Linux-Networking Digest #112, Volume #11 Tue, 11 May 99 07:13:45 EDT
Contents:
Re: hosts.allow / hosts.deny ("R. Christopher Harshman")
Re: hosts.allow / hosts.deny ("R. Christopher Harshman")
address already in use??? ("Kostis Mentzelos")
CablesCAT5 - confused... (Matt)
Dual Speed Hubs ("Charles E. Hill")
Intranet with Linux + Apache ([EMAIL PROTECTED])
Re: remote-syslog entries from JetDirect (Geoff Short)
Re: reading Ethernet card address (Harald Fuchs)
Re: ^^ DHCP with SAMBA ?? ^^ (Jose L Gomez Dans)
Re: Samba to OS/2 Warp Server ([EMAIL PROTECTED])
Re: Newbie has questions (**Nick Brown)
Re: Strange problem while connected to foreing host (Joerg Sauer)
Re: Strange problem while connected to foreing host (Joerg Sauer)
Teach you how to earn money via your homepage!!! (Mr Money)
Re: NT & Samba.... cannot connect (Ian Tester)
Re: reading Ethernet card address ([EMAIL PROTECTED])
ipfwadm masq (hullsy)
Re: Reliable (!) nic for 2.2 kernel? ([EMAIL PROTECTED])
Re: Mounting network drives? ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: "R. Christopher Harshman" <[EMAIL PROTECTED]>
Subject: Re: hosts.allow / hosts.deny
Date: Tue, 11 May 1999 01:48:33 -0700
This is a multi-part message in MIME format.
==============B1AD323F343E175AF19346A3
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Is 'ALL EXCEPT' actually do-able? I tried configuring my box
with:
in.telnetd_3.1: ALL EXCEPT .org
And hosts.deny ALL:ALL. Telnetted over to a friend's box (noses.org)
and telnetted back into my box, no problem.
Still searching...
mist wrote:
> R. Christopher Harshman <[EMAIL PROTECTED]> scribed to us that
> -
> >We're using TCP wrappers, and hosts.allow/deny. Correct me if I'm
> >wrong,
> >but this system uses allow and then deny, yes?
>
> Yup.
>
> >We run a fairly open
> >(academic)
> >system, but there's one particular pest who has compromised a
> >bewildering
> >number of accounts, and always comes in from three domains (two look
> >like
> >dialups, the third I don't know, but they're all Argentina). Is there
> >no way I
> >can allow all incoming connections *except* those from .AR and
> >SATLINK.COM?
>
> Well, you could I suppose leave hosts.allow empty then in hosts.deny put
>
> ALL .satlink.com
> ALL .ar
>
> or you could put in hosts.allow
>
> ALL : ALL EXCEPT .satlink.com .ar
>
> then put in hosts.deny
>
> ALL : ALL
>
> >As in, check hosts.deny first, before checking allow (which would then
> >read ALL,
>
> Hmm. I think the above manages to avoid re-writing the source. 8-)
>
> Perhaps you could use a firewall as well?
> --
> Mist.
==============B1AD323F343E175AF19346A3
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for R. Christopher Harshman
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: R. Christopher Harshman
n: Harshman;R. Christopher
org: Johnston College, University of Redlands
email;internet: [EMAIL PROTECTED]
title: Systems Administrator
note: http://paradigm.uor.edu/~harshman
x-mozilla-cpt: ;0
x-mozilla-html: TRUE
version: 2.1
end: vcard
==============B1AD323F343E175AF19346A3==
------------------------------
From: "R. Christopher Harshman" <[EMAIL PROTECTED]>
Subject: Re: hosts.allow / hosts.deny
Date: Tue, 11 May 1999 01:54:49 -0700
This is a multi-part message in MIME format.
==============41FE64DF6B520502CF95F19D
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Thanks; I might not be setting this up properly... I'll do some more digging.
Numerous emails to the ISP(s) have gone unanswered. Our lab machines
are behing a firewall, but this server sits on the campus-wide LAN (I only
have control over our little subnet), and a firewall is beyond my authority.
Finally setting it up just as you've suggested (I was trying to simply block
telnet logins, but now that I think about it, FTP et al makes sense too),
it works. Thanks a million.
"This has been yet another example of support, coming from volunteers
spread across the far reaches of cyberspace, for the Linux operating system.
Support that rivals or exceeds that which you pay for with other operating
systems, and is almost always more timely." :-)
Chris Rankin wrote:
> "R. Christopher Harshman" wrote:
> > Is there no way I can allow all incoming connections *except* those from .AR and
> > SATLINK.COM?
>
> hosts.allow:
> ALL: ALL EXCEPT .ar .satlink.com
>
> hosts.deny:
> ALL: ALL
>
> Something like the above will probably do the trick. You could also try
> complaining to this person's ISP and installing a firewall.
>
> Cheers,
> Chris.
==============41FE64DF6B520502CF95F19D
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for R. Christopher Harshman
Content-Disposition: attachment; filename="vcard.vcf"
begin: vcard
fn: R. Christopher Harshman
n: Harshman;R. Christopher
org: Johnston College, University of Redlands
email;internet: [EMAIL PROTECTED]
title: Systems Administrator
note: http://paradigm.uor.edu/~harshman
x-mozilla-cpt: ;0
x-mozilla-html: TRUE
version: 2.1
end: vcard
==============41FE64DF6B520502CF95F19D==
------------------------------
From: "Kostis Mentzelos" <[EMAIL PROTECTED]>
Subject: address already in use???
Date: Tue, 11 May 1999 12:01:12 +0300
Hi all,
this is my problem
Message: Server's bind failed. errno=102: Address already in use
Description: We have a tcp service demon listening on port 2000.
(/etc/services entry : leagore 2000/tcp)
When client or server aborts, it takes some time to restart
producing the above message, although neither server nor any client is
running.
Where is this timeout interval specified, or what action we should take to
restart server immediately after abort.
Thanking in advance
Kostis Mentzelos
------------------------------
From: Matt <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.ms-windows.networking.tcp-ip,comp.os.ms-windows.networking.windows,comp.os.ms-windows.networking.misc
Subject: CablesCAT5 - confused...
Date: Tue, 11 May 1999 10:05:41 +0100
Ok now I am confused..
There are so many cabeling standards.
I know of 2 IEE and the AT&T standard, also something on the crossover
side, but is there another standard for this too ie a IEE crossover and
a AT&T crossover ?
I need I think a crossover for a IEE cable network, which one should I
chose ?
What do the standards stand for regarding AT&T and IEE ?
Standard EIA/TIA 568
Standard EIA/TIA T568B
USOC (Universal Service Order Code)
I can now count to 6 standards.
A few nice sites are these...
http://www.digitalmx.com
http://www.cis.ohio-state.edu/hypertext/faq/usenet/LANs/cabling-faq/faq-doc-9.html
Many thanks
Matt
9.0 Standard EIA/TIA 568
The ANSI/EIA/TIA-568-1991 Standard _Commercial Building
Telecommunications Wiring Standard_ defines pinouts;
9.1 Standard EIA/TIA T568A
(also called ISDN, previously called EIA)
Pin Wire Color
=== ==========
/--T3 1 White/Green
Pair3 \--R3 2 Green
/----------T2 3 White/Orange
/ /-R1 4 Blue
pair2 \ pair1 \-T1 5 White/Blue
\----------R2 6 Orange
/--T4 7 White/Brown
pair4 \--R4 8 Brown
9.2 Standard EIA/TIA T568B
(also called AT&T specification, previously called 258A)
/--T2 1 White/Orange
pair2 \--R2 2 Orange
/----------T3 3 White/Green
/ /-R1 4 Blue
pair3 \ pair1 \-T1 5 White/Blue
\----------R3 6 Green
/--T4 7 White/Brown
pair4 \--R4 8 Brown
9.3 USOC (Universal Service Order Code)
8-pins 6-pins
| |
/-------------T4 1 White/Brown
/ /---------T3 2 1 White/Green
/ / /-----T2 3 2 White/Orange
/ / / /-R1 4 3 Blue
pr4\ pr3\ pr2\ pr1\-T1 5 4 White/Blue
\ \ \-----R2 6 5 Orange
\ \---------R3 7 6 Green
\-------------R4 8 Brown
------------------------------
From: "Charles E. Hill" <[EMAIL PROTECTED]>
Subject: Dual Speed Hubs
Date: 11 May 1999 03:05:42 GMT
I have a general networking question.
How the hell do dual-speed hubs work?
I have a couple of new DS108 units from Netgear. These are dual-speed hubs
(not switches) that auto-sense the speed of the connection.
When 10 Mb are talking to 10 Mb, or 100 Mb are talking to 100 Mb, everthing
is fine.
When they try and talk with each other (10 to 100 or 100 to 10) the whole
segment goes to hell. Packets are lost, the collision lights blink a nice
steady pattern, and everything slows to a crawl.
How are these *supposed* to work? I though I needed a switch to do this
right (and from the looks of things, I may be right) but can anyone give me
a clue?
(Everything is set to half-duplex. Client type doesn't matter -- Linux,
Win95, WinNT, Solaris, TCP/IP printer, etc.)
Charles Hill
SMP Electronics
------------------------------
From: [EMAIL PROTECTED]
Subject: Intranet with Linux + Apache
Date: Tue, 11 May 1999 05:39:11 GMT
hi,
I have setup a Linux server (ip: 10.0.0.1)with apache web server for our
local lan intranet service(not connect to internet). Some of the client
workstations (using Win98) do have their own modem to connect to
internet. However, when they connect to internet using dialup ISP
service, they cannot access our local intranet web server (10.0.0.1).
Netscape seems interpret 10.0.0.1 as a "world" IP, so they cannot reach
our intranet once they are connect to the "world".
I need some helps to access both intranet & internet is this situation.
Any ideas are welcome.
Jonathan
[EMAIL PROTECTED]
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED] (Geoff Short)
Subject: Re: remote-syslog entries from JetDirect
Date: 10 May 1999 14:50:30 GMT
Oliver Nittka ([EMAIL PROTECTED]) wrote:
:
: since yesterday, we're using a JetDirect-cartridge to connect one of
: out printers to the ethernet.
: the card supports a "syslog server" to which the documentation says it
: can send its logging entries (we're using the lpd host part on the
: printer card)
:
: i just typed in the ip of one of our linux boxes, but nothing's
: appearing in the syslog. there's one entry in my syslog.conf which
: catches *.*, so i suppose i have to give this partcular host (the
: printer card) the right to do a remote syslog entry.
:
: does anybody know how to enable this ?
You need to tell your syslogd to accept remote messages: probably start it
with syslogd -r
Geoff
--
============================================================================
Ever sit and watch ants? They're always busy with Geoff Short
something, never stop for a moment. I just [EMAIL PROTECTED]
can't identify with that kind of work ethic. http://kipper.york.ac.uk/~geoff
------------------------------
From: Harald Fuchs <[EMAIL PROTECTED]>
Subject: Re: reading Ethernet card address
Date: 11 May 1999 11:26:47 +0200
In article <[EMAIL PROTECTED]>,
Victor Kwok <[EMAIL PROTECTED]> writes:
> Hi,
> I want to write a program to read the hardware address of my
> Ethernet card. I know that I can read the address using ifconfig.
The SIOCGIFHWADDR ioctl request does that.
------------------------------
From: Jose L Gomez Dans <[EMAIL PROTECTED]>
Subject: Re: ^^ DHCP with SAMBA ?? ^^
Date: 11 May 1999 09:18:27 GMT
@T <[EMAIL PROTECTED]> wrote:
> Hi,
> Currently i'm running on DNS.
> Can i use DHCP with SAMBA ??
> Do i need to configure hosts file for the server address ??
Ideally, dhcp should give each computer its own address and all
that. I am using a dhcp client for my samba server, and it works fine.
--
Jose L Gomez Dans PhD student
Radar & Communications Group
Department of Electronic Engineering
University of Sheffield UK
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Samba to OS/2 Warp Server
Date: Tue, 11 May 1999 09:24:39 GMT
In article <[EMAIL PROTECTED]>,
SUNI III Home Pages Wazoo <[EMAIL PROTECTED]> wrote:
>
> Has anyone done this that would care to offer me a few kind words of
> wisdom? I have RedHat 5.2 and OS/2 WS 4 Advanced running a domain.
I've
> tried everything I know of and still no connection.
>
hi
i'm NOT a os2 fan or guru or whatsoever -
( i think it sucks)
but lets try a few basic things here
- can you ping from one machine to the other
- can you ping with adress AND name, as well
- a few more easy things working, like telnet or ftp ( don't know what
os2 provides as a client or server)?
- same user, same password, same domain, same subnet?
try tcpdump to view the packets, might tell you something
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: **Nick Brown <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,comp.os.linux.misc
Subject: Re: Newbie has questions
Date: Tue, 11 May 1999 11:31:37 +0200
Reply-To: [EMAIL PROTECTED]
"Nikolay D.D." wrote:
> > 1., How do I get linux to mount my nt drive.
> Get a newer kernel. Only 2.1.x and 2.2.x support the NTFS ( read - only )
> However I wouldnt recommend 2.2.x because its too unstable right now.
Wrong... there is a perfectly good NTFS driver for 2.0. Debian ships
one linked against 2.0.33, but you can recompile it or install it with
insmod -f.
The 2.2.x NTFS driver seems to oscillate between "prototype R/W, use
with caution" and "oops, back to read-only".
--
===============================================================
Nick Brown, Strasbourg, France (Nick(dot)Brown(at)coe(dot)int)
Protect yourself against Word 95/97 viruses, free - check out
http://www.geocities.com/NapaValley/Vineyard/1446/atlas-t.html
===============================================================
------------------------------
From: [EMAIL PROTECTED] (Joerg Sauer)
Crossposted-To: de.alt.comm.isdn4linux
Subject: Re: Strange problem while connected to foreing host
Date: Sat, 08 May 1999 08:56:30 GMT
Hi Erik,
sorry but I seem to be a fool.
I switched RST provoking mode off and everything seems to work fine.
I changed the mode to 1 so that the addresses are rewritten. I don't
no yet if my Win95 will still connect propperly to the Internet when
the line was down, but till now it seems to work.
Just one question, if I switch off IP_DYNIP in Suse, how do I switch
on mode 1 (echo 1 > .....) on reboot?
Thanks in advance and sorry that I did't figured out your first
answer!
J�rg
------------------------------
From: [EMAIL PROTECTED] (Joerg Sauer)
Crossposted-To: de.alt.comm.isdn4linux
Subject: Re: Strange problem while connected to foreing host
Date: Sat, 08 May 1999 08:34:03 GMT
>Did you overlook http://x16.dejanews.com/getdoc.xp?AN=461239358
>or did it not help you?
>
>> IP_DYNIP=yes
>
>Try IP_DYNIP=no
I got your answer, but it hasn't worked out!
So any further suggestions?
Thanks
J�rg
------------------------------
From: Mr Money <[EMAIL PROTECTED]>
Subject: Teach you how to earn money via your homepage!!!
Date: 11 May 1999 07:50:08 GMT
Pls visit below website to learn how to earn money via your homepage,
http://welcome.to/earnmoney/
------------------------------
From: Ian Tester <[EMAIL PROTECTED]>
Subject: Re: NT & Samba.... cannot connect
Date: Tue, 11 May 1999 13:20:10 +1000
On Mon, 10 May 1999, rob wrote:
> I have a samba server with nt client. Server shows up in network
> neighbourhood. I have yet to get into it. When I click on the server it says
> incorrect username or password for //(servername). What do I need to
> configiure to get this going?
When you do that, it is using your NT username when connecting to Samba.
You should either use the same username on both boxes, or setup Samba to
map NT names to local Samba/Linux usernames. And you should use the same
password on both system, I think.
Does it work when you enter your username and password from the Linux
machine?
hope this helps,
bye
--
8<--------8<--------8<--------8<--------8<--------8<--------8<--------
Ian Tester *8)# \7\ LINUX: because geeks will find a way
[EMAIL PROTECTED] \7\ http://www.zipworld.com.au/~imroy
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: reading Ethernet card address
Date: Tue, 11 May 1999 09:12:16 GMT
In article <[EMAIL PROTECTED]>,
Victor Kwok <[EMAIL PROTECTED]> wrote:
> Hi,
> Sorry, I think I don't make it clear. I mean the ethernet
address
> on the ethernet card, which has the format of XX:YY:ZZ:WW:UU:VV. One
of my
> card has this address : 00:C0:DF:B1:77:97. Can any help?
>
> Victor
i think the idea with dmesg|grep ... is basically ok.
somewhere in dmesg your mac-adress is listed
you might have to try a few variations like grep adress or something,
and then work with sed to eliminate the info you dont want
after that > yourfile
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
Date: Tue, 11 May 1999 19:37:45 -0400
From: hullsy <[EMAIL PROTECTED]>
Subject: ipfwadm masq
HELP Please
2 Days later I am Still banging my head agains the table
I have read every howto mini howto and usergroup posting I can find
I have done to letter everything they have said and yet I can only ping
from my linux box not the win98 boxs all the machines ping each other
but not out onto the internet
this is what ipfwadm has to say
acc/m prot source destination ports
acc/m all 192.168.1.2 anywhere n/a
192.168.1.2 being the first win98 machine 192.168.1.1 being the RH5.2
box
my command line is
ipfwadm -F -p deny
ipfwadm -F -a m -S 192.168.1.2/32 -D 0.0.0.0/0
all the modprobes are done eg modprobe ip_masq_ftp etc etc etc
I think the problem is with win98 dns setup or something if anyone
can help it would be much appreciated
Hullsy
All I wont is all the machines on the my network to reach all aspects
of the Inernet security right now is not a issue
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.development.system
Subject: Re: Reliable (!) nic for 2.2 kernel?
Date: 11 May 1999 02:24:33 GMT
In article <0EXY2.11020$[EMAIL PROTECTED]>,
bryan <[EMAIL PROTECTED]> wrote:
>my tulip card is totally unreliable. I can bring it down with an ftp
>xfer (local lan) at 10 or 100, in a minute or less. network hangs and
>will NOT be reset by software.
Do you get a message in /var/log/messages when it gives up the ghost?
It's possible that a kernel oops in the driver's interrupt handler (or even in
another interrupt handler shared on the same IRQ with your tulip) is causing
the interrupt to be disabled, leaving you off-the-air. You should get log
messages when this sort of thing happens.
Other suggestions: try setting tulip_debug, or E-mailing the author of the
driver. If it's really a driver problem, he'll want to know about it.
Regards,
Graham
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Mounting network drives?
Date: Tue, 11 May 1999 09:52:40 GMT
In article <[EMAIL PROTECTED]>,
Neo <[EMAIL PROTECTED]> wrote:
> Im a newbie so please bear with me:
> I just finally installed Red Hat linux and win98 on same HD and now Im
trying to
> get setup with RH Linux. How do i mount a network drive over LAN?
> thanks
> Neo
>
>
the voyage of a 1000 miles begins at your door ...
so go step by step.
first, have your network up and running
try to be able to ping, and then telnet, from and to your linux-wkst
this done, gratulate yourself for a job well done.
then
either you set up a)a nfs-client on your winxx-machines or b)a
samba-server on linux.
a) will cost you money, b) will take some reading of man-pages, howto
and stuff.
then, you can always post agian and say : so far, ive done ...
xyz is working, but i cant ...
good luck
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
