Linux-Networking Digest #180, Volume #11 Mon, 17 May 99 00:14:15 EDT
Contents:
Easy one?: Why can't anyone telnet to my Linux box? (Greg Nicholson)
PPP problem with 2.2 kernel ("Tim Simpson")
Re: Diablo UDP packet problems behind IP Masquerading ("Robert Hurst")
Re: Diablo UDP packet problems behind IP Masquerading ("Robert Hurst")
Re: ipchains help please (Uri Zalk)
Re: How do I setup ip accounting with ipchains? (Paul Rusty Russell)
Re: Netgear EA201 NIC driver (Jeffrey Bell)
Re: Setup Apache 1.3.3 with RedHat 5.2 [kernel 2.0.36] (Yoke Meng Kim)
What do I need to start with Samba? (Stephan)
drivers for DEC 21041 NIC (Bayardo Eugene Lopezpineda O'Reardon)
Re: ipfwadm, DNS, and masq - policy ? (Paul Rusty Russell)
reply to: in .fetchmailrc (Eddiej)
Re: ppp and 'winmodem' ("Brian West")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Greg Nicholson)
Subject: Easy one?: Why can't anyone telnet to my Linux box?
Date: Sun, 16 May 1999 21:11:24 -0400
FTP authenticates with NO problem. This is a fresh install of Redhat
v4.0 (Kernel 2.0.18).
What's the obvious thing I missed? When loggin in as 'root' or any other
user I get 'Login incorrect'. However, loggin in locally is NO problem
------------------------------
From: "Tim Simpson" <[EMAIL PROTECTED]>
Subject: PPP problem with 2.2 kernel
Date: Mon, 17 May 1999 13:24:37 +1200
I'm having a problem getting data rates over 1 kb/s with a PPP
link using kernels 2.2.1-2.2.9. The modem is a 56 kb/s.
I've tried several times, running pppd 2.3.8 & 2.3.5.
When I boot to 2.0.35 it all runs fine. I get IP masquerading,
and transfers approx 4.7-5 kbps. But essentially the same setup
booting to 2.2.x I can't get more than about 1 kb/s. The IP masq'ing
works fine under 2.2.x, but none of the masq'ed machines get fast transfer
rates. Is there anyone there that can provide a pointer to where
I should look in the config/log files to try and find out what's going on?
Tim Simpson
--
Email spam protection enforced. Remove xx's form return address to reply
------------------------------
From: "Robert Hurst" <[EMAIL PROTECTED]>
Subject: Re: Diablo UDP packet problems behind IP Masquerading
Date: Mon, 17 May 1999 01:38:00 GMT
I've asked this question several times myself, but I did read on an ipmasq
web-site the following:
This patch allows NAT-friendly games to work behind Linux IP masquerading.
This patch is available for 2.0.30+ kernels and it is already built-in to
2.2.3+ kernels.
============================================================================
----
6.3 Supported Client Software and Other Setup Note
** The Linux Masquerade Application list has a lot of good information
regarding applications that work through Linux IP masquerading.
Unfortunately, this services hasn't been well maintained but if you are
interesting in taking over this site, please email either
[EMAIL PROTECTED] and/or [EMAIL PROTECTED]
Generally, any application that uses standard TCP and UDP should work. If
you have any suggestion, hints, etc., please see the IP Masquerade Resource
for more details.
Network Clients that -Work- with IP Masquerade
General Clients:
Archie
all supported platforms, file searching client (not all archie clients are
supported)
FTP
all supported platforms, with the ip_masq_ftp.o kernel module for active FTP
connections.
Gopher client
all supported platforms
HTTP
all supported platforms, WWW surfing
IRC
all IRC clients on various supported platforms, DCC is supported via the
ip_masq_irc.o module
NNTP (USENET)
all supported platforms, USENET news client
PING
all platforms, with ICMP Masquerading kernel option
POP3
all supported platforms, email clients
SSH
all supported platforms, Secure TELNET/FTP clients
SMTP
all supported platforms, email servers like Sendmail, Qmail, PostFix, etc.
TELNET
all supported platforms, remote session
TRACEROUTE
UNIX and Windows based platforms , some variations may not work
VRML
Windows(possibly all supported platforms), virtual reality surfing
WAIS client
all supported platforms
Multimedia and Communication Clients:
Alpha Worlds
Windows, Client-Server 3D chat program
CU-SeeMe
all supported platforms, with the ip_masq_cuseeme module loaded, please see
the CuSeeme section for more details.
ICQ
all supported clients. Requires the Linux kernel to be compiled with
IPPORTFW support and ICQ is configured to be behind a NON-SOCKS proxy. A
full description of this configuration is in the ICQ section.
Internet Phone 3.2
Windows, Peer-to-peer audio communications, people can reach you only if you
initiate the call, but people cannot call you without a specific port
forwarding setup. See the Forwarders section for more details.
Internet Wave Player
Windows, network streaming audio
Powwow
Windows, Peer-to-peer Text audio whiteboard communications, people can reach
you only if you initiate the call, but people cannot call you without a
specific port forwarding setup. See the Forwarders se ction for more
details.
Real Audio Player
Windows, network streaming audio, higher quality available with the
ip_masq_raudio UDP module
True Speech Player 1.1b
Windows, network streaming audio
VDOLive
Windows, with the ip_masq_vdolive patch
Worlds Chat 0.9a
Windows, Client-Server 3D chat program
Games - See the LooseUDP section for more details on the LooseUDP patch
Battle.net
Works but requires TCP ports 116 and 118 and UDP port 6112 IPPORTFWed to the
game machine. See the Forwarders section for more details. Please note that
FSGS and Bnetd servers still require IPPORTFW since they haven't been
re-written to be NAT-friendly.
BattleZone 1.4
Works with LooseUDP patch and new NAT-friendly .DLLs from Activision
Dark Reign 1.4
Works with LooseUDP patch or requires TCP ports 116 and 118 and UDP port
6112 IPPORTFWed to the game machine. See the Forwarders section for more
details.
Diablo
Works with LooseUDP patch or requires TCP ports 116 and 118 and UDP port
6112 IPPORTFWed to the game machine. See the Forwarders section for more
details.
Heavy Gear 2
Works with LooseUDP patch or requires TCP ports 116 and 118 and UDP port
6112 IPPORTFWed to the game machine. See the Forwarders section for more
details.
Quake I or II
Works right out of the box but requires the ip_masq_quake module if there
are more than one Quake I/II player behind a MASQ box. Also, this module
only supports Quake I and QuakeWorld by default. If you need to support
Quake II or non-default server ports, please see the module install section
of the rc.firewall-2.0.x and rc.firewall-2.2.x rulesets.
StarCraft
Works with the LooseUDP patch and IPPORTFWing TCP and UDP ports 6112 to the
internal MASQed game machine. See the Forwarders section for more details.
WorldCraft
Works with LooseUDP patch
Other Clients:
Linux net-acct package
Linux, network administration-account package
NCSA Telnet 2.3.08
DOS, a suite containing telnet, ftp, ping, etc.
PC-anywhere for Windows
MS-Windows, Remotely controls a PC over TCP/IP, only work if it is a client
but not a host without a specific port forwarding setup. See the Forwarders
section for more details.
Socket Watch
uses NTP - network time protocol
Clients that do not Work:
All H.323 programs
- MS Netmeeting, Intel Internet Phone Beta 2 - Connects but voice travels
one way (out). Check out Equivalence's PhonePatch H.323 gateway for one
possible solution.
Intel Streaming Media Viewer Beta 1
Cannot connect to server
Netscape CoolTalk
Cannot connect to opposite side
WebPhone
Cannot work at present (it makes invalid assumptions about addresses).
------------------------------
From: "Robert Hurst" <[EMAIL PROTECTED]>
Subject: Re: Diablo UDP packet problems behind IP Masquerading
Date: Mon, 17 May 1999 01:51:17 GMT
Oh, check out this URL:
http://members.home.com/nickoljt/getLinux.html
I found the previous info from this site.
------------------------------
From: [EMAIL PROTECTED] (Uri Zalk)
Subject: Re: ipchains help please
Date: Mon, 17 May 1999 02:08:56 GMT
Reply-To: [EMAIL PROTECTED]
Apologies for all concerned a cuber egg on my face:
In order to correspond with the other ip addresses used
the last line in the example should have read:
/sbin/route add -net 192.168.1.0
On Sun, 16 May 1999 14:44:34 GMT, I wrote:
>The following worked for me on upgrade from 5.2 to 6.0:
>(At the end of /etc/rc.d/rc.local)
>...
>
>echo "ip_masq 192.168.1.1"
>echo "1" > /proc/sys/net/ipv4/ip_forward
>/sbin/depmod -a
>/sbin/modprobe ip_masq_ftp.o
>/sbin/modprobe ip_nasq_raudio.o
>/sbin/modprobe ip_masq_irc.o
>
># This was the old version using ipfwadm:
>
># /sbin/ipfwadm -F -p deny
># /sbin/ipfwadm -F -a m -S192.168.42.0/24 - D0.0.0.0/0
>
># Now using ipchains:
>
>/sbin/ipchains -P forward DENY
>/sbin/ipchains -A forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
>
># Just to make sure:
>
>/sbin/ifconfig eth0 192.168.1.1
>/sbin/route add -net 192.168.42.0
>
>..
>
[snip] ...
------------------------------
Subject: Re: How do I setup ip accounting with ipchains?
From: Paul Rusty Russell <[EMAIL PROTECTED]>
Date: 16 May 1999 04:45:07 +0930
[EMAIL PROTECTED] (Caveman) writes:
> Hi,
>
> I've got 3 computers here. 2 windows 95 machines and one Linux
> internet gateway:
>
> 192.168.10.2 (Win 95)
> 192.168.10.25 (Win 95)
> 192.168.10.1 (Linux)
>
> The Linux-box masquerades all packets going to the internet and uses
> ip forwarding. I'm connected using dynamic ip and ppp0 as device.
> Now I want to setup ip accounting so I could see the amount of data
> that the machines (192.168.10.2 and 192.168.10.25) produce, both
> incoming and outgoing (if possible I would like these split into two
> seperate parts).
>
> I've read the manual but I can't figure out how to do it. The manual
> only deals with a single computer going to the internet and not with
> an entire LAN. Can anyone send me an example for ip accounting with
> ipchains. I only need the accounting rules, the rest is already
> working.
Just add rules at the start of the input and output chains, and don't
use the `-j' flag. A rule without -j does nothing, but when it
matches the counters (use `ipchains -L -v') will increment.
Hope that helps,
Rusty.
--
Tridge, Raster, DaveM, Cort, maddog... Where will you be 9-11 July 1999?
http://www.linux.org.au/projects/calu
------------------------------
From: Jeffrey Bell <[EMAIL PROTECTED]>
Subject: Re: Netgear EA201 NIC driver
Date: Mon, 17 May 1999 04:16:03 +0000
Reply-To: [EMAIL PROTECTED]
==============49E0818E415277C3ECF89E62
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I just finished setting up a Netgear Ea201c ISA into an older i486 I had
laying
around. I connected it to my present machine (i686) which also has a
Netgear
card in it, nut it's a PCI version.
I did have some problems getting it to work at first, but I stuck with it
and I got it to work.
My problem was that it was configured as a pnp. I was told by someone
else to use
the disk that came with the card, I had to boot DOS first to use this
disk.
I ran the software to re-configure it as a non pnp device, set the IRQ to
something
that was available on my i486 (irq10), I t wrote down the io address that
was displayed
on the screen (ox300). I recompiled my kernel (2.2.8) to include the
NE2000/1000 driver.
I visited the Netgear site to grab some info on this card. It is a NE2000
compatible card.
After restart my new kernel, the driver seen the Netgear card, after a few
moments setting
up the proper files I was able to connect to my other machine with-out
further problems.
If you have any question I'll be glad to try and assist you.
Good luck.
> I've been reading that the tulip driver supports the Netgear NICs,
> but so far I could only ascertain that all these posts were referring
> to the Netgear FA 310 TX PCI card. But what about the 10baseT ISA
> card from Netgear, the EA201? Is the tulip driver supporting this NIC,
> too?
>
> Any succesful users of this NIC here?
>
> Thanks for any feedback,
> Joe
--
Jeffrey A. Bell
-------------------------------------------------------------------------
Research is what I'm doing when I don't know what I'm doing.
-- Wernher von Braun --
==============49E0818E415277C3ECF89E62
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
I just finished setting up a Netgear Ea201c ISA into an older i486 I had
laying
<br>around. I connected it to my present machine (i686) which also has
a Netgear
<br>card in it, nut it's a PCI version.
<p>I did have some problems getting it to work at first, but I stuck with
it and I got it to work.
<br>My problem was that it was configured as a pnp. I was told by someone
else to use
<br>the disk that came with the card, I had to boot DOS first to use this
disk.
<p>I ran the software to re-configure it as a non pnp device, set the IRQ
to something
<br>that was available on my i486 (irq10), I t wrote down the io
address that was displayed
<br>on the screen (ox300). I recompiled my kernel (2.2.8) to include the
NE2000/1000 driver.
<br>I visited the <a
href="http://netgear.baynetworks.com/products/ds_ea201c/index.shtml">Netgear</a>
site to grab some info on this card. It is a NE2000 compatible card.
<br>
<br>After restart my new kernel, the driver seen the Netgear card, after
a few moments setting
<br>up the proper files I was able to connect to my other machine with-out
further problems.
<p>If you have any question I'll be glad to try and assist you.
<p>Good luck.
<br>
<br>
<br>
<br>
<blockquote TYPE=CITE>I've been reading that the tulip driver supports
the Netgear NICs,
<br>but so far I could only ascertain that all these posts were referring
<br>to the Netgear FA 310 TX PCI card. But what about the 10baseT
ISA
<br>card from Netgear, the EA201? Is the tulip driver supporting
this NIC,
<br>too?
<p>Any succesful users of this NIC here?
<p>Thanks for any feedback,
<br>Joe</blockquote>
<pre>--
Jeffrey A.
Bell
-------------------------------------------------------------------------
Research is what I'm doing when I don't know what I'm doing.
-- Wernher von Braun --</pre>
</html>
==============49E0818E415277C3ECF89E62==
------------------------------
From: Yoke Meng Kim <[EMAIL PROTECTED]>
Subject: Re: Setup Apache 1.3.3 with RedHat 5.2 [kernel 2.0.36]
Date: Mon, 17 May 1999 10:15:42 +0800
Reply-To: [EMAIL PROTECTED]
jason wrote:
>
> Yoke Meng Kim wrote:
> ...
> > Following are the line from 158 to 161:
> >
> > LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i""
> > combined
> > LogFormat "%h %l %u %t "%r" %>s %b" common
> > LogFormat "%{Referer}i -> %U" referer
> > LogFormat "%{User-agent}i" agent
>
> You need to 'escape' the double-quotes (except for the ones on the end)
> in the 'combined' and 'common' log formats, like so:
>
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
> LogFormat "%h %l %u %t \"%r\" %>s %b" common
>
> -jason
>
> (to reply via email, make the appropriate substitution in my email address)
Jason, Mittra,
Thank you very much. It show "It Worked!".
------------------------------
From: Stephan <[EMAIL PROTECTED]>
Subject: What do I need to start with Samba?
Date: 17 May 1999 02:39:37 GMT
I've been playing with linux for a couple of months now and I've
decided I'm going to start figuring out the networking part of it. I've
just gotten Red Hat 6.0 and did a fresh install (I've set it up to use
GNOME). To start with, all I want to do is be able to share file with both
my linux comp and my win98 comp. The problem I have is I don't know where
to start looking for information. I'm a complete newbie at this; I've
never recompiled my kernel, I don't know if my ethernet card works, do I
need to have TCP/IP up and running before I can make these comps talk to
eachother? These are some of the issues I need addressed. Please tell me
where I can find the answers. Thanks in advance.
Stephan
PS. The linux comp has win95 on it (dual boot) and under win95 the
computers can see the shared folders on eachother without a problem. (So I
know the cards work and the cables are connected properly)
--
To reply by e-mail, remove ".NOSPAM" from the end of my e-mail address.
------------------------------
From: Bayardo Eugene Lopezpineda O'Reardon <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: drivers for DEC 21041 NIC
Date: Mon, 17 May 1999 02:31:49 GMT
Does anyone know where I can get drivers for the DEC NIC card.
model: DE450 chipset 21041
I am planing on installing red hat 6, & was just woundering if there are
any drivers for that card. or if anyone knows of any compatible drivers
i can use!
any help, greatly appreciated.
Bayardo L.
------------------------------
Subject: Re: ipfwadm, DNS, and masq - policy ?
From: Paul Rusty Russell <[EMAIL PROTECTED]>
Date: 16 May 1999 04:51:14 +0930
[EMAIL PROTECTED] (Braxton Burrsaddle) writes:
> I have DNS and masquerading running on the gateway for my network,
> which consists of fourteen NT machines, one os/2 machine and the
> gateway Linux box (SuSE 6.0, kernel 2.0.36). When ipfwadm policies O
> and I are set to accept, everything works. DNS requests are handled
> locally or forwarded to the ISP via diald. However, if I set ipfwadm
> policies for F, I, and O all to deny as default I have yet to find a
> set of added rules that allow DNS requests to be forwarded. That is,
> I haven't discovered a rule set that allows the DNS forwarding to
> bring up diald and go to the ISP's nameserver. DNS still works
> locally but hangs when it can't get out to the big nameserver. This
> behavior obtains whether the query is performed from the gateway's
> console or a remote machine.
>
> What is the minimum cut-set of rules added to 'deny' policies that
> will allow DNS forwarding to bring up diald and get out to answer the
> request?
My advice: do all your filtering in the forward rules (ie. set input
and output policies to accept).
You are probably being confused because when packets are masqueraded,
they pass the output chain with a source port 61000 to 65095.
Similarly, replies will come back in destined for this port.
Rusty.
--
Tridge, Raster, DaveM, Cort, maddog... Where will you be 9-11 July 1999?
http://www.linux.org.au/projects/calu
------------------------------
From: Eddiej <[EMAIL PROTECTED]>
Subject: reply to: in .fetchmailrc
Date: Sun, 16 May 1999 22:59:31 -0400
Is there a keyword for the fetchmailrc file that enables a valid reply
to address for the receiver
Edwardo
------------------------------
From: "Brian West" <[EMAIL PROTECTED]>
Subject: Re: ppp and 'winmodem'
Date: Sun, 16 May 1999 23:26:55 -0400
thank you microsoft!!
Brian West <[EMAIL PROTECTED]> wrote in message
news:ZMK%2.4798$[EMAIL PROTECTED]...
> i'm new to linux and after i finally got it installed right, i tried to
> setup my ppp connection to my isp. i've read every online manual and
how-to
> i can find and i've followed all directions to the letter, and it still
> won't work like it's supposed to. i've also read in many places that i
> won't be to use my 'winmodem' along with linux, and i have to assume that
> that's why i can't connect because i've done everything else. i have a US
> Robotics 56k Voice Win modem. is there any way around this so that i can
> use my modem.
> thanks
> --
> --
> J. Brian West
> [EMAIL PROTECTED]
> http://www4.ncsu.edu/~jbwest
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
