Linux-Networking Digest #619, Volume #11 Tue, 22 Jun 99 08:13:54 EDT
Contents:
Re: Quick PPP question (Joceli Mayer)
RedHat 6 & NFS (Ragu Bharadwaj)
Linux router: STATIC IP ADDRESS (?) ("Robert Gloria")
Re: which firewall is the best? ("Mike Bowie - CITYPRO")
Re: One mailserver, 2 domains! ("Mike Bowie - CITYPRO")
Re: web site filtering ("Mike Bowie - CITYPRO")
Re: Set diald only one way (out) on shared voice line? ("Mike Bowie - CITYPRO")
Re: SuSE Linux 6.1 & PPPIOCGUNIT Operation not permitted
([EMAIL PROTECTED])
Re: ipfwadm with Kernel 2.2.7? (Thomas =?iso-8859-1?Q?B=F6nnen?=)
Socks5.conf ("S�an Connolly")
Getting Started ("Martin McCann")
Re: Samba and windows have got me baffeled ???? ("Mike Bowie - CITYPRO")
Re: Can't install 3c509b's in RH60. Please help!! ("Mike Bowie - CITYPRO")
Re: 3Com Ethernet cards ("A. de Vos")
Re: ipfwadm with Kernel 2.2.7? ("Mike Bowie - CITYPRO")
Re: Need help with configuring system as dial access server and printer server.
("Mike Bowie - CITYPRO")
routing based on source address/NAT/iproute2 question. (Bazooka)
Re: IPPORT foward!!! ("Mike Bowie - CITYPRO")
RH6.0/DIP/PPP "device name cannot be overridden" ? (D. J. Birchall)
Re: Linux ==> Braodcast PPP Status ? (Malware)
Sending email with attachments (Dicky)
----------------------------------------------------------------------------
From: Joceli Mayer <[EMAIL PROTECTED]>
Subject: Re: Quick PPP question
Date: Mon, 21 Jun 1999 21:00:23 +0000
try:
/usr/sbin/usernetctl ifcfg-ppp0 up
or
/usr/sbin/usernetctl ifcfg-ppp1 up; OR ...ppp2 up; depends which ppp
interface you want
to disconnect use:
/usr/sbin/usernetctl ifcfg-ppp0 down; OR
/usr/sbin/usernetctl ifcfg-ppp1 down; OR
/usr/sbin/usernetctl ifcfg-ppp2 down; OR
/usr/sbin/usernetctl ifcfg-ppp3 down;
Mladen Gavrilovic wrote:
> Hi all.
>
> When I put in a PPP interface using RedHat's control panel tool (and I
> allow any user to start it), how would I start it as an ordinary user
> (with what command, that is)? I'd like to be able to start it both from
> a command prompt and from Xwindows.
> I'd appreciate any info.
>
> Regards,
>
> Mladen
------------------------------
From: Ragu Bharadwaj <[EMAIL PROTECTED]>
Subject: RedHat 6 & NFS
Date: Mon, 21 Jun 1999 15:11:27 -0600
This is a multi-part message in MIME format.
==============531D2835D98528EC5EF6E97A
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Has anyone at all succeeded in mounting a NFS disk on a RedHat Linux
server onto a Sun or SGI client?
Seems to hang forever for me.
cheers
-Ragu
==============531D2835D98528EC5EF6E97A
Content-Type: text/x-vcard; charset=us-ascii;
name="ragu.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Ragu Bharadwaj
Content-Disposition: attachment;
filename="ragu.vcf"
begin:vcard
n:Bharadwaj;Ragu
tel;fax:505-989-1200
tel;work:505-989-1000
x-mozilla-html:FALSE
org:Daylight CIS I
adr:;;419 E. Palace Ave;Santa Fe;NM;87501;USA
version:2.1
email;internet:[EMAIL PROTECTED]
title:Chemical Information Specialist
x-mozilla-cpt:;0
fn:Ragu Bharadwaj
end:vcard
==============531D2835D98528EC5EF6E97A==
------------------------------
From: "Robert Gloria" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.firewalls
Subject: Linux router: STATIC IP ADDRESS (?)
Date: Mon, 21 Jun 1999 16:03:39 -0500
I have a white box with 3 ether interfaces running the Linux Router Project
floppy.
eth0: class B subnet, with the presence of a Cisco router (Internet).
eth1: class A subnet
eth2: class A subnet
I can get the class A subnets to route through the class B subnet only with
the following (I guess it's because RIP is not enabled on the Cisco router):
ipfwadm -F -a accept -m -W eth0 -S 10.0.0.240/8 -D 0/0
The IP address of eth0 masquerades outbound class A (eth1) IP addresses.
Is there a way to map static outside IP addresses (class B) on a one-to-one
basis to inside class A subnet IP addresses ? I want to give inbound
clients (telnet) access to the class A subnets.
Thanks,
Robert
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Subject: Re: which firewall is the best?
Date: Tue, 22 Jun 1999 11:30:45 +0100
Depends,
What do you want to stop? I wouldn't call SOCKS a firewall by all means,
and FWTK is a long and arduous task to get the best out of.
You may be better off looking at a kernel level solution like ipchains or
ipfwadm. There is lots of info on them on the web and there is a dotfile
generator that will help you make you firewalling scripts from x-win.
Have a look at these links....
http://www.imada.ou.dk/~blackie/dotfile/
http://www.rustcorp.com/linux/ipchains/
There is lots of info if you do a search for firewall from the RedHat site
also.
Mike.
Patrick <[EMAIL PROTECTED]> wrote in message
news:7knacn$[EMAIL PROTECTED]...
> which firewall software is the best?
> SOCKS or FWTK?
>
> i've heard of another firewall software made by checkpoint technologies
> http://www.checkpoint.com/
> how do u compare it with SOCKS and FWTK?
>
> --
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,redhat.servers.general
Subject: Re: One mailserver, 2 domains!
Date: Tue, 22 Jun 1999 11:21:23 +0100
The easiset way I have found to do that is to use the virtusertable
function. Have a look at the sendmail web page, it has all the bits.
Only bad news is that if you don't have it in at the mo, you'll have to
remake from you m4 files. ;-(
Mike.
<[EMAIL PROTECTED]> wrote in message
news:7knhjs$fhg$[EMAIL PROTECTED]...
> Hi Newbie here,
>
> I have set up a server using Sendmail 8.8.8 to act as a mailaserver f�r a
> domain. So far so good!
>
> My questinon really is, if you got 2 domains say: a.com and b.com.
> The mailserver is c.a.com, I want to be able to send mail to
>
> [EMAIL PROTECTED] --> to the user fredrik
> [EMAIL PROTECTED] --> to the user kalle
>
> via the same server but to different users.
> The mail will eventually be adressed the same mailserver. c.a.com
> and the user is info... How can I separate these users??
>
> file://Regards Stebo
>
> ------------------ Posted via SearchLinux ------------------
> http://www.searchlinux.com
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Subject: Re: web site filtering
Date: Tue, 22 Jun 1999 11:22:50 +0100
Any proxy package will do... we use Squid as it comes in a nice pack for
RedHat, but Socks and NCSA will allow the same thing.
Mike.
Patrick <[EMAIL PROTECTED]> wrote in message
news:7knceq$[EMAIL PROTECTED]...
> which linux software can act as a firewall and
> can filter pornography web sites?
>
>
> --
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Subject: Re: Set diald only one way (out) on shared voice line?
Date: Tue, 22 Jun 1999 11:27:20 +0100
Just open minicom and set you modems s0 register to 0 (zero)
eg.
(Assuming minicom is configured using 'minicom -s' to use the port you modem
is on and diald has been killed to allow minicom access to the port)
ATZ
ATS0=0
AT&W
1) Resets modem
2) Writes S register to the device
3) Writes settings to NVRAM
Then exit minicom, (CTRL-A, X) and restart diald. All fixed!
Mike.
PS. Diald will not be answering the line, the modem will be. Diald doesn't
give a damn about incoming calls.
Gilford Wimbley <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Fri, 18 Jun 1999 22:09:06 -0400, root <[EMAIL PROTECTED]> wrote:
>
> > I have upgraded to diald 0.99-1 and it seems to be working almost
> >perfectly! But - I am leaving my server running, and need to share my
> >internet connection with the voice line in our home. diald always
answers
> >the phone on the first ring, which is not a good thing when there is a
human
> >on the other end. The screaming modem gets rid of telephone solicitors
> >really well, ;-) but I don't think our friends and family like it too
much.
> >I am sure this is a very common problem with thousands of linux users who
do
> >not have dedicated internet access, and need to share dial up access with
> >voice telephone service.
> >
> > What fifo or other command can I send to diald, so that it still dials
out
> >as normal, but does not answer incoming calls? The man page or even the
> >diald home www page is not clear on this? Thanks in advance for any
> >ideas...
> >
> >--
>
>---------------------------------------------------------------------------
> > .~. Powered by SuSE Linux 6.0
> > /V\ Sometimes, you get more than you paid for...
> >_// \\_ Return address is for spambots. True address is:
> > (\ /) garyc at istar dot ca
> > ^`~'^ Gary C. P. Eng. DSP & Embedded software engineer
>
>
> Actually, I *think* it is your modem that is answering the phone. If
> you can find a reference on the standard "AT" type commands for
> modems, there might be one that can tell the modem not to answer the
> phone. Or the command might be modem specific. If you do find one,
> you can just use echo to send it to your modem on system boot up.
>
> echo ATwhatever > /dev/modem
>
> I could be wrong though.
>
> good luck.
> GW
>
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: uk.comp.os.linux,comp.os.linux.setup
Subject: Re: SuSE Linux 6.1 & PPPIOCGUNIT Operation not permitted
Date: Tue, 22 Jun 1999 09:43:16 GMT
In article <[EMAIL PROTECTED]>,
Malware <[EMAIL PROTECTED]> wrote:
> Hi Peter,
>
> you wrote:
> > But now looka here, something else is a-foot!
> [...]
> > Jun 20 22:48:04 xenonsoft pppd[451]: sent [IPCP ConfReq id=0x3 <addr
> > 192.237.75.1> <compress VJ 0f 01>]
> > Jun 20 22:48:04 xenonsoft pppd[451]: rcvd [IPCP ConfNak id=0x3 <addr
> > 193.237.75.1>]
> > Jun 20 22:48:04 xenonsoft pppd[451]: sent [IPCP ConfReq id=0x4 <addr
> > 192.237.75.1> <compress VJ 0f 01>]
>
> Why do you insist on getting assigned the address 192.237.75.1 while
the
> peer does offer you 193.237.75.1? Looks like a typo within the config
> file.
>
> Malware
>
AH ha
That is because I reconfigured the system in the style of my Slackware
distribution.
I set the /etc/hosts
127.0.0.1 localhost
193.237.75.1 xenonsoft
and of course /etc/HOSTNAME to `xenonsoft', because
that what I thought you had to do to connect to Demon as
`xenonsoft.demon.co.uk'. I am thinking of getting a second
machine and the two machines cant obviously be called
`xenonsoft' at the same time, even if I share the
same dial-up connection betwen them.
I think this is the problem, right ? Are you saying that I should
not set this. What should I do then? My networking knowledge
is a little weak, unfortunately fuer mich.
Are you saying that my ISP is offering me an IP address
and that `pppd' will create a `ppp[0-9]' device
with this IP address?
Here is my `ppp-on' script.
#!/bin/sh
#
# file: /etc/ppp/ppp-on
#
# This script is based on the script "ppp-on" found at
#
ftp://sunsite.unc.edu/pub/Linux/system/Network/serial/ppp/ppp-2.2.0f.tar
.gz
#
# Script to initiate a ppp connection. This is the first part of the
# pair of scripts. This is not a secure pair of scripts as the codes
# are visible with the 'ps' command. However, it is simple.
#
# These are the parameters. Change as needed.
LOCAL_IP=0.0.0.0 # Local IP address if known. Dynamic = 0.0.0.0
REMOTE_IP=0.0.0.0 # Remote IP address if desired. Normally 0.0.0.0
DEVICE=/dev/modem
LOCAL_IP=192.237.75.1
REMOTE_IP=158.152.1.222
DEVICE=/dev/ttyS2
NETMASK=255.255.255.0 # The proper netmask if needed
#
# export current tty to enable output in dialer script
#
export TERMINAL=`tty`
#
# This is the location of the script which dials the phone and logs
# in. Please use the absolute file name as the $PATH variable is not
# used on the connect option. (To do so on a 'root' account would be
# a security hole so don't ask.)
#
DIALER_SCRIPT=/etc/ppp/redialer
#
# Initiate the connection
#
# I put most of the common options on this command. Please, don't
# forget the 'lock' option or some programs such as mgetty will not
# work. The asyncmap and escape will permit the PPP link to work with
# a telnet or rlogin connection. You are welcome to make any changes
# as desired. Don't use the 'defaultroute' option if you currently
# have a default route to an ethernet gateway.
#
#
### PPP_FLAGS="38400 mru 1500 modem debug kdebug 0 defaultroute crtscts
noipdefault asyncmap 20A0000 escape FF"
PPP_FLAGS="115200 mru 576 mtu 576 modem debug defaultroute crtscts
noipdefault escape FF"
/usr/sbin/pppd lock connect $DIALER_SCRIPT $DEVICE $PPP_FLAGS
$LOCAL_IP:$REMOTE_IP
# fini
Cheers
Peter
[EMAIL PROTECTED] Deutsche Bank (UK)
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Thomas =?iso-8859-1?Q?B=F6nnen?= <[EMAIL PROTECTED]>
Subject: Re: ipfwadm with Kernel 2.2.7?
Date: Tue, 22 Jun 1999 12:32:20 +0200
You should use ipfwadm only with 2.0.x-Kernels.
Use ipchains instead for 2.2.x-Kernels
John Zbesko schrieb:
>
> I am attempting to set up my Linux server for ip forwarding/masqerading
> for a Windows95 client to reach the internet. I've discovered that even
> though I've configured my 2.2.7 kernel for firewalls, ip forwarding,
> masquerading, etc., I cannot get ipfwadm to work (I apparently do not
> have ipchains.)
>
> When I attempt:
>
> ipfwadm -F -p deny
>
> I get the error message:
>
> ipfwadm: setsockopt failed: Invalid argument
>
> I suspect I will get nowhere until I get this problem resolved. I must
> be missing something. Also, if I download an ipchains.tar.gz file from
> the internet, how (where) would I install it?
------------------------------
From: "S�an Connolly" <[EMAIL PROTECTED]>
Subject: Socks5.conf
Date: Tue, 22 Jun 1999 11:29:32 +0100
Hi, does anyone have any ideas about how I allow users on our network to
connect via the socks5 server to any host/port apart from certain
hosts/ports.
e.g.
I want our mail server to be able to connect via socks to ports 110 and 25
of our isp's server, but I don't want any other machines to try to connect
to ports 110 or 25 of any remote machine.
------------------------------
From: "Martin McCann" <[EMAIL PROTECTED]>
Subject: Getting Started
Date: Tue, 22 Jun 1999 11:12:45 +0100
Greetings,
I am looking to set up a linux server to add on to an existing network
with a Novell Server and Windows 95 clients. I want to get a linux server up
and running, and if all goes well phase out the novell server. I don't have
a great deal of experience with Linux, so any pointers to what I should be
looking at to do would be appreicated.
Cheers,
Martin
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Subject: Re: Samba and windows have got me baffeled ????
Date: Tue, 22 Jun 1999 11:32:05 +0100
Go to www.webmin.com and get the tool they provide. It will give you a nice
html interface for setting up your Samba shares etc and take a lot of the
pain out!
Mike.
peter <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> This is strange... I followed everything in the how-to's and also on
> some other web sites that I was told to visit
>
> http://www.eunuchs.org/linux/samba/
>
> and
>
> http://us1.samba.org/samba/samba.html
>
> Samba and windows 98 are still giving me problems. I think the
> problems might be on the Win98 side.
>
> The machines could: ping each other, windows could telnet to the linux
> machine (but I could not log in as root)
>
> The linux machine could see the windows, when I type :
>
> smbconfig -L localhost
>
> Windows networking could not see linux or even itself !!!
>
> the smb.conf is more or less stock, when I made a any changes it would
> stop working.
>
> I'm thinking it has something to do with the "guest" line in the
> smb.conf, or the encrypted password in win 98 ???
>
> What do you think ?
>
> BUT I don't see the reason I have no networking at all on the windows
> machine...I'm using TCP/IP, should I add something else ???
>
> Also, could someone please post their smb.conf, that might help
>
> Thanks,
>
> peter
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Subject: Re: Can't install 3c509b's in RH60. Please help!!
Date: Tue, 22 Jun 1999 11:36:30 +0100
Can you ping each interface's ip from the machine they are in? Are they all
on the same subnet and have a valid outbound gateway?
I would suggest that if Linux brings them up okay, the device is
functioning, if you get a Link light up when you plug the cable in, that
should be fine also.
Try doing a traceroute to the NT boxes IP and see which interface it
chooses, also, try dropping one card using 'ifconfig eth1 down' and see if
you can ping using one or the other, it may be an IP routing problem.
Mike.
Chris <[EMAIL PROTECTED]> wrote in message
news:uQEb3.490$[EMAIL PROTECTED]...
>
>
> I've been having a hell of a time trying to get my linux
> box connected to my NT box. I have 2 3c509b's installed
> in the linux machine, and I thought they were ok when it said
> "Brining up interface for eth0 and eth1" and then responded with
> an "ok" for both. But I have been unable to ping my NT box or
> vice versa with a connect the 2 with a cross-over cable, or a home
> made cross over. I've been working with NT in networks for some
> time so I'm quite sure it's configured properly, but can't seem to connect
> those isa cards working in Linux.
>
>
> I just noticed that when linux boots with the cross-over cables connected
> that paticular card fails the startup test.
>
> Please respond soon as I will be sticking a gun to my head shortly.....
>
> Thanks,
> Chris.
>
>
------------------------------
From: "A. de Vos" <[EMAIL PROTECTED]>
Subject: Re: 3Com Ethernet cards
Date: Tue, 22 Jun 1999 12:46:53 +0200
Possibly you need to compile the latest driver for Linux 3Com card, look at
this site which was a great help to me too:
http://cesdis.gsfc.nasa.gov/linux/drivers/vortex.html
Arne de Vos
Holland
tkman heeft geschreven in bericht ...
>I know linux supports the 3com 3c900 Ethernet card but does it support the
>3c900b?
>
>
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Subject: Re: ipfwadm with Kernel 2.2.7?
Date: Tue, 22 Jun 1999 11:39:37 +0100
IPFWADM is not longer supported in Kernels above 2.2.x.
You need to get a copy of ipchains, from
http://www.rustcorp.com/linux/ipchains/ which has a bit of documentation on
it.
It is far more powerful than ipfwadm and a lot more complex.
You may like to keep your old scripts and use the replacement wrapper script
that comes with ipchains. There is a full readme included included in the
distribuation.
Mike.
John Zbesko <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I am attempting to set up my Linux server for ip forwarding/masqerading
> for a Windows95 client to reach the internet. I've discovered that even
> though I've configured my 2.2.7 kernel for firewalls, ip forwarding,
> masquerading, etc., I cannot get ipfwadm to work (I apparently do not
> have ipchains.)
>
> When I attempt:
>
> ipfwadm -F -p deny
>
> I get the error message:
>
> ipfwadm: setsockopt failed: Invalid argument
>
> I suspect I will get nowhere until I get this problem resolved. I must
> be missing something. Also, if I download an ipchains.tar.gz file from
> the internet, how (where) would I install it?
>
>
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Subject: Re: Need help with configuring system as dial access server and printer
server.
Date: Tue, 22 Jun 1999 11:49:40 +0100
David,
Your best bet is a package like diald and a proxy server like squid or
socks. I'm not a slackware user, so can't really give you the o/s specifics
you need however. As for the print sharing, samba is you only real option.
You can find diald on any sunsite mirror, while socks can be found at
http://www.nec.socks.com and squid at http://squid.nlanr.net/Squid/
Samba may well come in a distrib for slackware, I'm not sure, but have a
look on sunsite for that also, it's definitly there.
Once you have the packages, I suggest you setup your print sharing first, if
you find the smb.conf file a bit much, get a copy of Webmin from
http://www.webmin.com. It's an html interface for configuring all sorts of
things including Samba and Squid. (If you choose squid.)
Then, get the diald package demand dialing from you server, then add the
proxy package and set it up as the proxy in the web browsers etc on the
clients.
If you need more help, you'll be sure to find it here!
Hope it helps,
Mike.
David Hodge <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I have small network set up in my home. My intentions are to setup a
> print server / WEB access for
> my family for use from one centralized point in the house. Each family
> member has a personal
> computer with an Ethernet card attached. Each Ethernet card is
> configured as an NE2000 card. The Ethernet HUB I am using is a NetGear
> 10Mb Shared.
>
> What I would like to know is how should I configure my copy of Slackware
> version 4.0, running on
> my new Pentium system, in order to allow all members of my family to be
> able to access the Internet
> via a single dial access modem, while also receiving shared device
> access for printing via the same
> single Pentium server system. In short I have but one spare phone line
> to be share by the whole
> family, as well as, one printer.
>
> Note my wife and daughter will be using Win95 systems for there personal
> computer, while my son
> and myself will be using the LINUX systems. The server of course will be
> Slackware v4.0 .
>
> Thank much in advance.
>
> Dave Hodge ..8^)
> [EMAIL PROTECTED]
>
------------------------------
From: [EMAIL PROTECTED] (Bazooka)
Subject: routing based on source address/NAT/iproute2 question.
Date: Tue, 22 Jun 1999 11:00:16 GMT
currently i'm running linux as a masq box to allow two windblows
machines connecting to the internet. the linux box has two NIC's. one
is attached to the local net and the other via a cablemodem to the
internet.
everything works fine, but i was wondering if it is possible to set up
some alias interfaces on the NIC which is attached to the internet
allowing me to have more real ip's.
so far i have managed to do this and it works (lame ISP allowing me to
have more IP addresses on the same MAC address :) the trick now is to
convert local IP addresses to real world ip adresses (NAT?) and route
these packets over the different alias interfaces.
it would be great if it is possible because masquerading has it's
limitations.
the point is. how do i convert a local IP to a real world IP and then
route the packets based on the source address through the right alias
interface? i recently downloaded iproute2 and compiled the kernel with
policy routing and large tables but i have no knowledge on iproute2
and there is little documentation on it.
any comments would be very appriciated,
Bazooka
[EMAIL PROTECTED]
------------------------------
From: "Mike Bowie - CITYPRO" <[EMAIL PROTECTED]>
Subject: Re: IPPORT foward!!!
Date: Tue, 22 Jun 1999 12:04:40 +0100
I hate to say it, but I too have had this problem with a 2.2.x Kernel.
Without trying to be defeatist, give up now with Kernel forwarding. I have
been trying to make it work for 3+ weeks now on a stock RH6.0 kernel with NO
LUCK. Have a look at redir or FWTK for port forwarding, it's not the best
way or the cleanest, but as far as I can see, IT'S THE ONLY WAY!
Mike.
Zoltan Pittner <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
Ed Willoughby wrote:
Well, I've gotten deep into this one.. I really need some help.. Here is
the situation.. I was running a system called ShareTheNet. It is a Linux
based gateway/router.. I have 4 windows 98 PC's networked to the Linux box..
The Linux box has two NIC's .. eth0 and eth1. Eth0 is the internal network
based on
192.168.x.x. Eth1 is hooked to a cable modem with a static IP and a gateway
ip. .. I have a
WEB FTP and TELNET server running on one of the win98 PC's. Been running
this setup for over a year now.. Works great.. Now the problem...
I changed out the ShareTheNet program and went to the SuSE 6.1 of Linux.
It has the 2.2.7 kernel.. I have recompiled the kernel with all of the
required network stuff.. ipforwarding/Msq/routing ect....
I reregistered a domain with interNIC (pcflight.com). I setup a catching
DNS on my primary static IP with the secondary as my cable providers
ns2.DNS.
The internal network can get to the Internet just fine! but I can not for
the life of me get the WWW FTP and Telnet ports to route to the internal
computer running the servers. I have the firewall prams set in the
rc.config pointing to the internal ip's of the servers, but I can not get to
them from the net.. Now with Share the net, I did this with the
following...
ipportfw -A -t 209.192.x.x/80 -R 192.168.0.30/80
ipportfw -A -t 209.192.x.x/21 -R 192.168.0.30/21
ect. ect
I have read the man and ho to's on ip chains, but must be missing the boat.
When I do a ipchains -L -n the print out shows as best as I can tell that
things should pass th internal server.. but no go..
I must be missing something! I think it is in the ipchains, but not sure..
MSQ appears to be working and all internal pc's can ping the Internet and
use WWW/FTP/TEL.
HELP! I've worked on this for days!
ED
This is just a guess - you should be using ipmasqadm instead of ipportfw.
More info on this in the IP Masquerading HOWTO:
http://members.home.net/ipmasq/ - there you can find the latest version of
the howto, and places from where you can download the ipmasqadm.
Regards, Zoltan
------------------------------
From: [EMAIL PROTECTED] (D. J. Birchall)
Subject: RH6.0/DIP/PPP "device name cannot be overridden" ?
Date: 17 Jun 1999 01:42:09 GMT
Reply-To: [EMAIL PROTECTED]
Hi folks,
I've been running Red Hat, using dip and pppd to connect to my ISP,
since... well, around RH4.2. I've got it running on a laptop with
a PCMCIA modem that *used* to be /dev/cua2 and is now /dev/ttyS2.
I tend to make dip and pppd suid (chmod 4755) so that I can execute
them from userspace and still have 'em work. I just dropped RH6.0
on my system, and encountered some difficulties with this.
When I run dip as root, the results in /var/log/messages look like this:
kernel: Use of setserial/setrocket to set SPD_* flags is deprecated
dip[1181]: waiting for "OK" for 2 sec's.
dip[1181]: waiting for "name:" for 3 sec's.
dip[1181]: waiting for "word:" for 20 sec's.
dip[1181]: waiting for "nnex:" for 5 sec's.
dip[1181]: waiting for "PPP" for 5 sec's.
dip[1182]: tty_notlocal: file0: /dev/pts/1 flle4 /dev/ttyS2
pppd[1182]: pppd 2.3.7 started by root, uid 0
pppd[1182]: Removed stale lock on modem (pid 1182)
pppd[1182]: Using interface ppp0
pppd[1182]: Connect: ppp0 <--> /dev/modem
modprobe: can't locate module ppp-compress-21
modprobe: can't locate module ppp-compress-26
modprobe: can't locate module ppp-compress-24
pppd[1182]: local IP address 204.213.99.67
pppd[1182]: remote IP address 204.89.251.101
pppd[1182]: Protocol-Reject for unsupported protocol 0x6c
pppd[1182]: Protocol-Reject for unsupported protocol 0x50
last message repeated 61 times
Mind you, I'm not terribly thrilled with the fact that I'm *getting*
the complaints about deprecated stuff, the tty_notlocal bit, the
three modprobe failures and the Protocol-Reject messages - but I still
get connected, and at this point I don't have a whole lot of time to
investigate it. ;)
When I try to run it as a normal user, though, the results look like this:
kernel: Use of setserial/setrocket to set SPD_* flags is deprecated
dip[1173]: waiting for "OK" for 2 sec's.
dip[1173]: waiting for "name:" for 3 sec's.
dip[1173]: waiting for "word:" for 20 sec's.
dip[1173]: waiting for "nnex:" for 5 sec's.
dip[1173]: waiting for "PPP" for 5 sec's.
dip[1174]: tty_notlocal: file0: /dev/pts/1 flle4 /dev/ttyS2
pppd[1174]: device name cannot be overridden
So... anybody want to explain the "device name cannot be overridden"
bit? I also wouldn't complain too loudly if you explained the other
parts... :)
-Dan
--
>From the Linux laptop of Dan Birchall, V.P. of Technology
Digital Facilities Management, Haddonfield, New Jersey
Internet/Extranets/E-Commerce - http://www.digitalfm.com/
Hosting the bright ideas of M&M Lighting - http://www.mmlight.com/
------------------------------
From: Malware <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.ppp
Subject: Re: Linux ==> Braodcast PPP Status ?
Date: Tue, 22 Jun 1999 01:12:14 +0200
Hi Trent,
you wrote:
> I've set up pppd with dialup on demand on RedHat 6.0,
> and I'd like to send messages to the machines that are
> connected. Such as "ppp established @ 56kps" or
> "ppp link died, restarting" etc.
Add the commands doing this to /etc/ppp/ip-up and /etc/ppp/ip-down. The
ip-up Script does get the line speed too (see "man pppd"), so it should
be not problem. But keep in mind that if you dial-out and hangup often
it will start to annoy people.
Malware
------------------------------
From: Dicky <[EMAIL PROTECTED]>
Subject: Sending email with attachments
Date: Tue, 22 Jun 1999 01:37:31 GMT
I am trying to find an easy way to send
smtp mail with attachment documents like Word Docs.
The "mail" and "mailx" does not seem to do have any options
for it?
Any suggestions on third party software?
email to [EMAIL PROTECTED]
Thanks
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
