Why does this *never* complete?
ipsec rsasigkey --verbose 2048 mykey
Is there some special source for randomness other than /dev/random?
I've tried this with various lengths, including the shortest allowable:
16
It appears to hang on two (2) different machines:
486/66
Charles Steinkuehler wrote:
???
Please explain a bit more about exactly what you're trying to
accomplish...
Large medical images -- some approaching gigabyte sizes.
The internal network connects multiple facilities. The images may need
to be shared across multiple facilities.
Doh! Of course -- again, not thinking -- addled by all of this holiday
spirit ;
Thank you.
Charles Steinkuehler wrote:
My normal attempts resulted in failed connections. Since this box uses
wanpipe for EXTERN_IP, I couldn't troubleshoot with the normal tools
(e.g., iptraf, tcpdump,
Quite simply, what is the simplest, secure way to forward to two (2)
hosts? There are probably better ways to accomplish the end goal; but,
we have an application whereby we may need to push very large files from
the internet to two (or, more) locations behind a Dachstein firewall.
What do you
Charles Steinkuehler wrote:
Quite simply, what is the simplest, secure way to forward to two (2)
hosts? There are probably better ways to accomplish the end goal;
but,
we have an application whereby we may need to push very large files
from
the internet to two (or, more)
Charles ==
My bad ;
Charles Steinkuehler wrote:
No ideas?
Sorry...been busy w/XMas stuff.
Michael D. Schleif wrote:
I'm not sure where the problem is. Here are the facts:
external interface
wan1
a.b.C.157
a.b.C.156/30 -- public
Tony wrote:
I have a question Charles, how/where is the /dev/cdrom symlink created? I took a
stock version of your 1.0.2 image and modified it to fit my needs (i.e. set a root
passwd, included some other packages like psentry, setup network config for my net,
stuff like that). I then did
No ideas?
Michael D. Schleif wrote:
I'm not sure where the problem is. Here are the facts:
external interface
wan1
a.b.C.157
a.b.C.156/30 -- public
proxy_arp=yes
internal interface
eth0
192.168.1.254
192.168.1.0/24
Dan Schwartz wrote:
Over the past few days I've received some very helpful guidance about
assembling LEAF VPN appliances to handle multi-megabit 3DES encryption
throughput rates; and I really appreciate the guidance given this Mac NT
geek ( linux newbie).
However, since
gc wrote:
It looks like Charles and Dan nailed it.
My ISP seemed to be keying off of the MAC address.
When I spoofed the router's MAC address (as per Charles'
instructions below), it was able to get a good IP address.
It still bugs me, though, that the ISP WAS giving me an IP
address,
Dan Schwartz wrote:
Dear Charles:
Thank you *very* much for the offer. Right now they are in the process of
getting the T-1 line provisioned (still 30+ days away, courtesy of Verizon);
and as they get closer to deciding on whether they want a VPN channel between
their
Maxim Heijndijk wrote:
I run Dachstein 1.0.2 and the time is one hour earlier than it should be. How can I
change this ? I run 'rdate -p -s some.time.server hwclock --systohc', but still
one hour earlier.
This link contains good timezone information, although much of it no
longer applies
Sorry, the link:
http://c0wz.steinkuehler.net/dox/ntp.txt
Michael D. Schleif wrote:
Maxim Heijndijk wrote:
I run Dachstein 1.0.2 and the time is one hour earlier than it should be. How can
I change this ? I run 'rdate -p -s some.time.server hwclock --systohc', but still
one
Michael D. Schleif wrote:
I am building a development box with slink.
The system is up and functioning; but, now, I need to implement a 2.2.19
kernel. It builds successfully; but, has problems at bootup.
The system:
Pentium 150
64MB RAM
/dev/sda1 - swap
I am building a development box with slink.
The system is up and functioning; but, now, I need to implement a 2.2.19
kernel. It builds successfully; but, has problems at bootup.
The system:
Pentium 150
64MB RAM
/dev/sda1 - swap
/dev/sda2 - /
/dev/scd0
Ray Olszewski wrote:
At 05:37 PM 12/14/01 -0600, Michael D. Schleif wrote:
...
Interestingly, under the kernel that is functioning properly, there is
*NO* /proc/ide !?!?
...
So, how is this handling the IDE hdd? Is it using scsi to interpret
ide?
It would be easier to answer
I want to silently deny all traffic with destination 255.255.255.255,
regardless of source.
This is in response to:
input DENY eth0 PROTO=17 12.242.20.34:67 255.255.255.255:68
Is there any protocol or destination port for which these should *not*
be denied?
Yes, I can write the
Matthew Schalit wrote:
[ snip ]
All these are blocked by rule #42. What is that rule?
These log messages are from strange hosts. 80% of them don't
resolve to a real hostname. All the packets you listed are
tcp packets with no SYN flag, meaning they are theoretically
responses to some
Ray Olszewski wrote:
At 01:03 PM 12/9/01 -0600, Michael D. Schleif wrote:
I want to silently deny all traffic with destination 255.255.255.255,
regardless of source.
This is in response to:
input DENY eth0 PROTO=17 12.242.20.34:67 255.255.255.255:68
Is there any protocol
Brian Camp wrote:
How can I keep denied packes with the 255.255.255.255 destination address
from being logged?
If you are using Dachstein, or some other distribution that understands
this supplemental file, this entry in /etc/ipchains.input appears to do
as you need:
$IPCH -I input -j DENY
Charles Steinkuehler wrote:
Regarding silent deny's...you can block the whole
224.0.0.0/4 range (RFC-1112 Class-D multicast) without worry.
That catches IGMP, IGRP, EIGRP, and probably others. As you'd
expect, this is in the same reduce my log noise section of
Richard Burt wrote:
OK, I took a look at the man pages for last. With no arguments, it should
tell me all logins from the wtmp file. Here is what I get:
# last
USER TTY PID TIMEON FROM
reboot ~ 0 48452.2.19
Figuring it has to do with logins, I also
Am I the doofus or what?
My only excuse is, when my lrpkg.cfg looks like this, it is easy to miss
one:
Normally, we've been setting up all systems with dhcp and assigning dns
servers thusly:
192.168.1.254 # firewall, w/dnscache
x.y.z.2 # ISP assigned dns server(s)
x.y.z.3 ...
I suppose, our theory is, if dnscache gets trashed, at least dns
Charles Steinkuehler wrote:
Did you see my post about net-snmp? This package requires libdb.so.2 which
is not part of the libraries on the Dachstein CD. I found the file on the
Debian web site in the libdb++ package. Did you include it in either of
your net-snmp packages? If not, what
Michael D. Schleif wrote:
Charles Steinkuehler wrote:
Did you see my post about net-snmp? This package requires libdb.so.2 which
is not part of the libraries on the Dachstein CD. I found the file on the
Debian web site in the libdb++ package. Did you include it in either of
your
Charles Steinkuehler wrote:
Just port-forward the service from the public IP of the firewall (the
near
end IP of the T1 link). The reverse masqerade rules will do the right
thing, and everything should work fine. There are also hooks in place
to do
this already, so no custom
We are very sorry for any delays we may incur; but, we are among the
unlucky @Home victims.
Notwithstanding ATT's six weeks of assurances that we would experience
no interruptions, apparently the dear judge judged the case at least one
week quicker than ATT anticipated and transition us to the
We just connected Dachstein-CD to a T-1 via Sangoma panpipe pci card.
We are receiving a plethora of these:
kernel: Packet log: input DENY wan PROTO=88 x.y.z.158:65535
224.0.0.10:65535 L=60 S=0xC0 I=0 F=0x T=2 (#39)
Yes, we know that protocol 88 is EIGRP.
No, Ethernet
There have been several people on this List who have mentioned problems
with Sangoma's wanpipe since upgrading to Dachstein.
We have worked closely with Sangoma and have a solution, which we will
be releasing early next week -- after a long weekend of testing.
Suffice it to say, existing
We have a couple sites connected by T-1 to the Internet and the ISP's
have allocated /26 and /28 public networks for our customers' domains.
As you know, typically T-1's use a public /30 network to connect the
external wan port to its peer address on the ISP side. This network
belongs to the
Charles, thank you!
Charles Steinkuehler wrote:
kernel: Packet log: input DENY wan PROTO=88 x.y.z.158:65535
224.0.0.10:65535 L=60 S=0xC0 I=0 F=0x T=2 (#39)
Yes, we know that protocol 88 is EIGRP.
No, Ethernet http://www.echogent.com/cgi-bin/fwlog.pl does not
recognize this.
Charles Steinkuehler wrote:
We have a couple sites connected by T-1 to the Internet and the ISP's
have allocated /26 and /28 public networks for our customers' domains.
As you know, typically T-1's use a public /30 network to connect the
external wan port to its peer address on the
Charles Steinkuehler wrote:
So, in Dachstein, we do something like this:
wan1_IP_EXTRA_ADDRS=x.y.z.64/26
This is not what you really want to do...see below
Yes, but what about the NAT'ed internal network? Does it need a public
ip address on the customer's domain? Or,
Scott C. Best wrote:
Heya. Thanks for the packet log, am updating fwlog.pl
to include an awareness of protocol 88. It knew about regular
IGRP (IP protocol 9) but not this one. :)
Regarding silent deny's...you can block the whole
224.0.0.0/4 range (RFC-1112 Class-D
Is there away to get IPTraf to show ip traffic over a wan link?
Is this something related to *not* using an interface of the form ???
ethnum
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely
Any luck on this?
I've spent much of the last two days trying to get this to work --
without success ;
As Eddie said, everything appears to work, except there is *no*
interface . . .
Eddie Wilson wrote:
Has anyone configured Dachstein-CD to use a wanpipe card?
I started with LRP 2.9.8
permutation I use, I will get three of these:
Cannot find device wanpipe1
Or, this:
Error: an inet prefix is expected rather than dev.
Any ideas?
Michael D. Schleif wrote:
Any luck on this?
I've spent much of the last two days trying to get this to work --
without
Bash includes a built-in ``help'' command, which supercedes any PATH
statement. Therefore, the LEAF/LRP /etc/profile admonishment *cannot*
work:
``Type in help if you are really lost''
Of course, we could change this to; but, who will remember?
``Type in /usr/bin/help if you
Charles Steinkuehler wrote:
[ snip ]
Rebuilt log.tgz (part of ramlog.lrp) using busybox tar in hopes of
eliminating broken pipe messages appering on some systems.
Did I tell you that that fixes the problem?
Of course, in my modified instance, it took me quite sometime to figure
out how
Jacques Nilo wrote:
OK, this is really not about Dachstein, although that is the
distribution that we're using ;
What are the primary differences between dnscache and tinydns ???
http://leaf.sourceforge.net/devel/jnilo/dnscache1.html
Richard Doyle wrote:
snip
Background material here:
http://leaf.sourceforge.net/devel/jnilo/dnscache6.html
Aha! That's exactly why I didn't want to trust my
first reaction ;
I misread those links and thought that it was an
either-or scenario.
Now, I understand where I
Charles Steinkuehler wrote:
As always, this is truly superb stuff! Bravo, Charles !!!
Couple questions, even though these items appeared in RC5:
[1] What is the purpose of the ``leaf'' user?
It was in Jacques' example passwd file...I added it mainly as a 'stub' entry
for
Charles Steinkuehler wrote:
Interestingly enough, logged in as leaf, I *cannot* su - root
su: Incorrect password
What gives? Trust me, I know the root password ; But, I cannot
eliminate root login if I cannot su to root . . .
Hmm...does su have the setuid bit set? It has to
OK, this is really not about Dachstein, although that is the
distribution that we're using ;
What are the primary differences between dnscache and tinydns ???
What are the criteria we ought to consider, in deciding which to deploy?
What do you think?
--
Best Regards,
mds
mds resource
Michael D. Schleif wrote:
Charles Steinkuehler wrote:
The official release (v1.0.1) of Dachstein-CD is now available for download
from the usual places:
slow:
http://lrp.steinkuehler.net/files/diskimages/dachstein-CD/
fast:
http://lrp1.steinkuehler.net/files/diskimages/dachstein
Charles Steinkuehler wrote:
Does anyone know of a way to create the CD from the CD-Contents under
Windoze? I suspect that will be the biggest challenge for a non-Linux
person if they want to add/remove packages from the CD.
I've used Nero to create CD's on windows boxes. The version
Is Cyclades in trouble?
Sangoma says that they're having serious business problems.
We cannnot seem to get Cyclades on the telephone.
What do you think?
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely
These continue to come -- every four (4) hours.
No ideas ???
Michael D. Schleif wrote:
I've found references to this issue in the archives; but, have not found
adequate explanation nor resolution.
host 0a02a8c0/if8 ignores redirects for 0a02a8c0 to 0a02a8c0.
Yes, the ip
Since converting an open /26 network to Dachstein-CD and NAT, we have
several unused ip addresses ;
For example:
x.y.z.66# Dachstein
x.y.z.100 # unused
192.168.2.10# internal host
How can we, for example, portfw tcp port 80 from an unused public
Will this scheme work on *all* interfaces?
$dev_IP_EXTRA_ADDRS
I'm not sure what is going on here and don't want to dive in before I
understand the implications . . .
How does this work?
What are the ramifications?
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix
Charles, et al.
How did I miss your announcement for RC4 ???
Does everybody else know that RC4 was released on 7Nov ???
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think
Charles Steinkuehler wrote:
How did I miss your announcement for RC4 ???
Does everybody else know that RC4 was released on 7Nov ???
Um...because I think I forgot to make one.
clears throat...begins fanfare
Announcing the availability of Dachstein-CD release candidate 4 (rc4)
Charles Steinkuehler wrote:
Anyone know of an extended-precision shell-script math library before I
go
off and write one?
After years and years of Perl programming, I've recently returned to my
roots: awk, sed and shell.
I often use sed in shell scripting, because it gives me
Charles Steinkuehler wrote:
Also available is a new weblet package. This includes numberous updates
from the previous Dachstein weblet. You can now access the weblet logs via
weblet, a bug with the text to html conversion has been fixed, so and
now show up properly in the log listings,
Charles Steinkuehler wrote:
Why do you need both of these?
/var/sh-www/cgi-bin/viewlogs
/var/sh-www/cgi-bin/viewlogs-www - viewlogs
Take a look at the code...
The script includes code to prevent 'directory walking' attacks, so
something like:
Charles Steinkuehler wrote:
With weblet, I would find a feature that showed hourly use of bandwidth
very
useful. Maybe others would too, those on pay-per-meg deals?
It could be grabbed from the ipchains accounting figures. I tried to set
up
a shell script to do it but couldn't get
Charles Steinkuehler wrote:
You can generally replace 'wc -l' with sed -n '$=', although you won't
get a
zero output if there are no lines.
I know about this construct, using two (2) sed's:
sed -n = | sed -n '$p'
On Dachstein-CD:
sed -n '$='
returns:
sed: -e
Oo, talk about my bad };Þ
Charles Steinkuehler wrote:
Hmm...works for me:
krypton.private.network: -root-
# sed -n '$=' /etc/network.conf
767
krypton.private.network: -root-
#
The sed man page from debian lists = as a Zero- or One- address
command,
and $
Speaking of sed scripts ;
How can I pass a shell variable into a sed script pattern space?
I've seen two (2) means documented elsewhere; but, I cannot get them to
work in Dachstein-CD:
sed -n '/'$var'/p' file
sed -n '/$(var)/p' file
Yes, I've found that I can do it this way;
Jeff Newmiller wrote:
On Thu, 1 Nov 2001, Michael D. Schleif wrote:
Speaking of sed scripts ;
How can I pass a shell variable into a sed script pattern space?
I've seen two (2) means documented elsewhere; but, I cannot get them to
work in Dachstein-CD:
sed -n '/'$var
Charles Steinkuehler wrote:
I haven't tried bash.lrp since pre-release. There used to be two
(2)
bash-related problems; now, I find one (1):
Mounting local filesystems...
ramdisk.pkg: Uncompressing archives -
log.tgz/etc/rcS.d/S36ramdisk.pkg:
line 33:
George Metz wrote:
On Tue, 30 Oct 2001, Michael D. Schleif wrote:
now for the header
ll header: ff ff ff ff ff ff 00 30 c1 d8 b6 80 08 06
Found it!
Eradicated it!
Thank you, all for quick response . . .
Out of curiosity, what's the manufacturer on that NIC
Blanton Lewis wrote:
This is the way that the memo headers are created (headers, like
subject, that are actually part of the mail body and not the envelope), so
as far as the mail client is concerned, you're giving more headers for the
email. You need the blank line to tell the mail client
John Desmond wrote:
--- Michael D. Schleif [EMAIL PROTECTED] wrote:
John Desmond wrote:
--- Michael D. Schleif [EMAIL PROTECTED] wrote:
[ snip ]
I believe that (additional) ramdisks are created
*after* root.lrp is
unrolled; but, *before* anything goes into /var/log
or /tmp
Charles Steinkuehler wrote:
[ snip ]
[1] If the first line of the mail body begins with at least one (1)
non-whitespace, non-colon (:) character and is followed by a
colon (:) and anything else, then *NO* body will be received
with the Email !?!? For example:
host:
In a previous thread, Charles Steinkuehler wrote:
P.S. Nifty solution to the weblet logs issue coming as soon as I come up
with one and can test it. I'll probably just fix the viewlogs cgi script,
which is intentionally paranoid about which files it allows to be accessed
(weblet logs
Yes, I know what martians are. Yes, I know how they can occur.
No, I do not know how to locate and eradicate this one ;
martian source 3edb5d3f for 03db5d3f, dev eth1
ll header: ff ff ff ff ff ff 00 30 c1 d8 b6 80 08 06
3edb5d3f == 63.93.219.62
03db5d3f ==
Simon Bolduc wrote:
[ snip ]
now for the header
ll header: ff ff ff ff ff ff 00 30 c1 d8 b6 80 08 06
ff ff ff ff ff ff = destination MAC address - this equates to a binary of
or simply a broadcast
to anything on the LAN
John Desmond wrote:
--- Michael D. Schleif [EMAIL PROTECTED] wrote:
John Desmond wrote:
[ snip ]
First, un-tar weblet.lrp into a temporary directory.
cd temp/var
rm -fr sh-log
ln -s /var/log sh-log
At this point, rebuild weblet.lrp from this tree
Need we be concerned about directory file permissions?
Notice, I ask this in general, regarding *all* LEAF/LRP distributions;
but, because I am deeply into Dachstein-CD, my issues directly affect
this distribution.
For instance, should /var/log be 640, root:adm? Or, at least 750 -- so
Michael D. Schleif wrote:
[ snip ]
[3] /var/log/mail.log exists; but, I've not yet seen anything
write to it. In order to facilitate debugging Email issues,
as well as to keep track of outgoing Email attempts, I suggest
adding the following subroutine to /lib/POSIXness
Charles Steinkuehler wrote:
I haven't tried bash.lrp since pre-release. There used to be two (2)
bash-related problems; now, I find one (1):
Mounting local filesystems...
ramdisk.pkg: Uncompressing archives - log.tgz/etc/rcS.d/S36ramdisk.pkg:
line 33:
1001 Broken
Robert Williams wrote:
My Dachstien CD rc1 boots from the floppy. Can I update to the new
kernal by copying the the new one to the floppy? If so what file(s)
do I need to copy over. Thanks, Robert
You need two (2) new files on your boot floppy:
linux
root.lrp
There are
A client of ours wants to take the plunge and VPN their way around their
corporate intranetwork from any old place on earth.
OK, so they want remote access VPN and their poor DSL is going to really
show its limited bandwidth ;
Is IPSEC and FreeS/WAN the way to go?
Can LRP-CD (their current
Charles Steinkuehler wrote:
I have new kernels available, which include patches for a couple recent
kernel bugs:
[ snip ]
I notice that your site
http://lrp.steinkuehler.net/files/diskimages/dachstein-CD/CD-Contents/
indicates file change dates more recent than your original issue of
Charles Steinkuehler wrote:
Is there a reason that your utility: mailonerr will not work on
Dachstein-CD?
I haven't tested it yet...I do recall having to change a couple of things
when I migrated the script to a system running bash instead of ash...
I'll try to test it here soon.
Charles Steinkuehler wrote:
As you stated in the first release announcement:
``But if you're grabbing the CD image, you'll probably have better luck
with
the faster mirrors:''
http://lrp1.steinkuehler.net/files/diskimages/dachstein-CD/
Charles Steinkuehler wrote:
fd0h1440 floppies boot as expected.
Unfortunately, I'm working on a system that cannot boot from CD-ROM ;
You could boot from a 1440 floppy and run from CD-Rom...I do that a lot when
I'm testing (easier/faster to edit the floppy than burn a new CD!).
Yes,
As you know, I've been using LRP-CD for quite sometime.
Yes, I know that I had to resolve this issue with LRP-CD; but, for life
of me, I cannot remember how ;
System time is set to my localtime (CST6CDT).
Using /etc/localtime that comes with Dachstein, date command returns
correct hms; but,
Charles Steinkuehler wrote:
I've just put a new version of the Dachstein pre-release CD image online:
http://lrp.steinkuehler.net/files/diskimages/dachstein-CD/
As you stated in the first release announcement:
``But if you're grabbing the CD image, you'll probably have better luck
with
the
Charles Steinkuehler wrote:
As you know, I've been using LRP-CD for quite sometime.
Yes, I know that I had to resolve this issue with LRP-CD; but, for life
of me, I cannot remember how ;
System time is set to my localtime (CST6CDT).
Using /etc/localtime that comes with
Charles ==
Is there a reason that your utility: mailonerr will not work on
Dachstein-CD?
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we know. The more I know, the
Brad Fritz wrote:
On Wed, 17 Oct 2001 09:55:58 CDT [EMAIL PROTECTED] wrote:
Charles ==
Is there a reason that your utility: mailonerr will not work on
Dachstein-CD?
Not to answer for Charles, but in case he's busy with other stuff,
it's possible that you're running into the
I like the idea behind a bash.lrp, especially since we're running
Dachstein-CD and plenty of RAM.
However, bash.lrp breaks two (2) other modules, complaining about
``broken pipe'':
/etc/rcS.d/S36ramdisk.pkg, line 33
/etc/rcS.d/S55urandom.pkg, line 56
Notice, also, that those
Trying to load many modules at the LRP= point in syslinux.cfg in
Dachstein-CD.
It appears that when the third line, beginning ``default linux . . .''
exceeds 253 characters, all items _after_ this point are ignored.
Is the only workaround adding an lrpkg.cfg to floppy?
What do you think?
--
Anybody seen this error on executing iptraf?
``Error opening TCP/UDP filter file
Press a key to continue''
What do you think?
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional
How to configure external interface when it gets IP, et al., from ISP?
/etc/network.conf has these defaults:
eth0_IPADDR=1.1.1.2
eth0_MASKLEN=30
eth0_BROADCAST=+
Are these dummies that are always *overwritten* during the address
subscription phase?
Also, I notice
Anybody compiled any *real* grep for use in LEAF?
I can't say how many times that I wished I could do -i or -v . . .
--
Best Regards,
mds
mds resource
888.250.3987
Dare to fix things before they break . . .
Our capacity for understanding is inversely proportional to how much we
think we
We have an application that behooves us to include T-1/CSU/DSU into an
LEAF/LRP box. So far, we have built several boxen that relied on Cisco
routers to handle the WAN side.
We are investigating products by Cyclades and Sangoma, which seem to
meet our needs.
However, never having done this,
We have an application that behooves us to include T-1/CSU/DSU into an
LEAF/LRP box. So far, we have built several boxen that relied on Cisco
routers to handle the WAN side.
We are investigating products by Cyclades and Sangoma, which seem to
meet our needs.
[1] Is LRP-CD ready to run these
Charles Steinkuehler wrote:
Yes, of course. I looked at that last night and I understand how to use
it. Thank you.
*Where* in syslinux.cfg should it go?
LRP=etc,local,dhcpd,modules,ramdisk,ssh-1,sshd-1,update
I'd _guess_ between local and dhcpd ???
Actually, anywhere in
I am preparing to change an Edge/thinlinux firewall to LRP-CD. Unlike
my other successful implementations, the external interface gets an dhcp
address; but, requires a special identifier, which Edge calls
``dhcpcd_clientid''.
Can I use dhcpd.lrp in this scenario? How do I configure this
Charles ==
Will this work as updates to LRP-CD?
What needs to be done?
Charles Steinkuehler wrote:
I have just posted pre-release version 2 (pr2) of dachstein. The main
change from pr1 is the merging of the several versions of firewall scripts
I've got floating around. I've finally
OK, we know how to open ports tcp 5631 and udp 5632, and we can connect
to PCAnywhere hosts behind LRP-CD -- from the Internet in general.
However, specifically, when site A is behind LRP-CD(A) and site B is
behind LRP-CD(B) and we are inside site B, we *cannot* connect to
PCAnywhere hosts
Charles Steinkuehler wrote:
We've *not* been able to get mailonerr/moe.config to work (from Charles'
website: http://lrp.steinkuehler.net/Packages/Utilities.htm).
root@bluetrout:/var/log
# /usr/local/bin/mailonerr
/usr/local/bin/mailonerr: 56: Syntax error: end of file unexpected
Charles Steinkuehler wrote:
OK, we know how to open ports tcp 5631 and udp 5632, and we can connect
to PCAnywhere hosts behind LRP-CD -- from the Internet in general.
However, specifically, when site A is behind LRP-CD(A) and site B is
behind LRP-CD(B) and we are inside site B, we
Charles Steinkuehler wrote:
Check your firewall logs on both LRP-CD systems looking for denied
packets.
I'd bet you're dropping some traffic PCAnywhere needs to function...
Yes, our first thoughts also -- however, neither side has anything in
/var/log/kern.log . . .
Only
We have a network of (64) public addresses connected to the Internet via
DSL modem.
This network consists of wintels and macs, and management of each is by
different groups. Other than the Netopia DSL router, everything inside
this network is 100% switched. Management insists that any user
We've *not* been able to get mailonerr/moe.config to work (from Charles'
website: http://lrp.steinkuehler.net/Packages/Utilities.htm).
root@bluetrout:/var/log
# /usr/local/bin/mailonerr
/usr/local/bin/mailonerr: 56: Syntax error: end of file unexpected
(expecting })
root@bluetrout:/var/log
#
201 - 300 of 314 matches
Mail list logo
