Linux-Networking Digest #870, Volume #9 Wed, 13 Jan 99 18:13:46 EST
Contents:
[Q] RH 5.2 with 3COM Megahertz 10/100 LAN CardBus (Patrice Bonhomme)
Re: Token ring (Eigil Bjorgum)
mounting an ftp directory ([EMAIL PROTECTED])
Re: win98, winNT, and Linux ("suratku")
Re: Standleitung (Analog mit Modems) ("stephan B�sebeck")
3com Megahertz 10/100 LAN CardBus PC Card ? (Patrice Bonhomme)
Newbies site ("Phil Massyn")
Re: http error 403 with ip masq (Aaron Baugher)
Fetchmail to distribute common mailbox ("Phil Massyn")
Re: Pentium with CD -> 486 without (Joe Ringer)
Re: NT and Samba problem
Re: Adding Route Add Default to Startup (Clifford Kite)
Is it just me or what? ("Charles Stack")
Really weird samba problem (Ben Sandler)
Re: POP3 mail transfer from Linux to NT4 ("Alex Tsekhansky")
Problem under Linux with an HP Vectra M2 ([EMAIL PROTECTED])
Re: Telneting as "root" (benjamin j snyder)
Linux news server over dial-up for networked MS clients such as Agent (Sean Akers)
Re: ppp-2.3.5 compile problem (Carl Koeppl)
Re: PostgreSQL setup problems ("Doug Hardman")
Re: NETWARE problem HELP !! ([EMAIL PROTECTED])
Re: ipfwadm-rules (Job eisses)
Re: mounting an ftp directory (Juergen Heinzl)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Patrice Bonhomme)
Crossposted-To: comp.os.linux.hardware
Subject: [Q] RH 5.2 with 3COM Megahertz 10/100 LAN CardBus
Date: 13 Jan 1999 19:05:02 GMT
Is someone using this card with RH 5.2 ? Any driver yet available ?
Pat.
--
***********************************************************
* [EMAIL PROTECTED] * Office : B.228 *
* http://www.loria.fr/~bonhomme * Phone : 03 83 59 30 52 *
***********************************************************
------------------------------
From: Eigil Bjorgum <[EMAIL PROTECTED]>
Subject: Re: Token ring
Date: Wed, 13 Jan 1999 21:01:11 +0100
Reply-To: [EMAIL PROTECTED]
Mike wrote:
>
> If that 3C359 card is a token-ring card, sorry, you're out of luck.
> The only TR cards that work (to my knowledge) in Linux are IBM (based on
> the Tropic chipset), Olicom (3136 and 3137), and SysKonnect (in Linux
> 2.1.x kernels and above). So you're going to have to get a different
> card.
>
I appreciate your reply, guess I'm going to do some trading.
--
Eigil
------------------------------
From: [EMAIL PROTECTED]
Subject: mounting an ftp directory
Date: Wed, 13 Jan 1999 18:51:40 GMT
Is there any way to mount a directory as a directory in my file file system
through the ftp protocol. I'm trying to get a directory on one of my ftp
sites to look like a directory on my local machine so I can copy files to it
as if it were on my local machine.
Thanks
TB
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "suratku" <[EMAIL PROTECTED]>
Subject: Re: win98, winNT, and Linux
Date: 13 Jan 1999 19:25:23 GMT
First, make dos partition and leave the space for NT and Linux for the
future, then install DOS
Second, make NT partition and install NT-OS
The last, make Linux partitiion and install Linux..
For further information you can read the How-To
CPA <[EMAIL PROTECTED]> wrote in article
<zrQl2.657$[EMAIL PROTECTED]>...
> Hi there,
>
> I would like to put three OS in a hard drive which are WIN98, WinNT
> Workstation, and Linux. Could someone please tell me how should I
patition
> the harddrive. Or youu can direct me to a website if you know one.
>
> Many thanks
>
>
>
------------------------------
From: "stephan B�sebeck" <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,alt.sex.fetish.linux,at.linux,de.comp.os.unix.linux.hardware,de.comp.os.unix.linux.misc,de.comp.os.unix.linux.newusers,fido.ger.linux,fido.linux-ger,maus.os.linux
Subject: Re: Standleitung (Analog mit Modems)
Date: Wed, 13 Jan 1999 20:46:17 +0100
Henning Ahlers schrieb:
> Also,
>
> Ahnung hat hier wohl keiner, oder?
Naja, so w�rd ich das nicht sehen....
>
>
> Hier nochmal f�r Interessierte und ernste Newsgroupleser meine Frage!! (die
> Adressen sind logischerweise nicht richtig, sondern ge�ndert!!)
>
Warum?
> Hallo,
>
Tach!
> ich habe eine analoge Standleitung, an beiden Seiten ein US Robotics Modem
> und Linux (SuSE 6.0).
>
> Vom Provider habe ich folgende Angaben:
>
> Init-String: at&f1&l1s32=6&w
> IP-Subnet: 111.111.111.128/29 (8er Subnet, 6 nutzbare IP-Adressen)
> Netzmaske: 255.255.255.248
> Adresse f�r PPP-Interface: 222.222.222.210
> Providerseite: 333.333.333.333
>
> Da ich Anf�nger in Linux bin, ben�tige ich eine einfache Beschreibung wie
> ich ein Netzwerk einrichte. Ich m�chte einen Rechner mit Linux als Firewall
> und zur Ansteuerung der Standleitung benutzen und dann ein Netzwerk mit
> einem Win98-Rechner aufbauen um von dort das Internet zu nutzen.
> �brigens was hei�t: 8er Subnet, 6 nutzbare IP-Adressen?
>
>
Wenn Du nicht mal wei�t, was ein 8er Subnetz ist, dann bist du nicht nur
Anf�nger was Linux betrifft, sondern auch Netzwerke im Allgemeinen
(warscheinlich nur ein paar Windoof Rechner vernetzt).
Das alles zu erkl�ren w�rde hier zu weit f�hren, au�erdem gibt es gute HOWTOs
dazo (schau mal in /usr/doc/howto bei deiner Suse Installation). Ganz Wichtig,
das Net-III-Howto lesen (das sind ja nur ein paar hundert seiten, die deine
Fragen grob beantworten!)
Also, es hat keiner geantwortet, weil deine Fragen viel zu allgemein sind. Wenn
du Probleme nach dem Lesen der HOWTOs hast, dann poste wieder was, ok?
cu,
stephan
------------------------------
From: [EMAIL PROTECTED] (Patrice Bonhomme)
Subject: 3com Megahertz 10/100 LAN CardBus PC Card ?
Date: 13 Jan 1999 13:25:56 GMT
I am currently looking for a driver for this Card ? Any help ?
Thanks,
Pat.
--
***********************************************************
* [EMAIL PROTECTED] * Office : B.228 *
* http://www.loria.fr/~bonhomme * Phone : 03 83 59 30 52 *
***********************************************************
------------------------------
From: "Phil Massyn" <[EMAIL PROTECTED]>
Subject: Newbies site
Date: 13 Jan 1999 20:59:25 GMT
Hello All!
If you're newby struggling to get this fancy Linux up and running, look no
further. I've created this website when I was still starting with Linux,
and I'm learning every day! Visit the site today for easy answers on how
to setup your own Linux server.
http://www.useless.co.za/phil/linux/linux.htm
Good luck!
Phil
------------------------------
Subject: Re: http error 403 with ip masq
From: Aaron Baugher <[EMAIL PROTECTED]>
Date: 13 Jan 1999 07:18:12 -0600
"Craig Chapman" <[EMAIL PROTECTED]> writes:
> I've set up ip masq on my Slakware 2.0.30 linux box so I can share
> my dial-up internet account with a Mac and an NT client. I'm using
> diald to make the ppp connection on demand.
> When I try to use Netscape on the Mac (or IE4 on the PC), I get http
> error 403, "access forbidden from this server". I've set up the
> browsers to access the internet over the local lan and given it my
> gateway's IP address. I haven't specified any ports in my ipfwadm
> commands.
Do you mean you've configured a proxy in NS? Don't do that. IP Masq
isn't a web proxy, it masquerades and sends on packets intended for
the outside. Your TCP/IP software on the Mac should have your Linux
box's LAN IP as its gateway, though, so that it'll see it as a router
to the outside.
> From either the Mac or the NT, I can ping external sites. DNS works,
> too. tracert from the Mac lists every site between me and
> netscape.com or sunsite.edu, with my gateway as the first hop. This
> means my IP masq is working, right?
Generally, yes.
> So why do I get http error 403? Could my ISP be denying my requests
> because it can tell I have multiple machines on one connection? Is
> there something I could have missed in my configuration?
No, your ISP shouldn't be able to tell; all the packets look like
they're coming from the masqing machine. I suppose a real savvy admin
who knew the ip masq packet design could run a packet sniffer and get
a feel for whether a person is using it, but that's not your problem
here.
Aaron
--
Aaron Baugher - [EMAIL PROTECTED] - Quincy, IL, USA
Extreme Systems Consulting - http://haruchai.rnet.com/esc/
CGI, Perl, Java, and Linux/Unix Administration
------------------------------
From: "Phil Massyn" <[EMAIL PROTECTED]>
Subject: Fetchmail to distribute common mailbox
Date: 13 Jan 1999 21:05:04 GMT
Hi there,
My ISP setup my mailbox to forward all email sent to a specific host name
(regardless of the user is) into my mailbox. How can I setup fetchmail (or
any other program then) to what MDaemon does, and distributing it to
different mailboxes on my Linux server?
Thanx!
Phil
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Joe Ringer)
Subject: Re: Pentium with CD -> 486 without
Date: 13 Jan 1999 13:58:27 GMT
Reply-To: [EMAIL PROTECTED]
On Mon, 11 Jan 1999 02:23:32 GMT, Mikhail Bovineck wrote:
>
>Hi - I have Linux installed on a hardrive on a pentium box which
>originated on a CD ( RedHat Distribution). I also have a 486
>with no CD which I would like to make a Linux box as well. In other
>words, I would like to access the pentium box's CDrom from the 486.
>
>Currently the 486 has muLinux installed on it, downloaded from the net
>and installed using 3 floppies.
>
>All I have to connect the two is a null modem cable. According to the
>RedHat docs I should be able to install from the CD via a network but
>do I need a network card for that? Is the /dev/cua1 port sufficient?
>
>If so, how do I configure the durn thing? All the Howto's seem to
>just be short of an answer that works!
>
>I have read all the docs from the LDP and the RedHat distribution but
>my head is spinning around! Could someone please please explain in
>English for me how I connect the two (i.e. what protocol, what scripts
>etc). I'm sure someone has had to do this before.
If the 486 has enough hard drive space available you could copy the cd over.
I did something like that using modems, minicom and telix. Boy was that
slow!
--
clear skies, |http://www.erols.com/jringer3/astro1.htm
Joe |
|The internet treats censorship like
|damage and routes around it.
------------------------------
From: <[EMAIL PROTECTED]>
Subject: Re: NT and Samba problem
Date: 13 Jan 1999 13:59:54 GMT
Hi,
Did you setup a smbpasswd for the user on the Linux box?
Regards and God Speed,
Gary
Gary W. Sandvik
[EMAIL PROTECTED]
309-676-0224 (fax)
Dmitrij Belogaj wrote in message <77g0k2$lq8$[EMAIL PROTECTED]>...
>Hi all!
> I installed Samba 1.9.16p11 on Linux 2.0.30.
>I configured it to show 2 folders - one public and one - for specific user.
>This user can easily connect to his folder via network from WfW3.11.
>But he doesn`t from NT Workstation 4.0. He has an account on NT
workstation,
>the same as on Linux box.
>While trying to access his folder from NT, it writes "Incorrect username or
>password".
> My Linux box has only passwd file with encrypted passwords, without
>shadow.
>
>Please, if somebody understood what I wrote here :) and can to help by good
>word, please, answer me!
>
>WBR,
>Dmitri.
>
>
>
------------------------------
From: [EMAIL PROTECTED] (Clifford Kite)
Subject: Re: Adding Route Add Default to Startup
Date: 13 Jan 1999 12:09:59 -0600
John Alexander ([EMAIL PROTECTED]) wrote:
: I have a linux box running rather well, until I have to re-boot. When I
: re-boot the machine, I have to type
: route add default gw 130.160.xxx.x eth0
: before the machine will access any machine outside the 130.160 domain.
: Where can I include this line in my startup files?
Depends on the distribution, for Slackware it is /etc/rc.d/rc.inet1 .
It should be in the /etc/rc.* files though.
--
Clifford Kite <[EMAIL PROTECTED]> Not a guru. (tm)
/* Those who can't write, write manuals. */
------------------------------
From: "Charles Stack" <[EMAIL PROTECTED]>
Subject: Is it just me or what?
Date: Wed, 13 Jan 1999 09:25:21 -0500
Okay...I've putzed with this PPP problem for over a week now and still have
gotten nowhere.
Here's the scoop...
I am running RH 5.2 (workstation configuration 2.0.36). My box also has an
NE2000 compatible adapter (LinkSys). My modem is connected to cua0 (or
ttyS0 if you prefer).
I configure a PPP connection using linuxconfig to my ISP (they use PAP) and
activate the interface using usernet. ifconfig tells me that I have a PPP
connection using my static IP address.
Problem is, I can't talk to anyone other than the other end of the
connection. I do NOT have a default gateway device specified. I've even
gone as far as editing my /etc/sysconfig/network file to make sure that the
default gateway and gateway device are not specified. My hosts and
resolv.conf files look okay. But, I can't talk to anyone...not even the DNS
server.
Under RH 5.0, I had a set of scripts that connected for me. I brought these
over to my 5.2 configuration. Still no dice. I've even tinkered with route
and ifconfig...routes seem to be in place (didn't save the settings).
One other thing....as I said before, I can connect to my ISP and get a PPP
connection. If I as much change the phone number, I can't authenticate.
Now, that's probably something to do with my ISP's new routers...but my
Windoze box has no problem connecting to either.
What's going on here? Is there a problem with the scripts that RH 5.2
provides? Or is it a pppd problem?
Any help is appreciated.
TIA,
Charles
------------------------------
From: Ben Sandler <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Really weird samba problem
Date: Wed, 13 Jan 1999 21:51:26 +0000
I have a share mounted on another Linux machine which contains Tcl/Tk
programs. We'll call my machine A and the mounted machine B. Often,
when I make changes in tcl files on B, when I run them on A, I get
errors about missing close brackets. But when I run the same program on
A, it works fine. I'm not sure, but running ntpdate on A (syncing my
clock with internet time) seems to help. Originally the two machines
had been about 20 minutes off, but I still had the problem when they
were only a few seconds off. Also, smbumounting and smbmounting again
fixes it as well.
This is really weird, and makes for an unstable environment. Anyone
know what to do about it?
Thanks,
- Ben
PS. I am running standard installs of RedHat 5.1 on both machines (samba
version is samba-1.9.18p5-1).
PPS. Please Cc: to email. thanks
--
Ben Sandler
email me: sandler at ymail dot yu dot edu
------------------------------
From: "Alex Tsekhansky" <[EMAIL PROTECTED]>
Subject: Re: POP3 mail transfer from Linux to NT4
Date: Wed, 13 Jan 1999 15:47:28 -0800
We have pretty much the same setup here. The easiest way to do so is to
setup .forward file in users' mail directories and set Exchange with IMC
(Internet Mail Connector). In this case mail will be transferred from Linux
to NT via SMTP and everything will work.
Alex.
[EMAIL PROTECTED] wrote in message <77hrjf$beb$[EMAIL PROTECTED]>...
>Our company has got 2 servers, one is running Linux and the other is
running
>Windows NT4. The linux server is currently being setup to look after
>internet access via an ISDN router. The linux server can currently
download
>the pop3 mail from our internet accout but it then stores the mail in its
own
>mail boxes. We are trying to get linux to transfer the pop3 mail to the NT4
>server, which is running MS Exchange, to then be passed out to the
individual
>users own mail boxes.
>
>Our problem is that we are unable to get either of the servers to transfer
the
>pop3 mail. Any help would be appreciated.
------------------------------
From: [EMAIL PROTECTED]
Subject: Problem under Linux with an HP Vectra M2
Date: Wed, 13 Jan 1999 14:21:27 GMT
I am currently installing a little network with 486DX HP Vectra M2 and 386 HP
Vectra inside of my school network (under Windows NT/Lotus Domino).
The test machine is a 486DX4 / 100 Mhz HP Vectra M2 with 24 Mbytes of Memory
and an internal Quantum 370 Mb Hard disk. It has a build in Ethernet card.
I work with the Red Hat 5.2 International Edition (I am French).
I tried to install this machine through the internal FTP of my school where I
put my Red Hat version. I began the installation but when the system prompted
the Network Card Modules choice window to initalize the network, no modules
worked. Evry time it told me "No such device in your system".
I have installed a minimum Linux system on the hard disk but it still does not
recognize the onboard card!
What can I do? What is the right module and where can I find it? Or what are
the rigth modules options?
Any comments and help highly appreciated (I need to give the evidence that
Linux is the best solution for my school network ...)
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (benjamin j snyder)
Crossposted-To: linux.redhat.misc,comp.os.linux.setup
Subject: Re: Telneting as "root"
Date: 13 Jan 1999 14:31:39 GMT
Correct me if I'm wrong, but if someone has a 'packet sniffer' running they
could strip the packets and get the root password anyway (assuming you telnet
and then su), they could get the exact command you typed, so there's really no
secure/safe way to log in as root remotely. Granted, this 'hacker' would have
to be inside the local network, or could have hacked their way into a normal
users account (there are MANY posibilities) to start the stripper.
Packet strippers arent too hard to come accross, or even write (assuming you
know the ins and outs of TCP/IP (or IPX or whatever protocol) packets.
I know a guy who runs a packet sniffer on his network (at home) just to play,
dont know the specifics of it, but anything that is passed between computers
he gets a duplicate of, and it's translated and logged for him automatically.
In article <01be3eca$c8fecbd0$0a01a8c0@eng-1>,
Meindert Sprang <[EMAIL PROTECTED]> wrote:
>If you want to play safe, start a telnet session as an ordinary user, then
>issue the 'su' command to change to super user (=root) and enter the
>password for root.
>> The reason that root is disabled from telnetting in is to prevent a
>hacker
>> from breaking root's password. With the securetty file implemented, a
>> hacker needs to break TWO passwords.
--
Ben Snyder
------------------------------
From: [EMAIL PROTECTED] (Sean Akers)
Crossposted-To: comp.os.linux.misc
Subject: Linux news server over dial-up for networked MS clients such as Agent
Date: Wed, 13 Jan 1999 21:37:59 GMT
Reply-To: [EMAIL PROTECTED]
I have a small intranet at home which uses a Linux server for dial-up
connection to the Internet.
I would like to know if it is possible to set up my Linux server to
perform the following News services :
1. When a client on another machine on my intranet requests a
particular news article it will as the Linux server for the article.
If the article is not available on the Linux server, it will dial up
my ISP and download the requested article and pass it on to the remote
client when complete. (PPP and diald is fully configured and
operational on my server).
2. Maintain a current list of all available news groups from my ISP's
news server and from various other news servers (such as IBM's or
Creative Labs and to be able to server articles from any of these
servers.
3. Only download those articles requested by the remote client when
requested but keep them available locally in case another user wishes
to read them.
I have looked at Leafnode which at first glance seemed to do as I
wanted but unfortunatetly if always downloads the entire newsgroup
when a single article is requested which is not what I want. I just
need it to download particular articles only.
Any suggestions much appreciated.
Cheers,
Sean.
------------------------------
From: Carl Koeppl <[EMAIL PROTECTED]>
Subject: Re: ppp-2.3.5 compile problem
Date: Wed, 13 Jan 1999 09:15:56 -0500
[EMAIL PROTECTED] wrote:
> Hi,
> I am having problem successfully compiling ppp-2.3.5 with
> my redhat 5.2 kernel 2.0.36-07. Doing a "make modules" gives the
> following error messages and aborts.
>
> removed error...
Please see this web page. This helped me. It describes this problem in
more detail.
http://www.tartu.customs.ee/linux/index.shtml
------------------------------
From: "Doug Hardman" <[EMAIL PROTECTED]>
Subject: Re: PostgreSQL setup problems
Date: Wed, 13 Jan 1999 09:39:10 -0500
In article <77hhjl$cad$[EMAIL PROTECTED]> , [EMAIL PROTECTED] (Jon
Barnett) wrote:
>
> P.S. This isn't really a networking question. :)
But it referenced "netstat"!
Thanks for the great info, I'm sure I'll get through it now.
-Doug
--
=====================<>=]|[========] Douglas Hardman
[EMAIL PROTECTED] AMG Advertising & PR, Inc.
http://www.accessamg.com Resident Cyber Samurai
216-621-1835 Cleveland, OH
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: NETWARE problem HELP !!
Date: Wed, 13 Jan 1999 15:18:04 GMT
[posted and mailed]
If dosemu is working it is probably using the packet driver which
bypasses the Linux ipx networking layer. Perhaps you have static
IPX routes set up in your /etc/rc.d scripts somewhere and the routes
have changed. Try doing
ipx_route delall
and then
ipx_interface --auto_primary=on --auto_interface=on
and wait about two minutes to see if slist then works. You can check things
by going to /proc/net/ipx and doing 'cat ipx_route' and see if the routers
(usually Netware servers - unless evil Win95 boxes are screwing things up)
are appearing. If this doesn't work find out the network number of your
network, the INTERNAL network number of your server, and node number of your
server, and the frame type the novell server uses (either etherii, 802.2, or
802.3) from the network admins and do
ipx_interface add -p eth0 [frame type] [general ipx network number]
then
ipx_route add [internal net number of server] [network number] [server node
number]
and see if that works.
Sebastian Bunka <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > In article <77f7lc$[EMAIL PROTECTED]>,
> > Sebastian Bunka <[EMAIL PROTECTED]> wrote:
> > >
> > [posted and mailed]
> > What does ifconfig say? Is it possible you had a network/cabling fault?
> > did IP services run without problem (nfs, etc.)? Is there a chattering
> > net card on your segment of the lan that might be temporarily blocking
> > your connection? I suggest hardware because you are sure that there
> > were no other configuration changes.
>
> I suppose we don't have a HARDWARE problem since no one of the
> more than 10 Win-Netware clients have any problem, I don't have any
> problem with the net using tcp/ip, nfs or login to netware
> under dosemu. To the config changes I think the comp dep HAS changed
> something (router upgrade) and a lot new win95/98 boxes on the segment.
> (I heard that some special stuff in win98 - kinda loadable netware driver or
> whatever - _could_ make problems). I think the packages don't come behind
> the router ? I've heard from a couple of poeple (I think in linux-gazette?)
> have similar problems.
>
> I don't have any idea anymore...
>
> SWB
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
Date: Wed, 13 Jan 1999 23:52:17 +0100
From: Job eisses <[EMAIL PROTECTED]>
Subject: Re: ipfwadm-rules
Dan wrote:
>
> I am trying to set up a firewall at the small buisiness that I work at. We
> have a 1/4 T1 Line for our connection to the internet. Our default router is
> currently a Cisco router. We have a block of class C ip-address's. Two of
> thes ip's are registered, one is our web-server (a Windows-NT machine) the
> other is our email-server (a linux machine). We have approximately 25
> computers in our office most of which are running Winnt,95, or 98.
> I do not claim to be a linux gu-ru, however I am trying. What I am trying
> to do is set up a firewall, mainly to protect our internal machines. I am
> not concerned about anyone on the inside as a threat. I have already set up
> another Linux machine with two network cards and have been trying to use
> ipfwadm tool. I am working with 2.0.34 Kernel. I recompiled it and have
> turned on
>
> CONFIG_FIREWALL=Y
> CONFIG_IP_FORWARD=Y
> CONFIG_IP_FIREWALL=Y
> CONFIG_IP_FIREWALL_CHAINS=Y
> CONFIG_IP_MASQUERADE=Y
>
> I reset all the IP address in my office to private ones and changed the
> default gateways an all them to point the the internal ethernet card and was
> able to allow everyone internet access through the firewall using the
> following rule.
>
> What this did was make everyone appear as if they were all coming from the
> same ip-address the external ethernet card on the firewall.
>
> I then used the following commands taken from the Firewall-HOWTO AT
> http://metalab.unc.edu/pub/Linux/docs/HOWTO/Firewall-HOWTO
>
> # Forward email to your server
> ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D 192.1.2.10 25
>
> # Forward email connections to outside email servers
> ipfwadm -F -a accept -b -P tcp -S 196.1.2.10 25 -D 0.0.0.0/0 1024:65535
>
> #Forward Web connections to your Web Server
> /sbin/ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D
> 196.1.2.11 80
>
> # Forward Web connections to outside Web Server
> /sbin/ipfwadm -F -a accept -b -P tcp -S 196.1.2.* 80 -D 0.0.0.0/0
> 1024:65535
>
> This did not work as I expected. Can anyone tell me if it is possible to
You can have the mail and web servers on the inside on registered addrs
and the rest on private addrs if you give the internal ethernet
interface an alias ip adress, and put the masquerading rules
(.. -F -m..) *after* the rules quoted above. You will need different
subnet masks for the registered network on the outward and inward
eth interfaces.
You can also use the plug-gw from the TIS firewall toolkit to translate
the registered ip-addr of the firewall to the private ip-addr of the mail
server for port 25, and to the private ip-addr of the web server for port
80; all internal addrs will be private, masquerading only in ipfwadm.
This means the DNS should change too.
IP port forwarding is another option, i think you need patches to 2.0.36
or a 2.1.xxx kernel to do this. Could be the cleanest way to go, but I
am not sure what to think about all this stuff in the kernel, it seems
the wrong place to cram all this code in to me.
> move my webserver, and email machine inside the firewall with private
> ip-address's and have these forward command's work in such a way as to still
> allow tcp packets to pass through the firewall and send them to my email
> server if they are destined for port 25, and to send them to my website if
> they are destined for port 80. The problem that I see is that once I change
> the ip's to privates the registered ip's are no longer visible to the
> internet. Thus disabling my website (website no longer can be found) as well
> as my email server. Do I have to re-register the ip-address of my webserver
> and email server to the public ip address on the firewall? Or do I have to
> use a proxy server to achieve this?
>
> Any resources or references to some example rules either for ipfwadm or
> ipchains would be greatly appreciated.
http://www.rustcorp.com/linux/ipchains/
-job
------------------------------
From: [EMAIL PROTECTED] (Juergen Heinzl)
Subject: Re: mounting an ftp directory
Date: Wed, 13 Jan 1999 22:53:38 GMT
In article <77ipvn$66p$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>Is there any way to mount a directory as a directory in my file file system
>through the ftp protocol. I'm trying to get a directory on one of my ftp
>sites to look like a directory on my local machine so I can copy files to it
>as if it were on my local machine.
You might think about NFS ... security implications aside.
Bye, Juergen
--
\ Real name : J�rgen Heinzl \ no flames /
\ EMail Private : [EMAIL PROTECTED] \ send money instead /
\ Phone Private : +44 181-332 0750 \ /
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
