Linux-Networking Digest #665, Volume #11 Fri, 25 Jun 99 12:13:54 EDT
Contents:
Re: HowTo Monitor Internet Acvities While At Work? ("David Jordan")
LDAP User Authenication? ("Kevin Currie")
is eth0 a logical device ? ([EMAIL PROTECTED])
broadcast packets not dispatched ([EMAIL PROTECTED])
Re: proxy arp question (Guillaum Dallaire)
Re: HowTo Monitor Internet Acvities While At Work? (Lee Doolan)
Where's the FAQ ("Jerry Kurata")
Re: bizarre networking problem. (J�r�me PETAZZONI)
Re: 10BASE-T NIC and 100mbps NIC to a dual-speed hub doesn't work? (J�r�me PETAZZONI)
Trouble with SAMBA? Go here. (Monte Phillips)
Re: Loading modules at boot (=?iso-8859-1?Q?Tobias_G=F6ller?=)
Routing Problem ("Hoyt")
Re: Router not routing - suggestions please? (Tom Wojciaczyk)
Re: DMA hangs...activated workarounds? please help! ("Bob Glover")
unresolved symbols? (Ahmed Aden)
IP use monitoring for uid's ("Pepijn Palmans")
Re: truncated-ip in tcpdump (Terje Trane)
----------------------------------------------------------------------------
From: "David Jordan" <[EMAIL PROTECTED]>
Crossposted-To: comp.unix.questions,comp.os.linux.misc,microsoft.public.windowsnt.misc
Subject: Re: HowTo Monitor Internet Acvities While At Work?
Date: Fri, 25 Jun 1999 15:25:33 +0100
I would suggest running apache as a proxy server and logging all requests.
That way you can run a perl script or similar (I have some if you wish) that
will rummage through the log files and pick out who does what once a week
... then wrap their knuckles :-)
DJ
Jimmy Navarro <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> I work around huge comporate network of NT servers: SMB server, PDC,
> firewall, routers, e-mail servers, etc... Is there way to remotely
> monitor or track down employees abusing the LAN-to-Internet continuous
> connectivity surfing the WWWduring working hours with their Ethernet
> connected Windows 95/NT workstations? Any suggestion?
>
>
------------------------------
From: "Kevin Currie" <[EMAIL PROTECTED]>
Subject: LDAP User Authenication?
Date: Fri, 25 Jun 1999 11:06:16 -0400
Hello,
I'd like to try playing around with LDAP for user authentication on a spare
Linux box; however, information on this seems to be hard to find. I see
people everywhere saying how great it is, but I can't seem to find any info
other than how to setup LDAP for use as anything other than a phone book.
I have checked out http://www.padl.com and have started to familiarize
myself with PAM, so that helps. I understand the basic authentication
procedure. What I am looking for is a good guide to setting up a schema.
I'll just be testing with a dozen acounts or so, but I'd like to try making
a tree with different departments and such just for kicks. Can someone
point me to a good reference as to what all the standard "tags" (I'm sure
that's probably the wrong word) are for doing such a thing.
Also, if anyone has got authentication running in a semi-production
environment, what are some things to be aware of? Will I still need to have
usernames in a flatfile somewhere? I'll be running RH6.0 (which of course
has glibc 2.1)
And what of security? I've heard that a lot of clear text stuff goes on in
LDAP and that it is insecure as an authentication mechanism. Is SSL support
included in OpenLDAP? Has anyone tried making the clients connect to the
server though ssh port forwarding, and if so, is that secure?
Thanks,
Kevin Currie
PS - Please post and e-mail if at all posible...
------------------------------
From: [EMAIL PROTECTED]
Subject: is eth0 a logical device ?
Date: Fri, 25 Jun 1999 14:54:36 GMT
Can anyone tell me another way to access an ethernet device than eth0.
Correct me if I'm wrong, but I think eth0 is only a logical name because
I cannot find it in /dev.
Thanks
uncle_seb
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: broadcast packets not dispatched
Date: Fri, 25 Jun 1999 14:28:25 GMT
Hello,
I'm facing a strange problem and I have no idea
wether it is due to my Slackware Linux and its
configuration or to a programming mistake of mine.
My programme is a port from AIX 4 on which it
works alright. It sends broadcast packets to a
certain address and port on a network. I've also
written another programme that listens to a
certain socket for broadcast messages. It also
works alright on AIX.
Now the problem is that both compile on Linux
(kernel 2.2.9) but they only can communicate from
one console to another on the same machine. Is
this a TTL that is set to 0 somewhere ? Let me
precise that tcpdump receives all broadcast
packets from the network. This means that my
network card is ok. Nevertheless, I cannot get
broacast packets to leave my machine and I cannot
intercept incoming broacast packets either. Is
there any major difference in the implementation
of sockets between AIX and Linux ?
Thanks for helping.
Seb.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Guillaum Dallaire <[EMAIL PROTECTED]>
Subject: Re: proxy arp question
Date: Fri, 25 Jun 1999 10:37:32 -0400
Reply-To: [EMAIL PROTECTED]
David Means wrote:
> This is normal. When you give the arp command, that adds
> an entry to the ARP cache on that machine only. No other
> machine on the net will get a notification.
>
> BTW, this is not the usual way I have heard of network address
> translation being done. IP Masquerading in a boundary machine
> will take care of all these low-level details without your having
> to do it all by hand.
>
I find a patch for what I want to do:
http://www-miaif.lip6.fr/willy/pub/linux-patches/ipnat/
If one wants to reach an IP (be it a virtual or a real IP, it doesn't
matter) that is located behind a router there are two
ways to achieve this:
one installs a route to this IP via the gateway
one installs proxy arp on the router (often used together with ppp
and incoming calls)
Dan Lasley, the author of the (short) arp patch for the Linux kernel,
didn't want to install routes for his newly created
virtual IPs so he's got to use proxy arp as the only other alternative
(that I'm currently aware of). The standard arp
code didn't allow this solution for him so he made a patch. This patch
has nothing to do with the NAT patch. Its author has discovered his need
for it by using NAT, ok, but it is no NAT issue.
thanks!
------------------------------
From: Lee Doolan <[EMAIL PROTECTED]>
Crossposted-To: comp.unix.questions,comp.os.linux.misc,microsoft.public.windowsnt.misc
Subject: Re: HowTo Monitor Internet Acvities While At Work?
Date: 25 Jun 1999 07:41:41 -0700
>>>>> "Jimmy" == Jimmy Navarro <[EMAIL PROTECTED]> writes:
Jimmy> I work around huge comporate network of NT servers: SMB
Jimmy> server, PDC, firewall, routers, e-mail servers, etc... Is
Jimmy> there way to remotely monitor or track down employees
Jimmy> abusing the LAN-to-Internet continuous connectivity surfing
Jimmy> the WWWduring working hours with their Ethernet connected
Jimmy> Windows 95/NT workstations? Any suggestion?
if you want a really effective answer then you should ask
this question in talk.bizarre. they have ways of dealing
with issues like this.
------------------------------
From: "Jerry Kurata" <[EMAIL PROTECTED]>
Subject: Where's the FAQ
Date: Fri, 25 Jun 1999 15:25:30 GMT
I am having a problem with Slackware not recognizing my Acer network card.
Rather than tie up the group, I thought I would check the FAQ. So where is
the FAQ for the group?
------------------------------
From: [EMAIL PROTECTED] (J�r�me PETAZZONI)
Subject: Re: bizarre networking problem.
Date: 25 Jun 1999 17:35:51 +0200
"Mike Somerville" <[EMAIL PROTECTED]> writes:
> game servers and ICQ and the like use UDP ports to communicate. 'cuz UDP is
> connectionless it gives the speed that games and the like require to work.
well, to be precise, UDP does not care with the order of packets, nor
whether they arrive two times, they can even not reach the target host
at all... UDP does not care all the verifications and checking that TCP does,
and among others it doesn not have to wait for the packet number 12 to
arrive before processing packets 13 and above - that's why game protocols
better use UDP, along with their own error checking.
> I would think that pinging would work 'cuz ipmasquirading supports ICMP
> requests (to the best of my knowedge at least)
correct, if it is activated a kernel compilation.
> > > When I get disconnected from my ISP and reconnect straight away, I find
> > > I cannot connect to any game servers for about 5-10 minutes.
well that may be a problem on server side : it thinks you are already
connected and refuses to reconnect you as long as you have not timed out
the first session.
> > > it would have started to work. If I disconnect manually, this problem
> > > doesn't happen.
confirms my 1st tought.
> > > to do with the ISP, there's a few more things I should say. Firstly, it
> > > never happened when I connected direct with the Windows box. Secondly,
> if I
> > > reset the Linux box and then reconnect, it's instantly fine and working.
okay, so forget what I told before (it remains true for bnet servers), it
has something to do with masquerading session timers.
you may try to reset them by deleting and re-adding the masquerading rule.
------------------------------
From: [EMAIL PROTECTED] (J�r�me PETAZZONI)
Subject: Re: 10BASE-T NIC and 100mbps NIC to a dual-speed hub doesn't work?
Date: 25 Jun 1999 17:28:13 +0200
Mark Price <[EMAIL PROTECTED]> writes:
[mixing 10 mbps & 100 mbps]
> > Depends on the model of hub. The NetGear DS104 hub ( and the equivalent
> > 6-, 8- and 16-port models ) is a 10/100 per-port hub that allows
> > mixing of 10-megabit and 100-megabit NICs on the hub without any
> > problems.
I recommend using a switch, because some 10/100 hubs are realy pigs
when it's about forwarding 100 mbps traffic to 10 mbps collision domain.
some hubs have a "switch module" options, it does not turn the hub into
a switch, it adds a 2 ports switch between the 10 mbps collision
domain and the 100 mbps one.
if you only have a small network at home or at a small office, I would
recommend using a low end PC with a 10 mbps NIC and a 100 mbps NIC
to do the forwarding - it will also give other services.
(I say low end because there is no need to process the 100 mbps
at full wire speed - just the 10 mbps...)
you can partition you lan between subnets or use the bridge functionality
in the linux kernel, which acts exactly like a switch, learning the
network topology.
------------------------------
From: [EMAIL PROTECTED] (Monte Phillips)
Crossposted-To:
aus.computers.linux,comp.os.linux,comp.os.linux,comp.protocols.smb,linux.redhat.misc,linux.redhat.*
Subject: Trouble with SAMBA? Go here.
Date: Fri, 25 Jun 1999 13:58:37 GMT
This site has a step by step howto for complete setup of samba. steps
for both linux and the win machine. (and they really work <G>)
http://www.sfu.ca/~yzhang/linux/samba/index.html
and this one as well
http://home.talkcity.com/MigrationPath/maguai/samba.html
These sites singly or in combination are nearly guaranteed to get you
networked.
------------------------------
From: =?iso-8859-1?Q?Tobias_G=F6ller?= <[EMAIL PROTECTED]>
Crossposted-To: uk.comp.os.linux,comp.os.linux.admin
Subject: Re: Loading modules at boot
Date: Fri, 25 Jun 1999 17:37:08 +0200
On Mon, 21 Jun 1999, Albert Want wrote:
> I've installed a second ethernet card on my PC but, since it's a tulip
> adapter, at the startup it fails because the module is not loaded.
>=20
> How to load modules at start-up in RedHat 6.0 ?
>=20
> Thanks in advance
Generally all options have to be passed to the kernel via a
LILO-Append line. See your manual how the correct syntax is for
your card.
--=20
+ \ =A6 / *
Tobias Goeller " \+/
COM.BOX Winet GmbH ___oOO(*0^@*)Ooo___
[EMAIL PROTECTED] (.)
Mediendienste =20
------------------------------
From: "Hoyt" <[EMAIL PROTECTED]>
Subject: Routing Problem
Date: Fri, 25 Jun 1999 11:50:02 -0400
I am using kernel 2.0.34 with ip masquerading, diald, etc. on a home LAn =
to share my dial-up account with teh other machines on my network. =
Specifically, I am using the Ballantain Linux-on-a-floppy distro on a =
386 with 8MB and no hard drive.
HTTP works fine.
E-mail works fine.
NNTP kinda works, and that's the problem.
I can connect to the news server of my ISP (netnews.att.net, =
204.127.36.1) and recieve notifications of new newsgroups (using OE in =
MS Windows) and post articles to already subscribed news groups (using =
my Win98, RedHat, BeOS and SCO machines), but I cannot download any news =
articles when going through the dial-up server, but have full NNTP =
access when using a modem in the WIndows box and the Linux box (the =
others do not have modems).
Ping looks fine. Traceroute looks fine. I have used the ip address(es) =
instead of the name for the news server(s) without success.
I should mention that the Ballantain machine has worked properly on two =
occasions, so I know it can do the job, but mostly I have this problem.
Where should I look and what should I do to continue to diagnose this =
problem?
Thanks,
Hoyt
------------------------------
From: Tom Wojciaczyk <[EMAIL PROTECTED]>
Subject: Re: Router not routing - suggestions please?
Date: Fri, 25 Jun 1999 11:32:40 -0400
echo "1" > /proc/sys/net/ipv4/ip_forward
See if that works. If you are using Redhat, make sure you have the
following statement in your /etc/sysconfig/network file:
FORWARD_IPV4=true
=============================================================
:Tom Wojciaczyk, Network Engineer
:Cisco Systems, Inc.
:(804) 762-5535
> we have put together a router based on a 350MHz Pentium,
> with two 3C905B NICs.
> Running SuSE 6.1, and I have tried kernels 2.2.7 and last night 2.2.10
>
> Everything seems to be fine - I can ping hosts on the two networks
> either side.
> Routed is running with the -s flag
> But it won't route!
------------------------------
From: "Bob Glover" <app1rtg_at_air.ups.com>
Subject: Re: DMA hangs...activated workarounds? please help!
Date: Fri, 25 Jun 1999 12:50:36 +0100
The message is telling you that Linux solved the problem for you. It means
that it is going to use workarounds that are needed for certain buggy
motherboards. There is nothing more for you to do. It's fixed.
Windows doesn't bother to tell you this kind of thing -- that it patched
itself to compensate for some manufacturer's poorly designed motherboard,
but Linux does: None of those non-disclosure agreements to keep it secret.
[EMAIL PROTECTED] wrote in message <7kttud$dq2$[EMAIL PROTECTED]>...
>I got some problems with my server. When I check dmesg and it tells me
>that I have "DMA hangs... and it Activated workarounds" from "PCI
>probing". My motherboard is FIC 503+ Ver.1.2a which using VIA MVP3
>PCI chipset. The OS is Redhat Linux 6.0 Could someone please give me
>some advices? How can I solve this problem?
>
>Thank you so much!
>
>Regards,
>Tran
[snip]
------------------------------
From: Ahmed Aden <[EMAIL PROTECTED]>
Subject: unresolved symbols?
Date: Fri, 25 Jun 1999 11:43:39 -0400
==============1708B6FE3C15AC9F8CB84A9F
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I have this problem when I recompile the kernel and I reboot whenever
it says "Updating module dependencies", it says:
/some/lib/directory/network_file.o unresolved symbols
/different/network_driver/file.o unresolved symbols
(Sorry, I don't have exact dmesg output, I'm at work)
This has been killing me!
Some of these networking options I haven't even specified as network
modules, what's going on? Here's what I do when I recompile my kernel.
Most of the time,
I only build in tcp/ip and ppp support into the kernel, so everything's
either n
ot specified or modules.
1) in /usr/src/linux, I make menuconfig, then select my config
2) I run make dep (wouldn't mind knowing what it really does)
3) I run make clean
4) I run make modules, dont really know why
5) I run make modules install, also don't know
6) Next, I run make zImage
I have no idea why it says 'unresolved symbols' but I'd certainly like
to know. I may not be able to check the newsgroup again, so could you
also crosspost my e-mail addr. Please e-mail at: [EMAIL PROTECTED] Thanks
--
_____________________________________________
Ahmed M Aden
Internet Systems Engineer
High Speed Installation - Reseller Division
UUNET, an MCI WorldCom Company
Email: [EMAIL PROTECTED]
Phone: 703.744.2583
Hours: 10am - 7pm Eastern
==============1708B6FE3C15AC9F8CB84A9F
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<HTML>
I have this problem when I recompile the kernel and I reboot whenever
it says "Updating module dependencies", it says:
<BR>
<BR>/some/lib/directory/network_file.o unresolved
symbols
<BR>/different/network_driver/file.o
unresolved symbols
<BR>(Sorry, I don't have exact dmesg output, I'm at work)
<BR>
<BR>This has been killing me!
<BR>
<BR>Some of these networking options I haven't even specified as network
modules, what's going on? Here's what I do when I recompile my kernel.
Most of the time,
<BR>I only build in tcp/ip and ppp support into the kernel, so everything's
either n
<BR>ot specified or modules.
<BR>
<BR>1) in /usr/src/linux, I make menuconfig, then select my config
<BR>2) I run make dep (wouldn't mind knowing what it really does)
<BR>3) I run make clean
<BR>4) I run make modules, dont really know why
<BR>5) I run make modules install, also don't know
<BR>6) Next, I run make zImage
<BR>
<BR>I have no idea why it says 'unresolved symbols' but I'd certainly like
to know. I may not be able to check the newsgroup again, so
could you also crosspost my e-mail addr. Please e-mail at: [EMAIL PROTECTED]
Thanks
<BR>
<PRE>--
_____________________________________________
Ahmed M Aden
Internet Systems Engineer
High Speed Installation - Reseller Division
UUNET, an MCI WorldCom Company
Email: [EMAIL PROTECTED]
Phone: 703.744.2583
Hours: 10am - 7pm Eastern</PRE>
</HTML>
==============1708B6FE3C15AC9F8CB84A9F==
------------------------------
From: "Pepijn Palmans" <[EMAIL PROTECTED]>
Subject: IP use monitoring for uid's
Date: Fri, 25 Jun 1999 16:54:22 +0200
Hi
I am searching for a way to know what user is using what IP/eth: on my
system.
Is there anyone out there who knows how to check eg. netstat for uid's ?
so that I can see what user is using what IP (and for what process).
If anyone can help me with this, feel free to mail me or to reply in the
newsgroup.
The reason I'm searching for this is that I wanna be able to block some
people using some IP's.
There are some programs for that but I never found one.
Kind regards,
Pepijn, Pinokio the first
[EMAIL PROTECTED]
------------------------------
From: Terje Trane <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.tcp-ip
Subject: Re: truncated-ip in tcpdump
Date: Fri, 25 Jun 1999 17:54:52 +0200
Uwe Kastens wrote:
> No, it's ab bug in tcpdump - try a newer one
Any suggestions for where to get one (that will work on RH5.2)?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
