Linux-Networking Digest #697, Volume #11 Sun, 27 Jun 99 21:13:48 EDT
Contents:
Re: If I had a gun.... (lyte)
Re: PPP and KDE! ("C�sar Mateus Concei��o")
Re: Why not C++ (Nathan Myers)
Re: If I had a gun.... (Scott Sweeting)
Ethernet write problem (MikeVW)
Re: downloads slow with 2.2 kernel (lyte)
Re: Why not C++ (Tristan Wibberley)
Re: ISP Newcomer Needs Help (Jonathan Guthrie)
Re: VPN through IP Masq (Walter Hunt)
RFI: DNS Servers and Firewalls (John)
Ethernet Card??
Re: Xisp works, kppp doesn't (Joker)
Re: samba and epson stylus 600 ("TURBO1010")
----------------------------------------------------------------------------
From: lyte <[EMAIL PROTECTED]>
Subject: Re: If I had a gun....
Date: Sun, 27 Jun 1999 19:29:31 -0400
==============632689F09ED994D32375EFB7
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
"James R. Barnett, Jr." wrote:
> Andrey Smirnov wrote:
> >
> > Can you post outputs of your ifconfig -a, netstat -rn, and contents of
> > /etc/hosts files, also ip configuration of your win client.
> >
> > Good luck!
> >
> > PS. Also output of arp -a from both linux and win machines.
> >
>
> script started on Sun Jun 27 15:23:23 1999
> [root@arson /root]# netstat -rn
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
> Iface
> 192.168.1.254 0.0.0.0 255.255.255.255 UH 0 0 0
> eth0
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
> lo
> [root@arson /root]# ifconfig -a
> eth0 Link encap:Ethernet HWaddr 00:10:5A:0B:50:2F
> inet addr:192.168.1.254 Bcast:192.168.1.255
> Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:65 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> Interrupt:10 Base address:0x300
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:3924 Metric:1
> RX packets:30 errors:0 dropped:0 overruns:0 frame:0
> TX packets:30 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
>
> [root@arson /root]# cat /etc/hosts
> 127.0.0.1 localhost localhost.localdomain
> 192.168.1.254 arson.toughguys.org arson
> 192.168.1.2 tireiron.toughguys.org tireiron
> [root@arson /root]# arp -a
> [root@arson /root]# arp -v
> Entries: 0 Skipped: 0 Found: 0
> [root@arson /root]# exit
> exit
>
> Script done on Sun Jun 27 15:24:31 1999
>
> The win98 box is as follows:
> C:\arp -a
> No ARP Entries Found
>
> C:\type C:\windows\hosts.sam
> 127.0.0.1 localhost
> 192.168.1.2 tireiron.toughguys.org
> 192.168.1.254 arson.toughguys.org
>
> Network Properties shows the 3Com3c509b is installed without a problem.
> Client for Microsoft Networks is installed and so is TCP/IP.
>
> IP Address:
> IP (static): 192.168.1.2
> Subnet Mask: 255.255.255.0
>
> DNS Configuration:
> Enable DNS: TRUE
> Host: tireiron
> Domain: toughguys.org
>
> DNS Server Search Order:
> 192.168.1.254
>
> //I can't ping with DNS disabled either. Arson is not currently running
> bind.
>
> I realize all these settings might not be correct for Samba, but I know
> I have to be able to ping before Samba can run. Pinging is my main
> concern here. Well, Thanks for any and all help anyone can give me.
>
> JamesB
You can check out our Networking Basics guide and our IP Masquerading guide
if you like. They should help you set everything up in plain non-geek talk.
www.thecomputergallery.com/redhat/guides.shtml
Best of luck
--
Joey Olson
#RedHat OnLine
http://www.thecomputergallery.com/redhat
==============632689F09ED994D32375EFB7
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
"James R. Barnett, Jr." wrote:
<blockquote TYPE=CITE>Andrey Smirnov wrote:
<br>>
<br>> Can you post outputs of your ifconfig -a, netstat -rn, and contents
of
<br>> /etc/hosts files, also ip configuration of your win client.
<br>>
<br>> Good luck!
<br>>
<br>> PS. Also output of arp -a from both linux and win machines.
<br>>
<p>script started on Sun Jun 27 15:23:23 1999
<br>[root@arson /root]# netstat -rn
<br>Kernel IP routing table
<br>Destination
Gateway
Genmask Flags
MSS Window irtt
<br>Iface
<br>192.168.1.254 0.0.0.0
255.255.255.255 UH 0
0
0
<br>eth0
<br>192.168.1.0
0.0.0.0
255.255.255.0 U
0 0 0
<br>eth0
<br>127.0.0.0
0.0.0.0
255.0.0.0
U
0 0 0
<br>lo
<br>[root@arson /root]# ifconfig -a
<br>eth0 Link encap:Ethernet HWaddr
00:10:5A:0B:50:2F
<br> inet
addr:192.168.1.254
Bcast:192.168.1.255
<br>Mask:255.255.255.0
<br> UP BROADCAST
RUNNING MULTICAST MTU:1500 Metric:1
<br> RX packets:0
errors:0 dropped:0 overruns:0 frame:0
<br> TX packets:65
errors:0 dropped:0 overruns:0 carrier:0
<br> collisions:0
txqueuelen:100
<br> Interrupt:10
Base address:0x300
<p>lo Link encap:Local Loopback
<br> inet addr:127.0.0.1
Mask:255.0.0.0
<br> UP LOOPBACK
RUNNING MTU:3924 Metric:1
<br> RX packets:30
errors:0 dropped:0 overruns:0 frame:0
<br> TX packets:30
errors:0 dropped:0 overruns:0 carrier:0
<br> collisions:0
txqueuelen:0
<p>[root@arson /root]# cat /etc/hosts
<br>127.0.0.1
localhost
localhost.localdomain
<br>192.168.1.254 arson.toughguys.org
arson
<br>192.168.1.2 tireiron.toughguys.org tireiron
<br>[root@arson /root]# arp -a
<br>[root@arson /root]# arp -v
<br>Entries: 0 Skipped: 0
Found: 0
<br>[root@arson /root]# exit
<br>exit
<p>Script done on Sun Jun 27 15:24:31 1999
<p>The win98 box is as follows:
<br>C:\arp -a
<br>No ARP Entries Found
<p>C:\type C:\windows\hosts.sam
<br>127.0.0.1 localhost
<br>192.168.1.2 tireiron.toughguys.org
<br>192.168.1.254 arson.toughguys.org
<p>Network Properties shows the 3Com3c509b is installed without a problem.
<br>Client for Microsoft Networks is installed and so is TCP/IP.
<p>IP Address:
<br>IP (static): 192.168.1.2
<br>Subnet Mask: 255.255.255.0
<p>DNS Configuration:
<br>Enable DNS: TRUE
<br>Host: tireiron
<br>Domain: toughguys.org
<p>DNS Server Search Order:
<br>192.168.1.254
<p>//I can't ping with DNS disabled either. Arson is not currently running
<br>bind.
<p>I realize all these settings might not be correct for Samba, but I know
<br>I have to be able to ping before Samba can run. Pinging is my main
<br>concern here. Well, Thanks for any and all help anyone can give me.
<p>JamesB</blockquote>
You can check out our Networking Basics guide and our IP Masquerading guide
if you like. They should help you set everything up in plain non-geek talk.
<br>www.thecomputergallery.com/redhat/guides.shtml
<p>Best of luck
<pre>--
Joey Olson <[EMAIL PROTECTED]>
#RedHat OnLine
<A
HREF="http://www.thecomputergallery.com/redhat">http://www.thecomputergallery.com/redhat</A></pre>
</html>
==============632689F09ED994D32375EFB7==
------------------------------
From: "C�sar Mateus Concei��o" <[EMAIL PROTECTED]>
Subject: Re: PPP and KDE!
Date: Sun, 27 Jun 1999 20:42:00 -0300
I use KLIcq without problems ... i don't know about Licq but in my system
works very good !!!
8-)
Mopp <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]...
> Hy!
> I have a problem with my PPP!
> I�m using kppp to connect to my ISP!
> But I have a problem with my DNS! I cannot use programs like: licq, it
> says Can�t Resolv hast name, but kicq works, the same withe Netscape, it
> works, but if I want to user WWWOFFLE it does not!
>
> Can you help me?
>
> write me: [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Nathan Myers)
Crossposted-To: comp.os.linux.development.apps,comp.os.linux.development.system
Subject: Re: Why not C++
Date: 27 Jun 1999 16:01:52 -0700
NF Stevens <[EMAIL PROTECTED]> wrote:
>[EMAIL PROTECTED] (Nathan Myers) wrote:
>>
>>C++ cannot of course be faster than the equivalent assembly
>>code, but the C++ compiler can optimize code better than you
>>can by hand in C, because it knows more about expressions than
>>you can tell the C compiler.
>
>That was not the point. I was comparing the code generated
>by instanciation of a template with hand written C++ code.
>The fact that templates expand to C++ code means that
>_templates_ cannot improve the efficiency of code.
But C++ templates _don't_ expand (macro-like) to C++ non-template
code. They expand to (if you will) RTLs, full of juicy details
for the optimizer that would be lacking in the otherwise-equivalent
hand-written C++ (or C) code.
For example: the result of a template function is a temporary,
and cannot be aliased. An optimizer can take advantage of this
knowledge. See the Blitz++ library for some extreme examples.
This doesn't mean that C++ template libraries _must_ be more
efficient than [something else], but it means that with significant
effort and a good optimizer (e.g. KCC) they _can_ be.
--
Nathan Myers
[EMAIL PROTECTED] http://www.cantrip.org/
------------------------------
From: Scott Sweeting <[EMAIL PROTECTED]>
Subject: Re: If I had a gun....
Date: Sun, 27 Jun 1999 16:28:27 -0700
> Isn't hosts.sam the *sample* hosts file? Shouldn't it be renamed to
> 'hosts' or 'hosts.lm'?
Sorry... my bad. I think it should either be 'hosts' or 'lmhosts'
(neither of which should have an extension).
------------------------------
From: [EMAIL PROTECTED] (MikeVW)
Subject: Ethernet write problem
Date: 27 Jun 1999 23:07:15 GMT
Reply-To: [EMAIL PROTECTED]
Anyone guess why or know how to fix this little problem. I have two
computers each with Intel EtherExpress Pro/100+ cards in them. One shiny
new PIII machine and one old Pentium 100 machine. They're networked
together with a crossover cable. Everything works well, telnet, ftp,
mounting with nfs, the whole bit. Except for one problem. I can't
transfer any sizeable file from the new machine to the old machine, < 100K
is OK, either through nfs or ftp. I'm pretty sure the problem is hardware
related on the old computer. The file starts to write to the old machine
at blazing speed then just stops. I can still telnet to the old machine
through another xterm but the ftp session is stopped. Netstat reveals:
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 58400 bigdog.mindspring.:4318 lowdog.mindspr:ftp-data ESTABLISHED
tcp 0 0 bigdog.mindspring.:4317 lowdog.mindspring.c:ftp ESTABLISHED
The Send-Q is interesting saying there are unacknoledged bytes. I was
wondering if the new computer is sending data too fast too the old one so I
loaded the module with the options to only run at 10Mb, didn't help. Any
clue as to what's happening? Thanks for any advice.
--
Trying to prevent arterial clogging of my CPU from eating too much spam!
Change the spam in my address to spring to reply. Stop the inspamity!
Visit my website www.mindspring.com/~us015148
This is a Microsoft Free message.
.........
`:::' ....... ......
::: * `::. ::'
::: .:: .:.::. .:: .:: `::. :'
::: :: :: :: :: :: .::.
::: .::. .:: ::. `::::. .:' ::.
...:::.....................::' .::::..
The choice of a GNU generation
UNIX is user friendly. It's just selective about who its friends are.
------------------------------
From: lyte <[EMAIL PROTECTED]>
Subject: Re: downloads slow with 2.2 kernel
Date: Sun, 27 Jun 1999 19:27:04 -0400
==============8AE6D5210BF5BC0686DB4A2D
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Gene Heskett wrote:
> Unrot13 this;
> Reply to: <[EMAIL PROTECTED]>
>
> Gene Heskett sends Greetings to greg rudd;
>
> gr> Problem is with ppp performance on RedHat 6.0 system with 2.2.5
> gr> kernel compared to performance on RedHat 5.2 system with 2.0.36
> gr> kernel. Problem is downloading of large (200 to 400K) JPEG and
> gr> GIF files on RedHat 6.0 system causes Netscape to continually
> gr> stall and stop receiving data many times during the download. If
> gr> you leave Netscape along, eventually the link will begin sending
> gr> data again, and the status message will change from stalled to
> gr> the amount of data coming over the connection. Do not have this
> gr> problem with RedHat 5.2 with 2.0.36 kernel. Using same ppp
> gr> scripts and serial port setup on both systems. It seems to me
> gr> that the 2.2 series kernels may be having a flow control or some
> gr> other problem with large downloads. Has anyone else experienced
> gr> similar problems with the 2.2 series kernels?
>
> So am I, same Zoom modem via switchbox is used on this machine, and a
> linux box running 2.2.10 and netscape 4.61 us/ca ssl version.
>
> Here, with a 56k connection at 50k, I get 2k-3k speeds total, even with
> several parallel conections.
>
> On the linux box, I get 700 cps per connection until I've used up the
> bandwidth somewhere around the 5000 cps mark. So it appears to be a
> per connection limit.
>
> I've no idea where its at. The linux box is a 400mhz AMD K6-2, 128
> megs pc100 memory, DMA is working on all drives, and it *should* be able
> to handle 5,000,000 cps without even showing up in a top report.
>
> I did play with the modem init a bit last night, and that seems to have
> reduced the re-negotiations, but hasn't helped the speed all that much.
>
> But we need answers, thats why we lurk, and occasionally respond.
>
> Cheers, Gene
> --
> Gene Heskett, CET, UHK |Amiga A2k Zeus040 50 megs fast/2 megs chip
> Ch. Eng. @ WDTV-5 |A2091,GuruRom,1g Seagate,CDROM,Multiface III
> |Buddha + 4 gig WDC drive, 525 meg tape
> |Stylus Pro, EnPrint, Picasso-II, 17" vga
> RC5-Moo! 690kkeys/sec isn't much, but it all helps
> email gene underscore heskett at iolinc dot net
> --
Check your /var/log/messages file and see if you have an error about
ppp-compress-21 it means you do not have compression enabled on the modem. Add
this to /etc/conf.modules and reconnect.
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate
Hope this helps.
--
Joey Olson
#RedHat OnLine
http://www.thecomputergallery.com/redhat
==============8AE6D5210BF5BC0686DB4A2D
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
<html>
Gene Heskett wrote:
<blockquote TYPE=CITE>Unrot13 this;
<br>Reply to: <[EMAIL PROTECTED]>
<p>Gene Heskett sends Greetings to greg rudd;
<p> gr> Problem is with ppp performance on RedHat 6.0 system
with 2.2.5
<br> gr> kernel compared to performance on RedHat 5.2 system with
2.0.36
<br> gr> kernel. Problem is downloading of large (200 to 400K)
JPEG and
<br> gr> GIF files on RedHat 6.0 system causes Netscape to continually
<br> gr> stall and stop receiving data many times during the download.
If
<br> gr> you leave Netscape along, eventually the link will begin
sending
<br> gr> data again, and the status message will change from stalled
to
<br> gr> the amount of data coming over the connection. Do not
have this
<br> gr> problem with RedHat 5.2 with 2.0.36 kernel. Using same
ppp
<br> gr> scripts and serial port setup on both systems. It seems to
me
<br> gr> that the 2.2 series kernels may be having a flow control
or some
<br> gr> other problem with large downloads. Has anyone else
experienced
<br> gr> similar problems with the 2.2 series kernels?
<p>So am I, same Zoom modem via switchbox is used on this machine, and
a
<br>linux box running 2.2.10 and netscape 4.61 us/ca ssl version.
<p>Here, with a 56k connection at 50k, I get 2k-3k speeds total, even with
<br>several parallel conections.
<p>On the linux box, I get 700 cps per connection until I've used up the
<br>bandwidth somewhere around the 5000 cps mark. So it appears
to be a
<br>per connection limit.
<p>I've no idea where its at. The linux box is a 400mhz AMD K6-2,
128
<br>megs pc100 memory, DMA is working on all drives, and it *should* be
able
<br>to handle 5,000,000 cps without even showing up in a top report.
<p>I did play with the modem init a bit last night, and that seems to have
<br>reduced the re-negotiations, but hasn't helped the speed all that much.
<p>But we need answers, thats why we lurk, and occasionally respond.
<p>Cheers, Gene
<br>--
<br> Gene Heskett, CET, UHK |Amiga
A2k Zeus040 50 megs fast/2 megs chip
<br> Ch. Eng. @
WDTV-5
|A2091,GuruRom,1g Seagate,CDROM,Multiface III
<br>
|Buddha + 4 gig WDC drive, 525 meg tape
<br>
|Stylus Pro, EnPrint, Picasso-II, 17" vga
<br> RC5-Moo! 690kkeys/sec
isn't much, but it all helps
<br>email gene underscore heskett at iolinc dot net
<br>--</blockquote>
Check your /var/log/messages file and see if you have an error about
ppp-compress-21
it means you do not have compression enabled on the modem. Add this to
/etc/conf.modules and reconnect.
<p> alias ppp-compress-21 bsd_comp
<br> alias ppp-compress-24 ppp_deflate
<br> alias ppp-compress-26 ppp_deflate
<p>Hope this helps.
<pre>--
Joey Olson <[EMAIL PROTECTED]>
#RedHat OnLine
<A
HREF="http://www.thecomputergallery.com/redhat">http://www.thecomputergallery.com/redhat</A></pre>
</html>
==============8AE6D5210BF5BC0686DB4A2D==
------------------------------
From: Tristan Wibberley <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.apps,comp.os.linux.development.system
Subject: Re: Why not C++
Date: Sat, 26 Jun 1999 23:39:21 +0100
Reply-To: [EMAIL PROTECTED]
Johan Kullstam wrote:
>
> [EMAIL PROTECTED] (Nathan Myers) writes:
>
> > Johan Kullstam <[EMAIL PROTECTED]> wrote:
> > >the memory fragmentation problem pretty much precludes seriously using
> > >C++ for kernel work. look to microsoft for examples of C++ in action.
>
> > Nazis eat peanut butter. Therefore peanut butter is bad.
>
> thanks for trying godwin's law.
>
> > This supposed "memory fragmentation problem" is just more FUD.
> > Shame on you, Johan.
>
> no, this one really *is* *true*. if you malloc and free a lot of
> things of different sizes, then heap memory does get chopped up. there
> are little bits of free memory here and there. you cannot consolidate
> them. and when allocating you search around for these free holes.
> the typical C++ program does a lot of malloc and free. memory
> fragmentation does occur and it does cause performance loss.
Not if you get a garbage collector and de-fragmenter, in which case C++
can keep the place clean with similar overhead to others - although C++
garbage collectors and de-fragmenters are still quite immature.
--
Tristan Wibberley
------------------------------
From: Jonathan Guthrie <[EMAIL PROTECTED]>
Subject: Re: ISP Newcomer Needs Help
Date: 27 Jun 1999 23:26:56 GMT
Alphatee <[EMAIL PROTECTED]> wrote:
> I have been given the task of creating and or becoming an ISP. I do not
> know anything about this bounty and would appreciate any direction as
> to where to start and where to go. I have yet to know where to start
> and what I need to know.
I recommend seeing a good psychologist: If you want to become an ISP,
and you don't know how, then you're crazy!
> I have been reading about TCP/IP, Routers among others. I would
> appreciate who, where and how to buy necessary equipments. I need to
> start ASAP. My initial customer base is estimated to be 500 people. I
> need an immdiate help.
And why are you asking on comp.os.linux.networking?
Since you'll, no doubt, find the foregoing not at all useful, here's a
real deal.
Look, you'll need a bunch of equipment. Where and how you buy what you
need depends upon how much money you have and how credit worthy you are.
Unless you've got some kind of death wish, it'll likely take you 4-6
months to sign up 500 customers. (There simply aren't enough hours in the
day. At the start, each customer will take 0.25-1 hour of support time to
set up. That time will be reduced as you get better at setting them up.)
12-16 months is a more reasonable estimate for the time it takes to get to
500 customers unless you've got an actual list of customers already.
Unless you're capable of basically building everything from scratch (and
borrowing the rest) you're looking at sinking or financing
$50,000-$100,000 US. You'll likely get a negative return on your
investment for 3-5 years (more if you include what you could have been
earning at a real job) and perhaps break even after that. This is a
competitive business with few barriers to entry, at least in the USA.
If you find THAT nonuseful, try this Web site:
http://www.amazing.com/isp
which has the new Internet provider faq.
--
Jonathan Guthrie ([EMAIL PROTECTED])
Brokersys +281-895-8101 http://www.brokersys.com/
12703 Veterans Memorial #106, Houston, TX 77014, USA
------------------------------
Reply-To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED] (Walter Hunt)
Subject: Re: VPN through IP Masq
Date: Mon, 28 Jun 1999 00:08:35 GMT
In article <[EMAIL PROTECTED]>,
"John Hardin" <[EMAIL PROTECTED]> writes:
>
> Mark Constable wrote in message <8V2d3.34$[EMAIL PROTECTED]>...
>>Sorry I can't help you guys but I am also searching for a solution
>>to this problem of a MASQ'd linux server with a dial-up w98 client
>>who wants to connect via PPTP to an outside service.
>>
>>There is 3 of us now who would dearly like to find a solution so
>>if anyone has experience down this track then please don't hold
>>back. I've been searching and readin howto/faq's for two weeks
>>now and found nothing relevent for 2.2 kernels + ipchains.
>
>
> Try ftp://ftp.rubyriver.com/pub/jhardin/masquerade/ip_masq_vpn.html
>
Since I just finished testing this on a 2.2.10 box starting from the
instructions on that page, I thought I would add a few comments.
For 2.2.10, the ip_masq_vpn-2.2.9-alpha.patch file found on that page
patches in cleanly and adds config options for PPTP.
I enabled all the PPTP options (with debug info) and the IPSec options
(probably unnecessary), and the GRE, GRE_BROADCAST, and IP tunnel options
(can you tell I didn't feel like re-compiling the kernel more than once?).
Probably didn't need some of these, but better safe than sorry.
I re-compiled the kernel, played around with it a bit (watching the debug
output) and tried connecting to a PPTP server from the NT box behind the Linux
firewall. After a little experimentation, I found that my ipchains/firewall
script was not allowing the PPTP connection to succeed (the NT box would sit
on a dialog saying it was verifying user/password, and eventually would time
out).
I found the following additions to my ipchains script allowed PPTP access
to work fine from the masq'd NT box:
================================================================================
# PPTP client (1723)
# ----------------
for server in $PPTP_SERVERS
do
echo "Allowing PPTP access to/from $server . . ."
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s $server 1723 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \
-s $IPADDR $UNPRIVPORTS \
-d $server 1723 -j ACCEPT
# Alloc GRE-encapsulated packets to/from the PPTP server
ipchains -A input -i $EXTERNAL_INTERFACE -p 47 \
-s $server \
-d $IPADDR -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p 47 \
-s $IPADDR \
-d $server -j ACCEPT
done
================================================================================
PPTP_SERVERS = any hosts you might want to connect over PPTP to
EXTERNAL_INTERFACE = NIC attached to internet (ppp0, eth0, etc.)
IPADDR = local IP address of firewall
UNPRIVPORTS = 1024:65535
One last note - when the help files for the DEBUG_VERBOSE options say they
generate a lot of output, they are *not* kidding. Plan on re-compiling
without them after debugging the connection. (And a minor nit - just changing
those debug options wasn't enough to get make to re-compile the affected
files. I just did a "make clean" - I'm a believer in brute force.)
And now a request - anyone know of a PPTP client for Macs? I'd like to
get a Powerbook connected through the firewall also.
--
Walter Hunt
------------------------------
From: [EMAIL PROTECTED] (John)
Subject: RFI: DNS Servers and Firewalls
Date: Mon, 28 Jun 1999 00:19:20 GMT
How does one setup a DNS server on a IPMasq Firewall. It is advisable
to run the Firewall and DNS services on the same physical box. If so
how do I secure it?
John
(Remove NOSPAM before emailing me)
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Ethernet Card??
Date: 28 Jun 1999 00:39:03 GMT
Would like some one to recommend to me what is considered the best
ethernet card for Redhat linux 6.0 but is also compatiable with Win98 and
NT 4.0. Many thanks to those who may reply.
Larry
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Joker)
Subject: Re: Xisp works, kppp doesn't
Date: Mon, 28 Jun 1999 00:56:10 GMT
On Tue, 08 Jun 1999 00:00:45 -0400, Brian Witowski <[EMAIL PROTECTED]>
wrote:
>Greetings,
>
>I have a strange problem. Using Xisp I can connect to my isp and log
>in, no problem. But If I use, say Kppp,
>I can connect but never get a Login: or Password: prompt. After about
>10 sec. it dosconnects.
I have the same thing happen with kppp -- I opened up the log file and
found that it is not using the correct init string -- I've configured
it to use ATZ, yet it just sends A and waits for an OK, which it'll
never get because my modem can't process an A. I'm able to get xisp to
dial in, but for some probably unrelated reason, I'm kicked off by my
ISP after about 5 seconds.
The same thing happens with a terminal
>program. I know that xisp has it's own dialer but I need for this to
>work the 'normal' way because I want to set up diald.
>
>Please help!
>Brian
>
------------------------------
From: "TURBO1010" <[EMAIL PROTECTED]>
Subject: Re: samba and epson stylus 600
Date: Sun, 27 Jun 1999 17:50:34 -0700
Better yet, why don't you post your smb.conf file, particularly the printer
section, and also tell us what it's doing?
andrew g robinson <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> setup
> server ;redhat linux 6.0 , two ethernet card .. one to dhcp sever (cable
> modem) other for internal network
> client: dual boot redhat linux and win98 one ethernet card
> network: ne200 ethernet with hub
>
> problem: cannot get the win98 machine to print to the epson 600 stylus
> printer on the server. samba appears to be working. I can save files
> on the shared directory. lp shows up in the shared directory but i
> cannot print to the printer. I know the printer is working on the
> network because when i reboot into linux on the client and print to the
> server... it work hurray. if someone with a samba setup like mine
> could post thier smb.conf i would appreciate it . then i could see
> what i am doing wrong. My thoughts are i do not have the printer
> properly configured in samba.
>
>
>
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
