Linux-Networking Digest #202, Volume #11 Wed, 19 May 99 12:14:15 EDT
Contents:
Re: Firewall question (strong ruleset) (Francois Magnan)
Tulip.c Linux and Win98 (Matthew Sabo)
FTP-installation with NE2000 or Digital DE200 (Stefan Seiffert)
Re: Networking question - Looking for a Howto ("John Martinez")
Re: Can't get my D-Link 200 TP to work ("Larry Fly")
Re: Win95->Linux PPP can't see past subnet (Robin Munn)
problems with samba ( on redhat 5.2) ([EMAIL PROTECTED])
Re: HTML based POP tools ("Mies")
PPP on Redhat 5.0 ("stuart.jeffery")
Re: IPX routing over ppp (Gustin Kiffney)
Re: Problem with Chat Script (Rand Simberg)
Re: problems with samba ( on redhat 5.2) ("Minh Nguyen")
----------------------------------------------------------------------------
Subject: Re: Firewall question (strong ruleset)
From: [EMAIL PROTECTED] (Francois Magnan)
Date: Wed, 19 May 1999 13:18:43 GMT
On 05/18/99, "David Means" wrote:
>
>Is this rule at the end of a list of rules, most of
which accept packets
>that
>come in from outside from*particular* privileged ports ?
If so, then the
>way to read this is: "if it hasn't matched something
already, and claims to
>be coming from a privileged port, ditch it."
>
Hi,
Yes, I understand clearly what the rules mean. By the way, the
firewall rules in question come from the standard:
http://www.ecst.csuchico.edu/~dranch/LINUX/ipmasq/ipmasq-
HOWTO-1.71-6.html
I just don't understand why I should drop those packets claiming to be
originating from a privileged port on the remote machine. Is this to
limit the ports available for the local users so that they cannot use
any external service? I trust my local users so I don't need to limit
the internal access to the internet. Is there a way a hacker could
profit from the acceptance of all those packets (from the exterior).
Thank you,
Francois Magnan
--
______________________________________________________
Francois Magnan
Departement de Mathematique & Statistiques
Universite de Montreal
email: [EMAIL PROTECTED] (MIME, NeXTMail Ok!)
------------------------------
From: Matthew Sabo <[EMAIL PROTECTED]>
Subject: Tulip.c Linux and Win98
Date: Wed, 19 May 1999 09:59:05 -0400
I've set up a little network with two link-sys cards, but I've
been experiencing packet loses when Win98 and Linux communicate
together.
Causing telnet sessions and the like to stop responding.
I brought my Linux machine up in win95 and the two machine work together
fine. I've downloaded the latest version of tulip.c and installed it.
I was wondering if there are any driver variables that might be set
on my Linux box to allow better communication with Win98 through the
tulip.c
driver. I was playing with ping -s, and testing different packet sizes
and
managed to get to about 4% error, which was better then the previous
18%.
Matthew
------------------------------
From: Stefan Seiffert <[EMAIL PROTECTED]>
Subject: FTP-installation with NE2000 or Digital DE200
Date: Wed, 19 May 1999 15:44:54 +0200
I'm trying to install LINUX via FTP-connection.
The system that I'm booting from floppydisk is loading the driver
NE2000 for my FiberLine FL-1609 without any problem.
Downloading data from the FTP-server is working as well but after the
window "Starting YaST" apeared I get a message:
"installation is not completed correcly"
(german:"Die Installation wurde nicht ordnungsgemaess abgeschlossen")
I tryed another ethernetcard (Digital Equipment DE 200) but with this
card the system message is: "no card found at 0x300"
Does anybody has an idea what causes the problem and what I can do to
fix it?
Stefan
------------------------------
From: "John Martinez" <[EMAIL PROTECTED]>
Crossposted-To: alt.linux,linux.redhat.install
Subject: Re: Networking question - Looking for a Howto
Date: Wed, 19 May 1999 10:23:21 -0400
Reply-To: "John Martinez" <jm*NO SPAM*@cybercom2001.com>
Chip Wiegand wrote in message <[EMAIL PROTECTED]>...
>I have two (going on 3) pc's networked at home (10/100 Mbps nic's, 100
>Mbps hub). I have looked at the Howto's located at
>-http://www.lh.umu.se/~bjorn/linux/howto/mini/HOWTO-INDEX-3.html#ss3.1.
>I see lots of networking howto's but they seem to be alot more than I
>need for my home net. Can someone please fill me in on just what I need
>to do for settings? These two pc's dual boot with win95, and I have two
>shared printers, and want to share my ISDN terminal adapter (which is
>shared in win95 via LanBridge Server).
>I don't have a server, just peer-to-peer.
>I appreciate any help anyone can provide.
>Chip
>[EMAIL PROTECTED]
>
Sounds like you need a proxy server...
SInce you have one CPU physically connected to the ISDN modem, that means
that computer (Computer A) is the only one that will receive a "valid" IP
address from your ISP. (be able to talk on the internet)
You want Computer B to be able to do activity on the internet so you use the
proxy server to forward your request from Computer B to Computer A, then A
requests the info you are looking for (Web page, IRC, etc), upon reception,
returns it to B.
Kinda like a middle-man...
John Martinez, MCSE
------------------------------
From: "Larry Fly" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware
Subject: Re: Can't get my D-Link 200 TP to work
Date: Tue, 18 May 1999 22:17:44 -0500
This is a multi-part message in MIME format.
=======_NextPart_000_00B1_01BEA17C.409250E0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
If the card in PnP Mode? Do you have the DLink config software?
Caldera installed my card just fine @ 300h, Irq 10.
Larry Fly
Richard van Denzel wrote in message =
<[EMAIL PROTECTED]>...
Hi All,=20
I have a RedHat 5.2 system running (kernel 2.0.36-7) but I can't get =
my=20
D-Link 200 TP card to work. I read somewhere to use de NE2000 driver =
for it,=20
so I did.=20
/etc/conf.modules=20
-----------------=20
alias eth0 ne=20
options ne io=3D0x300 irq=3D11 (According to W95 which is =
running also on=20
my PC on another disk).=20
When I try a modprobe ne, I get the following error:=20
ne.c: No NE*000 card found at i/o=3D0x300=20
insmod: /lib/modules/2.0.36/net/ne.o: init_module: Device or =
resource busy.=20
What is wrong, am I not using the correct driver, should I use =
another one? Is=20
there a special driver for my card (D-Link 200 TP)?=20
Can anyone help?=20
Thanx in advance,=20
Richard.=20
--=20
Richard van Denzel=20
ICT Support Coordinator=20
* ** INTER ACCESS B.V. | Tel. +31(0)35 6888310=20
**** **** IT - SERVICES | Fax +31(0)35 6888699=20
* ****** Marathon 5 | [EMAIL PROTECTED]=20
************* 1213 PC HILVERSUM | www.interaccess.nl=20
****** ****** | GSM 06-55876927=20
****** ******** None of the statements done via=20
****** ********** this channel express the values or=20
****** ************ opinions of the company Inter Access=20
=20
=======_NextPart_000_00B1_01BEA17C.409250E0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN">
<HTML>
<HEAD>
<META content=3Dtext/html;charset=3Diso-8859-1 =
http-equiv=3DContent-Type><!doctype html public "-//w3c//dtd html 4.0 =
transitional//en">
<META content=3D'"MSHTML 4.72.3110.7"' name=3DGENERATOR>
</HEAD>
<BODY bgColor=3D#c0c0c0>
<DIV><FONT size=3D2>If the card in PnP Mode? Do you have the DLink =
config=20
software?</FONT></DIV>
<DIV><FONT size=3D2></FONT> </DIV>
<DIV><FONT size=3D2>Caldera installed my card just fine @ 300h, Irq=20
10.</FONT></DIV>
<DIV><FONT size=3D2></FONT> </DIV>
<DIV> </DIV>
<DIV><FONT size=3D2>Larry Fly</FONT></DIV>
<DIV><FONT size=3D2></FONT> </DIV>
<BLOCKQUOTE=20
style=3D"BORDER-LEFT: #000000 solid 2px; MARGIN-LEFT: 5px; PADDING-LEFT: =
5px">
<DIV>Richard van Denzel<[EMAIL PROTECTED]> wrote in message =
<<A=20
=
href=3D"mailto:[EMAIL PROTECTED]">37401330.FECCA1A3@intera=
ccess.nl</A>>...</DIV>Hi=20
All,=20
<P>I have a RedHat 5.2 system running (kernel 2.0.36-7) but I can't =
get my=20
<BR>D-Link 200 TP card to work. I read somewhere to use de NE2000 =
driver for=20
it, <BR>so I did.=20
<P>/etc/conf.modules <BR>----------------- <BR>alias eth0 ne =
<BR>options ne=20
io=3D0x300 irq=3D11 =
(According to W95=20
which is running also on=20
=
<BR> &nb=
sp; &nbs=
p; =20
my PC on another disk).=20
<P>When I try a modprobe ne, I get the following error: <BR>ne.c: No =
NE*000=20
card found at i/o=3D0x300 <BR>insmod: /lib/modules/2.0.36/net/ne.o:=20
init_module: Device or resource busy.=20
<P>What is wrong, am I not using the correct driver, should I use =
another=20
one? Is <BR>there a special driver for my card (D-Link 200 TP)? =
<BR>Can=20
anyone help?=20
<P>Thanx in advance,=20
<P>Richard.=20
<P>-- <BR>Richard van Denzel <BR> ICT Support Coordinator=20
<P> * =20
** INTER ACCESS B.V. | =
Tel.=20
+31(0)35 6888310 <BR> **** =20
**** IT =
- =20
SERVICES | Fax +31(0)35 6888699 =
<BR> =20
* ****** =20
Marathon 5 |=20
[EMAIL PROTECTED] <BR> =20
************* 1213 PC HILVERSUM | =
www.interaccess.nl=20
<BR> ****** ****** | GSM =
06-55876927=20
<BR> ****** ******** =20
None of the statements =
done =20
via <BR> ****** ********** =20
this channel express the values or=20
<BR>****** ************ =
opinions =20
of the company Inter Access <BR> =
</P></BLOCKQUOTE></BODY></HTML>
=======_NextPart_000_00B1_01BEA17C.409250E0==
------------------------------
From: Robin Munn <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.ppp
Subject: Re: Win95->Linux PPP can't see past subnet
Date: Wed, 19 May 1999 13:53:19 GMT
In article <7ht92b$5p9$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Bill Unruh) wrote:
> In <7hsc60$k0f$[EMAIL PROTECTED]> Robin Munn <[EMAIL PROTECTED]> writes:
>
> >The Windows box (I'll call it "winbox") can't see past the class C
> >subnet it's on. The Debian box (I'll call it "thorn") has IP
a.b.65.12
>
> You have routing problems.
>
> >Running winipcfg on winbox I get:
>
> >PPP Adapter
> >Adapter Address: 44-45-53-54-00-00
> >IP Address: a.b.65.102
> >Subnet Mask: 255.255.255.0 <-- should be 255.255.255.255, see
below
> >Default gateway: a.b.65.102 <-- shouldn't this be a.b.65.12?
> It sure should not be using itself as teh gateway since this is for
> stuff it does not know about!
> What is the full route info on the win box? (Sorry I do not know how
to
> ask it)
>
>
Doing "route print" at a DOS prompt on winbox I get:
Active Routes:
Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 a.b.65.102 a.b.65.102 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
a.b.65.0 255.255.255.0 a.b.65.102 a.b.65.102 1
a.b.65.102 255.255.255.255 127.0.0.1 127.0.0.1 1
a.b.65.255 255.255.255.255 a.b.65.102 a.b.65.102 1
224.0.0.0 224.0.0.0 a.b.65.102 a.b.65.102 1
^^^^^^^^^ I have NO idea why this line shows up...
255.255.255.255 255.255.255.255 a.b.65.102 a.b.65.102 1
Someone else pointed out that when Windows shows "a.b.65.102" as a
gateway (i.e., the IP assigned to the modem) it really refers to
a.b.65.12, the IP of the other side of the PPP link. So that *should*
work...
Also, I *do* have "Use default gateway on the other network", or
whatever the exact text is, checked in the PPP connection's settings. So
I *think* the default routing line above should be:
Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 a.b.64.1 a.b.65.102 1
instead of:
Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 a.b.65.102 a.b.65.102 1
but I don't know why that's not the case.
I've got IP forwarding turned on on thorn, and I'm using the proxyarp
parameter to pppd. Everything I've read in all the HOWTO's, FAQ's, and
so on suggest that that's all it takes: this should be working. Aaargh!
Maybe I'm "too close" to the problem. Maybe there's something obvious
that I'm overlooking. I sure hope so.
Thanks for your help.
--
Robin Munn (Legal name: Robert A. Munn)
[EMAIL PROTECTED]
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED]
Subject: problems with samba ( on redhat 5.2)
Date: Wed, 19 May 1999 13:52:59 GMT
hi,
I'm having a strange problem with samba 1.9.18p10-5 i'm using my linux
box as a file server for 6 Win9x boxes and as a gateway for masq. the
server (linux box) can see the the windows boxes and can mount the
shares without any probelm but when i try to use any shares on the linux
box from any of the windows boxes i see a strange dialog box that says
\\server\IPC$\ and ask for a password
i used all passwords ( linux and windows ones) but no way!!
if any one can help i'll be so greatfull
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: "Mies" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: HTML based POP tools
Date: Wed, 19 May 1999 16:57:50 +0300
>I'm fairly new at Linux (2.2) and have a couple of questions regarding
<snip!>
>2- HTML based Clients
>
Well you could try IMP, I recall it handles IMAP and POP.
It was http://www.horde.org/ I think...
------------------------------
From: "stuart.jeffery" <[EMAIL PROTECTED]>
Subject: PPP on Redhat 5.0
Date: Wed, 19 May 1999 15:33:51 +0100
Reply-To: [EMAIL PROTECTED]
Hi,
I have setup PPP on a Redhat Linux 5.0 box with 2.2.7 kernel and can
establish a
PPP connection from a Windows 95 box.
The problems I have are that one of the Solaris 2.6 servers on the same
LAN as
the Linux box cannot be connected to. When I try to establish a telnet
connection
to it from the Windows 95 dialup connection I get connected to the Linux
box. Other
boxes on the same LAN are accessible.
Also, if the linux box has an rlogin session onto the Solaris box open
when the
Windows 95 box establishes the PPP connection, the Linux to Solaris
rlogin gets
broken with the messages
"rlogin: read: Connection reset by peer.
rlogin: connection closed."
What's happening?
Stuart K Jeffery
[EMAIL PROTECTED]
------------------------------
From: Gustin Kiffney <[EMAIL PROTECTED]>
Subject: Re: IPX routing over ppp
Date: Wed, 19 May 1999 14:55:19 GMT
[posted and mailed]
You are most of the way there. You need a routing daemon
(variously called ipxd and ipxripd) by Volker Lendecke
to get your routes propagated so you can "see" the servers.
You can do the routes by hand using ipx_route but
that's tedious and prone to error.
Be aware that ipxd has a compiled-in limit of 7 servers
that it will keep in its table so if you have more you may
need to edit the IPX_MAX_SAP-something define to suit
yourself and recompile. Also you do need a network number
defined on your PPP link - it should be the same
on both ends.
The two networks you are linking with PPP have their own
numbers, and your Netware servers have their own internal
numbers. Also if you are running two different frame
types, as it appears, each frame type has its own different
6=byte network number. (See if you can pick one frame
type for your Linux boxes to simplify things -
it is not likely you really need
two frame types - but if you pick one that your servers
DON'T use, you won't see anything.
So for the IPX link, each Linux machine needs to share
a unique, different from all the rest number. In /etc/ppp/
options or somewhere, put in
ipx-network abeef
or some other 6-byte or less hex number on BOTH linux boxes
that are linked by PPP. Then run ipxd, run 'slist' a few
times and your servers should appear (it may take a minute
or so).
I saw someone authoritatively say IPX isn't routable.
Don't believe everything you read!
(i.e., he is wrong)
"Michael Gibson" <[EMAIL PROTECTED]> wrote:
> Hi,
> I've already been all over deja news and the How-To's for this one.
I
> cant get a working solution. I'm trying to route IPX between two
networks
> through ppp so that DOS clients on the remote subnet can log into a
Novell
> server on the local subnet. Here's my situation:
> I've got two identically configured slackware Linux boxes dialing in
to each
> other and properly routing IP between their subnets. I've got IPX
working
> and can see the following in an ifconfig:
> eth0 Link encap:Ethernet HWaddr 00:C0:F0:1C:53:9E
> inet addr:192.168.138.254 Bcast:192.168.138.255
> Mask:255.255.255.0
> IPX/Ethernet 802.2 addr:00990000:00C0F01C539E
> IPX/Ethernet 802.3 addr:00009900:00C0F01C539E
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:75 errors:0 dropped:0 overruns:0 frame:0
> TX packets:1068 errors:0 dropped:0 overruns:0 carrier:0
coll:0
> Interrupt:3 Base address:0x300
>
> ppp0 Link encap:Point-to-Point Protocol
> inet addr:192.168.139.252 P-t-P:192.168.139.254
> Mask:255.255.255.0
> IPX/Ethernet 802.2 addr:00770000
> IPX/Ethernet 802.3 addr:00007700
> UP POINTOPOINT RUNNING MTU:1500 Metric:1
> RX packets:82 errors:0 dropped:0 overruns:0 frame:0
> TX packets:63 errors:0 dropped:0 overruns:0 carrier:0 coll:0
>
> ---------------
> - LOCAL -
> - -
> - -
> - -
> - eth0 -----NOVELL
> - -
> - -
> - ppp0 -
> ---------------
> |
> phone|line
> |
> ---------------
> - ppp0 -
> - -
> - - _DOS
> - - /
> - eth0 -----DOS
> - - \_
> - - DOS
> - REMOTE -
> ---------------
>
> But I'm not sure what network addresses to use to see my Novell server
> across them. I copied the addresses off the Novell server for the
host
> Linux box and made up addresses for the remote. I'm using the ipx
internal
> network option in the kernel. I've got the ipx_interface and ipxd
compiled
> and working as specified in the IPX-HowTo. Still not routing, though.
I'm
> sure part of the problem is that I know nothing about IPX routing
theory.
> Any tips?
>
>
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: [EMAIL PROTECTED] (Rand Simberg)
Subject: Re: Problem with Chat Script
Date: Wed, 19 May 1999 14:41:34 GMT
On 19 May 1999 06:35:14 GMT, in a place far, far away,
[EMAIL PROTECTED] (Bill Unruh) made the phosphor on my monitor glow
in such a way as to indicate that:
>In <[EMAIL PROTECTED]> Bob Martin <[EMAIL PROTECTED]> writes:
>
>]Rand Simberg wrote:
>]>
>]> OK, now that I think I've got my modem working without stepping on my
>]> mouse, I'm trying to set up a proper connection to my ISP. Per the
>]> instructions on the PPP web page, just to start, I'm sending the
>]> following single command line, without a chat script.
>]>
>]> Command:
>]>
>]> pppd /dev/ttyS2 115200 debug connect "/usr/sbin/chat -v ''
>]> ATD13108960011 CONNECT '' ogin:
>]> us,ppp,simberg assword: *********"
>
>Are you sure it is on the same command line.
Well, I get a right angle bracket in front of it, showing it's a
continuation
>I would also put '' around the
>'us,ppp,simberg'
>(Is that really what they want as a username?)
OK, I'll try the single quote. Yes, that is the username, probably to
distinguish it from their shell accounts (I have both).
************************************************************************
simberg.interglobal.org * 310 372-7963 (CA) 307 739-1296 (Jackson Hole)
interglobal space lines * 307 733-1391 (Fax) http://www.interglobal.org
"Extraordinary launch vehicles require extraordinary markets..."
Replace first . with @ and throw out the "@trash." to email me.
Here's my email address for autospammers: [EMAIL PROTECTED]
------------------------------
From: "Minh Nguyen" <[EMAIL PROTECTED]>
Subject: Re: problems with samba ( on redhat 5.2)
Date: Wed, 19 May 1999 11:14:09 -0400
Have you setup your smbpasswd file yet? The location should be specified in
smb.conf
Use commands smbadduser and smbpasswd. These commands may only be for samba
2.0.4xx thought. So you're better off reading the documentation on how to
convert your linux passwd file into a smbpasswd file. Assuming you want to
keep the same passwords.
The other option that may cuase a problem is password encryption. Again,
read the docs.
Minh
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
