Linux-Networking Digest #763, Volume #10 Tue, 6 Apr 99 05:13:53 EDT
Contents:
Multilink PPP/MP 0.9 (Fredrick DeQuan Lee)
Re: Mail bounce Suse 6.0 ("Gero H. Marten")
Re: "conf:2 missing module argument" at boot time ("MarkT")
ipfwadmin setup for ftp, icq and quakeworld (jeff kendall)
Firewalls and proxy servers? ("Eric")
firewall problem ([EMAIL PROTECTED])
Problem with Xkerneled Sun4c over RedHat 5.2 ([EMAIL PROTECTED])
Re: Linux in NT Domain (Tommy Johnsson)
NO RE - connect() .... ([EMAIL PROTECTED])
Re: Using Linux instead of NT Server in home environment.... (Jon-o Addleman)
qmail hell ([EMAIL PROTECTED])
Re: File transfer over ethernet between Linux and Win 9x ("Richard Curtis")
Keine Internet-Verbindung mit Linux (Klaus-Dieter Zschummel)
exporting / in nfs question (Brian Lavender)
WISECOM ETHERNET CARD ("Franky Goethals")
Re: mailserver global address book ("murali")
Problem with PCNFS (Alain Rime)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Fredrick DeQuan Lee)
Subject: Multilink PPP/MP 0.9
Date: Tue, 06 Apr 1999 05:20:31 GMT
------------------------------
From: "Gero H. Marten" <[EMAIL PROTECTED]>
Subject: Re: Mail bounce Suse 6.0
Date: Tue, 06 Apr 1999 07:42:11 +0200
Bob wrote:
> Can't send email from elm or mutt.
> It bounce.
> Works fine from Pine.
> Any idea.
What do the messages in /var/log say?
--
Gero H. Marten
<http://www.provi.de/gmarten/index.html>
--
------------------------------
From: "MarkT" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.misc,comp.os.linux.setup
Subject: Re: "conf:2 missing module argument" at boot time
Date: Tue, 6 Apr 1999 16:15:54 +1000
[EMAIL PROTECTED] wrote in message <7e2osb$iah$[EMAIL PROTECTED]>...
>I went into dos to change some settings on my 3com 509b nic, and when I
>rebooted into linux I started getting these errors:
>
>finding module dependencies:
>conf:2 missing module arguments
>/lib/modules/preferred/modules.dep doesn't exist
Shooting from the on-line hip here.....
Maybe while you were editing with DOS you inserted 0D 0A as the line end
chars.
I've not found a good unix-line-end friendly editor on Win/Dos..... I use
BBEdit on the Mac for this sort of thing...it inteligently handles different
line ends.
Go into your favorite Hex editor & bash those 0D's.
Regards......
------------------------------
From: jeff kendall <[EMAIL PROTECTED]>
Subject: ipfwadmin setup for ftp, icq and quakeworld
Date: Tue, 06 Apr 1999 02:18:40 -0400
Somebody out there knows how to make this work, beyond the cryptic
"how-to" pages,
1 - I installed linux kernel version 2.0 something (uses ipfwadmin NOT
ipchains).
2 - http works fine, mail and news work fine. dns works fine.
3 - I can't get ftp, icq and quakeworld to run through my firewall.
4 - I have repeatedly rebuilt the kernel with DISASTROUS results
(I almost lost the eight gig drive with my only copy of this
broken-but-the-best-I-can-do script).
5 - Also using insmod to load verious .o modules dealing with ftp and
quake makes no
difference.
I want to run quakeworld on the firewall when this is done and I want to
be able to
connect to it via ip forwarding as well as use gamespy, etc. I also
want to be able
to play halflife, Quake 3, KingPin, etc...
If I can't make this work SOON, I'm gonna have to defect back over to NT
(ugh!)
and use some bluescreen-generating proxy software!
I have the following config file for launching ipfwadmin:
# ===========begin jeff's firewall file
# Some definitions for easy maintenance.
# To obtain the dynamic PPP IP address, the output of ifconfig is piped
to
# grep which strips out all the lines except the one containing the
address
# and pipes it to awk which strips out the 2nd field containing the
address.
# The final step has sed eliminate the text string "addr:" leaving just
the
# IP address. There is probably a simpler way to do this but it works
for me.
ISP_IP=`ifconfig eth1 |grep 'inet addr'| awk '{print $2}'|sed -e
"s/addr\://"`
echo $ISP_IP
# My fixed addresses (changed for this example)
ME="192.1.1.1"
FIRE_NET="192.1.1.0/24"
PRIV_NET="192.168.1.0/24"
ALLIP="0.0.0.0/0"
HIPORTS="1024:65535"
# Clear out whatever rules are still set
ipfwadm -I -f
ipfwadm -O -f
ipfwadm -F -f
# Start by completely denying any network access.
#ipfwadm -I -p deny
#ipfwadm -O -p deny
#ipfwadm -F -p deny
# Deny spoofed packets.
ipfwadm -I -a deny -V $ISP_IP \
-S $FIRE_NET \
-D $ALLIP
ipfwadm -I -a deny -V $ISP_IP \
-S $ISP_IP \
-D $ALLIP
# Allow unlimited traffic within the local network
# (All all traffic on the ethernet interface - attached to the
# Linux file/print server. This does not affect the behavior of
# the PPP/Internet connection.)
#
ipfwadm -I -a accept -V $ME \
-S $ALLIP \
-D $ALLIP
ipfwadm -O -a accept -V $ME \
-S $ALLIP \
-D $ALLIP
# Allow outgoing TCP packets for the specified protocols
# I use duplicate rules for both the specific PPP IP address (obtained
# from the first command line in this script) as well as the firewall
# subnet. The first rule allows you to access the Internet from the
firewall
# network since outgoing packets use the PPP connection IP as their
source
# address (Note that this is superfluous if you follow the instructions
# in chapter 11 that remove most network applications from the firewall
to
# increase security.) The second rule permits computers on the firewall
network
# and the private network to reach the Internet since they arrive at the
# PPP interface with the source address of the Linux file/print server
which
# routes packets from the private network to the firewall network and
# masquerades them.
ipfwadm -O -a accept -P tcp \
-S $FIRE_NET $HIPORTS \
-D $ALLIP pop-3 smtp ftp ftp-data nntp www telnet
domain
ipfwadm -O -a accept -P tcp \
-S $ISP_IP $HIPORTS \
-D $ALLIP pop-3 smtp ftp ftp-data nntp www telnet
domain
# Allow outgoing UDP packets for the specified protocols (name service
here).
ipfwadm -O -a accept -P udp \
-S $FIRE_NET $HIPORTS \
-D $ALLIP domain
ipfwadm -O -a accept -P udp \
-S $ISP_IP $HIPORTS \
-D $ALLIP domain
ipfwadm -F -a accept -P udp -S 0.0.0.0/0 -D 0.0.0.0/0 4000
ipfwadm -F -a accept -P udp -S 0.0.0.0/0 -D 0.0.0.0/0 5000
# Allow the return packets of sessions originating internally for the
# specified protocols. The -k option allows only those packets with
their
# SYN bit set. When the SYN bit is set, it means that the packet is
being
# returned by a remote process after having originated locally.
ipfwadm -I -a accept -k -P tcp \
-S $ALLIP pop-3 smtp nntp ftp www telnet domain
\
-D $FIRE_NET $HIPORTS
ipfwadm -I -a accept -k -P tcp \
-S $ALLIP pop-3 smtp nntp ftp www telnet domain
\
-D $ISP_IP $HIPORTS
# Allow the remote ftp server to initiate a connection back to you. This
# happens when you issue an ftp command like "dir" or "get" or "put",
etc.
# Note that this is not necessary if you use the ftp passive mode.
ipfwadm -I -a accept -P tcp \
-S $ALLIP ftp-data \
-D $FIRE_NET $HIPORTS
ipfwadm -I -a accept -P tcp \
-S $ALLIP ftp-data \
-D $ISP_IP $HIPORTS
#
#attempt to fix ftp and icq 4/5/99:
# ipautofw -A -r tcp 4000 5000 -h 192.125.125.2
# ipautofw -A -r udp 4000 5000 -h 192.125.125.2
ipfwadm -I -a accept -P udp \
-S $ALLIP $HIPORTS \
-D $FIRE_NET $HIPORTS
ipfwadm -I -a accept -P udp \
-S $ALLIP $HIPORTS \
-D $ISP_IP $HIPORTS
#
ipfwadm -I -a accept -P udp \
-S $ALLIP domain \
-D $FIRE_NET $HIPORTS
ipfwadm -I -a accept -P udp \
-S $ALLIP domain \
-D $ISP_IP $HIPORTS
#
# Set masquarading rules. (The second rule is necessary if you do not
# set up masquerading on the router - in our case the Linux file/print
# server - between the private and firewall networks. If that is the
# case, you also have to add a route on the firewall server to point
# back to the private network. For example:
# route add -net 192.168.1.0 gw 192.168.32.254
#
ipfwadm -F -a masquerade -S $FIRE_NET -D 0.0.0.0/0
ipfwadm -F -a masquerade -S $ISP_IP -D 0.0.0.0/0
#===== end of file
------------------------------
From: "Eric" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Firewalls and proxy servers?
Date: Mon, 05 Apr 1999 18:05:49 GMT
I'm looking to set up a small network at home with a few PC's, and an ADSL
line, and consequently, would like to set up a firewall/router as my ADSL
connect point. That way, all my PC's can access the net thru the ADSL line,
but hopefully won't be vulnerable to outside attacks.
I'm somewhat familiar with Linux basics, but am have little information
about Firewalls and proxy servers under Linux. Ideally, I'd like to use an
old 386 as my Firewall, cuz it isn't doing anything but collecting dust
anyhow.
Would you be able to point me towards useful FAQs on these topics? I've
already read Mark Grennan's "Firewalling and Proxy Server HOWTO", but from a
first run-through, it seems to be missing some critical information - ie:
UDP proxy servers, and how to set up proxy servers for outside access (ie:
telnetting or ftp'ing from outside in). Furthermore, if you could also
suggest good firewall/proxy packages to use, I would greatly appreciate it.
If necessary, I could always beef up my system and use a 486 instead (would
at least give me Xwindows interface, if there are packages out there that
use Xwin to make setup easier...).
Thanks!
Eric
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: firewall problem
Date: Mon, 05 Apr 1999 18:07:32 GMT
Hi there,
I have two networks connected with linux firewall. Users from first network
can validate on NT PDC which is on second network. Problem is that I users
from first network are unable to see computers in their "Network
Neighborhood". Wins server is also on second network.
Any ideas?
Thanks
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED]
Subject: Problem with Xkerneled Sun4c over RedHat 5.2
Date: Mon, 05 Apr 1999 18:21:32 GMT
Hi,
I am having some trouble getting past this point.
After tftp sends the kernel to Sun4c and same gets nfs mounted root on:
/usr/export/root/Xkernel.sun4c, Sun will get most of the stuff up to
this point:
....
cgs0x
cgs1x at ...
no bootparam server responding, still trying
whoami: pmap_rmtcall status 0x5
=====================================
rpc.bootparam is loaded, and it would not get to this point without
exporting root and kernel in the step before.
My /etc/exports file is:
/usr offer.econ.lsa.umich.edu(rw)
i wanted to check if (ro) was messing up so I changed it to (rw)
rc.local:
# Here is the Xkernel stuff
# /usr/export/src/bootparamd/rpc.bootparamd
/sbin/rarp -s offer 8:0:20:B:91:56
/sbin/arp -s offer 8:0:20:B:91:56
/usr/bin/X11/xfs -config /usr/export/fsconfig &
/usr/export/src/bootparamd/rpc.bootparamd
host file under $root/etc/
127.0.0.1 localhost
141.211.12.155 offer.econ.lsa.umich.edu offer
141.211.12.161 friedman.econ.lsa.umich.edu friedman primaryxdmhost
server logho
st fontserver
Same is under /etc/hosts on the server side
defaultrouter is changed to correct number.
Here is the ps report:
bin 208 0.0 0.2 764 384 ? S 11:22 0:00 portmap
root 299 0.0 0.4 1080 612 ? S 11:22 0:00 rpc.mountd
root 308 0.0 0.4 1084 592 ? S 11:22 0:00 rpc.nfsd
root 430 0.0 0.5 1392 760 ? S 11:22 0:00
/usr/bin/X11/xfs -config /usr/export/fsconfig
root 432 0.0 0.4 920 556 ? S 11:22 0:00
/usr/export/src/bootparamd/rpc.bootparamd
I snooped the client from Solaris client, but all what I get is client
getting confused over its IP address and trying to send ICMP Echo
Request.
That is an error diagnostic packet, , if I ma correct. It looks like I
have something missconfigured on my server side
Any suggestions
/s
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Tommy Johnsson <[EMAIL PROTECTED]>
Subject: Re: Linux in NT Domain
Date: Mon, 5 Apr 1999 20:37:57 +0200
On Sun, 4 Apr 1999, Greg Saunders wrote:
> Hey everyone...
>
> I'm in the process of setting up a Linux box on my existing NT Domain based
> network. The advantages of gaining some much needed network space at a
> reasonable price and the potential to add some "native" Internet
> connectivity were too much to pass up even for an NT diehard like myself.
> I've setup RedHat 5.2 (surprisingly easy) with Samba on a system, and have
> things barely functional (share level acces via a guest account). My network
> is all IP, with 95/98 clients and NT Server as the PDC.
>
> Does anyone who has travelled this road before have any tips they'd like to
> share? I'd be especially interested in the following:
>
> 1. Can Linux validate users (even just for Samba) through the NT box?
Yes, you can
>
> 2. Should I run my WINS server on NT or Linux (using RAS on NT for limited
> dialup)?
Most preferably on the same sytem wich serve as the PDC
>
> 3. Does this encrypted password thing really work in Samba?
Very vell.
>
> 4. Is there anything which in retrospect I'm likely to feel really stupid
> about doing?
I haven't come that far yet.
>
> Thanks for the help.
>
You should probably read smb.conf manpage, the documents in
/usr/doc/samba and of course rhe HOWTO about samba.
Tommy
------------------------------
From: [EMAIL PROTECTED]
Subject: NO RE - connect() ....
Date: Tue, 06 Apr 1999 06:13:20 GMT
hi all,
is there any software-only solution for this:
tcp based client remains transparent to tcp-servers' switching of
ethernet card, or IP address changeover from active NIC to standby
NIC. what changes are required, and where.
can IP Masquarading help in anyway, how? any information or pointers
are welcome.
TIA
banibrata.
ps> i posted a quesiton (similar) previously, to which i got many
replies, all hardware solutions, but i need a software solution.
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Jon-o Addleman)
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: Re: Using Linux instead of NT Server in home environment....
Date: Tue, 06 Apr 1999 05:41:49 GMT
Once upon a Mon, 5 Apr 1999 22:52:56 +0100, Stuart Jeffrey
<[EMAIL PROTECTED]> wrote:
>>Certainly no bug like that has EVER persisted for 5 years in any open
>>source program, unless no one was using it at all. In that case, it
>>really doesn't matter...
>It does work if you install another network client or something in the
>networking bit in control panel. Can't remember what. Make sure you
>have client for ms networks installed. I remember i got it to work by
>installing some thing in the network bit.
I believe it is that it requires the client for MS networks. But it
doesn't make much sense to need that! It's a bug, plain and simple,
unless there's some really bizarre reason that it'd be good to have it
work that way....
--
Jon-o Addleman
------------------------------
From: [EMAIL PROTECTED]
Subject: qmail hell
Date: Mon, 05 Apr 1999 00:51:24 GMT
I just want to be able to email the machine that is 3 feet from me, but qmail
tries to lookup alll names with DNS. I have my host.conf set to hosts, bind
and the name and ip of the machine in my hosts file. Why can i not make it
realize that the machine is local? I am sure that I am being realy blind
here but I feel like.... well anyways any help is great.
wltr
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Richard Curtis" <[EMAIL PROTECTED]>
Crossposted-To: linux.redhat.misc
Subject: Re: File transfer over ethernet between Linux and Win 9x
Date: Tue, 6 Apr 1999 07:59:45 +0100
A big thanks to everyone who has replied. I am getting there with Linux,
and with this kind of help, It shouldnt take too long before I am
comfortable using it.
Thanks a lot
Richard
------------------------------
From: [EMAIL PROTECTED] (Klaus-Dieter Zschummel)
Subject: Keine Internet-Verbindung mit Linux
Date: Tue, 6 Apr 1999 08:14:11 +0200
Hallo Leute,
ich ben�tige mal Hilfe zu o.g. Problem.
Wenn ich versuche mich ins Internet einzuw�hlen passiert folgendes:
das Modem w�hlt - der Server antwortet - in der Log wird "Connect 56000"
angezeigt - Statusfenster zeigt "Am Netz anmelden" - Log zeigt als Status
"Starte pppd..." und das wars auch schon. Das Modem schaltet sich dann von
selbst nach ca. 20s ab (eingestellt sind 60s). Nach 60s kommt dann die
Linux-Fehlermeldung, da� die vorgegebene Verbindungszeit abgelaufen ist.
Gleiches tritt bei T-Online und bei Mobilcom auf. Das Witz dabei ist, da� es
am Abend vorher mit beiden Verbindungen einwandfrei geklappt hat. Am
n�chsten Tag, ohne irgendwelche Ver�nderungen vorgenommen zu haben, gehts
nicht mehr.
Vielleicht hat schon mal jemand was �hnliches erlebt oder hat eine Erkl�rung
daf�r.
�ber Hilfe w�re ich sehr dankbar.
Ich hoffe dies ist die richtige Newsgroup ich habs sicherheitshalber auch in
"comp.os.linux.setup" und "comp.os.linux.answer" gepostet.
Bitte Antworten �ber Newsgroup oder direkt an [EMAIL PROTECTED]
Gr��e Klausi
------------------------------
From: [EMAIL PROTECTED] (Brian Lavender)
Subject: exporting / in nfs question
Date: Tue, 06 Apr 1999 07:19:24 GMT
I am experimenting with NFS on two machines within a private IP
network.
I am trying to export root to another machine on my private internal
ip network. I read the man page for exports and it would seem I should
configure the
/etc/exports file on machine 192.168.1.100 like so:
darkstar:# cat /etc/exports
/ 192.168.1.1 (ro)
Problem is I get "Permission Denied" error when I try to mount it from
192.168.1.1
Is this the proper way to do this?
brian
====================
Brian Lavender
Sacramento, CA
http://www.brie.com/brian/
"If a train station is where the train stops,
what is a workstation?" -- Phil Adamson
------------------------------
From: "Franky Goethals" <[EMAIL PROTECTED]>
Subject: WISECOM ETHERNET CARD
Date: Tue, 6 Apr 1999 09:34:33 +0200
Hello all,
I've recently installed SUSE - linux, and want to use my network-card,
a WISECOM-card.
I can't get it to work without the good drivers.
Any help would be appreciated.
Tnx,
Franky.
------------------------------
From: "murali" <[EMAIL PROTECTED]>
Subject: Re: mailserver global address book
Date: Tue, 6 Apr 1999 10:01:46 +0200
Crossposted-To: comp.os.linux.setup,microsoft.public.mcis.mailserver
yes outlook can do that if you the Address book on Linux box can be
searched using LDAP....
------------------------------
From: [EMAIL PROTECTED] (Alain Rime)
Subject: Problem with PCNFS
Date: Sun, 04 Apr 1999 17:20:36 GMT
Hi,
I have Linux SuSE 6.0 installed on my machine called Serverunix1. With
a client machine (mulan) running Windows 98 with NFS Reflection, I try
to get access on the linux server. On the linux server, the following
files are configured as below :
/etc/hosts
138.0.0.16 mulan.lc.ch mulan
138.0.0.20 serverunix1.lc.ch serverunix1
138.0.0.21 serverunix2.lc.ch serverunix2
127.0.0.1 localhost
/etc/exports
/nfsdir mulan(rw,no_root_squash) serverunix2(rw,no_root_squash)
/pcnfsd.conf
uidrange 0-60002
The services nfs, pcnfs and bwnfs are also started.
With my Win98, I can list the files in nfsdir but I cannot read them
or create new ones. I got a share violation error, although I have the
right permissions on them. If I try to access these same files from
another Linux server (serverunix2) mounting the nfsdir, I can do all
that I want with the files.
Can someone tell me what's wrong ? Why do I get this "Share violation
error" ?
Thanks for help.
Alain.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
