Linux-Networking Digest #233, Volume #10 Wed, 17 Feb 99 15:13:48 EST
Contents:
Thinkpad 600 keeps rebooting when loading kernel (Jeffrey Veiss (CTG))
Re: NAT & Port Redirection (Luca Filipozzi)
RH5.1 & ftpd - where?? (Mark Hamlin)
Re: strange asymetric transfer rate on 100TX-FD ethernet ("M.C. van den Bovenkamp")
Re: Changing IP address ("William R. Mattil")
Re: Checking attempted access (Luca Filipozzi)
IP addresses pool for pppd server ("Denis Berger")
Re: Using ppp with Linux on a home LAN (tommy)
Re: Samba Setup (Mojo Geek)
Re: What and why is identd? ("Paul Boyer")
Re: NAT and X? (Luca Filipozzi)
Re: Beowulf for Web Serving? (Pavel V. Zaitesev)
PPP SuSE Linux 6.0 ("TJurk")
Re: 2 NIC problems(can't make arguments permanent) ([EMAIL PROTECTED])
Re: Problem level of PPP+linux 2.2.1? (Clifford Kite)
Re: Networking Linux RedHat 5.1 and Windows98 ([EMAIL PROTECTED])
IE - integration problems with proxying and DHCP (Carol Parkey)
isdn dial in server (Andre Boeder)
----------------------------------------------------------------------------
From: Jeffrey Veiss (CTG) <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux.slackware,alt.linux.slakware,comp.os.linux.portable,linux.dev.laptop
Subject: Thinkpad 600 keeps rebooting when loading kernel
Date: 17 Feb 1999 12:19:33 -0500
***NOTE: Before you reply, remove "SPAMSUCKS" from my e-mail address.
I have a IBM Thinkpad 600 (266MHz PII, 64M, etc.) running both Redhat 5.2
and Windows 98. There's a problem where when the kernel first starts
loading (uncompressing?), it reboots itself immediately after printing out the
dots. Here's some notes:
o I originally tried booting from the NET.I boot disk from the Slackware
3.5.0 distribution with the same result, which is why I tried Redhat.
o After installation, I recompiled the redhat kernel (2.0.36). The ONLY
config change I made was to turn on APM (CONFIG_APM) and shutdown
power-off (CONFIG_APM_POWER_OFF). Everything else was left exactly
as is. I copied the new bzImage to /boot, added a test entry to
lilo.conf, and ran lilo. However, as soon as it prints out the dots,
the thinkpad reboots itself.
o The stock Redhat kernel (2.0.36) works boots fine.
Has anyone else seen a problem like this? Would some kind thinkpad 600
owner try booting off the Slackware 3.5.0 net.i image to see the same result?
I'd be happy to provide the image if necessary.
Please contact me if there are any further questions via internet mail at
[EMAIL PROTECTED] Thank you very much!
Jeffrey Veiss ([EMAIL PROTECTED]) PO Box 5400
Network Engineer Princeton, NJ 08543-5400
Corporate Telecommunications (609) 818-3308
Bristol-Myers Squibb (609) 818-7814 (fax)
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: NAT & Port Redirection
Date: Wed, 17 Feb 1999 09:31:38 -0800
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> Do they work with Kernel 2.2.1?
>
> Luca Filipozzi wrote:
>
> > In article <[EMAIL PROTECTED]>,
> > [EMAIL PROTECTED] says...
> > > I was able to garner some information regarding port redirection from
> > > the NAT documents. However, I don't see any method for taking incoming
> > > traffic on port 80 and redirecting it to port 8080 on an internal
> > > server.
> > >
> > > Any thoughts?
> > > jim
> > >
> > > On Sat, 13 Feb 1999 14:54:47 GMT, sili <[EMAIL PROTECTED]> wrote:
> > >
> > > >An example would be
> > > >
> > > >TCP:23:10.0.0.1:NORMAL
> > > >
> > > >Every access on port 23(telnet) would be re-directed to the machine on
> > > >10.0.0.1
> > > >
> > > >James Cook wrote:
> > > >
> > > >> I am running NAT1000 from Nevod on an NT Server/Cable Modem setup and
> > > >> it works great.
> > > >>
> > > >> The other computers on my private network use a 10.x.x.x address
> > > >> scheme, and one of these systems is a Linux server (running on Intel
> > > >> hardware). From outside my network (while at work) I can access FTP
> > > >> and HTTP servers running on my NT Server (where NAT1000 resides)
> > > >> perfectly. I understand that the rest of the private network is sealed
> > > >> off from external access.
> > > >>
> > > >> Is there a technique that I can use on the NT server to make resources
> > > >> available from the Linux box? For example, if I ran a daemon on Linux
> > > >> (FTP, HTTP, CVS, etc.) can I access it externally somehow? Would a
> > > >> port redirector work here?
> > > >>
> > > >> Any help would be greatly appreciated.
> > > >>
> > > >> jim cook
> > >
> > >
> > Check out ipportfw or ipautofw. Both of these port forwarders will do
> > what you ask.
> >
> > --
> > Luca Filipozzi <[EMAIL PROTECTED]>
>
>
Don't know. I'm still sticking with 2.0.36.
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: Mark Hamlin <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: RH5.1 & ftpd - where??
Date: Wed, 17 Feb 1999 17:30:27 +0000
Reply-To: [EMAIL PROTECTED]
Does ftpd come with the CDROM distribution of RH5.1. I have the man
page but it does not appear to be on the sysytem. Is there an
alternative tucked away somewhere??? or do I need to download it? I am
a newbie to system admin so if there are any issues not in the readme
surrounding its installation please let me know
Cheers.
Mark
------------------------------
From: "M.C. van den Bovenkamp" <[EMAIL PROTECTED]>
Subject: Re: strange asymetric transfer rate on 100TX-FD ethernet
Date: Wed, 17 Feb 1999 15:15:01 +0100
Bob Glover wrote:
>
> You need to use a switching hub to get full duplex with 100TX.
Nope. A crossover cable like he is using will work as well. All you need
to be able to run FDX is a collision domain with only two stations on
it, and a crossover cable satisfies that criterion.
Regards,
--
Marco van den Bovenkamp.
CIO EMEA Network Design Engineer,
Lucent Technologies Nederland.
Room: HVS BZK 32
Tel.: (+31-35-687)2724
Mail: [EMAIL PROTECTED]
------------------------------
From: "William R. Mattil" <[EMAIL PROTECTED]>
Subject: Re: Changing IP address
Date: Wed, 17 Feb 1999 11:23:36 -0600
Ron Trunk wrote:
>
> I tried to change my IP address on my Red Hat 4.2 system. I thought I
> changed all the proper configuration files, but now I get a SIOCADDRT:
> Invalid argument error.
> Anyone have an idea of where to start looking?
>
> Many thanks
> Ron
> [EMAIL PROTECTED]
The only files that need to be changed are as follows:
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
IPADDR=WWW.XXX.YYY.ZZZ
NETMASK=255.255.255.0
NETWORK=WWW.XXX.YYY.0
BROADCAST=WWW>XXX.YYY.255
ONBOOT=yes
BOOTPROTO=none
and you can look at /etc/sysconfig/network:
NETWORKING=yes
HOSTNAME=hostname.domain.name
DOMAINNAME=domain.name
GATEWAY=
GATEWAYDEV=
Regards
Bill
--
William R. Mattil |
SSCFI System Admin |
(972) 399-4106 |
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: Checking attempted access
Date: Wed, 17 Feb 1999 09:39:01 -0800
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> The more I do, the more I learn, and the more I know I know bugger all!!
>
> What log files and or configuration settings could I/should I look at to
> check as to whether or not someone is trying any portscans or hacks ??
> I have all the services I don't need turned off etc, but am curious to
> see if anyone is having a go.
>
> Even pointers to HOWTOs etc would be appreciated.
>
> BTW is it possible to stop someone doing an su
>
>
You can run the paranoia daemons: tcplogd and icmplogd. These will log
every TCP and ICMP connection attempt/packet that your firewall receives.
You can also use courtney to check for Satan scans. Doesn't work for nmap
scans, though. The paranoia daemons will spew a lot of info when
somebodys uses nmap on you.
You can also use "log analyzer" to automatically look over your logs and
mail you summaries. Needs a lot of configuring.
You can also use tripwire, which will see if files on your system have
changed and mail you the differences. That way, if somebody has gotten in
and attempted to cover their tracks, you'll still know.
You can find all of these things in the appindex at www.freshmeat.net.
Look at /var/log/syslog.
Hope this helps,
Luca
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: "Denis Berger" <[EMAIL PROTECTED]>
Subject: IP addresses pool for pppd server
Date: Wed, 17 Feb 1999 19:13:45 +0100
I want to specify a pool of IP addresses for my pppd server, but it seams I
cannot enter more then 1 IP in the last field of pap-secrets/chap-secrets
file lines.
My goal is to have multiple connections with different IP addresses and with
only one user/pass.
Do anyone already did that ?
------------------------------
From: tommy <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: linux.redhat.ppp,poster
Subject: Re: Using ppp with Linux on a home LAN
Date: Wed, 17 Feb 1999 20:12:57 +0100
Hoyt wrote:
> Since the BeOS only supports PAP and my ISP supports CHAP and I don't want
> to change ISP's, this is what I am thinking:
>
> I will put the modem in my Linux box (486, 16MB ram) and access it through a
> home LAN from my WIndows machine (Pentium 233, 64MB ram) and my Be machine
> (Pentium 266, 96MB ram). Right now, the Linux box is set up for a
> non-networked dial-up desktop use. I have SMC 10baseT cards for all the
> machines.
>
> So how do I set up my Linux box? Actually, what programs do I need to
> install in Linux to network the other two to Linux? (I've already done a
> peer to peer network between two WIndows machines using TCP/IP.) I recall
> reading that others have used a similar setup to share a cable modem among
> several home users, but don't know any details.
>
> You don't have to provide configuration details; I can read the man pages
> and HOWTOs, but point me in the general direction so I can read up on it and
> get started. If I get lost, at least I'll have a better idea what to ask
> about and where to look.
>
> Hoyt
proxy server
------------------------------
From: Mojo Geek <[EMAIL PROTECTED]>
Subject: Re: Samba Setup
Date: Wed, 17 Feb 1999 10:50:48 +0000
I share several drives on my home setup. You're on the right track. I
fixed that by uncommenting "wins support = yes".
This is prolly a crude and bad fix. Also make sure your share drives are
"browse"-able.
jimterm wrote:
> Admittedly, I am a Linux "newbie/wannabe". I have installed Linux on a
> test
> machine. I want to eventually use it as a server to Win95/98
> computers.
>
> I have successfully installed Red Hat Linux 5.2. My Win98/95 machines
> can see that "Linuxserver" is there in the Network Neighborhood. But
> when I try to access it - I get a dialogue box asking me to login to
> "\\Linuxserver\IPC$" - which tells me I haven't got some parameter set
> right, probably a "share".
>
> "Testparm" says everything is ok.
>
> Any suggestions, help or other sources will be greatly appreciated.
--
Bryan E. Patrick [EMAIL PROTECTED]
Houston, Texas Tel/Fax 281-575-0949
http://www.wantabe.com/bpatrick
------------------------------
From: "Paul Boyer" <[EMAIL PROTECTED]>
Subject: Re: What and why is identd?
Date: Wed, 17 Feb 1999 08:51:19 -0500
You should have a close eye on it.
Identd is used by some standards attacks.
Ident request give information on who is on what box. Many smtp servers
execute a reverse ident request on the host originating the connection
sending an Email message. if your box is a SMTP server, it is somehow
normal identd works a lot, but you should definitely try to track down from
what hosts the requests are originating. If from mail.hotmail.com, or
whatever big smtp server you are in frequent connection with, that should
be fine, if no reverse DNS and / or unknown domain, you should act QUICK.
If the box is directly accessible from the Internet, you probably want to
disable identd.
Paul Boyer
Clint Davis <[EMAIL PROTECTED]> wrote in article
<[EMAIL PROTECTED]>...
> I have an app on my linux box that calls in.identd ( I guess).
>
> Every now and then when I do ps ax there is in.identd running and
> according to "top" is consuming 96% of the cpu.
>
> I have found little doc on what/why about identd.
>
> I have put an entry on inetd.conf and tried removing it but either way
> makes
> no difference.
>
> Clint
>
>
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: NAT and X?
Date: Wed, 17 Feb 1999 09:04:13 -0800
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> Michael George III wrote:
> ....
> > Does anyone have experience getting X-Windows to work while using NAT ?
> ....
>
> Run through ssh, this will make things a lot easier. (Requires root
> access to
> the machine on which you run the X clients to set it up, though).
>
> Mogens
>
>
Or you can port forward 600x through the firewall to the linux box where
you are running X. This will support only one x connection per port. So
if you want another linux box to do X through the firewall, then you need
to make it's display number 1 instead of 0. So the first port will be
6000 and the second one will be 6001.
BTW, this represents a security hole when you aren't running X. The idea
of using ssh is a very good one if you have sufficient rights on the
various machines.
Hope this helps,
Luca
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED] (Pavel V. Zaitesev)
Subject: Re: Beowulf for Web Serving?
Date: 17 Feb 99 18:42:47 GMT
Robert N. Pratt ([EMAIL PROTECTED]) wrote:
: Greetings,
: Complete moron when it comes to networking, and trying to learn...
: The situation: small, poor start-up firm; wants to give powerful
: interactive web solutions on Linux platform. Large, active backend DB,
: Firewall, Routers, Webserving, Dynamic Content Creation, etc. Would
: like to use low-cost PCs to handle these tasks - rather than purchasing
: an expensive server.
: The questions:
: Can a small Beowulf cluster be used in this situation?
: If not, any recommendations?
: If no recommended solutions, what material is available that I can learn
: for myself?
check squid - web proxy.
Pavel
.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~.*~
"Nobody has a right to complain about your own code, but you..."
-- Linus Torvalds http://victoria.tc.ca/~ws821
------------------------------
From: "TJurk" <[EMAIL PROTECTED]>
Subject: PPP SuSE Linux 6.0
Date: Wed, 17 Feb 1999 21:11:22 -0000
I did upgrade to SuSE Linux 6.0. I had setup a dial-in ppp connection which
worked fine under SuSE 5.3. After upgrading to 6.0 and dial'in from WinNT
4.0 (Yes i do know that it's a stupid OS) i get the message that the
connection could be etsablished but no suitable secrets could be be found to
connect to server (hostname).
Any ideas ?
Tilman Jurk
================================================================
Ingenieurbuero Jurk
Prozess- und Automatisierungstechnik
Raiffeisenstrasse 16
67256 Weisenheim am Sand / Germany
================================================================
Fon +49 (0)6353 91527-0
Fax +49 (0)6353 91527-4
[EMAIL PROTECTED]
http://www.ibjurk.de
================================================================
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: 2 NIC problems(can't make arguments permanent)
Date: Wed, 17 Feb 1999 18:12:29 GMT
I found where is the problem.
after you vi the lilo.conf, you have to run "lilo" command then the next time
you reboot the machine. The two NICs can be found.
In short, I didn't run "lilo" after edit.
Hongjun Ma (515)472-2633 [EMAIL PROTECTED]
Graduate student at CS department,Maharishi University of Management
Fairfield, IA 52557
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Clifford Kite)
Crossposted-To: comp.protocols.ppp
Subject: Re: Problem level of PPP+linux 2.2.1?
Date: 17 Feb 1999 11:29:00 -0600
Daren Scot Wilson ([EMAIL PROTECTED]) wrote:
: I'm new to these newsgroups,would like the judgement of old timers: I'm
: wondering if the number of PPP problems related to the new linux 2.2.1 is
: the "normal level" of trouble routinely found here, or has there been a
: sharp rise from past levels? If the latter, would you attribute this to
: changes in the software, or a sharp rise in beginners?
The "normal level" in the past year or so has been higher, with many
problems due to configuration bugs in ppp-2.3.5 which no longer apply
to the 2.2.x series. There is also a change in ppp-2.3.5 regarding
the ACCM, it now conforms to PPP specification and uses ffffffff as the
default where for ppp-2.2.0 the default was 00000000.
Since ppp-2.3.5 is required for the 2.2.x series more people will be
switching to it. Unfortunately there is a significant number of ISPs
that use a default other than ffffffff, and those that haven't configured
the pppd option asyncmap and try to use the scripts for 2.2.0 with 2.3.5
are likely to have a problem.
You ought to try for "asyncmap 0" or "asyncmap a0000" anyway since this
provides a speedier data link that escaping all control characters.
--
Clifford Kite <[EMAIL PROTECTED]> Not a guru. (tm)
/* The signal-to-noise ratio is too low in many [news] groups to make
* them good candidates for archiving.
* --- Mike Moraes, Answers to FAQs about Usenet */
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Networking Linux RedHat 5.1 and Windows98
Date: Wed, 17 Feb 1999 13:50:21 GMT
In article <7advaj$gjn$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> Can anyone point me in the right direction here. I have read the NET-3-HOWTO
> and I am beginning to get frustrated because I am having no sucess. Any
> Suggestions would be greatly appreciated. Is there a better HOWTO I should be
> reading. Funds are a little low for me to go out and but a Linux book right
> now.
>
> RMW
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
What are the problems? Did your install go ok? What does your configuration
look like? We need this info before we can help.
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Carol Parkey <[EMAIL PROTECTED]>
Crossposted-To: comp.security.firewalls
Subject: IE - integration problems with proxying and DHCP
Date: Tue, 16 Feb 1999 22:40:00 +0000
I have set up squid as a proxy server on linux.
On the client side, Netscape 4.5 (on NT WS 4 sp4) works fine through the
proxy; however, IE5 (beta 1) on W95 blatantly ignores the proxy for any
'FTP://' url requests (I have proved this by setting up tcpdump to look
at where the packets go - IE just ignores the proxy settings and tries
to go direct). IE3 also behaves correctly. (I can't download IE4, nor
the latest version of the IE5 beta, since the MS site keeps crapping out
on me during the transfer, and life's too short).
Next, I have set up DHCP on a linux box. Netscape on the NT client
again works fine. IE5 on W95 ignores _any_ proxy information, and
attempts to go direct for anything.
Unfortunately, we use IE as the standard at work, so the linux
firewall/proxy/dhcp solution has to work with it. Has anybody come
across similar problems? Is there some sneaky registry frig which will
make my bad dream go away?
jp
------------------------------
From: Andre Boeder <[EMAIL PROTECTED]>
Subject: isdn dial in server
Date: Wed, 17 Feb 1999 16:05:21 +0100
how do i configurate a isdn dial in server (dial in should be with ms
win 95) ???
[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
