Linux-Networking Digest #31, Volume #10 Thu, 28 Jan 99 09:13:28 EST
Contents:
Re: What could "modprobe: can't locate module net-pf-17" be? (Villy Kruse)
Re: LINUX PPP on a SPARC10 (Duncan Simpson)
Re: Security problem ? (Paul D. Boyle)
Re: DOES LINUX SUCK (Craig Kelley)
Re: ftp from behind a masquerading router ("Krusty")
HSRP (Hot Standby Router Protocol) on Linux ([EMAIL PROTECTED])
Re: ftp from behind a masquerading router (Luca Filipozzi)
NFS links (David Ferruz)
Re: is my system overloaded? (Duncan Simpson)
PPP connects but I don't get out anywhere ("Jim Orfanakos")
Can't connect to Win/NT servers (Jeff Howard)
Re: Kernel 2.2 in RPM (Brian Gilman)
HELP !! Default Run Level goes wrong, How can I make the linux sector work again?
("Novicer Jothiw")
Re: Ethernet Adapter Accepting Connections? (Miguel Cruz)
Web Traffic Monitoring Software (Brian Ferris)
Re: DHCP and hostname (Stephen Carville)
Re: TCP/IP connectivity on LAN (Joerg Klaas)
Re: SAMBA SHARING (Phil Heaton)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Villy Kruse)
Subject: Re: What could "modprobe: can't locate module net-pf-17" be?
Date: 27 Jan 1999 19:09:44 +0100
In article <78nef9$iul$[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> wrote:
>Villy Kruse <[EMAIL PROTECTED]> wrote:
>
>> This should be the complete list. Don't think there is a module for
>> pf-17
>
>> #define AF_UNSPEC 0
>> #define AF_UNIX 1 /* Unix domain sockets */
>
>
>where is this list located?
>
>Simeon
Greb'ed out of one of the include files in the linux source tree.
Villy
------------------------------
From: [EMAIL PROTECTED] (Duncan Simpson)
Crossposted-To:
comp.os.linux.setup,comp.os.linux.misc,comp.os.linux.hardware,alt.os.linux,comp.protocols.ppp,linux.redhat.install
Subject: Re: LINUX PPP on a SPARC10
Date: 28 Jan 1999 11:57:03 GMT
In <[EMAIL PROTECTED]> James Carlson
<[EMAIL PROTECTED]> writes:
[stuff snipped]
Chat script that fails is:
>> send ATQ0V1E1X4\r
>> wait OK 5
>> dial T*70,,*67,,555-1212 #As an example
>> sleep 1
>> send \r
>> send \r
>> wait Userid: 15
>> send e(myunixID)\r
>> wait Password? 15
>[...]
>Most ISPs do NOT want you to do that if you're using PPP. Instead,
>they want you to just dial in and start using PPP, since that's what
>Windoze does. If you start chatting a user name at them, then they'll
>usually assume you don't speak PPP.
Apparently all livingston portmasters have been wiped off the face of
the earth from this statements about most ISPs. Muy ISP uses
livingston portmasters and the appropiate chat-up line is
<dail up my ISP with AT commands>
ogin: me
ssword: secret
and then hit PPP mode. Demon internet, the largest ISP in the UK, wants
<dail up demon internet with AT commands>
oign: you
ssword: password
ocol: ppp
and then hit PPP mode. At one time my ISP wanted you to authenticate
yourself with PAP after seeing the connect message. Windows has its
own equivilent of chat but it is more interactive, disguised and less
well documented. Personally I could all 3 as disadvantages---requiring
me to bring up a terminal windows and retype my name and ssword every
time I connect is a pain.
Duncan (-:
--
Duncan (-:
------------------------------
From: [EMAIL PROTECTED] (Paul D. Boyle)
Subject: Re: Security problem ?
Date: 27 Jan 1999 23:02:43 GMT
fkeeney ([EMAIL PROTECTED]) wrote:
: Secure your Linux box with ipfwadm!!!!
: See: http://www.pasadena.net/linux/linuxsecure.html
Another (and easier) solution is to get tcp_wrappers configured.
Type 'man 5 hosts_access' (w/o quotes) on your command line. Also use
ssh for encrypted connections.
You may want to check your system logs to see if you have already been
hacked. Also use 'ps aux' to look for suspicious looking daemons in
the process table.
Paul
: Mattias Johansson wrote:
: > In the past few days I've noticed that someone is trying to log on
: > to my computer (through /dev/null) from 195.100.xxx.xxx.
: > Is there anyway to deny people access to /dev/null ?
: > It's really annoying to browse through the log-files, in search of
: > other hack attempts, and there's between 100 and 500 root-login
: > atempts from the same ip#.
--
Paul D. Boyle | [EMAIL PROTECTED]
Director, X-ray Structural Facility | phone: (919) 515-7362
Department of Chemistry - Box 8204 | FAX: (919) 515-5079
North Carolina State University |
Raleigh, NC, 27695-8204
http://laue.chem.ncsu.edu/web/xray.welcome.html
------------------------------
Crossposted-To: comp.os.linux.advocacy,linux.redhat.install
Subject: Re: DOES LINUX SUCK
From: Craig Kelley <[EMAIL PROTECTED]>
Date: 27 Jan 1999 16:20:50 -0700
"Keith Peterson" <[EMAIL PROTECTED]> writes:
[snip]
> If Joe can make it work in a 1000 station network, but Bob can't make it
> work on a 10 station network, the first thing to consider replacing is Bob.
>
> However, a post stating this is usually followed by a post like: "Typical
> Microsoft user - it doesn't work, so blame the administrator".
>
> Yet, if I said, "I can't make linux work as a server in a ten station
> network", I would instantly be denounced incompetent, before a single
> question had been asked.
I think it boils down to this:
Windows NT is percieved as non-deterministic, while Linux is seen as
very deterministic.
When one has a problem with Linux, you can typically find out what
caused it and then proceed to fix it. When one has a problem with
Windows (all varieties), the solution is more often than not: Reboot
the machine and it will *magically* fix itself.
Take the "NTOSKRNL.EXE not found" error: every once in a while, a
random NT machine on our network will popup this message after
NTDETECT has finished running. The solution from Microsoft: Boot
with rescue disk, re-run setup, re-apply all service packs, re-apply
all hotfixes, re-install any broken applications.
The Linux analogy is when LILO can't find the kernel, which has also
happened to us more than once. The solution is to boot up with a
rescue disk and re-run lilo.
Which one is 'magical' and which one isn't? Which one is more of a
PITA?
The above is true for most any bug encountered under Windows and
Linux.
> Note that certainly not all linux users suffer from that perception problem.
> But many do. Thankfully those that do are unlikely to be in positions where
> they can cause real damage.
What kind of 'real damage'. :>
--
The wheel is turning but the hamster is dead.
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: "Krusty" <[EMAIL PROTECTED]>
Subject: Re: ftp from behind a masquerading router
Date: Thu, 28 Jan 1999 13:01:57 +0100
And how do you use the ip_masq_ftp module to do active (vs passive) ftp ?
Luca Filipozzi wrote in message ...
>In article <78oifu$660$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>> The ftp "dir" commands hangs when I do ftp from a machine connected to a
>> masquerading linux router. This happens even if the router allows all
access
>> like this:
>>
>> /sbin/ipfwadm -I -p accept
>> /sbin/ipfwadm -O -p accept
>> /sbin/ipfwadm -F -p accept
>>
>> /sbin/ipfwadm -F -a masquerade -S 192.168.1.0/24 -D 0.0.0.0/0
>>
>> "dir" does work if I issue it from an ftp session on the router itself.
>>
>> Will appreciate any clues.
>>
>> Michael Kifer
>> [EMAIL PROTECTED]
>>
>> -----------== Posted via Deja News, The Discussion Network ==----------
>> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>>
>you need to use the ip_masq_ftp module to do active (vs passive) ftp
>
>--
>Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED]
Subject: HSRP (Hot Standby Router Protocol) on Linux
Date: 28 Jan 99 12:18:14 GMT
Does anyone know if HSRP is available for Linux, or does anyone know of
somthing similar or better to it that will work on Linux.
Thanks for any help
Ivan
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: ftp from behind a masquerading router
Date: Thu, 28 Jan 1999 04:19:18 -0800
In article <78pjif$2ks$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> And how do you use the ip_masq_ftp module to do active (vs passive) ftp ?
First, let me say that I'm using Debian, so I don't know how/where RedHat
puts this stuff.
1) Recompile kernel with masquerade support and install it (make zImage)
2) Compile and install modules (make modules; make install)
3) run modconf, select ipv4 and then ip_masq_ftp
There are other ip_masq_?? modules: CuSeeMe, IRC, Quake, Real Audio, etc.
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: David Ferruz <[EMAIL PROTECTED]>
Subject: NFS links
Date: Thu, 28 Jan 1999 13:16:37 +0100
Hi friends, I'm interested about to don't permit to create links over a
NFS directory, but I don't know how make them.
I've compiled Linux kernel whith NFS support on kernel.
Thanks.
------------------------------
From: [EMAIL PROTECTED] (Duncan Simpson)
Subject: Re: is my system overloaded?
Date: 28 Jan 1999 12:21:53 GMT
In <78mv87$dtc$[EMAIL PROTECTED]> "christo" <[EMAIL PROTECTED]> writes:
>i've a linux 2.0.35 running on a double p2 with 128Mb ram and a quantm disk
>(server style) of 6 Gbyte.
>It performs web and mail server jobs, with apache and sendmail.
>After 6 mounth of hard working without any problem i noticed that response
>time when you try to connect to any port are getting longer.
>my 'messages' is about 6 Mb and my 'access.log' is almost the same.
>Could this slow down be caused by the fact it needs to write logs in this
>big files?
No.
>In this case, can i backup this file and empty them without problems?
Yes. You *should* rotate your log files regularly to stop them eating
all your disc space. The server I do admin for emails me the logs
every day and then empties them. Ancient logs get deleted from my
mailbox unless there is some reason to keep them (outstanding spam
report or whatever).
>If this this is a bad diagnosis, do anyone have suggestions?
Yup. See above. You failed to trim your log files.
Duncan (-:
--
Duncan (-:
------------------------------
From: "Jim Orfanakos" <[EMAIL PROTECTED]>
Subject: PPP connects but I don't get out anywhere
Date: Wed, 27 Jan 1999 17:57:46 -0500
I am trying to setup PPP on my RedHat 5.1 system. The system dials,
connects, and stays connected. IFCONFIG PPP0 shows my ip address from my
ISP.
I have configured my /etc/reslove.conf and ROUTE shows my routes that I hard
coded with my subnet and gateway....but still no luck. I cannot ping, surf,
etc.
Any ideas?
------------------------------------------------------
Jim Orfanakos
mailto:[EMAIL PROTECTED]
http://home.sprynet.com/sprynet/djo3
------------------------------------------------------
------------------------------
From: Jeff Howard <[EMAIL PROTECTED]>
Subject: Can't connect to Win/NT servers
Date: Wed, 27 Jan 1999 02:54:55 -0700
Hi, I'm running RH5.1 and cannot seem to get a connection to a
Windows/NT server. The university I attend has a student domain
server(56k modems) for internet access and a Windows/NT domain servers(
28.8 modems) for faculty. I have no problems connecting to the student
servers. It's the "Windows/NT" servers I cannot connect. (p.s. I am
authorized to use both servers). I can connect to both servers using
Windows but not Linux. A friend of mine told me that the Windows/NT
servers only negotiate across other Windose platforms and that is why I
cannot access them with Linux. Is this true? and if it is, what would
fix it?
p.s. the error I get is 'pppd died unexpectedly' when trying to connect
to the NT servers.
thanks, Jeff
------------------------------
From: Brian Gilman <[EMAIL PROTECTED]>
Crossposted-To: alt.linux,alt.os.linux,linux.redhat,linux.redhat.misc
Subject: Re: Kernel 2.2 in RPM
Date: Wed, 27 Jan 1999 18:55:44 -0500
Reply-To: [EMAIL PROTECTED]
You should really learn how to compile a kernel so, here are the VERY simple
steps:
1) download kernel sources ie. ftp.us.kernel.org
2) gunzip *.gz and then tar xvf *.tar (where * is the current kernel #)
3) put sources in their rightful place mv linux /usr/src/
4) cd linux
5) make mrproper
6) make config (choose a flavor...I prefer menuconfig but, if your running
X type: make xconfig)
7) choose what you like!
8) save and exit or save to file and then exit
9) make dep ; make clean (you should type these on the command line as
they appear here)
10) make zImage or bzImage (depending on the size of the kernel...I use
bzImage because I usually add a whole bunch of stuff into the kernel making it
larger)
11) If you've chosen modules type..... make modules
12 After modules are made type: make modules_install
13 go to the directory /usr/src/linux/arch/i386/boot and look for either
bzImage or zImage; Then type mv zImage linux-2.2.0 (could be bzImage if you
chose that option; this renames the image file so that you know what kernel
you've just compiled)
14) type mv linux-2.2.0 /boot (this puts the new kernel in the boot
directory)
DO NOT FORGET THIS PART OF THE PROCESS!!!!!!!!!! BELOW O.K.! I CAN'T STRESS
THIS ENOUGH
13) type pico /etc/lilo.conf (or your favorite text editor, instead of
pico...I like pico cuz it's quick) by adding the entry as shown below DO NOT
DELETE ANY OTHER ENTRIES! :
image=/boot/linux-2.2.0
label=linux-2.2.0
root=/dev/my_root_device (you'll see the root
device in other entries)
read-only
********14) VERY IMPORTANT! after you've pico'd (or whatever) your
lilo.conf file YOU MUST TYPE THE WORD lilo ON THE COMMAND LINE!!!!!!!!!!
This re-compiles and inserts lilo into the master boot record (ie. the place
that points to all the bootable kernel's)
O.K. so, now you're done enjoy linux 2.2.0!!!!
If you have any problems please e-mail me and I'll try to elaborate more on
the process but, I think I've pretty much, covered everything......If anyone
else wants to comment giver it a go.....
Sincerely,
Brian Gilman
John K wrote:
> Hello,
>
> Can somebody compile the new kernel in a RPM package for "newbies", please.
>
> I have RedHat 5.2 and I look forward for something easy to upgrade without
> making it a pain, or making a mistake as a result to have to re-install
> again Linux for the 400th time.
>
> Please make a RPM package of the new kernel.
>
> Thanks.
------------------------------
From: "Novicer Jothiw" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux,comp.os.linux.setup,hk.comp.os.linux
Subject: HELP !! Default Run Level goes wrong, How can I make the linux sector work
again?
Date: Thu, 28 Jan 1999 21:19:53 +0800
Dear Linux World,
I configured the rc.network file for Run Level 3 (rc3.d) but something
goes wrong!!!
I don't know how to boot into the linux sector to fix the problem again,
because Level 3 is the default run level. Whenever I boot in linux, it goes
onto level 3 and halt the system in the middle of the rc files. Even I use a
linux boot disk, it is the same (default run level 3 was also used)
Could you kindly offer some method to help? e.g. in the LILO boot should
can I type something after the linux:
LILO: linux (ADD SOMETHINGS HERE?)
to change the run level 3 to the other?
Thank you very much
Regards
John Novice in Linux
------------------------------
From: [EMAIL PROTECTED] (Miguel Cruz)
Subject: Re: Ethernet Adapter Accepting Connections?
Date: 27 Jan 1999 23:14:21 GMT
Edd Stanley <[EMAIL PROTECTED]> wrote:
> You know.... I never thought about this... I think that I'll change my
> IP address just to see what happens.
Wrong answer. Your IP address should start with one of the following if you
are making up numbers for home use:
10.*.*.*
172.16.*.* - 172.31.*.*
192.168.*.*
miguel
------------------------------
From: Brian Ferris <[EMAIL PROTECTED]>
Subject: Web Traffic Monitoring Software
Date: Thu, 28 Jan 1999 00:06:42 GMT
I have a RedHat 5.2 running the 2.0.36 kernel. The machine is used
as an IP-Masquerading gateway for our 80-user Lan. We are looking for
software that can monitor web traffic on an IP basis.
Basically, we want to be able to figure out which IP in our office
is hitting the porn sites when they should be working. It doesn't need
to be fancy; it just needs to work. Thanks in advance for any
suggestions.
------------------------------
From: Stephen Carville <[EMAIL PROTECTED]>
Subject: Re: DHCP and hostname
Date: 28 Jan 1999 04:49:04 GMT
[EMAIL PROTECTED] wrote:
>
> Has anyone had success passing a hostname back to the
> dhcp server, like Win95 does?
Yup!
> The dhcp server keeps giving me a stupid, generic
> machine name, like udp-835254udp, which is annoying.
> Thanks.
DHCP coes not pass the hostname by default but you can tell to pass the
hostname as an option: You use the -h switch to do this. See 'man dhcpcd'
for details.
I edited my networks startup script on my RH 5.2 system
(/etc/sysconfig/network-scripts/ifup) to read something like:
/sbin/dhcp -h $HOSTNAME -c <dhcpdup script>
So for it was worked with dhcpd v2.0. I don't know how it will interact
with NT.
--
Stephen Carville
[EMAIL PROTECTED]
====================================================
Management: The art of hiring intelligent, skilled individuals and then
ignoring their advice.
------------------------------
From: Joerg Klaas <[EMAIL PROTECTED]>
Subject: Re: TCP/IP connectivity on LAN
Date: Thu, 28 Jan 1999 13:17:58 +0100
If you don't have a gateway, then simply don't type it in...
Julienna Chu wrote:
> Guys,
>
> I don't want to use SAMABA. I want to just use TCP/IP.
> I have a Win NT machine 192.168.1.1 and subnet 255.255.255.0
> and a Linux box 192.168.1.2 with subnet 255.255.255.0
>
> What should I use for their default gateway?
> I want the NT boxto be able to launch a telnet to 192.168.1.2
> This is just a LAN with no Internet connectivity.
>
> Thanks! Can someone please e-mail me the answer?
------------------------------
From: Phil Heaton <[EMAIL PROTECTED]>
Subject: Re: SAMBA SHARING
Date: Thu, 28 Jan 1999 00:13:52 +0000
Hoser wrote:
>
> I have A 3 computer network running off of a redhat 5.1 host. Everything
> is running fine in all my machines, but I need to share My linux box. All
> my machines show up in Network Neighborhood of my NT machine, except for my
> linux box. any suggestions?
samba may not be running, but just in case.
/etc/rc.d/init.d/smb stop
Go to /etc/smb.conf and change security=user to
security=share then enable the [netlogon] section
of /etc/smb.conf ..
/etc/rc.d/init.d/smb start
Look in NN again...Good Luck.
Phil
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
