Linux-Networking Digest #177, Volume #10 Thu, 11 Feb 99 14:13:47 EST
Contents:
Re: isdn4k utilities and ISDN ([EMAIL PROTECTED])
Traceroute question (Robert Montgomery)
DHCP Statistics ("David Akins")
Re: limiting Web site access in Linux ([EMAIL PROTECTED])
Re: security (Timothy Houck)
Re: I know it's been asked a million times... (Arthur Corliss)
Re: smbclient & samba (Timothy Houck)
Re: Relaying fails after 2.0.27--> 2.0.34 upgrade (Grahame Jordan)
linux firewall and ICQ (Gert Wurzer)
Re: LYNX Benchmarking Commands ("Vik Sohal")
Re: 2.2.1 and etherexpress 16 (eexpress) (Geoff Blake)
G2 realserver (rmserver) ([EMAIL PROTECTED])
connection refused from NT (Tom Taylor)
Re: diald and ppp for two internet-providers (Andy Carlson)
dialup link: batch IP seems to be priviledged? ([EMAIL PROTECTED])
Re: proxy arp with kernel 2.2.0 ?? (Jan Kiszka)
Re: smbmount and kernel 2.2.1 (Frank Sweetser)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: Re: isdn4k utilities and ISDN
Date: Wed, 10 Feb 1999 14:06:16 GMT
> Can someone help?
> ---------------------------
> Here some output
>
> make[1]: Entering directory
> `/root/isdn/isdn4k-utils-3.0beta1/isdnctrl'
> gcc -DVERSION=\"3.0beta1\" -Wall -O2 -I. -I/usr/src/linux/include
> -DI4L_CTRL_c
> isdnctrl.c:446: warning: #warning ISDN_NET_DM_OFF not defined? Old
> isdn4kernel?
> isdnctrl.c: In function `do_dialmode':
> isdnctrl.c:545: structure has no member named `dialmode'
> isdnctrl.c: At top level:
> isdnctrl.c:525: warning: `do_dialmode' defined but not used
> make[1]: *** [isdnctrl.o] Error 1
> make[1]: Leaving directory `/root/isdn/isdn4k-utils-3.0beta1/isdnctrl'
> make: *** [install] Error 2
The problem with the 2.2.x kernels is that they do not contain a current
release of the ISDN core. For some strange reason the developer kernels
(2.1.xxx) do contain an updated ISDN core, I don't know why they didn't
include this in the final 2.2.x kernel.
You can download an updated ISDN core from http://www.isdn4linux.de
You should patch you kernel source with this update and rebuild your kernel.
You should now be able to 'make' the ISDN4Linux utilities.
Good luck
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Robert Montgomery <[EMAIL PROTECTED]>
Subject: Traceroute question
Date: Thu, 11 Feb 1999 16:09:05 GMT
I'm debugging my simple network setup and I've noticed that I
mysteriously get two different types of output from traceroute,
and I havent figured out what it is in my configuration that causes
one or the other. Can anyone explain the differences and what
circumstances I would get either set of output when tracing my
gateway (24.65.228.1) ?? Note that neither setup is successful
because I cant ping the gateway in either situation, but I'm
hoping that one configuration is closer to being correct than
the other, based on the different traceroute outputs....
> traceroute 24.65.228.1
traceroute to 24.65.228.1 (24.65.228.1), 30 hops max, 40 byte packets
1 CS373959-A.cghh1.ab.wave.home.com (24.65.228.72) 0.286 ms !H 0.182
ms !H 0.156 ms !H
Note that the above output responds immediately, whereas the following
output is just a series of apparant time-outs....
> traceroute 24.65.228.1
traceroute to 24.65.228.1 (24.65.228.1), 30 hops max, 40 byte packets
1 * * *
2 * * *
3 * * *
etc...
Thanks.
[EMAIL PROTECTED]
------------------------------
From: "David Akins" <[EMAIL PROTECTED]>
Subject: DHCP Statistics
Date: Thu, 11 Feb 1999 08:36:01 -0800
Anybody know of any tools available (or maybe an option in dhcpd) that
allows you to get some statistics on the DHCP usage? Like 200 total
addresses, 150 used, 25% available...something like that. I was thinking
of writing a program to parse the dhcpd.conf and dhcpd.leases files and put
them into databases.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: limiting Web site access in Linux
Date: Wed, 10 Feb 1999 14:57:46 GMT
Thanks to all who helped me out with the Web site access problem...
Just FYI - what I ended up doing yesterday (as a direct result of help I
received here in the newsgroup) was creating a script called rc.firewall that
contained the command ipfwadm and effectively blocked all IP addresses. Then,
below that I used the same command to allow access by the 2 specific addresses
we want. Then I told the rc.local script to execute rc.firewall...and it
worked great!
Thanks again for everyone's help.
Best Regards,
Karen Clendenin :)
In article <[EMAIL PROTECTED]>,
Corey J. Steele <[EMAIL PROTECTED]> wrote:
> even if it does, be certain that the other sites do not have any means by
which
> your users could hop out into the world (i.e. no links to search engines,
> etc...)
>
> -C
>
> On Tue, 09 Feb 1999, sam wrote:
> >>I wonder if the following entries in httpd.conf will work
> >proxyBlock *
> >proxyPass with selected domain list (map only those sites that you need)
> >
> >Andre Riscalla wrote:
> >
> >> Yes there is a way. One solution is to build a proxy with Apache
> >> (www.apache.org). This will give you the flexibility to limit and
> >> control web access. There is a pretty good article on how to do this in
> >> the last sys-Admin magazine, february issue (www.samag.com)
> >>
> >> On Fri, 5 Feb 1999 [EMAIL PROTECTED] wrote:
> >>
> >> > Hi -
> >> >
> >> > I am in the process of setting up my first Linux machine (running RedHat
> >> > 5.1). It will be used for Internet access by our employees to 2 specific
Web
> >> > sites (not in-house). My question is: is there any way that I can limit
> >> > which Web sites may be visited? The fear by Administration is that folks
will
> >> > rummage about in all sorts of sordid Web sites on Company time, and they
> >> > would like for me to eliminate that as much as possible.
> >> >
> >> > Thanks in advance for any help you can give!
> >> >
> >> > Best Regards,
> >> > Karen Clendenin
> >> >
> >> > -----------== Posted via Deja News, The Discussion Network ==----------
> >> > http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
> >> >
> >> >
> >>
> >> --
> >> Contrary to popular belief, Unix IS user friendly. It just happens
> >> to be very selective about who it decides to make friends with.
> >>
> >> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >> Andre Riscalla Sr. Network Engineer
> >> [EMAIL PROTECTED] 514-940-5664
> >> Data Service and Technology, Engineering Metronet Communications
> >> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >
> >--
> >Remove the NONO in my reply to address
> >
> >
> >
>
> ----------------------------------------
> Content-Type: text/html; name="unnamed"
> Content-Transfer-Encoding: 7bit
> Content-Description:
> ----------------------------------------
>
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Timothy Houck <[EMAIL PROTECTED]>
Subject: Re: security
Date: Wed, 10 Feb 1999 09:12:49 -0600
John Molitor wrote:
> Any help would be appreciated. If I sound woefully ignorant on
> these topics, it is simply because I am. Also, if anybody could
> recommend a good book on the topic of security I would appreciate it.
Anyone with physical access to your computer can get past the login
prompt and do whatever they want. Physical measures are necessary
(hardware locks, BIOS boot passwords, etc.).
A book I refer to often for security is called "Maximum Security: A
Hacker's Guide to Protecting Your Internet Site and Network", 1997 by
Sams.net Publishing. International Standard Book Number 1-57521-268-4,
Library of Congress Catalog Card Number 96-71997. I think I got it
from Barnes and Noble.
Good luck.
Tim
------------------------------
From: [EMAIL PROTECTED] (Arthur Corliss)
Subject: Re: I know it's been asked a million times...
Reply-To: [EMAIL PROTECTED]
Date: 28 Jan 1999 22:34:53 -0900
On Thu, 28 Jan 1999 23:12:25 -0500, Jay Copeland <[EMAIL PROTECTED]> wrote:
>We have two linux boxes in our house. The older one (defiant) is a 486
>66 with all kinds of dead parts with hardware workarounds. It works. I
>can surf or whatever I want to do when I have a phone line plugged in.
>The newer one (voyager) is an AMD 233. It's great. It's fast enough for
>what we want to do.
>
>I have been trying for about a week to get IP Masquing (sp?) to work.
>I've recompiled the kernel on what will be the gateway. I've followed
>the mini-HOWTO to the letter. I still haven't been able to get it to
>work.
>
>The two machines work fine together. We share files, doom, whatever
>else. I just can't get to the internet unless I telnet into the gateway.
>That's fine if I just want to use lynx. I can't use Netscape or its
>e-mail client. I can't irc (not that it's important). What else do I
>need to do?
Actually, if you just do remote X sessions, you could accomplish the same
thing, without masquerading. It's also nice if you're backing up the
gateway/server on to tape regularly, and not the workstation.
--Arthur Corliss
Bolverk's Lair -- http://www.odinicfoundation.org/arthur/
"Live Free or Die, the Only Way to Live" -- NH State Motto
------------------------------
From: Timothy Houck <[EMAIL PROTECTED]>
Subject: Re: smbclient & samba
Date: Wed, 10 Feb 1999 09:15:31 -0600
Ron wrote:
>
> new to linux
> installed redhat 5.2 v2.0.36 as default workstation class. Want to network
> with my win95 machine. All the networking hardware is in place and working
> (the machines recognize each other). The workstation installation didnt
> install SMB and samba, but a server class install would, however Im only
> using a 1 gig harddrive (to small for a server class install). Can I install
> SMB and samba in the workstation to get shared access between the 2
> machines, or do I need to get a bigger HD and do a server class install?
If you visit sunsite.unc.edu, you can download the latest version of
Samba. Just untar it and install it.
Tim
------------------------------
From: Grahame Jordan <[EMAIL PROTECTED]>
Subject: Re: Relaying fails after 2.0.27--> 2.0.34 upgrade
Date: Tue, 09 Feb 1999 22:37:12 +0000
Hi!
Try /etc/mail/relay_allow
Put in the domain and it should work OK
Grahame Jordan
Systems Engineering Group wrote:
> I have a Linux box connected to an ISP via modem/PPP, and
> locally to a 192.168.2.xxx LAN of Win95 PCs and others.
> Under Slackware96 (2.0.27) it allowed my users to relay
> mail out to the internet. When I upgraded to the
> version from the summer (2.0.34, sendmail 8), I was
> pleased to see firewalling and samba installed, but
> the system does not relay outgoing mail from the
> local network. I get the 550 "relaying denied" error
> message from sendmail.
>
> What configuration change do I make to sendmail (or
> elsewhere) which allows outgoing e-mail from the
> local LAN? Users can receive mail just fine (they're
> just polling the POP server).
>
> A Web check pointed out some anti-Spam routines for
> RedHat, but I'm not sure that's what I need.
>
> Rob Levene
> SEG Inc.
------------------------------
From: [EMAIL PROTECTED] (Gert Wurzer)
Subject: linux firewall and ICQ
Date: Thu, 11 Feb 1999 17:32:00 +0100
Does anybody know how to get icq working behind a linux
firewall?
Here it only works by opening all the udp ports 1024:65535.
When i try to use 12 certain ports of my choice for listening
and enter them into the firewall settings of icq it's also
possible to recieve files and chat requests, but only with all
the high portnumbers open.
After closing them and adding -I,-O,-F rules for port 4000 it's
impossible to connect to the icq server, what AFAIK always
should happen at port 4000.
Hoping for someone who knows a solution...
--
Gert Wurzer, Graz, University of Technology
email: [EMAIL PROTECTED]
homepage: http://www.sbox.tu-graz.ac.at/home/w/wurzer
ICQ: 7330537
------------------------------
Crossposted-To:
comp.os.lynx,comp.os.linux.development.system,comp.arch.bus.vmebus,comp.dcom.lans.ethernet
From: "Vik Sohal" <[EMAIL PROTECTED]>
Subject: Re: LYNX Benchmarking Commands
Date: Thu, 11 Feb 1999 18:14:55 GMT
A good place to start would be to check out BYTE magazine's web site. They
have made their BYTE benchmark suite available free to anyone who wants it.
We use this suite as a part of our ATS testing and have found it to be a
good measure of performance (for what it tests, we test a whole lot of other
things as well...)
In general, any sort of UNIX benchmarking suite should be readily
recompilable to LynxOS.
Best Regards,
Vik Sohal
[EMAIL PROTECTED]
Shark wrote in message <[EMAIL PROTECTED]>...
>All,
>
>I am new to the Lynx OS.
>
>I am going to be implementing and bench marking a Moto MPC8260
>PowerQUICCII microprocessor, VME bus, and 100BaseTX running Lynx OS.
>
>Can someone tell if there are commands that can benchmark CPU
>utilization, all types of I/O, MIPS, and anything else related to bench
>marking?
>
>Is there free source code that can be compiled?
>
>Thanks in advance.
>
>Shark
>
------------------------------
From: [EMAIL PROTECTED] (Geoff Blake)
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup,uk.comp.os.linux
Subject: Re: 2.2.1 and etherexpress 16 (eexpress)
Date: Thu, 11 Feb 1999 06:59:54 GMT
Reply-To: [EMAIL PROTECTED]
TheSuit ([EMAIL PROTECTED]) wrote:
: Has anyone noticed any problems with this combination? I've had my
: etherexpress16 working under 2.0.3x since I first installed linux with
: vitually no problems... now all of a sudden after upgrading to 2.2.1 i
: occasionally get the following error messages (usually after i put some
: heavy'ish, 1mb +, trafic on the link)
: -------------
: ??? reset timed out, kicking...
: ??? reset timed out, kicking...
: ??? reset timed out, kicking...
: ??? not responding, giving up
: -------------
: ???= something like eth0 ixxxxxx.. can't remember the exact numbers..
: Has anyone else experianced this problem? Or does anyone know what the
: error messages mean? Does this indicate a hardware or software failure?
: I can provide more details if someone gives me some indication of what
: is required..
I have experienced this many times with earlier kernels and it has always
been "cured" by changing the card. From that I would suggest that it was a
hardware problem (with the card). However, in most cases, the cards worked
OK in other hardware under Linux and other OS's (?).
HTH
: Suit
Dirty old jeans :-)
--
--
Geoff Blake [EMAIL PROTECTED] linux 2.0.31
Chelmsford [EMAIL PROTECTED] i586
Intel create faster processors - Microsoft create slower processes
------------------------------
From: [EMAIL PROTECTED]
Subject: G2 realserver (rmserver)
Date: Thu, 11 Feb 1999 18:04:24 GMT
I am having some serious problems on the Linux version of the
G2 realaudio server. Whenever I use the G2 web-based admin tool to restart
the server, my NIC card (HP 10/100) goes crazy and my network is flooded
with collisions. So much that the ethernet port on my Cisco router
constantly resets. the only way to fix things is to reboot the host machine.
Has any one had problems with the G2 server on Linux?
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Tom Taylor <[EMAIL PROTECTED]>
Subject: connection refused from NT
Date: Thu, 11 Feb 1999 10:19:12 -0800
I'm fairly new to Linux and am having a problem connecting from Linux to
NT4.0. I can ping in both directions. I can connect from NT to Linux
and the Apache server displays on the Netscape screen when I use the
linux address (10.10.10.1) but can't go from Linux to NT this way. I
can ping succesfully in both directions so know that the NT box is
capable of seeing the connection. In NTs network neighboorhood I can
access my non-root account on the Linux box.
>From a previous message I made a registry change in NT to allow
non-encrypted passwords but this has not helped.
The message displayed by Linux when attempting to connect is "Netscapes
network connection was refused by the server 10.10.10.4. The server may
not be accepting connections or may be busy". I know that the NT
workstation is accepting connections because I hooked a Win95 portable
up to the hub and was able to communicate with the NT box in both
directions. I suspect I have something set wrong on the NT box but
don't know what. Any suggestions would be appreciated.
TIA
Tom
------------------------------
From: [EMAIL PROTECTED] (Andy Carlson)
Crossposted-To: comp.os.linux.networking,alt.linux
Subject: Re: diald and ppp for two internet-providers
Date: Wed, 10 Feb 1999 09:17:03 -0600
In article <[EMAIL PROTECTED]>,
J�rgen Weinmann <[EMAIL PROTECTED]> writes:
>
> is it possible to setup diald for more than one internet providers? How
> can I do this ?
>
Juregan,
I do this today. I start two diald processes, pointing to different config
files. It works great. Email me if you want some more info.
--
Andy Carlson |\ _,,,---,,_
[EMAIL PROTECTED] ZZZzz /,`.-'`' -. ;-;;,_
BJC Health System |,4- ) )-,_. ,\ ( `'-'
St. Louis, Missouri '---''(_/--' `-'\_)
Cat Pics: http://www.nothnbut.net/~andyc/animal.html
------------------------------
From: [EMAIL PROTECTED]
Subject: dialup link: batch IP seems to be priviledged?
Date: 10 Feb 1999 16:43:27 +0100
Hi all,
when one has a dialup connection, one notices quickly that FTP
downloads or uploads or POP3 mail downloads seem to saturate the link
such that a concurrent interactive session (X11 connection or telnet
or rlogin or something like this) gets pretty much unusable during
that time.
It appears as if almost none of the interactive IP packets get
transferred while the `batch' style transfer is in process. Maybe
that's just an illusion, though.
Is there a way to somehow make the interactive sessions more
responsive?
(The client is a SuSE 6.0 Linux machine, connecting via modem to a PPP
2.3.5 running on a SPARC Solaris machine, in case this is relevant.
If necessary, I think I could make modifications to the PPP
installations on both sides of the link.)
kai
--
I like _�b_�o_�t_�h kinds of music.
------------------------------
From: Jan Kiszka <[EMAIL PROTECTED]>
Subject: Re: proxy arp with kernel 2.2.0 ??
Date: Thu, 11 Feb 1999 19:13:31 +0100
Meelis Roos wrote:
> AM> arp -i eth1 -sD xxx.yyy.zzz.0 eth1 netmask 255.255.255.0 pub
>
> Subnet proxy arp was removed from 2.2. Single-host proxy arp is supported
> though.
>
> --
> Meelis Roos (t�iesti isikliku arvamusega)
> [EMAIL PROTECTED] http://www.cs.ut.ee/~mroos/
I'm using only single-host proxy arp, but it's not working with kernel 2.2.1.
The entries are of the following kind:
arp -Ds aaa.bbb.ccc.ddd eth0 pub
What am I doing wrong? The hwaddr entries in /proc/net/arp are just zero. I
have also tried the net-tools 1.50, because my SuSE 6.0 was only delivered
with 1.46 - without success.
Thanks in advance,
Jan Kiszka.
------------------------------
From: Frank Sweetser <[EMAIL PROTECTED]>
Subject: Re: smbmount and kernel 2.2.1
Date: 11 Feb 1999 11:27:08 -0500
<sigh...>
linux/Documentation/Changes
also
http://roadrunner.swansea.uk.linux.org/clue.html
--
Frank Sweetser rasmusin at wpi.edu fsweetser at blee.net | PGP key available
paramount.ind.wpi.edu RedHat 5.2 kernel 2.2.1 i586 | at public servers
linux: because a PC is a terrible thing to waste
([EMAIL PROTECTED] put this on Tshirts in '93)
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
