On Tue, 2004-07-13 at 19:11, Tibbs, Richard wrote:
> Hello list..
>
Hi Richard,
> The hardware setup is simple:
> win2000 machine --- ethswitch - fw --- internal subnet
> ^ ^^
>137.45.192.86 137.45.192.69 192.168.10.254
your shorewall seems
On Fri, 2004-08-06 at 17:30, bibl wrote:
> Dear all,
Hi Bertrand,
> buildtool's README references both 'Config::General' and 'libvcs > 1.0'
> as dependencies.
> Having the first done, I dowloaded the libcvs source at ucbering.de but
> couldn't get that library builded corectly:
> $ make
On Thu, 2004-08-26 at 22:52, GD wrote:
> Hi
>
Hi!
> I have a noob question here:
> How do I clean up the ramdisk? After the firewall is
> up and running for a long time, eventually, the log
> files will take up a lot of room. How do I clean it
> up to reclaim some disk space? I know with too l
On Sat, 2004-10-02 at 15:45, Stephen More wrote:
> I have been using Dachstein for a while and have had no probelms with it.
>
> I decided to try Bering-uClibc version 2.1 iso.
>
> When I insmod 8390 I get "unresolved symbol crc32_le".
>
> I noticed in the release notes for 2.1.3 it has "added a
On Fri, 2004-10-29 at 00:30, Troy Aden wrote:
> I am running the Bering-uClibc 2.2.2.
> The tulip.o module seems to not bee working.
> Do I have to load additional modules to make it work?
> Here are the errors I get on boot:
> Tulip - Using /lib/modules ./tulip.o
> Insmod: unresolved symbol CRC
On Sun, 2004-12-05 at 22:40, Gene Smith wrote:
> I have placed a wireless linksys wrt54g router between my bering leaf
> box and my local network. The ethernet network between leaf and wrt54g I
> have assigned to network 192.168.10.x and the local network is
> 192.169.1.x, From the local networ
ompile one ?
You should not need to unpack it. upx decompresses the kernel on the fly
when loaded, so just use this kernel without any other change.
>
> Many thanks,
>
> Bob von Knobloch
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
ng to you old setup ? what does
snmpwalk show if you use it to connect to your fw ?
>
> Roger
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
---
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open s
iconductor?). Thanks!
>
>
After looking at google + kernel source i would suggest that
you need the tulip driver for support of this cards. It is included in
the modules.tar.gz for bering-uclibc, so it - should - be supported.
I can't try it , of course...
--arne
-
about what is happening on
your side.
> Jacques
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
---
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Di
not
> able to locate anything that appears to be relevant. Any suggestions
> would be greatly appreciated.
>
> Regards, Hugh
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
---
SF email is sponsored by - The IT Product Guide
Read
nitrd_usb and change leaf.cfg...
If you need more detailed information or have questions, feel free to
ask...
> So, you have the right modules to boot. I do not know if this works on
> uClibc, but I thin that the solution cannot be too far, hope thes can help
>
> Giovanni
--arn
he network card driver.
Hope that helps,
arne
--
Arne Bernin <[EMAIL PROTECTED]>
---
This SF.Net email is sponsored by: New Crystal Reports XI.
Version 11 adds new functionality designed to reduce time involved in
creating, integrating,
stal Reports XI.
> Version 11 adds new functionality designed to reduce time involved in
> creating, integrating, and deploying reporting solutions. Free runtime info,
> new features, or free trial, at: http://www.businessobjects.com/devxi/728
> -------
mg /mnt -t msdos
and copy the leaf files that you want (don't forget to use a initrd
capable of harddisks for it). Another option would be to use the
bering-uclibc iso image for booting as cdrom (and if not, use it for
getting the packages...).
lrcfg, you need only an easily-sniffable http-access password to
> use webconf. I'd like a way to make webconf read-only so that it can
> be used for status information the way weblet was. Is there any way to
> do this?
>
you could switch to mhttpds which provides ssl http suppo
> fdisk /dev/hda
> ."
>
> I could not find anything about "lprkg", package? what? where?
>
this is just a typo, the command is called : lrpkg not lprkg...
> To overcome this step I added hdsupp to the leaf.cfg.
>
> Any help is
the firewall, will dropping it on eth0 solve the problem?
> (That way there is no way the packets enter into other ethernet ports)
> What would happen with other multicast based apps? Would they need to be
> dropped too?
Another good question for the bridge list ;-)
>
> Very thankf
>
> --
> John Wilkes
> [EMAIL PROTECTED]
>
>
>
>
> ---
> This SF.Net email is sponsored by: NEC IT Guy Ga
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
--
SS=192.168.5.3
(i used ifdown , so mode is stop not start). But you could use something
like:
#! /bin/sh
if [ "$IFACE" = "eth0" ] ; then
< rules stuff from above
fi
all 3 possiblities should work, i think the first one (directly
in /etc/network/interfaces) is the eas
special boot loader, you might not have an ide disc (only flash
ram), at least this is the case for the linksys...
Would be an interesting project, of course.
So don't expect an easy solution for this, you might consider one of the
"standard" leaf i386 based boards like WRAP or
re you using ?
if you make a "ps" on your router, do you see /sbin/syslogd
and /sbin/klogd ?
> Regards,
> Matt
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is sponsored by: Di
/etc/modules file as
a template (useful for updating to a newer kernel).
So, if you want to try it, take a look at:
http://www.ucbering.de/cgi-bin/modules.cgi
some additional information is found at:
http://www.ucbering.de/?Projects:Genmoduleslrp.cgi
--arne
--
Arne Bernin <[EMAIL PROTEC
ndle
> it?
>
Can you estimate how much bandwidth you use (average/peek) ?
> Thanks,
> Andrew
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
This SF.Net email is sponsored by the 'Do More With Dua
Hi all,
i was just wondering, if anyone of you will be
at whatthehack (http://www.whatthehack.org) next weekend in Holland ??
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is sponsored by: Di
the package, lrpkg can't install it.
It's just an tar archive, not zipped...
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is Sponsored by the Better Software Conference & EXPO
September
ze=64M
i a machine with 128MB of memory. If you only have 32 MB of memory,
i would suggest setting it to something like:
syst_size=8M
log_size=4M
tmp_size=12M
set it at least to values that you still have some free memory when all
your ramdisk are filled up...
--arne
--
Arne Bernin <[EMAIL PROTEC
On Sat, 2005-08-20 at 09:08 -0700, Paul Traina wrote:
> Seems to me that the backup command for the root .lrp package should
> include instructions to tar to not traverse filesystems?
>
>
unfortunatly it seems that busybox tar is not aware of this option (-l).
--arne
--
Arne Be
could just scan the mounted filesystems, search for non tmpfs/proc
fileystems and exclude the mount points they are mounted on...
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is Sponsored
meantime we will look
> into all needed changes.
Well, if the netfilter people would have finished their exchange of
connection tracking information between 2 machine (netfilter-ha), i
would say, yes there is a real benefit, but they haven't ;-)
>
> Eric
>
>
On Sun, 2005-08-21 at 21:43 +0200, Arne Bernin wrote:
ups, wrong list, sorry ;-)
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is Sponsored by the Better Software Conference & EXPO
Septe
t. I've
> tried with both HTB and CBQ.
>
are the corresponding modules loaded into the kernel ? please use lsmod
to find out and look for sch_cbq and sch_htb in the output of that
command.
> Am I simply not loading some required modules? ANY help is much
> appreciated.
>
ear ago and given up!
> A tc-HowTo documentation would be most welcome!
> Thanks a 1,000,000.
>
I will write a small howto what modules to load for tc once we are
moving to shorewall 3.0.0 as it will contain integrated traffic
control.
--arne
--
Arne Bernin
1
sch_sfq 3264 3
sch_prio2208 0 (unused)
sch_teql 3276 0 (unused)
sch_cbq11704 0 (unused)
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF
might include ipp2p (www.ipp2p.org) in a future bering-uclibc release
(>2.3) ,if it works as expected.
arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is Sponsored by the Better Software Conference
thus requiring a module.
>
is the cls_u32 module loaded on your leaf box ?
>
> -Ron
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is Sponsored by the Better Software Conference
se you used your old modules file as base for the modules
generator cgi. In this case , the dependencies are not checked.
I will fix ASAP.
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is sponsored by
On Thu, 2005-09-15 at 08:54 +0200, Arne Bernin wrote:
> I suppose you used your old modules file as base for the modules
> generator cgi. In this case , the dependencies are not checked.
> I will fix ASAP.
>
should be fixed.
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http
er, please feel free to write them here... I still got not much
feedback , especially on what still might cause problems...
> George
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is sponsored by
with. Boo.
>
hmm. i have no idea...
> I'd appreciate any help or comments you can muster.
>
>
> -joe.
>
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is sponsore
sq.conf ?
- are you updating your system clock once your internet connection
is established ?? (via ntpdate ?)
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is sponsored by:
Tame your development ch
t from the start.
> Regards
> Richard Saunders
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
This SF.Net email is sponsored by:
Power Architecture Resource Center: Free content, downloads, discu
have spent days trying to figure out the issue and it does indeed
> look like it is the firewall though we have no clear understanding of
> the exact problem, or more importantly, the fix.
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
a network like this? so all 4 lan can use the internet?
> how to setup the vpn so that all 4 lan can see each others?
>
> again, detailed guide will be much appreciated since i'm still newbee...
>
and you have a wireless router already and the firewalls should be leaf
boxes ?
> t
the netfilter team (bug
id=390), you can take a look at it under bugzilla.netfilter.org...
> Richard
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
This SF.Net email is sponsored by:
Power Archit
On Thu, 2005-10-06 at 13:27 -0700, Richard Amerman wrote:
> > -Original Message-
> > From: Arne Bernin [mailto:[EMAIL PROTECTED]
>
> > you might want to use tcpdump for this (well i never used
> > snort for that, so i don't know if it is easy to use an
you should be able to add this hosts
to your /etc/hosts file to be able to use the names (if the clients get
your firewall as dns via dhcp).
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
This SF.Net e
192.168.2.0/24 dev eth0" as
example...
take a look at: http://leaf.sourceforge.net/doc/guide/buc-install.html
> --Julie
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
This SF.Net email is sponsored by:
Power
asklen 24
> netmask 255.255.255.0
> broadcast 192.168.0.255
>
>
> Julie
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
This SF.Net email is sponsored by:
Power Archite
is all the same documentation that was used for original Bering
> still valid?
>
it might, i just don't know the documentation very well, but as openswan
1.0 is mainly a bug fixing release for FreeS/Wan...Openswan 2.X is in my
todo queue, but this will take some time.
> Thanks,
>
&
only way will be to use something else than Linux
for this (OpenBSD is capable of this). Some commercial firewalls based
on linux might work, too (Astaro, ...).
> Best regards
> Markus Koelle
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
--
environment for over a year now, and it
works just like expected...
But it would be ok to build a package and test it, of course.
> Eric
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
SF.Net email is spo
Hi all,
i just finished packaging openswan 2.4.2 for bering-uclibc
and did some initial testing, i am just wondering if someone
else is using openswan/ipsec and is willing to test it, too.
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBer
on the same
> hardware.
>
> Have I missed any 'gotchas'?
>
i think i missed your problem ;-) Now what problem do you have ?
> Jim Ford
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
--
bering.de/cgi-bin/modules.cgi
> Marv Horst
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new
ossible. VRRP runs - ALWAYS - on the same interface
(the protocol is specified to do so).
> We use keepalived and dont want to flod internal network with VRRP
> messages.
>
> Thanks and sorry for the OT.
>
No Problem,
arne
--
Arne Bernin <[EMAIL
on? I can't tell what's active from leaf.sourceforge.net
> anymore.
>
bering-uclibc is active and you can use it with pppoe (I use it myself
with a DSL Line).
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
-
Hi all,
i just uploaded the modules for kernel 2.4.32 (bering-uclibc
2.4beta1) to www.ucbering.de . You can use it (as usual) using
www.ucbering.de/cgi-bin/modules.cgi .
--arne
(the cgi allows you to easily choose which modules to put
into the modules.lrp)
--
Arne Bernin <[EMAIL PROTEC
that, but i
haven't testet the maximum throughput, i must admit.
A openswan2openswan should be faster since openswan uses AES instead
of 3des if it is available on both sides as default.
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
Using Tomcat but need to
rp-pppoe for only the server part.
>
ok, i see, well the server source seems to be available via
http://www.roaringpenguin.com/penguin/open_source_rp-pppoe.php
> Eric
>
--arne
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
--
?? If so, i
think there might be a pppoe-server around (don't have a working
buildtool version right now, to look for myself)
> > thanks for the reply.
> >
> > With the pppoe.lrp package is posibble? or is only a pppoe client?
> >
> >
> > thanks
>
.lrp package.
>
that depends. If it is a real serial ISDN Modem, ppp.lrp is correct, as
it uses a AT command set.
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
-
Take Surveys. Earn Cash. Influence th
7;s room.
> > >
> >
I just built the binary (not a package for now) for 3.0 beta. If you do
this, make sure, you remove the including of "stropts.h" from all files,
as this is not supported by
uClibc is safe and reliable
> (since my word isn't good enough)?
>
I don't know of any special site about this. But almost every linux
based commercial router out there seems to use it (together with
busybox)... You could look at the uclibc.org page or the mailing list,
though.
--arne
ied
> the natsemi driver, the tulip driver, and the crc32 driver with both...but
> no luck.
>
> Suggestions?
hmm. the natsemi driver should be ok for these cards (at least that is
what i have read). I assume, you load crc32 first... did you get any
error messages ?
--
Arne Ber
ttps://lists.sourceforge.net/lists/listinfo/leaf-user
> Support Request -- http://leaf-project.org/
--
Arne Bernin <[EMAIL PROTECTED]>
http://www.ucBering.de
-
This SF.net email is sponsored by: Splunk Inc.
St
log files to find problems? Stop.
> > Now Search log events and configuration files using AJAX and a browser.
> > Download your FREE copy of Splunk now >> http://get.splunk.com/
> > ----
> > leaf-user mai
67 matches
Mail list logo
