Linux-Networking Digest #912, Volume #11 Fri, 16 Jul 99 09:15:07 EDT
Contents:
Re: Linux, I only can log in as root but not as an normal user (Sebastian
=?iso-8859-1?Q?Biem=FCller?=)
Re: Samba w/ 2 subnets, 1 interface? (M. Buchenrieder)
Re: FTP through gateway using IP Masq....... (Justin The Cynical)
Linux driver for Etherjet???? (Francois Laperruque)
NEVER MIND!!! - Re: Can't telnet to localhost ([EMAIL PROTECTED])
Linux as a server ("Gerry Kerr")
NFS/Portmapper Question ([EMAIL PROTECTED])
NFS/Portmapper Question ([EMAIL PROTECTED])
Re: My Dissapointment to find Linux not a viable solution (Jens Hektor)
Re: My Dissapointment to find Linux not a viable solution (mlw)
loopback to hostname (Jos Berends)
linux / winnt / win98 ("Jonathan Desrochers")
DNS Connectivity problem (Ian Geldard)
HELP wanted to configure networking... ([EMAIL PROTECTED])
Re: NFS/Portmapper Question ("Andreas Metzler")
----------------------------------------------------------------------------
From: Sebastian =?iso-8859-1?Q?Biem=FCller?= <[EMAIL PROTECTED]>
Subject: Re: Linux, I only can log in as root but not as an normal user
Date: Fri, 16 Jul 1999 12:54:12 +0200
But root login works
"only" every other user on the linux box can't log in.
sunchange lee schrieb:
> you can not login as root directly ,for some security reason.
> you have to "su" to root if you telnet your remote machine after login
> as a common user.
>
> Sebastian Biem�ller wrote:
> >
> > I Have a problem.
> > Im using Linux with Kernel 2.2.5, when I want to log in as root it goes,
> > and an xterm comes, but when I then type rlogin -l username servername,
> > rlogin rejects and says connection closed.
> >
> > and it promps only the root promt.
> >
> > When I make a telnet to the linux box as root it goes, as any other user
> > it doesn't go
> > telnet says "connetction refused"
> >
> > i tried to type ALL:ALL in my /etc/host.allow but it dosen't work
> >
> > and i only want acces from the networks 192.168.1.0/255.255.255.0
> > and
> > 192.168.2.0/255.255.255.0
> >
> > Can anybody help me?
> >
> > Thank you
> > Sebastian Biem�ller
> >
> > pease write to [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (M. Buchenrieder)
Subject: Re: Samba w/ 2 subnets, 1 interface?
Date: Fri, 16 Jul 1999 06:56:17 GMT
[EMAIL PROTECTED] writes:
>I have two subnets, 192.168.0.0/24 and 216.x.x.x/28 which are
>both accessed via eth0. I'm running samba 2.03 on a linux box w/ip
>192.168.0.204. The win98 clients on the 192.168.0. subnet can access
>the shares, yet the 216.x.x.x client's can't. any ideas? I'm only
>running DNS, no WINS. Thanks!
[...]
Put the
interfaces = ...
entry into your smb.conf file. Additionally, you'l need to add
WINS support by adding an /etc/lmhosts file , otherwise the resources
of the other subnet will not be visible to the Win* clients.
Michael
--
Michael Buchenrieder * [EMAIL PROTECTED] * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't munge your address.
------------------------------
From: [EMAIL PROTECTED] (Justin The Cynical)
Subject: Re: FTP through gateway using IP Masq.......
Date: 16 Jul 1999 10:36:09 GMT
Reply-To: [EMAIL PROTECTED]
On Thu, 15 Jul 1999 04:35:49 GMT, Monte Phillips <[EMAIL PROTECTED]> wrote:
->insmod ip_masq_ftp
->
->that rpresumes that you are running kernel 2.2.x and the module
->exists. If that works you can put it somewhere like
->/etc/rc.d/rc.local and have it run when you login.
Or, set the FTP client program you are using to use passive transfers.
--
In StarTrek TNG, ever notice that the characters are always tugging at their
shirts? In the future, it seems that we will travel at light speed, become the
universal melting pot, and end all suffering, but we still can't make a shirt
that fits right. Sheesh..... - Justin The Cynical - [EMAIL PROTECTED]
------------------------------
From: Francois Laperruque <[EMAIL PROTECTED]>
Subject: Linux driver for Etherjet????
Date: Fri, 16 Jul 1999 12:17:43 +0000
Hi everybody,
I need to configure an IBM netfinity 5000 server with its Etherjet
network card, but I'm unable to get some information about the model of
this card. Can someone tell me what driver I have to use, please?
Thanx for the answers.
------------------------------
From: [EMAIL PROTECTED]
Subject: NEVER MIND!!! - Re: Can't telnet to localhost
Date: Thu, 15 Jul 1999 12:59:10 GMT
Hi,
Never mind! I found the problem.
A file accidently got renamed, probably when I was fixing a PPP problem.
ifup-lo should be ifcfg-lo
- Dan
[EMAIL PROTECTED] wrote:
>Hi,
>
>All of a sudden, I can't telnet to localhost on my RedHat 5.2 system.
>
>When I try to telnet to localhost or 127.0.0.1, I get this:
>
>[root@localhost network-scripts]# telnet 127.0.0.1
>Trying 127.0.0.1...
>telnet: Unable to connect to remote host: Network is unreachable
>
>[root@localhost network-scripts]# telnet localhost
>Trying 127.0.0.1...
>telnet: Unable to connect to remote host: Network is unreachable
>
>However, after dialing in to my ISP with ifup ppp0 -dial. and THEN trying
>to telnet to localhost, instead of getting my own machine, I get some
>machine in my ISP's network!
>
>I must have broken something, but I don't know what. It was working
>perfectly before.
>
>The details:
>
>[root@localhost network-scripts]# more /etc/hosts
>127.0.0.1 localhost localhost.localdomain
>
>
>[root@localhost network-scripts]# more ifup-lo <--*** Should be ifcfg-lo
>DEVICE=lo
>IPADDR=127.0.0.1
>NETMASK=255.0.0.0
>NETWORK=127.0.0.0
>BROADCAST=127.255.255.255
>ONBOOT=yes
>BOOTPROTO=none
>
>
>When I'm dialed in to my ISP:
>
>[root@localhost network-scripts]# netstat -rn
>Kernel IP routing table
>Destination Gateway Genmask Flags MSS Window irtt Iface
>10.65.70.12 0.0.0.0 255.255.255.255 UH 1006 0 0 ppp0
>0.0.0.0 10.65.70.12 0.0.0.0 UG 1006 0 0 ppp0
>
>
>When I'm not dialed into my ISP, the routing table is empty.
>
>
>When I try to add 127.0.0.1 to the routing table:
>
>[root@localhost /root]# route add 127.0.0.1
>SIOCADDRT: Network is unreachable
>
>Does anyone know what the problem is and how I could fix this?
>
>Thanks,
>Dan
>
------------------------------
From: "Gerry Kerr" <[EMAIL PROTECTED]>
Subject: Linux as a server
Date: Fri, 16 Jul 1999 13:17:54 +0100
Hi all
I have been watching Linux grow in features, depth, ease of installation for
the last couple of years. I use linux at home (more to be familiar with the
os than in anger). We are now looking at Linux as a "File" server OS for
small business. I alway thought that there were a number of key areas that
needed to be address before Linux became a viable option.
The key areas as I see them are:
1. Ability to map network drives/printers onto the client PCs
2. Mail / Fax and web access solution
3. Automated Backup solutions
4. A network client for the workstations.
Typically our small businesses customers do not care what is running on the
server as long as it works. Most of them never thoch the damn thing - they
rely on us to be their system administrators.
Of the 4 key areas above the only piece missing is no 4 (at least I am not
aware of one).
Ideally the client should be capable of running scripts to automate drive
mapping, home directories, printer access etc.
I would be interested to know other peoples views on Linux in this capacity
and anny info or suggestions on client software
Regards.......Gerry
------------------------------
From: [EMAIL PROTECTED]
Subject: NFS/Portmapper Question
Date: Fri, 16 Jul 1999 11:34:26 GMT
Hi All,
I searched this forum (granted, it wasn't exactly
a THOROUGH search but... <g>)but couldn't find a
similar condition to what I'm experiencing - so
'xuse me if I'm repeating a past post/suggestion!
I've loaded Red Hat 6.0 and (THOUGHT I'd)
requested installation/setup of NFS during
install. Unfortunately, now that everything's
installed, I can't seem to perform NFS mounts
(yes, I've stopped/restarted NFS, checked all the
DOCUMENTED files/configuration/etc...all are ok)
on both the server and client end. I believe I
know the cause of my problem: "rpcinfo -p" on my
Linux server does NOT show portmapper running (!);
I've checked my other (non Linux) unix systems
which are serving out NFS mounts and they DO show
portmapper running....SO.....
Q: Should portmapper be showing up in the
list of RPC processes (i.e., rpcinfo -p)
Q: If so, how do I config./get it started
-> during boot (via inetd "super daemon")
-> once the system is up (if stopping/
starting NFS from the command line
does not work?);
BTW, /sbin/portmap stop/start
doesn't appear to DO anything!
Answers/solutions welcomed!!!
Paul
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: NFS/Portmapper Question
Date: Fri, 16 Jul 1999 11:34:27 GMT
Hi All,
I searched this forum (granted, it wasn't exactly
a THOROUGH search but... <g>)but couldn't find a
similar condition to what I'm experiencing - so
'xuse me if I'm repeating a past post/suggestion!
I've loaded Red Hat 6.0 and (THOUGHT I'd)
requested installation/setup of NFS during
install. Unfortunately, now that everything's
installed, I can't seem to perform NFS mounts
(yes, I've stopped/restarted NFS, checked all the
DOCUMENTED files/configuration/etc...all are ok)
on both the server and client end. I believe I
know the cause of my problem: "rpcinfo -p" on my
Linux server does NOT show portmapper running (!);
I've checked my other (non Linux) unix systems
which are serving out NFS mounts and they DO show
portmapper running....SO.....
Q: Should portmapper be showing up in the
list of RPC processes (i.e., rpcinfo -p)
Q: If so, how do I config./get it started
-> during boot (via inetd "super daemon")
-> once the system is up (if stopping/
starting NFS from the command line
does not work?);
BTW, /sbin/portmap stop/start
doesn't appear to DO anything!
Answers/solutions welcomed!!!
Paul
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Jens Hektor <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.advocacy,comp.security.firewalls
Subject: Re: My Dissapointment to find Linux not a viable solution
Date: Fri, 16 Jul 1999 13:57:39 +0200
mlw wrote:
> The e-mail virus scanner is the only thing that Linux does not have,
> simply because it does not need it. However, you could easily setup an
> e-mail scanner that looks for attachments that end in ".doc" ".com" and
> ".exe."
There are virusscanners for Linux, have a look at:
http://www.ce.is.fh-furtwangen.de/~link/security/av-linux.htm
It's in german I think, but you only have to follow some links.
Bye, Jens
--
Jens Hektor, RWTH Aachen, Rechenzentrum, Seffenter Weg 23, 52074 Aachen
Computing Center Technical University Aachen, firewalls/network security
mailto:[EMAIL PROTECTED], Tel.: 4866 (in house only)
Private: Rochusstr. 26, D52062 Aachen, Fon: +49 241 29888, Fax: % 29889
------------------------------
From: mlw <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.advocacy,comp.security.firewalls
Subject: Re: My Dissapointment to find Linux not a viable solution
Date: Fri, 16 Jul 1999 11:57:45 +0000
Tam McLaughlin wrote:
>
> I love Linux and have been using it for the last year as our email
> and internet server but have found we cannot consider Linux as a
> serious option as a firewall, email/internet server and a virus
> checker for all incomming emails.
>
> I may be wrong and hope to be proved wrong but the companies in
> Glasgow/Edinburgh I have spoken to cannot support our requirements
> with Linux. I will explain our setup and what I would like to see
> and hope that someone can give me some suggestions or point me
> in the direction of some company that can help.
>
> We have ~ 150 PCs running win95
> 4 servers running SCO
> about to install a router between 2 offices using a leased line
> and a card to allow remote access from laptops.
> linux box running delegate proxy and qmail connected to a direct
> telephone line to a single dial up account.
>
> We would like to allow laptop users in to our network for email access and
> server access. I believe the cisco router will allow us to specify which IP
> addresses are allowed in and which are not. We wish to protect our LAN from
> the outside.
>
> So, I have been informed that the linux server is not secure and we need a
> proper
> firewall.
What is a "proper" fire wall, and how is it different from the
filewalling software that comes with most distributions? If you want
real security use the Linux proxy server or even IP Masquerading.
> We also need a better method of virus scanning rather than
> updating
> each PC each month. I believe we could use samba for this with some type of
> network AV software.
Anti-virus software has to execute on a PC. If you need to have company
wide virus scanning, put MacAffee on a network drive. In the startup
script for your NOS have the client copy it locally.
Every couple months, when MacAffee has an update, simply copy the files
to the network directory. Windows machines reboot at least every week,
so no problem.
>
> I know hat I could go out and buy an NT server with MSProxy or whatever and
> some
> email package, firewall-1 and mime-sweeper. But this would cost a hell of a
> lot
> or money which I dont know our company would be willing to pay for (ok, i
> know all
> about the importance how much is our data worth etc etc...).
The e-mail virus scanner is the only thing that Linux does not have,
simply because it does not need it. However, you could easily setup an
e-mail scanner that looks for attachments that end in ".doc" ".com" and
".exe."
>
> So, why is there Linux based solution. Why is there no AV scanning software
> that can
> run on Linux? If there is , does anyone know of a local company that can
> help us?
The only thing that you are missing with the Linux system is the e-mail
checker. So, assuming you will have to by NT server, 150 licenses,
firewall-1, and "mime-sweeper" you are looking at a minimum of $10,000.
That is 100 consultant hours at $100. If you can't write the e-mail
scanner script in a day or two (with proper testing) You can hire a
consultant for a full week, and still be ahead.
Good luck.
--
Mohawk Software
Windows 95, Windows NT, UNIX, Linux. Applications, drivers, support.
Visit http://www.mohawksoft.com
------------------------------
From: Jos Berends <[EMAIL PROTECTED]>
Subject: loopback to hostname
Date: Fri, 16 Jul 1999 13:56:31 +0200
Hello, hopefully this is an easy question for you.
I have set up my networking from only a loopback
device to a system where I want to connect to the
internet via the eth0 and a cable modem.
Therefore I set a 'hostname' and assigned an IP address
to my 'hostname'.
However, being disconnected from the net (Is this the problem?)
I can not get a loopback connection to my own machine with:
ftp 'hostname'
or
rlogin 'hostname'
I can do it with
ftp localhost
or
rlogin localhost
Why is the former not working in my case.
Before I had anything else but the loopback device
I could do it.
How do I correctly tell my computer that by calling 'hostname'
I mean the localhost?
Thanks in advance
--
Jos
------------------------------
From: "Jonathan Desrochers" <[EMAIL PROTECTED]>
Subject: linux / winnt / win98
Date: Fri, 16 Jul 1999 12:54:34 GMT
Hello.
I am attempting to set up my SUSE 6.1 Linux Box to be a Samba server and
allow my win98/ntsp5 clients to connect to the shares I set up. I have been
very unsucessful up to this point. I can not see my samba server on my
windows machines, nor can I connect to the share. I am running version
2.0.5b (samba).
please reply to me at [EMAIL PROTECTED]
thanks for any help!
my smb.conf
[global]
workgroup = uncc
netbios name = Vectra
keep alive = 30
os level = 2
security = user
update encrypted = yes
encrypt passwords = yes
hosts allow 192.168.0.
interfaces = 192.168.0.15/255.255.255.0
wins support = no
[test]
comment = test folder
path = /home/jdesroch/test
read only = no
browsable = yes
[web]
comment = Web Folder
path = usr/local/httpd/htdocs
read only = no
browsable = yes
[test]
comment = test folder
path = /home/jdesroch/test
read only = no
browsable = yes
[web]
comment = Web Folder
path = usr/local/httpd/htdocs
read only = no
browsable = yes
------------------------------
From: [EMAIL PROTECTED] (Ian Geldard)
Crossposted-To: comp.os.linux.setup,linux.redhat.install,redhat.networking.general
Subject: DNS Connectivity problem
Date: Fri, 16 Jul 1999 12:01:12 GMT
If I make any changes on my standalone RH6.0 k2.2.5-22 system with
Linuxconf 1.14r4-4 and try and apply those changes I get an error
message warning me that:
"The DNS does not answer within 4 seconds. This is bad and will cause
major problems later."
What do I need to do to correct this?
--
Ian Geldard
London, England
PGP DH/DSS Key ID: 0x07CB87A6
PGP RSA Key ID: 0xE5FD80A1
------------------------------
From: [EMAIL PROTECTED]
Subject: HELP wanted to configure networking...
Date: Fri, 16 Jul 1999 11:27:45 GMT
Hello world,
I have a problem to configure SuSE Linux 5.3. I can't access the
network if I don't write the command:
"route add -net default gw 149.222.132.1 dev eth0"
after starting KDE!!!
Is the default IP really necessary???
I have another problem to reach the FTP during the installation (with
YaST), booting the machine with a boot disk.
Thank you for your help...
Cordialy,
Romuald.
NOTE:
Here is the output of the command "ifconfig -a":
================================================
eth0 Link encap:10Mbps Ethernet HWaddr 00:60:97:2E:72:6B
inet addr:149.222.132.130 Bcast:149.222.129.201
Mask:255.255.192.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:26618 errors:0 dropped:0 overruns:0
TX packets:2137 errors:0 dropped:0 overruns:0
Interrupt:5 Base address:0x300
Here is the output of the command "netstat -rn":
================================================
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
149.222.132.1 0.0.0.0 255.255.255.255 UH 1500 0 0 eth0
149.222.132.130 149.222.132.1 255.255.255.255 UGH 1500 0 0 eth0
149.222.129.200 149.222.132.1 255.255.255.255 UGH 1500 0 0 eth0
149.222.129.201 149.222.132.1 255.255.255.255 UGH 1500 0 0 eth0
0.0.0.0 149.222.132.1 0.0.0.0 UG 1500 0 0 eth0
NOTE:
-The entry "0.0.0.0" don't appear since I don't write the command
(after starting KDE):
"route add -net default gw 149.222.132.1 dev eth0"
-I entred all this values in /etc/route.conf, but Linux don't use the
entry "0.0.0.0"
-You see, that all the NetMask are "255.255.255.255". It is because the
commant route don't accept the real netmask "255.255.192.0" with the
actual IP "149.222.132.1". I don't know why... "route" accept it ONLY
when the IP ended with xxx.xxx.xxx.0. In /etc/route.conf I can write
what I want, Linux don't repair the errors. But when the Netmask is
not "255.255.255.255", I never access the network.
-I can access the local network without writing the extra route
command. A ping with the Gateway or the DNS work in all case. But when
DEFAULT don't appear in the list, I can't access the Internet.
Here is a copy of "/etc/resolv.conf":
=====================================
#
# /etc/resolv.conf
#
# Automatically generated by SuSEconfig on Fri Jul 2 21:08:35 MEST
1999.
#
# PLEASE DO NOT EDIT THIS FILE!
#
# Change variables (NAMESERVER + SEARCHLIST) in /etc/rc.config instead.
#
#
search maschinenwesen.fh-kiel.de nsc03.nsc.FH-Kiel.de smtp.FH-Kiel.de
nameserver 149.222.129.201
nameserver 149.222.129.200
NOTE:
-I write this informations under YaST. But I don't know when
the "search list" is the right one. I copy this informations from the
output of the command "route".
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Andreas Metzler" <[EMAIL PROTECTED]>
Subject: Re: NFS/Portmapper Question
Date: 16 Jul 1999 12:16:02 GMT
[EMAIL PROTECTED] wrote:
> Hi All,
[intro deleted]
> Q: Should portmapper be showing up in the
> list of RPC processes (i.e., rpcinfo -p)
yes:
=========
@server ~]$ /usr/sbin/rpcinfo -p
Program Vers Proto Port
100000 2 tcp 111 rpcbind
100000 2 udp 111 rpcbind
[...]
=========
> Q: If so, how do I config./get it started
> -> during boot (via inetd "super daemon")
no
> -> once the system is up
yes
> (if stopping/
> starting NFS from the command line
> does not work?);
> BTW, /sbin/portmap stop/start
> doesn't appear to DO anything!
> Answers/solutions welcomed!!!
> Paul
hello!
portmap is by default started by init in the runlevels 3 and 5, if you
enabled networking (grep NETWORKING /etc/sysconfig/network).
does
/etc/rc.d/init.d/portmap start
work?
do the links
/etc/rc.d/rc3.d/S11portmap
/etc/rc.d/rc5.d/S11portmap
to /etc/rc.d/init.d/portmap
exist?
What says rpm -V portmap ?
cu andreas
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
