[newbie] Linux Mandrake 9.0
Hello, I just a hard drive crash with my server that was running Linux mandrake 8.1. I replace the hard drive and loaded Linux Mandrake 9.0. restore information from my backup and everything seem to be running fine. I then try to setup internet connection. This is where i'm having the problem at. Now i cannot get the server to see anything on the local lan. The local lan can ssh into the server and serf the internet and i'm able to get my email. I had samba set up before i install the internet connection now i'm unable to connect via samba or nfs. I change the firewall settings to allow everything and this stop the lan from access the internet. is there something i can do to correc this. Bill Nash NREMT-Paramedic Critical Care Paramedic EMS Instructor Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Linux Mandrake 9.0
Hello, I just a hard drive crash with my server that was running Linux mandrake 8.1. I replace the hard drive and loaded Linux Mandrake 9.0. restore information from my backup and everything seem to be running fine. I then try to setup internet connection. This is where i'm having the problem at. Now i cannot get the server to see anything on the local lan. The local lan can ssh into the server and serf the internet and i'm able to get my email. I had samba set up before i install the internet connection now i'm unable to connect via samba or nfs. I change the firewall settings to allow everything and this stop the lan from access the internet. is there something i can do to correc this. Bill Nash NREMT-Paramedic Critical Care Paramedic EMS Instructor Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Linux Mandrake 9.0
On Sunday 19 Jan 2003 4:59 pm, [EMAIL PROTECTED] wrote: Hello, I just a hard drive crash with my server that was running Linux mandrake 8.1. I replace the hard drive and loaded Linux Mandrake 9.0. restore information from my backup and everything seem to be running fine. I then try to setup internet connection. This is where i'm having the problem at. Now i cannot get the server to see anything on the local lan. The local lan can ssh into the server and serf the internet and i'm able to get my email. I had samba set up before i install the internet connection now i'm unable to connect via samba or nfs. I change the firewall settings to allow everything and this stop the lan from access the internet. is there something i can do to correc this. I'm sure someone more expert will give you a full answer in an hour or two, but just as a starter - I understand that there have been many connection problems where the default firewall has been installed, shorewall, I think it's called. If that is the case, you should uninstall it and look for alternatives on your disks. As I said, a good deal more advice should follow this. Good luck. Anne -- Registered Linux User No.293302 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Linux Mandrake 9.0
I only have 3 computer that connect to the computer. I have 1 server. my wife computer and the computer i use that is it. I know there has to be a way to correct this. I will keep reading the doc and man pages again. Bill Nash On Sunday 19 Jan 2003 4:59 pm, [EMAIL PROTECTED] wrote: Hello, I just a hard drive crash with my server that was running Linux mandrake 8.1. I replace the hard drive and loaded Linux Mandrake 9.0. restore information from my backup and everything seem to be running fine. I then try to setup internet connection. This is where i'm having the problem at. Now i cannot get the server to see anything on the local lan. The local lan can ssh into the server and serf the internet and i'm able to get my email. I had samba set up before i install the internet connection now i'm unable to connect via samba or nfs. I change the firewall settings to allow everything and this stop the lan from access the internet. is there something i can do to correc this. I'm sure someone more expert will give you a full answer in an hour or two, but just as a starter - I understand that there have been many connection problems where the default firewall has been installed, shorewall, I think it's called. If that is the case, you should uninstall it and look for alternatives on your disks. As I said, a good deal more advice should follow this. Good luck. Anne -- Registered Linux User No.293302 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Linux Mandrake 9.0
On Sunday 19 Jan 2003 5:06 pm, Anne Wilson wrote: On Sunday 19 Jan 2003 4:59 pm, [EMAIL PROTECTED] wrote: Hello, I just a hard drive crash with my server that was running Linux mandrake 8.1. I replace the hard drive and loaded Linux Mandrake 9.0. restore information from my backup and everything seem to be running fine. I then try to setup internet connection. This is where i'm having the problem at. Now i cannot get the server to see anything on the local lan. The local lan can ssh into the server and serf the internet and i'm able to get my email. I had samba set up before i install the internet connection now i'm unable to connect via samba or nfs. I change the firewall settings to allow everything and this stop the lan from access the internet. is there something i can do to correc this. I'm sure someone more expert will give you a full answer in an hour or two, but just as a starter - I understand that there have been many connection problems where the default firewall has been installed, shorewall, I think it's called. If that is the case, you should uninstall it and look for alternatives on your disks. As I said, a good deal more advice should follow this. Good luck. Anne The shorewall firewall in 9.0 is easier to set up by hand than with the GUI Just edit /etc/shorewall/rules read the examples, then edit the lines at the bottom which define which service names(or port numbers) are allowed to access from the local lan to the net or firewall (net- internet fw= the server itself masq= The local net with NAT) Other interesting files are /etc/shorewall/zones /etc/shorewall/policy After making edits service shorewall restart derek -- -- www.jennings.homelinux.net Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Linux Mandrake 9.0
This is my rules for shorewall. Shorewall version 1.3 - Rules File # # /etc/shorewall/rules # # Rules in this file govern connection establishment. Requests and # responses are automatically allowed using connection tracking. # # In most places where an IP address or subnet is allowed, you # can preceed the address/subnet with ! (e.g., !192.168.1.0/24) to # indicate that the rule matches all addresses except the address/subnet # given. Notice that no white space is permitted between ! and the # address/subnet. # # Columns are: # # # ACTION ACCEPT, DROP, REJECT, DNAT or REDIRECT # # ACCEPT -- allow the connection request # DROP -- ignore the request # REJECT -- disallow the request and return an # icmp-unreachable or an RST packet. # DNAT -- Forward the request to another # system (and optionally another # port). # REDIRECT -- Redirect the request to a local # port on the firewall. # # May optionally be followed by : and a syslog log # level (e.g, REJECT:info). This causes the packet to be # logged at the specified level. # # SOURCE Source hosts to which the rule applies. May be a zone # defined in /etc/shorewall/zones or $FW to indicate the # firewall itself. If the ACTION is DNAT or REDIRECT, # sub-zones of the specified zone may be excluded from # the rule by following the zone name with !' and a # comma-separated list of sub-zone names. # # Clients may be further restricted to a list of subnets # and/or hosts by appending : and a comma-separated # list of subnets and/or hosts. Hosts may be specified # by IP or MAC address; mac addresses must begin with # ~ and must use - as a separator. # # dmz:192.168.2.2 Host 192.168.2.2 in the DMZ # # net:155.186.235.0/24Subnet 155.186.235.0/24 on the # Internet # # loc:192.168.1.1,192.168.1.2 # Hosts 192.168.1.1 and # 192.168.1.2 in the local zone. # loc:~00-A0-C9-15-39-78 Host in the local zone with # MAC address 00:A0:C9:15:39:78. # # Alternatively, clients may be specified by interface # by appending : followed by the interface name. For # example, loc:eth1 specifies a client that # communicates with the firewall system through eth1. # # DESTLocation of Server. May be a zone defined in # /etc/shorewall/zones or $FW to indicate the firewall # itself. # # The server may be further restricted to a particular # subnet, host or interface by appending : and the # subnet, host or interface. See above. # # The port that the server is listening on may be # included and separated from the server's IP address by # :. If omitted, the firewall will not modifiy the # destination port. A destination port may only be # included if the ACTION is DNAT or REDIRECT. # # Example: loc:192.168.1.3:3128 specifies a local # server at IP address 192.168.1.3 and listening on port # 3128. The port number MUST be specified as an integer # and not as a name from /etc/services. # # if the ACTION is REDIRECT, this column needs only to # contain the port number on the firewall that the # request should be redirected to. # # PROTO Protocol - Must be tcp, udp, icmp, a number, # all or related. If related, the remainder of the # entry must be omitted and connection requests that are # related to existing requests will be accepted. # # DEST PORT(S)Destination Ports. A comma-separated list of Port # names (from /etc/services), port numbers or port # ranges; if the protocol is icmp, this column is # interpreted as the
Re: [newbie] Linux Mandrake 9.0
On Sunday 19 Jan 2003 5:43 pm, [EMAIL PROTECTED] wrote: This is my rules for shorewall. # #ACTION SOURCE DESTPROTO DESTSOURCE ORIGINAL # # PORTPORT(S) DEST # DNAT net loc:192.168.1.3 tcp 80 - 130.252.100.69 ### ### #ACTION SOURCEDESTPROTO DESTSOURCE ORIGINAL # PORTPORT(S)DEST ACCEPTnet fw udp 53,631 - ACCEPTnet fw tcp 80,443,53,22,20,21,25,109,110,143,631 - ACCEPTmasqfw udp 53,631 - ACCEPTmasqfw tcp 80,443,53,22,20,21,25,109,110,143,631 - ACCEPTloc fw udp 53,631 - ACCEPTloc fw tcp 80,443,53,22,20,21,25,109,110,143,631 - ACCEPTmasqfw tcp domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp- ACCEPTmasqfw udp domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp- ACCEPTfw masqtcp 631,137,138,139 - ACCEPTfw masqudp 631,137,138,139 - #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE is this correct Bill Nash With this file Samba (137,138,139) works from the firewall to the masqueraded local network, but not from the network to the firewall. The local masquraded network can access an http or https web server on the firewall. CUPS (631) works from the firewall to the local masqueraded network and vice versa. CUPS also works from the internet to the firewall. You most certainly do *not* want that. It is a security hole. You also have DNS (53) working from the net to the firewall. Again this is a security hole!! You have FTP (20,21 ), SSH (22) , and SMTP (25) open to the internet. This is OK, so long as you are running FTP, SSH, or SMTP (mail) servers, but is unnecessary if you are not. You have POP2 (109), POP3 (110) and IMAP (143) services open to the net. You should only do this if you retrieve your email from remote sites, and have adequate security systems in place. If not this is a security hole!! As a general rule the absolute minimum of ports should be open from 'net' to 'fw' There is good documentation on shorewall at www.shorewall.net derek On Sunday 19 Jan 2003 5:06 pm, Anne Wilson wrote: On Sunday 19 Jan 2003 4:59 pm, [EMAIL PROTECTED] wrote: Hello, I just a hard drive crash with my server that was running Linux mandrake 8.1. I replace the hard drive and loaded Linux Mandrake 9.0. restore information from my backup and everything seem to be running fine. I then try to setup internet connection. This is where i'm having the problem at. Now i cannot get the server to see anything on the local lan. The local lan can ssh into the server and serf the internet and i'm able to get my email. I had samba set up before i install the internet connection now i'm unable to connect via samba or nfs. I change the firewall settings to allow everything and this stop the lan from access the internet. is there something i can do to correc this. I'm sure someone more expert will give you a full answer in an hour or two, but just as a starter - I understand that there have been many connection problems where the default firewall has been installed, shorewall, I think it's called. If that is the case, you should uninstall it and look for alternatives on your disks. As I said, a good deal more advice should follow this. Good luck. Anne The shorewall firewall in 9.0 is easier to set up by hand than with the GUI Just edit /etc/shorewall/rules read the examples, then edit the lines at the bottom which define which service names(or port numbers) are allowed to access from the local lan to the net or firewall (net- internet fw= the server itself masq= The local net with NAT) Other interesting files are /etc/shorewall/zones /etc/shorewall/policy After making edits service shorewall restart derek -- -- www.jennings.homelinux.net -- -- www.jennings.homelinux.net Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Linux Mandrake 9.0
On Mon, 2003-01-20 at 05:25, Brandon Vanderberg wrote: On Sun, 2003-01-19 at 09:43, [EMAIL PROTECTED] wrote: This is my rules for shorewall. Shorewall version 1.3 - Rules File It's a real bad idea to post a firewall ruleset to the net. Better to find a firewall person you trust and then ask in private if your security is correctly set. Anyone with firewall experience can interpret Shorewall rules/policy. As for whether those rules are good, it's impossible to give an accurate answer without knowing the topology and other details. You might hear 'Sure, that'll work.' but take that advice for what it cost you, then bet your company/organization on it. RIGHT WHEN I WAS GETTING READY TO HACK THE GUY...ya had to post that warning..dang dang dang dang dang...there goes my weeks' fun...jeez... (NOTE: ONLY JOKING - coming from Old School hacking, in my opinion, should only be used to benefit a network by finding the holes and then fixing them. Hackers that cause problems, damage, or worse yet, steal, are not hackers at all, but merely thieves with no brains filled with greed.) -- Mon Jan 20 17:25:01 EST 2003 5:25pm up 4 days, 3:08, 6 users, load average: 0.02, 0.05, 0.13 -- |____ | kuhn media australia| | / ,, /| |'-. | http://kma.0catch.com | | .\__/ || | | |=| | _ / `._ \|_|_.-' | stephen kuhn| | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | | |/ ._/ || | email: [EMAIL PROTECTED]| | |'. `\ | | |icq: 5483808 | | ;/ / | | | | | smk ) /_/| |.---.| | mobile: 0410-728-389| | ' `-`' | Berkeley, New South Wales, AU | -- linux user:267497 * RH 8.0 * PC/Mac/Linux/Networking/Consulting -- Absence makes the heart grow frantic. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] Linux Mandrake 9.0 and Compaq proliant 2500R install
Hello, I'm trying to reinstall linux on a compaq proliant 2500R with 458752 of memory. my problem is it keeps telling me out of memory and it only sees 16 meg. i have type the following line that work with 7.2 linux append mem=exactmap mem=0x9000@0 mem=0x1B80 this gave me 440 with 7.2 is there a way i can install 9.0 on this machine I do not want to reinstall 7.2 again. Thanks Bill Nash for chat [EMAIL PROTECTED] -- William R. Nash [EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Linux Mandrake 9.0 and Compaq proliant 2500R install
On Sun, 2002-12-01 at 06:40, William R. Nash wrote: Hello, I'm trying to reinstall linux on a compaq proliant 2500R with 458752 of memory. my problem is it keeps telling me out of memory and it only sees 16 meg. i have type the following line that work with 7.2 linux append mem=exactmap mem=0x9000@0 mem=0x1B80 this gave me 440 with 7.2 is there a way i can install 9.0 on this machine I do not want to reinstall 7.2 again. Thanks Bill Nash for chat [EMAIL PROTECTED] -- William R. Nash [EMAIL PROTECTED] Have you tried booting the kernel WITHOUT the appending to see what happens, or have you don't that already? -- Sun Dec 1 07:00:02 EST 2002 .o0 linux user:267497 0o. |____ | kühn media australia | / \ /| |'-. | http://kma.0catch.com | .\__/ || | | | | _ / `._ \|_|_.-' | stephen kühn | | / \__.`=._) (_ | email: [EMAIL PROTECTED] | |/ ._/ || | email: [EMAIL PROTECTED] | |'. `\ | | |icq: 5483808 | ;/ / | | | | smk ) /_/| |.---.| | mobile: 0410-728-389 | ' `-`' | Berkeley, New South Wales, AU Coralament*Best Grötens*Liebe Grüße*Best Regards*Elkorajn Salutojn Your nature demands love and your happiness depends on it. Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] Linux Mandrake 9.0 and Compaq proliant 2500R install
yes that was the first thing i did. I'm now trying to find information by look at the bugzilla reports. still nothin Bill nash On Sat, 2002-11-30 at 15:04, Stephen Kuhn wrote: On Sun, 2002-12-01 at 06:40, William R. Nash wrote: Hello, I'm trying to reinstall linux on a compaq proliant 2500R with 458752 of memory. my problem is it keeps telling me out of memory and it only sees 16 meg. i have type the following line that work with 7.2 linux append mem=exactmap mem=0x9000@0 mem=0x1B80 this gave me 440 with 7.2 is there a way i can install 9.0 on this machine I do not want to reinstall 7.2 again. Thanks Bill Nash for chat [EMAIL PROTECTED] -- William R. Nash [EMAIL PROTECTED] Have you tried booting the kernel WITHOUT the appending to see what happens, or have you don't that already? -- William R. Nash [EMAIL PROTECTED] Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com