Linux-Networking Digest #395, Volume #11 Thu, 3 Jun 99 21:13:50 EDT
Contents:
USR Sportster 33.6 external modem ("LUGnut")
Re: Telnet ( no ssh answers please) ("Adam C. Emerson")
Re: Linux + Win98 with IP Masquerading (Denton)
Re: HOW TO change reported IP ??? ("Jan Johansson")
Call for paper: HPC ASIA 2000 (Cho-Li Wang)
Re: Samba cannot print (Fulton B. Gonzalez)
Re: X-Win32, Crack Code ?? ("Adam C. Emerson")
3com-ing a netwerk ([EMAIL PROTECTED])
IPFWADM and 3 NIC Firewall (David Akins)
Re: Direct connection to the internet. (Duncan Simpson)
Re: Sendmail and host.domain.com instead of domain.com ("David Means")
Re: Linksys Problem? (Win Heagy)
Re: IPFWADM and 3 NIC Firewall (David Akins)
Re: Help, Apache won't run my cgi ([EMAIL PROTECTED])
Re: Basic question on Linux firewall (Scott W. Petesen)
----------------------------------------------------------------------------
From: "LUGnut" <[EMAIL PROTECTED]>
Subject: USR Sportster 33.6 external modem
Date: Thu, 03 Jun 1999 13:12:30 GMT
Can anyone offer any assistance on setting up an external USR Sportster 33.6
on a Linux 5.2 box? I can dial, and connect, and I think that I can
authenticate. The problem is, I'm online for about 3 seconds after I type
in my password, and I get a no carrier error.
Thanks
[EMAIL PROTECTED]
------------------------------
From: "Adam C. Emerson" <[EMAIL PROTECTED]>
Subject: Re: Telnet ( no ssh answers please)
Date: Thu, 03 Jun 1999 23:52:45 GMT
Brian Vicente <[EMAIL PROTECTED]> wrote:
> I have a Redhat 6.0 box and I NEED to telnet as root.
> I've edited the /etc/securetty to no avail.
> I can logon ansmyself and I can 'su'.
> What do I change to allow ROOT tellnet access?
And why can't you just telnet in as a normal user and su?
At least then (if you refuse to run ssh), you can find out
which account people are using to telnet in and su to root.
(What exactly did you put in your /etc/securetty file?
just ttyp0 won't work, since there's no guarantee that
you'll get 0, put a few in.)
Though really you should use ssh.
--
Adam C. Emerson [EMAIL PROTECTED]
http://www.calvin.edu/~aemers19/
Preach from it unto the Righteous, that they may renounce their
ways and repent. -- Honest Book of Truth
------------------------------
Date: Wed, 02 Jun 1999 23:14:20 -1000
From: Denton <[EMAIL PROTECTED]>
Subject: Re: Linux + Win98 with IP Masquerading
Paul Wilson wrote:
>
> I've searched allover the place and can't find an answer to this (if
> there is one elsewhere, a pointer to it would be nice...)
>
> I have a Slackware box running kernel 2.2.6 with all the kernel options
> configured as the IP Masquerade FAQ says to along with the rc.firewall,
> etc. The only difference is I'm using 10.10.10.0/24 as my internal
> network class C. eth1 on my Linux box is configured as 10.10.10.1 and
> the Windows box is 10.10.10.2. Someone told me I should be using the
> 192.168 netblock but couldn't give a definite reason why.
RFC1597 Private Network Allocations
You really can use any IP that you want, but common practice follows the
above RFC.
Jeff
------------------------------
From: "Jan Johansson" <[EMAIL PROTECTED]>
Subject: Re: HOW TO change reported IP ???
Date: Thu, 3 Jun 1999 15:37:57 +0200
Why would you want to?
------------------------------
From: Cho-Li Wang <[EMAIL PROTECTED]>
Crossposted-To: clwang
Subject: Call for paper: HPC ASIA 2000
Date: Fri, 04 Jun 1999 07:40:05 +0800
CALL FOR PAPERS
HPC ASIA 2000
The Fourth International Conference/Exhibition on
High-Performance Computing in Asia-Pacific Region
May 14-17, 2000
Beijing, China
SCOPE OF CONFERENCE:
HPC ASIA is an international conference series held every 18 months on
an Asia-Pacific regional site. It provides a forum for HPC researchers,
designers, and users throughout the world to exchange ideas, case
studies, and research results related to all issues of high performance
computing. The first three conferences were held in Taipei in 1995,
Seoul in 1997, and Singapore in 1998. Attendance ranged from hundreds to
a thousand.
The fourth conference, HPC Asia 2000, will be held in Beijing on May
14-17, 2000. HPC Asia 2000 will include keynote addresses,
invited/plenary speeches, contributed papers, panel discussions,
tutorials, and industrial exhibits. The conference proceedings will be
published by the IEEE Computer Society Press, and outstanding
papers will be selected for a special issue in an international journal
(pending). More updated information can be found at the conference
official website http://www.cs.wm.edu/hpcs/HPCAsia2000.html.
In real-world applications, HPC has already crossed the boundary of
high-end technical computing. This conference reflects this change by
choosing a broad scope of topics. Relevant topics include (but are not
limited to) the following:
* System Architecture and Models
* Processor and System Architectures
* Interconnection and System-Area Networks
* Cache/Memory Coherency and Consistency
* Latency Hiding Techniques
* High-Performance Storage and I/O Technology
* Embedded and Special-Purpose HPC Systems
* Parallel-, Network-, Mobil- and Meta-Computing Paradigms
* Emerging Paradigms (e.g., Biological/Quantum computing)
* Semantic, Programming, and Performance Models
* System Software
* Parallel, Distributed, and Cluster Operating Systems
* Single System Image
* Availability, Checkpoint, Process Migration
* Manageability and System Administration
* Usability and User Interface
* HPC System Security
* Workload Management and Resource Scheduling
* High-Performance Communication Techniques
* Languages, Compilers, Libraries, Debuggers and Monitors
* Distributed Objects and Software Components
* Algorithms and Applications
* Algorithms for Regular and Irregular Problems
* Computational Sciences, Engineering, Medicine Applications
* Signal, Image, Graphic Processing
* Pattern recognition and Machine intelligence
* Electronic Business and Electronic Commerce
* Database, OLTP, OLAP, Data Warehousing, and Data Mining
* Multimedia Applications and Technology
* Internet/Intranet/Extranet/Web Systems and Applications
* Vertical Applications Case Studies
* Multidisciplinary Applications
* Societal Impacts
* HPC Contributions to Economics and Society
* HPC Roles in Environment Protection/Sustainable Development
* HPC Education and Training Aspects
* HPC Market and Industrial Trends
CONTRIBUTED PAPER SUBMISSION GUIDELINES:
Please submit your complete paper to any of the four Program Committee
Chair/Co-Chairs. The paper should not exceed 15 single-spaced pages of
text using 12 point size type on 8.5 x 11 inch pages. Electronic
submissions by email are encouraged. Authors should submit a PostScript
(level 2) file that will print on a PostScript printer using 8.5 x 11
inch size (letter size) paper. To facilitate processing, each submission
should also enclose the following information in ASCII format: paper
title, author name, abstract, up to five keywords, as well as the
contacting information of the responsible author (postal address, e-mail
address, phone/fax numbers). If the author prefers hard copy
submissions, please make sure four copies of the manuscript arrive
before October 25, 1999.
The results presented in the paper must be original. One author of each
accepted paper will be expected to present the paper at the conference.
DEADLINES: IMPORTANT DATES FOR AUTHORS/SPEAKERS/EXHIBITORS
Contributed Papers Due: October 25, 1999
Notification of Acceptance: December 20, 1999
Ready Manuscript Due: January 24, 2000
Advanced Registration for Authors: January 24, 2000
Advanced Registration/Hotel Reservation: March 6, 2000
Tutorial Proposal Due: October 25, 1999
Exhibits Proposal Due: October 25, 1999
PROGRAM COMMITTEE CHAIR
Zhiwei Xu
National Center for Intelligent Computing Systems (NCIC)
No. 6 Kexueyuan South Road
P.O. Box 2704, Beijing 100080, China
Email: [EMAIL PROTECTED]
Telephone: +8610-6261-3792, Fax: +8610-6254-1342
PROGRAM COMMITTEE CO-CHAIRS
Yoshio Oyanagi,
Department of Information Science
University of Tokyo
7-3-1 Hongo, Bunkyo-ku, Tokyo 113-8654, Japan
Email: [EMAIL PROTECTED]
Telephone: +81-3-3812-2111 (ext. 4115), Fax: +81-3-3818-1073
Sharad Purohit
Center for Development of Advanced Computing (C-DAC)
Pune University Campus
Ganesh Khind
PUNE - 411 007 INDIA
Email: [EMAIL PROTECTED]
Telephone: +91 020 356683, Fax: +91 020 357551
Xiaodong Zhang
Department of Computer Science
P. O. Box 8795
The College of William and Mary
Williamsburg, VA 23187-8795, USA
E-mail: [EMAIL PROTECTED]
Telephone: (757) 221-3458, Fax: (757) 221-1717
GENERAL CHAIRS:
Xiao-Xiang Zhang, China Computer Federation
Guo-Jie Li, Chinese Academy of Sciences
STEERING COMMITTEE CHAIR
David Kahaner, Asian Technology Information Program, Japan
PROGRAM COMMITTEE
Arndt Bode, Technical University of Munich, Germany
Kevin Burrage, University of Queensland, Australia
Rajkumar Buyya, Monash University, Australia
Gen-Huey Chen, National Taiwan University
Guo-Liang Chen, University of Science and Technology of China
Zengui Chen, Bank of China
Jack Dongarra, University of Tennessee, USA
Ian Foster, Argonne National Laboratories, USA
Masahiro Fukuda, National Aerospace Laboratory, Japan
Valentin Gushchin, Russian Academy of Sciences
Zhiyan Jin, National Meteorology Bureau, China
Hironori Kasahara, Waseda University, Japan
Myung Kim, Ewha Woman's University, Korea
Francis Lau, University of Hong Kong
Charles Leiserson, Massachusetts Institute of Technology, USA
Xiaoming Li, Peking University, China
Bangjun Liu, Ministry of Treasury, China
Huan Liu, National University of Singapore
Mike Liu, Ohio State University, USA
Kwan-Liu Ma, NASA Research Center, USA
Sato Mitsuhisa, Real World Computing Partnership, Japan
Edward Moreno, University of Sao Paulo, Brazil
John O'Callaghan, Australian Partnership for Advanced Computing
Yi Pan, University of Dayton, USA
Richard Schlichting, University of Arizona, USA
Hong Shen, Griffith University, Australia
Masaaki Shimasaki, Kyoto University, Japan
Wei Sun, Florida International University, USA
Jia-Chang Sun, Institute of Software, China
Xian-He Sun, Louisiana State University, USA
Tieniu Tan, Institute of Automation, China
Shinji Tomita, Kyoto University, Japan
E.G. Tulapurkara, Indian Institute of Technology
Cho-Li Wang, University of Hong Kong
Ruey-Beei Wu, National Taiwan University
Yong Yan, HAL Computer Systems Inc., USA
Xuejun Yang, National Defense University, China
Yuen Chung Kwong, National University of Singapore
Zhenwen Zhao, China Petroleum and Gas Corp.
Weimin Zheng, Tsinghua University, China
Albert Zomaya, University of Western Australia
Willy Zwaenepoel, Rice University, USA
STEERING COMMITTEE
Fred Adler, RCI Ltd., USA
Eugene III Bal, Maui High Performance Computing Center, USA
Peter Boek, National University of Singapore, Singapore
Kevin Broughan, University of Waikato, New Zealand
Guoliang Chen, University of Science & Technology of China
Frank Gilfeather, University of New Mexico, USA
Bob Gingold, Australia National university, Australia
David K. Kahaner (Chair), Asian Technology Information Program, Japan
Boo-Cheong Khoo, National University of Singapore, Singapore
Khin-Yong Lam, National University of Singapore, Singapore
Guojie Li, Chinese Academy of Sciences, China
Simon Lin, Academica Sinica, Taiwan
Wallace Lopez, Asian Technology Information Program, Japan
John O'Callaghan, Australian Partnership for Advanced Computing
Yoshio Oyanagi, University of Tokyo, Japan
Lalit Patnaik, Indian Institute of Science, India
Rafael Saldana, Ateneo de Manila University, Philippines
Surjadi Slamet, IBM, USA
Putchong Uthayopas, Kasetsart University, Thailand
Zhiwei Xu, Chinese Academy of Sciences, China
Y.K.Yang, ETRI, Korea
Xiaodong Zhang, The College of William and Mary, USA
ORGANIZING COMMITTEE
PUBLICITY CHAIR: Cho-Li Wang, University of Hong Kong
TUTORIAL CHAIR: Xiaomin Li, Peking University
PUBLICATION CHAIR: Francis Lau, University of Hong Kong
FINANCE CHAIR: Mei Du, Chinese Academy of Sciences
LOCAL ARRANGEMENTS CHAIR: Yong-Hong Shi, Chinese Academy of Sciences
REGISTRATION CHAIR: Xiaohong Wang, Chinese Academy of Sciences
WORKSHOPS
Several workshops are planned as mini-symposiums of the conference. All
workshops papers will be reviewed, processed and published in the
conference proceedings like other papers. Authors who wish their papers
to be considered for a workshop should submit their papers directly to
the workshop chair. If a workshop has more accepted papers than allowed
by the workshop time slots, the workshop chair will recommend some
papers be incorporated into the regular sessions.
Workshop on Education and Societal Impacts of HPC
Chair: Xiaoming Li
Department of Computer Science, Peking University
Beijing 100871, China
Email: [EMAIL PROTECTED]
Telephone: +8610-62756231, Fax: +8610-62756591
Workshop on Scientific Computation and Software
Chair: Jiachang Sun
Institute of Software, Chinese Academy of Sciences
P.O. Box 8718, Beijing 100080, China
Email: [EMAIL PROTECTED]
Telephone: +8610-62635036, Fax: +8610-62645968
http://www.samss.org.cn/HPCAsia2000.html
Workshop on High-Performance Computing with Linux Platforms
Chair: Cho-Li Wang
The Department of Computer Science and Information Systems
The University of Hong Kong, Pokfulam Road, Hong Kong
TEL: (+852) 2857-8458
e-mail: [EMAIL PROTECTED]
Workshop on Cluster Computing
Chair: Rajkumar Buyya
School of Computer Science and Software Engineering, Monash University
Room No. 130, Bldg. No. 63, Clayton Campus
Melbourne, Vic. 3168, Australia
Phone: +61-3-9905 1502; Fax: +61-3-9905 5146
Email: [EMAIL PROTECTED]
------------------------------
From: Fulton B. Gonzalez <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.admin,comp.os.linux.hardware,comp.os.linux.setup,hk.comp.os.linux,tw.bbs.comp.linux
Subject: Re: Samba cannot print
Date: Thu, 3 Jun 1999 09:43:41 -0400
On Tue, 01 Jun 1999, �˼��H wrote:
>I setup samba 2.0.4 in Redhat 6.0. A HP 6P is connected to it. I can print
>ascii and postcript(using ghostscript) in the linux box. However, I cannot
>print from Windows client though I can mount the home directory and other
>shares. The print job sent to the queue and disappears afterward but the LED
>in my printer do not blink!!! I find nothing in /var/spoold/samba. My
>smb.conf is as follows. Can anyone help?
>
># Global parameters
>[global]
> workgroup = NEWBRIGHT.COM
> netbios name = NBMAIL
> server string = Samba Server
> log file = /var/log/samba/log.%m
> max log size = 50
> socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
> printcap name = /etc/printcap
> local master = No
> dns proxy = No
> wins server = 202.232.1.254
>
>[homes]
> comment = Home Directories
> read only = No
> browseable = No
>
>[printers]
> comment = All Printers
> path = /var/spool/samba
> print ok = Yes
> browseable = No
>
>[_source]
> path = /_source
> write list = fred, bill
I solved this problem by un-commenting "printing=bsd" is the global parameters
section of smb.conf; and adding the line (this is from memory) "print command
= lpr -P %p %s" to the printers section.
Fulton B. Gonzalez
Department of Mathematics
Tufts University
------------------------------
From: "Adam C. Emerson" <[EMAIL PROTECTED]>
Subject: Re: X-Win32, Crack Code ??
Crossposted-To: comp.os.linux,comp.os.linux.setup,hk.comp.os.linux,tw.bbs.comp.linux
Date: Thu, 03 Jun 1999 23:56:48 GMT
In comp.os.linux.networking Fong's <[EMAIL PROTECTED]> wrote:
> Do the How to Crack the X-Win32 V.4.12
> http://www.starnet.com/product.htm
> That can Runing the X-Window on the Win95 & NT platform..
> Is great , but no code can only work for one hour & cannot Login many
> machine at same time....
> Hackers!! Help!!
What, prithee has this to do with Linux?
Besides, hackers don't go around cracking things except under unusual
circumstances. Programming is much more interesting than breaking
copy-protection (however stupid copy-protection may be). Why
don't you go over to alt.2600, where you can get all the phreaks,
crackers, and three-leet warez-doods you want.
--
Remove absolutelynospamorI'llkillyou from the following triple
symmetric-cipher encoded (apple, commodore, trs-80), rot13'd,
diagnoal email address to email me.
=====BEGIN PGP MESSAGE=====
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org
jAwEBAEDIWMVbxVRwhLJwQ10a1Q7ygHnIpoB5YMo7vweRY/nc4qYRbIHTaO8lnbV
uoWiebrFTuOBhZgtObE6luy8tLBDo6wvKo1rL8ZlTcXWvSb5vWUzVF8RqHSt8bMw
7od0GEs1yCF/kdjxDx8hmI29v+lEYQ9m9rAUo5wuXGS8vkY2XphDdU2f1AV7yOiV
p9N2BwrZYNEa8aLEApIaVTpmoXW3nWV+TI73T1VnRTHl/AhOYK1kpzPLBPi9DlW1
v/XCn5SYIWZLZPsKbzXps70VkAYg+ytUQcbT3bJGvuLu6gNDNe/po+2+aqkk+rhZ
HaWvOF2IEKrHSIszZiFJ3Bo2Ing4v+0OB4An/8/DpmoiHo/70W9fpkfE5kqiLGnS
iuMaZ7JvGL2XIdNmNcBmPxlK4VgCyJtoYY0x6fhBlVoA+uQKZxjtgIaDq9NhNnTu
oAwJrLyeGCL5eBDf4EYBvReivNcNnv9GqffoOwvZBWQjnHWb/p2NAyuF9frnLEXu
5n9B+xgfOAgJ7pz5X8i0Ok9+Eh/SQQ0exu9HJ760aa9ncEuzYFd6rbg55CTC4Uj2
/neumF0KRX3P1KQQ89/SU/x3X59rwAJsvNNUjQt1ereu9uLv1D5BYQ+gHSPvPA==
=OUeJ
=====END PGP MESSAGE=====
------------------------------
From: [EMAIL PROTECTED]
Subject: 3com-ing a netwerk
Date: Wed, 02 Jun 1999 17:27:27 GMT
How does the 3C905 (B to be exact) react to linux (at 100?) ? Any bad
experiences?
I'm new to building networks, so forgive the ignorance. What is the
reasoning behind using cat5 and a hub, vs coaxial going machine to
machine. My network will max out at 5 or 6 boxes (at home in the same
room), so the most obvious problem with coaxial really doesn't bother
me.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: David Akins <[EMAIL PROTECTED]>
Subject: IPFWADM and 3 NIC Firewall
Date: Thu, 03 Jun 1999 15:13:38 -0700
I have a machine with 3 NIC's in it acting as a firewall. IP Forwarding
is enabled and everything is working fine...except IPFWADM is not
working correctly for me (or I don't quite understand the syntax)
External Network : 10.100.110.0 eth0
Internal Network A: 10.100.111.0 eth1
Internal Network B: 10.100.112.0 eth2
OK, I do the following:
ipfwadm -O -p accept
ipfwadm -I -p accept
ipfwadm -F -p deny
Then I flush any rules:
ipfwadm -O -f
ipfwadm -I -f
ipfwadm -F -f
ipfwadm -A -f
Bascially, I want to allow Internal Network A to have unlimited access
to the External Network and the External Network to have No access to
Internal Network A. I tried the following:
ipfwadm -F -a accept -P all -S 10.100.110.0/24 -D 0.0.0.0/0
After running this command I still cannot ping the external network from
Internal Network A. However if I change the subnet mask to 23 bits as
in:
ipfwadm -F -a accept -P all -S 10.100.110.0/23 -D 0.0.0.0/0 it will
ping. What gives??
------------------------------
From: [EMAIL PROTECTED] (Duncan Simpson)
Subject: Re: Direct connection to the internet.
Date: 3 Jun 1999 13:37:17 GMT
In <m5i53.43$[EMAIL PROTECTED]> "mboerner" <[EMAIL PROTECTED]> writes:
>Hi:
>I have always wondered whether I could get a direct connection to the net
>without an ISP.
>Or perhaps I would like to know how to become an ISP for my own operations.
>Can anyone give me some feedback on where to start?
If you want not to have an ISP start by building a large backbone
network and getting some agreements with the other backbone networks
out there. If you do not have the finance to do that then you *need*
an ISP: almost all ISPs buy a (leased line) connection from another
ISP (like uunet). Some of the larger ISPs have a couple of leased
lines to different ISPs. These connections are *lot* more than $10 a
month, even for just a T1 link.
These connection are nice given you take the proper security but
outside most people's bank balance.
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."
------------------------------
From: "David Means" <[EMAIL PROTECTED]>
Subject: Re: Sendmail and host.domain.com instead of domain.com
Date: Thu, 3 Jun 1999 16:33:53 -0700
Herman Willekens <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hi folks,
>
> I would like to use sendmail as a relay, but would like to rewrite all
> headers of outgoing mail as [EMAIL PROTECTED] instead of
> [EMAIL PROTECTED]
>
I posted this yesterday in response to another guy wanting the same
thing, but maybe your search didn't find it.
This is only moderately tricky, but there are several steps.
1. Find and install the sendmail source stuff; you will need to
end up with a batch of files in /usr/lib/sendmail-cf. How to do this
depends a great deal on which distribution you have access to.
You will also need to have the m4 preprocessor installed; mine
is in /usr/bin/m4
2. In /usr/lib/sendmail-cf/cf/ you should find a bunch of *.mc files.
Choose one that has OSTYPE(`linux') in the first few lines, to use
as a starting point. (Mine is named redhat.mc). Add the following
lines to this, just above the spot where HACKS(...) begin to appear.
define(`LOCAL_RELAY')
MASQUERADE_AS(mydomain.net)
MASQUERADE_DOMAIN(mydomain.net)
FEATURE(masquerade_envelope)
3. Following the directions in /usr/lib/sendmail-cf/README, run m4 to
generate a sendmail.cf file (your choice of names), and then TEST IT
using the sendmail -bt option.
4. I think I also needed to create the file /etc/sendmail.cw which
contains the various names by which my server should be known to
sendmail. I have two lines in this file: the ONE TRUE NAME for
the host (its A record, per DNS), and mydomain.net, in your terms.
------------------------------
From: Win Heagy <[EMAIL PROTECTED]>
Subject: Re: Linksys Problem?
Date: Thu, 03 Jun 1999 19:56:37 -0400
It has the PNIC chipset...I heard rumors that there may be
some problems with these. I sort of figured the driver
would have been updated for the PNIC chips.
Win
Scott Tyson wrote:
>
> No problems here. I have used mine with RH 5.2 and RH 6.0. used
> whatever Driver came with the distribution. BTW what chipset does your
> card have the DEC (older card) or the PNIC LNE100TX?
>
> In article <[EMAIL PROTECTED]>,
> Win Heagy <[EMAIL PROTECTED]> wrote:
> > Anyone else having trouble with the Linksys 10/100
> > PCI Fast Ethernet cards? Mine will lock X
> > occasionally while running a Netscape session
> > over the network. I have a version of tulip.c
> > that is about 1 month old.
> >
> > Any help or suggestions are appreciated.
> >
> > Win
> >
> > [EMAIL PROTECTED]
> >
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
------------------------------
From: David Akins <[EMAIL PROTECTED]>
Subject: Re: IPFWADM and 3 NIC Firewall
Date: Thu, 03 Jun 1999 15:16:04 -0700
David Akins wrote:
> I have a machine with 3 NIC's in it acting as a firewall. IP Forwarding
> is enabled and everything is working fine...except IPFWADM is not
> working correctly for me (or I don't quite understand the syntax)
>
> External Network : 10.100.110.0 eth0
> Internal Network A: 10.100.111.0 eth1
> Internal Network B: 10.100.112.0 eth2
>
> OK, I do the following:
> ipfwadm -O -p accept
> ipfwadm -I -p accept
> ipfwadm -F -p deny
>
> Then I flush any rules:
>
> ipfwadm -O -f
> ipfwadm -I -f
> ipfwadm -F -f
> ipfwadm -A -f
>
> Bascially, I want to allow Internal Network A to have unlimited access
> to the External Network and the External Network to have No access to
> Internal Network A. I tried the following:
>
> ipfwadm -F -a accept -P all -S 10.100.110.0/24 -D 0.0.0.0/0
>
> After running this command I still cannot ping the external network from
> Internal Network A. However if I change the subnet mask to 23 bits as
> in:
>
> ipfwadm -F -a accept -P all -S 10.100.110.0/23 -D 0.0.0.0/0 it will
> ping. What gives??
Oops, my examples should have been:
ipfwadm -F -a accept -P all -S 10.100.111.0/24 -D 0.0.0.0/0
and
ipfwadm -F -a accept -P all -S 10.100.111.0/23 -D 0.0.0.0/0
If anyone can help, I'd appreciate it.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Help, Apache won't run my cgi
Date: Thu, 03 Jun 1999 22:09:32 GMT
I have a similar problem. I can run the shell from the command line,
the browser will find the file in the cgi-bin, but it either:
1) Returns the same error message when run directly --either executed
with shtml or by typing the url of the script directly.
"Internal Server Error
The server encountered an internal error or misconfiguration and
was unable to complete your request.
Please contact the server administrator, and inform them of the time the
error occurred, and anything you might have done that may have caused
the error."
or
2) Returns the entire script (or binary when it is a C program) when
it is run as the action of a form.
#!/bin/perl
# --script that does something
print "Content-type: text/html\n\n";
print "<HTML>\n<HEAD><TITLE></TITLE></HEAD>\n";
print "<BODY>\n";
print "//results of script";
print "</BODY></HTML>\n";
>From the command line the script runs, it accepts query strings, parses
variables, and does all that its supposed to, and it prints to standard
output:
Content-type: text/html
<HTML>
<HEAD><TITLE></TITLE></HEAD>
<BODY>
//results of script
</BODY></HTML>
I use apache too (don't remember which version) on both my ISP and my
linux box at home. I know the server has user cgi-bins. My problem
began with updating a website that already has working cgi. I don't
have access to the other cgi on that site, though.
At first I thought it was just a problem on my linux machine, but it has
apache, perl, and a cgi-bin directory already (/home/httpd/cgi-bin).
One thing on my home machine is that files from the /home/httpd/html
directory don't automatically find files in the cgi-bin. I need to type
a full (or relative ../cgi-bin/file.cgi) pathname in order for it to
find them. I was under the impression that under ~/httpd/html/ files
would automatically find files in the ~/httpd/cgi-bin/.
When I use a form like:
<FORM ACTION="../cgi-bin/file.cgi" METHOD="get">
<INPUT TYPE="submit">
</FORM>
It will show the query in the location bar and then print the text of
the script.
Any suggestions?
Aaron Evans
[EMAIL PROTECTED]
====================================
In article <7isg1b$rtu$[EMAIL PROTECTED]>,
"TURBO1010" <[EMAIL PROTECTED]> wrote:
> I have apache 1.3.4, and I'm trying to run a simple perl script, but
it
> doesn't work. I've named the webpage *.shtml and put in <!--#exec
> cgi="/cgi-bin/count.pl"--> but it doesn't work. I know the script
works,
> because if I do perl count.pl then it returns html to me. I think the
> problem is that apache isn't running the script, and I'd like to know
if
> anyone can help me, or at least point me in the right direction to try
to
> get apache to run my cgi. Thanks in Advance for any assistance.
>
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Scott W. Petesen)
Subject: Re: Basic question on Linux firewall
Date: Thu, 03 Jun 1999 14:02:20 GMT
Thank you very much that is exactly what I am looking for.
Scott
On Wed, 2 Jun 1999 15:38:18 -0700, "David Means"
<[EMAIL PROTECTED]> wrote:
>
>Scott W. Petesen <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> My customer has and entire official class C address for the whole
>> company.
>>
>> Every workstations has access to the internet via a cisco router
>> connected to a T-1 line.
>>
>> I would like to drop in a linux firewall between the internal network
>> and the router to prevent outside users from accessing machines on the
>> internet network.
>>
>> I have 2 network cards in the server, what ip addresses do I give
>> them?
> You need a subnet for the link between the Linux box and the router.
>If your customer already has done subnetting, you'll need to slurp up one
>for this purpose (maybe putting any machines that are *supposed* to be
>publicly accessible on that segment as well).
> If not, then there is more fun to be had, because you'll need to do the
>subnetting, which means figuring out how to divide the address space into
>portions; this is a tradeoff between how many addresses they want to blow
>on the demilitarized-zone subnet, and how many they want to blow because
>each subnet needs 2 host addresses reserved (0 and all-1s).
> And you can send a portion of your consulting fee to me anytime. :-)
>
>
====================================
Scott W. Petersen - N9SLA
Web Page: www.wwa.com/~scooter
Elgin, IL - USA
ICQ 8287204
Packet E-mail:
[EMAIL PROTECTED]
====================================
PLEASE note e-mail address is scooter @ wwa.com
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
