James G. Sack (jim) wrote:
Ralph Shumaker wrote:
James G. Sack (jim) wrote:
Ralph Shumaker wrote:
James G. Sack (jim) wrote:
nfs was not enabled. Stopped nfslock (which stopped rpc.statd). And
stopped rpcbind. Disabled them and saved.
I don't know if they are related, but rpcgssd is enabled and running, as
well as rpcidmapd.
I guess those are all related (because of the rpc prefix), and all
unnecessary in your setup.
I believe both of those are required by NFSv4. If you're not using v4 I
don't think you need them running.
.. udp 0.0.0.0:631 0.0.0.0:* 2563/cupsd
If you have a network-connected printer, then cupsd is most likely
essential, but if you have a direct-connect (eg, parallel, usb), then
I'm not sure whether it is still needed or not -- I suspect it might be,
though. Let us know what you find out. ;-) I would definitely not want
any firewall forwarding enabled on port 631!
How could I be certain. Test print before and after disabling?
Printing before, worked fine. Then I disabled. Tried to print. The
printer queue(sp?) showed the job, but didn't seem to want to print.
Right-clicking on the job had all options grayed out except for Cancel,
but selecting Cancel would not work until I started cupsd back up. So
it seems to be necessary.
So what should I do about port 631?
Google-poking shows some clue that it has to do with making (and/or
seeing?) announcements of printer availability on your local network.
Also that it seems to be controlled by
/etc/cups/cupsd
at the lines near
# Show shared printers on the local network.
You might experiment with these, because it seems you have no need for a
udp port being open on 631
http://localhost:631/ is the CUPS management page. This is a GUI within
which you can manage all CUPS printer tasks.
If the W.X.Y.Z are private IP addresses (eg, 192.168.1.xxx) handed out
by your household dhcp server (in your DSL modem), then there's no
damage by publishing those addresses. Those addresses can't identify you
-- in fact there are probably thousands (or more) who have the same
private IP address as you. Mine is 192.168.9.51 (because I customized my
gateway). The range 192.168.0.xxx and 192.168.1.xxx are very common
private addresses used in residential gateways.
You ofen see an 192,168.122.xxx IPs which is self-assigned by that
zeroconf stuff -- related to what is done by that avahi-daemon. I
believe you have to explicitly unconfigure something to get rid of that,
so I just try to ignore it.
Mine is 68.183.yyy.zzz which doesn't resemble yours. My hostname
currently is netblock-68-183-yyy-zzz, kinda like what Cox does IIRC.
Oh, that is not a private IP address, it is a public one (accessible
from the internet), so you are right to avoid plastering it all around.
It is visible in your email headers -- but there's not anything you can
do about that, I believe.
So your DSL modem is not doing any NAT.
==> Somebody else will have to explain what is going on. I'd like to
know more about it myself. Maybe that implies there is no
It depends on what DSL modem you have. Some have built-in firewall and
NAT capability, some just firewall, and some nothing. Since you didn't
say anything about a discrete hardware firewall, I assume you don't have
one between your DSL modem and your computer. If this is the case, and
you are not at least running a Iptables or similar, and your modem has
no firewalling capability, I strongly recommend you get one.
The DSL management interface may or may not be accessible, though.
Here's what I would try:
# ifconfig eth0:1 192.168.1.99
# ping 192.168.1.1
if ping works, point your browser at http://192.168.1.1, and poke around.
What the above is, is an ethernet "alias" which behaves like another
interface working through the same hardware and ethernet wiring.
It will go away on next boot, or if desired you can get rid of it by
# ifconfig eth0:1 0.0.0.0
Of course, if the modem(/firewall) is configured not to respond to a
ping, you'll get nuttin.
Per the manual for that modem: Presuming the IP range hasn't been
reconfigured, you probably have an addess 192.168.1.101 (or something
like that) and the gateway itself has IP 192.168.1.1. If you direct your
browser to http://192.168.1.1/ and give the default user/password of
admin/admin (presuming nobody ever changed the factory defaults), then
you should get into the management interface, where you can poke around
a bit.
AT&T's cheap Motorola modems have info printed on them and their
accompanying docs on how to get into and configure the modem. The IP
address those modems assign the connected PC (or router) is odd and
non-configurable unless you put the modem into Bridge mode.
3 minutes later, fireFox is still trying to load that address. There,
it finally timed out. No go.
That seems understandable, now that you have explained you do not have
an address on the 192.168.1.xxx net. The alias stuff above should make
it work -- if the modem is listening on the manual-reported IP.
Regards,
..jim
--
Best Regards,
~DJA.
--
KPLUG-List@kernel-panic.org
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
