaf-user] Provide DHCP address ONLY to predetermined MAC
address?


Hello Craig,

I understand what you are trying to do, but it goes beyond my 
knowledge of the dnsmasq setup.

It's also a weak security method, you only prevent someone getting an 
ip address if the mac address is not listed in a dhcp pool. Someone 
who wants to get access can easely spoof a mac address or take a 
fixed ip address in the subnet.

A better method for securing a network against unwanted access with a 
laptop is by using 802.1x (Validated Network Access). Where the 
laptop is authenticated against Radius via the switch and Active 
Directory to give access on hardware level (network link). It does 
this by checking the machine level name/password (not the user 
name/password), which is stored in AD, and some other values and 
(fully) opens the switch port when everything is allright.

Eric




---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] A couple of odd behavior issues???

2005-02-21 Thread Craig Caughlin

Thanks, Mike.
Yeah, I'm still puzzled because although my network connectivity seems to
work fine...I can't imagine why I only see eth0. H. I'm also puzzled
why my weblet seems to work from the floppy, but not the CD. I've seen posts
from people where a .lrp package won't load because not enough memory was
allocated in the leaf.cfg file, so I guess I'll try to increase that
parameter and see what happens.

Thanks again,
Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mike Leone
Sent: Monday, February 21, 2005 5:17 PM
Cc: LEAF
Subject: Re: [leaf-user] A couple of odd behavior issues???


Luis.F.Correia wrote:
  
 Hi!
 
 answer to question 1
 
 -Original Message-
 From: Craig Caughlin [mailto:[EMAIL PROTECTED]
 Sent: Thursday, February 17, 2005 3:04 AM
 To: LEAF
 Subject: [leaf-user] A couple of odd behavior issues???
 
 Hi folks,
 I'm having a little seemingly odd behavior maybe someone can
 help me with.
 
 1.) If I ps ax | grep eth, I only see eth0, there's no
 eth1. I should see
 both, shouldn't I? I'm using the dnsmasq.lrp package and its 
 
 if you are using ADSL, then your network device is ppp0

Not always correct. If your ADSL connection uses PPPOE, then you would be
correct. However, I have an ADSL connection, that does not use PPPOE. So I
have 2 eth interfaces.



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95alloc_id396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] A couple of odd behavior issues???

2005-02-16 Thread Craig Caughlin

Hi folks,
I'm having a little seemingly odd behavior maybe someone can help me with.

1.) If I ps ax | grep eth, I only see eth0, there's no eth1. I should see
both, shouldn't I? I'm using the dnsmasq.lrp package and its built-in DHCP
functionality to service my LAN.
2.) If I boot from the floppy, I can access the firewall log pages at:
http://192.168.1.254, but not if I boot from my CD. After booting from the
CD and then examining the backup feature of the lrcfg menu, the weblet.lrp
package doesn't appear to be loading (for some unknown reason to me) if I
boot from the CD.
3.) Should I be using the lrpkg.cfg on my CD, and not the leaf.cfg?

Here's what I did:

I set up a new box and I started with the latest
Bering-uClibc_2.2.3_img_bering-uclibc-1680.exe. I made a floppy and got
everything working using it and the latest Shorewall. Then, I made a
bootable CD using the files from the floppy. Here's the leaf.cfg from the
floppy:

LRP=root config etc local modules iptables dhcpcd shorwall ulogd dnsmasq
dropbear sh-httpd weblet
PKGPATH=/dev/fd0u1680:msdos

And here's the leaf.cfg from the CD:

LRP=root config etc local modules iptables dhcpcd shorwall ulogd dnsmasq
dropbear sh-httpd weblet
PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660


Suggestions???

Thank you,
Craig



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Error message: .../shorewall/shorewall.conf: not found

2005-02-13 Thread Craig Caughlin

Hi folks,
I'm setting up a new Bering-uClibc 2.2.3 box, and I've added Tom's latest
stable shorwall.lrp package to it before starting any setup. I've got my
NICs configured (both use DHCP), and both NICs receive their addresses fine.
However...I have no internet access. :-( When I try to ping a FQDN
(www.google.com) or an address from the firewall, neither work. When the box
boots, I get a couple of error messages:

1.) No policy defined from the zone fw to zone net and

2.) /etc/shorewall/shorewall.conf: 1: /shorewall/shorewall.conf: not found.

I've carefully looked at both the Bering-uClibc Installation Guide and Tom's
instructions and tried to follow the instructions, but I guess I'm missing
something.

Suggestions?

Thank you,
Craig



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95alloc_id396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Error message: .../shorewall/shorewall.conf: not found

2005-02-13 Thread Craig Caughlin

Hey, good call, Tom. That solved the /etc/shorewall/shorewall.conf: 1:
/shorewall/shorewall.conf: not found error message (I saw Andrea Galmacci's
post, too.). My policy file looks pretty vanilla:

#SOURCE DESTPOLICY  LOG LIMIT:BURST
#   LEVEL
loc net ACCEPT
net all DROPULOG
# If you want open access to the Internet from your Firewall
# remove the comment from the following line.
#fw net ACCEPT

#LAST LINE -- DO NOT REMOVE

Any other suggestions?

Thank you,
Craig



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom Eastep
Sent: Sunday, February 13, 2005 1:03 PM
To: Craig Caughlin; LEAF
Subject: Re: [leaf-user] Error message: .../shorewall/shorewall.conf: not
found


Tom Eastep wrote:
 Craig Caughlin wrote:
 
Hi folks,
I'm setting up a new Bering-uClibc 2.2.3 box, and I've added Tom's 
latest stable shorwall.lrp package to it before starting any setup. 
I've got my NICs configured (both use DHCP), and both NICs receive 
their addresses fine. However...I have no internet access. :-( When I 
try to ping a FQDN
(www.google.com) or an address from the firewall, neither work. When the
box
boots, I get a couple of error messages:

1.) No policy defined from the zone fw to zone net and
 
 
 Sounds like you have an empty policy file -- that's puzzling since the 
 policy file in my .lrp is fully populated.
 
 
2.) /etc/shorewall/shorewall.conf: 1: /shorewall/shorewall.conf: not 
found.
 
 
 I wouldn't know how to produce that error message if I wanted to...
 
 
Ah -- I'll bet that you didn't download the corrected shorewall.conf file
available in the 'errata/LRP' subdirectory of the download directory.

-Tom
-- 
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA  \ [EMAIL PROTECTED]
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key


---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95alloc_id396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] DNS problems?

2005-02-13 Thread Craig Caughlin

Hi folks,
I'm not sure if this is related to my other hiccups, but I don't think so.
My problem is that I don't seem to be able to resolve DNS names. I can
connect to web sites if I know their IP address, but I can't ping anyone via
FQDN either from my LAN or from the firewall. Suggestions?

Thank you,
Craig



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95alloc_id396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] DNS problems?

2005-02-13 Thread Craig Caughlin

Hi folks,
Thank you for the reply, Gene. I actually discovered two things I was doing
wrong.

1.) I had assumed I needed to use the dhcpd.lrp package that I used
to use when I no longer used pump.lrp to service my LAN DHCP clients.
Obviously, I didn't need to do that. I didn't realize that the dnsmasq.lrp
package has a dhcp feature (for my LAN side of things) built in. So...I
first removed the dhcpd.lrp package. Then...
2.) I uncommented and then modified the
resolv-file=/etc/dhcpc/resolv.conf and the
dhcp-range=192.168.1.1,192.168.1.199,12h lines in the /etc/dnsmasq.conf
file.

Presto, chango...now it works! :-) Thank you Gene and Tom for your input.

Have a great week.

Best Regards,
Craig


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gene Smith
Sent: Sunday, February 13, 2005 3:37 PM
To: Craig Caughlin
Cc: LEAF
Subject: Re: [leaf-user] DNS problems?


Craig Caughlin wrote, On 02/13/2005 05:22 PM:
 Hi folks,
 I'm not sure if this is related to my other hiccups, but I don't think 
 so. My problem is that I don't seem to be able to resolve DNS names. I 
 can connect to web sites if I know their IP address, but I can't ping 
 anyone via FQDN either from my LAN or from the firewall. Suggestions?
 
 Thank you,
 Craig

Are you running a dns server (e.g., dnscache) on the firewall or are you 
requesting dns directly from outside?
-gene


---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595alloc_id=14396op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Upgrading shorewall.lrp clarification

2005-02-05 Thread Craig Caughlin

Hi folks,
I just wanted a little clarification. I'm setting up a new Bering-uClibc
2.2.3 box, and it's included version of Shorewall is 2.0.15. I want to
include Tom's latest shorewall.lrp file, 2.2.0. Do I just need to replace
the existing .lrp file on my boot media and follow the instructions for its
setup at: http://shorewall.net/two-interface.htm or are there instructions
somewhere else I should be looking at? I only ask because Tom said to Be
sure to pay careful attention to the section entitled Issues when migrating
from Shorewall 2.0 to Shorewall 2.2. Forgive me if that seems like a stupid
question (but I just want to be sure I'm clear), but if I'm replacing the
entire .lrp I don't need to be concerned with upgrade instructions,
right???

Thank you,
Craig



---
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag--drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Upgrading shorewall.lrp clarification

2005-02-05 Thread Craig Caughlin

O.K., please forgive me...now I'm really feeling stupid. Where do I find
just the .lrp file??? I find the shorewall-lrp-2.2.0.tgz file, but it unzips
to be shorewall-lrp-2.2.0.tar. Do I just rename it to shorewall.lrp, or am I
missing something???

Thank you,
Craig



---
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag--drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] multiple addresses

2005-01-18 Thread Craig Caughlin

Hi Al,
It's not very often I can contribute to the group, but I had identically the
same problem. Here's what I did:

auto eth0
iface eth0 inet static
address 46.60.172.201
netmask 255.255.255.0
broadcast 46.60.172.255
gateway 46.60.172.254
# Additional IP addresses
up ip addr add 46.60.172.202/24 brd 46.60.172.255 dev eth0 label
eth0:0
up ip addr add 46.60.172.203/24 brd 46.60.172.255 dev eth0 label
eth0:1
up ip addr add 46.60.172.204/24 brd 46.60.172.255 dev eth0 label
eth0:2

Then be sure to back up.

Hope this helps!

Cheers,
Craig



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of ALParada
Sent: Tuesday, January 18, 2005 2:48 PM
To: leaf-user@lists.sourceforge.net
Subject: [leaf-user] multiple addresses


Hello,

Exactly how do you add mutiple ip addresses to the same interface? I tried
adding this under network config/interfaces:

# Configure Interface
auto eth1
iface eth1 inet static
  address 192.168.1.155
  netmask 255.255.255.0
  broadcast 192.168.1.0
  gateway 192.168.1.1

auto eth1:0
iface eth1 inet static
  address 192.168.2.155
  netmask 255.255.255.0
  broadcast 192.168.2.0

When I restarted networking I had lost all my addresses. I did an ip addr
and they were all gone. I commented the second address and did a:

ip addr add 192.168.2.155/24 brd 192.168.1.255 dev eth0 label eth0:0

and it worked. Since I don't want to do this everytime I reboot what am I
doing wrong and how do I fix it?

TIA.






---
The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE
limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE --
well, almosthttp://www.thinkgeek.com/sfshirt

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
The SF.Net email is sponsored by: Beat the post-holiday blues
Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek.
It's fun and FREE -- well, almosthttp://www.thinkgeek.com/sfshirt

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Creating bootable CD error-LRP= is empty or unset...

2004-12-16 Thread Craig Caughlin

Hi folks,
O.K., I'm stumped. :-) 

I'm trying to create a bootable CD. I've read the threads about this error
message, and followed the instructions
(http://leaf.sourceforge.net/doc/guide/bucdrom.html and
http://leaf.sourceforge.net/doc/guide/bucu-ide.html) in every combination I
can create, and still no success. My CD boots fine, but ultimately gives the
error:

LINUXRC: PKGPATH is empty or unset. Can not install packages.
.:285: Can't open /var/lib/lrpkg/root.dev.own
Kernel panic! Attempted to kill init!

I started with a floppy disk. I have copied all of my floppy files to a
directory, renamed syslinux.cfg to isolinux.cfg, and then deleted
ldlinux.sys. To create my CD, I issue this command: mkisofs -o bering.iso -b
isolinux.bin -c isolinux.cat -no-emul-boot -boot-load-size 4
-boot-info-table -hide isolinux.bin -l diskcontent. 

The contents of my isolinux.cfg file is:

display syslinux.dpy
timeout 0 
default linux initrd=initrd.lrp init=/linuxrc rw root=/dev/ram0
LEAFCFG=/dev/fd0:msdos

The contents of my leaf.cfg file is (I've removed the commented lines):

VERBOSE=1

LRP=root config etc local modules iptables dhcpcd keyboard shorwall ulogd
dnsmasq dropbear sh-httpd weblet
PKGPATH=/dev/fd0:msdos,/dev/cdrom:iso9660
syst_size=6M
log_size=2M

I've tried the LRP= line both with and without parenthesis, no luck.

Suggestions???

Happy holidays :-)

Craig




---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Creating bootable CD error-LRP= is empty or unset...

2004-12-16 Thread Craig Caughlin

Hi Luis,
I downloaded the Bering-uClibc_2.2.2_iso_bering-uclibc-iso.bin and I've
tried using the initrd.lrp package right out of the .iso image and I've
tried using the initrd_ide_cd.lrp (renamed to just initrd.lrp), and neither
seem to work.

Do you think it's something else really simple like the fact that I've
edited my files on a Windows box? Also, I see the
Bering-uClibc_2.2.2_iso_bering-uclibc.iso file has an lrpkg.cfg file within
it, which I do not have in my diskcontent directory that I'm making my CD
from. Do I need that file?

Thank you,
Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Luis.F.Correia
Sent: Wednesday, December 15, 2004 12:42 AM
To: LEAF
Subject: RE: [leaf-user] Creating bootable CD error-LRP= is empty or
unset...


Hi! 

 -Original Message-
 From: Craig Caughlin [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, December 15, 2004 3:30 AM
 To: LEAF
 Subject: [leaf-user] Creating bootable CD error-LRP= is 
 empty or unset...
 
 Hi folks,
 O.K., I'm stumped. :-)
 
 I'm trying to create a bootable CD. I've read the threads
 about this error
 message, and followed the instructions
 (http://leaf.sourceforge.net/doc/guide/bucdrom.html and
 http://leaf.sourceforge.net/doc/guide/bucu-ide.html) in every 
 combination I
 can create, and still no success. My CD boots fine, but 
 ultimately gives the
 error:
 
 LINUXRC: PKGPATH is empty or unset. Can not install packages.
 .:285: Can't open /var/lib/lrpkg/root.dev.own
 Kernel panic! Attempted to kill init!
 
 I started with a floppy disk. I have copied all of my floppy
 files to a
 directory, renamed syslinux.cfg to isolinux.cfg, and then deleted
 ldlinux.sys. To create my CD, I issue this command: mkisofs 
 -o bering.iso -b
 isolinux.bin -c isolinux.cat -no-emul-boot -boot-load-size 4
 -boot-info-table -hide isolinux.bin -l diskcontent. 
 

Did you use initrd_cd.lrp, or the standard one?

You must have the ide related modules loaded.



Luis Correia   
Bering uClibc Team Member

PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 
Key Server: http://pgp.mit.edu


---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Where's the NIC drivers?

2004-12-06 Thread Craig Caughlin

Hmmm, am I missing something? I'm trying to set up Bering-uClibc 2.2.2, and
I can't figure out how / where to specify which NIC driver(s) to load. Can
someone tell me which file(s) I need to edit and which directory I'll need
to copy drivers to should the default install not have my needed driver? 

Thank you,
Craig

P.S. Did this change? In my old version of Bering I could edit this from the
lrcfg main menu. Just curious.

Have a great week!



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Where's the NIC drivers?

2004-12-06 Thread Craig Caughlin

Thank you, Jaap.
O.K., that's what I thought. But here's the odd part; I have an /etc/modules
file and a /lib/modules directory IF I use the 
Bering-uClibc 2.2.2 floppy image, but not the CD .iso. Is something missing,
or am I doing something wrong?

Thanks,
Craig


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jaap Eldering
Sent: Monday, December 06, 2004 7:03 AM
To: LEAF
Subject: Re: [leaf-user] Where's the NIC drivers?


On Mon, Dec 06, 2004 at 06:22:57AM -0800, Craig Caughlin wrote:
 Hmmm, am I missing something? I'm trying to set up Bering-uClibc 
 2.2.2, and I can't figure out how / where to specify which NIC 
 driver(s) to load. Can someone tell me which file(s) I need to edit 
 and which directory I'll need to copy drivers to should the default 
 install not have my needed driver?
 
 Thank you,
 Craig
 
 P.S. Did this change? In my old version of Bering I could edit this 
 from the lrcfg main menu. Just curious.

You have to configure this in the file /etc/modules, which should be
(almost) the same as in Bering. Modules configured here, are loaded from
/lib/modules, so if your NIC's driver (module) is not present, you should
copy it from the modules tarball to /lib/modules.

Jaap


---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] DMZ clarification?

2004-12-04 Thread Craig Caughlin

Hi folks,
Regarding the proper setup of a DMZ; as a general rule, computers within
DMZ's are no more trusted by the internal LAN(s) than are any other
computers on the internet. Some of the configuration settings on the
firewall are just a little more relaxed to allow boxes in your DMZ to be
accessed by computers outside your network. Is that an accurate
interpretation?

I want to set up a DMZ using the latest Bering, and the above is what I want
to achieve. If I follow Tom's documentation on setting up a DMZ...that will
be the net result, won't it?

Comments...suggestions???

Thank you,
Craig



---
SF email is sponsored by - The IT Product Guide
Read honest  candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Please be kind to the Newbie!!

2004-07-04 Thread Craig Caughlin

Hi Andrew,
I think I can help you with the additional IP addresses. I struggled with
trying to figure that out, but with some help from the group...I got mine
working. I had 5 static IP addresses assigned to me too, so in the
/etc/network/interfaces file (Option 1, and then 1 again from the main lrcfg
menu), I made the following entries (after commenting out the iface eth0
inet dhcp entry) :

auto eth0
iface eth0 inet static
address 46.60.172.201
netmask 255.255.255.0
broadcast 46.60.172.255
gateway 46.60.172.254
# Additional static IP addresses
up ip addr add 46.60.172.202/24 brd 46.60.172.255 dev eth0 label
eth0:0
up ip addr add 46.60.172.203/24 brd 46.60.172.255 dev eth0 label
eth0:1
up ip addr add 46.60.172.204/24 brd 46.60.172.255 dev eth0 label
eth0:2

Just substitute your IP addresses for my entries and that should work. Then,
back up the etc package from the main menu and reboot. When Bering is back
up and running, issue the ip addr command from the command line, and you
should see your original IP address and the additional ones you've assigned
as well. Hopefully, this makes sense. If not just let me know.

Good luck,
Craig


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Thursday, July 01, 2004 2:51 PM
To: [EMAIL PROTECTED]
Subject: [leaf-user] Please be kind to the Newbie!!



Hi everyone,

I was trying to setup a very simple firewall and then build up from there. I
am using Bering uClibc 2.1.2

my setup is a cable modem with a static IP (I actually have 5 ip's but i'm
trying to keep it simple to start) going to the 
firewall in the first nic port, then from the firewall's second nic port to
a switch (because i don't own a crossover cable), 
then to a laptop.
I have been messing around with Network configurations: interfaces file.
From step 1 I have tried to setup option 1.2 but i 
don't understand the settings completely since they look a little different
from my standard Linksys router.  
What do I fill in for address, broadcast, and gateway?  My Isp gave me a
subnet mask of 255.255.255.248 with my static ips.  I used to input dns1 and
dns2 in my Linksys Router, do i still have to do this?

Then for step 2 I left it alone (default settings looked ok to me) for eth
1.

I thought i would first try to get on the internet with the laptop but it
doesn't get to the internet.  Is there a 
simple setting I need to change to fix this?


I don't even know if the nics are talking to the LEAF?  How do I know which
is Eth1 and Eth0? Is there a way to determine if leaf has installed the nic
cards properly or at all?  I didn't load any special drivers because it
looked like maybe they will work if the nics are common enough.

I haven't messed with anything else in the system. do i need to change some
settings in shorewall in order 
for the laptop to access the internet?

Then of course there are the laptop settings, I am running Windows XP Pro.
I have given it the following fixed ip settings: ip address: 192.168.1.5 seb
net mask: 255.255.255.0 default gateway: 192.168.1.1 DNS1 and DNS2: the
supplied info from my ISP

btw, how do I change the login and password when LEAF boots up?

Please be kind to the noob, I really want to learn this and I really
appreciate all the detail and 
over-simplification you can stand to type.  I know a very little about
Routing, less about firewalls, and absolutely nothing about Linux.  I have
been sucking on the Microsoft tit forever.

Thank you in advance,
Andrew



The best thing to hit the Internet in years - Juno SpeedBand! Surf the Web
up to FIVE TIMES FASTER! Only $14.95/ month - visit www.juno.com to sign up
today!


---
This SF.Net email sponsored by Black Hat Briefings  Training. Attend Black
Hat Briefings  Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.Net email sponsored by Black Hat Briefings  Training.
Attend Black Hat Briefings  Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering uClib does not find NICs

2004-04-07 Thread Craig Caughlin

Hey Arnold,
I wonder if you need to us the pci-scan.o module, and make the pci-scan
entry right above your NIC declaration(s) in the /etc/modules file??? Mine
looks like:

# Those realtek based NICs need mii module
#mii
#8139cp
#8139too
#eepro100
#epic100
#pcnet32
#viarhine
#winbond-840

# PCI ethernet cards
#3c59x
pci-scan
natsemi
#tulip
...etc., etc...

Just a thought.

Craig




-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Arnold Wiegert
Sent: Wednesday, April 07, 2004 10:59 AM
To: [EMAIL PROTECTED]
Subject: [leaf-user] Bering uClib does not find NICs


After using my firewall for some time on Dachstein, I wanted to upgrade 
to Bering because it has some features I can't find for Dachstein - such 
as a time server.

So, seeing Bering uClib seems to be getting all the attention these 
days, I tried it, but had no luck in getting it to recognize my NICs. One is
a PCI Surecom EP325 - ne2000 compatible - so I selected 8390.o 
and ne2k-pci.o. The other is an old IBM (Lan/Tastic based) NIC - so I 
used ne.o  io=0x300 (as per setup).

When I use Bering 1.2 with the same modules selected and it does find them.

What gives? What am I missing.

Another thing: my old Dachstein FW uses older Cabletron E2100 and 
SMC-Ultra NICs, again, using Bering 1.2 seems to find them given the 
proper modules, while Bering uClib does not - using the same modules.

Arnold





---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo
technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Shorewall affiliation with commercial product?

2004-04-04 Thread Craig Caughlin

Hi folks,
A while back I remember someone's post (probably Toms) saying that Shorewall
had been integrated within a commercial firewall product...but I'll be
darned if I can remember any more specifics that this. Does this sound
familiar???

Thanks,
Craig



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Shorewall affiliation with commercial product?

2004-04-04 Thread Craig Caughlin

Hey, thanks Tom!

Have a great day!

Craig

-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED] 
Sent: Sunday, April 04, 2004 10:58 AM
To: Craig Caughlin
Cc: LEAF
Subject: Re: [leaf-user] Shorewall affiliation with commercial product?

Craig Caughlin wrote:
 Hi folks,
 A while back I remember someone's post (probably Toms) saying that 
 Shorewall had been integrated within a commercial firewall 
 product...but I'll be darned if I can remember any more specifics that 
 this. Does this sound familiar???

Shorewall is the basis for Mandrake's MNF.

-Tom
-- 
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA  \ [EMAIL PROTECTED]

---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Linux magazine LEAF versus CISCO article?

2004-03-27 Thread Craig Caughlin

Hi folks,
Management wants to buy a CISCO PIX firewall because they have no confidence
in a free firewall product. I've told them to reconsider and thought it
would help if I could find that article in Linux magazine that compared the
two...but I can't find which month/year it was. Does anyone know which month
and year that was??? Thank you.

Craig



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Linux magazine LEAF versus CISCO article?

2004-03-27 Thread Craig Caughlin

Thank you, Geroge!
Have a great weekend.

Craig



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Suggestions for a difficult password?

2004-03-26 Thread Craig Caughlin

Hi folks,
I'd like to set a very difficult password for my Bering-uClibc 2.1-rc1 box
(for obvious reasons), and I'm open to suggestions. :-)

I think (unless I've overlooked something) that I'm limited to an 8
character password, but are there any unusual and/or obscure keyboard
combinations I could use to create a very difficult password???

Thank you,
Craig



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Difficulty assigning multiple IP addresses

2004-03-25 Thread Craig Caughlin

Thank you Erich  Ronny!

Ronny, Yes since you ask a question like that i guess you typed ip addr
add.etc.etc in shell instead of adding to interfaces file ???...that's
exactly what I did. I was concerned about what to back up, but Charles told
me to back up etc.lrp to save my changes.

Thank you both!

Best regards,
Craig



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Difficulty assigning multiple IP addresses

2004-03-24 Thread Craig Caughlin

Hi everyone!

O.K. Per Charles  Tom's suggestions (thank you, gentlemen), I decided to
try and assign my additional IP addresses in the /etc/network/interfaces. I
tried to assign them in, at first, 2 different ways...neither one of which
worked. I tried:

auto eth0
iface eth0 inet static
address 66.60.172.201
netmask 255.255.255.0
broadcast 66.60.172.255
gateway 66.60.172.205
 
auto eth0:0
iface eth0 inet static
address 66.60.172.202
netmask 255.255.255.0
broadcast 66.60.172.255
 
auto eth0:1
iface eth0 inet static
address 66.60.172.203
netmask 255.255.255.0
broadcast 66.60.172.255

 Etc, etc...

And then a subtle variation:

auto eth0
iface eth0 inet static
address 66.60.172.201
netmask 255.255.255.0
broadcast 66.60.172.255
gateway 66.60.172.205
 
auto eth0
iface eth0:0 inet static
address 66.60.172.202
netmask 255.255.255.0
broadcast 66.60.172.255
 
auto eth0
iface eth0:1 inet static
address 66.60.172.203
netmask 255.255.255.0
broadcast 66.60.172.255

 Etc, etc...

But neither way worked. The good new is that Tom's suggestion of ip addr add
66.60.172.202/24 brd 66.60.172.255 \dev eth0 label eth0:0, etc works great.
I can immediately ping all addresses, and ip addr lists them all. Yippee!
But, I don't know what to back up (which .lrp package) to save my changes???
Also, what file(s) were modified by using this method(out of curiosity)?

Finally, I have a box on the local LAN that will host a web server, and has
MS Terminal Services running on that I want to be able to connect to, so my
guess is that I need to follow Tom's FAQ 1c and make entries like:

In /etc/shorewall/rules:

#ACTION   SOURCEDESTPROTO DEST PORT(S)
DNAT  net   loc:192.168.1.201   tcp   80
DNAT  net   loc:192.168.1.201   tcp   1494
DNAT  net   loc:192.168.1.201   tcp   3389

Does this look right? Thank you all for your help!

Craig



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Difficulty assigning multiple IP addresses

2004-03-23 Thread Craig Caughlin

Hi folks,
I'm trying (with no success) to assign multiple IP addresses to eth0 on my
Bering-uClibc 2.1-rc1 box. 

At Tom's suggestion, I have read (studied really) his instructions at:
http://www.shorewall.net/shorewall_setup_guide.htm.

I have been assigned by our network admin the following addresses:
66.60.172.201-204, Gateway 205. In /etc/shorewall/masq I have made the
following entry:

#INTERFACE  SUBNET  ADDRESS
eth0:0  eth166.60.172.201-66.60.172.204

When I save the file, restart shorewall, and issue the ip addr command I'm
expecting to see the additional addresses but here's what I get:

1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:a0:cc:d3:c2:14 brd ff:ff:ff:ff:ff:ff
inet 66.60.172.201/24 brd 66.60.172.255 scope global eth0
inet 66.60.172.204/24 brd 66.60.172.255 scope global secondary eth0:0
4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:a0:cc:52:07:52 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1
5: eth2: BROADCAST,MULTICAST mtu 1500 qdisc noop qlen 1000
link/ether 00:a0:cc:d3:cf:40 brd ff:ff:ff:ff:ff:ff

When I try to ping the addresses, I can ping only 66.60.172.201 but nothing
else. In the /etc/network/interfaces file, I have eth0 statically set to
66.60.172.201, and I use the dhcpd for assigning local addresses. I'm
stumped...any suggestions???

P.S. One thing I did gave me, what *I* think, was a really unusual result: I
had initially set eth0's static address as 66.60.172.204, and when I tried
to ping 66.60.172.201...here's what I got:

G:\WINNT\system32ping 66.60.172.201
Pinging 66.60.172.201 with 32 bytes of data:
Reply from 66.60.172.204: Destination host unreachable.
Reply from 66.60.172.204: Destination host unreachable.
Reply from 66.60.172.204: Destination host unreachable.
Reply from 66.60.172.204: Destination host unreachable.
Ping statistics for 66.60.172.201:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum =  0ms, Average =  0ms

Is that really odd...or is it me??? :-) I see there's no packet loss...but I
also can't reach the box. H.


Thank you as always,
Craig



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Network time synchronization

2004-03-17 Thread Craig Caughlin

Hi folks,

This is what I did...and it seems to work O.K. I'm on the West Coast
(Sacramento, CA):

Place this entry in the TZ file: PST+8PDT,M4.1.0/2,M10.5.0/2

Then, end the line with a newline character (hit enter, or it might not work
correctly) if you're using Bering-uClibc.

Place the following entries in Shorewall, and then back up!

ACCEPT fw net udp ntp (if you want to query an external NTP server)
ACCEPT loc fw udp ntp (if you want to query your Bering box time server)

Cheers,
Craig



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Burning a CD from the new bootable ISO image?

2004-03-01 Thread Craig Caughlin

Hi folks,
I'm sorry for asking, and I'm sure it's really bonehead.how do I actually
burn a CD from the new bootable Bering-uClibc_2.1_iso_bering-uclibc-iso.bin
file? (I typically use Roxio within Windows if that helps). Thank you!

Craig



---
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps  Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356alloc_id=3438op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] How to use multiple IP addresses?

2004-01-04 Thread Craig Caughlin

Hi everyone!
Happy New Year!

My ISP has assigned the following IP addresses to me:
66.60.172.201,202,203, and 204- and my Gateway is: 66.60.172.254. I've
looked carefully at the existing documentation, but I don't see how to
use multiple IP addresses with Bering. I'm sure I'll have to modify
Shorewall as well, but I don't know how utilize multiple, static IP
addresses. I'll use Bering's default, dhcpd on my LAN side. I'm
certainly not afraid of reading if someone can point me to any
reference(s). Can somebody give me some hints??? :-)

Thank you,
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] How to use multiple IP addresses?

2004-01-04 Thread Craig Caughlin

Thank you, Tom.
Happy New Year!

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom Eastep
Sent: Sunday, January 04, 2004 6:59 PM
To: Craig Caughlin
Cc: LEAF (LEAF)
Subject: Re: [leaf-user] How to use multiple IP addresses?


On Sun, 4 Jan 2004, Craig Caughlin wrote:

 Hi everyone!
 Happy New Year!

 My ISP has assigned the following IP addresses to me: 
 66.60.172.201,202,203, and 204- and my Gateway is: 66.60.172.254. I've

 looked carefully at the existing documentation, but I don't see how to

 use multiple IP addresses with Bering. I'm sure I'll have to modify 
 Shorewall as well, but I don't know how utilize multiple, static IP 
 addresses. I'll use Bering's default, dhcpd on my LAN side. I'm 
 certainly not afraid of reading if someone can point me to any 
 reference(s). Can somebody give me some hints??? :-)


http://www.shorewall.net/shorewall_setup_guide.htm

-Tom
--
Tom Eastep\ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA  \ [EMAIL PROTECTED]


---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for
IBM's Free Linux Tutorials.  Learn everything from the bash shell to sys
admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Hanging bootable CD at RAMDISK

2003-12-31 Thread Craig Caughlin

Hi folks,
Happy New Year! I'm making a new Bering-uClibc CD, but I've done it the
old way-as outlined in the Bering users' guide written by Jacques 
Eric (only because that's the way I've always done it). My CD boot fine,
but hangs at: RAMDISK: Compressed image found at block 0.

Any suggestions on what I might check?

Thank you,
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Setting time/date clarification

2003-12-30 Thread Craig Caughlin

Hi folks,
Hey, thanks Erich.

I forgot to ask you: I *think* I know what the ntpdate package is for
(updating the firewall itself), what's the ntpsimpl package for?

Thank you,
Craig



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Erich Titl
Sent: Tuesday, December 30, 2003 12:39 AM
To: [EMAIL PROTECTED]
Subject: RE: [leaf-user] Setting time/date clarification


I know it is bad karma to reply to ones own messages, but then I must
have eaten really rotten things before I wrote this

At 00:37 30.12.2003 +0100, Erich Titl wrote:
...
Normally /etc/TZ is read at system boot. You can set TZ manually for 
your terminal session or add it to your .profile file. I would just set

it, save etc.lrp and reboot.

Please discard the above statement, someone must have swamped the local
supermarket with bad weed.

/etc/TZ is normally used at session start to initialise the TZ variable.

Sorry for the noise
Erich

THINK 
Püntenstrasse 39 
8143 Stallikon 
mailto:[EMAIL PROTECTED] 
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16




---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for
IBM's Free Linux Tutorials.  Learn everything from the bash shell to sys
admin. Click now! http://ads.osdn.com/?ad_id78alloc_id371op=ick

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78alloc_id371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Setting time/date clarification

2003-12-29 Thread Craig Caughlin

Hi folks,
I'm trying to set up Bering-uClibc 2.0.1 to have the most accurate
time/date functionality, and it seems from the docs that to do so is
using the ntpdate.lrp package (which requires the libm.lrp package). 

1.) Would using these packages be the most accurate timekeeping method
for Bering?

I have included both packages, placed an NTP server entry in the
ntp-servers file, and placed the following entries in my Shorewall
zones file per Bering documentation:

ACCEPT fw net udp ntp (if you want to query an external NTP server)
ACCEPT loc fw udp ntp (if you want to query your Bering box time server)

When I issue the date command, Bering shows:Mon Dec 29 16:28:21 UTC
2003

2.) After reading the Bering documentation, I'm confused on how to
adjust this for my time zone (I'm in Sacramento, California)

3.) Once adjusted, will Bering automatically adjust for Daylight Savings
Time?

Thank you,
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Setting time/date clarification

2003-12-29 Thread Craig Caughlin

Hi folks,

(Please forgive me if this gets posted twice-the previous message seemed
to bounce back to me for some reason)

I'm trying to set up Bering-uClibc 2.0.1 to have the most accurate
time/date functionality, and it seems from the docs that to do so is
using the ntpdate.lrp package (which requires the libm.lrp package). 

1.) Would using these packages be the most accurate timekeeping method
for Bering?

I have included both packages, placed an NTP server entry in the
ntp-servers file, and placed the following entries in my Shorewall
zones file per Bering documentation:

ACCEPT fw net udp ntp (if you want to query an external NTP server)
ACCEPT loc fw udp ntp (if you want to query your Bering box time server)

When I issue the date command, Bering shows:Mon Dec 29 16:28:21 UTC
2003

2.) After reading the Bering documentation, I'm confused on how to
adjust this for my time zone (I'm in Sacramento, California)

3.) Once adjusted, will Bering automatically adjust for Daylight Savings
Time?

Thank you,
Craig   



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Setting time/date clarification

2003-12-29 Thread Craig Caughlin

Thank you, Erich

I had looked at the link that you pointed me to (thank you, though.),
and that's what I found confusing. I assume :-) that you need to
complete both Steps 5.1  5.2. Right???

On that assumption, I don't know if it's correct, but I made an entry in
the /etc/TZ that is: PST8PDT

1.) In Section 5.2, I see reference to the TZ variable. Does the
variable already exist, or does it need to be created? Where do I create
it?

Thank you,
Craig



-Original Message-
From: Erich Titl [mailto:[EMAIL PROTECTED] 
Sent: Monday, December 29, 2003 9:03 AM
To: Craig Caughlin
Subject: Re: [leaf-user] Setting time/date clarification


Craig

At 08:35 29.12.2003 -0800, you wrote:
Hi folks,
I'm trying to set up Bering-uClibc 2.0.1 to have the most accurate 
time/date functionality, and it seems from the docs that to do so is 
using the ntpdate.lrp package (which requires the libm.lrp package).

I suggest ntpdate to set the time and ntpsimpl to keep the time


1.) Would using these packages be the most accurate timekeeping method 
for Bering?

Well a few well maintained cesium atomic clocks might do better ;-)

see http://tycho.usno.navy.mil/clocks.html


I have included both packages, placed an NTP server entry in the 
ntp-servers file, and placed the following entries in my Shorewall 
zones file per Bering documentation:

ACCEPT fw net udp ntp (if you want to query an external NTP server) 
ACCEPT loc fw udp ntp (if you want to query your Bering box time 
server)

When I issue the date command, Bering shows:Mon Dec 29 16:28:21 UTC
2003

2.) After reading the Bering documentation, I'm confused on how to 
adjust this for my time zone (I'm in Sacramento, California)

Setting local time offset is done differently in Bering and
Bering-uClibc

see

http://leaf.sourceforge.net/doc/guide/buci-tz.html


3.) Once adjusted, will Bering automatically adjust for Daylight 
Savings Time?

see above

HTH
Erich

THINK 
Püntenstrasse 39 
8143 Stallikon 
mailto:[EMAIL PROTECTED] 
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16




---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78alloc_id371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] How to debug boot up?

2003-12-24 Thread Craig Caughlin

Thank you, Lynn.

Configure dhcpcd to use an interface like eth0. How do I do that?
(I'm sorry for what is probably a really simple question)

Thank you, Ray. 

Let me see if I can answer some of your questions. 1.)Are these
messages really complete? That is, does Bering's syslog really not
timestamp messages? Are they sequential, or is there stuff in between?
And are there no prior messages from dhcpcd or dhcpcd.exe? Answer: I
have ommitted the timestamps, but yes, these are the last two messages
of /var/log/syslog. 2.)Is the dhcp option specified for eth0 in
/etc/network/interfaces (this is the as-shipped setting)? Answer: Yes
3.)Is the eth0 interface present on the system? (ip link show)
Answer: Yes 4.)Last but not least ... how do you know that DHCP leases
are available on the external interface? Could there be a probem
external to the LEAF system (bad cable, bad DSL/cable modem,
MAC-address-authentication issue with the ISP, etc.)? Answer: I have
connected directly to my cable modem, and to a hub attached to my
existing Bering box (which works perfectly, but uses pump and
dhcpd)...neither way was I able to get an address.

I'm looking on the web for instructions on how to configure dhcpcd to
use an interface as Lynn suggested, but haven't been able to find
anything.

Best Regards,
Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Lynn Avants
Sent: Wednesday, December 24, 2003 11:05 AM
To: [EMAIL PROTECTED]
Subject: Re: [leaf-user] How to debug boot up?


On Wednesday 24 December 2003 10:15 am, Craig Caughlin wrote:

 Merry Christmas!

Likewise. :)

 dhcpcd is loading on boot, but dhcpcd is not running according to ps 
 ax and /var/log/syslog indicates a couple of error messages:

 dhcpcd[15761] : timed out waiting for a valid DHCP server
 dhcpcd.exe: wrong interface name 

 Suggestions?

Configure dhcpcd to use an interface like eth0.
Right now it isn't using any interface ( ie... ).
-- 
~Lynn Avants
Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net
http://guitarlynn.homelinux.org:81


---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for
IBM's Free Linux Tutorials.  Learn everything from the bash shell to sys
admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] How to debug boot up?

2003-12-23 Thread Craig Caughlin

Hi everyone!
Thank you Lynn  Luis (Happy Holidays! :-)) for your suggestions.

You were right, Lynn. I had packages that weren't loading. Oddly enough,
due to simply bad floppy disks.

Now, I have the basic disk almost working. It will provide addresses for
my LAN, but it won't grab an address to the WAN. All three of my NICs
are the same type, same driver used. Strange. Hmmm, I've scratched my
head, and can't think why.

lrpkg.cfg looks like:
root,config,etc,local,modules,iptables,dhcpd,dhcpcd,shorwall,ulogd,dnsca
che,dropbear,weblet 

Here's the output of ps -ax | grep eth
 6218 root408 S   /usr/sbin/dhcpd -q eth1

And here's ip addr
1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue 
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop 
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
3: eth0: BROADCAST,MULTICAST mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:a0:cc:d3:c2:14 brd ff:ff:ff:ff:ff:ff
4: eth1: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100
link/ether 00:a0:cc:52:07:52 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1
5: eth2: BROADCAST,MULTICAST mtu 1500 qdisc noop qlen 100
link/ether 00:a0:cc:d3:cf:40 brd ff:ff:ff:ff:ff:ff

Any ideas why eth0 isn't getting an address? To refresh your memory, I'm
creating a Bering-uClibc 2.0 with it's default packages. Thank you for
your help  suggestions.

Best Regards,
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] NIC driver for Netgear FA310TX / Bering-uClibc 2.0?

2003-12-22 Thread Craig Caughlin

Hi folks,
I can't get my NICs to initialize. I'm using Bering-uClibc (from
Bering-uClibc_2.0_img_bering-uclibc-1680.exe) and 3 Netgear FA310TX
(Rev-D2)cards. I've tried using both the natsemi.o  tulip.o drivers by
themselves and with the pci-scan.o driver, none of which work. I would
be happy to provide any futher info. Any suggestions?

Thank you, Happy Holidays!
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] How to debug boot up?

2003-12-22 Thread Craig Caughlin

Hi folks,
I'm trying to set up a new Bering-uClibc v 2.0 firewall, and I'm getting
an error message(s) that I think are related to dnscache (which, of
course, scroll by so quickly I can't be sure :-). How do find out which
package(s) I'm having problems with? I wrote the dmesg to a file, and
then examined it...but I don't see any reference to the packages that
loaded at boot or the (nf!) message(s) that scroll by. Suggestions?

Thank you, Happy Holidays!
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Why run Squid in the DMZ?

2003-12-16 Thread Craig Caughlin

Hi folks,
I see in Tom's documentation for Shorewall that he runs Squid
transparently on a box in his DMZ rather than on his LAN, and I'm just
curious why?

Thank you, Happy Holidays!
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Necessary to comment out /var/lib/shorewall ?

2003-12-12 Thread Craig Caughlin

Hi Joey,
Thanks for the response.

There's no specific reason. It may be that I made a note to myself to
comment this out, perhaps because I may have needed to do this with a
previous version of Shorewall...but maybe I don't need to bother with it
using the current (1.4.8.) version of Shorewall. I'm not familiar with
what this entry specifically does, so I thought I'd ask someone much
more astute than myself. :-) Comments?

Thank you,
Craig

-Original Message-
From: Joey Officer [mailto:[EMAIL PROTECTED] 
Sent: Thursday, December 11, 2003 6:15 PM
To: Craig Caughlin; LEAF (LEAF)
Subject: RE: [leaf-user] Necessary to comment out /var/lib/shorewall ?


Is there a specific reason you can remember for attempting to comment
out the shorewall entry?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Craig
Caughlin
Sent: Thursday, December 11, 2003 9:34 AM
To: LEAF (LEAF)
Subject: [leaf-user] Necessary to comment out /var/lib/shorewall ?


Hi folks,
I'm setting up a new Bering 1.2 firewall, and in my notes to myself I
have a note to either remove (or in this case I simply commented out)
the /var/lib/shorewall entry that is within the root.exclude.list file.

Do I need to do this or just don't bother?

Thank you,
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for
IBM's Free Linux Tutorials.  Learn everything from the bash shell to sys
admin. Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Necessary to comment out /var/lib/shorewall ?

2003-12-11 Thread Craig Caughlin

Hi folks,
I'm setting up a new Bering 1.2 firewall, and in my notes to myself I
have a note to either remove (or in this case I simply commented out)
the /var/lib/shorewall entry that is within the root.exclude.list file. 

Do I need to do this or just don't bother?

Thank you,
Craig



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering as VPN endpoint or pass-through?

2003-11-30 Thread Craig Caughlin

Hi folks,
I would like to be able to connect my home computer to my office, via VPN of
course. My home LAN is behind a Bering firewall. My office runs a Microsoft
ISA server product. I'm looking for feedback: Should I configure Bering to
be my VPN endpoint for my home LAN or should I configure it to simply
pass-through and have my home computer be the endpoint (if you will) of my
VPN? Is there any advantages or disadvantages one way or the other that
anyone can think of? I seem to remember Jeff Newmiller mentioning some time
back he's nervous allowing ANY traffic through a firewall, so that's why I
ask. Thank you for your input.

Best Regards,
Craig



---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?  SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering Citrix WinFrame?

2003-10-16 Thread Craig Caughlin

Hi folks, 
My wife has a computer that needs to access a server at her workplace
running Citrix WinFrame. Does anyone know: will I have to open a port on
Bering in order for the signal to pass through? I know Citrix runs on port
1494, but I'm not sure if I'll need to modify my Bering 1.2 firewall for
success. Comments???

Thank you,
Craig



---
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering Citrix WinFrame?

2003-10-16 Thread Craig Caughlin

Thank you Bob!
I'm not sure I understand what you mean, though. I have the default Bering
firewall...how would I know if it allows outbound connections?

Thank you,
Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Robert Coffman -
Info From Data Corporation
Sent: Thursday, October 16, 2003 7:16 AM
To: Craig Caughlin; LEAF (LEAF)
Subject: RE: [leaf-user] Bering  Citrix WinFrame?


If your Bering Firewall allows outbound connections it will work.  At her
workplace, they will have to make the server available for connections on
that port.

- Bob Coffman

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Craig Caughlin
Sent: Thursday, October 16, 2003 9:39 AM
To: LEAF (LEAF)
Subject: [leaf-user] Bering  Citrix WinFrame?


Hi folks,
My wife has a computer that needs to access a server at her workplace
running Citrix WinFrame. Does anyone know: will I have to open a port on
Bering in order for the signal to pass through? I know Citrix runs on port
1494, but I'm not sure if I'll need to modify my Bering 1.2 firewall for
success. Comments???

Thank you,
Craig



---
This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net
hosts over 70,000 Open Source Projects. See the people who have HELPED US
provide better services: Click here: http://sourceforge.net/supporters.php

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This SF.net email is sponsored by: SF.net Giveback Program. SourceForge.net
hosts over 70,000 Open Source Projects. See the people who have HELPED US
provide better services: Click here: http://sourceforge.net/supporters.php

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] OT - How many users will a T1 line service?

2003-08-31 Thread Craig Caughlin

Hi folks (and David, too),
Mostly just web access.

Thank you,
Craig

-Original Message-
From: David I.S. Mandala [mailto:[EMAIL PROTECTED] 
Sent: Saturday, August 30, 2003 3:54 PM
To: Craig Caughlin
Subject: Re: [leaf-user] OT - How many users will a T1 line service?

That highly depends upon he expected usage. Are they just going to
browse the web and pop email or are they going to do heavy downloading
and/or audio streaming?

Davidm

On Sat, 2003-08-30 at 17:08, Craig Caughlin wrote:
 Hi folks,
 I'm working on a little project with a school district, and I'm 
 wondering if anyone has an idea (or firsthand experience) how many 
 users that you might reasonably expect either a full T1 line or 
 fractional T1 line to provide internet service for??? I need to do 
 some financial planning and I'm trying to factor in how much our 
 internet access is going to cost :-)

 Thank you,
 Craig

 ---
 This sf.net email is sponsored by:ThinkGeek
 Welcome to geek heaven.
 http://thinkgeek.com/sf
 --
 --
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] OT - How many users will a T1 line service?

2003-08-30 Thread Craig Caughlin

Hi folks,
I'm working on a little project with a school district, and I'm
wondering if anyone has an idea (or firsthand experience) how many users
that you might reasonably expect either a full T1 line or fractional
T1 line to provide internet service for??? I need to do some financial
planning and I'm trying to factor in how much our internet access is
going to cost :-)

Thank you,
Craig




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] VPN security issue? Slightly O/T...

2003-07-29 Thread Craig Caughlin

Hi Eric,
Thanks for the response. I think I'm like Alex, I don't quite understand
what you mean when you say Then the entire Internet gets access to the
other side of your VPN without having to compromise your system. Could
you explain that a little bit? Thank you.

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eric B Kiser
Sent: Monday, July 28, 2003 8:23 PM
To: 'LEAF (LEAF)'
Subject: RE: [leaf-user] VPN security issue? Slightly O/T...


It gets even worse if routing is turned ON. Then the entire Internet
gets access to the other side of your VPN without having to compromise
your system.

Regards,
Eric

-
Eric B Kiser, CISSP
VP of Information Technology
NetOps Training Solutions
-

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:leaf-user- 
 [EMAIL PROTECTED] On Behalf Of Scott
 Sent: Monday, July 28, 2003 6:47 PM
 To: Craig Caughlin; LEAF (LEAF)
 Subject: Re: [leaf-user] VPN security issue? Slightly O/T...
 
 The only thing I can think of is if the given box's connection has
been
 compermised, then the attacker would also have access to the systems
on
 the
 other side ot the VPN.
 
 
 
 - Original Message -
 From: Craig Caughlin [EMAIL PROTECTED]
 To: LEAF (LEAF) [EMAIL PROTECTED]
 Sent: Monday, July 28, 2003 3:35 PM
 Subject: [leaf-user] VPN security issue? Slightly O/T...
 
 
  Hi folks,
  I seem to remember a while back reading somewhere (likely either
here at
  the newsgroup or perhaps a Microsoft security bulletin?) that it's a

  SIGNIFICANT security problem if you have an active VPN connection on
a
  given box and can browse the internet at the same time. It was my 
  understanding that either one is fine...but not both at the same
time.
  Does this sound familiar to anyone? I also don't remember why it
posed
  such a gaping security problem, per se. Comments???
 
  Thank you,
  Craig
 
 
 
 
  ---
  This SF.Net email sponsored by: Free pre-built ASP.NET sites
including
  Data Reports, E-commerce, Portals, and Forums are available now. 
  Download today and enter to win an XBOX or Visual Studio .NET.
 
 http://aspnet.click- 
 url.com/go/psa0013ave/direct;at.aspnet_072303_01/01
 

  leaf-user mailing list: [EMAIL PROTECTED] 
  https://lists.sourceforge.net/lists/listinfo/leaf-user
  SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
 
 
 
 ---
 This SF.Net email sponsored by: Free pre-built ASP.NET sites including

 Data Reports, E-commerce, Portals, and Forums are available now. 
 Download today and enter to win an XBOX or Visual Studio .NET.
 http://aspnet.click- 
 url.com/go/psa0013ave/direct;at.aspnet_072303_01/01


 leaf-user mailing list: [EMAIL PROTECTED] 
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01
/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] VPN security issue? Slightly O/T...

2003-07-29 Thread Craig Caughlin

Hi folks,
Hey Lynn, I like your response, you can't run a VPN w/o internet access
can you? :)

I guess what I really meant was that it's my understanding that the
security risk lies in being able to connect to your remote network via
VPN (of course), and still being able to browse the internet as you
normally would. It's been my understanding that you should be able to do
one...but not both at the same time. Is that right?

Cheers,
Craig




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] VPN security issue? Slightly O/T...

2003-07-28 Thread Craig Caughlin

Hi folks,
I seem to remember a while back reading somewhere (likely either here at
the newsgroup or perhaps a Microsoft security bulletin?) that it's a
SIGNIFICANT security problem if you have an active VPN connection on a
given box and can browse the internet at the same time. It was my
understanding that either one is fine...but not both at the same time.
Does this sound familiar to anyone? I also don't remember why it posed
such a gaping security problem, per se. Comments??? 

Thank you,
Craig




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] VPN advice - What's your opinion?

2003-07-18 Thread Craig Caughlin

Hi folks,
I'm trying to sort out in my mind my options for VPN access. I have my
simple home LAN (2 Windows boxes behind a Bering 1.2 box) that needs to
access other Windows based LANs via VPN using IPSec (not PPTP), one of
the LANs is behind a Cisco router and the other behind a Windows ISA
server. I see Tom's documentation clearly says:

If IPSEC is being used then only one system may connect to the remote
gateway and there are firewall
configuration requirements as follows:

ACTION  SOURCE  DESTINATION PROTOCOLPORT
CLIENTPORT  ORIGINALDEST
DNATnet:192.0.2.224 loc:192.168.1.12   50
DNATnet:192.0.2.224 loc:192.168.1.12udp
500

If you want to be able to give access to all of your local systems to
the remote network, you should
consider running a VPN client on your firewall. As starting points, see
http://www.shorewall.net/Documentation.htm#Tunnels or
http://www.shorewall.net/PPTP.htm.

Here's my question:

Both of the boxes on my LAN need VPN access to the remote LANS, but not
at the same time, necessarily. Is there any reason (advantages /
disadvantages) I would want to implement a VPN client on my Bering
firewall -vs- Toms simple configuration. If I set up the VPN client on
Bering, do you anticipate any obscure configuration issues since my
LAN connection point would be my Bering box and the other side would be
a Cisco router or Windows ISA server? Your comments and suggestions are
most welcomed! Thank you...have a great weekend.

Craig




---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Creating a bootable USB device?

2003-05-31 Thread Craig Caughlin

Hi folks,
Can someone tell me how to actually burn the Bering .iso image to a
USB device? I have one of the little USB plug and pray drives I would
like to boot Bering from. I normally use Roxio to burn my bootable CD's,
but Roxio (apparently) will only burn to a CD drive. P.S. I have a
RedHat box I can use if that makes things easier.

Thanks,
Craig




---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering_1.1_modules_2.4.20.tar.gz compatible with Bering uClibc 1.1.1?

2003-04-12 Thread Craig Caughlin

Hi folks,
Are the modules and packages within the Bering_1.1_modules_2.4.20.tar.gz
compatible with Bering uClibc 1.1.1?...or is there a separate tarball of
modules and packages for that version of Bering?

Thank you,
Craig




---
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger 
for complex code. Debugging C/C++ programs can leave you feeling lost and 
disoriented. TotalView can help you find your way. Available on major UNIX 
and Linux platforms. Try it free. www.etnus.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering bootable cd problem

2003-03-28 Thread Craig Caughlin

Hi Jeremy,
Does the CD boot...but fails to completely load and then you get the kernel
panic error? Did you include the rw parameter in your isolinux.cfg file? (I
missed that at first and had the same problem). My isolinux.cfg file looks
like:

display syslinux.dpy
timeout 0
default linux rw initrd=initrd.lrp init=/linuxrc root=/dev/ram0
boot=/dev/cdrom:iso9660 PKGPATH=/dev/cdrom:iso9660

Craig



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jeremiah
Fisher
Sent: Friday, March 28, 2003 9:28 AM
To: [EMAIL PROTECTED]
Subject: [leaf-user] Bering bootable cd problem


I'm attempting to move a Bering 1.1 installation from floppies to a
bootable CD-ROM. I've been through the instructions at
http://leaf.sourceforge.net/devel/jnilo/bucdrom.html several times.

Everything looks correct, but the machine won't boot. It halts on these
lines:

FAT: Bogus Logical Sector Size 0
Kernel Panic: VFS: Unable to mount root fs on 01:00

Bering works fine from floppies. I've tested this CD-ROM on another
machine with the same results.

Thanks in advance

Jeremy
--


Jeremiah Fisher
Systems Administrator / Software Engineer
[EMAIL PROTECTED]
(814) 861.4520
UtiliVision, Inc.



---
This SF.net email is sponsored by:
The Definitive IT and Networking Event. Be There!
NetWorld+Interop Las Vegas 2003 -- Register today!
http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This SF.net email is sponsored by:
The Definitive IT and Networking Event. Be There!
NetWorld+Interop Las Vegas 2003 -- Register today!
http://ads.sourceforge.net/cgi-bin/redirect.pl?keyn0001en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering NAT Traversal stuff

2003-03-20 Thread Craig Caughlin

Hi folks,
Alex - So there's no package that I need I need for
Super-FreeS/WAN?...it's already included (compiled?) within your
kernel...is that right? Is there any documentation you can refer me to that
would help me set up my Bering and take advantage of the NAT traversal? :-)

Thank you very much!
Craig

-Original Message-
From: Alex Rhomberg [mailto:[EMAIL PROTECTED]
Sent: Thursday, March 20, 2003 7:16 AM
To: Craig Caughlin; LEAF-user
Subject: AW: [leaf-user] Bering  NAT Traversal stuff


 Alex - One final question: Is there a .lrp package for the Super
 FreeS/WAN,
 or is it compiled within the kernel on your site? Is all I need to do what
 you mention, You should be able to use the kernel, modules and
 ipsec.lrp on
 my page without a recompile. Don't forget to replace all modules in
 /boot/lib/modules (initrd.lrp) and /lib/modules (modules.lrp).???

For Super-FreeS/WAN, you need the kernel, the ipsec.lrp package and the
modules, but not more.
I might eventually rename the package and call it sfsipsec.lrp or something
like that (I hate 8.3 filenames)

- Alex





---
This SF.net email is sponsored by: Tablet PC.  
Does your code think in ink? You could win a Tablet PC. 
Get a free Tablet PC hat just for playing. What are you waiting for? 
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering NAT Traversal stuff

2003-03-19 Thread Craig Caughlin

Hi folks,

1.) Do I understand it correctly that the latest Bering(s)(Bering-uClibc 
Bering) both support NAT traversal? I'm a little confused because of the
earlier post entitled Bering 1.1 and NAT-Traversal that referred to Alex
Rhomberg's LEAF Page at
http://leaf-project.org/mod.php?mod=userpagemenu=1402page_id=49 seemed to
suggest you might need to do something different if you wanted your Bering
box to support traversal.

2.) Is it difficult (or even possible) to connect to a box behind Bering
using IPSec? (I have a Windows 2000 Server on my LAN that I would like to
securely connect to.) I see that Jacques says NAT-Traversal patch allows
FreeS/WAN to be used behind any NAT device by encapsulating ESP in UDP., so
is it a *better* approach to securely connect to my Bering box (but then how
do you browse your LAN?), or should I try to connect to the box directly,
since FreeS/WAN will now NAT traverse?

Thank you for your input!

Craig




---
This SF.net email is sponsored by: Does your code think in ink? 
You could win a Tablet PC. Get a free Tablet PC hat just for playing. 
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering NAT Traversal stuff

2003-03-19 Thread Craig Caughlin

Hi folks,
Thank you Alex for your input! Do I need to do a kernel recompile and stuff
like that (it seems like I do), or do I simply download your kernel, the new
IPSec.lrp package, necessary modules...and then substitute those in place on
my current working Bering CD? Thank you!

Craig


-Original Message-
From: Alex Rhomberg [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 19, 2003 7:19 AM
To: Craig Caughlin; LEAF
Subject: AW: [leaf-user] Bering  NAT Traversal stuff



 1.) Do I understand it correctly that the latest Bering(s)(Bering-uClibc 
 Bering) both support NAT traversal? I'm a little confused because of the
 earlier post entitled Bering 1.1 and NAT-Traversal that referred to Alex
 Rhomberg's LEAF Page at
 http://leaf-project.org/mod.php?mod=userpagemenu=1402page_id=49
 seemed to
 suggest you might need to do something different if you wanted your Bering
 box to support traversal.

Bering 1.1 should support NAT traversal, but there still seem to be some
problems. I use my own kernel available on the page you referenced, and I
have tested it successfully with NAT traversal, plus it includes some more
stuff (ipsec algorithm patches and some netfilter things)

 2.) Is it difficult (or even possible) to connect to a box behind Bering
 using IPSec? (I have a Windows 2000 Server on my LAN that I would like to
 securely connect to.) I see that Jacques says NAT-Traversal patch allows
 FreeS/WAN to be used behind any NAT device by encapsulating ESP
 in UDP.,

That's the point of IPSec, secure connections to boxes behind firewalls.
NAT Traversal is needed for this setup:
Server --- Bering  --- Internet  --- NAT-box  --- IPSec Client

If your IPSec Client uses a public IP address, you don't need nat traversal.
It doesn't matter if your Bering box does NAT for your server, as through
the tunnel, you will address the server by its private address without NAT

- Alex





---
This SF.net email is sponsored by: Does your code think in ink? 
You could win a Tablet PC. Get a free Tablet PC hat just for playing. 
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering NAT Traversal stuff

2003-03-19 Thread Craig Caughlin

Hi folks,
Alex - One final question: Is there a .lrp package for the Super FreeS/WAN,
or is it compiled within the kernel on your site? Is all I need to do what
you mention, You should be able to use the kernel, modules and ipsec.lrp on
my page without a recompile. Don't forget to replace all modules in
/boot/lib/modules (initrd.lrp) and /lib/modules (modules.lrp).???

Thank you.
Craig






---
This SF.net email is sponsored by: Does your code think in ink? 
You could win a Tablet PC. Get a free Tablet PC hat just for playing. 
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] rw parameter necessary for bootable CD?

2003-03-18 Thread Craig Caughlin

Hi folks,
I couldn't get my new Bering CD to boot. I remembered from an earlier post
that one Bering user noted he had to modify his isolinux.cfg file to look
like default linux rw initrd=initrd.lrp ... by including the rw value.
What puzzles me is that Jacques' documentation doesn't mention this being
necessary, and I personally have never had to include this parameter when
I've made my Bering CD's in the past, and they've seemed to work fine until
now. Comments???

Thank you.
Craig




---
This SF.net email is sponsored by: Does your code think in ink? 
You could win a Tablet PC. Get a free Tablet PC hat just for playing. 
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] My weblet doesn't work :-(

2003-03-18 Thread Craig Caughlin

Hi folks,
I've made a new Bering CD, made it just like I've always done in the
past...but when I open my browser and try to view the weblet
(http://192.168.1.254/)... I get a Cannot find server message. Suggestions?

Thank you.
Craig




---
This SF.net email is sponsored by: Does your code think in ink? 
You could win a Tablet PC. Get a free Tablet PC hat just for playing. 
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] LEAF as an ISP?

2003-03-18 Thread Craig Caughlin

Hey Lance,
Why not just VPN to the box behind Bering: If the box is running XP-Pro,
enable remote desktop and surf away. If the box is either Windows 2000
Server or Advanced Server, enable Terminal Services on the box, Terminal
Service into it, and then surf away?

Best Regards,
Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Lance Dunn
Sent: Tuesday, March 18, 2003 1:39 AM
To: [EMAIL PROTECTED]
Subject: [leaf-user] LEAF as an ISP?


As a user of Bering (and happily) I have a pretty simple setup:
Internet = Cable Modem = Eth0 NIC = LEAF = Eth1 NIC = Hub = 3
Windows computers
What I would like to do is complicate the issue. Is it possible to add an
auto-answer modem (not a WinModem) to the LEAF computer and have a remote
computer dial up the LEAF modem and then have the remote computer be routed
to the INTERNET? This would save me having to pay for another ISP that I can
access from remote locations. Any thoughts...



---
This SF.net email is sponsored by: Does your code think in ink?
You could win a Tablet PC. Get a free Tablet PC hat just for playing.
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This SF.net email is sponsored by: Does your code think in ink? 
You could win a Tablet PC. Get a free Tablet PC hat just for playing. 
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] rw parameter necessary for bootable CD?

2003-03-18 Thread Craig Caughlin

Alex,
O.K., I'm confused. Why does it work without the rw parameter if you're
using a floppy disk...but not a CD?

Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Alex Rhomberg
Sent: Tuesday, March 18, 2003 8:04 AM
To: Craig Caughlin; LEAF
Subject: AW: [leaf-user] rw parameter necessary for bootable CD?


 Betreff: [leaf-user] rw parameter necessary for bootable CD?

The rw parameter is not needed for the 2.4.18 kernel (Bering 1.0), but it is
needed for newer kernels (2.4.20 of Bering 1.1), starting with 2.4.19 or
2.4.20.

- Alex



---
This SF.net email is sponsored by: Does your code think in ink?
You could win a Tablet PC. Get a free Tablet PC hat just for playing.
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This SF.net email is sponsored by: Does your code think in ink? 
You could win a Tablet PC. Get a free Tablet PC hat just for playing. 
What are you waiting for?
http://ads.sourceforge.net/cgi-bin/redirect.pl?micr5043en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Help Loading drivers

2003-03-17 Thread Craig Caughlin

Hi folks,
I'm using what I think is Donald Becker's natsemi.o driver, which I
understand needs to have the pci-scan.o loaded first. How do I do
that???...do I just make an entry in the appropriate file above the
natsemi.o or is there something else I need to do???

Thank you.
Craig




---
This SF.net email is sponsored by:Crypto Challenge is now open! 
Get cracking and register here for some mind boggling fun and 
the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering v1.1 available

2003-02-17 Thread Craig Caughlin

I couldn't agree with you more, Mike! Bering is a tremendous product and the
support offered by you people (Jacques, Eric, Tom, Lynn, Jeff, etc., etc.)
who really know this product, Linux, networking, etc. is fabulous. Thank you
all so much for your efforts!!!

Best Regards,
Craig Caughlin

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Jacques Nilo
Sent: Sunday, February 16, 2003 1:50 PM
To: leaf-user; [EMAIL PROTECTED]
Subject: [leaf-user] Bering v1.1 available


Check:
http://leaf.sourceforge.net/article.php?sid=70
Jacques


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Read-only Soekris type appliances for LEAF?

2003-02-17 Thread Craig Caughlin

Hi folks,
Are there any new Soekris type appliances for LEAF? I mean, I've seen
previous posts to the group and it seems like these compact flash, etc. type
devices have a disadvantage that floppy disk and CD versions of LEAF don't
have...they can't be made read only. I like the svelte little enclosures,
etc. but if they can't be made read-only, that seems like a disadvantage. I
remember some people even attempting to modify some DOM or CF (I forget
which), but has anyone had any success? Comments?

Thanks,
Craig




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering print server set-up

2003-01-24 Thread Craig Caughlin

Hi Brad and folks,

My BIOS parallel port setting is 378/IRQ7, the Onboard Parallel Mode
setting is currently set to ECP (whatever that means - my BIOS choices are:
Manual, EPP, ECP, and ECP/EPP), and ECP Mode Use DMA setting is 3. This
should mean that I wouldn't need to load the parport_pc module with the
other parameters per your suggestion, doesn't it? This is a fairly new board
and processor (Intel 1.2 Ghz Celeron) that I assembled specifically to be my
Bering box, so its BIOS settings are pretty flexible. I'm sorry...can you
tell me how to issue the cat commands before and after the modules (I
don't know how to do that :-(  ) Thank you all for your help and
suggestions!

Craig


-Original Message-
From: Brad Fritz [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 23, 2003 4:23 PM
To: Craig Caughlin
Cc: LEAF
Subject: Re: [leaf-user] Bering print server set-up



Craig,

On Thu, 23 Jan 2003 10:53:39 PST Craig Caughlin wrote:

 Hey Brad,
 Thanks for all the suggestions!!! Here are my results below, and it seems
 like my problem is that my box cannot create /dev/lp0: error 16??? Is that
 right? Any suggestions? Thank you very much!

That's not a good sign.  A hunch tells me it might be an interrupt
conflict or I/O problem.  Does your BIOS let you enable and disable
the parallel port?  If so, is it enabled?  Does the BIOS have
interrupt and/or I/O settings for it?

You may need to load the parport_pc module with:

  insmod parport_pc io=0x378 irq=7

(Assuming your parallel port is using the IO port at 0x378 and
IRQ 7.  More info at, including a description of the
/proc/sys/dev/parport tree at :
http://dan.drydog.com/docs/redhat/kernel-doc-2.4.18/parport.txt )

Also, what is the output of cat /proc/interrupts and
cat /proc/ioports both before and after loading the modules.

--Brad

 Craig

[very complete reply to debugging suggestions snipped]





---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering print server set-up

2003-01-23 Thread Craig Caughlin


Hi folks,
I've carefully followed the instructions at
http://www.mysunrise.ch/users/cmu/dachlpd.htm to set up my Bering box as a
print server, but it doesn't work (I can't print). I was getting some insmod
error messages, and determined I was using the wrong parport.o,
parport_pc.o, and lp.o drivers (from an older Bering version). It seems like
I've seen posted here on the group a comment that the drivers you use MUST
match your kernel version. So, I downloaded both the
Bering_1.0-stable_modules_2.4.18.tar.gz
Bering_1.0-stable_modules_2.4.20.tar.gz module packages (drivers?) from
http://sourceforge.net/project/showfiles.php?group_id=13751 , and I've used
the parport.o, parport_pc.o, and lp.o drivers from the 2.4.18 package, but I
still can't print. How do I know if I'm using drivers from the right
package? H, I can't seem to figure out what I'm doing wrong. Does
Shorewall have anything to do with this? Thank you!

Craig




---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering print server set-up

2003-01-23 Thread Craig Caughlin

Hey Brad,
Thanks for all the suggestions!!! Here are my results below, and it seems
like my problem is that my box cannot create /dev/lp0: error 16??? Is that
right? Any suggestions? Thank you very much!

Craig

-Original Message-
From: Brad Fritz [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 23, 2003 8:56 AM
To: Craig Caughlin
Cc: LEAF
Subject: Re: [leaf-user] Bering print server set-up

Craig,

On Thu, 23 Jan 2003 07:10:18 PST Craig Caughlin wrote:

 Hi folks,
 I've carefully followed the instructions at
 http://www.mysunrise.ch/users/cmu/dachlpd.htm to set up my Bering box as a
 print server, but it doesn't work (I can't print). I was getting some
insmod
 error messages, and determined I was using the wrong parport.o,
 parport_pc.o, and lp.o drivers (from an older Bering version). It seems
like
 I've seen posted here on the group a comment that the drivers you use MUST
 match your kernel version.

True.

 So, I downloaded both the
 Bering_1.0-stable_modules_2.4.18.tar.gz
 Bering_1.0-stable_modules_2.4.20.tar.gz module packages (drivers?) from
 http://sourceforge.net/project/showfiles.php?group_id=13751 , and I've
used
 the parport.o, parport_pc.o, and lp.o drivers from the 2.4.18 package,

Good start.  Was there any output when you insmod'ed them?


 but I
 still can't print. How do I know if I'm using drivers from the right
 package?

If you're using Bering 1.0-stable,
Bering_1.0-stable_modules_2.4.18.tar.gz contains the correct
modules.  As a general rule, if insmod does not complain about
unresolved symbols, barf nasty error messages on the console,
or lock up the machine you're _usually_ okay.

If you're not feeling brave with your up-all-year firewall :-),
you should verify they were built from the same source tree and
config as your kernel.  For the case of Bering, that's probably
documented in the Bering install or user's guide somewhere, but
there is a chance it might not be as the 2.4.20 kernel was added
after most of the current docs were written.


 H, I can't seem to figure out what I'm doing wrong. Does
 Shorewall have anything to do with this? Thank you!

If you are running tests from another host it could be.  Here's
how I would debug it:

  1) Verify the modules are properly loaded:

   lsmod | grep -e parport -e lp

 The three modules you loaded should show up.

Here's what I see:

# lsmod | grep -e parport -e lp
lp  5580   1
parport_pc 15476   1
parport12096   1 [lp parport_pc]
parport12096   1 [lp parport_pc]


  2) Check to see if you have parport entries in the /proc
 filesystem:

   find /proc/ -name 'parport*'

 Many drivers, including parport.o IIRC, add entries to the
 /proc filesystem when they are loaded.

Here's what I see:

# find /proc/ -name 'parport*'
/proc/sys/dev/parport
/proc/sys/dev/parport/parport0

  3) Verify you have a /dev/lp0 device:

   ls -l /dev/lp0

 Should look something like:

   brad@boxer:~$ ls -al /dev/lp0
   crw-rw1 root lp 6,   0 Jun 13  2001 /dev/lp0

Here's what I have:

# ls -l /dev/lp0
crw-rw-rw-1 root root   6,   0 Jan 23 22:57 /dev/lp0


  4) Test printing from the firewall:

   (echo foo; echo bar; echo)  /dev/lp0

 The page may not eject, but if the printer does anything
 that's a good sign.

Here's what happened:

(echo foo; echo bar; echo)  /dev/lp0
cannot create /dev/lp0: error 16

  5) Verify that the daemon is started:

   svi p910nd stop; svi p910nd start
   ps -ef | grep p910

Here's what I have:

clonebox: -root-
# svi p910nd stop; svi p910nd start
Starting print server LPT1 ready LPT2 ready LPT3 ready
clonebox: -root-
# ps -ef | grep p910
 6492 root   1636 S/usr/sbin/p9100d 0
26431 root   1116 S/usr/sbin/p9100d 0


  6) Verify the daemon is bound to port 9100 (0x238C in hex):

   cat /proc/net/tcp | grep -i 238C

Here's what I have:

clonebox: -root-
# cat /proc/net/tcp | grep -i 238c
   0: :238C : 0A : 00: 
00 5425 1 c1265b20 300 0 0 2 -1


  7) Verify you can connect to that port from the print server:

   nc 192.168.1.254 9100

Here's what I get - No response

  8) Run tail -f /var/log/syslog on the print server and then
 verify you can connect to port 9100 from the printing client:

   telnet 192.168.1.254 9100

 or

   nc 192.168.1.254 9100

(Watch for shorewall messages in the tail -f output as you
attempt the connection.)

Here's what I have:

clonebox: -root-
# tail -f /var/log/syslog
Jan 24 01:48:32 clonebox kernel: Shorewall:net2all:DROP:IN=eth0 OUT=
MAC=00:02:e3:1d:e2:a5:00:09:b6:6a:14:54:08:00 SRC=134.184.125.206
DST=12.246.108.54 LEN=74 TOS=0x00 PREC=0x00 TTL=109 ID=10376 PROTO=UDP
SPT=1848 DPT=3481 LEN=54
Jan 24 02:00:01 clonebox /USR/SBIN/CRON[23162]: (root) CMD
(/etc/multicron-p)
Jan 24 02:15:01 clonebox /USR/SBIN/CRON[17317]: (root) CMD

[leaf-user] root.dev.mk file backup?

2003-01-22 Thread Craig Caughlin

Hi folks,
I've tried to back up the root.dev.mk and the root.dev.mod files (I'm trying
to make my Bering box a print server) by backing up the initrd, root, etc,
local, and modules packages from the main menu...but, somehow, these two
files are not being backed up. When I reboot, the changes haven't been
saved! H...what am I overlooking? Thank you.

Craig




---
This SF.net email is sponsored by: Scholarships for Techies!
Can't afford IT training? All 2003 ictp students receive scholarships.
Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more.
www.ictp.com/training/sourceforge.asp

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering print server set-up

2003-01-21 Thread Craig Caughlin

Hi folks,
Are the instructions at: http://www.mysunrise.ch/users/cmu/dachlpd.htm
applicable to Bering as well as Dachstein...or do they differ (in what way)?
Do you have to close printer ports 9100, 9101, and 9102 on the external
interfaces as indicated in Step 5 (I don't see that I have an ipfilter.conf
file in Bering)? Any other suggestions, tips, etc. would (as always) be
greatly appreciated. Thank you.

Craig




---
This SF.net email is sponsored by: Scholarships for Techies!
Can't afford IT training? All 2003 ictp students receive scholarships.
Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more.
www.ictp.com/training/sourceforge.asp

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering DMZ set-up questions

2003-01-11 Thread Craig Caughlin

Hi folks!
I have carefully read Tom's Shorewall guide, but have a couple of
questions. First, when you set up a DMZ with Bering / Shorewall, are
boxes within the DMZ completely unprotected in that they have no
ipchain rules, etc. that protect them (even if to only a small
degree)...or are boxes in the DMZ pretty much completely open to attack?
Second, I noticed that Tom has made a three-interfaces.tgz file that
(apparently) has all of the necessary files / modifications within it.
Is that really all I need to do to set up a basic DMZ?, i.e copy the
files within .tgz package over to Bering and backup?...that sort of
thing? Thank you, have a great weekend!

Best Regards,
Craig




---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] eth1: increased Tx threshold message?

2003-01-11 Thread Craig Caughlin

Hi folks,
I've just set up a new Bering box, and I've never seen this message
before. What is it? Thank you, have a great weekend!

Best Regards,
Craig




---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Could not mount the boot device error message-SOLVED (Bad CD drivers?)

2003-01-10 Thread Craig Caughlin

Hi folks,
I got my CD to boot successfully when I used the old Bering CD drivers
that I had used before. Evidently, there is something about the ones
that I downloaded from
http://leaf.sourceforge.net/devel/jnilo/bering/latest/modules/2.4.20/ker
nel/drivers/ that either my new Bering box or its CD-Rom doesn't like.
That's puzzling to me that the newer ones didn't want to work. Have a
great weekend!

Best Regards,
Craig

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Craig
Caughlin
Sent: Thursday, January 09, 2003 7:50 PM
To: LEAF
Subject: [leaf-user] Could not mount the boot device error message

Hi folks,
I'm making a new Bering bootable CD, and I think I have followed the
step by step instructions in the Bering user's guide exactly, and I get
this error message:

end_request: I/O error, dev 02:00 (floppy), sector 0
end_request: I/O error, dev 02:00 (floppy), sector 0
LINUXRC: Could not mount the boot device. Can't install packages.
Kernel Panic: Attempted to kill init!

I've made a bootable CD before, but I'm obviously forgetting something.
Suggestions?

Best Regards,
Craig




---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bad Bering natsemi.o driver?

2003-01-09 Thread Craig Caughlin

Hi folks,
I'm preparing a new box with the latest, stable Bering and I'm wondering
if the driver might be bad? I downloaded the natsemi.o driver for the
Netgear FA311 NICs I have from
http://leaf.sourceforge.net/devel/jnilo/bering/latest/modules/2.4.20/net
/, and when I use it, only eth0 is detected and not eth1 as well.
Fortunately, I have another natsemi.o driver that apparently I
downloaded at some point in the past and it seems to work fine with both
NICs. I wanted to bring this to the groups' attention if the driver
that's posted is in fact (somehow) defective??? Comments???

Best Regards,
Craig




---
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

1 2 >

1 - 100 of 113 matches

Mail list logo