Linux-Networking Digest #967, Volume #11 Wed, 21 Jul 99 21:13:43 EDT
Contents:
tcpdump shows packet loss by ipportfw ... ("Bebco")
Re: DHCPd & dual homed server ("TURBO1010")
netscape ("R.Smith")
Re: ARP / Proxy Arp - mapping IP to MAC ("Cliff")
Re: samba and windows network - incompatible namespaces? (Ben Blish)
Re: Sharing NetZero on home network? ("Joe")
BTInternet UK & CHAP/PAP (Andy Fletcher)
Re: SQUID and multible In-Out-IPs ("Dietrich v. d. Groeben")
Re: Sharing NetZero on home network? (Mick)
Re: Strange reboot... (Chris Mahmood)
Re: Local IP addresses (Warren Young)
Re: Win98(Server) -> Linux(Client), Suggestions??? ("Dimitris Andrakakis")
Re: Another IPChains Question :) ("Cowles, Steve")
Re: Firewall to protect servers (Warren Young)
PPP disconnects after a while with diald ("Brady")
Re: Linux NFS driver for Win9x ? ("Dimitris Andrakakis")
Re: My Diald Woes. It must work. Help. ("Dimitris Andrakakis")
dhcpd ("TURBO1010")
Re: Strange reboot... (Leonard Evens)
Re: starting PPP ("Dimitris Andrakakis")
FOR THE LOVE OF GOD (James Rogers)
Re: getty dialin respawning - HELP! (Warren Young)
SNMP sub-agent support needed (Mike Michaud)
ip forwarding & kernel ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: "Bebco" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.questions,comp.security.firewalls
Subject: tcpdump shows packet loss by ipportfw ...
Date: 21 Jul 1999 13:02:05 PDT
Dear linux/networking gurus,
I am sending my question to this list as I hope it's "on topic here",
and there are people who can easily figure the answer out. If not -
I apologize and please let me know what's a better place to ask...
Here is a pretty weard problem that drives me crazy. All I wanted
was to make net2phone work with my linux firewall. (I am using
a linux box (2.0.36 kernel) with ipfwadm (IP masquerade)
and ipportfw (port re-direct) installed. To do what I wanted,
in addition to allowing tcp/udp traffic from the LAN with
ipfwadm -F -a accept -m -P tcp -S 192.168.0.0/24
ipfwadm -F -a accept -m -P udp -S 192.168.0.0/24
I had to forward one TCP port (6613) and one UDP port (6615) to
the local machine with:
/sbin/ipportfw -A -t$Firewall_IP/6613 -R 192.168.0.1/6613
/sbin/ipportfw -A -u$Firewall_IP/6615 -R 192.168.0.1/6615
But net2phone still didn't work.
Then I run tcpdump on these ports on both LAN and WAN interfaces.
What I saw was udp traffic to/from port 6615 going back and forth
just fine, while tcp traffic from the WAN to the port 6613 stopped dead
when arriving to the WAN interface (it never showed up to LAN
interface...)
The destination address on those packages was shown to be 0.0.0.0
(why or why?) by tcpdump, so I am wondering how I can forward
these packets to my client machine. (Oh yeah, and how can I find more
about the content of raw packets in the dump files, obtained using -w
option of tcpdump - attached d6615.0, d6615.1, d6613.0, d6613.1 ?).
Any help/hints would be greatly appreciated...
Thanks,
Boris.
P.S. The tcpdump results for TCP port 6613 on both eth0 and
eth1(LAN) are as follows:
=== TCP port 6613 on the WAN (tcpdump -n -i eth0 -vv port 6613):
14:08:39.656009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52506)
14:08:39.656009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52506)
14:08:43.156009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52507)
14:08:43.156009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52507)
14:08:49.566009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52508)
14:08:49.566009 169.132.65.5.36902 > 0.0.0.0.6613: S
1929898218:1929898218(0) win 8760 <mss 1460> (DF) (ttl 239, id 52508)
14:08:58.976009 169.132.65.5.36902 > 0.0.0.0.6613: R
1929898219:1929898219(0) win 8760 (DF) (ttl 239, id 52509)
14:08:58.976009 169.132.65.5.36902 > 0.0.0.0.6613: R
1929898219:1929898219(0) win 8760 (DF) (ttl 239, id 52509)
8 packets received by filter
0 packets dropped by kernel
=== TCP port 6613 on the LAN (tcpdump -n -i eth1 -vv port 6613):
0 packets received by filter
0 packets dropped by kernel
------------------------------
From: "TURBO1010" <[EMAIL PROTECTED]>
Subject: Re: DHCPd & dual homed server
Date: Wed, 21 Jul 1999 15:06:30 -0700
How do you specify the nic and where? Is there a script where I can specify
this?
This is what I get right now when I try to start dhcpd
[root@comp1 juan]# Listening on Socket/eth1/192.168.1.0
Sending on Socket/eth1/192.168.1.0
No subnet declaration for eth0 (209.203.123.110).
dhcpd: exiting.
Bill <[EMAIL PROTECTED]> wrote in message
news:7n52ou$a9l$[EMAIL PROTECTED]...
> Turbo,
>
> I decided to specify the NIC for DHCPD during startup. That seemed to do
the
> trick.
> My thanks to the individual who suggested this earlier.
>
> Something like: dhcpd eth1
> (eth1 is the NIC for my LAN)
>
> Bill
>
> TURBO1010 <[EMAIL PROTECTED]> wrote in message
> news:7n105b$rgb$[EMAIL PROTECTED]...
> > Maybe he means the subnet, I don't know. I'll try to set this up
tonight,
> > let you know what happens.
> >
> >
> > Bill <[EMAIL PROTECTED]> wrote in message
> > news:7ml1m7$rjh$[EMAIL PROTECTED]...
> > >
> > > I've had the exact same problem. However, what do you mean by
> > > "y.y" should be my network address not ip address? Where would
> > > I get this info from my service provider? Thanks in advance.
> > >
> > > Confused Newbie
> > >
> > > Stuart R. Fuller <[EMAIL PROTECTED]> wrote in message
> > > news:3fejm7.ev1.ln@localhost...
> > > > Allan Wingenback ([EMAIL PROTECTED]) wrote:
> > > > : I have RH Linux 5.2 installed on a box I want to use as a server
and
> > an
> > > > : internet gateway for a small network (5-10 win95 clients). This
> > server
> > > has
> > > > : 2 network cards and I want to use DHCPd to provide network
addresses
> > to
> > > the
> > > > : internal computers only. My network setup is good, and I've
> installed
> > > dhcpd
> > > > : and written the dhcpd.conf file as per the mini-HOWTO for my
> internal
> > > subnet
> > > > : address range. When I start the dhcpd service, it reports "No
> Subnet
> > > > : declaration for eth0 (184.161.y.y)" which is the Internet
interface.
> > > Since
> > > > : I don't want to send DHCP info to the Internet, how do we
configure
> > > > : dhcpd.conf to not use eth0?
> > > > :
> > > > : My configuration:
> > > > : External (Internet) NIC: eth0, 161.184.y.y, subnet
255.255.255.248,
> > > 3c509b
> > > > : Internal NIC: eth1, 192.168.x.x, subnet 255.255.255.0, 3c509b
> > > >
> > > > In your /etc/dhcpd.conf, add the following:
> > > >
> > > > subnet 161.184.y.y netmask 255.255.248.0 {
> > > > }
> > > >
> > > > where "y.y" is your network address (not your IP address).
> > > >
> > > > What this does is to:
> > > >
> > > > a) make dhcpd happy that the 161.184.y.y subnet is declared
> > > > b) tell dhcpd to not service that subnet
> > > >
> > > > Stu
> > > >
> > >
> > >
> > >
> >
> >
> >
>
>
>
------------------------------
From: "R.Smith" <[EMAIL PROTECTED]>
Subject: netscape
Date: Sat, 17 Jul 1999 19:49:47 +0100
I have a problem with configuring netscape that come r.h-5.2.
When I put my "news.dial.pipex.com" it gives unknown.
That happens with "smtp,pop"
Also how do go about writing scripts ,how do you invoke it all.
I am new at this one, but I love it
Robert U.K
------------------------------
From: "Cliff" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: ARP / Proxy Arp - mapping IP to MAC
Date: Wed, 21 Jul 1999 22:14:18 GMT
You'll have to script it. Try adding a line in your rc.local that uses
the arp command to hardwire the MAC. Here's the arp command syntax (from RH
5.2 man page):
arp [-v] [-H type] [-i if] -s hostname hw_addr [netmask nm] pub
--
-Cliff
Views expressed are my own and not necessarily those of my employer
Concordia Net, Inc. When replying via email please use; cwheat at concordia
dot net not
root@localhost
[EMAIL PROTECTED] wrote in message <7n33t3$cta$[EMAIL PROTECTED]>...
>
> I want to "hard code" the MAC address into my Linux system, to avoid the
ARP
>problem.
>
[snip]
------------------------------
From: [EMAIL PROTECTED] (Ben Blish)
Crossposted-To: alt.linux,linux.samba
Subject: Re: samba and windows network - incompatible namespaces?
Reply-To: [EMAIL PROTECTED]
Date: Tue, 20 Jul 1999 17:19:33 GMT
I got a solution via email; creating the new user Ben Williams
using the adduser command and double-quotes to specifically delimit
the name including the space. Now the '98 machine can see the share
and read just fine. It can't write to it, which is bizzare as I've
been through the samba permissions multiple times and they're set
so that the home dir is root and permissions are read and write.
I might have something screwy in the actual user account permissions
that samba masks with, though... Although linuxconf now shows the
account as having all the privs available... ??? Linux is so
convoluted. :)
Thank you to everyone who looked at the original issue, much
appreciated!
--Ben
------------------------------
From: "Joe" <[EMAIL PROTECTED]>
Crossposted-To:
alt.comp.hardware.pc-homebuilt,comp.os.ms-windows.networking,comp.os.ms-windows.misc
Subject: Re: Sharing NetZero on home network?
Date: Wed, 21 Jul 1999 14:04:10 -0400
I use sysgate on my 2 home pc network and works like a charm. Ialso receive
a dynamic IP when dialing into my ISP. Downloaded sysgate and followed their
online setup proedures.
Additionally win 98 SE contains a internet sharing utility for just this
very situation. may want to chack out the windows newsgroups for more
details.
Joe
Vikas Agnihotri <[EMAIL PROTECTED]> wrote in message
news:7n235j$uc2$[EMAIL PROTECTED]...
> Assuming I install Ethernet cards, hub, etc for a home network, how do I
> share my NetZero Internet access among all the PCs?
>
> From what I know about all the Internet-share products out there, they
> require a specialized dial-up ISP account with a static IP address, etc.
> With NetZero, I dont have control over any aspect of DUN. I just click
> on the NetZero icon and it does the rest. I get a dynamic IP address
> each time.
>
> As usual, if I bind my Ethernet cards to the private 192.168.x.x
> network, how will they access the dynamic IP address bound to the TCP/IP
> stack? I'm confused...
>
> Any experiences appreciated.
>
> Thanks,
> Vikas
>
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
------------------------------
From: Andy Fletcher <[EMAIL PROTECTED]>
Subject: BTInternet UK & CHAP/PAP
Date: Wed, 21 Jul 1999 23:44:43 +0100
Hi,
After spending much time trying to configure my rh5.2 with BTInternet,
I've failed, the reason being that BTInternet specify a login by way of
CHAP, although I am told this will not work with ISP's and therefore PAP
is used, I have read many documents and posts about similar problems,
but sadly none were any help. If anyone else does/has connected to
BTInternet in this way I'd love you to reply to this post and give me a
helping hand. Aside from that, if anyone with a working configuration
for PAP could reply with a copy of their /etc/ppp/options file, I'd be
very grateful indeed. I seems that the ISP wants to authenticate using
PAP, as the following appears in /var/log/debug..
pppd[476]: sent [LCP ConfNak id=0x4 <auth pap>]
unfortunatly my system responds as..
rcvd [LCP ConfReq id=0x4 <mru 1500> <asyncmap 0x0> <auth chap 05> <magic
0xd34542c1> <pcomp> <accomp>]
or something very similar in most cases.
Everyone's help is very much appreciated.
Many thanks,
Andy Fletcher
------------------------------
From: "Dietrich v. d. Groeben" <[EMAIL PROTECTED]>
Subject: Re: SQUID and multible In-Out-IPs
Date: Wed, 21 Jul 1999 22:51:59 +0200
Reply-To: "Dietrich v. d. Groeben" <[EMAIL PROTECTED]>
Holger van Koll <[EMAIL PROTECTED]> schrieb in im Newsbeitrag:
7mvtiv$rv9$[EMAIL PROTECTED]
>
> Dietrich von der Groeben schrieb in Nachricht
<[EMAIL PROTECTED]>...
> >Hi all,
> >
> >I have a big big problem with squid,
> >is it possible to run squid in the following configuration:
> >
> > ____
> >LAN1------| |
> > | | Internet-IP for LAN1
> > | |----------------------
> > | | Internet-IP for LAN2
> >LAN2------|____|
> >
> >
> >So, if a request comes from LAN1 (customer1) squid uses the official
> >IP-Adress for LAN1 and if the request comes from LAN2 (customer2) it
> >uses the second official IP-Adress.
> >A possible solution would be to run two different squid-daemons, but in
> >this case they wouldn't use the same cache.
> Why dont you make the first daemon the parent for the other?
> Should solve all your problems...
>
How do I configure two different squid-daemons on a Suse 6.0? Is it enough
to generate two different squid.conf-files ?
Best regards, Dietrich (privat)
------------------------------
From: Mick <[EMAIL PROTECTED]>
Crossposted-To:
alt.comp.hardware.pc-homebuilt,comp.os.ms-windows.networking,comp.os.ms-windows.misc
Subject: Re: Sharing NetZero on home network?
Date: Thu, 22 Jul 1999 09:20:47 +1000
There are a few that will do the job - I use wingate and it doesn't need a
static IP. The other two I know of is made by Sygate and Viacom - I believe
it is a similar deal.
http://www.wingate.com
http://sygate.com
Vikas Agnihotri wrote:
> Assuming I install Ethernet cards, hub, etc for a home network, how do I
> share my NetZero Internet access among all the PCs?
>
> From what I know about all the Internet-share products out there, they
> require a specialized dial-up ISP account with a static IP address, etc.
> With NetZero, I dont have control over any aspect of DUN. I just click
> on the NetZero icon and it does the rest. I get a dynamic IP address
> each time.
>
> As usual, if I bind my Ethernet cards to the private 192.168.x.x
> network, how will they access the dynamic IP address bound to the TCP/IP
> stack? I'm confused...
>
> Any experiences appreciated.
>
> Thanks,
> Vikas
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
------------------------------
From: Chris Mahmood <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: Strange reboot...
Date: 21 Jul 1999 13:56:20 -0700
that is odd...could the UPS be buggy?
-ckm
------------------------------
From: Warren Young <[EMAIL PROTECTED]>
Crossposted-To: comp.sys.next.sysadmin
Subject: Re: Local IP addresses
Date: Wed, 21 Jul 1999 18:00:20 -0600
[EMAIL PROTECTED] wrote:
>
> If they aren't "on the Internet", they don't need to route. Netmask would be
> 255.255.0.0 if you're using the full unroutable class B space (subnet if you
> like); broadcast addr would be 192.168.255.255.
That'd be correct if 192.168 was a class B address, but it isn't. The
192.168.x blocks are all class C. The class B unroutable/private blocks
are 172.{16-31}. The netmask for simple class C networks is, of course,
255.255.255.0.
--
= Warren -- See the *ix pages at http://www.cyberport.com/~tangent/ix/
=
= ICBM Address: 36.8274040 N, 108.0204086 W, alt. 1714m
------------------------------
From: "Dimitris Andrakakis" <[EMAIL PROTECTED]>
Subject: Re: Win98(Server) -> Linux(Client), Suggestions???
Date: Thu, 22 Jul 1999 03:02:06 +0300
Same here... I've got WinGate 2 installed for >6 months and works
fine.
I am trying to figure out how to get my Linux box dial automatically
via diald (done that) and offer the ppp connection to the other Win 9x
machines -I think that's called IP forwarding, but have'nt made it so far.
Till then, Wingate is ok. All you do from the linux is point you www / ftp
/ anything software to Win from the proxy options.
If you need more explanations, let me know.
Dimitris
Scott Fleming wrote in message
<05Vj3.3965$[EMAIL PROTECTED]>...
>I'm running my Win98 webserver w/ a 1-way cablemodem connection. I have my
>redhat box going through the win98 machine to the internet, and can use
>netscape in Linux to cruise the web.
>
>Install Wingate on your windows machine, and proxy to the windows machine
to
>gain access to the internet.
>
>I realize this is backwards to what the Linux community reccomends, but
I've
>tried numerous attempts to get the internal cablemodem working, to no
avail.
>I'd love to have my linux machine performing it's native abilities, but I'm
>still new and for now this setup suits me fine until I learn the ways of
the
>penguin.
------------------------------
From: "Cowles, Steve" <[EMAIL PROTECTED]>
Subject: Re: Another IPChains Question :)
Date: Wed, 21 Jul 1999 18:25:42 -0500
Charlie,
Without knowing anything about "MUD" except what you mentioned, (port 5000)
you probably need to take a look at "ipmasqadm" which will accomplish what
you are wanting, unless MUD acts like ftp (dual connections).
I am currently using "ipmasqadm" to access an Exchange server sitting on my
local LAN behind the linux box which is also configured with IPCHAINS for
internet access. I currently access ports 80 and 110. I have included a
cut/paste from shell scripts that I developed with relevant info that should
help you get started in the right direction.
NOTE: RH6.0 comes with the required modules needed for ipmasqadm operation,
but for some reason they did not include the ipmasqadm command <groan>. You
will have to download and compile ipmasqadm.
Hope this helps
Steve Cowles
<cut/paste from script I developed for my site>
# =========================================================
# Add additional support for autofw, mfw and portfw
# =========================================================
# ${MODPROBE} ip_masq_autofw
# ${MODPROBE} ip_masq_mfw
${MODPROBE} ip_masq_portfw
# =========================================================
# =========================================================
# Port Forwarding Settings (external to internal IP/ports)
# =========================================================
if [ -x ${IPMASQADM} ] ; then
#Flush current entries
${IPMASQADM} portfw -f
# ${IPMASQADM} autofw -f
# ${IPMASQADM} mfw -f
# Port forward entries for www and pop3
${IPMASQADM} portfw -a -P tcp -L ${EXT_IP} 80 -R ${EXCH_IP} 80
${IPMASQADM} portfw -a -P tcp -L ${EXT_IP} 110 -R ${EXCH_IP} 110
fi
Charlie Ghent <[EMAIL PROTECTED]> wrote in message
news:o7ql3.70$[EMAIL PROTECTED]...
> OK, I have mastered the basics of IPChains. I have my linux box up on a
> cablemodem, and I have 3 other PCs (running win98) on the back-end of the
> network, using IPMASQ to get them out to the world. All is golden.....
>
> Now comes the snake in the garden - I used to run an aberMUD on the linux
> box, and have now resurrected it from the dead. It is up and running, and
I
> can access it without any problem from inside the network, or as a logged
on
> user to the linux box. From external sites, I can telnet, ftp, http, etc
to
> my linux box without any problems. The MUD on the other hand uses port
> 5000.... as I said, from the internal network, I can telnet to port 5000
on
> the linux box and it works great. From external sites, I get a connection
> refused and cannot connect to the MUD.
>
> I have used all sorts of combinations of IPChains to try and open port
5000
> on eth0, and when I run IPChains -L, I see the rules that say it should be
> accepting inputs from any site and allowing them to my port 5000, and also
> the output rule that says from port 5000 to any site.... but it still
> doesn't work.
>
> Here is the basic gist of the lines I have been running to open the port:
>
> ipchains -A input -j ACCEPT -i eth0 -p tcp -s 0.0.0.0/0 -d <my machine ip
> address>/32 5000
> ipchains -A output -j ACCEPT -i eth0 -p tcp -s <my machine ip address>/32
> 5000 -d 0.0.0.0/0
>
> Any takers? :)
>
> Thanks in advance for your help.
>
> Charlie
>
>
------------------------------
From: Warren Young <[EMAIL PROTECTED]>
Subject: Re: Firewall to protect servers
Date: Wed, 21 Jul 1999 18:10:40 -0600
Greg Leblanc wrote:
>
> I'm going to have a DSL install at my home soon, and was wondering what
> people had for recomendations on how to set up a firewall/router on a
> Linux PC.
There are scripts at the site linked below that do this job for me at
home and at work every day. Just set the "default gateway" parameter of
the boxes inside the firewall to point to the Linux box and you're set.
Oh, and you'll also need to set up a caching DNS server.
The best part about the scripts (aside from the fact that they're as
free as air) is that they're well-commented, so you can evaluate and
modify them easily.
Good luck,
--
= Warren -- See the *ix pages at http://www.cyberport.com/~tangent/ix/
=
= ICBM Address: 36.8274040 N, 108.0204086 W, alt. 1714m
------------------------------
From: "Brady" <[EMAIL PROTECTED]>
Subject: PPP disconnects after a while with diald
Date: Wed, 21 Jul 1999 23:39:25 GMT
Is this truly a remote disconnect or is there a problem on my end??
Jul 20 23:49:36 router pppd[1446]: Hangup (SIGHUP)
Jul 20 23:49:36 router pppd[1446]: Modem hangup
Jul 20 23:49:36 router pppd[1446]: Connection terminated.
Jul 20 23:49:36 router pppd[1446]: Exit.
Jul 20 23:49:37 router diald[106]: Link died on remote end.
Jul 20 23:49:42 router diald[106]: Running connect (pid = 2691).
Thanks,
Brady
I'm using slackware 3.6 with stock ppp and diald 0.16
------------------------------
From: "Dimitris Andrakakis" <[EMAIL PROTECTED]>
Subject: Re: Linux NFS driver for Win9x ?
Date: Thu, 22 Jul 1999 02:47:37 +0300
Hi there,
I found the Interdrive 95
client disk somewhere
on the net. Think it's just
what you need.
Dou want me to send it
(via e-mail) ?
Dimitris
Robert wrote in message <01bed0c5$a80cd2e0$67128ea1@wpng-pc>...
>
>Hello,
>
>Anywhere can I get NFS driver for window-9x ?, ... I mean GNU version.
>( hmm,, I don't plan to implement samba services )
>
>Thank in advance.
------------------------------
From: "Dimitris Andrakakis" <[EMAIL PROTECTED]>
Crossposted-To: aus.computers.linux
Subject: Re: My Diald Woes. It must work. Help.
Date: Thu, 22 Jul 1999 03:30:31 +0300
Hi,
Ok I'm not the super-experienced kind of
linux guy... but I've set up my diald (after
a lot of effort & reading) to work.
Don't know about the packets but for
the constant dial thing I suppose that
yes, that's what diald is there to do.
You can edit diald.conf (man diald)
to change various time limits for
hungup / dial.
A wild guess for the packets: Check
rc.config for a "start routed=yes" and,
if there, change to "no".
Dimitris
------------------------------
From: "TURBO1010" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.hardware,alt.os.linux,alt.linux.sux,alt.linux,alt.os.linux.caldera
Subject: dhcpd
Date: Wed, 21 Jul 1999 16:44:38 -0700
Help, I can't start dhcpd.
This is what I get right now when I try to start dhcpd
[root@comp1 juan]# Listening on Socket/eth1/192.168.1.0
Sending on Socket/eth1/192.168.1.0
No subnet declaration for eth0 (209.203.123.110).
dhcpd: exiting.
------------------------------
From: Leonard Evens <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: Strange reboot...
Date: Wed, 21 Jul 1999 19:26:59 -0500
Antonio Santos wrote:
>
> Dear all
>
> I was outside my faculty during a few days to install a linux box
> in another department (with a NT network, so it took me a few days...)
> While I was logged in as a user I spotted a shutdown at 9:00PM on Monday.
> All the users in this box were gone for holidays, and the last login
> was at 8:00PM from a friend who was with me at that moment. We run
> a firewall at the faculty, but I've set up all the possible (?) security
> configurations I know (no unecessary daemons, tcp wrappers, etc). This
> linux box is connected to an UPS, and the shutdown was smooth (no
> devs uncleanly unmounted). I've looked up the logs but apparently nothing
> strange happened. The strange thing is, if it was a power failure, all
> the winboxes that are in my subnetwork should have the passwd dialog
> in (after rebooting). Is it possible for the kernel to reboot
> spontaneously? The box was running for several months and I've noticed that
> the pids were getting higher and higher...
>
> Should I suspect from an attack (kind of DOS) or an installed rootshell?
> (and no, I didn't install tripwire :-( )
>
> Thanks in advance
>
> Antonio Santos
>
> ------------------ Posted via SearchLinux ------------------
> http://www.searchlinux.com
One possibility is that the computer shut down because the
power supply was overheating. I would expect there to be
some information in the UPS logs---assuming you have software
to monitor the UPS on the computer. But it is at least
worth considering. See if the fan moves freely. When the
fan binds, the power supply overheats and shuts itself off.
--
Leonard Evens [EMAIL PROTECTED] 847-491-5537
Dept. of Mathematics, Northwestern Univ., Evanston, IL 60208
------------------------------
From: "Dimitris Andrakakis" <[EMAIL PROTECTED]>
Subject: Re: starting PPP
Date: Thu, 22 Jul 1999 03:40:36 +0300
Geia xara Kosta,
Mipws se voithisei to ifconfig ?
Dimitris
Kostis Mentzelos wrote in message <[EMAIL PROTECTED]>...
>Hi all,
>I am writing a very small application that connects to my isp using my
modem
>and downloads
>my mail.
>But I don't know how to find the ppp connection that I have started.
>My computer is used for dial in services to. So how can I find out which
ppp
>connection I am using? ppp0, ppp1 ....
>
>Kostis Mentzelos.
>
>
------------------------------
From: James Rogers <[EMAIL PROTECTED]>
Subject: FOR THE LOVE OF GOD
Date: Thu, 22 Jul 1999 01:40:56 +0100
i have sorted the file permission w/ pppd but ever time i run linuxconf
it changes
it back so users can't even run that
but i can't even "open" the modem
i have no idea why this is since i have had it all working fine before
last time i
had it installed(i got a bigger harddrive)
i would like to know how to change the hardware acess manually (ie which
files
contain the relevent stuff)
--
ur dead but the world keeps spinning
------------------------------
From: Warren Young <[EMAIL PROTECTED]>
Subject: Re: getty dialin respawning - HELP!
Date: Wed, 21 Jul 1999 18:05:33 -0600
David Lewis wrote:
>
> Jul 20 12:37:32 cedar login[135]: invalid password for `UNKNOWN' on
> `ttyS0'
> Jul 20 12:37:44 cedar last message repeated 4 times
> Jul 20 12:37:44 cedar login[135]: REPEATED login failures on `ttyS0'
>
> It looks like it's getting garbage from the modem or something. I had
> this modem
> plugged into a serial port on another Linux machine that died. The
> settings on the
> modem haven't been changed. I'm out of ideas. Somebody help!
If it's trying to process a login, then your DTR/DCD settings aren't
correct. For many modems, you set this with either at&f0 or at&f1, and
then write that to NVRAM with at&w. Especially helpful are the &c1 and
&d2 settings.
Personally, though, I use mgetty, which doesn't depend on modem control
lines. It just waits for the RING string.
--
= Warren -- See the *ix pages at http://www.cyberport.com/~tangent/ix/
=
= ICBM Address: 36.8274040 N, 108.0204086 W, alt. 1714m
------------------------------
From: Mike Michaud <[EMAIL PROTECTED]>
Subject: SNMP sub-agent support needed
Date: Wed, 21 Jul 1999 19:57:46 -0400
I need to build an SNMP sub-agent to manage some hardware. Is there any
libraries available that I can link with that allows SMUX protocol
communication with the master agent. Any tips or pointers would be much
appreciated.
------------------------------
From: [EMAIL PROTECTED]
Subject: ip forwarding & kernel
Date: Thu, 22 Jul 1999 00:50:05 GMT
hello,
I have been trying to setup a linux firewall. It is a RH 6.0 box with 2
3c509 NICs. One nic has been assigned an ip from our isp, and the other
has a 192.168.x.x address assigned to it. I have been trying to get
ip_masquerading and ip_forwarding to work.
I used make menuconfig to choose the appropirate options for
firewalling, making sure that they were to be compiled into the kernel,
and not as modules. I then did a make dev, a make clean,a make bzdisk,
a make modules, and finally a make modules_install. I boot from the
newly created floppy, but it looks as if none of my changes were done.
This is my first attempt at rebuilding the linux kernel, and am afraid
I'm doing something wrong. I've read all the appropriate HOWTOs.
Questions: Is there something I missed in the compile process? What is a
sure-fire way of telling if ip_forwarding/masquerading are compiled into
the kernel?
Any help much appreciated,
Mark Lichtenberg
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
