Linux-Networking Digest #339, Volume #11 Sun, 30 May 99 19:13:37 EDT
Contents:
Re: IPFWADM + dynamic PPP (Dieter Rohlfing)
Re: PPP server authentication problems (norman elliott)
Re: Newbie humble Q: can't run autoboot.bat at D:\ (Eugene Strulyov)
Re: Ip forwarding (norman elliott)
Re: External modem dials out but only connects at 1200 then dies? (norman elliott)
Re: two webserver at 1 IP (Eugene Strulyov)
Re: Linux IP Masquerade mini HOWTO ("d o c _ h o |_ i |>a Y")
AOE + masquerading with Kernel 2.2+ ("d o c _ h o |_ i |>a Y")
text edit in Linux ("Douglas Linton")
Re: Linux: ICMP Redirect, IP Source Routing unterdruecken (Detlef Bosau)
Re: Linux: ICMP Redirect, IP Source Routing unterdruecken (Detlef Bosau)
What are drawbacks to using an ISA NIC? ("Steve Snyder")
Re: External modem dials out but only connects at 1200 then dies? (David Cohen)
Re: Win95->Linux PPP can't see past subnet ("Chris Hailes")
Re: ISP setup (Pat Crean)
PPP - cannot resolve remote IP ([EMAIL PROTECTED])
Re: Help! PPP Dialin routing problem (Dr. Mabuse)
Re: Red Hat 6.0 ip_alias help (Karel Bemelmans)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Dieter Rohlfing)
Subject: Re: IPFWADM + dynamic PPP
Date: Sun, 30 May 1999 20:36:25 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 25 May 1999 15:56:58 -04-59, [EMAIL PROTECTED] (Brent
Willcox) wrote:
> The firewall generator from mediaone requires you to put your IP
>address in a variable called $IPADDR(naturally enough). I know that
>when pppd starts the link it provides the address to /etc/ppp/ip-up.
I don't know mediaone's firewall generator, but here's what I did to
enable masquerading on my Linux box with a ppp connection to the
internet.
# Init Masquerading
# flush all previous forwarding rules
ipfwadm -F -f
# the default policy for forwarding is DENY
ipfwadm -F -p deny
# enable masquerading for everything going in/out via ppp0 from
# your local network
ipfwadm -F -a accept -P all -S 192.168.1.0/24 -D 0/0 -m -W ppp0
Of course, the other boxes must have their default route point to that
box, which is dialing to your ISP (something like 'route add default gw
<IP_of_your_dialin_box>'). And of course, you must have a kernel with
all the appropriated options enabled (for more details read the
IP-Masquerading-HOWTO, I didn't need any further infos to get it
running).
Good luck.
Dieter Rohlfing
------------------------------
From: norman elliott <[EMAIL PROTECTED]>
Subject: Re: PPP server authentication problems
Date: Sun, 30 May 1999 20:53:00 +0000
Carl Filpo wrote:
> I'm trying to setup a PPP server on a Debian 2.1 system.
>
> I seem to have a problem with authenticating the user name and
> password.
>
> Anybody know what this message means (from the system log):
>
> May 30 19:23:57 emissary pppd[1017]: peer authentication required but no
> suitable secret(s) found
> May 30 19:23:57 emissary pppd[1017]: for authenticating peer
> emissary-dialin-0 to us (emissary)
>
> This error happens after i've logged in from a Windows98 client and entered
> username and password from a terminal window, followed by the statement:
> "exec /user/sbin/pppd -detach"
>
> --
> Carl Filpo
> Computer Network Consultant
>
> =================================================
> Carl Filpo BSc(Curtin)
> Computer Network Consultant
>
> C&M Computer Solutions
> 26 Russell St
> MORLEY WA 6062
>
> Email: [EMAIL PROTECTED]
> Phone: +61 08 9375 1144
> Fax: +61 08 9375 1141
> Mobile: 0407 396 316
>
> =================================================
Check you have a file on your system called pap-secrets or chap-secrets (it
wont hurt to have both ). I don't use debian so i'm not sure where it will be.
It is in /etc in Slackware.
------------------------------
From: Eugene Strulyov <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: Newbie humble Q: can't run autoboot.bat at D:\
Date: Sun, 30 May 1999 19:50:41 GMT
just put the CD in, go to BIOS and change the boot sequence so it boots
from CD
[EMAIL PROTECTED] wrote:
>
> Hi Group,
> I hope somebody can point me to a better place if this is not the
> appropriated ng to discauss this question.
>
> I got the redhat linux 5.2 installation guide with the free CD from
> linuxmall.com. Soon I realized that I need the boot discatte, or run autoboot
> at cd-rom. However, at dos prompt the machine can't recognize d drive. I
> suppose I need some driver. However this is school's box I'm messing around
> with. I have absolutely no idea where to start.
>
> I suppose I can get a bootdisk from a new linux distro (openLinux2.2 is
> cheap) or get a linux 5.2 box from ebay. Any other recommendation? Any
> program that can format a floppy disk in linux format and make a linux
> bootdisk from the dos prompt?
>
> Any input is greatly apprecated.
>
> CY
>
> -----------== Posted via Deja News, The Discussion Network ==----------
> http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own
------------------------------
From: norman elliott <[EMAIL PROTECTED]>
Subject: Re: Ip forwarding
Date: Sun, 30 May 1999 21:05:04 +0000
Brian Witowski wrote:
> Greetings,
>
> Just a quick question: What is the difference between IP forwarding and
> IPV4? I get two messages when I boot. The first one, earliest in the
> boot says "IP Forwarding: disabled, then the second to the last boot
> message is "IPv4: enabled".
>
> Do I need both enabled and where do I enable IP forwarding if it is
> needed to set up a proxy/firewall? Also, I am using ipfwadm because my
> kernel is 2.0.35.
>
> Thanks!
> Brian
Hi,
IP forwarding is used by your gateway Linux PC to pass IP packets between
the internet and other PC's on your network. It is needed if you want to
do this and hence, I guess for your firewall.
IPv4 is the current TCP/IP standard, the dotted quad notation ie
250.123.221.112 type of IP address we all know and love ;-) The next
generation which i believe is ready under Linux but nothing else so far
is IPv6 which will allow a vastly greater number of IP addresses.
Maybe we will all be able to have our own static IP address then ?
hope this helps,
norm
------------------------------
From: norman elliott <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: External modem dials out but only connects at 1200 then dies?
Date: Sun, 30 May 1999 20:50:23 +0000
David Cohen wrote:
> I have an external USR Sportster 33.6K (not Winmodem)
> that I can get to dial out with minicom to my shell account, but all
> that happens is that the modem makes an immediate connection at 1200
> baud and then...sits there until it dies about a minute later.
>
> Once or twice after playing with the minicom settings, I got
> it to spit back some gibberish at me after connecting before
> it dies.
>
> All I want at this point is to get a normal speed connection
> to my dial up account since, if I can't do that, I assume that
> PPP will be impossible.
>
> In minicom, I set the port speed to 115200 and I did the same
> with...I think it was stty. The modem is on COM2 (IRQ4 I think).
> I changed init strings a few times, using the minicom default
> and then using AT&F and AT&F1.
>
> And, of course, it is set at 8N1.
>
> Any ideas?
>
> TIA,
>
> ___
> DC
>
> P.S. If there's anything extra that I will need to do for PPP to
> get the modem working at full speed, please let me know too.
>
> cohen_at_primenet.com (replace "_at_" with the "at" sign)
Hi,
Check your IRQ setting to make sure only /dev/ttyS1 ( COM2 ) is using
IRQ 4
I seem to recall this slow unreliable connection is due to IRQ
conflicts.
The garbage you see after login and password entry is the ppp connection
( PAP or CHAP authentification)
which will be expecting pppd to be talking to it by then.
------------------------------
From: Eugene Strulyov <[EMAIL PROTECTED]>
Subject: Re: two webserver at 1 IP
Date: Sun, 30 May 1999 19:49:04 GMT
I believe you need a real IP address to run a web server.
Han van Hulst wrote:
>
> Hi,
>
> Is it posible to have two webservice 1 on a NT machine and 1 on a Linux
> machine?
>
> My gateway is a linux machine with 2 network card's
> 62.108.18.137 netmask 255.255.254.0 (outside world)
> 10.0.0.1 netmask 255.255.255.0 (inside world)
>
> Second webserver NT machine.
> 10.0.0.2 netmask 255.255.255.0 (inside world)
>
> I am trying to get the linux machine on port 62.108.18.137:80 (default)
> and the other on 62.108.18.137.100 (demo server)
>
> I have IPChains running under linux RedHad 5.2.
>
> Is it posible to chain 62.108.18.137:100 to 10.0.0.2:(100 or 80)
>
> greeting
>
> Han van Hulst
> [EMAIL PROTECTED]
------------------------------
From: "d o c _ h o |_ i |>a Y" <[EMAIL PROTECTED]>
Subject: Re: Linux IP Masquerade mini HOWTO
Date: 30 May 1999 20:30:52 GMT
auf jeden fall!
------------------------------
From: "d o c _ h o |_ i |>a Y" <[EMAIL PROTECTED]>
Subject: AOE + masquerading with Kernel 2.2+
Date: 30 May 1999 20:26:53 GMT
Hi there,
I searched Dejenews.com for masq* aoe and i found some articles that were
the solution to play AOE over ip-masquerading. But it doesn't seem to work
with kernel 2.2... how can i masquerade these ports (1410-1450 i suppose)
with ipchains, or somthing that kernel 2.2.x "understands"? Any script? Any
snippet of a script which i could put in my masquerading script?
CU
Julian Schanze
--
My system
SuSE 6.0 Kernel 2.2.9, ippp0(AVM B1 ISDN card), eth0 internal network: lx
PC: eth0: 10.0.0.1, ippp0: dynamic ip. Win pc: 10.0.0.2, ne2000 card.
------------------------------
From: "Douglas Linton" <[EMAIL PROTECTED]>
Subject: text edit in Linux
Date: Sun, 30 May 1999 20:27:24 GMT
I am trying to have x start automatically by editing the /etc/inittab in Red
Hat 5.2 but being new to Linux I can't figure out how you edit files, hoew
do I start an editor and where is it found. I world appreciate any
assistance [EMAIL PROTECTED]
Thanks
------------------------------
Date: 30 May 1999 21:45:00 +0200
From: [EMAIL PROTECTED] (Detlef Bosau)
Crossposted-To: de.comm.internet.routing
Subject: Re: Linux: ICMP Redirect, IP Source Routing unterdruecken
[EMAIL PROTECTED] meinte am 30.05.99
zum Thema "Re: Linux: ICMP Redirect, IP Source Routing unterdruecken":
>
> Gut, die uebliche Situation in einem Firmenlan ist allerdings, dass
> ich mehr als ein Gateway habe. Wenn ich es mir nun einfach machen
> will, so muss ich jeden Arbeitsplatz mit dutzenden von Routen
> konfigurieren. Als Alternative kommt eigentlich nur noch RIP in
> Frage, weil alle anderen Routing Protokolle auf einem Host totalen
> Overkill sind. Da amche ich lieber Redirects.
Man hat mir gelegentlich das Zitat nachgesagt:
Server serven, Router routen, Rechner rechnen.
Ein Host hat genau _ein_ Default-Gateway. An einem Netzwerk, an
dem Hosts haengen, haengt naemlich _genau_ _ein_ Routerport.
Einzige Ausnahme: Ein HSRP-Paerchen.
Wer andere Konfigurationen vorliegen hat, hat meines Erachtens
ein grundsaetzliches Problem und schon das naechste Projekt
im Terminkalender:
"Netz strukturieren."
Detlef
--
Detlef Bosau [EMAIL PROTECTED]
Bienroder Weg 79 Tel.: +49 531 303383
D2: +49 172 6819937
38106 Braunschweig, Germany Fax: +49 531 303364
>>>> PGP Public Key als Empfangsbestaetigung <<<<
## CrossPoint v3.1 R ##
------------------------------
Date: 30 May 1999 21:47:00 +0200
From: [EMAIL PROTECTED] (Detlef Bosau)
Crossposted-To: de.comm.internet.routing
Subject: Re: Linux: ICMP Redirect, IP Source Routing unterdruecken
[EMAIL PROTECTED] meinte am 30.05.99
zum Thema "Re: Linux: ICMP Redirect, IP Source Routing unterdruecken":
> In comp.os.linux.networking Detlef Bosau <[EMAIL PROTECTED]>
> > wrote: (Davon ganz abgesehen ist gerade bei OSPF der Traffic sehr
> > durchgestyled. Da wird naemlich _nicht_ wild mit Paketen um sich
> > geschmissen.)
>
> OSPF im lokalen Lan zu machen ist aber auch nicht eleganter als ICP
> Redirects. :)
>
> Gruss
> Bernd
Wie bitte?
Aber der Unterschied zwischen icmp redirect und einem Routingprotokoll
ist klar? Und auch, wer sich da unterhaelt, das ist auch klar?
Mein ja nur...
Detlef
--
Detlef Bosau [EMAIL PROTECTED]
Bienroder Weg 79 Tel.: +49 531 303383
D2: +49 172 6819937
38106 Braunschweig, Germany Fax: +49 531 303364
>>>> PGP Public Key als Empfangsbestaetigung <<<<
## CrossPoint v3.1 R ##
------------------------------
Crossposted-To: comp.os.linux.hardware
From: "Steve Snyder" <[EMAIL PROTECTED]>
Reply-To: "Steve Snyder" <[EMAIL PROTECTED]>
Subject: What are drawbacks to using an ISA NIC?
Date: Sun, 30 May 1999 21:59:50 GMT
I discovered (by trying to use it) that the last unused PCI slot in my
system is defective. This forced me to add an ISA NIC (a 3Com 3C509B)
instead of the PCI device I had planned on.
The ISA NIC is working well. I wonder, though, what the drawbacks are
compared to a PCI NIC. This device is just attached to a cable modem,
which suggests that it will never be called upon to move more than
3MB/second anyway.
Is interrupt latency higher with an ISA NIC? Increased CPU use? The
initial install involves more work because you have to specify the IRQ and
I/O port address range. Now that the installation is done, though, I'm
interested in runtime gotchas.
Thank you.
***** Steve Snyder *****
------------------------------
From: David Cohen <"cohen_at_primenet.com "@.>
Crossposted-To: comp.os.linux.setup
Subject: Re: External modem dials out but only connects at 1200 then dies?
Date: Sun, 30 May 1999 15:18:52 -0700
norman elliott wrote:
> David Cohen wrote:
>
> > I have an external USR Sportster 33.6K (not Winmodem)
> > that I can get to dial out with minicom to my shell account, but all
> > that happens is that the modem makes an immediate connection at 1200
> > baud and then...sits there until it dies about a minute later.
> >
> > Once or twice after playing with the minicom settings, I got
> > it to spit back some gibberish at me after connecting before
> > it dies.
> >
> > All I want at this point is to get a normal speed connection
> > to my dial up account since, if I can't do that, I assume that
> > PPP will be impossible.
> >
> > In minicom, I set the port speed to 115200 and I did the same
> > with...I think it was stty. The modem is on COM2 (IRQ4 I think).
> > I changed init strings a few times, using the minicom default
> > and then using AT&F and AT&F1.
> >
> > And, of course, it is set at 8N1.
> >
> > Any ideas?
> >
> > TIA,
> >
> > ___
> > DC
> >
> > P.S. If there's anything extra that I will need to do for PPP to
> > get the modem working at full speed, please let me know too.
> >
> > cohen_at_primenet.com (replace "_at_" with the "at" sign)
>
> Hi,
> Check your IRQ setting to make sure only /dev/ttyS1 ( COM2 ) is using
> IRQ 4
> I seem to recall this slow unreliable connection is due to IRQ
> conflicts.
I rebuilt the machine lately and I don't think there's anything else
that is on that IRQ, since I don't have any other devices there
(sound card requests interrupt 5) and there are no other cards
aside from the video card in there.
> The garbage you see after login and password entry is the ppp connection (
> PAP or CHAP authentification)
> which will be expecting pppd to be talking to it by then.
But given that this is happening with the minicom program, which is
a terminal dialup program (no PPP), I find it hard to understand why I don't
just get a straight shell login prompt (i.e. "login:" )
So, I guess I'm still perplexed.
___
DC
------------------------------
From: "Chris Hailes" <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.ppp
Subject: Re: Win95->Linux PPP can't see past subnet
Date: Mon, 31 May 1999 08:24:45 +1000
> "echo -n 1 > /proc/sys/net/ipv4/ip_forward". This is all that's needed
> for a 2.0.x kernel.
Thank you, this was the problem that I was having. I can now ping, ftp,
etc to other machines on our net. BTW, do I have to add this to an init
script somewhere so that it will be turned on automatically at boot
time?
Check this file (2.0.36): This will turn on ip forwarding at boot time.
/etc/sysconfig/network
FORWARD_IPV4=yes
HOSTNAME=Your-hostname
DOMAINNAME=mycompany.com.au
GATEWAY=10.1.1.1
GATEWAYDEV=eth0
John Timothy Neumoege wrote in message
<[EMAIL PROTECTED]>...
Clifford Kite wrote:
�
I am still having problems getting anything in the windows network,
though.
Me too. I think this involves netbios over tcpip, and microsoft domain
browsing.
My network has an NT Server that a workstation has to log into on the local
ethernet LAN. If a workstation does not logon it cannot see any of the
other
winboxes. So the NT box must be the master browser. Login on ppp does not
happen.
What your situation?
------------------------------
From: Pat Crean <[EMAIL PROTECTED]>
Subject: Re: ISP setup
Date: Sun, 30 May 1999 17:42:54 -0400
Of course linux is perfectly capable of handling whatever routing you need at
that speed. Personally, if I were setting up an isp (and I, indeed, did), I
would use linux for things like web, mail and dns servers, and go with cisco
for routing. In 4 years of operation, we've had cable cuts that brought us
down, power failures that exceeded ups hold times, and server failures that
brought us down for varying lengths of time, but NEVER been down for router
problems. A low end Cisco (we use a 2501) can easily handle 1 or 2 T1 lines
and will cost less than $1000.......
Pat
On Sat, 29 May 1999, David Goldstein wrote:
>I will be setting up an ISP in the very near future. I would like to
>use Linux as a router; however, I heard that Linux cannot, for routing
>purposes, support a 2mb line. Is this really the case!? Do I need to
>fall back on a hardware router?
>
>Thanks in advance for any assistance :)
>
>David
------------------------------
Date: Fri, 28 May 1999 16:51:56 +0800
From: [EMAIL PROTECTED]
Subject: PPP - cannot resolve remote IP
My ISP does not supply the remote IP on the PPP connection. What options
does I have to set to accept 0.0.0.0 as remote IP.
Thanks
------------------------------
From: [EMAIL PROTECTED] (Dr. Mabuse)
Subject: Re: Help! PPP Dialin routing problem
Date: Mon, 31 May 1999 00:01:32 +0200
[This followup was posted to comp.os.linux.networking and a copy was sent
to the cited author.]
In article <7irl6c$[EMAIL PROTECTED]>, kite@NoSpam.%�inetport.com says...
> Frank ([EMAIL PROTECTED]) wrote:
>
>
> : I am running a linux box (SuSE 6.1 Kernel 2.2.5) as a dialin
> : server/gateway (192.168.10.11). Its connected to a local network
> : (192.168.10.0) via ethernet and there is a modem attached to this box for
> : dialin users (they get 192.168.10.32).
>
> : Before I upgraded from SuSE 5.3 Kernel 2.0.36 everything was working
> : fine, but now the ppp dial in users can only reach the gateway but not
> : the whole local network anymore.
>
> : I have enabled the proxyarp option in pppd's options file and arp gives
> : the following output:
>
> : Address HWtype HWaddress Flags Mask
> : Iface
> : ppp032.foo.com * * MP eth0
>
> New kernel, new gotchas. Read linux/Documentation/proc.txt in the linux
> source tree, search for proxy.
>
>
> --
> Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
> /* Editing with vi is a lot better than using a huge swiss army knife. */
>
>
IT WORKED!
thank you very much my friend....i was messing around with this problem
for two days and everyone told me something else...
it was just a "1" for a "0" ;)
again,
thanx a lot!
--
==========
Dr. Mabuse
==========
------------------------------
From: Karel Bemelmans <[EMAIL PROTECTED]>
Subject: Re: Red Hat 6.0 ip_alias help
Date: Mon, 31 May 1999 00:20:38 +0200
Jason Brossa wrote:
>
> I have recently upgraded from RedHat 5.2 to 6.0 and now my ip_alias.o
> file is gone
> should I just replace this file or is there a new way of doing this.
You have to compile the module again, if it isn't already in the kernel.
Try running the program that needs it, and if it works, you won't have
to do anything.
If you don't know how to compile a kernel or a module, check the
Kernel-HOWTO.
Karel
--
Karel Bemelmans, [EMAIL PROTECTED]
http://hq.narfum.org/~corn/
"There's no fish in the water."
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
