RE: files that are foobar'd

[Cameron . Davidson]

David Busby  wrote on Thursday, 20 March 2003 05:11:

> chown me:me *
> rm -f

It's probably too late now, but if the inode contents are screwed
and you can't get to fsck the disk,
then I'd have thought, as a general principal, the last thing you want
to do is delete them. If the kernel obeyed you on a
corrupted inode on a normal file then
it would presumably add a whole pile of randomly numbered
disk blocks to the free-list, further corrupting the contents.
In this case, since they are perceived as character
special files the kernel might assume there are
no allocated blocks. Has anyone checked the kernel source
to confirm that it would be OK?

I would rather rename them. Do you NEED them?
Are you going to reinstall without a fsck?

ls -li ezml*
will tell you the inode numbers
df -i .
will tell you how many inodes total allowed
on your fs.
if the inode number is outside the range then
who knows what will happen.
If the inode numbers are in range then
presumably your inode tables are stuffed.
How many other files are gone?

good luck,..
Cameron.

> 
> - Original Message -
> From: "Anth Courtney" <>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, March 18, 2003 21:38
> Subject: files that are foobar'd
> 
> 
>> Hey guys,
>> 
>> A directory listing on /usr/bin/ezmlm-* shows the following
>> 
>> -rwxr-xr-x1 root root 3570 May  4  1999 ezmlm-glmake
>> c-wxrwxrwT  29487 512179779 1045704238   0,   0 Jan  1 1970 ezmlmglrc
>> -rwxr-xr-x1 root root 1285 May  4  1999 ezmlm-grant
>> -rwxr-xr-x1 root root20620 May  4  1999 ezmlm-idx
>> -rwxr-xr-x1 root root13492 May  4  1999 ezmlm-issubn
>> -rwxr-xr-x1 root root12748 May  4  1999 ezmlm-list
>> -rwxr-xr-x1 root root18172 May  4  1999 ezmlm-make
>> -rwxr-xr-x1 root root48020 May  4  1999 ezmlm-manage
>> -rwxr-xr-x1 root root 6513 May  4  1999 ezmlm-mktab
>> c-wxrwxrwT1 587087427 1044587626  36, 229 Jan  1  1970
>> ezmlm-moderate c-wxrwxrwT1 587087427 1044587626  36, 229 Jan  1 
>> 1970 ezmlm-old c-wxrwxrwT1 587087427 1044587771  37,   4 Jan  1 
>> 1970 ezmlmrc c-wxrwxrwT1 2554412611 1046291679  36, 237 Jan  1 
>> 1970 ezmlm-receipt 
>> -rwxr-xr-x1 root root17172 May  4  1999 ezmlm-reject
>> c-wxrwxrwT1 587087427 1044587745  36, 242 Jan  1  1970
>> ezmlm-request 
>> -rwxr-xr-x1 root root25684 May  4  1999 ezmlm-return
>> -rwxr-xr-x1 root root36332 May  4  1999 ezmlm-send
>> c-wxrwxrwT1 1593974987 36, 250 Jan  1  1970 ezmlm-split
>> -rwxr-xr-x1 root root30844 May  4  1999 ezmlm-store
>> -rwxr-xr-x1 root root16292 May  4  1999 ezmlm-sub
>> c-wxrwxrwT1 587087427 1044587775   0,   0 Jan  1  1970 ezmlmsubrc
>> c-wxrwxrwT1 954351171 1045113791   0,   0 Jan  1  1970
>> ezmlm-tstdig 
>> -rwxr-xr-x1 root root16148 May  4  1999 ezmlm-unsub
>> 
>> As you can see, some of these binaries seem to be absolutely
>> foobar'd, displaying what looks like inode information rather than
>> attributes. 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: /var/lastlog

[Cameron . Davidson]

Richard Humphrey  wrote on Thursday, 20 March
2003 07:52:

> What does /var/lastlog report on and would it be possible for me to
> somehow truncate this log file so that it only grows to 5 MB or so? I
> noticed that it is growing upwards of 20 MB and don't really want
> that. 
> 
> Richard Humphrey

Hi Richard,

try ..
man lastlog

I was under the impression that the file did not grow,
unless you were adding users, or at least it stabilises to
a fixed size determined by the highest uid.
I suspect you might have an account recording a login with a high uid. That
will extend the file, possibly by a large amount, but the intervening empty
space is not necessarily allocated on the disk. 

Without looking at the source code, I think the file format is fixed-length
records, indexed by uid. It is certainly not a sequential time-series
like a typical log file.

That's why it has no entry in logrotate, it is meant to hang around forever.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Problem with Samba

[Cameron . Davidson]

Ritesh Raj Sarraf  wrote on Wednesday, 19
March 2003 23:22:

> i'd already done it.. the problem is if you kill the PID connection
> to other shares are also lost i.e. Samba for all connections jusk
> creates a single PID. 
> 
> ritesh
> Quoting "Anthony E. Greene" <[EMAIL PROTECTED]>:
> 
>> On 18-Mar-2003/16:47 +, Ritesh Raj Sarraf
>> <[EMAIL PROTECTED]> wrote:
>>> i'm using samba 2.2.3a on rh7.3. my samba server also is a dc.i've
>>> made a share for my cdrom.  when i access the share from my
>>> client(win2kpro) it accesses it well but again when i try ejecting
>>> the cd i get a message saying, device or resource busy.
>> 
>> Use smbstatus to find the PID of the smbd process that is accessing
>> the share, then kill that process.
>> 
>> Tony
>> --

I think SWAT gives you fine-grained control over open shares.

Cameron



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: DSL connection on LAN with RedHat 6.2 server has failed.

[Cameron . Davidson]

William Dolphin  wrote on Wednesday, 19
March 2003 16:35:

>> Does the RH6.2 server itself have an externally visible internet
>> address? If so what ports are visible to the internet?
> 
> It has a static IP address assigned by the DSL ISP. What ports may be
> visible, I don't know. 
> 
>> Are you saying you have never applied any security patches?
> 
> I've not applied any patches. The RH6.2 server was setup by someone
> now long gone who left no documentation. It's not been altered since.
>
> I'm no sysadmin (obviously) -- just the only guy who comes around this
> office who knows anything beyond the power switch, so I got roped into
> trying to troubleshoot this.
> 
> Looks like I need to get them to bring someone in with real
> expertise. . . . 

Unless you have lots of spare time and like a new learning experience
then I would suggest you call in some help.

I suppose it might be something simple like a disk partition has filled up
or something less appealing like your machine has been cracked.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: DSL connection on LAN with RedHat 6.2 server has failed.

[Cameron . Davidson]

William Dolphin  wrote on Wednesday, 19
March 2003 09:09:

> I'm willing to try anything, but it was working with current settings
> but now is not. 
> 
> No router, just a pair of "dumb" switches. The server uses
> the DSL gateway, but sets a different one for the computers on the
> LAN. 

Does the RH6.2 server itself have an externally visible internet address?
If so what ports are visible to the internet?

Are you saying you have never applied any security patches?


> Or am I missing something?
> 
or am I?


Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Moving users home directories

[Cameron . Davidson]

[EMAIL PROTECTED]  wrote on Monday, 17
March 2003 14:00:

> Hi,
> 
> I am trying to move the users home directories to a new hard disk as
> the current one is running out diskspace and it is the same physical
> disk having the linux OS also. How can the home directories can be
> moved to a new disk without disturbing the permissions ...

cd oldhome
cp -a * /newhome
(as root, obviously)
Note, "cp -a oldhome newhome" can get a bit messy
depending on whether newhome exists or not. Sometimes
you get an extra directory layer (I always pick the
wrong way first)

This is 
1. recursive
2. copies symlinks as such
3. preserves premissions/ownership
4. maintains hard links where possible.

There are other ways also, and I am not sure if any are more
sturdy than this for a simple disk-disk copy.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: SWAT unable to be launched

[Cameron . Davidson]

Jay Moore  wrote on Friday, 14 March 2003 17:52:

> Y'all have been helpful.  I've gotten my USB KVM working, and my USB
> printer working mainly due to your suggestions.  I'm hoping that that
> will be the case this time too.
> 
> I'm trying to configure samba for the first time.  i've been able to
> edit /etc/xinetd.d/swat to disable to no and then restarted xinetd
> then i tried to go to start swat by selecting the Samba Configuration
> menu from under the desktop panels Extras/Server Settings menu.
> i then get a mozilla browser that opens and an error stating
> the connection was refused by 127.0.0.1:901
> i'm not sure how or why the connection was refused.  what am i
> missing? thanks in advance
> 
> Jay

check /etc/hosts.allow
Do you have either one of the lines:

ALL: LOCAL
or 
swat: LOCAL

This is for tcpwrapper filtering.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Slow perf.on NATed network with Squid. Any tips to imporve it?

[Cameron . Davidson]

Apollo (Carmel Entertainment)  wrote on
Wednesday, 12 March 2003 07:41:

> I have RedHat 8.0 with latest stable Squid, firewalled and NATed,
> latest Bind. 3 eth ports (1 for DSL, 1 to my VoIP gateway and 1 to
> the rest of the LAN). Seems like when I try to use internet straight
> from workstations it is a bit faster than through Squid.
> Anyone has any tips on how you increased performance.
> My server is 600 megs of ram, 20 gig drive, 1.5Gig Pentium


How fast is your DSL? how busy is your server?
Squid has a slight overhead but I would not have thought it would
be noticeable. Of course if you are only testing from a single
workstation then squid will rarely, if ever, be useful. 

How is your browser set up? How often does it check
whether the cached files are up to date.

Where is squid doing its DNS lookups? What
does /etc/resolv.cnf have in it? If you are stuck
with using dhcpcd for dsl then sometimes /etc/resolv.cnf
gets overwritten and local programs start using an external
DNS server instead of the local one.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: USB Printer

[Cameron . Davidson]

Edwin Humphries  wrote on Friday, 14 March
2003 07:44:

> I have recently installed a USB inkjet printer on a new PCI card into
> our Red Hat 
> 7.2 print server. It already runs a SAMBA-shared laser printer off
> the parallel port.
> 
> The new USB card shows up (but apparently twice: once as a
> "Natoma/Triton II" with a usb-uhci driver, and one as a Lucent
> Microelectronics with a usb-ohci driver. I'm not sure how meaningful
> this is. 

Does this board really support both protocols? Or is one of them perhaps
another one on the motherboard?

On my system I boot with the printer off (and get a message
about the printer not being found) and when I power the printer
I see a message reporting that it has seen the printer (can't
remember offhand what it says, but I think it is saying what dev it
allocated it to).
If you don't see this then I guess you have a problem at
the usb hardware/driver level. There is usb stuff somewhere
in the /proc system (sorry I'm so vague) that should give you
more info. Also 'lspci' should tell you what the card thinks
its chipset is.

Is it a stock RH kernel?

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: SSH Connection

[Cameron . Davidson]

Patrick Nelson  wrote on Thursday, 13 March 2003
10:43:

> Rudik A.A. wrote:
>> Here is the output of the -v:
>> 
>> ssh -v sgn4.sgn.com
>   
>> debug1: next auth method to try is password
>> [EMAIL PROTECTED]'s password:
>> Connection closed by 65.113.59.13
>> debug1: Calling cleanup 0x8061610(0x0)
>> [EMAIL PROTECTED] .ssh]#
>> 
>> What must be done ?
>> 
>> - Original Message -
>> From: "Patrick Nelson" <[EMAIL PROTECTED]>
>> To: <[EMAIL PROTECTED]>
>> Sent: Wednesday, March 12, 2003 6:57 PM
>> Subject: RE: SSH Connection
>> 
>> 
>>> Rudik A.A. wrote:
 Hello All,
 
 I am facing problem to login to my RH 7.1 server  by SSH. After
 typing passwd for root it gets "Connection closed"
 I mast say that it was working good and today we could not login
 not only as root, but any other users also can not login by ssh.
 And also telnet is disabled. 
 
 Any idias ?
 
 Thanks in advance.
>>> 
>>> try using the -v switch to ssh.  mucho info...  your symptoms sound
>>> like a hack...
> 
> I cant check this myself, but what does your  hosts.allow and
> hosts.deny look like on that system that your connecting to?
> 
> Everything else looks fine.  The ssh tries to auth with keys then
> password. If password is wrong it would say something like:
> 
>   debug1: packet_send2: adding 
>   debug1: authentication that can continue 
>   Permission denied, please try again.
>   [EMAIL PROTECTED]'s password:
> 
> So it looks like it's xinetd doing the denying

It does not look like xinetd to me, because initial connection has been
established,
system key info exchanged, etc.

Note that the server ID is 3.4p2.
The  latest RH package (for 7.3) is 3.1p1-6, which reports 
its version as 3.1p1.
Have you compiled openssh yourself from src? If not then it might
be a hacked version of openssh.

Did you normally use public key?

Cameron



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: port scan

[Cameron . Davidson]

Yujie Liang  wrote on Wednesday, 12 March 2003
14:49:

> I tried "lsof -i | grep pop" and here is the echo
> 
> [EMAIL PROTECTED] etc]# lsof -i | grep pop
> [EMAIL PROTECTED] etc]#
> 
> It seems no error.

It seems your RH box has no pop server.

> 
> The POP3 server is in the internal network on the Exchange
> box. But I have no idea whether the firewall doing a port forwarding.
> :-( 

So how did you do it before the update?
I assume you had it
configured so that users on the internet could access pop
accounts on you exchange server.
I assume your exchange server is on a private IP address
and the RH box is your only publicly visible address.
If that is true then you need either port-forwarding/D-NAT
or some sort of userspace relay/forwarding program.
What did you have?

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: port scan

[Cameron . Davidson]

Yujie Liang  wrote on Wednesday, 12 March 2003
14:10:

> Thanks all for the helpful message.
> 
> I've detected the firewall from outside network, POP3 port
> was closed. The structure for email services is, I use MS
> Exchange as our real mail server, which has POP3 service,
> meanwhile I use RH72 as firewall and a mail smart host for
> Exchange. All mails reach the Firewall will be transferred to
> the Exchange box by sendmail. I couldn't see the POP3 daemon
> on the Firewall. What are the possible POP daemons, ipop3? what else?
> 
> The POP3 service on Exchange works fine. With POP3 port
> opened in iptables setting on the firewall, What else can close POP3
> service? 

Either your firewall is closed (which you said is not)
or nothing is listening to the pop3 port.
Try "lsof -i | grep pop" to see is any program is listening.
What were you doing before the upgrade? Where was the pop3 server?
Were you doing port forwarding to the exchange server?
Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: port scan

[Cameron . Davidson]

Peter Kiem  wrote on Wednesday, 12 March 2003
09:36:

> Hi Yujie,
> 
>> How can I detect which ports are opened on my firewall? I remember
>> there is a command with "snmp" can do the job.
> 
> The best idea is to scan it with a program called "nmap".
> 

But remember that the results might depend on where
you are scanning from.
Specifically, if you scan an address on the same machine then
you might sometimes get "false positives". That is, your
connection is allowed from the local machine, but not allowed
from the internet. I don't understand the details, but I suspect
it does not traverse the input filter chain.
Maybe it will even depend on whether you use iptables or ipchains.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

slowdowns in performance - one problem solved

[Cameron . Davidson]

Hi,
I've grumbled occasionally, without providing a lot of information,
about sporadically abysmal response times, especially when background 
cron jobs such as slocate, tripwire-check and makewhatis were running.
Symptoms shown by top were load averages of 3-6 while cpu
was 95-98% idle. Interactive response was bad - and, when ssh logins
kept timing out yesterday, I decided it was time
to look more closely at the problem.

It turned out to be incompatibilty between my hard drives.
My system drive was a Quantum 13GB drive running UDMA2 on a Dell
optiplex P2-266 (Intel PIIX-something chipset).
Tests with hdparm -t -T reported about 18-19 MB/s xfer rate.
I added a second drive for data - Seagate 30GB. The Dell cabling
is too short to connect the second HDD to the second ide channel
along with the CD, so I put it as slave (hdb) to the system disc (hda).
I tested it and got 20MB/s, so I figured it was OK in that configuration.
What I didn't do was recheck the system disk - until yesterday -
which was now giving 1 MB/s (booting single user I could get it
to 2 MB/s). All indications were that both drives were still configured
for UDMA-2. Disconnecting the slave drive got it back to normal.

The solution was to get a longer ide cable and put the 30GB data
drive as hdc and the cdrom as hdd.
Now slocate.cron still takes 9 sec user and 18 sec system time, but
the elapsed time is 5 minutes instead of 30!
And I don't notice it.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: cycle of sudden slowdown in performance

[Cameron . Davidson]

>> [...] complaints about slocate.cron 
> 
> Every Linux box I've ever had did the same thing, so I'm not sure the
> rant on Red hat is warranted. Besides, it happens at 4:00am when even
> my public Internet servers don't have much of a load.
> 
> And, given the fact that it runs at an extremely low priority (nice
> +19) it should not cause a discernible slowdown in any machine.
> Certainly I have never noticed such a slowdown, God forbid seeing the
> entire server slow down to the point where it's a problem.

I think the "YMMV" is very appropriate in this instance, especially between
a full-time real server and a small system.
My observations are probably irrelevant to the original question, but may
explain different perceptions about what is or is not important.

The updatedb process that runs from slocate.cron does not chew significant
CPU
but the process does seem to get I/O bound, so the 'nice' might be largely
irrelevant.
I presume the kernel is optimised to new SCSI-based systems,
because on older systems with IDE discs (even if they are using udma)
the responsiveness (file/web serving, ssh sessions) drops dramatically
once any intensive disk-scanning activity takes place.
Tripwire is another process that is very noticeable on my home system.
Find would be another bad idea. If you don't have a very active system
you can just run 'slocate.cron' once a week instead of daily. I can usually
remember where I've put things in the previous few days :-).


Cameron



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: FreeSWAN walkthrough?

[Cameron . Davidson]

Stephen Corey  wrote on Thursday, 6 March 2003
07:29:

> Has anyone gotten FreeSWAN working on RH 7.3? I'm
> trying it now, and getting an error recompiling the
> kernel with the AES patch. I was wondering if anyone
> had a step-by-step on it that applied to 7.3..
> 

I got it to work (7.3), with a bit of tinkering with the configuration
in freeswan.
Differences in my case were:
1. I build the kernel without module support.
2. The kernel is for a different machine than where it is being compiled
and I don't use the standard RH source directory naming convention.
3. I was building Super-freeswan (www.freeswan.ca) with
 some preapplied patches.


1. make sure you have first configured and built your kernel, before
adding freeswan. You might need a "make mrproper", depending on your
setup.
2. edit the freeswan config info -  in Makefile.inc.
I had to set some items such
as "KERNCLEAN" and KERNDEP to null string. I'm working from memory,
so it's a bit hazy. One of these was necessary, the other does not
seem to have been a problem.
3. I also edited KERNSRC to point specifically to my source.

It then seemed to work smoothly (until I had to learn about certificates)

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: ping will kill the network connection

[Cameron . Davidson]

Tim Willis  wrote on Tuesday, 4 March
2003 09:11:

> Ok, call me stupid, because that's the way I feel right now...someone
> tell me why I can't ping NetBios names?  And if I should be able to
> ping them, someone please tell me what I've done wrong --
> J. Tim Willis

To expand on Edward's comments, ping is specific to IP protocols.
Netbios traffic, on the other hand, while now mainly carried by IP,
was also historically carried by IPX and even Netbeui.
So a Netbios machine does not even necessarily grok TCP/IP.
The Netbios name is completely different from the IP-based domain name.
Sometimes, for ones own sanity, it is useful to force them to be the
same, but that requires some degree of cooperation between how you configure
your windows domain and your IP addressing.

The gory details are presented in some of the documents on the samba
web site (www.samba.org).

Samba has utilities that perform the rough equivalent of a netbios ping
(but it only works only over TCP/IP anyway).

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: The use of FIND search tool

[Cameron . Davidson]

Ted Gervais  wrote on Wednesday, 5 February
2003 10:06:

> Wondering something here.  If a persons database is not quite up to
> date, and you run 'find' to search for files - will the search be
> successful? 
> 
> Or to me sure - should you run updatedb first before running 'find'.
> 
> I am hoping the 'find' utiltiy works independant of whether the
> computers database is up to date or not..
> 
> Anyone please?
> --
> T.L.Gervais
> Coldbrook, NS
> Canada.

'find' uses a live search, not the locate database.
You need appropriate permissions to read directories.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Problem compiling bzImage

[Cameron . Davidson]

Michael Mansour  wrote on Monday, 3 February
2003 17:41:

> You were right, I ran the mrproper on him, reconfigured the kernel
> and all compiled ok.
> 
> I 'trusted' that Red Hat would have made sure these things would
> work, oh well, that's ok just takes time but the benefits to getting
> this working are great.
> 
> BTW, if I made the .config backup, ran mrproper, then copied the
> .config back, would that be ok?
> 

That's what I sometimes do. Provided it's a .config from that kernel
version I am sure it's OK. I guess there's no harm in then doing
make newconfig
to double check.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: How to run X over SSH?

[Cameron . Davidson]

Leo Huang  wrote on Friday, 31 January 2003 13:57:

> Cameron,
> 
> I'm running a RH8.0 as a server, and now I'm maintaining it over a
> text-based ssh terminal on my notebook. Sometimes things are getting
> complicated because of it is text-based. I want to run X on my
> notebook to simplize my work.
> Please tell me what I need to do.
> 


Hi Leo,
I am not much use answering this because the servers I set up
do not even have the X-based tools installed. Since one of them is
maintained mainly over a modem it is essential to be able
to use text-based tools. But then I only have two puny systems
to look after.

Depending on your server requirements you might find it easier to
set up web-based admin tools.

If you are running this over a local network you can skip
ssh tunnelling anyway (unless you have internal security worries)
and just allow X traffic from the server to your PC. But you
will still need to find an X-server for the PC.  Just get hold of
a demo version of a commercial X-server that I mentioned, or the
others mentioned by Todd Jacobs.
 Or try VNC (comes with redhat I think) and you 
can get PC clients from www.orl.co.uk/vnc

But, for any of these, the setup is more complicated than can
be put in a few lines of email. You'll have to do
some reading.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Updating RH Linux 6.2

[Cameron . Davidson]

Ernest Ellingson  wrote on Friday, 31 January 2003
11:56:

> Ok what do you do with Linux fdisk to add a logical partition to an
> extended one?  How do you add a swap partition with fdisk?  No
> options come up that allow this. 
> 
> Ernie
> 



>From memory, I think you just add a new partition. ('n'). fdisk understands
if the available space is in the extended partition.

fdisk command 't' will let you change the type
of partition to Linux swap (or anything else).

BUT, disk druid should have been able to do all this for you
from scratch. Maybe "it thought" you were trying to tell it
to leave the extended partition alone for some other OS.
I'd recommend you go back to the install from scratch option
and reread the installation guide to check
that you haven't left anything out.

Is the etherlink III the only eth card on your machine? I have had
some difficulties getting a second 3com card recognized automatically
but that can be fixed later.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Updating RH Linux 6.2

[Cameron . Davidson]

> After all of these travails, I decided to repartition using fdisc.  I
> deleted the (3) partitions hda1, extended and . Then I added two
> partions (I was given a choice of extended or primary) for each
> addtion. I put in the stop and stop cylinders exactly as Disk Druid
> and fdisc had shown them.  Disk Druid only showed two partitions,
> fdisk showed three. DD only showed hda1 and   while fdisc
> showed hda1, extended and .  I wrote the changes and fdisc
> barked that there was a partition 0 that must have been put on by
> another operating system.(what is that?
> When I installed the 7.1 over Windows I asked for the entire disk to
> be partitioned for Linux.  No dual operating system)
> 
> Here is my current plan of attack.  Use DOS (can you believe it?) to
> fdisk the hard drive and set up one big partition.  Then format that
> partition.  This may only get me so far though.  I still have to worry
> about the install seeing my network card.
> 
> Does anyone have another idea about how to fix this?
> 


It sounds like you never put a logical partition on the extended one.
Extended partitions are never useable directly, you have to
put one or more logical partitions into them.

Cameron



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Help Setting Up BIND on Redhat.

[Cameron . Davidson]

Tasha Smith  wrote on Thursday, 30 January
2003 19:10:

> Hiii,
> 
> Im trying to set-up BIND on my LAN. I have one Redhat machine
> acting as a  and 2 WINDOWS
> machines behind it. Right now the windows machines are
> configured to have my ISP DNS as there Primary DNS server but
> i want my Linux machine to act as the DNS server.
> 
> #Redhat 7.3 (2.4.20), Bind-9.2.2rc1###
> 
> Soo i  think i want to set-up a forwarding name server.
> 
> Soo this is what i got soo far: i created the file called
> /etc/named.conf and in it is: 
> 
> options {
> directory "/var/named";
> forwarders { ; };
> forward only;
> };
> 
> I ran  named-checkconf and no errors.
> 
> I have also created a /var/named  <---directory!  Now im
> confused on the next steps i need after this can someone
> helpAnd do i need more stuff in my /etc/named.conf file? Thanks
> guys 
> 

I also have in named.conf:
listen-on {
127.0.0.1;
192.168.0.1;   -- address of internal lan eth i/f
};

to make sure it ignores the outside world (and my mistakes are
less likely to escape).

Not sure about the rest, because I created a bogus internal domain
and populated it with my home PCs IP addresses. Which seemed like a
fun thing at the time (did I say that?) but in the end was a bit
overkill. The kids know the IP numbers of all the machines anyway.
The DNS howto (www.tldp.org) I think was what I mainly followed.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: touch modifies read-only files

[Cameron . Davidson]

nate  wrote on Thursday, 30 January 2003 18:46:

> Dan Bar Dov said:
>> If the file is owned by the user, touch will modify its
>> last-mod-time. This is contrary to my understanding that a read only
>> file cannot be modified (unless I insist as in rm -f)
>> 
>> Is this standard on all Unixes?
> 
> [snip]...
> I am not sure if this is standard, but you shouldn't rely on this
> sort of test with touch. I don't feel like powering up my solaris
> machines but my FreeBSD 4.7 system shows the same behavior. My
> RS/6000 and SGI Indy aren't plugged in either.
> 
> nate


Same on Solaris.

If you think about it, the times are in the inode, not the file.
Blocking write permissions to a file cannot also block write permission
to the inode, because that is where the permissions are stored - but
you don't have general access to the inodes anyway.

Whether the file is actually writable or not,
touch is still just lying about it being modified. It does
not actually modify it.

I then started trying to remember how touch works -
the system call it uses is utime(2), so you can read the man page
on the defined permissions for modification. I tried on the Solaris
man page but it left me too confused to repeat here. 
I think they meant it is ok if 
you are effectively root, or the owner, or have write permission.
Different permissions might apply if you are trying
to set another time in the past or the future.
I presume there's a Posix standard for it. Somewhere.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: How to run X over SSH?

[Cameron . Davidson]

Leo Huang  wrote on Thursday, 30 January 2003
17:46:

>> From Cameron's response, It seems I have to install
> something on my local
> machines??
> 
> Leo
> 


Leo,
I think you should describe what X programs you want to run and why
you need to tunnel the X. Perhaps there are other ways of doing it.
for example VNC might be suitable.

If you have a slow connection somewhere in between your client and
server then it won't be a very pleasant experience,
although X will generally be faster than VNC. 

If you are going to go the trouble of installing cygwin to get the
XFree-86 server then you might find you can get some of the X
applications to run directly on the PC (possibly still as X clients).

You could try the demo version of X-Win32 from www.starnet.com.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: How to run X over SSH?

[Cameron . Davidson]

Richard Crawford  wrote on Thursday, 30
January 2003 16:36:

> Is PuTTY capable of displaying X output?  I have never been able to
> make it work, but I've been able to use Cygwin with XFree86 to make
> it work. 
> 


PuTTY cannot display, but it can tunnel X. I use xwin-32 on the win2k box to
do the display. I have X-auth authentication turned on,
but sometimes that can be a bit of a nightmare.

To the original question, it looks like you are trying to start up an
X-server remotely, which is not what ssh tunnelling is for.
1. you need an X-server already running on the local system (windows).
I use a commercial product Xwin-32 from Starnet, but you could use the
one with Cygwin.
2. run putty and enable X-forwarding (display is typically localhost:0)
3. ssh to your remote site.
4. run the remote X application (not the server) directly, although it might
need
to fire up a window manager (I've never needed to get that complicated)

Cameron.


>> Hello
>> 
>> I am running RH8. I tried to run X remotely over ssh, the following
>> message is displayed on my Putty, and it hangs. I have to use Ctrl+C
>> to terminate. Any idea about how to run X over ssh?
>> 
>> Leo
>> 
>> Message:
>> 
>> [root@localhost root]# startx
>> 
>> 
>> XFree86 Version 4.2.0 (Red Hat Linux release: 4.2.0-72) / X Window
>> System (protocol Version 11, revision 0, vendor release 6600)
>> Release Date: 23 January 2002 If the server is older than
>> 6-12 months, or if your card is newer than the above date, look for
>> a newer version before reporting problems.  (See
>> http://www.XFree86.Org/) Build Operating System: Linux 2.4.18-11smp
>> i686 [ELF] Build Host: daffy.perf.redhat.com
>> 
>> Module Loader present
>> OS Kernel: Linux version 2.4.18-19.8.0
>> ([EMAIL PROTECTED]) (gcc version 3.2 20020903 (Red
>> Hat Linux 8.0 3.2-7)) #1 Thu Dec 12 05:39:29 EST 2002 Markers: (--)
>> probed, (**) from config file, (==) default setting,
>>  (++) from command line, (!!) notice, (II) informational,
>>  (WW) warning, (EE) error, (NI) not implemented, (??)
>> unknown. (==) Log file: "/var/log/XFree86.0.log", Time: Thu Jan 30
>> 14:22:46 2003 (==) Using config file: "/etc/X11/XF86Config"
>> SESSION_MANAGER=local/localhost:/tmp/.ICE-unix/13370 Loaded
>> background '0x809cb78 AUDIT: Thu Jan 30 14:22:59 2003: 13367 X:
>> client 5 rejected from local host
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: naive imap question - still wondering

[Cameron . Davidson]

nate  wrote on Wednesday, 29 January 2003
15:54:

> Steve Garcia said:
> 
>> * OK [CAPABILITY IMAP4REV1 LOGIN-REFERRALS STARTTLS AUTH=LOGIN]
>> adzacgw.adzac.com IMAP4rev1 2001.315rh at Tue, 28 Jan 2003 22:13:17
>> -0800 (PST)
> 
> '2001' is a UW IMAP version, so it looks like thats what it is.
> curious why UW doesn't make a better banner for their server.
> 
> though I could be wrong, I'm 99% sure that it is UW IMAP, which
> would be consistant for what most systems use as the default IMAP
> server. 
> 
> nate

UW imap is what I just installed from 7.3 CD.
check /usr/share/doc/imapxxx/some-file

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Help! Repair ext2 error while mounted?

[Cameron . Davidson]

nate  wrote on Thursday, 16 January 2003 07:37:

> Ryan Babchishin said:
> 
>> That's the best suggestion I've heard yet... Do you know of any risks
>> involved in repairing something that you know is in error, while the
>> fs is mounted?
> 
> worst case is you damage/destroy data on that particular inode. I
> think multiple files/directories can exist in a single inode. The
> only way I can think of off the top of my head is use ls -i to find
> what files are on what inodes, so something like
> 
> ls -Rli >/tmp/files.list
> 
> 
> nate

Would you mind expanding on that please - my understanding from
older unix filesystems was that two files with the same inode
were the same file just linked to two names. 
On the other hand, if a directory and a regular file was using
the same inode then chaos would ensue.

It used to be that the worst case was disk blocks allocated
to multiple files or directories - or allocated and in the
free list at the same time. 
I don't understand the "free blocks count corrupted" message
but perhaps you (Ryan) should take a quick look at the kernel source 
to find out what it means, and how it attempts to recover.
Maybe if it does not trust a block to be free it wont use it -
which would be a failsafe approach and just gradually chew up
the available space. But 1 times? 

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: RPM dependency hell

[Cameron . Davidson]

Edward Dekkers  wrote on Wednesday, 15
January 2003 10:54:

>> For local RPM collections, RH8 has the Red Hat package manager.  It's
>> still a bit limited, but I believe they are working to make it
>> better and more flexible.  We'll see.  But this is not the issue
>> that is preventing RHL from taking over the world, and it's not so
>> easy to fix that someone else has already done it.
> 
> Just a quick note about this whole dependency thing. Firstly, yes, I
> DO think it's a good thing when you need newer version of libs for
> example. The thing that's always bothered me (AND the OP I might
> add). Is that program XYZ requires a library OLDER than the one you
> have installed. Three words: 
> 
> This is crap.

Yes and no. See below...


> THAT'S where I think the major problem lies. Libraries provide
> functions. They should be added to, modified to make them faster, but
> never, ever, change for example the number or type of parameters to a
> function call. I do not know if that is what is happening or not, but
> if so this is where the problems lies. It breaks
> backwards-compatability. 

In an ideal world that would be the case, but the Linux world is basically
a continually evolving/developing stream, which 
sometimes stretches backward-compatibility beyond breaking point.
In the M$ domain they try hard but eventually
they just create a new product for punters to hand over
more money to get. If your apps aren't compatible with the
new version (not a completely unknown occurrence)
you just insert a note "see your vendor for
a new version". (or the exact equivalent of this lib version
issue - get an older dll revision and place it in the
same directory as the application executable.)

I feel Linux app and library developers do take a lot of care
to maintain compatibility, but take GTK as a case in point.
The changes involved in version 2 were necessarily large, to
achieve the required result. I don't know what actual
discussions took place around the new API but I am sure there
was some trade-off between features/efficiency and compatibility.
And backwards-compatibility lost, presumably for very good reasons.
Although they went to some trouble to ensure coding changes 
in applications were at least minimised.

So, you get two version of libraries that are not compatible.
One option is to say that major revision number changes involve
loss of backward compatibility. The other is to say we'll just give
the product a new name. So long as everyone works to the same rules
and people understand what they are, then there is little difference.

That's not quite true - in the libc5 to libc6 changeover, insisting
that libc6 be called something new and not a new version of libc
would have been too traumatic.

In the end I don't think the ideal is achievable. So this leads to...
Is there a better way? I'm sure there are many,
but I'm not prepared to implement any, so I'll shut up now.


Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: RPM dependency hell

[Cameron . Davidson]

j_post  wrote on Wednesday, 15 January 2003
13:59:

> On Tuesday 14 January 2003 06:10 pm, you wrote:
>> 
>> $ rpm -q --redhatprovides WindowMaker-libs
>> WindowMaker-libs-0.80.1-1
>> $ rpm -q --redhatprovides librpm-4.0.4.so
>> librpm404-4.0.4-8x.27
>> 
>> $ whichcd -v 8.0 librpm windowmaker-libs
> 
> Thanks Michael.
> 
> "whichcd" must be something new--I don't have it in RH7.2. I did find
> WindowMaker and librpm404 on the 8.0 CDs, but once again, we run into
> the seemingly infinitely recursive dependency trap. librpm404
> requires libc.so.6, which is not on the CDs.
> 

I think you will find you DO have libc.so.6. It is rather fundamental.
It is a symbolic link provided the glibc package.

I'm not sure why you are seeing such a message. What exactly did it say?

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: how to set up environment varibles$ path for all usrer

[Cameron . Davidson]

Jianping Zhu  wrote on Wednesday, 15 January 2003
04:32:

>  after setting $path in  /etc/profile. how can let this change take
> effect without having to restart computer?
> Thanks

login.  This assumes you are using bash as a login shell -
other shells might or might not read it (csh-based ones do not)

Cameron



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: RPM dependency hell

[Cameron . Davidson]

j_post  wrote on Tuesday, 14 January 2003 14:46:

> I'm getting really tired of Red Hat's RPM nonsense. I can't upgrade
> *anything* because rpm complains about dependencies. I can understand
> that a new version of program 'xyz' may need library
> 'libabc-2.3.so', but rpm
> refuses to upgrade because program 'abc-1.2' depends on
> 'libabc-1.2.so' and can't seem to deal with 'libabc-2.3.so'. Why
> not??? 
> 

A major revision of a libray might involve revisions to the API 
(such as changes to function parameters, or contents of
data structures) and
so anything built with libabc-1 might crash with libabc-2.
You often need to install both.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Windows VPN problem

[Cameron . Davidson]

Tom Kovalcik  wrote on Saturday, 11
January 2003 07:47:

> I have a Linux machine which serves as an internet server for several
> windows machines. I need to open a VPN connection from a windows box
> through the Linux server. I had this working using RH 6.x kernel
> (which was set up and patched for me). After a disk crash and
> upgrading to RH 8.0 the connection is not working. A friend told me
> that I had to patch the kernel to allow pptp connections to work, but
> he was not able to give me anymore help. Can anyone help me out on
> finding the kernel patches that I need? ( BTW I am sure it is NOT a
> firewall issue as someone suggested that originally) 

RH6.2 kernel source was almost always prepatched for PPTP masquerading.
(one version they forgot or rushed out a bug fix without it).
Are you using PPTP or L2TP/ipsec? I don't know anything about the status
of the latter.

My understanding is that the 2.4 kernels from RH
(at least 7.3 series that I use)
allow PPTP masquerading in Iptables - you need to patch only if
you still want support under ipchains.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: HOWTO : delete a file in C program?

[Cameron . Davidson]

David Busby  wrote on Thursday, 9 January 2003 20:09:

> `man 2 unlink` gives:
> UNLINK(2)Linux Programmer's Manual   
> UNLINK(2) 
> 
> NAME
>unlink - delete a name and possibly the file it refers to
> 
> SYNOPSIS
>#include 
> 
>int unlink(const char *pathname);
> 

And the stdio version is
   remove( const char *path );
Slightly more portable.

Cameron.



> 
>   - Original Message -
> 
>I am using RedHat 72 and i would like to make a C
> program which delete a file in a directory.
> 
>   Could you tell me how?
> 
>   Thanks in advance
> 
>   Canarich
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: NFS Problems on Linux 7.3 Install ???

[Cameron . Davidson]

How is the 7.3 firewall configured?

I don't remember any major problems mounting an upgraded 7.3
system from a 6.2 server.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: time server & dhcp client (win2k)

[Cameron . Davidson]

> If you want your Windows clients to see the time server you 
> must have samba
> running so Windows can read the time from the Linux server.  
> On Linux if you
> don't have NTP running you should, use one server on your 
> network as the
> Time Source (and have it sync with another tier one/two NTP 
> server (see
> ntp.org)
> Then all your local Windows/*nix clients can sync with your 
> NTP server.  NT4
> you must run the `net time` command, W2K you can use the 
> W32TimeService.
> 


But if you are not running Samba then a proper ntp client like
automachron or the NIST client will do the trick rather than running
something via "NET TIME"

Cameron.

> - Original Message -
> From: "Roger Schmeits" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, January 08, 2003 06:27
> Subject: time server & dhcp client (win2k)
> 
> 
> > I have set-up a dhcp server which works fine. Running RH7.3.
> > Would like centralize all time functions to this server for 
> all windows
> > clients.
> >
> > Can sync up the linux boxes manually with success. Are 
> there any other
> > options that are needed for the windows boxes to be successful?
> > Any comments?
> >
> >
> >
> > subnet 10.88.10.0 netmask 255.255.255.0 {
> > option netbios-node-type 8;
> > option netbios-name-servers 10.88.10.9 , 10.88.10.11;
> > option subnet-mask 255.255.255.000;
> > option domain-name "clarkweb.edu";
> >
> > option time-servers 10.88.10.10;
> >
> > option domain-name-servers 10.88.10.50;
> > option routers 10.88.10.50;
> > max-lease-time 14000;
> > default-lease-time 1;
> > range dynamic-bootp 10.88.10.30 10.88.10.49;
> > }
> >
> >
> >
> > Roger
> > --
> > **
> > Roger Schmeits
> > System Analyst
> > Clarkson College
> > http://www.clarksoncollege.edu
> > Omaha, NE USA
> > 1-800-647-5500 x22542
> > *
> >
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe 
> mailto:[EMAIL PROTECTED]?> subject=unsubscribe
> > 
> 
https://listman.redhat.com/mailman/listinfo/redhat-list



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Samba

[Cameron . Davidson]

> 
> I have that [SWAT] installed.  It came with the RH8.0 files. 
> However, it is a 
> limited version of swat, in that in only allows you to see a 
> few things and 
> change the passwd but not able to edit the smb.conf file 
> etc..  Maybe I 
> need a new/annother version of swat??
> 

I didn't know there was a limited version? Did you connect with
the root account and password?

Cameron.




-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: [OT] extracting text from binary file

[Cameron . Davidson]

> 
> Have you tried running the "strings" command on the file from 
> a shell prompt? Strings extracts any ASCII strings it can 
> find within binaries.
> 
> Will.
> 
> From: "Stone, Timothy" <[EMAIL PROTECTED]>
> 
> > I've inherited several Quark files on Mac-formatted CDs.  
> I'm able to open them on my RHL server and transfer them via 
> scp to a Cygwin-enabled Windoze for hex , or binary, 
> inspection, in TextPad (a kickass text editor for Windoze 
> BTW) and view the text contents, e.g. "Four score and seven 
> years ago..." Unfortuately, TextPad does not allow me to 
> "grap" or extract this text for cut-paste in a normal text 
> (*.txt) file.
> > 
> > Is there a recommended hex editor in Linux that would allow 
> me to select the text and paste it to a regular text file for 
> editing? Maybe a Quark viewer?
> > 


Strings is definitely what you want - and should be
on Cygwin as well as Linux. (unless of course you find
a quark native format reader)

As binary-capable editors go,
vim (www.vim.org) kicks more donkeys than most.
And you can get that in native Win32 as well as
all flavours of unix.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: ULTRA DMA 100

[Cameron . Davidson]

I run 7.3 happily with my only hard disk plugged into
a Promise U100 on an Asus A7V.
I don't see why 8.0 would have any problems.

The info in the RH kb says "prior to 7.1".

Cameron.

> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED]] 
> Sent: Saturday, 4 January 2003 4:29 AM
> To: [EMAIL PROTECTED]
> Subject: Re: ULTRA DMA 100
> 
> 
> 
> I don´t think so... more info  >>
> http://kb.redhat.com/view.php?eid=260
> 
> =
> 
> 
> 
> 
> Hi friends!
> 
> I would like to know if RedHat 8.0 support Ultra DMA 100 thechnology!
> 
> 
> Williams
> Lima.
> 
> -



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: service iptables does not support chkconfig

[Cameron . Davidson]

It sounds as though you are mixing up instructions that are
appropriate to different systems. The chkconfig stuff is for
systems such as RedHat that support it. The scripts from rc.local
are more generic Linux instructions.
What version of RH are you running? The iptables script
in init.d comes with the iptables RPM, so this suggests you have never
installed one.
I would recommend you go back and install the RPM
because the format of an init.d script is more than just the
first comment lines for chkconfig compatibility. It is not the same
as a script that would normally be run from rc.local.
Also, starting at S80 allows nearly all your network services to fire up
with no firewall protection.

What I would suggest is...
1. remove the firewall script from init and rc.local(but save it)
2. install the latest RPM.
3. run the script to install your iptables settings.
4. when they are OK, run "service iptables save". This will store your
settings
for the next time you boot.

whenever you need to change the settings, edit your script
and then repeat steps 3 and 4.

Cameron.


> -Original Message-
> From: Silkk [mailto:[EMAIL PROTECTED]] 
> Sent: Monday, 23 December 2002 3:47 PM
> To: [EMAIL PROTECTED]
> Subject: Re: service iptables does not support chkconfig 
> 
> 
> Here is an error message i get in my boot.log messages
> firewall: /etc/rc3.d/s80 firewall: iptables: command not found
> 
> 
> 
> --- Mike Burger <[EMAIL PROTECTED]> wrote:
> > "chkconfig iptables" won't work if you don't have a script called
> > "iptables" in your /etc/init.d directory.
> > 
> > Try "chkconfig firewall on" and see what happens.
> > 
> > On Sun, 22 Dec 2002, Silkk wrote:
> > 
> > > Hello,
> > > 
> > > I installed iptables 1.2.7a with kernel 2.4.20. I tryed 
> to get them 
> > > to start when i
> > boot
> > > my pc but they are not starting. I created a firewall 
> script named 
> > > "firewall" in: "/etc/init.d" ---I ran:
> > > chown root.root /etc/init.d/firewall
> > > chmod u=rwx /etc/init.d/firewall
> > > chmod 775 /etc/init.d/firewall
> > > ---And added this line to my "/etc/rc.d/rc.local" file
> > > sh /etc/init.d/firewall
> > > 
> > > But that still dont get them started up. If i run
> > > sh /etc/init.d/firewall manually then my rules work properly. 
> > > 
> > > *** I tryed using  *** 
> > > *** "chkconfig levels 23456 iptables on" but get this  *** 
> > > *** service iptables does not support chkconfig*** 
> > > 
> > > And i get an error when i re-boot my computer on start up after 
> > > redhat network dameon starts something about iptables i check my 
> > > logs but cant see it in there! Any help how i can get my rules to 
> > > start when my PC starts up???
> > > 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Network Connection Problem

[Cameron . Davidson]

I haven't seen any replies to this. This is a stab in the dark...
Are the Win98 boxes dhcp clients? (i.e. you ticked the
"obtain IP address automatically" box).
If so are you running dhcp server?

Can they still ping the server even when they
cannot ping the outside world? i.e. is the problem
at the NAT level or the local network?

Can you ping by ip-number when you cannot ping by name?
Could it be a problem with your DNS lookups?

Is the behaviour synchronised? i.e. All win98 boxes hang
at the same time?

maybe start logging all rejected/dropped packets and see what
is being dropped at the time.

Sorry there's nothing too specific.

Cameron.

> -Original Message-
> From: Jake Colman [mailto:[EMAIL PROTECTED]] 
> Sent: Saturday, 21 December 2002 4:31 AM
> To: RedHat List
> Subject: Network Connection Problem
> 
> 
> 
> I have a very simple SOHO network toplogy consisting of an 
> inexpensive 8-port hub and cat-5 wiring.  I have a RH 7.2 
> server and several Win98 machines. The server has two NICs, 
> one connected to the Internet via a cablemodem and the other 
> connected to the hub.  The server used iptables to do masqing 
> and firewalling and everything works like a charm.
> 
> However...
> 
> Periodically my Win98 systems will lose connectivity to the 
> internet.  When that happens I can still ping the internet 
> from the server itself but cannot ping the internet from the 
> Win98 machine.  After a minute or two my Win98 machine will 
> begin working again.
> 
> Any idea what might explain this?  Any idea how I can track 
> down what might be going on?
> 
> -- 
> Jake Colman 
> 
> Principia Partners LLC  Phone: (201) 209-2467
> Harborside Financial Center   Fax: (201) 946-0320
> 902 Plaza Two  E-mail: [EMAIL PROTECTED]
> Jersey City, NJ 07311  www.principiapartners.com
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: no space left on device, while it's not true!

[Cameron . Davidson]

or you might be out of inodes.
try "df -i"
If so then it would suggest there are
lots of small files cluttering up your system.

Cameron.

> -Original Message-
> From: David Kramer [mailto:[EMAIL PROTECTED]] 
> Sent: Monday, 16 December 2002 17:04
> To: [EMAIL PROTECTED]
> Subject: Re: no space left on device, while it's not true!
> 
> 
> On Monday 16 December 2002 02:01 am, HAOYANG LIU wrote:
> > After the meal, I saw an error message on my Redhat 7.3 desktop "no 
> > space left on device". I tried to ignore it but it kept 
> appearing so I 
> > rebooted my computer. while it's being rebooted, I saw
> > touch: careating '/var/lock/subsys/xinetd' No space left on 
> device [Fail]
> > touch: careating '/var/lock/subsys/lpd' No space left on 
> device [Fail]
> > and so on.
> > Then I noticed startx wouldn't run as it used to be and I 
> had to log on via
> > the text screen. Surpringly, I found I couldn't create new 
> fils under "/",
> > nor the /var directory and the error message was always no 
> space left.
> > However, I still could create files under my own direcotry 
> at /home. I used
> > df to check the diskspace and saw only 40% of "/" was used!
> > I have a lot of things to do and I do need my linux come back...
> > What shall I do now?
> > Help, please!
> 
> First, post the output of df and mount.
> 
> My first guess would be that you have / mounted read-only.
> 
> ---
>    David Kramer   http://thekramers.net
> DK KD  
> DKK D  Whenever I think I've accomplished a lot, I just remind 
> DK KD  myself that when Mozart was my age -- he'd been dead 
>    for 29 years!  - Howard Ruff
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Only static IPs works, DHCP hangs .....

[Cameron . Davidson]

> >I run a dhcp client (dhcpcd) on eth1 to get the setup from my ISP, but 
> >I also run a dhcp server on eth0 (internal) to give the other local
> >machines info about gateway, DNS, etc.
>
> I was wondering how I could let the other computers know that information 
> without having to do it manually. I guess I need a little more 
> clarification(if you don't mind) on what you wrote below:

When you configure your local server you put that information into
/etc/dhcpd.conf.
Run "man dhcpd.conf" for the gruesome details, but you'd be better starting
with the various network HowTos. (http://www.tldp.org)

> >But you have to stop the server running on eth1 as well, so to do that 
> >you need to have a line DHCPDARGS="eth0"
> >in the file /etc/sysconfig/dhcp.
>
> The *Server* on eth1 is my ISP, how can you stop their server. Do you mean
I 
> need to stop the Client program(dhcpcd) on eth1? What does the DHCPDARGS 
> line in the /etc/sysconfig/dhcp file mean? The interface that you want to 
> run the server on?

That's not what I meant - sorry for the ambiguity.
You just have to make sure that YOU are not running
a dhcp server on that interface. I guess from your comments that you
are not running one at all, so it should be no problem. If you later decide
to start a dhcp server you will discover that it likes to listen on
all appropriate local interfaces, so that is when you might need that trick.
In fact dhcpd can often tell that it does not need to listen on certain
interfaces so it might never be a problem, depending on your specific
configuration.
It may well be that I have just confused you unnecessarily.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Only static IPs works, DHCP hangs .....

[Cameron . Davidson]

Mike,

I noticed you said you were running linuxconf - which RH version
are you using? I though linuxconf had been retired from recent
systems - I didn't get it on a recent clean 7.3 installation
but it was left in place after a 6.2 to 7.3 upgrade. 

there's been lots of useful info so far in other replies,
which should get you started. Since you have two eth cards
you might end up running a system like mine - where the 
internet gateway linux box serves several Linux and ms-Windows
machines. So I'll expand on this.

I run a dhcp client (dhcpcd) on eth1 to get the setup from my ISP,
but I also run a dhcp server on eth0 (internal)
to give the other local
machines info about gateway, DNS, etc.
But you have to stop the server running on eth1 as well, so to do that
you need to have a line
DHCPDARGS="eth0"
in the file /etc/sysconfig/dhcp.

Cameron.



> 
> This is not a silly question at all because I do not know much about 
> configuring DHCP. The answer to your question is none of 
> them. The only 
> thing that I did was click the DHCP button in linuxconf on 
> the nic that 
> needs to be hooked up to my ISP. I must now ask a few silly 
> questions now. 1. Is that required if I am *not* running a 
> DHCP Server? 2. I saw both of those on the internet in my 
> search to find some answers, 
> what do they do?



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Only static IPs works, DHCP hangs .....

[Cameron . Davidson]

silly question time, but what are you using?
Is it dhcpcd (and not dhcpd?)
How are you configuring it?

Cameron.

> -Original Message-
> From: Michael Turner [mailto:[EMAIL PROTECTED]] 
> Sent: Thursday, 12 December 2002 15:12
> To: [EMAIL PROTECTED]
> Subject: Only static IPs works, DHCP hangs .
> 
> 
> I am trying to use DHCP because my ISP requires it. I thought 
> setting up 
> DHCP was easy! Whenever I change the eth1 card to use DHCP, 
> then it fails 
> bringing that nic up on boot up. Do you need dns servers when 
> setting up 
> DHCP? What about routing and gateway IPs?  I have tried all 
> that I can think 
> of. I am at a loss. Please help any way you can. Thanks in advance.
> 
> Mike
> 
> ---
> Happy Birthday, Jesus!!
> 
>  - Luke 1 & 2: The real Christ mas story
> 
> 
> _
> MSN 8 with e-mail virus protection service: 2 months FREE* 
> http://join.msn.com/?page=features/virus
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: dhcp

[Cameron . Davidson]

sorry, you are right. What I meant was... that is how
I check that the machine has asked for and been granted the address.

I was guessing that the question related to checking which
machines were actually performing the dhcp stuff.

Cameron.


> -Original Message-
> From: Mike Burger [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, 11 December 2002 22:48
> To: [EMAIL PROTECTED]
> Subject: RE: dhcp
> 
> 
> That's not exactly accurate.  If you also assign fixed 
> addresses, you can 
> simply look in /etc/dhcpd.conf.
> 
> On Wed, 11 Dec 2002 [EMAIL PROTECTED] wrote:
> 
> > The dhcp.leases file only shows pool addresses.
> > If you also assign fixed addresses,
> > the only way I know to check them is
> > 
> > grep DHCPACK /var/log/messages
> > 
> > but you don't get lease details from this.
> > 
> > Cameron.
> > 
> > > -Original Message-
> > > From: nate [mailto:[EMAIL PROTECTED]]
> > > Sent: Wednesday, 11 December 2002 16:56
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: dhcp
> > > 
> > > 
> > > Stand H said:
> > > > Hi,
> > > >
> > > > How can I view all the ip addresses that my dhcp
> > > > server is leasing to my clients?
> > > 
> > > not sure about redhat, but check in /var/lib/dhcp ?
> > > 
> > > if that doesnt work try
> > > 
> > > find /var -name "*leases"
> > > 
> > > nate
> > > 
> > > 
> > > 
> > > 
> > > 
> > > --
> > > redhat-list mailing list
> > > unsubscribe 
> mailto:[EMAIL PROTECTED]?> subject=unsubscribe
> > > 
> 
https://listman.redhat.com/mailman/listinfo/redhat-list
> > 
> 
> 
> 
> 

-- 
Mike Burger
http://www.bubbanfriends.org

Visit the Dog Pound II BBS
telnet://dogpound2.citadel.org or http://dogpound2.citadel.org:2000



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: dhcp

[Cameron . Davidson]

The dhcp.leases file only shows pool addresses.
If you also assign fixed addresses,
the only way I know to check them is 

grep DHCPACK /var/log/messages

but you don't get lease details from this.

Cameron.

> -Original Message-
> From: nate [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, 11 December 2002 16:56
> To: [EMAIL PROTECTED]
> Subject: Re: dhcp
> 
> 
> Stand H said:
> > Hi,
> >
> > How can I view all the ip addresses that my dhcp
> > server is leasing to my clients?
> 
> not sure about redhat, but check in /var/lib/dhcp ?
> 
> if that doesnt work try
> 
> find /var -name "*leases"
> 
> nate
> 
> 
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: NT to Linux transition ideas/advice

[Cameron . Davidson]

Windows better at??? I'm not sure about the others, but
I am sure Pro/E andf Unigraphics started life as programs
based on Unix-workstations. Only comparatively recently
have they migrated towards ms-windows.
I think those packages have been
converted to use the native win-32 graphics environment
but I have seen engineering packages "converted to windows"
by recompiling and providing an X-server to run
in the ms-windows environment.
So the first question is - is the package development still
based around X-windows?  If so then Linux is a more
natural choice, assuming the supplier supports it.

Why did they move away from Unix? Probably mainly cost.
Once the PC hardware had enough power to do what they
wanted, customers probably tended to baulk at the cost
of high-end Unix workstations with associated software
costs when a similar PC running NT was disproportionately
cheaper. And it took until NT4 for MS to offer a 
reliable 32-bit OS.

Given the cost of the licences for those packages, whether you pay
for a win32 OS or get Linux for free is often insignificant.

The main selling point that I would look for would be reliability.
But I have nothing to offer in that area.

Cameron.


> -Original Message-
> From: Anthony E. Greene [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, 11 December 2002 12:06
> To: [EMAIL PROTECTED]
> Subject: Re: NT to Linux transition ideas/advice
> 
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On 10-Dec-2002/16:54 -0600, "Henderson, TL Todd" 
> <[EMAIL PROTECTED]> wrote: [snip]
> >The main apps that will be of issue will be 2 CAD packages, PRO/E and 
> >Unigraphics, metaphase, SAP, and the obvious desktop office apps.  I 
> >think the open office with RH 8.0 will take care of most of 
> the desktop 
> >office app stuff, but the others I'm not so sure about.
> >
> >Right now, I'm just trying to plant the seed and pique her interest.
> 
> As much as I like to use Linux, I have to say that I like it 
> because of it's good for the things I need to do. If Windows 
> were better for the things I like to do, then I would use Windows.
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: What does this warning meen when compiling kernel

[Cameron . Davidson]

I am sure you are right. If any file's time is in the
future then make knows something is wrong.
Just "touch .config" to reset its modification time
in line with the system clock.

Cameron.

> -Original Message-
> From: Søren Neigaard [mailto:[EMAIL PROTECTED]] 
> Sent: Tuesday, 10 December 2002 07:24
> To: [EMAIL PROTECTED]
> Subject: What does this warning meen when compiling kernel
> 
> 
> make[7]: warning:  Clock skew detected.  Your build may be incomplete.
> 
> I have just set the time (after I made the .config file), so 
> the .config files timestamp is into the future. Is that it? 
> Will it cause any trouble?
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: SSH with TCP Wrappers

[Cameron . Davidson]

I'm not sure how different 7.3 is from 8.0, but the 7.3
version of openssh is compiled with tcp-wrappers, but
does not normally use xinted. Sshd is probably already
running as a separate daemon so what you put in xinetd.d/ssh
might have no effect.

> chkconfig --list sshd
should show something like
sshd0:off   1:off   2:on3:on4:on5:on6:off
if it is NOT controlled by xinetd.

or use
> lsof -I | grep ssh
and see what program is listening on ssh port.

you need to specify hosts in hosts.allow. If you put
sshd: 172.26.0.5
and it doesn't work then you need to check elsewhere.

Check /etc/ssh/sshd.conf for "listen" address lines.
Check your firewall configuration.

Cameron.

> -Original Message-
> From: Josep M. [mailto:[EMAIL PROTECTED]] 
> Sent: Saturday, 7 December 2002 01:33
> To: [EMAIL PROTECTED]
> Subject: SSH with TCP Wrappers
> 
> 
> Hi!
> 
> I try of put my SSH (redhat 8.0 updated yesterday) with TCP 
> Wrappers,looking at the package requires "tcp wrappers",so I 
> suppose will be compiled with,because read hosts.allow and 
> only give if allowed,i tried of put a file /etc/xinetd/ssh  
> and had not result when I want control 
> anything,SSH simply ignore these,oinly look hosts.allow .I 
> tried these two configurations:
> 
> 
> My IP is 172.26.0.6 ,so i MUST have forbidden to connect:
> 
> File one:
> 
> service ssh
> {
> socket_type= stream
> protocol   = tcp
> wait   = no
> user   = root
> port   = 22
> server = /usr/sbin/sshd
> server_args= -i
> only_from  = 172.26.0.5
> 
> }
> 
> 
> File two
> 
> service sshd
> {
> socket_type = stream
> wait= no
> user= root
> server  = /usr/sbin/sshd
> #It's not listed in my /etc/services
> port = 22
> server_args =  -i
> #Allow access from the local network 
> only_from   = 172.26.0.5
> log_on_failure = ATTEMPT HOST RECORD
> 
> 
> }
> 
> 
> 
> 
> Any help will be appreciated.
> 
> Josep
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: internet sharing on home network

[Cameron . Davidson]

You are telling your XP box to get DNS from your ISP, so these
have to get MASQ'ed or NATted. Make sure you are forwarding and
masquerading UDP port 53. (and allowing the replies back).

Also try http://216.239.35.100  (google).
If that works then only the DNS needs fixing.
Otherwise there is something more wrong with the firewall.

Cameron.

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
> Sent: Thursday, 5 December 2002 01:55
> To: [EMAIL PROTECTED]
> Subject: Re: internet sharing on home network
> 
> 
> Glenn Goodspeed wrote:
> 
> > Pepijn - If you're not running a DHCP server, give your XP machine a
> > static IP address on the local subnet, such as 
> 192.168.1.50, net mask 
> > 255.255.255.0.  Make the Gateway address on the XP machine 
> > 192.168.1.1.  You might have to reboot to make these 
> settings effective.
> >
> > I don't know about the firewall settings.   -Glenn.
> >
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
> > Sent: Wednesday, December 04, 2002 4:56 AM
> > To: [EMAIL PROTECTED]
> > Subject: internet sharing on home network
> >
> > How do I tell the XP-box to find my ADSL connetion on the Linux 
> > machine? My external connection goes through eth0, while 
> the internal 
> > network is through eth1.
> >
> Thanks for the help, Glenn. But it still does not work:
> 
> At the XP machine the ethernet card has
> 
> IP address 192.168.1.2
> netmask 255.255.255.0
> default gateway 192.168.1.1 ( = eth1 at Linux machine)
> DNS is what I got from my ISP
> 
> Even after a reboot I get the following messages in internet explorer 
> (sorry for using the fascist's tool)
> When trying to load any www-site:
> "connecting to site 192.168.1.1"
> "loading: c:\windows\System32\shdoclc.ddl/dnserror.htm"
> Could this be due to my linux-firewall after all??
> 
> Thanks again,
> 
> Pepijn.
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: problems setting up NT Mailserver inside linux firewall

[Cameron . Davidson]

I presume you are using Iptables.

Start logging everything you drop or reject
and you will then see what needs adjusting.

>From memory, my setting is...
1. DNAT incoming tcp port 25 to your mail server
2. accept these readdressed packets on forward chain
3. SNAT outgoing packets tcp port 25 
4. accept outgoing packets on forward chain
5. do the usual accept "RELATED,ESTABLISHED" stuff.

I split my forward chains according to incoming interface,
rather than using the FORWARD chain itself,
and filter in those specific chains.

Cameron.

> -Original Message-
> From: Lisa [mailto:[EMAIL PROTECTED]] 
> Sent: Friday, 29 November 2002 01:48
> To: [EMAIL PROTECTED]
> Subject: problems setting up NT Mailserver inside linux firewall 
> 
> 
> I'm setting up a linux firewall and moving an NT Mail server 
> onto a new network behind this firewall. The machine where 
> the firewall resides has one internal interface and one 
> external interface. Dummy ip addresses are used for machines 
> on the LAN inside the firewall.
>  
>  At the moment, we have just changed the mail mx record to 
> correspond to the new network address .
>  
> In my firewall I have a rule that maps any traffic destined 
> for the mail address to the internal mail server dummy ip. 
> When I email from the mail account to any external mail 
> addresses  and vice versa it doesn't work.
>  
> can anyone help me as I have no idea what to do.
>  
>  
>  
>  
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: computers connected to samba server on linux

[Cameron . Davidson]

Hi,
Not sure what you mean by "connected".

DHCP IP address offers are normally logged in /var/log/messages.
There is no other "connection" as such.

Samba has very flexible logging. On my system each machine
has a log file with its own (netbios) name.

To see currently connected shares, you can view them
with SWAT on the status page (from memory).
Presumably there is also some command line
method, but I've not used it.

Cameron.


> -Original Message-
> From: moises [mailto:[EMAIL PROTECTED]] 
> Sent: Monday, 2 December 2002 09:22
> To: [EMAIL PROTECTED]
> Subject: computers connected to samba server on linux
> 
> 
> Hello! i have a DHCP server running on linux using SAMBA. My 
> question is how can i get the list of computers connected at 
> my server, i mean, a list with the number/name of client and 
> the IP address asigned!!??
> 
> thanks for your help!!
> 
> REGARDS
> 
>   _  
> 
> Yahoo! Messenger
> Nueva versión 
>  : Webcam, voz, y mucho más ¡Gratis!



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: VPN masq

[Cameron . Davidson]

 RH7.3 works out of the box with iptables for a single internal
PPTP client to an external server (MS jargon). But probably not
well for multiple simultaneous connections.

But is is still not clear which protocol is required
or which direction
is initiating the connection from the original poster.
I guess masq implies connections initiated internally.

If you are using PPTP and you are actually paranoid
then you will be dropping forwarded connections by default
and need to accept on your forwarded outgoing chain
  ...  -p tcp -d $PPTP_SERVER --dport 1723 -j ACCEPT
  ...  -p 47 -d $PPTP_SERVER  -j ACCEPT

But IPSEC will be something different.

Cameron.

> -Original Message-
> From: Rigler, S C (Steve) [mailto:[EMAIL PROTECTED]] 
> Sent: Thursday, 28 November 2002 05:08
> To: [EMAIL PROTECTED]
> Subject: RE: VPN masq
> 
> 
> That's correct.  Basically, it looks like:
> 
> VPN Client --> (eth0) RH Machine (eth1) --> Internet --> 
> Extranet Switch
> 
> I didn't put anything special into my rules to enable this.  
> Aside from the rules I have setup for paranoia, misc 
> port-forwarding, and other traffic, I believe the affecting rules are:
> 
> -A POSTROUTING -o eth1 -j MASQUERADE
> -A FORWARD -s 192.168.10.0/24 -o eth1 -j ACCEPT
> 
> -Steve
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Linux seems pokey with 684MB RAM

[Cameron . Davidson]

> Nate said:
> 
> Daevid Vincent said:
> 
> > Swap:   522072 116012 406060
> >
> > Here is what I have running currently as of that 'free'
> 
> wonder why it's swapping like mad.
> 

Me too. I have been puzzled by similar behaviour recently also.
All I did was replace a server that was a P133/64MB (2.2 kernel)
with a P-266/192MB (2.4 kernel) and interactive response
got SLOWER when it was busy.
It seems to be related to the OS gobbling up all spare ram for
cache/buffers (I don't understand the distinction between the two).
I've noticed this, not just on Linux, but on win2k also. NT4 seemed
even worse.
And I suspect win98 was doing the same until
I used Cacheman to constrain it.

Whenever I do a lot of file output all ram gets allocated, then if I
try to start a program, it gets stuck waiting for the stuff to get flushed
before there is even any ram to read the code into.
It feels like the OS decides to empty ram before it reads anything,
but I have no numbers to back this up so it is probably just
the competition for disc access causing inefficiencies.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Multiple Eth Card Configuration

[Cameron . Davidson]

Hi,
I have just started to wrestle with the same problem, and have come to the
conclusion
that I need to turn the DSL device from a router into a bridge. And then run
pppoe
on the Linux box (because the ISP insists on using pppoe, even thought it is
allocating a static IP.)

I don't want to think about bridging the kernel, because the dsl router does
dchp
that I cannot see how to disable. Firewalling kernel-bridged traffic is
apparently feasible,
with patches, but unlikely to be a good option. 

There seem to be other potential problems
to do with your dsl gear, if it uses pppoe, and whether you can control the
MTU.
If you can't, then VPN traffic can get difficult, or in some cases
impossible.

Cameron.

> -Original Message-
> From: Andy Kirk [mailto:[EMAIL PROTECTED]] 
> Sent: Friday, 22 November 2002 08:34
> To: [EMAIL PROTECTED]
> Subject: Multiple Eth Card Configuration
> 
> 
> Hi all
> 
> I have RH8 running in a single eth card, and have now 
> installed a second eth card.  I want to configure the system as :-
> 
>   ---   --
> -
>   | DSL  || Eth1 || RH8 |---| Eth 0  
> ||Local Lan  |
>   ---   --
> -
> 
> I have set the DSL, which runs NAT to a local IP of 
> 192.168.20.10/24 I have set the Eth1 to an IP of 
> 192.168.20.20/24 I have set the Eth0 to an IP of 
> 192.168.10.20/24 The local lan is assigned IP via DHCP from Eth 0
> 
> Can anyone point me in the direction of docs and HOW-TO to 
> configure the above scenario.  I think that I need to relink 
> the kernel for bridging, and configure a firewall so that 
> only www, smtp and ftp can go in from DSL to Eth1, but anyone 
> on the lan can go out via the DSL.
> 
> Any help for a confused newbie appreciated.
> 
> Best Regards
> 
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: iptables -nL question

[Cameron . Davidson]

Hi Edward,
That looks OK to me because the "interface" is not the same as the source
and
destination.
This might be a bit wrong in the detail, but I think of it as follows.
Interface is the physical or logical, er... interface, on your machine
through which the message arrived or is being sent/routed etc.
Source and destination are IP addresses taken from the header.

As an example of the distinction. I allow ssh from the outside world into my
machine. However, I know I only have a certain set of places that I might
connect from.
So I allow new connections input to interface ppp0, on destination port 22,
but only from specific known source addresses.
On the other hand, a public web or mail server would basically
have to receive from all addresses.

If you are allowing masquerading of web browsing, for example, then you will
need
to allow all source addresses back in, unless you want to be severely
limited
as to where your machines can browse. But those restrictions would be better
done before allowing the masqueraded packets out, thus anything you've
allowed out
is already permitted.
As an example of this, you might allow forward packets on interface eth0 but
only from source address 192.168.x.2, which is your machine, but not from
192.168.x.3

Cameron.

> -Original Message-
> From: Edward Dekkers [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, 20 November 2002 11:49
> To: [EMAIL PROTECTED]
> Subject: iptables -nL question
> 
> 
> I've always had the following rules (default flushing, policy 
> and stuff
> omitted):
> 
> iptables -A FORWARD -i ppp0 -o eth0 -m state --state 
> ESTABLISHED, RELATED -j
> ACCEPT
> iptables -A FORWARD -i eth0 -o ppp0 -j ACCEPT
> 
> Basically, I got this from a bit of reading, some examples 
> found on the
> internet, and understood it as let everything out, but only 
> related and
> established connections back in. This has always worked but I 
> never checked
> the list output. I did today:
> 
> iptables --list and got (again other stuff omitted)
> 
> Chain FORWARD (Policy DROP)
> targetprot opt source   destination
> ACCEPT  all--   anywhere  anywhere   state RELATED,ESTABLISHED
> ACCEPT  all--   anywhere  anywhere
> 
> uhm, is that OK? It doesn't look it to me. Shouldn't the source and
> destination be filled in as ppp0 and eth0? Or doesn't --list list that
> properly? I'm worried that the anywhere anywhere means that 
> the related and
> established rule never gets triggered.
> 
> P.S. I also tried iptables -nL and got (unrelevant stuff omitted)
> 
> Chain FORWARD (Policy DROP)
> targetprot opt source   destination
> ACCEPT  all--   0.0.0.0/0   0.0.0.0/0   state RELATED,ESTABLISHED
> ACCEPT  all--   0.0.0.0/0   0.0.0.0/0
> 
> Regards,
> 
> ---
> Edward Dekkers (Director)
> Triple D Computer Services P/L
> 
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: apache dns problem

[Cameron . Davidson]

but if I go .../stats/index.html
then it works. So it looks like your apache config is returning the internal
name
as the default url.

Cameron.

> -Original Message-
> From: Jake Colman [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, 20 November 2002 07:59
> To: RedHat List
> Subject: apache dns problem
> 
> 
> 
> My server's internal name is firewall.jnchome.com.  This is a 
> bogus dns name that resolves only internally.
> 
> I use dyndns.org to map a public dns name to my dynamic IP 
> address.  The URL "http://thecolmans.homeip.net:8081"; 
> resolves to my web server.  If someone enters this URL they 
> get my apache test page.  If they enter "...:8081/stats/" to 
> see my mrtg graphs, it tries to resolve to 
> "firewall.jnchome.com/stats/" which, of course, does not exist.
> 
> What do I do to solve this?
> 
> TIA!
> 
> -- 
> Jake Colman 
> 
> Principia Partners LLC  Phone: (201) 209-2467
> Harborside Financial Center   Fax: (201) 946-0320
> 902 Plaza Two  E-mail: [EMAIL PROTECTED]
> Jersey City, NJ 07311  www.principiapartners.com
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: How to mount a Windows partition as writeable?

[Cameron . Davidson]

Is it really mounted read-only? i.e. what does "mount" tell you.
If it is not mounted read-only, then what permissions are applied to the
contents?
do
 ls -l /mount/point/a_file_on_the_partition

Those are derived from mount options uid, umask etc.

Cameron.

> -Original Message-
> From: Gerry Kirk [mailto:[EMAIL PROTECTED]] 
> Sent: Monday, 18 November 2002 13:44
> To: [EMAIL PROTECTED]
> Subject: How to mount a Windows partition as writeable?
> 
> 
> Hi,
> 
> I'm stumped on this one. I've tried mounting Windows (98, XP) 
> partitions using various mount options, but it's always 
> mounted read-only. I've tried
> 
> -o rw
> -o umask=
> 
> to no avail.
> 
> Is it possible to set up a Windows partition as writeable?
> 
> - Gerry
> 
> -- 
> Gerry Kirk
> IT consulting for positive change
> http://prime.sourceforge.net
> 
> ph  705.759.8026
> fax 780.401.3517
> 
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: mr petrie is history - [[but should he really be?]]

[Cameron . Davidson]

> 
> ...  The answer is simple:  DON'T USE AUTORESPONDERS.   
> 

I don't think so. Any rule that relies on 100% conformance is not going to
work well
enough. As demonstrated by this episode. It only takes one subscriber out
of this rather large list to forget and ... here we go again.

Is it possible for the mailing list handler to reject any message
that has "(Out of Office)" in the subject? That seems to be a standard entry
for that autoresponder. That will at least stop everyone else seeing it
and stop the looping.

A next step might be to automatically unsubscribe anyone posting such a
message, if that is possible.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Iptables

[Cameron . Davidson]

Hi,
that's messy, because officially I think you can only specify
binary powers, i.e. blocks of 32, 64, 128 etc. AND the start and end
addresses are tied by the binary representation.
So a block of 64 would be
192.168.1.128/26, which gives .128 to .191 (don't trust my arithmetic -
work it out for yourself) then
192.168.1.192/28 gives you another 16 (.192 to .208).
I interpret the /28 netmask is just saying
"only match the first 28 bits of the address".

Starting at .142 is a pain, but you could do it in far fewer steps than
the 70 you would use specifying it one-by-one.
You should also consider filtering it in a new separate chain so every
packet doesn't have to go through it.
e.g. if it matches .128/25 then jump to xxchain. Then at least the bottom
half
of the subnet does not need to go through the whole set of tests.

Cameron.


> -Original Message-
> From: Luke Brown [mailto:luke@;cwr.uwa.edu.au] 
> Sent: Tuesday, 12 November 2002 11:55
> To: [EMAIL PROTECTED]
> Subject: RE: Iptables
> 
> My problem is that i need to represent a range in the middle 
> of the subnet (.142 thru to .210). I wasnt aware of a way to 
> make subnets like that, unless i was to split it say three 
> ways and only applying the rule to the middle range?
> 



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Iptables

[Cameron . Davidson]

At the risk of trying to further split an already split hair...
You can use the subnet mask, even if it does not represent the
actual physical subnet.
Thus my local network is 192.168.1.0/24 but I subdivide it for iptables
purposes
into 192.168.1.0/25 for trusted machines and 192.168.1.128/25 for machines
that are
blocked completely. (My children like to attach friend's computers for
games).
But of course, that is still limited to contiguous address ranges.

Cameron.

> -Original Message-
> From: Michael Schwendt [mailto:rh0210ms@;arcor.de] 
> Sent: Tuesday, 12 November 2002 06:41
> To: [EMAIL PROTECTED]
> Subject: Re: Iptables
> 
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
> 
> On Mon, 11 Nov 2002 13:28:48 -0600 (CST), Yoink! wrote:
> 
> > On Mon, 11 Nov 2002, Michael Schwendt wrote:
> > > On Mon, 11 Nov 2002 13:43:48 +0800 (WST), Luke Brown wrote:
> > > > Just a quick question, is there a way to specify multiple 
> > > > addresses in an iptables statement?
> > >
> > > No, there isn't. Use a loop and your favourite shell.
> > 
> > Well, not exactly. You can specify subnets, like
> > 
> > iptables -I OUTPUT 1 -p tcp -d 192.168.0.0/24 
> --destination-port 80 -j 
> > REJECT
> > 
> > which will reject 192.168.0.0 all the way through 192.168.0.255
> 
> Well, he asked about "multiple addresses", not entire sub-nets.
> 
> You can also omit the rule number when using -I or --insert. 
> And then both your and my reply would be nothing else than 
> splitting hairs. ;-)
> 
> - -- 
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.0.6 (GNU/Linux)
> 
> iD8DBQE90BXG0iMVcrivHFQRAiTdAJ9vID0VPzCPxxCgPuFQQXoXLK6orwCdEHOM
> OzJg4I3TxHBrZIO/1pbiE4M=
> =Y8/Q
> -END PGP SIGNATURE-
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: CVS GUI Admin

[Cameron . Davidson]

tkcvs

http://www.twobarleycorns.net/tkcvs.html

Cameron

> -Original Message-
> From: MET [mailto:met@;uberstats.com] 
> Sent: Tuesday, 12 November 2002 10:33
> To: RedHat List; RHN Help
> Subject: CVS GUI Admin
> 
> 
> Could anyone suggest a good gui tool to setup and use cvs (if 
> there is one).  
> I've recently installed cvs and gotten a few files in it, but 
> I have a huge 
> project I'd like to put into it and get going, and the 
> command line interface 
> is just terribly annoying to deal with for lots of files and 
> folders.  
> 
> any ideas?
> 
> ~ Matthew
> 
> -- 
>   advTHANKSance, Matthew Metnetsky
>   [EMAIL PROTECTED]
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: netbios packets & firewall

[Cameron . Davidson]

I've forgotten what happens with UDP, but I think you still get a record
of a TCP attempt with IPTRAF even if it is firewalled. Check the number of
packets replied in the iptraf listing. If the connection is dropped by the
FW
then my iptraf just shows 1 packet in, but zero packets out. 

Cameron.

> -Original Message-
> From: Edward Dekkers [mailto:edward@;tripled.iinet.net.au] 
> Sent: Tuesday, 12 November 2002 10:56
> To: [EMAIL PROTECTED]
> Subject: netbios packets & firewall
> 
> 
> Thanks to someone's suggestions on using iptraf, I found that 
> although I thought I had a fairly safe firewall, SOME 
> (admittedly very rare) netbios packets still get thrown on to 
> the ppp interface. I believe it only happens when someone 
> logs in, or when they search my LAN for active printers etc. 
> I'm not too worried, as this is pretty much normal Windows 
> behaviour. However, it is ofcourse unnecessary for Linux to 
> forward these packets.
> 
> The two in question are netbios-ss/tcp and netbios-ns/udp.
> 
> I *THINK* I can add these rules myself (although an example 
> would be appreciated), BUT, I don't want to detriment my 
> client PCs speed by selecting the wrong option (timeouts etc).
> 
> Does anyone know what would be better? DENY or DROP?
> 
> Regards,
> 
> ---
> Edward Dekkers (Director)
> Triple D Computer Services P/L
> 
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: nmap scan question

[Cameron . Davidson]

An apparently open port by itself is not a security risk,
although it is a sign that the system is badly configured.

I don't know of any specific security risk in samba. The usual risk with
netbios
is configuration. That is, how you offer file sharing. If you offer writable
disc space (especially with no passwords) then you are just asking for
trouble.
That principle applies whether it is samba, or ms-windows.
You should configure samba (/etc/samba/smb.conf, or use swat) so that it
only
accepts connections on your local network.

scan your external address from some machine elsewhere on the internet.

Cameron.

> -Original Message-
> From: linux power [mailto:linuxpower2002@;yahoo.no] 
> Sent: Tuesday, 12 November 2002 06:59
> To: [EMAIL PROTECTED]
> Subject: nmap scan question
> 
> 
> When I scanned my wan card on a fresh rh 7.2 installation the 
> netbios ports
> where closed. But after I opened the ports on my lan card for 
> samba and enabled
> ip-forwarding and masquerade the same ports are open.
> Its impossible to close them whatever I do. Is it so that 
> samba is a security risk?
> 
> Or is something completely wrong with my mashine?
> 
> 
> 
http://home.no.net/~knutove/knut_ove_hauge_kuren.htm

Prøv betaversjonen av den nye Yahoo! Mail

 
Nytt design, enklere å bruke, alltid tilgang til Adressebok, Kalender og
Notisbok



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Fwd: Re: Does Masquerade open netbios-ns port.

[Cameron . Davidson]

I don't understand the root/user difference, although nmap uses
different methods depending on user permissions.

Use
lsof -i
to tell which programs are listening on which ports.

> -Original Message-
> From: linux power [mailto:linuxpower2002@;yahoo.no] 
> Sent: Wednesday, 6 November 2002 21:57
> To: [EMAIL PROTECTED]
> Subject: Re: Fwd: Re: Does Masquerade open netbios-ns port.
> 
> 
> I use iptables and have blocked all the netbios ports, but 
> they are open when I run port scan as root, else as user they 
> are filtered. 
> 



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: The worm came from nkv.ukshells.co.uk

[Cameron . Davidson]

I can find no reference to CIH2003. Which virus scan program found them?
Does their web site have any information about it being an internet worm and
cross-infecting Linux systems?

What makes you think the Linux system is compromised?
Cameron

> -Original Message-
> From: linux power [mailto:linuxpower2002@;yahoo.no] 
> Sent: Thursday, 7 November 2002 10:34
> To: redhat mail list
> Subject: The worm came from nkv.ukshells.co.uk
> 
...
> 
>  I've also found 65 infected files
> 
> with W32CIH2003 mainly on my windows partitions.
> 
> So if anybody know about that irc worm and how to remove it 
> whitout installing
> 
> linux again I'll be happy.
> 
>  
> 
>



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: two puters running sshd behind a firewall

[Cameron . Davidson]

I think what Gabriel was trying to say, which I would suggest as well, is
that all
entry to your local system should be through machine (a). Then ssh from (a)
to (b), (c) etc.
This means you only have to have one port open externally and one copy of
sshd that is critical.
(not that you wouldn't keep them all up to date, of course).

Or do you have something messy like different user lists on the different
machines?

Cameron.

> -Original Message-
> From: christopher j bottaro [mailto:cjb@;cs.utexas.edu] 
> Sent: Thursday, 7 November 2002 06:01
> To: [EMAIL PROTECTED]
> Subject: Re: two puters running sshd behind a firewall
> 
> 
> On Wednesday 06 November 2002 07:16 am, gabriel wrote:
>>.
> 1* > ssh into (a) from the internet using ssh -p 22 24.xx.xxx.xx
> 2* > ssh into (b) from the internet using ssh -p  24.xx.xxx.xx
> > and ssh into (b) from (a) using ssh -p  192.168.0.3
> 
> doing 2* after 1* (see above) will cause ssh to bomb out 
> complaining about 
> changing host keys or something.  this is what i'm trying to avoid.
> 
> thanks,
> christopher



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Re: Does Masquerade open netbios-ns port.

[Cameron . Davidson]

>From your description it sounds like you have a worm somewhere in your
system
that is scanning for open shares.
I would guess it is more likely to be on a windows box behind your firewall.

Are you logging suspicious activity from inside your network?

Cameron.

> -Original Message-
> From: linux power [mailto:linuxpower2002@;yahoo.no] 
> Sent: Wednesday, 6 November 2002 06:46
> To: redhat mail list
> Subject: Fwd: Re: Does Masquerade open netbios-ns port.
> 
> 
> I set the GATEWAY=x.x.x.x in 
> /etc/sysconfig/network-scripts/ifcfg-eth1 which is my wan 
> card. Is there any other places it must be set. My isp is 
> bluecom.no and I got this netbios related line when running tcpdump. 
> 
> a217.118.65.180 > 162.45.10.77.netbios-ns 
> 
> where the leftmost ip is my wan card ip from my isp. 
> 
> But the rightmost ip is changing all the time so I was wonder 
> if that netbios-ns is through my maschine and if that port is open? 
> 



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Booting linux

[Cameron . Davidson]

It sounds like you have not set the linux partition as the "active" one.
Use linux fdisk to check and possibly fix that.

You should never have to reinstall, assuming you have a good install in the
first place.

Cameron.

> -Original Message-
> From: Greg [mailto:gklofa@;adsl.on.net] 
> Sent: Monday, 4 November 2002 15:51
> To: [EMAIL PROTECTED]
> Subject: Booting linux
> 
> 
> Hi, 
> new to linux and need help.  I currently have windows xp 
> installed on my system (on a fat32 partition).  I really 
> would love to get rid of it all together, except I need it 
> for games I play.  Anyway, when I install linux, I can't get 
> the boot loader to work.  Windows was installed first, and I 
> install linux after, using the automatic partition option, 
> and choose lilo as my boot loader, and have it install the 
> boot information on the fist sector of the linux partition 
> (have also tried installing telling it to use the mbr 
> option), but the computer still boots straight into bloody 
> windows.  I currently have to use a boot disk to access 
> linux.  What is going wrong?  Is there a way to get linux to 
> boot properly without having to re-install everything again, 
> or even if I have to re-install, how do I get it all to work. 
>  When selecting partitions and the such, linux actually gives 
> me a message saying there may be a problem with the way the 
> system is set up and accessing /boot, and strongly reccomends 
> me to create a boot disk due to possible problems loading into linux. 
> 
> thanks for the help, cause this is really getting me annoyed. 
> 
> regards Greg.
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: problem in RH7.3

[Cameron . Davidson]

I am not sure what you mean by "cannot see the windows partition".
Are you expecting it to be automatically mounted? Does it have an entry in
/etc/fstab?
Does it fail when you try to mount it manually?
Is is on a separate hard disc, that you cannot see? How are you looking for
it?
Can Linux fdisk see it?

Cameron.

> -Original Message-
> From: Rodrigo Peplau [mailto:peplau@;syndrome.com.br] 
> Sent: Saturday, 2 November 2002 23:41
> To: [EMAIL PROTECTED]
> Subject: problem in RH7.3
> 
> 
> Hi there,
> 
> I'm first time using Linux. After installed I was configuring 
> the system, trying to mount a windows (fat32) partition. 
> Everything goes well.
> 
> But when I tryed to install my soundcard (ForteMedia 801), 
> with a downloaded pack from ALSA Project, something strange happened.
> 
> When I'm booting now appeared a new occurency of Linux in the 
> LILO, in that the sound's working but I cannot see the 
> windows partition not even a CDROM.
> 
> Someone could help me?
> 
> -- 
> Best regards,
>  Rodrigo  mailto:peplau@;syndrome.com.br
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Masquerade hacking problem.

[Cameron . Davidson]

> -Original Message-
> From: linux power [mailto:linuxpower2002@;yahoo.no] 
> Sent: Sunday, 3 November 2002 05:51
> To: redhat mail list
> Subject: Masquerade hacking problem.
> 
> 
> It seems that masqureade use netbios-ns port to broadcast for 
> the whole world thats its seeking a vacant ip address.That it 
> a major firewall problem in my computer because I cant close 
> the netbios ports, and result in hacking attempts all the time.
> 
> Nobody told me that when they recommended masqurade.
> 

In case the other messages did not sink in...

1. There is no reason I can think of why you can't close those ports. In
fact there is
no good reason why they should be open at all. If you really DO require
netbios traffic
externally then use a VPN. 

2. masquerade does not "use" netbios-ns. Maybe your policy allows it
through. In
which case your rules are wrong. The netbios-ns is either being forwarded
from a local ms-windows box (you should not be allowing this) or else you
have samba on
your firewall configured wrongly. It should only be allowed on your local
network (set in smb.conf).

3. masquerade cannot even handle netbios over tcp/ip. It is one of those
nasty packet formats
that require helper routines to mangle the header. As far as I know it has
never been done
for Linux. Certainly not for ipchains/masq.

4. Perhaps you are using a trivial firewall ruleset, which might be OK for
testing things
out, but not for full-time use. As others have said already, block
everything and then
only allow what is necessary.

5. BTW, the netbios broadcast is for a name in a workgroup, not an IP
number.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Connecting two LAN

[Cameron . Davidson]

> -Original Message-
> From: Toto Gamez [mailto:egamez@;bonheur.com.ph] 
> Sent: Thursday, 24 October 2002 11:04
> To: [EMAIL PROTECTED]
> Subject: Re: Connecting two LAN
> 
> 
> Does this means that I have to install SAMBA on my RHbox 
> router on both network? I'm not using any caching server and 
> I only control the internet browsing tru ipchains so if I use 
> DHCP i would be hard for me to tell whose user can access the 
> internet but Im on the processing of reading and studying 
> this DHCP and Squid my boss just ask to see all the connected 
> computer on both network for easy support and we dont have to 
> get to travel to another office for support. Please help
>  

you should have a WINS server on each subnet to enable a unified
naming scheme for the PCs to register their names. 
I think you might be able to get away with connecting PCs via raw
IP numbers (e.g. type
\\192.168.x.y\share_name
in the run command box. But that is really not a good long-term
solution.

Internet restriction per machine - DHCP will allow this and in fact make it
easier to
maintain from off-site.  You can assign fixed IP addresses easily via DHCP,
you just tie them to each interface's MAC address. So for example if you had
a few
machines allowed on the internet you assign them fixed IPs and the others
you
allow to assign dynamically in a different range of your subnet. You still
need the same filter (ipchains or iptables) settings to allow/disallow
browsing for
certain IP addresses. Or you could force all browsing through squid, and use
it to
control access (to some extent - not as flexible as iptables). Or both.


Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: System Time Problem

[Cameron . Davidson]

> Knowing there are actually two clocks running in my server, 
> the Linux System time and the Hardware Clock. We're trying 
> now to sync the System time with the hardware clock every 
> hour using a cron job. 

Why? sync which way? do you know which is more accurate?
I didn't think anything used the HW clock except at boot.
You only sometimes need to sync at poweroff (which already gets done).
Are you running an ntp client?

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Connecting two LAN

[Cameron . Davidson]

> 1. Go to the bookstore and buy a good intro to TCP/IP book.  
> O'Reilly has  a very good one..

Definitely read up more. You will have many unsolvable problems
until you understand subnets, netmask etc better than now.
You are certainly jumping in the deep end.

> 2. Next - pick one of these 3 solutions to your problem:
> 
>   1. ...2..
>   3. Setup your Linux machine as a bridge.
>  http://www.linux.org/docs/ldp/howto/BRIDGE-STP-HOWTO/

I would not like to use a bridge. From my understanding of it, it
creates a single subnet from two physically separate networks.
Remembering that this is over a modem (what is the upstream speed
at each end?) then all broadcast traffic  is
going to travel the modem, as well as the traffic that really needs
to go across it.
Where would a DHCP server go? Can you have two on the one subnet?
If not then you would have to make sure you have a permanent link.
The only reason I can think of to use a bridge is if you HAD to
support other non-routable protocols, like IPX.

I think separate subnets are the better option in the long term.
Assuming you are running DHCP then it is not much problem to change.
If you aren't, then now will be the perfect time to start.

And the Windows machine browsing will, I think, need WINS servers
if you don't already have them. (I presume you mean that win boxes on
one site want to share files/printers with win boxes on the other site).
Samba would presumably be OK as WINS servers,
or are you running Win2k servers?
What about authentication of users on Win boxes?
The solutions will depend on what you do now.

And if network B is browsing the internet via network A, then I
would definitely recommend running a squid proxy server on
network B (in addition to any you might have on network A).
This depends, of course, on how many machines you have connected on network
B.

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Broken hwclock? [was Re: Loosing Time]

[Cameron . Davidson]

I had a different issue, and it relates to how chronyd works. Chronyd fails
to work
correctly if something outside its scope tinkers with the hardware clock and
if,
as on my system, I am not usually connected to the internet.
My 6.2 system did not do a 'hwclock --systohc' when it shut down, but 7.3
does, and that
tripped me up for a while, with rapidly diverging times.

I have not noticed any difficulties with hwclock itself.

Cameron.

> -Original Message-
> From: Wolfgang Pfeiffer [mailto:[EMAIL PROTECTED]] 
> Sent: Saturday, 12 October 2002 04:15
> To: [EMAIL PROTECTED]
> Subject: Broken hwclock? [was Re: Loosing Time]
> 
> 
> On Oct 11, 2002, 11:45 (+1000) [EMAIL PROTECTED] wrote:
> 
> > One problem with RH7.3 is that one needs to remove the command 
> > 'hwclock --systohc' from /etc/rc.d/init.d/halt otherwise it gets 
> > really confused.
> 
> ... I'd be *extremely* careful with the hwclock version as 
> shipped with the Redhat util-linux package ...
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Stupid question about SSH keys and security

[Cameron . Davidson]

you still need a passphrase to unlock the key. (99% of the time).
So even if somebody steals your private key file they still
need your passphrase to use it. It is possible to set one up
with a null passphrase, but,
not surprisingly, that is not recommended.

If someone has stolen your private key file then your system has
probably been horribly compromised anyway.

Cameron.

> -Original Message-
> From: Peter Kiem [mailto:[EMAIL PROTECTED]] 
> Sent: Friday, 11 October 2002 11:31
> To: Red Hat Mailing List
> Subject: Stupid question about SSH keys and security
> 
> 
> Hi,
> 
> This might seem a stupid question but I often see people 
> recommending that 
> you never log into SSH with password but rather use keys.
> 
> Doesn't this create a security issue as if someone manages to 
> break into one 
> computer you own they can simply SSH straight into the other 
> systems without 
> passwords using the keys stored on that computer?
> 
> At least if you are using passwords they need to work out the other 
> computer's passwords before they can SSH into them?
> 
> -- 
> Regards,
> +-+-+
> | Peter Kiem.^.   | E-Mail: <[EMAIL PROTECTED]> |
> | Zordah IT /V \  | Mobile: +61 0414 724 766|
> |   IT Consultancy &  /(   )\ | WWW   : www.zordah.net  |
> |   Internet Hosting   ^^-^^  | ICQ   : "Zordah" 81 |
> +-+-+
> 
> 
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Loosing Time

[Cameron . Davidson]

I am not sure about recent ntpd versions,
but they were originally only designed for permanent connections.

I use chronyd, which was designed to keep track when machines are offline.
www.chrony.org
One problem with RH7.3 is that one needs to remove the
command 'hwclock --systohc' from /etc/rc.d/init.d/halt
otherwise it gets really confused.

Cameron.


> -Original Message-
> From: Sam Currie [mailto:[EMAIL PROTECTED]] 
> Sent: Friday, 11 October 2002 19:33
> To: RedHat General - Mailing List
> Subject: Loosing Time
> 
> 
> My computer keeps loosing time, about an hour a day. 
> 
> I have Redhat 7.3 running on a Dell Latitude C800. I have 
> configured ntpd to sync to a Windows 2000 server at work and 
> this works fine, as long as I'm connected to the network at work. 
> 
> As soon as I disconnect I start loosing time.  On the same 
> machine I have Windows XP installed and I have never had 
> issues with time. 
> 
> Any ideas?
> 
> Thanks,
> 
> Cheers, Sam
> 
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: VPN Masquerade on Red Hat 7.1

[Cameron . Davidson]

I am not sure about 7.1, but presumably you can/should upgrade to the
latest 7.3 kernel anyway.
I changed from 6.2 to 7.3 recently. I masq MS PPTP from
a win98 machine to a win2k server. My recollection is that
it stops working under ipchains, so I took the opportunity (was forced)
to convert to iptables. It works with no patches needed, although
I tend to recompile from redhat kernel sources,
so I cannot comment about stock kernels.

Cameron.

> -Original Message-
> From: George Agnelli [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, 9 October 2002 19:30
> To: RedHat list
> Subject: VPN Masquerade on Red Hat 7.1
> 
> 
> Hi, I'm trying to set up my Linux gateway/firewall to 
> masquerade an outgoing VPN client to a Windows 2000 VPN 
> server. According to the Linux VPN Masquerade home page
> (http://www.impsec.org/linux/masquerade/ip_masq_vpn.html) it 
> seems that I need to apply the VPN masquerade patch to the kernel.
> 
> Could anyone confirm that this is necessary on Red Hat 7.1. I 
> have kernel version 2.4.x out of the box with no other 
> patches applied. Or does it already contain this patch?
> 
> George
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Problem on 6.2 on hda.. but I have no one

[Cameron . Davidson]

So, something is trying to access a cdrom via /dev/cdrom, which
is pointing to the wrong device.
Do you have a real cdrom? If so link /dev/cdrom to that.
What is trying to access cdrom? could be an audio player,
or cdrom automounter, or something else..

If it has only started recently then the obvious
question is:
Have you updated anything recently? anything at all?
Do the errors happen when X-windows is running?
If so go to runlevel (I think) 3 to stop X login
and see if the errors go away.

Cameron.

> -Original Message-
> From: Alessandro Fiorenzi [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, 2 October 2002 19:15
> To: [EMAIL PROTECTED]
> Subject: RE: Problem on 6.2 on hda.. but I have no one
> 
> 
> This is a running installation but I have take a look to 
> syslog anly last week finding these erros 
> in /dev/ with ls -la I get : 
> lrwxrwxrwx1 root root3 Feb  9  2001 cdrom -> hda 
> 
> The message is continuosly 
> 
> A.Fiorenzi 
> 
> 
> On Wed, 2002-10-02 at 02:49, [EMAIL PROTECTED] wrote: 
> 
>   When does this occur? during boot?
>   What is your ide configuration?
>   is there a symlink maybe from /dev/cdrom to hda instead of
>   the real drive?
>   Is this a new 6.2 installation? Or have the errors 
> suddenly started?
>   Cameron
>   



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Problem on 6.2 on hda.. but I have no one

[Cameron . Davidson]

When does this occur? during boot?
What is your ide configuration?
is there a symlink maybe from /dev/cdrom to hda instead of
the real drive?
Is this a new 6.2 installation? Or have the errors suddenly started?
Cameron

> -Original Message-
> From: Alessandro Fiorenzi [mailto:[EMAIL PROTECTED]] 
> Sent: Tuesday, 1 October 2002 23:11
> To: [EMAIL PROTECTED]
> Subject: Problem on 6.2 on hda.. but I have no one
> 
> 
> Well we have an Installation with RedHat 6.2 and I have seen 
> a continuos scolling of this kind of error, here the error message 
> 
> Oct  1 15:04:22 host kernel: cdrom: open failed. 
> Oct  1 15:04:23 host kernel: hda: packet command error: 
> status=0x51 { DriveReady SeekComplete Error } 
> Oct  1 15:04:23 lhost kernel: hda: packet command error: error=0x54 
> Oct  1 15:04:23 host kernel: ATAPI device hda: 
> Oct  1 15:04:23 host kernel:   Error: Illegal request -- 
> (Sense key=0x05) 
> Oct  1 15:04:23 host kernel:   Invalid field in command 
> packet -- (asc=0x24, ascq=0x00) 
> Oct  1 15:04:23 host kernel:   The failed "Start Stop Unit" 
> packet command was:  
> Oct  1 15:04:23 host kernel:   "1b 00 00 00 03 00 00 00 00 00 00 00 " 
> Oct  1 15:04:23 host kernel:   Error in command packet byte 
> 23769 bit 0 
> Oct  1 15:04:23 host kernel: cdrom: open failed. 
> Oct  1 15:04:23 host kernel: hda: packet command error: 
> status=0x51 { DriveReady SeekComplete Error } 
> Oct  1 15:04:23 host kernel: hda: packet command error: error=0x54 
> 
> 
> The problem is that we have no hda!!! so I do not understand 
> the reason of this error 
> 
> Can anyone help me ? 
> 
> Thanks 
> 
> A.Fiorenzi 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: XP and Linux

[Cameron . Davidson]

> ... If anybody wants a working link to the 
> samba-PDC-Howto let me know.

It must have been a brief glitch:
http://samba.mirror.aarnet.edu.au/samba/docs/Samba-HOWTO-Collection.html
is fine, as is
http://us1.samba.org/samba/docs/Samba-HOWTO-Collection.html

The older PDC-howto is now apparently merged into this collection.

the earlier howto is found under the rather
less than obvious link "older doco that comes with the source"

Cameron.



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: samba & web interface

[Cameron . Davidson]

> On 17-Sep-2002/13:22 -0500, Roger Schmeits 
> <[EMAIL PROTECTED]> wrote:
> >What is available for a web interface for samba.  Looking 
> for something 
> >for about 500 folders for over a LAN. Would be nice if a 
> person could 
> >access there home drive thru a web browser.
> 
> What advantage do you see over using Windows' built-in, 
> Samba-compatible file management tools?

I don't understand why either.
use Samba's automatic setting up of home shares, map to 'H:',
and point web browser at "file://H:/"
or file://servername/home



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: XP and Linux

[Cameron . Davidson]

> 
> P.S. M$'s suggestion of using NETBUE on XP is a farce. 
> Uninstall it. NetBue is dead. It should all communicate just 
> fine over IP. (Samba does).

I don't think it was Netbeui that was referred to,
but netbios over tcp/ip, which is different.

netbios basically carries the MS junk that Samba talks,
and has been shoe-horned over the years to be carried within either
netbeiu (yes, I don't know
how to spell it either) or IPX or TCP/IP (port 139) and UDP 137-138.

>From Win2k, MS used a native tcp/ip implementation on port 445 
that they named CIFS, but you can install "netbios over tcp/ip"
support for backwards compatibility. So the suggestion from MS
may have been quite sensible.
I don't know samba's current CIFS support.

Don't trust the details here, go to
 www.samba.org -> documentation -> and follow your nose.

Cameron



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: RH7.3 freeze!!!!

[Cameron . Davidson]

I had a similar problem ages ago.
Turned out the AGP4x only worked 99.99% of the time.
It always eventually crashed (linux or windoze) when doing something
graphical.
Try lowering the bios video settings for a while.
Screensavers? If this is meant to be a serious server then
why not a blank screensaver? (not that that is a solution to the problem)

Cameron.

> -Original Message-
> From: michael [mailto:[EMAIL PROTECTED]] 
> Sent: Friday, 13 September 2002 12:18
> To: [EMAIL PROTECTED]
> Subject: Re: RH7.3 freeze
> 
> 
> Hi,
> 
>  All I can tell you from my previous experience is that it is 
> a timing 
> issue with your hardware.  The culprit is usually the
> video card.  You might try a different video card for starters.  Make 
> sure nothing is overclocked (Which I doubt it is)
> Bad memory could be a problem too.
> 
> Good luck!
> 
> Mike
> 
> [EMAIL PROTECTED] wrote:
> 
> >Hello fellows
> >
> >We've just purchased a new wannabe server i386PC.
> >So I've installed RH 7.3.
> >
> >the problems are as follow :
> >
> >I'm having random lockups and freezes..
> >I'm using two kernels, 2.4.18-3 which comes with rh7.3 the normal 
> >kernel and the smp which ships with linux too.
> >well.. by the way, the computer is OFFLINE, so nobody hacked 
> it or reboot it.
> >nothing is configured. just installation parameters. dns, ip, etc..
> >
> >1- two days on since install, loggued as user at X mode I 
> leave desktop 
> >locked at screensaver "pyro"
> > 
> >- when I arrive yesterday to work and went to check the server, the 
> >system was completely freezed. It was using smp kernel.
> >
> >So. restating, select the normal kernel, boot ok. since a while... 
> >freeze again... oops..
etc...



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Linux looks for hda, hdb etc when there are none ...

[Cameron . Davidson]

If you still need EIDE devices enabled (maybe you have cdrom reader etc)
you can add
append="hda=noprobe"
to lilo.conf



> -Original Message-
> From: Arthur Chan [mailto:[EMAIL PROTECTED]] 
> Sent: Wednesday, 11 September 2002 03:20
> To: [EMAIL PROTECTED]
> Subject: Linux looks for hda, hdb etc when there are none ...
> 
> 
> Hi all.
> One of my boxes uses SCSI. On the ASUS m/b I toggled EIDE h/d 
> off.  This is fine for the BIOS on booting up, it fines the 
> Adaptec and proceeds happily. 
> However when RH7.1 loads, it starts looking for hda, hdb etc 
> when in fact they are sda, sdb etc and RH7.1 throws these 
> error messages : hda : IRQ probe failed (...) hda : IRQ probe 
> failed (...) hda : noresponse, resetting drive hdb : IRQ 
> probe failed (...) and so on ... then continues loading 
> successfully. It is *annoying*, can someone tell me how to 
> get rid of these spurious error messages ?
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Routing / Bridging problem

[Cameron . Davidson]

Does the PC at .4.x have a .4.220 gateway?

I got confused by the auto word-wrap somewhere, because,
 when I first saw the drawing,
the diagram said eth1 was nothing and the internet was at the other end
of the radio.

Cameron.
> -Original Message-
> From: dbrett [mailto:[EMAIL PROTECTED]] 
> Sent: Friday, 6 September 2002 07:56
> To: '[EMAIL PROTECTED]'
> Subject: RE: Routing / Bridging problem
> 
> 
> Have a look at your routing table then and default gateways 
> for the devices in question.  
> 
> It is probably one of these.
> 
> david
> 
> On Fri, 6 Sep 2002, Linux wrote:
> 
> > IP forwarding is on as the .1.x network can talk to the 
> internet via 
> > eth1 on 10.0.0.x
> > 
> > Any other clues?
> > 
> > Many thanks
> > 
> > Mike
> > 
> > -Original Message-
> > From: dbrett [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, 6 September 2002 09:21
> > To: '[EMAIL PROTECTED]'
> > Subject: RE: Routing / Bridging problem
> > 
> > 
> > It sounds like IP forwarding is not on.
> > 
> > Just a guess.
> > 
> > david
> > 
> > On Fri, 6 Sep 2002, Linux wrote:
> > 
> > > Hi Cameron
> > > 
> > > 192.168.1.x (eth0) is the local LAN which has internet access via
> > 10.0.0.220
> > > and this works always has worked
> > > 
> > > Although there are other networks on x.x.2.x and x.x.3.x they are 
> > > handled
> > by
> > > other systems
> > > 
> > > I have just implemented a new network at x.x.4.x. This is via a 
> > > Radio wave LAN bridge. This is being implemented via our 
> Linux RH7.2 
> > > box using IPTables. The .4.x network has been implemented as an 
> > > aliased address on eth0 with the .1.x network
> > > 
> > > The interface card is at 1.220 for the local LAN and 
> 4.220 for the 
> > > radio LAN.
> > > 
> > > >From the radio network I can Ping 4.220 and get a reply. 
> From the 
> > > >.1.x
> > > network I can ping the .4.220 and the .4.253 and 4.254 radio link 
> > > bridge devices.
> > > 
> > > >From a PC at the other end of the radio bridge I can ping both  
> > > >radio
> > > devices and the Linux interface @ 4.220.
> > > >From a PC at the other end of the radio bridge I cannot ping or 
> > > >contact
> > > either the 1.220 interface nor any PC on the .1.x network
> > > 
> > > Redhat 7.2 with IPTables eth0 has .1.220 and an aliases address 
> > > .4.220
> > > 
> > >   Radio   Radio   
> Linux Box
> > >   End1End2xxx
> > >   4.220   
> x x
> > > ---   x  x ---x  x -- 
> x x-eth1
> > > x.x.x.x = Internet
> > >   x  xx  xeth0
> x x
> > >   -   
> x x
> > >   192.168.4.254   192.168.4.253   -   xxx
> > >   -
> > >   eth0 also = 
> 1.220 and other
> > > PCs on .1.x
> > > 
> > > 
> > > 
> > > --
> > > redhat-list mailing list
> > > unsubscribe 
> mailto:[EMAIL PROTECTED]?> subject=unsubscribe
> > > 
> 
https://listman.redhat.com/mailman/listinfo/redhat-list
> > 
> 
> 
> 
> --
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 
> 
> 
> --
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Routing / Bridging problem

[Cameron . Davidson]

I'm confused.
What is eth1 doing?
why have you aliased eth0?
where is the bridge?
where are the ..1.x PCs?
What are you trying to do?

Cameron.

> -Original Message-
> From: Linux [mailto:[EMAIL PROTECTED]] 
> Sent: Thursday, 5 September 2002 05:09
> To: 'Redhat-List (E-mail)
> Subject: Routing / Bridging problem
> 
> 
> Hi can anybody help
> Redhat 7.2 with IPTables eth0 has .1.220 and an aliased address .4.220
> 
...diagram removed...
> Facts
> 1)Can ping from Radio end1 to eth0 4.220
> 2)Can ping Radio1 from Linux box
> 3)Cannot ping to .1.x network PCs or internet from 4.x
> 
> I have added a static route to eth0 via Webmin. Cant figure 
> out route  add command there is an extra route added by the 
> system x.x.4.0 * 255.255.255.0  eth0
> 
> what is the correct syntax for using route add & route delete
> 
> I have enabled all IPTABLE entries to provide the same 
> connectivity for .4.x as for .1.x. I seem to be loosing 
> packets after they enter the Linux router
> 
> Any help much appreciated
> 
> Many Thanks
> 
> Mike
> 
> 
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
> https://listman.redhat.com/mailman/listinfo/redhat-list
> 



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: LILO - Boot other os's

[Cameron . Davidson]

> > I have a linux box in our programmers area.  This is really 
> going to 
> > be a test machine for them to test programms on diferent window's 
> > os's.  It is setup with 4 primary partions.  Linux 7.3 
> (2.4.18) is on the first /dev/hda1
> > and I created 3 fat16 dos partions on /dev/hda2, /dev/hda3, 
> /dev/hda4.   I
> > would like with LILO to choose which partion will boot. Below is my 
> > lilo.conf file.

This info might be out of date, but...
As far as I know, dos-based windows (i.e. Win-9x) cannot support multiple
primary DOS partitions. How did you manage to create them?
LILO might be working, but perhaps the windows loader is resorting to what
it 
thinks is C:. How did you install them all on separate partitions?

If it's win9x you are talking about, then forget it, they are too stupid to
cope with unusual partitioning schemes. (I'm just guessing about ME,
but, based on other experience...). From what I have read in the past,
DOS, i.e. Win 9x, scans the discs in the following order: 
the primary dos partition on each non-removable drive
hda, hdb, hdc, hdd, then all logicals on hda then all logicals on hdb, etc
and assigns C:, D:, etc as it finds them. You might want to check the
MS web site, but I am sure there is no way to assign other primaries.
You might get away with multiple logical partitions, for multiple win9x
systems, but make sure you reinstall each time. Partition magic might
perhaps be able
to cope with the duplication (never done it myself).

NT/2k and presumably xp are smarter, but they have to be NTFS partitions to
have multiple primaries.
I'd recommend you get them working in MS multi-boot config first.
I used to boot Linux, NT4, win98 and dos, as follows.
Set up a small C: dos primary just
to hold lilo, and windows boot loaders, then install win9x on a logical
partition, then NT/2k and it will provide multiboot configuration.
Then reinstall lilo (keep that bootable floppy handy)
and have a single lilo entry to boot the NT/2k loader,
which handles all the Win stuff.

Cameron



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: does USB printing work under RH7.3 with LPRng?

[Cameron . Davidson]

OK, it is now working. But I don't know why.
I rebooted the 6.2 system (kept on separate partitions) 
and verified everything worked, and when I rebooted 7.3 it started
working.

LPRng DOES support usb.

The mysterious "ignoring set_interface..." message has gone.
I can only assume it was due to recompiling the kernel.
I remember adding the sound card and removing an ether device
but can't remember any other changes, but I am getting old...

Cameron.


> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
...
> The printer registers when I plug it into the USB port.
> But, there is a message that did not appear under
> the 2.2 kernels: the one about "ignoring set_interface...". 
> Is this important? The printer driver seems to think the 
> relevant device number has been set.
> 
> snippet from kernel log file:
> hub.c: USB new device connect on bus1/2, assigned device number 3
> usb.c: ignoring set_interface for dev 3, iface 0, alt 0
> printer.c: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 
> proto 2 vid 0x04B8 pid 0x0001 ... and later
> usb.c: USB disconnect on device 3
> printer.c: usblp0: removed



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

does USB printing work under RH7.3 with LPRng?

[Cameron . Davidson]

I have an epson printer that has been happily printing under RH6.2 via
the USB interface. (with recent 2.2 kernels and the latest lpd RPM)
I have upgraded to 7.3 (that was a saga in itself that I have no desire to
repeat)
and cannot get anything to the printer.

If I use the parallel port it still works (I have two printcap entries),
if I plug it into a Win-98 machine the USB works.
The pll port is far too slow and cpu-intensive for printing photos - I need
the USB.

The LPRng documentation installed in /usr/share/doc from RH7.3 says that
LPRng does NOT support USB printers, but the RH guide (cg chapter 21) says
that it does.
Which is right?

If I try printconf-tui it seem happy until I try the test page, then it
tells me
"There was an error". Thanks. Somebody has been to the microsoft error
message school.
On second thoughts, at least it didn't offer a suggestion that was obviously
wrong.

The printer registers when I plug it into the USB port.
But, there is a message that did not appear under
the 2.2 kernels: the one about "ignoring set_interface...". Is this
important?
The printer driver seems to think the relevant device number has been set.

snippet from kernel log file:
hub.c: USB new device connect on bus1/2, assigned device number 3
usb.c: ignoring set_interface for dev 3, iface 0, alt 0
printer.c: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 2 vid
0x04B8 pid 0x0001
... and later
usb.c: USB disconnect on device 3
printer.c: usblp0: removed

Once I send something to the print spooler, lpc.LPRng reports that it is
printing.
But nothing ever gets printed.
(yes, the old lpd package stuff had been all removed)

Please can somebody point me in the right direction?
-----
Cameron Davidson,

CSIRO Manufacturing & Infrastructure Technology  



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list

RE: Bridge question.

[Cameron . Davidson]

I don't think you want a bridge, you want IPTables with NAT, or ipchains
with masquerading.
By my reading, if the adsl modem expects to speak to more than one computer
at a time then it will be a router and have multiple ethernet outlets. It is
unlikely that the interface at the other end of your adsl connection expects
to be communicating directly with 2 different IP addresses.

I have a linux server with modem (ppp) link to internet as well as two
ethernet cards:
one for my old 10-base-2 network and one for 10-base-T/TX.  The bridge is
used to connect
my two local nets to each other to appear as a single subnet, and so the
kids can still play IPX-based games etc. But I use masquerading to allow the
Windoze boxes to access the internet.

Cameron.

> -Original Message-
> 
> I have 2 windows boxes and want them to connect to my linuz 
> box which is connected to internet through a adsl modem. The 
> Linuz box has 2 nics , one for the internet connection (eth0) 
> and 1 (eth1)to the hub where the windows boxes are connected. 
...etc



-- 
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list