Linux-Networking Digest #50, Volume #10 Sat, 30 Jan 99 00:13:41 EST
Contents:
Re: PAP Authentication failure (David Efflandt)
Re: Masquerading and battle.net/Diablo (Patrick Atoon)
Re: Windows login to corporate domain thru Linux server (Edwin Calimbo)
Re: Kernel 2.2 in RPM ("Jim Ross")
Re: rc.local question (jamie)
Re: Newbie:LAN setup advice needed ("Christopher G. Petty")
Re: Intel EtherExpress Pro/10+ ISA and Redhat 5.2 (Gregory J Smith)
Re: I know it's been asked a million times... ("Christopher G. Petty")
Re: Can't telnet (wierd) (Joe Klemencic)
Re: bytes sent/recvd by network interface (Jeff Hester)
Re: Windows login to corporate domain thru Linux server ("Christopher G. Petty")
Re: Kernel 2.2 in RPM (Kyle Davenport)
diald default route problems ("Chris Eng")
Redhat 5.2's Samba + Windows 2000 Pro (build 1965) DOES NOT NETWORK ("Slam")
FS: Samba networking book (Mike Hall)
Printing to HP DeskWriter 560C ("Scott Nielson")
Linux -> NT RAS + MSCHAP + encryption (Arun Sharma)
----------------------------------------------------------------------------
From: David Efflandt <[EMAIL PROTECTED]>
Subject: Re: PAP Authentication failure
Date: Sat, 30 Jan 1999 04:10:34 GMT
Reply-To: [EMAIL PROTECTED]
On 1/29/99, 5:13:42 PM, Steve Jibson <[EMAIL PROTECTED]> wrote=20
regarding PAP Authentication failure:
> I'm trying to set up a PPP server using RedHat 5.2. I had mgetty and
> PPP working fine until I tried to get PAP to work. Now I get the
> following in my log file:
The auth and login options will authenticate the user based on=20
pap-secrets and /etc/passwd. Don't use +pap, that asks the other=20
'machine' to authenticate itself. On the other hand it could be that=20
you are trying to login as "steve" and the only name in pap-secrets is=20
"stevej". Or it could be that you need a list of acceptible IP's (or=20
*) following the password in pap-secrets. See dialin.txt at=20
http://www.xnet.com/~efflandt/linux/
> Jan 29 16:03:15 greg pppd[717]: pppd 2.3.5 started by a_ppp, uid 0
> Jan 29 16:03:15 greg pppd[717]: Using interface ppp0
> Jan 29 16:03:15 greg pppd[717]: Connect: ppp0 <--> /dev/ttyS1
> Jan 29 16:03:15 greg pppd[717]: sent [LCP ConfReq id=3D0x1 <asyncmap=20
0x0>
> <auth pap> <magic 0x9f5931aa> <pcomp> <accomp>]
> Jan 29 16:03:16 greg pppd[717]: rcvd [LCP ConfAck id=3D0x1 <asyncmap=20
0x0>
> <auth pap> <magic 0x9f5931aa> <pcomp> <accomp>]
> Jan 29 16:03:17 greg pppd[717]: rcvd [LCP ConfReq id=3D0x1 <magic
> 0xd6379aba> <pcomp> <accomp>]
> Jan 29 16:03:17 greg pppd[717]: sent [LCP ConfAck id=3D0x1 <magic
> 0xd6379aba> <pcomp> <accomp>]
> Jan 29 16:03:17 greg pppd[717]: rcvd [PAP AuthReq id=3D0x1 user=3D"ste=
ve"
> password=3D"barney"]
> Jan 29 16:03:17 greg pppd[717]: PAP authentication failure for steve
> Jan 29 16:03:17 greg pppd[717]: sent [PAP AuthNak id=3D0x1 "Login
> incorrect"]
> Jan 29 16:03:17 greg pppd[717]: sent [LCP TermReq id=3D0x2=20
"Authentication
> failed"]
> Jan 29 16:03:18 greg pppd[717]: rcvd [LCP TermAck id=3D0x2]
> Jan 29 16:03:18 greg pppd[717]: Connection terminated.
> Jan 29 16:03:19 greg pppd[717]: Exit.
> My /etc/ppp/pap-secrets file looks like this (one line):
> stevej * barney
> The log shows that the user and password are recieved correctly, but=20
the
> next line says that PAP authentication failed. It doesn't make sense =
to
> me.
> Any help would be appreciated.
> Thanks!
> Steve Jibson
> [EMAIL PROTECTED]
------------------------------
From: Patrick Atoon <[EMAIL PROTECTED]>
Subject: Re: Masquerading and battle.net/Diablo
Date: Sat, 30 Jan 1999 01:20:17 +0100
Don O'Connell wrote:
> Try this, it works for me for starcraft
>
> ipmasqadm autofw -A -r tcp 6112 6112 -h 10.1.1.10
> ipmasqadm autofw -A -r udp 6112 6112 -h 10.1.1.10
Yups, that works just fine, thanks!
However, if I understand autofw correctly, this will only connect
to the one host specified after -h. Is there a way to forward the
ports to the hosts that tried to set up the connection to battle.net
in the first place without hardcoding them?
Greetings,
Patrick
------------------------------
From: [EMAIL PROTECTED] (Edwin Calimbo)
Subject: Re: Windows login to corporate domain thru Linux server
Date: 29 Jan 99 06:40:54 GMT
Christopher G. Petty ([EMAIL PROTECTED]) wrote:
: Here's one for the thinkers out there. I'll admit I'm stumped on this
: one.
: I'm trying to allow remote windows users to login to my local LAN vial a
: DoD Linux box. The problem is that the domain information refuses to
: pass thru the PPP link. Services such as Micro$loth Exchange, Mail, etc
: are not seen, nor are the machines on the other side of the PPP link.
: I can ping both ways across the PPP link, so routing is not the issue.
: The Linux server at the remote site is dialing into an NT 4 SP4 server.
: When the link is up, I can ping the remote workstations, the remote
: linux box, telnet to the remote linux box, and thru it, ping both remote
: and local machines, but none of the NT domain information is being
: passed.
When you talk about "NT domain information" do you mean shared resources,
local/global groups (domains) etc?
On your NT (RAS) server the protocol is probably set to *bind* to
TCP/IP first and then to NetBIOS etc. Also, NetBIOS is not routable.
: Anyone got a clue on how I can get this to work?
: Thanks in advance.
: _CGP
--
====================
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: "Jim Ross" <[EMAIL PROTECTED]>
Crossposted-To: alt.linux,alt.os.linux,linux.redhat,linux.redhat.misc
Subject: Re: Kernel 2.2 in RPM
Date: Fri, 29 Jan 1999 01:57:13 -0500
Charles Stack wrote in message <78pr7u$[EMAIL PROTECTED]>...
>>It's not that hard to compile a kernel. There is no advantage with
>>having someone else compile your kernel, because you won't gain any
>>advantages.
>
>
>The advantage you gain is an easy install process without 15 other steps.
>For a newbie or for multiple installations, this has its obvious time
saving
>advantages.
>
>But, the downside to any RPM is the fact that it is a precompiled binary.
>Like Forest Gump said (paraphrased and adapted), "RPMs are like a box of
>chocolates...you never know what you're gonna get...". Given that tainted
>source for common utilities has made its way on the net recently, I'd be
>very leary of any RPMs I download from even "respected" sites.
>
>Now, if you compile the kernel and build your own RPMs from known untainted
>source..that's a different story. That's why RPMs are signed by trusted
>entities. This is similar to M$'s Autosign technology. Basically, you
have
>a digitally signature of the RPMs contents that can be easily verified. Of
>course, you must trust the person that signed it...Alas...paranoria!
>
>Charles
If you happen to be a newby or just like me that doesn't program or
understand source, compiling from source has no advantages. I would then
and still do think rpm is the way to go.
I think if anything the tainted utilities highlight the importance of
backing up. I burn all my stuff and I suggest other people take steps to
protect your stuff since life can be cruel.
Jim
------------------------------
From: [EMAIL PROTECTED] (jamie)
Subject: Re: rc.local question
Reply-To: [EMAIL PROTECTED]
Date: Fri, 29 Jan 1999 00:44:02 -0600
Johnny Icon <[EMAIL PROTECTED]> wrote:
>On Wed, 13 Jan 1999 11:20:38 -0600, "Scott MacDonald" <[EMAIL PROTECTED]>
>wrote:
>
>>Can someone tell me how the last 2 numbers in the example address below work
>>in a network environment?
>>
>>208.252.222.16/27
>this would be the range of address's in the network
>from x.x.x.16 to x.x.x.27
>indicating that 12 nic address' s of this net
>
>get the picture
>
>if it was x.x.x.1/10
>
>there would be 10 nic address's
I'm pretty sure that's completely wrong, and that it is a netmask
shorthand having to do with how many of the digits of an IP address must
match the given address, but I haven't quite gotten a handle on it.
--
jamie ([EMAIL PROTECTED])
"There's a seeker born every minute."
------------------------------
From: "Christopher G. Petty" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: Newbie:LAN setup advice needed
Date: Fri, 29 Jan 1999 02:01:42 -0500
Chris:
your best bet might be to share your CD-ROM on the Pentium Windows box, put
the CD in there, and do an SMB Install, if SuSE will do that sort of thing.
I used a similar setup to get RedHat 5.2 on an old P-100 that didn't have a
CD-ROM, and it worked pretty flawlessly.
_CGP
"Christopher J. Mark" wrote:
> Hi all:
> I'm a relative Newbie, having only installed Linux (SuSE 5.3) in the
> past month. I'm starting to get comfortable with it now, and would like
> to start experimenting with networking. The problem is, I have all kinds
> of old, weird hardware, and need some advice on which would be the best
> way to approach it.
>
> I have Linux running on 2 machines now: a Pentium 133 w/16 MB of RAM,
> and a 486/33 with 20 MB. I also have a Toshiba 486/75 laptop (8 MB) and
> could cobble together a 386 (up to 8 MB, maybe) out of spare parts. I'd
> rather not start messing with the Pentium (my main box, and if I screw
> it up, I'm up a creek) until I have a pretty good idea of what I'm
> doing. I also have 3 ISA Ethernet cards (2 Etherlink III and one
> Etherlink II) I could install.
>
> I'd be most comfortable setting the 486 up as the server and linking one
> of the other boxes to it as a client. I have about a GB of disk space to
> play with there, and considerably less on the other 2.
>
> Problem #1: Installation. The Toshiba has a really off-brand PCMCIA 2x
> CD-ROM. I bought it overseas and can't even find Win95 drivers for it.
> The company that made it (TXC) has no web presence as far as I've been
> able to determine. The DOS drivers are made by Oak Technologies and when
> I wrote them, they said to contact the OEM. The 386 wouldn't have any
> CD-ROM at all, and at best two 40 MB HD's.
>
> Am I better off trying to get the CD-ROM working on the Toshiba, or
> installing a minimal Linux from floppies on either box and then doing
> the rest over a network connection? I could be willing to spring for a
> PCMCIA NIC for the Toshiba, but don't want to spend any more until I
> know what I'm doing (and what I want to do in the near future).
>
> I also have a SyQuest EZflyer 230 MB parallel port drive. I could try to
> do an installation off that too, but they filed Chap. 11 in Nov. so
> tech. support there isn't going to be too easy to come by. I haven't
> even tried to get it mounted on either of the working boxes yet.
>
> This is getting a little long, so I'll hold other problems for a future
> post.
>
> An e-mail repy would be appreciated as I don't get onto the newsgroups
> as often as I'd like.
>
> --
> Christopher J. Mark
> Mathematician, Tutor, and Webpage designer
> http://www.math.umd.edu/~cjm
> "Time flies like an arrow, but fruit flies like a banana."
------------------------------
From: Gregory J Smith <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,comp.os.linux.help,alt.os.linux
Subject: Re: Intel EtherExpress Pro/10+ ISA and Redhat 5.2
Date: Fri, 29 Jan 1999 23:38:26 -0500
try "irq=10 io=0x300" or such as the previous reply indicated you need to
find the address of the card. If you have access to another machine go to
www.intel.com and download the setup utility (yes it needs to run under
DOS) it can tell you the address of your card or change the address and IRQ
wayne m. eaker wrote:
> I have tried and tried and tried to get this network card to work under
> redhat. I have tried working with network configuration utilities that
> come with redhat. I have recompiled the kernel. I have made eepro.o a
> module and put it in the kernel. I have turned off the PnP and Flash
> RAM memory on the card. Most of the time, I get no message at all at
> boot time. However, the best I can do is get a message that says
> "Delaying eth0 initialization." Then, it's still useless. Does anyone
> have this card and has set it up successfully? Any help would be
> greatly appreciated.
>
> Wayne Eaker
> [EMAIL PROTECTED]
------------------------------
From: "Christopher G. Petty" <[EMAIL PROTECTED]>
Subject: Re: I know it's been asked a million times...
Date: Fri, 29 Jan 1999 02:03:29 -0500
Jay:
Email me for a sample rc.firewall (ipfwadm) setup that's relatively secure
and will let you do what you want to do.. I forgot this step the first time
I set up a masq box, too. ::blush:: Gotta learn sometime.
_CGP
Jay Copeland wrote:
> We have two linux boxes in our house. The older one (defiant) is a 486
> 66 with all kinds of dead parts with hardware workarounds. It works. I
> can surf or whatever I want to do when I have a phone line plugged in.
> The newer one (voyager) is an AMD 233. It's great. It's fast enough for
> what we want to do.
>
> I have been trying for about a week to get IP Masquing (sp?) to work.
> I've recompiled the kernel on what will be the gateway. I've followed
> the mini-HOWTO to the letter. I still haven't been able to get it to
> work.
>
> The two machines work fine together. We share files, doom, whatever
> else. I just can't get to the internet unless I telnet into the gateway.
> That's fine if I just want to use lynx. I can't use Netscape or its
> e-mail client. I can't irc (not that it's important). What else do I
> need to do?
>
> # hosts on gateway
> #
> 127.0.0.1 localhost
> aaa.bbb.ccc.32 voyager.qx.net voyager
> aaa.bbb.ccc.33 defiant.qx.net defiant
>
> I ran net config and put voyager's address as the gateway. I'm running
> Slackware 3.5, linux 2.0.34.
>
> Thanks in advance
>
> Jay
> --
> __
> / / __ __ __ __ __ __ __
> / /__ / / / \/ / / /__/ / \ \/ /
> /_____/ /_/ /_/\__/ |_____/ /_/ \_\
> Don't fear the Penguin.
------------------------------
From: [EMAIL PROTECTED] (Joe Klemencic)
Subject: Re: Can't telnet (wierd)
Date: Fri, 29 Jan 1999 02:35:44 GMT
Check your /etc/resolv.conf file. Either ensure the DNS server(s) are
accessible or remove them completely if not needed. It sounds like it
is trying to resolve the host name (I have experienced this many times
when others have tried to install and network Linux)
On Wed, 27 Jan 1999 21:29:54 -0800, Wade Olsen
<[EMAIL PROTECTED]> wrote:
>I have a wierd problem. From my Windows95 machine I can ping the linux
>machine, send dhcp requests and get dhcp server responses, but I can not
>telnet to the machine. If I run tcpdump on the linux machine I see the
>packet come in but nothing goes out. If I run inetd in debug mode I
>don't see any activity to make me think inetd ever sees the packets. I
>have no ipfwadm rules and the default is accept for input, output and
>forward.
>
>Any ideas?
>
>Wade
>
------------------------------
From: Jeff Hester <[EMAIL PROTECTED]>
Crossposted-To: comp.unix.solaris
Subject: Re: bytes sent/recvd by network interface
Date: Fri, 29 Jan 1999 23:42:34 -0500
Check the netstat man pages. I think "netstat -rn" will get you what
you need (although that may just display the routing table. I can't
recall off the top of my head.)
Paul LeMahieu wrote:
>
> Hi,
>
> I was wondering if it is possible to find out the
> number of bytes sent/recvd by a particular network interface?
>
> I'd also be interested in knowing how to check
> the number of packets sent/recvd by a network interface,
> but I can always look at the ifconfig source to get that.
>
> I'm writing a tool to to graphically monitor bandwidth
> via a network interface. Any helps/suggestions on getting
> a reasonable estimate of current bandwidth for particular
> interface would be appreciated.
>
> Thanks,
>
> Paul
------------------------------
From: "Christopher G. Petty" <[EMAIL PROTECTED]>
Subject: Re: Windows login to corporate domain thru Linux server
Date: Fri, 29 Jan 1999 01:52:23 -0500
Ok.. /etc/hosts.[allow | deny ] are good.
What I need to pass over the PPP link is the browselists, etc from both sides
of the link. The remote site is DoD (Dial on Demand, not a gov't agency.
::snicker::), and needs to see the remote machines upon dialup, or at the very
minimum, 3 fileservers and one mail server, so 4 machines.
Still at a loss.
_CGP
Edwin Calimbo wrote:
> Christopher G. Petty ([EMAIL PROTECTED]) wrote:
> : Here's one for the thinkers out there. I'll admit I'm stumped on this
> : one.
>
> : I'm trying to allow remote windows users to login to my local LAN vial a
> : DoD Linux box. The problem is that the domain information refuses to
> : pass thru the PPP link. Services such as Micro$loth Exchange, Mail, etc
> : are not seen, nor are the machines on the other side of the PPP link.
>
> : I can ping both ways across the PPP link, so routing is not the issue.
> : The Linux server at the remote site is dialing into an NT 4 SP4 server.
> : When the link is up, I can ping the remote workstations, the remote
> : linux box, telnet to the remote linux box, and thru it, ping both remote
> : and local machines, but none of the NT domain information is being
> : passed.
>
> When you talk about "NT domain information" do you mean shared resources,
> local/global groups (domains) etc?
>
> On your NT (RAS) server the protocol is probably set to *bind* to
> TCP/IP first and then to NetBIOS etc. Also, NetBIOS is not routable.
>
>
> : Anyone got a clue on how I can get this to work?
> : Thanks in advance.
>
> : _CGP
>
> --
>
> --------------------
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
------------------------------
From: Kyle Davenport <[EMAIL PROTECTED]>
Crossposted-To: alt.linux,alt.os.linux,linux.redhat,linux.redhat.misc
Subject: Re: Kernel 2.2 in RPM
Date: Fri, 29 Jan 1999 00:56:20 -0600
Matt Kressel wrote:
> Jowell S. Sabino wrote:
> >
> >
> >
> > If it ain't broke, don't fix it.... I suggest you learn your way around
> > Linux first before making a leap to 2.2. There are so many fun things to learn
> > in Linux, much more fun than keeping up with every release (Alan Cox has
> > released his second patch, so expect the 2.2 kernel to be upgraded yet again
> > soon).
> >
>
> According to the Kernel archives, Linus says he is nailing down bugs in
> 2.2 so he won't release 2.2.1 for another month. If you live in Windows
> world thats faster than the blink of an eye, but for us Linux weenies,
> its eternity... %)
>
> -Matt
Sorry. 2.2.1 is already out.
------------------------------
From: "Chris Eng" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux
Subject: diald default route problems
Date: Fri, 29 Jan 1999 23:40:42 -0500
hello ppp gurus:
i just installed diald and it ALMOST works... it will
usually dial when it detects activity, but after it
successfully dials in (using my ppp-on script) i have
to do "route add -net 0.0.0.0 network 0.0.0.0 dev ppp0"
(or an equivalent command) manually in order to get it
to connect to anything.
i get the following message in the error logs:
Jan 29 22:03:16 cr pppd[386]: not replacing existing default route to sl0
[0.0.\
0.0]
so i guess it's trying to route everything through the
fake SLIP connection. i have tried using the "addroute"
option in /etc/diald.conf (which points to a script that
basically executes the same "route add..." command as
above, but that didn't seem to work either.
my /etc/diald.conf is as follows:
mode ppp
connect /sbin/ppp/ppp-on
disconnect /sbin/ppp/ppp-off
device /dev/ttyS0
speed 115200
modem
lock
crtscts
connect-timeout 1200
local 192.9.200.1 <- my local private subnet
remote 192.9.200.2
netmask 255.255.255.0
dynamic
defaultroute
include /usr/lib/diald/standard.filter
also, how do i tell diald how long to wait before hanging
up the modem automatically? i sat around one time after
it connected and it never seemed to hangup...
thanks for any help.
chris
------------------------------
From: "Slam" <[EMAIL PROTECTED]>
Subject: Redhat 5.2's Samba + Windows 2000 Pro (build 1965) DOES NOT NETWORK
Crossposted-To:
microsoft.public.winnt50.beta.networking,microsoft.public.winnt50.beta.networking.protocols,microsoft.public.winnt50.beta.general,linux.samba,linux.redhat.misc,comp.protocols.smb
Date: Fri, 29 Jan 1999 07:15:54 GMT
Should I upgrade to Samba 2.0? Is it Windows 2000 compatible?
------------------------------
From: Mike Hall <[EMAIL PROTECTED]>
Subject: FS: Samba networking book
Date: Sat, 30 Jan 1999 00:31:25 +0000
Yup, I bought this book, and then figured out I don't need it.
List price is $20-something. How about $12 including shipping?
--
Mike Hall
[EMAIL PROTECTED]
------------------------------
From: "Scott Nielson" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.system
Subject: Printing to HP DeskWriter 560C
Date: Fri, 29 Jan 1999 01:02:54 -0700
I have been using the cdj550 device in ghostscript 4.30 to print to a HP
DeskWriter 560C. It works, but before the job and after each page I am
getting an extra sheet with one line on it. The line will say something
like: "gnu ghostscript 4.30" or "Page 1" or "Last Page".
Am I using the right ghostscript device? Or, is there a better one?
------------------------------
Crossposted-To: comp.protocols.ppp
Subject: Linux -> NT RAS + MSCHAP + encryption
From: Arun Sharma <[EMAIL PROTECTED]>
Date: Fri, 29 Jan 1999 07:37:09 GMT
The subject says it all. I'm trying to dial into a NT machine, which
has both "MS-CHAP" option (I know Linux supports it) and the small
button below it which says "require data encryption" (MS page says
they use RC4) set.
Symptoms: Win95 works just fine, Linux times out in LCP (doesn't even
get an authentication negotiation/challenge packet).
Questions:
1. Does Linux support data encryption over the line ?
2. Does enabling the "data encryption" option affect the
authentication process ?
3. Is there a way to snoop on what Win95 is doing ? I looked at
c:\windows\ModemLog.txt but there was not much useful info there.
Thanks!
-Arun
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
