Linux-Networking Digest #928, Volume #10 Tue, 20 Apr 99 23:13:43 EDT
Contents:
Re: ftp:Illegal PORT Command (Terry Stockdale)
Re: Unsolicited network activity from Mandrake (Ralph Spitzner)
Re: TCP MAPING and PORT Redirection for Linux ("Bob Marley")
FS on ebay: Netopia 640 ISDN Internet Router (DmmmD)
Re: NIS woes (Job Eisses)
Transparent proxy not really transparent?? (Matt Siemens)
Re: Squid ([EMAIL PROTECTED])
Re: Machine name themes - what do you use? (Lawrence Hileman)
D-Link DFE530TX config problems (Denning)
Re: Cannot find eth0 (Derek Mahar)
Re: Proxy recommendations & Squid configuration info wanted ("Greg J Kellogg")
Re: setup a mulitilink ppp connections (Clifford Kite)
Re: Ip Port Forwading... Can anyone help? (Greg Weeks)
Re: Is this possible? (Luca Filipozzi)
Linux DHCP with Windows 95? ("jim walski")
----------------------------------------------------------------------------
From: Terry Stockdale <[EMAIL PROTECTED]>
Subject: Re: ftp:Illegal PORT Command
Date: Mon, 19 Apr 1999 22:41:00 GMT
Sounds like your firewall won't allow the ftp server (at the other end)
to open the session to your client (on your machine). ftp originates
sessions at both ends. There is a module you can load, but I forget the
name. Alternatively, after you make your connection, issue the command
'passive' if you're using Linux. In win95, wsftp has a "PASV" option
that you can set. Both worked for me.
Somsak Limavongphanee wrote:
>
> What is wrong with ftp and ncftp?
> I always got Illegal PORT Command error.
> No problem with ftp in MC.
>
> Thank
------------------------------
From: Ralph Spitzner <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.mandrake,linux.redhat.install
Subject: Re: Unsolicited network activity from Mandrake
Date: Wed, 21 Apr 1999 04:06:34 +0200
Jason Pepper <[EMAIL PROTECTED]> wrote:
>Dear All,
>=09What has changed ?
Sendmail might try to resolve its own hostname, DNS requests might be for=
warded.
>
>=09How do I trace what is causing the generation of an externally destin=
ed
>packet ?
Get ipchains to log packets destined outside your LAN, or log your
complete ethertraffic with tcpdump.
>=09How the bloody hell do I fix this without having to unplug the Linux
>box from the hub =09
>=09whenever I'm not using it ?
>
A (pretty crude) solution would be running /etc/rc.d/network stop :-)
-rasp
------------------------------
From: "Bob Marley" <[EMAIL PROTECTED]>
Subject: Re: TCP MAPING and PORT Redirection for Linux
Date: Tue, 20 Apr 1999 20:50:23 GMT
I would use ipportfw or ipautofw depending on what you need to do exactly.
If you are using kernel version 2.0.XX you will have to download a patch and
sources etc etc if you are using kernel version 2.2.XX then it is all built
in ...make sure when you built your kernel you added support and then run
ipmasqadm
GL
Chris Markovic wrote in message <[EMAIL PROTECTED]>...
>Basically I am after a simple feature that is available in the Windows
>program: Wingate.
>
>I need to be able to redirect and map incoming TCP communications based
>on their incomming port to another tcp address on a different/same port
>and have the reserse also possible...
>
>Can anyone help??? I would be most appreciative as I cannot find
>anything, and Ip Masqurading does not perform the function and
>IPPORTFW/IPAUTOFW Dont appear to function properly.
>
>Thankyou
>
>Chris Markovic
>
------------------------------
From: [EMAIL PROTECTED] (DmmmD)
Crossposted-To:
comp.os.ms-windows.networking.misc,comp.os.os2.networking.misc,comp.sys.ibm.pc.hardware.networking,comp.sys.acorn.networking,comp.sys.mac.comm,comp.sys.mac.hardware.misc,comp.sys.mac.wanted
Subject: FS on ebay: Netopia 640 ISDN Internet Router
Date: Mon, 19 Apr 1999 16:43:07 -0600
Need an inexpensive and easy to use router that works with nearly all
platforms? Want to share on internet connection with your whole network at
home or office?
Netopia 640 ISDN router with AppleTalk support
Check out the auction on ebay:
http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=93229359
Bid starts at $200, no reserve, credit cards accepted
------------------------------
From: Job Eisses <[EMAIL PROTECTED]>
Subject: Re: NIS woes
Date: Tue, 20 Apr 1999 00:45:45 +0200
root wrote:
> Answer from 192.122.250.1 on illegal port
I have had very similar errors when the replies to ypbind packets
were sent back through a different interface on the NIS Master, and
these replies were rejected because their source ip-address was
not the same as the destination ip-address in the request.
Here the ip-address seems ok. Can it be that the portnumbers in the
reply packets are too high (>1023) ?
> I am assuming that I NEED NIS functioning to get authentication
> for the Samba facilities.
Would not think so, i have found it useful only for single-logon
in a group of unix machines. Samba does not rely on NIS.
-job
------------------------------
Crossposted-To: comp.os.linux.help,comp.os.linux.setup,comp.os.linux.questions
Subject: Transparent proxy not really transparent??
From: [EMAIL PROTECTED] (Matt Siemens)
Date: Wed, 21 Apr 1999 01:22:44 GMT
Hi,
I'm running kernel 2.2.3 which is configured to run as a transparent
proxy and do masquerading, routing traffic between the
internet and my internal network. The forwarding rules are set up so that
there are no restrictions on what can come in or go out. Eveything seems to
work great EXCEPT ftp.
When I'm on a workstation on the inside network and I want to ftp out,
sometimes I will get problems displaying a directory listing of the site
I'm connected to. Other times, I can connect fine and everything displays,
but downloading is unreliable. For example, if I try to
download a file in Netscape from a site that I'm connected to on the
internet, generally what happens is the transfer will reach 99% or 100%
but will not transfer the last few bytes -- it will just hang and not
complete the transfer. But othertimes it will work fine, it seems to vary
from site to site.
Does anyone know what could be causing this to happen? Again, I'm not
rescricting any ports from coming in or going out and everything else
seems to work great.
Can anyone shed some light on this? Any info would be very much
appreciated!
--Matt
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Squid
Date: Wed, 21 Apr 1999 01:23:01 GMT
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> HI all
>
> I am probably going to get slapped across the knuckles for
> asking more question here about
> squid, but here goes
>
> Ok I am running Suse 5.1 with squid (unknown version)
> 1. how do I set it up for transparent use
> ie anything is allowed to come in and out
If you are using the kernel 2.0.x, the best solution is to recompile it with
transparent proxy support and write some ipfwadm rules. If you are using
kernel 2.1.105 or greater you must compile it with proxy support and write
the rules using ipchains.
I've already made this using 2.0.x, but I'm trying to figure out how to write
the same rules using ipchains.
The configuration for squid must be:
http_port 8080
#dependig on the version of squid, replace the following 2 lines
httpd_accel_host virtual
httpd_accel_port 80
#by this one
httpd_accel virtual 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
and you have to write the following ipfwadm rules on startup
ipfwadm -I -a acc -S localhost/32 -D localhost/32
#if you have a masqueraded network, write also this one:
ipfwadm -I -a acc -S ${YOURNETWORK}/24 -D ${YOURNETWORK}/24
#and to send the packets throught squid:
ipfwadm -I -a acc -P tcp -S ${YOURNETWORK}/24 -D any/0 80 -r 8080
> 2. Better yet how do I get ICQ on my 95 box to connect through
> squid
>
> I have got web access no prob but I need to offer ICQ and a few
> other custom made progs direct
> access to the net
>
> Or am I just wasting my time with squid should I rather use IP
> masquerading
I think that you must use both, proxy the port 80 and masquerade the others
All this things I found on the net, following the Proxy-HOWTO links from
http://scnc.holt.k12.mi.us/~lachniet/proxy/
>
> Thanx alot
>
> Tony
You're welcome, and please, if somebody knows the right commands to do the
same thing using ipchains, tell me...
Best Regards,
Claudemir
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Lawrence Hileman)
Subject: Re: Machine name themes - what do you use?
Date: 19 Apr 1999 17:55:16 -0500
I am using ship names from the Start Trek universe. (don't laugh)
Constitution, Excelsior, Enterprise, Defient, and DeepSpace9 as the
server.
On Thu, 01 Apr 1999 16:56:14 -0600, "Sean W. Ellis"
<[EMAIL PROTECTED]> wrote:
>I have a bank with many braches and so for each separate branch we had a
>theme. One branch had a bat problem, so the machines were types of
>bats: cavemyotis, graybat, vampirebat. Another branch had the parking
>lot on the opposite side of the building from the lobby (mostly this
>branch was for drive-through only business), so because of the walk --
>shoes theme: addidas, nike, fila, reebok.
>
>On the coast (fish): shark, clownfish, swordfish, flounder
>Space mural on building across street (planets): mercury, venus, earth,
>mars
>Really skinny manager (weight loss/exercise): judo, tumbling, gymnastics
>
>We had this for 16 branches ....worked great until one lady found out
>her machine was hagfish.
>--
>Sean W. Ellis, CNE, ASE Office Systems Center
>[EMAIL PROTECTED] (361) 575-6886
>I am Pentium of Borg. Division is futile. You will be approximated.
------------------------------
From: Denning <[EMAIL PROTECTED]>
Subject: D-Link DFE530TX config problems
Date: Tue, 20 Apr 1999 22:11:00 -0400
I'm Linux networking newbie (10 months using RH 5.1)
I have bought a network kit from D-Link - a hub and two cards.
Unfortunately, they're plug-n-pray cards (this info was nowhere to be
seen when I looked into making this 2 boxen NW). I try to xconfig the
kernel (2.2.5), but this card is nowhere to be found, and Linux is
omitted from D-Link's tect support site of popular OS's and the docs.
Booting up after installing the card made my modem fail (great, an IRQ
conflict - I think can chase that down, fixing it may be another
matter)
Has anyone installed this card on a Linux box? If so, I could use some
help.
TIA,
Denning
------------------------------
From: Derek Mahar <[EMAIL PROTECTED]>
Subject: Re: Cannot find eth0
Date: Wed, 21 Apr 1999 02:04:06 GMT
Paul,
Here is what I learned installing my NE2000 ethernet module:
Unlike Windows, Linux does not automatically recognize or configure PnP cards.
You must run
pnpdump > /etc/isapnp.conf
which generates information about the PnP cards installed in your system.
You edit /etc/isapnp.conf to select I/O and IRQ settings for your PnP cards
that do not conflict with other cards in your system (both PnP and non-PnP).
After you do this, you must load drivers (called modules) for your cards into
the kernel. A tool called insmod may do this, but modprobe is better because
it also loads all dependency modules--those modules that your main module
needs to function. Module filenames end in .o (object modules). modprobe
reads the file /etc/conf.modules to determine the different names for a
module (aliases) and what options to use to load a module, but you may also
specify those options on the command line. I believe the command
modprobe -l
lists all modules available in your system. The command
modprobe ne
loads the NE2000 ISA ethernet module, while
modprobe ne2k-pci
loads the NE2000 PCI ethernet module. The command
modprobe ne io=0x300 irq=7
loads the NE2000 module using I/O port 0x300 and interrupt request 7. File
/proc/interrupts lists (most) interrupts in use in your system, while
/proc/ioports lists the I/O ports. No two devices may share an interrupt or
port address range.
If the alias eth0 exists in /etc/conf.modules, then
modprobe eth0
loads the module that represents this ethernet device. The command
ifconfig eth0 10.0.0.1 netmask 255.0.0.0 up
loads all ethernet modules, and sets the NIC IP address to 10.0.0.1 and the
netmask to 255.0.0.0. If you do not specify the netmask, ifconfig picks one
based on the IP address.
Derek
In article <[EMAIL PROTECTED]>,
Paul Williams <[EMAIL PROTECTED]> wrote:
> Hi, I have 2 computers (one running Linux (SuSE 6.0) and the other
> running win98). I wrote this email to the SuSE support but they couldn't
> help: (I am only new to Linux :-)
>
> Dear SuSE,
> I have 2 computers with network cards (isa- rtl8019). I have configured
> Samba to be started on booting up. When booting up I get a message
> saying 'eth0: unknown interface'. At the bottom of the script it says
> 'Failed services in runlevel2 = Network. I cannot remember if I loaded
> the Kernel modules that I need for networking, I have looked in Yast for
> the module loader but I cannot find any way of doing it. I have done all
> of the configuring in Yast for the actual device (called eth0) but
> nothing changes the message.
> TiA
> Paul
>
> They replied by saying this:
>
> Please check the ariadne2 driver!
>
> I do not have other ideas...
>
> I am not sure how I am supposed to 'check' the driver ( I assumed that I
> just use 'locate' but it was no file on the Hdd.) Does anyone know how
> I'm supposed to fix it?
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Greg J Kellogg" <[EMAIL PROTECTED]>
Subject: Re: Proxy recommendations & Squid configuration info wanted
Date: Tue, 20 Apr 1999 19:00:33 -0700
Uhm, you know, it does not support FTP "puts" as somthing like iftp does,
right? Also, the link you gave also does not say anything about Telnet, do
you have another place to look?
gk
Jan Johansson <[EMAIL PROTECTED]> wrote in message
news:7fhf8v$[EMAIL PROTECTED]...
> >1. Can squid be configured to offer up FTP & Telnet proxy services? If
> >so, how? [ I could use a how-to here ]
>
>
>
> Uhm, you know.. thats ALL squid does. Nothing special needed. go to
> http://squid.nlanr.net/Squid/FAQ/FAQ.html
>
>
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: setup a mulitilink ppp connections
Date: 19 Apr 1999 15:52:00 -0500
nntp.lucent.com ([EMAIL PROTECTED]) wrote:
: I would like to setup a mulitilink ppp connections to increase the
: bandwidth. Can anyone show me how or direct me to the right area?
http://linux-mp.terz.de/ (pppd modifications)
http://www.eicon.com/dimodem/doc.htm (ISDN MP TA)
I guess you know that ISP support is required for MP.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* Microsoft is a great marketing organization.
* It _has_ to be */
------------------------------
Reply-To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED] (Greg Weeks)
Subject: Re: Ip Port Forwading... Can anyone help?
Date: Tue, 20 Apr 1999 21:20:04 -0500
In article <[EMAIL PROTECTED]>,
What's up <[EMAIL PROTECTED]> writes:
>
>
> Greg Weeks wrote:
>
>> The only time I tried to use VNC this way I was blocked by the
>> firewall on my outside connection, so I'm not positive it works
>> ok. What you have looks correct though. You are trying to attach from
>> outside the Masq box? ipportfw won't forward inside connections back
>> inside.
>>
>> Greg Weeks
>
> But this is very likely that the firewall will need to forward inside
> connectins back inside. If ipportfw doesn't work. What can we go for?
ipportfw uses the IP masq code to do it's thing. If there isn't a
transition from real IP addr-> RFC 1918 IP addr then ipportfw will
never see it. You can use redir or one of the other user state
redirectors, but they leave the address of the connection as the
firewall address. This plays havock with logs and any sort of IP based
security.
Greg Weeks
--
http://durendal.tzo.com/greg/
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: Is this possible?
Date: Mon, 19 Apr 1999 15:17:33 -0700
In article <7fg8m6$ovb$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> Hi
>
> Hopefully one of you guys can give me a clue here. I've been trying to
> figure out a way to connect a laptop (running win95) to my linux box via a
> parallel direct connect cable. My linux box is on a lan already and, due to
> reasons too convoluted for me to even attempt to explain here, I cannot plug
> the laptop directly into the lan (which would make life soooo much easier).
> What I would like to be able to do is set up a plip-like link between the
> linux box and the laptop (using Microsoft's DCC on the laptop, perhaps?) and
> have the linux box act as a router for the laptop. I'm assuming that
> microsoft uses some sort of PPP encapsulation for their Direct Cable Connect
> stuff. I've looked high and low on the 'net today for any information about
> how to do this and I've yet to come across anything I can really use. (I'd
> really be in luck if I had a palm pilot :)) I suppose I can use the serial
> ports if I have to, but I already have the parallel cable.
>
> If anyone can offer a suggestion on how to pull this off I would very much
> appreciate it!
>
> Thanks!
>
> Jeff
>
>
>
Is the reason you can't connect you laptop to the LAN political or
technical? I.e., can you install an Ethernet PCMCIA card into the laptop?
Then, you could install another Ethernet NIC into the linux box and use a
cross-over RJ45 cable to connect the two. Then the setup is much easier
and your laptop is still not connected to the "lan" so to speak.
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: "jim walski" <[EMAIL PROTECTED]>
Subject: Linux DHCP with Windows 95?
Date: 19 Apr 1999 16:25:24 PDT
Hello,
i am running a linux server(red hat 5.2) in which i am trying to set up a
DHCP server.
I am using the following dhcp.conf file:
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 160.100.0.255;
option domain-name-servers 160.100.0.246;
option netbios-name-servers 160.100.0.248;
option domain-name "classicplan.com";
subnet 160.100.0.0 netmask 255.255.255.0 {
range 160.100.0.180 160.100.0.185;
}
When i try to log in with a win 95 client it tells me There is no domain
server to validate your password. and it also gives me errors about Shares i
have established. I don't know if it is having problems finding the primary
domain controller for NT ( the primary domain controller is 160.100.0.248).
the IP address seems to get established fine. In the win 95 network section
if i set the ip address manually everything works fine.
Any help would be appreciated.
Thanks, Jim
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
