Linux-Networking Digest #993, Volume #10 Fri, 30 Apr 99 04:13:40 EDT
Contents:
Re: How can I setup proxy in linux? (Raymond Doetjes)
Re: can linux support modem speed above 33.6k? (Raymond Doetjes)
Re: internet locator server for Linux (Raymond Doetjes)
Re: linux as terminal server (Raymond Doetjes)
Re: Telnet taking ages before allowing login (Don Heffernan)
Re: ppp works but no ping (Stephan Heisterkamp)
Bridge or Routing ? (Gunther Grelczak)
Re: 3com NICs -- waranty? ("Wembley")
Re: Calibri Firewall/Router on Ebay. ("Gideon le Grange")
Re: Firewall logging and ipchains? ("Michael T. Spears")
Urgent... trust account problems (Cyriac REMY)
----------------------------------------------------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Subject: Re: How can I setup proxy in linux?
Date: Fri, 30 Apr 1999 07:08:36 +0200
Quit using SOCKS based proxying......
Why use proxy srevers that for wich you need adapted client software?
Just turn you Linux box in a "TRANSPARANT" proxy server using firewall
and masquerading.
Raymond
[EMAIL PROTECTED] wrote:
>
> I have an account from an ISP which is behind a firewall. In windows
> I can setup proxy in all applications such as MIRC, ICQ, Netscape, ..., but
> in linux I can only access our local ISP and not any other address.
>
> In linux I can only use netscape because it has a part that I can set the
> proxy in edit--> preferences part. In windows I have setup a programm named
> Winsock 2.2 , so I don't need to set proxy in any application and all the
> applications I run in windows use the proxy setting in the configuration file
> of winsock. here is the configuration in winsock file:
>
> DIRECT 195.96.147.0 255.255.255.0
> SOCKD5 @=proxy.safineh.net 0.0.0.0 0.0.0.0
>
> And when I want I set it manually like this:
> proxy.safineh.net : 8080
>
> How can I use these proxy setting in linux?
>
> Please send a copy of your reply to [EMAIL PROTECTED]
> Madjid SalimZadeh
> [EMAIL PROTECTED]
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Subject: Re: can linux support modem speed above 33.6k?
Date: Fri, 30 Apr 1999 07:10:25 +0200
Yep no problem.
You UART can be set to 115Kb/sec.
I used a Serial ISDN TA for over a year without any problems.
Raymond
[EMAIL PROTECTED] wrote:
>
> Hi all:
> in my linux box, the ppp server can run only at speed 28.8k, but the
> modems at both peer are 33.6, I think /etc/gettydef will take the blame.
> can any one tell me how to make my ppp server support the speed up to 56k ?
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Subject: Re: internet locator server for Linux
Date: Fri, 30 Apr 1999 07:12:01 +0200
Perhaps it's a dumb question... but what is a free internet locator???
Raymond
Georg Cantor wrote:
>
> Is there a (preferably) free internet locator server for linux?
------------------------------
From: Raymond Doetjes <[EMAIL PROTECTED]>
Subject: Re: linux as terminal server
Date: Fri, 30 Apr 1999 07:13:31 +0200
SOmewhere in your inittab, you can tell what application each port
should start. So then you make a telnet host1 or telnet host2.
Try reading the mgetty or whatever getty you use.
Raymond
Ray Patterson wrote:
>
> I'm trying to replace a terminal server with a Linux box with a
> multi-port card. What I'm trying to find, is how can you set it up so
> that when they hit the return key on a particulat port they get a login
> prompt on a specific server.
> -Ray
> --
> Ray Patterson ... mailto:[EMAIL PROTECTED]
> http://w3.trib.com/~ray
------------------------------
From: [EMAIL PROTECTED] (Don Heffernan)
Subject: Re: Telnet taking ages before allowing login
Date: Fri, 30 Apr 1999 02:25:35 GMT
I missed the beginning, but it sounds like a problem I had, that was
answered here a while back. Add the name and IP of the machine you
are telnetting from to the host table on the machine you are
telnetting to.
On Thu, 29 Apr 1999 01:10:06 +0100, mist <[EMAIL PROTECTED]>
wrote:
>Derek Smith <[EMAIL PROTECTED]> scribed to us that -
>>
>
><snip>
>
>>
>>To summarise, it looks like (and I will have to look into this more to be
>>sure) telnetd was doing some kind of reverse lookup on the connecting
>>machine, and it was not able to resolve the name.
>>
>
>Actually I think that it's the calling machine (the client) that expects
>a reverse lookup for itself from the server. (I think it's a windoze
>thing...)
>
>
>--
>Mist.
------------------------------
From: Stephan Heisterkamp <[EMAIL PROTECTED]>
Subject: Re: ppp works but no ping
Date: Fri, 30 Apr 1999 08:43:53 +0200
Keith Wright wrote:
>
> Help!
>
> I've done this before on numerous occassions but can't figure out whats
> going on at this location. I can get ppp to work but I can ping any IP
> address. I am using Slackware version 3.2 (or is it 3.1?) with kernel
> 2.0.29. I do the following:
>
> 1.) type /usr/sbin/ppp-on to connect to my ISP
> 2.) the ppp-on script dials ISP and connects ... chats for a bit
> and
> finally I get my two IP #'s (local computer IP and server
> IP) and a line
> in my /var/log/messages says something like going up for IP
> packets!
> 3.) I think all is ok but not. Heres some info from various
> commands.
>
> ifconfig before ppp connection:
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
> UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
> RX packets:151 errors:0 dropped:0 overruns:0
> TX packets:151 errors:0 dropped:0 overruns:0
>
> eth0 Link encap:10Mbps Ethernet HWaddr 00:00:E8:23:07:AC
> inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:10486 errors:0 dropped:0 overruns:0
> TX packets:10805 errors:0 dropped:0 overruns:0
> Interrupt:11 Base address:0x220
>
> ifconfig after ppp connection
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Bcast:127.255.255.255 Mask:255.0.0.0
> UP BROADCAST LOOPBACK RUNNING MTU:3584 Metric:1
> RX packets:151 errors:0 dropped:0 overruns:0
> TX packets:151 errors:0 dropped:0 overruns:0
>
> eth0 Link encap:10Mbps Ethernet HWaddr 00:00:E8:23:07:AC
> inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:10492 errors:0 dropped:0 overruns:0
> TX packets:10809 errors:0 dropped:0 overruns:0
> Interrupt:11 Base address:0x220
>
> ppp0 Link encap:Point-Point Protocol
> inet addr:208.146.132.190 P-t-P:208.146.132.33
> Mask:255.255.255.0
> UP POINTOPOINT RUNNING MTU:1500 Metric:1
> RX packets:8 errors:0 dropped:0 overruns:0
> TX packets:8 errors:0 dropped:0 overruns:0
>
> Note that in ppp0 interface above I can ping the IP address given to the
> local machine 208.146.132.190 just fine. However, when I try to ping
> 208.146.132.33 my harddrive rattles constantly and I notice the 'SD' (send
> data) light on my modem flashing about once every second. This goes on
> forever until I CTRL-C to stop the ping.... I then try other inet services
> such as ftp and telnet... no such luck. I then look at my routing tables
>
> Also note that I have a few other Win'95 computer attached to this computer
> via a local LAN and I can successfully ping the other computers (and the
> other computers and use Samba/ftp/telnet ... etc.. on the Linux machine).
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref
> Use Iface
> 208.146.132.33 0.0.0.0 255.255.255.255 UH 0 0
> 0 ppp0
> 192.168.2.0 0.0.0.0 255.255.255.0 U 0
> 0 17 eth0
> 127.0.0.0 0.0.0.0 255.0.0.0
> U 0 0 7 lo
> 0.0.0.0 208.146.132.33 0.0.0.0 UG
> 0 0 0 ppp0
>
> here's the routing table before I ran the script:
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 19 eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 7 lo
>
> Note also that I had to type 'route -n' to work.... 'route' by itself didn't
> work ( I guess that's because it could resolve names to IP's?).
>
> Here's my ppp-on script:
>
> #!/bin/sh
> #
> # Script to initiate a ppp connection. This is the first part of the
> # pair of scripts. This is not a secure pair of scripts as the codes
> # are visible with the 'ps' command. However, it is simple.
> #
> # These are the parameters. Change as needed.
> TELEPHONE= *** # The telephone number for the connection
> ACCOUNT=*** # The account name for logon (as in 'George
> Burns')
> PASSWORD=*** # The password for this account (and 'Gracie
> Allen')
> LOCAL_IP=0.0.0.0 # Local IP address if known. Dynamic = 0.0.0.0
> REMOTE_IP=0.0.0.0 # Remote IP address if desired. Normally 0.0.0.0
> NETMASK=255.255.255.0 # The proper netmask if needed
> #
> # Export them so that they will be available at 'ppp-on-dialer' time.
> export TELEPHONE ACCOUNT PASSWORD
> #
> # This is the location of the script which dials the phone and logs
> # in. Please use the absolute file name as the $PATH variable is not
> # used on the connect option. (To do so on a 'root' account would be
> # a security hole so don't ask.)
> #
> DIALER_SCRIPT=/etc/ppp/ppp-on-dialer
> #
> # Initiate the connection
> #
> # I put most of the common options on this command. Please, don't
> # forget the 'lock' option or some programs such as mgetty will not
> # work. The asyncmap and escape will permit the PPP link to work with
> # a telnet or rlogin connection. You are welcome to make any changes
> # as desired. Don't use the 'defaultroute' option if you currently
> # have a default route to an ethernet gateway.
> #
>
> exec /usr/sbin/pppd debug 7 kdebug 4 lock modem crtscts /dev/ttyS1 38400 \
> asyncmap 0 escape FF kdebug 7 $LOCAL_IP:$REMOTE_IP \
> netmask $NETMASK defaultroute name *** connect $DIALER_SCRIPT
>
> Here's a snippet from my /var/log/messages (after it goes through all the
> chat stuff and establishes the serial connection)... it says going up for IP
> packets! I would assume that all would be ok at this point.
>
> Apr 29 14:44:56 gate1 pppd[655]: Serial connection established.
> Apr 29 14:44:57 gate1 kernel: ppp_tty_ioctl: set flags to 70000
> Apr 29 14:44:57 gate1 kernel: ppp_tty_ioctl: set flags to 70000
> Apr 29 14:44:57 gate1 kernel: ppp_tty_ioctl: set xasyncmap
> Apr 29 14:44:57 gate1 kernel: ppp_tty_ioctl: set xmit asyncmap ffffffff
> Apr 29 14:44:57 gate1 kernel: ppp_tty_ioctl: set flags to 70000
> Apr 29 14:44:57 gate1 kernel: ppp_tty_ioctl: set mru to 5dc
> Apr 29 14:44:57 gate1 kernel: ppp_tty_ioctl: set rcv asyncmap 0
> Apr 29 14:44:57 gate1 kernel: ppp_tty_ioctl: set flags to 70010
> Apr 29 14:44:57 gate1 pppd[655]: Using interface ppp0
> Apr 29 14:44:57 gate1 pppd[655]: Connect: ppp0 <--> /dev/ttyS1
> Apr 29 14:44:57 gate1 kernel: ppp: successfully queued 26 bytes, flags =
> f070010
> Apr 29 14:44:57 gate1 kernel: ppp: successfully queued 6 bytes, flags =
> f070010
> Apr 29 14:44:59 gate1 kernel: ppp: successfully queued 43 bytes, flags =
> f070010
> Apr 29 14:44:59 gate1 kernel: ppp: successfully queued 26 bytes, flags =
> f070010
> Apr 29 14:44:59 gate1 kernel: ppp_tty_ioctl: set xmit asyncmap 0
> Apr 29 14:44:59 gate1 kernel: ppp_tty_ioctl: set flags to f070013
> Apr 29 14:44:59 gate1 kernel: ppp_tty_ioctl: set mru to 5dc
> Apr 29 14:44:59 gate1 kernel: ppp_tty_ioctl: set rcv asyncmap a0000
> Apr 29 14:44:59 gate1 kernel: ppp_tty_ioctl: set flags to f070003
> Apr 29 14:45:04 gate1 kernel: ppp: successfully queued 7 bytes, flags =
> f070003
> Apr 29 14:45:04 gate1 kernel: ppp_tty_ioctl: set flags to f070043
> Apr 29 14:45:04 gate1 pppd[655]: Remote message:
> Apr 29 14:45:04 gate1 pppd[655]: local IP address 208.146.133.42
> Apr 29 14:45:04 gate1 pppd[655]: remote IPaddress 208.146.132.35
> Apr 29 14:45:04 gate1 kernel: ppp: successfully queued 18 bytes, flags =
> f070043
> Apr 29 14:45:04 gate1 kernel: ppp: successfully queued 12 bytes, flags =
> f070043
> Apr 29 14:45:04 gate1 kernel: ppp: successfully queued 18 bytes, flags =
> f070043
> Apr 29 14:45:04 gate1 kernel: ppp_tty_ioctl: set maxcid to 16
> Apr 29 14:45:04 gate1 kernel: ppp_tty_ioctl: set flags to f070047
> Apr 29 14:45:04 gate1 kernel: ppp: channel ppp0 going up for IP packets!
>
> I've spent countless hours on this one searching docs/howtos/dejanews to no
> avail. Hope this is enough info. Any ideas?
>
> Thanks for the ideas/help,
> Keith
--
Stephan Heisterkamp
GMD - German National Research Center for Information Technology
- Forschungszentrum Informationstechnik GmbH
Institut fuer Medienkommunikation
Tel.: +49/2241/14-2955
------------------------------
From: Gunther Grelczak <[EMAIL PROTECTED]>
Subject: Bridge or Routing ?
Date: Fri, 30 Apr 1999 08:44:00 +0200
Hello,
I have 2 small Networks ( all Winboxes ) and they are connected
with a Linuxbox ( 2 Ethernet-cards ) like this :
Subnet 1( 2 PC's Win ) <==> ( NIC1 ) LINUX (NIC2) <==>Subnet 2 ( 5 PC's
Win)
TCP/IP Communication is OK. The Apache on the Linux is reachable
from both sides, but I can`t see the Windows-shares on Subnet1 from
Subnet2
or on Subnet2 from Subnet1.
I know that NetBIOS and SMB are not routable protocols, but I heard
about a
bridge configuration which can solve my problem. Who knows anything
about this ?
Thanks.
Gunther Grelczak
=============================
[EMAIL PROTECTED]
=============================
------------------------------
From: "Wembley" <[EMAIL PROTECTED]>
Subject: Re: 3com NICs -- waranty?
Date: Fri, 30 Apr 1999 01:51:23 -0500
Since it's OEM issue, you may not get a refund from 3Com. They are very
helpful, though; call them at 1-800-NET-3Com and ask.
Have you tried the obvious things, like latest drivers and new cables, or a
different computer?
Dave Brown wrote in message <[EMAIL PROTECTED]>...
>3com advertizes that their NICs have a "lifetime" waranty.
>
>I have a bad one, but have no idea how to get a replacement.
>Their website doesn't mention it anywhere (intentionally?).
>I bought this in an "OEM" pack, so I got no manual with it,
>which might have had an address to contact.
>
>--
>Dave Brown Austin, TX
>
------------------------------
From: "Gideon le Grange" <[EMAIL PROTECTED]>
Crossposted-To:
comp.dcom.modems.cable,comp.dcom.xdsl,comp.os.linux.development.system,comp.os.linux.hardware,comp.os.linux.misc,comp.os.linux.portable,comp.security.firewalls
Subject: Re: Calibri Firewall/Router on Ebay.
Date: Fri, 30 Apr 1999 09:21:12 +0200
Idiot.
Don't use this newsgroup to draw attention to your own sutff
being sold by Ebay.
What a moron
Jack Levin wrote in message ...
>Hi all... Check out Calibri-133 firewall being sold at Ebay. (hardware)
>http://cgi.ebay.com/aw-cgi/eBayISAPI.dll?ViewItem&item=97714586
>
>-Jack
>
>
------------------------------
From: "Michael T. Spears" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.questions,comp.os.linux.setup,comp.os.linux.linux
Subject: Re: Firewall logging and ipchains?
Date: Mon, 26 Apr 1999 21:46:52 -0400
If you look at the IPCHAINS command, I am pretty sure you can just put a -l
(as in linux) at the end of each line and that will cause every packet to be
logged to either /var/log/messages or another log file. Easy to tell which
one if you have a lot of traffic going through the box. The log will grow
very fast.
Matt Siemens wrote in message ...
>Hi,
>
>I'm looking for a way to log everything hitting my firewall (accepted,
denied
>and rejected packets), but I can't figure out how to do this. I've been
>playing around with ipchains and I am able to log specific rules, but I
can't
>seem to log the actions of a default policy. For example:
>
>ipchains -A input DENY
>ipchains -A input -i eth0 -p tcp -s 0.0.0.0/0 -d 1.2.3.4/32 80 -l -j ACCEPT
------------------------------
From: Cyriac REMY <[EMAIL PROTECTED]>
Crossposted-To: linux.samba
Subject: Urgent... trust account problems
Date: Fri, 30 Apr 1999 11:22:20 +0200
Well.... I need help to to smthing with Samba 2.0.3-8
Let me explain... Ive two servers : one NT and one Linux... Each servers
control one domain :
==> NT server MYNT : control DOM1
==> Lin. server MYLIN : control DOM2
when I configure smb.conf like other classics smb.conf files, I can see
my server on network
explorer on my NT workstation named NTWKS (global network ==> two
domains DOM1 and
DOM2 and when I clic on DOM2, I can see MYLIN and I can connect and see
shared directories)
Ok but now I want to switch NTWKS from DOM1 to DOM2, ssssoooo I go to
network config in
control panel and clic on domain radio button and type DOM2 and I see a
message like :
be sure your computer has an account on this domain (Im french, so Ive
french message but it's
smthing like that) but Ive created an account for NTWKS on MYLIN with
adduser NTWKS$ and smbpasswd -a -m NTWKS.... ?!?!?
And I see on my log file :
[1999/04/27 15:17:28, 5] passdb/smbpass.c:getsmbfilepwent(258)
getsmbfilepwent: returning passwd entry for user NTWKS$, uid 506
[1999/04/27 15:17:28, 10] passdb/passdb.c:iterate_getsmbpwnam(156)
found by name: NTWKS$
[1999/04/27 15:17:28, 7] passdb/smbpass.c:endsmbfilepwent(81)
endsmbfilepwent: closed password file.
[1999/04/27 15:17:28, 4] smbd/password.c:smb_password_ok(400)
Checking SMB password for user NTWKS$
[1999/04/27 15:17:28, 5] smbd/password.c:smb_password_ok(410)
use last SMBnegprot challenge
[1999/04/27 15:17:28, 4] smbd/password.c:smb_password_ok(427)
smb_password_ok: Checking NT MD4 password
[1999/04/27 15:17:28, 4] smbd/password.c:smb_password_ok(431)
NT MD4 password check succeeded
[1999/04/27 15:17:28, 4] smbd/reply.c:session_trust_account(439)
session_trust_account: Wksta trust account NTWKS$ denied by server
[1999/04/27 15:17:28, 3] smbd/error.c:error_packet(127)
So what happend ?????
At last, I want to add DOM2 in the login NT Box to let users choose
between the
two domains...
Can you help me ??? :)
Cyriac REMY
[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
