[Leaf-user] Daemontools package backup
i am using J.Nilo's package with LRP 2.9.8. everything works great, i can add a new service to be monitored by simply adding a symbol link in /service to the directory where my ./run file is included... however i cannot backup any new symbolic links that i create to run the services. a look at the daemontl.list shows: [snip] usr/bin/tai64nlocal service ^^^ etc/init.d/svscan var/lib/lrpkg/daemontl.* [snip] and at the daemontl.exclude.list: service/* does this mean that the links in service are not backed up with this package? if yes, then how can i backup any new links? thanks in advance kiril ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Init CPU usage
hello list i am using lrp 2.9.8 as a base for a thin server. following peculiarity attracted my attention: the init process is very active (ps aux shows about 15 times the cpu usage of an idling ftp server) for about 10 minutes after boot up. after that, init uses virtually no cpu (as one would expect). could this be a hint of some misconfiguration somewhere? i use proftpd, thttpd, qmail, vpopmail, procmail, sshd, most supervised by daemontools. everything works perfectly, except that it makes no sense to me why init is so active so long after boot up. any hints will be appreciated :-) kiril btw, if someone needs vpopmail or procmail compiled for lrp - i should be able to make .lrp out of the binaries. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] How not to log a deny'ed packet/ip address
hello lynn it is the option -l which is responsible for the logging. you can redefine a rule like this: ipchains -R input 7 -s 10.0.0.0/8 -j DENY this replaces rule nr. 7 on the input chain. (rule nr. 7 was _my_ rule to deny traffic from 10.0.0.0/8 and log it, i used the above command to replace it.) you can of course decide to be more concious then me and log everything else but your rogue server. in this case you would have to insert a more specific rule ipchains -I input 6 -s 10.1.1.2/32 -j DENY which will silently deny the traffic from that specific server before the more general rule denies it and loggs it. it is impossible to determine the exact commands you would have to issue on your system (i do not use dachstein, so rules 10, 12 and 41 mean nothing to me). generally you should be able to use the same syntax that generated your rules in the first place, just avoiding -l. it is the IPCHAINS-HOWTO (http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO-4.html) where more information can be found. there is also a great quick reference: http://users.owt.com/msensney/lrp/ipchains-quickref.pdf >I've got a rogue 10.x.x.x/32 server polling my Dachstein firewall >twice every 16 seconds for a dhcp server and a port 80 scan every >2 minutes. I can't find any info in the archives and sites about >"dropping" (not logging) these packets when they are deny'ed. >The packets (webtrash) I am looking to stop logging are being >denied by rules 10, 12, and 41. What is the syntax or change >I need to make to quit logging these. > >Other than this, Dachstein is perfect, already surviving two DoS >attacks without a reboot to date. > >Thanks all, >Lynn Avants >[EMAIL PROTECTED] > >-- >if linux isn't the answer, you've got the wrong question > >___ >Leaf-user mailing list >[EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] established connections after client has disconnected
hello list i run an old version from charles steinkuehler (thank you, charles) on my gateway/firewall - works perfectly. there are a couple of servers masqueraded behind it to which specific ports are forwarded to. following problem occurs: host A from the outside connects to a service on the masqueraded server; host A disconnects (power off, programm shutdown, network failure) ; the masqueraded server keeps the connection - netstat says the connection is ESTABLISHED (as opposed to being FIN_WAIT2). is it possible that the firewall is blocking some sort of tcp or icmp communication that prevents such connections from being quickly identified as "not functional"? eventually these connections do get closed, but this takes time. are there some parameters to tune? i do not know the internals of the tcp/ip protocol well enough... maybe it is something really simple. hints are greatly appreciated. ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] FTP Server - Change default ports
running a server behind a firewall on a different port requires a setup on the ftp server: following settings (for proftpd) are relevant: Port21 - change this to reflect your preferences MasqueradeAddress your firewall's ip address or domain name PassivePortsfromport toport the last two are needed to make passive mode work (people with firewalls will like you for doing this). check if your version supports these directives. you will have to port-forward your port of choice for the ftp server and the range of passive ports as well as the ftp-data port (20) to the masqueraded host. you will have to make sure your firewall accepts connections on these ports. how to do this is specific to your distribution / firewall. since i do not restart often, i just use a little script that does the port forwarding and have actually forgotten how to configure my router. ip_masq_ftp is not relevant to the question of running a masqueraded ftp-server. i am not sure however what to do with the ftp-data port if 2 or more ftp servers run on different ports. i did consult ftp.echogent.com/docs/FTP_and_Firewalls.pdf (very good reading, btw.) -Ursprüngliche Nachricht- Von: Simon Bolduc <[EMAIL PROTECTED]> An: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Datum: Mittwoch, 12. Dezember 2001 19:31 Betreff: [Leaf-user] FTP Server - Change default ports >Hey All, > > I'm running an FTP server behind my Dachstein 1.01 router, and rather than >have hundreds of scanners hitting my FTP server on port 21 and try and hack >an account I'd like to move it to a different and much higher port number >(above 1024 if possible). I've checked on google but not found anything >that works. Most related articles refer to changing the ip_masq_ftp line to >read: > >ip_masq_ftp ports=port#,port# > >this doesn't seem to work - and logging into port 21 still works. I am >running Seawall 4.1.1 if that makes any difference. Any and all help is >appreciated. > >S > > > >_ >Send and receive Hotmail on your mobile device: http://mobile.msn.com > > >___ >Leaf-user mailing list >[EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Client for MyDynDNS Custom DNS
have a look at http://hn.org. it does the same (use any domain name for dynamic domain) and is free and works with ez-ipupdate. -Ursprüngliche Nachricht- Von: Todd Pearsall <[EMAIL PROTECTED]> An: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Datum: Mittwoch, 9. Januar 2002 03:15 Betreff: [Leaf-user] Client for MyDynDNS Custom DNS >Does anyone know of a dynamic dns client for LRP that works with >dyndns.org's "MyDynDNS Custom DNS" service? It's the $30 service that lets >you use any domain as a dynamic domain, not just their predefined ones. > >I have ez-ipupdate and it works fine for the normal dynamic DNS, but not the >custom DNS service. Appaently only a few of the clients support it. One is >ipcheck, but I can't find an lrp package for it. > >Anyone have any experience with this or ideas? > >Thanks, >Todd > > >___ >Leaf-user mailing list >[EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: hn.org and domain names
if you want to map ronin-tech.com to your machine with hn.org you need to do two things: 1) create a vanity account (hard nowadays, because hn is at the limit of its resources, but not impossible) - lets call it rt-vanity. once you have updated your ip with hn.org (there is a web page for this, a protocol description and iz-ipupdate.lrp package), rt-vanity.hn.org will map to your machine - you can test at this point. if 24.*.*.* is your ip address, than this part is working. 2) create a virtual domain account with hn.org and enter your ronin-tech.com domain. after you have updated your nameservers (this step you have done apparently), you must have your domain verified. only after your domain is verified (there were some problems with verification) can you insert ns-records to manage your domain. since you are doing a dynamic address mapping then you must add them according to the following schema: Example to map www.ronin-tech.com to a dynamic ip 24.*.*.*: Assuming rt-vanity.hn.org is a vanity account that maps to 24.*.*.* and gets updated regularly to reflect ip address changes: Rec FQDN - www.ronin-tech.com Rec Type - A Rec Value - rt-vanity.hn.org DynDNS - 1 The one you enter here causes the record value to be the numerical ip address of the rt-vanity.hn.org (which is what your machine listens at). once you have one of these, you can always add CNAME records pointing to the ronin-tech.com record - this is what i do. you probably can also add more A records with DynDNS value 1. i have no idea what hn would prefer performancewise. after you are done, you can see if www.ronin-tech.com resolves to your machine. it takes a couple of minutes, then you can ping www.ronin-tech.com (on a winntserver it takes much longer than i am willing to wait so i usually reboot the machine) and see how it resolves. depending on your firewall configuration you may or may not be able to see your site in your browser. test from outside. the documentation on hn.org is somewhat cryptic, but it is there. hope this helps, kiril -Ursprüngliche Nachricht- Von: Erich Titl <[EMAIL PROTECTED]> An: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Datum: Mittwoch, 30. Januar 2002 08:37 Betreff: [Leaf-user] Re: hn.org and domain names >Hi Paul > >At 20:58 29.01.2002 -0800, you wrote: > >>Message: 5 >>From: "Paul Rimmer" <[EMAIL PROTECTED]> >>To: <[EMAIL PROTECTED]> >>Date: Tue, 29 Jan 2002 17:58:16 -0700 >>Subject: [Leaf-user] hn.org and domain names >> >>This is a bit off topic but I'm desperate for some help. I finally >>purchased a domain name through godaddy.com, ronin-tech.com (recommended at >>hn.org). I then created a vanity and virtual domain mapping acount at >>hn.org. hn.org gave me delegated servers which I entered at godaddy.com >>(ns1.hn.org and aux1.hn.org). When I log into my account at godaddy it >>shows these two machines as the name servers. >> >>I am hoping to use HN's services to map my domain to my dynamic ip-address >>(see http://hn.org/www/overview/virtual/). > > >If I understand that correctly then they only provide vanity dynamic dns >which means your ronin-tech.com entry would need to be spelled something like > >bash-2.03$ nslookup ronin-tech.hn.org >Server: sunix >Address: 10.10.0.10 > >Non-authoritative answer: >Name:ronin-tech.hn.org >Address: 24.67.74.14 > >Maybe that is what you are looking for. > >Ror REAL dynamic DNS you may have a look at zoneedit.com. They provide >dynamic DNS with your real domain name. > >regards > >Erich > > >___ >Leaf-user mailing list >[EMAIL PROTECTED] >https://lists.sourceforge.net/lists/listinfo/leaf-user > ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[leaf-user] Detecting Disconnected Network
My ISP sometimes has short network outages (2-3 minutes). After such an outage, I have to manually restart networking to get my router back online. Is there a simple and reliable way to test the status of a connection? a script that can runs constantly, supervised by daemontools, and restarts networking after some waiting period is what i am looking for. ping somehow does not work best. the host that i am trying to ping could go offline, dns could fail and constantly pinging some other host seems not particularly friendly to me. i tried also ip addr show | grep eth0 | grep inet, but this also did not really work out, because routing could fail. one could always test all conditions, but before i do this, i would like to ask the list if there is a more elegant way. regards, kiril ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Detecting Disconnected Network
... and now also to the list (forgetting to hit reply to all is frustrating...) hello ray! your assumptions were correct, here are the details: a cable modem on eth0; my provider gives out a dynamic ip address (which rarely changes); dhcp is handled by pump; lease is renewed once per hour; if i get a new address, a short script updates dns; problems are actually really rare (or rather those problems that do not resolve on their own): pump died once (after about 60 days uptime) - but there is not much to be done here, apart from restarting; two times service was interupted at about 4:00 am; in such a case the host ends up with a eth0 up, but without an ip address for eth0. default route is also not available. restarting the network solves connectivity issues; very, very rarely i have to reset the modem itself (maybe less then 1 time within last year) to get back online. i have no clue as to why this might happen. a search on the internet gave me this hint: if a dhcp server goes down, pump will bring the interface down even if the router works - maybe my isp is doing some maintenance on his dhcp server; maybe my cable modem gets reset due to some kind of maintenance; maybe sometimes the network just needs to go down, just to make sure there is still someone to bring it up... ... really, no idea... my last version of the script for pinging hosts follows. if there is a more elegant and reliable way to react in such rare situations, i will be glad to hear it. regards, kiril #!bin/bash PING_REMOTE_HOSTS="host1.com host2.com host3.com" for HOST in $PING_REMOTE_HOSTS do UP=0 while [ $UP -eq 0 ] do sleep 120 ping $HOST -qc 1 >/dev/null 2>&1 UP=$? done echo "$HOST is down, trying next host..." done echo "network is down. restarting..." /etc/init.d/network reload sleep 60 -Ursprüngliche Nachricht- Von: Ray Olszewski <[EMAIL PROTECTED]> An: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Datum: Montag, 27. Mai 2002 23:25 Betreff: Re: [leaf-user] Detecting Disconnected Network >At 10:16 PM 5/27/02 +0200, Kiril wrote: >>My ISP sometimes has short network outages (2-3 minutes). After such an >>outage, I have to manually restart networking to get my router back online. >> >>Is there a simple and reliable way to test the status of a connection? a >>script that can runs constantly, supervised by daemontools, and restarts >>networking after some waiting period is what i am looking for > >Assuming we are talking about a connection handled by an external device >(e.g., a cable or DSL "modem" that connects to the LEAF router via an eth* >interface, and NOT a ppp connection over a dialup modem), the only real way >to see if the remote network is working is to try to make it do something. >A ping is the lightest weight "something" there is. A one-per-minute ping >to the ISP's default gateway really isn't much of a burden on it ... and >since they are the ones causing the periodic interruptions, surely they >can't with any sincerity claim your behavior to be "unfriendly". And its' a >good host to pick for another reason too -- if it does go offline, that act >cuts off your access to the Internet, so you won't be detecting a false >failure. > > >>ping somehow does not work best. the host that i am trying to ping could go >>offline, dns could fail and constantly pinging some other host seems not >>particularly friendly to me. >> >>i tried also ip addr show | grep eth0 | grep inet, but this also did not >>really work out, because routing could fail. > > >In any case, a failure at the ISP end won't cause your routing table to be >rewritten, unless you are using a system that gets a new DHCP lease every >few minutes. > >>one could always test all conditions, but before i do this, i would like to >>ask the list if there is a more elegant way. > >Really, it depends on what the local symptoms of these brief connectivity >failures are. I've been making some assumptions about that in my response, >but a better approach is for you to characterize the failures a bit more >exactly. > > >-- >---"Never tell me the >odds!"-- >Ray Olszewski -- Han Solo >Palo Alto, California, USA [EMAIL PROTECTED] >--- > > >___ > >Don't miss the 2002 Sprint PCS Application Developer's Conference >August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm > >---
Re: [leaf-user] Detecting Disconnected Network
hi erich your version has the advantage that the hosts are rotated, so i can poll much faster. initially i just wanted to ping one host and keep the others as a reserve in case the first went offline. however this delays recovery, as the following log shows: 8 minutes before network was up again. so this brings up the next question, which is how to find reasonable delays before restarting the network and waiting for the network to go up before restarting it again. thanks to all, kiril [root@bay network]# cat current | tai64nlocal 2002-05-28 18:59:03.520783500 starting connection monitor... 2002-05-30 15:15:34.888502500 www.bol.de is down, trying next host... 2002-05-30 15:17:34.918443500 www.db24.de is down, trying next host... 2002-05-30 15:19:34.948508500 www.redhat.com is down, trying next host... 2002-05-30 15:21:34.978430500 www.linux.org is down, trying next host... 2002-05-30 15:23:35.008522500 www.ibiblio.org is down, trying next host... 2002-05-30 15:23:35.029444500 network is down. restarting... 2002-05-30 15:23:36.652992500 Setting network parameters: [ OK ] 2002-05-30 15:23:36.851080500 Bringing up interface lo: [ OK ] 2002-05-30 15:23:37.756420500 Bringing up interface eth0: [ OK ] 2002-05-30 15:24:43.112993500 starting connection monitor... -Ursprüngliche Nachricht- Von: Erich Titl <[EMAIL PROTECTED]> An: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Datum: Mittwoch, 29. Mai 2002 15:41 Betreff: Re: [leaf-user] Detecting Disconnected Network Hi Kiril If I read your script correctly then there might be a little glitch At 18:49 28.05.2002 -0700, you wrote: >my last version of the script for pinging hosts follows. if there is a more >elegant and reliable way to react in such rare situations, i will be glad to >hear it. > >regards, > >kiril > > > >#!bin/bash >PING_REMOTE_HOSTS="host1.com host2.com host3.com" > >for HOST in $PING_REMOTE_HOSTS >do > UP=0 > while [ $UP -eq 0 ] > do > sleep 120 > ping $HOST -qc 1 >/dev/null 2>&1 > UP=$? > done > echo "$HOST is down, trying next host..." >done Once you have wasted all the hosts in your list you restart your network, although IMHO this only means that host3.com cannot be pinged. I believe you want to do something like #!bin/bash PING_REMOTE_HOSTS="host1.com host2.com host3.com" UP=0 while true do while [$UP -eq 0] do sleep 120 UP = 1 # this would break the inner loop for HOST in $PING_REMOTE_HOSTS do ping $HOST -qc 1 >/dev/null 2>&1 UP &= $?# if any ping returns 0 it is OK done done echo "network is down. restarting..." /etc/init.d/network reload sleep 60 done I have not tested this :-( Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] ftp forwarding problems...
assuming it is proftpd you are using behind your firewall, you will have to
include following two lines in your proftpd.conf
MasqueradeAddress yourhost.com
PassivePorts 4 49000
and set up a port-forwarding for all passive ports to the internal server.
you will probably not need 9000 ports though.
without these two lines your server informs clients that its ip address is
something like 192.168.1.45 (its masqueraded address) so the ftp client
tries to connect to a server at 192.168.1.45 on an arbitrary port. this
fails of course and you get a timeout.
reading the manual is always a good idea to get a more thorough
understanding of what is going on.
regards,
kiril
-Ursprüngliche Nachricht-
Von: Jeff Newmiller <[EMAIL PROTECTED]>
An: Jeff <[EMAIL PROTECTED]>
Cc: leaf-user <[EMAIL PROTECTED]>
Datum: Sonntag, 2. Juni 2002 07:34
Betreff: Re: [leaf-user] ftp forwarding problems...
>You should read ftp://ftp.echogent.com/docs/FTP_and_Firewalls.pdf because
>this is a challenging problem that requires cooperation between your
>firewall and server to solve.
>
>Depending on why you want ftp, you may find it better to use an
>alternative protocol like ssh (scp) or http.
>
>On Sat, 1 Jun 2002, Jeff wrote:
>
>> Ok, after fighting the war to get tcp forwarding working on Eigerstein
>> 3.1.0,
>> adding EXTERN_TCP_PORTS="0/0_ssh 0/0_smtp 0/0_tcp"
>> and
>> the tuple to INTERN_SERVERS="tcp_${EXTERN_IP}_ftp_192.168.2.201_ftp"
>> and uncommenting INTERN_FTP_SERVER, changing it's IP to mine,
>> INTERN_FTP_SERVER=192.168.2.201 # Internal FTP server to make available
>>
>> I finally was able to ftp connect from an external machine.
>>
>> But, after I ftp connect and log in and enter 'ls' command I get
>> 227 Entering passive Mode(192,168,2,201,172,45)
>> and it finally times out.
>> Coming from an internal machine and loggiong in as the same user does
>> not cause this error.
>>
>> Other commands. pwd, cd, etc, work fine.
>>
>> What the hell is going on?
>> What do I need to do to get ftp to work from an external source?
>> If memory serves me correct, doesn't ftp open ANOTHER port for
>> transferring the output of ls data, and do the same thing when you
>> transfer a file?
>>
>> I have been pulling what little hair I have left out over this.
>>
>> --
>> Jeff
>> [EMAIL PROTECTED]
>>
>> ___
>>
>> Don't miss the 2002 Sprint PCS Application Developer's Conference
>> August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
>>
>>
>> leaf-user mailing list: [EMAIL PROTECTED]
>> https://lists.sourceforge.net/lists/listinfo/leaf-user
>> SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
>>
>
>---
>Jeff NewmillerThe . . Go Live...
>DCN:<[EMAIL PROTECTED]>Basics: ##.#. ##.#. Live Go...
> Live: OO#.. Dead: OO#.. Playing
>Research Engineer (Solar/BatteriesO.O#. #.O#. with
>/Software/Embedded Controllers) .OO#. .OO#. rocks...2k
>---
>
>
>___
>
>Don't miss the 2002 Sprint PCS Application Developer's Conference
>August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
>
>
>leaf-user mailing list: [EMAIL PROTECTED]
>https://lists.sourceforge.net/lists/listinfo/leaf-user
>SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
>
___
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Detecting Disconnected Network
as you correctly suggest, i don't really need a waiting interval. what i really need is to ping a list of hosts every minute or so (the polling interval). if ping returns an error, then i have to check if other hosts are unreachable. i don't have to wait to do this check though. if i cannot reach those hosts, i can safely assume that i am offline and need to restart my network. if of course google, redhat and ibiblio are down at the same time, i can still be online, but this possibility is slight. maybe my modem requires some "rest period" and locks up if network is restartet too often. but then maybe not. some testing is required and in the worst case i will be wiring relays to the serial port :-) so i will rewrite my script to do the above mentioned. in case someone is interested, i can publish the result to the list. regards, kiril -Ursprüngliche Nachricht- Von: Erich Titl <[EMAIL PROTECTED]> An: Kiril <[EMAIL PROTECTED]> Datum: Freitag, 31. Mai 2002 09:42 Betreff: Re: [leaf-user] Detecting Disconnected Network Hi Kiril At 22:39 30.05.2002 +0200, you wrote: >hi erich > >your version has the advantage that the hosts are rotated, so i can poll >much faster. initially i just wanted to ping one host and keep the others as >a reserve in case the first went offline. however this delays recovery, as >the following log shows: 8 minutes before network was up again. In your version you jump from one host to the other as soon as one host is offline. This does not mean that _YOU_ are offline, it only means that you cannot ping that particular host. And then as soon as you have used up your host list, you reboot anyway, although you may perfectly well be online. Use a short interval, even no interval at all... >so this brings up the next question, which is how to find reasonable delays >before restarting the network and waiting for the network to go up before >restarting it again. You can always use more reference hosts and short delays, until you find you are reasonably satisfied with the result. It might even be sufficient to just poll your default gateway if it replies to pings. regards >thanks to all, > >kiril > >[root@bay network]# cat current | tai64nlocal >2002-05-28 18:59:03.520783500 starting connection monitor... >2002-05-30 15:15:34.888502500 www.bol.de is down, trying next host... >2002-05-30 15:17:34.918443500 www.db24.de is down, trying next host... >2002-05-30 15:19:34.948508500 www.redhat.com is down, trying next host... >2002-05-30 15:21:34.978430500 www.linux.org is down, trying next host... >2002-05-30 15:23:35.008522500 www.ibiblio.org is down, trying next host... >2002-05-30 15:23:35.029444500 network is down. restarting... >2002-05-30 15:23:36.652992500 Setting network parameters: [ OK ] >2002-05-30 15:23:36.851080500 Bringing up interface lo: [ OK ] >2002-05-30 15:23:37.756420500 Bringing up interface eth0: [ OK ] >2002-05-30 15:24:43.112993500 starting connection monitor... Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
