[leaf-user] OpenVPN

2005-12-12 Thread Sylvain Pelletier 
Hi,

I would like to get the feedback of people who have succesfully
installed/tested openvpn with bering.

Thanks

Sylvain


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37alloc_id865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Openvpn 2.0 routes problem

2005-12-05 Thread Sylvain Pelletier 
Hi,

I try to set up a vpn with the lastest version of openssl (2.0.5)under
Bering-uClibc 2.3.

I try to connect a xp client to the bering gateway, the tls handshake
is succesfully achived.

From the client's log:
[tremblay.chep.priv] Peer Connection Initiated with 82.124.204.58:1194

My client didn't obtain ip and routes from the server, and I get 
Initialisation process completed with errors in the log, as
explained in the documentation,  I checked that the dhcp client is
active on the tap interface and the firewall turn off, but my tunnel
is still unworking.


The server's config:

;local a.b.c.d
port 1194
;proto tcp
dev tun
;dev-node MyTap
ca keys/ca.crt
cert keys/tremblay.chep.priv.crt
key keys/tremblay.chep.priv.key  # This file should be kept secret
dh keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/state/openvpn-ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
push route 192.0.1.0 255.255.255.0 10.8.0.1
;push ip-win32 dynamic
;push route-delay 2 600
keepalive 10 120
;comp-lzo
;user nobody
;group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log
;log openvpn.log
;log-append  openvpn.log
verb 6
;mute 20

My client's config (under windows xp sp1):

client
dev tun
proto udp
remote the ip of the server 1194
resolv-retry infinite
nobind
;user nobody
;group nobody
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
;mute-replay-warnings
ca ca.crt
cert trappes.chep.priv.crt
key trappes.chep.priv.key
;ns-cert-type server
;tls-auth ta.key 1
;cipher x
;comp-lzo
verb 7
;mute 20

Thanks for help

Sylvain


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37alloc_id865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Ulogd works just for 24 hours

2003-01-22 Thread Sylvain Pelletier 


Hi,

I've try to log shorewall messages with ulogd,  all works for one day after
shorewall.log is empty.
I use Bering with a 2.4.20 kernel.
If someone have a idea??

Thanks

Sylvain




---
This SF.net email is sponsored by: Scholarships for Techies!
Can't afford IT training? All 2003 ictp students receive scholarships.
Get hands-on training in Microsoft, Cisco, Sun, Linux/UNIX, and more.
www.ictp.com/training/sourceforge.asp

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Problem with pppoe

2002-11-16 Thread Sylvain Pelletier 
I tell a friend about LEAF  so he tries to setup the bering 1.0 rc3 ( the
same version that i have)
We connect both with adsl and the same provider. My connection works well
but my friend got this message (from syslog)

Plugin /usr/lib/pppd/pppoe.so loaded
 PPPoE Plugin Initialized
 pppd started by root, uid 0
 Sending PADI

the plugin is initialized but (from syslog):

Nov 15 23:17:45 firewall pppd[7330]: invalid packet Ether addr:
14:22:f0:bf:6c:8f PPPoE hdr: ver=0xf type=0x9 code=0x11 sid=0x002b
length=0x5422 (Unknown) PPPoE tag: type=f0bf length=6c8f (Unknown)
unrecognized data
Nov 15 23:17:45 firewall pppd[7330]: Failed to negotiate PPPoE connection: 4
Interrupted system call
Nov 15 23:17:45 firewall pppd[7330]: Exit.

The config  file are ok, he has the same as me.  He has two 3com 3c509b
NIC's.

I read it from  mail-archive, but I don't think my friend is in the case
described by Charles Steinkuehler :

 I've tried the above with and without quotes. Either combination
yields
 the following from syslog:

 Plugin /usr/lib/pppd/pppoe.so loaded
 PPPoE Plugin Initialized
 pppd started by root, uid 0
 Sending PADI

 And then just sits there...

 Depending on when I ifdown ppp0, syslog reports the following:

 invalid packet Ether addr:14:89:fa:bf:6c:6f
 PPPoE hdr: ver=0xf type=0x9 code=0xf1 sid=0x4aeb length=0x5489
(UNKNOWN)
 PPPoE tag: type=fabf length=6c6f (UNKNOWN) unrecognized data
 Failed to negotiate PPPoW connection: 4 Interrupted system call

 If I don't ifdown ppp0, it just sits at Sending PADI indefinitely.

 Any thoughts?

I'd say the odds are on something mis-configured in your PPP or PPPoE
setup. I had virtually no luck with PPPoE until I setup a test PPPoE
network, and could look at the logs on *BOTH* sides of the connection.
Once I got the kinks out of my test configuration, linking up with an
actual provider went smoothly.

It may help to connect a full-blown disto to your PPPoE link (or bum
some config files off someone on-list with a linux box hooked to SWBT
PPPoE DSL), and compare the configuation with what you're setting up in
LEAF.

One thing working with a thin disto like LEAF is you're forced to learn
how to make everything run at a very low-level. This can be a good
thing or a bad thing, depending on your perspective. I learned *WAY*
more about software RAID by building a LEAF based web-server sporting a
SCSI RAID-1 than by installing RedHat and using the GUI installer to
build mirrored partitions...in fact, I learned enough playing with RAID
on LEAF that I now trust it for production servers, and know I can fix
things if I ever loose a drive.

Charles Steinkuehler

I really need help, so if someone have an idea 

Thanks

Sylvain







---
This sf.net email is sponsored by: To learn the basics of securing 
your web site with SSL, click here to get a FREE TRIAL of a Thawte 
Server Certificate: http://www.gothawte.com/rd524.html

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Bering RC3 weblet problems or bugs?

2002-08-04 Thread Sylvain Pelletier 

You're getting File not readable because the permissions have been modified.
Look for the function rotatelogs in /etc/multicron-p, you must find a line
who start by
savelog -g adm -m 640 . Now try 644 and you will see !

- Original Message -
From: Ping Kwong [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, August 04, 2002 1:24 PM
Subject: [leaf-user] Bering RC3 weblet problems or bugs?


 Running Bering RC3 with Shorewall 1.33 connecting via PPPoE.  Seems I
 have a problem with weblet.  It appears to work fine for the first day
 but after the logs rotate and when I check the logs through weblet, I'm
 getting File not readable: XXX where XXX are the log files: messages,
 syslog, debug, daemon, kern, ppp, and pslave.  Also, should there be
 some sort of logs in the ppp.log file?  When I login and change to
 /var/log I can cat the files just fine and ppp.log is just empty.




 ---
 This sf.net email is sponsored by:ThinkGeek
 Welcome to geek heaven.
 http://thinkgeek.com/sf
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html






---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] slow conection under Bering rc3

2002-07-30 Thread Sylvain Pelletier 

I've switch to bering rc3 early but i have a strange behavior
I have two computer in my local network and my internet connection is pppoe
One under Windows Xp and another under a debian woody.
I have a very slow connection with the debian ( under 5Ko/s) but with
Windows Xp, the connection is fine.
The bering boot from floppy and I have dachtein rc2 wich boot from
hard-disk.
When i reboot with dachtein all work perfectly.

If someone know what the problem is.
I would like to stay under bering ( yes i like shorewall facilities :-) )
My brain is going warm

Sylvain





---
This sf.net email is sponsored by: Dice - The leading online job board
for high-tech professionals. Search and apply for tech jobs today!
http://seeker.dice.com/seeker.epl?rel_code=31

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Loading packages on bering

2002-05-05 Thread Sylvain Pelletier 

I want to load 20 packages, but on boot only 18 are installed.
The next package is not installed. (error message nf!)

Now,  I am looking in linuxrc  

Sylvain




___

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]


leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] Loading packages on bering v1.0-rc2

2002-05-05 Thread Sylvain Pelletier 

I use bering v1.0-rc2
I get this message only for the package 19
It's possible to bypass this limit or ...

- Original Message -
From: Ray Olszewski [EMAIL PROTECTED]
To: Sylvain Pelletier [EMAIL PROTECTED]
Sent: Sunday, May 05, 2002 5:16 PM
Subject: Re: [leaf-user] Loading packages on bering


 At 04:38 PM 5/5/02 +0200, you wrote:
 I want to load 20 packages, but on boot only 18 are installed.
 The next package is not installed. (error message nf!)
 
 Now,  I am looking in linuxrc


 Well ... nf! translates to not found. Do you get this message only for
 package #19, or for both #19 and #20? If the first, then you may be
hitting
 the line-length limit for package lists (255 characters, I think).


 --
 Never tell me the odds!---
 Ray Olszewski-- Han Solo
 Palo Alto, CA[EMAIL PROTECTED]
 






___

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]


leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] Mounting /var/log on a ext2 partition

2002-05-03 Thread sylvain pelletier 

Hi,

I switched from dachtein to bering, all works perfectly.
I replaced my slow bind-8/exim by tinydns/qmail.
Perhaps I'm tired but I don't find where the TMPFS on /var/log is created
(wich script???)
I use a little hard disk for storage and I would like to store logs on a
partition.
What to do?

Thanks

Sylvain



___

Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: [EMAIL PROTECTED]


leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[Leaf-user] shell script problem

2002-02-27 Thread sylvain pelletier 

Hi,

I would make a little script in sh on my lrp ( dachtein version)

and i can't do this :

for file in 'ls' ; do
echo $file
done

the echo response is: ls

what's wrong, the problem comes from lrp???

Thanks
Sylvain



___
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user

Fw: [Leaf-user] pppoe and dyndns

2002-01-30 Thread sylvain pelletier 


- Original Message -
From: sylvain pelletier [EMAIL PROTECTED]
To: Victor McAllister [EMAIL PROTECTED]
Sent: Wednesday, January 30, 2002 4:26 PM
Subject: Re: [Leaf-user] pppoe and dyndns


 I suppose your friend uses the Roaring Penguin package.
 This package comes with some script.
 To update a dyndns account, you must modified the adsl-start and adsl-stop
 script.

 In the adsl-start, look for Monitor connection ( in the bottom of the
file)
 and insert the line ez-ipupdate -d -c /etc/ez-ipupdate.conf  in the loop
 while


 ---adsl-start-
--
 
 # Monitor connection
 TIME=0
 while [ true ] ; do
 ${exec_prefix}/sbin/adsl-status $CONFIG  /dev/null 21

 # Looks like the interface came up
 if [ $? = 0 ] ; then
  # Print newline if standard input is a TTY
  tty -s  $ECHO  Connected!

  # To update dyndns
  path1=/usr/bin
  export path1
  ez-ipupdate -d -c /etc/ez-ipupdate.conf# ez-ipupdate start in
 daemon mode (-d)
  exit 0
 fi

 tty -s  $ECHO -n $PING
 sleep $CONNECT_POLL
 TIME=`expr $TIME + $CONNECT_POLL`
 if [ $TIME -gt $CONNECT_TIMEOUT ] ; then
  break
 fi
 done
 
 Then add this line killall -QUIT ez-ipupdate 2 /dev/null  in adsl-stop
 ( before the # Check for pidfile)
 Be careful to not run ez-ipupdate on root, and check the permission file
 that ez-ipupdate uses!!

 In the /etc/ppp/ip-up, you have just to put svi network ipfilter reload
 for the port forwards
 and eventualy if your friend uses dnscache, you can put dnscache restart
 or something that in ppp-up.

 Sylvain!!!



 - Original Message -
 From: Victor McAllister [EMAIL PROTECTED]
 To: leaf-user [EMAIL PROTECTED]
 Sent: Wednesday, January 30, 2002 1:01 AM
 Subject: [Leaf-user] pppoe and dyndns


  I have a friend who uses DCD 1.02 on a pppoe connection.  I have a
  static so I can't test out pppoe.  I have spent some time on the phone
  trying to help him trouble shoot.
 
  I had him put svi network ipfilter reload in the /etc/ppp/ip-up to
  make sure his port forwards are updated after his external ip changes.
 
  He has a dyndns account and ez-ipupdate which is properly configured.
  It works correctly from a cold boot but does not update the dns
  service when the isp changes the external ip.
  Is there a script to put in /etc/ppp/ip-up or will this work?
 
  svi network ipfilter reload
  svi ez-ipupdate stop
  svi ez-ipupdate start
 
  Comments from pppoe user solicited.
 
 
  ___
  Leaf-user mailing list
  [EMAIL PROTECTED]
  https://lists.sourceforge.net/lists/listinfo/leaf-user
 




___
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user

[Leaf-user] About Proftpd

2002-01-21 Thread sylvain pelletier 



hi,

I want to set up proftpd but i can't found good 
documentation.
All examples i saw are anonymous access and i don't 
want it.
Somebody know a good link??

Thanks

Sylvain

[Leaf-user] keep the same ip with pppoe connection

2001-11-03 Thread sylvain pelletier 



My ISP wich provide memy cable connection 
works now with pppoe.
I would have a static ip.
I think a little script can do that, but if someone 
have already make it, I would happy

Bye
Sylvain