Linux-Networking Digest #930, Volume #11 Sun, 18 Jul 99 11:13:27 EDT
Contents:
Re: Ethernet Routing: ping works one way but not back! (Jan Andres)
Re: How to disable console? (John Thompson)
Re: My Dissapointment to find Linux not a viable solution (John Thompson)
Re: Local IP addresses (Emmett McLean)
Samba and Printers on Win95 question ("Patrick")
Squid + Junkbuster??? HELP!!! (RaZoR)
Re: Connect to ISP when phone rings: is this possible? (TAT)
Auto check for email ("Michael")
Auto check for email ("Michael")
Re: "can't locate module char-major-6" (Jan Andres)
Samba is picky about showing up in Net Neighborhood (jakemp)
Re: Masquerade and mechwarrior 3.....how do I set this up ??? (tomislav)
Re: authentication problem 49333/ARQ? (Richard Hinton)
Re: My Dissapointment to find Linux not a viable solution (Rod Smith)
Re: how do I setup firewall with ipchains? ("Berto")
Re: Newbie Q: Getting message 'RPC program not registered ' when trying to mount
(Peter)
1 modem for http, 1 for ftp/news/mail/etc. ([EMAIL PROTECTED])
Re: EQL/ MultilinkPPP (Bill Steiner)
Telnet problem (Juan =?iso-8859-1?Q?Jos=E9?= Ruiz =?iso-8859-1?Q?P=E9rez?=)
Re: Linux as a PPP client nolonger work after NT RAS upgrade (Clifford Kite)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Jan Andres)
Subject: Re: Ethernet Routing: ping works one way but not back!
Date: 18 Jul 1999 08:43:02 GMT
In article <7mdlea$4jh$[EMAIL PROTECTED]>, Graham Harris wrote:
>Folks,
>
>B can ping A or B. C can ping B using either of B's IP addresses. When C tries
>to ping A, A's lights flash just the same way as when B pings A; but C just
>gets a timeout message.
>
>A B C
>ISDN PBX Redhat Linux 5.0 (2.0.32) Win95
> eth0 ne2000 eth1 ne1000
>192.168.42.1 192.168.42.100 10.0.2.100 10.0.2.166
>10baseT 10baseT 10base2 10base2
>
>(I hope the diagram works for you. It does for me, 78-wide with a fixed-pitch
>font. But then, I can understand my children and you can't).
>
>Since A is clearly receiving C's pings, it seems to me that the cause is
>likely to be that B is not forwarding A's responses on to C. Why?
>
>B has static routes set up:
>
>[root@prm /root]# netstat -nr
>
>Kernel IP routing table
>
>Destination Gateway Genmask Flags MSS Window irtt Iface
>
>10.0.2.0 0.0.0.0 255.255.255.0 U 1500 0 0 eth0
>
>10.0.2.0 10.0.2.100 255.255.255.0 UG 1500 0 0 eth0
^
This route isn't needed.
>192.168.42.0 0.0.0.0 255.255.255.0 U 1500 0 0 eth1
>
>192.168.42.0 192.168.42.100 255.255.255.0 UG 1500 0 0 eth1
^
Same for this one.
>127.0.0.0 0.0.0.0 255.0.0.0 U 3584 0 0 lo
>
>0.0.0.0 10.0.2.100 0.0.0.0 UG 1500 0 0 eth0
>
>To me these look as if B is set up to route both ways properly.
>
>IPv4 Forwarding is on. Dual cards are enabled via /etc/conf.modules. The LAN
>cards are on seperate (unique) IRQs and their io ranges don't overlap with
>each other or anything else. One, of course, is 16-bit and the other 8-bit but
>the ne driver seems to identify each correctly.
>
>Bridging is not enabled in the Kernel (I've not yet been able to rebuild the
>kernel because of make "No rule to make target 'config'" errors- that's
>another story). Do I need it?
No.
>I told C that B is a gateway. There's nothing I can change at A until I can
>talk to it with C! A's only user interface is through Win95 software and the
>10baseT port!
Connect A and C directly, give C an address within 192.168.42.*. Don't
care about gateway settings. Then configure A so that the network
10.0.2.0/24 is routed via the gateway 192.168.42.100 (establish a
static route).
After this, you can reconnect A and C each to one ethernet port of B,
and everything will work fine.
--
Jan Andres
[EMAIL PROTECTED]
Ham radio: DH2JAN
------------------------------
From: John Thompson <[EMAIL PROTECTED]>
Subject: Re: How to disable console?
Date: Sat, 17 Jul 1999 22:17:13 -0600
"[EMAIL PROTECTED]" wrote:
>
> Saturday July 17 1999 09:36, Y.C. wrote to All:
>
> YC> Since it hardly login directly in front of Monitor and consider
> YC> Monitor as a security hole. I would like to disable login in front
> YC> of
> YC> Monitor, but keep remote login available. Is there anyone know how
> YC> to
> Remove the monitor! :)
Many older machines (dating back at least to the unlamented
IBM PC-AT) often had keyboard locks on the front panel.
These were simple switches that just kept the keyboard from
communicating with the rest of the machine. You never see
those anymore (nor "Turbo" buttons). Perhaps they still
might have a use...
--
-John ([EMAIL PROTECTED])
------------------------------
From: John Thompson <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.advocacy,comp.security.firewalls
Subject: Re: My Dissapointment to find Linux not a viable solution
Date: Sat, 17 Jul 1999 22:13:28 -0600
Stuart Fox wrote:
> > Yes, MS Office viruses are the worst. The best solution is use another
> > word processing package. *In fact* the only people that have been hit
> > with any notable viruses lately are MS Office uses. A good argument for
> > Applix or Word Perfect.
> Or get a virus scanner that supports macro viruses....
That would help, but most virus scanning is reactive and
will not catch the brand-spankin' new viruses as they
appear. Heuristic based scanning is more proactive and
helps address that shortcoming of traditional scanning but
does in principle carry with it a higher risk of false
positives. By using an alternative word-processor package
as the first writer suggests you avoid both these problems,
but at the cost of potentially losing some features and/or
inter-operability with other users who may not be using the
same software you are.
No such thing as a free lunch, as they say...
--
-John ([EMAIL PROTECTED])
------------------------------
From: [EMAIL PROTECTED] (Emmett McLean)
Crossposted-To: comp.sys.next.sysadmin
Subject: Re: Local IP addresses
Date: 18 Jul 1999 01:05:49 -0700
Hi,
This has been an interesting thread ...
I wonder if someone could straighten something out
with an example ...
Suppose the IP of a computer network is :
209.185.27.10
and the router's IP is
209.185.27.09,
with a netmask (for 4 internet IPs) of
255.255.255.248.
Now suppose I want to put 3 NeXT computers on my network
- but not put them on the internet.
I go to the HostManager and tell it about the new machine.
Then I go into HostManager on the new box ...
The IP of the new box would be 192.168.0.2
But what would be the values for the router,
netmask, and broadcast network ?
I seem to recall having tried to set this up and the computer balked
at having a 192 IP address and a router with a 209 address.
I think it said it couldn't find the network. Is the solution for
the NetInfo Master machine, if it is Intel, to have 2 NICs?
Thanks,
em
------------------------------
From: "Patrick" <[EMAIL PROTECTED]>
Subject: Samba and Printers on Win95 question
Date: Sun, 18 Jul 1999 17:46:33 +0800
Hi All
I have been able to print to a Win95 box through smbclient however I cannot
get smbmount to mount the service. I get the invalid argument error from
mount. I have mounted the disks on both the win95 and win98 boxes so I can
definitely see them.
An simple fixes/solutions?
Cheers
Patrick
--
Patrick Brosnan
Beacon Technology
Perth, Western Australia
[EMAIL PROTECTED]
------------------------------
From: RaZoR <[EMAIL PROTECTED]>
Crossposted-To:
alt.linux,alt.os.linux,alt.os.linux.redhat,comp.os.linux.help,comp.os.linux.misc,linux.redhat.misc
Subject: Squid + Junkbuster??? HELP!!!
Date: Sun, 18 Jul 1999 09:59:48 +0000
Hey guys :-)
I have RH 6 installed on my P2 266 64 RAM.
I've been using Junkbuster for a while and it works great, but now i've
decided to set up Squid too and enable them both, so they can work
together.
On the Junkbuster's page they tell you how to enable squid and
junkbuster to work this way:
Browser ---> Junkbuster ----> Squid ------> WWW
But this way squid caches all ads anyway, and i lose bandwidth (the
only reason i use Junkbuster, so i don't need to waster my bandwidth on
these ads.
So I want to set Junkbuster and Squid this way (if it's possible):
Browser ---> Squid ----> Junkbuster ------> WWW
This way Junkbuster will filter out all ads, and then Squid will cache
all the rest.
Is it possible to do it?
Please tell me how.
Thanx in advance guys :-)
------------------------------
From: TAT
Crossposted-To: comp.os.linux.misc
Subject: Re: Connect to ISP when phone rings: is this possible?
Date: 18 Jul 1999 11:28:25 GMT
Thanks a lot Robert. I got ringconnectd, works like a charm :)
In comp.os.linux.misc Robert Clare <[EMAIL PROTECTED]> wrote:
> Hi. I know of two programs on the market that can do this. There are
> probably more... Take a look at ringconnectd and xringd. Both should
> be available at your local sunsite mirror. I have used ringconnectd
> in the past and it worked perfectly.
------------------------------
From: "Michael" <[EMAIL PROTECTED]>
Subject: Auto check for email
Date: Sun, 18 Jul 1999 13:50:27 +0200
Er det muligt (selvf�lgelig er det det) at f� "Linux" til selv at g� p�
nettet (den skal alts� selv ringe op) og checke om der er kommet nogen
email, eksempelvis hver 10. minut? I s� fald, hvordan?
md
------------------------------
From: "Michael" <[EMAIL PROTECTED]>
Subject: Auto check for email
Date: Sun, 18 Jul 1999 14:03:58 +0200
Is it possible to get Linux to check for emails automatically, I mean is
there a programe there can call up the net, check for emails and then
shutdown again, for instance every 10. minutes?
Tanks in advance
md
------------------------------
From: [EMAIL PROTECTED] (Jan Andres)
Subject: Re: "can't locate module char-major-6"
Date: 17 Jul 1999 08:16:45 GMT
In article <[EMAIL PROTECTED]>, Alain Vondra wrote:
>I need some help, because I can't use the web with linux, every time I
>try to make a connection, I find this words in my message file, and I
>see that it fails at the Username quiery, but my script is ok, help !!!
>What happens ??
Char major 6 are the lp devices. If you compiled printer support into
your kernel, you don't get this message. If you compiled it as a
module, add this line to /etc/conf.modules (create it if it doesn't
exist):
alias char-major-6 lp
If you don't want printer support at all, use this line:
alias char-major-6 off
It's very unlikely that this causes your networking problems.
--
Jan Andres
[EMAIL PROTECTED]
Ham radio: DH2JAN
------------------------------
From: jakemp <[EMAIL PROTECTED]>
Crossposted-To: redhat.networking.general,redhat.servers.general
Subject: Samba is picky about showing up in Net Neighborhood
Date: Sat, 17 Jul 1999 17:31:06 GMT
I have read alot of problems with samba showing up in network neighborhood
on win9x machines. Mine is different. I have read those easy to setup
samba sites that everyone keeps posting and have followed them closely. I
started out with 2.0.3 and have upgraded to 2.0.4b and I have the same
problem with both. At first I could not see my samba server on my win98
box at all. However I could access it through find computer. It shows up
there and I can access the shared directories and map them to a drive
letter. The only way I could get it to show up in net. neighb. is to
disable master browsing on win98 and make the samba server domain master.
When I restart Samba services it shows up great in netneighb. however the
win98 and win95 boxes do not show up. Yet they can still be accessed
through find computer and all shared directories can be accessed. Here's
the kicker....when I enable master browsing on the win98 machine as auto,
and reboot, the samba server show's up....then my win98 machine...then the
samba server dissappears.......then the win95 machine appears. The samba
server can still be accessed from find computer.
I have tried LM announce enabled on both the win98 machine and samba.
samba is configured to have a guest account
samba is set up for wins support...
the samba lmhosts and hosts files are in order (I have tested them with
ping)
samba is set to be browsable
the win9x machines are both configured for wins
samba is prefered master, local master, and domain master.
os level is set to be 65 (which should beat out an NT server)
it announces itself to be NT Server.
all computers are in the same workgroup
Samba can see itself (smbclient -L localhost)
Does anyone have the same problem?
Once again everything works fine through find computer (mapping drives,
download and upload files). It just wont show up in net. neighb.
John
================== Posted via SearchLinux ==================
http://www.searchlinux.com
------------------------------
From: [EMAIL PROTECTED] (tomislav)
Subject: Re: Masquerade and mechwarrior 3.....how do I set this up ???
Date: Sun, 18 Jul 1999 01:38:32 +0200
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
> * Allow an initial outbound TCP connection on port 47624
> * Allow subsequent inbound and outbound connections on TCP and
> UDP ports 2300-2400
> * Set appropriate permissions for DirectPlay (client)
> ======================================================================
> HOW do I do this with masquerading so I can play over the internet on
> my pc ?
You need to compile portfw and autofw in you kernel (or as modules) and
download a program called ipmasqadm (look for it at freshmeat.net). Then
just type ipmasqadm portfw or ipmasqadm autofw, depending on what you
choose to use (portfw is faster).
--
[EMAIL PROTECTED]
http://tojo.home.dhs.org/pgp.asc
------------------------------
From: Richard Hinton <[EMAIL PROTECTED]>
Subject: Re: authentication problem 49333/ARQ?
Date: Sun, 18 Jul 1999 07:19:25 -0500
Sam Bruskin wrote:
> still trying to configure ppp.
> i think i am getting this "49333/ARQ^M" response in the "expect"
This looks like a Modem speed report, your script may be starting
too soon after connect, put a pause in there and wait for the modem
response to
come and go....
Richard N. Hinton
[EMAIL PROTECTED]
>
> otherwise i have confirmed what my ISP uses: "gin:" and "ord:"
> so why does my script get this 49333 thing?
>
> i am learning a lot while trying to figure this out, but i sure would
> like to get online in Linux.
>
> also how come the text in teh terminal screen overwrites itself
> sometimes but not others? (making black blocks)
>
> alos is there a way i can save the long command lines so i can repeat
> it without re-typing?
>
> also if i would like to save the dialogue that /usr/sbin/chat -v
> generates, so i could print it or show it to someone--well, how might
> i do this?
>
> i am sure these answers are in these here books, but i am currently
> overwhelmed with digesting all this. thanks for any assitance you
> would care to give.
------------------------------
From: [EMAIL PROTECTED] (Rod Smith)
Crossposted-To: comp.os.linux.advocacy,comp.security.firewalls
Subject: Re: My Dissapointment to find Linux not a viable solution
Date: Sun, 18 Jul 1999 12:36:23 GMT
Reply-To: [EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>,
Tam McLaughlin <[EMAIL PROTECTED]> writes:
>
> I am not sure anymore what a proper firewall is. I understood firewall
> to mean that we have some type of protection between our LAN and the
> rest of the word that makes our LAN invisible to the outside world
> while the the line is up.
Not necessarily. Although I've seen several different definitions of
"firewall," none of them requires this. What all definitions of firewall
I've seen have in common is that they all specify some method of
accepting or rejecting network traffic passing between an internal
network and an external one. Making the LAN invisible to the outside
world isn't inconsistent with this, but neither is it required. Of
course, I may also have missed somebody's definition that WOULD require
the protected network to be invisible from the outside, and some methods
of firewalling do it.
> I do not think we require IP masquerading since this would mean we
> need to buy some legal IP addresses from our ISP ?
Just the opposite, in fact. IP masquerading lets you access the Internet
from inside a private local network. For instance, my home network has
three computers, one of which is a Linux box with a PPP connection. When
that PPP link is up, I can use either of the other two computers to do web
browsing, telnet, download via ftp, etc. All the while I use just one PPP
connection and the one IP address assigned to me by my ISP when I make
that PPP link, even if I am (say) downloading three files simultaneously
using all three computers. IP masquerading does have its limits, but for
the most common Internet tasks, it works pretty well.
--
Rod Smith
[EMAIL PROTECTED]
http://www.channel1.com/users/rodsmith
NOTE: Remove the "uce" word from my address to mail me
Author of _Special Edition Using WordPerfect for Linux_, from Que
------------------------------
From: "Berto" <[EMAIL PROTECTED]>
Subject: Re: how do I setup firewall with ipchains?
Date: Sun, 18 Jul 1999 15:28:09 +0200
[EMAIL PROTECTED] ha scritto nel messaggio <7mr9tm$nbg$[EMAIL PROTECTED]>...
>Hi,
>
>We have about 20 workstations, each with valid ip address. My question
>is how do I setup a Linux box to work as a router and provide firewall
>protection to the 20 workstations?
>
>Thanks,
>
>Dennis
>
>
>Sent via Deja.com http://www.deja.com/
>Share what you know. Learn what you don't.
It depends on your configuration.
If Linux works as a router (if all client pass throught it to use Internet)
so you have to use Ipchains command (there is a ipchains howto that can help
you)
Fondamental commands work on 3 chain: input, output and forward.
Probably you are interested in forward (routing) right.
Here are an example:
ipchains -A forward -s 1.1.1.1 -j DENY. This command deny 1.1.1.1 to access
thought your Linux box (attention 1.1.1.1 can arrive on Linux but can't
overcome it! for to net let it arrive at Linux you have to use input chain)
To delete that limit you have to digit: ipchains -D forward -s 1.1.1.1 -j
DENY
If you have a proxy on Linux box you have to use input chain.
Good job!
Berto
------------------------------
From: [EMAIL PROTECTED] (Peter)
Subject: Re: Newbie Q: Getting message 'RPC program not registered ' when trying to
mount
Date: Sun, 18 Jul 1999 13:49:04 GMT
On Sat, 17 Jul 1999 10:41:21 -0400, [EMAIL PROTECTED] wrote:
Thanks Jeff,
I didn't think I needed Samba for this, and in fact Samba works fine
Linux to Win98.
NFS seems to be working OK, and I can Ping, Telnet and FTP to either
machine, I just can't mount the filesystems.
If I type 'ps aux' I see a list showing rpc portmap is running
Thanks for the help
>Marco Vranken wrote:
>
>> Hi,
>>
>> I had the same problem a time ago.
>> First you have to run samba (if you don't know how, there are a lot of mails
>> in this newsgroup that
>> tell you how).
>> How I solved the problem is this:
>> In the file /etc/rc.config you have set next settings:
>> START_PORTMAP="yes"
>> NFS_SERVER="yes"
>>
>
>You don't need samba for this. You just need to make sure that the nfs deamon
>is running on the server machine.
>If you're running RedHat, then you must go into /etc/rc.d/init.d and type ./nfs
>start.
>If this doesn't work, your machine is broke.
>
>Jeff
------------------------------
From: [EMAIL PROTECTED]
Subject: 1 modem for http, 1 for ftp/news/mail/etc.
Date: Sun, 18 Jul 1999 13:30:36 GMT
I would like to be able to share my internet traffic between 2 modems.
I currently have 2 permanent modem accounts (with different providers,
so EQL is no good).
I would like all http traffic (via squid) to be routed through one
modem and all other traffic (mail, news, ftp etc) through the other.
Is this possible?
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Bill Steiner <[EMAIL PROTECTED]>
Subject: Re: EQL/ MultilinkPPP
Date: Sun, 18 Jul 1999 07:28:10 -0700
Hi Johnathan:
Wish I could help you, but I haven't gotten as far as you have with eql.
Just a thought, though: what is route tell you? Have you checked it to see
if you have any conflicting routings? I had a lot of trouble with that when
I first started using ppp.
Perhaps you'll be able to help me out. I'm trying to get two v.90 modems
talking to my ISP. Have done it with NT Workstation previously, so I know it
works at ISP's end. I prefer Linux's router capabilities to NT. I can get a
single modem to work fine, but I can't get eql_enslave to work on my Linux
box. I'm running RedHat with the 2.2.5-13 kernel. It has EQL installed as a
module. I can get the module to load, and I can configure it as the default
gateway with my box's IP address. I can also get both modems connected to
the ISP. Then I run into a brick wall. RedHat doesn't come with eql_enslave,
so I downloaded it from sunsite/metalab (eql-1.2.tar.gz by Simon Janes).
Everytime I try to run eql-enslave, I get a bash error: cannor execute
binary file.
I've tried recompiling eql_enslave.c that comes with eql-1.2.tar.gz, but the
C compiler can't find eql.h in /usr/src/linux/drivers/net/. There's an eql.c
file there instead. I tried changing the reference from eql.h to eql.c in
eql.enslave.c but then the copiler spews error messages. Very frustrating! I
get the feeling that version 1.2 of eql_enslave is not compatible with these
newer kernels, but not sure of that either. What version of eql_enslave are
you using, and where did you get it? Did you
run into any of the difficulties I have?
Good luck with your problem, and thanks for any info you can provide about
eql_enslave.
Bill
Jonathan wrote:
> Hello all,
>
> I am trying to use 2 analog modems to dial back to work and then bond
> them for one pipe of throughput. Here is some info. I am using two
> analog modems to dial into a Cisco 2510 with pppmultilink on the two
> dial-in interfaces. I have eql built into the kernel and here is the
> commands I have used:
>
> ifconfig eql <local ip> mtu 1500
> eql_enslave eql ppp0 24000 (slow connection)
> eql_enslave eql ppp1 24000
> route add default eql
>
> When I get both lines up, then I telnet to a server (AIX) and have to
> throw a display back local: xterm -display <one of the dial-up
> ip's>:0.0&. Then when I do an ifconfig it shows all the traffic going
> through the interface that I had to put in for the display. My question
> is how to get the connections to act as one. Is there something else I
> need on the router?
>
> Now that this is clear as muddy water, any help would be greatly
> appreciated. I am very new at trying to set this up.
>
> SuSE6.1, kernel 2.2.9
------------------------------
From: Juan =?iso-8859-1?Q?Jos=E9?= Ruiz =?iso-8859-1?Q?P=E9rez?=
Subject: Telnet problem
Date: Sun, 18 Jul 1999 16:42:41 +0200
Hi:
I manage a small LAN based on Linux (R.H. 6.0) and some Win9x.
The problem I have is that many users use telnet to connect to the
linux box and sometimes don't close their sessions :-(.
Does anyone know a package (rpm) or just a small script to be run by
cron that kills :-) those opened sessions after an iddle time?
(perhaps using the output of w, finger etc.)
Thanks
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Crossposted-To: comp.os.linux.setup
Subject: Re: Linux as a PPP client nolonger work after NT RAS upgrade
Date: 18 Jul 1999 09:46:46 -0500
nelson cheung ([EMAIL PROTECTED]) wrote:
: Do you means all Win?? client are MSCHAP version 2 compatible?
I don't know whether all MS Windows products are compatible but I'd guess
that all are not compatible. I don't use MS products much anymore.
: I used to use kppp and according to you, it should be version1 compatible
: only.
I don't do kppp, only pppd. Currently pppd can be compiled to support
MSCHAP v1 but not MSCHAP v2.
: Do you know if it is possible to set WinNT RAS to version 1 compatible also?
I *think* that MSCHAP v1 can be negotiated with all three of NT's dial-up
options.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* Editing with vi is a lot better than using a huge swiss army knife.
Use +} to wrap paragraphs in vi. */
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
