Linux-Networking Digest #152, Volume #11 Fri, 14 May 99 10:13:26 EDT
Contents:
auto dial ("James Smith")
Re: Appletalk:Servers show up in chooser but can't logon (Michael)
Re: Help : Very Slow Remote Login (mist)
Re: DNS? (mist)
SAMBA WORK AS PDC (Lederhaas Horst)
Re: Help me...I've been hacked! (Duncan Simpson)
Re: Help me...I've been hacked! (Duncan Simpson)
ppp: Protocol-Reject for unsupported protocol? (Carsten G Brautigam)
Re: Question: setting up address translation/IP masquerading across an (Brendan
Byrd/SineSwiper)
Re: IMAP4 with SSL support? (Menelaos Maglis)
Re: PCI Modem - lost cause? ("Curt")
Re: newbie-to-lan: cannot ping other box ("Curt")
Newbie Q: Serial port communication with 'cu' (Rickard Westerberg)
Re: DHCP Help needed!! (Wouter Liefting)
Re: US Robotics 56k modem
Re: SAMBA WORK AS PDC ("David Murray")
Re: Samba & Win 9x clients: automatically mapping drives (Erhard Wais)
Re: RedHat-6.0 and port forwarding (John Morey)
Re: pcanywhere equivalent for linux ("XaosSlaad")
----------------------------------------------------------------------------
From: "James Smith" <[EMAIL PROTECTED]>
Crossposted-To: linux.help,linux.redhat.ppp,linux.redhat.misc
Subject: auto dial
Date: Fri, 14 May 1999 06:35:20 -0400
now that i have all my scripts working, how do i set it up to dial when
linux starts up? im using redhat 6.
------------------------------
From: Michael <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,alt.os.linux
Subject: Re: Appletalk:Servers show up in chooser but can't logon
Date: Fri, 14 May 1999 12:55:17 +0200
[EMAIL PROTECTED] schrieb:
> I have managed to get Appletalk to work as far as getting the server to show
> up in the chooser on the Mac. There are two options "Guest Volume" and "User
> Volume".
>
> When I try log in to "Guest Volume" it asks for a username and password,
> which I don't know. I have tried many possibilities and nothing works. It
> says the password is wrong please try again.
>
> How and where do I define such a user and password?
>
> When I try and log in to "User Volume" it says "Server did not use a
> recognizable log on sequence".
>
> Here are the setup files...
> afpd.conf
> "Guest Volume" -cleartxt -loginmesg "Welcome guest!"
> "User Volume" -noguest -loginmesg "Welcome user."
>
> atalk.conf
> eth0 -phase 2 -net 0-65534 -addr 65280.86
>
> Apple Volumes.system
> #volumes
> /home/apple "Linux Zone"
> #I have created the /home/apple directory
>
> config
> APPD_MAX_CLIENTS=5
> ATALK_NAME=`echo ${HOSTNAME} | cut -d -f1`
> APPD_NOCLR=-C
> APPD_NOGUEST=-G
> APPD_GUEST=nobody
> PAPD_RUN=yes
> APPD_RUN=yes
> ATALK_BRGROUND=yes
>
> papd.conf - empty
>
> /etc/shells
> /bin/bash
> /bin/sh
> /bin/ash
> /bin/bsh
> /bin/tcsh
> /bin/csh
> /bin/ksh
> /bin/zsh
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
Hallo,
Was du brauchst ist eine Version von Netatalk bei der die Shadow Passwort
optionen eincompiliert sind.
Ab Suse 5.2 ist funktioniert das.
Gru�
Michael, [EMAIL PROTECTED]
------------------------------
From: mist <[EMAIL PROTECTED]>
Subject: Re: Help : Very Slow Remote Login
Date: Fri, 14 May 1999 10:58:18 +0100
Reply-To: mist <new$[EMAIL PROTECTED]>
brian <[EMAIL PROTECTED]> scribed to us that -
>I setup redhat 5.1 on my desktop and use my laptop to connect to it.
>when I use telnet to connect, it shows host connected for very long
>time before the login prompt appears. but this doesnt happened when i
>login locally on the desktop. can someone suggest what may be the
>problem? thx in advance.
>
Resolution for the domain name is missing. Add the laptop IP and name
to /etc/hosts. Do a search on Dejanews if you want to know more. This
question comes up about twice every day. 8-/
--
Mist.
------------------------------
From: mist <[EMAIL PROTECTED]>
Subject: Re: DNS?
Date: Fri, 14 May 1999 11:01:19 +0100
Reply-To: mist <new$[EMAIL PROTECTED]>
DB7654321 <[EMAIL PROTECTED]> scribed to us that -
>I am new to linux and networking and wondered: What are the main uses of a DNS
>server?
To translate IP addresses into human-readable names. And vice-versa.
> I have a dialup connection to the internet and do not want to handle
>DNS requests for the internet. How can I let my ISP handle those?
When you connect, make sure that the ISPs nameservers are listed in
/etc/resolv.conf check the man pages for the format.
> The only
>reason I might need one is for the small network (3-5 computers) I am going to
>set up soon. What services need DNS?
Quite possibly anything that wants to connect to anything else. In
reality you could get by by adding stuff to /etc/hosts You might want
to set up a small cacheing nameserver for your local network. Redhat
almost comes with a useable one set up as default.
--
Mist.
------------------------------
From: Lederhaas Horst <[EMAIL PROTECTED]>
Subject: SAMBA WORK AS PDC
Date: Fri, 14 May 1999 13:17:22 +0200
Who can tell me how i must configure Samba to work as PDC in my Win9x
network.
Or where i can read the docu for my problem.
greetings
Horst Lederhaas
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Duncan Simpson)
Subject: Re: Help me...I've been hacked!
Date: 14 May 1999 11:20:02 GMT
The latest versions of sendmail are not full of (known) dire security
holes. You might want something simpler and without a history of holes
being discover, like postfix or qmail though. Many ISPs use sendmail and
some can not switch because they need features not avialable otherwise.
sshd has not been the subkject of anything too dire except a kerbos
buffer overrun (only if kerbos suport is compiled in) and the remote
possibility of a hostname overrun in a message, which looks like hard
work. (The bad guy would need control of a DNS server and somehow pass
a massive hostname with all sorts of weird characters in it to sshd).
I would suspect it is an old version of ftpd... recently there have
been root exploit discovered in widespread versions of wuftpd and lots
of people have not upgraded to fixed versions. (If you have source the
buggy function is the implementation of realpath() which fails to do
length checks). RH, SuSe, Slackware, and almsot everything else is
vulnerable.
You might be interested in checkps which has a web site at
http://checkps.alcom.co.uk (only available by HTTP I am afraid). Full
source code is avialable and it will maserade as anything with any
fake parameter list. It checkps for rootkit versions of ps every 5
minutes and if it fidn one tells you all the detials of hidden
processes by email. According to some old emial various crackers
abusing NASA boxen have been detected.
(You probably want to check the source code for trojans I might have
hidden on it or any buffer overrun potential. AFAIK there are no trojans
or exploits avialable for checkps and no rootkits that hack ps in a way
that is not detected. If you do find bugs tell me about them :-)
Oh, and BTW I have spent all night cleaning up a system (re-isntalling
was not a viable option on this system). I got the latest source for
everything that might be suspect, including ps, ls, login, etc and
made sure I had clean versions of those programs. It was not fun and
I can tell you echo * is a tad less convient that ls (but better in
the presence of rootkits which often target ls, ps and netstat).
Duncan (-:
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."
------------------------------
From: [EMAIL PROTECTED] (Duncan Simpson)
Subject: Re: Help me...I've been hacked!
Date: 14 May 1999 11:36:43 GMT
In <7hgk0c$muu$[EMAIL PROTECTED]> [EMAIL PROTECTED] writes:
>Look, neither myself nor anybody else is suggesting that people try to
>make money off installing or distributing ssh. Those are the only
>activities really prohibited by Data Fellows' license. So long as we
>all just install sshd on our own machines for our own use [which is what
>was suggested earlier in this thread], there's no problem.
Last time I read the ssh 2.x licence if a primary reason for the use
of ssh was doing sysadministrivia that was commercial use, period. So
if I installed sshd 2.x on my system and used it for remote
sysadminstrivia I would have to pay. Incidentry this a primary reason
why 98% of us still use ssh version 1.x (inclduing LANL and my ISP).
IMHO ssh version 2 is almost payware due the all-encompasing defintion
of commercial use. ssh version 1 has a very narrow version of
commercial use which lets some people, who arguably should pay, off
the hook. I could never afford the hone bills for my machine being
connected for a significant length of time so the issue is rather moot
(modulo some machines at my ISP which I have *legitimate* root access
to).
Duncan (-:
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."
------------------------------
From: Carsten G Brautigam <[EMAIL PROTECTED]>
Subject: ppp: Protocol-Reject for unsupported protocol?
Date: Fri, 14 May 1999 13:26:53 +0200
After upgrading to RedHat 6.0, I have problms with PPP.
The lgo file says:
May 13 22:48:17 unicorn pppd[6890]: pppd 2.3.7 started by carsten, uid
501
May 13 22:48:17 unicorn pppd[6890]: Using interface ppp0
May 13 22:48:17 unicorn pppd[6890]: Connect: ppp0 <--> /dev/modem
May 13 22:48:23 unicorn modprobe: can't locate module ppp-compress-21
May 13 22:48:24 unicorn modprobe: can't locate module ppp-compress-26
May 13 22:48:24 unicorn modprobe: can't locate module ppp-compress-24
May 13 22:48:25 unicorn pppd[6890]: Protocol-Reject for unsupported
protocol 0x7263
May 13 22:48:25 unicorn pppd[6890]: Protocol-Reject for unsupported
protocol 0x7263
May 13 22:48:26 unicorn pppd[6890]: Protocol-Reject for unsupported
protocol 0x7263
May 13 22:48:26 unicorn pppd[6890]: Protocol-Reject for unsupported
protocol 0x5072
May 13 22:48:26 unicorn pppd[6890]: Protocol-Reject for unsupported
protocol 0x5072
Does anyone know what's wrong/missing?
Please cc answers to my address,
Thanks,
Carsten.
--
Carsten Brautigam ([EMAIL PROTECTED])
------------------------------
Date: Fri, 14 May 1999 07:26:13 -0400
From: Brendan Byrd/SineSwiper <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.admin.networking,comp.unix.bsd.freebsd.misc
Subject: Re: Question: setting up address translation/IP masquerading across an
Tom Jobbins wrote:
>
> Hi,
>
> I am currently running FreeBSD 3.1 on several machines, however I am also
> about to install Redhat 6 on at least one, maybe two. I am most used to
> FreeBSD, however if what I want to do is possible only in Linux and not
> FBSD, I'd happily use that instead. I also have access to NT Server 4.
>
...blah, blah, blah...
>
> But how do I get useraa1.myisp.com to route all its traffic through
> dialup.mynetwork.com ? Is there a software package that will do it, or is
> it possible to do it via the routing table somehow? Although, I don't think
> routing tables could do it.. because to use address translation, a machine
> on my network would need to be able to listen for connections from
> useraa1.myisp.com, which would involve thinking it was a part of the
> myisp.com network. Hum, maybe I've got it mixed up, but I can't see how it
> would work.
It's a fairly common situation. I have an IP Masq system myself. It took me 15
minutes to setup after I read the mini-HOWTO for it. It's here:
http://metalab.unc.edu/LDP/HOWTO/mini/IP-Masquerade.html
Remember, the LDP is your friend...
--
Brendan Byrd AKA SineSwiper ([EMAIL PROTECTED])
Computer techie, PERL master, and all-purpose Internet guru
Resonator Software (http://www.resonatorsoft.com/)
-----------== Posted via Newsfeeds.Com, Uncensored Usenet News ==----------
http://www.newsfeeds.com/ The Largest Usenet Servers in the World!
=========== Over 72,000 Groups, Plus Dedicated Binaries Servers ==========
------------------------------
From: Menelaos Maglis <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.apps
Subject: Re: IMAP4 with SSL support?
Date: Fri, 14 May 1999 12:30:01 +0100
sendmail configured to recognize ssl. Need SSLeay or openssl etc...
The best!
sendmail from http://www.sendmail.org (free)
SSLeay and other crypto additions to Linux: http://www.replay.com (free)
On 13 May 1999, Greg Spiegelberg wrote:
> Is there a free IMAP4 server available that has SSL capabilities?
>
>
> -- --
> | Greg "Twotone" Spiegelberg NetSet Internet Services |
> | [EMAIL PROTECTED] +1 614 527 9111 |
> | [It is] best to confuse only one issue at a time. -- K&R |
> -- --
>
>
------------------------------
Reply-To: "Curt" <[EMAIL PROTECTED]>
From: "Curt" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: PCI Modem - lost cause?
Date: Fri, 14 May 1999 06:43:41 -0500
It is probably a winmodem, they don't work under linux. They depend on
proprietary code that must
run on the systems CPU.
michael sulis <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hey there, just installed Redhat 5.1, no real troubles except for the
> modem...
>
> it's a 56K v.90 PCI modem, and it has no UART - so i'm not sure how to
> get it to work... i've seen discouraging things here and there, but was
> wondering if anyone knows of drivers being worked on or anything else
> that might help me get it going...
>
> it's a PCtel chipset, built by Newcom, ATI3 responds "PCtel 7.61MS" in
> case anyone cares ;)
>
> thanks for any help you might offer...
> michael
> (and yeah i know, external modem. what the hell was i thinking?)
>
> --
> email| [EMAIL PROTECTED]
> fax| 707.220.7992
> acadia competition| http://www.apc.net/msulis
> thesis proposal| http://www.apc.net/msulis/proposal.pdf
>
>
------------------------------
Reply-To: "Curt" <[EMAIL PROTECTED]>
From: "Curt" <[EMAIL PROTECTED]>
Subject: Re: newbie-to-lan: cannot ping other box
Date: Fri, 14 May 1999 06:59:32 -0500
Try IRQ 11. Since it seems to be finding the card a 0x300, I assume that is
correct. But, you might take a look
/proc/ioports to see if there is a possible overlap. Also post output of
dmesg if you can.
hazzmat <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Curt wrote:
>
> > Do you recall what IRQ it used under 5.1, mostly likely that will work
> > again.
> > I doubt if it was IRQ 9. Try setting the following in /etc/conf.modules
> >
> > alias eth0 ne
> > options ne io=0x300 irq=10
> >
>
> Seems to be doing the same at irq10 and 7 as it was at 9. I can ping
> 192.168.1.1 --but nothing else.
> INKY /root]# cat /proc/interrupts
> CPU0
> 0: 77288 XT-PIC timer
> 1: 797 XT-PIC keyboard
> 2: 0 XT-PIC cascade
> 4: 32691 XT-PIC serial
> 5: 68539 XT-PIC soundblaster
> 7: 0 XT-PIC NE2000
> 8: 2 XT-PIC rtc
> 12: 27308 XT-PIC PS/2 Mouse
> 13: 1 XT-PIC fpu
> 14: 101342 XT-PIC ide0
> 15: 25 XT-PIC ide1
> NMI: 0
> [root@BLINKY /root]# ping 192.168.1.2
> PING 192.168.1.2 (192.168.1.2): 56 data bytes
>
> --- 192.168.1.2 ping statistics ---
> 2 packets transmitted, 0 packets received, 100% packet loss
>
> I don't know what irq # it used to work at --it was about a year ago that
it
> was setup that way. 5.1 was installed to my box through the card at a
Linux
> friendly store. I never actually needed the card 'til now.
>
> I edited conf.modules like you suggested and I removed the pre-existing
eth0
> reference
> so that it now looks like this:
>
> alias parport_lowlevel parport_pc
> pre-install pcmcia_core /etc/rc.d/init.d/pcmcia start
> alias sound sb
> pre-install sound insmod sound dmabuf=1
> options opl3 io=0x388
> alias midi awe_wave
> post-install awe_wave /bin/sfxload /etc/midi/GU11-ROM.SF2
> options sb dma16=5 io=0x220 mpu_io=0x330 irq=5 dma=1
> alias eth0 ne
> options ne io=0x300 irq=7
> (also tried irq10 first)
>
> I am rebooting between changes because I noticed that the address in
> /proc/interrupts wasn't changing along with changes to conf.modules even
though
> I restarted the kernel daemon (hit the button for it) through kernelcfg.
Also I
> am checking to make sure these Irq's are not turned off in the BIOS (10
was
> disabled, but I turned it on to 'primary' before trying)
> When I attempt to ping the G3 the LED on the hub should blink some right?
Any
> other configuration files that I need to know about --like routing stuff?
>
------------------------------
From: Rickard Westerberg <[EMAIL PROTECTED]>
Subject: Newbie Q: Serial port communication with 'cu'
Date: Fri, 14 May 1999 14:13:13 +0200
This is a multi-part message in MIME format.
==============44CD8870F3FB1CD0603608B6
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Please help a Linux newbie:
I'm trying to communcate with my COM1 serial port by using the 'cu'
command.
I need to set some parameters for my Cisco 765 router, which only can be
done by establishing a serial line connection and typing commands from
the prompt.
This is what happens:
root@dio uucp]# cu --parity=none -s 9600 -l /dev/ttys0
cu: open (dev/ttys0): Input/output error
cu: /dev/ttys0: Line in use
What am I doing wrong? Why can't I establish a serial line connection
this way?
Please help me out, friends!
- Rickard Westerberg
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rickard Westerberg
Electronic Commerce &
Application Integration Technology
Frontec Norr AB
+46-920-75200
http://www.frontec.se
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
==============44CD8870F3FB1CD0603608B6
Content-Type: text/x-vcard; charset=us-ascii;
name="riwe.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Rickard Westerberg
Content-Disposition: attachment;
filename="riwe.vcf"
begin:vcard
n:Westerberg;Rickard
tel;cell:+46-70-6614470
tel;fax:+46-920-75299
tel;work:+46-920-75200
x-mozilla-html:FALSE
org:Frontec Norr AB
adr:;;Aurorum 1;Lulea;;S-977 75;Sweden
version:2.1
email;internet:[EMAIL PROTECTED]
title:eCommerce Consultant
x-mozilla-cpt:;-21392
fn:Rickard Westerberg
end:vcard
==============44CD8870F3FB1CD0603608B6==
------------------------------
From: Wouter Liefting <[EMAIL PROTECTED]>
Subject: Re: DHCP Help needed!!
Date: Fri, 14 May 1999 14:27:30 +0200
Are you sure it is a Linux problem? Do you have other (non-Win98) systems on
your network and do they have the same problem?
You might try to run a linux DHCP client on your system and see what happens?
(An easy way to do this is by starting a Red Hat install over a network and to
use DHCP for IP address resolution. Abort the installation before it starts
writing stuff to disk. At least that way you can check what happens with DHCP.)
Matt Mencel
> I've got DHCP v1.0.2 running on Linux 2.2.5. I am trying to use it to
> provide IPs to all my Windows based PCs on my network. Here is how I have
> it set up.
>
> >>dhcpd.conf file
> default lease-time 600;
> max-lease-time 7200;
> option subnet-mask 255.255.255.0;
> option broadcast-address 192.168.0.255;
> option routers 192.168.0.3;
> option domain-name-servers 199.118.120.4, 199.118.120.2;
> option domain-name "mydomain.com";
>
> subnet 192.168.0.0 netmask 255.255.255.0 {
> range 192.168.0.100 192.168.0.150
> }
>
> >>
> I then ran the command to get Windows clients to see the Linux DHCP server
> as follows:
> route add -host 255.255.255.255 dev eth0
>
> >>
> I then started the DHCP server in debugging mode with the command:
> /usr/sbin/dhcpd -d -f
>
> >>
> When I bring up a Win98 machine and use the <RENEW ALL> button on the
> WINIPCFG window I get these messeges on my Linux machine.
>
> DHCPDISCOVER from (MAC address) via eth0
> DHCPOFFER on 192.168.0.100 to (MAC address) via eth0
> DHCPREQUEST for 192.168.0.100 from (MAC address) via eth0
> DHCPACK on 192.168.0.100 to (MAC address) via eth0
> DHCPINFORM from 192.168.0.100
>
> >>
> It looks like it works fine, and when I go to that PC and type <<arp -a>>
> it responds that 192.168.0.100 has been assigned to it. Great I think.
> However, when I go back into WINIPCFG to check settings there, it shows
> NOTHING! It reports the DHCP server as 255.255.255.255 when it should be
> 192.168.0.25. That's all it reports. No IP, no Gateway, no Lease Obtained
> info, no Subnet Mask, nothing!! All of which should be assigned to it by
> the DHCP server. If anyone can offer me any suggestions as to why this
> might be, it would be greatly appreciated. I have been spinning my wheels
> on this for days now. Thanks a lot.
>
> Matt
------------------------------
From: <[EMAIL PROTECTED]>
Subject: Re: US Robotics 56k modem
Date: 14 May 1999 12:30:55 GMT
Keith Piwowarski wrote:
> Has anyone out there successfully installed a 3Com US Robotics 56K
> Faxmodem? I'm running Redhat 5.2, the isapnp tools produce config files
> but I still can't get at the thing.
>
> Keith
>
I installed Caldera and Linux found the modem ok. It did ask for some
sort of fax-modem id number which I had no idea about. however, I used
kppp to configure the modem and it did dial out.
================== Posted via SearchLinux ==================
http://www.searchlinux.com
------------------------------
From: "David Murray" <[EMAIL PROTECTED]>
Subject: Re: SAMBA WORK AS PDC
Date: Fri, 14 May 1999 12:43:41 GMT
It is quite, quite easy.. Just edit the /etc/smb.conf file and change all
the sections related to it.. I didn't even have to read the documentation,
the config file is very self-explanitory about it.
Lederhaas Horst <[EMAIL PROTECTED]> wrote in article
<[EMAIL PROTECTED]>...
> Who can tell me how i must configure Samba to work as PDC in my Win9x
> network.
> Or where i can read the docu for my problem.
------------------------------
From: Erhard Wais <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: Samba & Win 9x clients: automatically mapping drives
Date: Fri, 14 May 1999 14:51:06 +0200
Michael Balderas wrote:
> On Thu, 13 May 1999 21:55:53 GMT, [EMAIL PROTECTED] (Lee
> Allen) wrote:
>
> >Under Samba, I (think) I have to "map a network drive" on the Win 9x
> >client via point & click. If the client ever boots when the server is
> >down (or not available), then the client will display a prompt, "Do
> >you want to reconnect the next time you log in?" If the user says
> >"No", the mapping is gone, and must be recreated manually.
> >
>
> This is the short coming of Windows 9X in any peer-peer network
> enviroment using Microsoft's file and print sharing to map shared
> resources on remote clients, this is not just related to Samba.
>
> >How can we avoid this problem? Is there some script capability in Win
> >9x that remap the drives for us?
> >
>
> Short of telling the users to hit yes, I am not aware of any way
> around this issue. I get calls from clients all the time who hit "no"
> on the "connect next time" prompt instead of yes. To this day the only
> resolution I have found is to walk them thru connecting to the share
> or fixing it next I was on site. If anyone does have a scripting tool
> that will eliminate this issue I'd be interested in knowing as well.
>
I think you should read the manuals of samba again. Windows has of course a
script capabilty otherwhise
it would not work with Netware or NT Server anyway. And Samba supports this
script capability, too.
There is a very detailed description in the samba documentation, how to map
networkdrives or excute scripts
during logon. If you need some help feel free to contact me.
------------------------------
From: John Morey <[EMAIL PROTECTED]>
Subject: Re: RedHat-6.0 and port forwarding
Date: Mon, 10 May 1999 11:44:04 GMT
Well I finally got this going. As you say I needed to get
ipmasqadm from http://juanjox.linuxhq.com. Also the directions
given in the HOW-TO needed changed a little bit because the
shared library was changed. I can't get to the box right
now (I'm at work) but I'll send an update tonight with
the correct commands. I also did not need to apply any
patches to RedHat-6.0 to get this to work.
More later,
John
root wrote:
>
> John Morey wrote:
>
> > I am having trouble setting up port forwarding (?) on RedHat-6.0. I
> > have
> > read the applicable HOW-TOs but am left unsure as how to do it. In some
> > places it seems that ipchains should be able to do what I want but in
> > others it seems that it will not.
> >
> > Here is a better description of what I am trying to do:
> >
> > First the picture:
> >
> > Internet
> > |
> > | (1.2.3.4)
> > firewall (RedHat-6.0 with two network cards)
> > | (192.168.0.1)
> > |
> > ----------
> > | |
> > (192.168.0.2) pc-a pc-b (192.168.0.3)
> >
> > Now the description:
> >
> > I have a machine, my firewall, running RedHat-6.0 that has two network
> > cards. Let's say its' external IP address is 1.2.3.4 and its' internal
> > IP
> > address is 192.168.0.1. Now on the inside I have pc-a, IP address
> > 192.168.0.2,
> > that is running PC Anywhere in host mode and I want to be able to access
> > pc-a
> > using PC Anywhere from the Internet. PC Anywhere uses ports 5631 and
> > 5632.
> > As the firewall is the only box that I have a valid Internet IP address
> > for I
> > need to set the firewall up to forward anything the comes in from the
> > Internet
> > to ports 5631 and 5632 to the same ports on pc-a. I have masquarading
> > working so
> > that both pc-a and pc-b have access to the Internet through the
> > firewall.
> >
> > Now the questions:
> >
> > Should I be able to do this with ipchains?
> >
> > If so what would the setup commands look like?
> >
> > If not what should I be using?
> >
> > Thanks for any help and/or info,
> >
> > John Morey
>
> Hi John..
>
> I'm a professed newbie in the linux world, so take anything I say with a
> grain a salt, but I'm trying to do the exact same thing..
>
> I haven't quite got it all down, but here's what i've found so far..
>
> I believe you need both ipchains and a program called ipmasqadm. ipchains
> comes with you RH6 distribution, and ipmasqadm can be found at
> http://juanjox.linuxhq.com.
>
> He doesn't really say that you need it, but he also has a kernel patch for
> ip masq stuff.. I said what the heck,
> and downloaded the latest kernel (2.2.7) the latest ac patch 2.2.7-ac2, and
> and Juans ip_masq patch.
>
> I have his utility install, and was trying to install it when I stumbled
> on your post.. In the past, I found a doc online that told you how to do
> this with ipautofw. Apparently, ipmasqadm is the latest and greatest tool
> to do this, and it does have an option called ipautofw. Unfortunatly I
> can't find that document anymore. That's what I was looking for.
>
> He has a pretty good man page, but I was hoping to find the oneshot
> answer.. But I guess I'll stumble along until I find it.
>
> I have been successfully using a utility called REDIR to do this for SMTP
> and POP, but that doesn't work for UDP packets.. So if you want to work
> with me, I'll let you know how it goes..
>
> If you find a the magic bullet in your wanderings, let me know also..
>
> Peter Van Doren
> ^~[EMAIL PROTECTED]
>
> Strip the ^~ it's just there to keep the spammers away..
------------------------------
From: "XaosSlaad" <[EMAIL PROTECTED]>
Subject: Re: pcanywhere equivalent for linux
Date: Tue, 11 May 1999 07:45:35 -0400
yeah VNC is a great program...the only thing ive found is that you should
make sure you have as many font packages installed as possible cause missing
fonts cause the program to bomb out mysteriously. either that or you can
edit the scripts so they dont look for the directories of the fonts you dont
have but its just easier to install the packages......like i was missing 100
dpi fonts and i was going nuts trying to find it in the vncserver script;
ended up just installing the rpm; les of a pain.....i love this program and
intend on setting up a little demo page on how to set it up; suffice it to
say ive had a gnome, twm fvwm95 etc etc running all at once off my nux
machine; kind of funny and pointless but neat to do....
root <[EMAIL PROTECTED]> wrote in message
news:7h5dlp$[EMAIL PROTECTED]...
>
> check out vnc from
> http://www.orl.co.uk/vnc/
>
> works great for both linux and nt
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
