Linux-Networking Digest #876, Volume #10 Fri, 16 Apr 99 00:13:38 EDT
Contents:
Firewall and Redhat 5.2 (Chris McGarry)
Re: obtaining and IP address ("Jeffrey A. Bell")
Re: Samba Help Needed! (Kevin Martin)
Re: Performance comparison of nt vs linux (Don Baccus)
Re: IP masquerading ([EMAIL PROTECTED])
Re: IP masquerading (Lew Pitcher)
motorola modemSurfr ("Jacek Burghardt")
Re: Duplicate entries in the routing table (kernel 2.2.4) (Clifford Kite)
Re: Help with broken PPP? (Clifford Kite)
It works! (razoon)
Re: netcart not detected - no dhcp ("--==[bolMyn]==--")
SMC 1660T (Dave Masser)
Re: more PPP probs: server assigns ip 0.0.0.0 (Clifford Kite)
Setting AppleShare passwords ("bob cent")
Re: IP Masquerading Help Required (Garin Hiebert)
Re: How to clear a hung port ("J. S. Jensen")
HELP: With Writing NFS Client
Re: TTY Setting (Peter Pointner)
Re: Duplicate entries in the routing table (kernel 2.2.4) ("Doug Rohrer")
module or compile in kernel? ("David Murray")
Re: what is listening to a port ("Doug Rohrer")
Re: FTP server & chroot (Jeff Brubaker)
ftp:Illegal PORT Command (Somsak Limavongphanee)
----------------------------------------------------------------------------
From: Chris McGarry <[EMAIL PROTECTED]>
Subject: Firewall and Redhat 5.2
Date: Thu, 15 Apr 1999 12:47:50 -0700
I am new to Linux but have set up a 486 dx2 66 with 32megs with two
nics. One nic connected to ADSL (static ip on internet), the other my
lan. I set up the Linux box with IP Masquerading by enabling ip
forwarding and two commands "ipfwadm -F -p deny" and "ipfwadm -F -a m -S
192.168.57.2/32 -D 0.0.0.0/0" Everything is working great but I believe
I need to setup some sort of firewall. Is this true? I would like (of
coarse) to make my lan as secure as possible. Can someone point me in
the right direction?
Thank you for your time,
Chris
------------------------------
From: "Jeffrey A. Bell" <[EMAIL PROTECTED]>
Subject: Re: obtaining and IP address
Date: Thu, 15 Apr 1999 21:44:24 -0600
"Jeffrey A. Bell" wrote:
>
> Chad Eddings wrote:
> >
> > I have the MAC address of a device on my network. I do not know the IP
> > address assigned to it. How can I query the device for its IP address
> > using it's MAC address?
> >
> > TIA
> > Chad Eddings
>
> I came across your post and I remembered seeing something in a book that
> I was recently studing, TCP/IP
> I remember seeing something about ARP, Address Resolution Protocol, I
> believe it might be something that would help you out in your question.
> I presently don't have my home network (2 computers) hooked up yet so I
> can't verify the info I supplied to you.
> Try reading "man arv' or issue the command "arp HOSTNAME" where hosy
> name is your machine you are trying to figure out.
>
> I hope this will help you out.
>
> Or you could look at /etc/hosts if you had previously set up your
> machine.
>
> good luck.
>
I just re-scanned my previous post after having sent it and seen I made
a typo, I meant to say read 'man arp" not "man arv"
--
Jeffrey A. Bell
=========================================================================
Research is what I'm doing when I don't know what I'm doing.
-- Wernher von Braun --
------------------------------
From: [EMAIL PROTECTED] (Kevin Martin)
Subject: Re: Samba Help Needed!
Date: Fri, 16 Apr 1999 01:50:20 GMT
In article <6jvR2.3950$[EMAIL PROTECTED]>, it says Milenko
<[EMAIL PROTECTED]> wrote:
>
>Hello im trying to setup Samba to share a /dos directory and a /files
>directory of my linux box so i can access these directories under Widnows
>systems, ive not yet had any luck i was told to read the samba.conf man
>page but it was very detailed and didnt really point me into the right
>direction..
Then try reading the samba.conf file itself -- it is full of comments.
------------------------------
Subject: Re: Performance comparison of nt vs linux
From: [EMAIL PROTECTED] (Don Baccus)
Date: 15 Apr 1999 17:38:53 PST
In article <qreR2.218$[EMAIL PROTECTED]>,
Eugene <[EMAIL PROTECTED]> wrote:
>correction: the test system had 1 gig of RAM in it. Both Linux and NT can
>use up to 2 gigs. They screwed up Linux configuration though.
Sorry, I looked at the hardware configuration, which has
four gb, and didn't read on through to the part where they
limited NT to one the use of one gig.
--
- Don Baccus, Portland OR <[EMAIL PROTECTED]>
Nature photos, on-line guides, at http://donb.photo.net
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.os2.networking.tcp-ip,comp.os.os2.networking.misc
Subject: Re: IP masquerading
Date: 16 Apr 1999 01:51:14 GMT
Reply-To: [EMAIL PROTECTED] (Wonkoo Kim)
In <7f5nps$p12$[EMAIL PROTECTED]>, [EMAIL PROTECTED] writes:
>The users info about ftp in tcpcfg.exe security page comes from
>TRUSERS file. If I edit TRUSERS file, the ftp security info page of
>tcpcfg.exe is updated accordingly. So they're essentially the same.
>Any other tips on why I can't ftp to OS/2?
I solved the OS/2 ftp password problem. The problem was due to TAB
chars, which were used as delimiters between parameters of user id and
password in my TRUSERS file, but they should be just ascii space
chars.
Thanks.
//--------------------------------------------------------------------
// Wonkoo Kim ([EMAIL PROTECTED])
------------------------------
From: [EMAIL PROTECTED] (Lew Pitcher)
Crossposted-To: comp.os.os2.networking.tcp-ip,comp.os.os2.networking.misc
Subject: Re: IP masquerading
Reply-To: [EMAIL PROTECTED]
Date: Thu, 15 Apr 1999 19:43:43 GMT
On 15 Apr 1999 19:22:32 GMT, [EMAIL PROTECTED] wrote:
>In <[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Richard Steiner) writes:
>>I could send you my own set of rules in a few days -- right now I have
>>the monitor on my second IntelliStation (still doing some initial OS
>>installation stuff), and I won't have time to get it back to the 486
>>until sometime Friday or Saturday.
>
>I'm very grateful if you send your files.
>I think I missed something.
>
>>>Oh, one more question: Why do I fail ftp login to OS/2 machine,
>>>while I can telnet to OS/2? (OS/2 Warp 4) I have invalid password
>>>error from ftp login. I thought password should be the same between
>>>telnet and ftp logins. What did I miss?
>>
>>OS/2's FTP server uses this file:
>>
>> X:\MPTN\ETC\TRUSERS (where X: is your boot drive letter)
>>
>>to control FTP logins and access. See the "TCP/IP Readme" file that
>>comes in Warp 4 as X:\TCPIP\HELP\README.INF for information about the
>>syntax.
>>
>>Here is the example from the TCP/IP Readme (the userid in the example
>>is "test" and the password is "info"):
>>
>>user: test info
>>rd: e:\public f:\socks g:\mail
>>wr: d:\newinfo
>>default: e:\public
>
>I already created "mptn\etc\trusers" file similarly, but it didn't
>work. I could telnet to OS/2 machine, but not ftp due to invalid
>password. I couldn't find a password setting for ftp elsewhere but
>only in trusers file. :-(
If you start up the TCP/IP configuration program (TCPCFG.EXE), there's
a panel (under the SECURITY tab, I believe) that lets you specify the
FTP users, their passwords, and (IIRC) what directories they can
access. It's a seperate component from Telnet, and the FTP info isn't
stored in the TRUSERS file.
Lew Pitcher
System Consultant, Development Services
Toronto Dominion Bank
(Opinions expressed are my own, not my employers')
------------------------------
From: "Jacek Burghardt" <[EMAIL PROTECTED]>
Subject: motorola modemSurfr
Date: Thu, 15 Apr 1999 19:25:50 -0600
I have external modem motorola modemSURFR and I can use it with minicom but
I can't get it working with ppp and diald please help me set it up
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: Duplicate entries in the routing table (kernel 2.2.4)
Date: 15 Apr 1999 16:10:48 -0500
Fredrik Persson ([EMAIL PROTECTED]) wrote:
: I've just updated to kernel 2.2.4 and this weird thing happends.
: I boot, my ethernet card comes to life as smooth as it gets. But it makes
: duplicate entries in the routing table? Why? Everything works fine, but this
: thing bothers me.
The 2.2.x series automatically configures some routing on it's own. Maybe
you have a network route configured in a networking boot-up file.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* I gave up on politics when no matter who I voted for, I regretted it.
* -- Pepper...and Salt, WSJ */
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: Help with broken PPP?
Date: 15 Apr 1999 16:19:22 -0500
Jerry Quinn ([EMAIL PROTECTED]) wrote:
: >> "Jerry" == Jerry Quinn <[EMAIL PROTECTED]> writes:
: Jerry> My 2.2.1 system (Powercenter 120) was happily doing SecureID CHAP ppp
: Jerry> logins until last weekend. Something changed and now I can't get a
: Jerry> login started at all. I've been through the FAQ, ppp README, and
: Jerry> Network admin guide and can't figure out what's wrong.
: Jerry> My ppp startup script is an expect script that handles the terminal
: Jerry> interaction and then invokes pppd. During the expect script,
: Jerry> everything goes fine -- I enter my userid and secure card number and
: Jerry> it gets verified and pppd is started. Then it appears that pppd just
: Jerry> hangs.
: Jerry> Adding debug and kdebug 25 to the options file doesn't help. I get no
: Jerry> output other than pppd started in the syslog output. If I kill the
: Jerry> process, the logfile shows that pppd was terminated.
The log files for messages may differ from those above for your Linux
distribution. The messages are distributed by syslogd according to
the configuration of /etc/syslog.conf, so check this file to find where
messages are actually sent. Mine is
# /etc/syslog.conf
# For info about the format of this file, see "man syslog.conf"
#
# NOTE: YOU HAVE TO USE TABS HERE - NOT SPACES.
# (Tabs may or may not be needed. The message above is old.)
#
*.=info;*.=notice /usr/log/messages
*.=debug /usr/log/debug
*.warn /usr/log/syslog
local2.* /dev/console
Changing the /etc/syslog.conf file requires "kill -HUP `pidof syslogd`
to make syslogd recognize the changes. The log files specified in
syslog.conf need to exist, new ones can be created with touch, e.g.,
"touch /var/log/debug" creates a file named debug in the directory
/var/log.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* Better is the enemy of good enough. */
------------------------------
From: [EMAIL PROTECTED] (razoon)
Subject: It works!
Date: Thu, 15 Apr 1999 20:10:13 GMT
Reply-To: [EMAIL PROTECTED]
On Wed, 14 Apr 1999 14:43:35 -0700, [EMAIL PROTECTED] (Luca
Filipozzi) wrote:
>[This followup was posted to comp.os.linux.networking and a copy was sent
>to the cited author.]
>
>In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>says...
>> On Wed, 14 Apr 1999 13:04:20 -0700, [EMAIL PROTECTED] (Luca
>> Filipozzi) wrote:
>>
>> >[This followup was posted to comp.os.linux.networking and a copy was sent
>> >to the cited author.]
>> >
>> >In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>> >says...
>> >> >In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>> >> >says...
>> >> >>
>> >> >>
>> >> >> >In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
>> >> >> >says...
>> >> >> >> I want to run a firewallscript from commandline.
>> >> >> >>
>> >> >> >> IPADDR=`/sbin/ifconfig ipp p0 | /bin/grep 'inet addr' | /usr/bin/cut
>> >> >> >> -f >2 -d: | /usr/bin/cut -f 1 -d' '`
>> >> >> >>
>> >> >> >> ipchains -A input -p udp -j DENY -d $IPADDR 137:139 gives an error.
>> >> >> >>
>> >> >> >> How can i generate my ip-addres?
>> >> >> >> What is the right syntax?
>> >> >> >>
>> >> >> >>
>> >> >> >don't you need to export IPADDR to the environment.
>> >> >> >
>> >> >> >setenv IPADDR yadayada for csh or tcsh
>> >> >> >export IPADDR=yadayada for sh, ksh, or bash
>> >> >>
>> >> >> Can you please be more specific.
>> >> >> I am just a newbie, sorry
>> >> >>
>> >> >>
>> >> >>
>> >> >>
>> >> >In a shell script, you can do the following assign to a variable (IPADDR)
>> >> >and use it anywhere in the script as $IPADDR. This works in a shell
>> >> >script because it has its own environment (inherited from the login shell
>> >> >from which it was called, but definitely its own). When the shell
>> >> >completes and you are returned to your login shell (the prompt), IPADDR
>> >> >will no longer be valid.
>> >> >
>> >> >Similarly, if at the command prompt you simply type IPADDR=something,
>> >> >IPADDR will not be valid after you press enter because a simple
>> >> >assignment does not add IPADDR to the environment. If you want IPADDR to
>> >> >remain valid in the login shell, you must "export" it to the environment.
>> >> >How you export depends on which login shell you use.
>> >> >
>> >> >setenv is used with csh or tcsh
>> >> >export is used with sh, ksh, or bash
>> >> >
>> >> >You need to buy a good book on shell programming and using shells. I'm
>> >> >sure O'Reilly has a good selection.
>> >> >
>> >> >#!/bin/sh
>> >> >IPADD
>> >>
>> >> Okay i understand, but one more question.
>> >> When i do:
>> >> /sbin/ifconfig ipp p0 | /bin/grep 'inet addr' | /usr/bin/cut
>> >> -f >2 -d: | /usr/bin/cut -f 1 -d' '
>> >> from the prompt i get the ipadres indeed. So the syntax is good.
>> >>
>> >> But when i put it in a script like:
>> >> export IPADDR=/sbin/ifconfig ipp p0 | /bin/grep 'inet addr' |
>> >> /usr/bin/cut -f >2 -d: | /usr/bin/cut -f 1 -d' '
>> >> echo $IPADDR
>> >>
>> >> Then i get the whole string back instead of the ipaddres.
>> >> So what is in IPADDR when the script executes?
>> >> The string or the ipaddres?
>> >It contains the string.
>> >
>> >Try this:
>> >
>> >export IPADDR=`stuff`
>> >
>> >surround the stuff you have above in back-ticks.
>> >
>> >This tells the shell to execute the stuff inside the quotes and to
>> >assigne the result (the ip address) to the variable.
>>
>> Then i get the message: /usr/bin/cut: the deliminiter must be a single
>> charachter.
>>
>> The last cut contains 1 space(" ").
>> But it is a single char ! Im stumped.
>>
>>
>Try this:
>
>#!/bin/sh
>IPADDR=`/sbin/ifconfig eth0 | /bin/grep 'inet addr' | /usr/bin/cut -f 2
>-d: | /usr/bin/cut -f 1 -d' '`
>echo $IPADDR
When changing IPADDR to IPADD everything worked!!!
Thanks for all your help.
Thanks!
------------------------------
From: "--==[bolMyn]==--" <[EMAIL PROTECTED]>
Subject: Re: netcart not detected - no dhcp
Date: Fri, 16 Apr 1999 01:05:08 GMT
Hi,
If you get an answer to your question, could you please, also forward it
to me?
Thanks. :-)
Bo Hedemark Pedersen wrote:
> The first time I installed Redhat 5.1 it automatically
> detected my
> netcard and sat up a dhcp client for me.
> The second time (on the very same machine) it did not
> detect my netcard.
> I have now installed the dhcpd package, but the
> dhcpd.conf file is
> missing and the README doesn't seem to mention it.
> Is there anyway that I can run the detection program
> used in the Redhat
> installation proces?
>
> Thanks,
> Bo
--
Bolek,
URL: http://www.bolek.com
e-mail: [EMAIL PROTECTED]
------------------------------
From: Dave Masser <[EMAIL PROTECTED]>
Subject: SMC 1660T
Date: 15 Apr 1999 13:34:46 PDT
Hello,
Does anyone have any experience with an SMC 1660T ethernet card for use
with Linux. I am installing a cable modem and this is the card they
normally install.
Thank you in advance.
Dave Masser
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: more PPP probs: server assigns ip 0.0.0.0
Date: 15 Apr 1999 13:57:37 -0500
smjones ([EMAIL PROTECTED]) wrote:
: Im going through all the fun of setting up a PPP connection to my ISP.
: When I connect using minicom I am assigned the address 0.0.0.0, PPP then
: starts up their side.
: On my side I can ping the server and nameserver only and only with ip
: addresses. The HOW-TO puts this down to a routing problem. Is the
: 0.0.0.0 address at the root of this?
Yes. Some ISPs run broken ppp implementations. Try the pppd option
192.168.0.1:
which requests the private address 192.168.0.1 for yourself and leaves the
ISP to assign it's own adderess. This should work - if it doesn't then
get a new ISP.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* Those who can't write, write manuals. */
------------------------------
From: "bob cent" <[EMAIL PROTECTED]>
Subject: Setting AppleShare passwords
Date: Thu, 15 Apr 1999 18:26:47 -0700
Hi,
I need to know how I can allow my users to set their password from the
AppleShare login dialog box.
At the moment, the Set Password button is availble in the AppleShare login
dialog box because I activated the "savepassword" and "setpassword" toggles
in afpd.conf. I can select the Set Password button and enter my old
password and my new password, but it seems to be refused by my Linux server.
I get this message on my Mac:
Your password could not be changed. Please try again or see you server
administor.
Is this a Linux or a Netatalk concern? Any suggestions how to fix it?
Otherwise, everything is fine with my Netatalk installation. I have a
Mandrake-RH 5.2 with Netatalk installed. Thanks!
Bob
University of Washington
------------------------------
From: Garin Hiebert <[EMAIL PROTECTED]>
Subject: Re: IP Masquerading Help Required
Date: Thu, 15 Apr 1999 20:45:17 GMT
I don't know if this is the best answer, but here goes -- I've had a similar
problem with an Ascend router (ISDN). The router would connect every 15
minutes to the ISP if any of my Windows machines were on. It turns out that
this is because of the Windows "browse master" system which is used by the
"Network Neighborhood" feature. Every 15 minutes the browse master goes out
and asks all the computers to identify themselves so that it can keep track
of them. I disabled the feature by going into the network control panel,
selecting "File and Print Sharing," and then selecting "Disabled" for the
"Browse Master" property.
What's the downside? Now the "Network Neighborhood" feature doesn't work.
Later,
Garin
In article <7ekvgt$rdi$[EMAIL PROTECTED]>,
Gary Collis <[EMAIL PROTECTED]> wrote:
> Hello
>
> I am using IP masquerading to enable my department (3 Win98 PC's) to
> connect to a single ISP account. The gateway is running RedHat 5.1 and
> uses an IP router to establish the ISDN connection to the ISP.
>
> All is working well, in fact I am using it right now, apart from the fact
> that outgoing connections are being made for no apparent reason. I believe
> it is some setting on the clients as the connect time does not increase
> over night whilst these are turned off. The clients are running TCP/IP and
> the IPX/SPX (for our Novell server) protocols and have been set to use
> Linux as the gateway and the Proxy server.
>
> Does anyone have any ideas as to how I can remove these unwanted outgoing
> calls?
>
> ------------------ Posted via SearchLinux ------------------
> http://www.searchlinux.com
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "J. S. Jensen" <[EMAIL PROTECTED]>
Subject: Re: How to clear a hung port
Date: Thu, 15 Apr 1999 14:59:45 -0600
"Michael T. Smith" wrote:
> When I stop the listener it closes correctly. If I then do a netstat
> -na | grep 1521 then I get
>
> 0.0.0.0:1521
>
What is the STATUS of the port reported by netstat?
--
J. S. Jensen
mailto:[EMAIL PROTECTED]
http://www.Paramin.COM
------------------------------
From: [EMAIL PROTECTED] ()
Subject: HELP: With Writing NFS Client
Date: 15 Apr 1999 20:35:41 GMT
I am trying to write an NFS client program that talks to the Linux NFS
server. So far, I've been able to create the source files from the
nfs.x (RPC description file for NFS plus MOUNT protocols), compile
and link them to my program, and have so far successfully tested most
of the MOUNT procedures, including:
mnt
dump
export
umntall
BUT (and here is the part that is driving me nuts!), NONE of the
NFS procedures work.
[Source for simple client program appended at end of message.]
After creating the client, using the MOUNT mnt procedure (which
returns successfully), I then attempt to do an NFS lookup procedure
call. The result for all NFS procedure calls is:
: RPC: Can't decode result
When I check what is returned by the server, I seem to be getting back
28 bytes, with only the first 8 being meaningful. The first two
fields in the return seem to be valid, but the rest of the returned
data is simply all zeros.
Does anybody have any source code for an NFS client, so I can try
to figure out what is going wrong? Or, can anybody tell me why the
Linux NFS server is returning such bogus data that RPC cannot even
decode it?
Thanks in Advance,
John S.
[EMAIL PROTECTED]
Source Code Follows -----------------------------------------------------------
/******************************************************************************
* Module : NFS client
*
* Author : John W. M. Stevens
******************************************************************************/
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#include "nfs.h"
int
main(
int argc,
char **argv)
{
auto CLIENT *clnt;
auto dirpath home;
auto fhstatus *mountPoint;
auto diropargs dirIn;
auto diropres *dirOut;
/* Check for command line parameters. */
if (argc < 3)
{
fprintf(
stderr,
"%s %d : Error - syntax is: %s <server> <file_name>\n",
__FILE__,
__LINE__,
argv[0]);
exit( 1 );
}
/* Create a client port and attach it to the server. */
if ((clnt = clnt_create(
argv[1],
MOUNTPROG,
MOUNTVERS,
"udp")) == NULL)
{
clnt_pcreateerror( argv[1] );
exit(1);
}
/* Attempt to mount known point. */
home = strdup( "/home/jstevens/test" );
if ((mountPoint = mountproc_mnt_1(&home, clnt)) == NULL)
{
clnt_perror(clnt, "mnt");
goto destroy;
}
/* Initialize for looking up a file. */
memcpy(
&dirIn.dir,
&mountPoint->fhstatus_u.fhs_fhandle,
NFS_FHSIZE);
dirIn.name = strdup( argv[2] );
/* Look up a file. */
if ((dirOut = nfsproc_lookup_2(&dirIn, clnt)) == NULL)
{
clnt_perror(clnt, "lookup");
goto destroy;
}
destroy:
/* Unmount all. */
if (mountproc_umntall_1(NULL, clnt) == NULL)
{
clnt_perror(clnt, "umntall");
goto destroy;
}
/* Close out client. */
clnt_destroy( clnt );
}
------------------------------
Crossposted-To: comp.os.linux.development.apps,comp.unix.programmer
From: Peter Pointner <[EMAIL PROTECTED]>
Subject: Re: TTY Setting
Date: Thu, 15 Apr 1999 20:37:34 GMT
MicroNg <[EMAIL PROTECTED]> wrote:
> Q1. to explain how to set the tty config ? I want to use the rz and sz for
> files tranfer
> but just what is the baudrate, parity, hand-shake etc ? for eg,
> hypetermianl in
> win95 program to the linux rz. (note ymodem sending fail in hypertermal,
> only
> zmodem (in win95 hyperterminal) work, even hyperterminal to hyperterminal
> program)
man stty
> Q2: I'm going to write a C program for serial comms using tty device,
> but also how can set the parameter (baudrate etc) ?
man termios
And I think there is a HOWTO about serial programming.
> Q3. Is it possible to use low-level (outp, inp etc) i/o access in linux /
> unix ?
Possible. Program must run with root priviledges. You probably should not
do that for normal devices like the serial port.
man ioperm iopl outb
Hoping that this lot of RTFMs is better than nothing,
Peter
Followup set.
------------------------------
From: "Doug Rohrer" <[EMAIL PROTECTED]>
Subject: Re: Duplicate entries in the routing table (kernel 2.2.4)
Date: Thu, 15 Apr 1999 17:17:02 -0400
Fredrik:
Most probably this is because of a change in the routing code from 2.0.x to
2.2.x (and 2.1.x, btw... not sure when it was first introduced). Most
current distributions ship with scripts to bring your interfaces up, and
these scripts actually add the routes, but now the kernel does it on its
own. In Redhat 5.0 the script is
/etc/sysconfig/network-scripts/ifup
I'm not sure if this is the same in other distributions, but look for lines
adding routes and see which ones, in your case, would add the routes that
are doubled, and try commenting them out. I don't have a generic solution
for this problem, but maybe someone has the rewritten ifup script for RedHat
out there.
Good luck!
Doug Rohrer
Raul Jordan <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Have you configured any IP aliasing interface like eth0:0?
> May be you have one entry in the routing table with each network
interface.
> --
> Raul Jordan
>
> Fredrik Persson wrote:
>
> > Hi!
> >
> > I've just updated to kernel 2.2.4 and this weird thing happends.
> >
> > I boot, my ethernet card comes to life as smooth as it gets. But it
makes
> > duplicate entries in the routing table? Why? Everything works fine, but
this
> > thing bothers me.
> >
> > This is how it looks:
> >
> > $ route -n
> > Kernel IP routing table
> > Destination Gateway Genmask Flags
Metric
> > Ref Use Iface
> > 192.168.140.0 0.0.0.0 255.255.255.0 U 0
> > 0 0 eth0
> > 192.168.140.0 0.0.0.0 255.255.255.0 U 0
> > 0 0 eth0
> > 127.0.0.0 0.0.0.0 255.0.0.0 U
> > 0 0 0 lo
> > 0.0.0.0 192.168.140.67 0.0.0.0 UG
0
> > 0 0 eth0
> >
> > The two first entries (starting with 192). Why? I just want one.
> >
> > I brough the interface down (ifdown) and the two entries disappeared. I
> > brought it back up (ifup) and there they were again, two entries!
> >
> > Why is this?
> >
> > Thanks for any help!
> >
> > /Fredrik Persson
>
------------------------------
From: "David Murray" <[EMAIL PROTECTED]>
Subject: module or compile in kernel?
Date: Thu, 15 Apr 1999 21:17:20 GMT
Is it better to use your network driver as a module or compile it directly
into the kernel? Besides the convenience of being able to change it
easier, which one is more efficient for speed, memory, and reliability?
--DavidM
------------------------------
From: "Doug Rohrer" <[EMAIL PROTECTED]>
Subject: Re: what is listening to a port
Date: Thu, 15 Apr 1999 17:19:07 -0400
One of the best ways to find out is by looking at /etc/services - this will
tell you what SERVICE is listening on that port, and then check out
/etc/inetd.conf or your init scripts to see what program is actually serving
those services.
Good luck!
Doug Rohrer
Fulko van Westrenen <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hello,
>
> I try to find out which program is listening to a certain port.
> Netstat -a provides a long list with port numbers and I want to
> know what is behind all those port numbers.
>
> Who can help?
>
> Best,
> Fulko
>
------------------------------
From: Jeff Brubaker <[EMAIL PROTECTED]>
Subject: Re: FTP server & chroot
Date: Thu, 15 Apr 1999 16:09:54 -0400
If you're using wuftp with ftpaccess enabled, then edit the /etc/ftpaccess
file. Then add a command like:
guestgroup <group>
which will perform a chroot on any user in the group you specify. Note that
you must provide some utilities in the user's home directory, similar to ~ftp
(/bin /etc and /lib)
Also, for security's sake, you probably wnat to make this a FTP only account -
so change the users shell to something like /etc/ftponly in /etc/passwd. The
only problem is that RH5.2 (and others, I'm sure) require valid shells to even
use FTP, so you have to add that to /etc/shells or remove the pam module from
/etc/pam.d/ftp
Jeff
j wrote:
> how could I configure ftp server with chroot, so that user only has access
> to his home directory and nothing else?
>
> Thanks for help
------------------------------
From: Somsak Limavongphanee <[EMAIL PROTECTED]>
Subject: ftp:Illegal PORT Command
Date: Thu, 15 Apr 1999 23:10:06 -0700
What is wrong with ftp and ncftp?
I always got Illegal PORT Command error.
No problem with ftp in MC.
Thank
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
