On Saturday, September 25, 1999 9:37 AM, Lourdes A Jones
[SMTP:[EMAIL PROTECTED]] wrote:
Lourdes:
...
> - FYI: you can skip this explanation -
> pppd 2.3.9+ were designed to support the new kernel 2.3.x setup which
> has
> been broken the ppp driver into two modules: ppp_generic and
> ppp_async.
>
> If you were using kernel 2.3.x you would need to add two aliases to
> conf.modules
> alias char-major-108 ppp_generic
> alias tty-ldisc-3 ppp_async
> and you'd need to use mknod to add /dev/ppp
>
> The message is generated in the code section that attempts to create
> /dev/ppp if it does not already exist (it's a safety check before
> opening
> the ppp device).
> -
Thank you for your explanation here, saved me some searching.
...
> There are lots of possible reasons for this. Some obvious questions:
> did
> you set up the NT box to use the linux box as it's default gateway,
> did you
> set up a DNS server entry on the NT box, did you enable forwarding on
> the
> linux machine?
You are quoting my message not the original, so you missed Bill's
signature. He's a Network Engineer so I supposed all that was taken
care.
...
> > I'll give you a hint but its no favor I'm making, you
> > _should_ read the
> > above mentioned for security reasons.
> >
> > Somewhere in your startup files (I use it before the network
> > is up) you
> > should run the following script:
> >
> > -cut here-
> > #!/bin/sh
> >
> > # Set the following line to your gateway device
> > # if different from ppp0.
> > #IF_OUT=ppp1
> >
> > ipchains -P forward REJECT
> > ipchains -A forward -i ${IF_OUT:="ppp0"} -j MASQ
> > -cut here-
>
> That's a security hole as written, anybody on the internet could
> forward
> through your machine and be masq'd to your address. Source and
> destination
> addresses default to anybody (0.0.0.0/0) if not specified. So even
> though
> you've set the policy to reject, you've opened access to the world by
> not
> limiting the source address range.
It was just an example to ilustrate the situation, I stress on reading
the HOWTO and man pages.
---
Lazarus Long
<[EMAIL PROTECTED]>
PGP:
<http://wwwkeys.pgp.net:11371/pks/lookup?op=index&search=0x5C1DC205>
ICQ#: 30062012
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
