Linux-Networking Digest #331, Volume #10 Sun, 28 Feb 99 09:13:43 EST
Contents:
Re: Win98 >< Linux (M. Buchenrieder)
Re: Linux----->W98----->modem------>internet (M. Buchenrieder)
Re: PAP problems (hASCII)
pppd dies unexpectedly ?? ("Howard Soper")
Modem coonection ("danny")
Re: pppd LCP problem with kernel 2.2 (Christoph)
Re: SUSE6.0 @ Pcmcia modem (Boudewijn W. Ch. Visser)
server with linux ("Furminieux vincent")
Re: WHEW! samba works! (Peter Baars)
Re: localhost connecting to port 111 ("Jens-U. Mozdzen")
Does Linux support MPP yet? (Dan Rotelli)
Re: policy routing (Mark Lamb)
Re: PPP Problems (configure-nak/rej ? error) (Malware)
Re: ipchains & udp logging (Malware)
Re: Boot hangs at Ethernet probe... Help! (Malware)
Re: telnet troubles (Malware)
Re: New kernel 2.2.0 and ICMP ? (Malware)
UDP Packets and VPN routing ("Chris Tenney")
Linux Firewall/Router with ISDN Dial in Config Problems ("Till Mommsen")
Re: HELP: No DNS resolution after using linuxconf in RH5.2 (xcitor)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (M. Buchenrieder)
Subject: Re: Win98 >< Linux
Date: Sun, 28 Feb 1999 07:54:23 GMT
[EMAIL PROTECTED] writes:
[...]
>The Link light on my Linux box is on until the card is initalized at boot then
>it goes off. When I go into Network Configurator in X it shows the card it
>active. Only when I deactivat the card does the link light come on. On the
>Win98 box the light is NEVER on. Not on boot, not while it pings itself,
>NEVER! I know this card works but I have never seen the light.
>Also am I correct in thinking that I do not have to have a hub to network
>these? I can just plug the network cable into the two right?
[...]
No. You would have saved you a lot of hassle if you had read the
relevant HOWTO carefully enough - there is a section dealing with
crossover cables as well. If you don't have a hub, you can only
use a crossover cable or use a 10base2 connection with T-connectors and
terminators (if the 10/100 card does provide a BNC plug).
Michael
--
Michael Buchenrieder * [EMAIL PROTECTED] * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't mungle your address.
------------------------------
From: [EMAIL PROTECTED] (M. Buchenrieder)
Subject: Re: Linux----->W98----->modem------>internet
Date: Sun, 28 Feb 1999 07:50:52 GMT
"GN" <[EMAIL PROTECTED]> writes:
[...]
>1. Can a connect to the internet with my linux comp by going trough my
>win98computer who already is connected to Internet via modem?
[...]
This can be done, but not without getting additional software for
the Win98 box. If you do have the choice, put the modem onto
the Linux box and have your Win98 box going through the Linux
system instead (with IP-forwarding/IP-masquerading) . If the present
setup can't be changed, you'll need to get a proxy for the Win98 box
since Win9* doesn't do routing/forwarding at all.
Michael
--
Michael Buchenrieder * [EMAIL PROTECTED] * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't mungle your address.
------------------------------
From: hASCII <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux
Subject: Re: PAP problems
Date: Sun, 28 Feb 1999 12:20:20 +0100
Brian wrote:
>
> just a guess
> Are you leaving the @knuut.d on your username ?
> If so try removing that part
> hope it helps :)
> Regards Brian
I already tried, but its supposed to be on the username.
Thanks anyways
Markus
--
Fuer die einen ist es Windows.
Fuer die anderen der laengste Virus der Welt.
------------------------------
From: "Howard Soper" <[EMAIL PROTECTED]>
Subject: pppd dies unexpectedly ??
Date: Sun, 28 Feb 1999 11:19:38 -0000
Hope someone can point me in the right direction as this is driving me
quietly crazy !
Having attempted to use the HOWTO docs and set up ppp I got stuck as pppd
simple would not establish a connection.
Gave up and downloaded ezppp. This seemed very easy to set up and run.
So...
Have cleared out /etc/ppp/options as instructed, set up the account details
( I am *trying* to connect to virgin net )
So we have virgin.net as domain, 194.168.4.10 as the nameservers.
Have added username and remotehost bitz for PAP as in instructions.
Fire it up - connects ... and dies.
Get a message on console "pppd really died" !!
Also get the following in /var/log/message :
Feb 27 20:29:35 Linux pppd[1309]: pppd 2.3.3 started by root, uid 0
Feb 27 20:29:35 Linux pppd[1309]: Using interface ppp0
Feb 27 20:29:35 Linux pppd[1309]: Connect: ppp0 <--> /dev/cua1
Feb 27 20:29:37 Linux pppd[1309]: Modem hangup
Feb 27 20:29:37 Linux pppd[1309]: Connection terminated.
Feb 27 20:29:38 Linux pppd[1309]: Exit.
Wondrous !
What is going wrong ???
PLEASE !!!
Howard Soper
------------------------------
From: "danny" <[EMAIL PROTECTED]>
Subject: Modem coonection
Date: 28 Feb 1999 10:38:56 GMT
Hello
Can anyone tell me how to
connect to the net using a modem
in slackware 3.5 and be able to browse
in netscape in x windows
Thx
------------------------------
From: Christoph <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.ppp,linux.redhat.ppp,at.linux
Subject: Re: pppd LCP problem with kernel 2.2
Date: 28 Feb 1999 12:09:14 GMT
In at.linux Andreas Grabner <[EMAIL PROTECTED]> wrote:
> Hi
> After I update my kernel to 2.2.x and pppd to 2.3.5 i can' t connect to
> my ISP when I boot kernel 2.2.
> when i boot 2.0.35 it works.
> i think there i a problem with LCP or in the kernel 2.2.2.
> i installed pppd 2.3.5 new and compile the kernel 2.2 new (maybe
> something goes wrong??)
I have run into the same problem a few weeks ago.
After sponsoring our Austria Telekom by trying out various pppd options
(unsuccessfully), I realized that the kernel was unable to find (or load)
the ppp-compression modules:
If you insert them manually by calling
modprobe ppp_deflate; modprobe bsd_comp
everything works fine. (at least it worked for me).
Good luck
Chris
------------------------------
From: [EMAIL PROTECTED] (Boudewijn W. Ch. Visser)
Crossposted-To: alt.os.linux.dial-up,comp.os.linux,nl.comp.os.linux
Subject: Re: SUSE6.0 @ Pcmcia modem
Date: 28 Feb 1999 12:02:27 GMT
Was it necessary to spam your question to so many newsgroups ?
Followup set to nl.comp.os.linux ,as you seem to be dutch and that's the
group I'm reading it.
On Sun, 28 Feb 1999 11:15:55 +0100, Jos <[EMAIL PROTECTED]> wrote:
>Machine: Mynote 810 notebook
>CPU: Amd k6-II/300Mhz
>96Mb / 4Gig hdd
>OS: SuSE 6.0 Linux, KDE Enviroment
>
>-------------------------
>
>Hi!
>
>I have just installed SuSE Linux on my notebook.
>I'd like to know if it's possible to use a pcmcia modem
>under linux. Does anybody know how to do this?
>
Yes, if you have a supported PCMCIA card this is easily possible.
The card will behave like any other serial modem. I've used this
with an Xircom Ethernet/Modem card.
For PCMCIA cards, see
http://hyper.stanford.edu/HyperNews/get/pcmcia/home.html
Just look at the supported cards, and watch out for winmodem-cards.
Boudewijn
--
+--------------------------------------------------------------+
|Boudewijn Visser | E-mail:[EMAIL PROTECTED] |
| -finger for PGP-keys.- | http://www.ph.tn.tudelft.nl/~visser |
+-- my own opinions etc ---------------------------------------+
------------------------------
From: "Furminieux vincent" <[EMAIL PROTECTED]>
Subject: server with linux
Date: Sun, 28 Feb 1999 13:11:49 +0100
I own two computer and two static IP. But I only have one RJ45 connection,
on local network. I want to configure a server computer with linux and a
client computer with Windows.
I have two networks interface : eth0 and eth1, and it seems they are
working.
I would like to know if i need a specific software to do this,like IP
maskerading and how to configure ip of the first and the second card.
thanks for your answer
xcuse my bad english ...
------------------------------
From: Peter Baars <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux
Subject: Re: WHEW! samba works!
Date: Sun, 28 Feb 1999 13:28:45 +0100
This is a multi-part message in MIME format.
==============CB4D1398B6A5874546978E90
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Yep, simple, in the smb.conf edit the line security = server into security =
share and make all the shares etc. public.
peter
Pete wrote:
> After 3 months of trying, I finally got samba up and running between my
> linux and win95 box.
>
> Now i'm going to be greedy and ask a question --
>
> Can I set up samba so that ANYBODY can log in with no (blank) password and
> have super user access to the entire system? In other words, none of my
> linux accounts have passwords and I'd like samba to have NO security.
>
> I have no security issues since my cat is not a very good typist...
>
> Thanks!
>
> Pete
>
> --
> ---------------------------------------------------------------
> http://landau.ucdavis.edu/psalzman
> [EMAIL PROTECTED]
> One world, one web, one program. -- Microsoft Ad Campaign
> Ein Volk, ein Reich, ein Fuhrer. -- Nazi Ad Campaign
> Prevent world domination, Install Linux today!
> ---------------------------------------------------------------
==============CB4D1398B6A5874546978E90
Content-Type: text/x-vcard; charset=us-ascii;
name="pbaars.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Peter Baars
Content-Disposition: attachment;
filename="pbaars.vcf"
begin:vcard
n:Baars;Peter
x-mozilla-html:TRUE
url:http://www.knoware.nl/users/pbaars
adr:;;;;;;
version:2.1
email;internet:[EMAIL PROTECTED]
x-mozilla-cpt:;-1
fn:Peter Baars
end:vcard
==============CB4D1398B6A5874546978E90==
------------------------------
Date: Sun, 28 Feb 1999 13:09:51 +0100
From: "Jens-U. Mozdzen" <[EMAIL PROTECTED]>
Subject: Re: localhost connecting to port 111
Dan Srebnick wrote:
> [...]
> If anyone can provide a technical explanation for exactly why this
> behavior changed, I'd appreciate it.
Looks like you've switch from libc to glibc... at least for a tool that
uses the resolver library.
libc uses /etc/host.conf, glibc uses /etc/nsswitch.conf.
Regards,
Jens
--
Jens-U. Mozdzen, Netzdesign und -entwicklung | email [EMAIL PROTECTED]
Schleswiger Damm 200 | phone & fax
++49-40-5595175
D-22457 Hamburg, Germany |
------------------------------
Date: Sat, 27 Feb 1999 20:14:28 -0500
From: Dan Rotelli <[EMAIL PROTECTED]>
Subject: Does Linux support MPP yet?
Anyone know of a way to get linux to support multilink PPP (or
multi-point protocol, or whatever the heck Microsoft calls it today)? I
am sick to death of having to rely on my Win95 box to connect me to the
net.
thanks
[EMAIL PROTECTED]
------------------------------
From: Mark Lamb <[EMAIL PROTECTED]>
Subject: Re: policy routing
Date: 28 Feb 1999 12:31:28 GMT
Markus Hennig wrote:
> hi all,
>
> has anyone experience with 2.1.xxx policy-based routing?
> is there any information/ config samples more then the
> Documentation/routing.txt and policy-routing.txt?
>
>
> MfG, Markus Hennig
I'm collecting docs on all the new networking stuff at
http://snafu.freedom.org/linux2.2/
================== Posted via SearchLinux ==================
http://www.searchlinux.com
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: PPP Problems (configure-nak/rej ? error)
Date: Sun, 28 Feb 1999 12:10:38 +0100
Ji Brad,
you wrote:
> Feb 27 19:31:37 VeloRevolution pppd[375]: Unsupported protocol (0x8029)
> received
> Feb 27 19:31:37 VeloRevolution pppd[375]: Unsupported protocol (0x802b)
> received
These are just IPX and Appletalk you probably do not need them.
> Feb 27 19:31:40 VeloRevolution pppd[375]: Received bad configure-nak/rej:
> 03 06 88 8e 15 f4
This does look like [IPCP ConfNak id=? <addr 136.142.21.244>] but not
really like a bad answer. If you receive your IP dynamicly specify
"ipcp-accept-local" in your configfile or on the commandline of pppd. If
it does not help so please Clifford's request to turn on debugging.
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: ipchains & udp logging
Date: Sun, 28 Feb 1999 12:39:03 +0100
Hi LP,
you wrote:
> two rules which do this...). I allow TCP and UDP in for the higher ports
> (1023+) because of IP Masquerading. I currently allow ICMP for testing, but
Masqueraded clients will apear as using ports in range 61000-65095 on
your masquerading host by default.
> I'll probably disable it eventually.
One should not deny all ICMP traffic. ICMP is partly used for important
control messages like "DF set but fragmentation needed". Without these
messages your clients may see connections hanging waiting for long
timeouts.
> IP Masq'ing seems to be the largest security hole. I've heard that it might
> be possible to reduce the range of ports used by it by editing the kernel
> headers somewhere - any info would be appreciated.
Why it should? You can filter the masqueraded traffic as well as the
normal traffic. But notice masqueraded connections bypass the
forwarding-ruleset, the de-masqueraded packets after passing the
input-ruleset will appear at the output-ruleset.
> problem if someone floods a UDP port), but there doesn't seem to be any way
> to handle the higher UDP Ports. I assume they need to be open for MASQing
> to work - correct? Is there some way to log incoming UDP requests
See above - masquerading does only need a part of this ports.
> # Allow incoming access from other ports (Required for MASQ) except SYN.
> ipchains -A input -s 0/0 -d $MYIP 1024:65535 -y -p tcp -j REJECT -l
> ipchains -A input -s 0/0 -d $MYIP 1024:65535 -p tcp -j ACCEPT
> ipchains -A input -s 0/0 -d $MYIP 1024:65535 -p udp -j ACCEPT
> ipchains -A input -s 0/0 -d $MYIP -p icmp -j ACCEPT
This will brake protocols like FTP. You may accept TCP connects to ports
used masquerading. This is still a lot more secure than accepting direct
connects to the clients as the masquerading code will only demasquerade
TCP SYN-packets for connections it does except to be happening - like
FTP data transmissions.
ipchains -A input -s 0/0 -d $MYIP 61000:65095 -p tcp -j ACCEPT
ipchains -A input -s 0/0 -d $MYIP 61000:65094 -p udp -j ACCEPT
ipchains -A input -s 0/0 -d $MYIP 1024:65535 -y -p tcp -j REJECT -l
ipchains -A input -s 0/0 -d $MYIP -p icmp -j ACCEPT
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: Boot hangs at Ethernet probe... Help!
Date: Sun, 28 Feb 1999 12:52:25 +0100
Hi David,
you wrote:
> In an attempt to get my RTL8029 ethernet card working, I added
> the line '/sbin/modprobe ne io=0x6800' to /etc/rc.d/rc.modules.
> Now, booting hangs at the 'NE*000 ethernet probe at 0x6800:'
> line.
>
> I tried booting into single user mode using 'linux single' at the
> LILO prompt, but had the same problem. How can I boot to undo the
> damage? Booting from floppy with 'mount root=/dev/hdb2' failed
> also.
Boot with parameter 'init=/bin/sh'. You'll get a shell but might have to
remount the root readonly first with 'mount -n -o remount,rw /' to be
able to edit the file.
To get your network card detected try to load the module 'ne2k-pci'
without parameters.
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: telnet troubles
Date: Sun, 28 Feb 1999 13:02:25 +0100
HI James,
you wrote:
> I am having trouble telnetting to one of my Linux boxes. It accepts the
> connection, but I never get a login prompt. Any ideas?
Setup your DNS properly. The easiest way is to add all the local
machines to the /etc/hosts file following the samples allready given in
there.
Malware
------------------------------
From: Malware <[EMAIL PROTECTED]>
Subject: Re: New kernel 2.2.0 and ICMP ?
Date: Sun, 28 Feb 1999 12:48:40 +0100
Hi Bob,
you wrote:
> 209.**.**.*** sent an invalid ICMP error to a broadcast messages
> every 15 sec.
> This never happened in 2.0.36 kernel.
The source does state:
/*
* Check the other end isnt violating RFC 1122. Some routers send
* bogus responses to broadcast frames. If you see this message
* first check your netmask matches at both ends, if it does then
* get the other vendor to fix their kit.
*/
You can do an
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
to get this check to be ignored.
Malware
------------------------------
From: "Chris Tenney" <[EMAIL PROTECTED]>
Subject: UDP Packets and VPN routing
Date: Sun, 28 Feb 1999 01:16:04 -0500
I have a win98 machine and at my store we have our NT server and win98
machines behind a linux firewall which also does our DHCP and DNS. Right
now I can't get in. We are on cable modems on the same segment. Before the
linux box we were just like a LAN. We all showed up in the same workgroup
even though the server was at the store and I was at my home office. It was
like being at the store at my office PC.
A partner is going to build me a box for my home office and use 128 bit
encrypted VPN to tunnel into the store linux box so I can gain access to the
network again.
I am very new at linux. I was told that this OS can't send and receive UDP
packets and other things that a win98 machine takes for granted. So playing
games like unreal is not possible, or ICQ, etc. This would be a problem
since I have mult. win98 machines and kids.
Can a hub attached to a cable modem and win98 machines have a linux box
added to the hub and then when I want to VPN to the store's box....set my
VPN on win98 to route through the linux box and then out across the web to
the store's linux box or will I have to put the machines directly behind the
linux box and loose some of the full function of the apps. on the WWW.
Or, can I use 2 network card system one for the unrestricted www out through
the cable box and the second net card directly to the linux box to then VPN
out to the store's box?
Any and all comments please post here and e-mail me as well. I need to try
to get this resolved soon!
Thank you in advance.
Chris Tenney
VP
LANCORP
[EMAIL PROTECTED]
------------------------------
From: "Till Mommsen" <[EMAIL PROTECTED]>
Subject: Linux Firewall/Router with ISDN Dial in Config Problems
Date: Sun, 28 Feb 1999 14:39:32 +0100
Hello,
got a problem configuring a router Firewall....Please help :-)
Situation:
Have network wit NT $.0 WS clients (192.168.2.0/24 Adress space) and a Linux
Router/Firewall. Internet Access via Dial up ISDN Line to T-Online. Internet
Access works fine with no ipfwadm Rules specified. Once I start stating
rules in /etc/ppp/ip-up I can't access any more, though I can ping the DNS
Server
I specified the follwing rules:
# flush
ipfwadm -I -f
ipfwadm -O -f
ipfwadm -F -f
# default deny
ipfwadm -I -p deny
ipfwadm -O -p deny
ipfwadm -F -p deny
# accept access to dns from LAN (T-Online Name Server
# 194.25.2.129)
# by CT, Dr. Diedrich:
ipfwadm -F -a accept -m -b -P udp -S 192.168.2.0/24 -D 194.25.2.129 53
ipfwadm -I -a accept -P udp -W $INTERFACE -S 194.25.2.129 53
ipfwadm -O -a accept -P udp -W $INTERFACE -D 194.25.2.129 53
ipfwadm -I -a accept -P udp -W eth0 -D 194.25.2.129 53
ipfwadm -O -a accept -P udp -W eth0 -S 194.25.2.129 53
# Access to Web-Server via T-Online Proxy Server 193.158.131.166 Port 80
ipfwadm -F -a accept -m -b -P tcp -S 192.168.2.0/24 -D 193.158.131.166 80
ipfwadm -I -a accept -P tcp -W $INTERFACE -k -S 193.158.131.166 80
ipfwadm -O -a accept -P tcp -W $INTERFACE -k -D 193.158.131.166 80
ipfwadm -I -a accept -P tcp -W eth0 -D 193.158.131.166 80
ipfwadm -O -a accept -P tcp -W eth0 -S 193.158.131.166 80
I also tried to use 0.0.0.0/0 80 instead of the T-Online Proxy IP. It makes
no difference wether I define proxy settings in the Client browsers or not.
Where is my problem???
Thanks for hints,
Till
------------------------------
From: [EMAIL PROTECTED] (xcitor)
Subject: Re: HELP: No DNS resolution after using linuxconf in RH5.2
Date: Sat, 27 Feb 1999 22:15:13 -0500
Reply-To: [EMAIL PROTECTED]
On 27 Feb 1999 20:41:03 GMT,
Kevin Mack wrote
from <[EMAIL PROTECTED]>
in message <7b9l8v$sj5$[EMAIL PROTECTED]>:
>Can anybody help?
>
>Here's the situation...I had my system running just fine (Redhat 5.2)
>using dhcp for a cable modem connection. The only thing bothering me was
>waiting for sendmail during bootup. I decided to use the linuxconf
>program to remove sendmail (and named which was also running) from the
>startup using the "control service activity" feature in linuxconf. Now
>after making these changes, everything seems to boot up fine. The
>network connection seems to be up...i.e. I can ping and traceroute using
>ip addresses...but nothing works using fully qualified domain names. For
>example, when I try "nslookup ftp.cdrom.com" I get:
I don't think you broke anything... You need to modify your
/etc/resolv.conf. Check `man resolver` for more information. As for
the sendmail problem, this is a well-known problem. Fortunately, the
fix is also well-known. Check DejaNews or RedHat's site...
--
Every man thinks God is on his side. The rich and powerful know that he is.
-- Jean Anouilh, "The Lark"
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
