RE: [leaf-user] proc net entries in bering/bering-uclibc

[Jørn Eriksen]

Ronny,

Could you just not build a package with a small sh file that do this?

Jorn

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ronny Aasen
Sent: Friday, October 08, 2004 11:14 PM
To: leaf
Subject: [leaf-user] proc net entries in bering/bering-uclibc


using bering and bering-uclibc, for routers not firewalls
i keep running into the arp table limit and the ip_conntrack limit.

the arp limit is noticed by the message 'neighbour table overflow' in
dmsg, and fixed by 

echo 16  /proc/sys/net/ipv4/neigh/default/gc_thresh1
echo 256  /proc/sys/net/ipv4/neigh/default/gc_thresh2
echo 2048  /proc/sys/net/ipv4/neigh/default/gc_thresh3

more info at: http://www.rstack.net/tuning_proc_for_arp.html

the ip_conntrack limit is noticed by 'ip_conntrack table full dropping
packet'

and fixed by something like 
echo 65000  /proc/sys/net/ipv4/ip_conntrack_max

both of these limits make the box drop packets.

so my question is.
Can these entries be incorperated into the lrcfg meny somewhere.
with a lot of the nice comments that we'v all come to love :)

i have noticed most of these limits the hard way. By customers
complaining about poor performance at the worst possible time (tm) 

or is there already such a system, and i am just to blind to spot it ? 
the network.options maybee ? 
-- 
Ronny Aasen [EMAIL PROTECTED]



---
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] VNC on Leaf

[Jørn Eriksen]

Hello there List,

Would there be anyone on the list that has run VNC on a Leaf based box?
Theoretically it should be possible as it only require uClic and SVGAlib...

That would create a thin-client that would be SUPER simple to set up

Thanks
Jorn



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] VNC on Leaf

[Jørn Eriksen]

Luis  List,

I'm sorry that I've not explained myself better - I'm not after running a
VNC/Server on the Leaf platform but a VNC client.  And then not use Leaf as a FW
but as a user machine that connect via VNC to a huge server box... It would be
a LEA - but it would be VERY easy to set up and deploy...

Jorn

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
Luis.F.Correia
Sent: Wednesday, April 14, 2004 12:44 PM
To: [EMAIL PROTECTED]
Subject: RE: [leaf-user] VNC on Leaf


Hi!

it is not practical nor secure to have that kind of stuff
on a router/firewall.

I had myself that same idea about a year ago, on the purpose of
having only one tool for remote administration.

However, i came to the conclusion that SSH based login is much
more secure and easy to use.

So: either use dropbear on Bering uClibc or just plain old
serial port login...


Luis Correia
Bering uClibc Team Member

PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6
Key Server: http://pgp.mit.edu



 -Original Message-
 From: Jørn Eriksen [mailto:[EMAIL PROTECTED]
 Sent: Wednesday, April 14, 2004 10:41 AM
 To: [EMAIL PROTECTED]
 Subject: [leaf-user] VNC on Leaf

 Hello there List,

 Would there be anyone on the list that has run VNC on a Leaf
 based box?
 Theoretically it should be possible as it only require uClic
 and SVGAlib...

 That would create a thin-client that would be SUPER simple to
 set up

 Thanks
 Jorn



 ---
 This SF.Net email is sponsored by: IBM Linux Tutorials
 Free Linux tutorial presented by Daniel Robbins, President and CEO of
 GenToo technologies. Learn everything from fundamentals to system
 administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
 --
 --
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=ick

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Re: PPPoE without username and password

[Jørn Eriksen]

Lasse,

Looks to me like you are in Denmark - what provider are U using?  Maybe there is
soneone else on the list that have set something up with you provider...

Best regards
Jørn

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of and hansen
Sent: Wednesday, December 10, 2003 2:48 AM
To: [EMAIL PROTECTED]
Subject: [leaf-user] Re: PPPoE without username and password


Hi Eric

Thanks for your development of this BeringLinux
and thanks for rapid response


are you sure your new provider does use pppoe and not
another method to connect.
pppoe without an user and a password is unusual.

No... but now i learned that i have i cable
connection, but i got the same equipment
as with my previous ISP, but they used PPPoE :)

another strange symptom is  that your ISP doesn't
answer any
PADI . so you don't get a  channel number.
This is all on a level before any authentication,
compression and so on starts.

So possible causes are
1.  you don't need pppoe but for example pump  ( ask
your provider)

pump is up

2. you have an hardware problem

eliminated i use the same hardware now (on macos with
dhcp configuration, so pump it is)

3. your provider has an hardware problem on the
access concentrator
4. another , i didn't think of
5 I made a mistake :)

this is ware i am now:
all fresh bering1.2 floppy only with my net drivers
edited
but pump complains:
Dec 10 02:11:28 firewall pumpd[19684]: starting at
(uptime 0 days, 0:01:31) Wed Dec 10 02:11:28 2003
Dec 10 02:11:28 firewall pumpd[19684]: PUMP: sending
discover
Dec 10 02:11:28 firewall pumpd[19684]: breq: opcode: 1
Dec 10 02:11:28 firewall pumpd[19684]: breq: hw: 1
Dec 10 02:11:28 firewall pumpd[19684]: breq: hwlength:
6
Dec 10 02:11:28 firewall pumpd[19684]: breq: hopcount:
0
Dec 10 02:11:28 firewall pumpd[19684]: breq: xid:
0x022b6656
Dec 10 02:11:28 firewall pumpd[19684]: breq: secs: 0
Dec 10 02:11:28 firewall pumpd[19684]: breq: flags:
0x
Dec 10 02:11:28 firewall pumpd[19684]: breq: ciaddr:
0.0.0.0
Dec 10 02:11:28 firewall pumpd[19684]: breq: yiaddr:
0.0.0.0
Dec 10 02:11:28 firewall pumpd[19684]: breq:
server_ip: 0.0.0.0
Dec 10 02:11:28 firewall pumpd[19684]: breq:
bootp_gw_ip: 0.0.0.0
Dec 10 02:11:28 firewall pumpd[19684]: breq: hwaddr:
Dec 10 02:11:28 firewall pumpd[19684]: breq:
servername:
Dec 10 02:11:28 firewall pumpd[19684]: breq: bootfile:

Dec 10 02:11:28 firewall pumpd[19684]: breq: vendor:
0x63 0x82 0x53 0x63
Dec 10 02:11:28 firewall pumpd[19684]: breq: vendor:
53 1 0x01
Dec 10 02:11:28 firewall pumpd[19684]: breq: vendor:
0xff

also tried dhclient, no luck

help.. :))

regards lasse

Yahoo! Mail (http://dk.mail.yahoo.com) - Gratis: 6 MB lagerplads, spamfilter og
virusscan


---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278alloc_id=3371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78alloc_id371op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Problem accessing weblet from internal network

[Jørn Eriksen]

Hi there,

Did you check the hosts.allow file in /etc ?

Jorn
 Hello All,
  After having little success in working out why i can not access weblet
 from my internal network here are some of the outputs from the box. It is
 a Bering version 1.2 running a dailup and one ethernet link.
  
 ---
 1: lo: LOOPBACK,UP mtu 16436 qdisc noqueue
     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
     inet 127.0.0.1/8 brd 127.255.255.255 scope host lo
 2: dummy0: BROADCAST,NOARP mtu 1500 qdisc noop
     link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
 3: eth0: BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast qlen 100
     link/ether 00:a0:a5:03:00:97 brd ff:ff:ff:ff:ff:ff
     inet 203.39.204.190/26 brd 203.39.204.191 scope global eth0
 7: ppp0: POINTOPOINT,MULTICAST,NOARP,UP mtu 1500 qdisc pfifo_fast qlen 3
     link/ppp
     inet 139.130.32.155 peer 139.130.32.129/32 scope global ppp0
 ---
 Module Pages    Used by
 ip_nat_irc  2176    (unused)
 ip_nat_ftp  2784    (unused)
 ip_conntrack_irc    2880   1
 ip_conntrack_ftp    3648   1
 ppp_async   6284   1
 ppp_generic
     16152   3 [ppp_async]
 slhc    4352   1 [ppp_generic]
 lance  11432   1
 ide-probe-mod   8476   0
 ide-disk    9304   0
 ide-mod    63076    [ide-probe-mod ide-disk]
 -
 139.130.32.129 dev ppp0  proto kernel  scope link  src 139.130.32.155
 203.39.204.128/26 dev eth0  proto kernel  scope link  src 203.39.204.190
 default via 139.130.32.129 dev ppp0
 -
 Sep  4 06:42:16 firewall syslogd 1.3-3#31.slink1: restart.
 Sep  4 09:16:25 firewall -- MARK --
 Sep  4 11:10:05 firewall chat[9908]: abort on (BUSY)
 Sep  4 11:10:05 firewall chat[9908]: abort on (ERROR)
 Sep  4 11:10:05 firewall chat[9908]: abort on (NO CARRIER)
 Sep  4 11:10:05 firewall chat[9908]: abort on (NO DIALTONE)
 Sep  4 11:10:05 firewall chat[9908]: abort on (Invalid Login) Sep  4
 11:10:05 firewall chat[9908]: abort on (Login Incorrect) Sep  4 11:10:05
 firewall chat[9908]: send (ATZ^M) Sep  4 11:10:05 firewall chat[9908]:
 expect (OK) Sep  4 11:10:05 firewall chat[9908]: ATZ^M^M Sep  4 11:10:05
 firewall chat[9908]: OK Sep  4 11:10:05 firewall chat[9908]:  -- got it
 Sep  4 11:10:05 firewall chat[9908]: send (ATDT#^M)
 Sep  4 11:10:06 firewall chat[9908]: expect (CONNECT)
 Sep  4 11:10:06 firewall chat[9908]: ^M
 Sep  4 11:10:30 firewall chat[9908]: ATDT#^M^M
 Sep  4 11:10:30 firewall chat[9908]: CONNECT
 Sep  4 11:10:30 firewall chat[9908]:  -- got it
 Sep  4 11:10:30 firewall chat[9908]: send (^M)
 Sep  4 13:16:25 firewall -- MARK --
 Sep  4 17:16:25 firewall -- MARK --
 Sep  4 21:16:25 firewall -- MARK --
 ---
 _[H_[JShorewall-1.4.2 Status at firewall - Thu Sep  4 22:09:31 EST 2003
 Counters reset Sun Jul 27 14:35:19 EST 2003 Chain INPUT (policy DROP 0
 packets,  bytes)
  pkts bytes target prot opt in out source  
 destination
     0  DROP  !icmp -- 



---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] uclibc - libc225.lrp - is it lost?

[Jørn Eriksen]

Hello there,

Does anyone know where I can find the libx255.lrp for Bering uclibc ?
This link:
http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/leaf/bin/packages/uclibc-0.9/15/libc225.lrp?rev=HEADcontent-type=application/octet-stream
I can not get to work..

Thanks
Jorn


---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] ext3 on Bering 1.1

[Jørn Eriksen]

Hello there,

U could use this one:
http://leaf.sf.net//devel/thc/files/kwarchive/fdisk.lrp

Best regards
Jorn


 Good morning!
 what utility is there in bering 1.2 to allow  me to use fdisk and
 partition my Hdisk? I have laready installed bering on the dos partition
 on the drive. Hdsupp.lrp did not help me.


 Godfried Duodu
 (713)802-5146
 fax # (713}802-5140

 Lynn Avants [EMAIL PROTECTED] 6/19/03 8:08:15 PM

 On Thursday 19 June 2003 07:05 pm, Kory Krofft wrote:
 Lynn,

 I am not sure what caused it to fail. I downloaded a Linux rescue CD
 image and used it to run mke2fs -j on the the drive. It now mounts
 as
 ext3  just fine.

 The rescue CD was likely running bash instead of ash. There are more
 than
 a few incompatibilities between these shells interpretation of the same

 code.

 Thanks for the suggestions.

 No problem, glad it's working and thanks for reporting back to the list!
 --
 ~Lynn Avants
 Linux Embedded Appliance Firewall Developer
 http://leaf.sourceforge.net
 http://guitarlynn.homelinux.org:81


 ---
 This SF.Net email is sponsored by: INetU
 Attention Web Developers  Consultants: Become An INetU Hosting
 Partner.
 Refer Dedicated Servers. We Manage Them. You Get 10% Monthly
 Commission!
 INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php

 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html


 ---
 This SF.Net email is sponsored by: INetU
 Attention Web Developers  Consultants: Become An INetU Hosting Partner.
 Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
 INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html





---
This SF.Net email is sponsored by: INetU
Attention Web Developers  Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] RealTek nic problem

[Jørn Eriksen]

I had the same problem however when using the:
rtl8139
module - all seams to work OK...  I can't speak to why the 8139too do not
work though...

Best regards
Jorn

 I have a NIC with a RealTek chipset that in full linux distributions
 works with the 8139too module.
 In Bering 1.2 I loded the mii.o module then when I try to load the
 8139too.o module I got the error:
 insmod: init_module: 8139too.o: Operation not supported by device

 What am I missing ?

 Thanks,

 Alex


 ---
 This SF.NET email is sponsored by: eBay
 Great deals on office technology -- on eBay now! Click here:
 http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html





---
This SF.NET email is sponsored by: eBay
Great deals on office technology -- on eBay now! Click here:
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] PPTP loging

[Jørn Eriksen]

Hi there,

Would there be anyone that uses Leaf as a dial-in unit that have created a
special log script?  What I'm after is something that can tell me when a
user login into PPTP and exited

The easy part is the grep the log and get when they logged in - however -
it's a bit more tricky to get when they logged out..  Hopfully someone has
allready invented this wheel :-)

Thanks and best regards
Jorn





---
This SF.NET email is sponsored by: eBay
Great deals on office technology -- on eBay now! Click here:
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering 1.1 partial backup issue

[Jørn Eriksen]

Hello there,

It seams that there is a bug in the set backup type script in Bering 1.1

In my case IPsec is package no 13 so I use:
 # t 13
then the line for that package become:
18) ipseccdrom iso9660
As one can see the information on backup type completely go away.

If I also try to set the destination everything go wrong.

Any clues?

Thanks
Jorn




---
This SF.net email is sponsored by:Crypto Challenge is now open! 
Get cracking and register here for some mind boggling fun and 
the chance of winning an Apple iPod:
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0031en

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html