RE: [leaf-user] Bering/Shorewall vs. Dachstein

. Perhaps this statement helps finding the problem. I don't know if this helps and I can't say more about the EyeBall problem because I know too less about how p2p tools like kazaa (and EyeBall) etc. works. so long -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto

RE: [leaf-user] Re: Shorewall with more than 3 interfaces (was: Two Private LANs?)

of the Kernel or the NIC driver (if all interfaces are the same type of NIC). I'm using Shorewall with 21 ethernet interfaces and it works well. (eth0 to eth20) -- Sandro Minola LEAF Developer (http://leaf.sourceforge.net) --- This SF.NET email

RE: [leaf-user] Flow Accounting and graphical display package.

had to install perl on my server to get MRTG running. 5. Has anyone tried running perl on a LEAF box? No, I don't know if this is a good idea... Hope this helps -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http

RE: [leaf-user] Shorewall: network/netmask, nesting zones, use of the multi and detect option

Thank you for your answers! Now, (I hope), everything is clear. Perhaps, some more questions will come up, but I think everything should be clear. so long -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http

[leaf-user] Bering ip_conntrack_max on a 21Port, heavy loaded router

? Google says that I may increase this value according to the amount of memory installed in the router. The router got 512MB RAM... Any ideas? Thank you for your answer So long -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED

[leaf-user] RE: Bering ip_conntrack_max on a 21Port, heavy loaded router

| -- As you see, there are about 100 clients which are using the router only for internet access and about 100 which are using the router to access our servers AND the internet. What do you think? -- Sandro Minola

RE: [leaf-user] Does this indicate I've been hacked?

Saw the following in my syslog Jan 3 15:17:12 ardentpursuit portsentry[1120]: attackalert: External command run for host: 218.156.227.172 using command: /root/add2chain 218.156.227.172 12345 Did that command actually run, or did portsentry prevent it from running? No, you weren't hacked.

RE: [leaf-user] Need bcm5700.o with Bering 1.0-stable

the Compaq support site. I'm using it with the integrated gigabit module in the new ML370G3. -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP

[leaf-user] AVM FritzCard DSL

with LEAF/Linux. (There are Linux drivers with sources) Thank you so long -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP key is at: http

[leaf-user] Bering PPPoE: Users Guide abbendum?

searching the net we found out that this message is normal in connection with ADSL and isn't a real error. Information about the ISP: Provider: Solnet Subscription: ADSL Home Notes: Swiss ADSL Provider (www.solnet.ch) so long -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net

RE: [leaf-user] RE: Two drivers to compile: e100, e1000 from CPQ

this mega-router, based on Bering RC4 and a Compaq Proliant ML370G3, when I'm finished. Now, the NIC's are working... so long -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:sandro;minola.ch | mailto:sminola;swissonline.ch http://www.minola.ch| http

[leaf-user] RE: Two drivers to compile: e100, e1000 from CPQ

that it won't work properly) and now, it loads all my 20 NIC's. Would it be possible to compile both again? (for rc4) Thanks Have a nice evening -- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:sandro;minola.ch | mailto:sminola;swissonline.ch http://www.minola.ch

[leaf-user] Going to use LEAF Bering as a WAN-backbone Router

-- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP key is at: http://www.minola.ch/pgp/sminola.asc

RE: [leaf-user] Going to use LEAF Bering as a WAN-backbone Router

I'm curious about where you are going to get the weblet with lrpstat for bering. Are you going to make this package by hand, or is it already out there? I would be interested in using it... I'm going to make it by hand. I'll send you a copy when I'm finished. -- Sandro Minola

RE: [leaf-user] bering (shorewall) traffic shaping

. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP key is at: http://www.minola.ch/pgp/sminola.asc

RE: [leaf-user] Module finder??

eepro100 --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP key is at: http://www.minola.ch/pgp/sminola.asc

[Leaf-user] New eepro.o module for Dachstein

rename the file to eepro.o before using it. -013 stands for version 0.13 while the normal Dachstein contains version 0.12b. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http

RE: [Leaf-user] Changes for new Dachstein release

. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - My PGP key is at: http://www.minola.ch/pgp/sminola.asc

RE: [Leaf-user] Changes for new Dachstein release

) The interval can be set as a parameter in network.conf. I know that for example Watchguard is flushing all IP's blocked by the portscanner detector every 30min by default. Good idea? --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto

RE: [Leaf-user] can I run simple Samba server on a LEAF machine? or something similar,

/kwarchive/ Use smb-2b.lrp. After using this package, cross-subnet-browsing worked (please be patient, it's buggy, unreliable and slow). It's also useful if you just want to access your router through Windows network instead of FTP or if you have a HD in your router for data. best wishes --- Sandro

RE: [Leaf-user] Traffic Shaping using TC

--- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Simon Bolduc

RE: [Leaf-user] Traffic Shaping using TC

(dial-up) connections becaus of the different MTU values. Please tell me more about your setup and what exactly goes wrong, and in which direction (up- or download)? I'm sure we can fix your problems. BTW: I didn't notice ANY problems yet and I'm even running a DMZ. --- Sandro Minola

RE: [Leaf-user] Traffic Shaping using TC

me know. You'll be my first BETA-tester... --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -Original Message- From: [EMAIL PROTECTED

[Leaf-user] Question of principle: Are ProxyARP DMZ insecure?

is opened --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola ___ Leaf-user mailing list [EMAIL PROTECTED] https

[Leaf-user] FW: [Leaf-devel] Question of principle: Are ProxyARP DMZ insecure?

the whole TCP/IP stack and the firewalling part. I don't know how far this is true. I'm sure they've still some parts of the original 2.0 code in their stack. I'll ask her for more details and let you know. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL

RE: [Leaf-user] How to reach my internal web server from an internal machine via an external web page?

at home/a) 4. add a entry to your hosts file for this DNS name (in the system32 directory) This solution is much cooler because you don't have to care about the IP anymore. It's done automatically. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED

RE: [Leaf-user] Morpheus?

with the following apps: Napster, Half-Life (Counterstrike), ICQ If you want to learn more about the -y flag, please read the section Specifying TCP SYN Packets Only on http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO-4.html --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL

RE: [Leaf-user] CIPE almost working

] Etienne Charlier [ECharlier AT wanadoo DOT be] --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -Original Message- From: PASI RAUHANIEMI

RE: [Leaf-user] How to reach my internal web server from an internal machine via an external web page?

not support No-IP. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -- Mike Noyes [EMAIL PROTECTED] http://sourceforge.net/users/mhnoyes/ http

RE: [Leaf-user] How to reach my internal web server from an internal machine via an external web page?

Win9x, but I think the hosts file is in system32, use Filesearch) --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -- Frank [EMAIL PROTECTED

RE: [Leaf-user] CIPE for kernel 2.2.18

kernel differs from the dachstein kernel. I'd suggest to ask one of the Coyote guys to compile CIPE for the Coyote kernel. I'm sorry, I can't do that because I don't have a Coyote kernel tree on my devel system. Please notify me, when you got it running. Thanks --- Sandro Minola | LEAF

RE: [Leaf-user] Dachstein firewall questions

Hi Christopher I tried the ShieldsUp Portscan. It shows my Firewall's TCP Port 5000 as closed too. It seems that this is a problem of the ShieldsUp Scan Engine/Homepage. I definitely DENY TCP Port 5000. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL

RE: [Leaf-user] CIPE for kernel 2.2.18

hesitate to ask. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf

RE: [Leaf-user] problems with IPIP protocol (94) and SecuRemote

for instructions) and what exactly you're doing when you added straight rules which allowing ip proto=94 to pass/forward through LRP. Thank you --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http

AW: [Leaf-user] DHCP Relay Agent

Hi Reginald, hi all There is a dhcrelay.lrp package on Koon Wong's package archive. But Koon Wong's archive seems to be offline. But Rick is mirroring it: http://c0wz.steinkuehler.net/files/kwarchive/dhcrelay.lrp --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto

AW: [Leaf-user] multiple web DNS on LRP

, name-based vhosting does not directly work via DNS, it reads the URL from the browser. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola -Ursprüngliche

RE: [Leaf-user] Speed Survey

cable link in Switzerland for reasonable prices :( ). The slowest is a 486DX2/33Mhz with 16MB RAM connected to a bridging cable modem. I can't measure a speed decrease. --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED

RE: [Leaf-user] no ppp support in kernel (DCD 1.0.2)?

Minimum set of modules for ppp seems to be: slhc ppp Yes, i can validate that. I think Jim is asking because of his PPTP setup. I'm running PPTPD with only these two modules and it's working great. ___ Leaf-user mailing list [EMAIL PROTECTED]

[Leaf-user] Linux 2.4 based Firewalls made in Switzerland

for is a reseller. We get the Ethernet II for about US$375 (CHF 600) and the Ethernet III for about US$940 (CHF 1500). --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel

RE: [Leaf-user] PPTP setup

Hi Jim Sorry for the long delay. I'm confused now. Do you need a PPTP client or server? Do you want to be a PPTP RAS server where clients dial-in or do you want to build a static tunnel to another firewall? There is a difference. --- Sandro Minola | LEAF Developer (http

RE: [Leaf-user] Draft CIPE on LRP how-to

--- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http://leaf.sourceforge.net/devel/sminola - worldcontrol:~ # rm -rf /bin/laden -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL

RE: [Leaf-user] Re: Weblet and SSHD

you uncommented the ssh entry in /etc/inetd.conf and SSH is now running via inetd? If yes, the only thing you have to do is to comment it out again. Hope this helps --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http

RE: [Leaf-user] Dachstein RC5 -- Hostname problem

of problem. I hope this help, but I'm pretty sure that it can't be a general problem because Charles would noticed it. Have a nice weekend --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http

RE: [Leaf-user] QoS on eth0 - not possible if using DHCP !?

for your example. do you have experiences with turning QoS on on the internal interface to queue incoming traffic? Have a nice weekend --- Sandro Minola | LEAF Developer (http://leaf.sourceforge.net) mailto:[EMAIL PROTECTED] | mailto:[EMAIL PROTECTED] http://www.minola.ch| http

[Leaf-user] QoS on eth0 - not possible if using DHCP !?

and useful but there are still a lot of open questions. can anyone post a working example and explain what it does? i mean, how the posted parameters affect and what experiences you made with QoS. (the QoS part of network.conf would be nice) thank you --- Sandro Minola | LEAF Developer

RE: [Leaf-user] Extended Scripts V1.1 - Hostname not set!

-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Sandro Minola Sent: Sunday, October 28, 2001 3:44 PM To: Leaf-User Subject: [Leaf-user] Extended Scripts V1.1 - Hostname not set! Hi Charles Hi all I'm using Extended Scripts V1.1 (Private DMZ) and everything

RE: [Leaf-user] Extended Scripts V1.1 - Hostname not set!

PM To: Sandro Minola Cc: Leaf-User Subject: Re: [Leaf-user] Extended Scripts V1.1 - Hostname not set! Sandro Minola wrote: Hi Charles Hi all I've solved the hostname problem by myself. It seems that my Busybox V0.51 don't accept comments in the /etc/hostname file. I changed the /etc/init.d

RE: [Leaf-user] Strange problem with external NIC

and install a new one. What do you think? other ideas? greetings Sandro Minola -Ursprungliche Nachricht- Von: Johdomi [mailto:[EMAIL PROTECTED]] Gesendet: Freitag, 28. September 2001 01:03 An: Sandro Minola Cc: Leaf-User Betreff: Re: [Leaf-user] Strange problem with external NIC Check

[Leaf-user] Strange problem with external NIC

Ultra ISA NIC (external, the strange one) DEC EtherWorks (internal, don't makes any problems) DOCSIS CableModem connection 256Kbit there are no kernel messages about the NIC (from the driver or so). any ideas? is this nic damaged? should i trash it? greetings Sandro Minola

RE: [Leaf-user] Problem with cipe

/files/devel/cipe-146-IDE I forgot to compress the executable ciped-cb with UPX. Please let me know if it works with the IDE kernel, I'll compress it then. greetings Sandro Minola -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Hamill Sent: Tuesday

RE: [Leaf-user] Problem with cipe

, if you need it or not. But don't expect it before saturday... greetings Sandro Minola -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Hamill Sent: Tuesday, September 18, 2001 1:36 AM To: [EMAIL PROTECTED] Subject: RE: [Leaf-user] Problem with cipe

RE: [Leaf-user] Problem with cipe

with it. (I'm just the compiler, not the user.. ;) ) Sandro Minola -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of John Hamill Sent: Monday, September 17, 2001 1:37 AM To: [EMAIL PROTECTED] Subject: RE: [Leaf-user] Problem with cipe Hi All, I am having

[Leaf-user] thttpd CGI Forms for administrating Firewall through browser

!?) greetings Sandro Minola (Script at the bottom) Example Script: #!/bin/sh STRINGS=`echo $QUERY_STRING|cut -d'' -f*` for STRING in $STRINGS ; do echo $STRING /var/tmp/wwwget.tmp done ; unset STRING ; unset STRINGS . /var/tmp/wwwget.tmp cat - /HTML-DATA Content-type: text/html

RE: [Leaf-user] thttpd CGI Forms for administrating Firewall through browser

. Have a nice weekend Sandro Minola -Original Message- From: Eric Wolzak [mailto:[EMAIL PROTECTED]] Sent: Saturday, September 15, 2001 10:00 PM To: Sandro Minola; [EMAIL PROTECTED] Subject: Re: [Leaf-user] thttpd CGI Forms for administrating Firewall through browser Hello All, Sandro

RE: [Leaf-user] Problem with cipe

Hi Etienne I didn't saw any insmod commands in your scripts. Do you load the kernel module cipcb.o somewhere? if not loaded, tunnel won't run. greetings Sandro Minola -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Etienne Charlier Sent: Wednesday