Linux-Networking Digest #351, Volume #10 Tue, 2 Mar 99 08:13:43 EST
Contents:
Linux2.2.1 ipchains firewall: help! (need education) (KA)
Re: BIG network problem! (me too_ ([EMAIL PROTECTED])
FTP'ing ([EMAIL PROTECTED] (Andy))
Re: Simple tcp/ip LAN network - problem (M. Buchenrieder)
TCP/IP Without NIC (ST Koay)
Modem problem, help needed... (Michael Gleibman)
Linux and Token Ring (Matthias Kolbusa)
Re: Need help setting up home LAN (Glenn Butcher)
Re: IP forwarding with port mapping ("Matt Chipman")
ppp-serial line looped backed (Chris Cocozzo)
Re: named on local network (Glenn Butcher)
'users' in /etc/group causing telnet problem for NFS server/clients
([EMAIL PROTECTED])
Re: Help: Linux box can't ping its own IP? (Erik Hensema)
Re: localhost name vs. the void (Erik Hensema)
Re: Networking with Linux (Erik Hensema)
Re: Ethernet card address resolves to localhost!? (Erik Hensema)
----------------------------------------------------------------------------
From: KA <[EMAIL PROTECTED]>
Crossposted-To: comp.security.firewalls,utah.linux
Subject: Linux2.2.1 ipchains firewall: help! (need education)
Date: Tue, 02 Mar 1999 10:56:20 +0000
Yeah, yeah, yeah it's me again. :) I *really* do appreciate the help
I've received to date.
I'm trying to understand what is going on with TCP/IP and ipchains. A
recap:
I have a old P-100 that I'm resurrecting for use as a firewall, plus
doing NAT for the handful of machines behind it. I put a somewhat sparse
RH5.2 installation on it, compiled a new v2.2.1 kernel on another Linux
box, and copied it over. So far (most) everything is fine. NAT
(masquerading) works great.
I've come to understand basically what is happening with setting up
ipchains, but there are some gaps in my knowledge. (Below I'm including
a script that I'm using to edit/run/test/edit/run/test....) I've drawn
my information from several sources including www.nerdherd.net/ipchains.
For the most part everything is working fine. I have one problem and a
plea to help me understand how/why TCP/IP works. The machine has eth0
to the local network and eth1 to the outside (DSL). Output and forward
policies are accept; using a -j MASQ rule to enable NAT. Input policy on
lo and eth0 are accept; on eth1 is deny.
Question 1: I'm running DNS behind the firewall (I used it to learn
about DNS, and have been lazy to remove it afterwards.) What is needed
to allow DNS to pass through the firewall? I can't figure out what I
need to let in to get it to work. If I open up the firewall (set all
input policies to accept (no firewall)) everything works fine.
Question 2: The only way I can get something to work (e.g. http, ftp,
telnet) from behind the firewall to the outside is to add an input rule
allowing traffic to that port. For example, I telnet does not work
unless I include:
ipchains -A eth1-in -P TCP -s 0/0 telnet -j ACCEPT
My question is why do I allow incoming traffic on this port in order to
work? My understanding is that my machine uses a high-number port to
connect to the target machine's port (e.g. 23 for telnet), and that
machine uses a high-number port to return communication. I know this is
probably all wrong, as nothing works until I allow incoming packets
destined for port 23 on my machine.
What is really going on? I think that not knowing is the worst part, as
it looks like this is all quite easy if one knows what's going on!
I assume that I need to shut down the daemons listening on these ports
(yet to do). I don't want anybody connecting from the outside.
Question 3: (Related to #2) Is this safe? Doesn't this essentially
negate an input policy of "deny"? Is it even neccessary (and can go
away)?
ipchains -A eth1-in -p TCP -s $INET -d $IFM 1024: -j ACCEPT
ipchains -A eth1-in -p UDP -s $INET -d $IFM 1024: -j ACCEPT
Question 4: Is it safe to allow all ICMP traffic in? That's the only way
I know of how to get stuff to work.
ipchains -A eth1-in -p ICMP -s 0/0 -j ACCEPT
Question 5: What references would you recommend to understand the how
and why of this stuff?
THANK YOU VERY MUCH!
Clueless KA
======== start script =======
#
# Script for setting up firewall
#
################################################################################
#
# Set helping variables
#
################################################################################
# "Internet" (anywhere)
export INET="0/0"
# Internal network
export IFM="192.168.1.0/24"
# Core ISP addresses. Some services (e.g. DNS) come only these addresses
export XM22="xxx.xxx.xxx.0/24"
################################################################################
#
# Enable masquerading and forwarding
#
################################################################################
echo "Enabling masquerading."
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "Done."
################################################################################
#
# Routing
#
################################################################################
echo "Routing"
# Remove old default gateway
route del default
# Restore correct gateway
route add default gw dsl-gateway
echo "Done."
################################################################################
#
# ipchains Rules
#
################################################################################
#######
#
# Flush rules completely.
#
echo -n "Flush; "
ipchains -F
ipchains -X eth1-in
ipchains -X eth1-out
#######
#
# Deny input by default
#
echo -n "Deny; "
ipchains -P input DENY
#######
#
# Allow all connections originating within the internal network (eth0)
or on lo
#
echo -n "Internal; "
ipchains -A input -i lo -j ACCEPT
ipchains -A input -i eth0 -j ACCEPT
#######
#
# Turn on NAT
#
echo -n "NAT; "
ipchains -A forward -s $IFM -j MASQ
#######
#
# Create eth1 output rules
#
echo -n "eth1-out: "
ipchains -N eth1-out
ipchains -A output -i eth1 -j eth1-out
# Quality of service
echo -n "QOS; "
# Minimum delay for web traffic and telnet
ipchains -A eth1-out -p TCP -d $INET http -t 0x01 0x10
ipchains -A eth1-out -p TCP -d $INET telnet -t 0x01 0x10
# Low priority for FTP data, NNTP, POP-3
ipchains -A eth1-out -p TCP -d $INET ftp -t 0x01 0x02
ipchains -A eth1-out -p TCP -d $INET ftp-data -t 0x01 0x02
ipchains -A eth1-out -p TCP -d $INET nntp -t 0x01 0x02
ipchains -A eth1-out -p TCP -d $INET pop-3 -t 0x01 0x02
#######
#
# Create eth1 input rules
#
echo -n "eth1-in: "
ipchains -N eth1-in
ipchains -A input -i eth1 -j eth1-in
#
# Allow this stuff in
#
echo -n "Passthrough, "
# ICMP
ipchains -A eth1-in -p ICMP -s $INET -j ACCEPT
# High unpriv ports
ipchains -A eth1-in -p TCP -s $INET -d $IFM 1024:65535 -j ACCEPT
ipchains -A eth1-in -p UDP -s $INET -d $IFM 1024:65535 -j ACCEPT
# RealAudio
ipchains -A eth1-in -b -p UDP -s $INET 6970:7170 -j ACCEPT
ipchains -A eth1-in -b -p TCP -s $INET 7070 -j ACCEPT
#
# Telnet inside->outside doesn't work without this
#
# Telnet
ipchains -A eth1-in -b -p TCP -s $INET 23 -j ACCEPT
# Nor do these work without these
# POP-3
ipchains -A eth1-in -b -p TCP -s $XM22 pop-3 -j ACCEPT
# DNS
ipchains -A eth1-in -b -p TCP -s $XM22 domain -j ACCEPT
ipchains -A eth1-in -b -p UDP -s $XM22 domain -j ACCEPT
ipchains -A eth1-in -b -p UDP -s $XM22 name -j ACCEPT
# News
ipchains -A eth1-in -b -p TCP -s $XM22 nntp -j ACCEPT
# FTP
ipchains -A eth1-in -b -p TCP -s $XM22 ftp -j ACCEPT
ipchains -A eth1-in -b -p TCP -s $XM22 ftp-data -j ACCEPT
# Mail
ipchains -A eth1-in -b -p TCP -s $XM22 mail -j ACCEPT
#
# Specific port blocks on the external interface. These ports have known
# vunerabilities and should not be open to the outside world unless
there
# is a really good reason for it.
#
echo -n "Blocks, "
# MS-SQL
ipchains -A eth1-in -p TCP -s $INET 1433 -j DENY
ipchains -A eth1-in -p UDP -s $INET 1433 -j DENY
# NFS
ipchains -A eth1-in -p TCP -s $INET 2049 -j DENY
ipchains -A eth1-in -p UDP -s $INET 2049 -j DENY
# PostgreSQL
ipchains -A eth1-in -p TCP -s $INET 5432 -j DENY
ipchains -A eth1-in -p UDP -s $INET 5432 -j DENY
# X
ipchains -A eth1-in -p TCP -s $INET 5999:6003 -j DENY
ipchains -A eth1-in -p UDP -s $INET 5999:6003 -j DENY
# Back Orifice
ipchains -A eth1-in -p TCP -s $INET 31337 -j DENY
ipchains -A eth1-in -p UDP -s $INET 31337 -j DENY
# Net Bus
ipchains -A eth1-in -p TCP -s $INET 12345:12346 -j DENY
ipchains -A eth1-in -p UDP -s $INET 12345:12346 -j DENY
# No incoming packet should have local source address
ipchains -A eth1-in -s $IFM -l -j DENY
echo "Done."
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: BIG network problem! (me too_
Date: Tue, 02 Mar 1999 02:25:20 GMT
I've got the same problem: samba xfers from Linux to W98 are <8 kb/s while
W98 to Linux go at >500 kb/s. Setup is Caldera 1.3, samba 1.19.18p10,
3c905b-TX NICs with crossover cable (RJ45). 10 Mb/s half duplex. No other
apps running. Win98 to and from W95 transfers between the same boxes are real
fast.
tcpdump of slow transfer shows 200 msec pauses between packets. Things that
don't fix it: p10 version of samba, 0.99H version of NIC driver, 8K window
on Linux TCP ("route add ...window 8192), TCP_NODELAY.
This does not appear to be an isolated problem, though it may be something
simple I've missed. If anyone has solved it, PLEASE POST widely.
Thanks, Peter
In article <7b4nm4$ro9$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> I wonder if anyone could help me with the following:
>
> Win98 box connected directly (crossover 10BaseT) to Linux box (RedHat5.2,
> 2.2.0 kernel). I use IP masquerading to access the internet through the linux
> box (33.6Kbps modem), which works fine (a bit slow). I've also got some Samba
> shares going.
>
> However, Samba, FTP, and even HTTP transfers from the Linux box to the Win98
> box are DOG slow! Win98 to Linux transfers are lightning fast, so it would
> appear to be a one-way problem.
>
> There's an SMC Ultra in the Win98 box and a D-Link (Digital chipset using
> tulip.o from 2.2) under RedHat. The reason I'm getting really frustrated is
> that I can't even receive a smooth shoutcast mp3 stream from the linux box,
> which puts the Linux -> Win98 transfer rate at UNDER 128Kbps. And there isn't
> even anyone else on the network!!
>
> If anyone has any ideas, I would LOVE to hear them!
>
> cheers
> ben
>
> --
> Ben Ausden
> [EMAIL PROTECTED]
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: AndrewJF(nospam)@atlasbiz.co.uk (Andy)
Subject: FTP'ing
Date: Tue, 02 Mar 1999 11:17:32 GMT
I have my linux box setup, i can see it and map a drive to it (though
i first have to connect as root then i can see all files and edit copy
play with them all i like. My question when i try and ftp into the
linux box it will not let me upload or download any files.
Enclosed is the smb.conf.... smbpasswd has been setup so that it is
exactly the same as how i log into the NT machine.
Please give me an idea.
TIA
Andy
# Samba config file created using SWAT
#
# Date: 1999/03/02 10:27:50
# Global parameters
workgroup = (domain)
netbios name = (linux box)
security = DOMAIN
encrypt passwords = Yes
password server = (name of NT4 Server)
log file = /var/log/samba-log.%m
[root]
comment = Root access
path = /
valid users = root
public = No
writable = Yes
printable = No
[homes]
comment = Home Directories
path = /home
read only = No
guest ok = No
writable = yes
[tmp]
comment = Temporary file space
path = /tmp
read only = No
guest ok = Yes
writable = Yes
[public]
comment = Public Stuff
path = /home/public
read only = No
print ok = Yes
------------------------------
From: [EMAIL PROTECTED] (M. Buchenrieder)
Subject: Re: Simple tcp/ip LAN network - problem
Date: Tue, 2 Mar 1999 08:16:24 GMT
John Hopkins <[EMAIL PROTECTED]> writes:
>I should also mention that I'm running Red Hat Linux 4.2 and the network
>card was detected fine. It is an NE2000 compatible card, 10Mbit.
>> eth0 Link encap:10Mbps Ethernet HWaddr 00:C0:A8:35:A0:EF
>> inet addr:10.2.2.2 Bcast:10.255.255.255 Mask:255.0.0.0
>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>> RX packets:0 errors:0 dropped:0 overruns:0
>> TX packets:0 errors:0 dropped:0 overruns:0
>> Interrupt:3 Base address:0x320
^^^^^^^^
And you disabled the secondary serial port ? If yes, then you probably
do have an incorrect cableing or termination .
Michael
--
Michael Buchenrieder * [EMAIL PROTECTED] * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't mungle your address.
------------------------------
From: ST Koay <[EMAIL PROTECTED]>
Subject: TCP/IP Without NIC
Date: Wed, 24 Feb 1999 09:33:58 GMT
Hi,
I have a Redhat 5.2 installed on my home PC which doesn't have
a network card installed. I don't intend to setup a local area
network or connect to the internet.
Can I still have TCP/IP up and running? I intend to do socket programming.
How about setting up a FTP server and ftp'ing locally only?
Thanks
ST Koay
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Michael Gleibman <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup
Subject: Modem problem, help needed...
Date: Tue, 02 Mar 1999 13:22:25 +0200
Hi!
i'm trying to set-up the modem on linux box and failed up to now...
Computer configuration: P166/32MB, OS: RedHat 5.2, kernel 2.0.36
peripherals: mouse on com2, nothing on com1, sb16. no printer.
Modem: dynamode 33.6 internal isa. The modem has a PnP jumper.
If i leave it "on", modem catches com3, i can see it both in the bios
config and in linux when doing setserial -g /dev/ttyS2, it shows uart,
seems to be ok. Modem catches and irq 4, so conflicting with com1, but i
have nothing there. I've also tried to change the irq to 5 (using
setsertial), it changed, but doesn't helped. /proc/ioports and
/proc/interrupts shaw no conflict. When i enter minicom it hangs for a
_minute-two_, then tried to display the init string, failed and i forced
to reset and quit.
i've also tried to remove the jumper and to manually configure modem on
com3, no result. Any help will be _greatly_ appreciated!
(please, CC: to e-mail).
Thanks a lot!
--
$_='|93815<Ov<592=1>[O7=93815<o>3B]3?]9<O';tr#\x20-~#P-~\x20-O#;print
------------------------------
From: Matthias Kolbusa <[EMAIL PROTECTED]>
Subject: Linux and Token Ring
Date: 2 Mar 1999 11:37:48 GMT
This is a multi-part message in MIME format.
==============F119213255B3B2A71BE974DA
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Need some help about token ring:
we've been running a token-ring-LAN and for security-purposes we'd like
to sniff what's going on on the netowork. The Card we're using at the
moment
from Madge is working fine but does not go into promiscious-mode; the
driver
doesn't support it yet.
My question: does anybody know of a token-ring-card which is working
fine in
promiscious mode under linux?
thanks
Matthias
==============F119213255B3B2A71BE974DA
Content-Type: text/x-vcard; charset=us-ascii;
name="mk.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Matthias Kolbusa
Content-Disposition: attachment;
filename="mk.vcf"
begin:vcard
n:Kolbusa;Matthias
tel;cell:049-(0)-172-83 44 924
tel;fax:049-(0)-40-22 88 58 66
tel;work:049-(0)-40-22 88 58 73
x-mozilla-html:FALSE
url:http://www.kolbusa.de
org:CSC Ploenzke
adr:;;Hans-Henny-Jahn Weg 49-51;Hamburg;Hamburg;22085;Germany
version:2.1
email;internet:[EMAIL PROTECTED]
title:Consultant
fn:Matthias Kolbusa
end:vcard
==============F119213255B3B2A71BE974DA==
------------------------------
From: Glenn Butcher <[EMAIL PROTECTED]>
Subject: Re: Need help setting up home LAN
Date: Mon, 01 Mar 1999 20:52:03 -0700
I'm doing similar things in a sysadmin class at the college where I
teach. I started by configuring a simple file server on the Linux box
with the following smb.conf:
[global]
security = share
guest account = guest
[pub]
path = /pub
guest ok = yes
This file implements share level security, the oldest and simplest
security model. It specifies the "guest" Linux account for use as the
Samba guest account, which requires no password. It then defines a
share called pub, which coincedentally points to the /pub directory, and
allows guest access. Get this configuration to work, and then move on
to other (more secure) things.
Now, to make work what you've been trying I think will require you to
have an account on the Linux computer with the same name as the NetBIOS
name of your W98 computer. You will also need to either:
- disable encrypted passwords on the W98 computer;
- create a smb password for the same user using the smbpasswd program.
I'm still playing with these, and have not yet gotten them to work, so
take this with a grain of salt. The simple configuration above,
however, does work.
Glenn Butcher
"R.H." wrote:
>
> Okay, I got my ethernet card to work, I can ping to my other machine
> with either the IP or name address. I have installed samba, but I am
> not too sure how to configure it. When I go to my other machine which
> has Win98, I open up network neighbor hood, go into Entire Network,
> double click on the workgroup icon, double click on the icon for this
> computer and it comes up with a network login box and asks for a
> password. The problem is I do not know what the password is. I use the
> same on e that I logged into my root account , but that did not work. I
> would really appreciate some help on this problem.
>
> Thanks,
> Roger
------------------------------
From: "Matt Chipman" <[EMAIL PROTECTED]>
Subject: Re: IP forwarding with port mapping
Date: Tue, 2 Mar 1999 22:42:18 +1100
What type of os is the pc connected to the internet? Is it a linux or win95
machine?
If its win 95 then go here
http://home.t-online.de/home/sog-luebeck/hhproxy.htm
Matt
Hans wrote in message <[EMAIL PROTECTED]>...
>Hi, i'm new with the IP forwarding thing.
>I have 2 computers on my small network, I would like to map incoming
>telnet connections on the 192.168.0.1 port 8023 (computer connected to
>internet) to the computer 192.168.0.2 port 23.
>I've tried everything with ipfwadm with no success at all. Do you have
>any suggestions?
>Thanks in advance.
>Hans.
>
>
------------------------------
From: Chris Cocozzo <[EMAIL PROTECTED]>
Subject: ppp-serial line looped backed
Date: Mon, 01 Mar 1999 23:21:02 -0700
Does anyone have any idea what is happening here. Most of the time I
can connect just dandy. Other times I get this in the message log
Mar 1 13:40:22 boise chat[790]: ATDT555-1212^M^M
Mar 1 13:40:22 boise chat[790]: CONNECT
Mar 1 13:40:22 boise chat[790]: -- got it
Mar 1 13:40:22 boise chat[790]: send (^M)
Mar 1 13:40:22 boise chat[790]: expect (ogin:)
Mar 1 13:40:22 boise chat[790]: 49333/ARQ/V90/LAPM/V42BIS^M
Mar 1 13:40:23 boise chat[790]: ^M
Mar 1 13:40:23 boise chat[790]: Welcome to 3Com Total Control HiPer ARC
(TM)^M
Mar 1 13:40:23 boise chat[790]: Networks That Go The Distance (TM)^M
Mar 1 13:40:23 boise chat[790]: ^M
Mar 1 13:40:23 boise chat[790]: login:
Mar 1 13:40:23 boise chat[790]: -- got it
Mar 1 13:40:23 boise chat[790]: send (xxxxxx^M)
Mar 1 13:40:23 boise chat[790]: expect (assword:)
Mar 1 13:40:23 boise chat[790]: xxxxxx^M
Mar 1 13:40:23 boise chat[790]: Password:
Mar 1 13:40:23 boise chat[790]: -- got it
Mar 1 13:40:23 boise chat[790]: send (xxxxxx^M)
Mar 1 13:40:23 boise pppd[789]: Serial connection established.
Mar 1 13:40:24 boise pppd[789]: Using interface ppp0
Mar 1 13:40:24 boise pppd[789]: Connect: ppp0 <--> /dev/ttyS3
Mar 1 13:40:29 boise pppd[789]: Serial line is looped back.
Mar 1 13:40:29 boise pppd[789]: Connection terminated.
Mar 1 13:40:29 boise pppd[789]: Hangup (SIGHUP)
Mar 1 13:40:29 boise pppd[789]: Exit.
I have RH5.1 with all the stock stuff loaded. The only thing that seems
to remedy the situation is to either unplug the phone line from the
modem (56k internal, but was doing it with a 28.8 internal as well) or
go into minicom and do a modem reset. As soon as I do one of those two
things I can run the ppp-on script and it works perfectly. It all
started when I had the phone company test my lines for DSL
compatibilty...any ideas?
Chris
------------------------------
From: Glenn Butcher <[EMAIL PROTECTED]>
Subject: Re: named on local network
Date: Mon, 01 Mar 1999 20:57:58 -0700
First off, the best short term solution is to put the hosts in each
computer's hosts file so they don't have to go to BIND to look up local
names.
I use a solution described in the DNS-HOWTO. It involves using two
resolv.conf files; one for when you're connected (resolv.conf.connect),
one for when you're off line(resolv.conf.local). You then put code in
the /etc/ppp/ip-ip script to cp resolv.conf.connect resolv.conf, then
put code into the /etc/ppp/ip-down script to cp resolv.conf.local
resolv.conf. You also need to start named in the ip-up script, and kill
it in ip-down.
Glenn Butcher
Tim Herzog wrote:
>
> Bear with: I'm a new Linux user...
>
> How do I go about configuring named to work on a local network if named
> does not have Internet access? I have a local network of, say, three
> machines:
>
> 192.168.6.1 tom.foo.com
> 192.168.6.2 dick.foo.com
> 192.168.6.3 harry.foo.com (Harry's the Linux box)
>
> I want my Linux box to provide DNR services not only for itself, but for
> the other two machines as well. These are the only three IP addresses
> named need be aware of.
>
> I added these three entries to /etc/hosts. That works great on the Linux
> box (using say, Netscape), but if tom or dick query named on harry,
> harry's named apparently ignores /etc/hosts and queries the Internet
> instead. Eventually, the network times out.
>
> Tim
> [EMAIL PROTECTED]
>
> --
> Two Bits Worth
> 778 Hague Avenue
> Saint Paul, MN 55104
> Phone/Fax: 1 (612) 227-2920
> [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: it.comp.linux,it.comp.linux.setup
Subject: 'users' in /etc/group causing telnet problem for NFS server/clients
Date: Tue, 02 Mar 1999 12:12:53 GMT
Hi,
I'm running Linux 5.2 on PII 300 IBM Servers and had an NFS server and clients
working normally until i went into the /etc/group file on the NFS server and
had noticed that i had a duplicate groupname of 'users' that looked like
users::100:'groupmod' commands and deleted the first line directly thru vi as
root.
Afterwards i immediately noticed that i could no longer 'su -' into the NFS
server even when entering the password correctly. The message is as follows:
'su: cannot set groups: Operation not permitted'
users::100:name1,name2,name3
Thinking it being unintended i unknowingly bypassed any 'groupdel' or
I then am forced to go directly to the console and try many things such as
reinserting that line w/ an editor, entering
'groupadd -g 100 -o -f -r users' and
'groupadd -g 100 -o -f users'. I even tried to cp groups- groups in /etc
since groups- is the most recent old copy i believe.
I even try doing a 'groupdel users' only to get the message 'groupdel: can
not remove user's primary group' even though there is no user called 'users'
in /etc/passwd. Page 197 in O'Reilly's Essential System Administration reads
that 'users' is a standard group "provided by various UNIX vendors as the
default group for ordinary system users."
After rebooting the NFS server, no machine in our network is able to telnet
to ANY NFS clients, only the NFS server. 'su -' produces the same results
for the server. It must be due to the fact that the clients mount /usr/ and
/home (no NIS yet). Going to the console of the clients, they all say "NFS
server not responding" freezing up the screen. After a hard reboot, i can't
manually enter a mount onto the server for any directory.
Is there any way to fix this problem to enable su - to start working and have
the NFS server export like it was before without reinstalling Linux???
Thanks a lot
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Erik Hensema)
Subject: Re: Help: Linux box can't ping its own IP?
Date: Tue, 2 Mar 1999 12:39:28 +0100
Reply-To: [EMAIL PROTECTED]
John Vannoy wrote:
>I've been struggling for days to get my Win98 <-> Linux network going, and
>my Linux box still can't ping itself. I know my hardware is OK because the
>Linux box is a dual-booter with Win95. Booted up to Windows, both machines
>see each other, ping works fine, share internet connection, etc.
>
>#netstat -r
>Kernel IP routing table
>Destination Gateway Genmask Flags MSS Window irtt
>Iface
>127.0.0.0 * 255.0.0.0 U 3584 0 0 lo
You haven't got a route to your network. To set a default route, do:
route add default gw eth0
If you've got a connection to the internet, use:
route add -net (yournet) mask (netmask)
--
Erik Hensema ([EMAIL PROTECTED])
------------------------------
From: [EMAIL PROTECTED] (Erik Hensema)
Subject: Re: localhost name vs. the void
Date: Tue, 2 Mar 1999 12:44:30 +0100
Reply-To: [EMAIL PROTECTED]
Monte Milanuk wrote:
>One to the question: I need to know how my localhost name, say,
>hellbilly, relates to my ISP, navix.net .
It doesn't.
>Should I enter my FQDN as
>hellbilly.navix.net, even though I am not really a machine on their net,
>per se.
No, you can just make up your own FQDN.
>navix.net be hellbilly.navix.net? If so, what is the best way to make
>it so I can send & receive email w/ the proper addressing w/o pissing
>off my ISP? Netscape seems to work fine, but rather automagically.
You can use either an email program, and configure it to use the ISP's
mail- and popservers, or configure sendmail to do domain masquerading:
/etc/sendmail.cf:
# who I masquerade as (null for no masquerading) (see also $=M)
DM<your isp's domain>
--
Erik Hensema ([EMAIL PROTECTED])
------------------------------
From: [EMAIL PROTECTED] (Erik Hensema)
Subject: Re: Networking with Linux
Date: Tue, 2 Mar 1999 12:51:16 +0100
Reply-To: [EMAIL PROTECTED]
Jean-R�ginald Louis wrote:
>Ok, I very NEW to networking. I want to build a mini-LAN at home with 2
>computer. Some things are unclear for me so I want guide in the right path.
Ok, go read the Network administrators guide.
>Here the situation. If I have two computer C1 and C2. C1 is install with
>Linux server options and C2 with Linux client option. They both have an
>ethernet cards.
>
>1) What protocol should I choose? (I know that if I want internet I must
>choose TCP/IP, but suppose I
> don't have it right now).
Allways use tcp/ip.
>2) Where did I get all this information like: IP address, Netmask, network
>address, broadcast address,
> etc... (rebember I'm not connect to internet. Just have one client)
Make it up:
IP: 192.168.1.x (x = 1 or 2), netmask 255.255.255.0, network 192.168.1.0,
broadcast 192.168.1.255
>3) If C2 run win98, what type of protocol should I use?
As allways, tcp/ip.
>If this group have a FAQ, please point me to the source, maybe it will help
>me a lot!
net3-howto, network administrators guide
--
Erik Hensema ([EMAIL PROTECTED])
------------------------------
From: [EMAIL PROTECTED] (Erik Hensema)
Subject: Re: Ethernet card address resolves to localhost!?
Date: Tue, 2 Mar 1999 12:34:55 +0100
Reply-To: [EMAIL PROTECTED]
Timothy Chu wrote:
[network not working correctly]
>> ifconfig eth0 192.168.0.1 netmask 255.255.255.0 up
>> telnet 192.168.0.1
>Trying 192.168.0.1...
>Connected to 192.168.0.1.
Think. Think again. You assign .1 to your Linux box. You telnet to .1. You get
connection to your Linux box. Offcourse!! Duh! Your Linux box is configured
perfectly. Now configure your Win95 box (assign it an IP: 192.168.0.2), and
you're done.
And read the network administrators guide, since you don't understand the
first bit of tcp/ip.
--
Erik Hensema ([EMAIL PROTECTED])
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
