Re: [newbie] iptables / ipchains / bastille ??!!
I just did that..added: TRUSTED_IFACES=lo eth2 noting changed. and yes I restarted the network on both machines. But thanks, I lost hope that someone would ever reply to my question :) Any other suggestions ? - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
On Saturday 30 March 2002 01:24 am, Brian Parish wrote: Hanan, I think you should have the NIC whose address is 192.168.0.1 listed in your trusted interfaces in /etc/Bastille/bastille-firewall.cfg HTH Brian On Fri, 2002-03-29 at 02:24, Hanan Shargi wrote: Hi every one, I spent the past 2 days ( almost ) reading about how to set ip masquerading , iptables, ipchains, setting NFS etc. just to be able to put my hands on the problem why cant my w2k machine ping the linux machine ( both on a lan where linux machine has 2 eth cards, one IP for external network (internet with a static IP ) and the other eth for local network with IP 192.168.0.1 ) to hopefully fix this ping issue, SO FINALLY I'd be able to share my files between the 2 machines needless to say I couldnt come up with the fix :( Now I desperatly need some expert here (or non expert ) to answer my following question PLEASE :( During a thorough investigation of the files on my LM 8.1 system which I set up as a router to my home lan ( I set up the internet sharing and networking stuff ..ect using Mandrake control center) I found that there are the following files on my LM 8.1 sys: /etc/Bastille/bastille-firewall.cfg I'll list the relevant contents of this file ( only uncommented lines ) DNS_SERVERS=205.177.x.x 205.177.x.x TRUSTED_IFACES=lo PUBLIC_IFACES=eth0 ### you don't need slip ppp INTERNAL_IFACES=eth1 ### Your internal network eth??? TCP_AUDIT_SERVICES=telnet ftp imap pop3 finger sunrpc exec login linuxconf sh UDP_AUDIT_SERVICES=31337 ICMP_AUDIT_TYPES=echo-request ### ping/MS tracert TCP_PUBLIC_SERVICES=22 25 109 110 143 23 53 ### need 20 21 ftp MINIMAL/SAFEST UDP_PUBLIC_SERVICES=53###ntp? 123 TCP_INTERNAL_SERVICES= ### 137 138 139 is samba 20 21 22 23 25 53 110 maybe more UDP_INTERNAL_SERVICES= ### ntp? 123 FORCE_PASV_FTP=N TCP_BLOCKED_SERVICES=6000:6020 UDP_BLOCKED_SERVICES=2049 ICMP_ALLOWED_TYPES=destination-unreachable echo-reply time-exceeded IP_MASQ_NETWORK=192.168.0.0/16 ### these need SOMEthing IP_MASQ_MODULES=ftp raudio vdolive ### REJECT_METHOD=DROP ### stealth mode DHCP_IFACES= NTP_SERVERS= ICMP_OUTBOUND_DISABLED_TYPES=destination-unreachable time-exceeded DROP_SMB_NAT_BCAST=Y drop those packets - and this file : /etc/rc.d/rc.firewall === which have the following content: # Automatically added by drakgw [ -x /etc/rc.d/rc.firewall.inet_sharing ] /etc/rc.d/rc.firewall.inet_sharing # Mandrake-Security : if you remove this comment, remove the next line too. echo 1 /proc/sys/net/ipv4/conf/all/rp_filter - And another file : /etc/rc.d/rc.firewall.inet_sharing-2.4 which have the following content: #!/bin/sh modprobe iptable_nat echo 1 /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE /sbin/iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --sport bootpc --dport bootps -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --sport bootpc --dport bootps -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --sport bootps --dport bootpc -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --sport bootps --dport bootpc -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --dport domain -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --dport domain -j ACCEPT I tried applying some changes to the peceeding files, and it resulted in either no changes / or breaking the connection sharing .. If somebody can tell me what exactly shall I change, or even how does this connectiong sharing / bastille firewall basically work together to support the internet sharing and routing thingas the more I read in the how-tos the more lost I feel... as nothing seem to be as they describe in these how-to's. Any help would be appreciated AS I'm totally lost here. Regards. /etc/rc.d/init.d/bastille-firewall stop and /etc/rc.d/init.d/bastille-firewall start -- Gerald Waugh : Registered Linux user # 255245 http://www.frontstreetnetworks.com New Haven, CT, United States of America 11:11am up 8 days, 19:36, 2 users, load average: 0.96, 1.03, 1.07 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
have you tried to run the command InteractiveBastille from a Terminal as root? -- Gerald Waugh : Registered Linux user # 255245 http://www.frontstreetnetworks.com New Haven, CT, United States of America 12:09pm up 8 days, 20:34, 2 users, load average: 0.98, 1.01, 1.00 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
Hello again, There seemed to be a missing post somewhere ..as I found some suggestions in Gerald's reply whcih I never seen before !? Anyway, I tried configuring the bastille-firewall.cfg with the notes in this post, and I finally was able to ping the linux box from the w2k machine :) yet I cannot do that by hostname : e.g I can only ping 192.168.0.1 but not by the machines name although it is correctly listed in the hosts file on the w2k machine. ALso when I ran: /etc/rc.d/init.d/bastille-firewall start I got the following warning: You have Bastille configured for masquerading and you have enabled Mandrake's Internet Connection Sharing. We will use Bastille's rules. To get rid of this warning, use DrakConf to disable Internet Connection Sharing or disable Bastille's ICS by setting IP_MASQ_NETWORK to in /etc/Bastille/bastille-firewall.cfg Shall I really disable connection sharing in mandrake control center ? or can I just ignore this ? And now I wanna make sure I understood this situation correctly: its Bastill-firewall who does the iptables rules implicitly ? so one should not use iptables anymore if he/she is running bastille ? THANKS A LOT Brian and Gerald :) - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
Ohh I forgot , when I ran InteractiveBastille from as root, this is what I got: [root@hanan hanan]# InteractiveBastille Using Tk user interface module. Only displaying questions relevant to the current configuration. Can't locate Bastille_Tk.pm in INC (INC contains: /usr/lib /usr/lib/perl5/5.6.1/i386-linux /usr/lib/perl5/5.6.1 /usr/lib/perl5/site_perl/5.6.1/i386-linux /usr/lib/perl5/site_perl/5.6.1 /usr/lib/perl5/site_perl /usr/lib/perl5/site_perl/ /usr/lib/Bastille) at /usr/sbin/InteractiveBastille line 276. [root@hanan hanan]# - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
On Saturday 30 March 2002 01:04 pm, Hanan Shargi wrote: Hello again, There seemed to be a missing post somewhere ..as I found some suggestions in Gerald's reply whcih I never seen before !? I added all the ### entries Anyway, I tried configuring the bastille-firewall.cfg with the notes in this post, and I finally was able to ping the linux box from the w2k machine :) yet I cannot do that by hostname : e.g I can only ping 192.168.0.1 but not by the machines name although it is correctly listed in the hosts file on the w2k machine. Be careful of the hosts file in windows. 192.168.0.1 hanan.localnet.tld hanan The '1' in 192 must be at the absolute begining of the line no spaces, no tabs ALso when I ran: /etc/rc.d/init.d/bastille-firewall start I got the following warning: You have Bastille configured for masquerading and you have enabled Mandrake's Internet Connection Sharing. We will use Bastille's rules. To get rid of this warning, use DrakConf to disable Internet Connection Sharing or disable Bastille's ICS by setting IP_MASQ_NETWORK to in /etc/Bastille/bastille-firewall.cfg Shall I really disable connection sharing in mandrake control center ? or can I just ignore this ? Try setting IP_MASQ_NETWORK to first If that doesn't work then try disable connection sharing It may be that they are mutually exclusive. And now I wanna make sure I understood this situation correctly: its Bastill-firewall who does the iptables rules implicitly ? so one should not use iptables anymore if he/she is running bastille ? I don't know, as I don't use bastille. (Anyone ???) -- Gerald Waugh : Registered Linux user # 255245 http://www.frontstreetnetworks.com New Haven, CT, United States of America 1:08pm up 8 days, 21:33, 2 users, load average: 1.08, 1.04, 1.00 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
On Saturday 30 March 2002 01:07 pm, Hanan Shargi wrote: Ohh I forgot , when I ran InteractiveBastille from as root, this is what I got: [root@hanan hanan]# InteractiveBastille Using Tk user interface module. Only displaying questions relevant to the current configuration. Can't locate Bastille_Tk.pm in INC (INC contains: /usr/lib /usr/lib/perl5/5.6.1/i386-linux /usr/lib/perl5/5.6.1 /usr/lib/perl5/site_perl/5.6.1/i386-linux /usr/lib/perl5/site_perl/5.6.1 /usr/lib/perl5/site_perl /usr/lib/perl5/site_perl/ /usr/lib/Bastille) at /usr/sbin/InteractiveBastille line 276. [root@hanan hanan]# It is possibly not completely installed, its on the CD It is a wizard to assist in setting up Bastille -- Gerald Waugh : Registered Linux user # 255245 http://www.frontstreetnetworks.com New Haven, CT, United States of America 1:16pm up 8 days, 21:41, 2 users, load average: 1.03, 1.04, 1.00 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
Hanan Shargi wrote: I just did that..added: TRUSTED_IFACES=lo eth2 noting changed. and yes I restarted the network on both machines. But thanks, I lost hope that someone would ever reply to my question :) Any other suggestions ? - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Besides that, your LOCAL interfaces must not have all ports closed. This is one reason Tiny Firewall is pulled in 8.2. We need to add a way of setting up local ports for uses like this that folks can understand interactively and it takes some careful engineering (mostly ergonomics). Can you answer this YES? Should the local interfaces be trusted with all things? If so, add this... TCP_INTERNAL_SERVICES=15:65535 to open up the ports. If not, then list (separated by spaces) the ports or groups of ports you want open locally. like 111 for NFS and so on. CAUTION is advisable. A new exploit for remote administrator privileges for win2K is floating around at the moment, so if you are using win2K in the local, then protect it, and upgrade to the patch as soon as possible. More info here: http://www.itworld.com/Sec/2199/020329nt2000hole/ Civileme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
I added all the ### entries I'm very very thankful, you cant imagine how this problem was getting on my nervs !! Be careful of the hosts file in windows. 192.168.0.1 hanan.localnet.tld hanan The '1' in 192 must be at the absolute begining of the line no spaces, no tabs I checked that, it is written correctly. Any way I wot bother now with why cant I ping the machine with its name rather than with its IP :) Try setting IP_MASQ_NETWORK to first If that doesn't work then try disable connection sharing It may be that they are mutually exclusive. I did that and the messag disapeared, now it tells me this : [root@hanan hanan]# /etc/rc.d/init.d/bastille-firewall start Enabling Mandrake Internet Connection sharing If you would like to use Bastille's masquerading support instead, edit /etc/Bastille/bastille-firewall.cfg (especially the IP_MASQ_NETWORK setting) and run /etc/rc.d/init.d/bastille-firewall start to use Bastille's masquerading/connection sharing rules. And the ping is still working, so I guess I'm fine with that too :) Now I gotta move on to the main issue which is how can I share the files between the 2, shall I go samba ? or ftp ? - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
Hanan Shargi wrote: Ohh I forgot , when I ran InteractiveBastille from as root, this is what I got: [root@hanan hanan]# InteractiveBastille Using Tk user interface module. Only displaying questions relevant to the current configuration. Can't locate Bastille_Tk.pm in INC (INC contains: /usr/lib /usr/lib/perl5/5.6.1/i386-linux /usr/lib/perl5/5.6.1 /usr/lib/perl5/site_perl/5.6.1/i386-linux /usr/lib/perl5/site_perl/5.6.1 /usr/lib/perl5/site_perl /usr/lib/perl5/site_perl/ /usr/lib/Bastille) at /usr/sbin/InteractiveBastille line 276. [root@hanan hanan]# - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com You need to load another rpm. It is called Bastille-Tk-Module. urpmi Bastille-Tk should be sufficient to get it off your distro CDs. Civileme Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
On Saturday 30 March 2002 02:07 pm, Hanan Shargi wrote: Try setting IP_MASQ_NETWORK to first If that doesn't work then try disable connection sharing It may be that they are mutually exclusive. I did that and the messag disapeared, now it tells me this : [root@hanan hanan]# /etc/rc.d/init.d/bastille-firewall start Enabling Mandrake Internet Connection sharing If you would like to use Bastille's masquerading support instead, edit /etc/Bastille/bastille-firewall.cfg (especially the IP_MASQ_NETWORK setting) and run /etc/rc.d/init.d/bastille-firewall start to use Bastille's masquerading/connection sharing rules. Sounds like they are mutually exclusive!!! Use one or the other but not both!!! If it were me I would use the firewall (bastille) And the ping is still working, so I guess I'm fine with that too :) Now I gotta move on to the main issue which is how can I share the files between the 2, shall I go samba ? or ftp ? SAMBA for sure!!! There is a fairly good initial Samba setup on mandrakeuser.org http://www.mandrakeuser.org/docs/connect/index.html#ss -- Gerald Waugh : Registered Linux user # 255245 http://www.frontstreetnetworks.com New Haven, CT, United States of America 2:15pm up 8 days, 22:40, 2 users, load average: 1.22, 1.03, 0.99 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
On Saturday 30 March 2002 02:07 pm, Hanan Shargi wrote: I added all the ### entries I'm very very thankful, you cant imagine how this problem was getting on my nervs !! Be careful of the hosts file in windows. 192.168.0.1 hanan.localnet.tld hanan The '1' in 192 must be at the absolute begining of the line no spaces, no tabs I checked that, it is written correctly. Did you tell windows that your gateway is 192.168.0.1? -- Gerald Waugh : Registered Linux user # 255245 http://www.frontstreetnetworks.com New Haven, CT, United States of America 2:21pm up 8 days, 22:46, 2 users, load average: 1.02, 1.10, 1.03 Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
Go to linuxconf/networking and look at resolution.. It should be hosts, dns If it isn't, then you will have problems linuxconf | networking | Misc | hostname search path shows hosts, dns what does [cat /etc/sysconfig/network | grep HOSTNAME say does it say hanan.homelan.com ? It says: HOSTNAME=hanan.homelan.com - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
Re: [newbie] iptables / ipchains / bastille ??!!
Hanan, I think you should have the NIC whose address is 192.168.0.1 listed in your trusted interfaces in /etc/Bastille/bastille-firewall.cfg HTH Brian On Fri, 2002-03-29 at 02:24, Hanan Shargi wrote: Hi every one, I spent the past 2 days ( almost ) reading about how to set ip masquerading , iptables, ipchains, setting NFS etc. just to be able to put my hands on the problem why cant my w2k machine ping the linux machine ( both on a lan where linux machine has 2 eth cards, one IP for external network (internet with a static IP ) and the other eth for local network with IP 192.168.0.1 ) to hopefully fix this ping issue, SO FINALLY I'd be able to share my files between the 2 machines needless to say I couldnt come up with the fix :( Now I desperatly need some expert here (or non expert ) to answer my following question PLEASE :( During a thorough investigation of the files on my LM 8.1 system which I set up as a router to my home lan ( I set up the internet sharing and networking stuff ..ect using Mandrake control center) I found that there are the following files on my LM 8.1 sys: /etc/Bastille/bastille-firewall.cfg I'll list the relevant contents of this file ( only uncommented lines ) DNS_SERVERS=205.177.x.x 205.177.x.x TRUSTED_IFACES=lo PUBLIC_IFACES=eth+ ppp+ slip+ INTERNAL_IFACES= TCP_AUDIT_SERVICES=telnet ftp imap pop3 finger sunrpc exec login linuxconf sh UDP_AUDIT_SERVICES=31337 ICMP_AUDIT_TYPES= TCP_PUBLIC_SERVICES=22 25 109 110 143 23 53 MINIMAL/SAFEST UDP_PUBLIC_SERVICES=53 TCP_INTERNAL_SERVICES= UDP_INTERNAL_SERVICES= FORCE_PASV_FTP=N TCP_BLOCKED_SERVICES=6000:6020 UDP_BLOCKED_SERVICES=2049 ICMP_ALLOWED_TYPES=destination-unreachable echo-reply time-exceeded IP_MASQ_NETWORK= IP_MASQ_MODULES= REJECT_METHOD=DENY DHCP_IFACES= NTP_SERVERS= ICMP_OUTBOUND_DISABLED_TYPES=destination-unreachable time-exceeded DROP_SMB_NAT_BCAST=Y - and this file : /etc/rc.d/rc.firewall === which have the following content: # Automatically added by drakgw [ -x /etc/rc.d/rc.firewall.inet_sharing ] /etc/rc.d/rc.firewall.inet_sharing # Mandrake-Security : if you remove this comment, remove the next line too. echo 1 /proc/sys/net/ipv4/conf/all/rp_filter - And another file : /etc/rc.d/rc.firewall.inet_sharing-2.4 which have the following content: #!/bin/sh modprobe iptable_nat echo 1 /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE /sbin/iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --sport bootpc --dport bootps -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --sport bootpc --dport bootps -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --sport bootps --dport bootpc -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --sport bootps --dport bootpc -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --dport domain -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --dport domain -j ACCEPT I tried applying some changes to the peceeding files, and it resulted in either no changes / or breaking the connection sharing .. If somebody can tell me what exactly shall I change, or even how does this connectiong sharing / bastille firewall basically work together to support the internet sharing and routing thingas the more I read in the how-tos the more lost I feel... as nothing seem to be as they describe in these how-to's. Any help would be appreciated AS I'm totally lost here. Regards. - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
[newbie] iptables / ipchains / bastille ??!!
Hi every one, I spent the past 2 days ( almost ) reading about how to set ip masquerading , iptables, ipchains, setting NFS etc. just to be able to put my hands on the problem why cant my w2k machine ping the linux machine ( both on a lan where linux machine has 2 eth cards, one IP for external network (internet with a static IP ) and the other eth for local network with IP 192.168.0.1 ) to hopefully fix this ping issue, SO FINALLY I'd be able to share my files between the 2 machines needless to say I couldnt come up with the fix :( Now I desperatly need some expert here (or non expert ) to answer my following question PLEASE :( During a thorough investigation of the files on my LM 8.1 system which I set up as a router to my home lan ( I set up the internet sharing and networking stuff ..ect using Mandrake control center) I found that there are the following files on my LM 8.1 sys: /etc/Bastille/bastille-firewall.cfg I'll list the relevant contents of this file ( only uncommented lines ) DNS_SERVERS=205.177.x.x 205.177.x.x TRUSTED_IFACES=lo PUBLIC_IFACES=eth+ ppp+ slip+ INTERNAL_IFACES= TCP_AUDIT_SERVICES=telnet ftp imap pop3 finger sunrpc exec login linuxconf sh UDP_AUDIT_SERVICES=31337 ICMP_AUDIT_TYPES= TCP_PUBLIC_SERVICES=22 25 109 110 143 23 53 MINIMAL/SAFEST UDP_PUBLIC_SERVICES=53 TCP_INTERNAL_SERVICES= UDP_INTERNAL_SERVICES= FORCE_PASV_FTP=N TCP_BLOCKED_SERVICES=6000:6020 UDP_BLOCKED_SERVICES=2049 ICMP_ALLOWED_TYPES=destination-unreachable echo-reply time-exceeded IP_MASQ_NETWORK= IP_MASQ_MODULES= REJECT_METHOD=DENY DHCP_IFACES= NTP_SERVERS= ICMP_OUTBOUND_DISABLED_TYPES=destination-unreachable time-exceeded DROP_SMB_NAT_BCAST=Y - and this file : /etc/rc.d/rc.firewall === which have the following content: # Automatically added by drakgw [ -x /etc/rc.d/rc.firewall.inet_sharing ] /etc/rc.d/rc.firewall.inet_sharing # Mandrake-Security : if you remove this comment, remove the next line too. echo 1 /proc/sys/net/ipv4/conf/all/rp_filter - And another file : /etc/rc.d/rc.firewall.inet_sharing-2.4 which have the following content: #!/bin/sh modprobe iptable_nat echo 1 /proc/sys/net/ipv4/ip_forward /sbin/iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE /sbin/iptables -A FORWARD -s 192.168.0.0/24 -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --sport bootpc --dport bootps -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --sport bootpc --dport bootps -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --sport bootps --dport bootpc -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --sport bootps --dport bootpc -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p udp --dport domain -j ACCEPT /sbin/iptables -A INPUT -i eth2 -p tcp --dport domain -j ACCEPT I tried applying some changes to the peceeding files, and it resulted in either no changes / or breaking the connection sharing .. If somebody can tell me what exactly shall I change, or even how does this connectiong sharing / bastille firewall basically work together to support the internet sharing and routing thingas the more I read in the how-tos the more lost I feel... as nothing seem to be as they describe in these how-to's. Any help would be appreciated AS I'm totally lost here. Regards. - Hanan AL-Shargi Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com