Linux-Networking Digest #565, Volume #10 Fri, 19 Mar 99 23:13:34 EST
Contents:
Re: ISP<->Wingate(WIN NT)<->Linux (John McKee)
ppp-on connect script failed by "Ambiguous redirect" ?? ("Oo.et.oO")
Re: For all you Nicrosoft lovers ("Richard Van Fossan")
Re: What is the best Linux to install? (David Corn)
Re: SAMBA: Enrypted Passwords (Iain O'Cain)
Re: Linux server and multipile POP3 accounts (Hartmann Schaffer)
Re: For all you Nicrosoft lovers (PJ)
Re: Firewall And DNS ("Joseph Santaniello")
Re: Linux server and multipile POP3 accounts (Hartmann Schaffer)
Re: For all you Nicrosoft lovers (**Nick Brown)
Re: The truth about the Pentium III chip and ID --- **boycott info** (Tim Roberts)
hooking linux box up to company LAN: opinions??? (peter hatch)
IPIP tunnels ("Siprian Rodrigues")
Re: Printing to Laserjet fails only on large jobs (Michael J Surette)
do_ypcall: clnt_call: RPC: Unable to receive; errno = Connection (#PARIMAL ASWANI#)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (John McKee)
Subject: Re: ISP<->Wingate(WIN NT)<->Linux
Reply-To: [EMAIL PROTECTED]
Date: Sat, 20 Mar 1999 01:43:33 GMT
I've tried Wingate, and found it not worth the bother. Get Sygate (www.sygage.com)
which adds
router functionality to the NT box. All you have to do in Linux is specify the NT
box as the
gateway. No need to configur each app like with Wingate.
HTH,
On Fri, 19 Mar 1999 18:14:48 GMT, Tom Neilson <[EMAIL PROTECTED]> wrote:
>Jorge Nagasaki <[EMAIL PROTECTED]> wrote:
>: Anyone have successfully make wingate work with Linux?
>: I m trying to access a internet ISP from LINUX machine connected
>: to a Windows NT machine (with Wingate) and this windows NT
>: connected to ISP via dial up , and it fails.
>: from windows NT everything is fine. Looks like I could not
>: get the wingate proxy server working.
>: Also wingate support gives me configuration information for Windows NT
>: in both machines, looks like they don't klnow about linux.
>: I appreciate any suggestion.
>
>Well now. Linux through the eye of a needle eh? Trying to connect to IBM
>Global Services account - or you're apart of it - ISM ?
>
>Hum ...
>
>To start with, Wingate is a Proxy server period. Did you set your policies
>on the Wingate server correctly? Are you using socksified apps like Netscape
>on your Linux box?
>
>Can you elaborate?
John McKee
[EMAIL PROTECTED]
------------------------------
From: "Oo.et.oO" <[EMAIL PROTECTED]>
Subject: ppp-on connect script failed by "Ambiguous redirect" ??
Date: Fri, 19 Mar 1999 17:53:57 -0500
Hello-
I have been struggling with this on and off for a few months now. I
can connect fine via minicom, and also via Redhat's Netcfg app.
in /var/log/messages I get:
Mar 19 17:05:56 byzantine kernel: CSLIP: code copyright 1989 Regents of
the University of California
Mar 19 17:05:56 byzantine kernel: PPP: version 2.3.3 (demand dialing)
Mar 19 17:05:56 byzantine kernel: PPP line discipline registered.
Mar 19 17:05:56 byzantine kernel: registered device ppp0
Mar 19 17:05:56 byzantine pppd[18422]: pppd 2.3.5 started by eric, uid
500
Mar 19 17:05:57 byzantine pppd[18422]: Connect script failed
Mar 19 17:05:58 byzantine pppd[18422]: Exit.
Mar 19 17:07:23 byzantine kernel: PPP: ppp line discipline successfully
unregistered
in my debug log I get:
/etc/ppp/ppp-on-dialer: : Ambiguous redirect
here is my ppp-on:
#!/bin/sh
# These are the parameters. Change as needed.
TELEPHONE=2713800 # The telephone number for the connection
ACCOUNT=name # The account name for logon (as in 'George Burns')
PASSWORD=password # The password for this account (and 'Gracie
Allen')
LOCAL_IP=0.0.0.0 # Local IP address if known. Dynamic = 0.0.0.0
REMOTE_IP=0.0.0.0 # Remote IP address if desired. Normally 0.0.0.0
NETMASK=255.255.255.0 # The proper netmask if needed
#
# Export them so that they will be available at 'ppp-on-dialer' time.
export TELEPHONE ACCOUNT PASSWORD
echo $TELEPHONE
and ppp-on-dialer:
#!/bin/sh
#
echo "in ppp-on-dialer"
/usr/sbin/chat -v \
TIMEOUT 3 \
ABORT '\nBUSY\r' \
ABORT '\nNO ANSWER\r' \
ABORT '\nRINGING\r\n\r\nRINGING\r' \
'' ATZ \
'OK-+++\c-OK' ATH0 \
TIMEOUT 30 \
OK ATDT$TELEPHONE \
CONNECT '^M' \
name> $ACCOUNT \
assword> $PASSWORD \
'OK>' 'set port ppp enable^M'
pppd is suid root. but that doesn't matter since I get the same errors
when I run as root. note that it doesn't seem to get anywhere in the
ppp-on-dialer
there is no sign of chat in /var/log/messages and the echo on the first
line never comes out.
but the log says "Ambiguous redirect"
any help would be greatly appreciated.
BTW the serial ports are running as modules but never get taken out of
mem since I have a UPS connected to ttyS0.
ppp is also a module but it starts/exits fine as shown in
/var/log/messages.
thanks-
eric
------------------------------
From: "Richard Van Fossan" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: For all you Nicrosoft lovers
Date: Fri, 19 Mar 1999 13:50:43 -0800
mike wrote in message <7cubbq$8sm$[EMAIL PROTECTED]>...
>My rental building complex wants to save money and not fix
>the intercom and door buzzer. They want to hijack all the
>phone lines in the building and run them through
>a general intercom-buzzer system. When some one rings I will
>be bounced off line. Who knows what else they can decide
>to do with those lines.
> Do people have any rights of privacy any more.!
> I heard that police agencies can follow a suspect until
>they somehow leave a trace of their DNA and take it. Like
>a glass or plate or knife or fork in a restaurant or a hair.
>or from a napkin or tissue. What if you happen to
>throw some gum in a public garbage can or spit. Soon you
>whole genetic info like health prognosis is open to anyone
>like prespective employers .......
> Where will it all end???
> Mike
You need to contact the FCC and your state Utilities commission to find out
if the apartment management has a legal right to make use of the telephone
lines you lease and pay for. You might also alert the phone company--they
are very sensitive about every Tom, Dick, and Hairy Knuckles attaching
devices willy-nilly to the phone lines.
As I understand it, the police need to have probable cause to follow you,
and, in the US, need to establish an evidentiary trail. But, no, generally,
you don't have a right to privacy for anything you discard in a public
place.
Rich
------------------------------
From: David Corn <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,comp.os.linux,comp.os.linux.misc,comp.os.linux.setup,comp.os.linux.redhat,alt.os.linux.slackware
Subject: Re: What is the best Linux to install?
Date: Sat, 20 Mar 1999 02:11:03 +0000
George Csahanin wrote:
>
> I've tried REDHAT and Slackware, and while setup of a "pretty" Linux system
> is the goal of Redhat, try compiling a new kernel. You can't, even if you
> tell it in the install to load all of what you think you need. They seem to
> want you to use a "stock" kernel, kinda like the blue sky and white clouds
> people. Do it their way. The system setup stuff in /etc/rc.d is a laugh. Try
> to customize anything, it's tough, get ready to spend time with grep looking
> for where stuff is.
I am absolutely a newbie at this Linux thing (I've had it going for 6
days now!) but I managed to upgrade from 2.0.36 (mandrake 5.3) to 2.2.3
without any problems save a printer that quit working (fixed now -
thanks - I know what happened.) I even got full sound in the bargain.
DC
------------------------------
From: [EMAIL PROTECTED] (Iain O'Cain)
Subject: Re: SAMBA: Enrypted Passwords
Date: 19 Mar 1999 16:15:33 -0700
Reply-To: [EMAIL PROTECTED]
Go to comp.protocols.smb or linux.samba and ask your question again.
You might also want to provide more details in order to get a useful
answer.
It certainly can work, tho'...
- Iain
------------------------------
From: [EMAIL PROTECTED] (Hartmann Schaffer)
Subject: Re: Linux server and multipile POP3 accounts
Date: Fri, 19 Mar 1999 23:27:30 GMT
In article <7ct4ih$f03$[EMAIL PROTECTED]>,
Iztok Polanic <[EMAIL PROTECTED]> writes:
> ...
>> Nope, but why are you so worried about what root can do?
>>
>>
> Hello !!!
>
> Why shouldn't I be? For Example:
>
> we are running local linux server and we want to use fetchmail to download our
> mail. Every user will type in .fetchmailrc his password. Then root can just
> browse to his/hers' directory and see the password.
That is the user's password on the pop (or imap) server which need not be
the same as on your machine.
Btw, you can set up a fetchmail process as root so that it pulls in the
email for all your users, and yes, fetchmail (at least the last time I
checked out the documentation, i.e. with the version I am running
currently) supports password encryption: check out the varios connection
types: (pop, apop, kpop, etc).
> Fetchpop (another version of retrieving POP3 mail) has an option so that it
> can encrypt your password and nobody can see it. I think that would be a very
> good feature to fetchmail also. I don't want a superb encryption but a simple
> one so a normal user couldn't see the password.
Well, the problem is that it is not up to fetchmail to decide whether to
use encrypted or clear text passwords. That decision is made by the server
fetchmail connects to, and fetchmail can't do much more than go along with
the server's decision.
Hartmsnn Schaffer
schaffer AT netcom DOT ca
------------------------------
From: [EMAIL PROTECTED] (PJ)
Crossposted-To: alt.os.linux,comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: For all you Nicrosoft lovers
Date: 20 Mar 1999 02:49:51 GMT
In article <7ct0m9$iap$[EMAIL PROTECTED]>, doole wrote:
>My own attitude is that if you really want to look into my underwear
>drawer, go ahead, it's your own tough luck. Personally, I can't see
>how 'privacy' has improved my life in any way. I try not to do things
>in private that I would be ashamed to do in public. (Except for the
>obvious stuff, like sex and other biological functions, which OUGHTN'T
>to be done in public. But I would hope enough common sense will
>prevail to exclude those things from the discussion.)
Sez you...sex in public is the best!!! hehehe :>
PJ
------------------------------
From: "Joseph Santaniello" <[EMAIL PROTECTED]>
Subject: Re: Firewall And DNS
Date: Sat, 20 Mar 1999 00:27:46 +0100
> > Lets suppose we have a firewall on a machine running a nameserver.
> > We should noramly ALLOW all incoming connection from port 53
> > allow udp from 0.0.0.0/0 53 to localip
> > allow tcp from 0.0.0.0/0 53 to locallip
> > Right?
> >
> > Well isn't that a security whole, since someone can connect to any port
> > on our machine
> > if he uses the 53 port of his machine?
>
My firewall uses a different notation, but it looks like any ip address
(0.0.0.0) can connect from any port (/0) to port 53 on your machine. Not
that if they use 53 they can do whatever. You also can disable tcp to 53
because DNS reverts back to udp if tcp doesn't work. (I think...) If you
really want to button things up, set-up a machine outside the firewall
wchich the world sees and uses for dns which is a secondary to the real
machine inside and set up:
allow udp 123.123.123.123/0 53 to localip
where 123... is the external machines ip.
Joe
------------------------------
From: [EMAIL PROTECTED] (Hartmann Schaffer)
Subject: Re: Linux server and multipile POP3 accounts
Date: Fri, 19 Mar 1999 23:31:05 GMT
In article <7ct4ih$f03$[EMAIL PROTECTED]>,
Iztok Polanic <[EMAIL PROTECTED]> writes:
> ...
> mail. Every user will type in .fetchmailrc his password. Then root can just
> browse to his/hers' directory and see the password.
>
> Fetchpop (another version of retrieving POP3 mail) has an option so that it
> can encrypt your password and nobody can see it. I think that would be a very
> good feature to fetchmail also. I don't want a superb encryption but a simple
> one so a normal user couldn't see the password.
Don't forget that fetchmail insists that the fetchmailrc file is only
readable by the owner (i.e.requires mode 0600) which makes it not exactly
easy for anybody else to read the file.
Hartmann Schaffer
schaffer AT netcom DOT ca
------------------------------
From: **Nick Brown <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: For all you Nicrosoft lovers
Date: 19 Mar 1999 22:55:28 GMT
Reply-To: [EMAIL PROTECTED]
I've been following this topic with perhaps more interest than it
deserves (in this forum, anyway).
One for you, JR:
Suppose your local government (wherever you live) is having a big push
against "online drug peddling" or "Internet child pornography" or
"cyber-terrorism". Most are, after all. And say someone, just for a
joke, goes to a public cybercafe, sets up a Hotmail account with _your_
name, and mails themselves a kiddie porn pic, or a "how to make bombs"
manual, and then calls the police. Just because they don't like you.
Hey, it could even be someone you've been exchanging views with in this
newsgroup :-). Oh, and they copy your local paper too.
Now, the police are going to have NO trouble at all getting a warrant to
go through EVERY single file on your PC. They will have "experts" who
will want you to show them EVERY single file. And while you do that...
they will sit there. And they might just be impassionate observers...
or they might behave like the average 95-IQ white male, and make kind of
crude remarks about every file on your system. Certainly about every
scanned pic of your wife on vacation. And even if nothing worse comes
of it - even if the local paper don't say "Police called at the home of
an XX year old local resident in XYZ street, who we can't name, although
his neighbours know damn well who he is because they saw the squad cars
outside" - you will feel pretty shitty about the whole experience.
--
===============================================================
Nick Brown, Strasbourg, France (Nick(dot)Brown(at)coe(dot)fr)
Protect yourself against Word 95/97 viruses, free - check out
http://www.geocities.com/NapaValley/Vineyard/1446/atlas-t.html
===============================================================
------------------------------
From: [EMAIL PROTECTED] (Tim Roberts)
Crossposted-To: comp.lang.perl.misc,comp.mail.sendmail,comp.os.ms-windows.advocacy
Subject: Re: The truth about the Pentium III chip and ID --- **boycott info**
Date: Fri, 19 Mar 1999 23:49:25 GMT
(Note: I have removed comp.lang.tcl and comp.lang.python from the crosspost
list because of legitimate complaints from their denizens.)
[EMAIL PROTECTED] wrote:
>On Wed, 17 Mar 1999 10:20:04 -0700, "Michael Barnes"
><[EMAIL PROTECTED]> wrote:
>>Every MODEM has a MAC address also...so your friends pc is nicless, but not
>>macless
>
>true. but. MAC addresses on your modem go no further than your isp.
>in fact, your isp doesn't even use your modems mac address because you
>are assigned an ip addres that already has the mac address of the
>modem you connected to so yours never goes out into the net.
You say "true", but I think you are mistaken. What makes you think modems
have MAC addresses? When I dial my ISP, there isn't any specific
identification of my specific modem. There isn't any need for it: it is a
point-to-point connection. The other end knows how to address me because I
am the only device on the other end of the connection.
A MAC address is an Ethernet thing: it represents addressing on the
physical layer of Ethernet. It is not part of TCP, nor IP, nor PPP. It is
only needed on a device communicating over Ethernet (or an Ethernet
derivative). Modems do not do so, and thus do not have MAC addresses.
>your network also has a mac address.
No. Your network ADAPTER has a MAC address. Your network ROUTER has a MAC
address. Not your network.
--
- Tim Roberts, [EMAIL PROTECTED]
Providenza & Boekelheide, Inc.
------------------------------
From: peter hatch <[EMAIL PROTECTED]>
Subject: hooking linux box up to company LAN: opinions???
Date: Fri, 19 Mar 1999 17:59:47 -0600
I'm looking for some opinions about this. Here's the situation:
What I have:
I work remotely (me: Illinois, company: California) and I need to be
able to access nfs mounts that are served on a private network (10.x.x.x
adresses). Currently, I have an NT box set up to connect to a PPTP
server that is set up at the company. I hate it. First, it's really
slow. Second, it seems to make NT crash about once a day. Third, I do
all of my work on linux machines, so communicating with the remote
filesystems is a drag since I have to do the file transfers manually on
the NT box.
What I want:
I want to be able to just connect and mount those nfs shares. Also,
there are servers on the private network that I need to be able to
access. Ideally, I could use some mechanism that would give my linux
boxes 2 network devices (eth0 and something else) so that I could
participate in the company's private network. I've looked at
pptp-linux, but i can't figure it out (neither can our sysadmin).
any suggestions? It seems to me that something like this should be
rather simple to set up. If changes are required to the company's
firewall, that's ok (as long as security is maintained).
All/Any help *very* welcome!
Thanks!
pete
------------------------------
From: "Siprian Rodrigues" <[EMAIL PROTECTED]>
Subject: IPIP tunnels
Date: 20 Mar 1999 02:46:52 GMT
I am trying to set up IP tunnels between 2 subnets using
kernel release 2.2.1, without any patches. I didn't have any
success so far. I am not using ppp.
For some reason the proxy arp does not
seem to work in my configuration. Even after I add the
arp entry for the remote host, subsequent arp requests for
that IP address does not get any reply.
Can anyone give me any pointers such as a sample set up
file?
2. How do add more tunnel devices dynamically?
Thanks
Siprian
------------------------------
From: Michael J Surette <[EMAIL PROTECTED]>
Subject: Re: Printing to Laserjet fails only on large jobs
Date: Fri, 19 Mar 1999 22:24:44 -0500
Have you (in desparation) tried lpr -s ???? I seem to recall a similar
probem a few years ago...
before I switched to LPRng.
[EMAIL PROTECTED] wrote:
> I am having problems printing large jobs from a vanilla RedHat 5.2 box
> to a Laserjet 4si (using its JetDirect MIO card) via ip. Hold on to
> your seat, this isn't as straightforward as it sounds at first ...
>
> A 400+ page report is generated vi Universe on HPUX 10.20. This report
> is pretty much plain text, just very large. The report prints
> correctly if I print from HPUX directly to the printer via IP (not
> using JetDirect software). However, if I redirect the print job to a
> queue on the RedHat box, the printer spits out 20-30 pages and gives
> an error: "80 SERVICE 001F", then promptly dies. A power cycle is
> needed to get the printer working again.
>
> Printing from HPUX through the Linux queue works fine on all jobs
> except the big one - the smaller ones are anywhere between 1-20 pages.
> The Linux box has sufficient resources - it's ONLY used for print
> spooling, has 128MB RAM and 4GB dedicated to /var/spool/lpd ...
>
> The ONLY difference in printer definitions on the HPUX box is the
> destination IP address and queue name (direct: printer_ip & raw;
> linux: linux_ip & queuename). This anomaly shows up whether the linux
> queue is using the laserjet filter or none at all. The printcap entry
> on linux looks like:
>
> pr0_manual:\
> :sd=/var/spool/lpd/pr0_manual:\
> :mx#0:\
> :sh:\
> :rm=pr0:\
> :rp=raw:
>
> (pr0 is listed in the /etc/hosts file)
>
> The inability to print this report correctly is causing several people
> to lose hair. It's being generated at one of the larger local
> hospitals. I'd greatly appreciate any help you can offer me in this
> matter. Thanks!
>
> [EMAIL PROTECTED]
------------------------------
From: #PARIMAL ASWANI# <[EMAIL PROTECTED]>
Subject: do_ypcall: clnt_call: RPC: Unable to receive; errno = Connection
Date: Sat, 20 Mar 1999 10:32:33 +0800
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
======_=_NextPart_001_01BE7279.E8DC85BD
Content-Type: text/plain
Hi!
I get this message on my NIS server many times (when I login, do a
finger, do a login etc etc, though it doesn't cause any problem it is
irritating). I don't understand what this problem is and how do I get
rid of it. I don't get these message on the NIS clients.
Can anyone help??
===================================Error
Message------------------------------------------------
do_ypcall: clnt_call: RPC: Unable to receive; errno = Connection refused
do_ypcall: clnt_call: RPC: Unable to receive; errno = Connection refused
do_ypcall: clnt_call: RPC: Unable to receive; errno = Connection refused
do_ypcall: clnt_call: RPC: Unable to receive; errno = Connection refused
do_ypcall: clnt_call: RPC: Unable to receive; errno = Connection refused
Thanx in advance,
Parimal
======_=_NextPart_001_01BE7279.E8DC85BD
Content-Type: text/html
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3DUS-ASCII">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2232.0">
<TITLE>do_ypcall: clnt_call: RPC: Unable to receive; errno =3D =
Connection refused</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=3D2 FACE=3D"Arial">Hi!</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">I get this message on my NIS server =
many times (when I login, do a finger, do a login etc etc, though it =
doesn't cause any problem it is irritating). I don't understand what =
this problem is and how do I get rid of it. I don't get these message =
on the NIS clients.</FONT></P>
<P><FONT SIZE=3D2 FACE=3D"Arial">Can anyone help??</FONT>
<BR><FONT SIZE=3D2 =
FACE=3D"Arial">-----------------------------------Error =
Message------------------------------------------------</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">do_ypcall: clnt_call: RPC: Unable to =
receive; errno =3D Connection refused</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">do_ypcall: clnt_call: RPC: Unable to =
receive; errno =3D Connection refused</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">do_ypcall: clnt_call: RPC: Unable to =
receive; errno =3D Connection refused</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">do_ypcall: clnt_call: RPC: Unable to =
receive; errno =3D Connection refused</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">do_ypcall: clnt_call: RPC: Unable to =
receive; errno =3D Connection refused</FONT>
</P>
<P><FONT SIZE=3D2 FACE=3D"Arial">Thanx in advance,</FONT>
<BR><FONT SIZE=3D2 FACE=3D"Arial">Parimal</FONT>
</P>
</BODY>
</HTML>
======_=_NextPart_001_01BE7279.E8DC85BD==
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
