RE: [leaf-user] Save Zebra config fails

Wim, Glad to be of service. Please let us know if you run into any other snags. Eric Kiser > -Original Message- > From: Wim Acke [mailto:[EMAIL PROTECTED] > Sent: Tuesday, December 16, 2003 3:37 PM > To: Eric B Kiser; [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: RE: [

[leaf-user] RE: [leaf-devel] Bering: time to hand on the torch ...

Jacques, It is with great respect and appreciation that I say, thank you for all of your hard work on behalf of the LEAF-Project. You will be missed. Best regards, Eric Kiser > -Original Message- > From: [EMAIL PROTECTED] [mailto:leaf-devel- > [EMAIL PROTECTED] On Behalf Of Jacques Nil

RE: [leaf-user] VPN security issue? Slightly O/T...

Alex, Most modern IPsec clients have better security than they used. There was a time that if your company was using public addresses internally ...and a remote client had a VPN connection across the Internet ...and said remote client also was inadvertently configured to route traffic from the int

RE: [leaf-user] VPN security issue? Slightly O/T...

Well said, thanks George. Eric > -Original Message- > From: [EMAIL PROTECTED] [mailto:leaf-user- > [EMAIL PROTECTED] On Behalf Of George Metz > Sent: Tuesday, July 29, 2003 9:56 AM > To: Craig Caughlin > Cc: LEAF (LEAF) > Subject: Re: [leaf-user] VPN security issue? Slightly O/T... > > C

RE: [leaf-user] VPN security issue? Slightly O/T...

It gets even worse if routing is turned ON. Then the entire Internet gets access to the other side of your VPN without having to compromise your system. Regards, Eric - Eric B Kiser, CISSP VP of Information Technology NetOps Training Solutions

RE: [leaf-user] Bering/Dachstien/ on HD (was Is there a way to install Bering on HD)

Respectfully, Eric --------- Eric B Kiser, CISSP VP of Information Technology NetOps Training Solutions - > -Original Message- > From: [EMAIL PROTECTED] [mailto:leaf-user- > [EMAIL PROTECTED] On Behalf Of Dr. Richard W. Ti

RE: [leaf-user] zebra and bering

ice this sort of problems (but we are > lucky, we have few link failures). We do not use MD5 auth. > [/Stephane Bortzmeyer] > > [John Frazier] > Been running Zebra/ospfd/bgpd in production in our network for several > years now. No problems that I can think of at all. I don

RE: [leaf-user] zebra and bering

at all. I don't use MD5 auth however because there is no need in our environment. simple-password auth does just fine. [/John Frazier] If you want to verify this informationyou can go to http://www.zebra.org/mailing.html and click on marc.theaimsgroup.com then do a search for ospf. Regard

RE: [leaf-user] zebra and bering

Hi Ronny, OSPF from Zebra is available for the current version of Bering. There is however some debate as the current stability of Zebra's implementation of OSPF. Below is a copy of the mail that I sent to the Zebra mailing list. [begin] Howdy all, This is a request for comment from anyone that

RE: [leaf-user] wisp-dist zebra ripd routing and multiple IP addresses per interface

Hello J. Use of the Zebra Routing Engine is not very wide spread in the leaf project(yet...). The best place to pose this question would be the zebra mailing list. Here is the link to subscribe. http://www.zebra.org/mailing.html Best Regards, Eric Kiser -Original Message- From: [EMAIL P

RE: [leaf-user] Unable to run linuxuml Virtual Router -solved

To: Eric B Kiser; [EMAIL PROTECTED] Subject: RE: [leaf-user] Unable to run linuxuml Virtual Router -solved Thanks for the reply Eric As expected it was just me being idiotic :( I spent two days typing the boot device as udb0 when it should have been ubd0 Doh! Fortunately the nice person

RE: [leaf-user] Unable to run linuxuml Virtual Router

Hi Derek, This usually happens because you are using an incompatible version of UML Utilities. Here is the site to get the version you need: http://user-mode-linux.sourceforge.net/dl-sf.html. The trick here is to find the version that works. Try to choose the one that has the date code that is clo

RE: [leaf-user] zebra ospf routing problem

Hi Jay, This question is probably best posed to the zebra mailing list. You can register for that here: http://www.zebra.org/mailing.html. You did not say what version of ospfd you are using but I would definitely recommend getting at least the latest standard release, zebra-0.93b. If you want to

RE: [leaf-user] Bering and IPv6 (XS26)

ed on your progress. Regards, Eric = Eric B Kiser Unemployed Engineer eMail: [EMAIL PROTECTED] = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Radim Novotny Sent: Monday, November 25, 2002

RE: [leaf-user] Bering v1.0-stable released !

Great job guys, thanks for all your hard work. Most respectfully, Eric Kiser -Original Message- From: [EMAIL PROTECTED] [mailto:leaf-user-admin@;lists.sourceforge.net]On Behalf Of Jacques Nilo Sent: Thursday, November 14, 2002 5:53 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTE

RE: [leaf-user] Netgear FA311 driver for Bering?

Hi Craig, The correct driver is the natsemi.o and Bering does not have it by default. However, loading it is trivial. Here is a link to the documentation that you need to do this. http://leaf.sourceforge.net/devel/jnilo/biaddrm.html You just need the one driver for any number of NIC's when using

RE: [leaf-user] network restart command

PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ray Olszewski Sent: Tuesday, October 15, 2002 6:11 PM To: Eric B Kiser; [EMAIL PROTECTED] Subject: RE: [leaf-user] network restart command Eric -- I don't use Bering myself, but I don't need to in order to point out the problem. Y

RE: [leaf-user] network restart command

Does this work for anyone else using Bering 1.0-rc3 or rc2. Periodically this comes up on the list so I give it a try and I get the same response from both: #svi network restart /etc/init.d/network: No such file or directory Am I the only one seeing this? Eric Kiser -Original Message-

[leaf-user] RE: [leaf-devel] snort and nmap

Thanks David, I will keep my eyes open for them. Regards, Eric Kiser -Original Message- From: David Douthitt [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 09, 2002 9:52 PM To: Eric B Kiser Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [leaf-devel] snort and nmap On Wed

[leaf-user] snort and nmap

Howdy Folks, I am looking for the most recent versions of nmap.lrp and snort.lrp. I checked the CVS packages repository and the only thing I found was an older version of nmap and no snort. Your guidance is appreciated... Eric --- This sf.n

RE: [leaf-user] (no subject)

Howdy Johnnattanh, The old LRP mailing lists are virtually unused. Just wanted to let you know before you got your hopes up about getting a response from that arena. After rereading your last message I had thought that you were referring to *.lrp packages. My mistake. I am not familiar with the

RE: [leaf-user] current ipsec

Thanks for the many responses. Regards, Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Stephen Lee Sent: Wednesday, October 02, 2002 11:38 AM To: Eric B Kiser Cc: Leaf-user Subject: Re: [leaf-user] current ipsec On Wed, 2002-10-02 at 07:57, Eric

[leaf-user] current ipsec

Hi, Can anyone point me in the direction of the most current ipsec.lrp's. For the life of me I can't find them today. Thanks in advance, Eric Kiser --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/

RE: [leaf-user] OT: Won't boot if headless

Ah, makes perfect sense now. Thanks, Larry. Regards, Eric -Original Message- From: Larry Platzek [mailto:[EMAIL PROTECTED]] Sent: Wednesday, September 25, 2002 11:12 AM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] OT: Won't boot if headless Hi Eric, In this co

RE: [leaf-user] OT: Won't boot if headless

Hi Sjaak, What is a pcb? Thanks, Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sjaak Aarnoutse Sent: Wednesday, September 25, 2002 8:51 AM To: [EMAIL PROTECTED] Subject: Re: [leaf-user] OT: Won't boot if headless A quick and dirty solution, Wh

RE: [leaf-user] (no subject)

Howdy Johnnattanh, The LRP mailing lists are virtually unused. Just wanted to let you know before you got your hopes up about getting a response from that arena. >>Hello, My name is Johnnattanh >>My question is this if I want to my LRP/LEAF box advertise routing tables >>with certain protocol (

RE: [leaf-user] file system problems.

I just checked the help file for WinZip 8.0 and it states... [snip] TAR, Z, GZ, TAZ, and TGZ files are often found on Unix-based Internet sites. TAR stands for “Tape ARchive”. The TAR format does not provide compression; it is used only to group files. GZ and Z files are gzip files. GZ and Z fi

RE: [leaf-user] LEAF Newbie - Questions reguarding 4501 Bering install

Thanks allot for getting back so quickly. I certainly hope you stick it out with us. Your insight was appreciated,' Eric -Original Message- From: Matt Stockdale [mailto:[EMAIL PROTECTED]] Sent: Friday, August 30, 2002 10:35 AM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: Re:

RE: [leaf-user] LEAF Newbie - Questions reguarding 4501 Bering install

Hi Matt, You mentioned that you had emBSD running on the 4501 previously. I have a few questions for you. What is your opinion of emBSD? What made you decide to try out LEAF? Do you have a comparative opinion? If so, what do you think? Thanks, Eric -Original Message- From: [EMAIL PR

RE: [leaf-user] [off-topic]cf/sm cards/readers

/sm cards/readers On Thu, 2002-08-22 at 21:40, Eric B Kiser wrote: > Can anyone recommend where I can find prices better than this? > > Mike, is this price range within the bounds of what you originally had in > mind when you were researching this previously? Eric, No. The SST ATA-Di

RE: [leaf-user] Recommended NICs?

whoops, that was the original intent. Been gone for awhile and came back to find over a thousand email in my inbox... starting to get a little fuzzy Eric -Original Message- From: Cass Tolken [mailto:[EMAIL PROTECTED]] Sent: Friday, August 16, 2002 7:25 PM To: Eric B Kiser Subject: RE

RE: [leaf-user] RE: Problem to get wisp working!

Samuel, Last time I checked the Soekris boxes werre using National Semiconductor for the Ethernet. You will need the natsemi.o module. Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Brock Nanson Sent: Friday, July 05, 2002 12:30 PM To: [EMAIL PROT

RE: [leaf-user] Double Private Network / FreeS/WAN problem

EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jonathan French Sent: Friday, June 21, 2002 7:09 PM To: [EMAIL PROTECTED] Cc: Eric B Kiser; [EMAIL PROTECTED] Subject: Re: [leaf-user] Double Private Network / FreeS/WAN problem Hm, just for reference, my original problem was a machine beh

RE: [leaf-user] Re: IPSec NAT

Hi Jason, Could you give a little more information about your setup and what it is that you are trying to accomplish? Are you wanting to use the LEAF box to do NAT and IPsec pass-through or something else? If you do just want pass-through, then what is the nature of your tunnel? Up all day, used

RE: [leaf-user] traffic load balancing (again) from a Dachstein box?

Hi Alec, There is no simple answer to the Load Balancing question. First you need to tackle this... http://www.leaf-project.org/pub/doc/howto/LRP-Load-Balancing-HOWTO.html If you still have questions please submit them to the list. Regards, Eric -Original Message- From: [EMAIL PROTECTE

RE: [leaf-user] Bering rc2 + ppp server : anyone done this?

Jon, Could you offer up a link on this to help me get started. It would be greatly appreciated. Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jonathan French Sent: Tuesday, June 11, 2002 2:16 PM To: Matt Russell Cc: [EMAIL PROTECTED] Subject: Re:

RE: [leaf-user] OT: Origins of Bering and Dachstein names

Scott, Would you be kind enough to give some more details on the nature of your deployments or even write something for the testimonials section? Regards, /eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Scott Ecker Sent: Wednesday, May 22, 2002 1:

[leaf-user] Gaming with Bering 1.0-rc2

My son has been giving me a hard time since he has not been able to get his Mech 4 fix ever since I set up my Bering box. Yes, I know that it is supposed to be a terrible thing to open up a firewall for game play but a balance must be realized. By chance has anyone gone through the process of con

RE: [leaf-user] Testing IPsec pass-through

Good information, thanks for the insight. /Eric -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 11:04 AM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Testing IPsec pass-through On Fri, 3 May 2002, Tom Eastep wrote: > &

RE: [leaf-user] Testing IPsec pass-through

r patience through this was much appreciated. Regards, Eric -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 10:39 AM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Testing IPsec pass-through On Fri, 3 May 2002, Eric B Kiser wrot

RE: [leaf-user] Testing IPsec pass-through

oing it as per your example, I changed my rules accordingly. If I understand you correctly, based on the snip above, my rules shouldn't have worked at all? Respectfully, Eric -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 9:44 AM To: Eric B K

RE: [leaf-user] Testing IPsec pass-through

eft the tunnel up? Thanks for your assistance thus far. /Eric -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 11:24 AM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Testing IPsec pass-through On Wed, 1 May 2002, Eric B Kiser wro

RE: [leaf-user] Testing IPsec pass-through

NAT the same as a 1:1 mapping? /Eric -Original Message- From: Tom Eastep [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 10:55 AM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: RE: [leaf-user] Testing IPsec pass-through On Wed, 1 May 2002, Eric B Kiser wrote: > Tom, tha

RE: [leaf-user] Testing IPsec pass-through

PROTECTED]] Sent: Tuesday, April 30, 2002 8:15 PM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] Testing IPsec pass-through On Tue, 30 Apr 2002, Eric B Kiser wrote: > I have finally gotten the opportunity to test this out... > > I added these lines to the bottom /etc/shorew

[leaf-user] Testing IPsec pass-through

I have finally gotten the opportunity to test this out... I added these lines to the bottom /etc/shorewall/rules and I am still unable to connect to my IPsec endpoint on the other side of my Bering box. These are the only modifications from the default install of Bering. ACCEPT net loc

[leaf-user] kernel 2.4.xl modules for IPsec pass-through when using NAT and netfilter/iptables

All, This is a follow up message for the post originally titled - ip_masq_ipsec.o for Bering. After communicating with three different sources on the Netfilter mailing list here are the results. There are /no/ additional modules required. Below is a brief of the messages exchanged... [my post]

RE: [Leaf-user] Re: looking for Linux distribution just for LAN DHCP server (1 NIC)

Nice link, Doug. I had not seen them before. What a cool opportunity for a company to be able to get into using Linux. Their set up seems to answer all the typical business questions about support that arise when companies are considering a new solution and begin to balk at Linux. Thanks for the

[Leaf-user] RE: [Leaf-devel] Bering v1.0-rc2 available

We got serial support in the kernel!!! All right! Thanks Guys, Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Jacques Nilo Sent: Thursday, April 25, 2002 9:06 AM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Cc: shorewall-users Subject: [Leaf-devel] B

RE: [Leaf-user] ip_masq_ipsec.o for bering

TED]] Sent: Wednesday, April 24, 2002 1:04 PM To: [EMAIL PROTECTED] Cc: Eric B Kiser Subject: Re: [Leaf-user] ip_masq_ipsec.o for bering > Thanks for Dachstein suggestion (and, yes, Charles is amazingly patient and > helpful) but I have to stick with Bering due to other requirements that I >

RE: [Leaf-user] ip_masq_ipsec.o for bering

] [mailto:[EMAIL PROTECTED]]On Behalf Of Chad Carr Sent: Wednesday, April 24, 2002 10:22 AM To: Eric B Kiser Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [Leaf-user] ip_masq_ipsec.o for bering On Wed, 24 Apr 2002 00:27:23 -0400 "Eric B Kiser" <[EMAIL PROTECTED]> wrote:

RE: [Leaf-user] ip_masq_ipsec.o for bering

. Respectfully, Eric -Original Message- From: joey officer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 23, 2002 10:05 PM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: RE: [Leaf-user] ip_masq_ipsec.o for bering ahh.. I think I understand know.. so you need to have the packets passed through on

RE: [Leaf-user] ip_masq_ipsec.o for bering

little better. Regards, Eric -Original Message- From: Joey Officer [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 23, 2002 4:54 PM To: Eric B Kiser; [EMAIL PROTECTED] Subject: RE: [Leaf-user] ip_masq_ipsec.o for bering Are you sure that you need the ip_masq_ipsec.o file. I think that this

RE: [Leaf-user] Compact Flash

Here are some more links that might help you out... _Flash Memory_ www.pcengines.com/cflash.htm --Compact Flash to IDE converter (Internal Interface) www.abiatech.com/fb4617.htm --Compact Flash to IDE converter (External Inte

[Leaf-user] ip_masq_ipsec.o for bering

Hello All, I need to be able to make an IPSec connection through my Bering 1.0-rc1 firewall. If I understand correctly I will need the ip_masq_ipsec.o module to be able to do this. I have been unable to find the ip_masq_ipsec.o for Bering. I have already searched through all of the files in the m

RE: [Leaf-user] Floppy VPN (Dachstein based)

Very interesting... thanks for the insight, Charles. Eric -Original Message- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 16, 2002 10:47 AM To: Eric B Kiser; [EMAIL PROTECTED] Subject: Re: [Leaf-user] Floppy VPN (Dachstein based) > I have seen t

RE: [Leaf-user] serial console access

, 2002 4:47 PM To: Eric B Kiser Cc: [EMAIL PROTECTED] Subject: Re: [Leaf-user] serial console access Eric B Kiser wrote: > [Jacques-Snip] > Bering v1.0-rc1 does not have serial compiled in the kernel. This seems > necessary to have serial console access. I am considering to have serial &

RE: [Leaf-user] Floppy VPN (Dachstein based)

Charles, I have seen this mentioned before. Why is it that it can't do both pass through and termination. Is this specific to Dachstein or Linux or ??? Regards, Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Charles Steinkuehler Sent: Thursday, A

[Leaf-user] serial console access

got called out of town so this response is a bit delayed... [Joey-snip] Not to sound impolite... but there is currently I HOW-TO already available, linked below... I know the excitement though of getting this particular project working [/snip] Not impolite at all. The only reason that I suggest

RE: [Leaf-user] serial console access

_SUCCESS_ The results as copied from my hyperterm window.. LEAF configuration menu 1 ) Network configuration 2 ) System configuration 3 ) Packages configuration b) Back-up a package

RE: [Leaf-user] serial console access

Before I go any further this way I am going to follow up on the issues surrounding serial.o and recheck my configuration. Respectfully, Eric -Original Message- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED]] Sent: Thursday, April 04, 2002 2:14 PM To: Eric B Kiser; Jacques Nilo; [

RE: [Leaf-user] serial console access

Thanks for the heads up Sjaak, I have been unable to locate the serial.o and made the assumption that it was compiled into the kernel. I have just found out that this is not the case. I just looked again and I am still not finding it. If someone could please provide me with a link to this modules

RE: [Leaf-user] serial console access

[snip] Bering v1.0-rc1 does not have serial compiled in the kernel. This seems necessary to have serial console access. I am considering to have serial compiled in v1.0-rc2 for that reason. Any comment from the list on that issue ? Jacques [/snip] Yes Jacques. Please compile serial into the nex

[Leaf-user] zebra.lrp based on zebra 0.92a

Been searching through the site for the zebra.lrp package based on zebra version 0.92a. I could swear that I remember an announcement on the leaf home page that said that it was available. If anyone can provide a pointer I would appreciate it. Thanks in advance, Eric _

RE: [Leaf-user] serial console access

t this may mean would be appreciated. Thanks, Eric -Original Message- From: Charles Steinkuehler [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 03, 2002 9:13 PM To: Eric B Kiser; [EMAIL PROTECTED] Subject: Re: [Leaf-user] serial console access > _system_ > Bering v1.0-rc1 &

RE: [Leaf-user] serial.lrp

serial console access. You have already answered one of my questions. Now I understand why I was unable to find serial.o. Thanks, Eric -Original Message- From: Jeff Newmiller [mailto:[EMAIL PROTECTED]]On Behalf Of Jeff Newmiller Sent: Wednesday, April 03, 2002 6:21 PM To: Eric B K

[Leaf-user] serial console access

After some discussion with Larry I am resubmitting this question to the list with more information and a more fitting title. _system_ Bering v1.0-rc1 _task_ I want to implement serial console access to my firewall. _resources_ LRP-Serial-HOWTO written by Charles. _questions_ Do I need to load

[Leaf-user] serial.lrp

Howdy All, I have been unable to locate the serial.lrp package. If some one could please offer a pointer in the right direction it would be greatly appreciated. Thanks in advance, Eric ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sour

RE: [Leaf-user] Leaf Speed and workload

Maybe this will help. I stole this snip from an email on the zebra mailing list. [begin_snip/] this box is a PIII 733Mhz with 256M ram. Detected 731.483 MHz processor. Console: colour VGA+ 80x25 Calibrating delay loop... 1458.17 BogoMIPS Memory: 255024k/262080k available (1286k kernel code, 666

RE: SUMMARY?: [Leaf-user] newbie question (Bering/2.4/IDE)

Good Work Man, keep up the fight. I am currently still in the planning stages of doing my own strip down and kernel recompile of Bering. I have been watching your mail exchanges and your success has been an inspiration. Thanks for the follow up post. Eric -Original Message- From: [EMAIL

RE: [Leaf-user] Having trouble finding what I am looking for...

Wow, thanks everyone for the wealth of information. I will chew on this for awhile and see where it takes me... Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Charles Steinkuehler Sent: Wednesday, February 13, 2002 4:55 PM To: Eric B Kiser

[Leaf-user] Having trouble finding what I am looking for...

Hello LEAF List, I have been keeping up with all of the lists for quite some time and have been doing a considerable amount of research on the LEAF site, yet I am either not finding what I am looking for or I am still shamelessly confused. First, I will detail what I am trying to accomplish then