[leaf-user] pppoe-server on leaf-wisp (latest) success !

2003-06-06 Thread Steve Wright 
Yes!  it worked !  What a friggin mission that was !

Thanks to Lynn, Jacques, et al, and those who wrote pppoe-server.

8-)  /steve

wisprouter pppoe-server[10553]: Session 1 created for client 
00:c0:26:6a:ee:fe (10.67.15.1) on eth0 using Service-Name ''
wisprouter pppd[10553]: pppd 2.4.1 started by root, uid 0
wisprouter pppd[10553]: Using interface ppp0
wisprouter pppd[10553]: Connect: ppp0 <--> /dev/ttyp2
wisprouter pppd[10553]: Cannot determine ethernet address for proxy ARP
wisprouter pppd[10553]: local  IP address 10.0.0.1
wisprouter pppd[10553]: remote IP address 10.67.15.1

[EMAIL PROTECTED] root]# ip address list dev ppp1
4561: ppp1:  mtu 1492 qdisc pfifo_fast 
qlen 3
   link/ppp
   inet 10.67.15.2 peer 10.0.0.1/32 scope global ppp1

[EMAIL PROTECTED] root]# ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) from 10.67.15.2 : 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=0.724 ms
64 bytes from 10.0.0.1: icmp_seq=2 ttl=64 time=0.917 ms
64 bytes from 10.0.0.1: icmp_seq=3 ttl=64 time=0.853 ms
64 bytes from 10.0.0.1: icmp_seq=4 ttl=64 time=1.55 ms
--- 10.0.0.1 ping statistics ---
4 packets transmitted, 4 received, 0% loss, time 3024ms
rtt min/avg/max/mdev = 0.724/1.011/1.550/0.318 ms


---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] help: /etc/rc2.d link doesn't get saved

2003-06-07 Thread Steve Wright 
Gurus,

I put a startup link viz ;

ln -s /etc/init.d/pppoe-server /etc/rc2.d/S85pppoe-server

but on save-and-reboot, it has gone !

How do I add a startup link for runlevel 2 ?

Version is leaf-wisp-dist (latest)

TIA,
Steve
p.s.  I can't figure how to say how much I like this little distro, so 
I'd just like to say "thank you."  awesome.  P8-)



---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] network time services

2003-06-07 Thread Steve Wright 
Gurus,

two issues ;

I need a leaf router to securely get the correct time from my core server.

I would like to broadcast / make available time to the connected 
wireless subnets.

Which LRP packages ?   Docs for this ?

TIA,
Steve


---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] ipv6 and policy routing

2003-05-29 Thread Steve Wright 
Heyas All,


Anyone else out there thinking about LEAF, IPV6, bigger networks, and 
policy routing ?



cheers,
/steve


---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] adding iproute2 policy on boot

2003-06-03 Thread Steve Wright 
Gurus,

I have built a script that configures iproute2 on my LEAF box.  I tried 
placing this script in /etc/network/if-up.d/ and then backing up - which 
saves my script quite nicely.

When I "restart networking" from the menu I notice this script being run 
more than once, when ideally it should be run once on boot / 
network-restart.

What is the best way to hook this script in ?

Basically, it wget's a conf file from a private LAN, and executes it, 
loading extra addresses, routes into tables, rules etc.  The Interface 
facing the core is not touched by the script - it is set and left in the 
inital config (too many times during testing I lost contact with the 
router due to slipups.)  Only user-facing interfaces are configured.

TIA,
Steve


---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] pppoe-server

2003-06-03 Thread Steve Wright 
Does anyone have a working pppoe-server running ?

I have pppoe-server accepting connections but pppd dies and pppoe-server 
spawns another.
I am thinking it is a pppd config problem.

comments ?

TIA,
Steve


---
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] pppoe-server problems

2003-06-04 Thread Steve Wright 
  this isn't working.  What am I missing ?

# grep pppd /var/log/messages
[...]
pppd[2591]: Couldn't set tty to PPP discipline: Invalid argument
Kernel mode doesn't work.  ppp_deflate won't load.

wisprouter: -root-
# modprobe ppp_deflate
insmod: /lib/modules/2.4.20: No such file or directory
Using /modules/ppp_deflate.o
insmod: unresolved symbol zlib_deflateInit2_
insmod: unresolved symbol zlib_deflate_workspacesize
insmod: unresolved symbol zlib_deflate
insmod: unresolved symbol zlib_deflateReset
insmod: unresolved symbol zlib_deflateEnd
hmmm,

# find /modules |grep zlib

# find / |grep zlib

nuffing..

wisprouter: -root-
# lsmod |grep ppp
pppoe   7136   0 (unused)
pppox   1000   1 [pppoe]
ppp_synctty 5080   0 (unused)
ppp_generic20216   0 [pppoe pppox ppp_synctty]
slhc4640   0 [ppp_generic]
hmmm, try using the rp module instead of kernel mode..

pppd[2605]: /etc/ppp/plugins/rp-pppoe.so: undefined symbol: remote_number

grrr, that's equally broken.

  8-(

Can anyone help ?

cheers,
Steve




---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] pppoe-server problems

2003-06-05 Thread Steve Wright 
Jacques Nilo wrote:

[...] From Bering (1.1 onward) /etc/modules file:

# Modules needed for PPP connection
#slhc
#ppp_generic
#ppp_async
# The three following modules are not always needed
#zlib_inflate
#zlib_deflate
#ppp_deflate

Since kernel 2.4.20 ppp_deflate depends on zlib_inflate and deflate 
modules available here:
http://leaf.sf.net/devel/jnilo/bering/latest/modules/2.4.20/kernel/lib/
add then to /lib/modules, declare them in /etc/modules and that will 
fix your pb.

ok. all done.  smoke-test time.  8-)

h..

# lsmod |grep zlib
zlib_deflate   17600   0 [ppp_deflate]
zlib_inflate   18176   0 [ppp_deflate]
yep.

# lsmod |grep ppp
pppoe   7136   0 (unused)
pppox   1000   1 [pppoe]
ppp_deflate 2892   0 (unused)
zlib_deflate   17600   0 [ppp_deflate]
zlib_inflate   18176   0 [ppp_deflate]
ppp_async   6764   0
ppp_generic20216   0 [pppoe pppox ppp_deflate ppp_async]
slhc4640   0 [ppp_generic]
I think so...

// quick test..
# pppd
~ÿ}#À!}!}!} }8}"}&} } } } }#}$À#}%}&Êt}'}"}(}"Ìd~~ÿ}#À!}!}!} }
yep.  pppd goes.

# pppoe-server

Kick the pppoe client in the guts - and `tail -f /var/log/messages`

pppoe-server[2604]: Session 47 created for client 00:c0:26:6a:ee:fe 
(10.67.15.47) on eth0 using Service-Name ''
pppd[2604]: pppd 2.4.1 started by root, uid 0
pppd[2604]: Using interface ppp0
pppd[2604]: Connect: ppp0 <--> /dev/ttyp2
pppd[2604]: Modem hangup
pppd[2604]: Connection terminated.
pppd[2604]: Exit.
pppoe-server[2104]: Session 47 closed for client 00:c0:26:6a:ee:fe 
(10.67.15.47) on eth0
pppoe-server[2104]: Sent PADT
pppoe-server[2604]: Session 47 created for client 00:c0:26:6a:ee:fe 
(10.67.15.47) on eth0 using Service-Name ''
pppd[2604]: pppd 2.4.1 started by root, uid 0
pppd[2604]: Using interface ppp0
pppd[2604]: Connect: ppp0 <--> /dev/ttyp2
pppd[2604]: Modem hangup
pppd[2604]: Connection terminated.
pppd[2604]: Exit.
pppoe-server[2104]: Session 47 closed for client 00:c0:26:6a:ee:fe 
(10.67.15.47) on eth0

and around we go in circles again..  I gotta be missing something.

hmmm, I wonder what PtPTP is like..

comments, anyone ?

/sw







---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] pppoe-server on leaf-wisp (latest) success !

2003-06-07 Thread Steve Wright 
Francois BERGERET wrote:

Hi all friends !

What good news !
I was very busy this two last weeks, and not the time to check the rp-pppoe.lrp from 
our good friend Jacques Nilo.
Dear Steve, could you, please, send us a copy of your rp-pppoe.lrp config files to see 
exactly how to do with them and win some time
?
I don't have it packaged up for you, but here are the configs ;

here we go ;

Remember, I have a 32MB DOM, so this may not fit on a floppy leaf.

install Jacques' pppoe.lrp package.  It would not install on my 
leaf-wisp, so I copied the components of the lrp manually and then used 
the menu 'save' to save to DOM - it worked!  

Untar the package the package like this ;

mkdir temp
cd temp
tar -xvzf /pppoe.lrp
Now you need these entries in the following files ;

# /etc/ppp/options
dump
asyncmap 0
crtscts
lock
hide-password
modem
proxyarp
noipx
noauth
# cat /etc/ppp/pppoe-server-options
require-pap
lcp-echo-interval 10
lcp-echo-failure 2
In /etc/modules you need these.  Make sure all other instances of these 
modules are commented out.  If these modules are loaded in the wrong 
order it will not work.

#modules needed for pppoe-server (in this order)
slhc
ppp_generic
ppp_async
Put some users in the /etc/pap-secrets file like this ;

# cat /etc/ppp/pap-secrets
# This is a pap-secrets file
#
#papname * papsecret *
test*   test*
user*   pass*
bob* secret   *
Create this file, like this ;

cat > /etc/init.d/pppoe-server

and paste the following lines into it ;

-paste starts --

#!/bin/sh
#
#   /etc/init.d/pppoe-server: start or stop PPPoE Server.
#
RCDLINKS="0,K85 1,K85 2,S85 3,S85 5,S85 6,K85 4,K85"
#
pid=`pidof pppoe-server`

case "$1" in
 start)
 echo -n "Starting up PPPoE Server: pppoe-server"
 if [ "$pid" -gt 1 ] ; then
  echo "pppoe-server already running!"
 else
  /usr/sbin/pppoe-server
  pidof pppoe-server > /var/run/pppoe-server
  echo "."
 fi
  ;;
 stop)
 echo -n "Shutting down PPPoE Server"
 if [ "$pid" -lt 1 ]; then
echo "PPPoE Server not running."
 else
kill $pid
rm /var/run/pppoe-server
 fi
 echo "."
   ;;
 restart|force-reload)
   echo -n "Restarting PPPoE Server"
   kill $pid
   rm /var/run/pppoe-server
   sleep 1
   /usr/sbin/pppoe-server
   pidof pppoe-server > /var/run/pppoe-server
   echo "."
   ;;
 *)
 echo "Usage: /etc/init.d/pppoe-server 
{start|stop|restart|force-reload}"
 exit 1
   ;;
esac

exit 0

 paste ends --

NOW, chmod this file, like this ;

chmod 700 /etc/init.d/pppoe-server

You are done!  Now save it all.

exit
log in as root
select "save" and write it all to DOM.
reboot and test.
PLEASE look back through the discussions I have had on-list with Jacques 
and Lynn for furthur information.  If you still have difficulty ask 
onlist and I can assist.

HTH,
Steve


---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] ssh - key only - no password

2003-06-08 Thread Steve Wright 
Gurus,

I am trying to get my LEAF-WISP 2591 to ssh out, and to accept ssh 
connections and auth with key only.  The routers must be able to 
load/change/reload policy (addresses, routes, rules) on command from the 
core but this is insecure without ssh.  (I can cron a passworded wget 
off the core httpd, but not secure.)

I have read a number of HOWTOs on doing this but it still refuses.  

My question is ;

Will the ssh/sshd on 2591 do key-only (no password) auth, incoming and 
outgoing  ?

If it does, then I have a config error and I will continue working on it.

TIA, and kind regards,
Steve


---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] PPP server for Bering 1.1 ?

2003-05-21 Thread Steve Wright 
Ray Olszewski wrote:

Steve's last comment makes me think that, despite all this duscission, 
we haven't managed to clarify what PPPoE is.

PPPoE = PPP Over Ethernet. Ethernet frames are used to encapsulate PPP 
whatevers  

[]

For what Steve actually wants to do, I'd look at eithe IPSec or ssh 
tunneling. Or maybe PPTP.

Can I IPSEC to an existing interface ?  Reading material for doing this ?

thanks,
Steve


---
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Improving wireless link

2003-06-04 Thread Steve Wright 
Charles,

On the basis that there is some distance involved ;  (an assumption)

My understanding is that some of the cheaper (dlink in particular) 
wireless gear has 'timing issues' when the A/Ps are physically far apart.

In the extreme, you will have to go to a proprietry fix, viz turbocell, 
or replace the A/Ps with something a little more tolerant of distance.

802.11 was never intended to travel great distances.  Indeed it was part 
of the 802.11 specification to actually prevent (ha ha) this from 
happening - the reason for the proprietry RF connectors.

In summary, many standard 802.11 wireless cards will do great distances 
without getting flaky, but I have heard that the dlink gear is not of 
that category.  Other cards such the Orinoco PC-cards combined with 
turbocell work very well indeed at distances up to 20km, and provide 
true data rates in the order of 9MBit/sec (I am told).  I don't like the 
idea of proprietry *anything*, and I wish there was an open-source 
'turbocell'.

In answer to your question, I do not think there is a device you can put 
on the ends of a leaky hose - to make the hose not leak.

sorry.  I hope someone else has a different version to tell.  8-(

/steve



Charles Steinkuehler wrote:

I've built an IPSec VPN tunnel over a point-point wireless link using 
a couple of D-Link DWL-900AP+ boxes and some spare ports on a couple 
of installed LEAF boxes.

My problem is I'm seeing *LOTS* of packet loss, duplicate packets, 
mangled packets (especially longer packets typical of downloads and 
web browsing), and other nastiness making performance across the 
wireless link virtually unusable, despite a fair amount of bandwidth.

It seems to be fairly well known that TCP doesn't handle the bursty 
packet loss typical of wireless networks very well, having instead 
been designed for packet loss typical for congested wired networks 
(where partly garbled packets are quite rare).  I have seen a few 
proposed mechanisms that operate at layer 3, monitoring the TCP 
traffic, and "fiddling" with the TCP flow to improve TCP performance 
(by doing things like requesting re-transmissions of packets that look 
like they got dropped by the wireless link).

Now for my question:  Does anyone know of a linux implementation of 
anything like the above I could possibly get running on a LEAF box? 
Since I'm tunneling all traffic through a leaf box on each end, it 
seems like I could implement something to "transparently" deal with 
the lossy wireless hop, but since I'm kind of new to the whole 
wireless thing, I'm not sure what software I'm looking for, or if it 
even exists.

Of course I'm also looking at what options I have for increasing the 
fundamental reliability of the wireless link as well, but I'd still 
like to find something that can "tweak" TCP operation for running over 
wireless.

Thanks for any pointers,





---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] managing remote routers was: help: /etc/rc2.d link doesn't getsaved

2003-06-09 Thread Steve Wright 
Vladimir Ivaschenko wrote:



Jacques Nilo wrote:

How do I add a startup link for runlevel 2 ?

Version is leaf-wisp-dist (latest)


in the pppoe-server init script add
RCDLINKS="2,S85"
Then save the package in which pppoe-server is stored


In case of WISP-Dist, just save configuration (or run wdistbackup)


Yes, I discovered this to my delight.  8-)

In the latest version, even the contents of /root are saved - very nice 
for the developer, and almost not noticeable that it is a compact-flash 
based system.

A very nice little package.  /me bows to the developers.

btw, I am writing a few bash scripts that run on standard RedHat 7/8/9. 
My Intent is build a 'core' server that can handle a bunch of remote 
routers.

So far I have written ;

a wrapper script for ssh that does `push  <"command">`

a setup script that contacts a new router, checks name resolution etc 
etc with it, and then uploads ssh keys so the router can be commanded 
with `push` and no password.

Next I will be building more scripts to manage client connections and 
routing policy on said routers, and hopefully automate most things so I 
do not have to log on to the routers and manage everything by hand.

If anyone wants to participate, perhaps we might work together on an 
appropriate list.

regards,
Steve


---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] problems proving atmtools.lrp

2003-06-10 Thread Steve Wright 
Jose Luis Abuelo Sebio wrote:

Hi Jose,

http://leaf.sourceforge.net/devel/jnilo/testing/atmtools.lrp

 I am using this package because I am trying to use
an ATM NIC card
(ForeRunner ATM Adapter), but I am having some
problems that maybe you can help me with.
You will almost certainly need a kernel module for the specific card. 
It is unlikely that "any old module will do" for ATM adapters.

It seems that this card has the PCA200e chipset.  It is very widely used 
for Linux and indeed my RedHat system supports it out-of-the-box.

[EMAIL PROTECTED] steve]$ locate pca200
/usr/src/linux-2.4.18-3/drivers/atm/pca200e.data
/usr/src/linux-2.4.18-3/drivers/atm/pca200e_ecd.data
/usr/src/linux-2.4.18-3/drivers/atm/pca200e.bin
/home/steve/wisp-dist/kernel-2.4.20/linux-wdist/drivers/atm/pca200e.data
/home/steve/wisp-dist/kernel-2.4.20/linux-wdist/drivers/atm/pca200e_ecd.data
[EMAIL PROTECTED] steve]$
You didn't search google for it did you?  8-)  tsk tsk.  ALWAYS search 
google.. rant rant.. trails off...
http://www.google.com/search?q=ForeRunner+ATM+Adapter+kernel+module

To test, download some modules and try roughly poking them in.  Keep 
trying until one initializes the card.  You do have the card installed ay ?

1) First I install the module to control the atm Nic
called "nicstar.o"
insmod pca200e


 Another thing is that the command Ifconfig doesn´t
work (It says "ifconfig: not found"). 

Modern tools are used on LEAF.  8-)

# ip address add
# ip address list
# ip route add (mostly not required if you put /24 on the address in `ip 
address add` or you are doing something more complex.
# ip route list


Another question that I have now, because ifconfig 
doesn´t work is how I can do in the /etc/interfaces to
add the lines to configure
the atm Nic automaticly.. you know we have something
for eth0, eth1.. br0... but 
what do I have to do for the atm Nic?

Get the correct kernel module in, and see what interface appears when 
you do `ip addr ls`

2) I am using the packages vlan.lrp and bridge.lrp
too. For these packages I had
to install two modules 8021q.o for vlan.lrp and
bridge.o, Do I have to install any
extra module for atmtools.lrp?
no.  You will need to pull the atmtools.lrp apart and swap the modules 
so the package loads the pca200 module.
Yell if you don't know how to do this.



have fun.  networking is fun.  8-)

/steve



---
This SF.net email is sponsored by:  Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] problems with idt77105.o

2003-06-11 Thread Steve Wright 
Jose Luis Abuelo Sebio wrote:

 to check the module dependences and I did not find a
dependence with idt77105.o
8-)  That does not mean there is none..

but when I try to install
this module before I install nicstar.o I get this
error:
insmod idt77105.o
Using idt77105.o
insmod: unresolved symbol gr_is_capable
so if later I do insmod nicstar.o it tells me that
idt7105.o doesnt work, of course.
Two things ;

Are you sure that nicstar.o is the correct module for your card ?

"gr_is_capable" is from GRE?? Do you need ip_gre.o first ?

/steve



---
This SF.NET email is sponsored by: eBay
Great deals on office technology -- on eBay now! Click here:
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] RE: [Poptop-server] Require Encryption fails. (RESOLVED)

2003-06-18 Thread Steve Wright 
James Neave wrote:

Whoops, wrong list.

Sorry.

err, it seemed relevant.  Just what I was wondering about actually...  8-)

Now I'm going to attempt to write a small VB/Kix app to set up the
connection on time and do the dialing and route building.
I would be keen to grab a copy if you're distributing that.

cheers,
Steve


---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] host arbitrated channel access - viz turbocell

2003-06-26 Thread Steve Wright 
Finally there is an open-source solution to the 'hidden transmitter' 
problem.

http://patraswireless.net/software.html

/steve



---
This SF.Net email is sponsored by: INetU
Attention Web Developers & Consultants: Become An INetU Hosting Partner.
Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission!
INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] help: ricoh carrier + Orinoco gold

2003-07-03 Thread Steve Wright 
Guys,

WISP-DIST (probably latest, but very recent at least)

I have a ricoh carrier, viz ,

kernel: Linux PCMCIA Card Services 3.2.3
kernel:   kernel build: 2.4.20 #8 Sat Dec 21 14:54:58 EET 2002
kernel:   options:  [pci] [cardbus]
kernel: Intel ISA/PCI/CardBus PCIC probe:
kernel:   Ricoh RL5C475 rev 80 PCI-to-CardBus at slot 00:14, mem 0xe3001000
kernel: host opts [0]: [isa irq] [io 3/6/1] [mem 3/6/1] [pci irq 12] 
[lat 32/32] [bus 2/2]
kernel: ISA irqs (default) = 4,5,7,9,15 PCI status changes
cardmgr[1911]: watching 1 sockets
cardmgr[1911]: starting, version is 3.2.3

and a Lucent/Orinoco Gold PC card - PC24E-H-FC

The system boots fine with the carrier in a PCI slot, but inserting the 
PC card locks the local console hard.  It appears that the machine has 
halted at this point.  Removing the card instantly reboots the router.

any help, etc, appreciated.  regards, Steve.

On card-insertion, syslog reports ;

kernel: cs: memory probe 0xa000-0xa0ff: clean.
cardmgr[1912]: socket 0: Lucent Technologies WaveLAN/IEEE Adapter
cardmgr[1912]: executing: 'modprobe hermes'
cardmgr[1912]: + insmod: /lib/modules/2.4.20: No such file or directory
cardmgr[1912]: + Using /modules/hermes.o
cardmgr[1912]: executing: 'modprobe orinoco'
cardmgr[1912]: + insmod: /lib/modules/2.4.20: No such file or directory
cardmgr[1912]: + Using /modules/orinoco.o
cardmgr[1912]: executing: 'modprobe orinoco_cs'
cardmgr[1912]: + insmod: /lib/modules/2.4.20: No such file or directory
cardmgr[1912]: + Using /modules/preferred/pcmcia/orinoco_cs.o
kernel: cs: IO port probe 0x0100-0x04ff: excluding 0x170-0x177 
0x200-0x207 0x220-0x22f 0x370-0x37f 0x388-0x38f 0x3c0-0x3df 0x4d0-0x4d7
kernel: cs: IO port probe 0x0178-0x01ff: clean.
kernel: cs: IO port probe 0x0208-0x021f: clean.
kernel: cs: IO port probe 0x0230-0x036f: clean.
kernel: cs: IO port probe 0x0380-0x0387: clean.
kernel: cs: IO port probe 0x0390-0x03bf: clean.
kernel: cs: IO port probe 0x03e0-0x04cf: clean.
kernel: cs: IO port probe 0x04d8-0x04ff: clean.
kernel: cs: IO port probe 0x0800-0x08ff: clean.
kernel: cs: IO port probe 0x0a00-0x0aff: clean.
kernel: cs: IO port probe 0x0c00-0x0cff: clean.
cardmgr[1912]: executing: './network start eth1 0'
cardmgr[1912]: + iwconfig netcs0 mode MANAGED
root: ifup: Bringing up interface netcs0





---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0016ave/direct;at.asp_061203_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] securing wireless links

2003-07-11 Thread Steve Wright 
Gurus,

WISP-DIST (latest) on 500MHz VIA EPIA

What are my options for securing a wireless backbone link ?  I will be 
trunking a number of scopes over these links.
Also, we are going to try VoIP, and hopefully the EPIA will have enough 
power to push the VoIP through an encrypted link.

I have had a play with IPSec, but I'm getting this ;
Trouble openning PF_KEY family socket with error: Algorithm support not 
available in the kernel.  Please compile in support.

I'm not fixating on IPsec - I am willing to give anything a spin.

any comments ?

TIA,
Steve


---
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Gated or routed

2003-07-11 Thread Steve Wright 
Brett Stevens wrote:

Hi All,

I have a Bering lrp box set up as a primary router for a number of WAN
sites. We have a need to do some policy routing or at least auto failover. 

http://policyrouting.org has a good on-line book.  Do keep us informed 
too.  8-)


When I last used LRP (many years  ago) there used to be a package for gated
or routed.
already answered..

/steve



---
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Re: can only ping assigned IP

2003-07-13 Thread Steve Wright 
RS Peterson wrote:

12.34.56.78:12.34.56.79

woops, better comment that line out..  8-)

I must have the /etc/ppp/options address set to something bogus: 12.34.56.78.  
Makes no sense to me.

no no, you got it right..  8-)

yes, things are silent IF I use the bogus address in /etc/ppp/options.

gee, you knew it all along anyway..  8-)

solved it yourself..

/sw 8-)



---
This SF.Net email sponsored by: Parasoft
Error proof Web apps, automate testing & more.
Download & eval WebKing and get a free book.
www.parasoft.com/bulletproofapps1

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] wireless LAN security

2003-07-17 Thread Steve Wright 
Hi Folks,

What are we using to secure single point-to-point links? - viz WEP, but 
actually secure..

AIUI, Ad-Hoc mode must be used for backbones, but this leaves security 
to be done at the IP level - not really good enough.

I have read-up on IPSec, but that seems to be about tunneling all the 
routers to a central point, or maintaining multiple IPsec dedicated 
links per router, which is either horribly wasteful on bandwidth, or 
horribly complicated to configure/maintain.

8-/  I wonder with the opportunistic approach might be used - with each 
router IPSec forward to the next one.

anyone doing this ?  I need a few pointers.

TIA,
Steve




---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] wireless LAN security

2003-07-18 Thread Steve Wright 
Steve Wright wrote:

Hi Folks,


etc etc..

replied offlist my mistake.  sorry - I'm not used to the list server 
sending replies offlist..  8-}

any additional comments appreciated.

regards,
Steve


---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] What LEAF needs

2003-07-20 Thread Steve Wright 
Charles Steinkuehler wrote:

The good news is a lot of thought has gone into creating an 
architecture that will allow exactly this, and work is progressing 
(although perhaps somewhat slowly) on a configuration system that aims 
to keep the flexability of linux which makes LEAF useful while 
providing a consistent interface to configuration information which 
will allow a variety of back-end tools (from text menus to GUI 
configuration screens) to be implemented.  Refer to the leaf-devel 
archives for more details, and the CVS area on SourceForge for the 
(still in development) code. 


please include something to handle iproute2..  (perhaps I better 
muck in and help..)

/steve



---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
same time. Free trial click here: http://www.vmware.com/wl/offer/345/0

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] interfaces / shorewall assist please

2003-07-26 Thread Steve Wright 
Greg Playle wrote:

I've been fighting this for a bit, and don't seem to be making headway.

ok, lets see..

No subnet declaration for eth0(0.0.0.0)
Please write a subnet declaration for eth0 in your dhcpd.conf
dhcpd tells us here that the address for eth0 is 0.0.0.0   hmm, that's 
odd.  This is your internal network interface, so it should be 192.16.1.254

# dhcp.conf file
dynamic-bootp-lease-length 604800;
max-lease-time 1209600;
subnet 192.168.1.0 netmask 255.255.255.0 {
   option routers 192.168.1.254;
   option domain-name "thrn";
   option domain-name-servers 192.168.1.254;
   range 192.168.1.1 192.168.1.199;
}
well, that should issue IPs, at least..  if it could find a configured 
eth0, which it can't.

ping 192.168.1.254 output:
PING 192.168.1.254 (192.168.1.254): 56 data bytes
ping: sendto: operation not permitted
something is wrong with that interface.

3: ppp0:  mtu 1500 qdisc pfifo_fast qlen 3
   link/ppp
   inet 10.64.64.64 peer 10.112.112.112/32 scope global ppp0
odd, but unrelated.

4: eth0:  mtu 1500 qdisc noop qlen 100
   link/ether 00:60:08:8a:0d:4d brd ff:ff:ff:ff:ff:ff
This interface is not configured.  It has no IP address, and therefore 
dhcpd will not function over it.  If the interface exists, then it must 
have a kernel module loaded...


lsmod output:
Module PagesUsed by
3c589_cs8580   0 (unused)
ds  6796   2 [3c589_cs]
i82365 27044   2
pcmcia_core41088   0 [3c589_cs ds i82365]
ip_nat_irc  2176   0 (unused)
ip_nat_ftp  2784   0 (unused)
ip_conntrack_irc2880   1
ip_conntrack_ftp3648   1
ppp_async   6284   0 (unused)
ppp_generic16152   1 [ppp_async]
slhc4352   0 [ppp_generic]
I can see no module here that looks like an ethernet driver.  Either you
have the driver (for your ethernet chipset) built in to the kernel, or 
it is not loaded.

What is the ethernet chipset for eth0 ?  Try to insmod the module for it 
and see what happens.

shorewall status output:

unrelated.

daemon.log from /var/log:

no mention of eth0 in here.

Jul 26 18:51:14 firewall dhcpd:
Jul 26 18:51:14 firewall dhcpd: No subnet declaration for eth0 (0.0.0.0).
Jul 26 18:51:14 firewall cardmgr[24938]: + /sbin/ifup: interface eth0 
already configured

dhcpd asks cardmgr to ifup eth0 to see if it can rectify the situation.

Jul 26 18:51:14 firewall dhcpd: Please write a subnet declaration in your 
dhcpd.conf file for the

and fails...

# /etc/network/interfaces
auto lo ppp0 eth0
iface lo inet loopback
iface ppp0 inet ppp
  provider provider
iface eth0 inet static
  address 192.168.1.254
  masklen 24
  broadcast 192.168.1.255
here are your interface settings.  dunno why it did not assign 
192.168.1.254 to eth0 coz you told it to.

up pon
up /etc/init.d/dnscache restart
At this point, we need to kick eth0 into life.

add "/etc/init.d/network restart" or whatever the command is.  Let's see 
if eth0 will come up.

up dhcpd restart
up shorewall restart
down shorewall stop
down /etc/init.d/dnscache stop
down poff

# pump configuration
retries 3
script "/etc/pump.shorewall"
device eth0 {
nodns
}
huh?  is pump running on eth0 ?  Do you want eth0 to get its' address 
with pump, or do you want it set static ?
Do `ps ax` and see if pump is running.

HTH,
Steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] interfaces / shorewall assist please

2003-07-27 Thread Steve Wright 
George Metz wrote:



Bit of a red herring here; just want to make sure that he doesn't need 
to spend time chasing down a ghost...


good catch George.  ;-)  /sw




lsmod output:
Module PagesUsed by
3c589_cs8580   0 (unused)



I can see no module here that looks like an ethernet driver.  Either you
have the driver (for your ethernet chipset) built in to the kernel, 
or it is not loaded.


What is the ethernet chipset for eth0 ?  Try to insmod the module for 
it and see what happens.


3c589_cs is the Ethernet module there. It's a 3Com nic; all of their 
cards which use their own chipsets have modules that start with "3c" 
as a designator.

George Metz



---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01 


leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html






---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] followup to interfaces / shorewall assist

2003-07-27 Thread Steve Wright 
Greg Playle wrote:

	Thank you; the information you gave was helpful.
	I checked a bit more; in short, eth0 does not come up on boot, but seems 
to take a while

interfaces that take ages to come up are usually waiting for some dhcp 
server to answer..  8-)
Your eth0 should configure nearly instantly, or else something is amiss. 
Here is your problem to solve, IMO.
Perhaps post a bit more diagnostics of this phase of the bootup.


	Restarting networking, esp eth0, brings it up fine, and then I can 
manually launch dhcpd, after which all responds as it should.  I'm able to 
ping the eth0 address (192.168.1.254) both from itself and from another 
machine (which obtained its IP from the dhcp server).

Bering Gurus are needed here.

Good luck.

/steve



---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] followup to interfaces / shorewall assist

2003-07-27 Thread Steve Wright 
Greg Playle wrote:

I tried building in a simple "wait 60 seconds" script, which ran at S29.  That didn't help.

I've got something out of order, but I'm still not sure what.

What diagnostics would be useful here?

I know Linux and WISP-DIST, but I am not familiar with Bering, per se.

Try these things ;

boot Bering, and see if pump is running on eth0.  It should not be.

Start from scratch, with a perfectly clean image and have another go.

Write a little script that that restarts the network - basically what 
you are doing now, but automatically.

HTH,
Steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] DNAT:ssh how to restrict ?

2003-08-02 Thread Steve Wright 
On Tue, 2003-07-29 at 07:40, Hein Bauer wrote:

> Hm. I cannot use a IP-Adress for restriction, because it changes. The 
> ssh "client" got a dynamic IP..., so I would like to use MAC-Addresses.
> 


issue static IPs with dhcpd, then limit on IP address.


/steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] htb.init with LEAF ?

2003-08-05 Thread Steve Wright 
On Tue, 2003-08-05 at 23:18, S Mohan wrote:
> You will find qos-htb.lrp in the pub packages area. The bering user's guide
> has a chapter on QoS dealing with this written by me. If you have any
> doubts, please get back to me. htb.init needs to be modified to run on ash
> instead of bash(typically, "()" bravkets need to be replaced with "[]" I
> think) which is what has been done in qos-htb.lrp.

awesome.  Thank you Mohan.  8-)


/steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] htb.init with LEAF ?

2003-08-06 Thread Steve Wright 
Hi All,

Is anyone using the htb.init script with LEAF ?

htb.init works fine on my RedHat9 box, but fails with "syntax error -
line 640 - bad substitution" on my WISP-DIST router.

anyone got this running ?


cheers,
Steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Access to FTP to get LRP

2003-08-10 Thread Steve Wright 
On Sat, 2003-08-09 at 17:15, Sebastián Aresca wrote:
> But the idea is to build a script that download the package by itself.

I wrote a set of scripts that configure the router.  A controlling core
server may push a configuration onto a router, or the router may collect
its configuration at boot - whichever is relevant.

All configuration is done on the core server.  However, you must be
completely familiar with how to configure LEAF by hand as there is no
frontend to this yet, so it may be over-complex for your situation.

I would suggest you wrote a small script in rc.local and executed the
commands you need.


/steve





---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] htb.init with LEAF ?

2003-08-14 Thread Steve Wright 
On Tue, 2003-08-05 at 21:03, Vladimir Ivaschenko wrote:
> Wjy do you want htb.init when WISP-Dist built-in traffic shaping 
> already uses HTB?

ahh, some fool wants to run VoIP don't they..  h..  And then then
they want to still browse the web, download stuff, so my job is to make
it all work over a 4mbit/sec 11b link.

and then, there are a couple of other scopes running on the same netcs0
interface, plus a pppoe client or two as well..

My problem is, I do not know enough about htb to build this by hand, and
I found htb.init.

I am afraid I do not use many of the menus on my leaf box.  The routers
are all configured remotely and automatically from the core.  The core
can push a reconfiguration at any router at any time, and the routers
request their entire configuration on boot.


/steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: Re:[leaf-user] PXE/Etherbooting WISP-DIST ?

2003-08-14 Thread Steve Wright 
On Thu, 2003-08-14 at 00:45, Jacques Nilo wrote:
> Hi All,
> 
> since WISP-DIST runs read-only off a flash disk, has anyone thought of
> PXE booting a box (LTSP style http://ltsp.org ) and having WISP-DIST
> install itself into RAM ?
> 
> Have you checked:
> http://leaf.sourceforge.net/doc/guide/bupxebooting.html
> I do not know how it would work on WISP-DIST but the idea is the same
> Jacques

nce..  thanks Jacques.  :-)

/steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] PXE/Etherbooting WISP-DIST ?

2003-08-14 Thread Steve Wright 
Hi All,

since WISP-DIST runs read-only off a flash disk, has anyone thought of
PXE booting a box (LTSP style http://ltsp.org ) and having WISP-DIST
install itself into RAM ?

The proceedure should be roughly equivalent to grabbing the packages off
DOM and unpacking them into RamDisk.

Sure, the unit will not be 'standalone' (can't boot by itself) but in
many situations this will make any old POS hardware into a router,
without even a flash module or a floppy..


cheers,
Steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] OT: Congratulations

2003-08-14 Thread Steve Wright 
On Tue, 2003-08-12 at 03:32, Mike Noyes wrote:
> On Mon, 2003-08-11 at 07:40, Charles Steinkuehler wrote:
> > Sean E. Covel wrote:
> > > Glad I could help.  I have a 4 week old.  I'm not very coherent most of
> > > the time right now.  I miss sleep...
> > 
> > Mine are almost three weeks now:
> > http://www.steinkuehler.net/twins/images/2003-08-01.htm

c'mon you guys.. you're bringing tears to my eyes..  again..  8-}

mine are 9 and 10 y/o..  I drove my mate home from the hospital
yesterday with his family + one extra..  It was a lovely trip  - vehicle
loaded with exceedingly precious cargo. <8-}


/steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] qos-htb.lrp error

2003-08-15 Thread Steve Wright 
On Fri, 2003-08-15 at 18:11, bino-psn wrote:
> Dear All.
> I just download qos-htb.lrp
> Try to load it on my bering box.
> 
> when i try to start it ...
> it give error msg :
> 
> ./htb.init: 636: Syntax error: Bad substitution
> 
> I look into that Line and it only contain blank-string variable assignment
> as :
> 
> RNAME="";CNAME=""
> 
> 
> Any Clue please ..

htb.init was designed for the bash shell.  It won't work on ash as in
LEAF.

I tried it on WISP-DIST and it does not work.. same problem as you have.

I am now examining tcng 
http://tldp.org/HOWTO/Traffic-Control-tcng-HTB-HOWTO/

tcng is a very powerful config generator for tc, and it fits well with
my desire to backend the routers entirely.


regards,
Steve




---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] qos-htb.lrp error

2003-08-15 Thread Steve Wright 
On Sat, 2003-08-16 at 00:55, S Mohan wrote:
> htb.init was modified to run on ash. Steve - I has sent my copy of qos-htb.
> Did it not work?
> 

Yes it worked.  It was not htb.init but something different.

None of these scripts provide the functions I need - that is, for the
Server to specify and dynamically load policy for the routers, and
therefore I am looking at tc-ng + tcc.


/steve

p.s. this reply-all thing is really bugging me.  duplicate bloody
messages everywhere.  Is it really important to run the listserver in
this mode ?



---
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa0013ave/direct;at.aspnet_072303_01/01

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Bering floppy basics

2003-08-21 Thread Steve Wright 
http://prdownloads.sourceforge.net/leaf/Bering_1.2_img_bering-1680.bin

With no modifications, this fails with ;

Loading initrd.lrp...
Boot Failed: please change disks... 

Just a dud floppy ?

TIA,
Steve




---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering floppy basics

2003-08-23 Thread Steve Wright 
On Sun, 2003-08-24 at 03:28, Dave Hunt wrote:
> Look up www.pcengines.ch.
> 

Dave, have you used pcengines embedded PCs ?

I'm keen on http://www.pcengines.ch/wrap.htm but they
seem to be out of stock/production..


/steve




---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Bering floppy basics

2003-08-24 Thread Steve Wright 
On Sun, 2003-08-24 at 09:42, Martin Hejl wrote:
> Hi,
> 
> > Dave, have you used pcengines embedded PCs ?
> > 
> > I'm keen on http://www.pcengines.ch/wrap.htm but they
> > seem to be out of stock/production..
> If you're going to import it anyway (I'm inferring that from your email 
> address), you could also have a look at www.soekris.com - the Net4801 is 
> a bit more expensive than the pcengines board, but only marginally so 
> (considering the extra features you get - like a second COM port plus a 
> third ethernet port).

I'm not keen on the soekris gear.  It looks awfully expensive for what
it is.

The main thing about the wrap1a, is it will take two mini PCI cards
onboard, and these cards are only US$50 here (100 bucks local $) which
is dead cheap.

12VDC, 0.5A, two 10/100, two miniPCI wireless interfaces.. for around
US$250.. ??  nearly unbeatable.

8-/ I wouldn't mind USB too, but a couple of ethernet/wireless bridges
on the end of some cat5 is all good.. if not better.



/steve




---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] Bering floppy basics

2003-08-25 Thread Steve Wright 
On Mon, 2003-08-25 at 19:22, Erich Titl wrote:
> Hi Steve
> 
> At 08:50 24.08.2003 +1200, Steve Wright wrote:
> >On Sun, 2003-08-24 at 03:28, Dave Hunt wrote:
> > > Look up www.pcengines.ch.
> > >
> >
> >Dave, have you used pcengines embedded PCs ?
> 
> I got one of the pre production models to port Bering to it. It basically 
> works with one major problem still open, the reboot command does not work 
> at all, because the board does not have a keyboard controller.
> 
> I am delayed in adapting a driver which will overcome this problem, but it 
> is definitely on my list.


Thanks for that info, Erich.

I will be keen to hear a result.


regards,
Steve




---
This SF.net email is sponsored by: VM Ware
With VMware you can run multiple operating systems on a single machine.
WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines
at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Bering floppy basics

2003-08-27 Thread Steve Wright 
On Wed, 2003-08-27 at 14:16, bino-psn wrote:
> Dear Dave.
> pcengines's product is to plug a CF to an IDE based board.
> What I need is to plug IDE to a CF based board.

Hi Bino.

I have not seen such a device.

You might consider using a USB Hard Disk, and attach it with a CF-USB
converter, of which there should be plenty.


/steve




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Bering floppy basics

2003-08-27 Thread Steve Wright 
On Wed, 2003-08-27 at 23:43, Erich Titl wrote:
> Hi Bino
> 
> At 21:27 27.08.2003 +1200, Steve Wright wrote:
> >On Wed, 2003-08-27 at 14:16, bino-psn wrote:
> > > Dear Dave.
> > > pcengines's product is to plug a CF to an IDE based board.
> > > What I need is to plug IDE to a CF based board.
> 
> What exactly do you want to achieve with this (unless you have tons of IDE 
> flash disks).
> There is no difference between a CF or an ide flash disk (except maybe that 
> some flash disks are write protectable)

The pcengine board has no IDE adapter.  An adapter CF-IDE is required to
attach a conventional IDE disk to this unit.


/steve




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] WAP

2003-09-06 Thread Steve Wright 
On Sun, 2003-09-07 at 01:08, C. Dummy wrote:
>  Hi .
> I just came back to mailing list after a while. I'm running Bering 1.2 
> with dsl modem and than switch with 4 computers on static internal ip's. 
> I'd like to add wireless access point. What is the best way to do that? 

Depends what you want to do with it.  As George says, wireless is not
remotely secure, so you should only run secured protocols, or irrelevant
protocols over it.

You must not plug a WAP directly into your internal firewalled LAN
without taking substantial precautions.

I have my WAP on a different network scope than my internal LAN, so
*nothing* is visible to wireless clients unless I enable a service
specifically.  ie ;

LAN scope 192.168.0.0/24
WAP scope 192.168.10.0/24

Now you may add IPs on the WAP scope to whatever services you want
available to the WAP.  Other hosts and services are invisible.  This is
far easier than firewalling everything.

Both scopes run simultaneously on the same network cabling.


HTH,
Steve





---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] WAP

2003-09-06 Thread Steve Wright 
On Sun, 2003-09-07 at 09:00, C. Dummy wrote:
>  So running third nic and dmz with wap on that would be little bit 
> better solution? But do I really need wap router in this case or just 
> Bering box and wap would be enough?
>  Do you run WAP scope 192.168.10.0/24 from uplink on your switch or just 
> from regular rj45 for network?


That is one school of thought.  It is no different, as far as the kernel
is concerned.  Not better, just different, and easier to understand from
the hardware point of view.  Modern networking techniques make this
approach obsolete, however.

If you buy a complete Wireless Access Point, and configure it as a
bridge, and attach an IP address that is outside the scope of your
internal LAN, then there is no way any communication will take place
from the wireless scope to the internal LAN scope.  The WAP just does
not have the know-how to bridge an IP that is no on its' scope.

Then, configure only the services you need to listen on the WAP scope.

Example ;

Your Internal Wired LAN is - 192.168.0.0 netmask 255.255.255.0

Your WAP (bridging mode) IPaddress = 192.168.10.1 netmask 255.255.255.0

Now configure your squid proxy to listen on 192.168.10.254
Add a dhcpd entry to allocate addresses on the 192.168.10.0/24 subnet

>From your wireless LAN, there will ONLY be one working address on the
LAN, and that will be the squid proxy, for which you will need a
password to use.

Carefully enable other secured services as required, viz sshd.

Your Internal LAN is now separate from your WAP LAN, yet they use the
same cabling, and you haven't needed to write one single iptables entry.


The above example should just 'work', but there will likely be issues
since it was off the top of my head.
This is "iproute2" networking, or otherwise called "policy routing".

Later on, if you are so inclined, you can fiddle with this some more, by
adding rules and multiple routing tables on the basis of "Routing
Policy".  Rarely do you need to return to iptables to set Networking
Policy.  Networking is fun again..  8-))


HTH,
Steve




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] WAP

2003-09-07 Thread Steve Wright 
On Sun, 2003-09-07 at 15:24, M Lu wrote:
> I am not familiar to the 'scope' thing, but I am sure you do not need the 
> router, you need only the access point if you connect your WAP to a separate 
> NIC in the Bering router. I disable the router function in my D-Link 713P.


Yes, you can use a separate NIC, but then the AP must be next to the
Bering Router, or run a new long cable.  This is inconvenient, and is
not required, unless the AP *is* right next to the Bering Box.

These are scopes ;

10/8
172.16.1/24
192.168.0.0/24

You may run multiple scopes on one subnet(network cable/switch/NIC) and
add rules about who may talk to who.
It can be complicated at first, but it is very powerful, and much easier
than heaps of iptables entries.



/steve




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Load Balancing .. How to??????

2003-09-10 Thread Steve Wright 
On Wed, 2003-09-10 at 16:32, Thitiporn Pornpirunrak wrote:
> Hi all
>  I have 2 Adsl Router with both 128K .. I would like to set load balancing on my 
> bering box but I have no idea about that.. I try to search information on internet..
>  Anyone know please tell me..


Do you want to balance on each *packet* or each *connection*  ?

This will equalize each *packet* ;

ip route add equalize default \
   nexthop via DSL1-IP dev eth1 \
   nexthop via DSL2-IP dev eth1


If you would like to balance per *connection* then remove the 'equalize'
word.  I think.  8-)


Found here ;
http://www.policyrouting.org/PolicyRoutingBook/ONLINE/CH05.web.html


best,
Steve




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Load balancing.

2003-09-11 Thread Steve Wright 
On Fri, 2003-09-12 at 01:43, James Neave wrote:
> Hello all,
> 
> First of, my definition of Load Balancing is 2 or more Modems in a
> machine and both are used to connect to a network or ISP, increasing the
> maximum possible bandwidth.
> 
> A friend asked me a question.
> 
> Is it possible to load balance two ADSL connections? One is his, one is
> his neighbours. Two PCs, Two ADSL modems and a WAP connected to one of
> the gateway machines and a wireless NIC in the other.


yes, you may balance on the basis of connection, or on the basis of
packet.  In fact, you may do any type of
routing/balancing/unidirectional/bidirectional thing you might like to
do.

The following will route each *packet* out a different port.

ip route add equalize default \
   nexthop via DSL1-IP dev eth1 \
   nexthop via DSL2-IP dev eth1


If you remove the word "equalize", then it will send each alternate tcp
stream out each port.

DSLn-IP are the addresses of your DSL connections, and eth1 is the
assumed local interface pointing at your DSL modems.


please report your success and/or problems with this, so I may amend
etc.


/steve




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Load balancing.

2003-09-11 Thread Steve Wright 
On Fri, 2003-09-12 at 11:32, Jeff Newmiller wrote:
> On 12 Sep 2003, Steve Wright wrote:
> 
> [...]
> 
> > The following will route each *packet* out a different port.
> > 
> > ip route add equalize default \
> >nexthop via DSL1-IP dev eth1 \
> >nexthop via DSL2-IP dev eth1
> > 
> > 
> > If you remove the word "equalize", then it will send each alternate tcp
> > stream out each port.
> > 
> > DSLn-IP are the addresses of your DSL connections, and eth1 is the
> > assumed local interface pointing at your DSL modems.
> 
> I haven't used this feature... how does "equalize" interact with NAT?  It
> would seem to be counterproductive to split tcp streams in the presence of
> NAT, since that could present a confusing data stream to the destination
> machine.  That would seem to be most valuable for non-NAT configurations,
> particularly when you have control over routers at the point where the
> data streams merge again closer to your destination.


WRT routing, my understanding is, NAT is completed before the default
route is evaluated, so everything should proceed as usual.

There can be 'issues' with 'equalize' when the link latencies are
different by an order of magnitude.  something about re-assembling out
of order or something, so I would say your surmising is correct.  In
this case, equalize by tcp-stream only.  hrm, I am the newbie here, so
do not consider me to be a reliable source (yet 8-).


/sw




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Bering xi-626 and hostap

2003-10-02 Thread Steve Wright 
On Fri, 2003-10-03 at 08:42, Petr´s mailing list wrote:
> Hello guys,
> 
> as I installed bering on Compact Flash I tried to put hostap*.o to /lib/modules to 
> support XI-626 wireless card. I configured networks and wlan0 but If I need insmod 
> hostap it returns with 10 row faults as unresolved links. Can you track me to fix 
> this stupid problem. Thanks


this mostly means that hostap.o needs another module inserted first.

I hoped to examine my /etc/modules and tell you which modules, and in
what order they are inserted, but all hostap entries are commented out,
but the router has been running a prism2 card in hostap mode for months!
Somewhat puzzling, but a different subject.

How is the xi-626 connected ?  Do you use a cardbus<-->PCI adapter
card?  What is the chipset on this adapter?


/steve




---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] LEAF on compact flash

2003-10-29 Thread Steve Wright 
On Thu, 2003-10-30 at 08:44, John P. Looney wrote:
>  Does anyone have LEAF images that can be 'dd' onto a CF card? What size
> ones are needed ?


be careful 'dd'ing images to a flash disk.  it's kinda easy to trash the
boot block, and it's rather a long road to fix that.


>  I'm looking to have a LEAF box running Quagga (the forked version of
> Zebra), and CF would be a lot nicer than a floppy.

 /me wondering,  why the forked version?


/steve




---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Strange Bering error

2003-10-31 Thread Steve Wright 
On Fri, 2003-10-31 at 22:07, [EMAIL PROTECTED] wrote:
> I have a internal Leaf (Bering v1.2) box and when I try to add a route (ip route add 
> 10.254.0.2/24 via 172.26.1.1) this strange message show up:
> RTNETLINK answers: Invalid argument
> 
> I've tired adding dev eth1 etc as well - no luck
> 
> I'm completely lost as I can do this on some other boxes I got...  Have anyone seen 
> this before?


The command above is perfectly valid - you do not need to add an
interface name..

It may be as Bino says, or it might be that it knows nothing of the
172.26.1.1 address.

Check that 172.26.1.1 is a member of a global scope on this router, that
is, it fits inside a scope such as 172.26/16 on an existing interface.



best,
Steve




---
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive?  Does it
help you create better code?   SHARE THE LOVE, and help us help
YOU!  Click Here: http://sourceforge.net/donate/

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] OpenVPN

2003-12-24 Thread Steve Wright 
On Tue, 2003-12-23 at 00:59, Informática. Cabildo de La Gomera wrote:
> I´m trying to connect several offices, and I decided to use Bering uClib
> 
> because it seems to be the most up to date branch.
> 
> 
> 
> 
> After several problems with network drivers it´s starting to work, but
> 
> now I have to decide about security: ipsec or openvpn. It seems that
> 
> openvpn is easier to configure and you can select the degree of security/cpu
> 
> that you want (my pc's are really old), so I think it´s the better solution
> for
> 
> me, but I can´t see a package for openvpn using Bering uClib.


I am considering the same, and I am wondering about CIPE.  RedHat and
others package CIPE and include a GUI Wizard to set it up.  Very tidy.

I understand openvpn works over a ssh tunnel.  If this is true, then I
understand that are issues with doing this - it is not a good thing to
do.



> The questions are three:
> 
> -Do you think it´s a good idea to use Bering uClib?
> 
> -What about ipsec vs openvpn?
> 
> -Is there a package for openvpn under Bering uClib?


ipsec would be the best, and with full opportunism, probably the easiest
to maintain.  ipsec is difficult for newbies, as I can assure you.

CIPE is probably the next best, followed by openvpn, on the assumption
that openvpn runs over an ssh tunnel.


Hopefully others may shed light, as I could do with some guidance also.



best regards,
Steve

***compliments of the season to all***




---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html