Linux-Development-Sys Digest #291, Volume #6 Sat, 16 Jan 99 22:14:22 EST
Contents:
Re: Why I'm dumping Linux, going back to Windblows (Leslie Mikesell)
Re: disheartened gnome developer ([EMAIL PROTECTED])
Re: How do you make ld output pure binary? (Forrest Trimbell)
Re: virtualizing i386-linux (M Sweger)
Re: disheartened gnome developer (Christopher B. Browne)
Screaming sound chip after resume - Sony laptop (Edward A. Falk)
Re: Making reliable profilings under linux !!!! (fwd) (Nitin Malik)
Re: disheartened gnome developer (steve mcadams)
Re: ppp-compress-xx problem in 2.2.0-pre4 (Paul Flinders)
Re: linux vs freebsd (Juergen Heinzl)
Re: disheartened gnome developer (Navindra Umanee)
Re: Making reliable profilings under linux !!!! (James Youngman)
Re: 2.2.0pre7 problem with can't find map file (Frank Hale)
Re: Newbie needs help =)! (Alastair)
Re: virtualizing i386-linux (Emile van Bergen)
Re: virtualizing i386-linux (Emile van Bergen)
Re: IPMasquerading / SSH (mumford)
Re: IPMasquerading / SSH (mumford)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Leslie Mikesell)
Crossposted-To: alt.os.linux,comp.os.linux.development.apps,comp.os.linux.setup
Subject: Re: Why I'm dumping Linux, going back to Windblows
Date: 15 Jan 1999 12:10:32 -0600
In article <[EMAIL PROTECTED]>, Stuart Harris <[EMAIL PROTECTED]> wrote:
>> I only have five days experience with Linux (RH 5.1), and so far it
>> has not been fun! It has been a tough time getting the info that I'm
>> looking for, since I don't even know what I don't know (I see all
>> these posts about recompiling the kernel and I am about freaking!). A
>> graphical interface for finding files, getting help, might seem
>> unimportant to you,
>
>type the following as root..
>
>pico /bin/findfile
>
>paste this into the window pico is in!
>
>#!/bin/bash
>
>if [ $0 == "" ];
>then
> echo "usage: $0 filename"
>else
>find / -name "$1" -print
>fi
>
>then CTRL + X save it.. bla bla
>
>then type chmod u+rwx,go+rx-w /bin/findfile
>(your easy way to find a file..)
Note that this is the slow, brute force way, and if your Linux
distribution includes locate and the cron job to run it
automatically, 'locate filename' will give you an instant list
as of the last time the 'updatedb' program was run. You might
still need find for new files or some of the other options
but it is hard to live without locate if you have many files
on your system.
Les Mikesell
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.advocacy,comp.os.linux.development.apps,comp.os.linux.x
Subject: Re: disheartened gnome developer
Date: Fri, 15 Jan 1999 17:20:47 GMT
In article <77ma2l$usm$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> On Thu, 14 Jan 1999 18:18:12 GMT, Perry Pip <[EMAIL PROTECTED]> wrote:
> >On Mon, 11 Jan 1999 16:47:37 GMT, [EMAIL PROTECTED] <[EMAIL PROTECTED]>
wrote:
> >>And how is that related to whatever I said? I was just noting that
> >>there is really very little interest on coding in C instead of C++.
> >
> >Oh. Really? How does the fact that no one wants to use a C "extension" to
> >a C++ toolkit indicate that there is very little interest on coding in C
> >instead of C++. Did it ever occur to you that people who want to program
> >in C are busy coding away in native C toolkits, i.e GTK+??
[Snip some reasonable reasons to not use Qt from C]
1) Don't all these arguments apply equally well to any language binding?
2) Wouldn't those who would be discouraged by the poor Qt C binding first
have to download it? I mean, I will even say that it is not really a
good one, but as I said, people wouldn't even download it to see if
it sucks. At least I would do it like that.
--
Roberto Alsina (KDE developer, MFCH)
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Forrest Trimbell)
Subject: Re: How do you make ld output pure binary?
Date: 15 Jan 1999 12:12:41 -0700
Greg Law <[EMAIL PROTECTED]> writes:
>I have 2 ELF files - one created by NASM and one by GCC. I want to link
>them together (which is OK), but not so that they'll run under Linux,
>rather so I get a /pure/ binary - no libraries, no symbols, just code
>and a little data. I can't for the life of me figure out how to do this
>using ld under Linux - please help!
>Thanks in advance,
>Greg.
Take a look at the man page for objcopy. objcopy can take an input file
of one type like elf, and write it back out as another (S records, Bin,
... ) I think that there is also another important program that goes
along with this for this sort of thing, but I can't remember what it is
right now. :(
I haven't actually used it very much myself, so I might be wrong.
--Forrest
--
Forrest S. Trimbell
[EMAIL PROTECTED]
[EMAIL PROTECTED]
Finger [EMAIL PROTECTED] for PGP public key
------------------------------
From: [EMAIL PROTECTED] (M Sweger)
Subject: Re: virtualizing i386-linux
Date: 15 Jan 1999 19:10:52 GMT
Reply-To: [EMAIL PROTECTED]
Christopher B. Browne ([EMAIL PROTECTED]) wrote:
: On 14 Jan 1999 12:57:00 GMT, M Sweger <[EMAIL PROTECTED]> posted:
: >M Sweger ([EMAIL PROTECTED]) wrote:
: >
: Parallelize via turning everything into a separate CORBA object.
: Upside: Certainly an interesting idea. Parallelism comes "for free" (as
: always, with the cost of having to partition the application).
: Downside: While this approach doesn't mandate pushing the ORB into the
: kernel, an equivalent thing happens as the ORB is treated by its
: applications as if it were an "OS kernel."
Essentially that is what I'm saying; the Corba ORB is the kernel
since it already has parallelism (as you say) or tasking via objects,
communications protocol, hardware services and sheduling via it's time
service.
Somebody a while ago told me about the "Spring" project from SUN
which tried something like this.
There is also a relatime ORB being written by a University in Washington
state. I believe it may be called TAOS.
Thus, two objects instantiated off the ORB would be,
First object is Unix
2nd object is Unix experimental
3rd object is Windows NT. Essentially, Windows NT is wrapped in an
IDL wrapper and treated similar to what you would do to
wrap a program written in different native programming
lanaguages such as C , Java and Fortran etc. etc.
--
Mike,
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Christopher B. Browne)
Crossposted-To: comp.os.linux.advocacy,comp.os.linux.development.apps,comp.os.linux.x
Subject: Re: disheartened gnome developer
Reply-To: [EMAIL PROTECTED]
Date: Sat, 16 Jan 1999 23:30:34 GMT
On Sat, 16 Jan 1999 17:53:13 GMT, Perry Pip <[EMAIL PROTECTED]>
posted:
>On 16 Jan 1999 01:12:24 -0800, [EMAIL PROTECTED]
><[EMAIL PROTECTED]> wrote:
>>
>>is GTK API more suited for C++ while Qt for C?
>>
>>offcourse OO is more powerfull !
>
>GTK is OO !!
*True* OO can't be accomplished without dynamic binding and GC,
which mandates Smalltalk.
[With only half a smiley...]
--
Those who do not understand Unix are condemned to reinvent it, poorly.
-- Henry Spencer <http://www.hex.net/~cbbrowne/lsf.html>
[EMAIL PROTECTED] - "What have you contributed to Linux today?..."
------------------------------
From: [EMAIL PROTECTED] (Edward A. Falk)
Crossposted-To: comp.os.linux.portables
Subject: Screaming sound chip after resume - Sony laptop
Date: 16 Jan 1999 14:44:44 -0800
Hi all; I find that my Sony Vaio 707 sometimes wakes up from a
system suspend with the sound chip squealing out of control. If
I had to make a wild-ass guess, I'd say that a wave table was
running crazy through random memory. Rebooting fixes the problem.
Three questions:
1) anybody else see this problem?
2) anybody know a way to prevent it?
3) is there some sort of software that will
reset the sound chip?
ADVthanxANCE,
--
-ed falk, [EMAIL PROTECTED] *********************#*********
Visit http://www.rahul.net/falk/whatToDo.html ****#*#**************F******!**
and read 12 Simple Things You Can Do ****!*!!**********!************
to Save the Internet ***************#****#******#**
------------------------------
Date: Sat, 16 Jan 1999 17:57:36 -0500
From: Nitin Malik <[EMAIL PROTECTED]>
Subject: Re: Making reliable profilings under linux !!!! (fwd)
i need the time count for kernel routines in the net directory... i am
trying to get an estimate on the s/w overheads...
First i thought of using "jiffies" or "xtime" but they r updated every
10ms... not good... i thought of inserting do_gettimeofday() calls in the
functions, but that lead to several overheads...
is there any nanosec timer? do_gettimeofday() gives microsec resolution...
nitin
------------------------------
From: [EMAIL PROTECTED] (steve mcadams)
Crossposted-To: comp.os.linux.advocacy,comp.os.linux.development.apps,comp.os.linux.x
Subject: Re: disheartened gnome developer
Date: Fri, 15 Jan 1999 22:03:40 GMT
[Snipped for brevity, quoted material marked with ">"]
On Fri, 15 Jan 1999 19:22:10 GMT, [EMAIL PROTECTED] (Perry Pip)
wrote:
>If you are unsure of the terms you can always email them and ask before
>using the Qt lib. I am sure they will reply.
That's my point; if it's unclear enough that I need to ask them what
it means, it's unclear enough to be problematic in court. I have no
strong feelings about TT one way or the other, but I'd hate to see
them screw themselves and not realize it until it's too late.
>The patch clause in the QPL
>specifically allows TT to use the patches of others in their commercial
>version. GPL would not allow that. And that specifically is one thing I
>don't like about QPL. They intend to use the free contributions of others
>in their commercial product.
As long as the contributing others know in advance and don't have a
problem with this, then there shouldn't be a problem, should there?
Especially since their free contributions are helping to advance free
software by helping TT stay in business, eat, etc.
This is something I've pondered myself and haven't found a really good
answer to. If I sell proprietary licenses to use my GPL'ed code in
closed-source products, I would certainly like to keep the free vs
proprietary codebase identical. But it looks like there are two
choices on this, (a) let the codebases diverge in which case
open-source developers suspect the proprietary codebase has goodies
the GPL codebase doesn't, or (b) becoming a book-keeper and evaluating
contributions to figure out what everybody's share is.
If you have a good answer I'd love to hear it. I only know of 3
consistent answers and don't like any of them a whole lot, (1) keep
the code proprietary, (2) make it GPL and don't accept contributions,
(3) make it GPL and don't sell proprietary licenses. As I've said
before, I think it's silly not to sell proprietary licenses and let
closed-source software developers help pay for open-source
development. Unless I think of something better I expect my approach
will be to say that if someone wants to contribute but doesn't want
their contributions included in the code licensed on proprietary
terms, they need to keep their contributions to themselves because I
don't have time to track who did what. Which seems very
fork-encouraging. Like I said, I don't know of a good answer to this.
-steve
========================================================
Tools for programmers: http://www.codetools.com/showcase
------------------------------
From: Paul Flinders <[EMAIL PROTECTED]>
Subject: Re: ppp-compress-xx problem in 2.2.0-pre4
Date: Fri, 15 Jan 1999 22:05:01 GMT
Steven Hand <[EMAIL PROTECTED]> writes:
> David Ronis <[EMAIL PROTECTED]> writes:
>
> > I've just finished installing 2.2.0-pre4 on an i486. It runs, however
> > I've been getting the following error(?) reported in my messages file:
> >
> > modprobe: can't locate module ppp-compress-21
> > modprobe: can't locate module ppp-compress-26
> > modprobe: can't locate module ppp-compress-24
>
> You need to add the following lines to /etc/conf.modules (or /etc/modules.conf)
>
> alias ppp-compress-21 bsd_comp
> alias ppp-compress-24 ppp_deflate
> alias ppp-compress-26 ppp_deflate
>
> HTH,
>
> S.
PPP looks for a module called ppp-compress<CCP Option>, 24 is MVRCA
(Magnalink) - described briefly in RFC1975 so it should probably be
alias ppp-compress-24 off
The full list of ccp options is
0 OUI [RFC1962]
1 Predictor type 1 [RFC1962]
2 Predictor type 2 [RFC1962]
3 Puddle Jumper [RFC1962]
4-15 unassigned
16 Hewlett-Packard PPC [RFC1962]
17 Stac Electronics LZS [RFC1974]
18 Microsoft PPC [RFC2118]
19 Gandalf FZA [RFC1962]
20 V.42bis compression [RFC1962]
21 BSD Compress [RFC1977]
22 unassigned
23 LZS-DCP [RFC1967]
24 MVRCA (Magnalink) [RFC1975]
25 DCE [RFC1976]
26 Deflate [RFC1979]
27-254 unassigned
255 Reserved [RFC1962]
See ftp://ftp.isi.edu/in-notes/iana/assignments/ppp-numbers
------------------------------
From: [EMAIL PROTECTED] (Juergen Heinzl)
Subject: Re: linux vs freebsd
Date: Fri, 15 Jan 1999 22:31:58 GMT
In article <[EMAIL PROTECTED]>, Nathan Shirey wrote:
>What are the advantages of Linux vs. FreeBSD? Or vice versa? I was
>running slackware, but then I lost my lilo boot and decided that to
>install FreeBSD, now with FreeBSD I'm having some network problems
>(namely it's pinging somebody for a reason I don't know, so I can't use
ping must be owner root and setuid and the rest I shall leave to the
others. I just love Unix and for FreeBSD specific question try their
group. The girls and guys there are for sure willing to help.
Bye, Juergen
--
\ Real name : J�rgen Heinzl \ no flames /
\ EMail Private : [EMAIL PROTECTED] \ send money instead /
\ Phone Private : +44 181-332 0750 \ /
------------------------------
From: Navindra Umanee <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.advocacy,comp.os.linux.development.apps,comp.os.linux.x
Subject: Re: disheartened gnome developer
Date: 17 Jan 1999 01:17:07 GMT
[Followups set]
"Bob Taylor" <[EMAIL PROTECTED]> wrote:
>> Yep. Take a BSD program, add one line of GPL'ed code and the
>> resultant derived work must be GPL'ed. Of course, the FSF realised
>> the problem and compromised by releasing the LGPL. And even the LGPL
>> has a backdoor in it to make it compatible with the GPL.
>
> How, by *any* stretch of the imagination, can adding *one* line of
> GPL'd code to a non-GPL'd program make the result a *derivative* of
> the one line added? This is insanity (could also be called theft)!
The GPL demands that the derived work be covered by the GPL, otherwise
you simply can't use the code[1]. The BSD license does not prevent
this kind of assimilation, as far as I know. I agree it is insane.
-N.
[1] Some people even consider GPL'ed code unusable right around here.
--
"These download files are in Microsoft Word 6.0 format. After unzipping,
these files can be viewed in any text editor, including all versions of
Microsoft Word, WordPad, and Microsoft Word Viewer." [Microsoft website]
< http://www.cs.mcgill.ca/~navindra/editors/ >
------------------------------
From: James Youngman <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.apps,comp.os.linux.misc
Subject: Re: Making reliable profilings under linux !!!!
Date: 15 Jan 1999 23:06:37 +0000
"Pedro Ribeiro" <[EMAIL PROTECTED]> writes:
> 'm trying to profile a program under linux but, because all of my functions
> executes in less that 10ms, gprof tell 0.0 to all function avg execution
> times ... leaving-me with just a function execution count which isn't much
> usefull without the times ...
>
> How can i obtain more precise times ??
Make the program run for longer, perhaps by putting a loop in main().
--
ACTUALLY reachable as @free-lunch.demon.(whitehouse)co.uk:james+usenet
------------------------------
From: Frank Hale <[EMAIL PROTECTED]>
Subject: Re: 2.2.0pre7 problem with can't find map file
Date: 17 Jan 1999 00:17:12 GMT
Chris Vine wrote:
> You need to update klogd. I got the source rpm for sysklogd-1.3.28-1
> from contrib.redhat.com and compiled it myself (although you need to
> compile it under linux-2.0.* headers), but presumably the binary rpms
> also work.
>
> You then just put the system map file in the /boot directory as (eg)
> /boot/System.map-2.2.0-pre7, and the new klogd will find it (in other
> words, don't symlink it).
>
> Chris.
>
> --
> If replying by e-mail, remove the --nospam--
Yes that was the problem I had the wrong version on here 1.3.27 which I
got from rawhide.redhat.com I think they need to sync there directories
since rawhide is supposed to be the latest and greatest, I owe you a
virtual beer. Thanx alot. I downloaded the binary and it works only
catch is you still need to supply the symlink or it will still complain
it can't find map file.
ln -s System.map-2.2.0pre7 System.map
Thanx!!!
--
From: Frank Hale
Email: [EMAIL PROTECTED]
ICQ: 7205161
Homepage: http://members.xoom.com/frankhale/
Jade: http://jade.netpedia.net/
"Excuse my english I went to a US public school"
------------------------------
From: [EMAIL PROTECTED] (Alastair)
Subject: Re: Newbie needs help =)!
Date: Sat, 16 Jan 1999 01:01:40 GMT
Reply-To: [EMAIL PROTECTED]
JP <[EMAIL PROTECTED]> wrote:
>I just installed RedHat 5.2, and I cannot get X to work. It says it
>cannot support my video card. Is there some kind of driver I could
>download that would enable me to use my STB Velocity 4400 AGP? Also, is
>this the proper forum for me to ask this?
I don't think this is the correct place to ask. A newsgroup about X would be
better (strangely enough). Try ;
comp.os.linux.x
However, make sure you do yourself and others a favour - read the docs. In
particular, check the XFree docs and make sure the card is supported ;
http://www.xfree86.org
Dejanews is also a very good resource ;
http://www.dejanews.com/home_ps.shtml
HTH.
--
Alastair
work : [EMAIL PROTECTED]
home : [EMAIL PROTECTED]
------------------------------
From: Emile van Bergen <[EMAIL PROTECTED]>
Subject: Re: virtualizing i386-linux
Date: Sat, 16 Jan 1999 01:54:33 +0100
Marc SCHAEFER wrote:
>
> Ross Vandegrift <[EMAIL PROTECTED]> wrote:
> > explained in clear detail why this couldn't be done. I don't remember
> > exacty what, but it specifically had to do with one of the registers
>
> If I remember well, the condition for virtualization is that you
> can't see that you are being virtualized. For example, when
> running as supervisor (ie kernel) mode, when virtualized, you
> should be able to run any supervisor-mode instructions, but they
> should trap into the virtual machine handler. Also, if you look
> at the processor status register, this should also get trapped
> and you should be able to see a supervisor state even if
> you are really running supervised (user mode).
>
> At least this condition is badly implemented on the i386.
That's right, you can trap writes to control registers (as they are
privileged), but most reads are not. I don't see why Intel privileges
special register reads only in VM86 mode, not the plain user mode!
Nevertheless, the biggest problem is not cr0 or the idtr, but the
memory-management thingies like the the gdtr and pdbr. For example, your
VM has a code segment descriptor set up in the GDT, accessible using
selector 8. Now, this nice program likes to have its code segment in
selector 8 as well! What to do?
I can think of something... run the whole VM in one flat space (you just
need two descriptors), and don't use any segmentation in the VM. If the
VM client decides to load the gdtr, trap it and take the values it
provided, add 16 (size of two descriptors) to the client-provided limit
of the GDT, copy the client's GDT in your own space (2 descs bigger),
add your two VM flat descriptors at the end, load the gdtr to point at
the copied GDT, perform a long jump using the new code selector and
reload the other segment registers, and voila, the VM client has the GDT
it wishes.
But indeed, this doesn't solve read-virtualisation and paging... It
would be a royal pain to virtualise _that_!
However, my knowledge is limited to the 386... does anyone know about
later Intels / AMD's???
--
M.vr.gr. / Best regards,
Emile van Bergen (preferred e-mail address: [EMAIL PROTECTED])
This e-mail message is 100% electronically degradeable and produced
on a GNU/Linux system.
------------------------------
From: Emile van Bergen <[EMAIL PROTECTED]>
Subject: Re: virtualizing i386-linux
Date: Sat, 16 Jan 1999 02:26:15 +0100
Marc SCHAEFER wrote:
>
> If I remember well, the condition for virtualization is that you
> can't see that you are being virtualized. For example, when
> running as supervisor (ie kernel) mode, when virtualized, you
> should be able to run any supervisor-mode instructions, but they
> should trap into the virtual machine handler. Also, if you look
> at the processor status register, this should also get trapped
> and you should be able to see a supervisor state even if
> you are really running supervised (user mode).
>
> At least this condition is badly implemented on the i386.
But there's another possibility... if you let go the hope of running
Linux, FreeBSD and OS/2 next to each other. (On the same machine, that
is ;-)
The design I scetched in a previous post can illustrate this. To
summarize:
* The (Microkernel-based) OS uses only a small subset of the 386 (no
segmentation, two privilege levels, no software interrupts), only those
services that could (in theory) be provided by a user program running on
top of another OS, such as paged memory mapping, asynchronous traps.
* The Mk is divided into two parts; an upper part (presented to the
upper layers (user programs)) and a lower part, which requests services
from the layer below, such as 'map this page', 'give me that interrupt',
'I need those I/O ports', and the like, using a well-defined interface.
* The lower layer which fullfills these requests, can be one of many
possible types. One which delivers the services from plain bare
hardware, one which delivers them by running as an user-space program on
a traditional kernel, or (and here comes the nice part), one which is a
user program on this OS itself!
This means that you can't virtualise the 386 enough to run _any_ OS in
the VM, but you _can_ virtualise it enough to run an OS designed
specifically to this end, I suppose.
So this way, you have some MVS kind of setup: the OS can run as a 'user
space' program in the same OS; and apps won't know at what level of
virtualisation level they run. Even the Mk doesn't, as it doesn't know
what type of lower layer it talks to!
<DREAM MODE>
Some other nice feature I dreamed up for this:
* The Mk should be extremely small; do as much in user space as
possible. Now, how to address 'layering violations', such as
network-transparent message passing or swapping or...? Answer: there are
three system calls other than the sendmsg/receivemsg/createthread etc.
chorus: registermsgagent, registermonitor and registerswapper. This way,
an user app provides call backs to the Mk (but very few and very clean),
which will be called whenever the Mk cannot deliver a message locally,
faults in some way, or wants to swap, respectively. As these user space
(!) programs can send messages themselves (to a SCSI driver, for
instance), the Mk still doesn't need to know the first thing about SCSI,
or even a concept like a hard disk...!
</DREAM MODE>
Sheesh, this is a long post... hope I didn't bore the * out of you! ;-)
(Why am I rambling like this? Guess it must be late...)
--
M.vr.gr. / Best regards,
Emile van Bergen (preferred e-mail address: [EMAIL PROTECTED])
This e-mail message is 100% electronically degradeable and produced
on a GNU/Linux system.
------------------------------
From: [EMAIL PROTECTED] (mumford)
Subject: Re: IPMasquerading / SSH
Date: Sat, 16 Jan 1999 01:29:31 GMT
A while ago, Nelson Minar <[EMAIL PROTECTED]> begot:
>Greg Boehnlein <[EMAIL PROTECTED]> writes:
>>I've got this particularly annoying problem when SSHing out
>>through my 2.0.36 box w/ IP Masquerading. If I'm sitting behind the box
>>and connecting to an outside server, the SSH connection eventually goes
>>away. This only happens when I am idle for a period of time.
>
>IP masquerading in 2.0 will remove an entry after 15 minutes if it
>hasn't been used. So idle time kills the link.
>
>ssh uses keepalives to try to keep the connection live. Ironically,
>the keepalive threshold in Linux is also 15 minutes, and it's just not
>quite good enough. I submitted this as a bug to the masquerade people
>(suggesting they set the default timeout to a few minutes over the
>keepalive interval), but I never got any response.
>
>You can set the masquerade timeout to something higher with ipfwadm.
>I do this:
>
> # set the masq timeout to 20 minutes for TCP, 5 minutes for UDP
> $IPFWADM -M -s 1200 120 300
>
>In Linux 2.2, this is all different.
(equivalent linux2.2 command...)
# ipchains -M -S 1200 120 300
Yup, it's all different. :)
--
Glenn Lamb - [EMAIL PROTECTED] Finger for my PGP Key.
Email to me must have my address in either the To: or Cc: field. All other
mail will be bounced automatically as spam.
PGPprint = E3 0F DE CC 94 72 D1 1A 2D 2E A9 08 6B A0 CD 82
------------------------------
From: [EMAIL PROTECTED] (mumford)
Subject: Re: IPMasquerading / SSH
Date: Sat, 16 Jan 1999 01:27:55 GMT
A while ago, Daniel R. Grayson<[EMAIL PROTECTED]> begot:
>Greg Boehnlein <[EMAIL PROTECTED]> writes:
>
>> Hello all,
>> I've got this particularly annoying problem when SSHing out
>> through my 2.0.36 box w/ IP Masquerading. If I'm sitting behind the box
>> and connecting to an outside server, the SSH connection eventually goes
>> away. This only happens when I am idle for a period of time.
>> I'm running SSH 1.2.26-1us from ftp.replay.com.
>>
>> Any suggestions? It's a minor annoyance right now, but enough to piss me
>> off every couple of hours.
>
>This has nothing to do with ssh, but has to do with an time limit for
>automatic expiration of any masquerading connection imposed by the kernel.
>I'm using a 2.1 kernel, but it must be pretty similar, and I haven't figured
>out to increase the expiration time to anything other than the default 15
>minutes.
>
>In linux/include/net/ip_masq.h one sees this line
>
>#define MASQUERADE_EXPIRE_TCP 15*60*HZ
>
>which seems to set the expiration time to 15 seconds. But changing the
>number here doesn't help.
>
>In the documentation to ipchains (yes, used only with 2.1 kernels) one sees
>an option -S for setting these times to something else, but it doesn't work.
Perhaps a trip to ye ole' man pages are in order. The manpage for ipfwadm
clearly states that -s must be used with the -M option. The manpage for
ipchains similarly states that -S must be used with -M.
# ipfwadm -M -s 7200 0 0
changes the TCP timeout to 7200 seconds (2 hours), and doesn't touch the
TCPFIN and UDP timeouts. The equivalent IPCHAINS command is
# ipchains -M -S 7200 0 0
--
Glenn Lamb - [EMAIL PROTECTED] Finger for my PGP Key.
Email to me must have my address in either the To: or Cc: field. All other
mail will be bounced automatically as spam.
PGPprint = E3 0F DE CC 94 72 D1 1A 2D 2E A9 08 6B A0 CD 82
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.development.system) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Development-System Digest
******************************
