Linux-Networking Digest #155, Volume #10 Tue, 9 Feb 99 08:13:41 EST
Contents:
Re: Simple network config. Just cant get it right! (Luca Filipozzi)
Re: NT Domain Help (drew)
Re: Capturing Masqueraded Packets with Sniffit (Luca Filipozzi)
Re: GTE flamed linux for BillG (Michael Powe)
Re: Warning: Connecting Linux Redhat 5.2 to ISP that supports SMTP (Andy Repton)
Re: Can't Telnet To Linux 5.2 from MS workstation (Jayasuthan)
Re: mgetty (Jayasuthan)
EXMH and inc ([EMAIL PROTECTED] (Eric J. Kringel ))
Re: Multi IP addresses on one NIC question ("Donger")
Re: How can I get the 2B channels up in my ISDN Modem using RH5.2 (Mark Cooperstein)
Re: Chat script ("Mike Bostock")
Re: Linux and Token-Ring netcards (keith)
Trouble with ipmasq in 2.2.1 kernel ("Bruce Merry (Entropy)")
NEED HELP WITH RH5.2 NETWORKING??? (John Doug Smith)
Re: PPP conection problems ("IIBG")
problem with chat script (James Gardner)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: Simple network config. Just cant get it right!
Date: Mon, 8 Feb 1999 18:21:35 -0800
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> Hi all, I've got a list of questions about the various files
> necessary for a simple manual (no dhcp) network configuration
> (which I still dont have working). My setup is simple, just one
> intel machine with a cable modem and ethernet card (which is
> supported by 2.0.36 and works fine). If I ever get this all
> figured out, I'm going to write a COMPLETE how-to!!!
That would be great... but COMPLETE is a whole lot of stuff.
>
> Note that this is my network info from my provider:
>
> Host: CS373959-A
> IP: 24.65.228.72
> Subnet Mask: 255.255.255.0
> Gateway: 24.65.228.1
> Nameserver 1: 24.64.2.33
> Nameserver 2: 24.64.2.34
> Domain: cghh1.ab.wave.home.com
>
> For each file which is seemingly pertinent to my network setup,
> I have listed what I have and any questions or comments that I
> have about it. PLEASE give me any feedback abouth anything
> wrong or any misconceptions that I have!!!
>
> ------------------------------------------------------------------------
>
> /etc/HOSTNAME
> ------------------------------------------------------------------------
>
> CS373959-A.cghh1.ab.wave.home.com
> # I assume that I should have my FQDN here, but should
> # I be using "IP.domain" or the "host.domain" format using
> # the host id that @Home assigned to me (like shown above)??
Just put CS373959-A here.
>
> ------------------------------------------------------------------------
>
> /etc/hosts
> ------------------------------------------------------------------------
>
> 127.0.0.1 localhost
> 24.65.228.72 CS373959-A.cghh1.ab.wave.home.com CS373959-A
> # I assume that this is a correct entry for the loopback, and that
> # a loopback entry IS required. I am guessing that I should also
> # have an entry for my static IP address too.
This looks fine.
>
> ------------------------------------------------------------------------
>
> /etc/host.conf
> ------------------------------------------------------------------------
>
> order hosts, bind, nis
> multi on
> # I guess this is probably OK, but will having "nis" in there
> # screw anything up if NIS isnt being used???
Get rid of the nis. If you don't have it, don't put in host.conf.
>
> ------------------------------------------------------------------------
>
> /etc/networks
> ------------------------------------------------------------------------
>
> # Do I need a loopback entry here? Do I need an entry for my
> # ISP's network? Note, I am not connecting to any network
> # other than my ISP.
It's nice to put the following:
127 localnet
24.65.228 ispnet
So that utilities like netstat can show a name instead of the ip.
Not required.
>
> ------------------------------------------------------------------------
>
> /etc/resolv.conf
> ------------------------------------------------------------------------
>
> search cghh1.ab.wave.home.com
> nameserver 24.64.2.33
> nameserver 24.64.2.35
> # I'm not sure that I really need a "domain" or "search" entry
> # here because there are really no other machines on my
> # network that I'd like to access by hostname alone.
> # I dont suppose having it should hurt anything. A strange thing
> # I've noticed is if I enter a domain of cghh1.ab.wave.home.com
> # using the RH5.2 netcfg GUI, that it puts the entry in this file
> # as a "search" and not as a "domain". How come?
Don't know. I would suggets...
domain cghh1.ab.wave.home.com
nameserver 24.64.2.33
nameserver 24.64.2.35
>
> ------------------------------------------------------------------------
>
> /etc/sysconfig/network
> ------------------------------------------------------------------------
>
> NETWORKING=yes
> FORWARD_IPV4=yes
> HOSTNAME=CS373959-A.cghh1.ab.wave.home.com
> GATEWAYDEV=eth0
> GATEWAY=24.65.228.1
> # I assume that the default gateway device is just my ethernet
> # adapter "eth0". I assume that the packet forwarding is
> # required but am not sure why. When would you NOT want it?
HOSTNAME=CS373959-A
You don't need FORWARD_IPV4 since you only have one interface. You aren't
forwarding packets between interfaces.
>
> ------------------------------------------------------------------------
>
> /etc/sysconfig/static-routes
> ------------------------------------------------------------------------
>
> # Do I need any static routes? Should I put in a static route
> # entry showing my adapter/network/netmask & gateway?
> # I guess I could add an entry here, but it seems that this info
> # would be redundant to the eth0 initialization in the next file...
>
> ------------------------------------------------------------------------
>
> /etc/sysconfig/network-scripts/ifcfg-eth0
> ------------------------------------------------------------------------
>
> DEVICE="eth0"
> USERCTL=yes
> ONBOOT="yes"
> BOOTPROTO="none"
> BROADCAST=24.65.228.255
> NETWORK=24.65.228.0
> NETMASK="255.255.255.0"
> IPADDR="24.65.228.72"
> # Now something could be screwy here... The info I was
> # provided says that my IP is 24.65.228.72, subnet mask is
> # 255.255.255.0, and gateway is 24.65.228.1. Since my IP
> # is 24.xx.xx.xx, I assume that my network is a CLASS A
> # network. They specifically told me that it was a SUBNET
> # mask though, so I also assume that this network is
> # subnetted. So I guess my big question here is, should
> # the entry in this file show a NETWORK=24.0.0.0, with
> # a NETMASK=255.0.0.0 (which I think is the main network
> # info) or do I use the subnetted info as currently shown
> # in the file above?????
What you have is fine. A netmask of 255.255.255 means that you are in a
class C network. (Also evidenced by the gateway address.)
>
>
> OK. One last question. Since my nameservers are (I guess)
> on a different subnet (24.64.xx.xx) than my gateway or my
> IP (24.65.xx.xx), will that cause any problems locating the
> nameservers? No matter what I seem to try, I can never seem
> to ping the nameservers!?!?
No. As long as your default route is correct, everything should be fine.
>
> Well, thanks for any help. I'm ready to do something crazy if
> I cant get this mess straightened out, like go back to windoze :(
> I need to start getting some real work done!!!!
>
> Thanks a zillion.
> [EMAIL PROTECTED]
>
>
>
Additional comments.
Use ifconfig to see if the interface is actually set up according to the
values your ISP has provided.
Use "netstat -nr" or "route" to print out the routing table. It should
show the localnet (127.0.0.0), the ispnet (24.65.228.0), and the default
route (0.0.0.0). If you are missing the default route, then you should
add it via the static-routes script.
Use "ping 24.65.228.1" to ping your gateway. If this doesn't work, then
something is wrong with either the interface proper (ifconfig) or the
routing table (route).
Use "ping 24.64.2.33" to ping the nameserver. If this doesn't work but
pinging the gateway does, then it's not your problem. Try pinging
204.71.200.75 (www.yahoo.com) as a second test.
Use "traceroute <ipaddr>" to see how far your packets are getting.
Hope this helps,
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: drew <[EMAIL PROTECTED]>
Subject: Re: NT Domain Help
Date: Mon, 08 Feb 1999 21:16:57 -0500
Ok, i got and installed samba. What now? I played with the .conf file
so it matched what we are supposed to have for win95 configuration. How
do i see other file servers on the network? thanks!
drew
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: Capturing Masqueraded Packets with Sniffit
Date: Mon, 8 Feb 1999 19:04:54 -0800
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> I'm using Sniffit (lastest beta off the sniffit page) to capture
> packets on my RedHat 5.2 Firewall. The program works fine for capturing
>
> packets that come directly to or from the firewall (ex. Telnet) but not
> for any of the packets that are masqueraded through the firewall.
> The server is used to provide internet access for our 80 user LAN
> and I am trying to use sniffit it so we can monitor web traffic to see
> if anyone is surfing where they shouldn't be. Right now sniffit
> captures everything on the 192.168.1.0 net. Why don't I get masqueraded
>
> packets? Is it maybe because sniffit uses the internal network
> interface (as opposed to the card that is on the external side of the
> firewall)?
> Any help would be most appreciated.
>
>
>
>
Try tcpdump. It has a "-i <inteface>" option that allows you specify the
interface that you wish to monitor.
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: Michael Powe <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware
Subject: Re: GTE flamed linux for BillG
Date: 03 Feb 1999 00:02:27 -0800
=====BEGIN PGP SIGNED MESSAGE=====
Hash: SHA1
>>>>> "Bob" == Bob <[EMAIL PROTECTED]> writes:
Bob> having windows. I have heard in newsgroups that GTE has
Bob> terminated ADSL service when they found out somebody was
Bob> running linux.
Probably true and justified since they tell you up front that Windows
is required (at least, the signup information I have seen stipulates
as much). If you want to play games & not use Windows (after signing
such a contract), that's fine but don't cry if you get caught.
mp
8<---------------how-easy-is-it-to-demunge-an-address?------------------->8
#! /usr/bin/perl # if you are [EMAIL PROTECTED] (Another Luser):
while ($line = <>){ if ($line =~ m/^\s*$/ ){ last; }
if ($line =~ m/^From: (\S+) \(([^()]*)\)/){ $from_address = $1; } }
if ($from_address =~ m/\S+NOSPAM\S+/){ $x = index($from_address, NOSPAM);
substr($from_address, $x, 6+1) = ""; printf("The real address is %s\n",
$from_address);}else { printf("No munge, just plain %s\n",$from_address);}
printf("\nBrought to you by the Truth In Mail Headers Foundation\n");
8<-----------------------here's-one-example------------------------------>8
- --
Michael Powe
[EMAIL PROTECTED] http://www.trollope.org
Portland, Oregon USA
=====BEGIN PGP SIGNATURE=====
Version: GnuPG v0.9.0 (GNU/Linux)
Comment: Encrypted with Mailcrypt 3.5.1 and GNU Privacy Guard
iD8DBQE2uAKQ755rgEMD+T8RAmdXAJ4wcqdJmAVuNKbugWzzJ96fvcKeggCfSBzK
O0FwplFhrn+Vn5Thc4qD00o=
=yJya
=====END PGP SIGNATURE=====
------------------------------
From: [EMAIL PROTECTED] (Andy Repton)
Crossposted-To: linux.redhat.install,demon.ip.support.unix,redhat.networking.general
Subject: Re: Warning: Connecting Linux Redhat 5.2 to ISP that supports SMTP
Date: 9 Feb 1999 11:39:46 GMT
On Mon, 8 Feb 1999 12:25:02 +0000, Neil Durant <[EMAIL PROTECTED]> wrote:
>You should be able to cure this by adding entries in /etc/aliases to
>redirect mail to actual users.
Or add a LUSER relay so that mail to unknown users goes to a default
address.
--
Andy
------------------------------
Date: Tue, 09 Feb 1999 19:50:42 -0800
From: Jayasuthan <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Can't Telnet To Linux 5.2 from MS workstation
How do you telnet ?
Joe Fialkowski wrote:
> Has anyone ran into this problem?
>
> I cannot telnet or ftp to my linux 5.2 sever from a MS windows95
> workstation. I can however ping the box and see it through smb. Please
> Help!
>
> Regards,
>
> Joe Fialkowski
> [EMAIL PROTECTED]
------------------------------
Date: Tue, 09 Feb 1999 19:52:05 -0800
From: Jayasuthan <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: mgetty
get last version of getty .... I had problem with this too.. Console
shotup lots of error
due incompatibly ...
Mike Grant wrote:
> I am trying to dial into my linux box (kernel 2.2.0) with mgetty
> running. I am dialing in from a win95 machine using hyperterminal.
> mgetty answers the line alright, but on the remote machine there's
> nothing but garbage ascii characters on the screen... no login or
> anything... any ideas as to what i did wrong? I've tried different
> terminal emulations on the remote machine, but no luck...
>
> Thanks...
> Mike Grant.
------------------------------
From: [EMAIL PROTECTED] (Eric J. Kringel <ek5907a>)
Subject: EXMH and inc
Date: Mon, 8 Feb 1999 21:46:13 -0500
Is there any way to call inc from a crontab and use the presort option?
I've looked at inc.tcl - exmh's patch to mh/nmh's inc - but I don't know
nearly enough about this script or tcl to know. The script contains an
Inc_Presort function - is there a way to call it without opening exmh?
I know - exmh will call inc -presort on startup. I use exmh for a pop3
account rather than my normal user account. It would be handy to let inc
run at the same time as the machine's news feed. But only so long as I
can also presort the messages into the right folders.
Thanks in advance
JBC
------------------------------
From: "Donger" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: Re: Multi IP addresses on one NIC question
Date: Tue, 09 Feb 1999 03:07:21 GMT
I am also a little miffed by this install. You are saying they have 1 NIC,
and that is it and want to do IP masq.
I agree with previous. Get another NIC, set it up the correct way. Even
better, get a third NIC, will throw hackers off from the outside...
Keith
------------------------------
Crossposted-To: comp.os.linux.setup,comp.os.linux.misc,comp.dcom.isdn
From: [EMAIL PROTECTED] (Mark Cooperstein)
Subject: Re: How can I get the 2B channels up in my ISDN Modem using RH5.2
Date: Tue, 09 Feb 1999 12:29:20 GMT
for one thing, the init string below won't work because you MUST escape any
ampersands "&" with a backslash character, eg:
ATS71=1S80=1\&D2
I don't have any experience with the IQ and Linux, although I do own an IQ and
have used it extensively with DUN and Win98. Currently, I have an Motorola
BitSurfr PRO hooked up to a 2.1.130 Linux box and it works great with both
channels. It took some diddling to get it to work at 230K, but eventually I
figured it out.
Are you sure that your ISP will allow a 2B connection for your account?
(Stupid question, but I had to ask....). If you haven't setup with them for
2B ISDN, they will usually nuke the second channel as soon as it tries to
authenticate.
Mark
In article <79o9k4$6ns$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>Any response you get from this I would also like to read...
>I have the exact same problem..
>Keith
>
>In article <[EMAIL PROTECTED]>,
> Xaymara Perez <[EMAIL PROTECTED]> wrote:
>> I have a 3Com Impact IQ ISDN modem (external) on a machine running Linux
>> RedHat 5.2 (and the 2.2.1 kernel). I can connect to my ISP just fine
>> but with one channel instead of the two channels. How can I connect
>> with the two channels? I thought that changing the initstring from ATZ
>> to ATs71=1s80=1&d2 would do it, but it still connects to only one
>> channel. I did changed the speed to 115200 and I'm using the command
>> ifppp0 up to connect.
>>
>> Any suggestions?
>>
>
>-----------== Posted via Deja News, The Discussion Network ==----------
>http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
** Remove ".nospam" when replying or email will bounce back to you...
------------------------------
From: "Mike Bostock" <[EMAIL PROTECTED]>
Crossposted-To: uk.comp.os.linux
Subject: Re: Chat script
Date: Tue, 9 Feb 1999 09:58:23 -0000
Jason Turner wrote in message ...
>Mike Bostock wrote:
>>What I am trying to do is to use the BREAK sequence in some way to
generate
>>an alternate login sequence if the first fails ie if Bad Password is
>>received instead of Protocol: then to go to <CR> login: etc.....
>>unfortunately the man page is not entirely clear on this point.
>
>I don't think you can loop in chat, or do if...else stuff,
>but you could try something along the lines of....
>
<snip>
Just to let you know the lack of reply is not me being ungrateful - I am
just working on the script.
Thanks for your help.
--
Mike
------------------------------
From: keith <[EMAIL PROTECTED]>
Subject: Re: Linux and Token-Ring netcards
Date: Mon, 08 Feb 1999 22:16:27 -0500
> I've tried using an IBM Turbo ISA 16/4 NIC on an 16MBit/s Token-Ring
> network with Redhat 5.2. But without any luck so far.
Use the Lanaid program to configure the card as a standard 16/4-Auto.
Should fire right up with the included module for imbtr.
------------------------------
From: "Bruce Merry (Entropy)" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Trouble with ipmasq in 2.2.1 kernel
Date: Tue, 09 Feb 1999 14:49:21 +0200
Hi
I'm having trouble with masquerading in 2.2.1 (I've upgraded from
2.0.36, from a system running Slackware 3.3).
The basic setup is that I have a linux machine (192.168.0.2) on a LAN
with several other machines, one of them 192.168.0.1 (running windoze
98). I want to let that machine share the ppp connection. I've compiled
masquerading into the kernel, along with the other stuff it requires.
I've set the gateway to 192.168.0.2 on '98 machine.
Here's an extract from my rc.local
ipchains -F input
ipchains -F output
ipchains -F forward
ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P forward ACCEPT
#anti-spoofing
ipchains -A input -s 127.0.0.1 -i ! lo -j DENY
ipchains -A input -s 192.168.0.2 -i lo -j ACCEPT
ipchains -A input -s 192.168.0.0/24 -i ! eth0 -j DENY
# masquerading
ipchains -A forward -s 192.168.0.0/24 -j MASQ
# enable routing
echo "1" > /proc/sys/net/ipv4/ip_forward
ipchains -C forward ... confirms that the packets should be forwarded
(so far it's only been tested on email checks with POP3), but nothing
appears to be happening.
Any ideas?
Thanks
Bruce
/--------------------------------------------------------------------\
| Bruce Merry (Entropy) | bmerry at iafrica dot com |
| Proud user of Linux! | http://www.cs.uct.ac.za/~bmerry |
| Screw up your courage! You've screwed up everything else. |
\--------------------------------------------------------------------/
------------------------------
From: [EMAIL PROTECTED] (John Doug Smith)
Subject: NEED HELP WITH RH5.2 NETWORKING???
Date: 9 Feb 1999 03:11:15 GMT
Need help in a bad way. Network in Linux is flaking out.
Here's the problem I boot up my RH5.2 linux on a NEC versa
6050MX notebook with Xircom 10/100 ethernet card. Machine
boots fine. Then I add the necessary route commands to add
a route to the Internet (thru my isp) and default gateway.
run a few tests basically pinging things from the linux box
to make sure its operating. I have a home network of 2 win95
machines and this linux box. The home network is 1.1.1.0 I have
NAT running on the isdn router so these addresses never see the
internet. My isp gave me address x.x.x.x which is live and everything
works fine for the win95 machines. The ping test I run from the linux
box pings a another local machine on the 1.1.1.0 network then the router
itself at 1.1.1.1 then the Internet side of the router at x.x.x.x then
another machine out on the Internet. Every thing appears fine, then at
some time within the next hour the linux box quites talking to the network.
I can't ping it from any other workstation nor can i ping anything from it.
I can run netstat -rn but route usually just hangs after listing the first
route, I have to hit ctrl-c to get out of route. I have to reboot before
route will work properly again. I have disabled routed for troubleshooting
purposes but this doesn't appear to fix anything. I still get link on the
adapter and I see no other problems with the system other than this.
Any help would be greatly appreciated
Thanks.
Douglas
[EMAIL PROTECTED]
------------------------------
From: "IIBG" <[EMAIL PROTECTED]>
Subject: Re: PPP conection problems
Date: 9 Feb 1999 08:23:04 GMT
Eduado,
remove the last 2 lines from your chat script and it should work.
Ian
Eduardo Mendes <[EMAIL PROTECTED]> wrote in article
<[EMAIL PROTECTED]>...
> Hi ... I�m with problems to connect with my provider using Linux and
> kppp program.
>
> In my script login i wrote :
>
> expect login:
> send my ID
> expect Password:
> send my password
> expect granted
> send ppp
>
> (I saw that in a example of login script)
>
> ok ... then I begin the connection, after i receive the Password, i send
>
> mine and a message says " starting ppp session" and lots of trash became
>
> to appear ... (I stay waiting granted, but i don�t know if that�s the
> right thing to do !!!!) after some time ...
> the connection falls and a message appears .... NO CARRIER !!!!
>
> What is the problem ? Is the script login wrong ? Or what should i do
> when the trash starts to appear ?
>
> Please, i would like your help ...
>
> Greatfull...
>
> Eduardo.
>
>
>
>
------------------------------
From: James Gardner <[EMAIL PROTECTED]>
Subject: problem with chat script
Date: Tue, 09 Feb 1999 07:06:17 -0600
I am using an external Hayes Accura 336/56k modem. I am trying to
access Mindspring. I can send the atdt and phone number . I hear the
modem dial and start trying to negotiate speed. My messages file tells
me that I am waiting for Mindspring to return a CONNECT message, and I
never get it.
Are there any Mindspring users who can help me with this. I figure that
either I have a modem problem and I never negotiate properly, or perhaps
I have a chat script problem and I don't really want to wait for
CONNECT. Any help would be much appreciated.
James
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
