Linux-Networking Digest #969, Volume #11 Thu, 22 Jul 99 02:13:36 EDT
Contents:
Cobalt Qube 2 Windows file sharing partial failure: share of "admin"-accessible
files works, but nothing else does (Lucius Chiaraviglio)
automount (amd) maps for RedHat 5.2 -- what do they look like? (Bill Janssen)
Routing Shiva through a Linux box/ 2DNS same machine (Mishou)
Re: Squid + News = Problem ("Gero H. Marten")
Re: QuickTime 4 streams through linux router/firewall ("Eli Beit-Zuri")
Anyone using ARK 10/100 cards ?
Re: diald on RedHat 6.0 (Paul Marchildon)
Re: dhcpd ("TURBO1010")
Re: nfs && "svc: unknown version" and "svc: unknown program..." error on RH6.0
(Rachael Ludwick)
Linux mgetty/pap dialin (Tim Peeler)
Re: netscape ("Gero H. Marten")
Sendmail or ?? ("Dave")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Lucius Chiaraviglio)
Crossposted-To: comp.os.ms-windows.nt.admin.networking,comp.protocols.smb
Subject: Cobalt Qube 2 Windows file sharing partial failure: share of
"admin"-accessible files works, but nothing else does
Reply-To: [EMAIL PROTECTED]
Date: Thu, 22 Jul 1999 02:49:55 GMT
[Apologies for the repost. After 1 day, this message doesn't seem to
have shown up on my news server, even though the other message I
posted at almost the same time did, along with a reply. I think
attempting to post to the apparently dead newsgroup linux.samba killed
my first attempt at this post.]
I am definitely a linux newbie and only sort of expert with
Windows NT, but I have run into a stumper that has the Cobalt Networks
technical support people stumped (and they've been working on this for
2 days -- got to give their technical support people credit for
being willing to spend time with the customer, even if they are
a little hard to get a hold of):
At the places I work -- San Luis Obispo, CA and
Emeryville, CA -- we have a Cobalt Qube 2 at each site acting as a
web/ftp/e-mail/file/DNS/DHCP/WINS server and network address
translator, with several Windows NT 4.0 clients (and in the case
of San Luis Obispo, also Windows 95 and Windows 98 clients). The
problem we are having is that when I try to do the following at our
San Luis Obispo site, it always gives the error message "incorrect
password or unknown username for:" / {Qube 2 network name}, even
though I just put in my correct user name and password. I can confirm
that my user name nd password are correct because I am able to use FTP
to get to my files. In contrast, if I log in as "admin" with the
appropriate password, I can get to "admin"-accessible files without a
hitch. Not only that, but at our Emeryville site, I have no such
problem with user files either. It makes no difference what my
Windows NT user name and password are. The same thing happens with
Windows NT 4.0 SP3, SP4, and SP5, and with Windows 95 SP1 (with the
difference that the Windows 95 user name has to be the same as the
Qube user name, because when attempting to access a shared volume, it
only asks for a password, and not a user name). I checked all of the
Qube 2 services in the web-based configuration interface to confirm
that nothing was left out of or set incorrectly set in the
configuration for Windows file sharing, FTP, DNS, and DHCP -- if
something is incorrectly set for one of these services, it must be set
in a part of a configuration file that does not show up in the
web-based interface. I also manually looked inside of /etc/smb.conf,
and although I am not familiar with what does what in this file, I
didn't notice anything obviously strange when comparing these files
from the two systems; however, I don't think it is anything in here,
because the only difference between the files (according to diff) is
the line which specifies the workgroup/domain for the Cobalt Qube 2).
I didn't experiment with manually editing any configuration files,
because this might void the Cobalt warranty, and I am not sufficiently
familiar with linux to know what is safe to edit and what isn't.
To summarize:
Case 1:
1. Log in on Windows NT 4.0 (SP3 -- I may have also tried this
on a machine with SP4, but I'm not sure) in our Emeryville
office.
2. Double-click Network Neighborhood.
3. Navigate until the Cobalt Qube 2 is shown; double-click on it.
4. Enter any valid Cobalt Qube 2 user name (except "root", which
is specifically forbidden) and password combination.
Result: It works -- the files for the user you selected are now
accessible just as if they were on a Windows NT file server.
Case 2:
1. Log in on Windows NT 4.0 (SP3, SP4, or SP5) or Windows 95 SP1
in our San Luis Obispo office. If logging in on Windows 95,
log in as "admin".
2. Double-click Network Neighborhood.
3. Navigate until the Cobalt Qube 2 is shown; double-click on it.
4. Enter "admin" and the Cobalt Qube 2 password for this account
(Windows 95 does not give the opportunity to enter the user
name).
Result: It works -- the files accessible to the "admin" account are
now accessible just as if they were on a Windows NT file
server.
Case 3:
1. Log in on Windows NT 4.0 (SP3, SP4, or SP5) or Windows 95 SP1
in our San Luis Obispo office. If logging in on Windows 95,
log in as a valid Cobalt Qube 2 user other than "admin".
2. Double-click Network Neighborhood.
3. Navigate until the Cobalt Qube 2 is shown; double-click on it.
4. Enter any valid Cobalt Qube 2 user name except "root" or
"admin", and the appropriate password (if using Windows 95,
enter only the password for the Cobalt Qube 2 user name you
used to log into Windows 95).
Result: It never works -- it always claims the user name and password
are incorrect.
Variations I have tried (under Windows NT 4.0 SP4 at our San
Luis Obispo office), with absolutely no effect:
* Make a Windows NT account with the same name and password as
the Cobalt Qube 2 account.
* Change the Windows NT machine's workgroup to be the same as
the workgroup/domain that the Cobalt Qube 2 is in.
* Different Windows NT 4.0 service packs as noted above (not on
the same computer).
* Different computers with the same Windows NT 4.0 service pack.
* Change what (if any) accounts are permitted telnet access into
the Cobalt Qube 2.
I also confirmed that every computer I used is capable of
correctly accessing files on a Windows NT 4.0 SP3 server. On the
subset of these computers that I also tried pinging the Cobalt Qube 2
or accessing it via FTP, ping and FTP also work correctly.
Our networks are configured very similarly, with the following
differences:
1. The domain/workgroup names are different.
2. The outside IP addresses (on the secondary ethernet interfaces
of the Cobalt Qube 2's) are different.
3. The Emeryville office only has 1 Windows NT workgroup, whereas
the San Luis Obispo office has multiple Windows NT workgroups.
4. The Emeryville office has its connection to the outside world
(from the secondary ethernet port of the Cobalt Qube 2)
through an Alcatel DSL 1000 "modem" over DSL service provided
by Pacific Bell; the San Luis Obispo office has its connection
to the outside world (also from the secondary ethernet port of
the Cobalt Qube 2) via an ethernet cable to a hub and/or
router in the office of our local ISP next door.
5. Something unknown in the configuration of the Emeryville
office connection to the outside world causes a reverse DNS
lookup by a remote site to return a CNAME record instead of a
PTR record (according to the sysadmin of the remote site) --
see my accompanying post (about resulting problem) only in
comp.os.linux.networking.
6. The Cobalt Qube 2's differ very slightly as detailed below.
The Cobalt Qube 2 in our Emeryville office (on which things
seem to work properly) is configured with the following software:
Cobalt OS Release 4.0 (original install)
Cobalt Qube2 Update Release 1.0 (original install)
Shell History Patch Release 1.1 (original install)
"RUNNING MFG TESTS" minor bug (original install -- a patch is
available, but not installed here)
The Cobalt Qube 2 in our San Luis Obispo office (on which
Windows file sharing doesn't work right) is configured with the
following software:
Cobalt OS Release 4.0 (original install)
Cobalt Qube2 Update Release 1.0 (added as patch from manufacturer)
Shell History Patch Release 1.1 (added as patch from manufacturer)
Note: Cobalt OS 4.0 on the Cobalt Qube 2 identifies itself (before it
gives the login prompt) as "Cobalt Linux release 4.0 (Fargo)" /
"Kernel 2.0.34 on a mips".
Lucius Chiaraviglio | [EMAIL PROTECTED]
========
To reply to this message, remove the "not at" characters from in front of the
abbreviation of the company name (Advanced CMP Products, Inc.). If you are
seeing this in an e-mail message, it is because I am posting it and e-mailing
it at the same time -- normal e-mail messages from me do not have this feature.
Note: I am trying a new news server -- it seems to work well, but it has a
very short expiration time (1 week for most groups), so I will likely miss your
reply unless you send it by e-mail in addition to posting it.
------------------------------
From: [EMAIL PROTECTED] (Bill Janssen)
Subject: automount (amd) maps for RedHat 5.2 -- what do they look like?
Date: 21 Jul 1999 19:57:38 -0700
I've just installed RH 5.2. I'd like to get amd to work with several
generic NIS maps we maintain around here for automounting on our Suns,
but can't find any documentation on the format of an amd map -- the
amd man page is wonderfully silent about this.
For instance, we maintain one map called auto.tilde, which provides a
mapping of /tilde/username to the actual directory which is the home
directory for that username. I'd like to set up /tilde on my Linux
machine to automount the right directory when /tilde/someuser is
referenced.
Can anyone give me an idea of what the format of an amd `map' is?
Thanks.
Bill
--
Bill Janssen <[EMAIL PROTECTED]> (650) 812-4763 FAX: (650) 812-4777
Xerox Palo Alto Research Center, 3333 Coyote Hill Rd, Palo Alto, CA 94304
URL: ftp://ftp.parc.xerox.com/pub/ilu/misc/janssen.html
------------------------------
From: [EMAIL PROTECTED] (Mishou)
Subject: Routing Shiva through a Linux box/ 2DNS same machine
Date: Thu, 22 Jul 1999 02:59:50 GMT
Hi ,
RH6 working fine doing masq for a 192.168.1.0 network.
I need to access a Shiva VPN Express inside this LAN. (to be exact
192.168.1.54).Using ipmasqadm portfw i was able to redirect www and
mail but for Shiva they said on the manual that I have to
open port udp source port all dest port 2233 for in and out.
Now my question .What's mean "source port all" ? The incoming packets
should come only on some port (2233) .What's mean " dest port 2233 ?
Normaly I would have a connection on a ip on a particular port.That's
mean that some software(a server) is listening ONLY on that port.So
how come "source all " is retranslated on port 2233 and by who ?
By redirecting all the packets for udp I will not be able to answer
DNS on this machine .
Right ?
Also It's possible to have 2 DNS on same machine each on binded to
only 1 card ? The same way that you bind a dhcpd to eth1 ?
Thanx ,
Mihai
------------------------------
From: "Gero H. Marten" <[EMAIL PROTECTED]>
Subject: Re: Squid + News = Problem
Date: Wed, 21 Jul 1999 06:19:27 +0200
Hello Matthias,
how do you read news? Online or do you have a local newsserver, e.g.
INN?
Just an idea: with INN, put the address of the providers newsserver
in your /etc/hosts.
--
Gero H. Marten
<http://www.provi.de/gmarten/index.html>
--
------------------------------
Date: Wed, 21 Jul 1999 21:31:13 -0700
From: "Eli Beit-Zuri" <[EMAIL PROTECTED]>
Subject: Re: QuickTime 4 streams through linux router/firewall
I use ipchains in RH6.0 to masquerade my mac and have set up Apple's RTSP
proxy in the hopes of getting QT4 streams. Afraid I find the solution less
than perfect. Certain QT channels will cause a 'segmentation fault' error
in the proxy program. Some channels will stall when attempting to connect.
Perhaps I need to configure ipchains? I'm hardly an expert here. Any
advice is welcome.
(please cc me at my email address if you respond, thanks!)
Eli
[EMAIL PROTECTED]
> Fortunately for us Apple provided a solution - RTSP proxy for
> UNIX/Linux.
> Get it from http://www.apple.com/quicktime/developers/rtspproxy.html
> Run "make linux" and you'll be all set. Works beautifully :-)
>
> --
> Alex Luchkovsky
> IT Manager
> Earthwatch Expeditions
> http://www.earthwatch.org
>
> DidiDo wrote:
>>
>> Has anyone tried or have experiences with QuickTime 4 streams (audio/video)
>> through a linux router/firewall using ipfwadm (ip_masq)?
>>
>> We use such a router and the clients (w95/w98/Mac's) can't see
>> Quicktime-streams
>> because they cannot connect to QuickTime-servers. They get a: 10061:
>> Connection failed
>>
>> There is some information on the QuickTime-site
>> http://www.apple.com/quicktime/resources/qt4/us/proxy/
>> and I have made some modifications to my ipfwadm-configuration but it
>> doesn't help.
>>
>> I think I have to use the RTP/RTSP protocol (which isn't installed now).
>> Any suggestions, tips?
>>
>> Best regards,
>>
>> Marius
>> [EMAIL PROTECTED]
------------------------------
From: <[EMAIL PROTECTED]>
Subject: Anyone using ARK 10/100 cards ?
Date: 22 Jul 1999 04:24:14 GMT
ARK makes some pretty cheap 10/100 BaseT pci cards that use the realtek 8139A
chipset. Has anyone out there tried these cards in linux?
I'd be using them in redhat 6 boxes.
Thanx,
Art.
------------------------------
From: Paul Marchildon <[EMAIL PROTECTED]>
Subject: Re: diald on RedHat 6.0
Date: Thu, 22 Jul 1999 01:11:13 -0400
I see that you have been inundated with eager help. So have I.
I have gotten diald to work after sorts on redhat 6.0. The main problems
I think I was having were the compile--I ended up modifying the Makefile
file to set compile for libc.so.5 and no tcp wrappers--and the use of
ipchains/masquerading.
The README.masq file gives, I believe, bad advice. If you create
chaining/masquerading rules in the addroute file, diald will not
work--at least, not for me. What I did was this: created a link to the
file that should be the /etc/resolv.conf file during my internet
connection in the addroute file. (This may be irrelevant to you if your
computer is not on a lan.) The ipchain rules are set by calling a script
which is called from the ip-up script. Undoing is in reverse order.
diald.conf includes the defaultroute and dynamic setting.
Hope this helps. It works, more or less, but has to be refined, so it
won't hang up when I'm reading a webpage. I seem to be having the remote
hang up on me a lot too. This doesn't happen when I am not using a
proxy.
Jim Werkowski wrote:
> Has anyone got diald to work in RedHat 6.0? I've used it OK on a few
> RedHat 5.2 installs, but I can't get it to fly in 6.0.
------------------------------
From: "TURBO1010" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.hardware,alt.os.linux,alt.linux.sux,alt.linux,alt.os.linux.caldera
Subject: Re: dhcpd
Date: Wed, 21 Jul 1999 21:55:30 -0700
Anyone who uses DHCPD with dual nic's, can you tell me how you did it. I
can't start the dhcpd server, it used to work with one card, now that I have
2, it won't work. I only want dhcpd to assign addresses to eth1.
This is what I get right now when I try to start dhcpd
[root@comp1 juan]# Listening on Socket/eth1/192.168.1.0
Sending on Socket/eth1/192.168.1.0
No subnet declaration for eth0 (209.203.123.110).
dhcpd: exiting.
------------------------------
From: [EMAIL PROTECTED] (Rachael Ludwick)
Subject: Re: nfs && "svc: unknown version" and "svc: unknown program..." error on RH6.0
Date: Thu, 22 Jul 1999 04:33:46 GMT
<snip>
>I've had to set a 'vers=2' option on the fstab or automounter map to fix
>this. If you have both linux machines, and SunOS machines on the same
>map this won't work since mount of Linux doesn't know 'vers=2' instead
>'nfsvers=2'
But you could have different maps, right? (I'm still trying to figure
out how nfs and automounting work.)
BTW, thanks!
Rachael
------------------------------
From: Tim Peeler <[EMAIL PROTECTED]>
Subject: Linux mgetty/pap dialin
Date: Thu, 22 Jul 1999 05:41:55 +0000
Ok, Here's the scenario:
My brother brings home a computer. Linux doesn't have the proper
scsi drivers for his controller (compaq onboard who knows what)
so I have to install win95 (build A). I get his nic card (compaq
netflex???) recognized and working under windows. I then connect
his computer to mine via my 3com netflex 3c905b. After about a
day of looking through docs I find out I need either a hub or I
need to cut my rj45 up and cross the TX/RX lines.... Well, I
decide not to do either (just yet...)
So, then I decide well I'll just use direct serial->serial ppp
right? So I get the proper win95 null modem driver and setup
mgetty on my digiboard ports ttyD1-ttyD7 (digiboard Pc/8 module
pcxx, btw my modem on port ttyD0 works fine and I can dialout
to my isp). I then grab my null modem cable (or so I think)
and connect my digiboard ttyD1 to his ttyS0(com2). Speed for
both the ports are at 115200bps. The first problem with this:
mgetty doesn't want to spawn pppd for a pap/chap connection:
<--/etc/mgetty+sendfax/login.config--snip
/AutoPPP/ - a_ppp /usr/sbin/pppd -detach name ghoti auth -chap +pap\
ms-dns ghoti
* - - /bin/login @
--snip-->
<--/etc/inittab--snip
D1:2345:respawn:/sbin/mgetty -r -s 115200 ttyD1
--snip-->
<--/etc/ppp/options.ttyD1
ghoti:slip1
asyncmap
netmask 255.255.255.0
lock
crtscts
login
-->
<-- /etc/hosts
127.0.0.1 localhost localhost.localdomain
128.0.0.0 ghoti
128.0.1.1 slip1
128.0.1.2 slip2
--snip-->
so what do I do? I just bring up a terminal after dialing in from the
win95 computer, enter the name and password, then:
exec /usr/sbin/pppd -detach ghoti:slip1 asyncmap netmask 255.255.255.0
\
lock crtscts login ms-dns ghoti
when i do that the connection procedes properly and windows gets the
ip address of 128.0.1.1 ghoti is 128.0.0.0, the dns server that
win looks for is ghoti(128.0.0.0) the routing table for windows looks
fine and so does the routing table for linux, but I can't ping one
box from the other. So I'm thinking that It might be a routing
problem.
I'm looking all over the place for information and it looks like I've
got the routing info setup right, so then I get to thinking that it
could be possible that my null modem cable isn't really a null modem
cable and just a cheap knockoff. Sooo I guess the questions are:
Can I use xon/xoff with the cable to get win95 and linux to talk
or do I just need to go ahead and get a hub and another rj45?
Also, since I still want to allow pap/chap logins from ttyD* how
would I go about forcing mgetty to execute my autoppp?
Tim
Debug msgs:
<-- /var/log/mgetty.log.ttyD1
07/21 23:38:02 yD1 mgetty: experimental test release 1.1.14-Apr02
07/21 23:38:02 yD1 check for lockfiles
07/21 23:38:02 yD1 locking the line
07/21 23:38:02 yD1 WARNING: DSR is off - modem turned off or bad
cable?
07/21 23:38:02 yD1 lowering DTR to reset Modem
07/21 23:38:03 yD1 waiting...
07/22 00:39:04 ##### failed dev=ttyD1, pid=2584, got signal 14,
exiting
-->
------------------------------
From: "Gero H. Marten" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.x
Subject: Re: netscape
Date: Thu, 22 Jul 1999 06:46:20 +0200
> I use netscape (4.5) under linux. When I click on a mailto-tag, netscape
> close itself automatically. Why?
A known bug in NS 4.5
> What is the solution?
Update to NS 4.6 or in the meantime first open messenger and then
the browser.
--
Gero H. Marten
<http://www.provi.de/gmarten/index.html>
--
------------------------------
From: "Dave" <[EMAIL PROTECTED]>
Subject: Sendmail or ??
Date: Thu, 22 Jul 1999 01:48:08 -0700
Greetings all-
I'm looking for an email program for a network. I'm a little uneasy about
installing Sendmail due to the security risks. I hear qmail is easy to
configure and is nice-n-secure.
Any thoughts, comments would be appreciated.
-D
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
