Linux-Networking Digest #163, Volume #11 Sat, 15 May 99 06:13:52 EDT
Contents:
Re: Applixware (Tim Moore)
Re: PPP: where, how? Please Help! ([EMAIL PROTECTED])
Re: LCP Timeout problem (Xaendiss)
Re: Linux and Win9x trouble (Michael Proto)
ipopd problem, again (Leo Wong)
unknown data from my p-to-p address ("Kai Krakow")
Taylor uucp scripts (Colin Overton)
Re: trouble pinging ([EMAIL PROTECTED])
Re: IP Masquerading doesn't work! ("Sherm <" <[EMAIL PROTECTED]>)
ipchains and broadcast messages ("Sherm <" <"sherm80 "@ hotmail.com>)
Is Linux Slower than Windows??(ppp) ("Bono")
How to let IBM 100/10 ISA NIC work with Redhat 6.0? ([EMAIL PROTECTED])
Re: Question: setting up address translation/IP masquerading across an internet PPP
link ("Tom Jobbins")
Re: @HOME Cable Service and Linux (Scott Hepburn)
ip-up trouble (Mark Weinem)
Re: Linux box as a NetWare client (Roumen Petrov)
Reliable (!) nic for 2.2 kernel? (bryan)
Masquerading security ([EMAIL PROTECTED])
Re: Route and network broadcasts (David De Ridder)
----------------------------------------------------------------------------
Date: Sun, 09 May 1999 18:10:52 -0700
From: Tim Moore <[EMAIL PROTECTED]>
Subject: Re: Applixware
I've used Applix 4.4.1 (current) and StarOffice 5.0. The only time I use StarOffice
is when a document crashes Applix. Import/Export filters seem to be the weakness of
both.
Are you running so 5.0 or 5.01?
Martin Cameron wrote:
>
> I have recently ordered Applixware through Cheapbytes and would like to
> get the opinion of others who use it or have trialled it and rejected
> it.
>
> At the present time, I am using Star Division Suite and am relatively
> happy with it, but am looking for something a little more comprehensive
> including a Database (which is still under development with Star
> Division).
--
Direct replies to username 'timothymoore'
"Everything is permitted. Nothing is forbidden."
WS Burroughs.
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.setup
Subject: Re: PPP: where, how? Please Help!
Date: Sat, 15 May 1999 03:04:04 -0400
If there is some kind soul out there:
I have been trying to get ppp (RedHat 5.2) working for months. After being told
to read volumes on the subject (and after reading volumes on this subject) I'm
really ready to give up. ppp will not work at all on my machine. After checking
to make sure it is there I got the message: Package ppp-2.3.5-1 is already
installed. ifconfig will not return a ppp0 interface, only the lo interface is
present. To date I have:
set the Modem link; edited /etc/ppp/options:
/dev/modem 57600
noipdefault
debug
modem
defaultroute
crtscts
set the Domain Name Server:
/etc/resolv.conf:
DOMAIN=<domain.com>
NAMESERVER=199.227.0.2
NAMESERVER=199.227.0.3
set the Dial-Up Phone Number:
/etc/ppp/ppp-on
/usr/sbin/pppd
name=<username> -d connect
'/usr/sbin/chat -t 45 -v ABORT BUSY
ATDT3379922 CONNECT
set the Dial-Up Password:
/etc/ppp/chap-secrets
[EMAIL PROTECTED] ""password""
I have tried setting up a ppp user account
and written a pppscript.
I have tried setting up chat: ""ATZ OK
ATDT<5555555> "" ogin: <username> word: password.
I have tried combining chat and pppd:
pppd connect "chat -f chatfile" (I wrote one)
/dev/cua0 57600 -detach crtscts
modem defaultroute
Undid all of this and:
Placed a ppp-on-dialer script into the /etc/ppp directory. Placed ppp-on and
ppp-off scripts in the /usr/local/bin directory. When I su to root and type
/usr/local/bin/ppp-on, nothing happens. I have edited the scripts and double
checked that the information is correct. Absolutely nothing I have tried has
worked as ifconfig continues to show nothing for ppp0. Minicom says there is no
config. I can get it to dial, but of course nothing happens:
#siocdelrt
/var/log/messages
localhost kernel:registered device ppp0
localhost pppd [1897]:pppd 2.3.5 started
by root, uid 0
localhost pppd
[1897]:tcgetattr:Input/output error (5)
I don't know if this is relevant: After uninstalling and reinstalling sendmail
8.8.7-20 it is still showing errors:
/var/log/sendmail.st problems - checksum, size, time. The dependencies do
not show errors:
fetchmail-4.5.8-2
mutt-0.93.2-2
nmh-0.27-1
exmh-2.0.2-4
How I wish I could get on line with Linux!!
;-(
Any help in this would be greatly appreciated.
Jared
>
------------------------------
From: Xaendiss <" Xaendiss"@hotmail.com>
Subject: Re: LCP Timeout problem
Date: Sat, 15 May 1999 10:07:55 +0200
Hi,
This solved my problem.
In fact it xas my serial port that was in
16550 mode instead of 16550A.
I changed this and now I've got no more problem
Thank you a lot
Clifford Kite wrote:
> Xaendiss ("Xaendiss"@hotmail.com) wrote:
>
> : I,ve got a problem when connecting to my ISP. I've got two ISP's and I
> : got none of them to work. So I think the problem is on my
> : Linux Box (kernel 2.2.5, pppd 2.3.5).
>
> : Here are the scripts used for te connection:
>
> : * ppp-on
>
> : #!/bin/sh
> : #
> : exec /usr/sbin/pppd /dev/modem 115200 debug kdebug 0 lcp-max-configure
> : 50 \
> : connect "/usr/sbin/chat -v -f /etc/ppp/generic.chat"
>
> I'd remove "lcp-max-configure 50" since it only extends the negotiation
> time and won't help. I'd add the option crtscts since the modem likely
> does hardware handshaking. I don't know whether this will cure your
> problem but probably not.
>
> The posted log shows that pppd is receiving the ISP messages and
> understands them. The messages from the ISP arrive OK but the ISP
> doesn't respond to any of the pppd messages sent to it so the messages
> to the ISP must either be lost or arrive in some scrambled form.
>
> At the start of the PPP negotiations it usually means the problem is in
> the modem settings or the serial port device file configuration.
>
> These are some things to look at:
>
> Check the time between the sending the +++ATZ and the time you get the
> OK response from the modem in your chat messages. More than 1 second
> differene means that the IRQ for the device file is configured incorrectly.
> I can't tell without the timestamps you omitted but I'd guess this isn't
> the problem.
>
> Check the UART setting for the device file with "setserial /dev/modem"
> making sure it agrees with the type of the UART that the modem actually
> uses. Also, the most common UART currently is 16550A and an external
> modem of recent vintage won't work with a 16450 UART except at low speed
> (14400 max and maybe 9600 max).
>
> Instead of the chat expect/send <'' +++ATZ> try <'' ATH0&F> which
> hangs up and resets the modem to a factory default profile.
>
> : * generic.chat
>
> : TIMEOUT 60
> : ABORT 'NO CARRIER'
> : ABORT 'BUSY'
> : ABORT 'NO DIALTONE'
> : ABORT 'ERROR'
> : '' +++ATZ
> : 'OK' ATDTXXXXXXX
> : 'CONNECT' ''
> : ogin: XXXXXXXX
> : word: XXXXXXXX
> : \~ ''
>
> : And here are the messages generated by pppd:
>
> <snipped>
>
> : There seems to be a problem with the LCP packet which id=0x01. I tried
> : different asyncmaps and a lot of the options of pppd, but
> : I didn't succeed to get it work.
>
> A problem at the very start of PPP link negotiations is not an asyncmap
> problem.
>
> --
> Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
> /* The signal-to-noise ratio is too low in many [news] groups to make
> * them good candidates for archiving.
> * --- Mike Moraes, Answers to FAQs about Usenet */
------------------------------
From: [EMAIL PROTECTED] (Michael Proto)
Subject: Re: Linux and Win9x trouble
Date: 15 May 1999 08:07:29 GMT
On Fri, 14 May 1999 22:52:40 -0500, [EMAIL PROTECTED] muttered:
>Howdy all:
>
>I am a Linux newbie. I have just installed Redhat Linux 5.1 on an i486
>PC and it is running fine. Now I want to connect this machine with my
>Win9x machines over an existing Ethernet network using Samba. The Linux
>machine (named "linux") shows up in the Win98 (but not Win95) machine's
>"Neighborhood Network". I can successfully ping the Linux machine from
>each Win9x machine, and vice versa.
>
>PROBLEM 1:
>When I attempt to browse the linux machine from Window's Explorer I get
>the following message:
>
>You must supply a password to make this connection:
>Resource: \\LINUX\IPC$
>Password:
>
>Well, I've tried everything, but cannot find the right password to get
>past this prompt. I have created an account for the Win98 machine on the
>linux machine and assigned it a password with the PASSWD command. I have
>disabled password encryption on the Win98 box.
>
>I have learned that IPC stands for "interprocess communications", but
>have not been able to figure out why I am getting this message or how to
>set the password.
Sounds like Samba is defaulting to user level security (which Win98 cannot
do without WinNT on the network). Try adding 'security = share' to your
smb.conf file.
--
-] Michael Proto [-
-] MCP [-
-] Happy Linux user since 1997 [-
ERROR: REALITY.SYS Corrupted! Reboot universe? (Y/n)
------------------------------
From: Leo Wong <[EMAIL PROTECTED]>
Subject: ipopd problem, again
Date: 15 May 1999 07:45:17 GMT
Hi,
This is an old questions...
I use a linux machine to act as a mail server, user fromwin95/nt will get
mail from it. but one day, it says "cannot log in to server,
password incorrect"
so i read the news group, and found that i have to delete
"var/tmp/.pop/username" there, but after the i deleted those lock files,
the probelm persist!!! can any body tell me why?
i am using slackware 3.5,
Thanks a lot
Best regards
Leo
------------------------------
From: "Kai Krakow" <[EMAIL PROTECTED]>
Subject: unknown data from my p-to-p address
Date: Fri, 14 May 1999 18:22:10 +0200
Reply-To: "Kai Krakow" <[EMAIL PROTECTED]>
Hi!
My firewall denied the following package which came from my p-to-p address
(I suppose this to be the router at my ISP):
terra kernel: Packet log: ppp-in DENY ippp0 PROTO=1 195.90.8.65:5
195.90.8.81:1 L=56 S=0x00 I=64326 F=0x0000 T=255
What is this package for (TCPMUX service) and why does the router at my ISP
send me this package - usually I never get data from that address so I
blocked it on my firewall. Could this be a hackers attack? Looks like IP
spoofing to me...
Since TCPMUX can be used to connect to services without needing to connect
to the port (if I got this part right from the rfc) it even worries me more
that someone or something tries to connect to my local router on that
port...
TIA
ciao
Kai
------------------------------
From: [EMAIL PROTECTED] (Colin Overton)
Subject: Taylor uucp scripts
Date: Sat, 15 May 1999 08:25:57 GMT
Hi,
I would like some sample files required and information to set up
Taylor uucp under Linux including sys, call, port, etc.
I have set up uucp under SCO unix and need information do perform it
quickly under Linux.
Any other help would be appreciated.
Thanks in Advance
[EMAIL PROTECTED]
Colin Overton
Australia
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: trouble pinging
Date: Fri, 14 May 1999 16:43:38 GMT
The windows 95 box is assigned an ip address of 10.1.1.2 with a subnet
mask of 255.255.255.0
The linux box is 10.1.1.3 and has the same subnet mask
when i try to ping i just type
"ping 10.1.1.2" on linux or
"ping 10.1.1.3" on windows 95
I hope this info helps
Kevin Riederer
In article <7hgfal$j04$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> In article <7hg3l1$[EMAIL PROTECTED]>,
> "Vampa" <[EMAIL PROTECTED]> wrote:
> > I have two computers on a small home network: one is running windows
> 95 and
> > the other Debian linux v2.1. Both have D-link NICS(the windows is a
> DE-528,
> > the linux is DE-220). I have both of the cards configured correctly
> and the
> > linux box uses a ne-2000 compatible isa driver. both computers can
> ping
> > themselves and eth0 does show up when I run ifconfig. The network
also
> shows
> > up correctly in the routing table. But when i ping the linux
computer
> from
> > windows 95 and vice versa, it times out. if i run tcpdump on linux
> and then
> > ping it from windows 95 it shows that the linux box is receving the
> request
>
> this tells us so far that the physical connection is ok
>
> > and that it is sending a return packet, but the windows 95 ping
still
> times
> > out. I have even tried running a win95 packet sniffer and found the
> same
> > results
> i.e., the win95box receives the request and gives out an answer, but
the
> linux-ping still times out, is that right?
>
> when I ping from linux.
> > What could I be doing wrong?
> >
> it would help to know about
> a) your configuration
> ( ip-adresses, subnet-mask from both machines)
> and b)
> do you ping with names and adresses
> ( like ping vvv.www.xxx.yyy AND ping linux.box where vvv.www.xxx.yyy
is
> the adress of the computer with the name linux.box )
>
> > Thanks in advance,
> > Kevin Riederer
> >
> >
>
> --== Sent via Deja.com http://www.deja.com/ ==--
> ---Share what you know. Learn what you don't.---
>
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: "Sherm <><" <[EMAIL PROTECTED]>
Subject: Re: IP Masquerading doesn't work!
Date: Fri, 14 May 1999 22:01:44 -0500
I'm not an expert by any means, but you may find it easier to use a different
subnet mask on your private class C setup
> #ipfwadm -F -a masquerade -P tcp -S 192.168.0.0/255.255.0.0 -D 0.0.0.0/0
>
> #ipfwadm -F -a masquerade -P udp -S 192.168.0.0/255.255.0.0 -D 0.0.0.0/0
rather than 255.255.0.0 try 255.255.255.0
if you look in your routing table it is looking at that mask for the subnet
> 192.168.0.0 * 255.255.255.0 U 0 0 4
Sherm <><
sherm80 @ hotmail.com
------------------------------
From: "Sherm <><" <"sherm80 "@ hotmail.com>
Subject: ipchains and broadcast messages
Date: Fri, 14 May 1999 22:33:23 -0500
Reply-To: [EMAIL PROTECTED]
Can somebody assist me with setting up an ipchain rule that does not
forward broadcast messages? Currently I have dial-on-demand using pppd
working, but unfortunately every broadcast message from a Win client
causes my linux box to dial-up.
The only settings I have for ipchains currently is:
ipchains -P forward DENY
ipchains -A forward -j MASQ -s 192.168.2.0/24 -d 0.0.0.0/0
Any assistance would be appreciated. Thanks.
Sherm <><
sherm80 @ hotmail.com
------------------------------
From: "Bono" <[EMAIL PROTECTED]>
Subject: Is Linux Slower than Windows??(ppp)
Date: Sat, 15 May 1999 16:38:52 +0900
Firstly, I apologize for this provocative title. It is nonsense that Windows
is faster than Linux. That's one of the reasons I love Linux.
However, I encountered a frustrating case recently.
I use both win95 and Linux in my desktop(pentium120), which is connected to
internet.
Then I ususally connect my win95 notebook to the desktop with DIRECT SERIAL
CABLE. It enables my notebook to use PPP, therefore all TCP/IP networking.
It works flawlessly no matter whether my desktop is booted with win95 or
Linux. But the connection speed was faster when the desktop was booted with
win95.
Here are the comparison.
<case 1> I used Dial Up Networking server & client and Wingate for the ppp
connection when I booted my desktop with win95.
<case 2> When I booted the desktop with Linux(RedHat 5.2), I used
PPPD(2.3.5).
****Average ping time between desktop and notebook*******
<case 1>___> 6ms
<case 2>___> 20ms
I set the serial speed at 115200 at both case.
I also used the same cable & same settings on client side.
Average 17~20ms was the best speed I could make with Linux desktop and the
speed fluctuated very much, while the connection between 2 win95 machines
was stable at 6ms.
I want to use Linux for my desktop instead of windows because I want to
enjoy the powerful masquerading capabilities of Linux.
However I have no idea how to improve the ppp connection speed.
The speed matters for me.
Are there anybody who can make it faster?
Or anyone who get less ping time at the same environmnet?
------------------------------
From: [EMAIL PROTECTED]
Subject: How to let IBM 100/10 ISA NIC work with Redhat 6.0?
Date: Sat, 15 May 1999 08:33:11 GMT
Hi,
Is there any Linux expert who has an IBM 100/10 ISA
Ethernet Adaptor working with Linux? Any suggestion is
highly appreciated!
Thanks.
-- Eric Shyu --
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: "Tom Jobbins" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.admin.networking,comp.unix.bsd.freebsd.misc
Subject: Re: Question: setting up address translation/IP masquerading across an
internet PPP link
Date: Fri, 14 May 1999 17:28:45 +0100
> Now, once ppp's connected to your ISP, use the vpn profile to
> establish a VPN between you and your work machine. The VPN
> uses synchronous ppp over udp.
This looks great, and just what I need - thanks very much!
I do just have one final question - how will the IP addresses work?
Say 'home' is given IP 194.50.50.1 by its ISP
'work' has the fixed IP address of 123.30.20.1
So using your vpn example, a connection is opened from 194.50.50.1 to
123.30.20.1 UDP port 6671. Now, when 'home' connects to an outside site,
say www.freebsd.org, what IP does it appear as? Presumably it appears as
123.30.20.1?
So in effect, is there implicit PPP aliasing here? PPP is turning IP
requests from 194.50.50.1 into 123.30.20.1 and vice versa? Will this work
in exactly the same way as running ppp -alias would?
If that's the case, is there any way that I could map incoming requests to
123.30.20.1 onto 194.50.50.1? What I was hoping to do was allocate an IP
address entirely for my dialup (I would then simply bind that to an existing
machine, so that machine would have two IPs). Any traffic coming into this
IP would be sent onto 194.50.50.1 transparently. I realise this may be
asking a bit too much!
Thanks again for your help, and keep up the good work on ppp! It's really a
great program
Tom
PS. Feature request :) On Linux I've used the 'diald' program, which is a
useful utility which allows for dial-on-demand PPP. Your ppp does mostly
all that diald does, with one exception: diald allows you to specify times
during which it wont dial up (or, times during which it will), and also
allows you to schedule dialups to occur at certain times. This is very
useful, because it provides a very easy way to say, for example, "maintain a
permanent connection between 6pm and 8am Mon-Fri, and all day Saturday and
Sunday, but never dial out at any other time".
Is that a feature you had thought to implement at any point?
------------------------------
From: [EMAIL PROTECTED] (Scott Hepburn)
Subject: Re: @HOME Cable Service and Linux
Date: Fri, 14 May 1999 16:53:39 GMT
I recently got this setup and running using S.u.S.E. 6.0. It took
several long night s and A LOT of help from a friend (linux expert) to
get it working. I live in the West Lafayette, IN area and so far
haven't had any problems with using static IP settings. I have heard
that the performance surfing the web may decline due to the lack of
using their proxy servers, but I seem to have seen a performance
increase!! I'm not complaining. The only problem I haven't been able
to solve is using NetMeeting from the Win98 machine inside the
firewall.
On Fri, 07 May 1999 15:10:08 -0400, Scott Robson <[EMAIL PROTECTED]>
wrote:
>Hi
>
>Im curious if anyone has had any experience using linux with the @HOME
>cable modem service (www.home.com).
>
>I know they do not support it, but is it possible to connect anyway and
>do they fire wall? static or dynamic ip? Is the general performance of
>the line good or bad?
>
>I'd plan to run a web server and maybe a mail server over it (for
>completely personal use of course). Anyone have any experience with them?
>
>Thanx in Advance
>
>Scott
------------------------------
From: Mark Weinem <[EMAIL PROTECTED]>
Subject: ip-up trouble
Date: Fri, 14 May 1999 15:43:26 +0200
Reply-To: [EMAIL PROTECTED]
Hi,
I'm running Debian 2.0 with kernel 2.0.34
the problem:
user 'mark' starts the ppp-connect but /etc/ppp/ip-up
will not be started.
The engagement of 'root' is necessary to run /etc/ppp/ip-up.
What's up with the daemon?
Regards
Mark
------------------------------
From: Roumen Petrov <[EMAIL PROTECTED]>
Subject: Re: Linux box as a NetWare client
Date: Fri, 14 May 1999 13:10:29 GMT
In article <7hghsn$4i9$[EMAIL PROTECTED]>,
"Takashi Masuda" <[EMAIL PROTECTED]> wrote:
> Does anybody help me?
> I want to connect my linux box to a NetWare file server. I read
IPX-HOWTO
> and did the following things. But my box can't recognise the NetWare
server.
>
> 1) Download ncpfs-2.0.11.tgz and make the ncpfs software.
> 2) Rebuild the kernel which version is 2.2.7. I chose following
options.
> Networking options --->
> <M> The IPX protocol
> Filesystems --->
> <M> NCP filesystem support
> 3) Reboot.
> 4) Type the following command.
> # ipx_configure --auto_interface=on --auto_primary=on
I same have problem.
> # slist
> I couldn't see the NetWare serever.
>
> What should I do? Thanks in advance
>
> Takashi Masuda
> K.K.Rocky.
>
>
My linux is based on slackware 3.6 :
patched to kernel 2.0.36
ncpfs-2.2.0 ( downloaded )
I am make self this 2 scripts after some test.
# /etc/config.ipx
#
# Configure IPX networking
#
# Author: Roumen Petrov, sep 1998.
IPX_AUTO_PRIMARY=on
IPX_AUTO_INTERFACE=on
IPX_CONFIGURED=yes
IPX_DEVICE=eth0
IPX_FRAME=802.3
#IPX_INTERNAL_NET=yes
#IPX_NETNUM=333
IPX_INTERNAL_NET=no
IPX_NETNUM=0
#! /bin/sh
#
# rc.nwnet Bring up/down IPX networking
#
# Author: Roumen Petrov, sep 1998.
IPX_BIN=/usr/bin
IPX_NODE=1
. /etc/config.ipx
case "$1" in
start)
echo "Starting IPX network..."
if [ ${IPX_CONFIGURED} = "yes" ]; then
if [ ${IPX_INTERNAL_NET} = "yes" ]; then
${IPX_BIN}/ipx_internal_net add ${IPX_NETNUM} ${IPX_NODE}
else
${IPX_BIN}/ipx_interface add -p ${IPX_DEVICE} 802.3
${IPX_NETNUM}
${IPX_BIN}/ipx_interface add ${IPX_DEVICE} 802.2
${IPX_NETNUM}
fi
fi
${IPX_BIN}/ipx_configure \
--auto_primary=${IPX_AUTO_PRIMARY} \
--auto_interface=${IPX_AUTO_INTERFACE}
;;
stop)
echo "Stoping IPX network..."
ipx_configure --auto_primary=off --auto_interface=off
ipx_interface delall
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
! Dont use IPX_INTERNAL_NET, IPX_NETNUM, IPX_NODE: this is only for
mars_nwe server, but I have some problem with ncpfs and mars_nwe. I
don`t use mars_nwe in this time.
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: bryan <[EMAIL PROTECTED]>
Subject: Reliable (!) nic for 2.2 kernel?
Crossposted-To: comp.os.linux.development.system
Date: Sat, 08 May 1999 14:13:16 GMT
my tulip card is totally unreliable. I can bring it down with an ftp
xfer (local lan) at 10 or 100, in a minute or less. network hangs and
will NOT be reset by software.
with a T1 download, it can hang the network in a few hours. this sucks ;-(
even a '/etc/rc.d/init.d/network stop; /etc/rc.d/init.d/network start'
won't fix the card. only a HARD reboot will reset it.
has anyone done any load testing on the 2.2 kernel and found a
RELIABLE nic card they could recommend? one that stays up under close
to full load on a local 10/100 lan?
(btw, I now have several dec tulip cards for sale. I refuse to use
them in 2.2 kernel boxes I have here - sigh.)
--
Bryan
------------------------------
From: [EMAIL PROTECTED]
Subject: Masquerading security
Date: Sat, 15 May 1999 08:49:06 GMT
Ok i'm kinda shooting off the hip here with limited knowledge of linux
and ip spoofing.
My question is, can linux set the ip-masquerading to a specific device
instead of a local net. Say to route eth0 <-> ppp0. I've read the how-
to and they seem to point to a routing of [local net] <--> [internet]
before i decided to instantiate the changes i'd like to know if its
possible to spoof a packet as one of the allowed addresses from the
local net, send it to the linux machine in question and have it forward
it out to the internet. This would be a real easy way to blindly
spoof/attack another machine.
Any comments?
Argus
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED] (David De Ridder)
Subject: Re: Route and network broadcasts
Date: Fri, 14 May 1999 17:58:34 GMT
Reply-To: [EMAIL PROTECTED]
Whereto with speedy words Jon repli'd :
>I have a small network of about 14 computers and for various reasons I have had
>to make two subnets for them. the network is not on the internet and uses ip
>addresses of 90.0.0.* and 90.0.1.* for the two subnets.
>I have routes set up as follows:
>dest netmask interface
>90.0.0.0 255.255.255.0 eth0
>90.0.1.0 255.255.255.0 eth1
>127.0.0.0 255.0.0.0 lo
>
>The problem I have is that although all ip packets are forwarded accross
>properly, it appears that broadcast aren't. I don't know if this is normal or
>not but I think I need it. anything to 90.0.0.255 appears to work but anything
>else like:
>90.0.255.255
>or
>255.255.255.255 doesn't.
I assume you're only talking about IP broadcasts and NOT Ethernet
broadcasts.
There are *different* kinds of broadcasts in IP :
- 255.255.255.255 : the so-called "limited broadcast".
RFC1122 says the following :
"A datagram with this destination address will be
received by every host on the connected physical
network but will not be forwarded outside that network."
It does NOT propagate through routers. However, I could not
find a conclusive answer to
"should it be sent on all interfaces ?".
I guess it's implementation-dependent, and I don't know what
Linux does in this case.
- 90.0.0.255 : a so-called "(Subnet-)directed broadcast" to
(sub)network 90.0.0. This one will appear as a broadcast on
eth0 in your case. (And 90.0.1.255 on eth1, resp.)
- 90.0.255.255 : This would be a subnet-directed broadcast
to network 90.0.255, which is in your set-up non-existing.
You might want to try 90.255.255.255, which is a directed
broadcast to *all subnets* of network 90 (I think).
This should be forwarded by your router.
This is an interesting problem.
Kind regards,
+-----------------------------------------------------------------+
David 'Septimus' De Ridder <[EMAIL PROTECTED]>
"The result of two million mad monkeys bashing randomly on
their keyboards is known today as the Internet."
- someone
+-----------------------------------------------------------------+
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
