Linux-Networking Digest #682, Volume #9 Sat, 26 Dec 98 18:13:34 EST
Contents:
Apache - Virtual Host or /etc/hosts (Mark Worsdall)
Re: firewall tool for linux? (Paul B. Brown)
netconfig in Red Hat 5.0 ([EMAIL PROTECTED])
Networking NT ("Fred Augustine")
Re: Realtek RTL8029 Ethernet Adapter Driver for Linux. ("Fred Augustine")
Re: Dial tone (Ingo Buescher)
Re: Connecting Linux to a Wingate proxy... ("Dennis M. Gray")
3COM 3C905-TX Fast EtherLink XL PCI Card ("Dennis M. Gray")
PPP problem with HW flow control ([EMAIL PROTECTED])
Re: kppp and slow connects ([EMAIL PROTECTED])
PPP connection problem ("John McSwain")
Re: @home & mail/news (Stuart R. Fuller)
Re: BT Internet (David Ford)
Re: ppp stopped working (Bobroff)
Re: Use phone cable for 10BaseT? (Stephen Schwetz)
----------------------------------------------------------------------------
From: Mark Worsdall <[EMAIL PROTECTED]>
Subject: Apache - Virtual Host or /etc/hosts
Date: Sat, 26 Dec 1998 20:13:26 +0000
Hi all,
I have 2 machines on my network win98 (10.0.1.250) and linux
(10.0.1.254) and these entries are in linux's /etc/hosts file.
127.0.0.1 localhost localhost.localdomain
10.0.1.254 linux.sparebedroom.home linux
10.0.1.250 worsdall.demon.co.uk win98
Now I want to be able to through Apache server on linux be able from
win98 (MS IE4) be able to just type:-
http://shadow.org
http://worsdall.org
http://spartan.ltd
http://hinwick.col
All these sites will be stored on linux and delivered through Apache,
linux has no direct access to the Internet other than through win98,
this link isn't currently working, though win98 access's the internet
fine. Should somewhere in linux I add a defualt gateway command like to
10.0.1.250 as the default gateway?
Should I have some extra entries in /etc/httpd/conf/httpd.conf about
virtual hosts etc.
BTW: I cannot at this moment access the server from win98 though ps -ax
reports it is running.
M.
--
Mark Worsdall - Oh no, I've run out of underpants :(
Home:- [EMAIL PROTECTED] WEB site:- http://www.worsdall.demon.co.uk
Shadow:- [EMAIL PROTECTED] WEB site:- http://www.shadow.org.uk
Work:- [EMAIL PROTECTED] WEB site:- http://www.hinwick.demon.co.uk
TCP/IP gatewaying http://www.hinwick.demon.co.uk/computerDept/
------------------------------
From: [EMAIL PROTECTED] (Paul B. Brown)
Crossposted-To: comp.security.firewalls
Subject: Re: firewall tool for linux?
Date: 26 Dec 1998 20:21:56 GMT
Jan,
There are two types of firewalls. Alone, neither of them are solid
protection against a persistant and knowledgable cracker. Together,
however, they are formitable. Properly setup, it can defeat pretty much
any attack long enough for you to be notified of the attack so you
can take action against the perps.
Two Firewalls:
=============
1. Packet Filters - These firewalls will allow to to reject/allow packets
in and out of your network based on source/destination
IP addresses and source/destination ports. They work
between the data link and IP layers of the TCP/IP
stack.
2. Proxy Filters - These firewalls insert a piece of software between the
service inside the protected network and the big, bad
wolf (Internet). Lets take web services as an example.
Your web browser will actually ask the firewall to
connect to a site and download the page. The firewall
will then pass the page back to you. In this way, you
the user, hides behind the firewall so you cannot be
touched. These firewalls work at the application layer
of the TCP/IP stack.
Putting those two types of firewalls together will allow you to create a
strong security policy. Use the packet filter to allow only those networks
and hosts that are trusted access to and from your proctected network and
shutdown all unused ports. Use the proxies to hide the users allowed
access through the firewall via the allowed services.
They only real question is: Do you want both types of firewalls on loaded
or do you want to separate the firewalls into separate boxes. Hummmm.
Anyway to actually answer your question: ;->
Use IP Chains as the packet filter and either TIS or SOCKS as the Proxy
filter.
Nuff said? ;->
Paul
>i need to setup a firewall on a linux machine. the firewall should
>be an intelligent packet filter not a proxy.
>
>question: which package should i take?
>
>there are:
>* the sinus firewall tool (http://www.ifi.unizh.ch/ikm/SINUS/firewall/)
>* ipfwadm
>* ipchains
>* tis ?
>* ...
>
>has anyone made some experience with the packs?
>
> thanks a lot
>
> jan
>
>
>
>---------------------------------------------------------------------
>| Jan Stifter email: [EMAIL PROTECTED] |
>| web: www.htl-bw.ch/~ia95stif |
>| meet me: telnet://freechess.org:5000 (nick: nunc) |
>---------------------------------------------------------------------
--
===========================================================================
Paul B. Brown [EMAIL PROTECTED]
President
Brown Technologies Network, Inc. http://www.btechnet.com/
Unix Systems Administration "Sailing is a state of mind . . . ."
===========================================================================
------------------------------
From: [EMAIL PROTECTED]
Subject: netconfig in Red Hat 5.0
Date: Sat, 26 Dec 1998 20:22:14 GMT
Hi If there's any command I can do network configure in Red Hat 5.0 ( as
netconfig command in salckware 3.4 ).If not should I do network configure in
xwindows ?. Thankyou
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Fred Augustine" <[EMAIL PROTECTED]>
Subject: Networking NT
Date: Thu, 24 Dec 1998 17:12:45 -0600
Newbe needs help networking to NT 4.0 Server with Red Hat 5.2
------------------------------
From: "Fred Augustine" <[EMAIL PROTECTED]>
Subject: Re: Realtek RTL8029 Ethernet Adapter Driver for Linux.
Date: Sat, 26 Dec 1998 14:48:41 -0600
I am having the same problem,can't connect with my NT server
Ian Westcott wrote in message <75nn7q$cf7$[EMAIL PROTECTED]>...
>XiaoTim ([EMAIL PROTECTED]) wrote:
>: Please tell me where I can get the driver.
>: Thank you with Best Regards
>
>Should come with the kernel. I use a PCI NE2000 card which uses a Realtek
>8029 chip. No problems.
>--
>
>Ian Westcott Rakarra@IRC
>ez042914 --or-- itlm013 @peseta.ucdavis.edu [EMAIL PROTECTED]
> --------------------------------------------------------------------
> "Demon's blood and dragon fire, falling on my wings.
> Racing to the battle in the sky and ancient gods are
> calling me I hear them when they sing,
> of all the heroes who wait for me to die."
------------------------------
From: Ingo Buescher <[EMAIL PROTECTED]>
Subject: Re: Dial tone
Date: 25 Dec 1998 20:40:45 GMT
Wemmer Alexander <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> wrote:
> Hi!
> When i�m trying to dial out with my modem under linux (send ATD08086), i
> get the mesage NO DIALTONE and the modem hangs up!
> When i�m dialing out under Win95, i can do this without any dialtone (is
> an option in w95) -> everything works fine.
Might help to initialize your modem with at&fx3 to make sure it will not
wait for the dial tone.
IB
========================================================================
Ingo Buescher <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]>
Fingerprint-RSA: 4D 3B 04 A2 69 3C 8D AC AA FC 7A 2A 19 75 77 6A
-D/H: 5F3A A78A 6FE5 A39E 6FC1 6D5B 0984 D08D 286F 3BD0
PGP Code : to get my PGP code send a mail with #GET PGP as subject
========================================================================
M$: Our software of tomorrow will make sure that on your
hardware of tomorrow everything will work at the usual speed.
------------------------------
From: "Dennis M. Gray" <[EMAIL PROTECTED]>
Subject: Re: Connecting Linux to a Wingate proxy...
Date: Sun, 27 Dec 1998 09:36:48 +1100
This is a multi-part message in MIME format.
==============AF530B0F1BC83A36557B724B
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Patrick,
Some of the replies suggested using Sygate instead of Wingate. I don't have any
experience with Sygate but have set up Wingate on a network consisting of an
NT Server as the proxy with a number of Unix boxes using it, including one
running Linux (others are Digital Unix, Sun, SCO). All work just fine. We are
not using any of the fancy stuff with Wingate, though, like DHCP.
So, unless you have any real reason for services Sygate might offer, I don't see
a reason for changing if you are already using Wingate.
Dennis
Patrick Mayer wrote:
> Hi,
>
> I have a small LAN (ethernet) at home which consists of three PCs. One of the
> machines is configured as a proxy server by the means of Wingate. It also
> provides DHCP services through Wingate as well.
>
> The protocols installed on this PC are:
> TCP/IP
> IPX/SPX
>
> Bothe are binded to a MS Client.
>
> Right now, what I would like to do is to be able to connect my Linux box to
> the internet by passing through the proxy server (that proxy is linked to the
> net by means of a cable modem).
>
> Are there any simple ways to accomplish this? (I'm a newbie in the Linux
> world... So go easy on the "recompile the kernel and do this..." type of
> action :)
>
> Thanks!
==============AF530B0F1BC83A36557B724B
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Dennis Gray
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Dennis Gray
n: Gray;Dennis
email;internet: [EMAIL PROTECTED]
note: Claremont VMX: 161-5162
x-mozilla-cpt: ;0
x-mozilla-html: TRUE
version: 2.1
end: vcard
==============AF530B0F1BC83A36557B724B==
------------------------------
From: "Dennis M. Gray" <[EMAIL PROTECTED]>
Subject: 3COM 3C905-TX Fast EtherLink XL PCI Card
Date: Sun, 27 Dec 1998 08:45:41 +1100
This is a multi-part message in MIME format.
==============302C4171046CBEDC94524037
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I am looking for a driver for this card. Running kernel 2.0.30 (Redhat
4.2). Donald Beckworth's site returns a "NOT FOUND" when I try to
download one he says will work. Has anyone had success with this card
under the same configuration.
Regards,
Dennis M. Gray
[EMAIL PROTECTED]
==============302C4171046CBEDC94524037
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Dennis Gray
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: Dennis Gray
n: Gray;Dennis
email;internet: [EMAIL PROTECTED]
note: Claremont VMX: 161-5162
x-mozilla-cpt: ;0
x-mozilla-html: TRUE
version: 2.1
end: vcard
==============302C4171046CBEDC94524037==
------------------------------
From: [EMAIL PROTECTED]
Subject: PPP problem with HW flow control
Date: Sat, 26 Dec 1998 22:44:33 GMT
I'm at my Witt's End - desperate and repeatedly banging my head against the
monitor so pls. hlp somebody.
I have set up pppd according to the HOWTO and everything seems to work fine
except for one thing. As soon as I add the crtscts (HW flow-control) option to
pppd, chat refuses to speak to my modem.
The problem is reproduceable using minicom. Using HW flow-control brings
everything to a grinding halt, removing it makes everything work almost fine
except for speed.
My modem config is:
B0 E1 L1 M1 N5 Q0 V1 X4
&B1 &C1 &D3 &G0 &H3 &J0 &K4 &L0 &M0 &N0 &P1 &R1 &S0 &X0 &Y1
*B0 *C0 *D0 *E0 *F0 *G0 *I0 *L0 *M0 *P9 *Q2 *S0
S00=000 S01=000 S02=043 S03=013 S04=010
S05=008 S06=003 S07=045 S08=002 S09=006
S10=007 S11=080 S12=000 S13=000 S14=002
S15=002 S16=000 S17=018 S18=000 S19=000
S20=002 S21=242 S22=000 S23=101 S24=042
S25=000 S26=000 S27=156 S28=068 S29=000
S30=000 S31=017 S32=019 S33=255 S34=030
S35=032 S36=000 S37=000 S38=000 S39=003
S40=000 S41=000 S42=000 S43=000 S44=000
S45=100 S46=028 S47=064 S48=000 S49=000
S50=000 S51=000 S52=000 S53=000 S54=000
S55=000 S56=000 S57=000 S58=000 S59=000
The &H3 option enables HW flow control.
I invoke pppd using this string:
/usr/sbin/pppd /dev/cua1 38400 connect '/usr/sbin/chat -r /tmp/pppd-report -e
-v -f /etc/ppp/default' defaultroute crtscts proxyarp passive ^^^^^^^
The crtscts is apparently causing the problem
Setserial reports the following:
[root@www ppp]# setserial -a /dev/cua1
/dev/cua1, Line 1, UART: 16550A, Port: 0x02f8, IRQ: 3
Baud_base: 115200, close_delay: 50, divisor: 0
closing_wait: 3000, closing_wait2: infinte
Flags: spd_normal skip_test
stty reports the following:
[root@www ppp]# stty -a </dev/cua1 speed 38400 baud; rows 0; columns 0; line
= 0; intr = ^C; quit = ^\; erase = <undef>; kill = <undef>; eof = ^D; eol =
<undef>; eol2 = <undef>; start = ^Q; stop = ^S; susp = ^Z; rprnt = ^R; werase
= ^W; lnext = ^V; flush = ^O; min = 1; time = 0; -parenb -parodd cs8 -hupcl
-cstopb cread clocal crtscts ignbrk -brkint ignpar -parmrk -inpck istrip
-inlcr -igncr -icrnl -ixon -ixoff -iuclc -ixany -imaxbel -opost -olcuc -ocrnl
-onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0 -isig -icanon
-iexten -echo -echoe -echok -echonl -noflsh -xcase -tostop -echoprt -echoctl
-echoke
What am I missing???
Any help greatly appreciated.
[EMAIL PROTECTED]
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: kppp and slow connects
Date: Sat, 26 Dec 1998 20:46:07 GMT
In reference to the below posts, I have the same problem but have a temporary
work-around. I use ppp-2.3.5 on a Slackware system and put ppp-on and
ppp-off on the desktop where I like them and go from there. It would be
nice to use the native files though. I changed the modem string to the
one I use with 2.3.5, that gives consistent 49333 connections with
a generic USR No.5687 Plug and Pray modem. Thank heavens for isapnp!
If anyone can figure it out I'd be much obliged.
Best regards,
Kurt Savegnago
use this address if replying [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>,
"Ian Payne" <[EMAIL PROTECTED]> wrote:
>
> Greig McGill wrote in message <75bkhj$tf0$[EMAIL PROTECTED]>...
> >Hi.
> >
> >I've just configured RH5.2 with KDE and all is rocking along
> >nicely...except...
> >I can't get kppp to connect to my ISP at anything above 9600.
> >If I use the ifup ppp0 method of starting pppd it works fine...but I'd like
> >the nice kppp front end for myself and my users.
> >
>
> That makes two of us.
>
> On my RH5.1 system using netcfg or wmppp (under Window Maker) I can connect
> at 40-44k consistently.
>
> I installed KDE and setup kppp, but it only connects at 9600. If I watch the
> log file it show CARRIER 44000 but only CONNECT 9600.
>
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "John McSwain" <[EMAIL PROTECTED]>
Subject: PPP connection problem
Date: Sat, 26 Dec 1998 17:56:16 -0500
I had PPP working early in the week now it connects, accepts my username,
password, and takes ppp. I then receive an IP from my ISP. Shortly
thereafter I disconnect. In Messages I get the following: "IPCP: timeout
sending Config-Requests". Would appreciate any advice.
Please remove the "nospam" in my e-mail address to reply.
Thanks,
John
------------------------------
From: [EMAIL PROTECTED] (Stuart R. Fuller)
Subject: Re: @home & mail/news
Reply-To: [EMAIL PROTECTED]
Date: Sat, 26 Dec 1998 22:58:41 GMT
Niels Voorhoeve ([EMAIL PROTECTED]) wrote:
: Hi,
:
: I've got my Intel EtherExpress Pro 10+ card working, but only for the
: Web. News and Mail don't work. I get an error that my news server
: (news for @home) doesn't have a DNS address. What gives? Does this
: have something to do with the proxy server?
Type:
$ nslookup news
If it reports that "news" has no IP address, then one of following must be
happening:
- @home doesn't have a news server (not likely the case - they do on
my @home cable modem setup)
- Their DNS server is whacked.
- Your /etc/resolv.conf is misconfigured.
Let me show you:
$ nslookup news
Server: proxy1.wodhvn1.mi.home.com (this is the name server)
Address: 24.2.252.33
Non-authoritative answer:
Name: lh2.rdc1.mi.home.com
Address: 24.2.68.71
Aliases: news.wodhvn1.mi.home.com
As you can see, "news" does work properly. Note that I didn't mention the
domain name - just the hostname. For this to work, you need your
/etc/resolv.conf file setup correctly. Here's what mine looks like:
search wodhvn1.mi.home.com
nameserver 24.2.252.33
nameserver 24.2.252.34
If you don't supply a domain name when looking to translate a hostname, the
resolver will supply one for you. And, in your /etc/resolv.conf file is where
it gets a domain name.
Stu
------------------------------
From: [EMAIL PROTECTED] (David Ford)
Crossposted-To: alt.os.linux.slackware,btinternet.homepages.authoring
Subject: Re: BT Internet
Date: 26 Dec 1998 21:11:41 GMT
>My progress so far - I can get a connection which authenticates but PPP
>does not set the default route. I have defaultroute in the command line -
Hi Alex
Sounds like you might have a default route set up by default ;-) --- ppp
will not create a default route if one already exists.
do :-
route delete default
and try again
unless you have your linux box on the end of a largeish network you don't
need a default route anyway.
My .02p
Dave
--
D. J. Ford
15 Crawford Road E-mail: [EMAIL PROTECTED]
Hatfield, Herts Phone: +44 (0)1 707 886 095
AL10 0PF, U.K. Fax: +44 (0)1 707 261 836
------------------------------
From: [EMAIL PROTECTED] (Bobroff)
Subject: Re: ppp stopped working
Date: 26 Dec 1998 22:55:54 GMT
>> I can dial my ISP and even ping the server.
> ^^^^^^^^^^^^^^^
>Are you talking about pinging the IP that shows up in the 'remote IP
>address' log entry that pppd makes? If so, then you might have a
>routing problem.
I'm not aware of the entry you mention. I can ping the IP number that I
entered in the nameserver field in netcfg. To add a bit of mystery to the mix,
I got a connection with Lynx after a re-install today. Then I upgraded to the
more recent kernel that I had been using and I could not do it again. I tried
booting to the old kernel again and it wouldn't work.
>If you're running pppd without the 'defaultroute' option, however,
>only the first entry is created. Thus, you could ping the server just
>fine (using the first route), but as the second route wouldn't exist,
>the rest of the net would be unaccessible.
I have been connecting using just the netcfg tool. I have not delved into
pppd. I will look into this and see if I can make any sense of it.
My DNS server IP number is <193.4.241.1> and I can ping it as I mentioned
before. Looking at my old computer (a Mac) I see that there is also another IP
number <192.0.0.0>. Is this the "second" route you mentioned and should I put
this somewhere?
The really puzzling thing is that I set it up very simply before and it worked
just fine. Now it works once after a re-install and then refuses to work
again.
Any other suggestions?
David
------------------------------
From: Stephen Schwetz <[EMAIL PROTECTED]>
Crossposted-To: aus.computers.linux
Subject: Re: Use phone cable for 10BaseT?
Date: Sun, 27 Dec 1998 10:12:55 +1100
Since Win 95 osr2 and NT4 sp 3 microsoft has disabled unencripted passwords
by defauld..
look at www.samba.org for more information on how to enable it.... Its
simple just download a file and one it on your windoze machines
Stephen Schwetz
Andy Calcraft wrote:
> I am having problems with samba on linux:
>
> I'm running Slackware 3.5 with Samba 1.9.18
>
> Network is OK because can ping, telnet and ftp without problem from any
> machine to any other where appropriate.
>
> testparm smb.conf works OK and I get at I expected.
>
> smbclient -L xxxx
>
> 1) Appears to work to a Win95 box but not an NT box.
>
> 2) when xxxx = linux (Hostname = COMPSAGNATHUS) I get the following
> message:
>
> Added interface ip=192.0.1.4 bcast=192.0.1.15 nmask=255.255.255.240
> Session request failed (131,129) with myname=COMPSAGNATHUS
> destname=COMPSAGNATHUS
> Not listening for calling name
> Try to connect as another name (instead of COMPSAGNATHUS)
> You may find the -n option useful for this
>
> The ip and subnet masks values look right.
>
> and I cannot log in from a Windows box. Though the Samba sever is
> listed windows does not see the shares and I get the sort of message one
>
> would expect if it cannot see the computer. (applies to 95 and NT boxes)
>
> I think the problem lies with Samba, possibly the nmbd portion, on the
> linux box.
>
> Any suggestions?
>
> I suspect that there may be another problem relating to encryted
> passwords with NT but at the moment I don't think it is the critical
> factor.
>
> --
> -------------------------------------------
> Andy Calcraft
> [EMAIL PROTECTED]
> Petrophysical and Geological Consultant
> Railway Modeller to 2mm scale (1:152)
> Tel: 07 3870 1640 (Australia)
> Fax: 07 3371 5700
> -------------------------------------------
--
My computer is powered by LINUX and has been up
10:10am up 25 min, 3 users, load average: 1.83, 1.48, 1.09
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
