Re: [leaf-user] What are syslinux.cfg and/or lrpkg.cfg files ???

Hi Craig At 01:44 31.07.2002, Craig wrote: >Hey Erich, >What do you mean "You can start with what's in your syslinux.cfg and >expand it"??? I've looked on my Dachstein CD, and I don't even see a >syslinux.cfg file! How do I know if I have one on my CD, how do I find >it, and how do I "look" at it

Re: [leaf-user] How do I set eepro nic to 100mbit?

Thus spake Kory Krofft: > Can someone tell me how I can force my internal NIC (Intel 10/100 using > PCI eepro module) to run at 100mb full duplex? My switch does not > support > autosense and everytime I reset it I have to reboot the firewall to get > my connection back. 'options=48' parameter wi

Re: [leaf-user] Earthlink PPP connection info (was: Problem bootingBering RC3)

- Original Message - From: "Mike Noyes" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 30, 2002 9:16 AM Subject: Re: [leaf-user] Earthlink PPP connection info (was: Problem bootingBering RC3) > On Tue, 2002-07-30 at 00:41, Brad Fritz wrote: > > On Tue, 30 Jul 2002 00:43

[leaf-user] Newbie

I've been installing std Linux RH versions and have played around with Keeper-Linux (CD Bootable). I came across LEAF reference in Shorewall. My objective: build a secure router/firewall/bandwidth manager system preferably without any moving components and a disk/fs component that would allow me

RE: [leaf-user] Newbie

Comments inline. > >My objective: build a secure router/firewall/bandwidth manager system >preferably without any moving components and a disk/fs component that >would allow me to make the device read-only thro' physical means e.g. >tabs, jumpers etc. I intend using a flash 8MB IDE module. I know

RE: [leaf-user] DHCP stuff (more)

Thanks for your response, Ray. Hopefully I can clarify. > First, how many different computers have you tested? Did you try Gnatbox > software and Dachstein on the same computer (or do you have the hardware > version of Gnatbox)? Is the Win98 computer a different physical machine? Yes. Origina

[leaf-user] Static routes in Bering

>-- Original Message -- >From: Troy Aden <[EMAIL PROTECTED]> >To: "Leaf-User (E-mail)" <[EMAIL PROTECTED]> >Subject: [leaf-user] HOW TO ADD STATIC ROUTES TO BERING.. >Date: Tue, 30 Jul 2002 21:10:27 -0600 > > >I done a fair amount of digging and I can't find any documentation on haw >to >add stati

Re: [leaf-user] Newbie

--- S Mohan <[EMAIL PROTECTED]> wrote: [snip] > My objective: build a secure router/firewall/bandwidth manager system > preferably without any moving components and a disk/fs component that > would allow me to make the device read-only thro' physical means e.g. > tabs, jumpers etc. I intend using

Re: [leaf-user] WISP drivers loaded but can't ping

So, did you try changing /etc/init.d/pcmcia as I have described? It seems like the packets do not get sent. Do you use WEP? Ray wrote: > On Tue, Jul 30, 2002 at 04:43:15PM +0300, Vladimir I. wrote: > >>Looks like a PCMCIA bridge configuration issue. I had similar problem with >>the new Teletr

Re: [leaf-user] DHCP on Bering or WISP-Dist

Ok. However WISP-Dist has dhcpd already included in the root package. Robert Everland wrote: > Actually I had to edit the syslinux.cfg and add in dhcpd, it wasn't even > loading at all. I did that and it worked beautifully. I think bering is a > lot better than dachstein for new users. I was abl

RE: [leaf-user] Newbie

I want to create in such a manner that every time the configuration has to be changed, the system has to be taken off the network, make writeable, config changes made and turned back to read only. Changes can be made only from console as root after remounting the fs as rw. This will avoid rootkit

RE: [leaf-user] Newbie

It is a CF/ Disk on Chip (magicram) that I had in mind. I have also checked out IDE PC Card drives and they cost approx $80-$100 and seem a good option. Here again write-protect is an issue. I was thinking I'd make partions for /var/log and /tmp which require write permissions and make the others

[leaf-user] Re: DHCP Stuff (more)

Hi All I have finally managed to resolve this issue after swapping the NIC cards between my Win98 machine and the external interface on the firewall. Apparently you were correct, Ray, my ISP must be using Mac Address authentication and were blocking any interface except my Windows one. Thanks

Re: [leaf-user] WISP drivers loaded but can't ping

Also try adding "irq_mode=0" parameter to i82365/tcic. Vladimir I. wrote: > So, did you try changing /etc/init.d/pcmcia as I have described? > > It seems like the packets do not get sent. > > Do you use WEP? > > Ray wrote: > >> On Tue, Jul 30, 2002 at 04:43:15PM +0300, Vladimir I. wrote: >> >

[leaf-user] How to use additional modules/features???

Hi folks, I'm using Dachstein CD 1.0.2, and please do correct me where I'm wrong... 1.) The purpose of an lrpkg.cfg file is to allow you to load additional .lrp modules at start-up, is that correct??? For example, in my case I don't have an ipsec.conf file in my /etc directory (as far as

RE: [leaf-user] HOW TO ADD STATIC ROUTES TO BERING..

Thanks for the link Kim. And thanks to all of you who replied to my post. I love the is list. It was helpful but I guess I was not entirely clear on what I need to know. Here is the situation. I have a router that was built with Dachstein. I am wanting to upgrade it to Bering. The routes that wer

[leaf-user] help with Dachstein

Hi all, I've been using Dachstein for months and it worked like a dream. Yesterday, I got a new piece of furniture so I moved all my computers around. Then I plugged all cables and everything back in, just the way they were before the moving, then something happened. My Dachstein firewall boun

RE: [leaf-user] Newbie

What version of LEAF are you planning to use? Bering, Dachstein, Oxygen, ... Most Leaf distributions load from some media to ram and run from there! That thus remove the worry of /var and /tmp having to be r/w and the rest being R/O! I think you will want to use BERING and it has two good guides

Re: [leaf-user] HOW TO ADD STATIC ROUTES TO BERING..

Hi Troy, Just share my experience on adding static routes to my bering box, i usually add those kind of rows on the last row of /etc/init.d/bootmisc.sh. Just add these lines on /etc/init.d/bootmisc.sh, and don't forget to back-up your etc: ip route add 192.168.140.0/24 via 192.168.147.3 ip route

[leaf-user] "Bering" installation guide for additional modules

I have transferred my Bering-rc3 files to a hard disk and boots up ok. I added more programs to syslinux.cfg but found out that not all were started and that defeats the whole purpose of booting from the hard disk. Is there any other way to add more programs tp syslinux.cfg? GD ---

Re: [leaf-user] How do I set eepro nic to 100mbit?

At 01:01 PM 7/31/02 +0400, Vladimir B. Savkin wrote: >Thus spake Kory Krofft: > > Can someone tell me how I can force my internal NIC (Intel 10/100 using > > PCI eepro module) to run at 100mb full duplex [...] >'options=48' parameter will force eepro100 module to 100baseTX-FD Just to avoid confu

[leaf-user] Bering-1.0.rc-4

Hi again all, I guess that all of you wondering about the title :) Me too. I just wondering how hard Jacques and his team work around to build that version. Just want to motivate :) Keep the good working Jacques, I want to help u but i'm sorry for my disability on programming. Maybe sometimes. Let

Re: [leaf-user] "Bering" installation guide for additional modules

Hello Godfired > I have transferred my Bering-rc3 files to a hard disk and boots up ok. I added >more programs to syslinux.cfg but found out that not all were started > and that defeats the whole purpose of booting from the hard disk. > Is there any other way to add more programs tp syslinux

[leaf-user] Re: DHCP Stuff (more)

At 08:39 AM 7/31/02 -0500, DJ Roki wrote: >Hi All > >I have finally managed to resolve this issue after swapping the NIC cards >between my Win98 machine and the external interface on the firewall. > >Apparently you were correct, Ray, my ISP must be using Mac Address >authentication and were bloc

Re: [leaf-user] help with Dachstein

At 07:27 AM 7/31/02 -0700, Du atyahoo wrote: >Hi all, > >I've been using Dachstein for months and it worked >like a dream. Yesterday, I got a new piece of >furniture so I moved all my computers around. Then I >plugged all cables and everything back in, just the >way they were before the moving,

Re:: [leaf-user] Newbie

I think the devices SMohan refers to are standard CF to IDE adapters, You might be interested in these links though, http://www.sst.com/products/58sd_ld.html http://www.sst.com/products/58sm_lm.html regards Paul - Original Message - > Message: 9 > Date: Wed, 31 Jul 2002 05:31:11 -0700 (

RE: [leaf-user] Newbie

At 06:11 PM 7/31/02 +0530, S Mohan wrote: >I want to create in such a manner that every time the configuration has >to be changed, the system has to be taken off the network, make >writeable, config changes made and turned back to read only. Changes can >be made only from console as root after rem

Re: [leaf-user] Earthlink PPP connection info (was: ProblembootingBering RC3)

Patrick, Here are my persist settings (not dial-on-demand) for Earthlink POPs. Note: you must modify /etc/ppp/pap-secrets and move /etc/ppp/no_ppp_on_boot to /etc/ppp/ppp_on_boot. /etc/ppp/options asyncmap 0 auth crtscts lock hide-password modem proxyarp lcp-echo-i

RE: [leaf-user] Newbie

On Wed, 2002-07-31 at 09:29, Ray Olszewski wrote: > At 06:11 PM 7/31/02 +0530, S Mohan wrote: > >I want to create in such a manner that every time the configuration has > >to be changed, the system has to be taken off the network, make > >writeable, config changes made and turned back to read only

Re:: [leaf-user] Newbie

Hi Paul, Ya, I've come across those in my searches (or so my browser history tells me ;). Any idea on prices? I suppose I could ask one of their distributor but maybe you have already. Also, I'm not sure what "ATA/IDE" means (I'm not a hardware geek ;). It'd be for a tiny netpc (no floppy or

Re:: [leaf-user] Newbie

Hi Cass, Larry Platzek [EMAIL PROTECTED] On Wed, 31 Jul 2002, Cass Tolken wrote: > Date: Wed, 31 Jul 2002 09:51:26 -0700 (PDT) > From: Cass Tolken <[EMAIL PROTECTED]> > To: brooksp5 <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > Subject: Re:: [leaf-user] Newbie > > Hi Paul, > > Ya, I've come across

Re: [leaf-user] How do I set eepro nic to 100mbit?

Thus spake Ray Olszewski: > At 01:01 PM 7/31/02 +0400, Vladimir B. Savkin wrote: > >Thus spake Kory Krofft: > > > Can someone tell me how I can force my internal NIC (Intel 10/100 using > > > PCI eepro module) to run at 100mb full duplex > [...] > > >'options=48' parameter will force eepro100 mod

Re:: [leaf-user] Newbie

Hey there Larry, Ya, those devices were also mentioned on the Wearables mailing list (pretty cool, if you ask me ;). But the question of write protected flash still remains with those products. Cost is also a factor for me. The CF/IDE adapter combo would be ~$50 US but no WP. The {floppy,cd-r

[leaf-user] Wisp as a router!

My network is like this: Internet <---> Firewall(NAT) <> AP1000 <> AEON(wisp) <> Client 200.200.200.1/29 200.200.200.2/29 200.200.200.3/29

Re: [leaf-user] How do I set eepro nic to 100mbit?

Hi Cass, This sure looks like it does! Net4501 SBC Description: This compact, low-power, low-cost, advanced communication computer is based on a 133 Mhz 486 class processor. It has three 10/100 Mbit ethernet ports, up to 64 Mbyte SDRAM main memory and uses a Com

Re: [leaf-user] How do I set eepro nic to 100mbit?

At 09:06 PM 7/31/02 +0400, Vladimir B. Savkin wrote: >Thus spake Ray Olszewski: > > At 01:01 PM 7/31/02 +0400, Vladimir B. Savkin wrote: > > >Thus spake Kory Krofft: > > > > Can someone tell me how I can force my internal NIC (Intel 10/100 using > > > > PCI eepro module) to run at 100mb full duple

Re: [leaf-user] How do I set eepro nic to 100mbit?

Sorry one and all I misread email and replied with the wrong answer and to the wrong individuals, I reread the email as soon as was sent, now when is the unsend key? I will try to do better in the future! Sorry once again! Larry Platzek [EMAIL PROTECTED] ---

Re: [leaf-user] help with Dachstein

I just received this private reply to a response I posted on the list. As it is of general interest (or should be), I forward it intact, with my own comments at the end. At 10:49 AM 7/31/02 -0700, Du atyahoo wrote: > > > Superficially, your symptoms sound like MAC > > authentication problems. E

Re: [leaf-user] Newbie

On Wed, 2002-07-31 at 05:31, Cass Tolken wrote: > I'm a newbie myself and I would like to ask a question of you, Mohan. > Could you tell me what kind of device you mean by "a flash 8MB IDE > module" (perhaps a URL to such a device?) Do you mean something > different than Compact Flash to IDE? Ca

[leaf-user] Bering RC3 with socks5.lrp and ez-ipupd.lrp

I made the switch from cable modem (which was getting worse every week with AT&T Broadband) back to DSL through SBC Global. After a few problems here and there, I was able to get PPPoE working with Bering RC3 on the router and the client machines through DHCPD. The only change I made to Bering

[leaf-user] Bandwidth Testing

Hello all, I know over the last two years, I've seen several threads on this, however, I still haven't seen a definitive answer. I have a eigerstein box I want to test the throughput, bandwidth, whatever it's called on. What's the best method to simulate a high load? Suggestions are welcom

[leaf-user] Ipsec or Ipsec509 ???

Hi folks, I'm using Dachstein 1.0.2. How do I know which Ipsec.lrp (or Ipsec509.lrp) to use to set up my VPN? I will likely be using the Ipsec capabilities built into my Windows clients and not Sentinel. I found what looks to be a good tutorial at http://www.natecarlson.com/include/showpage.php?ca

Re: [leaf-user] How do I set eepro nic to 100mbit?

--- Larry Platzek <[EMAIL PROTECTED]> wrote: > Hi Cass, > This sure looks like it does! Looks like it does what? Have CF-IDE with write-protection? > Net4501 SBC > Description: This compact, low-power, low-cost, advanced ... [snip] ... > I guess I do not see where the confusion is to the THREE

[leaf-user] Support Request FAQ (aka "How Do I Request Help?")

Subject was: Re: [leaf-user] help with Dachstein On Wed, 2002-07-31 at 11:05, Ray Olszewski wrote: > Mike ... should we add something about this to the SR FAQ? Or is it too > passing a problem to warrant that (I don't want to see the SR FAQ grow too > big, since even now we seem to have trouble

Re: [leaf-user] help with Dachstein

Forwarded to the list. My replies interspersed. At 12:17 PM 7/31/02 -0700, Du atyahoo wrote: >Since I am not sure if you want my reply to appear on >the Board, I will keep this a private response. You >can do whatever you want with my email. I tend to feel that everyone benefits when troublesho

RE: [leaf-user] "Bering" installation guide for additional modules

Hi Godfried, I think you must use the lrpkg.cfg file to move all LRP:... packages included in your syslinux.cfg (without the 'LRP:') because I have heard a sound about a maximum of characters to not exceed in syslinux.cfg file. I have no experience with booting from HD, but I have NOW a lot

Re: [leaf-user] Bering RC3 with socks5.lrp and ez-ipupd.lrp

Let me be sure I understand what you are saying -- the LEAF router itself cannot connect to members.dyndns.org:80, but a host that is firewalled/NAT'd behind it can (via a browser)? I'm actually guessing a bit here, since you say "I can still login through a web browser" but do not actually sa

[leaf-user] MAC - Security Issues

Since this seems to be a hot topic, I'll throw in a tidbit I just verified with my Bering-RC3 setup. History - Charter Cable Modem (Motorola). 5 (now 3) dedicated IP's. Each IP needs ethernet card to verify unique MAC address. All feeding into my Bering FW, then passed back to both a dmz with net

Re: [leaf-user] Bering RC3 with socks5.lrp and ez-ipupd.lrp

On Wed, 31 Jul 2002, Ray Olszewski wrote: > So the right thing to do is to check your ipchains or ipfilters ruleset. > Since I'm not a Shorewal expert, I have to leave it at that, aside from > suggesting that you supply the ruleset so those of us with the requisite > expertise can look for the

[leaf-user] dnscache question

Does anyone know why dnscache doesn't? If the ppp0 interface is down it will not resolve an address. Is this normal? Is there a way to change this? Antony Briggs --- This sf.net email is sponsored by: Dice - The leading online job board for

[leaf-user] wireless module crashes kernel in Bering RC2

Perhaps someone with compiling experience can offer some ideas. We 'rolled our own' module for the Breezecom PCD wireless card from the 2.4 code on the Breezecom site. They don't seem to be actively supporting this card under Linux as this code looks to be the same as when I did this for the

[leaf-user] EigersteinBETA2 and Extended Scripts 1.1

I thought I understood how to open ports and forward to DMZ. After all, I've got that working for port 80 and 22. I tried to add smtp, port 25. Yet when I run netstat -an it doesn't show port 25 open. Here are what I think are the relevant lines from my /etc/network.conf EXTERN_TCP_PORTS="0/0_sm

[leaf-user] descan

I received a link today to a company called descan that is providing a piece of software that sits on a Linux machine (currently only those based on the 2.4 kernel) and keeps track of scan activity detected and then periodically sends this information to the company, which then looks for patter

Re: [leaf-user] How do I set eepro nic to 100mbit?

Vladimir, Ray, and all, I was using the eepro. I switched to the eepro100 which works well but has the same problem. The one missing piece is regarding the "options=48" parameter. Where do I enter this line? Thank you, Kory "Vladimir B. Savkin" wrote: > > Thus spake Ray Olszewski: > > At 01

Re: [leaf-user] How do I set eepro nic to 100mbit?

At 08:26 PM 7/31/02 -0400, Kory Krofft wrote: >Vladimir, Ray, and all, > >I was using the eepro. I switched to the eepro100 which works well but >has the same problem. The one missing piece is regarding the >"options=48" >parameter. Where do I enter this line? In /etc/modules, after the module na

Re: [leaf-user] traceroute through Bering firewall

Tom Eastep <[EMAIL PROTECTED]> writes: > I can't reproduce the problem with MS tracert either. > > >Tracing route to animal.blarg.net [206.124.128.1] >over a maximum of 30 hops: > > 1<1 ms<1 ms<1 ms gateway.shorewall.net [192.168.1.254] > 222 ms22 ms2

Re: [leaf-user] traceroute through Bering firewall

On Wed, 31 Jul 2002, Dan Harkless wrote: > > In any case, it doesn't appear to be just me, since someone else originally > reported this problem, and I was just confirming that I can reproduce it. > Well, until you put as much effort into getting a packet trace of the problem as you did writi

Re: [leaf-user] traceroute through Bering firewall

[EMAIL PROTECTED] writes: > Kan you do a normal ping to your bering firewall from the machine you are > tracerouting from? Yes. I show the output of that in the post I just made. --- Dan Harkless | To prevent spam contaminat

Re: [leaf-user] traceroute through Bering firewall

"Dan Harkless" <[EMAIL PROTECTED]> writes: > Well, it certainly happens for me, both on my home LAN behind a Bering > 1.0-rc3 and on my work LAN behind a Bering 1.0-rc3: > > Microsoft Windows 2000 [Version 5.00.2195] > (C) Copyright 1985-2000 Microsoft Corp. > > C:\>tracert animal.blarg.n

[leaf-user] FORW: CERT Advisory CA-2002-23 Multiple Vulnerabilities In OpenSSL

Argh. I tried to forward the below CERT advisory to the list yesterday but it was rejected because I used a MIME-based forward. The list rejects such posts without bouncing them back to you, which is quite broken behavior, thus I need to re-compose this intoductory text. Looking at the series

RE: [leaf-user] Bering RC3 with socks5.lrp and ez-ipupd.lrp

No that's not what I'm trying to say. Here's the FAQ from dyndns.org: The abuse system automatically blocks any hostname that is repeatedly updated from the same IP. This is done to prevent the abuse that occured far too often in the old system, where a user would simply set their computer to u

RE: [leaf-user] Bering RC3 with socks5.lrp and ez-ipupd.lrp

That did the trick, Tom. Thanks for the quick reply! Now I'm certain the socks5.lrp problem is related to that and very similar to resolve. -Ping -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 31, 2002 1:40 PM To: Ray Olszewski Cc: Ping Kwong; [E

Re: [leaf-user] Ethernet card config - Bering

I also posted this issue to the realtek list. Donald Becker suggests I run mii-diag. http://www.scyld.com/diag/index.html ftp://ftp.scyld.com/pub/diag/ Is mii-diag compiled and available for Bering_1.0-rc3? If not, PLEASE? DPD > From: David Dannemiller <[EMAIL PROTECTED]> > Date: Sat, 2

RE: [leaf-user] Bering RC3 with socks5.lrp and ez-ipupd.lrp

On Wed, 31 Jul 2002, Ping Kwong wrote: > > That did the trick, Tom. Thanks for the quick reply! Now I'm certain > the socks5.lrp problem is related to that and very similar to resolve. > Yes -- for each type of connection handled by SOCKS, you must enable the connection from the firewall to

RE: : [leaf-user] Newbie

Ranges from $100 to $300. 8MB battery backed atapi device costs $250. Look up www.mesatronics.com. ATA/IDE simulated Hard drives and ATAPI simulates removable devices like CDROM. These are meant to give the reliability of non moving parts and interfaces that the BIOS of PCs are otherwise familiar

Re: [leaf-user] traceroute through Bering firewall

Tom Eastep <[EMAIL PROTECTED]> writes: > > In any case, it doesn't appear to be just me, since someone else originally > > reported this problem, and I was just confirming that I can reproduce it. > > Well, until you put as much effort into getting a packet trace of the > problem as you did wri

RE: : [leaf-user] Newbie

Hi Mohan, --- S Mohan <[EMAIL PROTECTED]> wrote: > Ranges from $100 to $300. 8MB battery backed atapi device costs $250. > Look up www.mesatronics.com. ATA/IDE simulated Hard drives and ATAPI > simulates removable devices like CDROM. I'm getting a "host not found" when I try to browse www.mesatr

[leaf-user] Noseks

Kaliteli pornonun adresi: http://www.noseks.com Binlerce porno resim ve film. Yasanmis gerçek hikayeler. Türk ünlülerin kaçamak ve gizli resimleri. Adult oyunlar. Telekizlar. Hepsi http://www.noseks.com adresinde. sadece tiklayin †+,~w­zf¢–+,¦‰ì¢·o âqäázWšv)à¢ybèèmº­×è® †×œ†šè

Re: [leaf-user] FORW: CERT Advisory CA-2002-23 Multiple Vulnerabilities In OpenSSL

Dan Harkless wrote: > > Argh. I tried to forward the below CERT advisory to the list yesterday but > it was rejected because I used a MIME-based forward. The list rejects such > posts without bouncing them back to you, which is quite broken behavior, > thus I need to re-compose this intoductor

RE: [leaf-user] Bering RC3 with socks5.lrp and ez-ipupd.lrp

Thanks again Tom. Looks like everything appears to be working great when I open loc to fw port 1080 then fw to net for ports 5190 and 1863 for AIM, ICQ and MSN for my Trillian client. Also added 6667 for irc. -Ping -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: W

[leaf-user] Bering "mount -t usbdevfs none /proc/bus/usb" fails "No such fileor directory"

Hello, My Bering 1.0-rc3 system is talking to my USB ISDN Terminal Adapter, but I've been unable to mount the usb filesystem. Can someone tell me if the Bering kernel includes support for the usb filesystem? I'm trying to mount it manually after the system boots. The first usb message to /var/

Re: [leaf-user] FORW: CERT Advisory CA-2002-23 Multiple Vulnerabilities In OpenSSL

"Michael D. Schleif" <[EMAIL PROTECTED]> writes: > Dan Harkless wrote: > > > > Argh. I tried to forward the below CERT advisory to the list yesterday but > > it was rejected because I used a MIME-based forward. The list rejects such > > posts without bouncing them back to you, which is quite b

Re: [leaf-user] Wisp as a router!

Samuel Abreu de Paula wrote about "[leaf-user] Wisp as a router!": > My network is like this: > > Internet <---> Firewall(NAT) <> AP1000 <> AEON(wisp) > <> Client > 200.200.200.1/29 200.200.200.2/29 > 200.200.200.3/29