> - ssl rule (your question)
> - Use of 'tap0' instead of 'sl0'
> - Module alias for net-pf-17 (alias net-pf-17 af_packet)
>
> Could you go over these things?
OK.
The error:
> diald[1328]: keepup parsing error. Got token 'tcp.ssl'. Not a known tcp
> service port. diald[1328]: parse string: 'tcp 120 tcp.dest=tcp.ssl'
Is caused because of the rules:
keepup tcp 120 tcp.dest=tcp.ssl
keepup tcp 120 tcp.source=tcp.ssl
The error occurr because the SSL port is declared with another name or not
declared at all in the file '/etc/services'. For instance, in my system it is
declared as 'https', so replacing ssl by https in the previous rules solves
the problem. Another solution is to modify /etc/services so 'ssl' is used.
- Use of tap0 instead of sl0
Historically 'diald' used 'sl0' as the default interface so when a packet
arrived at it, if it made it through the rules, it triggered the connection.
The implementation was based in SLIP.
>From diald 0.99.1 (may be even before), if the interface 'tapN' is available,
this interface is used instead of SLIP. To have 'tapN' interfaces you need a
kernel compiled with ETHERTAP (available in late 2.1.x and all 2.2.x kernels).
The best description of ETHERTAP is the one in the kernel sources
Configure.help file:
CONFIG_ETHERTAP
If you say Y here (and have said Y to "Kernel/User network link
driver", above) and create a character special file /dev/tap0 with
major number 36 and minor number 16 using mknod ("man mknod"), you
will be able to have a user space program read and write raw
Ethernet frames from/to that special file. tap0 can be configured
with ifconfig and route like any other Ethernet device but it is not
connected to any physical LAN; everything written by the user to
/dev/tap0 is treated by the kernel as if it had come in from a LAN
to the device tap0; everything the kernel wants to send out over the
device tap0 can instead be read by the user from /dev/tap0: the user
mode program replaces the LAN that would be attached to an ordinary
Ethernet device. Please read the file
Documentation/networking/ethertap.txt for more information.
If this driver is compiled as module you may have the errors (in the log):
modprobe: can't locate module tap0
modprobe: can't locate module tap1
modprobe: can't locate module tap2
modprobe: can't locate module tap3
...
This is solved by adding the following lines to your /etc/conf.modules (or
modules.conf):
alias tap0 ethertap
options tap0 -o tap0 unit=0
alias tap1 ethertap
options tap1 -o tap1 unit=1
alias tap2 ethertap
options tap2 -o tap2 unit=2
...
alias tap15 ethertap
options tap15 -o tap15 unit=15
You don't need to define all the 16 possible interfaces, normally you don't use
more than one, so defining 4 is enough.
- Module alias for net-pf-17 (alias net-pf-17 af_packet)
If you get the following errror in the log:
modprobe: can't locate module net-pf-17
then the problem is that the net protocol familiy 17 (PACKET) has been compiled
as module but the kernel doesn't know which module. Adding the following line
to /etc/conf.modules solves the problem:
alias net-pf-17 af_packet (kernel 2.2.*)
or
alias net-pf-17 packet (kernel 2.1.*)
I believe the name changed because in 2.2 there is a IrDA driver (infra red
communication) that also implements the PACKET family (ir_packet?).
--
Carlos
[EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
