Hi Craig
At 01:44 31.07.2002, Craig wrote:
>Hey Erich,
>What do you mean "You can start with what's in your syslinux.cfg and
>expand it"??? I've looked on my Dachstein CD, and I don't even see a
>syslinux.cfg file! How do I know if I have one on my CD, how do I find
>it, and how do I "look" at it
Thus spake Kory Krofft:
> Can someone tell me how I can force my internal NIC (Intel 10/100 using
> PCI eepro module) to run at 100mb full duplex? My switch does not
> support
> autosense and everytime I reset it I have to reboot the firewall to get
> my connection back.
'options=48' parameter wi
- Original Message -
From: "Mike Noyes" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, July 30, 2002 9:16 AM
Subject: Re: [leaf-user] Earthlink PPP connection info (was: Problem
bootingBering RC3)
> On Tue, 2002-07-30 at 00:41, Brad Fritz wrote:
> > On Tue, 30 Jul 2002 00:43
I've been installing std Linux RH versions and have played around with
Keeper-Linux (CD Bootable). I came across LEAF reference in Shorewall.
My objective: build a secure router/firewall/bandwidth manager system
preferably without any moving components and a disk/fs component that
would allow me
Comments inline.
>
>My objective: build a secure router/firewall/bandwidth manager system
>preferably without any moving components and a disk/fs component that
>would allow me to make the device read-only thro' physical means e.g.
>tabs, jumpers etc. I intend using a flash 8MB IDE module. I know
Thanks for your response, Ray. Hopefully I can clarify.
> First, how many different computers have you tested? Did you try Gnatbox
> software and Dachstein on the same computer (or do you have the hardware
> version of Gnatbox)? Is the Win98 computer a different physical machine?
Yes. Origina
>-- Original Message --
>From: Troy Aden <[EMAIL PROTECTED]>
>To: "Leaf-User (E-mail)" <[EMAIL PROTECTED]>
>Subject: [leaf-user] HOW TO ADD STATIC ROUTES TO BERING..
>Date: Tue, 30 Jul 2002 21:10:27 -0600
>
>
>I done a fair amount of digging and I can't find any documentation on haw
>to
>add stati
--- S Mohan <[EMAIL PROTECTED]> wrote:
[snip]
> My objective: build a secure router/firewall/bandwidth manager system
> preferably without any moving components and a disk/fs component that
> would allow me to make the device read-only thro' physical means e.g.
> tabs, jumpers etc. I intend using
So, did you try changing /etc/init.d/pcmcia as I have described?
It seems like the packets do not get sent.
Do you use WEP?
Ray wrote:
> On Tue, Jul 30, 2002 at 04:43:15PM +0300, Vladimir I. wrote:
>
>>Looks like a PCMCIA bridge configuration issue. I had similar problem with
>>the new Teletr
Ok. However WISP-Dist has dhcpd already included in the root package.
Robert Everland wrote:
> Actually I had to edit the syslinux.cfg and add in dhcpd, it wasn't even
> loading at all. I did that and it worked beautifully. I think bering is a
> lot better than dachstein for new users. I was abl
I want to create in such a manner that every time the configuration has
to be changed, the system has to be taken off the network, make
writeable, config changes made and turned back to read only. Changes can
be made only from console as root after remounting the fs as rw.
This will avoid rootkit
It is a CF/ Disk on Chip (magicram) that I had in mind. I have also
checked out IDE PC Card drives and they cost approx $80-$100 and seem a
good option. Here again write-protect is an issue.
I was thinking I'd make partions for /var/log and /tmp which require
write permissions and make the others
Hi All
I have finally managed to resolve this issue after swapping the NIC cards between my
Win98 machine and the external interface on the firewall.
Apparently you were correct, Ray, my ISP must be using Mac Address authentication and
were blocking any interface except my Windows one.
Thanks
Also try adding "irq_mode=0" parameter to i82365/tcic.
Vladimir I. wrote:
> So, did you try changing /etc/init.d/pcmcia as I have described?
>
> It seems like the packets do not get sent.
>
> Do you use WEP?
>
> Ray wrote:
>
>> On Tue, Jul 30, 2002 at 04:43:15PM +0300, Vladimir I. wrote:
>>
>
Hi folks,
I'm using Dachstein CD 1.0.2, and please do correct me where I'm
wrong...
1.) The purpose of an lrpkg.cfg file is to allow you to load
additional .lrp modules at start-up, is that correct??? For example, in
my case I don't have an ipsec.conf file in my /etc directory (as far as
Thanks for the link Kim. And thanks to all of you who replied to my post. I
love the is list. It was helpful but I guess I was not entirely clear on
what I need to know. Here is the situation.
I have a router that was built with Dachstein. I am wanting to upgrade it to
Bering. The routes that wer
Hi all,
I've been using Dachstein for months and it worked
like a dream. Yesterday, I got a new piece of
furniture so I moved all my computers around. Then I
plugged all cables and everything back in, just the
way they were before the moving, then something
happened. My Dachstein firewall boun
What version of LEAF are you planning to use? Bering, Dachstein, Oxygen,
...
Most Leaf distributions load from some media to ram and run from there!
That thus remove the worry of /var and /tmp having to be r/w and the rest
being R/O!
I think you will want to use BERING and it has two good guides
Hi Troy,
Just share my experience on adding static routes to my
bering box, i usually add those kind of rows on the last
row of /etc/init.d/bootmisc.sh.
Just add these lines on /etc/init.d/bootmisc.sh, and don't
forget to back-up your etc:
ip route add 192.168.140.0/24 via 192.168.147.3
ip route
I have transferred my Bering-rc3 files to a hard disk and boots up ok. I added more
programs to syslinux.cfg but found out that not all were started
and that defeats the whole purpose of booting from the hard disk.
Is there any other way to add more programs tp syslinux.cfg?
GD
---
At 01:01 PM 7/31/02 +0400, Vladimir B. Savkin wrote:
>Thus spake Kory Krofft:
> > Can someone tell me how I can force my internal NIC (Intel 10/100 using
> > PCI eepro module) to run at 100mb full duplex
[...]
>'options=48' parameter will force eepro100 module to 100baseTX-FD
Just to avoid confu
Hi again all,
I guess that all of you wondering about the title :)
Me too. I just wondering how hard Jacques and his team work
around to build that version. Just want to motivate :)
Keep the good working Jacques, I want to help u but i'm
sorry for my disability on programming. Maybe sometimes.
Let
Hello Godfired
> I have transferred my Bering-rc3 files to a hard disk and boots up ok. I added
>more programs to syslinux.cfg but found out that not all were started
> and that defeats the whole purpose of booting from the hard disk.
> Is there any other way to add more programs tp syslinux
At 08:39 AM 7/31/02 -0500, DJ Roki wrote:
>Hi All
>
>I have finally managed to resolve this issue after swapping the NIC cards
>between my Win98 machine and the external interface on the firewall.
>
>Apparently you were correct, Ray, my ISP must be using Mac Address
>authentication and were bloc
At 07:27 AM 7/31/02 -0700, Du atyahoo wrote:
>Hi all,
>
>I've been using Dachstein for months and it worked
>like a dream. Yesterday, I got a new piece of
>furniture so I moved all my computers around. Then I
>plugged all cables and everything back in, just the
>way they were before the moving,
I think the devices SMohan refers to are standard CF to IDE adapters,
You might be interested in these links though,
http://www.sst.com/products/58sd_ld.html
http://www.sst.com/products/58sm_lm.html
regards
Paul
- Original Message -
> Message: 9
> Date: Wed, 31 Jul 2002 05:31:11 -0700 (
At 06:11 PM 7/31/02 +0530, S Mohan wrote:
>I want to create in such a manner that every time the configuration has
>to be changed, the system has to be taken off the network, make
>writeable, config changes made and turned back to read only. Changes can
>be made only from console as root after rem
Patrick,
Here are my persist settings (not dial-on-demand) for Earthlink POPs.
Note: you must modify /etc/ppp/pap-secrets and move
/etc/ppp/no_ppp_on_boot to /etc/ppp/ppp_on_boot.
/etc/ppp/options
asyncmap 0
auth
crtscts
lock
hide-password
modem
proxyarp
lcp-echo-i
On Wed, 2002-07-31 at 09:29, Ray Olszewski wrote:
> At 06:11 PM 7/31/02 +0530, S Mohan wrote:
> >I want to create in such a manner that every time the configuration has
> >to be changed, the system has to be taken off the network, make
> >writeable, config changes made and turned back to read only
Hi Paul,
Ya, I've come across those in my searches (or so my browser history tells
me ;). Any idea on prices? I suppose I could ask one of their distributor
but maybe you have already. Also, I'm not sure what "ATA/IDE" means (I'm
not a hardware geek ;). It'd be for a tiny netpc (no floppy or
Hi Cass,
Larry Platzek [EMAIL PROTECTED]
On Wed, 31 Jul 2002, Cass Tolken wrote:
> Date: Wed, 31 Jul 2002 09:51:26 -0700 (PDT)
> From: Cass Tolken <[EMAIL PROTECTED]>
> To: brooksp5 <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
> Subject: Re:: [leaf-user] Newbie
>
> Hi Paul,
>
> Ya, I've come across
Thus spake Ray Olszewski:
> At 01:01 PM 7/31/02 +0400, Vladimir B. Savkin wrote:
> >Thus spake Kory Krofft:
> > > Can someone tell me how I can force my internal NIC (Intel 10/100 using
> > > PCI eepro module) to run at 100mb full duplex
> [...]
>
> >'options=48' parameter will force eepro100 mod
Hey there Larry,
Ya, those devices were also mentioned on the Wearables mailing list
(pretty cool, if you ask me ;). But the question of write protected
flash still remains with those products. Cost is also a factor for
me. The CF/IDE adapter combo would be ~$50 US but no WP. The
{floppy,cd-r
My network is like this:
Internet <---> Firewall(NAT) <> AP1000 <> AEON(wisp)
<> Client
200.200.200.1/29 200.200.200.2/29
200.200.200.3/29
Hi Cass,
This sure looks like it does!
Net4501 SBC
Description: This compact, low-power, low-cost, advanced
communication computer is based on a 133 Mhz 486 class processor. It has
three 10/100 Mbit ethernet ports, up to 64 Mbyte SDRAM
main memory and uses a Com
At 09:06 PM 7/31/02 +0400, Vladimir B. Savkin wrote:
>Thus spake Ray Olszewski:
> > At 01:01 PM 7/31/02 +0400, Vladimir B. Savkin wrote:
> > >Thus spake Kory Krofft:
> > > > Can someone tell me how I can force my internal NIC (Intel 10/100 using
> > > > PCI eepro module) to run at 100mb full duple
Sorry one and all I misread email and replied with the wrong answer and to
the wrong individuals, I reread the email as soon as was sent, now when is
the unsend key?
I will try to do better in the future! Sorry once again!
Larry Platzek [EMAIL PROTECTED]
---
I just received this private reply to a response I posted on the list. As
it is of general interest (or should be), I forward it intact, with my own
comments at the end.
At 10:49 AM 7/31/02 -0700, Du atyahoo wrote:
>
> > Superficially, your symptoms sound like MAC
> > authentication problems. E
On Wed, 2002-07-31 at 05:31, Cass Tolken wrote:
> I'm a newbie myself and I would like to ask a question of you, Mohan.
> Could you tell me what kind of device you mean by "a flash 8MB IDE
> module" (perhaps a URL to such a device?) Do you mean something
> different than Compact Flash to IDE?
Ca
I made the switch from cable modem (which was getting worse every week
with AT&T Broadband) back to DSL through SBC Global. After a few
problems here and there, I was able to get PPPoE working with Bering RC3
on the router and the client machines through DHCPD. The only change I
made to Bering
Hello all,
I know over the last two years, I've seen several threads on this,
however, I still haven't seen a definitive answer.
I have a eigerstein box I want to test the throughput, bandwidth,
whatever it's called on.
What's the best method to simulate a high load?
Suggestions are welcom
Hi folks,
I'm using Dachstein 1.0.2. How do I know which Ipsec.lrp (or
Ipsec509.lrp) to use to set up my VPN? I will likely be using the Ipsec
capabilities built into my Windows clients and not Sentinel. I found
what looks to be a good tutorial at
http://www.natecarlson.com/include/showpage.php?ca
--- Larry Platzek <[EMAIL PROTECTED]> wrote:
> Hi Cass,
> This sure looks like it does!
Looks like it does what? Have CF-IDE with write-protection?
> Net4501 SBC
> Description: This compact, low-power, low-cost, advanced
... [snip] ...
> I guess I do not see where the confusion is to the THREE
Subject was: Re: [leaf-user] help with Dachstein
On Wed, 2002-07-31 at 11:05, Ray Olszewski wrote:
> Mike ... should we add something about this to the SR FAQ? Or is it too
> passing a problem to warrant that (I don't want to see the SR FAQ grow too
> big, since even now we seem to have trouble
Forwarded to the list. My replies interspersed.
At 12:17 PM 7/31/02 -0700, Du atyahoo wrote:
>Since I am not sure if you want my reply to appear on
>the Board, I will keep this a private response. You
>can do whatever you want with my email.
I tend to feel that everyone benefits when troublesho
Hi Godfried,
I think you must use the lrpkg.cfg file to move all LRP:... packages
included in your syslinux.cfg (without the 'LRP:') because I have heard
a sound about a maximum of characters to not exceed in syslinux.cfg file.
I have no experience with booting from HD, but I have NOW a lot
Let me be sure I understand what you are saying -- the LEAF router itself
cannot connect to members.dyndns.org:80, but a host that is
firewalled/NAT'd behind it can (via a browser)? I'm actually guessing a bit
here, since you say "I can still login through a web browser" but do not
actually sa
Since this seems to be a hot topic, I'll throw in a tidbit I just verified
with my Bering-RC3 setup.
History - Charter Cable Modem (Motorola). 5 (now 3) dedicated IP's. Each IP
needs ethernet card to verify unique MAC address. All feeding into my Bering
FW, then passed back to both a dmz with net
On Wed, 31 Jul 2002, Ray Olszewski wrote:
> So the right thing to do is to check your ipchains or ipfilters ruleset.
> Since I'm not a Shorewal expert, I have to leave it at that, aside from
> suggesting that you supply the ruleset so those of us with the requisite
> expertise can look for the
Does anyone know why dnscache doesn't?
If the ppp0 interface is down it will not resolve an address. Is this
normal?
Is there a way to change this?
Antony Briggs
---
This sf.net email is sponsored by: Dice - The leading online job board
for
Perhaps someone with compiling experience can offer some ideas.
We 'rolled our own' module for the Breezecom PCD wireless card from the
2.4 code on the Breezecom site. They don't seem to be actively supporting
this card under Linux as this code looks to be the same as when I did this
for the
I thought I understood how to open ports and forward
to DMZ. After all, I've got that working for port 80
and 22. I tried to add smtp, port 25. Yet when I run
netstat -an it doesn't show port 25 open. Here are
what I think are the relevant lines from my
/etc/network.conf
EXTERN_TCP_PORTS="0/0_sm
I received a link today to a company called descan that is providing a piece of
software that sits on a Linux machine (currently only those based on the 2.4 kernel)
and keeps track of scan activity detected and then periodically sends this information
to the company, which then looks for patter
Vladimir, Ray, and all,
I was using the eepro. I switched to the eepro100 which works well but
has the same problem. The one missing piece is regarding the
"options=48"
parameter. Where do I enter this line?
Thank you,
Kory
"Vladimir B. Savkin" wrote:
>
> Thus spake Ray Olszewski:
> > At 01
At 08:26 PM 7/31/02 -0400, Kory Krofft wrote:
>Vladimir, Ray, and all,
>
>I was using the eepro. I switched to the eepro100 which works well but
>has the same problem. The one missing piece is regarding the
>"options=48"
>parameter. Where do I enter this line?
In /etc/modules, after the module na
Tom Eastep <[EMAIL PROTECTED]> writes:
> I can't reproduce the problem with MS tracert either.
>
>
>Tracing route to animal.blarg.net [206.124.128.1]
>over a maximum of 30 hops:
>
> 1<1 ms<1 ms<1 ms gateway.shorewall.net [192.168.1.254]
> 222 ms22 ms2
On Wed, 31 Jul 2002, Dan Harkless wrote:
>
> In any case, it doesn't appear to be just me, since someone else originally
> reported this problem, and I was just confirming that I can reproduce it.
>
Well, until you put as much effort into getting a packet trace of the
problem as you did writi
[EMAIL PROTECTED] writes:
> Kan you do a normal ping to your bering firewall from the machine you are
> tracerouting from?
Yes. I show the output of that in the post I just made.
---
Dan Harkless | To prevent spam contaminat
"Dan Harkless" <[EMAIL PROTECTED]> writes:
> Well, it certainly happens for me, both on my home LAN behind a Bering
> 1.0-rc3 and on my work LAN behind a Bering 1.0-rc3:
>
> Microsoft Windows 2000 [Version 5.00.2195]
> (C) Copyright 1985-2000 Microsoft Corp.
>
> C:\>tracert animal.blarg.n
Argh. I tried to forward the below CERT advisory to the list yesterday but
it was rejected because I used a MIME-based forward. The list rejects such
posts without bouncing them back to you, which is quite broken behavior,
thus I need to re-compose this intoductory text.
Looking at the series
No that's not what I'm trying to say. Here's the FAQ from dyndns.org:
The abuse system automatically blocks any hostname that is repeatedly
updated from the same IP. This is done to prevent the abuse that occured
far too often in the old system, where a user would simply set their
computer to u
That did the trick, Tom. Thanks for the quick reply! Now I'm certain
the socks5.lrp problem is related to that and very similar to resolve.
-Ping
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, July 31, 2002 1:40 PM
To: Ray Olszewski
Cc: Ping Kwong; [E
I also posted this issue to the realtek list. Donald Becker suggests I run
mii-diag.
http://www.scyld.com/diag/index.html
ftp://ftp.scyld.com/pub/diag/
Is mii-diag compiled and available for Bering_1.0-rc3? If not, PLEASE?
DPD
> From: David Dannemiller <[EMAIL PROTECTED]>
> Date: Sat, 2
On Wed, 31 Jul 2002, Ping Kwong wrote:
>
> That did the trick, Tom. Thanks for the quick reply! Now I'm certain
> the socks5.lrp problem is related to that and very similar to resolve.
>
Yes -- for each type of connection handled by SOCKS, you must enable the
connection from the firewall to
Ranges from $100 to $300. 8MB battery backed atapi device costs $250.
Look up www.mesatronics.com. ATA/IDE simulated Hard drives and ATAPI
simulates removable devices like CDROM.
These are meant to give the reliability of non moving parts and
interfaces that the BIOS of PCs are otherwise familiar
Tom Eastep <[EMAIL PROTECTED]> writes:
> > In any case, it doesn't appear to be just me, since someone else originally
> > reported this problem, and I was just confirming that I can reproduce it.
>
> Well, until you put as much effort into getting a packet trace of the
> problem as you did wri
Hi Mohan,
--- S Mohan <[EMAIL PROTECTED]> wrote:
> Ranges from $100 to $300. 8MB battery backed atapi device costs $250.
> Look up www.mesatronics.com. ATA/IDE simulated Hard drives and ATAPI
> simulates removable devices like CDROM.
I'm getting a "host not found" when I try to browse www.mesatr
Kaliteli pornonun adresi: http://www.noseks.com
Binlerce porno resim ve film.
Yasanmis gerçek hikayeler.
Türk ünlülerin kaçamak ve gizli resimleri.
Adult oyunlar.
Telekizlar.
Hepsi http://www.noseks.com adresinde. sadece tiklayin
+,~wzf¢+,¦ì¢·o
âqäázWv)à¢ybèèmº×è® ×è
Dan Harkless wrote:
>
> Argh. I tried to forward the below CERT advisory to the list yesterday but
> it was rejected because I used a MIME-based forward. The list rejects such
> posts without bouncing them back to you, which is quite broken behavior,
> thus I need to re-compose this intoductor
Thanks again Tom. Looks like everything appears to be working great
when I open loc to fw port 1080 then fw to net for ports 5190 and 1863
for AIM, ICQ and MSN for my Trillian client. Also added 6667 for irc.
-Ping
-Original Message-
From: Tom Eastep [mailto:[EMAIL PROTECTED]]
Sent: W
Hello,
My Bering 1.0-rc3 system is talking to my USB ISDN Terminal Adapter,
but I've been unable to mount the usb filesystem. Can someone tell me if
the Bering kernel includes support for the usb filesystem? I'm trying to
mount it manually after the system boots.
The first usb message to /var/
"Michael D. Schleif" <[EMAIL PROTECTED]> writes:
> Dan Harkless wrote:
> >
> > Argh. I tried to forward the below CERT advisory to the list yesterday but
> > it was rejected because I used a MIME-based forward. The list rejects such
> > posts without bouncing them back to you, which is quite b
Samuel Abreu de Paula wrote about "[leaf-user] Wisp as a router!":
> My network is like this:
>
> Internet <---> Firewall(NAT) <> AP1000 <> AEON(wisp)
> <> Client
> 200.200.200.1/29 200.200.200.2/29
> 200.200.200.3/29
73 matches
Mail list logo