Linux-Networking Digest #409, Volume #11 Fri, 4 Jun 99 20:13:36 EDT
Contents:
Re: ip_rt_advice: redirect to 192.168.1.4/00 dropped (Dann Church)
kppp only works for root, not for other users (2.2.3 kernel) (Debacker Marc)
Re: 3com-ing a netwerk (Stuart R. Fuller)
Re: USR Sportster 33.6 external modem (Kerstin =?iso-8859-1?Q?S=E4lzer?=)
DialIN & Required hardware ("Tais M. Hansen")
Re: Linux: ICMP Redirect, IP Source Routing unterdruecken (Bernd Eckenfels)
Re: Getting Linux through MS Proxy Server? ("Mike Somerville")
Re: DialIN & Required hardware ("Jan Johansson")
Re: Point me the right way on DSL ?? ("David Means")
Redhat 6.0/Samba/smbmount ("Linda Singer")
Re: Help with Samba and Win Box (Monte Phillips)
Re: Getting Linux through MS Proxy Server? ("Jan Johansson")
TFTP Server / Client Source (Ian Farrer)
Re: 3com-ing a netwerk ([EMAIL PROTECTED])
telnet daemon (Ross Jones)
BBS? ("SpiKe")
Re: firewall transparent proxy using ipfwadm (Daniel Kiracofe)
Re: 3com-ing a netwerk ([EMAIL PROTECTED])
Re: Running a server behind masqueraded connect? (Iain O'Cain)
authentication ("Daniel Burk")
Re: Question on VPN (Virtual Private Networking)i ("Ulrich Latzenhofer")
Help BOOTP ("Guo Quin")
Re: RH 6.0 and a Eicon Diehl Diva 2.0 ISDN T/A (Wienux)
diald (Brian Witowski)
Re: Compiling IPPORTFW option on 2.2 kernel (Iain O'Cain)
Re: DialIN & Required hardware ([EMAIL PROTECTED])
Re: Linux: ICMP Redirect, IP Source Routing unterdruecken (Bernd Eckenfels)
Trouble with Telnet (or me?) on RH 6.0 with DHCP and DNS on. (igavryus)
Getting ipmasqadm to play nice with ipchains rules for port forwarding (Iain O'Cain)
Re: Networking ?, please help! ("Karlheinz Kimmel")
----------------------------------------------------------------------------
From: Dann Church <[EMAIL PROTECTED]>
Subject: Re: ip_rt_advice: redirect to 192.168.1.4/00 dropped
Date: Fri, 04 Jun 1999 06:23:01 -0600
Haven't seen this meesage, but it looks like you've got something horked up in
your routing tables. This message looks like it is as the result of and ICMP
redirect message.
Check your routing tables to see if you've got something strange in it and
also run:
tcpdump -vv > /tmp/tcpdump.txt 2>&1
Just before you telnet out or telnet it from another box. You will see if
you're getting those error messages or not.
Good luck!
--Dann Church
Green Screen wrote:
> ip_rt_advice: redirect to 192.168.1.4/00 dropped
>
> got this in /var/log/debug as a result of trying to telnet, ftp, etc (any
> tcp/ip app it appears) to this box from another one on the local subnet.
> have no problems with any other boxes on the subnet... setup is as
> follows:
>
> 192.168.1.1 this box Linux 2.2.6
> 192.168.1.2 another box Linux 2.2.6 no problems connecting
> 192.168.1.3 yet another box Linux 2.2.6 no problems
> 192.168.1.4 new slackware4.0 install, Linux 2.2.6, can ping just fine,
> tcp/ip apps do not work to .1 (this box), message mentioned above appears
> in /var/log/debug on this box.
>
> trying to connect from 192.168.1.1 to 192.168.1.4 does the same thing,
> only .4 doesn't log anything in debug.
>
> any help at all is appreciated... thanks
>
> Lint^^
>
> btw: followup postings are nice, e-mail would be even better
> ([EMAIL PROTECTED])
------------------------------
From: Debacker Marc <[EMAIL PROTECTED]>
Subject: kppp only works for root, not for other users (2.2.3 kernel)
Date: Fri, 04 Jun 1999 14:25:07 +0200
Hello there,
I recently upgraded my computer from kernel 2.0.32 and KDE 1.0 to 2.2.3
and KDE 1.1.
I had kppp working on the 2.0.32 kernel without any problems, both for
root as wel as for ordinary users.
But now with the 2.2.3 kernel, i'm not capable anymore to run kppp as
non root user. I always get the error message 'pppd died unexpectedly'
I checked the kppp manual over and over and over again, verified all the
things in there, but i'm still without luck
Firing up ppp using the ppp-on script as ordinay users works without any
problem, as i followed the instructions indicated in the PPP-HOWTO.
Essential messages do go in some files under /var/log, because i use the
option -v for chat, and -debug and -kdebug 1 for pppd.
The only thing i can find in the log files is ...
can not reopen /dev/ttyS2: Permission denied.
Has this something to do with the version of pppd i'm using (2.3)?
Any help is appreciated!
Thanx
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Stuart R. Fuller)
Subject: Re: 3com-ing a netwerk
Reply-To: [EMAIL PROTECTED]
Date: Fri, 04 Jun 1999 22:00:02 GMT
[EMAIL PROTECTED] wrote:
: How does the 3C905 (B to be exact) react to linux (at 100?) ? Any bad
: experiences?
:
: I'm new to building networks, so forgive the ignorance. What is the
: reasoning behind using cat5 and a hub, vs coaxial going machine to
: machine. My network will max out at 5 or 6 boxes (at home in the same
: room), so the most obvious problem with coaxial really doesn't bother
: me.
Coax is limited to 10Mb/sec.
Cat 5 and a hub can potentially go to 100Mb/sec (with the right hub and
cards). In addition, a hub typically has lotsa pretty lights to look at when
things are running swell, and those same lights can help with troubleshooting
when things aren't running so swell. You can more easily isolate a
malfunctioning system with the hub, with less likely hood of affecting the
rest of the network.
Stu
------------------------------
From: Kerstin =?iso-8859-1?Q?S=E4lzer?= <[EMAIL PROTECTED]>
Subject: Re: USR Sportster 33.6 external modem
Date: Fri, 04 Jun 1999 23:50:11 +0200
Hi Nathan!
What stands in your /var/log/messages if this happens?
This may give us a hint... I hope so!
Ciao,
Lothar
( [EMAIL PROTECTED] )
LUGnut schrieb:
> Can anyone offer any assistance on setting up an external USR Sportster 33.6
> on a Linux 5.2 box? I can dial, and connect, and I think that I can
> authenticate. The problem is, I'm online for about 3 seconds after I type
> in my password, and I get a no carrier error.
>
> Thanks
>
> [EMAIL PROTECTED]
------------------------------
From: "Tais M. Hansen" <[EMAIL PROTECTED]>
Subject: DialIN & Required hardware
Date: Fri, 04 Jun 1999 15:06:11 +0200
Hi!
Does anyone have a detailed guide on making a dialin server including
descriptions on the hardware needed?
Thanks in advance!
- Tais M. Hansen, MSB International A/S
------------------------------
From: Bernd Eckenfels <[EMAIL PROTECTED]>
Crossposted-To: de.comm.internet.routing
Subject: Re: Linux: ICMP Redirect, IP Source Routing unterdruecken
Date: 4 Jun 1999 01:23:52 GMT
In comp.os.linux.networking Wolfgang Zweimueller <[EMAIL PROTECTED]> wrote:
> Abgesehen davon, da� ich bei SAP als Beispiel blieb (von dessen
> Einsatz ich keine Erfahrung habe, und daher auch die Sinnhaftigkeit
> von SAP-Routern in Kombination mit IP-Routern nicht beurteilen aknn)
> scheint es, da� wir doch die selben Ziele haben. Einzig die
> Nebenbedingungen geben uns einen unterschiedlichen Weg dahin vor ;-)
SAP Router sind keine Router sondern Application Level Proxies.
Gruss
Bernd
------------------------------
From: "Mike Somerville" <[EMAIL PROTECTED]>
Subject: Re: Getting Linux through MS Proxy Server?
Date: Sat, 5 Jun 1999 03:11:26 -0400
If you find out how let me know. That is my setup to
[EMAIL PROTECTED]
Benjamin Walling <[EMAIL PROTECTED]> wrote in message
news:veE53.586$[EMAIL PROTECTED]...
> I have an NT box with MS Proxy Server 2.0 running on it. I have set up
> Netscape on my linux box to get out through it (Netscape has internal
proxy
> settings). How can I get the rest of the box to 'see' out (ping, ftp,
other
> apps, etc)? The NT box has two nics - one to my cable modem with a static
> real ip address, one to a hub with 10.x.x.x address. The linux box has a
> 10.x.x.x address. I can ping both nics in the NT server, but nothing past
> it. There has got to be some setting somewhere -- does anyone know what
it
> is????
>
> Thanks for any help!!
> Benjamin Walling
>
>
------------------------------
From: "Jan Johansson" <[EMAIL PROTECTED]>
Subject: Re: DialIN & Required hardware
Date: Fri, 4 Jun 1999 15:17:35 +0200
>Does anyone have a detailed guide on making a dialin server including
>descriptions on the hardware needed?
A modem, a com-port and mgetty (thats all you need). if you want to get
exotic i recommend www.equinox.com
------------------------------
From: "David Means" <[EMAIL PROTECTED]>
Subject: Re: Point me the right way on DSL ??
Date: Fri, 4 Jun 1999 15:12:07 -0700
Rich <[EMAIL PROTECTED]> wrote in message
news:lyW53.188$[EMAIL PROTECTED]...
> Could someone be kind enough to post a link to a site that shows how to
> setup DSL on Linux.
>
> I am running Mandrake 5.3 and have it setup as with IP masquerading. It
> works great as a dial up. My DSL stuff just came, and I need some help
> setting it up. I recompiled the Kernel so it supports the new 3 com card.
I
> have a Cisco 675 router and need to know where to go from here.
Well, there are a couple of options that you need to figure out before you
start:
1. Will the Cisco 675 be operating as a bridge (US West insists on this),
or
as a router? If it's a bridge, then the external ethernet port on your
Linux
box gets to be part of your ISP's address space. If it's a router, then the
external port on your Linux box gets to be part of a local subnet, which
contains the ethernet port on the 675 and the ethernet port on the Linux
box.
2. How you get that subnet is again a choice: if you have an assigned
(public)
IP address space, you can use one of the subnets assigned to you; if not,
you
need to figure out how to get the 675 to do network address translation
(NAT);
rtfm.
In any event, your setup will eventually look like this:
|--------------| |--------------|
| | * | |
/
ISP----| 675 |------------| Linux |---------------|
| | | |
Internal net \
|--------------| |--------------|
The link marked * can be a direct (crossed) connection of twisted
pairs (the 675 comes with the right cable) if there are only 2 attachements.
If you want more publicly accessible machines on this subnet, then
you need a multiport hub there.
Then you may need to alter your network startup scripts so that
whatever firewalling and masquerading your Linux box is doing
gets going *before* the first packet is accepted from the Internet.
One of the unpleasant surprises I have had with the DSL connection
is the number of hackers (from all over the world) who think it is
lots of fun to scan for and then hack systems that are connected to
the Internet; a system connected full-time (as yours will be with DSL)
is a much more attractive target than one on a DHCP dialup link.
I recommend the HOWTOs, particularly HOWTO/Firewall-HOWTO
and HOWTO/NET-3-HOWTO to get started. Before long, you will
also want to dig into HOWTO/DNS-HOWTO if you haven't already got
that running.
------------------------------
From: "Linda Singer" <[EMAIL PROTECTED]>
Subject: Redhat 6.0/Samba/smbmount
Date: Fri, 4 Jun 1999 17:41:17 -0400
How do I get a non root user to be able to mount an smb volume.
I have setuid on more smbmnt and smnumount and both give
a permissions error.
What am I missing?
------------------------------
From: [EMAIL PROTECTED] (Monte Phillips)
Subject: Re: Help with Samba and Win Box
Date: Fri, 04 Jun 1999 12:39:07 GMT
Real good chance that you haven't set up your /etc/hosts &
/etc/lmhosts files. Also the /etc/smb.conf file
check those if you need a step by step go to this site.
http://home.talkcity.com/MigrationPath/maguai/
g'luk
>On Fri, 04 Jun 1999 03:59:35 GMT, "Aaron Fransen" > I am trying to set up a simple
>network using RH 5.2 as a Server for Two Windows Computers.
>One is Win98 and the other is Win95. I can not seam to get the right configuration.
>The WIN boxes can easily see themselves and the server can ping
>itself. Whenever I try to ping the Server from one of the Win boxes nothing happens.
>The Server will not accept any Telnet sessions, FTP sessions or even
>a HTTP session. Why am I hitting my head against the wall over this?
> My questions:
> What protocols should be used by the Winboxes
> What client should it be set up for.
> And why cant these two different operating systems see each other!
> I have slowly be moving my way through the man pages about this trying different
>things. But even without the SMB server shouldn't the two computers
>be able to communicate using just the TCP protocol for access to FTP, Telnet, and
>HTTP?
> please help me! (Obviously I am using a class C network)
> [EMAIL PROTECTED]
------------------------------
From: "Jan Johansson" <[EMAIL PROTECTED]>
Subject: Re: Getting Linux through MS Proxy Server?
Date: Fri, 4 Jun 1999 14:17:38 +0200
Benjamin Walling wrote in message ...
>I have an NT box with MS Proxy Server 2.0 running on it. I have set up
>Netscape on my linux box to get out through it (Netscape has internal proxy
>settings). How can I get the rest of the box to 'see' out (ping, ftp,
other
>apps, etc)? The NT box has two nics - one to my cable modem with a static
>real ip address, one to a hub with 10.x.x.x address. The linux box has a
>10.x.x.x address. I can ping both nics in the NT server, but nothing past
>it. There has got to be some setting somewhere -- does anyone know what it
>is????
MS Proxy requires a client to be used for anything else but http / ftp
porxying. Install winroute (www.winroute.com) on the NT if you want this
setup to work for something else.
------------------------------
From: Ian Farrer <[EMAIL PROTECTED]>
Subject: TFTP Server / Client Source
Date: Fri, 04 Jun 1999 22:40:22 +0100
Does anyone know where I can get hold of the source code for a TFTP
server or client?
Thanks in advance,
ian:)
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: 3com-ing a netwerk
Date: Fri, 04 Jun 1999 12:43:44 GMT
I was totally unaware of that. The coaxial is no longer an option for
me.
Part of the reason to build this network, is to learn real networking,
but also to build a really powerful workstation out of mediocre systems
dedicated to certain tasks, hosting a burner or a scanner and various
applications.
Thanks!
In article <7j6k8f$v4$[EMAIL PROTECTED]>,
"Damon J. Rygiewicz" <[EMAIL PROTECTED]> wrote:
> In order to run the network at 100Mbps/sec speed, you will have to use
CAT5
> cable and a hub. BNC coax cable simply won't run faster than
10Mbps/sec.
>
> Damon
>
> [EMAIL PROTECTED] wrote in message
<7j3phi$oqm$[EMAIL PROTECTED]>...
> >How does the 3C905 (B to be exact) react to linux (at 100?) ? Any bad
> >experiences?
> >
> >I'm new to building networks, so forgive the ignorance. What is the
> >reasoning behind using cat5 and a hub, vs coaxial going machine to
> >machine. My network will max out at 5 or 6 boxes (at home in the same
> >room), so the most obvious problem with coaxial really doesn't bother
> >me.
> >
> >
> >Sent via Deja.com http://www.deja.com/
> >Share what you know. Learn what you don't.
>
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
Date: Fri, 04 Jun 1999 08:47:55 -0500
From: Ross Jones <[EMAIL PROTECTED]>
Subject: telnet daemon
Does anyonre know of a telnet daemon that supports the SOCKS 4 protocol.
I need to find one for a datat general machine running the magic
OS(formally mumps).
thanks in advance.
ross
------------------------------
From: "SpiKe" <[EMAIL PROTECTED]>
Subject: BBS?
Date: Fri, 4 Jun 1999 23:51:16 +0100
Is it possible to make a BBS for people to dial into? I know that you can
get people to dial in but what I really want to know is if you can limit
them to a certain amount of time and a certain amount of download KB?
- Chris
============
ICQ: 5303485
===========================
6 June 1999 - European Telecommunications Boycott www.telecom.eu.org
In the United Kingdom - Campaign for Unmetered Telecommunications
www.unmetered.org.uk
------------------------------
From: Daniel Kiracofe <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.system,linux.redhat.development
Subject: Re: firewall transparent proxy using ipfwadm
Date: Fri, 04 Jun 1999 09:51:46 -0400
> The ipfwadm program has the ability to redirect incoming traffic to a
> socket on the firewall, even if the traffic is not for the firewall.
> Redirection works fine. How do you determine what the original destination
> was? Example; 3 machines - client (inside the firewall), firewall, and
> distant.host. Client attempts to access a web page on distant.host,
> firewall redirects the request to a socket on the firewall. How does the
> program accept()'ing on that firewall socket determine that the request is
> _to_ distant.host? I can get the client with a getpeername() call. But
> what about the destination? I'm using RedHat 5, kernel 2.0.36. Thanks.
The magic is getsockname(). Ordinarily, this call will give you the IP
of the firewall. With transparent proxying, it gives you the intended
destination address. You should be able to find a little program called
transproxy at ftp://ftp.nlc.net.au/pub/linux/www/. Look at the source
for an example of transparent proxying...
--
/* Daniel */
http://users.gurulink.com/drk
"Fear is only afraid of the absence of itself" - Mediocrates
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: 3com-ing a netwerk
Date: Fri, 04 Jun 1999 13:05:31 GMT
How much do small switches generally cost? Are "they" making switches
with linux?
One thing I don't understand about hubs, is exactly what do they do
other than server as junction to connect the wires. As I think I
understand it, packets are seen by every system connected to a hub, but
switches route packets only to their destination (possibly to another
network), reducing the traffic that could be sniffed from a given
machine, which would be good, since I would like to have my firewall box
connected to the internet 24-7.
Would a switch make it easier to build subnets and combine networks? I'm
going to get a bunch of used 486s to build subnets and seperate
networks, and then combine them together? Anybody got a dozen or so
cheap NICs????
In article <7j83rh$4sg$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Wienux) wrote:
> That's right.
> CAT5 is specificaly designed to transport data over a larger distance
> with higher speed.
> CAT5 is designed to cope with more then 100 Mbit but you will only use
> 100Mbit.
> For a 5 PC network a HUB will suffice but if you have the money, you
> could buy a SWITCH.
> A SWITCH has it's own CPU and all poorts on it will get an equal
> amount of CPU time, thus making it faster.
>
> WIENUX
>
> "Damon J. Rygiewicz" <[EMAIL PROTECTED]> wrote:
>
> >In order to run the network at 100Mbps/sec speed, you will have to
use CAT5
> >cable and a hub. BNC coax cable simply won't run faster than
10Mbps/sec.
>
> >Damon
>
> >[EMAIL PROTECTED] wrote in message
<7j3phi$oqm$[EMAIL PROTECTED]>...
> >>How does the 3C905 (B to be exact) react to linux (at 100?) ? Any
bad
> >>experiences?
> >>
> >>I'm new to building networks, so forgive the ignorance. What is the
> >>reasoning behind using cat5 and a hub, vs coaxial going machine to
> >>machine. My network will max out at 5 or 6 boxes (at home in the
same
> >>room), so the most obvious problem with coaxial really doesn't
bother
> >>me.
> >>
> >>
> >>Sent via Deja.com http://www.deja.com/
> >>Share what you know. Learn what you don't.
>
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Iain O'Cain)
Subject: Re: Running a server behind masqueraded connect?
Date: 4 Jun 1999 23:10:34 GMT
Reply-To: [EMAIL PROTECTED]
Can you provide more details? What port(s) does the game server use?
What have you tried so far?
You should be able to use "ipmasqadm portfw ..." to get there, but I'm
snagged on this myself, just trying to open up port 80 to an inside
system.
- I
------------------------------
From: "Daniel Burk" <[EMAIL PROTECTED]>
Subject: authentication
Date: Fri, 4 Jun 1999 16:04:51 -0700
Reply-To: "Daniel Burk" <[EMAIL PROTECTED]>
Using Samba 2.0.4b, how do you get a Red Hat Linux workstation to
authenticate against an NT Server 4.0 SP3 PDC?, without having a local
password file. And yes, I successfully added the computer to the domain, and
properly configured the smb.conf file.
------------------------------
From: "Ulrich Latzenhofer" <[EMAIL PROTECTED]>
Subject: Re: Question on VPN (Virtual Private Networking)i
Date: Thu, 3 Jun 1999 16:14:07 +0200
Hi,
Linux FreeS/WAN is available at http://www.xs4all.nl/~freeswan/.
Kind regards,
UIrich Latzenhofer
William Sargent <[EMAIL PROTECTED]> schrieb in im Newsbeitrag:
3754929d$0$[EMAIL PROTECTED]
> John Mellor <[EMAIL PROTECTED]> wrote:
> : In article <[EMAIL PROTECTED]>,
> : [EMAIL PROTECTED] (Superfly) writes:
> : |> I am a cox@home User & I am trying to create a V.P.N with another
> : |> @home user any tips would be GREATLY APPRECIATED
>
> : Chances are. you don't need a really full vpn. Take a look at running
ssh
> : on either end. You can then transport X sessions and replace rlogin.
Ftp
> : and rcp are replaced by scp. Its really messy to transport other
connections
> : though.
>
> However, if you ARE looking for a full VPN, try out FreeS/WAN, which uses
IPSec
> as the transmission protocol and is transparent to all applications.
>
> I'm afraid I don't have a URL for frees/wan, but try looking on
slashdot.org
> or google -- it has a fair amount of press.
>
> Will.
------------------------------
From: "Guo Quin" <[EMAIL PROTECTED]>
Subject: Help BOOTP
Date: Fri, 04 Jun 1999 23:22:40 GMT
Hello.
Is BOOTP standed for :
1/Diskless workstation ?
2/Boot parameters at system bootup ?
3/Boot protocol ?
God bless you all
Kieu
------------------------------
From: [EMAIL PROTECTED] (Wienux)
Subject: Re: RH 6.0 and a Eicon Diehl Diva 2.0 ISDN T/A
Date: Fri, 04 Jun 1999 22:46:49 GMT
"Kjoe" <[EMAIL PROTECTED]> wrote:
>the code in the kernel is for some odd reason version 2.8 and a working
>version of the hisax for eicon should be 3.0 or more. what you do is
>download ftp://ftp.suse.com/pub/isdn4linux/v2.1/isdn-tar.gz
>and copy include and driver dir into your kernel dir. compile hisax as
>module, use isapnp to configure your eicon card (pci isnt supported yet) and
>you should be up and running.
Oke ill do that ... if i would know where my kernel dir is and how to
compile it.
I did a pnpdump > /etc/isapnp.cfg
what do i need to change for in it for both my 3c509b and my eicon
diva 2.01 to work ???
------------------------------
From: Brian Witowski <[EMAIL PROTECTED]>
Subject: diald
Date: Fri, 04 Jun 1999 19:34:46 -0400
Greetings,
I am running COL 1.3. and KDE. I recently compiled and installed
diald. Is there anybody who
is using this and could fill me in as to exactly which config files I
need to have in place
and maybe pass along a copy of these scripts? I have suspicions that
the paths etc.
that I have are specific to Red Hat etc. I am using Xisp right now. Am
I supposed to
have an /etc/ppp/ppp-dialer? Also, what files does Xisp alter?
If I type "Diald up" it seems to lock up my entire network (which
consists of the Linux
box and a Win98 box). Samba no longer works and I can't telnet. If I
type "Diald down"
it doesn't seem to help. I have to reboot. Any help would be
appreciated!
Brian
------------------------------
From: [EMAIL PROTECTED] (Iain O'Cain)
Subject: Re: Compiling IPPORTFW option on 2.2 kernel
Date: 4 Jun 1999 23:18:07 GMT
Reply-To: [EMAIL PROTECTED]
Aaron Fransen <[EMAIL PROTECTED]> wrote:
>I've installed IPMASQADM and compiled it, but it doesn't compile the
>IPPORTFW.SO option. How can I compile this separately? I've tried everything
>I know...which isn't a heck of a lot I know!
If you're willing to use precompiled binaries, you can just grab
ipmasqadm-0.4.2-2.i386.rpm somewhere at http://juanjox.kernelnotes.org/.
It includes portfw.so.
You should also have a
/lib/modules/[kernelversion]/ipv4/ip_masq_portfw.o
on your system after building a kernel and its modules (don't miss the
"make modules_install" step). I'm lost once it comes to knowing just
how these parts all fit together, but following the meager thread of
directions for the parts will eventually get you there. This is all
still experimental code.
- I
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: DialIN & Required hardware
Date: 4 Jun 1999 14:11:43 GMT
Jan Johansson <[EMAIL PROTECTED]> schrieb
am Fri, 4 Jun 1999 15:17:35 +0200 in comp.os.linux.networking:
>>Does anyone have a detailed guide on making a dialin server including
>>descriptions on the hardware needed?
JJ> A modem, a com-port and mgetty (thats all you need). if you want to get
JJ> exotic i recommend www.equinox.com
Perhaps a supported ISDN Card and a proper setup.
mfG
J. Sauer
- Professionelle Linux Server, Professioneller Support und Dienstleistungen ---
- AutomatiX GmbH - Vollautomatische Kransteuerungen & SAP f�higes Lagerger�t -
- J�rgen Sauer Neue Str. 11 28790 Schwanewede mailto:[EMAIL PROTECTED] -
- +49 4209-4699 +49 172-5466499 FAX +49 4209 4644 http://www.automatix.de -
------------------------------
From: Bernd Eckenfels <[EMAIL PROTECTED]>
Crossposted-To: de.comm.internet.routing
Subject: Re: Linux: ICMP Redirect, IP Source Routing unterdruecken
Date: 4 Jun 1999 23:58:53 GMT
In comp.os.linux.networking Detlef Bosau <[EMAIL PROTECTED]> wrote:
> Ueber den PVC ginge nur noch TCP Nutzlast. Kein Paketheader mehr.
> Wege_entscheidungen_ waehrend des Transportes wuerden entfallen,
> es wuerden vorgefertigte Switchingtables abgefragt.
Worin unterscheiden sich ATM switches von IP Routern? Oder IP Header von ATM
Headrn (mal abegsen dass letztere einen deutlich groesseren Teil des
Datenverkehrs ausmachen).
Gruss
Bernd
------------------------------
From: igavryus <[EMAIL PROTECTED]>
Subject: Trouble with Telnet (or me?) on RH 6.0 with DHCP and DNS on.
Date: Fri, 04 Jun 1999 16:29:48 -0700
Hi!
Does anybody have any suggestion on the situation described below:
RedHat 6.0. Gnome on. DHCP based connection to LAN (not ISP). DNS on
LAN.
Telnet to a server (with permanent IP) from xterm within X session hangs
before login.
Telnet from virtual console goes OK except the DISPLAY variable is not
set on host upon connection. With the variable set manually I have X
clients running within my X session without problems.
When I prohibit use of DNS then everything works fine. Upgrade to the
latest pump only deprived me from ability to switch DNS off.
Also it seems that according to shell prompt my machine picks up its
hostname from DHCP somehow (i.e. instead of localhost it becomes
dhcp-bla-bla-bla...).
Thank you
------------------------------
From: [EMAIL PROTECTED] (Iain O'Cain)
Subject: Getting ipmasqadm to play nice with ipchains rules for port forwarding
Date: 4 Jun 1999 23:28:34 GMT
Reply-To: [EMAIL PROTECTED]
I've got a P166 with the Red Hat 6.0 distribution on it. I've built and
booted a kernel with CONFIG_EXPERIMENTAL=y CONFIG_IP_MASQUERADE_IPPORTFW=m
... and most other masq, routing, and firewall related stuff turned on.
My firewall box has an eth0 which talks to the outside world and eth1 for
the inside (our 10.0.1.0/24 network, its IP is 10.0.1.254).
I've tried using this to turn on the "reverse" masq ...
ipchains -I forward -p tcp -s 10.0.1.52/32 80 -j MASQ
... then tried using this to turn on port forwarding (we'll pretend
here that I'm on the 111.111.111.0 public network) ...
ipmasqadm portfw -a -P tcp -L 111.111.111.158 80 -R 10.0.1.52 80
... but clients trying to reach 111.111.111.158:80 still just wait and
finally time out.
Because I've also got ipchains configured masquerading letting our
inside systems get to the outside world, I used this command to try
letting the port forwarding allow connections through ...
ipchains -A input -i eth0 -p tcp -s any/0 -d 111.111.111.158 80 -j ACCEPT
ipchains -A output -i eth0 -p tcp ! -y -s 111.111.111.158 80 -d any/0 -j ACCEPT
That's based on the rule I've got which I believe allows outside
connections to port 80 on the firewall. In these rules,
EXTERNAL_INTERFACE=eth0 ANYWHERE=any/0 UNPRIVPORTS=1024:65535
IPADDR=111.111.111.156 ...
# HTTP server (80)
# ----------------
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp \
-s $ANYWHERE $UNPRIVPORTS \
-d $IPADDR 80 -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s $IPADDR 80 \
-d $ANYWHERE $UNPRIVPORTS -j ACCEPT
# HTTP client (80)
# ----------------
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s $ANYWHERE 80:65535 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \
-s $IPADDR $UNPRIVPORTS \
-d $ANYWHERE 80:65535 -j ACCEPT
Ow, my aching brain! What have I screwed up?
Thanks for any pointers -
- I
------------------------------
From: "Karlheinz Kimmel" <[EMAIL PROTECTED]>
Subject: Re: Networking ?, please help!
Date: Fri, 4 Jun 1999 15:42:22 +0200
Crossposted-To: comp.unix.solaris,comp.unix.aix
Hi,
do it with the snoop untility. Read the man page for snoop, you can =
trace a string with it.
Karlheinz Kimmel
Stanislav Krasilovskiy schrieb in Nachricht =
<7j6hse$dh4$[EMAIL PROTECTED]>...
>Hi,
>
>Please help me out, I really need to know this--is there any way to =
check
>that a message (say, a 100-byte string) which you shipped through =
UDP/IP
>has left your computer and has been placed on the network? I am =
looking
>for a system call, or anything else...please?
>
>Stan
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
