Linux-Networking Digest #188, Volume #10 Fri, 12 Feb 99 23:13:54 EST
Contents:
Message log mystery... ("Mohid, Robert (EXCHANGE:CAR:9W21)")
Re: Compaq DeskPro 4000 NIC support? (Jeff Schmidt)
dhcpcd cuter scripts (Bob)
Re: LINUX proxy (Sebastien Mallet)
Re: Cable modem (Bob)
Re: @Home with TCI cable modem? (Bob)
Slack 3.6 w. PPPD 2.2 & modem hangs up TermReq=0x03 ("Michael Cook")
Re: ftp gets stuck in FIN_WAIT1 when running 2.2.1 (J. Scott Berg)
Re: MS Explorer 4.0 for Unix (Will Grzanich)
Kernel: 2.2.1-ac1. pcmcia-cs-3.0.8 Error 2 ("Mark Lutz")
Re: Kernel has FW_MASQUERADE but netstat -M doesn't work (Rick Onanian)
Re: how do I support "IP_TRANSPARENT_PROXY" with ipfwadm? (Tobias Reckhard (jester))
Re: checksum compile error on kernel 2.2.1 pls help!! (The Extremist)
----------------------------------------------------------------------------
From: "Mohid, Robert (EXCHANGE:CAR:9W21)" <[EMAIL PROTECTED]>
Subject: Message log mystery...
Date: Thu, 11 Feb 1999 12:21:35 -0500
I have around 100+ entries like this in my logs... (RH 5.1 kernel 2.035)
Feb 10 18:06:35 (host edited) portmap[5302]: connect from 24.112.95.87
to callit(390109): request from unauthorized host
Feb 10 18:06:35 (host edited) portmap[5306]: connect from 24.112.95.87
to callit(390109): request from unauthorized host
Feb 10 18:06:35 (host edited) portmap[5310]: connect from 24.112.95.87
to callit(390109): request from unauthorized host
Folowed by a rather ugly... (I have the same thing 5 or 6 times at 5 min
intervals..)
Feb 11 10:18:08 (host edited) kernel: invalid operand: 0000
Feb 11 10:18:08 (host edited) kernel: CPU: 0
Feb 11 10:18:08 (host edited) kernel: EIP:
0010:[update_wall_time_one_tick+142/184]
Feb 11 10:18:08 (host edited) kernel: EFLAGS: 00010246
Feb 11 10:18:08 (host edited) kernel: eax: 000c66de ebx: 00000000
ecx: 00000000 edx: 00002710
Feb 11 10:18:08 (host edited) kernel: esi: 00000001 edi: 00000001
ebp: 001d24a4 esp: 001d24a0
Feb 11 10:18:08 (host edited) kernel: ds: 0018 es: 0018 fs: 002b
gs: 0000 ss: 0018
Feb 11 10:18:08 (host edited) kernel: Process swapper (pid: 0, process
nr: 0, stackpage=001d0b94)
Feb 11 10:18:08 (host edited) kernel: Stack: 00000000 001d24b0 0011271e
00000001 001d24d0 00112927 00000001 00000001
Feb 11 10:18:08 (host edited) kernel: ffffffff 00000001 00000001
001d24ec 001f0c50 00118397 001d24ec 00000014
Feb 11 10:18:08 (host edited) kernel: 00000000 001d2598 0010a91b
00000000 001d3348 01903810 00000014 00000000
Feb 11 10:18:08 (host edited) kernel: Call Trace:
[update_wall_time+14/72] [timer_bh+183/820] [do_bottom_half+59/96]
[handle_bottom_half+11/24] [exit_notify+30/468] [do_exit+450/504]
[die_if_kernel+672/680]
Feb 11 10:18:08 (host edited) kernel: [<03800000>]
[3c509:el3_probe+-81924/5164] [do_invalid_op+61/68] [do_invalid_op+0/68]
[error_code+64/72] [update_wall_time_one_tick+142/184]
[update_wall_time+14/72] [timer_bh+183/820]
Feb 11 10:18:08 (host edited) kernel: [do_bottom_half+59/96]
[handle_bottom_half+11/24] [exit_notify+62/468] [do_exit+450/504]
[die_if_kernel+672/680] [<03800000>] [3c509:el3_probe+-81924/5164]
[do_invalid_op+61/68]
Feb 11 10:18:08 (host edited) kernel: [do_invalid_op+0/68]
[error_code+64/72] [update_wall_time_one_tick+142/184]
[update_wall_time+14/72] [timer_bh+183/820] [do_bottom_half+59/96]
[handle_bottom_half+11/24] [exit_notify+62/468]
Feb 11 10:18:08 (host edited) kernel: [do_exit+450/504]
[die_if_kernel+672/680] [<03800000>] [3c509:el3_probe+-81924/5164]
[do_invalid_op+61/68] [do_invalid_op+0/68] [error_code+64/72]
[update_wall_time_one_tick+142/184]
Feb 11 10:18:08 (host edited) kernel: [update_wall_time+14/72]
[timer_bh+183/820] [do_bottom_half+59/96] [handle_bottom_half+11/24]
[do_exit+190/504] [die_if_kernel+672/680] [<03800000>]
[3c509:el3_probe+-81924/5164]
Feb 11 10:18:08 (host edited) kernel: [do_invalid_op+61/68]
[do_invalid_op+0/68] [error_code+64/72]
[update_wall_time_one_tick+142/184] [update_wall_time+14/72]
[timer_bh+183/820] [do_bottom_half+59/96] [handle_bottom_half+11/24]
Feb 11 10:18:08 (host edited) kernel: [exit_notify+30/468]
[do_exit+450/504] [die_if_kernel+672/680] [<03800000>]
[3c509:el3_probe+-81924/5164] [do_invalid_op+61/68] [do_invalid_op+0/68]
[error_code+64/72]
Feb 11 10:18:08 (host edited) kernel:
[make_raw_rw_request+964/2840] [update_wall_time_one_tick+142/184]
[update_wall_time+14/72] [timer_bh+183/820] [do_bottom_half+59/96]
[handle_bottom_half+11/24] [write_ldt+652/740] [sys_idle+92/112]
Feb 11 10:18:08 (host edited) kernel: [system_call+85/124]
[init+0/864] [write_ldt+652/740] [start_kernel+453/464]
Feb 11 10:18:08 (host edited) kernel: Code: ff ff 3f 00 7e 1e 89 ca c1
fa 16 89 d0 c1 e0 16 29 c1 89 0d
Feb 11 10:18:08 (host edited) kernel: Aiee, killing interrupt handler
The two don't seem related by the time stamps, but I just don't know
what to make of these.
Am I being bombed with DoS attacks?
TIA
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Jeff Schmidt)
Subject: Re: Compaq DeskPro 4000 NIC support?
Date: Sat, 13 Feb 1999 03:09:07 GMT
I don't have an rc.modules file there; where else can I add a driver,
and where can I get the tlan driver from?
On Thu, 11 Feb 1999 14:05:43 -0600, Cliff Cloyd <[EMAIL PROTECTED]>
wrote:
>I had the same problem!! I was able to edit the /etc/rc.d/rc.modules and
>add the following line under the ethernet support section:
>/sbin/modprobe /lib/modules/2.0.34/net/tlan.o
>After a reboot the nic was detected!! Now my problem is that I can only
>ping myself, oh well first things first. BTW, I think the 2.0.34 dir is
>based on the version of the kernal you're using I am a total newbie to
>Linux so I could be wrong :) Good Luck.
>
>Jeff Schmidt wrote:
>
>> Has anyone had any success w/ the embedded NetFlex3 on the Compaqs?
>>
>> I'm trying to get RH 5.2 to recognize the silly thing.
------------------------------
From: Bob <[EMAIL PROTECTED]>
Crossposted-To: linux.debian.user,dc.org.linux-users
Subject: dhcpcd cuter scripts
Date: Fri, 12 Feb 1999 23:02:27 -0500
Bob wrote:
> To get your IP assigned dynamically as by dial-up or ADSL or
> cable modem, and to find out nameserver IP's--it's also necessary
> to upgrade dhcpcd for kernels 2.1.125 and up, and for certain
> netcards such as Intel--
>
> ftp://phystech.com/pub
>
> get the latest dhcpcd dhcp client by Sergei Viznyuk [applause, cheers]
> which today is 1.3.17-pl2
>
> untar ungzip cd
>
> make ; make install
>
> Now you have /sbin/dhcpcd
>
> Get your old dhcpcd out of the way--it was /usr/sbin/dhcpcd
#! /bin/sh
# /etc/init.d/networks
PATH="/bin:/sbin:/usr/bin:/usr/sbin"
# uncomment and edit username for @Home cable modems--
#OPT_USER_ID="-h username"
ifconfig lo 127.0.0.1
route add -net 127.0.0.0 netmask 255.0.0.0 lo
if dhcpcd $OPT_USER_ID -d eth0 ; then
/usr/local/bin/dhcp_host_ip
echo "DHCP succeeded..."
logger "DHCP succeeded..."
fi
# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (/tmp/crontab.XXXXa00375 installed on Fri Feb 12 00:58:32 1999)
# (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp $)
SHELL=/bin/sh
PATH=/usr/local/bin:/usr/local/bin:/bin:/sbin:/usr/bin:/usr/sbin
*/20 * * * * exec /usr/local/bin/dhcp_host_ip
#!/bin/sh
# /usr/local/bin/dhcp_host_ip
# cron script to transfer dhcpcd's IP to /etc/hosts
PATH=/sbin:/bin:/usr/bin
HOST=$( hostname )
HOST_IP=$( ifconfig eth0 | grep "inet addr" - | cut -d: -f2 - | cut -d" "
-f1 - )
LINE_OLD=$( grep -G ${HOST}'$' /etc/hosts | grep -v '^;' - )
LINE_NEW=${HOST_IP}" "${HOST}
sed s/"$LINE_OLD"/"$LINE_NEW"/ /etc/hosts > /tmp/.hosts.tmp
mv /tmp/.hosts.tmp /etc/hosts
------------------------------
From: Sebastien Mallet <[EMAIL PROTECTED]>
Subject: Re: LINUX proxy
Date: Thu, 11 Feb 1999 18:17:46 +0100
Hi
Sorry for the mistake,
I should have said an ARP proxy server, because I want to create a kind
of tranparent gateway.
And both my LAN and the hosts on the subnet will have same IP address
class (B).
Your page is very helpful for everyone trying to setup a proxy and I was
interested in IP masquerading but it's not the solution of my problem.
Thanks for all these good informations. I appreciated your help
Sebastien Mallet
mailto:[EMAIL PROTECTED]
------------------------------
From: Bob <[EMAIL PROTECTED]>
Subject: Re: Cable modem
Date: Fri, 12 Feb 1999 22:52:51 -0500
Frederic Lemoine wrote:
> Hello,
>
> I'd like to connect to Internet through a cable modem (LANcity) under SuSe
> 5.3
>
> Could anyone explain me what I should do ? As I'm a beginner I would very
> much appreciate a comprehensive answer.
>
> In my SuSe manual I don't find anything about DHCP client. Am I blind or is
> this technique not used in Linux, or does it have another name ?
>
> Thanks for your answer.
>
> Fred.
How about dhcpcd, find that in SuSe? Or,
http://metalab.unc.edu/pub/Linux/system/network/daemons/dhcpcd-1.3.17-pl2.tar.gz
Put that in /usr/local, gunzip, read the docs. End up with /sbin/dhcpcd.
Check the HOWTO also.
You didn't say if you're using dial-up or netcard to TCPIP. After you
connect, you have this type of thing to load the dhcp client:
#! /bin/sh
# /etc/init.d/networks is a file that starts up a net connection on eth0
PATH="/bin:/sbin:/usr/bin:/usr/sbin"
# uncomment and edit username for @Home cable modems--
#OPT_USER_ID="-h username"
ifconfig lo 127.0.0.1
route add -net 127.0.0.0 netmask 255.0.0.0 lo
if dhcpcd $OPT_USER_ID -d eth0 ; then
/usr/local/bin/dhcp_host_ip
echo "DHCP succeeded..."
logger "DHCP succeeded..."
fi
# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (/tmp/crontab.XXXXa00375 installed on Fri Feb 12 00:58:32 1999)
# (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp $)
SHELL=/bin/sh
PATH=/usr/local/bin:/usr/local/bin:/bin:/sbin:/usr/bin:/usr/sbin
*/20 * * * * exec /usr/local/bin/dhcp_host_ip
#!/bin/sh
# /usr/local/bin/dhcp_host_ip is a
# cron script to transfer dhcpcd's IP to /etc/hosts
PATH=/sbin:/bin:/usr/bin
HOST=$( hostname )
HOST_IP=$( ifconfig eth0 | grep "inet addr" - | cut -d: -f2 - | cut -d" " -f1
- )
LINE_OLD=$( grep -G ${HOST}'$' /etc/hosts | grep -v '^;' - )
LINE_NEW=${HOST_IP}" "${HOST}
sed s/"$LINE_OLD"/"$LINE_NEW"/ /etc/hosts > /tmp/.hosts.tmp
mv /tmp/.hosts.tmp /etc/hosts
-Bob
------------------------------
From: Bob <[EMAIL PROTECTED]>
Subject: Re: @Home with TCI cable modem?
Date: Fri, 12 Feb 1999 22:56:50 -0500
Matt Rizzo wrote:
> Has anyone successfully installed a cable modem through @Home and TCI in
> Linux? I called their 800 number and they said they do not support the
> Linux OS. I was wondering if it would even work. I am running RedHat 5.2.
> Thanks for your time.
>
> -Matt
#! /bin/sh
# /etc/init.d/networks
PATH="/bin:/sbin:/usr/bin:/usr/sbin"
# uncomment and edit username for @Home cable modems--
#OPT_USER_ID="-h username"
ifconfig lo 127.0.0.1
route add -net 127.0.0.0 netmask 255.0.0.0 lo
if dhcpcd $OPT_USER_ID -d eth0 ; then
/usr/local/bin/dhcp_host_ip
echo "DHCP succeeded..."
logger "DHCP succeeded..."
fi
# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (/tmp/crontab.XXXXa00375 installed on Fri Feb 12 00:58:32 1999)
# (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp $)
SHELL=/bin/sh
PATH=/usr/local/bin:/usr/local/bin:/bin:/sbin:/usr/bin:/usr/sbin
*/20 * * * * exec /usr/local/bin/dhcp_host_ip
#!/bin/sh
# /usr/local/bin/dhcp_host_ip
# cron script to transfer dhcpcd's IP to /etc/hosts
PATH=/sbin:/bin:/usr/bin
HOST=$( hostname )
HOST_IP=$( ifconfig eth0 | grep "inet addr" - | cut -d: -f2 - | cut -d" " -f1
- )
LINE_OLD=$( grep -G ${HOST}'$' /etc/hosts | grep -v '^;' - )
LINE_NEW=${HOST_IP}" "${HOST}
sed s/"$LINE_OLD"/"$LINE_NEW"/ /etc/hosts > /tmp/.hosts.tmp
mv /tmp/.hosts.tmp /etc/hosts
------------------------------
From: "Michael Cook" <[EMAIL PROTECTED]>
Subject: Slack 3.6 w. PPPD 2.2 & modem hangs up TermReq=0x03
Date: Thu, 11 Feb 1999 13:57:48 -0500
I'm using InfoMagic's 11/98 Slackware 3.6 with Kernel 2.1.125 (it says at
boot time). My modem is a USR V90 56K FAX external PNP, and I'm using pppd
2.2.
/dev/modem has to -> /dev/ttyS0 instead of /dev/cua0, and after some more
trial and error I have gotten my pppscript working past the logon, using:
RECOVER CONNECT "" etc. (my ISP is Netcom Canada and it seems I have to
use RECOVER to dump the 45333/ARQ/etc string that follows "CONNECT".)
My script logs on o.k., and then I see messages for the host and assigned
local IP addresses, but then the modem hangs up immediately after.
In /var/adm/debug I can see IPCP ConfAck/ConfReq sequences for the 2 IP
addresses, and then the very next thing is my machine sends IPCP TermReq
id=0x03 and it's all over.
I have ploughed through all the HOW-TOs and tried various things like
setting &D2 and S13=1 and now I have run out of ideas.
According to my reading of the docs I should not need to specify a gateway
address on a machine that is simply a localhost, since I have defaultroute
and noipdefault specified in my ppppd options file. Is this incorrect?
Might the cause be that my modem is still not handling DTR correctly? If
so, what should it be set to if not &D2?
Any other suggestions as to possible cause and resolution, please?
Thanks, Mike Cook
------------------------------
From: [EMAIL PROTECTED] (J. Scott Berg)
Subject: Re: ftp gets stuck in FIN_WAIT1 when running 2.2.1
Date: 13 Feb 1999 03:16:30 GMT
In article <[EMAIL PROTECTED]>,
Sami Tikka <[EMAIL PROTECTED]> wrote:
>[EMAIL PROTECTED] (J. Scott Berg) writes:
>
>> Check the mtu using ifconfig. Try setting the mtu to a lower value
>> (1500, or even 576) using ifconfig.
>
>I tried setting pppd's mtu option to 576. It helped a bit but not
>much. Now I am able to transfer a few files but eventually it hangs
>the same way as before.
Well, that's progress at least!
For grins, try dropping the mru down to 576 as well. I really don't
expect any results from this, but who knows.
My assumption is that ppp under 2.2.1 is somehow more "agressive" and
is really tripping a problem in the network somewhere (bad router).
Try a couple of things:
1) Do you have tracepath? If not, grab iputils and build it (Changes
file tells you where). Do a tracepath to your ftp site. Post the
results with various mtu/mru combinations (nothing, 1500, 576). Or at
least summarize what you see in the 9 combinations (it will just give
a pmtu at the beginning and the end if everything is normal; if not,
it will say somthing in the middle).
2) Do you have tcpdump? If not, grab that (ftp.ee.lbl.gov; don't
forget libpcap also). Wait until 'netstat -tna' is clean (all the
FIN_WAIT1's will eventually go away). Close your connection. Open the
connection, start tcpdump. Do the ftp upload, wait for it to stall.
Keep this going for a while (at least until you've been in FIN_WAIT1
for a good long time). Don't send anything else to the network while
this is going (to keep the output sane). Let's see what you get (this
was how I diagnosed and fixed my problems with this sort of thing).
>> If this did fix your problem: what version of pppd are you running
>> with under 2.0.36 and 2.2.1 respectively (I suppose you're using the
>> same one...), and have you replaced any of the kernel source files
>> with ones from the ppp distribution in either case?
>
>I am running a RedHat 5.2 system with all the update rpms. I think one
>of the updates was ppp 2.3.5 and that is what I am and was running. I
>haven't compiled ppp 2.3.5 myself and I haven't replaced any kernel
>files with ppp distributions files. (Should I have?)
I think so, but the problem doesn't seem to occur under 2.0.36! Who
am I to argue? If it ain't broke don't fix it. In fact, this may be
the very reason that it worked. The problems that I had were all
under 2.0.36 with the 2.3.5-replaced kernel sources.
>When I upgraded my 2.0.36 to 2.2.1 I read the Documentation/Changes
>and then fecthed, compiled and installed modutils, net-tools and
>util-linux. All the other (relevant) components were up to date.
Maybe it would be worth building ppp-2.3.5 from source. It doesn't
replace any files in the 2.2.1 kernel, so you shouldn't have to do a
kernel rebuild.
If you don't want to post all that output, you can just send it to
me. I'm curious about this since if we fix your problem, maybe I'll
understand what my problem was a little better.
-Scott Berg
------------------------------
From: Will Grzanich <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,alt.linux,linux.redhat,linux.redhat.misc,comp.windows.x.kde
Subject: Re: MS Explorer 4.0 for Unix
Date: Fri, 12 Feb 1999 18:49:28 -0600
Dont Spam Me wrote:
> As for having a fscking idea of HTML, who in their right mind, that is a
> serious web page creator, hand-writes HTML anymore?
I agree. Also, who in his right mind, that is, a serious computer user,
compiles his own operating system anymore?
Oh, wait...
-Will
--
-= "Soul Brother #1" =- | Visit the Asylum at
"All you need is love." | www.ews.uiuc.edu/~grzanich!
-John Lennon | Contains no MSG!
------------------------------
From: "Mark Lutz" <[EMAIL PROTECTED]>
Subject: Kernel: 2.2.1-ac1. pcmcia-cs-3.0.8 Error 2
Date: Thu, 11 Feb 1999 20:05:26 +0100
SuSE6. Kernel: 2.2.1-ac1. pcmcia-cs-3.0.8
cd /usr/src/pcm*
using `make config' w\ default options leads to:
./Configure: line 1: 2896 Broken pipe $KSYMS
2897 Done | grep -q "$1"
./Configure: line 1: 2902 Broken pipe $KSYMS
2903 Done | grep -q "$1"
./Configure: line 1: 2912 Broken pipe $KSYMS
2913 Done | grep -q "$1"
./Configure: line 1: 2933 Broken pipe $KSYMS
2934 Done | grep -q "$1"
1. Is this a problem?
`make install' tells me:
set -e ; for d in modules clients cardmgr flash debug-tools man etc ;
do make -C $d ; done
make[1]: Entering directory `/usr/src/pcmcia-cs-3.0.8/modules'
gcc -MD -O2 -Wall -Wstrict-prototypes -Winline -pipe -D__KERNEL__ -D
MODULE -I../include -I/usr/src/linux/include -I/usr/src/linux -c
i82365.c
/usr/src/linux/include/asm/smp.h: In function `hard_smp_processor_id':
In file included from /usr/src/linux/include/linux/smp.h:11,
from /usr/src/linux/include/linux/sched.h:20,
from /usr/src/linux/include/asm/uaccess.h:8,
from ../include/pcmcia/k_compat.h:117,
from i82365.c:25:
/usr/src/linux/include/asm/smp.h:209: warning: implicit declaration of
function
`GET_APIC_ID'
/usr/src/linux/include/asm/smp.h:209: `APIC_BASE' undeclared (first
use in this
function)
/usr/src/linux/include/asm/smp.h:209: (Each undeclared identifier is
reported only once
/usr/src/linux/include/asm/smp.h:209: for each function it appears
in.)
/usr/src/linux/include/asm/smp.h:209: `APIC_ID' undeclared (first use
in this function)
make[1]: *** [i82365.o] Error 1
make[1]: Leaving directory `/usr/src/pcmcia-cs-3.0.8/modules'
make: *** [all] Error 2
2. What am I doing wrong?
------------------------------
From: Rick Onanian <[EMAIL PROTECTED]>
Subject: Re: Kernel has FW_MASQUERADE but netstat -M doesn't work
Date: Thu, 11 Feb 1999 12:37:18 -0500
Jeff Silverman wrote:
> You have to rebuild the kernel, which is, in my mind, a daunting project.
> Other people in this group do it all the time, and I am going to buy beg or
> steal an OS development machine to learn how to do it. To solve the
> problem you are facing quickly and economically, I reverted to RH 5.1.
>
> Jeff
Recompiling the kernel sounds really horrible. If you're taught wrong, it's
pretty bad at worst. If you're taught right...It's really no big deal
whatsoever. I, too, feared for my life when someone suggested recompiling my
kernel...and when I finally did it, I realized: There's not programming
involved.
Two REALLY good links to learn how to compile your kernel the quick and easy
way:
http://www.linuxmafia.org/tips_trixs.html
http://jgo.local.net/LinuxGuide/linux-kernel.html
rick
------------------------------
From: [EMAIL PROTECTED] (Tobias Reckhard (jester))
Crossposted-To: comp.os.linux.setup
Subject: Re: how do I support "IP_TRANSPARENT_PROXY" with ipfwadm?
Date: Thu, 11 Feb 1999 09:56:30 GMT
On Tue, 09 Feb 1999 23:20:31 +0200, Moshe Cohen
<[EMAIL PROTECTED]> wrote:
>thanks.I did it.
>But the problems is that I still can't use it.
>I had little close network ,and I want to pass the "clients"(the internal
>network) via transparent proxy.I work in 2.0.36 kernel with 2 Nic (eth0,eth1)
>
>and I ran the following lines:
>
>/sbin/route add -host 132.68.34.218 eth1
> /sbin/ipfwadm -I -a accept -P tcp -D localhost 80
>/sbin/ipfwadm -I -a accept -P tcp -S 132.68.34.218/0 1024:35000 -D 0.0.0.0/0
>80 -r 8086
>/sbin/ipfwadm -F -a accept -P tcp -S 132.68.34.218/0 1024:35000 -D 0.0.0.0/0
>80 -r 8086
>
>all command works ,except the last ( I got message:redirection only allowed
>in combination with -I),but it doesn't matter,because the 3rd command is
>enough.
>
>did I forgot something ??
The way I understand ipfwadm's transparent proxy concept, what it does
is change the input port on a TCP packet for port 80 to 8086 and the
destination address to that of the local machine, i.e. the gateway (or
does it leave the destination address unmodified - does anyone know?).
You need a server listening on the port you're redirecting to, at
least that's the way I understood it. What I don't understand right
now is how that server is supposed to figure out the destination
address you're actually trying to go if this method is supposed to
make an actual proxy work. I suspect it's only there to 'fool' clients
behind your gateway into thinking they're connected to their
destination, when, in reality, they're only connected to a server on
the gateway.
Tobias
------------------------------
From: The Extremist <[EMAIL PROTECTED]>
Subject: Re: checksum compile error on kernel 2.2.1 pls help!!
Date: 13 Feb 1999 03:49:05 GMT
Please reply to the newsgroup as this email will not be valid for
sometime.
thanks
Partha
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
