Linux-Networking Digest #383, Volume #10 Fri, 5 Mar 99 00:13:52 EST
Contents:
Re: Problems with Chat Script/pppd/diald on RedHat 5.1 ... ("Keith Montgomery")
Re: Linux firewall software recommendation. (Tobias Reckhard (jester))
Re: IP forwarding with port mapping (Tobias Reckhard (jester))
Re: Exchange Server Public Folder Alternative. ("John Nelson")
HELP! The windows side of a linux gateway ([EMAIL PROTECTED])
DNS files okay? (Steve Shreeve)
Autotuning of TCP Buffers (Chris Rapier)
Re: JetDirect: Linux-OK, Win/Samba-NG (Sparkzz)
Performance problem Win95 <-> Linux (Erwann ABALEA)
Re: diald starting when it shouldn't (Frank Hahn)
Re: DSL & Linux (Richard Steiner)
Re: HELP! The windows side of a linux gateway (Frank Hahn)
Help with external IDSN pls (childsplay)
Re: write/send to socket crashes process - How come? (Quanyi Sun)
analyse of TCPDUMP Trace (Andreas Magnus)
Re: HELP: setup a Linux gateway ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: "Keith Montgomery" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,comp.os.linux.misc
Subject: Re: Problems with Chat Script/pppd/diald on RedHat 5.1 ...
Date: Thu, 4 Mar 1999 22:09:43 -0500
I know it works, because I'm using it right now.
Check your diald.conf - did you include the "mode ppp"?
If that doesn't do it, send me an email and we can compare scripts in more
detail -
I'm dialing to a line in Framingham, MA.
Eli White wrote in message <[EMAIL PROTECTED]>...
>I've been having a problem with my chat script I am trying to use to
>automate connecting to the net through diald.
>
>I have everything set up ok and can dial in through minicom, and run
>pppd by hand ... Everything works fine (as long as I am REALLY QUICK on
>the draw - bellatlantic.net likes to drop you quickly if you don't start
>talking ppp)
>
>But when I try to do it automatically through diald/chat ... it breaks
>... in particular, the chat script breaks ...
>
>diald automatically starts running the chat script just like it should,
>however in the chat, it never sees the 'CONNECT 48000/ARQ' string, and
>timeouts instead ...
>
>I see the CONNECT line just fine when going thorugh minicom ...
>
>Anyway please have an answer for me?
>
>Included below are my chat script, and the log file of the attempt ...
>
>Thanks,
>Eli
>[EMAIL PROTECTED]
>
>
>chat-script:
>ABORT BUSY ABORT 'NO CARRIER' '' ATZ OK ATDT4103395344
>CONNECT
>
>(NOTE: Using PAP, so no login stuff there)
>
>
>/var/log/messages:
>Mar 4 20:05:29 shield diald[326]: Running connect (pid = 401).
>Mar 4 15:05:29 shield chat[401]: abort on (BUSY)
>Mar 4 15:05:29 shield chat[401]: abort on (NO CARRIER)
>Mar 4 15:05:29 shield chat[401]: send (ATZ^M)
>Mar 4 15:05:29 shield chat[401]: expect (OK)
>Mar 4 15:05:29 shield chat[401]: ATZ^M^M
>Mar 4 15:05:29 shield chat[401]: OK
>Mar 4 15:05:29 shield chat[401]: -- got it
>Mar 4 15:05:29 shield chat[401]: send (ATDT4103395344^M)
>Mar 4 15:05:30 shield chat[401]: expect (CONNECT)
>Mar 4 15:05:30 shield chat[401]: ^M
>Mar 4 15:06:15 shield chat[401]: alarm
>Mar 4 20:06:15 shield diald[326]: Connect script failed.
>Mar 4 15:06:15 shield chat[401]: Failed
>Mar 4 20:06:17 shield diald[326]: Delaying 30 seconds before clear to
>dial.
>
>
------------------------------
From: [EMAIL PROTECTED] (Tobias Reckhard (jester))
Subject: Re: Linux firewall software recommendation.
Date: Thu, 04 Mar 1999 06:01:39 GMT
On Wed, 03 Mar 1999 19:11:03 GMT, [EMAIL PROTECTED] wrote:
>On Tue, 2 Mar 1999 15:15:09 +1100, "Glenn Mathison"
><[EMAIL PROTECTED]> wrote:
>
>>I am setting up a linux server that I want to put a firewall onto. Could
>>anyone please suggest a good firewall package that I could use?
>>
>ya..the built in firewall works pretty good
>just select firewalling in the make menuconfig(or xconfig)
>then use ipfwadm to configure it.
It's a pretty good packet filter, though it lacks what some vendors
call 'stateful filtering'. You may want to install application level
proxies on top of the packet filter for some protocols. The TIS
Firewalling Toolkit comes to mind.
Tobias
------------------------------
From: [EMAIL PROTECTED] (Tobias Reckhard (jester))
Subject: Re: IP forwarding with port mapping
Date: Thu, 04 Mar 1999 06:00:21 GMT
On Wed, 03 Mar 1999 09:42:03 -0500, Rick Onanian
<[EMAIL PROTECTED]> wrote:
>Doug Goldstein wrote:
>>
>> Correction. The FTP lets the user log in. But after they log in they get a "no
>responce
>> from server" error. Now what's with that?
>
>Set the user's FTP program to Passive mode. Otherwise, FTP likes to open
>a bunch of ports, one for each transfer. In Passive mode, as I
>understand
>it, it stays on the port you chose for it.
The difference between normal and passive FTP is that the server
initiates the data connection in the former case, while it is opened
by the client in the latter. The number of ports used don't change,
but the ports themselves are different.
In normal FTP, the server uses TCP port 20 and the client a
dynamically allocated user-range port (1024-65535), which it transmits
to the server via the control connection (which is where it is picked
up by the IP masquerading module).
In passive FTP, on the other hand, both sides use dynamically
allocated user-area TCP ports and this time the server transmits the
port it's using to the client via the control connection.
For an FTP server behind an IP masquerading gateway performing port
redirection, I think passive FTP is going to be more difficult to do
than normal FTP, because of its dynamic allocation of ports. It should
be possible to redirect traffic sent to the normal FTP data port with
the following combination of ipportfw and ipfwadm rules (using the
standard FTP data port (21) here), with variables $OUTIF for the name
of the gateway's outside interface, $OUTIFIP for its IP address and
$INIF for the inside interface's name:
# allow FTP data in on outside interface ($OUTIF)
ipfwadm -I -a accept -P tcp -S 0/0 -D $OUTIFIP 21 -W $OUTIF
# redirect anything to port 21 on gateway to internal FTP server
ipportfw -A -t $OUTIFIP/21 -R 192.168.1.2/21
# allow redirected FTP data to server on inside interface ($INIF)
ipfwadm -O -a accept -P tcp -S 0/0 -D 192.168.1.2 21 -W $INIF
# masquerade return traffic
ipfwadm -I -a accept -P tcp -S 192.168.1.2 21 -D 0/0 1024:65535 \
-k -W $INIF
ipfwadm -F -a accept -P tcp -S 192.168.1.2 21 -D 0/0 1024:65535 \
-k -m -W $OUTIF
ipfwadm -O -a accept -P tcp -S $OUTIFIP 21 -D 0/0 1024:65535 \
-k -W $OUTIF
Try these and see if it works.
Tobias
------------------------------
From: "John Nelson" <[EMAIL PROTECTED]>
Subject: Re: Exchange Server Public Folder Alternative.
Date: Wed, 3 Mar 1999 22:57:50 -0800
Alain Coetmeur wrote in message <7bjks4$[EMAIL PROTECTED]>...
>
>Alvin a �crit dans le message <7beopj$htj$[EMAIL PROTECTED]>...
>
>>Is there an exchange server public folder alternative for linux??
>
>
>for functionality the news are equivalent, and
>MS say one can gateway between these 2 world...
>
More correctly, MS Exchange Server can handle news. It also does
considerably more.
The good news is that, for users of Outlook 98, much of the functionality
heretofore only available to clients connected to Exchange Server, can be
made available via Outlook98's "netfolders" feature.
------------------------------
From: [EMAIL PROTECTED]
Subject: HELP! The windows side of a linux gateway
Date: Thu, 04 Mar 1999 06:50:54 GMT
What are the steps to make my windows box use my linux box as a gateway? Do I
need to remove the dial-up adapter and add in the DNS server of my ISP etc..
TIA
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Steve Shreeve)
Subject: DNS files okay?
Date: Thu, 04 Mar 1999 07:10:44 GMT
I've gotta DNS question for you. If you can help, I'd appreciate it if you
could email me as well at: ([EMAIL PROTECTED]) I have a Linux box running at
the med school. It has an assigned hostname and IP address of
'medweb.med.uci.edu' and '128.200.234.2'. I'd like to use this machine to
serve up DNS information for other domains. For example, I'd like to serve up
info for a domain called 's2s.org' and another called 'foobar.com' (let's
say). The 's2s.org' domain I'd like to share the same IP address with
'medweb.med.uci.edu'. However, the 'foobar.com' machine will actually be
located on an @Home connection. I am currently running bind-8.1.2 and have the
following config files (see below, sans the 'foobar.com' one). I was wondering
if you could give a quick check over these to see if everything is cool. I'd
appreciate any help you could offer...
Steve
/etc/named.conf
===============
options {
directory "/var/named";
};
zone "." {
type hint;
file "hints";
};
zone "0.0.127.in-addr.arpa" {
type master;
file "localhost";
};
zone "s2s.org" {
type master;
file "s2s.org";
};
/var/named/hints
================
is just the result of `dig @a.root-servers.net > /var/named/hints`
/var/named/localhost
====================
@ IN SOA medweb.med.uci.edu. shreeve.uci.edu (
1998030373 ; Serial, today's date + version
3H ; Refresh after 3 hours
1H ; Retry after 1 hour
1W ; Expire after 1 week
1D ) ; Minimum TTL of 1 day
NS medweb.med.uci.edu.
1 PTR localhost.
/var/named/s2s.org
==================
@ IN SOA ns shreeve (
1998030373 ; Serial, today's date + version
3H ; Refresh after 3 hours
1H ; Retry after 1 hour
1W ; Expire after 1 week
1D ) ; Minimum TTL of 1 day
NS ns
NS ns.r8ix.com. ; a buddy's name server
MX 10 mail
A 128.200.234.2
localhost A 127.0.0.1
ns A 128.200.234.2
mail A 128.200.234.2
www A 128.200.234.2
ftp A 128.200.234.2
------------------------------
From: Chris Rapier <[EMAIL PROTECTED]>
Subject: Autotuning of TCP Buffers
Date: Thu, 04 Mar 1999 02:07:00 -0500
Just curious if there has been any discussion of the autotuning
modifications developed at PSC and presented at sigcomm 98. I'm
interested because:
a) I work there (but not on this project)
b) Its a really neat way of drastically improving network performance in
some situations which make it a well suited for server
applications(albeit with a memory usage hit)
c) I'd actually like to see it implemented on other platforms
A brief summary:
Even when TCP performance enhancements such as RFC 2018 SACK and RFC
1323 large window extensions are used, a TCP connection may still not
achieve the optimal performance expected by the user. One reason for
suboptimal performance is that the connection may be buffer limited by
the sender or the receiver, particularly for large bandwidth*delay
paths.
Manual configuration eases the problem somewhat, but requires
information that is often not available to the user or system
administrator, and is not flexible enough to account for changes in the
network or the end system. We propose an Automatic TCP Buffer Tuning
scheme to alleviate these problems. It has several main advantages:
* Each connection gets the best possible performance
* It is transparent to the user and the application
* Memory is fairly shared when many connections are in use, allowing a
large number of simultaneous connections for a single host
=========================
Anyway, it might be worth reading the paper that was published
http://www.psc.edu/networking/auto.html
If there is a better group in which to bring this up please let me know.
Chris Rapier
A very tired
Network Programmer
NLANR Engineering Services
------------------------------
From: [EMAIL PROTECTED] (Sparkzz)
Subject: Re: JetDirect: Linux-OK, Win/Samba-NG
Date: 4 Mar 1999 07:22:44 GMT
Hello,
Have you run checkpc to check your spool directories??
What results to you get when you run testparm???
.
.
....Ken
------------------------------
From: Erwann ABALEA <[EMAIL PROTECTED]>
Subject: Performance problem Win95 <-> Linux
Date: Fri, 5 Mar 1999 01:24:44 +0100
Hello all,
I've got a "small" problem, and I can't solve it...
I've got 2 machines, 1 Windows95 box, and a Linux box. Both are on the
same ethernet (RJ45, crossed cable, no hub), and are well configured (Non
routable IP address, corresponding netmasks, all the addresses are in the
hosts files on both machines). The ethernet cards are old ISA ones (Win95
is a AMD2100/AMD1500t compatible, Linux is a HP PC/LANPlus io 0x300, irq
10, i/o mode).
I can connect from each machine to the other, without any delay.
The problems are performance ones. When I transfer a file from Linux to
Win95, for a 1.4MB file, I've got a 275KB/s rate... The same file, but the
other way, I can harder get more than 3KB/s (yes, three!!)...
I prefer to blame Windows for this, so I searched at the driver
configuration, I tried to explicitely set the full-duplex to off, setting
the TCP/IP the default protocol, but nothing can get me a faster rate....
Anyone got an idea? Even a single pointer to a doc?
Thanks...
--
Erwann ABALEA
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Frank Hahn)
Subject: Re: diald starting when it shouldn't
Date: 5 Mar 1999 03:41:51 GMT
Reply-To: [EMAIL PROTECTED]
On Wed, 03 Mar 1999 18:20:14 -0600, James Ranson <[EMAIL PROTECTED]>
wrote:
>Whenever I log on at my win95 machine, the diald on my Linux machine
>starts up the internet connection. How do I prevent this? Please
>e-mail me at [EMAIL PROTECTED]
>
Have you set up the hosts files on each machine properly?
Put the names and IP addresses for both machines into /etc/hosts
on your Linux machine and do the same on your Windows machine.
Put a hosts file into your C:\windows directory.
See if that helps.
Also, what networking protocols do you have installed on the
Windows machine? I only have TCP/IP, nothing else.
--
Frank Hahn
------------------------------
From: [EMAIL PROTECTED] (Richard Steiner)
Subject: Re: DSL & Linux
Reply-To: [EMAIL PROTECTED]
Date: Wed, 03 Mar 1999 22:01:24 -0600
Here in comp.os.linux.networking, Todd Siegel <[EMAIL PROTECTED]>
spake unto us, saying:
>Can DSL service be used with Linux?
Yup! :-) Although there are multiple types of xDSL out there.
>If so, what hardware/drivers and software is needed?
In my case, all I needed was the standard NE2000 driver in Red Hat.
The ADSL modem I use is an external Cisco 675, and it just talks to a
10BaseT ethernet card through a crossover cable.
Nothing special.
--
-Rich Steiner >>>---> [EMAIL PROTECTED] >>>---> Bloomington, MN
OS/2 + Linux (Slackware+RedHat+SuSE) + FreeBSD + Solaris + BeOS +
WinNT4 + Win95 + PC/GEOS + MacOS + Executor = PC Hobbyist Heaven!
Cannibal: one who gets fed up with people.
------------------------------
From: [EMAIL PROTECTED] (Frank Hahn)
Subject: Re: HELP! The windows side of a linux gateway
Date: 5 Mar 1999 03:41:53 GMT
Reply-To: [EMAIL PROTECTED]
On Thu, 04 Mar 1999 06:50:54 GMT, [EMAIL PROTECTED] <[EMAIL PROTECTED]>
wrote:
>What are the steps to make my windows box use my linux box as a gateway? Do I
>need to remove the dial-up adapter and add in the DNS server of my ISP etc..
>
I think you only need to install TCP/IP networking. As you have noted,
there is a place fir DNS numbers, etc. I put the DNS numbers my ISP
supplied in there. Also, a domain name and a name for that computer.
Also, there is a gateway section, I put the IP address of the Linux
machine in there.
After that is all done, of course, Windows will want you to reboot a
couple of times. ;)
--
Frank Hahn
------------------------------
From: childsplay <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup,alt.os.linux
Subject: Help with external IDSN pls
Date: Thu, 04 Mar 1999 20:53:44 -0600
ok, to anyone who can help with isdn pls do. I got my network and ip
masquerading working. but it only works on one b channer not both? Is
there anything i can do to force it to use both b channels? both work
fine under windows. Just can't get them to work under linux. Its a
external 3com Impact IQ and 115k or 230k with hi speed serial port
*which i do NOT have* just trying to get my 115k going. any suggestions
will be greatly appriciated.
p.s. i'm a newbie and still new to commands and such. if your gonna
offer any commands to fix this please be spicific.
thnx in advance.
--
Charles "childsplay" VanDyke
[EMAIL PROTECTED]
ICQ# 14539920 ============
]TeamGameSpy[ ============
http://www.gamespy.com ===
------------------------------
From: Quanyi Sun <[EMAIL PROTECTED]>
Crossposted-To: comp.unix.programmer,utwente.os.linux
Subject: Re: write/send to socket crashes process - How come?
Date: 4 Mar 1999 07:58:34 GMT
In comp.unix.programmer Bjorn <[EMAIL PROTECTED]> wrote:
: When I write/send to a (TCP/IP) socket the writing thread (and process)
: crashes if the receiving system crashes. So if the receiving system
: crashes,
: receiving sockets are not closed correctly (I think). But this may not
: be a reason
: for the sender to crash.
: The process crashes when it sends to a socket that the sender 'sees'
: still as correct
: but has a corresponding receive socket that is not correct anymore due
: to a crash of
: the receiving process. After the crash of the receiver, it is always the
: second message
: (write) to the socket that lets sender crash.
: Is there a solution for the problem? I think the send() or write()
: function should return
: with -1 instead of letting the system crash.
: Thanks in advance,
: Bjorn Vrijkorte
Your socket is TCP/IP sockstream. Your program should catch SIGPIPE,
because it is generated when the receiving process dies. By default,
this signal will kill you.
Quanyi Sun
[EMAIL PROTECTED]
------------------------------
From: Andreas Magnus <[EMAIL PROTECTED]>
Subject: analyse of TCPDUMP Trace
Date: Thu, 04 Mar 1999 09:35:12 +0100
Hello,
is there a tool available to analyze the output of TCPDUMP data ?
regards Andreas
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: HELP: setup a Linux gateway
Date: 5 Mar 1999 04:13:09 GMT
Hoang Uong <[EMAIL PROTECTED]> wrote:
> Mainly, I can not access from one segment to another beyond
> the gateway B.
Did you turn on IP forwarding in the kernel on the Linux box?
--
Charles Rutledge | Liberty is a tenuous gift. Hard to win, easy
[EMAIL PROTECTED] | to give away, and no will protect it for you.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
