Linux-Networking Digest #533, Volume #10 Wed, 17 Mar 99 21:13:30 EST
Contents:
Re: Linux as PCNFS-server... (Sparkzz)
Re: PPP Problems (Clifford Kite)
Re: IP Masquerading - The quest continues (help needed) (Iain O'Cain)
Problem with DHCPCD 1.3 (Olivier Baudron)
Slow networking ! ("Roger Helgesen")
Re: route -n shows 2 eth0 cards (Iain O'Cain)
Re: Auditing on my mailboxes on my linux mailserver (Carles Arjona)
Re: FTP still doesn't work on ports other than 21 (Newsroom)
setting: how to send mail behind firewall ("Wilson Lam")
LDAP/NDS for Linux?? ("Aaron Saikovski")
Re: pppd died unexpectedly ??? ("Rob")
ip_masqurade question ("Claus Meisel")
Re: IP Forwarding via Command Prompt (Don Heffernan)
Broadcast through IP-IP tunnel - help! ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Sparkzz)
Subject: Re: Linux as PCNFS-server...
Date: 17 Mar 1999 23:58:05 GMT
Hello,
You'd probably have better luck if you ran SAMBA.
.
.
....Ken
------------------------------
From: [EMAIL PROTECTED] (Clifford Kite)
Subject: Re: PPP Problems
Date: 17 Mar 1999 17:40:43 -0600
Martin ([EMAIL PROTECTED]) wrote:
: Hi all,
: I am running redhat 5.2 and kernel 2.2.3 with a 56K modem. I have been
: trying to get a connection to my ISP, but have had no luck so far. The
: problem usually occurs when I try to download anything over the link. pppd
: dies with exit code 1. I have tried this with debug and kdebug 1 options
: enabled which produced the following log, any help with this problem would
: be appreciated. The **snip** lines contain the data for a download of the
: newsgroup haeders, I didn't think it would help, but can repost it if
: required.
I'd guess it's an ACCM problem, try the pppd option "asyncmap 0".
The Frame Check Sequence (checksum) errors can be caused by other
things too. A speed bottleneck at some point within the data flow,
no crtscts pppd option, a buffer overflow problem, bad cables, a
misconfigured modem, the wrong UART configured in Linux, even a hard
disk that keeps interrupts off too long during IO.
--
Clifford Kite <[EMAIL PROTECTED]> Not a guru. (tm)
/* Speak softly and carry a +6 two-handed sword. */
------------------------------
From: [EMAIL PROTECTED] (Iain O'Cain)
Subject: Re: IP Masquerading - The quest continues (help needed)
Date: 17 Mar 1999 17:05:32 -0700
Reply-To: [EMAIL PROTECTED]
In article <7cjjfb$8an$[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> wrote:
>System: Intel Box, Fresh Redhat: 5.2, Kernel: 2.3.3 recompiled with IP
>Masquerading support.
>
>So far I'm running the ipchain commands manually. (Q1) Where should I put them
>to make sure they get invoked at boot time?
As someone else suggested, create a file in /etc/rc.d/. Something like
"rc.firewall" (to follow the convention there), and add a line to
/etc/rc.d/rc.local to invoke the rc.firewall script.
>ipchains -P forward DENY
>ipchains -A forward -s 192.168.1.0 -j MASQ
You might want to check in to a more secure set of rules at some point.
There's a site created by someone named Robert L. Ziegler that will
give you an rc.firewall configured for your needs. A search on his name
should bring it up.
>I'm also activating the ip_masq_????.o shared libraries (via modprobe)
>manually. (Q2) In what .conf file should the modprobe commands go?
You don't actually need to run modprobe "by hand" in a script. Have a
look at the Modules HOWTO (in your /usr/doc directory or on the RedHat
CD).
>If I do a 'locate ip_masq_ | grep .o' there are about 12 .o files found. (Q3)
>Where can I find information on what they do? I've checked the corresponding
>.c file but the information in there is a bit thin.
Have a look at some of the IP Masquerading web sites.
>On the client Macintoshs I'd like to run a server process (so that someone
>outside my LAN can connect to a server on one of the Macs). (Q4) Is this at
>all possible with IP Masquerading? Can the Linux box route IP packets
>directed at a certain port at the Mac server?
You'll need to use some method of "port forwarding" to have your firewall
direct all requests for a particular port (or an IP address/port pair) to
a system behind the firewall. I'm still an ipchains novice, so I'm not
sure whether it's the tool for this.
>Last question: I'd like to host my web site (with it's own domain) on my own
>server do I need to run my own domain name server?
No, you don't.
In case you'd like to know more... ;-)
The way DNS works, some server will be designated as "authoritative" for
your domain. It just has to respond with your system's IP address. You
might want to run your own name server so that you can add additional
hosts, or virtual hosts, at any time. Then again, you might like to
have someone experienced with it take care of that until you've learned
more, depending how important reliability versus learning are to you!
Good luck.
- Iain
------------------------------
From: Olivier Baudron <[EMAIL PROTECTED]>
Subject: Problem with DHCPCD 1.3
Date: Thu, 18 Mar 1999 00:41:53 +0100
Hi,
I have a 2.2.3 kernel (my installation was from a RH5.1).
When launching dhcpcd (version 1.3.17pl5), the system hangs up a few seconds and
failed getting an IP adress. I receive a "timed out waiting for a valid DHCP
server response" message.
My ethernet board seems correctly detected at boot time:
ne2k-pci.c:v0.99L 2/7/98 D. Becker/P. Gortmaker
http://cesdis.gsfc.nasa.gov/linux/drivers/ne2k-pci.html
ne2k-pci.c: PCI NE2000 clone 'RealTek RTL-8029' at I/O 0x6000, IRQ 9.
eth0: PCI NE2000 found at 0x6000, IRQ 9, 00:40:05:E2:30:77.
Can someone help me to make my modem cable work?
(tired with my old 33kb modem;-))
thanx,
Olivier.
------------------------------
From: "Roger Helgesen" <[EMAIL PROTECTED]>
Subject: Slow networking !
Date: Wed, 17 Mar 1999 15:29:40 +0100
My network /or networking to a particular pc is slow as #�%.
Telnet sessions time out befor I get the login screen, POP/smtp time out.
Can anyone point me in a direction of the error, or point me in the
direction how to get more debug info.
could it be a IRQ crash ??
Hilsen
Roger Helgesen
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Iain O'Cain)
Subject: Re: route -n shows 2 eth0 cards
Date: 17 Mar 1999 17:24:32 -0700
Reply-To: [EMAIL PROTECTED]
Erik Hensema <[EMAIL PROTECTED]> wrote:
>Gianluca Romito wrote:
>
>>Hi the problem is in the subject... Is it a good thing or not? I can
>>ping all, the linux box is a SAMBA server on a small network. But when I
>>try to do a ipfwadm -F -p deny I get : "ipfwadm: setsockopt failed:
>>Invalid argument"... could it be because in route -n I have 2 eth0
>>showing cards?
>Maybe you've upgraded to kernel 2.2, this kernel automatically creates a route
>when an ethernet device is configured with ifconfig. When you still use your
>old initscripts, the route is set again by the scripts. ipfwadm also doesn't
>work anymore with kernel 2.2, use ipchains.
Interesting to know -- thanks!
Only now I've updated to the new initscripts and the other packages that
were suggested for a RedHat 5.2 system when updating to a 2.2 kernel, and
I still see two route entries. I'll have to hunt and see what's still
setting up the route after ifconfig already created one!
- Iain
------------------------------
From: Carles Arjona <[EMAIL PROTECTED]>
Subject: Re: Auditing on my mailboxes on my linux mailserver
Date: Mon, 15 Mar 1999 21:27:38 +0100
Abrie Jordaan <[EMAIL PROTECTED]> wrote:
>
> I need a program to record the the following information on my linux
> mailserver (normal linux box with pop and smtp functions)
>
> 1)The mailboxnames,
> 2)Next to the mailboxnames---, the size of each mailbox
> 3)The number of messages in each mailbox
#!/bin/sh
# mailcount: name, size (bytes) and number of messages in mailboxes
# by Carles Arjona
showrows()
{
echo "Mailbox Bytes Messages"
echo "------- ----- --------"
for a in /var/spool/mail/*
do
echo `basename $a` `du -b $a | cut -f1` \
`formail -x "From:" -s < $a | wc -l`
done
}
showrows | column -t
# end
> in a textfile
/mailcount > file.txt
Regards.
--
Carles Arjona [EMAIL PROTECTED]
-
Please, just remove the second NOSPAM for replies from newsgroups.
(Yes, NOSPAM is my real username)
[Don't send me e-mail copies of usenet postings, please]
------------------------------
From: Newsroom <[EMAIL PROTECTED]>
Subject: Re: FTP still doesn't work on ports other than 21
Date: Wed, 17 Mar 1999 18:48:15 -0500
Glen Dragon wrote:
> I can't seem to to get FTP to work thru my Masq server. I've scanned the
>
> newsproups extensivly. the only info i can get is to use the ip_masq_ftp
>
> module.. OF course I am using it.. I seems to load fine. no misc module
>
> errors.
Are you sure you did a make modules / make modules_install to be sure that the
copies of those modules that you are referencing are up to date? I've seen
that once before when a module from an earlier compile got installed without
being remade. What kernel options are you compiling into the kernel? (P.S.
This works VERY well under 2.0.34 and up - that's what I use, even though the
newer kernels are out. Try rolling back the kernel to an earlier version just
for fun - just don't use IPChains with the earlier kernel).
> I cann't connect with the win98 box to any FTP servers using any ports
> other than 21. Is there something dumb that i am missing.?? I know several
> other people with this problem with similar setups, but a couple of
> differnent kernels.
>
> Using the linux box work fine on any port.
>
Definitely something in the masquerading. Set your forwarding rules to accept
everything so you can rule that out as a potential problem.
> I have set up port forwarding for various things, a FTP server running on
> port 221 on my win98 box, port 6000 for Xwindow servers and etc.
> I'm running kernel 2.2.2 on a RH 5.2 system. SO using ipchains, all the
> basic masqureding rules are there. Everythign else seems to work fine.
> I would appreciate any help. I'm tired of having to do transfers from the
> box to the win98 machine.
>
> ------------------ Posted via SearchLinux ------------------
> http://www.searchlinux.com
------------------------------
From: "Wilson Lam" <[EMAIL PROTECTED]>
Subject: setting: how to send mail behind firewall
Date: 18 Mar 1999 01:05:40 GMT
Hi,
I am using redhat 5.2 (linux 2.0.36) and rinetd to setup a firewall
and ip port forward.
The email server is also a linux box in the private network.
The situation is that:
I can receive mail from the outside world.
I can send mail out to outside within the email server.
But I cannot send mail from a PC within the private network via
the email server. The mail returned with error from the destination
server:
======================
Delivery has failed on the enclosed message for the following
reasons reported either by the mail delivery system on the mail
relay host or by the local TCP/IP transport module:
551 <[EMAIL PROTECTED]>... we do not relay
======================
My /etc/rinetd.conf is:
0.0.0.0 25 192.168.1.8 25
0.0.0.0 80 192.168.1.8 80
Where 192.168.1.8 is the email server.
Is there anything that I am missing to set?
Any suggestion is much appreciated!
Wilson Lam
------------------------------
From: "Aaron Saikovski" <[EMAIL PROTECTED]>
Subject: LDAP/NDS for Linux??
Date: Thu, 18 Mar 1999 12:16:15 +1100
Is it possible to have NDS/LDAP for linux??
Is it a graphical ui of console based?
Thanks,
Aaron Saikovski
email: [EMAIL PROTECTED]
------------------------------
From: "Rob" <[EMAIL PROTECTED]>
Subject: Re: pppd died unexpectedly ???
Date: 17 Mar 1999 19:20:19 -0600
hallo wrote in message <[EMAIL PROTECTED]>...
>I use SuSe 6.0 with KDE 1.0 and I got a lot of trouble with kppp.
>After I get a connection to my provider (terminal authofication), kppp
>interrupts with the
>mesage "pppd died unexpectedly".
>- pppd is installed to the kernel 2.0.36
>-suseppp is installed and configured with yast
>
>Can anybody help me ??
>Thanks , Thomas
>
>
I had the same problem so I was to told to remark out the "lock" string on
the settings
file /etc/ppp/options.
This worked but i can not acces any sites. Kppp logs on ok but no
connections to any site
------------------------------
From: "Claus Meisel" <[EMAIL PROTECTED]>
Subject: ip_masqurade question
Date: Wed, 17 Mar 1999 17:24:00 -0800
Hi,
I just got Redhat 5.2 and now I am not quite sure what to do.
I ordered ADSL and I want to set this old Pentium machine up with RedHat and
ip_Masqurage so I can feed access into our little network.
Here is what I have so far:
4 Machines, running Win98 and 2 run NT and a 10Mbps Hub and 4 10 Mbps cards.
I also have cables in the wall, so everything is set up to be plugged in.
Oh, by the way, I hope 10Mbps is enough. Somebody suggested I should get a
100Mbps Hub and cards but my budget said no...
Now, what do I need to install ? RedHat Server ? I really only need it for
the Internet access but at one point I might add more services, like web
server and so on.
But, nobody here programs so I guess I don't need all the development tools,
right ?
And, how do I set up RedHat for ADSL ? I will get an assigned IP but how do
I set it up and how do I set up the other machines ?
And, will they be able to surf the net ? How do I make sure that when they
telnet somewhere or browse somewhere, it recognizes the name and not only
the number ?
Example, I set up RedHat before and it never recognized, when I was online
(used RedHat 4.0 ) what autobahn.org is. It did recognize 206.79.223.12,
which is autobahn.
Thanks so much for your help.
Claus Meisel
p.s. please e-mail me answers.
------------------------------
From: [EMAIL PROTECTED] (Don Heffernan)
Subject: Re: IP Forwarding via Command Prompt
Date: Thu, 18 Mar 1999 02:07:42 GMT
On Wed, 17 Mar 1999 15:08:23 +0800, "��d�W" <[EMAIL PROTECTED]>
wrote:
>I got the same IP Forwarding problem, too !!!
>Here is the detail:
>
>+-----------------------------------------------------------------------+
> | Linux Box
>|
> | with 2 NICs
>|
>+------------------------------+-------+-------------------------------+
> | eth0 | | eth1
>|
> | 10.131.12.50 | | 192.168.0.1 |
>+---------------+--------------+ +----------------+--------------+
> | |
> | |
>+---------------+--------------+ +----------------+--------------+
> | Internet | | CWin98 Client
>|
>+------------------------------+ | --------------------------- |
> | with gateway
>|
> | = 192.168.0.1
>|
>
>+---------------+---------------+
>
>
>I want to let my CWin98 client connect to internet through Linux Box.
>So, I set the gateway of the CWin98 client as eth1(192.168.0.1).
>
>"IPv4 forward" is enabled in the Linux Box.
>
>When I use browser to view Homepage, it appear as "Test Page for Red Hat
>Linux's Apache Installation".
>The HTML content is as following:
>
>
>##It Worked!
>##If you can see this, it means that the installation of the Apache software
>on this Red Hat Linux system was successful. You may now add content to this
>directory and replace this page.
>##--------------------------------------------------------------------------
>------
>##If you are seeing this instead of the content you expected, please contact
>the administrator of the site involved. If you send mail about this to the
>authors of the Apache software or Red Hat Software, who almost certainly
>have nothing to do with this site, your message will be ignored.
>##--------------------------------------------------------------------------
>------
>##The Apache documentation has been included with this distribution.
>##For documentation and information on Red Hat Linux, please visit the web
>site of Red Hat Software. The manual for Red Hat Linux is available here.
>##You are free to use the image below on an Apache-powered web server.
>Thanks for using Apache!
>##You are free to use the image below on a Red Hat Linux-powered web server.
>Thanks for using Red Hat Linux!
>
>
>Besides, I canNOT ping IP of those machine in the internet.
>Would anyone has got idea of what else I need to do ?
>Please offer your help !!!
>Thank you
>
>
>
You are seeing the default Web page for the Apache server running on
your Linux box. If you can't get on out to the Internet you may not
have declared a default gateway for the Linux box itself. 192.168.0.1
is the correct gateway for your Win98 machine but you need to make
sure the Linux default gateway points to your your ISP's gateway.
Also, you need to make sure that you enter the appropriate DNS address
(ISP's DNS) in The WIN98 networking config. If all else fails try
switching to 192.168.1.1 for Linux and 192.168.1.2 for Win98. Don't
forget to reboot.
------------------------------
From: [EMAIL PROTECTED]
Subject: Broadcast through IP-IP tunnel - help!
Date: Thu, 18 Mar 1999 02:02:58 GMT
I have two Linux boxen to connect two groups of PCs across an
intervening LAN/WAN. IP tunnelling works fine between the two
nets - EXCEPT for the one thing I need, which is for UDP packets
sent to 255.255.255.255 to appear on both sides of the tunnel.
I know, I know, but the application we're stuck with used LOTS of
UDP packets to 255.255.255.255 to communicate between workstations.
I didn't write the brain-damaged thing, I'm just stuck with making
it work. Here's a somewhat simplified diagram of the setup:
LAN1 10.42.2.131 10.75.78.221 LAN2
==============| eth0 eth0 |==============
10.42.250.0/24|----GW1---------//-----------GW2----|10.75.250.0/24
==============|eth1 eth1|==============
10.42.250.1 10.75.250.1
Hosts on LAN1 and LAN2 can communicate. I need broadcasts sent to
255.255.255.255 from LAN1 to show up on LAN2 and vice versa. Originally
packets sent to 255.255.255.255 went NOWHERE past the gateways, no matter
what I did. I had to hack net/ipv4/route.c in the kernel source to remove
the lines that prevent any broadcast packets from being forwarded (look at
line 1519 or so). Now the kernel will forward broadcasts.
I entered host routes for 255.255.255.255 on both sides, so the routing
tables look like so:
on GW1:
Destination Gateway Genmask Flags Metric Iface
255.255.255.255 * 255.255.255.255 UH 0 tunl0
10.42.2.0 * 255.255.255.0 U 0 eth0
10.42.250.0 * 255.255.255.0 U 0 eth1
10.75.250.0 * 255.255.255.0 UG 0 tunl0
127.0.0.0 * 255.0.0.0 U 0 lo
0.0.0.0 10.42.2.31 0.0.0.0 UG 0 eth0
(GW2 looks the same but reversed, and of course the default route is
different).
If I ping 255.255.255.255 from anywhere, I get an answer from the opposite
gateway - i.e., if I ping from LAN1 I get an answer from the eth0 address
on GW2, ping from LAN2 gets an answer from GW1. If I add the host route
with no gw and dev tunl0, pings to 255.255.255.255 result in an error
message in syslog "kernel: tunl0: Packet with no target gateway!". Any
other way I've tried results in no ping reply at all, and none of the
things I've tried gets me where I need to be - seeing packets sent to
255.255.255.255 from LAN1 appear on LAN2 and vice versa.
Bright ideas, anyone? Is there something I missed?
Dale
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
