Re: [leaf-user] Bering1.0-stable Problem with 2.4.20 onnet4501
Steve, You might want to try the kernal and drivers Jaques compiled for the Elan hardware target. They're at: http://leaf.sourceforge.net/devel/jnilo/testing/ Ignore the busybox stuff that's in there. I had asked Jaques to recompile the 2.4.20 kernal for the Elan target specifically for use on the net4501. I haven't had a chance to try testing them yet as I got sidetracked on another project over the weekend. The Elan target addresses some kernal incompatability issues that have sprung up recently, so you should have better luck with that kernal verson on the net4501. Michael >>> "Steve Bihari" <[EMAIL PROTECTED]> 02/09/03 15:11 PM >>> Hi all, I'm getting the following kernel panic on my bering1.0_stable box with kernel 2.4.20 This is running on a Soekris net4501 . Anyone else see this? Unable to handle kernel NULL pointer dereference at virtual addr ess printing eip: *pde = Oops: CPU:0 EIP:0010:[<>]Not tainted EFLAGS: 00010286 eax: c10d3da0 ebx: c3c1f2b0 ecx: c4815860 edx: 0025 esi: c0241f08 edi: 0002 ebp: c3dde81e esp: c0241e70 ds: 0018 es: 0018 ss: 0018 Process swapper (pid: 0, stackpage=c0241000) Stack: c01e8caf c3dde81e 0025 c3c1f2b0 0002 0002 c0241ee8 c01bcf70 c0279d80 c01afef6 c0241f08 c10db800 c01bcf70 c01bcf70 c01b01a3 c0279d80 c0241f08 Call Trace:[] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] [] Code: Bad EIP value. <0>Kernel panic: Aiee, killing interrupt handler! In interrupt handler - not syncing --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering 2.4.20 kernel
Jaques (or someone with a working development environment), I'm in the middle of switching to the 2.4.20 kernel for Bering v1.0-stable but my development machine is down right now so I can't recompile the kernel at the moment. The Soekris Net4501 box needs the kernel compiled with the processor type specified at "ELAN" to fix a couple of known imcompatabilities with the elan chipset it uses (different clock frequencies and some other misc stuff). Can someone with a working development environment please recompile the 2.4.20 kernel with the necessary bering patches for the ELAN processor target and post it to sourceforge when they have the time? Thanks a bunch...Michael Bonner --- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Anyone using SBC Yahoo DSL?
If you connect a generic hub to the DSL modem, you can connect up to 5 interfaces using the static IP addresses. If you wish to utilize multiple IP addresses on a single interface then you can either use IP aliases or Proxy ARP. The DSL modem doesn't really care, SBC is just configuring it to bridge your network to theirs over the specified subnet range so how you use the /29 subnet is totally up to you and what your OS supports. Michael >>> "M Lu" <[EMAIL PROTECTED]> 12/19/02 10:26AM >>> Thanks, And I assume that you get the 5 IPs with prroxy ARP. As an alternative, can I setup IP aliases too? - Original Message - From: "Michael Bonner" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, December 19, 2002 10:12 AM Subject: Re: [leaf-user] Anyone using SBC Yahoo DSL? > You don't need any DHCP client. They assign you a static > xxx.xxx.xxx.xxx/29 block. I'm having no problems using it with a simple > Bering installation. > > >>> "M Lu" <[EMAIL PROTECTED]> 12/19/02 09:07AM >>> > Thank you Adrian for the information. > > I do not know if static IP setup is simple yet, as some ISPs give you > static > IP but you need to get them via DHCP so you still have to run some kind > of > DHCP client. > > > > --- > This SF.NET email is sponsored by: Geek Gift Procrastinating? > Get the perfect geek gift now! Before the Holidays pass you by. > T H I N K G E E K . C O M http://www.thinkgeek.com/sf/ > > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > --- This SF.NET email is sponsored by: Geek Gift Procrastinating? Get the perfect geek gift now! Before the Holidays pass you by. T H I N K G E E K . C O M http://www.thinkgeek.com/sf/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Anyone using SBC Yahoo DSL?
You don't need any DHCP client. They assign you a static xxx.xxx.xxx.xxx/29 block. I'm having no problems using it with a simple Bering installation. >>> "M Lu" <[EMAIL PROTECTED]> 12/19/02 09:07AM >>> Thank you Adrian for the information. I do not know if static IP setup is simple yet, as some ISPs give you static IP but you need to get them via DHCP so you still have to run some kind of DHCP client. --- This SF.NET email is sponsored by: Geek Gift Procrastinating? Get the perfect geek gift now! Before the Holidays pass you by. T H I N K G E E K . C O M http://www.thinkgeek.com/sf/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Can't install Bearing on IDE
Check the docs at: http://leaf.sourceforge.net/devel/jnilo/bubooting.html#AEN1119 You need to copy the ide*.o modules to the /boot/lib/modules directory and edit the /boot/etc/modules to load the modules at boot time (get to this thru the initrd package configuration menu) and then back up the initrd package. The only package loaded at this early a stage in the boot process is the initrd.lrp. You need the ide modules to be contained in that package, and to preload the ide modules after the initrd package is loaded so that the IDE interface is available for loading the additional packages. HTH...Michael >>> Hien Le <[EMAIL PROTECTED]> 12/12/02 02:04PM >>> Hi, I can't seem to get Bearing on my IDE working. Please help. Here are the steps I have done: 1. Have a stable Bearing version on a floppy disk with ide modules (ide-mod.o, ide-disk.o, ide-probe-mod.o) 2. Run lrcfg to edit modules to include all ide modules in the order above. Back-up everything except log. 3. Create a primary active partition (20 MB) on a hard drive and format it with FAT16 4. Copy the Bearing above to C: 5. At DOS prompt, syslinux -s c: 6. Edit syslinux.cfg to change all fd0u1680 to hda1. Save it. 7. Reboot Bearing boots up fine until it starts LINUXRC. At that poin, it tries to look for a floppy, but can't find it because there isn't a floppy in a floppy drive. It then fails with a "Kernel panic" error. Everything stops. Is there a different kernel that supports IDE? Am I missing anything? Please help. Thank you. --- This sf.net email is sponsored by: With Great Power, Comes Great Responsibility Learn to use your power at OSDN's High Performance Computing Channel http://hpc.devchannel.org/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Starting Shorewall before bringing up all Ethernet Interfaces
While looking at Tom's configuration files on the shorewall site, I've been intriqued by the comment in his Interfaces file that he set it up "so that I can start the firewall before bringing up my Ethernet interfaces." Is it possible to implement a similar configuration under Bering so I can bring up the firewall before enabling my loc and dmz interfaces? Any pointers, ideas, suggestions how to go about setting this up? I know the window for the interfaces being up before the firewall actually starts is small, but stilthey don't call them paranoid settings for nothing! :-) Thanks...Michael --- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] sshd doesn't want to start
Craig, As your earlier post is the key. >>When I try the "svi sshd restart" command I get: "Priviledge separation >>user sshd does not exist". Thank you for your help. As I told you earlier follow the instructions at : http://leaf.sourceforge.net/devel/jnilo/packages/openssh-3.4p1/README.txt This link tells you EXACTLY how to fix this!!! READ IT!!! Here, I'll paste the pertinent section for you : >Installation instructions for LEAF/Bering (version up to and including rc3): > >This version of sshd runs under privilege separation. A sshd user must be created. > >1/ Create a sshd user in /etc/passwd > >sh-httpd:x:50:10:shell-script web server:/var/sh-www:/bin/sh >sshd:x:51:65534::/var/run/sshd:/bin/false <--- TO BE INSERTED HERE >alias:x:70:65534:qmail alias:/var/qmail/alias:/bin/sh > >2/ Create a sshd user in /etc/shadow > >sh-httpd:*:10091:0:9:7::: >sshd:*:10091:0:9:7::: <--- TO BE INSERTED HERE >alias:*:10091:0:9:7::: > >3/ Edit /etc/inetd.conf and comment out the ssh line. The end of the file should look like: >(...) >#:OTHER: Other services >#sshstream tcp nowait root/usr/sbin/tcpd /usr/sbin/sshd -i >www stream tcp nowait sh-httpd/usr/sbin/tcpd /usr/sbin/sh-httpd >statstream tcp nowait root/usr/sbin/tcpd /usr/sbin/stat.sh > >4/ Save etc.lrp ! > >5/ If you do not want to reboot your Bering box, restart inetd: > >/etc/init.d/inetd restart You need to edit your passwd and shadow files so allow the service to start. They patched ssh to run as a non-root user because of an exploit that was discovered. This was done after RC3 was released so you have to make the correctsion (supposed to be in RC4 when it's released). And yes, you do want to leave the ssh commented out in your inetd.conf file. Please follow these instructions and your SSH should be able to start. If you've already tried these steps and they haven't worked, please say so. Michael >>> "Craig" <[EMAIL PROTECTED]> 09/04/02 04:25PM >>> Hi folks, It seems I can't ssh to my Bering box because the sshd doesn't start for some reason. I have it declared in my lrpkg.cfg file, and I see it referenced on my display when Bering boots...but apparently it's not starting. When I "ps ax | grep sshd" it just returns me to the prompt, and when I "ps ax" I don't see anything that looks like /usr/sbin/sshd ( in fact, no references to sshd at all). Any suggestions on why the sshd refuses to start? Thank you. Craig --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Multiple IP addresses to External NIC?
Yes. You can set this up in several ways within Shorewall. The following examples are from Tom Eastep's sample comfigurations files at: http://shorewall.net/myfiles.htm You can use the Masq file to configure default IP Masqerading for an entire internal subnet(s). This means that any PCs connected to this/these subnets that aren't covered by static NAT or Proxy ARP will default to using this external IP address. Masq files usually cover blocks of internal addresses dynamically assigned by DHCP on a local internal network. So on Tom's network, any PC connecting to his 192.168.1.0/24 subnet will appear to the internet as 206.124.146.176 UNLESS they're covered in one of the following two files. In Tom's configuration, the Masq file specifically covers his Wife's PC (names tarry) and his laptop (esteplaptop) when it's connected to the internal network around his house. #INTERFACE SUBNET ADDRESS eth0192.168.1.0/24 206.124.146.176 #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE The NAT file. This file allows a one for one mapping between an internal IP address (either statically assigned or dynamically assigned by DCHP to a specific MAC address) and a specific external IP address. Tom's network has two of these mappings assigned. These entries map Tom's GNU/Linus system (wookie) which has an internal IP address of 192.168.1.3 to the external IP address of 206.124.146.179, and his Windows XP system (ursa) which has an internal address of 192.168.1.5 to the external IP address of 206.124.146.178. #EXTERNAL INTERFACE INTERNALALL LOCAL 206.124.146.178 eth0192.168.1.5 No No 206.124.146.179 eth0192.168.1.3 No No #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE Finally, there's the Proxy ARP file. This file allows you to use a single External IP address on a machine that sits behind your firewall. This would generally be used (as Tom does) for a machine in a DMZ which is serving email or web pages to the public. Proxy ARP is more efficent to route than using NAT. Basically to implement Proxy ARP you configure a separate network card on your LEAF box, assign an internal network to that NIC (doesn't matter what the internal network # is, just use something private that doesn't conflict with your other internal networks (tom chose 192.168.2.0/24 and bound 192.168.2.1 to the nic for his server, and 192.168.3.0/24 with 192.168.3.1 for his wired laptop), then you plug your machine you wish to Proxy ARP into that adapter and configure your IP parameters like you were sitting on the external network (in tom's case his ISP assigned him an address range which covers 8 addresses, a /29 or 255.255.255.248 netmask, so his server is configured as 206.124.146.177/29 with a netmask of 255.255.255.248 and a broadcast address of 206.124.146.175 and a default gateway of 206.124.146.181 [I think] but even tho it's configured like it was directly connected to the DSL Modem, it is PHYSICALLY connected to his eth1 card which has the 192.168.2.1 address, the eth1 card and the server look like they're on different subnets, but you tell shorewall to use eth0 to act as a proxy for ARP requests creating a link for IP Address 206.124.146.177 on eth1 and eth0 so requests for that IP Address received on eth0 are automatically redirected to eth1).The same work for eth3 and his laptop when he uses the wired connection. His laptop gets 206.124.146.180/27 with netmask 255.255.255.248 etc and the shorewall box is instructed to forward any requests for that IP address to the eth3 NIC. #ADDRESSINTERFACE EXTERNALHAVEROUTE 206.124.146.177 eth1eth0No 206.124.146.180 eth3eth0No #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE I hope this helps you understand how to configure things a little bit better. Michael >>> "Robert Sealock" <[EMAIL PROTECTED]> 09/04/02 03:56PM >>> Is it possible to have multiple external IP on a single NIC, in a BERING RC3 firewall. I have been searching around and the best is an old reference: eth0_IP_EXTRA_ADDRESS="x.x.x.x/xx" And I am slightly confused with the shorewall configuration example where three NICs are used. thanks. rs --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering SSH set-up...SSH file???
Craig, Follow the instructions at : http://leaf.sourceforge.net/devel/jnilo/packages/openssh-3.4p1/README.txt >>> "Craig" <[EMAIL PROTECTED]> 09/04/02 12:31PM >>> Hi folks, When I try the "svi sshd restart" command I get: "Priviledge separation user sshd does not exist". Thank you for your help. Craig --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html