Linux-Networking Digest #84, Volume #10 Tue, 2 Feb 99 04:14:21 EST
Contents:
Re: TCP Dump (J. Scott Berg)
Re: GTE, DSL and Linux (Stephen Carville)
Linux doesn't see the rest of the network ... sort of. (Penn Stater)
Re: Another poor sap with DIALD problems (Ron Gage)
Re: Linux doesn't see the rest of the network ... sort of. ("Hugo")
Re: Still Trying-PPP (Trevor)
Re: Printing to a LAT print queue ("Victor Rosa")
IP Configuration HELP ([EMAIL PROTECTED])
Lost Ability To Go Online After Recompiling (Alan Fried)
ifconfig -- "eth0: interface unknown" ([EMAIL PROTECTED])
Re: Intel EtherExpress Pro/10+ ISA and Redhat 5.2 (Stephen Carville)
Re: Kernel 2.2.1 ans IP Masquerading (Ed Jones)
Re: Am I under netbios and httpsd (on Linux) attack? (Trevor)
Re: Weird networking behavior (it doesn't make sense) (help?) (Adam Carter)
Re: Lost Ability To Go Online After Recompiling (Darren Greer)
PAP SETTING - PLEASE HELP ME!! (Michael J Agius Muscat)
DHCPD multiple nics ("Richard Langis")
Re: ip masquearding and ftp (fkeeney)
Re: IPSec for Linux (fkeeney)
Re: Help! Network problem (Louis Davidson)
Network programming ("David Twardowski")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (J. Scott Berg)
Subject: Re: TCP Dump
Date: 2 Feb 1999 02:02:38 GMT
In article <Pine.SOL.3.96.990201163715.1345A-100000@home>,
Ahmed Said <[EMAIL PROTECTED]> wrote:
> does anyone know where to find the TCP DUMP program or libraries?
For the 5 of us remaining who don't smoke rpm, the originals are at
ftp://ftp.ee.lbl.gov/tcpdump-3.4.tar.Z
and you also need to grab
ftp://ftp.ee.lbl.gov/libpcap-0.4.tar.Z
-Scott Berg
------------------------------
From: Stephen Carville <[EMAIL PROTECTED]>
Subject: Re: GTE, DSL and Linux
Date: 2 Feb 1999 05:05:57 GMT
Jason wrote:
[snip]
> The only thing I dislike about GTE's service is the lack of static IPs.
> I wanted to move my family's website to a machine I can directly control.
> Can you run web services via dynamic IPs? Is the assigned IP changed if
> the machine is never rebooted? (hey, it is a linux box!)
Yes check http://www.tzo.com/ for details.
The IP address offered by DHCP does not normally change is the machine is
not rebooted. Your client will request a renewal when the current lease is
half expired. Even if the machine goes offline for a short while, it may
be able to get the same configuration back when it comes back up.
--
Stephen Carville
[EMAIL PROTECTED]
====================================================
Management: The art of hiring intelligent, skilled individuals and then
ignoring their advice.
------------------------------
From: [EMAIL PROTECTED] (Penn Stater)
Subject: Linux doesn't see the rest of the network ... sort of.
Date: 2 Feb 1999 02:36:50 GMT
As a Solaris/UNIX network administrator, I thought that I would be able to
figure this out, but Red Hat 5.2 is throwing me for a loop.
Simply, it is recognizing the netork card because I can snoop broadcast packets
via my SPARCstation.
The situation is as though everything is completely locked down, with the
exception of broadcast packets. If I try to do anything to a specific IP
address, packets go across but no connection of any kind is established. I
can't telnet, ping, or anything.
All of my PCs and workstation (including my Linux box) have IP addresses of
10.10.10.xx with a subnet mask of 255.255.255.0. The default gateway of the
Linux box is the same as its IP address; however, this problem also occured
when it was the Red Hat default of 10.10.10.254.
I have Apache running on my Linux box, and I have ALL:ALL in /etc/hosts.allow;
however, I cannot connect to or from the Linux box to a specific IP address.
When I try to access Apache from my SPARC, I get the message "Connect:
Contacting Host..." and the snoop shows packets going out to Linux, but nothing
coming back.
I'm used to the lack of security with Solaris where everything is open. I'm
not used to having everything locked down out of the box.
Any assistance with this would be greatly appreciated!
--
To reply, remove any underscores and "spamsucks".
=========================================================
Bill Gates is not God and Microsoft is not heaven.
See movies how they were MEANT to be seen
The Letterbox and Widescreen Advocacy Page
http://home.epix.net/~pennstat
=========================================================
------------------------------
From: [EMAIL PROTECTED] (Ron Gage)
Subject: Re: Another poor sap with DIALD problems
Date: 2 Feb 1999 02:46:10 GMT
On Mon, 01 Feb 1999 18:59:12 -0800, Glenn Butcher <[EMAIL PROTECTED]>
wrote:
>Ron,
>
>I don't have it in front of me, but there is a switch for either diald
>or pppd that tells it to record a default gateway in the kernel routing
>table.
>
>Had my diald up for over a year now - works great!
>
>Glenn Butcher
>
Hi Glenn:
You must mean the 'defaultroute' switch. Somehow, I can not get diald
to even run the pppon script unless this command is in the diald.conf.
With this command in there, I do NOT get a correct route - no gateway
out to the net.
Setting the defaultroute switch in the pppon script does no good here
either.
Ron
------------------------------
From: "Hugo" <[EMAIL PROTECTED]>
Subject: Re: Linux doesn't see the rest of the network ... sort of.
Date: Tue, 02 Feb 1999 02:49:16 GMT
I seem to be having the same problem with Redhat 5.2. ifconfig looks good,
but I can't ping other addresses on the network -- I'm trying to ping the
roadrunner gateway through a cable modem, which for all intents and purposes
is no different than a LAN, since the gateway in on the same subnet.
The cable modem looks good, the card (eth0) looks good, but no ping. I've
spent hours on trial and error, and hours more reading manuals, books,
webpages, etc. I've followed all instructions and don't believe I'm missing
anything.
Could it be that I need to install a missing package?
If you learn anything, please let me know. Thanks.
DR
Penn Stater wrote in message <795oc2$m18$[EMAIL PROTECTED]>...
>As a Solaris/UNIX network administrator, I thought that I would be able to
>figure this out, but Red Hat 5.2 is throwing me for a loop.
>
>Simply, it is recognizing the netork card because I can snoop broadcast
packets
>via my SPARCstation.
>
>The situation is as though everything is completely locked down, with the
>exception of broadcast packets. If I try to do anything to a specific IP
>address, packets go across but no connection of any kind is established. I
>can't telnet, ping, or anything.
>
>All of my PCs and workstation (including my Linux box) have IP addresses of
>10.10.10.xx with a subnet mask of 255.255.255.0. The default gateway of
the
>Linux box is the same as its IP address; however, this problem also occured
>when it was the Red Hat default of 10.10.10.254.
>
>I have Apache running on my Linux box, and I have ALL:ALL in
/etc/hosts.allow;
>however, I cannot connect to or from the Linux box to a specific IP
address.
>When I try to access Apache from my SPARC, I get the message "Connect:
>Contacting Host..." and the snoop shows packets going out to Linux, but
nothing
>coming back.
>
>I'm used to the lack of security with Solaris where everything is open.
I'm
>not used to having everything locked down out of the box.
>
>Any assistance with this would be greatly appreciated!
>
>--
>To reply, remove any underscores and "spamsucks".
>=========================================================
>Bill Gates is not God and Microsoft is not heaven.
>See movies how they were MEANT to be seen
>The Letterbox and Widescreen Advocacy Page
>http://home.epix.net/~pennstat
>=========================================================
>
------------------------------
From: [EMAIL PROTECTED] (Trevor)
Subject: Re: Still Trying-PPP
Date: Tue, 02 Feb 1999 07:36:35 GMT
On Mon, 01 Feb 1999 12:47:32 -0700, George Lampke
<[EMAIL PROTECTED]> wrote:
>I am still trying to connect Redhat 5.2 to my ISP! Had several
>suggestions from both the newgroup and others, but none have worked. I
>have included the following: dmesg and /var/log/messages output, ppp-on
>and ppp-on-dialer files. I also tried using the pap-secrets file with my
>login, password, and domain-name, but with no success, either!
>
>The modem dials output and accepts my responses to 'host', 'login' and
>'password' then connects and then get "Serial line is looped back"!!
Hi,
I believe you have already identified the problem - serial line looped
back!. I think that you have 'modem=/dev/cua2' and you are also using
dev/cua2 in the pppd parameters - or something similar! Also use of
cuax is being dropped in favour of ttyx.
Hope this helps.
Trevor
Oakhaven Consultants Ltd
Reading, England
------------------------------
From: "Victor Rosa" <[EMAIL PROTECTED]>
Subject: Re: Printing to a LAT print queue
Date: Mon, 1 Feb 1999 22:09:12 -0500
Jay DeBoer wrote in message <[EMAIL PROTECTED]>...
>Hello,
> I am new to Linux so there may be a real simple solution to
>this but I figure this is the place to ask. I want to print from my
>Linux box to a LAT print queue on a DEC VAX. Any ideas are welcome.
I don't know what you use as communications program, but we have Multinet.
This supports LPD requests so it was simple to configure a remote LPD
printer from our Linux box.
------------------------------
From: [EMAIL PROTECTED]
Subject: IP Configuration HELP
Date: Tue, 02 Feb 1999 02:02:10 GMT
Reply-To: [EMAIL PROTECTED]
Hello all,
I need some quick help .. my brian is frozen right now and I be dammed if I
can come up with a quick answer .. here is what I need from one of you
network guys ..
I have a user that is using 5 IP's off of one of our Class "C" and I need to
add 25 IP's to it .. here is the configuration as it is now ..
# The following are static, dedicated IP accounts.
Pmetic Password="UNIX"
User-Service-Type = Framed-User,
Framed-Address = metamor-esr.revol.com,
Framed-Netmask = 255.255.255.248
Framed-Route = "206.150.12.40/29 206.150.12.41 1"
the IPs from 12.45 and up are open .. so all I need is the network mask and
the 40/29 crap ... HELP! ..
Brian
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Alan Fried)
Subject: Lost Ability To Go Online After Recompiling
Date: 2 Feb 1999 03:24:48 GMT
I am using AT&T as an internet provider and have been
successfully been able to log on until I recompiled.
When I try to log on using ppp-on as the command I get
the following error message:
This system lacks kernel support for ppp. This could be
because the PPP Kernel module is not loaded or because
the kernel is not configured for ppp.
What do I have to do to get this fired up again?
Thanx in advance
Alan
------------------------------
From: [EMAIL PROTECTED]
Subject: ifconfig -- "eth0: interface unknown"
Date: Tue, 02 Feb 1999 05:59:06 GMT
How to make "eth0" interface "known" on BOTH computers on which I'm
installing NICs ??
I'm installing NICs on my 2 linux boxes, seem successful on one but
struggling with the other-- can't pin down the difference. Can you
identify what I'm missing?
Thinking the key is to compile the right NIC driver into each kernel,
I built kernels on each machine tagging the right driver in menuconfig
to be included in the kernel (not as a module).
On the "success" machine, with the new kernel, the response to
ifconfig eth0
changes from
eth0: unknown interface
to the several-line output you expect from ifconfig, such as you
always get for working interfaces. If I add a default route to eth0
and ping it tells me it sent X packets out and received zero back (OK
because no other machines are out there yet). Smells like its working.
On the "failure" machine, booting its new kernel I continue to get
"unknown interface," I can't use eth0 because I can't configure it.
The "success" machine is RedHat5.2, PCI NIC is Netgear FA310TX, driver
selected in menuconfig is "DECchip Tulip (cd21x4x) PCI support"
The "failure" machine is RedHat5.1, ISA NIC is D-Link DE-220PCT,
driver selected in menuconfig is "NE2000/NE1000 ISA support"
Am I barking up the wrong tree? Have I not picked the matching driver
for the NIC? Does it have something to do with PnP? Is there something
else I should be analyzing? Please help.
------------------------------
From: Stephen Carville <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,comp.os.linux.help,alt.os.linux
Subject: Re: Intel EtherExpress Pro/10+ ISA and Redhat 5.2
Date: 2 Feb 1999 06:24:14 GMT
Baja wrote:
>
> Hey, I'm having the exact same problem but I've got an NE2000 and I'm
> running TurboLinux. I know that I need to use 'io=0x300' but where the heck
> do I put it? from reading a couple of posts in this thread, it makes me
> think I have to recompile my kernel. Am I right? Also, where is the cable
> modem FAQ?
>
> I can't buy a new nic because I just bought this one, and I'm running it on
> a 486, so there's no PCI.
Ad the information in /etc/conf.modules. Usually an ISA ethernet card will
only need somethng like:
alias eth0 ne
options ne irq=10,io=0x300
See man modprobe for details on the format.
--
Stephen Carville
[EMAIL PROTECTED]
====================================================
Management: The art of hiring intelligent, skilled individuals and then
ignoring their advice.
------------------------------
From: Ed Jones <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: Kernel 2.2.1 ans IP Masquerading
Date: Tue, 02 Feb 1999 03:33:42 +0000
>
> The problem:
>
> I compiled the 2.2.1 Kernel last night, selecting the proper options
>
> as per the HOWTO at sunsite. When I tell lilo to use the new kernel,
> the following error messages appear during boot:
>
> <After both NIC are initialized>
> finiding module dependancies...
> ... nfsd.o unresolved symbols
> ... ip_masq_mfw.o unresolved symbols
> ... ip_masq_portfw.o unresolved symbols
>
> <when I get to modprobe>
> <cannot find> module net-pf-4
> <cannot find> module net-pf-5
> <repeats for three pairs of identical error messages>
>
> I do not find an object file named anything like net-pf-# on my system.
>
> I don't know enough abou this situation to ask a better question:
> please point me in the right direction?
>
> Best Regards
> Brant Eaton
Brant, you did, of course do "make modules" and "make modules_install"
after you compiled the kernel.. right?
Ed
------------------------------
From: [EMAIL PROTECTED] (Trevor)
Crossposted-To: comp.security.unix,comp.security.misc
Subject: Re: Am I under netbios and httpsd (on Linux) attack?
Date: Tue, 02 Feb 1999 08:15:11 GMT
On Mon, 01 Feb 1999 15:34:28 +0100, Jan Theofel
<[EMAIL PROTECTED]> wrote:
>
>Hello!
>
>> In article <78ptsg$9cs$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>> >- UDP probes against port netbios-ns (from originating netbios-ns). I don't
>> >have Samba installed either. This is the "most popular" probe by far:
>>
>> Windows blows NetBIOS-packets on your ethernet permanently. This is not an
>> attack but a Windows bug (or feature, as MS would call it :) ).
>Can this be switched off somehow? I mean we have to same problem here in our
>office and it causes a dialup every 15 minutes which costs us much money.
>
>To understand the problem perhaps a little bit better, I'd like to add that only
>one of our 4 windows clients shows this phenomenen.
>
>Bye,
>Jan
>
Hi Jan,
I assume you are using Diald. I have found two areas that caused a
dialup when not wanted;
1) Netscape or 'the other browser' would look for new mail every few
minutes - this can be disabled in the browser preferences file.
2) Windows sends out messages to see what other machines are awake on
the network, either or both 'browsing' and WINS. I use Samba which can
answer the WINS requests, otherwise the system dials out to answer the
queries it cannot otherwise respond to. You can modifiy the
'standard.filter' file that comes with Diald to ignore these requests.
Include - ignore udp udp.source=udp.netbios-ns and similar lines
that I am not sure about in the standard.filter file. It certainly
helped with me. BUT I still get a diald-out when I shut down
Netscape?? Any one know why?
Regards,
Trevor
Oakhaven Consultants Ltd
Reading, England.
------------------------------
Crossposted-To: comp.security.firewalls
From: Adam Carter <[EMAIL PROTECTED]>
Subject: Re: Weird networking behavior (it doesn't make sense) (help?)
Date: Tue, 2 Feb 1999 05:48:30 GMT
First thought - to route the ip's they must be on different subnets, I
doubt whether linux will bridge for you.... Take a look at the route
table (type route at the command line as root) and check out which
interface is used for the route to your network. Remember linux wont
know that you have unplugged the flylead. If none of this makes sense
get a book on tcp/ip.
Adam
PS, as your post has nothing to do with firewalling, please refrain from
cross posting to that list, ;-)
------------------------------
From: [EMAIL PROTECTED] (Darren Greer)
Subject: Re: Lost Ability To Go Online After Recompiling
Date: Tue, 02 Feb 1999 03:44:12 GMT
When you were configuring your compile options.....did you make sure
PPP support was selected?
Also...what kernel did you compile?
And what were your exact steps to re-compiling
Darren
On 2 Feb 1999 03:24:48 GMT, [EMAIL PROTECTED] (Alan Fried) wrote:
-->I am using AT&T as an internet provider and have been
-->successfully been able to log on until I recompiled.
-->
-->When I try to log on using ppp-on as the command I get
-->the following error message:
-->
-->This system lacks kernel support for ppp. This could be
-->because the PPP Kernel module is not loaded or because
-->the kernel is not configured for ppp.
-->
-->What do I have to do to get this fired up again?
-->
-->Thanx in advance
-->
-->Alan
-->
------------------------------
From: Michael J Agius Muscat <[EMAIL PROTECTED]>
Subject: PAP SETTING - PLEASE HELP ME!!
Date: Thu, 28 Jan 1999 19:47:13 +0100
Hi,
Please do help me configuring PAP.
I'm having great trouble at configuring a ppp server using RedHat
Version 2.1.
The ppp client is using a pc with Windows 95 using the "Dial-up
networking" of Windows 95 - configured to bring up a terminal after
dialing.
The pc is dialling in successfully to the Linux server - a log in prompt
appears & i log successfully. The pppd is started (the usual output
appears: "&} } } } }#}$�#}%}&} } ��}'}"}(") but after i press the
continue button, - i get a dial-up error.
I checked in the /var/log/messages file & i'm getting the following
error:
Jan 28 20:47:11 mall PAM_pwdb[644]: (login) session opened for user ppp
by (uid=
0)
Jan 28 20:47:11 mall login[644]: DIALUP AT ttyS0 BY ppp
Jan 28 20:47:11 mall login[644]: LOGIN ON ttyS0 BY ppp
Jan 28 20:47:11 mall kernel: CSLIP: code copyright 1989 Regents of the
Universit
y of California
Jan 28 20:47:11 mall kernel: PPP: version 2.2.0 (dynamic channel
allocation)
Jan 28 20:47:11 mall kernel: PPP Dynamic channel allocation code
copyright 1995
Caldera, Inc.
Jan 28 20:47:11 mall kernel: PPP line discipline registered.
Jan 28 20:47:11 mall kernel: registered device ppp0
Jan 28 20:47:11 mall pppd[911]: pppd 2.3.3 started by ppp, uid 502
Jan 28 20:47:11 mall pppd[911]: Using interface ppp0
Jan 28 20:47:11 mall pppd[911]: Connect: ppp0 <--> /dev/ttyS0
Jan 28 20:47:17 mall pppd[911]: PAP authentication failure for
Jan 28 20:47:17 mall pppd[911]: Connection terminated.
Jan 28 20:47:18 mall pppd[911]: Hangup (SIGHUP)
Jan 28 20:47:18 mall pppd[911]: Exit.
I don't know why there is the PAP authentication error.
I'd be very grateful for any ideas!!!
thanks
Martha
------------------------------
From: "Richard Langis" <[EMAIL PROTECTED]>
Subject: DHCPD multiple nics
Date: Thu, 28 Jan 1999 11:02:46 -0800
Hello,
I'm wanting to use DHCPD to give some 98 clients IP addresses. However, I
need to route through another NIC that I DON'T want DHCPD to send leases to.
I've got the dhcpd.conf file setup with the required settings for the
internal net, but whenever I start the service it sez:
no subnet declaration for eth0 (xxx.xxx.xxx.xxx)
and exits. the HOWTO doesn't cover multiple nics and the man pages are a
bit long-winded. I looked at the DHCPD FAQ and it doesn't cover this topic
either.
Any ideas?
-Richard
------------------------------
From: fkeeney <[EMAIL PROTECTED]>
Subject: Re: ip masquearding and ftp
Date: Thu, 28 Jan 1999 10:01:01 -0800
Try "passive" mode on the NT host or you may need a ftp proxy on the
firewall.
d75 wrote:
> it appears to connect alright and some sites work
> fine - others log and sit there after logging in and the connection
> times out as I wait for a diretory listing. I suspect part of the
> problem may have to do with connecting to non-standard ftp ports on
> remote hosts from teh NT box
------------------------------
From: fkeeney <[EMAIL PROTECTED]>
Subject: Re: IPSec for Linux
Date: Thu, 28 Jan 1999 10:23:17 -0800
Try one of these:
http://www.flora.org/freeswan/
http://www.rsa.com/rsa/SWAN/
Levon Barker wrote:
> Can Linux speak IPSec to a borderware firewall?
------------------------------
From: Louis Davidson <[EMAIL PROTECTED]>
Subject: Re: Help! Network problem
Date: Tue, 02 Feb 1999 01:43:45 GMT
Zarcho wrote:
> I am trying to convert a win95 box to a redhat5.1 workstation on my
> university's net. I am using an ISA 3COM Etherlink III with twisted pair
> cable. In win95 the computer has a static ip address and runs without any
> problems. I used the same network settings as in win95 for ip, gateway, dns
> etc, but the network is still unreachable. Here is an excerpt of my boot
> log:
>
> Jan 7 13:31:51 jeffress kernel: eth0: 3c509 at 0x240 tag 1, BNC port,
> address 00 a0 24 00 1b 93, IRQ 11.
> Jan 7 13:31:51 jeffress kernel: 3c509.c:1.12 6/4/97
> [EMAIL PROTECTED]
> Jan 7 13:31:51 jeffress kernel: eth0: Setting Rx mode to 1 addresses.
> Jan 7 13:32:01 jeffress kernel: eth0: transmit timed out, Tx_status 00
> status 2000 Tx FIFO room 1532.
>
> The 1st line indicates that BNC is being used, but it should be TP. Is this
> the problem? If so, how do I fix this. If not, any ideas?
>
> W Peters
The BNC indicated is the connector at the rear of the card, are you connecting
with a BNC co-axial cable in that port, or is it a dual port card,, and you
are using 10/100 BaseT cable ?
Louis.
------------------------------
Date: Tue, 2 Feb 1999 08:37:00 +0100
From: "David Twardowski" <[EMAIL PROTECTED]>
Subject: Network programming
Hi,
Absolutely newbie in network programming. Can you tell me :
Where I can find documentations about tcp/ip programming?
Where can I find source code (or better, send me your own ;-) ) for a
simple application listenning to a tcp/ip port for incomming messages ?
thanks in advance.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
