Linux-Networking Digest #141, Volume #11 Thu, 13 May 99 14:13:49 EDT
Contents:
Re: pap authentication failure Help.. ("Burton")
Ethernet setup, also linux ([EMAIL PROTECTED])
HELP PLEASE - BOCA IOAT66 Serial card config ("Brian")
Re: smbmount ("David Murray")
EXPERT: Setting up PPP Connection Win95 -> Linux (Wouter Liefting)
Re: serial networks ("David Murray")
Re: Where can I find driver for NE2000 PCI ([EMAIL PROTECTED])
tape backups ("Joshua D Rusch")
Re: newbie-to-lan: cannot ping other box ("Curt")
Squid Proxy SMB Authentication (Ray Whiteman)
Re: Where can I find driver for NE2000 PCI (Sachin Garg)
Re: respawning mgetty only some of the time (Wouter Liefting)
Help me...I've been hacked! (Kyler Jones)
Re: Redhat 6.0... the good, the bad, and the ugly (Chudman)
Re: IBM Token-Ring (Wouter Liefting)
Re: Is this possible? (VPN+IPMASQ) ("John Hardin")
Problems using PCMCIA netcard. (Captain Panic)
----------------------------------------------------------------------------
From: "Burton" <[EMAIL PROTECTED]>
Subject: Re: pap authentication failure Help..
Date: Thu, 13 May 1999 09:51:30 -0600
How do I go about changing asyncmap ??
I can't find it in my books/man pages or anywhere
and i have debug and kdebug 1
options turned on. all messages of that nautuer get logged to
/var/log/messages
thats all the messages that I can find. Even in syslog.conf it shows that
kernel level messages and the such are logged to /var/log/messages
Clifford Kite wrote in message <7hef6m$[EMAIL PROTECTED]>...
>Burton ([EMAIL PROTECTED]) wrote:
>: ok heres the kernel messages i get
>
>: May 12 22:22:15 www pppd[1509]: No response to PAP authenticate-requests
>: May 12 22:22:52 www kernel: ppp: channel ppp0 closing.
>: May 12 22:22:52 www pppd[1509]: Hangup (SIGHUP)
>: May 12 22:22:52 www pppd[1509]: Modem hangup
>
>The initial link LCP negotiation was apparently completed. The failure
>to get a response to the PAP authenticate request may be remedied by
>something as simple as a change in the "asyncmap" option, "asyncmap 0"
>and "asyncmap a0000" are two candidates. Otherwise more information
>is necessary.
>
>There should be a log with more PPP link negotiation messages.
>The file and location vary with distribution but they're configured
>in /etc/syslog.conf, the right-most column. Here it's /var/log/debug.
>You also need the pppd "debug" option.
>
>--
>Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
>/* Those who can't write, write manuals. */
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.setup,comp.dcom.lans.ethernet
Subject: Ethernet setup, also linux
Date: Thu, 13 May 1999 16:24:15 GMT
(1) My small company would like to set up a small 10base-T Ethernet LAN.
I would appreciate pointers to books and on-line references for:
(a) Setting up LANs;
(b) Proxy servers (I'd like to provide "centralized" internet access to
everyone in the office, so as not to buy many modems and tie up many
phone lines);
(c) Setting up printer sharing/queues;
(d) Using Linux to administer the network (the clients are Windows 95);
(e) A general book on Linux set-up and sysadmin;
(f) Product comparison for various Linux releases.
(2) What is the URL of the FAQ for this newsgroup?
Thanks,
Stephen J. Fromm
[EMAIL PROTECTED]
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: "Brian" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.slackware,comp.os.linux.hardware
Subject: HELP PLEASE - BOCA IOAT66 Serial card config
Date: Thu, 13 May 1999 16:57:38 GMT
Hi Tech Wizards:
I just got a new/old BOCA IOAT66 6 port serial card and wish
to install it in my AMD586-133MHz box.
I am already using the 2 onboard serial ports (remote login
and modem).
I have read the BOCA HowTo but that applies to a BOCA 2016
16-port card.
Here is my problem. I wish to build support for this card
into the kernel but am confused about the IRQ problem. I am
given two choices:
Individual IRQs for each serial port - silly!
Shared IRQ for serial ports - ok...
Combination of fixed and shared IRQs - rather not.
Here is how the shared IRQs are handled by an 8 bit status
register at either 208 or 2F0 and connected to either IRQ4
or IRQ5 (I am pretty sure I can route a jumper from the IRQ
12 line to the Shared IRQ pin).
The card allows you to select 1 of 2 port addresses for each
serial port - I have that figured out.
What I want to know is how to enable the scanning of IRQ
status register in serial.c?
The status register is as follows:
port7 port6 port5 port4 port3 port2 port1 port0
1* 1* F E D C B A
(* always 1 - no serial ports present)
Bits 0-5 equal zero for each active interrupt on serial
ports A-F respectively.
Can anybody lend assistance or perhaps put me on the right
path? Be advised I am not a great programmer so please make
allowances if I have missed something obvious.
Once the hardware is configured and found during boot, I can
handle the rest, thank yo.
Best regards,
Brian
------------------------------
From: "David Murray" <[EMAIL PROTECTED]>
Subject: Re: smbmount
Date: Thu, 13 May 1999 13:58:26 GMT
I must say your grammar and (lack of) punctuation makes it hard to
understand what you are talking about.. however, I had this same error.. If
you are using a new kernel (2.2.x) and you are using the same smbmount that
came with your older distribution, this could be a problem. Also I
understand there are weird problems with Win98.
> The error it keeps returning is mount error invalid argument
------------------------------
From: Wouter Liefting <[EMAIL PROTECTED]>
Subject: EXPERT: Setting up PPP Connection Win95 -> Linux
Date: Thu, 13 May 1999 18:31:33 +0200
Hello there.
A question for the PPP experts:
I�ve been succesful setting up PPP connections from both Windows95 and
Linux to my ISP, including PAP authentication and the works. I�ve also
been succesful setting up PPP connections from Linux to Linux, but I
can�t setup a connection from Win95 to Linux.
Problem: The Win95 client does not seem to do a text login (equivalent
of the chat script "ogin: ppp assword: ppp"), but seems to expect a PPP
connection immediately after the modem connects to the Linux server, and
seems to rely on PAP exclusively for login.
So the question is: How do I go about setting up the Linux server to
handle this kind of incoming connections?
The way I do it now is:
- Set a modem to auto-answer
- Add a getty line in /etc/inittab
- Add a user ppp with password ppp to /etc/passwd. His shell is
/usr/sbin/pppd
- chmod 4755 /usr/sbin/pppd
- Add options to /etc/ppp/options and /etc/ppp/options.ttyS1 so that
everything is handled correctly.
Dialing in from a Linux client works like a charm, but for windows I
have to dial in using some advanced setting that I open a terminal
window after the modem connect so that I can input the username/password
directly.
(Ok. I know that it is not safe yet - so I won�t tell you my telephone
number. I should use better passwords of course.)
Hope some experts are willing to help me. I couldn�t find anything in
the documentation about this, but I�m willing to write
documentation/HOWTO�s if I solve this.
Regards, Wouter.
(p.s. do not reply by mail, but to the newsgroup please.)
------------------------------
From: "David Murray" <[EMAIL PROTECTED]>
Subject: Re: serial networks
Date: Thu, 13 May 1999 14:03:25 GMT
Nick <[EMAIL PROTECTED]> wrote in article
<[EMAIL PROTECTED]>...
> Can anyone help me in trying to set up a serial cable network? I know
> it is used very commonly to link Unix servers to dumb terminals, and I
> would like to try it at home with three Linux machines.
Dumb terminals do not constitute a network. They do not use any networking
protocols whatsoever. They simply display each byte on the screen in the
order received from the unix server and send each keystroke to the unix
server as a byte.. extreemly primative.. You can set this up if you like,
but it isn't networking.
Now.. on the other hand, if you do want a real network through (slow)
serial cables, you simple need a serial port on each machine and several
serial ports on one machine which will be a router/server/whatever. Then
if you want all the computers to be able to talk to each other you will
have to setup routing and all kinds of stuff. This is pretty complicated
and honestly I think it would be easier and possibly cheaper to invest in
some used $5 or $10 ISA ne2000 network cards or something...
--DavidM
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Where can I find driver for NE2000 PCI
Date: 13 May 1999 17:14:41 GMT
Hi,
John Smith <[EMAIL PROTECTED]> wrote:
> I'm using SlackWare 3.5.0 with kernel 2.0.35
> I would like to know if there is a module for an NE2000 PCI card
> If there is one, where can I find it?
There is one, recompile your kernel, include module support, and
create ne2k-pci as a module by selecting it in the cards list :)
Robert
------------------------------
From: "Joshua D Rusch" <[EMAIL PROTECTED]>
Subject: tape backups
Date: Thu, 13 May 1999 13:09:11 -0400
I am looking to implement a tape backup system using a scsi DDS (DAT) drive.
I want to write a script using cpio to do this. My three concerns are these:
1. How bad is it to back up a live file system (especially one that may
contain several small databases) I'm not sure if I have any other options as
far as this goes.
2. Is there a way to have more that one archive on a single tape. All of the
backup plans in books I've read about involve a different tape for each
archive. I've briefly read about the mt command, but I'm not sure if this
(tape positioning) appies to a modern DAT drive....I think it initializes,
rewinds and all the stuff it needs to do automatically. Also if the mt
command does apply here, does going to the next file mean going to the end
of the archive or to a file within the archive.
3 Also I've read somewhere that cpio cannot back up a smb mount. Is this
true or has cpio been updated since. I was also thinking about buying BRU
2000 personal edition, but it says it can't back up a samba mount. Is this
true??? If the drive is already samba mounted, can't I just back it up as if
it were a normal part of the filesystem?
Thanks for any help
Josh
------------------------------
Reply-To: "Curt" <[EMAIL PROTECTED]>
From: "Curt" <[EMAIL PROTECTED]>
Subject: Re: newbie-to-lan: cannot ping other box
Date: Thu, 13 May 1999 08:02:43 -0500
What is the result of 'ifconfig'? Is Rx 0?
In general it is not a good idea to use IRQ 9. IRQ9 is used redirects
interrutps form 2nd interrupt controller to first via IRQ2. Use IRQ 5, 10,
or 11. Check /proc/interrupts to see what is currently being used. You'll
probably need to use the DOS based configuration software that came with
your ne2000 card to set this. Disable PnP too.
hazzmat <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hello,
> Redhat 6.0 ISA ne2000 compatible (added at 0x300 base
> address, irq9 kernel module loads fine at boot) cat 5 cable -> Intel
> in-bidness 5 port 10base-T hub -> mac g3 10/100 builtin ethernet.
>
> I give eth0 address of 192.168.1.1 and give the Mac an address of
> 192.168.1.2 linux host with the eth0 192.168.1.100 Activate interface in
> netcfg Ok. Ping loopback-OK. Ping eth0 address OK. That's as far as it
> goes. Can't ping host IP (should I be able to do that ?) and can't ping
> the G3's address either.
>
> The G3 lights up the LED on the hub seeking the Linux box, so I know
> packets are leaving the G3. Also, just for fun I tell the G3 to connect
> to Linux host as though it were a file servert, it returns 'connection
> refused, try later'-- that's different from the message returned when I
> try to make it connect to a non-extant IP. On the other hand, there are
> only very occasional blips on the hub when I try to ping the G3 from the
> Linux PC. I still can't ping thre G3 if I remove the hub. G3 and Linux
> host addres are in /etc/hosts.
>
> what am I not doing right here? I have the 560 +page Linux Network
> Toolkit book on hand, and I am stymied. Any help appreciated.
>
> --hazzmat
>
------------------------------
From: [EMAIL PROTECTED] (Ray Whiteman)
Subject: Squid Proxy SMB Authentication
Date: Thu, 13 May 1999 14:30:23 GMT
I apologise if I'm in the wrong newsgroup, but this seemed like a good
place to start.
I am attempting to use the smb_auth package to authenticate a group
of NT users against a Squid 2.1-RELEASE proxy. Currently squid works
beautifully without authentication, it has been running for 4-5 weeks
servicing about 40 users in our IT dept. I need to roll this box into
production to service 3-400 corporate user who are struggling allong
with the worlds most unstable proxy, Microsoft "Poxy" Server. Hence
the NT authentication requirenment.
Following is a list of "bits"
IBM 350 PC (Pentium 133 + 64MB RAM)
IBM Token Ring Card (Yes, Token Ring!!!)
A heavily switched and IP segmented LAN
WIndows NT 4.0 on the PDC (at least that works, mostly)
Redhat Linux 5.2 (works all the time)
Squid 2.1-RELEASE (squid-2.1.RELEASE-src.tar.gz)
SMB_Auth (smb_auth-0.03.tar.gz)
Samba 2.0.3(samba-2.0.3.tar.gz)
All were install in a pretty basic fashion. Squid was compiled and
installed as a squid user, Samba was complied with default options and
ended up in /usr/local/samba, so no changes were made to the smb_auth
make file. I copied the default smb.conf to /usr/local/samba/lib to
keep the software happy.
No changes were made to it.
I have added the following lines to my squid.conf
acl foo proxy_auth REQUIRE
http_access allow foo
authenticate_program /usr/local/squid/bin/smb_auth -W SOCOG -U
172.20.5.21
authenticate_children 5
I use the -U option because the switched environment doesn't sem to
allow IP broadcasts.
The -U works anyway, see later.
When I start squid I get no errors (that I can see). The proxy
authentication request is popped up in Netscape on a cache request.
But the authentication fails every time.
Here is an extract of what I get when I attempt a smb_auth.sh
[squid@squid squid]$ /usr/local/squid/bin/smb_auth.sh
/usr/local/samba
socog
172.20.5.21
1
test1
password1
Domain name: socog
Pass-through authentication: no
Query address options: -U 172.20.5.21 -R
Domain controller IP address: 172.20.5.21
Domain controller NETBIOS name: NTPDC
Contents of //NTPDC/NETLOGON/proxyauth: allowAdded interface
ip=172.20.5.55
bcas
t=172.20.15.255 nmask=255.255.240.0
[squid@squid squid]$
smb_auth.sh responds with all the correct things (as per the doco).
Except that at the end it appends some extra stuff.
Help!! I am losing my hair over this. I have tried everything in the
doco I could see.
Have I done something dumb?
Kindest Regards;
Ray Whiteman
------------------------------
From: Sachin Garg <[EMAIL PROTECTED]>
Subject: Re: Where can I find driver for NE2000 PCI
Date: Thu, 13 May 1999 16:46:49 GMT
In article <7hef7c$j48$[EMAIL PROTECTED]>,
"John Smith" <[EMAIL PROTECTED]> wrote:
> I'm using SlackWare 3.5.0 with kernel 2.0.35
> I would like to know if there is a module for an NE2000 PCI card
> If there is one, where can I find it?
There is very much a driver for said card. It is in fact included with
the source code itself. you need to say YES to "Other cards" to get to
the selection of this card when you recompile a kernel. Or since you
want it as a module, say M.
The card is listed as an NE2000. For more info on Linux N/W drivers, go
to the site of the man who's written nearly all of them "Donald Becker"
at:
http://cesdis.gsfc.nasa.gov/people/becker/whoiam.html
or the Linux driver page at:
http://cesdis.gsfc.nasa.gov/linux/drivers/
hope this helps,
sachin
--
Sachin Garg, Member Technical Staff
Centre for Development of Advanced Computing,BANGALORE,INDIA
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: Wouter Liefting <[EMAIL PROTECTED]>
Subject: Re: respawning mgetty only some of the time
Date: Thu, 13 May 1999 19:01:12 +0200
M. Buchenrieder wrote:
> Wouter Liefting <[EMAIL PROTECTED]> writes:
>
> [...]
>
> >Think it isn�t that simple as you�d like it to be...
>
> Yes, it is. Doesn't anyone read manpages anymore ?
Oops. Sorry. I didn�t have the manpages handy when I wrote the reply.
> >Here�s what I�d do: Create two crontab files, say /etc/crontab.1 and
> >/etc/crontab.2. The first one is with the mgetty, the second one without
> >it.
And what was I thinking... I obviously meant two /etc/inittab files.
> AAARGH. Ridiculously complicated. See "man mgetty" , especially where
> it talks about using /etc/nologin.ttyS* files .
>
> Michael
------------------------------
From: Kyler Jones <[EMAIL PROTECTED]>
Subject: Help me...I've been hacked!
Date: 13 May 1999 10:40:19 -0500
What the hell?
I thought I was pretty secure, I've turned off a lot
of servcies, no remote root login, shadow passwords, etc..
And yet, I'm pretty sure someone has gained entry.
Here's the scoop:
I was looking around yesterday and I noticed a file :
/sniff.pid
Due to the alarming nature of this file name, I chcked the pid
and it's owned by:
/usr/sbin/in.sockd
the next pid is owned by:
/usr/local/sbin/sshd1 -q
What are these files?
Further more, there is a file called "tcp.log" in my root, world
readable, except for some reason root can't see the file, the
file contains text characters of all kinds of stuff, including
passwords, root and all.
I chacked my logs and found the someone port scanned me (I think)
becauise teh IP address 203.228.126.205 tried all the regular
services (ftd, imap, pop3, telnet) and each of these attempts
resultred in an error, eg.:
ipop3d: command stream end of file while reading line...
or:
intelnetd: Invalid or incomplete multiple byte or wide character..
Finally, there is a new user entry in my /etc/passwd file for
bionic::1555:555:The One Who Does it All:/tmp:/bin/bash
How the hell did this guy do this, what can I do to protect
myself and possibly make him pay??
Any help is appreciated.
Thanks.
rEdMaN
------------------------------
From: [EMAIL PROTECTED] (Chudman)
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: Redhat 6.0... the good, the bad, and the ugly
Date: Thu, 13 May 1999 14:41:06 GMT
Reply-To: Post Here
On 10 May 1999 16:43:18 -0700, Ronald Cole wrote:
>: > : > Best Buy for 64.95
>: >=20
>: > CompUSA shrinkwrapped at the front counter for $79.99 . . . .
>:=20
>: Are these *real* Redhat distributions, or are they the Macmillan
>: distributions like all the RH5.2 copies at Staples and Costco are?
>: The Macmillan distros require you to register with them instead of
>: Redhat for support (or so says the registration card included in the
>: box).
>:=20
>: If support is of concern to you, you might want to double check.
The one I bought from Best Buy is a real Redhat distribution.
--
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ If you insist on email replys you may do so at either my +
+ chudman-at-nym-alias-net or chudman-at-skuz-net (preferred)+
+ addresses. No binaries over 32K please. +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
------------------------------
From: Wouter Liefting <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware
Subject: Re: IBM Token-Ring
Date: Thu, 13 May 1999 19:17:50 +0200
Richard van Denzel wrote:
> Hi All,
>
> I recently got Debian 1.3-1 installed on a PS/2 model 95. The only
> problem I got that I got stiuck with my TR card.
> It's an IBM Token-Ring 16/4 Adapter A, with io=0xa20 and irq=9.
Sounds ok to me.
> When I try to add the options to /etc/conf.modules it complains that
> there is no symbol for parameter irq was not found.
> When I don't specify the irq, there are repeated messages:
> first: tr0: Initial interrupt: shared RAM located at 00DC2D4
> repeated: tr0: Unrecoverable error: error code = 0011
Same message I get, when my TR cable *is not connected to the network*.
Usually when I forget to take the PCMCIA TR card out of my laptop when I
work out of the office.
Are you sure you�ve got a good network connection?
> consequently the ifconfig command gets stuck.
>
> When I specify the irq=9 in /etc/conf.modules no errors appear but the
> card still doesn't work.
>
> When I try ifconfig tr0 172.16.150.22 netmask 255.255.255.0 up the
> messages appear:
> SIOCSIFADDR: No such device
> SIOCSIFNETMASK: No such device
>
> The part of conf.modules look like this:
>
> alias tr0 ibmtr
> options ibmtr io=0xa20 irq=9
>
> Has anyone got this card working and how did he/she do it?
>
> Thanx in advance,
>
> Richard
> --
> Richard van Denzel
> E-mail: [EMAIL PROTECTED], [EMAIL PROTECTED]
> [EMAIL PROTECTED], [EMAIL PROTECTED]
>
> --== Sent via Deja.com http://www.deja.com/ ==--
> ---Share what you know. Learn what you don't.---
Another problem might be that you are the first on the network, and your
card is trying to autodetect the line speed (4 or 16 Mbps). If noone is
there, the autodetect fails and you will get errors. You probably need to
disable auto speed detection then on the adapter somehow. (But I wouldn�t
know how, unfortunately. Jumpers, dip switches, configuration program in
Win95 or OS/2?)
- Wouter.
------------------------------
From: "John Hardin" <[EMAIL PROTECTED]>
Subject: Re: Is this possible? (VPN+IPMASQ)
Date: Thu, 13 May 1999 10:02:46 -0700
Walter Hunt wrote in message ...
> One thing to keep in mind: If the VPN you want to use is based on the
>AH protocol (Authentication Header), it will *not* work through the Linux
>firewall. This is because that protocol puts a cryptographic signature
around
>the entire packet, which will fail when checked on the remote end if the
>packet gets masqueraded.
>
> This may not apply to you. It does apply to me. :-( It's not well
>emphasized in the HOWTO you were pointed at.
Which HOWTO is that? I thought I stated it clearly in the VPN Masq HOWTO...
> (I have a plan/plot on how to make it work, but don't have the time or
>energy right now to implement it. By the time I do, I won't need it
anymore.)
How would you successfully masquerade AH packets without participating in
the ISAKMP key exchange???
--
John Hardin KA7OHZ [EMAIL PROTECTED]
pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
=======================================================================
In the Lion
the Mighty Lion
the Zebra sleeps tonight...
Dee de-ee-ee-ee-ee de de de we um umma way!
------------------------------
From: Captain Panic <[EMAIL PROTECTED]>
Subject: Problems using PCMCIA netcard.
Date: Thu, 13 May 1999 10:40:37 -0400
Hello,
I am running RedHat 6.0 on a laptop. The problem I am having is with
using my PCMCIA ethernet card. Here are some of my observations. When
booting it says bringing up interface eth0, delaying interface eth0, and
it fails. But it doesn't start the PCMCIA services until about 15 items
down the list. Is this the problem? Also when PCMCIA services start
I get a high beep then a low beep, which according to the man cardmgr
means unknown card found, but when I do "cardctl ident" I get:
Socket 0;
No product.
Socket 1;
product info: "KTI", "PE520 Plus", "PCMCIA Ethernet", "990129"
manfid:0x0161, 0x0010
function: 6(network)
Does anyone know what is going wrong here?
Well thanks in advance.
Bri
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
