Linux-Networking Digest #311, Volume #11 Fri, 28 May 99 00:13:42 EDT
Contents:
Re: IP Masq ("Grant")
Re: ip masquerading fine access control question (Matthew Vanecek)
Re: IP Masq ("Andrew")
Re: is my internal modem a winmodem? ("Makhno")
Re: PPP not working properly on RH 6.0 (Clifford Kite)
Re: pppd LCP sending disconnect after PAP authentication (Clifford Kite)
Modem sharing? (Samuel AU)
WTB dead Monitor 14" or 15". ("j.kyong")
Re: 3 OS Network (John R. Campbell)
Re: Linux wont initialize nic upon bootup (sometimes) (Vidar Andresen)
Remote Access Dial Out? ("Mitch Appleby")
Re: Using telnet to test inetd services ([EMAIL PROTECTED])
Solaris 7 as NFS Server for Linux (Yueshi)
Re: client IP address? ("Keith Montgomery")
ISP info...... (Chuck Snively)
Re: RH 6.0 + Cable Modem using DHCP - I just want to die... ([EMAIL PROTECTED])
NFS bug in the new kernels (was Re: NFS with Redhat 6 server and ("G. Hugh SONG")
Re: sharing an internet connection (Andre Dietisheim)
Re: Kernal PPP support problem / Redhat 5.2 ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: "Grant" <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,comp.os.linux,comp.os.linux.help,linux.redhat.install,linux.redhat.misc
Subject: Re: IP Masq
Date: Fri, 28 May 1999 01:26:35 GMT
dang, that might have been helpfull since its one resource I haven't tried
yet BUT the FAQ-O-Matic link is presently broken... wouldn't have the
correct link off hand, would you??
HTTP 500 - Internal server error
Greg <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
>
>
> Look at the FAQ-O-Matic on our LUG page- it has a good discussion on
> setting up IP Masq.
>
> http://linux.umbc.edu
>
> Gregm
>
>
> > I've been told conflicting things about this:
> >
> > Does one have to recompile the kernel from RedHat 6.0's 2.2.5 kernel
> > in order to get IP Masquerading to work?
> >
> > I've read many docs, but all seem to have something conflicting the
other.
> > I've tried variations and still haven't gotten it to work.
> >
> > HELP!
> >
> >
> >
> > RH 6.0 (kernel 2.2.5)
> > PentPro 200
> > objective: due to a limited amount of IPs from @Home I wanna make the
Linux
> > system forward requests so that I can have a sub-network (internal).
> >
> > Grant
------------------------------
From: Matthew Vanecek <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: ip masquerading fine access control question
Date: Fri, 28 May 1999 02:10:00 +0000
Son Trung Nguyen wrote:
> There must be a way with ipfwadm where I can remove only the aaa.bbb.ccc.180
> without affecting aaa.bbb.ccc.181 I have read through the faqs but like
> usual, I missed it, so I apologize if it is in there. I will read it
> again
> just in case.
>
You have to set input and output rules on whatever interface (most
likely ppp0, right?) you wish to restrict. It's mainly a matter of
reading the man page and plugging in the values. YOu *did* read the man
page, didn't you? So if you have packets originating at <source> heading
to <anywhere>, you would set your output filter to REJECT or DENY the
packets. It's been a while since I used ipfwadm; I'm using ipchains
now, w/kernel 2.2.x, but it's the same concept. What you need to do is
setup *firewall* rules, as opposed to *masqing* rules. Although, you
still need to have the masqing rules, too.
> Further more, is there a way you can restrict the bandwidth through one
> of the ip? ie allow only a 1200 bps through aaa.bbb.ccc.180 and give the
> rest of the bandwidth to the other machine? Hope you can do this.
>
I highly doubt it. It'd be an interesting experiment, though.
--
Matthew Vanecek
Course of Study: http://www.unt.edu/bcis
Visit my Website at http://people.unt.edu/~mev0003
For answers type: perl -e 'print
$i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
*****************************************************************
For 93 million miles, there is nothing between the sun and my shadow
except me. I'm always getting in the way of something...
------------------------------
From: "Andrew" <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,comp.os.linux,comp.os.linux.help,linux.redhat.install,linux.redhat.misc
Subject: Re: IP Masq
Date: Fri, 28 May 1999 02:09:34 GMT
NO...
You do not need to recompile the kernel to get a vanilla install of RH 6.0
to ip-masquerade
you simple need to do 2 things:
1) turn on IP forwarding, you can do this by editing /etc/sysconfig/network
and rebooting OR simply changing /proc/sys/net/ipv4/ip_forwarding to 1 (from
0)
Use the following command to masquerade to W.X.Y.Z:
2) ipchains -A forward -s W.X.Y.Z -d 0.0.0.0/0 -j MASQ
Enjoy... sometimes life is not as difficult as it seems
A
------------------------------
From: "Makhno" <[EMAIL PROTECTED]>
Subject: Re: is my internal modem a winmodem?
Date: Fri, 28 May 1999 01:10:50 +0100
>Then there is hope for it. Set the IRQ by jumpers and the COM port and
>it should work.
>Make sure that its IRQ is not the same as some other device's IRQ (like
>the serial ports on your system)
>
Well, It works in windows. I couldnt get it to work in NT but I didnt read
the manual.
I'm hoping for luck with this, else I'm tempted by Dabians install....
I'll try beOS later as well.
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: PPP not working properly on RH 6.0
Date: 27 May 1999 20:39:52 -0500
Jarrett Dunn ([EMAIL PROTECTED]) wrote:
: OK here's a problem for you, first some background:
: Redhat 6.0
: Generic Rockwell RPI 56K modem
: AMD K6-II 400, BX chipset MB
: Now I have setup my PPP connection using both KPPP and Netcfg as per all
: the mans/how-tos, and the walkthrough for Linux for my provider at
: Http://www.webzone.net
: Here is the problem.
: I Dial-up (sometimes I get modem response immediatly, sometimes it takes >
: 30 secs.) my isp, it connects and starts through authentication. Then,
: either it drops connection within 25 sec. (I know a possible RPI Mod.
: Problem), or in the case of KPPP, after authenticating, it comes up and
: says that my system tried launching PPPD prior to my ISP being ready for
: it to launch.
: Sometimes the connection does last longer than 25 sec., but whenever I try
: to go somewhere by any means there is constant stalling and restarting of
: the link (especially obvious in Netscape, took 2 hrs. to connect to
: Linux.org or Linux.com). Also I do know that that problem is not due to
: phone-lines or ISP as I did not have that problem in (dare I say it?)
: Windows OS's (I had to test the connection).
I'd guess either an IRQ or UART misconfiguration but only a guess.
The configuration is done by setserial in one of the boot-up files.
As a test for a misconfigured IRQ add the expect/send 's
'' ATZ
OK '\c'
at the beginning of the chat script and look at the logs. Determine the
time difference between when the ATZ is sent and the time the OK appears.
A difference of more than 2 seconds maximum - it's usually less than
1 second - indicates an IRQ misconfiguration, i.e., the IRQ configured
for the device file (/dev/ttySx, x=whatever for the modem) in Linux is
not the one the modem actually uses. A misconfigured IRQ usually shows
a difference on the order of 19 seconds.
To check the UART configuration: Do "setserial /dev/ttySx" and compare
the UART seen configured there with the one actually used by the modem.
If this fails to bring joy then you need to look at the chat chatter
and pppd link negotiation logs with chat -v and the pppd debug option
for clues.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* Governments should be changed like diapers - often and for the
* same reason. */
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: pppd LCP sending disconnect after PAP authentication
Date: 27 May 1999 21:36:34 -0500
Andrew ([EMAIL PROTECTED]) wrote:
: Linux RH 5.2
: I'm trying to connect to my ISP using pppd and boy I tell you, it's been ...
: well I won't use those words here. :-)
: 1 I'm looking at the traces and I see LCP negotiation and both agree
: 2 Then I see PAP authentication (with good user/pass) and the host comes
: back with an authentication ack
: The string in the Ack is empty ("").
: 3 Then after about a 5 second pause, LCP sends back an authentication
: failed and request to disconnect.
There shouldn't be an authentication AuthAck, AuthNak, AuthRej or anything
else in an LCP message from pppd. There should only be a PAP AuthReq from
pppd, otherwise you've configured to make the ISP authenticate itself to
you, which would be very unlikely to happen. There could be a LCP ConfNak
or LCP ConfRej at the start of the PPP session to negotiate the type of
authentication, but that's different from the authentication itself.
: Why? I've tried various options and settings. Is pppd looking for something
: in the empty string?
Nope. The logs to which you refer might help us understand what's
happening.
Does CHAP need : something?
Only proper configuration and an ISP that does CHAP. What's the question
got to do with your problem?
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* A salute to Inspector Baynes, of the Surry Constabulary, the only
police Inspector to ever best Mr. Sherlock Holmes at his own game.
"The Adventure of Wisteria Lodge", by Sir Arthur Conan Doyle. */
------------------------------
From: Samuel AU <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Modem sharing?
Date: Fri, 28 May 1999 09:27:30 +0800
Is it possible to share a modem in a Linux base network? If yes, how
to?
Thanks in advance.
Samuel
------------------------------
From: "j.kyong" <[EMAIL PROTECTED]>
Crossposted-To:
tor.forsale.computers,comp.dcom.modems,it.comp.hardware.modem,tw.bbs.comp.modem
Subject: WTB dead Monitor 14" or 15".
Date: Thu, 27 May 1999 18:30:38 -0700
Reply-To: [EMAIL PROTECTED]
HI all
I am looking to purchase the above items. I will look
at any dead Monitor 14" or 15".
Any quantities.
we pay top dollars.
Tel:714-778-5151
------------------------------
From: [EMAIL PROTECTED] (John R. Campbell)
Subject: Re: 3 OS Network
Reply-To: [EMAIL PROTECTED]
Date: Fri, 28 May 1999 02:19:00 GMT
On Thu, 27 May 1999 23:49:50 GMT, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>Is it possible to network a Windows, Linux, and Mac together? The
>purpose of the network would be to:
> Allow files to be shared
> Allow network access to be shared (only one comp would need a modem)
> Possible sharing of printer/scanner
> Administration of machines
Are you nuts? Of *course* this is feasible. I do it here!
I've got a Linux box as a firewall to a cable modem, a linux
file/print server, my son's Mac (he doesn't like anything
else) which uses AppleTalk to deal w/ the Linux box and my
daughter's Lose95 box (she's 5, but my son won't let her use
his Mac). Both the Mac and PC can access the InterNyet via
the Linux firewall (I'm using ipfwadm rather than ipchains
cuz I'm still running a 2.0.36+ kernel). Samba allows the
PC to access files and the Mac access the Linux files via
the AppleTalk S/W.
>I hope to accomplish this by using the linux computer as a server..and
>connecting the other workstations to this. Is this possible, or
>feasable. And if so, what hardware and software would i need to do it.
The only problem is that, for some things, you really need to
use FTP or an equivalent. Of course, placing files in an
HTTP accessible directory on the Linux box allows somewhat
painless delivery of binaries to a Mac.
>The machines are :
> Windows 98
> Mac os 8.6
> Redhat 5.0
So? That's *easy*, though I would not expend any effort with
RH5.0; 5.2 is a serious minimum. I haven't banged my head
against RH6.0 yet...
If you want something *hard* you'd drop RedHat.
This is all trivial and well covered in /usr/doc files as
well as in /usr/doc/HOWTO.
--
John R. Campbell Speaker to Machines [EMAIL PROTECTED]
- As a SysAdmin, yes, I CAN read your e-mail, but I DON'T get that bored!
Disclaimer: All opinions expressed are those of John Campbell alone and
do not reflect the opinions of his employer(s) or lackeys
thereof. Anyone who says differently is itching for a fight!
------------------------------
From: [EMAIL PROTECTED] (Vidar Andresen)
Subject: Re: Linux wont initialize nic upon bootup (sometimes)
Date: Fri, 28 May 1999 03:43:08 +0200
In article <7idka9$cvh$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
>Hi,
>
>I had a p166 system running linux 1.2.8 which I upgraded to linux
>2.0.36. I also upgraded libc to libc5.4.46, gcc to 2.8.1, libstdc++ to
>2.8.1, binutils to 2.9.1.0.19a and then installed netkit-base-0.10. It
>is then that I noticed the problems.
I dont know if anything of the above cause trouble. If so, dont
listen to me.
Kernel 2.0.36 kompiled from source? redhat? Clean source?
Drivers into kernel or as modules?
>I have 2 problems. The first one is when I reboot the computer, linux
>will not initialize the network card. I can't ping to or out of the
>machine. I have to shutdown linux, turn the machine off and then turn
>it back on. What could be the problem?
>The syslog portion about the NIC when it is working fine as:
> <snip>
>May 24 08:49:30 lhr kernel: smc-ultra.c:v2.02 2/3/98 Donald Becker
>([EMAIL PROTECTED])
>May 24 08:49:30 lhr kernel: eth0: SMC EtherEZ at 0x240, 00 00 C0 F9 5D
>E2,EEPROM IRQ 3 programmed-I/O mode
> <snip>
Output of:
ifconfig
cat /proc/interrupts
cat /proc/ioports
Wich card does not work well? (the 'IRQ 3' on the SMC EtherEZ can
conflict with your com2. (or com1, depends))
Since you have two smc-nic's, http://www.smc.com and search for setup
for the cards. If you place them i two machines, with a crossover in
between. You can set the card (at least the smc-ultra), test it, test
transfers.
>My second problem is that the NIC performance seems very slow on the
>network. I did some file transefers between this computer and another.
>Both running same version of linux. A 2 MB file took 10 mins to ftp
>from the second machine to this one! Suprisingly, if I ftp the same
>file from this machine to the second one, it transfers within a few
>seconds. Where is the problem?
Only one card set to full duplex? Wrong cable? irq conflict? pci-card
in the machine takes the resources the nic need..
>[EMAIL PROTECTED]
Nice. Been there. Done that.
Mvh Vidar Andresen
------------------------------
From: "Mitch Appleby" <[EMAIL PROTECTED]>
Subject: Remote Access Dial Out?
Date: Thu, 27 May 1999 21:24:55 -0500
Is it possible to use Linux as a dial out access using a shared modem on a
network? I see remote access servers as an independent device. Has this
miracle been done yet?
Mitch Appleby
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.development.system
Subject: Re: Using telnet to test inetd services
Date: 28 May 1999 02:30:41 GMT
In article <7iirub$qml$[EMAIL PROTECTED]>, I asked:
>In /etc/services, I add:
> hex 10000/tcp # Hex conversion
>
>In /etc/inetd.conf, I add:
> hex stream tcp nowait root /usr/sbin/tcpd /usr/bin/od -x
>
>Then I SIGHUP inetd, with: killall -HUP inetd
>
>However, testing my new "hex" service with telnet isn't working:
> % telnet localhost hex
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> hello world
> ^D
>
>No response at this point. Perhaps telnet isn't up to it, so I try netcat:
> % nc localhost hex
> hello world
> ^D
In article <7iisiu$olb$[EMAIL PROTECTED]>,
Villy Kruse <[EMAIL PROTECTED]> wrote:
>You can't realy send eof from telnet. The only eof you can send is when
>you terminate the telnet connection (hotkey, close). If you do this
>telnet also closes the reads which means you won't se the output from
>the od command that it actually did generate when you closed the telnet
>connection.
OK, I can see that this is a problem; in fact it's mentioned in the netcat
docs. If I pump heaps of data into telnet, then it does indeed process it:
% yes | telnet localhost hex | more
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
0000000 0d79 790a 0a0d 0d79 790a 0a0d 0d79 790a
0000020 0a0d 0d79 790a 0a0d 0d79 790a 0a0d 0d79
...
I'm still confused though as to why netcat doesn't produce any output:
% yes | nc localhost hex
It just sits there; ps shows that od is running and consuming CPU time, but
I never get any output back. Is there some other magic by which people
normally test services spawned by inetd?
Thanks,
Graham
------------------------------
From: [EMAIL PROTECTED] (Yueshi)
Subject: Solaris 7 as NFS Server for Linux
Crossposted-To: comp.unix.solaris
Date: 25 May 1999 20:31:51 +0200
treated as
"nobody4:nogroup". I found only the "share"-option "anon=uid", which
unfortunatly only substitutes the "nobody4" by a single uid and don't
allow the Solaris disk to be used as a NFS-mounted home directory for
Linux.
Sorry that the second problem is obviously a Solaris-only problem and not
suitable for comp.os.linux.networking. If you reply, please also mail me.
Thanks!
Yueshi Lai
------------------------------
From: "Keith Montgomery" <[EMAIL PROTECTED]>
Subject: Re: client IP address?
Date: Thu, 27 May 1999 22:35:46 -0400
This is not necessarily a bad idea, but you probably SHOULD talk to your
network administrator.
My company's policy would be to disallow this unless security issues were
addressed in detail.
(They don't want you to create a hole that leaks into their overall
network.)
If your office machine were disconnected from the company network, it might
be allowed.
If not, and you were caught - as you probably would be after a succesful
hack-in - you'd be looking for advice on where to work next. <|:^)
dc1999 wrote in message <[EMAIL PROTECTED]>...
>Hi there:
>
>I am trying to setup my office machine(running RedHat 5.2) to be a ISP
>server
>so I can dail in from home.
>
>I am confused about what IP address should be assigned for my home
>pc(client
>machine's IP)? I do not want to ask my company's network administrator
>for
>one of the free IP. Can I use whose private IP address such as
>192.168.x.x for it?
>
>Thanks for any help.
>
>David
>
>
>
>
------------------------------
From: Chuck Snively <[EMAIL PROTECTED]>
Subject: ISP info......
Date: Thu, 27 May 1999 21:47:09 -0400
Hello,
I am interested in becoming a ISP. Can anyone direct me to resources for
hardware needed as well as info on how to get up and running as an ISP
(configuration, firewalls, etc.)?
I will be running Redhat Linux 5.2.
Chuck
Please e-mail direct to:
mailto:[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: linux.redhat.install
Subject: Re: RH 6.0 + Cable Modem using DHCP - I just want to die...
Date: Fri, 28 May 1999 03:26:13 GMT
In article <7ijevb$[EMAIL PROTECTED]>,
"Jeff Volckaert" <[EMAIL PROTECTED]> wrote:
> Try the pump update for redhat 6.0. I tried it and it still didn't
fix my
> cable modem problem, but you might have better luck. At least you get
an
> IP. My ifconfig doesn't even show eth0.
Jeff --
You might not have installed the ethernet module in kerneld. (I had a
similar problem.) Use control-panel, go to the kernel config (looks
like a corn kernel), add an ethernet module to kerneld.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "G. Hugh SONG" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.development.system
Subject: NFS bug in the new kernels (was Re: NFS with Redhat 6 server and
Date: Fri, 28 May 1999 11:04:24 +0900
[EMAIL PROTECTED] wrote:
>
> >
> > My guess is that we are all using the knfsd package and Kernel-2.2.?.
> > In /usr/src/linux-2.2.?/Documentation/Changes file, it is
> > explicitly stated that "NFS is currently under heavy revision" to
> > work as a kernel-based NFS.
> >
>
> I am seeing problems with the knfs stuff also, but only with some
> clients. An OS/2 box can still mount a file system on the linux
> server normally, but an HP-UX box will show the mount point as
> established but will not be able to see the files. A bdf displays the
> nfs mount and the correct space utilization, even tho the mount dir is
> empty. Without even the . and .. entries.
>
> Any help appreciated,
> rick
I finally figured out the reason of my NFS error messages.
My home directory is in the server machine. I log on to a client
machine accessing my home directory in the server machine.
Then, I issue "su" on the client machine to do "xhost +".
At this point, the root of the client machine has no permission
to stay on the home directory.
With 2.0.35 with nfs, some warning message appeared on screen of the
client machine. Now with /usr/src/linux-2.2.?/fs/nfsd/*.c with knfs,
the error message appears on the *server* machine. Of course, the
desktop user of the server machine has no idea of why he is getting the
"fh_verify permission error" as well as other nasty-looking nfs errors.
I think this is certainly a bug in the 2.2.?-2.3.3 kernels.
Can someone report this to the the appropriate mailing list?
I don't know how.
Regards,
--
G. Hugh Song
Assoc. Professor
Office: +82-62-970-2210
Departmental fax: -2204
PC fax: -2246
Email: [EMAIL PROTECTED]
Department of Information and Communications
Kwangju Institute of Science and Technology
1 Oryong-dong, Buk-gu
Kwangju, 500-712 South KOREA
------------------------------
From: [EMAIL PROTECTED] (Andre Dietisheim)
Subject: Re: sharing an internet connection
Date: Thu, 27 May 1999 19:00:21 GMT
On Thu, 27 May 1999 22:31:04 +0200, benjamin <[EMAIL PROTECTED]>
wrote:
no problem @ all. I have this configuration (without the printer). I
have Squid2, Masquerading, DHCPD and Named (DNS) running on the
linux-Box. The Win98 (WinNT in my case)-machine has the linux-box as
gateway and squid (HTTP-Proxy) defined in the IE / Netscape. All
other Net-applications (Mail, News, etc.) work fine using the
masquerading-feature of the linux-gateway.
>I want to share an internet-connection between two PCs, one under linux
>(PC1), and the other under Win98 (PC2).
>
>PC2(Win98) ------- HUB ------- PC1(linux) -------- Modem
> |
> |
> Printer
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.setup
Subject: Re: Kernal PPP support problem / Redhat 5.2
Date: Fri, 28 May 1999 03:39:29 GMT
Well, I am writing this from Linux. In a fit of desperation, I
reinstalled RH from scratch. Looking at the log files, I didn't see any
ppp entries, or kernald entries. I don't know what it was, but it seems
to be working now.
Thanks for the help,
Mark
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
