Linux-Networking Digest #985, Volume #11 Fri, 23 Jul 99 15:13:41 EDT
Contents:
Re: Port listings (Dustin Puryear)
Re: linux proxy server (Dustin Puryear)
Re: High load average, low cpu usage when /home NFS mounted (Paul Kimoto)
cannot open daytime server socket for local host (Wlmet)
IP Masquerade: Configuration of Kernel Problem ([EMAIL PROTECTED])
assemble and send raw ethernet packets (Russ Gritzo)
Re: PPP Server Problem - Log file snippets attached (Clifford Kite)
ipchains, squid and socks5 ([EMAIL PROTECTED])
Re: Block specific IP with ipchains? ("Holger van Koll")
Re: Diald goes up every 4-5 min? ("Holger van Koll")
Re: RedHat 6.2 (Roy Grimm)
Re: LINUX: AOL howto? (Dustin Puryear)
Re: samba (Monte Phillips)
IP masquerading/firewalling with a Sparc running Linux? (Roy Grimm)
Re: Remote Printing and RedHat 6.0 ([EMAIL PROTECTED])
Re: Cable internet (John Strange)
Re: enforcing speed limits with IP masquerade ("Holger van Koll")
Need help with Linux Firewall problem (Brad Greig)
Re: RedHat 6.2 ("Franky Ostyn")
Re: samba ("Rut")
Cannot use IPX over PPP between Linux hosts (Jurrien)
Re: assemble and send raw ethernet packets ("Holger van Koll")
Re: dhcp and dns ("Holger van Koll")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Dustin Puryear)
Subject: Re: Port listings
Date: Fri, 23 Jul 1999 15:51:55 GMT
On Thu, 22 Jul 1999 22:33:04 GMT, "pg" <[EMAIL PROTECTED]> wrote:
>
><[EMAIL PROTECTED]> wrote in message news:7n7v6j$527$[EMAIL PROTECTED]...
>> Does anybody know where I can find a listing of all the ports and
>> services that are used? I know http uses port 80 and telnet is port 23,
>> I think. Thanks in advance.
>>
>>
>> Sent via Deja.com http://www.deja.com/
>> Share what you know. Learn what you don't.
>------------------------------------------
>
>You can find them all at:
>
>http://www.isi.edu/in-notes/iana/assignments/port-numbers
>
>keep in mind that these are assigned ports - people don't always play by the
>rules....
Another good place to start is /etc/services.
---
Dustin Puryear
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Dustin Puryear)
Subject: Re: linux proxy server
Date: Fri, 23 Jul 1999 15:53:32 GMT
On Fri, 23 Jul 1999 00:51:52 GMT, [EMAIL PROTECTED] wrote:
>why can't i find anyone else who is in the same prediciment?
>
>all i want is to set up a proxy server for internet access with
>RH linux 5.2 does anyone else know how to do this or know
>of any place where i find anything about it which is written
>in plain english?
Download squid. It's easy as 1-2-3.
---
Dustin Puryear
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Paul Kimoto)
Crossposted-To: comp.os.linux.misc,comp.os.linux.development.system
Subject: Re: High load average, low cpu usage when /home NFS mounted
Date: 23 Jul 1999 11:14:16 -0500
Reply-To: [EMAIL PROTECTED]
[posted and e-mailed]
In article <[EMAIL PROTECTED]>, Ole Jacob Taraldset wrote:
> The
> /home partition is NFS mounted from [an?] SGI. When I take a look at cpu
> usage i kpm/qps most of the cpu is idle (~85%), but load average reports
> around 2. Isn't load average a function of cpu usage (only, mostly)? Can
> it be that some process is running, but not showing in ps/top/kpm? I
> feel that the system response has been reduced quite a bit after
> upgrading to RedHat 6.0.
The proc(5) man page says
loadavg
The load average numbers give the number of jobs in
the run queue averaged over 1, 5 and 15 minutes.
Processes waiting for (slow NFS) disk operations would be in the run
queue, but not necessarily consuming much CPU.
Have you tried tweaking the NFS mount options to try to get better
performance?
--
Paul Kimoto <[EMAIL PROTECTED]>
------------------------------
From: [EMAIL PROTECTED] (Wlmet)
Subject: cannot open daytime server socket for local host
Date: 23 Jul 1999 16:29:47 GMT
Using Slackware I cannot open the daytime server socket.
For example the command
telnet localhost 13
gives me connection refused, but
telnet localhost
will open a connection.
------------------------------
From: [EMAIL PROTECTED]
Subject: IP Masquerade: Configuration of Kernel Problem
Date: Fri, 23 Jul 1999 14:25:31 GMT
Hi.
I'm setting up an IP Masquerade with RedHat Linux 6.0. Right now, I'm
reconfiguring the Kernel and going through the Y/N options in the HOWTO
document...but some of the options are nowhere to be found. The HOWTO
says "Not all options will be available without the proper kernel
patches described later..." but I can't find that description. Does
anyone know what those patches are? The kernel version is 2.2.5-22.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Russ Gritzo <[EMAIL PROTECTED]>
Subject: assemble and send raw ethernet packets
Date: Fri, 23 Jul 1999 10:36:55 -0600
Hi.
I need to be able to assemble and send raw ethernet packets out. This
is for legit purposes, trying to control a data acquisition instrument
that has no IP addr, only MAC addr. Windoze uses a SNAP dll, but I
would like to try and build packets up byte-by-byte and send them out.
Have looked at some source for things like ping but all seem to be at
too high a level.
Any drivers, example code, or doc's that would help?
r.
--
/**************************************************************************/
Russ Gritzo email: [EMAIL PROTECTED]
Los Alamos National Lab voice: 505-667-0481
Group CST-11, Nuclear and Radiochemistry fax: 505-665-4955
MS J514
Los Alamos, NM 87545
Given the above, it's obvious that pi seconds is a nano-century,
to within a half percent, of course...
/**************************************************************************/
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: PPP Server Problem - Log file snippets attached
Date: 23 Jul 1999 11:39:38 -0500
Ted Wagner ([EMAIL PROTECTED]) wrote:
: I'm attempting to set up a PPP Server to dial into.
: I am able to get the modems to connect, but when my Win95 or Win98
: clients attempt to send a username and password, they are rejected.
You need to configure the /etc/ppp/pap-secrets file with empty passwords,
and provide a fourth field to allow user IP assignment with the mgetty
AutoPPP configuration. "man pppd" for details.
Otherwise add the pppd option debug and look at the link negotiation
log files, usually in /var/log but defined in /etc/syslog.conf . They
should tell the tail of why the PAP authentication is failing.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
------------------------------
From: [EMAIL PROTECTED]
Subject: ipchains, squid and socks5
Date: Fri, 23 Jul 1999 14:39:19 GMT
My configuration:
RedHat 6 with Kernel 2.2.10 (IP-Firewalling, Network firewalls)
eth0 --> 10.0.1.25 (private)
eth1 --> 194.xxx.xxx.xxx (internet)
Squid on port 80
Socks5 on port 1080
Telnetd on port 23
other private networks: 10.0.2.x , 10.0.3x, 10.0.4.x
Squid and Socks5 are working fine, but i want to incrase security by
using ipchains. Need help on how to set up my linux box for best
security. I want also that port 23 is only opened for the private
network.
Any help will be appreciated
Mirko
------------------------------
From: "Holger van Koll" <[EMAIL PROTECTED]>
Subject: Re: Block specific IP with ipchains?
Date: Mon, 19 Jul 1999 21:00:25 +0200
[EMAIL PROTECTED] schrieb in Nachricht <7mtekk$a2c$[EMAIL PROTECTED]>...
>I am on a corporate network with 5 of my buddies
>running redhat 6.0. At times someone will
>occasionally export DISPLAY=<my IP> and launch
>xsnow or xmelt or something. I want to be able to
>block all traffic from their IP addressess while
>allowing me to contact them if necessary. I have
>installed ipchains and used the following command
>
>ipchains -A input -s 90.14.153.5 -d 90.14.152.92
>-j DENY
>
>This will not allow connections from 90.14.153.5
>but it also prevents me from contacting that IP
>from my box. I think because I am using one nic
>card instead of the traditional two cards and a
>dedicated firewall server it won't allow traffic
>like I want it to. Is there a way to block
>connections from a specific IP while allowing
>connections to that IP with only one nic card?
I dont know if I understand your problem, but what about
ipchains -A input -y -s 90.14.153.5 -j DENY ?
------------------------------
From: "Holger van Koll" <[EMAIL PROTECTED]>
Subject: Re: Diald goes up every 4-5 min?
Date: Mon, 19 Jul 1999 21:04:09 +0200
rbinning schrieb in Nachricht <[EMAIL PROTECTED]>...
>I have a small home LAN consisting of 1 Linux box (router/print
>server/firewall)
>1 win95 client, and 1Linux terminal used for web and e-mail access.
>Everything works fine except Diald. It is almost to efficient! It seems
>that my windows box pings every 4-5 minutes looking for
>conformation(whats my name and where is my lunch kit!) I use my ISP DNS
>because that is the only way I could get everything to work. According
>to "tcpdump" when win95 calls, the router (Linux) directs diald to make
>the connection. Information is exchanged and win 95 goes home happy? I
>am new to networking so if I over looked the obvious please bear with
>me...
>I am sure if this diald thing keeps up, my wife will have my backs
>packed and set by the door.
>Anytime taken to help would be greatly appreciated...
>Rob
>[EMAIL PROTECTED]
>
disable "use dns for wins-resolution" (or similar) if you dont need it
block packets to ports 137:139 outside the lan:
ipchains -A output -i ppp+ -d 0/0 137:139 -p tcp -j REJECT
ipchains -A output -i ppp+ -d 0/0 137:139 -p udp -j REJECT
if that does not help, log the paket that initiates the dialout
ipchains -I output 1 -i ppp+ -l
and post the output here
of course you should remove that last rule in /etc/ppp/ip-up
------------------------------
From: Roy Grimm <[EMAIL PROTECTED]>
Crossposted-To: be.comp.os.linux
Subject: Re: RedHat 6.2
Date: Fri, 23 Jul 1999 10:32:48 -0500
Tom Pennings wrote:
>
> Is Redhat 6.2 allready available and where...
6.0 just came out not too long ago. I'd bet that 6.2 won't be out for a
while. Try going to http://www.redhat.com and see what kind of
announcements they have.
------------------------------
From: [EMAIL PROTECTED] (Dustin Puryear)
Subject: Re: LINUX: AOL howto?
Date: Fri, 23 Jul 1999 15:42:34 GMT
On 21 Jul 1999 07:14:14 -0500, kite@NoSpam.%�inetport.com (Clifford
Kite) wrote:
>[EMAIL PROTECTED] wrote:
>
>: Actually that may not be the case. In an effort to be a real ISP AOL was
>: running an internet connection service. I don't know if it still available
>: or if it was only a trial run. I will try to find out some more info for you
>: but basically you had to dial a seperate number from the rest of the service
>: and you would log on with your regular AOL screename. However they did make
>: it somewhat software based. I think though there may be ways to get a round
>: it. BUT, you should really get a good ISP, I highly recommend mindspring,
>
>I'll believe Linux over AOL when someone posts from AOL using Linux.
Using a winmodem.
---
Dustin Puryear
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Monte Phillips)
Subject: Re: samba
Date: Fri, 23 Jul 1999 16:51:42 GMT
Ok, here is where to go:
This site has a step by step howto for complete setup of samba. steps
for both linux and the win machine. (and they really work <G>)
http://www.sfu.ca/~yzhang/linux/samba/index.html
and this one as well
http://home.talkcity.com/MigrationPath/maguai/samba.html
These sites singly or in combination are nearly guaranteed to get you
networked.
Brian Leung <[EMAIL PROTECTED]> wrote:
>Thanks. But, can anyone give me some web pages which tell about this topic
>more clearly?
>
>VBF-Ratingen GmbH wrote:
>
>> Brian Leung schrieb:
>> >
>> > Hi,
------------------------------
From: Roy Grimm <[EMAIL PROTECTED]>
Subject: IP masquerading/firewalling with a Sparc running Linux?
Date: Fri, 23 Jul 1999 12:28:13 -0500
I'm working steadily towards getting my home network set up and I'm
finding myself at a point where I have to make some strategic planning
decisions.
I don't yet have a DSL/cable modem connection to the internet yet, but
will when they become available in my area. (within 6 months, based on
how fast things are progressing in the neighborhoods around me) In the
mean time, I'm in the process or setting up my Sparc station with
Linux. Ideally, I would like to have this Sparc play the role of IP
masquerading server that bridges my home network to the internet. From
a hardware perspective, I've got what is needed. I have plenty of space
to add a second ethernet adapter to the Sparc box, connecting one to the
internal network and the other to the DSL or cable modem. The big
question remains: How well do the IP masquerading components of the
2.2.x kernel run on a Sparc?
I didn't see anything in the IP Masquerade mini HOWTO that said it's
specific to the x86 platform. Has anyone used a Sparc station to fill
this role before? If so, can you offer some sage advice to someone who,
while well seasoned administrating Intel hardware, is relatively new to
the administration side of the Sparc world?
Thanks for your time,
Roy Grimm
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Remote Printing and RedHat 6.0
Date: Fri, 23 Jul 1999 16:56:01 GMT
I've seen this question posted in various spots, and I'm currently
running into the problem myself. Currently, my workaround is to spool
from remote print servers to the primary print server using Samba. I've
tinkered with modifying permissions on the spool directories, but to no
avail. I'd forward the question to Red Hat support if I knew where to
send it.
Regards,
Glenn
In article <7n53a3$3tt$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] wrote:
> I have several linux boxes running file and print services. I have
> remote printing setup so that print jobs destined for the one of the
> other networks goes to the local server, then to other network server,
> and finally it is sent to the printer.
>
> My problem is that I recently upgraded one of the servers to RedHat
6.0
> and now it no longer accepts remote print jobs. Here are the error
> messages:
>
> lpd[18145]: Can't create temp cfp file
> lpd[18145]: w_engineer: can't scan /var/spool/lpd/w_engineer
>
> Is this a bug with the lpd? I've noticed that this was listed as bug
on
> the Debian bug list when doing a www.deja.com search. Does anybody
know
> what I can do to fix this?
>
> Thanks
> James Hubbard
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (John Strange)
Subject: Re: Cable internet
Date: 23 Jul 1999 17:29:01 GMT
Cablem modem information stites
http://luau.hi.net/howtos.shtml
http://www.lugor.org/roadrunner/answers.html
http://www.ecst.csuchico.edu/~mcumings/cablemodem/
http://edge.fireplug.net
http://larkin.nuclearwinter.com/rros2/LoginSoftware.html
http://members.home.com/nickoljt/networking.html
http://members.home.net/adaviel/Upgrade.html
http://metalab.unc.edu/LDP/HOWTO/mini/Cable-Modem.html
http://people.qualcomm.com/karn
http://rlz.ne.mediaone.net/linux/
http://smaug.fammed.ohio-state.edu/shane/rr/
http://sunsite.unc.edu/LDP/HOWTO/mini/Cable-Modem.html
http://usmcug.usm.maine.edu/~kpesce/rr/
http://www.aa.net/~swear/pedia/modems.html
http://www.cablemodeminfo.com
http://www.linuxhq.com/HOWTO/mini/Cable-Modem.html
http://www.monmouth.com/~jay/Linux/
http://www.vortech.net/rrlinux/
PS:
When you post, supply the Distribution and release level as
as a minimum. Exampe: Slackware 3.5, Redhat 6.0, .....)
Steven de Jong ([EMAIL PROTECTED]) wrote:
: Can anyone help me setup my internet in linux?
--
While Alcatel may claim ownership of all my ideas (on or off the job),
Alcatel does not claim any responsibility for them. Warranty expired when u
opened this article and I will not be responsible for its contents or use.
------------------------------
From: "Holger van Koll" <[EMAIL PROTECTED]>
Subject: Re: enforcing speed limits with IP masquerade
Date: Mon, 19 Jul 1999 21:06:17 +0200
Christos Karras schrieb in Nachricht <[EMAIL PROTECTED]>...
>I'm sharing my cable modem Internet connection with 3 computers using IP
>masquerade with kernel 2.2.3. I'm trying to set a speed limit to share
>the bandwidth between the 3 computers equally. Is there a way to do
>that? And would it be possible to have a lower limit for uploading to
>the internet? (because my modem is slower for uploading than
>downloading)
>
read the kernel-docs about traffic-shaper
------------------------------
From: [EMAIL PROTECTED] (Brad Greig)
Subject: Need help with Linux Firewall problem
Date: Fri, 23 Jul 1999 16:25:41 GMT
Reply-To: [EMAIL PROTECTED]
I am going to be setting up a network using Redhat 6.0 as a firewall.
I will have a T-1 and a Cisco 2500 router. I have been planning on
using a private network scheme (192.168.1.x) but will also need some
of the computers inside the firewall to be configured to be accessed
from the internet. (Mail server, web server, ftp server, etc....) I
have only one subnet internally, and have a full class C of internet
addresses. Can I configure the firewall to forward packets from the
internet to a server on our private network, and back out using one of
our assigned ip addresses? What setup should I go with, and can I
tell Linux to do this? Any help would be greatly appreciated...
Brad
------------------------------
From: "Franky Ostyn" <[EMAIL PROTECTED]>
Crossposted-To: be.comp.os.linux
Subject: Re: RedHat 6.2
Date: Fri, 23 Jul 1999 19:53:56 +0200
Tom Pennings <[EMAIL PROTECTED]> wrote in message
news:7n96hk$dft$[EMAIL PROTECTED]...
| Is Redhat 6.2 allready available and where...
|
Not RedHat will shortly be available in version 6.2 but S.u.S.E. 6.2 !
Just look at their site www.suse.de/e
------------------------------
From: "Rut" <[EMAIL PROTECTED]>
Subject: Re: samba
Date: Fri, 23 Jul 1999 10:12:45 -0700
http://home.talkcity.com/MigrationPath/maguai/samba.html
Brian Leung wrote in message <[EMAIL PROTECTED]>...
>Thanks. But, can anyone give me some web pages which tell about this topic
>more clearly?
>
>VBF-Ratingen GmbH wrote:
>
>> Brian Leung schrieb:
>> >
>> > Hi,
>> > I have edit the smb.conf file with workgroup=home1 which is the domain
>> > name of my NT server. I can see my linux on the network neighborhood in
>> > NT. When I click it, it asks me to login. So, I login as root with
>> > password because the security=user in the smb.conf file.However, my
>> > login is fused. Why?
>>
>> As far as I know it's not that simple. You must have the account you're
>> logged onto Nt with also on your Linux-Box (eg. if you are logged onto
>> NT with 'myname', you must have an user 'myname' under linux). Then, you
>> must login with a password you have configured with smbpasswd (smbpasswd
>> -a myname)....
>> Mail me under [EMAIL PROTECTED] if you have any questions :-)
>>
>> Rainer.
>
------------------------------
From: [EMAIL PROTECTED] (Jurrien)
Crossposted-To: comp.protocols.ppp,linux.redhat.ppp
Subject: Cannot use IPX over PPP between Linux hosts
Date: 23 Jul 1999 18:49:01 GMT
Hi all,
I've some strange problems with configuering IPX over a PPP connection
between two Linux hosts. This is the situation:
| Novell server | -<ethernet>- | Linux server | -<PPP>- | Linux client |
I can see the Novell server from Linux server with the command "slist" but
when I try to dialin from the Linux client to the Linux server I get the
following error in the /var/log/messages in both Linux hosts:
Jul 23 20:25:18 gate pppd[836]: IPX support is not present in the kernel
But I've had compiled both Linux kernel with IPX support as you can see:
[root@gate linux]# dmesg | grep IPX
Swansea University Computer Society IPX 0.34 for NET3.035
IPX Portions Copyright (c) 1995 Caldera, Inc.
I'm using on both hosts the 2.0.37 Linux kernel compiled with IPX and I have
enabled the option "Full internal IPX network" in include/net/ipx.h. I've
compiled pppd 2.3.8 with the compile flag -DIPX_CHANGE.
Does someone know why I get this error?
Thanks in advance!
--
Jurrien Wijlhuizen -- System Administrator Telebyte
email : [EMAIL PROTECTED] -- tel : 024-3557480
------------------------------
From: "Holger van Koll" <[EMAIL PROTECTED]>
Subject: Re: assemble and send raw ethernet packets
Date: Fri, 23 Jul 1999 20:02:49 +0200
Russ Gritzo schrieb in Nachricht <[EMAIL PROTECTED]>...
>Hi.
>I need to be able to assemble and send raw ethernet packets out. This
>is for legit purposes, trying to control a data acquisition instrument
>that has no IP addr, only MAC addr. Windoze uses a SNAP dll, but I
>would like to try and build packets up byte-by-byte and send them out.
>Have looked at some source for things like ping but all seem to be at
>too high a level.
>
>Any drivers, example code, or doc's that would help?
>
you should find that in /usr/src/linux/net/ethernet
------------------------------
From: "Holger van Koll" <[EMAIL PROTECTED]>
Subject: Re: dhcp and dns
Date: Fri, 23 Jul 1999 20:05:00 +0200
Ralf Killenberger schrieb in Nachricht <[EMAIL PROTECTED]>...
>Hello,
>
>I am facing problems while trying to use an NT based Server and a Linux
>server. The NT server is a PDC providing the domain via DHCP with
>IP-adresses. The Linux server offers DNS.
>
>When a client connects to network it gets a new IP-adress from DHCP. How
>do I get DNS to automatically update its database?
>
I dont understand your question, sorry...
Do you know that the expression "domain" in
PDC, primary DOMAIN controller
DNS, DOMAIN name service
dont have -anything- to do with each other?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
