Loading the ip_masq_ipsec module was something I did last becuase I felt that I had
tried almost everything. Even if I don't load ip_masq_ipsec I still can't ping from
subnet to subnet with this setup. Is there some other things I can try to get this
working?
This is what I have done:
1)
Hi all,
I am trying to compile my own 2.4.18 kernel, I cleanly applied the patches I
found on Jacques Nilo's page against a stock 2.4.18 kernel from
ftp.kernel.org.
The kernel compiles fine, but the minute I am trying to make modules I
constantly get segmentation fault errors.
Btw I am
Hi all,
I'll be getting ADSL here in the UK soon, and I want to have my setup all
ready, using LEAF firewall (I haven't chosen distro yet, but have used
Dachstein before)
The protocol will be PPPoA. I just need some tips really, or things to
avoid. I'm looking at various modems (or
hello all,
are there any mail server packages avalible for the lrp system? if you need
it, i am running the Dachstein image.
while i am on the subject of packages does the Dachstein image have a samba
package avalible? i have noticed this issue on the recent lists but have
deleted them by
I am searching the internet for a good bpf filter
howto/tutorial/documentation/book but can't seem to find anything usefull.
So I turn to you guys for advice, anybody has a good link?
There are a few good writeups on the BPF, but I suspect that's not what you
wnat. You're probably looking
Loading the ip_masq_ipsec module was something I did last becuase I felt
that I had tried almost everything. Even if I don't load ip_masq_ipsec I
still can't ping from subnet to subnet with this setup. Is there some other
things I can try to get this working?
This is what I have done:
1)
I have a curious and annoying problem. I am on a cable modem system for
which the DHCP server apparently sits at a private IP address 10.0.48.1
although the system address is 68.2.x.x . The annoyance is that my logs
fill up with the following message:
Apr 4 21:04:55 gwrouter kernel:
Marian Radulescu wrote:
and the second box which i wanted to act as a bridge (no firewall, no
nat...)
wlan1 - [link with ap wlan0] [prism2]
eth1 - [hub] - [other network] [eexpress]
I tryied without success to setup a bridge on the second lrp system with
Bering and using a
I've searched the online leaf archives and didn't find a compendium of
all this info that I've learned so I'm submitting it here. It is
long-winded and represents what I've learned, on a Dachstein (IDE
kernel) box, about MAC address management and dhclient dhcp - my
initial problem,
Ant Ken wrote:
hello all,
are there any mail server packages avalible for the lrp system? if you need
it, i am running the Dachstein image.
You could give a try to the qmail + vmailmgr combo.
Check:
http://leaf.sourceforge.net/devel/jnilo
Jacques
Charles:
When are you going to update your site?
You still have Ken Hadley's eigerstein2beta pppoe beta.v.0.2.img listed
under contributed images.
Ken has made a floppy version based on dachstein 1.0.2, which is what I
am using.
Robert Chambers
___
When are you going to update your site?
Probably when I get fired and have lots of free time :-/
You still have Ken Hadley's eigerstein2beta pppoe beta.v.0.2.img listed
under contributed images.
Ken has made a floppy version based on dachstein 1.0.2, which is what I
am using.
Yeah, I
Package updates:
libz
snmp
There are newer versions of the ssh packages available, as well...
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
___
Leaf-user mailing list
[EMAIL PROTECTED]
Ok, I did not know that other people had access. I thought that is
Charles's personel web site.
And only he had access to the content on it.
Robert Chambers
Mike Noyes wrote:
At 4/5/02 08:43 AM -0600, Robert Chambers wrote:
Charles:
When are you going to update your site?
Robert,
This
Antken,
Attached are most of the posts regarding Samba.
The problem with running mail on a LEAF system is space. The idea is to
keep things streamlined and small. So storing mail on a ramdisk would take
alot of ram. You'd have to modify your ramdisk size or put a hard drive
Dave Anderson wrote:
Hi all,
I'll be getting ADSL here in the UK soon, and I want to have my setup all
ready, using LEAF firewall (I haven't chosen distro yet, but have used
Dachstein before)
The protocol will be PPPoA. I just need some tips really, or things to
avoid. I'm looking at
I'd like to see the monster network configuration script broken up
more into seperate modules and sections.
The main config file would have the options to turn on and off various
settings. There would be additional files for:
local DNS definitions
DMZ setup
PPP, PPPOE, WAN links
Port
At 4/5/02 09:19 AM -0600, Robert Chambers wrote:
Ok, I did not know that other people had access. I thought that is
Charles's personel web site.
And only he had access to the content on it.
Robert,
You are correct. I'm talking about a transition from Charles's static site.
One of the reasons
I'd like to see the monster network configuration script broken up
more into seperate modules and sections.
The main config file would have the options to turn on and off various
settings. There would be additional files for:
local DNS definitions
DMZ setup
PPP, PPPOE, WAN links
Dachstein is great but
why put powerful tool like tcpdump? if the box is compromised the bad guy
has this tool.
It will be great to find docs like the one that explain Ipsec with x509
included in the CD.
what about including the package keyboard.lrp (found in oxygen, I think)?
and...
I
Marian Radulescu wrote:
I'm using Bering as a base distro. I compiled and added
prism2hostap_pci.o which is a patched version of Jouni Malinen
Prism2x-HostAP-2002-02-13 [http://people.ssh.com/jkm/Prism2/] using pci
patch Prism2x-HostAP-2002-03-08 from
First some interesting references:
http://www.linuxdoc.org/HOWTO/mini/BTI-PPP/index.html
http://www.linuxdoc.org/HOWTO/DSL-HOWTO/index.html
1/ PPPoA
Bering supports it since it is part of the 2.4.18 linux kernel.
The module is here:
Charles,
In the light of recent (and previous) posts on leaf-devel and leaf-user
about changing a network card's MAC address, here's what I did.
I changed the stock DCD 1.02 network.conf script to support this easily
and elegantly. It only involves adding a couple of lines, but I think
this
Hi Jacques,
Ok. I issuedd this commands on the second router:
brctl addbr br0
brctl addif br0 wlan0
brctl addif br0 eth0
#for some reasons wlan0 has noop !
ip link set wlan0 up
# now the ap is reporting that this interface is connected
ip addr add 192.168.1.1 dev br0
ip link set br0 up
In this
Finally, if I was to go with an internal card, is it just a case of getting
the driver and loading it as a module, then configuring the interface just
as if it was a ppp0 or eth0 etc? Do you know what the kernel would call this
interface on recognition? ppp0?
If you modem supports pppoa the
Jacques Nilo wrote:
Marian Radulescu wrote:
As mentionned in the doc, bridging has not been really tested. So let's
try it.
What says:
ifup -v br0
How looks the bridge part of your /etc/network/interfaces file ?
# ifup -v br0
ifup: interface br0 alerady configured
# brctl show doesn't show
Marian Radulescu wrote:
As mentionned in the doc, bridging has not been really tested. So let's
try it.
What says:
ifup -v br0
How looks the bridge part of your /etc/network/interfaces file ?
# ifup -v br0
ifup: interface br0 alerady configured
OK I should have asked to ifup -v br0
Hi,
I'm trying to connect my laptop ( Windows XP/ Intel Pro Wireless 2011) to
my private lan without using a dedicated access point but a linux bridge
Here is my setup .
ADSL connection ( pppoe and a dachstein CD )
works great for months... thanks CS
I got 2 intel 2021 wireless pcmcia card.
why put powerful tool like tcpdump? if the box is compromised the bad guy
has this tool.
Yeah, but I use tcpdump all the time, so I put it on the CD. Remember, if
the box is compromisied, you're kind of hosed anyway...especially if you've
got anything like ssh running, which can be easily
Jacques Nilo wrote:
Now
ifdown -v br0
ifup -v br0
and you should see what is going on ...
Jacques
In bridge if-post-down script one of the last thigs that this script is
doing is to shutdown the interfaces used for the bridge. The only thing
is that this script is using ifconfig for this
Antken,
From: Steve Fink [EMAIL PROTECTED]
Date: Fri, 5 Apr 2002 08:45:53 -0700
snip
A mail server *must* have persistent storage (*more* than a RAM-disk),
the RFCs more or less dictate that. The nice thing about a LEAF is
that the only persistent storage is physically write protected! If
Here is what I have done with bering. Dachstein should be similar. There
may be a few minor issues missing but I hope not.
I have two floppies and a hard disk. The hard disk is formatted for ext2.
(I used mulinux to do this because it was handy.) Mail is stored on the
hard disk; everything else
Le Vendredi 5 Avril 2002 21:25, Marian Radulescu a écrit :
Jacques Nilo wrote:
Now
ifdown -v br0
ifup -v br0
and you should see what is going on ...
Jacques
In bridge if-post-down script one of the last thigs that this script is
doing is to shutdown the interfaces used for the bridge. The
Paul:
Heya. This looks to me like a DHCP reply as well (checkout
http://www.echogent.com/cgi-bin/fwlog.pl to see). I think RFC-1542
indicates that port-68 is where DHCP (aka, BOOTP) replies must sent
*to*, and DHCP servers send them from port 67. Though I bet elsewhere
in your logs, you
Just a general kind of observation:
I've noticed a zillion posts to this list corncerning
LEAF on CD-ROM. I curious why there seems to be so
little interest in Compact Flash.
Admittedly, 16 or 32 MB is not 700 MB but its a lot
more than 1.44, its writable ( a million times or so)
has no
pn] It is not (yet) write-protectable. Or is it?
--- [EMAIL PROTECTED] wrote:
Just a general kind of observation:
I've noticed a zillion posts to this list corncerning
LEAF on CD-ROM. I curious why there seems to be so
little interest in Compact Flash.
Admittedly, 16 or 32 MB is
My personal response to this question is I'm Cheap. My mobo doesn't
support booting of CD Rom and the only spare CD Rom drive I have doesn't
read CDRs (altho obtaining one of these freely wouldn't be too much trouble)
- replacing those was outta the question. I installed DCD on HD - cause I
It is now - here's 2 links
http://www.embedone.com/e-main4flashmemory1.htm
http://www.quantum.com.pl/produkty_Flash_Com.html
ignore the Korean Text support thing at the first site (at least if using
IE) - it isn't needed.
S
From: Peter Nosko [EMAIL PROTECTED]
To: [EMAIL PROTECTED], [EMAIL
It is now - here's 2 links
http://www.embedone.com/e-main4flashmemory1.htm
http://www.quantum.com.pl/produkty_Flash_Com.html
Great links...I especially like the second, which indicates it's running on
a QNX based web-server. Now that's commitment to the embedded marketplace
:)
Charles
http://www.linuxgram.com/article.pl?sid=02/04/05/1126237section=newsflash
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the more I know I
Any of the standard CF to IDE adaptors should work with these devices...
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
pn] It's about time. Anyone know of an IDE interface for these?
--- Charles Steinkuehler [EMAIL PROTECTED] wrote:
Please, allow me to request two (2) enhancements to DCD that I would
like to see:
[1] last
I would really like to know when that user logged on, how long they were
on and whether or not they are still on.
[2] ps
I would like to use some att or ucb optional arguments, which would
Since no good deed ever goes unpunished, I have another question.
:) And you caught me just before I'm headed home...
I have a
Dachstein VPN/Firewall (A) with IPSEC tunnels to a Dachstein VPN/Firewall
(B) and a Cisco router running IPSEC VPN (C). I am using dnscache to
provide DNS
Dale,
Should be close to the same boot time. The throughput on the CF to IDE
should be right at the max speed of the IDE bus.
I just retimed my boot speed, after adding dhcpd and all the ip_masq
modules except IPSEC I'm at 21 seconds. Still alot faster than a floppy.
Steve
On Friday, April 5, 2002, at 12:42 PM, [EMAIL PROTECTED] wrote:
So, you will run NoCat in the DMZ.
NoCat is the Wireless gateway/Authenicator that will
allow authenticated wireless users Internet Access
through your Oxygen router.
NoCat issues it's own ip addresses to DCHP wireless
It sounds like a good time to make a request. On the web page interface I
have looked around for the IP address of eth0. Maybe it there already but
I didn't find it.
Thanks
Jason
___
Leaf-user mailing list
[EMAIL PROTECTED]
It's easy enough to put a switch on the adapters. I have two of them and
will provide some details later.
--
Sincerely,
David Smead
http://www.amplepower.com.
On Fri, 5 Apr 2002, Charles Steinkuehler wrote:
Any of the standard CF to IDE adaptors should work with these devices...
Charles
Steve,
I'm posing questions here, not answering. At some point in the future I
plan to set up a wireless AP here, and I'd like to not only use it to
access my local intranet, but also to allow users next door at the coffee
shop to access the internet, (one of whom might be me).
Have you
Charles,
We discussed these chards (PQI CF WP) on the devel list a couple of months
ago. From what we were able to determine the write protect function will
not work in true IDE mode. Sorry.
ref. search string pqi
http://www.mail-archive.com/leaf-devel%40lists.sourceforge.net/
My father and I
I've noticed a zillion posts to this list corncerning
LEAF on CD-ROM. I curious why there seems to be so
little interest in Compact Flash.
There's actually quite a bit of interest in CF, and other forms of flash
media. I suspect a couple issues are responsible for the substantially
larger
Jason Low wrote:
It sounds like a good time to make a request. On the web page interface I
have looked around for the IP address of eth0. Maybe it there already but
I didn't find it.
Thanks
Jason
It is already in Weblet
In the little box in the Upper Left Hand Corner
Click on the
Am Freitag, 5. April 2002 17:07 schrieb Charles Steinkuehler:
It looks like it's getting to be time for a new Dachstein release.
There are a number of minor bugs to fix in the system scripts, and
(more importantly) security updates to some of the packages on the
CD (SNMP and libz).
Charles;
52 matches
Mail list logo