Re: [leaf-user] tinydns setup

To all, I may have some old archives of Bering on my systems here... If you know which version or package to look for, let me know and I'll see what I can find. Regards, Scott. - Scott Young Network Integration Solutions Inc. Phone: 780-461-3371 Fax: 780-465-7270 email: [EMAIL PROT

Re: [leaf-user] RE: hostap_cs (Scott Merrill)

On Thursday 06 January 2005 00:05, Vic Berdin wrote: > hostap.o must be properly installed prior to insmodding hostap_cs.o. > Notice your unresolved symbols. Ah yes -- now that I know what I'm looking for, I see: /2.4.26/pcmcia/hostap_cs.o /2.4.26/net/hostap_pci.o /2.4.26/net/hostap_plx.o /2.4.26/

[leaf-user] hostap_cs

I'm using Bering uClibc 2.2, trying hostap for the first time. I have a Microsoft MN-520 PCMCIA NIC and a PCMCIA-to-ISA bridge. I used the drivers from the /2.4.26/pcmcia/ directory of the Bering-uClibc_2.2.1_modules_2.4.26.tar.gz tarball (the PCMCIA bus drivers included in the pcmod.lrp package

[leaf-user] Bering uClibc telnet client

Can anyone provide me with a telnet client for Bering uClibc? I need to temporarily connect to a legacy system via telnet, and would like to use a Bering uClibc floppy in an aging workstation to do this. Thanks! Scott --- SF email is

RE: [leaf-user] IPSEC pluto errors

Erich, thanks for the info. So then I *_do_* need to generate certificates even if I'm just using pre-shared keys? Scott. - Scott Young Network Integration Solutions Inc. Phone: 780-461-3371 Fax: 780-465-7270 email: [EMAIL PROTECTED] > -Original Message- > From:

[leaf-user] IPSEC pluto errors

ectory Nov 1 13:46:41 r2 pluto[21628]: FATAL ERROR: unable to malloc 0 bytes for cert *** end auth.log So what's up with the FATAL ERROR? It would seem without pluto, my ipsec configuration is unable to start? I can supply full details if required, but I'm hoping it's something

RE: [leaf-user] lpthread.lrp backup error (Bering Uclibc 2.2.2)

I corrected that in: /var/lib/lrpkg/lpthread.list Changed: var/lib/lrpkg/libpthread.* To: var/lib/lrpkg/lpthread.* Scott. - Scott Young Network Integration Solutions Inc. Phone: 780-461-3371 Fax: 780-465-7270 email: [EMAIL PROTECTED] > -Original Message- > From:

[leaf-user] ipsec subnet-to-subnet vpn

ev 1 Dnsmasq is lightweight, easy to configure DNS TIA, Scott. --- Scott Young Network Integration Solutions Inc. Phone: 780-461-3371 Fax: 780-465-7270 --- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now

Re: [leaf-user] OpenVpn

On Friday 22 October 2004 13:43, Martin Hejl wrote: > > In that case, you can contact Martin Hejl and see if he can port the 2.0 > > to LEAF. We are looking forward to it too. > > Well, a package is available at > > http://cvs.sourceforge.net/viewcvs.py/leaf/devel/hejl/ > > the reason that I haven'

Re: [leaf-user] LEAF proxy options

On Monday 04 October 2004 20:37, K.-P. Kirchdörfer wrote: > Am Dienstag, 5. Oktober 2004 00:03 schrieb Scott Merrill: > > I haven't (yet) tried the squid package (even though it's for > > Oxygen -- will that even work?), but I again assume that it's what > &

[leaf-user] LEAF proxy options

/ I'd like to preserve my investment in LEAF, so any suggestions or guidance are _greatly_ appreciated. Likewise, are there other solutions I can (should?) consider? Thanks! Scott --- This SF.net email is sponsored by: IT Product Guide o

re: [leaf-user] DiskOnChip issues (was uClibc hdsupp: syslinux error)

atted, or "incorrect" sectors which were skipped. These were (almost?) always after rebooting due to a failed unmount operation after a write operation to the DoC. I'll be happy to troubleshoot this, if someone can give me some suggestions on what to try. Thanks! Scott ---

[leaf-user] uClibc hdsupp: syslinux error; plus doco errors

the hdsupp.lrp package. Can someone provide a uClibc version of mtools which I can symlink to mcopy and mattrib? Or is there another solution to this problem? Many thanks, Scott --- This SF.Net email is sponsored by: GNOME Foundation Hacker

[leaf-user] Resolved: Bering-uClibc: pcmcia_orinico + dhcpd

Thanks again to all who replied with suggestions on my pcmcia + dhcpd problem. I tried Huy Bui's suggestion to use the "up" facility of /etc/network/interfaces. It worked as expected, and solved the problem. Thanks Huy, and thanks also to everyone involved with the LEAF project!

Re: [leaf-user] Bering-uClibc: pcmcia_orinico + dhcpd

Thanks, everyone, for the suggestions! I'll give a few of these a whirl tonight, and report what I find. Erich Titl wrote: > I don't have neither pcmcia nor dhcp on my firewall anymore, the RCDLINKS > approach looks sensible to me. I'll try again, but that didn't work with regular LEAF/Bering.

[leaf-user] Bering-uClibc: pcmcia_orinico + dhcpd

I just upgraded my home LEAF/Bering 1.1 box to LEAF/Bering-uClibc 2.1rc1. I have three NICs: eth0 = smc-ultra connected to my DSL line eth1 = 3c509 connected to my LAN eth2 = Orinoco Gold I configured dhcpd to provide leases to clients on both eth1 (192.168.0.0/24) and eth2 (192.168.1.0/24), but

[leaf-user] LEAF hardware

Is anyone using one of these in their LEAF boxes? http://www.thinkgeek.com/computing/accessories/5ad1/ http://www.intellinet-network.com/html/509961.htm It looks like an appealing, moderate-cost solution to the problem I have: too many boxes and power supplies littering the floor! Since I don't

Re: [leaf-user] VPN security issue? Slightly O/T...

The only thing I can think of is if the given box's connection has been compermised, then the attacker would also have access to the systems on the other side ot the VPN. - Original Message - From: "Craig Caughlin" <[EMAIL PROTECTED]> To: "LEAF (LEAF)" <[EMAIL PROTECTED]> Sent: Monday, J

[leaf-user] Boot failure on IDE

end_request: I/O error, dev 02:00 (floppy), sector 0 LINUXRC: could not mount the boot device. can't install packages kernel panic: Attempt to kill init! floppy ? did I miss something? Any Ideas? Thanks Scott --- This SF.Net email sponsor

Re: [leaf-user] Multiple routable IPs to multiple non-routable subnets

Charles Steinkuehler wrote: > Scott wrote: > >> Hi, >> >> I'm using bering and shorewall (penultimate releases). I have >> three interfaces on my device: eth0 eth1 eth2. eth0 is the public >> interface to which my ISP has directed a /29 subnet. eth1

[leaf-user] Multiple routable IPs to multiple non-routable subnets

.168.1.255 auto eth2 iface eth2 inet static address 192.168.2.1 masklen 24 broadcast 192.168.2.255 -Scott --- This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! N

[leaf-user] OpenVPN

I've seen some posts (here and on the Shorewall list) about OpenVPN, so I thought I'd take a look. I like what I see, and I'd like to try to implement it on LEAF/Bering. Getting OpenVPN compiled for Bering is problematic, though. I followed the Bering UML instructions for creating a virtual s

Re: [leaf-user] modules aren't loading at boot

Hi Peter, Is it the last two packages in the LRP= line in the syslinux.cfg file that are not loading? I have noticed that when this line gets too long the end is not processed! I would be interested to know if there is a simple solution to this. Cheers, Tim - Original Message - From: "P

[leaf-user] How do I rebuild ipsec.lrp after patching FreeSwan for NAT Traversal?

I believe I have successfully patched and rebuilt the FreeSwan and the Bering kernel for ESPinUDP to support NAT traversal using the 'woody' environment. I now need to package up the FreeSwan into a "ipsec.lrp". Please could someone tell me how I go about creating the "ipsec.lrp" package? [It app

Re: [leaf-user] Unresolved Symbols

On Monday 20 January 2003 10:22 pm, David Pitts wrote: > I am using Bering_1.0-stable_img_bering_1680.exe from > http://sourceforge.net/project/showfiles.php?group_id=13751 and > smc-ultra.o (20-Oct-2002 09:03 6k) from > http://leaf.sourceforge.net/devel/jnilo/bering/rc4/modules/2.4.18/kernel >

Re: [leaf-user] Bering + Orinoco wireless

On Friday 17 January 2003 10:16 am, you wrote: > Never seen those error messages before. Something is defintely wrong, > but I'm not sure what. You might get better help on the orinoco-user > list: > http://sourceforge.net/mailarchive/forum.php?forum=orinoco-users > > or in the samba wireless a

Re: [leaf-user] Bering + Orinoco wireless

More in the saga of wireless network connectivity. =) Someone mailed me off-list to report that they had enjoyed success with their Orinoco card using the 8.10 firmware revision. So I downgraded the firmware in both of my cards. Again, everything appears to work at first. Now, however, the

Re: [leaf-user] Bering + Orinoco wireless

d card, and a > no-name Pentium 120 desktop running Bering 1.0 stable with 2 SMC Ultra > ISA network cards and an Orinoco ISA-PCMCIA adapter with an Orinoco Gold > card. Matt Schalit responded: > Hi Scott, sorry to hear about the wireless problems. > I have the same network hardware

Re: [leaf-user] Bering + Orinoco wireless

On Tuesday 14 January 2003 01:45 pm, Matt Schalit wrote: > Hi Scott, sorry to hear about the wireless problems. > I have the same network hardware as you. Tell us if > you diverged at all from the Bering User's Guide Orinoco > section? I flashed both cards to the lat

[leaf-user] Bering + Orinoco wireless

#x27;d') I'm pretty frustrated with all of this, because by all accounts every one else has their wireless networks "just work"! =( Any pointers or suggestions would be greatly appreciated! Cheers, Scott --- This SF.NET emai

[leaf-user] can not forward telnet and ftp through bering.

Hi, I have bering 1.0 firewall and I can't forward port 23 and 21 to a server inside my network. I can connect internally on the network, so I'm sure it's something with the firewall. I have no problem forwarding a bunch of other ports (not sure of my method, but it's working): /etc/shorewal

[leaf-user] boot freezes with bering and VIA chipset

my media, proc, memory, cdrom, and floppy drive with other motherboards and they all work fine. I'm pretty sure it's the motherboard chipset. Is this a know problem with this chipset? Has anyone else tried to boot bering with this chipset an

Re: [leaf-user] The vlan project

m finished I'll post to the list. Thank you to all who helped. -Scott --- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://ww

Re: [leaf-user] The vlan project

Sorry, that should say I got the eepro100.o driver built with the 802.1q mtu > 1500 patch from http://www.candelatech.com/~greear/vlan/cisco_howto.html. -Scott Scott wrote: Ok, I finally got the new eepro100.o driver built. I still can't increase the MTU above 1500. The exact error

Re: [leaf-user] The vlan project

echo 1504 > /proc/set/the/mtu/here? -Scott Brad Fritz wrote: On Thu, 14 Nov 2002 01:51:36 PST Scott wrote: First, I need an eepro100.o or tulip.o driver compiled with and mtu > 1500. Searching this list and others has turned up many references to patches, but no drivers. Has anyon

Re: [leaf-user] The vlan project

d to go through all this just to change the mtu on a NIC driver? There surely must be someone out there who was done this already. There's tons of information and links to the patches so there must be a demand. Has nobody ever come across an eepro100 or tulip driver compiled with the mtu&g

[leaf-user] The vlan project

27:5c:28:de brd ff:ff:ff:ff:ff:ff 7: eth1.11: mtu 1500 qdisc noqueue link/ether 00:90:27:5c:28:de brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1.11 8: eth1.12: mtu 1500 qdisc noqueue link/ether 00:90:27:5c:28:de brd ff:ff:ff:ff:ff:ff inet 192.168.2.1/24

Re: [leaf-user] Setting MTU (Dachstein 1.0.2)

above 1500 (1504 is often suggested for vlan tagging). When I'm done with this whole vlan project I'm going to write a step by step how-to. I hope it's half as good as anything Guitarlynn or Jacques Nilo have written ;). -Scott [EMAIL PROTECTED] wrote: > Hello! > > I

[leaf-user] restoring vlan's after reboot: /proc/net/vlan not there

Otherwise shorewall doesn't have anything to configure. -Scott --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-

Re: [leaf-user] Connect to EIA 232 serial port to configure switchwith bering

which installs the terminfo files? -Scott Brad Fritz wrote: On Sun, 10 Nov 2002 23:01:26 PST you wrote: I am attempting to use minicom. When I type minicom -s I get the following output: "No termcap entry for linux." This is a guess, but it sounds like TERM=linux in your environme

Re: [leaf-user] Connect to EIA 232 serial port to configure switchwith bering

9600 since that's what my switch requires, but no difference. I also have /etc/termcap-mini and /etc/mini which contain terminal encoding entries (I don't have ssh up yet to do easy cut/paste). What am I missing here? -Scott guitarlynn wrote: On Sunday 10 November 2002 22:42, Sc

Re: [leaf-user] Connect to EIA 232 serial port to configure switch with bering

used it originally set up the switch using it on a windows box. -Scott Charles Steinkuehler said: > You first need to create a default configuration file for minicom. Run > "minicom -s" to create a config file (/etc/minirc.dfl). > > You also need to verify you've go

Re: [leaf-user] Connect to EIA 232 serial port to configure switch with bering

The link you sent me seems to be instructions for connecting to the leaf box through the serial console. I need to do just the opposite. I need to connect to a switch through the serial port on my leaf box. Please see my other additional comments which I added later. -Scott Jacques Nilo said

Re: [leaf-user] Connect to EIA 232 serial port to configure switch with bering

Sorry, just a little more information. When I run minicom from the command line I get the error:- Minicom WARNING: configuration file not found, using defaults No termcap entry for linux. - I tried installing the libtcap.lrp package but it didn't make any difference. -Scott Scott said: &g

Re: [leaf-user] Connect to EIA 232 serial port to configure switch with bering

Sorry, mistype. Replace "getty" below with "minicom". I'm using the one from thc. -Scott Scott said: > Hi, > > My leaf box is basically a little celeron on an intel mobo with a cdrom > and floppy. It has 1 serial port which I need to use to connect

[leaf-user] Connect to EIA 232 serial port to configure switch with bering

tion. The switch requires 9600,8,n,1 settings, typical switch management. Or, am I on the wrong track here? -Scott --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkg

Re: [leaf-user] How to set up bridging with Bering?

On Tuesday 29 October 2002 12:20 am, dan carter wrote: > Charles Steinkuehler wrote: > >You need to talk to more Microsoft people (motto: Microsoft doesn't > >understand how tcp/ip works.) The L2TP protocol used by M$ WAN's is a > >Layer 2 Tunneling Protocol (hence the name), which enables your sy

Re: [leaf-user] vlan tagging in leaf

I managed to squeeze this information from a friend with some knowledge of vlan tagging: > what you need is a card and driver set that supports vlan tagging. I know > that the eepro100 cards do, and that there are patches to the eepro100 > driver to make it work. If I use the eepro100 driver do I

Re: [leaf-user] vlan tagging in leaf

stein? -Scott --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED]

Re: [leaf-user] vlan tagging in leaf

Another questions: Does the vlan.lrp package work with the tulip.o driver, or are there special NICs I should use for this? Does the NIC have to specifically support 802.1Q? If so, which NIC should I use if not the netgear(tulip)? -Scott Jacques Nilo said: >> No patch is necessary for

Re: [leaf-user] vlan tagging in leaf

f it works with Dachstein? -Scott Alby said: > > > > Even better. I found the vlan.lrp package. > > > http://leaf.sourceforge.net/devel/jnilo/bering/latest/packages/ > > File: vlan.lrp > > > -Alby > > > > > > >> >> >> >

[leaf-user] vlan tagging in leaf

ng on which vlan the request came from? -Scott --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EM

[leaf-user] PPTP and PPPoE

it now, darn it!) that someone experienced trouble using PPTP over PPPoE due to troubles with one using sync and the other using async -- can anyone comment on this? If I recall, a patch was supplied. Are there any other work-arounds? Thanks in

Re: [leaf-user] LEAF PPTP client

On Thursday 26 September 2002 12:55 am, Tom Eastep wrote: > > Sep 25 17:15:46 flg2 kernel: Shorewall:net2all:DROP:IN=eth0 OUT= > > MAC=00:a0:cc:60:3c:2d:00:4f:4e:09:27:4b:08:00 SRC=24.208.187.129 > > DST= LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=36117 DF PROTO=47 > > > > The "GRE: xmit failed from deca

[leaf-user] LEAF PPTP client

ptop server have the following entries in /etc/shorewall/rules: ACCEPT net FW 47 - ACCEPT net FW tcp 1723 ACCEPT FW net 47 - ACCEPT FW net tcp 1723 Where should I start diagnosing this? Thanks in advance! -Scott --- This sf.net email is spons

[leaf-user] PPTP client

modified, and what they should contain. Any assistance is greatly appreciated! Cheers, Scott --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf

[leaf-user] PPPoE difficulty

9]: Connection terminated. Sep 20 16:58:16 firewall pppd[17649]: Doing disconnect I tried using all three of the pre-configured options in dsl-provider: pty "pppoe -I eth0 -T 80 -m 1452" pty "pppoe -I eth0 -T 80" pty "pppoe -I eth0 -T 80 -m 1412"

[leaf-user] Attn: List Admin

Seems I can post to the list but not receive any messages. Tried two different email address and have not recieve an conformation email to join the list. --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a

[leaf-user] (no subject)

--- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 l

Re: [leaf-user] Windows XP attacking my firewall?

e and dest) I doubt it's an attack; it's probably just normal UPnP activity. Still, it'd help to know: which is your WinXP machine? -Scott > in /var/log/syslog i get the following error repeated three times every 25 > seconds: > > Aug 9 15:45:23 firewall kernel

Re: [leaf-user] 10.10.x.x network blocked by default?

, I'm not prejudiced against the RFC-1918 ranges anymore. It used to be that any traffic coming from them could be considered suspicious. Now all traffic is suspicious. :) -Scott > > > Heya. Yes, the 10.x.y.z private IP address range is blocked > > > by the default fir

Re: [leaf-user] 10.10.x.x network blocked by default?

d before long I had so many customizations to it, it became its own package. :) If you want to keep using the default Dachstein firewall for whatever reason, I believe the changes you need to make are in the network.conf file. Should be easy to find in there... -Scott >

[leaf-user] Re: [Leaf-devel] is Bering GNU?

modify it as you wish, put it on an EEPROM for your own use, and never distribute it. That's GNU too. -Scott PS: Bering being central to LEAF, I've restricted my cross posting to just the LEAF lists. --- This sf.net

Re: [leaf-user] Anybody know what happened to:

's routers. Or, possibly, these ICMP messages always come from a broadcast address, where the source IP is the address that's unreachable (eg, 80.135.217.223). I should Google for how these ICMP messages are put together, and update fwlog.pl accordingly. -Scott On Tue, 9 Jul 2002 [EM

Re: [leaf-user] Anybody know what happened to:

Michael: Heya. Sorry about that. Paraphrasing a famous beagle, a ScriptAlias bug in your httpd.conf always appears when you're in the shower on vacation. :) Service is up again. Sorry for the delays... -Scott PS: These are some strange logs you're seeing. :)

[leaf-user] Web server question

Is there a httpd package for bering? That is other than weblet. Just need something very simple. --- This sf.net email is sponsored by:ThinkGeek Caffeinated soap. No kidding. http://thinkgeek.com/sf --

Re: [leaf-user] Basic Port Forwarding How-To

TCP port 21 and 20 there after the "$IP_EXT" variable. Echowall also has a section on Passive-FTP of course. You'd likely want to start there. Good luck experimenting! -Scott > Heylo, I've asked this before, but it still doesn't work. > > I'm using the m

Re: [leaf-user] wondering how.....

Bering just uses the hard disk as a booting source. The actual OS is run in Ramdisk, meaning you share part of your system's memory as a "virtual disk". The 6MB refers to the size of your ramdisk. In syslinux.cfg after "initrd=initrd.lrp" add "syst_size=10M". 10M being 10MBytes is just what I h

[leaf-user] 3Com NICs

What driver or modules do I need for the new 3Com 3C905CX-TX-M nic card in my Dachstein LEAF firewall? Thanks Scott. ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Veg

[Fwd: Re: [leaf-user] 2 networks behind firewall]

with one routable IP, but I thought I'd use the 'hit it with a hammer until it works' approach. -Scott Charles Steinkuehler said: >> I'm doing something a little different this time. I have 1 routable >> IP > and >> 2 private networks which I want to ma

[leaf-user] 2 networks behind firewall

tcp_${DMZ_NET}_domain icmp_${DMZ_NET}_:" I can provide more of my config if needed. -Scott ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in

Re: [leaf-user] Bering-VPN-ipsec-x509 question

> As I thought, you have a clientCert.pem file with a zero byte count. Try > running the command: > > openssl ca -policy policy_anything -in clientReq.pem -days 1825 -out \ > clientCert.pem -notext > > again and send the output. There may be something wrong with the > documentation or something.

Re: [leaf-user] Bering-VPN-ipsec-x509 question

- Original Message - > Can you give us an 'ls -l' from your working directory? I get this > error when I have somehow gone through the proceeding steps and ended up > with an empty clientCert.pem (because of an error in a previous step). I > just went through the steps line by line and c

[leaf-user] Bering-VPN-ipsec-x509 question

ee times now. Did I miss something? Anyone else have problems with this? Thanks inadvance for any pointers Scott ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http:/

[leaf-user] OT: Origins of Bering and Dachstein names

Dach? I'm probably missing out on a principle of linguistics here. BTW, I've been successfully deploying dachstein toasters all around the US. I love it. -Scott ___ Don't miss the 2002 Sprint PCS Application Developer's

Re: [leaf-user] Help with LaBrea - is it working?

nes as possible will be greatly slowed down when it comes across you. Once you know which mode you want to implement, it should be pretty straightforward to configure the tool to do it. Just post your config file and we can work through it. cheers, Scott On Sun, 5 May 2002, Jabez McC

Re: [leaf-user] Help with LaBrea - is it working?

Jabez: Heya. As you probably know, that log looks like a CodeRed worm (an IIS web-server virus from early last year). It also looks like your firewall is simply blocking this packet before any other process can see it, including LaBrea. This seems to me a Good Thing. :) -Scott >

Re: [leaf-user] Dachstein /proc/pci missing

All three nic's are loaded by a single entry in /lib/modules "tulip" All three nic's are PCI. For the sake of $17, I'm just going to buy another SMC 1255TX nic. Just way too much head scratching. : ) David, thanks for the suggestions Scott - Original Message

Re: [leaf-user] Dachstein /proc/pci missing

c furthest from the io ports. Could this be an ordering issue inside the driver? the 10bT probably uses a earlier variation than the other two. Just in case it matters... Bering 1.0 rc2 2x SMC 1255TX (10/100) 1x D-Link 530 CT (10bT) has digital 21041-PB Motherboard ASUS TXP4, 32MB ram, P

Re: [leaf-user] Dachstein /proc/pci missing

Please ignore my last post. New question... I have 2x 10/100 tulip nics and one 10baseT nic. How do I assign what eth# to each nic. Currently eth0=10/100, eth1=10/100, eth2=10bT I need eth0=10bT(adsl), eth1=10/100(lan), eth2=10/100(dmz)? Thanks inadvance Scott

[leaf-user] Dachstein /proc/pci missing

Finally decided to try dach. Though when I try to find what irq's and io's the pci cards are using through /proc/pci. The pci file is missing. Whats going on, is this intentional? Dachstien 1.0.2 BTW for those bearing users where is pci-scan.o? its no longer kernel

Re: [Leaf-user] internal NAT question

sed by the kernel before it is forwarded along. cheers, Scott > I didn't realize that ipmasqadm portfw bypassed ipchains. Actually, I am > glad I know that now since I was thinking of using port forwarding for a > couple of servers, I will think twice now. > > Thanks, > &g

[Leaf-user] tulip module for SMC 1255TX

Has anyone compliled the tulip module that comes the SMC 1255TX Nic? or had problems getting it recognized? Tried Bearing/Old LRP2.9.8, oxygen next... Thanks Scott ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists

Re: [Leaf-user] VPN behind Dachstein

ACCEPT Note that there's no "1723" in there. :) Also, if you know your VPN partner very well, you can change that 0/0 to tighten things down a notch. Hope this helps! -Scott On Thu, 25 Apr 2002, Morgan Reed wrote: > Scott, > > A quick follow-up question

Re: [Leaf-user] help understanding ipchains output (newbie)

umber=13460 As you know, of course, you can ignore these DHCP replies that fill your firewall logs. I'll be adding your first two packets to the firewall packet interpreter at "www.echogent.com/cgi-bin/fwlog.pl". Thanks for t

Re: [Leaf-user] Can someone read this log, I think it was a DNSattack

'd be much more worried. If your LEAF box is not running a DNS server, can safely block without logging any TCP packets that arrive destined for your port 53. I think I'll add this to the upcoming update to echowall, akshally... cheers, Scott ---Original Message--- Apr 14 23:00:57 fi

RE: [Leaf-user] VPN behind Dachstein

A input -s 0/0 -d $IP_EXT/32 -p 47 -j ACCEPT $IPMASQADM portfw -a -P tcp -L $IP_EXT 1723 -R $PPTP_HOST 1723 ipfwd --masq $PPTP_HOST 47 & Hope this helps! -Scott On Fri, 12 Apr 2002, Dustin Reiner wrote: > Yes, I have allowed both port 47 and port 1723 with: > EXTERN_PROTO0=

Re: [Leaf-user] VPN behind Dachstein

Dustin: Heya. Just a quick check to see if you've told your firewall to allow those protocol=47 packets to come through. You got the TCP port=1723 ones for PPTP right, but there's two pieces to it. -Scott > Hello, > >I am attempting to replace a 2.9.4 based fire

Re: [Leaf-user] ISP DHCP server is on RFC1918 address

, I was on an AT&T@Home cable-modem system that used DHCP. cheers, Scott > I have a curious and annoying problem. I am on a cable modem system for > which the DHCP server apparently sits at a private IP address 10.0.48.1 > although the system address is 68.2.x.x . The annoyance is

Re: [Leaf-user] Celeron/Pentium vs Duron/Athlon

rket in two different manners (Intel wants to own the high-margin Performance Desktop segment, while AMD wants to own the high-volume Mainstream Desktop segment), so I'm not surprised that there's marketing and positioning. I'd greatly prefer the spend their moni

[Leaf-user] Booting via USB

;ll need a bootdisk to boot the USB. Am I close? Thanks for any info, Scott ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user

Re: [Leaf-user] http

n your LEAF box. But you can't use it to access, say, Amazon.com. :) I couldn't tell from your question which one you were considering... cheers, Scott > > This might seem like a silly question but, here it goes anyway. Is it > > possible to tunnel http through ssh

[Leaf-user] Implimenting a VPN

Looking for urls/docs for implimenting a ipsec vpn with a leaf (Oxygen) distro and windows 2000, 95, 98, XP and linux clients. Thanks in advance, Scott ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf

RE: [Leaf-user] vnc

even LoopbackOnly. And of course a LEAF firewall. :) cheers, Scott On Thu, 21 Mar 2002, Ray Olszewski wrote: > Thanks for posting a nice overview, Scott. Though I've used vnc a bit, I've > only used it on a small, safe LAN, so I haven't looked at the security > issue

RE: [Leaf-user] vnc

opinion; I'm just one for keeping the baby after the bath. :) cheers, Scott > "Henning, Brian" <[EMAIL PROTECTED]> wrote: > > My disclaimer: I have not done this but I can give you some tips. I am > concerned about the current security of your vnc configuratio

Re: [Leaf-user] Can I stop logging by port?

efault rule to block RFC-1918 private IP's like 10.x.y.z or 192.168.x.y. Hope this helps! cheers, Scott > My wife is behind a double NAT setup at school. > Her provider givers her an 10.100.x.x IP address, which, of course makes > Eigerstein ipchains default rules unhappy.

Re: [Leaf-user] DNScache and hosts config question

winnt.private.network winnt I can see my WinNT Box (at .2) query the DS box for a reverse-lookup (PTR?) for 1.123.168.192, and I cannot see that the DH box replying with "pc.private.network". Hope this helps clarify. -Scott On Sat, 9 Mar 2002, Michael D. Schleif wrote: &g

[Leaf-user] DNScache and hosts config question

ork domain? Thanks in advance for any leads. cheers, Scott ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user

Re: [Leaf-user] Dachstein migration successful!

Boyd: As Charles says, the docs on www.phoneboy.com/faq/0372.html suggest this is a lot like an IPSec connection. You may want to have a look at echoWall again, though: it supports both FW1 and IPSEC. You can enable or disable either of them, see what works. -Scott > > One guy

Re: [Leaf-user] forwarding Protocal 47(gre) on Eigerstein LRP

ething in the script? Ah, interesting. My grep'ing might need a -i'ing... >And last, but not least, a small feature request: The ability to > portforward my SSH_CUSTOM to the port of my choice on the internal comp. > As is, you have it fixed to use the same port as you let in for this on > the firewall. I'd like to get going to the usual 22, so I don't > have to modify every instance of sshd I run. Ah, good idea. Thanks for all the good feedback. I'll be sure to clame version 1.4+x on you. :) -Scott ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user

  1   2   3   >