Linux-Networking Digest #313, Volume #10 Fri, 26 Feb 99 18:13:34 EST
Contents:
IP masquerading disabling? ("Thomas J. Feller")
need help / script for ibm isp ([EMAIL PROTECTED])
Re: Apache: Cant't run my own CGI-Scripts (Bob McLaren)
Re: Route causing ping's "operation not permitted" error (Hugo Haas)
Re: winbond ne2000 problem (Phil DeBecker)
Re: TCP/IP works telnet ("PTW")
Re: Route causing ping's "operation not permitted" error (Curt Timmerman)
Re: How to know email of a http client ? (Rick Onanian)
HELP: Network collisions slowing down connection to Linux file server ("Anonymous")
Linux=>internet via NT-proxy (Roeland Marco Drupsteen)
Re: Question... (Rick Onanian)
LAN security NT Vs. Linux (Keith Davey)
Re: RH 5.2 HD Install - WON'T - HELP!!! (Grant Leslie)
Re: domain name reg and IP setup (Alex Kamantauskas)
Re: IP masquerading disabling? (Eugene Strulyov)
----------------------------------------------------------------------------
From: "Thomas J. Feller" <[EMAIL PROTECTED]>
Subject: IP masquerading disabling?
Date: Fri, 26 Feb 1999 14:19:49 -0600
What is the easiest way to disable IP masquerading?
I know I can edit the sources and recompile/link the kernel.
Even if that is the best way what would be the best way to
make the changes to the source files?
I want to be able the use the port numbers 61000 through 65096 that
are currently reserved for IP masquerading.
--
Thomas J. Feller
Development Manager
Enforcer Technology, Inc.
6767 W. Greenfield Ave
West Allis, WI 53214
------------------------------
From: [EMAIL PROTECTED]
Subject: need help / script for ibm isp
Date: Sun, 21 Feb 1999 08:04:58 GMT
i'm using RedHat 5.2 but i can't connect my ibm internet account . their
support did not help me ("we support only our global dialer" , and as far as
i know , there is no version for linux
can anyone tell me to do it or even send me a script ?
thanks
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Bob McLaren <[EMAIL PROTECTED]>
Subject: Re: Apache: Cant't run my own CGI-Scripts
Date: Fri, 26 Feb 1999 20:15:19 GMT
I believe you need to CHMOD 755 the cgi script you are trying to run.
Effectivly what this does is allow outside users to "execute" your cgi
script. (the rights look like this rwxr-xr-x)
Hope this helps, this might be the first time I've actually helped
somebody rather than ask for help. ;)
"Christoph Kl�nter" wrote:
> Im running Apache 1.3 on a standalone Computer.
> I can't run my cgi-scripts, because Apache says it's forbidden.
> I can run scripts in Apaches own /http/cgi-bin directory, and I wrote
> the same Directives for my own /cgi Directory in srm.conf and
> access.conf but it doesn't work,
> wht is wrong ????????
> Thanx Christoph
--
Bob McLaren
Network Administration
Financial Statement Services, Inc.
HTTP://WWW.FSSI-CA.COM
------------------------------
From: [EMAIL PROTECTED] (Hugo Haas)
Subject: Re: Route causing ping's "operation not permitted" error
Date: 26 Feb 1999 20:44:53 GMT
In comp.os.linux.networking, Curt Timmerman wrote:
> Is 10.0.63.5 properly set up to route to 10.0.62.103? I received this message
> once when I tried to send a message through a system that was not set up routing.
I'm afraid that the answer is yet.
Actually, 10.0.63.20 and 10.0.63.5 are 2 routers and the Linux is configured
as a bridge (note that the problem is the same with or without the bridge
running).
If I remove the route to 10.0.62.103, the packet will do:
10.0.63.4 -> 10.0.63.20 -> (eth0->eth1) -> 10.0.63.5 -> ... -> 10.0.62.103
eth0 req default route bridged routed to
and then 10.0.62.103 replies:
10.0.62.103 -> ... -> 10.0.63.5 -> eth1 (10.0.63.3)
reply stops here
I guess that the packet never reaches eth0 because 10.0.63.4 did the request
and 10.0.63.3 receives the reply, so it discards it but this is bizarre
since IP forwarding is enabled...
Thank you for the interest anyway.
Hugo
--
Hugo Haas (http://www.via.ecp.fr/~hugo/)
------------------------------
Date: Fri, 26 Feb 1999 15:47:18 -0500
From: Phil DeBecker <[EMAIL PROTECTED]>
Subject: Re: winbond ne2000 problem
Sensi wrote:
> Hello
> I have the 2.0.36 linux kernel with a winbond ne2000 ethernet card.
> Loading the ne2k-pci module seems fine and no problems seems to be detected
> by the kernel at boot.
> But when I run the 'ifconfig' command it reports me several TX errors and
> also collisions errors. I have to say that the card is reported to IRQ 12
> and
> io 0x6600. That's also the same configuration reported by Windows 98.
> What is the problem with the card and how can i resolve it ?
>
> Thanks for your response
What does "several" errors mean? Does the card work at all? Are you getting
basically normal transfer rates? If you're on a really busy network, getting
transmission and collision errors is not necessarily a sign of a problem with
the card.
This is my ifconfig eth0 result:
eth0 Link encap:10Mbps Ethernet HWaddr 00:10:5A:04:51:E5
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
UP RUNNING MULTICAST MTU:1500 Metric:1
RX packets:66007495 errors:16 dropped:0 overruns:0
TX packets:5350623 errors:0 dropped:0 overruns:0
Interrupt:9 Base address:0xfc80
As you can see there are a few RX packet errors (though no TX ones). You
might paste up your results. Without that, it's hard to say what, if
anything, might be wrong with your card.
Phil D.
------------------------------
From: "PTW" <[EMAIL PROTECTED]>
Subject: Re: TCP/IP works telnet
Date: Fri, 26 Feb 1999 12:45:06 -0800
If the host you want to come form is secure and you are
ok with it, you can use /etc/host.equiv to make your
system have the same rights as the system you
are trying to get in on.
Just another opinion.
Patrick Berge wrote in message ...
>
>Luca Filipozzi wrote in message ...
>>In article <oy6B2.1825$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>>says...
>>Are you trying to login as root? Intentional security measures prevent
>>root from logging on via telnet (all someone has to do is sniff the
>>packet for the root password).
>>
>>So, rather than tell you how to defeat this, let me suggest two other
>>ways of accessing your box...
>>
>>1) login as a normal user an "su" to become root
>>2) install SSH (secure shell)
>>
>>SSH is the preferred option. Right from the get go, the link is encrypted
>>with a PGP-style private-key public-key method. Works great. Install the
>>daemon on the linux box and get an SSH client for whatever box you are
>>working on (yes, there are free 95/NT SSH clients).
>>
>>Hope this helps,
>>
>>Luca
>>--
>>Luca Filipozzi <[EMAIL PROTECTED]>
>
>I tried root and I also tried a userid I setup? and did get the userid I
>setup to work... sorry I am new to Linux but use AIX at work. At work we
>certainly have ssh or some proprietary AIX thing that lets users telnet as
>root on a per machine basis. Gee I just thought Red Hat would ship with a
>ssh ??? Well I guess that's what I get for assuming proprietary UNIX
>security comes setup with Linux.
>Thanks for the info. Oh yea I am using Win95 for this email... I can't
wait
>until our PCs can run multiple OSes concurrently. I hate rebooting my
>machine just to switch OSes. I think I am going to be buying VMWare for
>personal use as soon it is out.
>
>
>
------------------------------
Date: Fri, 26 Feb 1999 10:47:58 -0900
From: Curt Timmerman <[EMAIL PROTECTED]>
Subject: Re: Route causing ping's "operation not permitted" error
Is 10.0.63.5 properly set up to route to 10.0.62.103? I received this message
once when I tried to send a message through a system that was not set up routing.
Curt
Hugo Haas wrote:
> Hi.
>
> I saw similar problems in the archive of this newsgroup bu never saw any
> solution. I hope I will be luckier.
>
> I have a weird problem: I can reach a gateway but trying to access something
> attached to it cause a "ping: sendto: Operation not permitted" error.
>
> Here's my routing table:
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 10.0.62.103 10.0.63.5 255.255.255.255 UGH 1 0 0 eth1
> 10.0.63.5 0.0.0.0 255.255.255.255 UH 1 0 0 eth1
> 10.0.63.3 0.0.0.0 255.255.255.255 UH 1 0 0 eth1
> 10.0.63.4 0.0.0.0 255.255.255.255 UH 1 0 0 eth0
> 10.0.63.20 0.0.0.0 255.255.255.255 UH 1 0 0 eth0
> 10.0.63.0 0.0.0.0 255.255.255.0 U 2 0 0 eth0
> 10.0.63.0 0.0.0.0 255.255.255.0 U 2 0 0 eth1
> 0.0.0.0 10.0.63.20 0.0.0.0 UG 3 0 0 eth0
>
> 10.0.63.5 can be reached by eth1. I can ping it, telnet it, etc.
>
> I have a route specifying that 10.0.63.5 should be used as a gateway to
> reach 10.0.62.103. If I try to ping 10.0.62.103, I get:
>
> PING 10.0.62.103 (10.0.62.103): 56 data bytes
> ping: sendto: Operation not permitted
> ping: wrote 10.0.62.103 64 chars, ret=-1
>
> --- 10.0.62.103 ping statistics ---
> 1 packets transmitted, 0 packets received, 100% packet loss
>
> It seems that it does not know where to send the packet.
>
> Here is what eth0 and eth1 look like:
>
> eth0 Link encap:Ethernet HWaddr 00:60:97:53:EC:1E
> inet addr:10.0.63.4 Bcast:10.0.63.255 Mask:255.255.255.0
> UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
>
> eth1 Link encap:Ethernet HWaddr 00:20:AF:11:F9:AC
> inet addr:10.0.63.3 Bcast:10.0.63.255 Mask:255.255.255.0
> UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
>
> Does anybody see what is wrong about that?
>
> Note that if I remove the route to 10.0.62.103 and I ping 10.0.63.3 from it,
> the kernel does not even see the packet (as if it was discarded by eth1).
>
> Thank you.
>
> Hugo
>
> --
> Hugo Haas (http://www.via.ecp.fr/~hugo/)
------------------------------
From: Rick Onanian <[EMAIL PROTECTED]>
Subject: Re: How to know email of a http client ?
Date: Fri, 26 Feb 1999 16:35:07 -0500
Massimo Lambertini wrote:
> Hi at all .
> There is some king of javascript that read a mail account and write
> a cookie , that apache or other www server can read ?
>
> I know that the question is strange , but i have same problem
> with server that know my email , and i do not send my email .
Are you sure that they don't get your email from newsgroup posts?
> Please if you answert send a email also to my personal email .
> Massimo Lambertini [EMAIL PROTECTED]
--
rick - a guy in search of raw (ISO) cd images of SuSE and Slackware
===============
My opinions don't exist, and as such, are not anyone elses. I do not
represent
anyone, not even myself, and especially not my employer. Cows go moo.
---
Looking for a 1968 Camaro SS convertible, black interior, beat-up
rustbucket
that is in need of a lot of restoration and TLC. Must be cheap...I'm
broke.
---
Reply to me at either thc <at sign here> psynet <dot> net or
rick <at sign> mail <dot> artmold <dot> com
------------------------------
From: "Anonymous" <[EMAIL PROTECTED]>
Subject: HELP: Network collisions slowing down connection to Linux file server
Date: Fri, 26 Feb 1999 14:34:16 -0500
Greetings all, I hope someone can offer a suggestion on the problem I'm
having...
I'm running a 100 Megabits/sec network using a Linux box (RedHat 5.2 with
Samba 2.0.2) as a file server so that Win95 workstations can share
data/files. Some times, the transfers are extremely slow due to excessive
collisions (as seen on the hub). This also occurs when using a Win95
workstation to copy a file on a server share to another share on the server.
I've tried:
1) replacing the network card in the server machine
2) replacing the network card in the workstation(s)
3) using a different network cable
4) using a different connection port on the hub
5) using a different hub
6) isolating the server and a single workstation to be the only computers on
the hub (network)
7) re-installing Linux
Nothing helps. Currently, I have a NetGear FA310TX card (DEC chipset) in the
server and using the Tulip driver. SMC EZCard 1211 in some Win95
workstations and some with 3Com's Fast Etherlink XL. The hubs are LinkSys
EtherFast 10/100 Auto-Sensing Hubs (all ports running at 100Mbps)
The collisions do not occur between Win95 workstations, only when
transfering to/from the Linux machine. What's going on?
Please help
Curtis
[EMAIL PROTECTED]
(Remove nospam from the address for direct reply)
------------------------------
From: [EMAIL PROTECTED] (Roeland Marco Drupsteen)
Subject: Linux=>internet via NT-proxy
Date: Fri, 26 Feb 1999 21:27:27 GMT
Reply-To: [EMAIL PROTECTED]
Hello all,
A friend of mine is trying to access the internet on her Linux
workstation via the NT-proxy on her network. This doesn't
seem to be possible because the Linux station doesn't logon
to the PDC. Is there a possebility to make the NT server grant
the Linux station access to the proxy?
Thank you!
R.M. Drupsteen
[EMAIL PROTECTED]
Netherlands
------------------------------
From: Rick Onanian <[EMAIL PROTECTED]>
Subject: Re: Question...
Date: Fri, 26 Feb 1999 16:38:10 -0500
Led wrote:
>
> Hi I got a question here.
>
> I connect my computer on the school local net, and in windows, I don't
> set any proxy or anything, and I can connect to the internet... so, in
> linux, it will do the samething?
You have tcp/ip connection? There must be something that you set in
Windows. Whatever that is, is what you need to set in Linux. Usually,
it's either DHCP (which automatically gets all the network info for you)
or your IP, netmask, DNSs, hostname/domain name, etc..
Linux is very good at networking.
--
rick - a guy in search of raw (ISO) cd images of SuSE and Slackware
===============
My opinions don't exist, and as such, are not anyone elses. I do not
represent
anyone, not even myself, and especially not my employer. Cows go moo.
---
Looking for a 1968 Camaro SS convertible, black interior, beat-up
rustbucket
that is in need of a lot of restoration and TLC. Must be cheap...I'm
broke.
---
Reply to me at either thc <at sign here> psynet <dot> net or
rick <at sign> mail <dot> artmold <dot> com
------------------------------
From: Keith Davey <[EMAIL PROTECTED]>
Subject: LAN security NT Vs. Linux
Date: Fri, 26 Feb 1999 15:39:27 -0700
I have an enviorment with 30 workstations running windows 95/98, and have been tasked
to network them together to provide basic email, and to alow them to access a new
intranet web server. I have been given the freedom to chose the OS that the server
will run on. I am considering Linux, but I am not sure it can
provide a vital function. That function is LAN security. I can set NT up as a PDC
and have it athenticate any and all requests by client win 95/98 boxes for network
access. The question is can Linux provide the same functionality (act as a PDC to the
Win 95/98 boxes) If so is this done thru SAMBA or NIS?
------------------------------
From: Grant Leslie <[EMAIL PROTECTED]>
Crossposted-To:
alt.linux,alt.os.linux,comp.os.linux,comp.os.linux.help,comp.os.linux.questions,comp.os.linux.setup
Subject: Re: RH 5.2 HD Install - WON'T - HELP!!!
Date: Fri, 26 Feb 1999 15:52:06 -0400
Since I don't see this mentioned in the other replys....
I'd make sure you have all the directories downloaded with all files, as
well. Here are the ones you'll need.
Never hurts to double after you download, to make absolutely sure all
the files are present and accounted for, and the proper sizes.
RedHat
|-base
|-instimage
| |-lib
| |-usr
| |-bin
| |-etc
|-RPMS
Caps do seem to matter as well, since RedHat install will mount the
drive as type vfat.
If Caps seem to be a problem, after you have loaded the supp disk, Press
<ALT>-<F2>? ( could be wrong, try F2-3-4 until you see the # prompt. )
Then
cd /tmp
mkdir dos
mount /dev/hda2 dos -t vfat ( change for your hard drive setup )
cd dos
Then you can cd around and make sure the folders all have the proper
capitalization. If not, say for example to change Rpms to RPMS.
mv Rpms RPMS.tmp
mv RPMS.tmp RPMS
The double move is because mv will complain that the file already exists
if you do a straight mv, since VFAT sees it as the same file name, even
though Linux will care about the caps.
When you're done, cd back /
umount /tmp/dos
and <ALT>-<F1> back to the install program, and _hopefully_ it should
work.
As a little help I also download the Autoboot directory then from dos
the command
c:\{whateverdir}>loadlin autoboot\vmlinuz initrd=autoboot\initrd.img
Will boot to setup in a hurry, and then you only need to make and load
the Supp disk, nice time saver.
> Now my problem.
> ---------------
> Downloaded RH 5.2 and placed it on D, first in a sub-dir from the root.
> Created the boot and supp disks. Went through the install, partitioned the
> drive, etc. When it comes to the part where it asks for where the RedHat
> directory is, I choose the device (/dev/hda5/ - D drive) and the path /rh52.
>
> RH starts scanning the directory and then gives this error:
>
> Error opening directory
>
> ??? Say What??? I've tried installing from the root of D and the root of C.
> I'm not stupid, I know what I'm doing here but it refuses to work and I
> DON'T KNOW WHY!!!!
>
> What error is it getting opening the directory??? WHy? What can I do to STOP
> IT!
>
--
"It looks so lovely, and fragile. Imagine how many millions of people
are living on it, and don't even realize how fragile it is."
Alan B. Shepard, 1971, said with a tear in his eye, on the
Apollo 14 mission looking back at earth from the moon
------------------------------
From: [EMAIL PROTECTED] (Alex Kamantauskas)
Crossposted-To: comp.os.linux.help,comp.os.linux.misc,comp.os.linux.setup
Subject: Re: domain name reg and IP setup
Date: 26 Feb 1999 22:10:24 GMT
> But surely this is a domain hosting service - correct me if I am wrong ?
>
The InterNIC, or Network Solutions, Inc., serves two functions - they
maintain the files that update the various root servers, and they act as
registrar for the COM, ORG, and NET domains.
> The info that I require is to know howto set up my own IP www homepage
> and control it from my own box, I know I need to contact the respecive
> authorities
> Who are they ?
Depends on what domain name you want to be registered under - InterNIC, as
mentioned, runs the .com, .net, .org. However, they cannot register you
under .co.uk.
> What hardware do I need - leased line or normal daily used telephone
> line ?
>
> I have set up PPP and DNS this works fine for my IPS but what if I would
> like to host my own server.
>
If you will be hosting your own DNS server, than you will want a line that
is up 24/7.
--
alex kamantauskas
tugger networks
[EMAIL PROTECTED]
------------------------------
From: Eugene Strulyov <[EMAIL PROTECTED]>
Subject: Re: IP masquerading disabling?
Date: Fri, 26 Feb 1999 22:48:13 GMT
uhhhh, have you ever heard of ipfwadm??? RTFM, pal.
"Thomas J. Feller" wrote:
> What is the easiest way to disable IP masquerading?
> I know I can edit the sources and recompile/link the kernel.
> Even if that is the best way what would be the best way to
> make the changes to the source files?
> I want to be able the use the port numbers 61000 through 65096 that
> are currently reserved for IP masquerading.
>
> --
> Thomas J. Feller
> Development Manager
> Enforcer Technology, Inc.
> 6767 W. Greenfield Ave
> West Allis, WI 53214
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
