[Leaf-user] loking for webcam.lrp ?
I found some post about it. Does any one know what it is supposed to do and where to get it ? Jacques Sorry for a possible double post I have some trouble sending mail to the list ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] A strange firewall log
Dear Leaf fellows ! I have been receiving in my syslog for the past few days this type if record: Jun 18 19:04:49 firewall kernel: Packet log: input DENY eth0 PROTO=6 210.232.219.66:3377 195.132.172.176:25 L=44 S=0x10 I=24833 F=0x4000 T=95 SYN (#45) The strange thing is that the destination adress which shows up in the log (195.132.172.176) is not my adress ! My adress (as shown by ip addr show on the LRP box) is of the form 195.132.172.XX/24 but XX is not 176. What is going on there ?? Any idea ?? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] LRP 2.9.8 (2.0.x) and sshd
From: "Ray Olszewski" <[EMAIL PROTECTED]> > Chris -- the Koon Wong versions of ssh and sshd are pretty old. I believe > there has been (at least) one security-update release since it day. I did > find what I think are newer versions of ssh and sshd ("Openssh v2.9p1") on > the LEAF site, at URL > > http://leaf.sourceforge.net/article.php?sid=25 > > (Mike - or anyone - was there some easy way to find this via the menu tree? > I got it through a search on "ssh" after hitting several dead ends in the > menus.) If you want a direct link to the latest openssh lrp package, here it is: http://leaf.sourceforge.net/devel/jnilo/openssh.html Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] LRP 2.9.8 (2.0.x) and sshd
> > If you want a direct link to the latest openssh lrp package, here it is: > > http://leaf.sourceforge.net/devel/jnilo/openssh.html > > FYI ... the web page here says to save boot.lrp, after adding the libz. > > On EigersteinBeta2, there is no boot.lrp (at least, mine doesn't have one). > Saving root.lrp did save that library. Well spoted ! the typo is corrected. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: install of ssh + bug message
- Original Message - From: "a novak" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, June 20, 2001 4:40 AM Subject: install of ssh + bug message jacques i downloaded the ssh pkgs from your website (thanx for making these available) and have followed your manual install instructions. i have been trying to get a single floppy lrp with the ssh client as well as the daemon on it + thought maybe your manual install was the answer. i was unable to get them to fit, and also ran into a bug error message "BUG IN DYNAMIC LINKER ld.so: dynamic-link.h: 53 elf_get_dynamic_info:Assertion'! "bad dynamic tag"' failed! " i have 2 questions of you, if you would help out before i pull my hair out. 1. is it possible to fit ssh client + daemon on 1 floppy? 2. is this bug error msg the result of a problem with the sshx code, or is it a mismatch problem between the openssh code + my kernel? i'm using 2.2.16 with a customized idiot image from charles steinkeuhler's site on a 1680 floppy. any hints are much appreciated thanx Pat Novak Plse no HTML 1/ Probably difficult. I have not tried myself since my disk is already full. On a 1743K disk maybe if you do not use dhclient or dhcpd you may be able to install the shhd.lrp package which is the only you need once the keys are generated. I am installing it "manually" as explained in the doc but you could also take advantage of a dual floppy boot. 2/ Did you install and renamed libz.so.1 as explained in the doc and backuped root.lrp ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ES2B/OpenSSH Install Problem
> floppies. However, I have tried using a standard 1.44 floppy for the > secondary diskette as part of my troubleshooting and the problems don't seem > to change. You must use the same format as your 2nd boot disquette if you want to backup sshd properly. So first step is to copy on your second boot disquette sshd.lrp and sshkey.lrp. Be sure to have installed libz.so.1 ( and saved) to begin with as explain in the doc > I copied the download files to a floppy disk and installed it in my second > floppy drive, mounted it and ran the lrpkg commands and then makekey. > > On the first run through, I got a "could not create file/directory" error > when running makekey. I manually created the /etc/ssh directory and makekey Have you run lrpkg -i sshd from /mnt ***FIRST*** as described in the doc ? This should create /etc/ssh. You should not have to do it manually. After that you run lrpkg -i sshkey and makekey > The next problem occurs when I try to use lrcfg to backup sshd. I get an > error that says "unable to mount...". I thought maybe this was because I > didn't umount the diskette after the makekey step so I tried to umount it > and get the message '/mnt busy '. I then looked at the processes and found OK I forgot to say that in the doc (basic linux pb). Type cd / then you will be able to umount /mnt then to backup sshd Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ES2B/OpenSSH Install Problem
> After I boot up, I mounted the secondary diskette with 'mount -t msdos > /dev/fd1u1722 /mnt' and then I run 'lrpkg -i sshd'. When I just repeated > that process, I did NOT have a /etc/ssh directory afterwards so I downloaded > a fresh copy of sshd.lrp from your site and that solved the problem of the > /etc/ssh directory not being created (I must have had a corrupted file). > > I added the 'cd /' statement to my instructions and this time, the umount > appeared to work properly. But I'm still getting the 'could not mount > backup device' when it gets to the sshd part, although I can exit from lrcfg > and manually mount the device using 'mount -t msdos /dev/fd1u1722 /mnt'. > > It seems like there might be something else I need to do in ES2B itself to > permit mounting both floppy diskettes (fstab entry or make a node other than > '/mnt' for the second floppy?). > > paul Ok. I am not familiar with the dual boot floppy LRP setup since I have always been working with a single floppy :-) You could try the following trick (I assume from what you said that makekey went OK): Type lrcfg and backup sshd. When asked "Enough freespace? (y/N)" exit with CTRL C Then you will have your sshd.lrp package in /tmp that you can copy to whatever floppy you need. You will have to unmount /var/lib/lrpkg/mnt (type df) at some point. But I am pretty sure the dual setup allows a normal backup procedure; Sorry I can't help you on this Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ES2B/OpenSSH Install Problem
- Original Message - From: "Paul M. Wright, Jr." <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, June 23, 2001 9:43 PM Subject: RE: [Leaf-user] ES2B/OpenSSH Install Problem > I added the 'cd /' statement to my instructions and this time, the umount > appeared to work properly. But I'm still getting the 'could not mount > backup device' when it gets to the sshd part, although I can exit from lrcfg > and manually mount the device using 'mount -t msdos /dev/fd1u1722 /mnt'. > You could also try the following. Before typing lrcfg send the df command and umount every device except /dev/ram0 For example after CTRL C from the previous post you should get something like: # df Filesystem 1024-blocks Used Available Capacity Mounted on /dev/ram0 122345491 6743 45% / /dev/fd0u1743 1424 120 1304 8% /var/lib/lrpkg/mnt firewall: -root- THEN YOU ISSUE # umount /var/lib/lrpkg/mnt firewall: -root- # df Filesystem 1024-blocks Used Available Capacity Mounted on /dev/ram0 122345491 6743 45% / NOW backup through lrcfg should work Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] problem installing openssh (new one) :)
From: "Charles-Etienne Dube" <> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > I tried to install te new openssh packages from Jacques Nilo's page, > but I had no sucess, the first steps are going fine, I copied libz.so1 > in /lib/libz.so.1 then I ran lrpkg -i on both packages (ssshd and > sshkey), this part went fine. > > The problem is when I run "makekey" I obtain the following error : > > myrouter: -root- > # makekey > BUG IN DYNAMIC LINKER ld.so: dynamic-link.h: 53: elf_get_dynamic_info: > Assertion > `! "bad dynamic tag"' failed! > Is the fact that I changed my kernel has something to do with that ? I > doubt but... Does anybody know why I have this message ? I doubt as well. A previous post with openssh problem on the leaf-user list was due to a corrupted file. Could you try to get a fresh copy of libz, sshd and sshkey from leaf.sourceforge.net and make another attempt ? If it does not work I'll try to reproduced your pb on a Ken PPPOE disk image later today. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] problem installing openssh (new one) :)
From: "Charles-Etienne Dube" <[EMAIL PROTECTED]> > I ran makekey succefully with the package from your sourceforge page > and also > with your libz.lrp. To confirm that it works I used ssh to connect to > other machines. > > But a problem remains, I cannot backup sshd.lrp and ssh.lrp but I can > backup > libz.lrp. I don't know very much about the backup process of lrp but > all other packages > can backed-up fine except for those two. > > The error message is "could not mount back-up device" And it is certain > that my > back-up device is ok since I can back-up other packages. The message > appears at the > same moment as described in the recent post from the guy who ran these > packages on a dual floppy set-up. > > In my case, I use IDE flash disk wich is configured to be /dev/hdc1, so > would it > be possible that these packages only back-up well on a one floppy setup > ? may be > /dev/fd0 is hard coded somewhere ? I suspect that either your hard disk or a floppy disk is mounted. Frome your LRP console exit the LRP menu and type df. You should only see /dev/ram0 mounted you should be able to backup. if some other device shows up (which I suspect) umount it (cd / then umount /whateverdirectory which is mounted ) and it should go. By the way since you are the happy owner of an IDE flash disk your install procedure should be as follow: 1/ copy libz.lrp ssh.lrp and sshd.lrp on your IDE disk 2/ include the 3 packages in syslinux.cfg. Save syslinux.cfg. 3/ reboot 4/ run makekey from the console 5/ backup sshd (this time it should work since you have not mounted anything) 6/ remove sshkey.lrp from your disk and from syslinux.cfg I'll update the install manual to clarify all this over the week-end. Bonsoir Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] http://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] LRP and ez-ipupdate
> Does anyone has ez-ipupdate (3.0.11b5) packaged ? > I need a version which supports dyndns-custom, and it seems that the latest > lrp package (that I found) is 3.0.1b1. > > Stefaan See http://leaf.sourceforge.net/devel/jnilo/packages/ez-ipupd.lrp It's 3.0.11b5 stripped to 24K It's also on Shane Boulder page at http://leaf.sourceforge.net/devel/sboulter/ but I am not sure of the version and the package is bigger (45K - not stripped) Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dynamic DNS
> >If a recent openssh is available from J. Nilo, it probably > >includes libssl and libcryto. > > Nope. > > If I get Jacques' current sshd.lrp package and un'tgz it, I find neither > library included. If I run ldd against this sshd, I don't see libssl or > libssl09 mentioned in its dependencies. (Nor does the sshd on my Debian > workstation list libssl or libssl09 among its dependencies.) I do see > libcrypt mentioned (for both sshd apps), but not libcrypto for Jacques' > version ... since the smaller Debian sshd does depend on libcrypto, I'd > infer that Jacques linked in the libcrypto stuff statically. I confirm. I think I should package those libs separately. I'll do that for the next update Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ssh
> Hi > Can someone point me to an instruction for setting up ssh on Dachstein. > I've copied sshd-1.lrp & sshkey-1.lrp to the disk, generated a key, > saved it but it's still looking for a key. http://leaf.sourceforge.net/devel/jnilo/openssh.html Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Daemontools package backup
> everything works great, i can add a new service to be monitored by simply > adding a symbol link in /service to the directory where my ./run file is > included... > > however i cannot backup any new symbolic links that i create to run the > services. > > a look at the daemontl.list shows: > > [snip] > usr/bin/tai64nlocal > service > ^^^ > etc/init.d/svscan > var/lib/lrpkg/daemontl.* > [snip] > > and at the daemontl.exclude.list: > service/* > > does this mean that the links in service are not backed up with this > package? if yes, then how can i backup any new links? Yes simlinks are not backuped my dsncache/tinydns/qmail packages The are created (stript_name start) or deleted (script_name stop) by their own init.d scripts. Have a look at those scripts if you want to create similar ones for other application Also be warned that there is a bug in LRP 2.9.8: files ownership are not properly saved when backing up. And DJB stuff is very very picky about files ownership, permission and the like. Have a look a my qmail package to see how to take care of that. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein-CD: dnscache vs. tinydns ???
> OK, this is really not about Dachstein, although that is the > distribution that we're using ;> > > What are the primary differences between dnscache and tinydns ??? http://leaf.sourceforge.net/devel/jnilo/dnscache1.html http://leaf.sourceforge.net/devel/jnilo/tinydns1.html > What are the criteria we ought to consider, in deciding which to deploy? Really two different needs. If you only need to access the web dnscache will speed up your requests (that is the "cache" part of it) but it will also make your request more secure. Tinydns is needed if you want to serve the adresses of your domain(s). Basically it will be here a replacement for BIND (in fact BIND combines the dnscache & tinydns function in the same program). But tinydns is much more secure and a LOT LOT smaller (compare size of tinydns.lrp & bind.lrp :-) ) Background material here: http://leaf.sourceforge.net/devel/jnilo/dnscache6.html Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein-CD: dnscache vs. tinydns ???
- Original Message - From: "Richard Doyle" <[EMAIL PROTECTED]> > Read http://www.fefe.de/djbdns/ (note to J. Nilo: your link to > this page on http://leaf.sourceforge.net/devel/jnilo/dnscache6.html doesn't > work). Well spotted. Corrected. > More non-official djbdns stuff at http://www.lifewithdjbdns.org/ Reference added Thanks Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] dnscache Dachstein 1.0.1 "LRP Box internal IP"
Sandro Minola wrote: > hi > > Under Package configuration - dnscache there is a menu entry called "LRP box > internal IP (default: 192.168.1.254). > But if I open menu entry 1) there is not "192.168.1.254", it's "0.0.0.0". > > What's correct now? Is the menu entry description wrong or the value itself? > One must be wrong. I entered 192.168.0.254 instead of 0.0.0.0 (my subnet is > 192.168.0. not 192.168.1.) Well in my original LRP package IP is setup by default to 192.168.1.254 which is the default adress of the internal interface of the LRP box. Apparently Charles changed that in the Dachstein setup to 0.0.0.0. There must be some reason but honestly I do not see it at that point. Charles ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein-CD: dnscache startup anomaly ???
From: "Michael D. Schleif" <[EMAIL PROTECTED]> > Starting additional networking services:. > Starting svscan ... > dnscache queries allowed from 192.168 > dnscache queries allowed from 127.0.0.1 > Starting dnscache with daemontools ... > Creating cdb fro tinydns-private > Starting private DNS server listening on 127.0.0.1 with daemontools > Shutting down dnscache with daemontools ... > dnscache queries allowed from 192.168 > dnscache queries allowed from 127.0.0.1 > Starting dnscache with daemontools ... > > < bootup complete > > > > What's with dnscache start|stop|start ??? > dnscache is automatically restarted if you launch tinydns. That is to make sure that if you make any change to your tinydns data they are accounted for by dnscache. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Openssh 2.9.9p2 available
I have updated openssh packages to their latest 2.9.9p2 version. They are compiled statically against openssl-0.9.6b and dynamically against zlib-1.1.3 See: http://leaf.sourceforge.net/devel/jnilo Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: Weblet and SSHD
Le Lundi 19 Novembre 2001 20:21, vous avez écrit : > > Running your LRP program. It is great! I've setup a 2 boxes running > > ipsec and everything is working fine. I've two small problems > > though. I have installed the SSHD and WEBLET lrps. They run fine but > > both are > > > painfully slow starting. Starting a SSH session takes up to one minute > > and weblet has the same problem. I'm thinking that it is some sort of > > resolving/DNS problem. Once I'm in my SSH session using Putty is very > > fast. > > Any ideas? > > I noticed that if you're running the SSH daemon on a 486 invoked by inetd, > it's normal that it takes nearly a minute before login screen appears. On > all these 486 boxes DNS resolution works great and every windows box in the > LAN is listed in /etc/hosts and resolves (so DNS stuff shouldn't be the > reason). > On a pentium based system, it's faster, but not fast. BUT If you start the > SSH daemon STAND-ALONE, it's VERY fast, even on a 486. > Perhaps you uncommented the ssh entry in /etc/inetd.conf and SSH is now > running via inetd? > If yes, the only thing you have to do is to comment it out again. Running ssh through inetd should not add that much of a burden unless you have several connections at the same time. Have you checked the output of /var/log/auth.log ? Any error message in there ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: LEAF 2.4.14 / Shorewall 1.1.18 based distro (alpha version)
- Original Message - From: "HENRY PSENICKA" <[EMAIL PROTECTED]> > wireless tools. However, at first glance I was not able to locate the > orinoco_cs wireless drivers... are they hiding somewhere, or not included > in the collection you have built? They are provided here: http://leaf.sourceforge.net/devel/jnilo/kernel-2.4.14/modules/2.4.14/ker nel/drivers/net/wireless/ But you will need to change the kernel to: http://leaf.sourceforge.net/devel/jnilo/kernel-2.4.14/leaf_normal_2414.u px (rename it linux on your disquette) > Will this distro support all of the packages that Charles has built for > Dachstein? ... including IPSEC?? I don't know. If there is some interest around may be. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Openssh 3.0p1 available
I hope those guys at http://www.openssh.org are not going to update their version every other day :-) But well this time, you got the latest one pretty quickly... As usual check: http://leaf.sourceforge.net/devel/jnilo Older version still available at http://leaf.sourceforge.net/devel/jnilo/packages Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Openssh 3.0p1 available
From: "Charles Steinkuehler" <[EMAIL PROTECTED]> > > What mods (if any) were made when compiling these? When I compiled 2.9.9p2 > it didn't link to libz dynamically...is this something you changed, or > something on my system that's different than yours? > 1/ you have to make sure zlib is compiled as follow: ./configure -s(the -s switch will create the zlib.so.1 libraries) then make make install prefix=/ 2/ Openssh is compiled as follow: ./configure --prefix=/usr --sysconfdir=/etc/ssh make make install zlib should be then dynamically linked Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] LEAF 2.4.14 / Shorewall 1.1.18 based distro (alpha version)
Following my previous post on how to get rid of LRP kernel patches I have created a 2.4.14 base LEAF version with SHOREWALL as default firewall. Please consider this work as preliminary. All the stuff is here: http://leaf.sourceforge.net/devel/jnilo/kernel-2.4.14/ The diskimage is: http://leaf.sourceforge.net/devel/jnilo/kernel-2.4.14/leaf-2.4.14-1680.b in use the command: dd if=leaf-2.4.14-1680.bin of=/dev/fd0u1680 to move it over to a floppy If you need extra kernel modules there are in: http://leaf.sourceforge.net/devel/jnilo/kernel-2.4.14/modules/ 1/ Kernel It's plain vanilla 2.4.14. They are 3 config files and 3 corresponding UPX compressed kernel in the directory. Small & Normal correspond to Charle's Dachstein. Mini does not have any IDE/PCMCIA support. 2/ Distro This 2.4.14 version is basically derived from the new dachstein-rc2 distro. Ipchains and related stuff has been removed and replaced by iptables 1.2.4. See: http://netfilter.samba.org/ Firewall is the nice tool designed by Tom Eastep, Shorewall in it's latest 1.1.18 version See: http://www.shorewall.net/ 3/ TO-DO's (among other things) 1/ clean-up /etc/init.d/network, /etc/network.conf and /etc/ipfilter.conf to get rid of all the unecessary stuff. 2/ In the above mentioned files check the QoS and bridge stuff 3/ modify /linuxrc to copy the initial initrd.gz to tmpfs and then pivot_root from there. Will allow to adjust the size of the filesystem dynamically. Pivot_root is provided in the busybox library. 4/ allow backup of initrd.gz ??? (not really useful, to my opinion) 5/ Adjust weblet script to take care of firewall messages Any feedback/ideas/help on the 5 points mentionned and any other would be welcomed! Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: [Leaf-devel] Announcing official release of Dachstein-CD
> With a couple minor updates to root.lrp, folks booting off floppy will need > to copy the latest root.lrp to their floppy disk to get the updates. > Otherwise, just pop in the new CD and re-boot... Charles: Great job ! Any floppy image update in the pipe for my poor LRP box without CD-ROM drive... ? I know I could create it from de CD-ROM packages list but I would rather stick to an "official" image Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] dachstein floppy rc2 package compatibility
> Hello, > I'm hoping to move from e2b to Dachstein RC2 tomorrow and wanted to ask: > > - Will Jacques Nilo's dnscache, tinydns, axfdns and the daemontl.lrp > work ok with rc2 floppy ? rc2 is not readily compatible with those packages. rc3 should and the latest CD version is OK. Charles has not released the latest floppy image with the changes that were introduced in the CD version. > - Surfing through the archives I saw that there was an intention to > release Dachstein-floppy soonish (past RC2). But I can't see any > indication in the archives or on the LEAF/steinkuehler sites that this > occured. Should I wait? :-) > > - I can see from the archives there has been a lot of past discussion > about ssh (daemon, keygen, client) packages and which to use. For e2b, I > once again used Jacques' openssh packages. Is this a good idea for > Dachstein floppy ? The latest version of openssh is available on my web page. Also on Charles dachstein CD. Works without any pb on dachstein. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Announce: updated keyboard.lrp
I have updated KP Kirchdörfer keyboard.lrp package. 1/ Now provides 45 keymaps: japanese, portuguese, you name it... I have only tested the French one :-) and KPK the German one. 2/ The remove option ("/etc/init.d/keyboard remove") automatically remove unused keymaps in /usr/share/keymaps: this reduce the size of the package from 11K to 1K :-) 3/ The dumpkmap program (statically compiled against uClibc) can be downloaded from my web page. If you like your main box current keymap just run "./dumpkmap > mykey.map" and you are done. UNTESTED: please report success/failure 4/ Finally documentation is now online at http://leaf.sourceforge.net/devel/jnilo/keybd.html Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Announce keyboard.lrp
From: "Luis.F.Correia" <[EMAIL PROTECTED]> I tested J.Nilo's keyboard package and I found a small error: in lrcfg, if you go to the keyboard settings, my ae says, could not find /etc/init.d/keyboard. The file is definitely there!!1 So as a sanity check, I edited /var/lib/lrpkg/keyaboard.conf and replaced the spaces for a TAB in the first line that says: /etc/init.d/keyboard change language keyboard maps >JN: The bug your noticed has been fixed and the keyboard.lrp package should now be OK. Thks Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein features: Floppy vs CD
> I'd like to hear from anyone who's used a recent Dachstein CD release and a > previous floppy release. I'm specifically interested in how confusing (or > intuitive) you found the backup routines, and any thoughts or concerns you > might have about making the CD backup routines the 'standard issue' for all > flavors of Dachstein. > Charles: I have never used your CD-ROM version since I do not have a CD-writer here nor a CD-rom drive on my LRP box :-( So it is difficult for me to compare..; Could you give us some hints about the differences between the CD based backup script and the floppy one ? As far as the floppy one is concerned I think the two major problems are (for someone new to LEAF): a/ to understand the interaction between list and exclude.list files b/ no automatic check of available space on backup device before copying /tmp/package.lrp to the backup device (you need to do a "visual" check) A part from that I think the floppy-based backup is OK especially of you only want to save config files. But my judgment is perhaps biased by some months/years(?) of practice... Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Updated LEAF 2.4.14+ Shorewall 1.1.18
I have updated the LEAF 2.4.14 + Shorewall distro described in my previous post: http://www.geocrawler.com/archives/3/7232/2001/11/50/7129319/ everything is in http://leaf.sourceforge.net/devel/jnilo/kernel-2.4.14 The updated 1680k diskimage is called leaf-2.4.14-1680-b1.bin Changelog: 1/ TMPFS is used instead of /dev/ram /dev/ram0 is only used to boot initrd.lrp then the main filesystem is pivot_rooted to tmpfs and /dev/ram0 released. Three parameters can be introduced in the command line (but defaults should be OK in most cases): syst_size= max size of LRP filesystem (default SYSTSIZE=6M) log_size= max size of /var/log (default LOGSIZE=2M) tmp_size= max size of /tmp (default remaining available memory) Therefore ramlog.lrp is not needed anymore Everything is in /var/lib/lrpkg/root.linuxrc initrd fs umount and freeramdisk /dev/ram0 are done in /etc/init.d/rcS 2/ Initrd.lrp can be backuped as any other file The scheme goes as follow: whatever package ($INITRD) is found after initrd= is treated as a compressed minix fs. Then in lrcfg.back.script if $PACKAGE=$INITRD a new script is called that will take care of backuping this "special" file. See lrcfg.back.initrd. The max size of the uncompressed initrd.lrp package can be setup through initrd package configuration menu. The procedure is fully transparent to the user. Standard rules for including/excluding files apply. Files in /boot/modules will saved in there. 3/ Busybox updated to 0.60.2 pivot_root & mkfs.minix added 3/ Shorewall is now really 1.1.18 (was 1.1.17 by mistake in the previous release). Shorewall is setup with the two-interfaces configuration file provided by Tom and adapted to a standard LEAF distro by me. Move to the three-interface one for setting up a DMZ. 4/ There seems to be a bug in busybox umount -a which does not umount tmpfs filesystems. Until it's fixed the util-linux-2.11m version takes care of umount -a. 5/ keyboard.lrp provided in the distro. "fr.map" is default... (No, I am kidding...) Todo's: 1/ clean-up /etc/init.d/network, /etc/network.conf and /etc/ipfilter.conf to get rid of all the unecessary stuff. 2/ In the above mentioned files check the QoS and bridge stuff 3/ Adjust weblet script to take care of firewall messages Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: [Leaf-devel] Updated LEAF 2.4.14+ Shorewall 1.1.18
> 4/ There seems to be a bug in busybox umount -a which does not umount > tmpfs filesystems. Until it's fixed the util-linux-2.11m version takes > care of umount -a. > My bad. The problem was the -n switch. umount -a works perfectly well whereas umount -n -a does not. This makes sense to me since my bbox is compiled with #define BB_FEATURE_MTAB_SUPPORT commented out. So got rid of util-linux umount, restored the bbox one and changed /etc/init.d/umountfs to put umount -a instead of umount -n -a. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Using/Devping LEAF in a virtual machine
Are you looking for a Debian/slink "virtual" machine that could be run on your 2.2.15 (and over) main linux box ? Where you could have root privilege on a non root account ? Are you tired of booting floppies to test new LEAF packages ? Here is the answer: user-mode-linux http://user-mode-linux.sourceforge.net/index.html Basically your run linux within linux. A great job from Jeff Dike. Here is my piece for my fellow LEAF/LRP developpers ands users: http://leaf.sourceforge.net/devel/jnilo/uml.html Could also be useful to uml-user list afficionados ? Enjoy ! Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ez-ipupdate
> Could somebody out there with a valid development system for Dachstein > compile a copy of ez-ipupdate to be included on Charles' CD? > > Thanks, dbc. See http://leaf.sourceforge.net/devel/jnilo/packages/ez-ipupd.lrp It's 3.0.11b5 stripped to 24K It's also on Shane Boulder page at http://leaf.sourceforge.net/devel/sboulter/ but I am not sure of the version and the package is bigger (45K - not stripped) Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ssh / openssh?
> Julian Church wrote: > > > > Hi All, > > > > I use ssh to access and administer my Dachstein firewalls. (one home, one > > office). > > > > I'm a bit confused because there seem to be two versions of sshd.lrp > > available at the moment - > > > > The one I've always used is quite small, is called sshd.lrp, is available > > at ftp://ftp.linuxrouter.org/linux-router/dists/2.9.8/packages/ and is > > referenced in Steve Peck's sshd howto > > http://c0wz.steinkuehler.net/dox/sshd.txt. this is sshd 1.2.26. Only support ssh 1. Outdated > > > > > The other one is much bigger (too big for my floppy), is also called > > sshd.lrp, requires that I use libz.lrp and is part of openssh maintained by > > Jaques Nilo at http://leaf.sourceforge.net/devel/jnilo/index.html. This openssh Version 3.0p1 http://www.openssh.org > > Could someone explain the differences? Are the differences worth worrying > > about? Should I consider upgrading? > > > > You definitely want to use J. Nilo's most recent ssh package, > which I'm pretty sure is an OpenSSH implementation. You just > need a second floppy or to use CDROM for your packages. Try > Dachstein CD if you want. I can only agree with Mat Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] need pptpd.lrp
> I would like to setup a pptp server on my firewall. Where can I find the lrp > package and instructions. I was going to switch to Dachstein-CD but didn't > find this package on the list, or is this "built" into the kernel. Hi Marvin: You will find pptp stuff compiled for LRP in the following directory: http://leaf.sourceforge.net/devel/jnilo/pptp/ The pptp stuff in this directory is compiled against debian/slink There is an Eigersteinb2_pptp.exe which I did 6 months ago for someone who never gave any feedback on it. You can give it a try and let me know. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] need pptpd.lrp
> > I would like to setup a pptp server on my firewall. Where can I find > the lrp > > package and instructions. I was going to switch to Dachstein-CD but > didn't > > find this package on the list, or is this "built" into the kernel. > > Hi Marvin: > You will find pptp stuff compiled for LRP in the following directory: > http://leaf.sourceforge.net/devel/jnilo/pptp/ > The pptp stuff in this directory is compiled against debian/slink > There is an Eigersteinb2_pptp.exe which I did 6 months ago for someone > who never gave any feedback on it. You can give it a try and let me > know. > Jacques Oops I read your previous post too quickly. The stuff in the previous directory is the pptp client NOT the pptp server. I can compile that for you if your relly need it. Could you take care of the LRP packaging ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] I'll be away for a week...
I'll be away for a week till January 5th and probably won't have access to my mail during that period. Happy New Year to you all folks ! Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Multipule LRP's using VMWARE
> I was wondering someting. I have 3 lrp boxes. I have a fairly fast spare > system (dual P3x650). If I installed VMware and put six nics in a system, > could I then run 3 "virtual" copies of LRP and not have to have three boxes > sitting around? You could also use user-mode-linux to do that. Much cheaper than VMware. See my piece on "Developping and using LEAF in a virtual environment" available at http://leaf.sourceforge.net/devel/jnilo Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dach Floppy
> > After modifying the floppy (static IP, delete some > > stuff) I added libz and sshd. I boot up and after a ps > > aux, there is no sshd running. > > > > I started it manually (sshd -i) and get "Protocol > > Mismatch" and its not running. I also started it > > without the -i (sshd) and it doesn't run. > > > > I got libz and sshd (and sshkey) from the Dach CD. > > Did you make a host-key before trying to start sshd? > > Is there anything in your logs? Sshd is pretty good about logging any > problems... You can have a look at http://leaf.sourceforge.net/devel/jnilo/openssh.html Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Announcement: LEAF 2.4.16 + Shorewall 1.2.2
With the help of Eric Wolzak I have updated my LEAF 2.4.x / Shorewall based distro. Many new features are available on the floppy: a.. Kernel 2.4.16 now used. New kernel config file. Includes in particular support for PCMCIA, PPP, PPP/PPPOE, ISDN, USB and bridging b.. Use shorewall 1.2.2 allowing among many other things traffic shapping & blacklisting c.. Pump (0.8.11-3) being used as default DHCP/BOOTP client to save disk space (dhclient.lrp still OK) d.. networking script now fully debian/sid compatible. Dachstein's /etc/network.conf, /etc/ipchains.conf and /etc/init.d/network files/scripts completely removed e.. ifconfig (1.4.2) and ifupdown (0.6.4) available f.. new applets in bbox library (0.60.2) g.. new version of iproute2 (010824). tc patched to allow for HTB queuing discipline h.. bridge now available as a separate package. Provides brctl from bridge-utils (0.9.4) i.. ppp.lrp and pppoe.lrp provided in the standard distro for serial/modem and adsl/pppoe connections. pppoe.lrp provides the PPPOE 2.4.16 kernel plugin. The ppp daemon is the 2.4.1 version patched for kernel mode PPPOE available here. j.. pon, poff and plog scripts provided in ppp.lrp for ppp on demand. k.. weblet.lrp modified to handle iptable output. Do not need netstat anymore Also a user's guide is available. Check: http://leaf.sourceforge.net/devel/jnilo Enjoy! Jacques & Eric ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Announcement: LEAF 2.4.16 + Shorewall 1.2.2
From: <[EMAIL PROTECTED]> > Does USB support include networking? My brother-in-law has DSL, but the modem he got with the service is USB only, and the service uses PPPoE on top of that. Will this let me finally share his connection out to the rest of the house? USB networking should work. Obviously we have not been able to test every DSL/modem combination and we have not tested USB in particuler. But I am definitively interested to help you to setup that (send me your modem reference and some info on your ISP connection characteristics) in order to improve the documentation. > They don't want any wires run, so the plan (if this distro can do it) will be to use the USB DSL modem/PPPoE to connect, and to run the rest of the house wireless. I would have internet connectivity to all of my machines again (moved 3 months ago, and haven't been directly on the ineternet for that long --- it's killing me), and all would be well with the world. Okay, maybe not with *the* world, but *my* world would be much better. :) Wireless networking is one of my next priority. Here again beta testers are welcomed ! Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Announcement: LEAF 2.4.16 + Shorewall 1.2.2
"Dr. Richard W. Tibbs" wrote: > I would add another question: Does USB support include CDRW drives? > From what I have read in the last month from Linux documentation > project (which may be out of date w.r.t. 2.4.x) there is no USB support > at all for CDRW drives. > Is it possible that LEAF has better USB support in this regard than the > main Linux distro's? > Or has Linux 2.4 in fact taken a main step forward on USB support for > such devices? LEAF 2.4.16 is linux 2.4.16 based 2.4.16 kernel has USB support and apparently support HP CD Writer 82xx You need to have usb-storage.o available (module not available in LEAF 2.4.16 though ...) Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] LEAF 2.4.16 + Shorewall 1.2.2 and bridging
> I have been trying to set up a bridging firewall with the new LEAF 2.4.16 > image, but get error messages that indicate to me that the kernel might not > have been patched with Lennert Buytenhek's patch for iptables and bridging > in 2.4.16 (see http://bridge.sourceforge.net/downloadh.html). Can someone > confirm or deny that this is the case? Thinking about your problem something has come to my mind: Did you insmod bridge.o ? The bridge module is ** NOT ** provided in the floppy you have to download it from the 2.4.16/modules directory and declare it in the module package (I have to be more explicit in the doc about that). Most of Lennert Buytenhek's patch are included in 2.4.16 (the are now part of the kernel) But also please note that Bridging is laregely untested in this distro. So please report any problem/success/suggestion that can help other users Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Leaf 2.4.16 view firewall rules
From: "Larry Platzek" <[EMAIL PROTECTED]> > Is it just my copy view firewall rules that only has zero for packacts and > bytes fields? Are you using weblet ? What command are you using ? Any output to show ? > also when using PPP to my isp and they hang up the line after 240 minutes > that why does not persist does not work? I would have expected my system > to reconnect to the isp just like if I unplug the phone line and back in. Could we have a look at your provider or option file ? > I am doing demand dial by PPP and have idle and persist. > > Does anyone care to tell me what to out on the > "active-filter" option line so any multicast coming in on ppp0 > not to effect the idle timer? This is using PPPd 2.4.1 include with > Leaf 2.4.16. Try one of those: active-filter 'ip multicast' or active-filter 'not ip multicast' Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Leaf 2.4.16 view firewall rules
> Is it just my copy view firewall rules that only has zero for packacts and > bytes fields? Ok. So it's because you are viewing your firewall rules through weblet. When Shorewall is started, the following /etc/shorewall/start script is executed. shorewall show >/var/sh-www/data/firewall chown sh-httpd.adm /var/sh-www/data/firewall shorewall show nat >/var/sh-www/data/masq chown sh-httpd.adm /var/sh-www/data/masq the firewall & masq files are the one you see through weblet Since this is executed at the very begining of the session it is normal that you find zeros for packects and bytes fields. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] setting up tinydns.lrp
> One thing that took us quite a while was to figure out why reverse lookups > didn't work on the internal net. The way we finally got it to work was to > declare all entries in /etc/tinydns-private/root/data as PTRs. > > For example > =example1.private.network:192.168.1.1 > instead of > +example1.private.network:192.168.1.1 > > Now, my question is, is that actually correct? If so, I guess it would be a > good idea to add a reference to that to the docs (I know there's a PTR in > the sample, but since that referred to the router name, we assumed that > there was something special about that - remember, I'm surely a "DNS > newbie"). This is correct. +example1.private.network:192.168.1.1 only creates a A record =example1.private.network:192.168.1.1 creates a A and a PTR record Your PTR record shows example1.private.network as the name of 1.1.168.192.in-addr.arpa if ip is 192.168.1.1 You definitively need it for reverse DNS. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Annoucement: Openssh 3.0.2p1 available
This is a "maintenance" package. Statically compiled against libnsl and openssl-0.9.6c Dynamically against zlib 1.1.3 One more FAQ in the doc. See: http://leaf.sourceforge.net/devel/jnilo/openssh.html Jacques http://leaf.sourceforge.net/devel/jnilo ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Annoucement: Openssh 3.0.2p1 available
From: "Michael Leone" <[EMAIL PROTECTED]> > On Sat, 2002-01-26 at 15:04, Jacques Nilo wrote: > > This is a "maintenance" package. > > Statically compiled against libnsl and openssl-0.9.6c > > Dynamically against zlib 1.1.3 > > One more FAQ in the doc. See: > > http://leaf.sourceforge.net/devel/jnilo/openssh.html > > Jacques, I'm currently using OpenSSH v3.0p1. What's the best way to > upgrade, without having to remake keys? Just load the new sshd.lrp? Here is what I would suggest: Download the new sshd.lrp on a floppy disk. mount it on your firewall: mount -t msdos /dev/fd0 /mnt then extract the package cd /mnt lrpkg -i cd / umount your floppy: umount /mnt OK now you have to make a change in /etc/ssh since the entropy file has changed Removed the NEW one (rm moduli) and rename the OLD one (mv primes moduli) You have to do that otherwise I think your keys won't work any more. I have not done it myself but it is exactly what the install part of the openssh Makefile is doing. So it should work Once you have done that backup your new sshd --> it will backup your keys as well. Of course you could also scp the package to the firewall /tmp file and do the same. Let me know if it is working. It's worth a FAQ :-) Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Annoucement: Openssh 3.0.2p1 available
To extract the package one should read: lrpkg -i sshd Sorry for the typo. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Needs some help with C
Here is my problem: I am preparing a pcmcia-cs package for the next 2.4.16 ("Bering") LEAF release. The /etc/pcmcia/network script is using a ifuser utility to see if any of a list of hosts or network addresses are routed through a specified interface. This small program call netstat and I would like to modify it in order to get read of it. I would like to remove the f = popen("netstat -nr", "r"); by something like f = popen("cat /proc/net/route","r") but I am a bit lost in the processing of this file (IP in hex + tabs) Is there someone around for which this would be a 101 type of C programming exercice? Fortran is the only language I have ever practised in my life. I really feel like a dinosaur... The program is attached. gcc ifuser.c -o ifuser is enough to compile it. Thanks Jacques /*== This utility checks to see if any of a list of hosts or network addresses are routed through a specified interface. Destinations may be specified either by IP address or by name. usage: ifuser [-v] interface [target ...] The exit code is 0 if any host is using the specified interface, and 1 if the interface is not in use (just like fuser). ifuser.c 1.16 2001/08/24 12:19:20 1998/10/24: Regis "HPReg" Duchesne <[EMAIL PROTECTED]> . Added network names (/etc/networks) management . Used u_int32_t instead of u_int . Handled a malloc error The contents of this file are subject to the Mozilla Public License Version 1.1 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.mozilla.org/MPL/ Software distributed under the License is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for the specific language governing rights and limitations under the License. The initial developer of the original code is David A. Hinds <[EMAIL PROTECTED]>. Portions created by David A. Hinds are Copyright (C) 1999 David A. Hinds. All Rights Reserved. Alternatively, the contents of this file may be used under the terms of the GNU General Public License version 2 (the "GPL"), in which case the provisions of the GPL are applicable instead of the above. If you wish to allow the use of your version of this file only under the terms of the GPL and not to allow others to use your version of this file under the MPL, indicate your decision by deleting the provisions above and replace them with the notice and other provisions required by the GPL. If you do not delete the provisions above, a recipient may use your version of this file under either the MPL or the GPL. Portions created by Regis "HPReg" Duchesne are Copyright (C) 1998 Regis "HPReg" Duchesne. All Rights Reserved. ==*/ #include #include #include #include #include #include #include #include #include typedef struct route_t { u_int32_t dest, mask; int match; struct route_t *next; } route_t; /**/ static int resolv_name(char *s, u_int32_t *a) { struct in_addr addr; struct hostent *hp; struct netent *np; if (inet_aton(s, &addr)) { *a = (u_int32_t)ntohl(addr.s_addr); return 0; } np = getnetbyname(s); if (np) { *a = (u_int32_t)np->n_net; return 0; } hp = gethostbyname(s); if (hp) { *a = (u_int32_t)ntohl(*(u_int32_t *)hp->h_addr_list[0]); return 0; } return -1; } /**/ static void usage(char *s) { fprintf(stderr, "usage: %s [-v] interface [target ...]\n", s); exit(1); } int main(int argc, char *argv[]) { char *dev, s[129], dest[16], mask[16], iface[10]; route_t *r, *tbl, **tail; int i, verbose = 0, busy = 0; FILE *f; i = 1; if (argc < 2) usage(argv[0]); if (strcmp(argv[1], "-v") == 0) { verbose = 1; i++; } if ((*argv[i] == '-') || (argc < i+1)) usage(argv[0]); dev = argv[i]; i++; /* Get routing table */ f = popen("netstat -nr", "r"); if (f == NULL) { fprintf(stderr, "%s: could not get routing table: %s\n", argv[0], strerror(errno)); return 2; } do { fgets(s, 128, f); } while (!feof(f) && !isdigit(s[0])); tail = &tbl; do { r = malloc(sizeof(route_t)); if (r == NULL) { fprintf(stderr, "%s: out of memory\n", argv[0]); return 2; } sscanf(s, "%s %*s %s %*s %*s %*s %*s %s", dest, mask, iface); resolv_name(dest, &r->dest); resolv_name(mask, &r->mask); r->mat
Re: [Leaf-user] LEAF 2.4.16 + Shorewall 1.2.2 problems
> I'm trying to use the new 2.4.16; > I have a static IP address so I dont assign eth0 addr with dhcp, > I configured the file > > /etc/network/interfaces > > but I get the messages > Configuring network interfaces: route: not found > > so the IP addressess are configured correctly but without > any route information. > > any suggestion? The LEAF 2.4.16 distro is setup by default for dynamic IP's on eth0. If you are using fixed IP you must change the interface file (what you did already) but also the param file from the shorwall menu. NET_IF=eth0 NET_BCAST=set your ISP broadcast adress here NET_OPTIONS=noping,norfc1918 (remove the dhcp option) Let me know if works. If not please report problem with syslog output, interface & param files What kind of connection are you using ? (cable, ADSL ?) Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] LEAF 2.4.16 + Shorewall 1.2.2 problems
> I'm trying to use the new 2.4.16; > I have a static IP address so I dont assign eth0 addr with dhcp, > I configured the file > > /etc/network/interfaces > > but I get the messages > Configuring network interfaces: route: not found > > so the IP addressess are configured correctly but without > any route information. > > any suggestion? The LEAF 2.4.16 distro is setup by default for dynamic IP's on eth0. If you are using fixed IP you must change the interface file (what you did already) but also the param file from the shorwall menu. NET_IF=eth0 NET_BCAST=set your ISP broadcast adress here NET_OPTIONS=noping,norfc1918 (remove the dhcp option) Let me know if works. If not please report problem with syslog output, interface & param files What kind of connection are you using ? (cable, ADSL ?) Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] An ssh attack against ESb2
> At 20:42 27/01/02 -0800, Jeff Newmiller wrote: > >I don't know if there is an ssh > >v1.2.32 LRP file, but I think Jacques Nilo's OpenSSH is up to date. > > I think you're right. sshd -h tells me (amongst other things) > > sshd version OpenSSH_3.0p1 In fact the latest available Openssh LEAF package is now 3.0.2p1. Check: http://leaf.sourceforge.net/devel/jnilo Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] LEAF "Bering" beta-3 available
The LEAF 2.4.16 - beta2 distribution has been updated and now becomes LEAF "Bering" - beta3. Main features: - 2.4.16 Kernel with support for IDE, DOC, SCSI, Parport, USB, PPP, PPPoE, PPPoA, PCMCIA, ISDN, Bridging, ext2/ext3/reiserfs, IPV6, Wireless LAN, ... - Provided with latest 1.2.5 Shorewall package - New packages available: pcmcia.lrp (3.1.31), wireless.lrp and ppp-filter.lrp in the Bering package area - Winimage disk image now available for Windows users - Updated documentation Stills fit on a 1680K floppy :-) The detailed changelog is available at: http://leaf.sourceforge.net/devel/jnilo/leaffw00.html#AEN68 For the full documentation refer to: http://leaf.sourceforge.net/devel/jnilo/leaffw.html Files are available for download at: http://leaf.sourceforge.net/devel/jnilo/bering/latest/ Extra packages available at: http://leaf.sourceforge.net/devel/jnilo/bering/packages/ Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 2.4 Kernel & packet inspection?
From: "Scott Sandeman-Allen" <[EMAIL PROTECTED]> > As I review firewalling etc. I have become interested in stateful > packet filtering as well as a few other goodies offered by the 2.4 > kernel (and a few not yet offered). > > Is there any work in progress for LRP to be running packet > inspection/mangling etc. in the near future? Scott: Bering is derived from Dachstein, is Kernel 2.4 based, relies on iptable and might be an answer to your question. Check: http://leaf.sourceforge.net/devel/jnilo Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering and DOC2000
> I don't know if JN is reading this thread, but it'd be nice if the > above link would go a bit further in the "What is Bering" description. > To say it is basically an enhanced Dachstein doesn't tell the new > person what Bering is if they don't know what Dachstein is. I think > the answer would want to include something like: I am :-). It takes some time to reach Europe :-) > "Bering is a miniature Linux OS that lives entirely on a 1.68 MB diskette, > and it's purpose is to act as a router/firewall that connects two networks, > filtering the content to protect the internal network. Bering is based > upon a tried and true router/firewall called Dachstein (version rc2), created > by Charles St[ei][ie]nk[ue][eu]l[h]er, sigh. The Bering firewall uses iptables > for the firewall rules and Linux kernel 2.4.x as the base OS. Running Bering > on an old Pentium with 32 MB of RAM is like using one of those Linksys or > DLink router-firewalls, except that Bering is much more powerful, capable, > and extensible." > I'll buy that description if there is no copyright attach to it. Some news about Bering beta-4 about to be released: the initial loading of modules from boot/lib/modules now works properly ifupdown has been fixed and do not use ifconfig and route anymore (only ip) latest shorewall to be included Should be ready for testing tomorrow I would like to include in the doc two paragraphs about: Booting Bering from an hard disk Booting Bering from DOC Any volunteer ? Next on the list: ipsec Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: LEAF 2.4.14 / Shorewall 1.1.18 based distro (alpha version)
> I have begun to experiment with Bering (b3) to attempt to build a router > that can support a wireless pcmcia interface using the orinoco_cs driver. > The end product should be strictly routing with firewall ( no NAT), and an > IPSEC tunnel securing the wireless interfaces between 2 gateways. Good ! > I think I am making some progress (slowly!)... here are some of my > observations to date: > > 1. It looks like you may have a bug in the PCMCIA package or in your menu > scripts the LRCFG menu provides an option to update wireless settings, > but this opens "scsi.opts" instead of "wireless.opts". Since I didn't need > a SCSI/PCMCIA interface i tried working around it by replacing scsi.opts > with a copy of wireless.opts. As stated in the doc the pcmcia package is really experimental. The pb you mention can be easily fixed by editing the file /var/lib/lrpkg/pcmcia.conf > 2. I assume that I must manually install hermes.o, orinoco.o and > orinoco_cs.o, but it is not clear what location they should be installed in. > Please advise? In /lib/modules/pcmcia/2.4.16 > 3. It seems there may be a possible discrepancy in the PCMCIA card services > versions. Looking at daemon.log, cardmgr (v3.1.31) starts, but fails because > "no pcmcia driver in /proc/devices".However, kern.log reports Kernel > Card Services 3.1.22 launching, but failing becuase "ds: no socket drivers > loaded". You need to be sure that pcmcia_core , ds and yenta_socket are loaded. Check your parameter (sorry I do not have my test platform next to me) Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] LEAF "Bering" beta4 available
Changelog for beta4: 1/ Shorewall updated to latest 1.2.6 version 2/ ifupdown program adapted to only use ip addr and ip route commands. ifconfig removed 3/ arp program added to /sbin to have proxy-arp working with Shorewall 4/ beta2 /usr/sbin/lrcfg.back.initrd script restored. Automatic computation of INITRD_SIZE in beta3 was buggy 5/ Loading of modules stored in /boot/lib/modules right after initrd is mounted is now working properly 6/ ctar removed following a suggestion by S. Caron 7/ The pcmcia.lrp configuration list is no more broken 8/ Some clean-up in weblet.lrp 9/ Documentation updated to revision 0.3. Check: http://leaf.sourceforge.net/devel/jnilo The following files are available on the 1680K formatted LEAF "Bering" floppy: drwxr-xr-x2 root root 5632 jan 1 1970 ./ drwxr-xr-x5 root root 4096 oct 30 18:11 ../ -rwxr-xr-x1 root root 8630 feb 21 23:10 bridge.lrp* -rwxr-xr-x1 root root43772 feb 19 06:02 dhcpd.lrp* -rwxr-xr-x1 root root23814 feb 21 23:08 dnscache.lrp* -rwxr-xr-x1 root root23974 feb 21 23:07 etc.lrp* -rwxr-xr-x1 root root 409033 feb 21 23:06 initrd.lrp* -rwxr-xr-x1 root root11933 feb 21 23:07 keyboard.lrp* -r-xr-xr-x1 root root 6920 may 29 2001 ldlinux.sys* -rwxr-xr-x1 root root 470719 jan 29 22:46 linux* -rwxr-xr-x1 root root 499 feb 21 23:07 local.lrp* -rwxr-xr-x1 root root 611 nov 11 19:36 log.lrp* -rwxr-xr-x1 root root 114637 feb 21 23:07 modules.lrp* -rwxr-xr-x1 root root95710 feb 21 23:09 ppp.lrp* -rwxr-xr-x1 root root13292 feb 21 23:09 pppoe.lrp* -rwxr-xr-x1 root root24565 feb 21 23:07 pump.lrp* -rwxr-xr-x1 root root 188 feb 17 04:35 readme* -rwxr-xr-x1 root root 311730 feb 21 23:06 root.lrp* -rwxr-xr-x1 root root31423 feb 21 23:07 shorwall.lrp* -rwxr-xr-x1 root root 205 jan 16 08:39 syslinux.cfg* -rwxr-xr-x1 root root 1016 feb 17 02:44 syslinux.dpy* -rwxr-xr-x1 root root41800 feb 21 23:09 tc.lrp* -rwxr-xr-x1 root root20857 feb 21 23:08 weblet.lrp* Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: [Leaf-devel] A few sshd and tinydns issues for JN
Hi Matt I just got your mail today. I have been out of town for a week. I understand from what you say that the sshd/dnscache/tinydns documentation needs some clarification. Indeed if you have tinydns running you should not need to adjust /etc/hosts. If you could suggest direct changes to the documentation I'll happily include them. Writing doc takes time especially when you are not an English/US native. But I also think documentation is a real necessity that is why I have always tried to release one with my packages. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] openssh 3.1p1 LEAF packages available
A vulnerability has been recently found in openssh up to version 3.0.2. See the CERT annoucement at: http://www.kb.cert.org/vuls/id/408419 The LEAF openssh packages (ssh/sshd/sftp/sshkey) have been updated accordingly and are now available for download from my website. http://leaf.sourceforge.net/devel/jnilo/ The documentation has also been updated to include clarifications suggested by Matt Shalit (Thanks Matt) !) http://leaf.sourceforge.net/devel/jnilo/openssh.html Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] email processing suggestions (was: no subject)
> At 09:57 PM 3/11/02 -0600, JamesSturdevant wrote: > >I want to put together a LEAF system for a small nonprofit office. The > >system is a 486DX-100, 16MB memory with ppp and a network card, booting > >from a floppy. I have that much running now using Bering. > > > >I want to add an email service to this machine with a 500MB disk for > >storage. I will be making pakages for fetchmail and procmail to retrieve > >the email from the ISP, but I need suggestions for smtp and pop3 services. > >What programs would be best to use given the space issues of typical LEAF > >systems? James: qmail and vmailmgr could be your friends. Check http://leaf.sourceforge.net/devel/jnilo Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering compact flash image with serial console support
> I am attempting to create a Bering image with the following qualities: > > 1) boots from 4 MB compact flash connected to ide controller on Soekris net4501 (www.soekris.com) > 2) supports the National Semiconductor ethernet devices on the Soekris net4501 > 3) has console on serial port > 4) has ipsec support > > My question is this: in order to accomplish 3 and 4, I had to compile a new kernel. I did this by acquiring the bering-beta4 config file, applying the freeswan patches to a 2.4.17 source tree, and making the kernel and modules on a Debian Woody box. Is this allowed? Do I have to compile my kernel and modules on a Slink box as well as the binaries? Partly yes. The ipsec patched kernel must be compiled with Debian Woody (or better). You cannot compile a 2.4.X kernel with slink. But the ipsec programs (in pluto dir from what I remember out of my head must be compiled in debian slink since they are going to be linked against glibc 2.0). I did a try very quickly a couple of days ago and run into header problems and __bzero undefined stuff that I did not investigate further. I am planning to work on an ipsec version of Bering in the weeks to come. I did not have the time yet and will probably need some help from Charles who our ipsec gourou :-) > The kernel boots fine with serial support and all, ipsec and natsemi modules seems to work fine, but eventually, I get a kernel panic. When I try to ping machines connected to either interface, I get nothing but transmit timeouts and it seems to accelerate the process. the output of ifconfig for that interface shows: > > TX packets:3 errors:9 dropped:0 overruns:3 carrier:3 > Collisions:0 > I have only one advice to make at this stage: first have bering working with everything but ipsec. then move on to try to include ipsec. If you succeed I'll be definitively interested. Are you using the latest 1.96 version of the freeswan code ? Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering compact flash image with serial console support
> I am attempting to create a Bering image with the following qualities: > > 1) boots from 4 MB compact flash connected to ide controller on Soekris net4501 (www.soekris.com) > 2) supports the National Semiconductor ethernet devices on the Soekris net4501 > 3) has console on serial port > 4) has ipsec support > > My question is this: in order to accomplish 3 and 4, I had to compile a new kernel. I did this by acquiring the bering-beta4 config file, applying the freeswan patches to a 2.4.17 source tree, and making the kernel and modules on a Debian Woody box. Is this allowed? Do I have to compile my kernel and modules on a Slink box as well as the binaries? >JN: Partly yes. The ipsec patched kernel must be compiled with Debian Woody (or better). You cannot compile a 2.4.X kernel with slink. But the ipsec programs (in pluto dir from what I remember out of my head must be compiled in debian slink since they are going to be linked against glibc 2.0). I did a try very quickly a couple of days ago and run into header problems and __bzero undefined stuff that I did not investigate further. I am planning to work on an ipsec version of Bering in the weeks to come. I did not have the time yet and will probably need some help from Charles who our ipsec gourou :-) > The kernel boots fine with serial support and all, ipsec and natsemi modules seems to work fine, but eventually, I get a kernel panic. When I try to ping machines connected to either interface, I get nothing but transmit timeouts and it seems to accelerate the process. the output of ifconfig for that interface shows: > > TX packets:3 errors:9 dropped:0 overruns:3 carrier:3 > Collisions:0 > I have only one advice to make at this stage: first have bering working with everything but ipsec. then move on to try to include ipsec. If you succeed I'll be definitively interested. Are you using the latest 1.96 version of the freeswan code ? Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ramdisk_size query for DS 1.0.2
> I have a need to increase my syslinux.cfg ramdisk_size declaration to a > value above 65536. My DS box has 128MB physical ram, and it's currently > using 65536, but for database reasons, I'm thinking of jacking this > value to 98304. > > I did some research on the past mail archives and stumbled upon old > queries posted by other LEAF users talking about a 2.4 package called > initrd.lrp, and setting additional syslinux.cfg parameters like initrd, > and syst_size. Going thru the archives, I also came across informative > exchanges from our LEAF developers on modelling the use and packaging > of initrd (and root.lrp) for future the LRPs. > > I would like to know if how do I handle/implement this on a DS 2.2.19 > environment (if this hasn't been done yet). I really need to raise my > ram disk size to above 64M. initrd.lrp is a package that was designed for Bering in order to get rid of the original LRP patches and move on kernel 2.4.x development. Check http://leaf.sourceforge.net/devel/jnilo In this distro, you can use tmp_size=xxM, to allocate xxM of space /tmp or log_size=yyM to control max size of /var/log Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] ramdisk_size query for DS 1.0.2
> > > I would like to know if how do I handle/implement this on a DS 2.2.19 > > > environment (if this hasn't been done yet). I really need to raise my > > > ram disk size to above 64M. > > initrd.lrp is a package that was designed for Bering in order to get rid of the > > original LRP patches and move on kernel 2.4.x development. > > Check > > http://leaf.sourceforge.net/devel/jnilo > > > > In this distro, you can use tmp_size=xxM, to allocate xxM of space /tmp or > > log_size=yyM to control max size of /var/log > > Jacques > > You must use a different filesystem type than the usual minix if you want > a single filesystem of more than 64M. Jeff: Bering uses tmpfs so you do not have the 64M minix limitation. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] IP aliases, kernel 2.4 and Leaf-Bering
> > "ip addr add" works ok. I need to know in what format should > > i write it in > > network config in Bering. Anybody knows? > > Bering is following Debian. For myself, I would make the > changes in /etc/network/interfaces. > In the interface file you can use the "up" prefix . You can have something like: auto eth2 iface eth2 inet static address 192.168.1.100 netmask 24 broadcast 192.168.1.255 up ip address add 192.168.1.100/24 dev eth2 label eth2:1 Do do hesitate to use the -v flag to see what commands are executed when ifup ethx is executed: ifup -v ethx ifdown -v ethx I know I have to improve my documentation on this interface configuration. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] bering and modem dial and demand
> Hi I just installed bering and added ppp to syslinux.cfg and when it > boots up I get kernel either does not support or ppp is not installed > properly. What do I need to install to get a dialup to isp so rest of > office can get net (lan card)? > p.s. never configed intenal modem with lan card combo for linux router You have to load the ppp modules. Configure the modules.lrp package through the LEAF configuration modules and uncomment the ppp and ppp related modules for dialup connection (the template is read for that and the modules are provided in the standard distro). Then save modules.lrp and reboot. Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Bering Beta4 / ifup
> > > I tried to set up ip aliases but it does not work: > > > > >Honestly I have never tried :-) The following setup > >should work > > > >auto eth0 > >iface eth0 inet static > > address 192.168.1.254 > > masklen 24 > > gateway xx.xx.xx.xx > >up ip address add 192.168.1.254 dev eth0 label eth0:0 > > This works, but there are more problems with ipup: > > --- > auto eth0 eth0 > > iface eth0 inet static > address 192.168.1.254 > masklen 24 > gateway 212.18.9.1 > > iface eth1 inet static > address 212.18.9.2 > masklen 28 > --- > > However this won´t work. You have to put the "gateway" option in the "iface > eth1" block. > The system refuses to set a default gw if it can´t route to it (pretty > clever ;-))). > > The "ipup" package is in my opinion "to old" for 2.4.xx and iproute based > systems Well I do not know what you mean by "too old". It is the latest "sid" debian version and I adapted it to replace the ifconfig/route commands by the ip addr/ip route combo. The interface file is very flexible: you can embedded as many ip command as you what through the up/down/pre- up/pre-down prefix. My advice: use the -s flag to see what an ifup eth1 command is doing ifup -s eth1 (or ifdown -s eth1) It will show you the precise sequences of command that will be executed when starting/stopping the interface Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] IP aliases, kernel 2.4 and Leaf-Bering
> Sorry i found an answer where add routes, Good :-) > so the only one missing is where > i find "traceroute" command :) Marek: The traceroute command was removed from Bering to save space and to avoid giving access to a useful tool to hackers. At this stage my advice would be to move the traceroute program either from Bering beta3 (I think it was still there in beta3) or from Dachstein and then save root.lrp to have it in your own distro. I will package it separately for those users who need it. Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Bering Beta4 / ifup
> There are really quit nice fatures in ipupdown! > > >My advice: use the -s flag to see what an ifup eth1 > >command is doing > >ifup -s eth1 (or ifdown -s eth1) > >It will show you the precise sequences of command that > >will be executed when starting/stopping the interface. > > Sorry but this doesn´t work: > Sorry for the mistake. You should read the -v flag - for verify :-) Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering Kernel 2.4 IDE Support?
> > Is there a Bering kernel with IDE support? > I'm trying to set up Bering booting from HD > and I current linux file does nor support HD. > > Where can I get it?? Standard Bering kernel supports IDE. You need to download the 3 following modules from the module directory: ide-mod ide-disk ide-probe-mod and to load them in this order through the modules package (there is a template for that in the modules configuration file). Check the doc: http://leaf.sourceforge.net/devel/jnilo/leaffw04.html#AEN3 93 Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Are all recent ssh packages so large?
> Brian Boonstra wrote: > > Hi > > > > I note that Jacques Nilo has a nice modern pair of sshd.lrp and > > ssh.lrp on the LEAF website. I was thinking of upgrading, but I still like > > to try to get by with a single floppy, while those packages are > 300K each > > (and the binaries inside > 600K). > > > > My old versions are less than 300K for both of them put together. > > Is there anything both small and modern out there? > > > > > > Brian > > JN can speak to is better because he compiles them, > but the short answer is no. The newer openssl and > openssh programs have a lot more code in them. There > was an issue with shared libraries vs static ones > that obviously affects the size, but I can only recall > him (and David) trying to minimze the size and couldn't. > > Don't go far Brian! Come by every once in a while > and tell us funny stories about your new hobbies :) > Matt I can - alas - only confirm what Matt is saying. openssh has been getting bigger and bigger with each new release. It does not preclude to use it even if you only have one floppy drive on your LEAF box (which is my case). Check the doc: http://leaf.sourceforge.net/devel/jnilo/openssh2.html#AEN94 Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 56k modem : BERING
Jim Van Eeckhoutte wrote: > Ah oh a newbie question. How does one get a internal 56k modem to work > in bering? Ive read the howtos but none on modem. Im trying to get a > router goin to share verizon dialup for office. Right now office is > using ICS on a ME machine(very unreliable). Any response would be more > than helpful. Thank you. > The standard Bering distro provides modem dial-up support. 1/ declare the modules needed for ppp Through the LEAF configuration menu edit the modules configuration file Uncomment those modules names needed for modem connection (the template is ready) Save your file. backup modules.lrp 2/ declare ppp.lrp in syslinux.cfg ppp.lrp is provided on the floppy. Edit syslinux.cfg and add ppp to the LRP= list . save Reboot Configure your ppp setup through the LEAF configuration menu (the default is a script for a Compuserve connection). Entry 1 and 2 are the only one which need to be adhjusted to your ISP environment Check http://leaf.sourceforge.net/devel/jnilo/leaffw08.html#AEN561 Once done save ppp.lrp Good luck Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering beta4
PASI RAUHANIEMI wrote: > Hi! I added the bridge module, but backup menu 3) etc does not backup /etc/modules. >Or what?. /lib/modules/bridge.o is ok & manual insmod. > Well you have to backup modules.lrp not etc.lrp to save modules in /lib/modules. See the doc Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] re:56k modem in Bering
Jim Van Eeckhoutte wrote: > How do I check for modem functionality in Bering? http://sourceforge.net/mailarchive/forum.php?thread_id=558979&forum_id=5483 Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: Bering Beta4 / ifup
> > > The "ipup" package is in my opinion "to old" for 2.4.xx > > > and iproute based systems > > Well I do not know what you mean by "too old". It is the > > latest "sid" debian version and I adapted it to replace > > the ifconfig/route commands by the ip addr/ip route combo. > > Jacques > > Would you consider posting your modified sources for ifupdown? I'd like > to compile it under uClibc, and would be happy to post the executable if > there were any interest in such a thing. I will as soon as I will have finished with the upcoming release of Bering. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Bering Cookbook
Chad: A real thanks for your contribution. I think it will be really useful for users who have been requesting IPSEC support within Bering. May I include your mail content in a "Bering cookbook" documentation that will complement the user's guide and will gather contributions from Bering users describing specific configurations? The first release of the cookbook could contain the following contributions A Bering dialup-modem configuration (me) A pcmcia/dialup-modem emergency router (me) PPPoE setup in Bering (Eric) ISDN setup in Bering (Eric) Wireless and orinoco setup (Bob Pocius) IPSEC (Chad) I will post shortly the first two with their xml code that could be used by those interested as a template. Any other contribution are welcomed ! (bridging, setting up a dmz, ...) Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering Kernel 2.4 IDE Support?
> > and to load them in this order through the modules > > package (there is a template for that in the modules > > configuration file). Check the doc: > > http://leaf.sourceforge.net/devel/jnilo/leaffw04.html#AEN3 > > 93 > > If you need to load the modules package itself from the hard drive, I found > that you have to add these lines to the /boot/etc/modules and the modules to > the /boot/lib/modules directory. Is that not the case? Yes it is. I think this is mentionned in the doc. > If you need to do this, you have to first uncompress and mount the initrd.lrp package > > gunzip -S .lrp initrd.lrp > mount -t minix initrd /mnt -o loop > > Then you can copy the files to /mnt/boot/lib/modules and make the changes to > /mnt/boot/etc/modules. Then umount the image and recompress it. > > umount /mnt > gzip -S .lrp -n initrd > > Is there an easier way? That is just how I got it to work. There are basically two strategies if you want to boot Bering (or any LEAF variant) distro from an hard disk (be careful: you loose the security attached to a write-protected media): 1/ You make a ***msdos*** partition on your hard disk, install syslinux on it an copy all the packages you need on the hard disk. Do not unpack anything. You modify syslinux.cfg to declare the new PKGPATH to hdx and you put your ide modules in /boot/lib/modules and save this in modules.lrp (do that on a floppy distro before copying initrd.lrp to the IDE disk). linux kernel and initrd.lrp will be loaded thanks to syslinux, the ide modules will be loaded then and after that the /linuxrc script will load the other packages from the hard disk. Bering will be run from a /tmpfs fs as with a floppy distro. Your IDE disk is just another boot media where your packages are stored. 2/ You make a linux ***ext2*** partition on your hard disk and ***unpack*** all the packages you need there. This is a more "hackish" approach where you get a quasi linux distro on your disk. Not really recommended and requires some knowledge of the program structure and some tuning too. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] libz.lrp (1.1.4) for openssh available
As it was recently mentionned in the LEAF mailing lists a vulnerability has been found in the Zlib compression library (which is provided by the libz.lrp package). This package is being used by the openssh suite (ssh, sshd, scp, sftp) and is now available in it's latest secure version (1.1.4). Openssh users should update immediately. The updated LEAF package is available for download at: http://leaf.sourceforge.net/devel/jnilo Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Bering v1.0-rc1 available
Updated with a 2.4.18 linux kernel & shorewall 1.2.9. Check: http://leaf.sourceforge.net/article.php?sid=31 Enjoy Jacques & Eric http://leaf.sourceforge.net/devel/jnilo ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering v1.0-rc1 available
Lee wrote: > > > > > I downloaded bering-1680.bin (the rc1 version at the link you provided) > > and created the floppy disk under Linux, following the instructions, > > except that I was not root when I did the download. > > > > During the boot process, when it starts loading the packages, the first > > three or so load normally, then when it gets to "keyboard", it produces > > an error: > > "gunzip: invalid compressed data--length error" > > Same error appears when it tries to load "shorwall". Then "dnscache" and > > "weblet" appear to load without error, and the boot process proceeds to > > completion. > > > > I tried two different floppies, with the same result. Then I downloaded > > bering-1680.bin again, thinking my first download was bad. Same result, > > same errors. > > > > Is this because I am not root while I download? I could see why that > > would matter, but I don't know too much. > > > > I'm getting this too. I think the problem is actually with ungzipping the > Shorwall package. I tried swapping packages in and out between shorwall.lrp > and keyboard.lrp but it always comes up at the shorwall.lrp package. > > However despite this, I do get a configurable Shorwall in the lrcfg menu > system. If I make changes and back it up then the system reboots with no > gunzip problems. > > I haven't been able to test whether my system actually works yet due to a > long-standing inability to get modem dial up working on Bering (and > Dachstein) ;-) Roll on that Bering dial up cookbook! > Dear all: It appears that the Bering v1.0-rc1 image is corrupted (gzip pb with shorewall & keyboard). I was able to reproduce this downloading the image from the LEAF site. The new images should be available in the coming hour. I'll let you know Sorry for the incovenience this may has caused Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering v1.0-rc1 available
> I haven't been able to test whether my system actually works yet due to a > long-standing inability to get modem dial up working on Bering (and > Dachstein) ;-) Roll on that Bering dial up cookbook! Here you are: http://leaf.sourceforge.net/devel/jnilo/busers01.html Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Bering v1.0-rc1 disk images regenerated
The Bering v1.0-rc1 images released yesterday appeared corrupted to some users. They have been regenerated. Follow the md5sum you should get for each file: 4ebc430648ec51cd131595213e415f14 bering-1680-v1.0-rc1.bin 8efc3afc3161b8b6a653f04d4a20aa49 bering-1680-v1.0-rc1.exe Sorry for the incovenience this may have caused. Jacques http://leaf.sourceforge.net/devel/jnilo ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Bering user's guide ("the cook book")
Following a suggestion by Mike, I renamed the "cook book" to a more "civilized" term... So here are the first two contributions to this guide that will complement the installation guide already available: 1/ Serial Modem configuration 2/ PCMCIA configuration ("An dial-up emergency router with a PCMCIA Xircom combo card") There are available at: http://leaf.sourceforge.net/devel/jnilo/busers.html Next contributions under preparation: 3/ PPoE configuration (Eric) 4/ ISDN configuration (Eric) 5/ Wireless and orinoco cards (me + Bob Pocius) 6/ Compiling your own Bering kernel (me) 7/ Booting Bering from a CD-ROM (L. Correia) 8/ IPSEC and X.512 certificates (C. Carr) Docbook XML source are available for download to be used as templates (see the doc). Contributions are welcomed ! Jacques http://leaf.sourceforge.net/devel/jnilo ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Looking for advice on which package to use
> I was working with Materhorn 2.9.4 and had leaf recommended to me. The > problem is, I don't know which to use. > > I am trying to build a straight router, anything beyond that is not a > requirement. QoS and firewalling would be nice, but for now, we just need > routing. > > Here is our setup: > > We have 2 seperate internet feeds, 3 static IP's on one, 9 static IP's on > the other. We need to take these 2 feeds and route them onto 4 different > internal networks. Each internal network will be offering Web, Radius, FTP > and SSH to the outside world. > > We have a PPro 200 w/128MB and 4 Intel Pro/100+ Dual Port NIC's. The following link should help you in choosing a LEAF version: http://sourceforge.net/docman/display_doc.php? docid=8794&group_id=13751 Bering & Dachstein are probably the two options you should consider for a pure router/firewall project. Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering and loading packages from CD
> Next coming may question/suggestion regarding Bering: > > Is there any straight way to configure syslinux.cfg to load packages > from the floppy and next from ISO9660 CD ? No, not yet. But it has already been asked by many users. > My solution is to 'hard-code' FSTYPE in linuxrc to "msdos iso9660", > because in its oryginal shape it tries to mount all possible filesystems > types for devices listed in PKGPATH from syslinux.cfg and it failing > with tmpfs (which is before iso9660 at the list). By the way, what is > tmpfs ? See Charles answer + It is impossible to create a tmpfs filesystem that would be mounted at boot. That is why Bering, like Dachstein, mounts a minix filesystem ( in Bering provided by initrd.lrp) and then, within /linuxrc, creates a tmpfs, move everything there and gets rid of minix. > In DCD system it is possible to specify filesystem type in following > form: PKGPATH=device[:filesystem]... Bering does not have a CD version similar to the one provided by Charles, that is allowing some overriding files coming from a floppy. Luis Correia has completed an How-to on how creating a CD-Rom version of Bering. It will be included shortly in the Bering user's guide. I'll let you know. Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] bering v1.0-rc1: 8139cp.o: undefined "mii_ethtool_sset" symbol
> Another web page, http://kalle.csb.ki.se/pub/linux/kernel/people/jgarzik/patches/2.4.18/mii-2.4.1 8.3.patch , has a line: "+obj-$(CONFIG_8139CP) += 8139cp.o mii.o", perhaps I need mii.o? Doug. mii.o is probably your friend. try to load it before your 8139cp.o driver. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] modem in bering
> Hey guys how can I test if modem is configured and working right. I > installed USR Sporster 0431 internal and cant seem to get it to dial. I > have installed and configured all needed for ppp modem. Hi assume you have followed the (still incomplete) instructions at: http://leaf.sourceforge.net/devel/jnilo/busers01.html If your modem just does not start it probably means you have not declared the proper serial port in /etc/ppp/peers/provider Check /var/log/syslog (below serial drivers statement) to see those ports which are recognized. I hope there are some :-) Otherwise what says lsmod and ps aux after you have executed pon ? Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein CD and Intel 2021 wireless card
> > I have a dachstein cd-based router running very well. ( P133 desktop PC) > > I'm connected to the Internet through ADSL/PPPOE > > I just got a pair of Pcmcia Intel PRO/Wireless2021 cards and a PCI > adapter. > > > > I would like to put the PCMCIA card with adapter in the Dachstein box to > be > > able to surf from my laptop. > > > > is there some howto somewhere. I only found doc about true laptop/pcmcia > > stuff but nothing concerning the PCI adapter. > > Etienne: There is pcmcia documentation available for Bering in our new user's guide. It might help to setup pcmcia/wireless in Dachstein http://leaf.sourceforge.net/devel/jnilo/busers02.html Wireless is working too with the wireless tools available as a separate package. Documentation not ready yet. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering v1.0-rc1 disk images regenerated
> >The Bering v1.0-rc1 images released yesterday appeared corrupted to some users. > >They have been regenerated. > >Follow the md5sum you should get for each file: > >4ebc430648ec51cd131595213e415f14 bering-1680-v1.0-rc1.bin > >8efc3afc3161b8b6a653f04d4a20aa49 bering-1680-v1.0-rc1.exe > > > >Sorry for the incovenience this may have caused. > The regenerated images solved the gunzip problem, but it seems that the > shorwall.lrp is significantly different than that included in the > previous images. Specifically, in the "params" section (lrcfg 3,5,1), > NET_IF=ppp? instead of eth0. Also, LOCAL_IF=eth0 rather than eth1. > Oops. Restored the dial-up version of shorewall in the process :-( One should not work too late :-) OK the images have been updated again. Hopefully everything ik OK now... New md5sum: aa744fd2686811226d73b826c750d05d bering-1680-v1.0-rc1.bin 7a147e020d5a547547dface2319696b4 bering-1680-v1.0-rc1.exe Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein CD and Intel 2021 wireless card
Bonsoir Etienne > I've successfully managed to configure a bering floppy to use my pppoe > connection ( chapeau les mecs ! ! ) Good > Now, I'm trying to configure the wireless adapter but I'm "lost" > My firewall machine IS NOT a laptop. > > The Intel PRO/Wireless is in a PCI adapter. > tcic.o, yenta_socket, i82092, i82365 modules with no success > Should I realy use the PCMCIA stuff or is there other modules to use ??? Most probably Yes But what is really your card ? I do not know any Intel 2021. There is an Intel 2011 and an Intel 2011B I have no experience with those cards but Intel 2011 is supposed to worked with the orinoco drivers (check /etc/pcmcia/hermes.conf) But the Intel site also says that the Intel 2011 requires spectrum24 http://sourceforge.net/projects/spectrum24/ http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Linux.Wireless.drivers.htm l#Spectrum24t The problem with this last one is that it is not provided as a pcmcia kernel driver . It is not part of the pcmcia-cs package either. You might send a post to the spectrum list: http://sourceforge.net/forum/forum.php?forum_id=34783 It seems that the spectrum stuff does not work with the pcmcia kernel mode. Only with the pcmcia_cs approach. I am considering switching back to this approach for pcmcia support. Seems more robust than pcmcia kernel route. >From the spectrum README: Symbol Spectrum24 Linux driver Beta 5 In order to get this driver up and running you must have the pcmcia package installed. This driver was compiled against and tested with version 3.1.24 of David Hinds' pcmcia package. This driver also requires version 2.2.x or 2.4.x of the Linux kernel. I may get around to porting it backwards at some point, but with all the advantages to driver writers that the newer kernel offers, it made sense to start there. NOTE: in the 2.4.x kernel, it was tested with the kernel support for PCMCIA *off*, I'm not sure why, but there are some compatibility issues that can arise when the native kernel level support is turned on. Hope that will help. Let me know. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein CD and Intel 2021 wireless card
http://leaf.sourceforge.net/devel/jnilo - Original Message - From: "Etienne Charlier" <[EMAIL PROTECTED]> To: "Jacques Nilo" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Friday, March 22, 2002 11:53 PM Subject: Re: [Leaf-user] Dachstein CD and Intel 2021 wireless card > Hi, Jacques > > Sorry for not giving enough details about my problem > > - The card is an Intel Pro/Wireless 2011 (PCMCIA) > - I tried to put it in the Intel carrier sold for it (the card is in the PC > now) > - I added (and renamed) the pcmcia_orinoco.lrp package > - When I boot with bering rc1. I get the following error message > (retyped) > in pcmcia package config ( file 1 /etc/default/pcmcia) > I changed > PCIC=i82365 > > same behaviour > Starting PCMCIA services: > modules > Using /lib/modules/pcmcia/pcmcia_core.o > Using /lib/modules/pcmcia/i82365.o > insmod: init_module: i82365: Operation not supported by device > Using /lib/modules/pcmcia/ds.o > ds: no socket drivers loaded > insmod: init_module: ds: Operation not permitted > cardmgr. > cardmgr[828]: no pcmcia driver in /proc/devices > > I don't see any chip number on the PCI carrier to It's difficult to guest > which socket driver would work. > > I tried to put the card with the carrier in a Windows 2000 pc and when the > drivers are correctly installed, I just see an Intel Pro/Wireless 2011 LAN > PCI Card. but no PCMCIA Adapter branch in the "device manager" > > I check my laptop, It has a Rico R/RL/5C476 cardbus controller. in the > pcmcia howto, it seems to be supported but I don't kown which socket driver > to use > > Thanks in advance for your help and once more congratulations on the work > done on the leaf project > > - Original Message - > From: "Jacques Nilo" <[EMAIL PROTECTED]> > To: "Etienne Charlier" <[EMAIL PROTECTED]>; "Lee" > <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Friday, March 22, 2002 10:14 PM > Subject: Re: [Leaf-user] Dachstein CD and Intel 2021 wireless card > > > > Bonsoir Etienne > > > I've successfully managed to configure a bering floppy to use my pppoe > > > connection ( chapeau les mecs ! ! ) > > Good > > > Now, I'm trying to configure the wireless adapter but I'm "lost" > > > My firewall machine IS NOT a laptop. > > > > > > The Intel PRO/Wireless is in a PCI adapter. > > > tcic.o, yenta_socket, i82092, i82365 modules with no success > > > Should I realy use the PCMCIA stuff or is there other modules to use ??? > > Most probably Yes > > > > But what is really your card ? > > I do not know any Intel 2021. There is an Intel 2011 and an Intel 2011B > > I have no experience with those cards but > > Intel 2011 is supposed to worked with the orinoco drivers (check > > /etc/pcmcia/hermes.conf) > > But the Intel site also says that the Intel 2011 requires spectrum24 > > http://sourceforge.net/projects/spectrum24/ > > > http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Linux.Wireless.drivers. > htm > > l#Spectrum24t > > The problem with this last one is that it is not provided as a pcmcia > kernel > > driver . It is not part of the pcmcia-cs package either. > > You might send a post to the spectrum list: > > http://sourceforge.net/forum/forum.php?forum_id=34783 > > It seems that the spectrum stuff does not work with the pcmcia kernel > mode. > > Only with the pcmcia_cs approach. I am considering switching back to this > > approach for pcmcia support. Seems more robust than pcmcia kernel route. > > > > >From the spectrum README: > > > > > > Symbol Spectrum24 Linux driver Beta 5 > > > > In order to get this driver up and running you must have the pcmcia > package > > installed. This driver was compiled against and tested with version 3.1.24 > > of David Hinds' pcmcia package. > > > > This driver also requires version 2.2.x or 2.4.x of the Linux kernel. I > may > > get around to porting it backwards at some point, but with all the > > advantages to driver writers that the newer kernel offers, it made sense > to > > start there. > > > > NOTE: in the 2.4.x kernel, it was tested with the kernel support for > PCMCIA > > *off*, I'm not sure why, but there are some compatibility issues that can > > arise when the native kernel level support is turned on. > > > > > > Hope that will help. Let me know. > > > > Jacques > > > > > > > > > > > > ___ > > Leaf-user mailing list > > [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein CD and Intel 2021 wireless card
> - The card is an Intel Pro/Wireless 2011 (PCMCIA) > - I tried to put it in the Intel carrier sold for it (the card is in the PC > now) > - I added (and renamed) the pcmcia_orinoco.lrp package > - When I boot with bering rc1. I get the following error message > (retyped) > in pcmcia package config ( file 1 /etc/default/pcmcia) > I changed > PCIC=i82365 > > same behaviour > Starting PCMCIA services: > modules > Using /lib/modules/pcmcia/pcmcia_core.o > Using /lib/modules/pcmcia/i82365.o > insmod: init_module: i82365: Operation not supported by device > Using /lib/modules/pcmcia/ds.o > ds: no socket drivers loaded > insmod: init_module: ds: Operation not permitted > cardmgr. > cardmgr[828]: no pcmcia driver in /proc/devices > > I don't see any chip number on the PCI carrier to It's difficult to guest > which socket driver would work. > > I tried to put the card with the carrier in a Windows 2000 pc and when the > drivers are correctly installed, I just see an Intel Pro/Wireless 2011 LAN > PCI Card. but no PCMCIA Adapter branch in the "device manager" > > I check my laptop, It has a Rico R/RL/5C476 cardbus controller. in the > pcmcia howto, it seems to be supported but I don't kown which socket driver > to use > > Thanks in advance for your help and once more congratulations on the work > done on the leaf project > > - Original Message - > From: "Jacques Nilo" <[EMAIL PROTECTED]> > To: "Etienne Charlier" <[EMAIL PROTECTED]>; "Lee" > <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Friday, March 22, 2002 10:14 PM > Subject: Re: [Leaf-user] Dachstein CD and Intel 2021 wireless card > > > > Bonsoir Etienne > > > I've successfully managed to configure a bering floppy to use my pppoe > > > connection ( chapeau les mecs ! ! ) > > Good > > > Now, I'm trying to configure the wireless adapter but I'm "lost" > > > My firewall machine IS NOT a laptop. > > > > > > The Intel PRO/Wireless is in a PCI adapter. > > > tcic.o, yenta_socket, i82092, i82365 modules with no success > > > Should I realy use the PCMCIA stuff or is there other modules to use ??? > > Most probably Yes > > > > But what is really your card ? > > I do not know any Intel 2021. There is an Intel 2011 and an Intel 2011B > > I have no experience with those cards but > > Intel 2011 is supposed to worked with the orinoco drivers (check > > /etc/pcmcia/hermes.conf) > > But the Intel site also says that the Intel 2011 requires spectrum24 > > http://sourceforge.net/projects/spectrum24/ > > > http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Linux.Wireless.drivers. > htm > > l#Spectrum24t > > The problem with this last one is that it is not provided as a pcmcia > kernel > > driver . It is not part of the pcmcia-cs package either. > > You might send a post to the spectrum list: > > http://sourceforge.net/forum/forum.php?forum_id=34783 > > It seems that the spectrum stuff does not work with the pcmcia kernel > mode. > > Only with the pcmcia_cs approach. I am considering switching back to this > > approach for pcmcia support. Seems more robust than pcmcia kernel route. > > > > >From the spectrum README: > > > > > > Symbol Spectrum24 Linux driver Beta 5 > > > > In order to get this driver up and running you must have the pcmcia > package > > installed. This driver was compiled against and tested with version 3.1.24 > > of David Hinds' pcmcia package. > > > > This driver also requires version 2.2.x or 2.4.x of the Linux kernel. I > may > > get around to porting it backwards at some point, but with all the > > advantages to driver writers that the newer kernel offers, it made sense > to > > start there. > > > > NOTE: in the 2.4.x kernel, it was tested with the kernel support for > PCMCIA > > *off*, I'm not sure why, but there are some compatibility issues that can > > arise when the native kernel level support is turned on. > > > > > > Hope that will help. Let me know. > > > > Jacques > > > > > > > > > > > > ___ > > Leaf-user mailing list > > [EMAIL PROTECTED] > > https://lists.sourceforge.net/lists/listinfo/leaf-user > > > > > ___ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Dachstein CD and Intel 2021 wireless card
Sorry for previous answer which were sent empty by mistake :-) > - The card is an Intel Pro/Wireless 2011 (PCMCIA) > - I tried to put it in the Intel carrier sold for it (the card is in the PC > now) > - I added (and renamed) the pcmcia_orinoco.lrp package > - When I boot with bering rc1. I get the following error message > (retyped) > in pcmcia package config ( file 1 /etc/default/pcmcia) > I changed > PCIC=i82365 > > same behaviour > Starting PCMCIA services: > modules > Using /lib/modules/pcmcia/pcmcia_core.o > Using /lib/modules/pcmcia/i82365.o > insmod: init_module: i82365: Operation not supported by device > Using /lib/modules/pcmcia/ds.o > ds: no socket drivers loaded > insmod: init_module: ds: Operation not permitted > cardmgr. > cardmgr[828]: no pcmcia driver in /proc/devices > > I don't see any chip number on the PCI carrier to It's difficult to guest > which socket driver would work. It could be a PCMCIA kernel related problem. I will send you off list a new kernel without PCMCIA support and the corresponding pcmcia.lrp package. If it works like that it will be a good indication to remove pcmcia support from kernel and get it through pcmcia_cs. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Switching off LCD backlight on laptop
> I'm using Bering (great package !) on a Hewlett-Packard Omnibook 3000 I have > dedicated to protect my home network. > Almost everything is working smoothly except three points: > > - I have to start by-hand dnscache (/etc/init.d/dnscache start) and I don't > know why. No error message in logs, and the link in /etc/rc2.d is present. That is really strange. What is the config ? How does /var/log/syslog looks like ? > - I'm confused with PPP and PPPoE. > In fact I want PPPoE to start at boot time but this is PPP (chap) which > starts and fails miserably and PPPoE is not launched. pppoe is a just a plug-in to ppp + a special /etc/ppp/peers/adsl-provider script. So it is ppp that will "launch" pppoe. Adjust the adsl-provider file > - How to switch off the backlight of the LCD screen when the laptop if left > unattented for a while ? > I've setup the BIOS to switch off the screen after 5 minutes. That's works, > the screen is blanked but the backlight remains on... Honestlty I do not know. APM is not supported by Bering. I am not too sure what would do APM on a router ? Any ideas/experience from the list ? > And again, this Bering package is really great, all of that on a floppy Merci Il y a meme un support en français (offlist - of course) Cheers Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Switching off LCD backlight on laptop
Concerning "dnscache" I have no clue of what's going on. No message in any log file. In fact I have to do a "dnscache restart" because, it seems that dnscache is actually launched at startup but exit prematuraly leaving the dsncache.pid lock file. My config is: Omnibook 3000 Pentium 233, 144MB RAM One Xircom CEM56 Ethernet/Modem (eth0+ttyS03 - modules xirc2ps_cs and serial_cs) One 3Com 3C589C PCMCIA card (eth1 - module 3c589_cs)) No HDD (was dead) >JN: I see what the problem is with dnscache. Your internal interface to which dnscache is listening (eth1 at IP 192.168.1.254) is not available when dnscache is started at boot by /etc/init.d/dnscache because your eth1 is activated (slowly) by pcmcia. So the answer to your problem is in fact in the pcmcia section of the user's guide: http://leaf.sourceforge.net/devel/jnilo/busers02.html#AEN180 Read the doc, mon ami :-) eth0 is my external LAN (10.0.0.*) , eth1 is the internal one (192.168.1.*). And I'm using ADSL (Netissimo) via eth0 (ppp0). >JN: AH ! I am interested in that. In am on the cable here :-) How went the setup for Netissimo ? Did you change anything to the ppp/pppoe config files ? Bye Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Switching off LCD backlight on laptop
Christian HOSTELET wrote: > > syslog.0:Mar 23 04:35:36 firewall pppd[1715]: Cannot determine ethernet > address for proxy ARP << If you remove the proxyarp statement in /etc/ppp/options it might take of this. Just a guess. Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] bering beta4 & weblet (changed internal ip)
> 1)I am testing a bering beta4 firewall. Everything works fine except > for weblet. Which I can't seem to access. I did change the internal ip I would strongly encourage you to move to v1.0-rc1. The beta4 has some bugs in backing up packages which are, among other things, fixed in v1.0-rc1. See Changelog. I'll leave your weblet question to Eric and/or the list. I am not the expert for weblet :-) > > 2) What would be the cleanest way to add iptable commands to the bering boot > process? Definitly in the /etc/interfaces file. Use: up ip addr whatever or pre-up ip route blabla (or the down post-down commands) to be but in the appropriate interface section. Check the doc at: http://leaf.sourceforge.net/devel/jnilo/leaffw06.html#AEN4 55 Jacques -- Profitez de l'offre spéciale Tiscali Liberty Surf ! 50% de temps en plus pendant 3 mois sur tous les forfaits Internet. http://register.libertysurf.fr/subscribe_fr/signup.php3 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Bering with SSH and TinyDNS
> Has anyone managed to make a 1.68M Bering floppy image with SSH and > TinyDNS? This was possible under Eigerstein. It will be very hard. sshd.lrp is about 312K You can try to remove those modules and packages you do not need. http://leaf.sourceforge.net/devel/jnilo/leaffw01.html#AEN197 tc ppp pppoe keyboard bridge dhcpd pump are potential candidates + remove whatever is unecessary in /lib/modules 2nd solution (if you only have a single floppy drive) Make 2 copies of the same Bering floppy On the first one just keep the following 4 files: syslinux.cfg and dpy, linux, initrd.lrp edit the syslinux and add diskwait=yes after PKGPATH=/dev/fd0u1680 On the second one (same format !) just keep whatever other packages you need. You will just keep the *.lrp files here You have 800K left from the previous operation ! You will keep this second disquette in the floppy drive if you need to backup. You generally never need to backup initrd.lrp hope that can help Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: Bering with SSH and TinyDNS
>I'm less lucky than you, because having a laptop I need pcmcia stuff as > well as ppp/pppoe and I was unable to have sshd coexisted on the same > floppy. Christian: How much space do you need to fit sshd ? Which packages are you trying to load ? Some tips: Have you removed uneeded modules ? Have you stripped the keyboard.lrp packages ? (can be reduced to 1K see the doc) Have you think about a 1743K formatted floppy ? Have you think about a replacement for weblet ? There is a smaller package available around (I just forgot the name. Eric has a version which supports Bering) Jacques ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user