Linux-Networking Digest #293, Volume #11 Wed, 26 May 99 13:13:40 EDT
Contents:
Re: Procmail (Kevin Martin)
RH6 & PPPD 2.3.7 weirdness (Peter Schwenk)
Re: Two 3c509B's --> problems.. ("Jussi Saarivirta")
Re: PCI Network Card that definetly work in Linux and Window 98 (Rich Piotrowski)
apache settings ([EMAIL PROTECTED])
Re: can't telnet to m own machine ("Celestino Okenve Ndo")
Re: IP Masquerading on 2.2 (Robert Segall)
FA310TX w/ DEC Chipset ([EMAIL PROTECTED])
CERCO ITALIANI ALL'ESTERO PER OPPORTUNITA' COMMERCIALE ("lomax")
Re: Winbloze98-Telnet&FTP ? ([EMAIL PROTECTED])
Re: RH6 & PPPD 2.3.7 weirdness (Peter Schwenk)
News server under Linux: inn-2.2 ("Juan Ignacio P�rez Sacrist�n")
Re: knfsd doesn't follow mounts? ("Bart N. Locanthi")
Re: Have I been Hacked? (Stuart R. Fuller)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Kevin Martin)
Subject: Re: Procmail
Date: Wed, 26 May 1999 13:48:52 GMT
In article <0ZK23.663$[EMAIL PROTECTED]>, it says "Frank Apap"
<[EMAIL PROTECTED]> wrote:
>Can someone give me some pointers on what i have to do so that procmail
>checks my incoming mail, looks at subject, and then sends a response based
>on different subjects?
Invoke procmail by creating a .forward file in your HOME directory that
pipes incoming mail to procmail:
|/usr/bin/procmail
(subsitute the full path given by "which procmail" on your system)
If you set up procmail as your "Mail delivery agent" or MDA, then all you
need is a .procmailrc file to tell it what to do. You'll need that whether
you use a .forward file or not.
A .procmailrc file which is basically a script that uses an obsolete version
of regular expressions :-) to scan headers (and optionally the body, but
that is computationally more expensive):
# HTML not welcome here - you send me HTML mail, I send you a
# short message telling you you're talking only to yourself:
:0
* ^Content-type: text/html
{
LOG="HTML "
:0
| (formail -r ; cat $HOME/nohtml.txt ) | $SENDMAIL -t
}
If you want to extend that to say, returning your PGP key if the Subject is
"PGP key", it would look like:
# First try - send a text file back to someone who asks for my PGP key;
# to avoid loops, don't respond if Subject is a "Reply"
:0
* ^Subject: .*PGP key
* !^Subject: Re:
{
LOG="KEY "
:0
| (formail -r ; cat $HOME/mypgpkey.txt ) | $SENDMAIL -t
}
Each of these "paragraphs" is called a recipe, and there is one blank line
between recipes. They are processed in the order they are encountered, top
to bottom, until one of them "delivers" the mail, at which point processing
ends. The recipe above would be considered a "delivery" recipe even though
you would not see the message in your mailbox. You'd have to use a "tee" to
both SENDMAIL and your mailbox in place of the pipe in order to keep a copy.
Note that we're doing a VERY SIMPLE mail loop check -- it must be the case
that the Subject does NOT begin with "Re:"
It would be more robust if we inserted an "X-Loop:" line and tested for
that:
# Second try - send mypgpkey.txt back to someone who asks for it
# in the Subject line, and try harder to avoid mail loops between bots.
:0
* ^Subject: .*PGP key
* !^X-Loop: noreplies
| (formail -r ; \
echo 'Subject: Re: Your request for my PGP key' ; \
echo 'From: [EMAIL PROTECTED]' ; \
echo 'X-loop: noreplies' ; \
echo ; \
echo 'Attached please find the key you requested.';\
cat $HOME/mypgpkey.txt ) | $SENDMAIL -t
Note that if you are building your own headers this way, you must insert one
blank line between the headers and the start of your message body -- that's
why the one extra "echo" line above.
I just slapped this together as an example rather than clipping it out of my
running .procmailrc, so take it with a grain of salt (try it out and make
sure it works correctly before you leave it running unattended!).
------------------------------
From: Peter Schwenk <[EMAIL PROTECTED]>
Subject: RH6 & PPPD 2.3.7 weirdness
Date: Wed, 26 May 1999 12:15:31 -0400
Hello:
I've got a Gateway 5150 laptop with a 3Com Megahertz combo
ethernet/modem card. The ethernet and modem parts work fine except when
I add the "demand" option to the "PPP Options" blank of the Edit
Interface screen of the Network Configurator. PPPD complains of the
following:
May 26 10:23:15 localhost ifup-ppp: pppd started for ppp0 on /dev/modem
at 11520
May 26 10:23:15 localhost kernel: CSLIP: code copyright 1989 Regents of
the University of California
May 26 10:23:15 localhost kernel: PPP: version 2.3.3 (demand dialling)
May 26 10:23:15 localhost kernel: PPP line discipline registered.
May 26 10:23:15 localhost kernel: registered device ppp0
May 26 10:23:15 localhost pppd[606]: pppd 2.3.7 started by root, uid 0
May 26 10:23:15 localhost pppd[606]: Using interface ppp0
May 26 10:23:15 localhost pppd[606]: ioctl(SIOCSIFDSTADDR): Cannot
assign requested address(99)
May 26 10:23:16 localhost pppd[606]: Exit.
I have no idea what the "pppd[606]: ioctl(SIOCSIFDSTADDR): Cannot assign
requested address(99)" part of the messages means. Does anyone have a
clue about this? I use the "demand" option of pppd at home with a
desktop PC just fine, so this is really odd.
--
PETER SCHWENK | UNIX System
Administrator
Department of Mathematical Sciences | University of
Delaware
[EMAIL PROTECTED] | (302)831-0437
<-NEW!!!
------------------------------
From: "Jussi Saarivirta" <[EMAIL PROTECTED]>
Subject: Re: Two 3c509B's --> problems..
Date: Wed, 26 May 1999 17:13:15 +0300
Hmm, you can try adding an append line to your lilo.conf giving it
information to scan them both on bootup.
BTW, cesdis.gsfc.nasa.gov/linux is a helpful place for 3com card owners.
There's info about conf.modules and lilo.conf configurations.
Ville Nummela kirjoitti viestiss� ...
>I have a problem with two 3c509B Cyclones; If I plug in just one card,
>everything works fine. If I insert another card, linux says it has found
>one card but it doesn't work.. any ideas..?
>
>--
> | ViGe / gasp inc. | http://www.lut.fi/~vnummela | [EMAIL PROTECTED] |
> | It Has To Work. - RFC 1925 |
>
------------------------------
From: [EMAIL PROTECTED] (Rich Piotrowski)
Subject: Re: PCI Network Card that definetly work in Linux and Window 98
Date: Wed, 26 May 1999 12:38:32 GMT
On Thu, 6 May 1999 15:43:13 +0100, [EMAIL PROTECTED] (TonyC)
wrote:
>Rich Piotrowski says...
>> It may not be the sharpest knife in the drawer but, I have had good luck with
>> the Linksys 10/100 cards.
>>
>
>Extract from Ethernet Howto
>
>---
>5.24.1. LinkSys Etherfast 10/100 Cards.
>
>
> Status -- Supported
>
> Beware with these cards - apparently some use the DEC chipset, and
> some use a proprietary PNIC chipset. The drivers for the DEC chips
> will not work with the PNIC cards. Thanks to Blake Wright for
> reporting this useful bit of information.
>
> The DEC/tulip based cards are reported to work fine though.
>
>---
>
>I use a D-Link 220 PnP Card under Linux (NE2000 Driver] and Win95, under ten
>pounds here in the UK.
>
>Can be set to Non-PnP mode and comes with a Non-PnP driver for Win95 if you
>need that.
>
>TonyC
OK, I guess I should have qualified that a little. It is the PNIC chip
and it works best with the V0.89H "tulip" driver.
Rich Piotrowski
------------------------------
From: [EMAIL PROTECTED]
Subject: apache settings
Date: Wed, 26 May 1999 13:23:19 GMT
the address of my web server is net.patrick.com
i have made an alias www for it so that everyone can visit my site
by typing www.patrick.com in the location box of browser
i have tested the alias by nslookup www.patrick.com and this works.
but i find that there is no response when i browse www.patrick.com....
do i need to edit the apache config files?
how can i solve this problem? thanks!
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: "Celestino Okenve Ndo" <[EMAIL PROTECTED]>
Subject: Re: can't telnet to m own machine
Date: Wed, 26 May 1999 15:13:58 +0200
Tilman Kranz wrote in message <7iglkf$[EMAIL PROTECTED]>...
>marcus holmes <[EMAIL PROTECTED]> wrote:
>> Hi Guys,
>
>> Weird problem here. I can't telnet to my own machine.
>
>not -that- weird ;) It pretty useful not to have telnet open per
>default ;). most linuxes seem to have configured telnet access
>with porper port, root access denial and "everything" already.
>just do a
>
>> man inetd
>> man inetd.conf
>
>and also
>
>> man telnetd
>
>to get a raw idea of what is going on. If you can ping the
>desired host, there should be no difficulty in using
>the desired service.
>
>> Marcus
>
>Greetings, Tilman.
Every host is localhost, address 127.0.0.1 (loopback). If hosts file is
missconfigured it will try to send out TCP req connection or it will try to
locate via ARP req the ether address of your own host. Two entries must be
for your machine in /etc/hosts, address resolving via 1�: hosts file, ARP
after, etc
------------------------------
From: Robert Segall <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux.caldera
Subject: Re: IP Masquerading on 2.2
Date: Wed, 26 May 1999 16:36:56 GMT
"Donald E. Stidwell" wrote:
> Well, I finally got the *@(# thing to work. Have no idea of why after
> about the 40th compile, the modules finally got made.
>
> Looked at LILO.CONF and realised that the kernel being used was the one
> in /boot and not the new kernel in /. Once I pointed LILO to the right
> kernel, everything started working.
>
Quite right - works for me. Added a new entry in lilo.conf to experiment with the
new kernel - works like a dream. Thanks for the tip.
>
> However it took far too much trouble to figure this out and I STILL
> don't know why the IP_MASQ modules finally got made or why they were not
> getting made before. What sense does it make to have the new kernel
> appear in a place not referenced by LILO? Especially when the book only
> tells you to compile and reboot. (The book also tells you to use make
> zlilo when you really need to use make bzlilo).
>
Use "make install" - it puts the new kernel in the (wrong) place and runs lilo.
You still need "make modules" and "make modules_install".
>
> I'm no newbie at compiling kernels but I've never had so much trouble
> with getting things working after a compile as I've had with COL 2.2.
>
> On the positive side I think COL is on the right track. The install was
> a piece of cake and I definitely like the look and feel of KDE in COL
> 2.2. They just need to dump COAS and put proper information in their
> manual.
>
> Don
Couldn't agree more. I've had good experiences with Caldera in the past, so I
suppose this is mostly a matter of going to kernel 2.2.x. Let's hope for better.
--
Robert Segall
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: FA310TX w/ DEC Chipset
Date: Wed, 26 May 1999 13:51:00 GMT
Could somebody please tell me where to get my hands on some of the
Netgear FA310TX cards that still have the DEC chipset. I've tried
several retailers, but nobody has them. I'm sure that someone must have
acquired a stash.
If not, can anyone recommend a suitable substitute. The cards must
perform equally well on Windows, Solaris, Linux, and Be workstations.
Any advice would be appreciated.
Steven Schein
--== Sent via Deja.com http://www.deja.com/ ==--
---Share what you know. Learn what you don't.---
------------------------------
From: "lomax" <[EMAIL PROTECTED]>
Crossposted-To:
comp.networks.noctools.wanted,comp.os.ms-windows.networking.misc,comp.os.ms-windows.networking.ras,comp.os.ms-windows.networking.tcp-ip,comp.os.ms-windows.networking.win95
Subject: CERCO ITALIANI ALL'ESTERO PER OPPORTUNITA' COMMERCIALE
Date: 26 May 1999 14:14:41 GMT
Prego contattare questo indirizzo E-mail: [EMAIL PROTECTED] per avere
maggiori informazioni.
Porre nell'oggetto "ITALIANI ALL'ESTERO" completando la richiesto con
relativo Paese e citt� di provenienza e di interesse.
Offerta valida anche per Italiani residenti in Italia ma con contatti
all'estero.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Winbloze98-Telnet&FTP ?
Date: Wed, 26 May 1999 14:23:58 GMT
On Tue, 25 May 1999 21:11:07 -0700, "Andrey Smirnov"
<[EMAIL PROTECTED]> wrote:
>Hello!
>
>It has everything to do with your routing!
>
>Can you include output of netstat -rn and ifconfig -a please.
>
>Good luck!
>
>[EMAIL PROTECTED] wrote in message <[EMAIL PROTECTED]>...
>>Whenever I try to connect to my linux server across my LAN using
>>either WS-FTP or CRT(telnet) My dial-up tries to initiate. What is the
>>easiest way to make my machines know that the linux server is local.
>>My lan IP range is 10.0.0. which isnt even an internet adress range.
>>Any help would be greatly appreciated.
>>
>
Sorry, here is the netstat for the server. Please note that eth1 is
not hooked up to anything right now because I cant get the different
segments to see each other properly, but that's an entirely different
story..:) Cheers. Bob.
Destination Gateway Genmask Flags MSS Window
irtt Iface
10.0.0.5 0.0.0.0 255.255.255.255 UH 0 0
0 eth1
10.0.0.4 0.0.0.0 255.255.255.255 UH 0 0
0 eth0
255.255.255.255 0.0.0.0 255.255.255.255 UH 0 0
0 eth0
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0
0 eth0
10.0.0.0 0.0.0.0 255.0.0.0 U 0 0
0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0
0 lo
0.0.0.0 10.0.0.4 0.0.0.0 UG 0 0
0 eth0
"Ask the experienced rather than the learned."
--Arabic Proverb
------------------------------
From: Peter Schwenk <[EMAIL PROTECTED]>
Subject: Re: RH6 & PPPD 2.3.7 weirdness
Date: Wed, 26 May 1999 12:33:40 -0400
Just to add some information, I have specified the remote IP address,
which is necessary for demand-dialing.
--
PETER SCHWENK | UNIX System
Administrator
Department of Mathematical Sciences | University of
Delaware
[EMAIL PROTECTED] | (302)831-0437
<-NEW!!!
------------------------------
From: "Juan Ignacio P�rez Sacrist�n" <[EMAIL PROTECTED]>
Crossposted-To: alt.linux,alt.os.linux,net.computers.os.unix.linux
Subject: News server under Linux: inn-2.2
Date: Wed, 26 May 1999 16:35:00 +0200
Hi,
I�m trying to run inn-2.2 in RedHat 6.0 . I haven�t still got the server
to suck news from external servers. Configuration and logs are these:
Part of /etc/news/innfeed.conf ... :
============================================================================
=====
peer news.mad.ttd.net {
hostname: news.mad.ttd.net
max-connections: 10 # override global value.
}
peer news.bcn.ttd.net {
hostname: news.bcn.ttd.net
}
peer nntp0.tha.uk.quza.net {
hostname: nntp0.tha.uk.quza.net
}
peer news.redestb.es {
hostname: news.redestb.es
}
peer news.iddeo.es {
hostname: news.iddeo.es
}
peer news.servicom.es {
hostname: news.servicom.es
}
peer news.encomix.es {
hostname: news.encomix.es
}
============================================================================
=====
Part of /etc/news/innfeed.status ... :
============================================================================
=====
news.mad.ttd.net
seconds: 0 art. timeout: 600 ip name: news.mad.ttd.net
offered: 0 resp. timeout: 300 port: 119
accepted: 0 want streaming: yes active cxns: 0
refused: 0 is streaming: no sleeping cxns: 0
rejected: 0 max checks: 25 initial cxns: 1
missing: 0 no-check on: 95.0% idle cxns: 1
deferred: 0 no-check off: 90.0% max cxns: 1/10
requeued: 0 no-check fltr: 50.0 queue length: 0.0
spooled: 0 dynamic method: 3 empty: 0.0%
[overflow]: 0 dyn b'log low: 25.0% >0%-25%: 0.0%
[on_close]: 0 dyn b'log high: 50.0% 25%-50%: 0.0%
[sleeping]: 0 dyn b'log stat: 37.5% 50%-75%: 0.0%
unspooled: 0 dyn b'log fltr: 25.0 75%-<100%: 0.0%
full: 0.0%
backlog low limit: 0
backlog upper limit: 0 (factor 1.10)
backlog shrinkage: 0 bytes (from current file)
============================================================================
=====
Part of /var/log/messages ... :
May 26 13:26:53 junior16 innfeed[3250]: news.mad.ttd.net:0 connected
May 26 13:26:53 junior16 innfeed[3250]: news.mad.ttd.net remote MODE STREAM
failed
May 26 13:26:54 junior16 innfeed[3250]: nntp0.tha.uk.quza.net:0 cxnsleep no
permission to talk: 502 You have no permission to talk. Goodbye.
May 26 13:26:54 junior16 innfeed[3250]: nntp0.tha.uk.quza.net spooling no
active connections
May 26 13:26:56 junior16 innfeed[3250]: ME source format bad Exiting :
May 26 13:26:56 junior16 innfeed[3250]: news.mad.ttd.net final seconds 3
offered
0 accepted 0 refused 0 rejected 0 missing 0 spooled 0 on_close 0 unspooled
0 deferred 0 requeued 0 queue 0.0/200:100,0,0,0,0,0
May 26 13:26:56 junior16 innfeed[3250]: nntp0.tha.uk.quza.net final seconds
2 spooled 0 on_close 0 sleeping 0
May 26 13:26:56 junior16 innfeed[3250]: nntp0.tha.uk.quza.net global seconds
2 offered 0 accepted 0 refused 0 rejected 0 missing 0
May 26 13:26:56 junior16 innfeed[3250]: news.redestb.es final seconds 3
offered 0 accepted 0 refused 0 rejected 0 missing 0 spooled 0 on_close 0
unspooled 0 def
erred 0 requeued 0 queue 0.0/200:100,0,0,0,0,0
May 26 13:26:57 junior16 innfeed[3250]: news.mad.ttd.net:0 final seconds 4
offered 0 accepted 0 refused 0 rejected 0
May 26 13:26:57 junior16 innfeed[3250]: news.mad.ttd.net global seconds 4
offered 0 accepted 0 refused 0 rejected 0 missing 0
============================================================================
=====
Juan Ignacio P�rez Sacrist�n
[EMAIL PROTECTED]
------------------------------
From: "Bart N. Locanthi" <[EMAIL PROTECTED]>
Subject: Re: knfsd doesn't follow mounts?
Date: Wed, 26 May 1999 09:12:20 -0700
i saw this and tried it, but no joy.
i tried it on 2.2.7 and 2.2.9, and accesses to internal mount points are
silently ignored.
interestingly, it does work when using nfs to get to the local filesystem.
eg, i can access /n/ahab/usr from ahab but not from anywhere else.
/usr is 777, the uid's are the same across the network, etc etc.
[EMAIL PROTECTED] wrote in message <7igcfb$l1l$[EMAIL PROTECTED]>...
>Bart N. Locanthi spoke these words of wisdom:
>: the new, improved linux nfs isn't letting clients see mounted file
systems
>: for me.
>I believe so. The kernel configurations has a point:
>CONFIG_NFSD_SUN:
> If you would like for the server to allow clients to access
> directories that are mount points on the local filesystem
> (this is how nfsd behaves on Sun systems), say yes here. If unsure,
> say N. x
------------------------------
From: [EMAIL PROTECTED] (Stuart R. Fuller)
Subject: Re: Have I been Hacked?
Reply-To: [EMAIL PROTECTED]
Date: Wed, 26 May 1999 16:00:02 GMT
David Peavey ([EMAIL PROTECTED]) wrote:
: I have RH5.2 loaded as an IP-Masquerade and firewall for my
: computers at home. This morning I found the following
: in /var/log/messages
:
: May 23 04:41:43 c49590-a portmap[1670]: connect from 24.1.69.165
: to callit(mountd): request from unauthorized host
Someone at c275343-a.frmt1.sfba.home.com is trying to mount something on your
system.
: May 24 04:02:03 c49590-a PAM_pwdb[1791]: (su) session opened for
: user nobody by (uid=99)
: May 24 04:04:19 c49590-a PAM_pwdb[1791]: (su) session closed for
: user nobody
:
: YIKES! LOOK at last two lines ABOVE!
Check your /etc/crontab file for something that runs at 4:02 in the morning.
On my Redhat system, it runs the scripts located in /etc/cron.daily. One of
those scripts is "updatedb", which typically runs as "nobody". In other
words, this is OK.
: May 25 04:02:04 c49590-a PAM_pwdb[396]: (su) session opened for
: user nobody by (uid=99)
: May 25 04:03:42 c49590-a PAM_pwdb[396]: (su) session closed for
: user nobody
And, it run again at the same time of day. Not a problem.
Stu
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
