Linux-Networking Digest #950, Volume #10 Fri, 23 Apr 99 22:14:01 EDT
Contents:
Samba + Win98 (Thomas Marc Jaehnel)
Re: 2 IPs 2 Subnets 1 Nic Is It Possible? (Luca Filipozzi)
email on a ppp connection (Dustin Puryear)
Re: Samba vs. NFS (Luca Filipozzi)
Re: Two network cards ("David K. Means")
Re: Network Win98 with Linux? ("J. Brown")
Re: Networking Windows98 to Linux Please Help ("J. Brown")
Re: Read Only NFS ([EMAIL PROTECTED])
Help -- Two ethernet card network (Kevin Davis)
Re: rpc.rstatd daemon looping in inetd.com and terminating. cannot "rup". same for
rusersd. ([EMAIL PROTECTED])
Re: Ethernet Card is not working... (Craig J Copi)
Re: Find IP after pppd ([EMAIL PROTECTED])
Re: Find IP after pppd ([EMAIL PROTECTED])
How to get IPChains to log to different files? ("Michael T. Spears")
Re: MultiLink Linux? (Adam Przybyla)
Ethernet Card is not working... ("Chris \"CrazY\" Condon")
----------------------------------------------------------------------------
From: Thomas Marc Jaehnel <[EMAIL PROTECTED]>
Subject: Samba + Win98
Date: Fri, 23 Apr 1999 18:58:06 GMT
Hi there,
hope someone can help me w/ this!
I'm running a linux server w/ samba and it works perfectly fine w/ a NT
client. But now I'm trying to connect a Win98 maschine to it.
I can access all the top level folders w/o any problems( i.e. All
directories that are specified in smb.conf ). But whenever I try to open
sub directories. It says this folder does not exist or has been moved...
Any one have a clue what's wrong?
thanx, tj.
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: 2 IPs 2 Subnets 1 Nic Is It Possible?
Date: Fri, 23 Apr 1999 13:01:05 -0700
In article <7fqgam$d17$[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
> My company has an ipfwadm firewall running on a Linux box. We have recently
> been acquired by another company and need to merge our IP schemes. In other
> words ours is going away and we will use theirs :( We only use IP to access
> the Internet and if possible I would like to avoid disrupting my users as
> much as possible.
>
> Is is possible to use two different IP addresses and subnet masks on the same
> nic? For example 10.0.1.1 with 255.255.240.0 and 10.9.0.1 with 255.255.248.0.
Sure. It's called ip aliasing. But it's an ugly hack in your situation,
IMHO.
Why not approach this problem with a two-step solution?
Step 1: The Set Up
Set up a DHCP server and convert all of your client machines to get their
IP address via DHCP. Set up the DHCP server so that all currently used
IP's are excluded from the dynamically allocated range. You can do this
step slowly, as time permits. Eventually, all of your client machines
will have dynamically assigned addresses from your current address pool.
Set the lease time to be *really* short, like 1 hour.
Step 2: The Conversion
Change the lease time to 1 minute. Within 1 hour, all of the client
machines will have requested new ip addresses, each with expiry of one
minute. Tell all users that there will be a 5 minute network disruption
(i.e. save and close their work). Change the DHCP address range to the
new range. Since the expiry is 1 minute, within one minute all the
clients will have an address from the new range. Change the lease time to
something reasonable, like 1 or 2 days. Done.
This solution has the big benefit that at the end of the process you will
have a DHCP managed ip address pool, which is, IMHO, much better than
static addresses (if only so that you can change the nameserver, default
route, etc. in only place only).
> I think that this is the center of the problem. Is there a FAQ or a Howto out
> there on how to do this if it is possible?
>
> TIA Please post here as I check this board regularly
>
> Dean
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED] (Dustin Puryear)
Subject: email on a ppp connection
Date: Fri, 23 Apr 1999 19:30:56 -0500
Reply-To: [EMAIL PROTECTED]
How would I go about setting up smail to deliver email to our ISP's smtp
server whenever our ppp link goes up? I have smail doing our internal
mail, but don't see any mention in the HOW-TO's about how to queue the
email for later delivery. I assume smail needs to be setup to deliver
mail to known addresses on the mail machine, but to hold unknown mail
(internet mail) until told to send it the the smtp server.
Obviously, this has been done before. If anyone would like to share some
tips I would very much appreciate it.
--
Dustin Puryear
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Luca Filipozzi)
Subject: Re: Samba vs. NFS
Date: Fri, 23 Apr 1999 17:38:08 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says...
>
> I have heard some horror stories about NFS. Is it safer and faster to just
> use Samba if I want to mount a filesystem from another machine?
>
>
Use NFS in unix to unix filesystem mounting. Security is a concern, but
properly configured inetd.conf files and ipchains/ipfwadm rules will take
care of most of those.
Use Samba in unix / windows sharing of filesystems.
--
Luca Filipozzi <[EMAIL PROTECTED]>
------------------------------
From: "David K. Means" <[EMAIL PROTECTED]>
Subject: Re: Two network cards
Date: Fri, 23 Apr 1999 17:39:05 -0700
Zoltan Pittner <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I successfully (is this the right spelling??) installed two network
> cards in my Redhat 5.2 Linux system. Everything works fine, if the two
> network cards ar on a different subnet. Now here is my question:
> If I want to put both of the network cards on the same network, in order
> to increase the server's throughput toward the network, what do I need
> to do?
> [snip]
While this might seem like a great idea, you probably cannot accomplish
your goal this way. Any network card will actually transmit at full speed
on
the wire. The problem is that there is then a delay between one packet and
the next, so the average rate drops below the theoretical maximum.
To fix this, one needs to understand what causes this delay. A bunch of
suspects need to be rounded up and interrogated: the Ethernet card, the
bus it is connected to, and the CPU that drives the whole mess. Until you
know where the bottleneck is, it is hard to know what to fix.
At 10Mb/sec, a newish CPU and PCI bus will very likely keep up with
the net. At 100Mb/sec, it is quite a bit harder to keep up. I recommend
doing the math, so that you will know where to put your money if you want
to go fast.
------------------------------
From: "J. Brown" <[EMAIL PROTECTED]>
Subject: Re: Network Win98 with Linux?
Date: Fri, 23 Apr 1999 15:21:51 -0500
Dan, get and read Samba Server Step-by-Step Guide from
http://www.sfu.ca/~yzhang/linux/samba/ . This document help me get samba
running in record time!
Daniel G. Hyams wrote in message ...
>On Wed, 21 Apr 1999, Florin wrote:
>
>> I am getting excited about Linux, yet it's still a stranger to me.
>>
>> I would appreciate any help on how to get the Linux machine talk to
Win98. I
>> already have Apache running on Linux and O'Reilly web server running on
>> Windows but communication is only one way.
>
>
>Make sure that you follow a step-by-step approach to setting up
>the network:
>
>1) install ethernet card properly (the startup messages when booting
> and ifconfig should help with this). Either use the tools supplied
> with Red Hat, or put the line 'alias eth0 drivername', where drivername
> is the name of the correct driver for your network card, in
/etc/conf.modules.
> You will also have to add a route like such:
> route add 192.168.100.0 netmask 255.255.255.0 dev eth0
> where the number "100" is any number that you choose; just make sure
that
> each machine has an IP of 192.168.x.y and 192.168.x.z, where "x" is
> any number from 1 to 254, and y and z are also any number from 1 to
254.
>
>2) make sure that TCP/IP is working correctly. ping 192.168.100.1, where
> the number above is a computer on your network. Do this from each
> machine (Win98 has a ping tool also), to make sure that each computer
> sees the other.
>
>3) make sure that name service is working properly. For a small network,
> you can probably get by with just editing /etc/hosts and /etc/lmhosts
> to map machine names to IP addresses. NT and 98 also have their
> own hosts and lmhosts files; I think that Win98 stores these files
> in c:\windows or c:\windows\system (look for a hosts.sam and rename
> it hosts; same thing for lmhosts). Now, ping mymachine, where
> "mymachine" is the name of each box on the network, to make sure
> that name service works on each box.
>
>4) Now, you are ready for samba. First find the most recent version
> of samba (2.0.3, I think) in rpm form on the web; www.samba.org might
> help out. Install it. Then configure samba (/etc/smb.conf)
> to share out the directories
> that you want (read the samba docs in /usr/doc for how to configure
> samba). Use smbmount (this is not technically part of samba) to
> mount Windows shares on your linux box. Also, use
> "smbclient -L hostname", after samba is up and running, to see
> what shared are available on a given machine.
>
> For Windows 98 machines, passwords are encrypted by default. To
> make things work on the Linux+Samba side, you need to enable
> encrypted passwords in /etc/smb.conf; check out the samba docs
> for how to do this.
>
>
>Please let me know if you need some more pointers (this is a loose
>outline of what needs to be done, but some detail has been omitted).
>
>
>-----------------------------------------------------------
>Daniel G. Hyams
>email: [EMAIL PROTECTED]
>phone: (601) 323-4198
>-----------------------------------------------------------
>
------------------------------
From: "J. Brown" <[EMAIL PROTECTED]>
Subject: Re: Networking Windows98 to Linux Please Help
Date: Fri, 23 Apr 1999 15:23:52 -0500
Get a copy of Samba Server Step-by-Step from
http://www.sfu.ca/~yzhang/linux/samba/ . Follow it closely, and you will be
up and running in no time.
v4cal wrote in message <[EMAIL PROTECTED]>...
>I am trying to network Windows98 to Linux
>
>1. what is a good IP address to use on Linux
>
>2. Dose the Windows98 computer need a IP address
> If yes what is a good address for the windows98 system
> If not haw do I set it up not to use one
>
>3. Haw do i set up Windows98 to see Linux
>
>4. Haw do i log on to Linux form Windows98
>
>5. Haw do I set up Linux to be a NT Server So when someone logs in they
>will only see what they have access to on the linux system
>
>6. Can i setup my windows98 system so it can load programs from Linux so
>i can have a small drive in my windows system
>
>Thank you for your help
>Norbert
>
>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Read Only NFS
Date: Fri, 23 Apr 1999 20:53:58 GMT
Also, you may need to use the 'insecure' option in /etc/exports. For example:
/export/data machine(rw,no_root_squash,insecure)
This has something to do with certain flavors of BSD Unix not connecting on a
reserved port for either mountd, or nfsd.
Chad
In article <[EMAIL PROTECTED]>,
rothe <[EMAIL PROTECTED]> wrote:
> I had the same problem recently. I found I had to explicitly declare which
> machine (or network, subnet mask) is to have rw access. For example, your
exports
> would be:
>
> /export/data machine(rw, no_root_squash)
>
> where machine is either the resolvable name or ip address. Also, the line in
the
> fstab doesn't appear correct. Another response in this thread has the fix.
>
> As the other response indicates, the uid and gid of the account on the client
will
> map to the same uid and gid on the server, regardless of username/password.
If
> this is not the case, refer to nfs man pages or HOWTO's for ways of mapping
the
> uid's and gid's to the appropriate users on the server.
>
> Darrin Rothe
> [EMAIL PROTECTED]
> --------------------------------
> [EMAIL PROTECTED] wrote:
>
> > I have a little problem with my NFS, in
> > our local Network. I installed Linux on my new Computer (PII/300)
> > and I wanted to use it as a NFSSERVER, but if I mount a directory from this
> > Server and try to create or edit a file I get messages like:
> > permission denied or read-only filesystem
> >
> > /etc/exports on the new computer:
> > # /etc/exports
> >
> > /export/data (rw,no_root_squash)
> >
> > /etc/fstab on then clien :
> >
> > # /etc/fstab
> >
> > /dev/sda3 / ext2 defaults 1 1
> > /dev/sda2 swap swap defaults 0 0
> > /dev/sda1 /boot ext2 defaults 1 2
> > /dev/scd0 /cdrom iso9660 ro,noauto,user 0
0
> > /dev/fd0 /floppy auto noauto,user 0 0
> > proc /proc proc defaults 0 0
> > newone://export/data /data nfs,bg,rsize=1024,wsize=1024,user,exec 1 1
> >
> > -----------== Posted via Deja News, The Discussion Network ==----------
> > http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Kevin Davis)
Subject: Help -- Two ethernet card network
Date: Fri, 23 Apr 1999 12:59:21 -0800
Hi
I am fairly new to Linux, but I do have the both of the cards working. I
have a 1.PCI NE2000, and 2. Smc Ether Ultra ISA. In ifconfig, both cards
are shown and the resources correct, but when I attempt to ping a maching on
the internal network (192.168.0.2 etc..), and I get no response. Any Ideas?
THe SMC is a Combo card using BNC thin coax for the internal and the NE2000
PCI with RJ45 for the Cable modem.
Kevin =)
-**** Posted from RemarQ, http://www.remarq.com/?c ****-
Search and Read Usenet Discussions in your Browser
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.admin
Subject: Re: rpc.rstatd daemon looping in inetd.com and terminating. cannot "rup".
same for rusersd.
Date: Fri, 23 Apr 1999 20:56:31 GMT
In article <7f7ajb$[EMAIL PROTECTED]>,
"Alain Coetmeur" <[EMAIL PROTECTED]> wrote:
> I've found the problem with rpc.rstatd and rpc.rusersd.
>
> the daemons I have are not designed to be run under inetd.
That's not it. The problem is that rpc under redhat 5.2 is not working right.
Check this out. This is from an strace on inetd.
Here's what statd is doing as it runs:
5566 SYS_168(0xbffffc1c, 0x1, 0x1388, 0x1388, 0xbffffc1c) = 1
5566 recvfrom(4, "[\303Y\253\0\0\0\1\0\0\0\0\0\0\0"..., 400, 0,
{sin_family=AF_INET, sin_port=htons(111),
sin_addr=inet_addr("128.165.148.101")}, [16])
= 28
5566 close(4) = 0
5566 socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
5566 ioctl(4, SIOCGIFCONF, 0xbfffdc70) = 0
5566 ioctl(4, SIOCGIFFLAGS, 0xbfffdc78) = 0
5566 ioctl(4, SIOCGIFFLAGS, 0xbfffdc78) = 0
5566 close(4) = 0
5566 socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 4
5566 bind(4, {sin_family=AF_INET, sin_port=htons(661),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
5566 ioctl(4, FIONBIO, [1]) = 0
5566 sendto(4, "[\303Y\253\0\0\0\0\0\0\0\2\0\1\206"..., 56, 0,
{sin_family=AF_INET, sin_port=htons(111),
sin_addr=inet_addr("128.165.148.101")}, 16) =56
So rstatd does a poll (SYS_168), waits for data, gets the packet
(recvfrom),
CLOSES THE SOCKET ?!?!?!?!
creates a socket, binds it to 661, sends the data in reply to the
previous request, then does a SYS_POLL. Rinse and repeat. I followed this
through 1000 packets.
Wow, this is broken. It's also a race. You might ask, can a packet sneak
back into the inetd when statd closes the socket?
Sure!
In the trace below, inetd is PID 216.
5566 SYS_168(0xbffffc1c, 0x1, 0x1388, 0x1388, 0xbffffc1c) = 1
5566 recvfrom(4, "[\303Y\253\0\0\0\1\0\0\0\0\0\0\0"..., 400, 0,
{sin_family=AF_INET, sin_port=htons(111),
sin_addr=inet_addr("128.165.148.101")}, [16])= 28
5566 close(4) = 0
5566 select(1024, [3], NULL, NULL, NULL <unfinished ...>
216 <... nanosleep resumed> ) = 0
216 select(21, [3 4 5 6 7 8 9 10 11 12 13 14 15 17 18 20], NULL, NULL,
NULL) = 1 (in [3])
216 sigprocmask(SIG_BLOCK, [HUP ALRM CHLD], NULL) = 0
216 fork() = 5567
5566 got the request, closed the socket, got context switched, and ...
inetd runs, got ANOTHER packet, and started a new statd as PID 5567!
Races are alive and well.
The interesting thing: inetd should discard that packet, since rstatd is
still alive! another bug!
For contrast, here's an Irix machine.
2180mS[ 0] rpc.rstatd(12538): select(1024, [0...<784 fd's
truncated>], 0, 0, 0)
2181mS[ 0] rpc.rstatd(12538): END-select(1024, [0...<784 fd's
truncated>], 0, 0, 0) = 1
2181mS[ 0] rpc.rstatd(12538): recvfrom(0, <0a 22 37 38 00 00 00 00
00 00 00 02 00 01 86 a1>..., 400, 0, {sin_family=AF_INET,
sin_port=1808,
sin_addr=128.165.148.101}, IN:16) = 40
2181mS[ 0] rpc.rstatd(12538): sendto(0, <0a 22 37 38 00 00 00 01 00
00 00 00 00 00 00 00>..., 128, 0, {sin_family=AF_INET, sin_port=1808,
sin_addr=128.165.148.101}, 16) = 128
2181mS[ 0] rpc.rstatd(12538): select(1024, [0...<784 fd's
truncated>], 0, 0, 0)
select, recvfrom, sendto, select. That's how it is supposed to work.
I'm still trying to figure out what's broken in glibc. Obviously
someone felt the need to close and reopen the udp socket on every rpc.
I don't know if this is due to a linux problem with udp sockets. I'm
checking the source now ... more later.
Ron
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED] (Craig J Copi)
Subject: Re: Ethernet Card is not working...
Date: 24 Apr 1999 00:58:01 GMT
In article <[EMAIL PROTECTED]>,
"Chris \"CrazY\" Condon" <[EMAIL PROTECTED]> writes:
> Hey all,
>
Without know too much about this particular card there is one obvious thing.
> I am not very experienced in Linux other than the fact the I used unix for
> about 6 months for work. Anyways, I have a D-Link DE220 ISA Ethernet card
^^^
Note the ISA here.
> which I am trying to get to work under Linux. It works under Win95 of
> course. I tried using the standard NE2000 module (ne2k-pci.o) but no dice. I
^^^
Note the pci here. pci <> ISA.
In fact the "standard" NE2000 module is ne.o. Give that modue a try.
> sent an email out to D-Link asking if they have module files and such for
> the card but I haven't heard from them yet and I am anxious to get back on
> the network through linux! Some extra information is that the card is at i/o
>: 0x240 and the IRQ is 10. I would greatly appreciate any and all thoughts
> or ideas on this. Thank you in advance! YOu can post replies here or email
> them to me at [EMAIL PROTECTED] I am sure this card is compatible with
> Linux because I looked it up in the compatibility charts in the 'net. Thanks
> again!
This information might be needed if the card doesn't work (if you use
linuxconf you can enter this information) .
It may also be worth looking at the Ethernet-HOWTO. I'm sure it will mention
this card explicitly.
> - Chris
Craig
--
Craig J Copi | [EMAIL PROTECTED]
Case Western Reserve University | http://erebus.phys.cwru.edu/~copi/
Department of Physics | (216) 368-8831
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Find IP after pppd
Date: Sat, 24 Apr 1999 00:30:01 GMT
Sheesh!! sorry all. I just noticed I didn't put the full path to ipfwadm in
my outbound rules.
Someone slap me!
-Gut
In article <7fqno6$k39$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> I tried using the ip-up script just like you guys said... but there seems to
> be a problem. (I was trying to get my IP address so I could do some funky
> ipfwadm stuff)
>
> When I try using my simple rules (included at bottom) after connect I get:
>
> ipfwadm -l -n -F
> IP firewall forward rules, default policy: deny
> type prot source destination ports
> acc/m all 192.168.0.0/24 0.0.0.0/0 n/a
> ***just as it should be***
>
> ipfwadm -l -n -O
> IP firewall output rules, default policy: deny
> ***no rules are getting executed from the ip-up script***
>
> My ip-up script includes: {I have commented out the Inbound rules.. b/c I
> haven't started fine tuning them yet).
>
>
================================================================================
> #!/bin/sh
> $EXTIP=$4
> /sbin/depmod -a
> /sbin/insmod ip_masq_ftp
> /sbin/insmod ip_masq_raudio
>
> # Flush rules:
> /sbin/ipfwadm -I -f
> /sbin/ipfwadm -O -f
> /sbin/ipfwadm -F -f
>
> # Set default to deny:
> # /sbin/ipfwadm -I -p deny
> /sbin/ipfwadm -O -p deny
> /sbin/ipfwadm -F -p deny
>
> # Allow masquerading from my internal network:
> /sbin/ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0
>
> <..snip alot of commented out rules..>
>
> # Prevent leakage of rfc 1918 addresses:
> ipfwadm -O -a deny -Wppp0 -S 10.0.0.0/8 -o
> ipfwadm -O -a deny -Wppp0 -S 172.16.0.0/12 -o
> ipfwadm -O -a deny -Wppp0 -S 192.168.0.0/16 -o
> ipfwadm -O -a deny -Wppp0 -D 10.0.0.0/8 -o
> ipfwadm -O -a deny -Wppp0 -D 172.16.0.0/12 -o
> ipfwadm -O -a deny -Wppp0 -D 192.168.0.0/16 -o
>
> # Allow everything else:
> ipfwadm -O -a accept -Wppp0 -S any/0
>
> # Allow localhost:
> # ipfwadm -I -a accept -Wlo -S any/0 -D any/0
> ipfwadm -O -a accept -Wlo -S any/0 -D any/0
>
> # Allow everything on the internal network: # ipfwadm -I -a accept -Weth0 -S
> any/0 -D any/0 ipfwadm -O -a accept -Weth0 -S any/0 -D any/0
> -----------------------------------------------------------------------------
> ---
>
> I have also tried putting a
> echo "work please" > testfile
> at the end of the script and the file DOES get created.
>
> Any ideas?
> -Gut
>
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] wrote:
> > ...
> >
> > Or, you could use the ip-up script, invoked by pppd when it establishes
> > the connection. ip-up is passed parameters that include...
> > * the name of the interface (i.e. ppp0)
> > * the IP address assigned to your end of the connection, and
> > * the IP address assigned to the ISP's end of the connection
> >
> > save that parameter in a file, or use it in the script
> >
> > On Tue, 20 Apr 1999 10:52:19 -0700, "Paul Mohr" <[EMAIL PROTECTED]> wrote:
> >
> > >>: After I connect I would like to find out my IP address. Is there a
> > >global
> > >>: variable or file that it is stored in?
> > >
> > >
> > >You can run "/sbin/ifconfig" which will tell you the IP addresses of each
of
> > >your adapters.
> > >
> > >If you want to extract the IP address (so that you can put it into a bash
> > >variable or use it in a script somewhere), you can do this:
> > >
> > >ifconfig ppp0 | grep 'inet addr' | awk '{print $2}' | sed -e "s/addr\://"
> > >
> > >which will pull out the IP number only without all of the surrounding
> > >garbage.
> > >
> > >Hope this helps,
> > >pm
> > >
> > >Avatar Systems, LLC
> > >
> > >
> >
> > Lew Pitcher
> > System Consultant, Integration Solutions Architecture
> > Toronto Dominion Bank
> >
> > ([EMAIL PROTECTED])
> >
> > (Opinions expressed are my own, not my employer's.)
> >
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Find IP after pppd
Date: Fri, 23 Apr 1999 21:12:41 GMT
I tried using the ip-up script just like you guys said... but there seems to
be a problem. (I was trying to get my IP address so I could do some funky
ipfwadm stuff)
When I try using my simple rules (included at bottom) after connect I get:
ipfwadm -l -n -F
IP firewall forward rules, default policy: deny
type prot source destination ports
acc/m all 192.168.0.0/24 0.0.0.0/0 n/a
***just as it should be***
ipfwadm -l -n -O
IP firewall output rules, default policy: deny
***no rules are getting executed from the ip-up script***
My ip-up script includes: {I have commented out the Inbound rules.. b/c I
haven't started fine tuning them yet).
================================================================================
#!/bin/sh
$EXTIP=$4
/sbin/depmod -a
/sbin/insmod ip_masq_ftp
/sbin/insmod ip_masq_raudio
# Flush rules:
/sbin/ipfwadm -I -f
/sbin/ipfwadm -O -f
/sbin/ipfwadm -F -f
# Set default to deny:
# /sbin/ipfwadm -I -p deny
/sbin/ipfwadm -O -p deny
/sbin/ipfwadm -F -p deny
# Allow masquerading from my internal network:
/sbin/ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0
<..snip alot of commented out rules..>
# Prevent leakage of rfc 1918 addresses:
ipfwadm -O -a deny -Wppp0 -S 10.0.0.0/8 -o
ipfwadm -O -a deny -Wppp0 -S 172.16.0.0/12 -o
ipfwadm -O -a deny -Wppp0 -S 192.168.0.0/16 -o
ipfwadm -O -a deny -Wppp0 -D 10.0.0.0/8 -o
ipfwadm -O -a deny -Wppp0 -D 172.16.0.0/12 -o
ipfwadm -O -a deny -Wppp0 -D 192.168.0.0/16 -o
# Allow everything else:
ipfwadm -O -a accept -Wppp0 -S any/0
# Allow localhost:
# ipfwadm -I -a accept -Wlo -S any/0 -D any/0
ipfwadm -O -a accept -Wlo -S any/0 -D any/0
# Allow everything on the internal network: # ipfwadm -I -a accept -Weth0 -S
any/0 -D any/0 ipfwadm -O -a accept -Weth0 -S any/0 -D any/0
=============================================================================
---
I have also tried putting a
echo "work please" > testfile
at the end of the script and the file DOES get created.
Any ideas?
-Gut
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> ...
>
> Or, you could use the ip-up script, invoked by pppd when it establishes
> the connection. ip-up is passed parameters that include...
> * the name of the interface (i.e. ppp0)
> * the IP address assigned to your end of the connection, and
> * the IP address assigned to the ISP's end of the connection
>
> save that parameter in a file, or use it in the script
>
> On Tue, 20 Apr 1999 10:52:19 -0700, "Paul Mohr" <[EMAIL PROTECTED]> wrote:
>
> >>: After I connect I would like to find out my IP address. Is there a
> >global
> >>: variable or file that it is stored in?
> >
> >
> >You can run "/sbin/ifconfig" which will tell you the IP addresses of each of
> >your adapters.
> >
> >If you want to extract the IP address (so that you can put it into a bash
> >variable or use it in a script somewhere), you can do this:
> >
> >ifconfig ppp0 | grep 'inet addr' | awk '{print $2}' | sed -e "s/addr\://"
> >
> >which will pull out the IP number only without all of the surrounding
> >garbage.
> >
> >Hope this helps,
> >pm
> >
> >Avatar Systems, LLC
> >
> >
>
> Lew Pitcher
> System Consultant, Integration Solutions Architecture
> Toronto Dominion Bank
>
> ([EMAIL PROTECTED])
>
> (Opinions expressed are my own, not my employer's.)
>
============= Posted via Deja News, The Discussion Network ============
http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: "Michael T. Spears" <[EMAIL PROTECTED]>
Subject: How to get IPChains to log to different files?
Date: Fri, 23 Apr 1999 21:31:56 -0400
Does anyone know how I could get IPChains to log to a different file than
its default. I log every packet through it, because of the lab environment
it is in and I get tired of my SYSLOG, MESSAGES, and KERNEL log files
getting these messages. I need the logging, but not three times and
preferable to a file aside from these.
Thanks,
Mike
------------------------------
From: Adam Przybyla <[EMAIL PROTECTED]>
Subject: Re: MultiLink Linux?
Date: 23 Apr 1999 21:29:22 GMT
Curt <[EMAIL PROTECTED]> wrote:
> take a look at: http://abies.com/eql-howto.html
> Philip wrote in message <2RET2.53$[EMAIL PROTECTED]>...
>>Does any one know how to set-up linux to use multilinking?
... ftp://sun.iinf.polsl.gliwice.pl/pub/adam/mp-0.9.tar.bz2
Regards
Adam Przybyla
------------------------------
From: "Chris \"CrazY\" Condon" <[EMAIL PROTECTED]>
Subject: Ethernet Card is not working...
Date: Fri, 23 Apr 1999 20:40:32 -0400
Hey all,
I am not very experienced in Linux other than the fact the I used unix for
about 6 months for work. Anyways, I have a D-Link DE220 ISA Ethernet card
which I am trying to get to work under Linux. It works under Win95 of
course. I tried using the standard NE2000 module (ne2k-pci.o) but no dice. I
sent an email out to D-Link asking if they have module files and such for
the card but I haven't heard from them yet and I am anxious to get back on
the network through linux! Some extra information is that the card is at i/o
: 0x240 and the IRQ is 10. I would greatly appreciate any and all thoughts
or ideas on this. Thank you in advance! YOu can post replies here or email
them to me at [EMAIL PROTECTED] I am sure this card is compatible with
Linux because I looked it up in the compatibility charts in the 'net. Thanks
again!
- Chris
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
