[EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: 04 June 2003 17:37 To: [EMAIL PROTECTED] Subject: leaf-user digest, Vol 1 #1812 - 18 msgs
Send leaf-user mailing list submissions to [EMAIL PROTECTED] To subscribe or unsubscribe via the World Wide Web, visit https://lists.sourceforge.net/lists/listinfo/leaf-user or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of leaf-user digest..." Today's Topics: 1. Broadcom BCM5802 Security Processor (Charles Holbrook) 2. Re: Strange problem with Ap1000 and Wisp Dist! (Samuel Abreu de Paula) 3. RE: syslinux question: putting bering on a diskonchip (Erich Titl) 4. Re: PPTP w/dachstein (Lynn Avants) 5. Broadcom BCM5802 Security Processor and Cavium Nitrox Lite Security Processor (Charles Holbrook) 6. pppoe-server problems (Steve Wright) 7. Re: pppoe-server problems (Lynn Avants) 8. Re: Lost of port forwarding with Bering/Shorewall... (Lynn Avants) 9. Re: ipv6 and policy routing (Lynn Avants) 10. Re: Broadcom BCM5802 Security Processor (Lynn Avants) 11. Re: Lost of port forwarding with Bering/Shorewall... (Jeff Newmiller) 12. Re: pppoe-server problems (Jacques Nilo) 13. Fwd: Re: [leaf-user] syslinux question: putting bering on a diskonchip (Erich Titl) 14. Developing for bering-uclibc (Charles Holbrook) 15. bering & IDE driver problem (Marc E. Fiuczynski) --__--__-- Message: 1 From: Charles Holbrook <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: 03 Jun 2003 14:05:07 -0500 Subject: [leaf-user] Broadcom BCM5802 Security Processor Does anyone know if the latest stable bering release has a module to handle this piece of hardware. If there is no module for it in the default modules directory, has anyone tried to implement this piece of hardware and if so how? Here is the link to the hardware that I am trying to get up and running. www.broadcom.com/products/5802.html --__--__-- Message: 2 Date: Tue, 3 Jun 2003 15:40:40 -0300 From: Samuel Abreu de Paula <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Strange problem with Ap1000 and Wisp Dist! Organization: Dna Digital I made more tests here, and i find one thing strange! When the wisp-dist is sending a file in direction of ap1000 (To a station behind the ap1000), the signal in AP Manager goes to 40%, and i get some packet loss, when i stop the transmission, the signal back to 60%! In the other station if i try the same thing, the signal still the same, and the file is transmitted ok. What can be happened in the signal??? Is most likely be a hardware problem??? or in antenna? Thanks Samuel Abreu On Tue, 03 Jun 2003 11:19:54 +0300 Vladimir Ivaschenko <[EMAIL PROTECTED]> wrote: > What are the signal levels from both sides? > --__--__-- Message: 3 Date: Tue, 03 Jun 2003 21:30:23 +0200 To: [EMAIL PROTECTED] From: Erich Titl <[EMAIL PROTECTED]> Subject: RE: [leaf-user] syslinux question: putting bering on a diskonchip Hi Marc Marc E. Fiuczynski wrote the following at 19:27 03.06.2003: >I am using a linux rescue disk to copy over a bering distribution to the >disk-on-chip device. If the system reconizes the disk as an IDE device, I would believe it. So= me=20 time ago I had difficulties running syslinux on my bering system. IIRC it= =20 was due to a permission problem. I used an old DOS disk then to prepare m= y=20 DoM and it went smoothly (actually I am a little ashamed to have to resor= t=20 to a M$product to do that, but then, resources are resources....) HTH Erich THINK P=FCntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --__--__-- Message: 4 From: Lynn Avants <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [leaf-user] PPTP w/dachstein Date: Tue, 3 Jun 2003 15:30:15 -0500 On Saturday 31 May 2003 11:35 am, Fisher, Brian wrote: > I am currently trying to setup a VPN via pptp. My understanding is that I > need to do three things on my Dachstein firewall first. They are: 1) load > the ip_masq_pptp module > 2) open protocol 47 > 3) open port 1723 You don't need to load the ip_masq module *unless* you are forwarding the connection through to another client machine to authenticate. Otherwise, you need to port_forward through the ports to the specific client machine. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --__--__-- Message: 5 From: Charles Holbrook <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: 03 Jun 2003 16:26:32 -0500 Subject: [leaf-user] Broadcom BCM5802 Security Processor and Cavium Nitrox Lite Security Processor First of all let me apologize for double posting on the same issue. I just picked up 10 Iwill G300 Security systems. Nine of them have the Broadcom BCM5802 Macro Processor built in, and the other one (which my boss is looking at really hard as our new hardware platform for the LVS cluster) has the Cavium Nitrox Lite Macro Security Processor on it. Has anyone out there had a chance to install Bering-uClibC on a box with either of these? If so what did you have to do to get them to work. Are there modules that need to be loaded? If so what are the module names? Also are there any pitfalls that I should watch out for? On a side note. It took all of about 5 minutes to get bering 1.2 up and running on the CF cards. And since the BIOS has it set up as Secondary master just change a couple things in the syslinux.cfg and add the ide modules and it worked great. If there is anyone out there looking for a decent mid grade box(~500 per system) that can run bering well you might want to check these out. Being on CF makes the boot time roughly 10 seconds from power on to login prompt. No waiting forever for the floppy install to finish loading. And with 3 NICs built into the motherboard no need to worry about if you have all of the correct modules installed for the NICs(pci-scan and rtl8139) --__--__-- Message: 6 Date: Wed, 04 Jun 2003 14:18:51 +1200 From: Steve Wright <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [leaf-user] pppoe-server problems <sigh> this isn't working. What am I missing ? # grep pppd /var/log/messages [...] pppd[2591]: Couldn't set tty to PPP discipline: Invalid argument Kernel mode doesn't work. ppp_deflate won't load. wisprouter: -root- # modprobe ppp_deflate insmod: /lib/modules/2.4.20: No such file or directory Using /modules/ppp_deflate.o insmod: unresolved symbol zlib_deflateInit2_ insmod: unresolved symbol zlib_deflate_workspacesize insmod: unresolved symbol zlib_deflate insmod: unresolved symbol zlib_deflateReset insmod: unresolved symbol zlib_deflateEnd hmmm, # find /modules |grep zlib # find / |grep zlib nuffing.. wisprouter: -root- # lsmod |grep ppp pppoe 7136 0 (unused) pppox 1000 1 [pppoe] ppp_synctty 5080 0 (unused) ppp_generic 20216 0 [pppoe pppox ppp_synctty] slhc 4640 0 [ppp_generic] hmmm, try using the rp module instead of kernel mode.. pppd[2605]: /etc/ppp/plugins/rp-pppoe.so: undefined symbol: remote_number grrr, that's equally broken. <stumped> <sniff> 8-( Can anyone help ? cheers, Steve --__--__-- Message: 7 From: Lynn Avants <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [leaf-user] pppoe-server problems Date: Tue, 3 Jun 2003 20:59:21 -0500 On Tuesday 03 June 2003 09:18 pm, Steve Wright wrote: > <sigh> this isn't working. What am I missing ? [...] > wisprouter: -root- > # modprobe ppp_deflate > insmod: /lib/modules/2.4.20: No such file or directory > Using /modules/ppp_deflate.o > insmod: unresolved symbol zlib_deflateInit2_ > insmod: unresolved symbol zlib_deflate_workspacesize > insmod: unresolved symbol zlib_deflate > insmod: unresolved symbol zlib_deflateReset > insmod: unresolved symbol zlib_deflateEnd Ummmm.... zlib.lrp (http://leaf.sf.net/devel/jnilo) [...] > hmmm, try using the rp module instead of kernel mode.. > > pppd[2605]: /etc/ppp/plugins/rp-pppoe.so: undefined symbol: remote_number > > grrr, that's equally broken. Ummm.... no (recent) rp-pppoe package for Bering, the kernel pppoe is what is normally used anymore. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --__--__-- Message: 8 From: Lynn Avants <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Lost of port forwarding with Bering/Shorewall... Date: Tue, 3 Jun 2003 21:56:40 -0500 On Monday 02 June 2003 08:02 pm, Nicolas Riendeau wrote: > I was wondering if there is any known issues in Bering (V1.1) and/or the > Shorewall that came with (1.3.?) that might cause it to temporarily stop > forwarding a port... Not that I am aware of. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --__--__-- Message: 9 From: Lynn Avants <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [leaf-user] ipv6 and policy routing Date: Tue, 3 Jun 2003 22:03:12 -0500 On Wednesday 28 May 2003 06:37 pm, Steve Wright wrote: > Heyas All, > > <fishing> > Anyone else out there thinking about LEAF, IPV6, bigger networks, and > policy routing ? > > </fishing> I belive someone got a LEAF ipv6 box up and running after jumping through many hoops. LEAF is running on several very large networks already. Policy routing isn't something that has been very actively pursued yet, though has been done. If your seriously looking into doing some major policy routing setups, cish is a Cisco/Checkpoint-type shell that was worked into an ancient version of LRP that did policy routing IIRC... maybe hacking into that image would provide some good ideas. David Douthitt made a 'cish' package, though I don't know if anyone has ever actually used it and what it contained except possibly the menu shell itself (that may be older than the 'cish' image itself). I lot of ideas, but never seemingly enough time....... -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --__--__-- Message: 10 From: Lynn Avants <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Broadcom BCM5802 Security Processor Date: Tue, 3 Jun 2003 22:06:58 -0500 On Tuesday 03 June 2003 02:05 pm, Charles Holbrook wrote: > Does anyone know if the latest stable bering release has a module to > handle this piece of hardware. If there is no module for it in the > default modules directory, has anyone tried to implement this piece of > hardware and if so how? I believe there is atleast one available NIC that comes with this chip built-in, though last I heard it was unsupported with Linux IIRC. You'll likely have to search the kernel-devel archives to glean any better information on any possible Linux kernel support. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --__--__-- Message: 11 Date: Tue, 3 Jun 2003 22:14:51 -0700 (PDT) From: Jeff Newmiller <[EMAIL PROTECTED]> To: Lynn Avants <[EMAIL PROTECTED]> cc: Leaf User Support List <[EMAIL PROTECTED]> Subject: Re: [leaf-user] Lost of port forwarding with Bering/Shorewall... On Tue, 3 Jun 2003, Lynn Avants wrote: > On Monday 02 June 2003 08:02 pm, Nicolas Riendeau wrote: > > I was wondering if there is any known issues in Bering (V1.1) and/or the > > Shorewall that came with (1.3.?) that might cause it to temporarily stop > > forwarding a port... > > Not that I am aware of. Insufficient memory can cause packets to be dropped. I started out (long before Bering) with an 8MB 486 with a ppp dialup, and it used to stop responding to console input occasionally as well as not accepting new connections, and would unfreeze after awhile. I correlated the freezes with heavy traffic. (I also recommend at least 16MB now.) Some gaming applications create many udp connections that exacerbate the memory problems by filling memory up with connection tracking data even when you think you have enough. Also note that tmpfs and kernel buffer memory may be in competition for the same RAM in small memory configurations. On an unrelated but similar topic, coming from the inside now with Bering, dnscache performs poorly when the upstream pipe is clogged, leading to "host not found" errors when surfing the web. If I wait long enough before refreshing the browser, dnscache will eventually complete the lookup, and the browser will (slowly) get the web page. In this case memory is okay but available bandwidth is low leading to timeouts. --------------------------------------------------------------------------- Jeff Newmiller The ..... ..... Go Live... DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/Batteries O.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --------------------------------------------------------------------------- --__--__-- Message: 12 From: Jacques Nilo <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: [leaf-user] pppoe-server problems Date: Wed, 4 Jun 2003 07:46:07 +0200 Le Mercredi 4 Juin 2003 03:59, Lynn Avants a écrit : > On Tuesday 03 June 2003 09:18 pm, Steve Wright wrote: > > <sigh> this isn't working. What am I missing ? > > [...] > > > wisprouter: -root- > > # modprobe ppp_deflate > > insmod: /lib/modules/2.4.20: No such file or directory > > Using /modules/ppp_deflate.o > > insmod: unresolved symbol zlib_deflateInit2_ > > insmod: unresolved symbol zlib_deflate_workspacesize > > insmod: unresolved symbol zlib_deflate > > insmod: unresolved symbol zlib_deflateReset > > insmod: unresolved symbol zlib_deflateEnd > > Ummmm.... zlib.lrp (http://leaf.sf.net/devel/jnilo) No. From Bering (1.1 onward) /etc/modules file: <snip> # Modules needed for PPP connection #slhc #ppp_generic #ppp_async # The three following modules are not always needed #zlib_inflate #zlib_deflate #ppp_deflate </snip> Since kernel 2.4.20 ppp_deflate depends on zlib_inflate and deflate modules available here: http://leaf.sf.net/devel/jnilo/bering/latest/modules/2.4.20/kernel/lib/ add then to /lib/modules, declare them in /etc/modules and that will fix your pb. > [...] > > > hmmm, try using the rp module instead of kernel mode.. > > > > pppd[2605]: /etc/ppp/plugins/rp-pppoe.so: undefined symbol: remote_number > > > > grrr, that's equally broken. > > Ummm.... no (recent) rp-pppoe package for Bering, the kernel pppoe is > what is normally used anymore. the pppoe plugin provided in pppoe.lrp should work. Jacques --__--__-- Message: 13 Date: Wed, 04 Jun 2003 08:01:33 +0200 To: [EMAIL PROTECTED] From: Erich Titl <[EMAIL PROTECTED]> Subject: Fwd: Re: [leaf-user] syslinux question: putting bering on a diskonchip > From [EMAIL PROTECTED] Tue Jun 3 23:06:08 2003 >Date: Wed, 04 Jun 2003 09:05:59 +1200 >From: Steve Wright <[EMAIL PROTECTED]> >User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.9)= Gecko/20020513 >X-Accept-Language: en-us, en >To: Erich Titl <[EMAIL PROTECTED]> >Subject: Re: [leaf-user] syslinux question: putting bering on a diskonchip > >Erich Titl wrote: > >>Hi Marc >> >>Marc E. Fiuczynski wrote the following at 19:27 03.06.2003: >> >>>I am using a linux rescue disk to copy over a bering distribution to the >>>disk-on-chip device. >> >> >>If the system reconizes the disk as an IDE device, I would believe it.=20 >>Some time ago I had difficulties running syslinux on my bering system.=20 >>IIRC it was due to a permission problem. I used an old DOS disk then to=20 >>prepare my DoM and it went smoothly (actually I am a little ashamed to=20 >>have to resort to a M$product to do that, but then, resources are=20 >>resources....) > >If people feel strongly about using a ms product to do this (I would),=20 >then this is what I do. > >On my old RedHat 7.3 I have installed LTSP, a thin-client terminal server= =20 >package. This allows me to boot any old piece of junk on my local LAN as= =20 >a thin client. > >I hacked the base LTSP installation so the thin-clients run with a=20 >modified /etc/passd - with an entry for a root login. > >Now it is completely trivial to bring along any i386 LEAF router, plug=20 >into LAN, etherboot/PXE boot as a thin terminal (local HDD/DOM not used),= =20 >load IDE modules, mount DOM, and copy across what ever I need, unmount,=20 >sync, reboot, test. Dead easy, and fast. > >Further hacking of the LTSP code would likely render a complete=20 >development environment for DOM-type routers. /niiice/. If anyone wants= =20 >to build such a thing, I would be happy to assist as I know LTSP quite=20 >well. I'm a bit busy to do it ALL myself right now. 8-) > > >http://ltsp.org >http://k12ltsp.org > > THINK P=FCntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --__--__-- Message: 14 From: Charles Holbrook <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Date: 04 Jun 2003 11:12:32 -0500 Subject: [leaf-user] Developing for bering-uclibc Um can anyone point me to somewhere on the web that has documentation on where to get the buildtools to get a development system set up for bering-UclibC? --__--__-- Message: 15 From: "Marc E. Fiuczynski" <[EMAIL PROTECTED]> To: "Leaf User" <[EMAIL PROTECTED]> Date: Wed, 4 Jun 2003 09:35:53 -0700 Subject: [leaf-user] bering & IDE driver problem I followed the instructions to put the IDE drivers into initrd.lrp of the bering floppy. Unfortunately, this doesn't seem to work with my disk-on-chip IDE drive (even though this drive can be accessed just fine via a linux rescue floppy). In the dmesg information shown below there are two lines stating "detected chipset, but driver not compiled in!". However, when checking with insmod, the ide-disk.o, ide-mod.o, and ide-probe-mod.o files have all been loaded. These modules are listed in the boot modules files, so they should have been insmod'ed in before the kernel does these tests. Any way, can someone shed light onto what might be going on or wrong here? Uniform Multi-Platform E-IDE driver Revision: 6.31 ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx PIIX: IDE controller on PCI bus 00 dev 38 PIIX: detected chipset, but driver not compiled in! PIIX: chipset revision 2 PIIX: not 100% native mode: will probe irqs later PIIX: neither IDE port enabled (BIOS) PIIX: IDE controller on PCI bus 00 dev 39 PIIX: detected chipset, but driver not compiled in! PIIX: chipset revision 2 PIIX: not 100% native mode: will probe irqs later VFS: Can't find a Minix or Minix V2 filesystem on device 02:2c. --__--__-- _______________________________________________ leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user End of leaf-user Digest ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html