Linux-Networking Digest #435, Volume #11 Sun, 6 Jun 99 22:13:42 EDT
Contents:
Fully redundant servers ("Chris Waymire")
How do I use PAP/CHAP (Truls Soebstad)
Free Domain Forward/Direvt Service, ("MM")
Re: ipchains and online games ([EMAIL PROTECTED])
Re: adding second modem ("Greg")
Re: Samba Printing (Paul Kube)
Network Design problem (Aaron Helleman)
Netatalk & Shadow Passwords ("Lee Vorthman")
Re: Problems with RedHat 6.0, help! ("Phil Fraser")
nfs problems with Mandrake 6 distro ([EMAIL PROTECTED])
ipchains logging (Dean Kimberlee Wilson)
Re: Best Nework Cards (Honda Power)
Re: Linux and ADSL with GTE ([EMAIL PROTECTED])
Where is my /usr/sbin/in.ftpd (Michael Mellinger)
Re: Linux and BIOS ("Mike Somerville")
ipfwadm to ipchains config (Bill Lewis)
----------------------------------------------------------------------------
From: "Chris Waymire" <[EMAIL PROTECTED]>
Subject: Fully redundant servers
Date: Sun, 6 Jun 1999 18:32:53 -0500
Anyone have any good suggestions on how to make a 100% redundant backup
server that requires no administrative interaction. I currently have a
primary server that runs primary dns, smtp, web hosting and pop. I also have
a secondary server that runs backup dns, smtp and web hosting but not pop. I
am looking for a way to set something up so that the 2 servers will keep
their mail spool and home directories in sync (perhaps rsync) and the
secondary server will act as a backup for ALL services without anyone have
to copy any files, stop/start any services or have any interaction. Any and
all comments/suggestions would be greatly appreciated. Thank You.
Christopher C. Waymire
Systems Administrator/CCNA
Global Reach, LLC
Lafayette, LA
------------------------------
From: Truls Soebstad <[EMAIL PROTECTED]>
Subject: How do I use PAP/CHAP
Date: 6 Jun 1999 23:36:30 GMT
Simple question: I use DIP to connect to internet, but I don't know how
to use PAP..
------------------------------
From: "MM" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.development,comp.os.linux.development.apps,comp.os.linux.development.system,comp.os.linux.hardware,comp.os.linux.help,comp.os.linux.m68k,comp.os.linux.misc,comp.os.linux.powerpc,comp.os.linux.questions,comp
Subject: Free Domain Forward/Direvt Service,
Date: Mon, 7 Jun 1999 01:17:40 +0800
Free Domain Forward/Direvt Service,
http://www.3man.com
Quick Case study http://www.3man.com/casestudy.html
B/Rgds.,
WebMaster.,
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: ipchains and online games
Date: Sun, 06 Jun 1999 17:28:57 -0700
> <snip>
>
> Will I be able to set up the above scenario with ipchains, or is there
> another tool that is better suited? Any ipchains rules to accomplish
> this or pointers to infomation is greatly appreciated (I've checked the
> HOWTO's and dejanews with little luck).
>
> Thanks for the help,
> Aaron Williams (remove nospam in reply address)
I found the following in my search for similar setups for online gaming.
However, I have yet to try it.. Other priorities at the moment.. : )
/sbin/modprobe ip_masq_quake
That is supposed to work for Quake I and QuakeWorld running on ports 26000
and 27000
/sbin/modprobe ip_masq_quake 26000,27000,27910
For Quake I, QuakeWorld, and Quake II on ports 26000,27000,27910
These would go in the /etc/rc.d/rc.local file for me as I run Slackware and
that's where I setup the ipchains. It may be different for you. Hope this
helps.
------------------------------
From: "Greg" <[EMAIL PROTECTED]>
Subject: Re: adding second modem
Date: Sun, 6 Jun 1999 19:55:59 -0400
Yes, it looks like an external modem would be the one of
choice for the add-on.
Thanks Greg.
Brian Witowski <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Actually it depends on the modems you're using. If they are
> ISA Legacy or similar you may be able to configure to use
> any com ports as long as the IRQ are different. With external
> modems, many BIOS's will allow you to use many different
> IRQ's.
>
> Brian
>
> Greg wrote:
>
> > Hello to all,
> > I'm adding a second modem to complete a dialin,dialout
> > network, Any suggestions on the best com ports and irq
> > setting for the least amount of trouble, or better yet a
> > good howto page on adding a second modem. I'm using
> > a terminal node controller on com2 "ttys1" which can
> > be change if necessary. I've yet to see anything on
> > adding a second modem, any and all help would be
> > appreciated.
> >
> > Thanks in advance Greg.
>
------------------------------
From: Paul Kube <[EMAIL PROTECTED]>
Subject: Re: Samba Printing
Date: Sun, 06 Jun 1999 17:35:56 -0700
Trevor Porter wrote:
> ... when I set up my Linux (RH6) box to print using Samba printing,
> using the appropriate share name and the relevant username and password, the
> printer prints to the local Linux queue, which flashes the job for a second
> and then empties but the job never shows up in the NT queue.
I just managed to get things working, printing from my
Linux 2.2.5 (Debian) machine to an Epson Stylus 800 hanging
off an NT 4.0 SP4 box.
Let me just tell you what I did, before I forget; maybe it will
help you, or someone else who tracks this down in a future
search.
1. Get Samba basically working between the Linux and NT
machines. Among other things, the installation should have set
up a smbpasswd entry for every existing Linux account.
2. Set up an account on the NT machine that you will use for
printing. As far as I can tell, the name of this account has to
be identical to one on your Linux host, though the passwords
don't have to be. I used "lp", and set it up with no home
directory and no group memberships.
3. Sitting at the NT box, go to my computer>control
panel>printers>, click on the relevant printer, then go to
file>sharing, enable the printer share, and name the service.
Now click the security tab and make sure the printer permissions
include the account you set up in step 2. Including "Everybody"
also seems to do it, by---well, by giving everybody permission.
I can't resist one small comment about what a lousy interface
this is.
4. Now on the Linux side you should be able to do a
smbclient \\\\NTMACHINE\\PRINTERSERVICE THEPASSWD -U PRINTACCT -N
with the args in CAPS replaced according to your setup. Once
connected, try the print FILENAME command to make sure you can
print something. If not, fix things at this level before
going on.
5. Make e.g. /etc/samba/smbprint look something like this:
=======================================================
#!/bin/sh
# This script is an input filter for printcap printing on a unix
# machine. It uses the smbclient program to print the file to
# the specified smb-based server and service.
#
# Set up an entry in /etc/printcap similar to this:
#
# smb:\
# :lp=/dev/smb:\
# :sd=/var/spool/lpd/smb:\
# :sh:\
# :af=/var/spool/lpd/smb/acct:\
# :mx#0:\
# :if=/etc/samba/smbprint:
#
# which would create a unix printer called "smb"
# with input filter :if that points to this script.
# You will need to create the spool directory /usr/spool/smb
# with appropriate permissions and ownerships for your system.
# The "dummy" device /dev/smb is used only for locking; /dev/null
# might work as well.
# Set these variables as appropriate for your installation:
# server is the name of the print server
server=NTMACHINE
# service is the name of the shared print service on that server
service=PRINTERSERVICE
# user is the name of the user on the server that will
# use the print service
user=PRINTACCT
# password is the password of that user on the server
password=THEPASSWD
# prefilter is the pre-filtering script to use.
# Use /bin/cat for no prefiltering
prefilter=/etc/magicfilter/stylus800-filter
# logfile is where diagnostics will be logged
logfile=/var/spool/lpd/smb/smb-print.log
# Log some info. Change the >> to > if you want to save some space.
/bin/echo "server $server, service $service, user $user, filter $filter"
>> $logfile
# Pipe the job through the prefilter and thence to smbclient print
( /bin/echo "print -"
$prefilter
) | /usr/bin/smbclient "\\\\$server\\$service" $password -U $user -N
>> $logfile
=======================================================
6. Do what the comments in that script say about making the
/etc/printcap entry, and creating a spool directory. Of course
make sure the variables in the script are set appropriately. You
can do it with .config files that reside in spool directories and
get a more flexible arrangement that works transparently with
different printers; but I only have one so this simpler approach
is fine for me.
7. Then lpr -P<whatever you called your printcap entry> should work.
8. A small note about security: If lpr is setuid root (this is
typical) you can chown and chgrp the smbprint script to lp, and
chmod 700 it. This makes the presence of the plaintext password
in it a little less troubling. Beyond that, I'm running this
arrangement on a small firewalled LAN where I directly controll
all the machines, and I sleep well; but anyone administering a
more open environment will need to think harder about the issues.
> ps one the printing HOW-TOs refers to a "Printing in Windows
> Mini-Howto" which I am unable to find??
There is http://home1.pacific.net.sg/~harish/linuxprint.html but
it's minimal. With the above it's a "Printing in Windows
Micro-Mini-Howto".
Hope it helps,
--Paul Kube
Computer Science and Engineering, UCSD
------------------------------
From: Aaron Helleman <[EMAIL PROTECTED]>
Subject: Network Design problem
Date: Mon, 07 Jun 1999 00:58:58 GMT
I'm in the unique position to help redesign a high school's network.
I'm keen on implementing Linux as the primary OS for the school - but I
need to work through a few different ideas I'm having on the
implementation details.
I'm looking for some feedback on the performance of these options - or
others that can fit the following needs:
The Needs:
==========
A secure student network with monitored internet access for 30+ client
machines. Machines are Pentium Class Cyrix 200's with 32M ram,
integrated Sis 5597/5598 Video, Ne2000 compatible network cards, 1.5G
HD's, no floppy, no cd. All student generated work files must be on a
central fileserver for backup purposes (and ease of implementation).
School's administration 10 client machines running NT. Similar H/W.
Primary Distribution - RedHat 6.0 just because I'm familiar with it.
Apps to run: (suggestions for the following)
============
1) Office suite with : Word processing, Spreadsheet
2) Programming SW: C++ and possibly Pascal (for programming courses)
Nice GUI and debugger, etc.
3) Educational windows software?? DOH!
4) Email for staff<->student<->student but student<->student access
needs to be time activated (ie. no mailing other students during class
hours, only before school, after school, lunch).
5) Automated nightly backups - staff member to do tape swaps.
My pics for the Apps so far:
============================
1) StarDivision's StarOffice 5.1
2) C and C++ already installed - but a GUI?
3) WINE to emulate windows? or dual boot? (some help here please.... the
teachers may insist on Win95 so we can run some yet to be purchased
educational software - this is one of those make or break issues i
guess)
4) Netscape with sendmail? how to time limit mailings?
5) tar, cron jobs
Now for the real sticky questions:
Should I install RH 6 and Staroffice on ALL the client machines and just
use the central fileserver for the students to save their work on?
OR
Should I leave the machines as dumb X clients, run staroffice on some
yet to be purchased monster machine X Server?
---
Right now with 32M of ram, Star office runs like a pig swapping ALL the
time.
SO - either I can buy another 32M of RAM for each machine and get decent
performance that way - with very little network traffic...
OR
I can save the money on the ram, buy one or two monster machines to act
as X servers for StarOffice (network traffic problems now)??
I have a feeling that most people will say buy the RAM, and put the
effort into putting the software on all the machines.
Any advice on quick ways of installing the same stuff to every machine?
remember - these machines dont have floppies or CDroms!!
Pulling the HD's is one option I guess.... ?
Comments?
Thanks in advance!
Aaron Helleman
------------------------------
From: "Lee Vorthman" <[EMAIL PROTECTED]>
Subject: Netatalk & Shadow Passwords
Date: Sun, 6 Jun 1999 20:39:53 -0400
I am looking for help on making netatalk work with shadow passwords.
Currently, I have netatalk working and can see the specified volumes on my
mac, but i can only view them as guest. I am running a Debian system with
kernel 2.2.9. Any help would be appreciated. Thanks.
Lee
[EMAIL PROTECTED]
------------------------------
From: "Phil Fraser" <[EMAIL PROTECTED]>
Subject: Re: Problems with RedHat 6.0, help!
Date: Mon, 7 Jun 1999 11:17:24 +1000
> 2) Can't recompile kernel. Well, I can, but can't use it. Lilo tells me
> the kernel is too big. it is only 480K, which is much smaller than the
> kernel that Redhat6.0 came with and was using before I recompiled it.
> Theirs is 1,469,449 bytes.. So Why can theirs work, but mine (which is
only
> 33% of the size) is too big?
Try bzImage instead of zImage.
--
Regards,
Phil Fraser
<[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED]
Subject: nfs problems with Mandrake 6 distro
Date: Mon, 07 Jun 1999 00:05:26 GMT
Hi everyone,
I have a weird problem with nfsd. I have two machines at
home. Both were running Mandrake 5.3 with nfs
servers on both. I could mount each machine's root
directory using nfs to another machine.
Now one machine has Mandrake 6 installed. I configured nfs
exactly as before.
When I try to mount Mdk6 machine's root directory I get:
$ mount /dimus
mount: dimus.local.net:/ failed, reason given by server:
Permission denied
I tried to do different things, but the message does not
go away:(( Does someone have an idea how to fix it?
Thanks,
Dima
Here are some information about my nfs configuration:
================================================================
[root@dimus dim]# ps aux
bin 257 0.0 0.3 1144 456 ? S 13:43
0:00 portmap root 410 0.0 0.5 1252 656 ? S
13:43 0:00
rpc.mountd
root 420 0.0 0.0 0 0 ? SW 13:43 0:00
[nfsd]
=================================================================
/etc/export file:
/ 192.168.1.1(rw)
=================================================================
the line from fstab:
dimus.local.net:/ /dimus nfs
user,exec,dev,suid,rw,noauto 1 1
=================================================================
[root@dimus dim]# rpcinfo -p
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100021 1 udp 1024 nlockmgr
100021 3 udp 1024 nlockmgr
100021 1 tcp 1024 nlockmgr
100021 3 tcp 1024 nlockmgr
100024 1 udp 991 status
100024 1 tcp 993 status
100011 1 udp 1001 rquotad
100011 2 udp 1001 rquotad
100005 1 udp 1010 mountd
100005 1 tcp 1012 mountd
100005 2 udp 1015 mountd
100005 2 tcp 1017 mountd
100005 3 udp 1020 mountd
100005 3 tcp 1022 mountd
100003 2 udp 2049 nfs
==================================================================
lines from kernel's .config (v. 2.2.5 because of sound
blaster live driver)
CONFIG_NFS_FS=y
CONFIG_NFSD=y
CONFIG_NFSD_SUN=y
===================================================================
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Dean Kimberlee Wilson <[EMAIL PROTECTED]>
Subject: ipchains logging
Date: Sun, 6 Jun 1999 19:59:51 -0500
I have a hopefully simple question: I've enabled ipchains and
masquerading, and everything is working well. However, I have logging
set, which is currently logging to /var/log/messages. Does anyone know
how to manipulate syslog.conf to log ipchains to a separate file (say
/var/log/ipchains?)
Thanks,
Dean Wilson
________________________________________________________________________
Dean Wilson
KU Academic Computing Services
-- User Services
[EMAIL PROTECTED]
(785) 864-0374
------------------------------
From: [EMAIL PROTECTED] (Honda Power)
Subject: Re: Best Nework Cards
Date: Mon, 07 Jun 1999 01:26:13 GMT
If you are using Novell Netware, don't use the 3C905's. There is a
known problem, admittedly by Novell, that the 3Com cards are bandwidth
hogs. We had to replace all of our NIC's. Other than that, they just
work fine in other conditions. I'd suggest the Bay Networks Netgear
cards. They are excellent cards with Linux drivers right out of the
box.
On Mon, 17 May 1999 15:25:58 -0400, "Michael Gibson"
<[EMAIL PROTECTED]> wrote:
>For 10/100 PCI solutions I can say that the 3C905 and 3C905b work without a
>hitch. Even if I'm using two NICs in a box, both always get detected and
>function flawlessly.
>
>mike wrote in message <[EMAIL PROTECTED]>...
>>I would like to know what network cards people have
>>had the least problems with so that one could have
>>the best chance of getting one installed and not have to
>>try to return it and try another?
>>
>> Mike
>>
>
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Linux and ADSL with GTE
Date: Sun, 06 Jun 1999 17:44:58 -0700
Joe Halpin wrote:
> I'm attempting to help out some friends who have a small business.
> They'd like to install a server that would allow more than one person in
> the office to access the internet at the same time. I've suggested Linux
> to run the server.
>
> The problem is that they would like to get an ADSL line in for the
> connection to the ISP, and their phone company is GTE. This is a problem
> because the GTE support staff says they absolutely refuse to support an
> ADSL line that's being used by a Linux box.
>
> I couldn't get any kind of reason for this out of them, but I did see
> some stuff on the web about GTE and Microsoft getting into bed together,
> which probably explains it.
>
> Could anyone here recommend another approach that would give equivalent
> cost/performance? I'd like to prevent the "buy NT, and everything that's
> needed to do anything useful with it" syndrome if I could. They're not
> exactly made out of money.
>
> Thanks
>
> Joe
> --
> I didn't want to be here, where the future is in store
> but my name is on the mailbox, and my key fits in the door
> - Bob Bennett (the musician, not the lawyer)
I'm on ADSL from GTE and they didn't give a crap what OS I was using as
long as I put all the numbers they provided where they needed to go.. As
far as tech support, I haven't called one of those lines for a few years
just because the monkeys that usually man the phone lines couldn't figure
out what you were talking about unless you worded the question exactly as
they have it printed in front of them. I've had much better support online
from groups like this. My $.02.
------------------------------
From: Michael Mellinger <[EMAIL PROTECTED]>
Subject: Where is my /usr/sbin/in.ftpd
Date: 06 Jun 1999 21:11:13 -0400
This wasn't installed on my machine. That's why my ftp doesn't work.
So where the heck is it?
--
[EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.archonmedia.com/antique_forum
------------------------------
From: "Mike Somerville" <[EMAIL PROTECTED]>
Subject: Re: Linux and BIOS
Date: Mon, 7 Jun 1999 21:15:57 -0400
normally to get into your BOIS it's somthing like DELETE I have also seen it
as F1. however you will need to use the setup utility that came with your
NIC to change the settings on the card from plug and play to a hard coded
address.
hope this helps you in your endevors
Mike Kerr <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I want to try to get into my BIOS to disable Plug and Play(I think it's
> screwing up my network card).
> Does anybody know how to do this?
>
------------------------------
From: Bill Lewis <[EMAIL PROTECTED]>
Subject: ipfwadm to ipchains config
Date: Mon, 07 Jun 1999 01:44:44 GMT
I just moved from RedHat 5.0 to OpenLinux 2.2. I've rebuilt the kernel to
include masquerading(can't believe the default doesn't include it) and am having
trouble getting it to work. Here is the old and new
RedHat 5.0
ipfwadm -F -p deny
ipfwadm -F -a m -S192.168.200.0/24 -D0.0.0.0/0
ipfwadm -F -l
OpenLinux 2.2
ipchains -N masq
ipchains -A masq -s 192.168.200.0/24 -d 0.0.0.0/0
I believe that I am missing something policy related but could not get any
ipchains policy statements to work. If I use 'ipchains -L masq' I can see that
the -A(add) worked, but if I do 'ipchains -L -M' there are no entries. Any help
appreciated.
thanx
-bill
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
