Linux-Networking Digest #964, Volume #11 Wed, 21 Jul 99 14:13:37 EDT
Contents:
Re: Why are there so many slow modem issues? Solution !!! (for me anyways) (bill
davidsen)
Re: Samba-PC can't be seen (bill davidsen)
Re: pppd message: Recieve serial link not clean ("Morris Maynard")
Re: Firewall to protect servers (bill davidsen)
Re: Limit Access By Time or Date (bill davidsen)
Re: PPP connection doesn't work (Clifford Kite)
Re: pppd crashing my kernel (Clifford Kite)
Re: exporting files systems via NFS? (bill davidsen)
Re: Samba PC doesn't show up on Win-Box (bill davidsen)
Re: High Speed Serial Cards. (bill davidsen)
PPP Session takes Memory ("Darrin")
Re: [RH5.2] modem is not responding (Clifford Kite)
Re: dynamic IP = ? (bill davidsen)
Re: samba and windows network - incompatible namespaces? (Ben Blish)
Re: (2 NIC)RTFM no good, please help (Thomas S. Urban)
PPP Peculiar Packet problem ("Morris Maynard")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: Why are there so many slow modem issues? Solution !!! (for me anyways)
Date: 21 Jul 1999 16:20:49 GMT
In article <[EMAIL PROTECTED]>,
Jason Koloseike <[EMAIL PROTECTED]> wrote:
| Last night I went back to me pre-kppp ppp scripts that I
| had used with Redhat 5.1, and to my surprise, they worked!
|
| After some tracking, I was able to narrow it down to one
| parameter: "baud rate".
|
| pppd expects a "baud rate" parameter. Since kppp wasn't
| passing it by default, ppp fixed itself to a slow
| transfer rate, even though the serial port had
| been set to a higher speed (38400, 11520, etc.)
|
| Hope this helps with your issues.
|
| PS. Even thou I downgraded to pppd 2.3.5-2, this is still
| an issue with pppd 2.3.7. But I would term this as a
| kppp bug. I downgraded to 2.3.5 so that I could connect
| to a CHAP authenticated site. 2.3.7 was only allowing
| me to connect to a scripted ISP site.
I'm not having problems with 2.3.8, and I connect to various sites for
support reasons. CHAP, PAP and MSCHAP all seem to work. I do notice that
my logs now show "chap MD5" on some sites, but since they work I don't
worry overly about it.
I roll my own scripts in /etc/ppp/peers, and always include hardware
flow control, baud rate, etc.
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: Samba-PC can't be seen
Date: 21 Jul 1999 17:05:33 GMT
In article <[EMAIL PROTECTED]>,
VBF-Ratingen GmbH <[EMAIL PROTECTED]> wrote:
| I can access the WIndows-PCs, but in the net-neighbourhood under Win the
| Samba-PC isn't there.. :-(
|
| Any Ideas???
Try mounting samba shares directly from a DOS command line. If it works
it's a name service problem, needs something in nmbd.
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: "Morris Maynard" <[EMAIL PROTECTED]>
Subject: Re: pppd message: Recieve serial link not clean
Date: Mon, 19 Jul 1999 12:58:39 -0400
It is unusual for an ISP to allow login via the old login: password:
sequence these days. User authentication is usually done by using much more
secure binary protocol. Use netcfg in X-windows and get rid of all
Send/Expect strings, and just enter your user name and password in the CHAP
settings.
This is typical of the problems caused by the seriously outdated
documentation provided for Linux services like PPPD in the HOWTOs.
Clifford Kite <kite@NoSpam.%�inetport.com> wrote in message
news:7mvd8k$[EMAIL PROTECTED]...
> Mark Bennett ([EMAIL PROTECTED]) wrote:
>
> : I get connected, and all
> : is OK up till (in /var/log/messages)
> : #pppd 2.3.3 started by root, uid 0
> : #Using inerface ppp0
> : #Connect:ppp0 <--> /dev/tty1
> : #LCP:timeout sending Config-Requests
> : #Recieve serial link is not 8-bit clean:
> : #Problem: all had bit 7 set to 0
> : I am at a total loss. When in Windows and useing a terminal program I
> : connect fine and see the "garbage" of TCP/IP starting, but I never get
this
> : far in linux.
>
> : Useing:
> : pppd connect 'chat -v "" ATDT5766774 CONNECT "" ogin: usename word:
> : password' /dev/ttyS2 115200 lock debug crtscts modem defaultroute
>
> It's very likely that the ISP didn't start PPP at it's end and instead is
> presenting a prompt or menu. The chat script isn't doing it's job but
it's
> hard to tell what is actual and what is not from the hand-copy above. You
> also need to find the `-v' part of the chat messages, look in the files
> defined in /etc/syslog.conf for candidate files.
>
> The one thing that sticks out and might cause the problem is CONNECT ""
> which sends a carriage return that often confuses an ISP. Try replacing
> it with CONNECT '\d\c' that introduces a one-second delay and doesn't
> send a carriage return. "man chat" for details.
>
> When posting logs or script you should post exact copies, hand copies are
> to prone to error and leaving out essential details. See my signature
> for a way to clip lines from a log file and save them in another file.
>
> --
> Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
> /* To extract lines: View file with "vi -R". Move cursor to first line.
> Press "v". Move cursor to mark lines (Esc unmarks). Write lines to
> fubar with ":w fubar <Enter>". Exit with ":q <Enter>". */
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: Firewall to protect servers
Date: 21 Jul 1999 16:31:01 GMT
In article <7n2ec4$3s2$[EMAIL PROTECTED]>,
Greg Leblanc <[EMAIL PROTECTED]> wrote:
| I'm going to have a DSL install at my home soon, and was wondering what
| people had for recomendations on how to set up a firewall/router on a
| Linux PC. I'll have a Cisco 675 ADSL bridge/router, and a 486/dx2-66
| with 16Mb of ram and two NICs. What I was thinking of doing was perhaps
| setting the Cisco to bridge only mode, and using the Linux PC to do all
| of my routing. I'd like to have several Microsoft Windows machines
| inside of the network, as well as two sun boxes. I'd like to have some
| kind of security on my router either using packet filtering rules, or
| NAT. I would also like to be able to have HTTPD/FTPD running on my sun
| boxes, but still have them behind the router/firewall. Any suggestions
| on a better way to do this, or pointers on what to read to get my RH6
| machine configured properly to do this? Thanks,
I would use ipchains to set the default input rule to drop all packets
from the outside, then start allowing packets to certain ports. At
minimum I would drop all packets to priv ports as the default. I don't
allow telnet for any reason, but I do allow ssh. I use rinetd to forward
any port, like 80, to the proper box.
Set masquerade as needed for boxes on the inside. Compile your kernel
with as little in it as possible, and optimize as a router. I would use
the 2.2.6 or 2.2.9 kernel, I've heard enough bad things about 7 and 8 to
make me avoid them, just because I have no good reason to want to use
them.
rinetd will allow you to send packets from certain hosts to certain
machines, but I don't see a great way to split and use both Suns from a
single port. You could forward another port to the "other" machine, or
have one machine do virtual hosting, or whatever.
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Crossposted-To: comp.os.linux.hardware,comp.os.linux.misc
Subject: Re: Limit Access By Time or Date
Date: 21 Jul 1999 16:04:11 GMT
In article <[EMAIL PROTECTED]>,
Todd Davis <[EMAIL PROTECTED]> wrote:
| I'm relatively new to Linux, and am enjoying many of the security benefits
| that are built into it. One of the things I'd like to be able to do is
| limit access to files and/or resources by time/date.
Take a look at PAM and see if that would do what you want. You caould
limit when they get on, and perhaps a script could start to knock them
off.
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Crossposted-To: comp.os.linux.setup
Subject: Re: PPP connection doesn't work
Date: 21 Jul 1999 11:31:01 -0500
nelson cheung ([EMAIL PROTECTED]) wrote:
[edited]
: I don't understand why the server doesn't respond to my ping requests
: (and telnet requests etc.) The physical connection (modem) seems good
: and routing are correct (at least request are sending through the
: modem).
: Here are some information I captured from PPP client after connection is
: made:
: [root@yamato /root]# netstat -rn
: Kernel IP routing table
: Destination Gateway Genmask Flags MSS Window irtt
: Iface
: 16.157.0.10 0.0.0.0 255.255.255.255 UH 0 0 0
: ppp0
: 0.0.0.0 16.157.0.10 0.0.0.0 UG 0 0 0
: ppp0 <-- default gateway
I'm not sure what you are trying to do here but this is likely why
things don't work. The route to the PPP interface must use either the
IP address of the remote, here that is 16.157.0.225, or (sometimes)
an IP address not on the remote network of the peer.
Pppd configures the routing correctly so it would seem that you deleted
that and configured this. The remote's proxyarp option should take care
of the return route, and it's IP forwarding plus the normal LAN routing
should take care of the outgoing route. You shouldn't need to change
the routing pppd configures.
If you didn't change the routing then I haven't a clue as to what's going
on unless the route and ifconfig outputs came from different PPP connects.
: [root@yamato /root]# ifconfig -a
: ppp0 Link encap:Point-to-Point Protocol
: inet addr:16.157.0.131 P-t-P:16.157.0.225
: Mask:255.255.255.255
: UP POINTOPOINT RUNNING NOARP MULTICAST MTU:296 Metric:1
: RX packets:8 errors:3 dropped:0 overruns:0 frame:3
: TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
: collisions:0 txqueuelen:10
: IP (16.57.0.131) is got from server (16.157.0.225).
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* The wealth of a nation is created by the productive labor of its
* citizens. */
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: pppd crashing my kernel
Date: 21 Jul 1999 11:51:29 -0500
Anthony Ewell ([EMAIL PROTECTED]) wrote:
: So yesterday, I have the server connected to my ISP using the manual
: PPPD method (netcfg, etc.), with the automatic reconnect feature turned on.
: The : only person on the system was me (nt workstation and rh 6.0): the
: rest had gone home and turned off their computers. And a couple of busy
: signals on a dial back and down goes my kernel -- very annoying.
: So diald is vindicated. So how do I now fix pppd? (I am getting a lot
: of heat from the other 16 clients wanting on the internet!)
I'd try upgrading to the latest 2.2.x series kernel, there was a
significant change in the kernel PPP support code beginning at 2.2.8 .
There might also be upgrades to the SMP code that would help but I can't
vouch for that.
It probably wouldn't hurt to upgrade to ppp-2.3.8 too, although any
software problem is almost surely in the kernel - Linux kernels
shouldn't crash. Have you thought about asking this question on
comp.os.linux.development.system?
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* The wealth of a nation is created by the productive labor of its
* citizens. */
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: exporting files systems via NFS?
Date: 21 Jul 1999 16:06:21 GMT
In article <7mgd3d$c78$[EMAIL PROTECTED]>, BWhite <[EMAIL PROTECTED]> wrote:
| I am trying to export /home and a few others to an NT network.
|
| I configure NFS using linuxconfig, but when I try and browse the server from
| a windows box, it either comes up blank, or complains that the linux server
| doesn't support networking!
You are aware that unless you have installed a third party NFS product
on Windows, the networking is SMB (use SAMBA) not NFS?
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: Samba PC doesn't show up on Win-Box
Date: 21 Jul 1999 16:08:52 GMT
In article <[EMAIL PROTECTED]>,
VBF-Ratingen GmbH <[EMAIL PROTECTED]> wrote:
| I have a Win9x-net (TCP/IP) with one linux box. I can access the Win9x
| using Samba, but the linux box doesn't show up in the Network
| Neighbourhood on the Win9x-PCs :-(.... I can ping the linux-PC from the
| Win9x-PCs, so the network is working properly.... Any ideas????
Probably a name server issue. Try to mount the smaba exports directly
from a DOS prompt. If it works, and I bet it does, the issue is that
nmbd isn't telling Win everything it want or needs to know.
Sorry, don't remember the rest of the fix, it's in the manual.
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: High Speed Serial Cards.
Date: 21 Jul 1999 16:44:19 GMT
In article <7n4jn9$2i00$[EMAIL PROTECTED]>,
Jason <[EMAIL PROTECTED]\\> wrote:
| I was wondering if anyone has had any luck getting a TurboExpress Turbocom
| or similar ISA PNP serial card to work under linux. I can get as far as
| isapnp telling me that it has configured the card right, but setserial won't
| have anything to do with it. It states something to the effect of "Illegal
| UART type: 16750"
I have the feeling that there is a problem with this UART type and
that's why it is rejected. If you are feeling *very* brave you can use
the 'uart' option in setserial to force the type to 16550. Do not blame
me if this leads to system problems, lying to drivers is done at your
own risk.
Is the 750 a 1k incoming 128 byte outgoing or something? I should
remember but I don't...
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: "Darrin" <[EMAIL PROTECTED]>
Subject: PPP Session takes Memory
Date: Wed, 21 Jul 1999 11:38:36 -0600
Whenever a PPP session is ended on our dial-in server, the server is locked
up and a message appears on the console, "Out of Memory".
Any ideas?
Thanks
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: [RH5.2] modem is not responding
Date: 21 Jul 1999 11:09:57 -0500
Patrick ([EMAIL PROTECTED]) wrote:
: in Windoze, COM3 is the port that the modem connects to
: i ensure that /dev/modem is linked to /dev/cua2
: when i use minicom to dial, it said it is dialing
: but i cannot heard any dialing sound and
: connection is unsuccessful until timeout
: when i use CHAT script to connect to my ISP
: error is showed in /var/log/messages
: Jul 21 23:17:41 sky pppd[792]: pppd 2.3.5 started by root, uid 0
: Jul 21 23:17:41 sky pppd[792]: tcgetattr: Input/output error(5)
: Jul 21 23:17:42 sky pppd[792]: Exit.
tcgetattr has almost always meant that some other process is using the
IRQ assigned to the device file, /dev/cua2 in this case - or /dev/ttyS2
which takes the same IRQ as cua2. Some actual examples are (1) an
ethernet card that used the same IRQ as the modem, (2) a misconfigured
ppp script that launched pppd twice, and (3) a mingetty that somehow
had been configured for call-in.
I'll try to save some bandwidth by pointing out that you should be using
/dev/ttyS2 and that for some later kernel the /dev/cua* device files will
no longer be supported. (They still work with the 2.2.9 kernel though.)
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
------------------------------
From: [EMAIL PROTECTED] (bill davidsen)
Subject: Re: dynamic IP = ?
Date: 21 Jul 1999 16:36:45 GMT
In article <7n2ou7$8nc$[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> wrote:
| I'm running RH6.0 with a 56k modem and a PPP
| connection to an ISP. Before I telnet into a host
| I set xhost +, once I've telneted into the host
| I've attempted to execute a graphics program. I
| receive an error message that recommends that I
| enter the command (setenv DISPLAY localhost:0).
| I've been told that I should set "localhost" to my
| IP address. The ISP dynamically assigns the IP
| addresses. What I'm asking is how to ascertain
| that address once I've made the connection?
ifconfig, netstat -rn, /proc/net/route (in hex). When ppp starts it runs
/etc/ppp/ip-up which can save the info in a file if you like. Note: I
have no idea what kppp will do, I just haven't had time to check it out,
old pppd is working for me and I'm *busy* now.
--
bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
The Internet is not the fountain of youth, but some days it feels like
the fountain of immaturity.
------------------------------
From: [EMAIL PROTECTED] (Ben Blish)
Crossposted-To: alt.linux,linux.samba
Subject: Re: samba and windows network - incompatible namespaces?
Reply-To: [EMAIL PROTECTED]
Date: Wed, 21 Jul 1999 16:27:51 GMT
On Wed, 21 Jul 1999 08:20:28 GMT, [EMAIL PROTECTED] wrote:
>> It can't write to it, which is bizzare as I've
>> been through the samba permissions multiple times and they're set
>> so that the home dir is root and permissions are read and write.
>> I might have something screwy in the actual user account permissions
>> that samba masks with, though... Although linuxconf now shows the
>> account as having all the privs available... ???
>You only have to check the permissions of the 'Ben Williams' Linux user, and
>the definition of the share in /etc/smb.conf, I think. The share you see can
>be in the [homes] section or any other share you have created, be sure it's
>writable=yes, etc.
I managed to get individual directories going; the home directoriy of the
Ben Williams user is '/', and as I've needed each directory, the file browser
in RedHat was usable to set the permissions for the dir so that it could be
written by the Windows machine. The Samba permissions were writable,
public=yes, and so on.
What I'd really like is to be able to get at everything - all directories,
that is, using the Windows machine. Haven't got that far... working
on it, though. Thanks, everyone!
--Ben
------------------------------
From: [EMAIL PROTECTED] (Thomas S. Urban)
Subject: Re: (2 NIC)RTFM no good, please help
Date: Wed, 21 Jul 1999 17:10:42 GMT
On 21 Jul 1999 17:04:02 GMT, bill davidsen <[EMAIL PROTECTED]> wrote:
>In article <[EMAIL PROTECTED]>,
> <[EMAIL PROTECTED]> wrote:
>
>| I get no eth1: message at all during kernel start up
>| I have this in my /etc/lilo.conf:
>| append="ether=ether=0,0,eth1"
>
>Your syntax is wrong. You should have two complete ether= stanzas.
>
On my two NIC system, the following line suffices:
append="ether=0,0,eth1"
actually, I use 5 for the first 0 to avoid an IRQ
conflict. Did you mean to type "ether" twice?
Scott
------------------------------
From: "Morris Maynard" <[EMAIL PROTECTED]>
Subject: PPP Peculiar Packet problem
Date: Wed, 21 Jul 1999 13:17:16 -0400
I am running Red Hat 6.0 with the 2.2.5-15 kernel and pppd 2.7.
pppd demand dials my ISP via an Adtran Express 3000 ISDN modem on dev/ttyS1
Connections and surfing, etc. work fine.
However, the modem receives a packet every second, whether any process on my
lan is using the internet or not.
With TCPDUMP, I saw that the source and destination addresses are both those
assigned to my ppp0 interface by my ISP. The packets are UDP packets for
port 2348, and they are 29 bytes long.
The problem is that this prevents pppd from disconnect-on-idle feature from
working, since the interface never seems to be idle.
I have tried shutting off all but the Linux box, and then killing processes
one by one till almost nothing is left, so I don't think the packets are
locally generated. No luck, I still see the modem receive light blink once
per second, and TCPDUMP dumps the packet at the same rate. Note, there are
NO packets being transmitted at this time (verified with netstat -i -c)
This happens on all three different ISDN dialups (to 3 separate companies)
that I have access to.
I can REJECT or DENY the packets with ipchains, but this does not affect the
pppd timeout.
I tried the active-filter option in pppd, but it is not supported (I'm ont
running NetBSD).
If I connect the modem to a Windows box and dial up, I still see the blinky
light, but the connection times out on idle properly.
Any ideas?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
