Linux-Networking Digest #152, Volume #10 Tue, 9 Feb 99 02:13:45 EST
Contents:
Re: FTP & masquerading not working (Manoli Kokologiannakis)
Re: Please Help: Redhat 5.2 + DHCP (drew)
Re: ADSL question (Edwin Calimbo)
Re: Environment variable that shows current PPP address? (Bernd Eckenfels)
Re: CPU 0.1% idle after X login by root ? (Tom Holub)
Re: Linux/Win95 LAN (Gary Strength)
Re: DX _6_ Zone game through Linux IP Masquerade and IPFWADM not working ("Wadels")
new PPPD for kernel 2.2.1 (nguyen_a)
Re: Modifying Telnet Port (Mike Redan)
Re: Netmeeting and Linux Proxy ("Neil Chambers")
Re: What is IPX for ? (~~^^||^^~~)
rlpr problems ... ([EMAIL PROTECTED])
How to print off a remote printer (Geb)
Re: Advice Required: Cable Modem in mixed Linux/MacOS Network (Jianmang Li)
diald: first connection doesn't respond (MikeF)
Re: basic help with samba ("Chris Martin")
----------------------------------------------------------------------------
From: Manoli Kokologiannakis <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: FTP & masquerading not working
Date: Mon, 08 Feb 1999 19:47:49 -0800
Reggie, here is what I have put into my /etc/rc.d/rc.local file and
masquerading works perfectly fine for me. 192.128.1.1 is my Linux box which
is connected to the internet, my other computers are 192.128.1.2 and
192.128.1.3. I hope this helps you out.
===============================Cut Line==================================
echo "ip_masq 192.128.1.1"
echo "1" > /proc/sys/net/ipv4/ip_forward
/sbin/depmod -a
/sbin/modprobe ip_masq_ftp.o
/sbin/modprobe ip_masq_raudio.o
/sbin/ipfwadm -F -p deny
/sbin/ipfwadm -F -a m -S192.168.1.0/24 -D0.0.0.0/0
/sbin/ifconfig eth1 192.168.1.1
/sbin/route add -net 192.168.1.0
===============================Cut Line==================================
Reggie wrote:
> I have masquerading working but not for a couple of FTP servers that I
> use all the time.
>
> They servers are using WarFTPD 1.65 I think. I can login ok but when I
> do a listing, it prints 'opening DATA NON-PRINT connection' and then
> nothing. No listing at all. Just hangs.
>
> I have tried passive mode from the command-line ftp client on NT 4 and it
> still fails.
> I have the following in my rc.d/rc.local file
>
> /sbin/depmod -a
> /sbin/modprobe ip_alias
> /sbin/modprobe ip_masq_ftp
> /sbin/modprobe ip_masq_raudio
> /sbin/modprobe ip_masq_irc
>
> Real Audio works great. and FTP works fine too to several sites.
>
> any idea?
>
> Reggie
------------------------------
From: drew <[EMAIL PROTECTED]>
Subject: Re: Please Help: Redhat 5.2 + DHCP
Date: Mon, 08 Feb 1999 22:15:12 -0500
The network i am connected to at school has both a dhcp server and a
bootp server. The dhcp server is supposed to be for the pc's on campus
and the bootp for the macs. So I assumed that i should use dhcp for
linux... It worked but only temporarily. whenever i ran linux conf and
even looked at the network settings i would be shut off from the
network. So i tried the bootp server, no problem! Maybe MediaOne has a
bootp server for macs to use, try setting linux to look for a bootp
server.
drew
------------------------------
From: [EMAIL PROTECTED] (Edwin Calimbo)
Subject: Re: ADSL question
Date: 29 Jan 99 06:27:48 GMT
It's called EQL. Your service provide must also support this feature (ie
thru hardware).
Kernel Compile Options:
Network device support --->
[*] Network device support
<*> EQL (serial line load balancing) support
To configure EQL you will need the eql tools which are available from:
sunsite.unc.edu
<ftp://sunsite.unc.edu/pub/linux/system/Serial/eql-1.2.tar.gz>.
---
Jeff Warrington ([EMAIL PROTECTED]) wrote:
: I was wondering if it was possible for two
: people with ADSL modems and connections on
: two separate lines to somehow merge the
: two lines and modems to increase bandwith
: in some sort of load balancing?
: [EMAIL PROTECTED]
: --
: Jeff Warrington
: Currently "Between Opportunities"
: Hire me! http://www.bossanova.com/~jaydub/resume
: Read this! http://slashdot.org
--
====================
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: Bernd Eckenfels <[EMAIL PROTECTED]>
Subject: Re: Environment variable that shows current PPP address?
Date: 9 Feb 1999 00:57:53 GMT
Brady <[EMAIL PROTECTED]> wrote:
> Is there an environment variable that I can use with echo to tell me the
> current ip of the host??
only in the ip-up script of pppd. In this scipt u can use $4.
If you want to read the address fromanother part of the system you can use
the ip-up script to write a file with the address, or you pass the output of
"ifconfig ppp0".
Greetings
Bernd
------------------------------
From: [EMAIL PROTECTED] (Tom Holub)
Crossposted-To: comp.os.linux.misc
Subject: Re: CPU 0.1% idle after X login by root ?
Date: 8 Feb 1999 20:26:38 -0800
In article <[EMAIL PROTECTED]>,
Y W Wong <[EMAIL PROTECTED]> wrote:
)
)Why the control-panel take 98% of the CPU resources even I have already
)logout
)from a remote X-Term ? ( Resource cannot release )
)Is it a bug of Linux xdm ?
It's a bug in control-panel; if you log in as root and get the default
xdm setup (which includes control-panel) and then log out, control-panel
doesn't handle the exit signal correctly and sometimes goes into
an infinite loop.
Workarounds include not using control-panel, killing control-panel
when it gets stuck, exiting control-panel before you log out, or
fixing control-panel.
-Tom
------------------------------
From: Gary Strength <[EMAIL PROTECTED]>
Subject: Re: Linux/Win95 LAN
Date: Mon, 08 Feb 1999 18:36:36 GMT
[EMAIL PROTECTED] wrote:
> In article <[EMAIL PROTECTED]>,
> Gary Strength <[EMAIL PROTECTED]> wrote:
> > This is probably very simple, but it's got me going around in
> > circles! I have a 486 running Red Hat 5.2 connected via hub to a P2
> > Win95 PC. Booted the 486 DOS and set up the 3C509 PnP NIC, rebooted and
> > got LED on hub. Set up IP on 486, got good ifconfig. Set up IP on PC;
> > could ping PC from Linux, could ping Linux from PC. COuld even WS_FTP
> > home dir on 486. But I had lost my dial-up on the PC. Dial-up only wants
> > to work with no auto IP- setting it seems to knock out PC dial-up. If I
> > set IP auto, then it knocks out network and I can't reach the Linux
> > machine. I have Win95 side set up;
> >
> > Client for Windows
> > 3Com adapter -> tcp protocol for 3COM -> bound to client
> > dial-up adapter -> tcp protocol for dial-up ->bound to client
> >
> > If I change properties of tcp protocol for 3COM, it changes TCP for
> > dial-up, too. I though this might be because I have both bound to
> > client, but Win95 won't let me create another client!
> > How do I get these two things to peacefully coexist?
> >
>
> I'm having pretty much the same problem with the exact same set up. I can
> ping either machine by IP, and I can ping the W95 box by name. But I can't
> ping or Telnet the Linux box by name. If I try, the dial-up comes up. If I
> close that, then the ping or Telnet Linux by name works.
>
> I also had a problem with dialing my ISP. When I tried to dial out, the
> connection works, but then it tries to resolve my home page (www.yahoo.com)
> through Ethernet. I fixed that problem over the weekend by putting an entry
> in the W95 HOSTS file: 0.0.0.0 username.ispname.com. Now it will dial out
> and connect without going through Ethernet.
>
> Hope this helps some...
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>What I've found out: The settings at the higher My Computer ->Dial up
Networking over ride the settings at the lower Control Panel -> Network level.
So, you set upDial up networking, leaving IP set for the LAN at the Control
Panel Network level, and set the 3COM at the Network level for the Linux
machine. This way the LAN is hot between the two. If you go on line with the
Win95 machine, then the Dial-up Networking settings override and the ISP sets
the machine IP.
In the end, you want the dial-up to be running on the Linux box, not the PC-
that's the whole point of having a LAN- you get a firewall between the net and
your LAN PC. I haven't got that far, yet. However, with this problem solved, I
can now get files back and forth across the LAN and can set about the next task
of creating usr accounts and setting security, then debugging the Linux dial-up.
Stay tuned!
------------------------------
From: "Wadels" <[EMAIL PROTECTED]>
Crossposted-To: microsoft.public.games.zone
Subject: Re: DX _6_ Zone game through Linux IP Masquerade and IPFWADM not working
Date: Mon, 08 Feb 1999 21:00:25 GMT
Ok, after no answer and more searching, I found a solution that so far has
worked 98%. These commands in Linux do it. I recommend putting them in a
shell script which you'd run only before getting on the zone. This bypasses
some of your firewall's security, but it lets you play your 15-30 min game.
My home network can take a bit less security for this kind of window. After
you're done, run ipautofw -F to flush these rules, which (as far as I know)
should restore full security.
ipautofw -A -r udp 1000 5000 -h [address of your Outwars machine]
ipautofw -A -r tcp 1000 5000 -h [address of your Outwars machine]
ipautofw -A -r udp 47624 47624 -h [address of your Outwars machine]
ipautofw -A -r tcp 47624 47624 -h [address of your Outwars machine]
The 2% that doesn't work for me is this: my latency value (from a ping) does
not show up in the zone, so people think my connection must be terribly slow
(so they don't want to be in my game), and only 1 machine on my internal
network can play at a time. I can certainly live with this. I think that one
Mike Miller was the one who posted this solution. Thanks, Mike.
Note, I've only played 2 or 3 people in Outwars on the Zone with these
settings. I don't know if they all had DirectX 6 or if (and when) it
matters. Good luck all.
Wadels wrote in message ...
>I am happy to have bought MS Outwars for a game and Caldera OpenLinux 1.3
>for a static-ip firewall. But of course the Outwars does not run on the
zone
>through the Linux firewall (common problem, I know). But now there's
DirectX
>6 which is supposed to increase the chances of my getting this working.
>People have reported getting some similar-sounding site, BattleZone to work
>with their games through this kind of firewall.
>
>Scott Coiley, I have DirectX 6 (on Win98) so please do not reply with a
>repost of your message "You cannot play MS DirectX < 6 games with 1 IP
>address..." Thanks for posting the useful info above, though.
>
>I have IP Masquerading and IPFWADM working so that my Win box can http to
>the outside world quite successfully. Can the connections between my
Outwars
>and the Zone be masqueraded?
>
>I have IPAUTOFW installed too, so I'll use it if I have to.
>
>The connections to be masq'ed or forwarded or transparently proxied
>(whatever workds) are through ports 47624 and 2300-2400, tcp and udp, both
>directions.
>
>I've read the documentation, but my attempts have failed so far. Please
>don't say I need to pay for more IPs from my ISP. It shouldn't be
necessary.
>
>Any help is greatly appreciated!
>
>
>
>
------------------------------
From: nguyen_a <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: new PPPD for kernel 2.2.1
Date: Mon, 08 Feb 1999 19:33:43 +0100
==============F08373D53B98234FAD01C2C6
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hi,
On the http://linuxtoday.com/stories/2291.html, it talks about the pppd
2.3.5 so where is it ?
I looked at opensrc.org,and saw only a bug report on 2.3.2 plus
unidentified patches.
Someone got a clue ?
Thanks
Anhtuan
==============F08373D53B98234FAD01C2C6
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
<body text="#000000" bgcolor="#FDF5E6" link="#0000EE" vlink="#551A8B" alink="#FF0000">
Hi,
<p>On the <a
href="http://linuxtoday.com/stories/2291.html">http://linuxtoday.com/stories/2291.html</a>,
it talks about the pppd 2.3.5 so where is it ?
<br>I looked at <a href="http://opensrc.org/pppd/">opensrc.org</a>,and
saw only a bug report on 2.3.2 plus unidentified patches.
<p>Someone got a clue ?
<p>Thanks
<br>Anhtuan
</body>
</html>
==============F08373D53B98234FAD01C2C6==
------------------------------
From: [EMAIL PROTECTED] (Mike Redan)
Subject: Re: Modifying Telnet Port
Date: 8 Feb 1999 22:15:41 GMT
you can edit your telnet port (and any other one) by editing your
/etc/services file, and just switch the telnet line. As long your home
connection is perm, you should be cool...is this the best solution?
dunno..buts thats how you could do it...
you'll also have to consider the incompatibilites b/w gcc and borland...
like you can't use ncurses in borland...
Mike
Ross Vandegrift ([EMAIL PROTECTED]) wrote:
> At school, I'm stuck developing on bad Windows boxes using Borland Turbo
> C++ (the *worst* compiler ever made). Needless to say I really hate
> this. I downloaded DJGPP, but I was less than impressed. I guess I
> just like gcc under Unix too much. Anyhow, I decided I'd telnet home.
> Well, the proxy blocks port 23 (not a bad idea on a Windows NT proxy
> ;-). So, I tried to read some news. Port 119 is blocked as well. So I
> sent an email to the sysop requesting tha these ports be unblocked. I
> expect that request to be denied, or more likely, ignored. I was think
> of ways around this. I have access to the http and ftp ports. First, I
> thought that I could run apache with a security hole, and crack into my
> house. Kinda tedious. However, I was thinking that I could reconfigure
> inetd to use port 80 as a telnet port. That way, I can telnet into my
> house, and it will return data to port 80. Is this logic sound? How
> can I do this? Should I? Is there a better way?
> --
> Ross Vandegrift | Eric J. Fenderson
> A novice was trying to fix a broken Lisp machine by turning the power
> off and on. Knight, seeing what the student was doing spoke sternly:
> "You can not fix a machine by just power-cycling it with no
> understanding of what is going wrong." Knight turned the machine off
> and on. The machine worked.
------------------------------
From: "Neil Chambers" <[EMAIL PROTECTED]>
Subject: Re: Netmeeting and Linux Proxy
Date: Mon, 8 Feb 1999 22:36:31 -0600
I beg to differ....mine is running fine
Barton <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
>Trust me, Netmeeting WILL NOT work with IP Masquerading
>(at least in the non-2.x kernels). Look elsewhere, like
>SpeakFreely, or BuddyPhone, they work.
>
>Barton
>
>
------------------------------
From: [EMAIL PROTECTED] (~~^^||^^~~)
Subject: Re: What is IPX for ?
Date: Tue, 09 Feb 1999 04:33:07 GMT
well the real question is how would you use it??
On Tue, 29 Dec 1998 04:45:59 +0000, Mark Worsdall
<[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>, Jim Richardson
><[EMAIL PROTECTED]> writes
>>
>>It's (primarily) for interoperability with Novell Netware.
>>
>That explains it thoroughly:-)
------------------------------
From: [EMAIL PROTECTED]
Subject: rlpr problems ...
Date: Mon, 08 Feb 1999 22:52:09 GMT
Hi,
I have a problem that when sending a print job from NT client to the Linux
server with the lpd running and /etc/hosts.lpd and /etc/hosts.equiv my
/var/log/messages file reports
messages:Feb 8 14:41:48 friedman lpd[5306]: lp0: job could not be printed
(cfA822machine_name)
Any suggestions on more debug info on this
thanks
/s
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Geb <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: How to print off a remote printer
Date: Tue, 09 Feb 1999 00:49:15 -0500
Hi everyone, I have a Canon BJ printer connected to
a PC running Windows 95 on a local network and I want
to use it on another machine under Linux. How do I
configure the Linux machine? Thanks.
------------------------------
From: Jianmang Li <[EMAIL PROTECTED]>
Subject: Re: Advice Required: Cable Modem in mixed Linux/MacOS Network
Date: Mon, 08 Feb 1999 23:22:24 +0100
[EMAIL PROTECTED] wrote:
> Hi,
>
> I'd like some advice from some linux networking gurus please. :-)
>
> I'm getting a cable modem service at home soon and hope to be able to network
> my Macintoshes together under a linux proxy server. I'd like advice over what
> type of ethernet hub to buy and any gotchas about doing this.
I don't think hub matters.
>
>
> The cable modem provider can only answer questions about installing it in a
> Windows 95 box. So my plan is to provide that Win95 box to allow them to
> install it. Then add my Linux/Mac network at a later date once the modem is up
> and running.
How are they going to connect to cable modem to your machine. If my case they
provide me a NIC and the modem.
>
>
> I plan on buying a 100Base-T HUB with 4+ ports (1 for the Linux Box, 1 for the
> cable modem and 2 for the PowerMacs). Any advice over a good HUB that needs
> minimal setup and doesn't require a Windows box to connect to?
>
> I am thinking about buying a 3Com Office Connect TP400 4-PT UNMANAGED FAST
> ENET HUB. What does 'unmanaged' mean? Most hubs that I have experience
> (limited) with are practically plug and play.
>
> Final question: Am I right in assuming that the Linux box can act as a proxy
Yes, you might want to have a look at firewall and ipmasqerading. you also need to
check the DHCP howto
>
> server for the two powermacs hanging off of the hub? The macs don't need to be
> using Appletalk to talk to the Linux box and can use TCP/IP quite happily. If
> not will I have to use Samba, Dave, or some other combination of software to
> get the macs to use the linux box as a proxy to the internet?
>
> Thanks in advance. (sorry if these are dumb questions - I have been trying to
> find out the answers myself but now it's time to spend $ I want to make sure
> I've got it right).
>
> Jon
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: MikeF <[EMAIL PROTECTED]>
Crossposted-To:
linux.debian.qa,linux.debian.user,comp.os.linux.help,comp.os.linux.questions
Subject: diald: first connection doesn't respond
Date: Tue, 09 Feb 1999 06:15:34 GMT
I'm running diald .16.5-2 in debian 2.0. It will dial automatically when it
senses ip traffic, but any connections (http,tcp,ping,udp,icmp) that are started
before/during the dialup scripts are running don't go through. They just
time-out. How can I fix this? I'm including any relevant config files and my
ppp log (which includes the diald logs).
/etc/diald/diald.options:
pppd-options user mikef :209.75.192.5
device /dev/ttyS3
connect "/usr/sbin/chat -v -f /etc/chatscripts/net999"
buffer_size 131072
local 127.0.0.2
remote 127.0.0.3
include /etc/diald/standard.filter
mode ppp
speed 57600
window 3000
mtu 552
mru 552
defaultroute
lock
modem
crtscts
dynamic
retry-count 5
/etc/chatscripts/net999:
ABORT BUSY
ABORT "NO CARRIER"
ABORT VOICE
ABORT "NO DIALTONE"
ABORT "NO ANSWER"
"" ATh0zm0
OK ATDT9051267
CONNECT \d\c
an ordinary connect cycle in /var/log/ppp.log:
Feb 8 12:01:26 debian diald[156]: Running connect (pid = 602).
Feb 8 12:01:26 debian chat[602]: abort on (BUSY)
Feb 8 12:01:26 debian chat[602]: abort on (NO CARRIER)
Feb 8 12:01:26 debian chat[602]: abort on (VOICE)
Feb 8 12:01:26 debian chat[602]: abort on (NO DIALTONE)
Feb 8 12:01:26 debian chat[602]: abort on (NO ANSWER)
Feb 8 12:01:26 debian chat[602]: send (ATh0zm0^M)
Feb 8 12:01:27 debian chat[602]: expect (OK)
Feb 8 12:01:27 debian chat[602]: ATh0zm0^M^M
Feb 8 12:01:27 debian chat[602]: OK
Feb 8 12:01:27 debian chat[602]: -- got it
Feb 8 12:01:27 debian chat[602]: send (ATDT9051267^M)
Feb 8 12:01:27 debian chat[602]: expect (CONNECT)
Feb 8 12:01:27 debian chat[602]: ^M
Feb 8 12:01:47 debian chat[602]: ATDT9051267^M^M
Feb 8 12:01:47 debian chat[602]: CONNECT
Feb 8 12:01:47 debian chat[602]: -- got it
Feb 8 12:01:47 debian chat[602]: send (\d)
Feb 8 12:01:48 debian diald[156]: Running pppd (pid = 603).
Feb 8 12:01:48 debian diald[603]: Running pppd: /usr/sbin/pppd -detach modem
crtscts mtu 552 mru 552 user mikef :209.75.192.5
Feb 8 12:01:49 debian pppd[603]: pppd 2.3.5 started by root, uid 0
Feb 8 12:01:49 debian pppd[603]: Using interface ppp0
Feb 8 12:01:49 debian pppd[603]: Connect: ppp0 <--> /dev/ttyS3
Feb 8 12:01:53 debian pppd[603]: Remote message:
Feb 8 12:01:53 debian pppd[603]: local IP address 209.75.192.37
Feb 8 12:01:53 debian pppd[603]: remote IP address 209.75.192.5
Feb 8 12:01:54 debian diald[156]: New addresses: local 209.75.192.37, remote
209.75.192.5.
Feb 8 12:13:19 debian diald[156]: Closing down idle link.
Feb 8 12:13:21 debian pppd[603]: Terminating on signal 2.
Feb 8 12:13:21 debian pppd[603]: Connection terminated.
Feb 8 12:13:21 debian pppd[603]: Exit.
Feb 8 12:13:23 debian diald[156]: Delaying 30 seconds before clear to dial.
/etc/diald/standard.filter:
# This is a pretty complicated set of filter rules.
# (These are the rules I use myself.)
#
# I've divided the rules up into four sections.
# TCP packets, UDP packets, ICMP packets and a general catch all rule
# at the end.
#------------------------------------------------------------------------------
# Rules for TCP packets.
#------------------------------------------------------------------------------
# General comments on the rule set:
#
# In general we would like to treat only data on a TCP link as signficant
# for timeouts. Therefore, we try to ignore packets with no data.
# Since the shortest possible set of headers in a TCP/IP packet is 40 bytes.
# Any packet with length 40 must have no data riding in it.
# We may miss some empty packets this way (optional routing information
# and other extras may be present in the IP header), but we should get
# most of them. Note that we don't want to filter out packets with
# tcp.live clear, since we use them later to speedup disconnects
# on some TCP links.
#
# We also want to make sure WWW packets live even if the TCP socket
# is shut down. We do this because WWW doesn't keep connections open
# once the data has been transfered, and it would be annoying to have the link
# keep bouncing up and down every time you get a document.
#
# Outside of WWW the most common use of TCP is for long lived connections,
# that once they are gone mean we no longer need the network connection.
# We don't neccessarily want to wait 10 minutes for the connection
# to go down when we don't have any telnet's or rlogin's running,
# so we want to speed up the timeout on TCP connections that have
# shutdown. We do this by catching packets that do not have the live flag set.
# --- start of rule set proper ---
# When initiating a connection we only give the link 15 seconds initially.
# The idea here is to deal with possibility that the network on the opposite
# end of the connection is unreachable. In this case you don't really
# want to give the link 10 minutes up time. With the rule below
# we only give the link 15 seconds initially. If the network is reachable
# then we will normally get a response that actually contains some
# data within 15 seconds. If this causes problems because you have a slow
# response time at some site you want to regularly access, you can either
# increase the timeout or remove this rule.
accept tcp 300 tcp.syn
# Keep named xfers from holding the link up
ignore tcp tcp.dest=tcp.domain
ignore tcp tcp.source=tcp.domain
# (Ack! SCO telnet starts by sending empty SYNs and only opens the
# connection if it gets a response. Sheesh..)
accept tcp 5 ip.tot_len=40,tcp.syn
# keep empty packets from holding the link up (other than empty SYN packets)
ignore tcp ip.tot_len=40,tcp.live
# make sure http transfers hold the link for 2 minutes, even after they end.
# NOTE: Your /etc/services may not define the tcp service www, in which
# case you should comment out the following two lines or get a more
# up to date /etc/services file. See the FAQ for information on obtaining
# a new /etc/services file.
accept tcp 600 tcp.dest=tcp.www
accept tcp 600 tcp.source=tcp.www
# Same for https
accept tcp 600 tcp.dest=tcp.443
accept tcp 600 tcp.source=tcp.443
# Once the link is no longer live, we try to shut down the connection
# quickly. Note that if the link is already down, a state change
# will not bring it back up.
keepup tcp 5 !tcp.live
ignore tcp !tcp.live
# an ftp-data or ftp connection can be expected to show reasonably frequent
# traffic.
accept tcp 600 tcp.dest=tcp.ftp
accept tcp 600 tcp.source=tcp.ftp
#NOTE: ftp-data is not defined in the /etc/services file provided with
# the latest versions of NETKIT, so I've got this commented out here.
# If you want to define it add the following line to your /etc/services:
# ftp-data 20/tcp
# and uncomment the following two rules.
accept tcp 600 tcp.dest=tcp.ftp-data
accept tcp 600 tcp.source=tcp.ftp-data
# If we don't catch it above, give the link 10 minutes up time.
accept tcp 600 any
# Rules for UDP packets
#
# We time out domain requests right away, we just want them to bring
# the link up, not keep it around for very long.
# This is because the network will usually come up on a call
# from the resolver library (unless you have all your commonly
# used addresses in /etc/hosts, in which case you will discover
# other problems.)
# Note that you should not make the timeout shorter than the time you
# might expect your DNS server to take to respond. Otherwise
# when the initial link gets established there might be a delay
# greater than this between the initial series of packets before
# any packets that keep the link up longer pass over the link.
# Don't bring the link up for rwho.
ignore udp udp.dest=udp.who
ignore udp udp.source=udp.who
# Don't bring the link up for RIP.
ignore udp udp.dest=udp.route
ignore udp udp.source=udp.route
# Don't bring the link up for NTP or timed.
ignore udp udp.dest=udp.ntp
ignore udp udp.source=udp.ntp
ignore udp udp.dest=udp.timed
ignore udp udp.source=udp.timed
# Don't bring up on domain name requests between two running nameds.
ignore udp udp.dest=udp.domain,udp.source=udp.domain
# Bring up the network whenever we make a domain request from someplace
# other than named.
accept udp 120 udp.dest=udp.domain
accept udp 120 udp.source=udp.domain
# Do the same for netbios-ns broadcasts
# NOTE: your /etc/services file may not define the netbios-ns service
# in which case you should comment out the next three lines.
ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns
accept udp 120 udp.dest=udp.netbios-ns
accept udp 120 udp.source=udp.netbios-ns
# keep routed and gated transfers from holding the link up
ignore udp tcp.dest=udp.route
ignore udp tcp.source=udp.route
# Anything else gest 2 minutes.
accept udp 600 any
# Catch any packets that we didn't catch above and give the connection
# 30 seconds of live time.
accept any 600 any
--
Mike Fedyk - [EMAIL PROTECTED]
Webmaster for The Flag Day Festival.
http://www.flagday.com
Debian - Linux . . . The Ultimate Windows NT service pack. :)
http://www.debian.org
"People want to have the computing equivalents of truck or heavy equipment
operators without even bothering to learn how those machines work."
/ / (_)__ __ ____ __ * Powerful * Flexible * Compatible * Reliable *
/ /__/ / _ \/ // /\ \/ / *Well Supported * Thousands of New Users Every Day*
/____/_/_//_/\_,_/ /_/\_\ The Cost Effective Choice - Linux Means Business!
------------------------------
From: "Chris Martin" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,comp.os.linux.help,ucd.comp.questions
Subject: Re: basic help with samba
Date: Tue, 9 Feb 1999 10:32:14 +1100
lmhosts is the Lan Manager equiv of the hosts file. Fill it out with the
following format:
192.168.0.2 lucifer
x.x.x.x satan
Chris Martin
Pete wrote in message <792fep$28f$[EMAIL PROTECTED]>...
>
>
>
>thanks, matt. guesses are what i need. lucifer was not in /etc/hosts,
>so i added him. here is the contents of the file:
> 127.0.0.1 localhost localhost.localdomain
> 192.168.0.2 lucifer lucifer.demon
>
>is this correct? 127.0.0.1 is loopback, right? is this what /etc/hosts
>should look like?
>
>also, the error message is confusing:
>
># smbclient -L lucifer
>Added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0
>startlmhosts: Can't open lmhosts file /etc/lmhosts. Error was No such file
or directory
>
>what is lmhosts? i never heard of it before and it's not in the samba man
>page.
>
>pete
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
