Linux-Networking Digest #895, Volume #10 Sat, 17 Apr 99 18:13:46 EDT
Contents:
Re: kernel: SMBFS: need mount version 6 (Richenel)
Re: How to do secure X11: NT Workstation SP4 (SecureCRT v2.4, Exceed v6.1), Redhat
Linux 5.9.7 [Starbuck]: SSHD v1.2.26 ("Alan J. Flavell")
Linux - My honest opinion ("A. Feiner")
ISP Connection problems ("Karl Krukow")
Daynaport PCI Ethernet adapter (Bert Bulder)
Linux in Linux in Linux in (Dinis Teixeira)
Waiting for Red Hat 6.0 ("folkert meeuw")
help on chat ! (Thomas Welp)
Re: Linux - My honest opinion (Bert Bulder)
Large size PING packets -- do they pass theough a router? (Paul Gillingwater)
Hack/fix omitted from Ethernet-HOWTO and eexpress.c (Rohan Oberoi)
Hot to use VPN feature in ppp 2.3.7? (Gregory Gee)
Re: DHCPD install problems (K Lee)
SAMBA: disabling asking for password ("Patrick Scharrenberg")
Re: More info on Wrappers! (Jim Roberts)
kernel: SMBFS: need mount version 6 (Moe Koenig)
Re: Routing problems ? (Cor Wood)
----------------------------------------------------------------------------
From: Richenel <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: kernel: SMBFS: need mount version 6
Date: Sat, 17 Apr 1999 20:16:41 +0200
Richenel <[EMAIL PROTECTED]> wrote:
>[EMAIL PROTECTED] (Moe Koenig) wrote:
>>when trying to load the smbfs module (modprobe smbfs) my kernel writes
>>to syslog:=20
>>
>>kernel: SMBFS: need mount version 6
>>
>>how do i fix that?
>>
>>i already searched for a newer mount-command but all i found was v2.8a
>>on freshmeat.net so i doubt there is a version 6 around anywhere..
>>
>>any help is highly appreciated!
>>
>>--=20
>>Moritz Koenig [email:[EMAIL PROTECTED] fax:089-666-1718-659]
>>[ Wir programmieren Ihren Erfolg! @ http://www.holoplex.de ]
>
>You need I guess a newer smbmount util for samba 2.0 or if you are using=
kernel
>2.2.
>If you are using any rpm based system you need to download samba 2.2 at =
redhat
>updates ftp or compile samba 2.2 yourself.
------------------------------
From: "Alan J. Flavell" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.ssh,linux.redhat.misc,comp.os.linux.misc,comp.os.linux.x
Subject: Re: How to do secure X11: NT Workstation SP4 (SecureCRT v2.4, Exceed v6.1),
Redhat Linux 5.9.7 [Starbuck]: SSHD v1.2.26
Date: Sat, 17 Apr 1999 20:16:04 +0200
On Fri, 16 Apr 1999, tester wrote:
(in stereo)
> Topic sums up the configuration..
> I SSH (3DES encryption) into the Linux box with SecureCRT 2.4b1, and export
> DISPLAY to my NT Workstation.
>
> Now do I make X11 *secure*?
What do you mean by "export DISPLAY to the NT Workstation"?
If you mean that you set the environment variable DISPLAY to something
like a.b.c.d:0.0 , where a.b.c.d is the IP address of the workstation,
then you have just thrown away the benefit of X forwarding.
I'm using the latest TTSSH (i.e with X forwarding), but your situation
should be analogous if it supports X forwarding via ssh protocol.
You should find on your linux system that the DISPLAY variable gets
set to something like w.x.y.z:13.0 , where w.x.y.z is the address of
your linux system. This is how the X forwarding is diverted into the
ssh tunnel; it will emerge on your Win/xx system and look as if it is
coming from the Win/xx system itself.
So, I have exceed configured for access control by host, and the only
host that it has in its list is 127.0.0.1 i.e itself. Thus, any unix
session to which I connect via ssh and with X forwarding enabled, can
throw windows onto the Win/xx box. Other sessions (even different
sessions on the same hosts) are rejected. And the network transactions
are secure (and optionally compressed, which can be beneficial on some
links).
hth
[f'ups narrowed]
------------------------------
From: "A. Feiner" <[EMAIL PROTECTED]>
Subject: Linux - My honest opinion
Date: Sat, 17 Apr 1999 15:47:58 GMT
This post does not intend to flame in anyway. It's just an honest opinion,
so do not reply unless it's to the matter. No Gates sucks or Novell is dead
please.
We have been testing Linux Redhat 5.2 for the last three months. We chose
Redhat since it seemed to be the most widely acknowledge by large corps like
IBM, Dell, etc. This is the 1st point:
1. Linux has no place in the business world unless steadily supported by
these giants. I heard that Compaq is coming out with Alpha for Linux. This
is a very good start.
2. Companies like I work for cannot rely on one sharp admin, today here,
tomorrow there. So if I have the budget, I prefer a recognized,
well-documented OS, with a solid backbone (Microsoft, Novell, HP-UX etc.).
3. Since we are in the business for living, our management was very
interested to know whom we call when disaster strikes. We conducted a small
"failure" test and called Redhat. Pleaseeee. These guys are way over our
head, and do not really seem to be interested in helping. Tech support
should always consider the fact that new users are calling. So you really
should look into support more seriously.
We were impressed with the speed of file printing and sharing, plus WEB
services. That's it. There is no serious collaboration system available, not
even serious database. If I am a small company (and I am) there is no appeal
to my sense to integrate a very limited system.
End user: this is where Linux sucks big time, and the people who work on it
need to look at what Microsoft had done to the desktop. They turn it into a
very accessible thing.
Although MS OS' are mediocre to badly limited to exclude NT (and do not go
there unless you really know to work with NT), they are accessible. When you
fire up 95/98 9crap, you can navigate within seconds. If you want to win the
market, you have to win the desktop, if you want to win the desktop it has
to be user friendly.
Not always the best OS wins. See MAC. It can happen to Linux, unless people
realize that they need to desert the fancy "we are so special" mode and get
down to earth. Make it accessible to the corporate end-user, since users
like to work at home with they have at work. They feel more confident. I
know it first hand talking to my wife.
Some RPMS and add-ons require so much configurations that it's literally a
waste of time.
Remember, in today's world the purpose is expanding, not maintaining.
Learning curves should be short, information accessible at all times.
So until then, I will stick to my current OS.
A. Feiner
Representing only myself.
------------------------------
From: "Karl Krukow" <[EMAIL PROTECTED]>
Subject: ISP Connection problems
Date: Sat, 17 Apr 1999 17:05:13 +0200
Hi.
I'm having serious problems connecting to my ISP.
I've managed to get the connection up but when I try to ping my DNS,
it says "network unreachable".
I'm a newbie in linux, so be gentle :-)
------------------------------
From: Bert Bulder <[EMAIL PROTECTED]>
Subject: Daynaport PCI Ethernet adapter
Date: Sat, 17 Apr 1999 14:51:29 +0000
Got two NIC in my RedHat 5.2 Linux box:
a 3COM 3C509B for which I was able to disable PnP to get it working.
(the 3COM is connected to a cable modem, and since I'm sending this
message, everything works here.
and
a Daynaport PCI Ethernet Adapter that is causing me some problems.
The dynaport connects (or better, has to connect) through a crossed UTP
cable to an NT workstation.
I'm pretty sure that I'll have to disable PnP on the Daynaport too, to
get the NT workstation finally to talk to my Linux box, which it is
refusing sofar.
Can't seem to find anything on disabling PnP on this Daynaport NIC.
Anyone out there who did this? Dayna.com has nothing on this.
Thanks for your time.
Bert Bulder, Amsterdam
[EMAIL PROTECTED]
------------------------------
From: Dinis Teixeira <[EMAIL PROTECTED]>
Subject: Linux in Linux in Linux in
Date: Sat, 17 Apr 1999 15:07:11 +0200
Reply-To: [EMAIL PROTECTED]
Hello.
I�m seriously thinking in implement a mail solution using Linux in
replacing of the actual mail solution using MS Exchange.
The requirments are:
-Internal mail distribution in PC clients�s Win95/95, preferable
no using pop3 (requires periodical inquires) but something similar to
the Exchange transport (ex. SNMT ?, delivery), in a simple PC Client ,
ex: MSOutlook or other.
- Internet delivery, using routing access(think easy) or dial-up
access.
-Internet receiving from a provider recipient (periodicak on POP3 or
IMTP) or permanent connection (think easy).
-Easy/intuitive management on Server and Clients.
Does any ony can give me some sugestions to buid up this kind of
solution
Best regards
Dinis
------------------------------
From: "folkert meeuw" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.system
Subject: Waiting for Red Hat 6.0
Date: Sat, 17 Apr 1999 22:35:23 +0200
Hi Dear Frindly Readers,
now, since I'm waiting for Red Hat 6.0, i 've got a Problem with Red Hat 4.2
A month ago I updated to the Kernel Source 2.1.43.
After, I wrote a shell script to automate the compilation of new Kernel and
delegate the job to crond on every night at 01:00 and 03:00 and 05:00,
'cause the compilation breaks with an error sometimes (a 486-Intel/Compaq
PC)
Always the system has the same Problem, when I activate ppp-functionality
in a monolithic Kernel with menuconfig there is a library error with the
net-modules,
when I type make dep clean zImage and when I reboot the system didn't find
the
net-Modules.
But I want to route with my Linux-PC in a TCP/IP Network so I need
this functinality. And when I start a ppp Session to my Provider and
've been connect and type route to see who the Linux routed there
is no routing functional�ty to see, evenso I tested with ping from
one other PC in the Network but there is nothing going out.
Have had someone of you here make experience with it ?
MfG Folkert Meeuw
------------------------------
From: Thomas Welp <[EMAIL PROTECTED]>
Subject: help on chat !
Date: Sat, 17 Apr 1999 18:01:25 +0200
Hi,
is there anybody who can tell me why my modem is working with
''minicom'' but hangs when I use chat ?????
Thanks,
Thomas
------------------------------
From: Bert Bulder <[EMAIL PROTECTED]>
Subject: Re: Linux - My honest opinion
Date: Sat, 17 Apr 1999 15:55:48 +0000
"A. Feiner" wrote:
> This post does not intend to flame in anyway. It's just an honest opinion,
> so do not reply unless it's to the matter. No Gates sucks or Novell is dead
> please.
Still, A. Feiner, who'd you rather spend your buck on? A "sharp admin" or
zillion-Bill's NT server? And sure, these guys will go where they're paid best,
or have additional benefits. Wouldn't you? Talk to your Human resources
department.
Not that I don't see part of your problem here... But it's a bit out of
context.
End users... Though Linux is getting closer to accomodating "normal" end users,
using Linux as a server, it's not all that bad. The end users could continue
working on their Win machines, couldn't they?
Besides, to expect from Redhat to give you support for zilch, with the rates
Microsoft charges for support... That sounds like: "hey this is a free
operating system, so the support has to be free too". Time to wake up! There's
Linux consultants out there too. Sure, they'll charge you, but so does
Microsoft or Microsoft resellers.
Here you go wrong in your argumentation.
You go ahead and send your detailed costs per user working with MS to any Linux
consultant close to where your business is and I'm pretty sure that while
keeping all of the functionality you have currently, they'll be able to prove
that you could be working with Linux and spend less, plus spend your money on
someone else that Bill (no flaming intended).
Again, your line of reasoning is incorrect, although I underwrite some of your
comments.
BB, Amsterdam
------------------------------
From: Paul Gillingwater <[EMAIL PROTECTED]>
Subject: Large size PING packets -- do they pass theough a router?
Date: Sat, 17 Apr 1999 18:21:39 +0200
Reply-To: [EMAIL PROTECTED]
Should PING packets with >4 kb pass through a PC/Linux router? Will
ICMP be fragmented by the Linux kernel when the MTU size is 2000
bytes? Or is it dropped silently?
------------------------------
From: [EMAIL PROTECTED] (Rohan Oberoi)
Crossposted-To: fa.linux.net
Subject: Hack/fix omitted from Ethernet-HOWTO and eexpress.c
Reply-To: [EMAIL PROTECTED]
Date: Sat, 17 Apr 1999 17:02:45 GMT
After installing RedHat 5.2 (2.0.36) on a 486DX-66/16 with two Intel
EtherExpress NICs, I noticed the machine would completely hang (dead
screen, no network response -- hard reboot required) practically once
a day. Recompiling with as many options taken out as possible had no
effect.
An old copy from DejaNews of the Ethernet-HOWTO mentioned this
hack/fix: replace all instances of "outw(" with "outw_p(" in
drivers/net/eexpress.c. After recompiling with this change, the
machine has now been up six days without a problem (it does still have
occasional "eth0: CU wedged, status 0140 0000, resetting..." messages
in /var/log/messages, but they no longer freeze the machine).
Does anyone know why this hack/fix was omitted from the HOWTO? Or
whether there are reasons not to incorporate it into the eexpress.c
distribution?
Regards,
Rohan.
(PS -- Please remove the obvious from return address if emailing.)
------------------------------
From: Gregory Gee <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.ppp
Subject: Hot to use VPN feature in ppp 2.3.7?
Date: Sat, 17 Apr 1999 20:58:07 GMT
I've been looking for a way to set up a tunnel between
a Solaris workstation and various other Solaris, NeXT, Linux computers.
I looked at the VPN-minihpwto and it described a way to
use ssh and pt-redir and ppp. Havent't got it to work yet.
I noticed in ppp 2.3.7 that it has a pty script feature.
Has anyone used this? How did you set it up.
Here is an example of the setup that I am trying to do.
- Solaris workstation on edge of private network as firewall
- Have other Solaris, Linux, NeXT computers on the public side
of the network start a PPP tunnel(VPN) to the firewall.
How do I use 'pppd pty'?
How do I assign IP addresses(they can be static)?
Can pppd pty be done over rsh instead of ssh(don't need encryption)?
Please respond by email as well. I don't get a chance to check
news often.
Thanks,
Greg.
>From the PPP 2.3.7 README
* Pppd can now automatically allocate itself a pseudo-tty to use as
the serial device. This has made three new options possible:
- `pty script' will run `script' with its standard input and output
connected to the master side of the pty. For example:
pppd pty 'ssh -t server.my.net pppd'
is a basic command for setting up a PPP link (tunnel) over ssh.
(In practice you may need to specify other options such as IP
addresses, etc.)
------------------------------
From: K Lee <[EMAIL PROTECTED]>
Subject: Re: DHCPD install problems
Date: 17 Apr 1999 20:53:45 GMT
Hugo Th�riault <[EMAIL PROTECTED]> wrote:
: Hello everyone, i have a problem installing dhcpd server... as follows
: did install the make package and still have an error message as
: follows when i type the make command
: cc -g -DLINUX_2_0 -c dhcpd.c -o dhcpd.o
: make: cc: Command not found
: make: *** dhcpd.o error 127
That's strange. cc is the compiler and usually in Linux, gcc is used. So
the makefile is incorrect in looking for the cc compiler when it should
say gcc. Might wanna make sure that the tarball you got is for Linux and
not for some other *nix.
Go into the makefile, which should be in the dir that was created when you
unzip'd and untar'd the tarball. It could be named Makefile and replace
'cc' with 'gcc' and see what happens. If I recall correctly you're using
Redhat? Why not just install the rpm of it?
Steve
------------------------------
From: "Patrick Scharrenberg" <[EMAIL PROTECTED]>
Subject: SAMBA: disabling asking for password
Date: Sat, 17 Apr 1999 23:43:52 +0200
Hello..
when using shares from my samba-server I have to type my password.. I
wouldlike that the password I typed at my NT-logon is used for the samba
server.. these passwords (and usernames) are identical but I'm always
asked..
here's my actual smb.conf (what have I done wrong?):
# Global parameters
workgroup = DUKE
netbios name = ATLANTIS
server string = SAMBA
interfaces = 192.168.0.1/255.255.255.0
update encrypted = Yes
log file = /var/log/smb.log
preferred master = Yes
lock dir = /var/adm
mangle case = Yes
[transfer]
path = /samba/transfer
read only = No
create mask = 0777
guest ok = Yes
[test]
comment = Test
path = /test
------------------------------
From: [EMAIL PROTECTED] (Jim Roberts)
Subject: Re: More info on Wrappers!
Date: Sat, 17 Apr 1999 16:56:11 GMT
:
> Hi all,
>
> Very recently i was asked by a person to use wrappers (TCP, i think)
> to solve my problem, that needed reserving ports on a machine. Many
> tries to understand what "wrappers" are have been failures. If any
> one can help me with some more basic/advanced info. about there things
> called Wrappers!
>
> Thanks a lot, in advance.
>
> Banibrata.
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
TCP Wrappers is a program designed to add a level of security to your
Unix box. What the Wrapper does is intercept the call for a network
service and check to see if the host trying to use the service is
allowed to. If yes, the Wrapper executes the service then dies. If
to, it refuses the connection and logs or alearts you about the attempt.
The security rules are very flexible and can be set as loose or tight
as you wish.
I would suggest reading the docs that come with the TCP-Wrappers
program. A web search would also turn up tons of info.
--
Jim Roberts Never enough time!
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Moe Koenig)
Crossposted-To: comp.os.linux.misc
Subject: kernel: SMBFS: need mount version 6
Date: Sat, 17 Apr 1999 16:57:54 GMT
Reply-To: [EMAIL PROTECTED]
when trying to load the smbfs module (modprobe smbfs) my kernel writes
to syslog:
kernel: SMBFS: need mount version 6
how do i fix that?
i already searched for a newer mount-command but all i found was v2.8a
on freshmeat.net so i doubt there is a version 6 around anywhere..
any help is highly appreciated!
--
Moritz Koenig [email:[EMAIL PROTECTED] fax:089-666-1718-659]
[ Wir programmieren Ihren Erfolg! @ http://www.holoplex.de ]
------------------------------
From: Cor Wood <[EMAIL PROTECTED]>
Subject: Re: Routing problems ?
Date: Sat, 17 Apr 1999 16:51:58 GMT
In article <5qSR2.325$[EMAIL PROTECTED]>,
"Curt" <[EMAIL PROTECTED]> wrote:
> I found that if you suspect a MTU discovery problem, just reduce the size of
> the
> packets you use until it works. This was a problem with a SUN firewall we
> use
> to have, I found that a MTU of 1410 allowed me to reach all sites we tried.
> This
> was set on the outside interface of the firewall.
>
> Radovan Brako wrote in message <7f7or4$967$[EMAIL PROTECTED]>...
> > Looks like a problem with MTU Discovery. How is L1 connected to
> > the Internet ? Directly from the L1 Linux machine, or from a
> > router attached to the L1 local net ? Is any firewalling
> > configured on the Linux machine (or on the router, whichever
> > applicable) ?
> >
> > In brief: You must not filter out "ICMP Destination Unreachable:
> > Fragmentation Required but Don't Fragment Bit Set" packets. Or,
> > try configuring the PPP link with MTU equal to 1500 on both sides.
> >
> > If this is not the solution, ask again ...
> >
> > RB
> >
Curt, Radovan,
Both thanks for your input.
I tried both sugestions, first curts remark about having the ppp link in a
seperate subnet. Putting every device in a subnet is the 'clean' way to go.
Making 3 subnets when you have 32 IP addresses in a pain....I ended up with a
subnet of 16 IP addresses, a subnet of 8 IP-addresses and an other one of 8.
This didn't solve my problem, so tried Radovan sugestion, and changed the MTU
back to 1500, problem solved :)))
I did change back to 2 subnets, I know it isn't the way you should do it, but
I'm kind of short on IP-addresses here.
Again, both thanks a lot :)
Cor
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
