Linux-Networking Digest #686, Volume #9 Sun, 27 Dec 98 08:13:29 EST
Contents:
NetGear config problem (GenaBlu)
Networking Linux and Windows (Todd Smith)
Driver for ACCTON Pnp MPX2 ISA (EN 1660) ("Patrick LE QUERE")
Re: free X server on Windows 95 ("Pules")
multiple ethernet card on Sparc with Linux ("Dr. Mahendra Kumar Modi")
How do you do multiple ISPs through PPP. (David Albrecht)
sendmail (Haaino Beljaars)
secure connection to remote web server (Kevin Swope)
Re: Connecting to the @Home network/General network configuration ("Stephen Hladek")
Calling On ipfwadm Gurus! :) (Ki-Won Lee)
Re: Utility to log foreign ip address' ("Dennis M. Gray")
Re: Samba appears not to be listening
Re: Networking Linux and Windows ("Steve Blair")
Re: firewall tool for linux? (James Ho)
Re: Setting up SendMail for Lan at home (Michael Powe)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (GenaBlu)
Subject: NetGear config problem
Date: 27 Dec 1998 08:06:07 GMT
Hello!
I just installed Linux RedHat 5.1 in a new server (AMD K6/350 MHz/8.2 GB HD/64
MB RAM). The configuration went very smoothly until I rebooted. I have an
Ethernet NetGear adapter. I chose the 'tulip' chip set for compatibility, same
as my other Linux boxes. The IP configuration parameters are accurate. Every
time I boot, and every few seconds afterward I get the message:
eth0: transmit timed out, status 06061000, CSR12 00000035, resetting...
I obviously can't ping this server nor connect from it to the rest of my net.
Please help?
Thanks!
G.
------------------------------
Date: Sun, 27 Dec 1998 01:54:19 -0600
From: Todd Smith <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux
Subject: Networking Linux and Windows
I have a windows95 machine and a linux machine. I also have a 2 3com
10baseT ethernet cards and a hub. I need help getting linux set up to
use the hub and to be seen on the network by my windows machine. I would
also like my windows machine to dial up to the internet and have linux
get access to the net from across the network. Thanks for any help
--
_______________
Todd Smith
Perl Programmer
ITC^Deltacom
------------------------------
From: "Patrick LE QUERE" <[EMAIL PROTECTED]>
Subject: Driver for ACCTON Pnp MPX2 ISA (EN 1660)
Date: Sat, 26 Dec 1998 23:41:52 +0100
I have bought an ACCTON ISA MPX2 Ethernet card and can't make it work with
RedHat Linux 5.1.
Windows 98 reports :
ACCTON EN 1660
IRQ 3
IO 0220-023F
It seems that this card is a NE2000 clone. At least, the ACCTON _PCI_ MPX
works quite well on my linux box with the NE2000 driver.
I have compiled my kernel with NE2000 support for ISA cards, but no message
is displayed during the boot phase, except that initialization of eth0 is
"delayed"...
Adding a parameter such as ether=3,0,3,0,eth0 to lilo, or giving to
Linuxconf the IRQ and IO addresses of the card do not change anything. The
network is still unreachable.
Does anyone knows if this card is really supported by RH 5.1, or could give
me a tip to make it work ?
Thanks !
Patrick LE QUERE
Email : [EMAIL PROTECTED] (please remove nospam to answer)
Web : http://home.worldnet.fr/dlequere
------------------------------
From: "Pules" <[EMAIL PROTECTED]>
Subject: Re: free X server on Windows 95
Date: Sun, 27 Dec 1998 10:52:36 -0800
X-win Pro works nicely. no shit with missing fonts etc.
Also. it doesn't hide your desktop behind a big fat blue screen, but opens
x-terms or even netscapes (nonsense, of course, but nice to try) as windows,
so you can browse a man page with internet exploder and work in x at the
same time.
Unfortunately, it only works for half an hour at a time as it is shareware.
You can start it up again, though.
(If anyone cares to share a key ;) )
------------------------------
From: "Dr. Mahendra Kumar Modi" <[EMAIL PROTECTED]>
Subject: multiple ethernet card on Sparc with Linux
Date: Sat, 26 Dec 1998 15:17:23 +0530
I have a Sun SparcServer 20 with two ethernet interfaces on which I have
loaded Redhat Linux 5.1. One of the interface is onboard and the other on a
SBUS combo SCSI+ethernet card. However, I am unable to detect the second
interface from Linux, though it is being tested OK from the NVRAM.
It seems the 1st interface is at
iommu@f,e0000000/sbus@f,e0001000/lebuffer@3,40000/le@3,60000
and the second one is at
iommu@f,e0000000/sbus@f,e0001000/ledma@f,400010/le@f,C00000
The problem is I do not know the convention of writing the names of ethernet
cards for SUN in the "conf.modules" files, and RedHat support was of no
help.
Any pointers will be extremely helpful.
M K Modi
[EMAIL PROTECTED]
------------------------------
From: David Albrecht <[EMAIL PROTECTED]>
Subject: How do you do multiple ISPs through PPP.
Date: Sun, 27 Dec 1998 02:08:02 -0800
I have a ppp dial in to work and a ppp dial in to my ISP. For each
I want different domains to be searched and different name servers.
I can't put all the name servers in because the total is 5 while
resolv.conf supports only three. In any case if I put three of
the name servers in and add all the domains I want to search as if
local when connected to both places then the performance sucks.
What I really want is for the ppp connection to add the name
servers and search domains when connecting and remove them
when disconnecting. Wandering through the various guides hasn't
really informed me what the right way to do this is.
Before I upgraded the linux I use I actually had
a script that linked to a different version of resolv.conf before
invoking pppd. The latest resolver, however, doesn't seem to
check that resolv.conf has changed and re-init anymore so this
no longer works.
Thanks for any help.
Dave
------------------------------
From: Haaino Beljaars <[EMAIL PROTECTED]>
Subject: sendmail
Date: Sun, 27 Dec 1998 10:06:05 GMT
Hi,
Soon I have my own domainname. So, I also want to receive e-mail there
ofcourse. What should I do, besides starting sendmail, to receive e-mail
messages on my RH 5.2 machine?
Greetings from Haaino Beljaars
E-Mail: [EMAIL PROTECTED]
Home Page: HTTP://www.phys.uu.nl/~beljaars/
------------------------------
From: Kevin Swope <[EMAIL PROTECTED]>
Subject: secure connection to remote web server
Date: Sun, 27 Dec 1998 07:37:13 GMT
I need some advice in securely
networking two linux machines together.
I believe I have many options but I don't
know which combination to use.
I'm going to co-locate a machine at
a local isp. It will only be receiveing
and sending mail and will also be a
web host.
There will be NO POP accounts.
I need to tighten up the security on
that machine as much as possible while
still letting only me telnet/ftp to it
from home. (and maybe from a few other hosts
as well if possible)
Since there are no firewalls involved
I don't think I can consider a VPN solution.
I can either connect to this remote
machine over a phone line or over the
internet using a cable modem.
is there some combination
of these elements: (mostly regurgitation)
dial-up
dial-up call back
tcp wrappers
ssh
VPN
enskip
cable modem (dhcp only)
secureID? (if its cheap!)
etc.
that will work like a charm to make
attacking my co-location machine
from the internet to gain control
a lost cause?
of course I then have to secure my home machine.
Here's a diagram for your viewing pleasure.
home remote
linux linux
cable modem at isp
xxxxxxxx (PPP or internet) xxxxxxxx <---mail--->
x x----------------------x x <---http--->
xxxxxxxx (ftp/telnet) xxxxxxxx
Thanks
------------------------------
From: "Stephen Hladek" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.help
Subject: Re: Connecting to the @Home network/General network configuration
Date: Sun, 27 Dec 1998 10:27:24 GMT
Ifconfig returns the following:
lo Link encap:Local Loopback
inet addr:127.0.0.1 Bcast : 127.255.255.255 Mask: 255.0.0.0
UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
RX Packets:25 errors: 0 dropped:0 overruns:0 frame:0
TX packets:25 errors:0 dropped:0 overruns:0 carrier: 0 collisions:0
eth0 Link encap:Ethernet HWAddr FF:FF:FF:FF:FF:FF
inet addr:24.3.137.85 Bcast:24.3.137.255 Mask: 255.255.255.0
UP BROADCAST RUNNINH MULTICAST MTU:1500 Metric:1
RX Packets: 0 errors:0 dropped:0 overruns:3825 frame:0
TX packets:15345 errors:0 dropped:0 overruns:0 carrier:11475
collisions:3825
Interrupt:10 Base address:0xb800
When I ping the gateway... it stalls.. until I have to press ctrl-c to exit.
Thanks once again!
Boris Statnikov wrote in message <[EMAIL PROTECTED]>...
>You are right, my advice doesn't apply. What exactly happens when you ping
>the gateway?
>I assume your interface is active... What does ifconfig return?
>
>I.e. mine returns
>
>lo Link encap:Local Loopback
> inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
> UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
> RX packets:24 errors:0 dropped:0 overruns:0
> TX packets:24 errors:0 dropped:0 overruns:0
>
>eth0 Link encap:Ethernet HWaddr 00:C0:DF:44:DE:62
> inet addr:24.3.42.203 Bcast:24.3.42.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:19077 errors:0 dropped:34 overruns:0
> TX packets:11636 errors:0 dropped:0 overruns:0
> Interrupt:10 Base address:0x300
>
>I'm not a guru, but I think I can help you with setting up one computer if
you
>give me enough information. After all, mine is a single Red Hat 5.1 on
@Home.
>
>By the way, do you plan to set up ip masquerading? That's my next
objective,
>after I get my cdrom working . This is my problem with cdrom - any advice?
>
>mount -o ro -t iso9660 /dev/cdrom /mnt/cdrom
>mount: the kernel does not recognize /dev/cdrom as a block device
> (maybe `insmod driver'?)
>
>insmod isofs did not help.
>
>Boris
>
>
>Stephen Hladek wrote:
>
>> I don't really think this applies in this case... It's the same card I
use
>> for win 98 on the same machine... wouldn't that be the same hardware?
>>
>> Boris Statnikov wrote in message <[EMAIL PROTECTED]>...
>> >I hate to go for the obvious, but it has stomped me for a day:
>> >have you tried resetting your cable modem? It stores your ethernet
card's
>> >hardware address and will only allow connections from that card.
>> >
>> >Here is what you do:
>> >disconnect base T cable from modem
>> >Press reset (small button on the back)
>> >wait until the lights settle
>> >insert cable again
>> >press reset
>> >wait until the lights settle
>> >try pinging the gateway
>> >
>> >enjoy if it works
>
>
>
------------------------------
From: [EMAIL PROTECTED] (Ki-Won Lee)
Subject: Calling On ipfwadm Gurus! :)
Date: 27 Dec 1998 10:45:13 GMT
Hello,
I was not able to get net access all of a sudden after having rebooted my box.
But I had resolved the problem. I had put in my rc.local these entries:
ipfwadm -I -o -a deny -P icmp -S 0.0.0.0/0 8 -D <my.ip.address>/32
ipfwadm -I -o -a reject -S 0.0.0.0/0 -D <my.ip.address>/32
I put them there to prevent others from pinging my box. I must confess
that the man pages for ipfwadm was very difficult to navigate for me but
that seem to have done the trick as I could not ping my box when I tried
from other non-local boxes.
The problem occurred when I couldn't get net access and I looked thru my
/var/log/messages and found these entries:
Dec 26 06:27:28 HAL kernel: IP fw-in rej eth0 UDP 24.64.3.104:53 24.64.14.87:1027
L=155 S=0x00 I=4390 F=0x0000 T=58
Dec 26 06:27:32 HAL kernel: IP fw-in rej eth0 UDP 24.64.3.105:53 24.64.14.87:1028
L=155 S=0x00 I=9891 F=0x0000 T=58
Dec 26 06:27:38 HAL kernel: IP fw-in rej eth0 UDP 24.64.3.104:53 24.64.14.87:1030
L=155 S=0x00 I=4603 F=0x0000 T=58
Dec 26 06:27:43 HAL kernel: IP fw-in rej eth0 UDP 24.64.3.105:53 24.64.14.87:1031
L=155 S=0x00 I=10338 F=0x0000 T=58
Dec 26 06:27:48 HAL kernel: IP fw-in rej eth0 UDP 24.64.3.104:53 24.64.14.87:1032
L=155 S=0x00 I=4968 F=0x0000 T=58
Dec 26 06:27:58 HAL kernel: IP fw-in rej eth0 UDP 24.64.3.105:53 24.64.14.87:1035
L=155 S=0x00 I=10860 F=0x0000 T=58
Dec 26 06:28:08 HAL kernel: IP fw-in rej eth0 UDP 24.64.3.104:53 24.64.14.87:1036
L=155 S=0x00 I=5825 F=0x0000 T=58
and so on and it seemed like a firewall restriction that was affecting my
getting net access, so I disabled those 2 entries I mentioned above and
now I'm able to get online. Can someone please tell me as to why I can't
have net access and have those ipfwadm entries at the same time? Should I
change the parameters of the ipfwadm entries somehow to be able to do so?
Thank you very much in advance.
With Best,
Steve
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: "Dennis M. Gray" <[EMAIL PROTECTED]>
Subject: Re: Utility to log foreign ip address'
Date: Sun, 27 Dec 1998 22:44:55 +1100
This is a multi-part message in MIME format.
==============A2CD3D3F40731D59376D8443
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Is "address'" supposed to be the plural of "addresses". (apostrophe not
needed)
Is "ip's" supposed to be "ip addresses"?
I am not sure of what you are looking for? Are you maintaining a
database of "valid" IP addresses for security reasons?
What are "foreign" IP addresses? What criteria determine an unexpected
result?
Thanks,
Dennis
Brian Gilman wrote:
> Can anyone point me to a site or name of any utility that logs foreign
> ip address'. Specifically, a utility that will check ip's against a
> database and parse the result, if the outcome is not as expected, to a
> log file? Thanks in advance....
> Sincerely,
>
> Brian Gilman
>
> Director of Biological Sciences
>
> Interscience Inc.
>
> Troy, NY 12180
==============A2CD3D3F40731D59376D8443
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Dennis Gray
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Dennis Gray
n: Gray;Dennis
email;internet: [EMAIL PROTECTED]
note: Claremont VMX: 161-5162
x-mozilla-cpt: ;0
x-mozilla-html: TRUE
version: 2.1
end: vcard
==============A2CD3D3F40731D59376D8443==
------------------------------
From: [EMAIL PROTECTED] ()
Crossposted-To: aus.computers.linux,comp.protocols.smb
Subject: Re: Samba appears not to be listening
Date: Sun, 27 Dec 1998 19:11:26 +1059
Broadcast address is correct. Look at the mask. ( 255.255.255.240 )
Mark F...
On Sat, 26 Dec 1998 18:17:31 -0800, Allen Wong <[EMAIL PROTECTED]> wrote:
> Your broadcast address seems to be wrong. Try using 192.0.1.255 and
>see if that helps. It's important to get this right because whenever
>samba is started, it "broadcasts" its presence to the entire network
>which is a signal for an election of the master browser.
>
>
------------------------------
From: "Steve Blair" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux
Subject: Re: Networking Linux and Windows
Date: Sun, 27 Dec 1998 22:27:50 +1000
Todd,
Check out the network HOWTO etc. On your distribution media or at
www.linux.org in their help section. Then play around with Samba to get
your Win95 machine to see the linux box. (Don't forget to have the Win95
machine set up with netbeui etc.).
IMHO You should set the linux box up as the Internet gateway, not the other
way around. You can use IP Masq on linux & set the Win95 machine up with
any IP address you want (preferably an internal network like
192.168.xxx.yyy). Check out the IP Masq miniHOWTO & related to get it
happening.
SteveB
Todd Smith <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>I have a windows95 machine and a linux machine. I also have a 2 3com
>10baseT ethernet cards and a hub. I need help getting linux set up to
>use the hub and to be seen on the network by my windows machine. I would
>also like my windows machine to dial up to the internet and have linux
>get access to the net from across the network. Thanks for any help
>
>--
>_______________
>Todd Smith
>Perl Programmer
>ITC^Deltacom
>
>
------------------------------
From: [EMAIL PROTECTED] (James Ho)
Crossposted-To: comp.security.firewalls
Subject: Re: firewall tool for linux?
Date: Sun, 27 Dec 1998 12:41:17 GMT
On 26 Dec 1998 20:21:56 GMT, [EMAIL PROTECTED] (Paul B. Brown)
wrote:
Sorry if my question sounds stupid since I am a newbie in
networking/linux.
For the packet filters, how would I know what source/dest to allow and
what to deny?
James.
>Jan,
>
>There are two types of firewalls. Alone, neither of them are solid
>protection against a persistant and knowledgable cracker. Together,
>however, they are formitable. Properly setup, it can defeat pretty much
>any attack long enough for you to be notified of the attack so you
>can take action against the perps.
>
>Two Firewalls:
>-------------
>
>1. Packet Filters - These firewalls will allow to to reject/allow packets
> in and out of your network based on source/destination
> IP addresses and source/destination ports. They work
> between the data link and IP layers of the TCP/IP
> stack.
>
>2. Proxy Filters - These firewalls insert a piece of software between the
> service inside the protected network and the big, bad
> wolf (Internet). Lets take web services as an example.
> Your web browser will actually ask the firewall to
> connect to a site and download the page. The firewall
> will then pass the page back to you. In this way, you
> the user, hides behind the firewall so you cannot be
> touched. These firewalls work at the application layer
> of the TCP/IP stack.
>
>Putting those two types of firewalls together will allow you to create a
>strong security policy. Use the packet filter to allow only those networks
>and hosts that are trusted access to and from your proctected network and
>shutdown all unused ports. Use the proxies to hide the users allowed
>access through the firewall via the allowed services.
>
>They only real question is: Do you want both types of firewalls on loaded
>or do you want to separate the firewalls into separate boxes. Hummmm.
>
>Anyway to actually answer your question: ;->
>
>Use IP Chains as the packet filter and either TIS or SOCKS as the Proxy
>filter.
>
>Nuff said? ;->
>
>Paul
>
>>i need to setup a firewall on a linux machine. the firewall should
>>be an intelligent packet filter not a proxy.
>>
>>question: which package should i take?
>>
>>there are:
>>* the sinus firewall tool (http://www.ifi.unizh.ch/ikm/SINUS/firewall/)
>>* ipfwadm
>>* ipchains
>>* tis ?
>>* ...
>>
>>has anyone made some experience with the packs?
>>
>> thanks a lot
>>
>> jan
>>
>>
>>
>>---------------------------------------------------------------------
>>| Jan Stifter email: [EMAIL PROTECTED] |
>>| web: www.htl-bw.ch/~ia95stif |
>>| meet me: telnet://freechess.org:5000 (nick: nunc) |
>>---------------------------------------------------------------------
------------------------------
From: Michael Powe <[EMAIL PROTECTED]>
Subject: Re: Setting up SendMail for Lan at home
Date: 26 Dec 1998 23:41:34 -0800
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
>>>>> "Todd" == Todd V Rovito <[EMAIL PROTECTED]> writes:
>> I'm trying to set up a mailserver for my Lan at home I have a
>> i486/33 with RedHat 5.2 and I've installed Sendmail and pretty
>> much everything else right out of the box. I've setup all the
>> NIC's and all the computors on the net can ping all the other
>> computors.
Todd> Forget about sendmail try Qmail. This program is much
Todd> easier to setup and more secure. You can download it at
Todd> www.qmail.org --
Certainly an exaggeration. Having been on the receiving end of my
ISP's change from sendmail to qmail, I can say that I lived the
nightmare and returned to tell about it. But it wasn't pretty.
mp
- --
8<---------------how-easy-is-it-to-demunge-an-address?------------------->8
#! /usr/bin/perl # if you are [EMAIL PROTECTED] (Another Luser):
while ($line = <>){ if ($line =~ m/^\s*$/ ){ last; }
if ($line =~ m/^From: (\S+) \(([^()]*)\)/){ $from_address = $1; } }
if ($from_address =~ m/\S+NOSPAM\S+/){ $x = index($from_address, NOSPAM);
substr($from_address, $x, 6+1) = ""; printf("The real address is %s\n",
$from_address);}else { printf("No munge, just plain %s\n",$from_address);}
printf("\nBrought to you by the Truth In Mail Headers Foundation\n");
8<-----------------------here's-one-example------------------------------>8
- --
Michael Powe
[EMAIL PROTECTED] http://www.trollope.org
Portland, Oregon USA
=====BEGIN PGP SIGNATURE=====
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQA/AwUBNoXklrajuNi/6Js3EQIGoQCgpH1ywotl7hLEK+/MXj1VuNd4zYsAn2aU
eCW64KpcWj2g01b3VOcZlK3x
=BP95
=====END PGP SIGNATURE=====
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
