I've built an LFS 6.3 system, it boots fine (with one oddity; see below), but am running into several issues that are preventing me from deploying it (it's destined to be a firewall/router).
1) I compiled framebuffer support into the kernel. When the system boots, about half the time the effect of the framebuffer is visible (i.e., the font is smaller/more characters are displayed per screen). But the other times it "stays" in the standard 80x25 format. 2) I have the system connected to my LAN via eth0 (on 192.168.1.x). When the system boots I have access to the LAN. But if I "cycle" the network: /etc/rc.d/init.d/network stop /etc/rc.d/init.d/network start The connectivity disappears; I can't reach the LAN. Rebooting the system solves the problem...but it's annoying to have to do that. Here's what the ipv4 file looks like: ONBOOT=yes SERVICE=ipv4-static IP=192.168.1.101 PREFIX=24 BROADCAST=192.168.1.255 GATEWAY=192.168.1.100 The GATEWAY machine is another LFS box (several years old) that is my current firewall/router. 3) I've installed tcp wrappers, xinetd, sshd and telnetd. The servers run fine, but I can't access them from other machines on my LAN (even when the new LFS box can access the LAN itself). I bet I've messed something up with tcp wrappers, but I'm not that familiar with it so I'm not sure how to go about resolving the problem. Running nmap on the new system from the old server shows this: -------------- Starting Nmap 4.03 ( http://www.insecure.org/nmap/ ) at 2008-02-12 07:37 PST Interesting ports on wiggle_butt.arcabama.com (192.168.1.101): (The 1667 ports scanned but not shown below are in state: closed) PORT STATE SERVICE VERSION 22/tcp open tcpwrapped 80/tcp open http Apache httpd 2.2.2 ((Unix) mod_ssl/2.2.2 OpenSSL/0.9.8d DAV/2) 110/tcp open pop3? 139/tcp open netbios-ssn Samba smbd 3.X (workgroup: ARCABAMA) 445/tcp open netbios-ssn Samba smbd 3.X (workgroup: ARCABAMA) 873/tcp open rsync (protocol version 29) 3306/tcp open mysql MySQL (unauthorized) MAC Address: 00:1D:60:C9:4A:2E (Unknown) No exact OS matches for host (If you know what OS is running on it, see http://www.insecure.org/cgi-bin/nmap-submit.cgi). TCP/IP fingerprint: SInfo(V=4.03%P=i686-pc-linux-gnu%D=2/12%Tm=47B1BDA3%O=22%C=1%M=001D60) TSeq(Class=TR%IPID=Z) T1(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW) T2(Resp=N) T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW) T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=) T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=) T6(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=) T7(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=) PU(Resp=Y%DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E ) Nmap finished: 1 IP address (1 host up) scanned in 113.660 seconds -------------- In running nmap this morning I noticed that it took much longer to complete than last night, and that this time it couldn't identify the OS. Previously it caught it as linux. I'm not sure what, if anything, that means. Here are the contents of various files that I think play a role in this access problem: hosts 127.0.0.1 localhost 192.168.1.101 wiggle_butt.arcabama.com wiggle_butt 68.183.225.202 alien.arcabama.com alien hosts.allow ALL: LOCAL, 192.168.1.3, 192.168.1.100, 192.168.1., .arcabama.com sshd: LOCAL, 192.168.1.3, 192.168.1.100, 127.0.0.1 hosts.deny ALL:ALL /etc/xinetd.conf defaults { Instances = 60 log_type = SYSLOG daemon log_on_success = HOST PID USERID log_on_failure = HOST USERID only_from = localhost 192.168.1.0/24 cps = 25 30 } Includedir /etc/xinetd.d /etc/xinetd.d/telnet service telnet { port = 23 socket_type = stream wait = no user = root server = /usr/sbin/tcpd server_args = telnetd bind = 127.0.0.1 log_on_failure += USERID } service ssh { port = 22 socket_type = stream wait = no user = root server = /usr/sbin/tcpd server_args = sshd bind = 127.0.0.1 log_on_failure += USERID } - Mark __________ Information from ESET NOD32 Antivirus, version of virus signature database 2868 (20080212) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com -- http://linuxfromscratch.org/mailman/listinfo/lfs-support FAQ: http://www.linuxfromscratch.org/lfs/faq.html Unsubscribe: See the above information page
