Linux-Networking Digest #35, Volume #12 Wed, 28 Jul 99 12:13:33 EDT
Contents:
Re: diald goes up every 4 -5 min ([EMAIL PROTECTED])
tcpdump and libpcap (Brad Barfield)
How does it work? ("Neil Marko")
Req: TeraTerm keymap for linux ("Zsolt Mate")
Re: ifconfig - unbinding a IP from a NIC card? RH 5.2 ([EMAIL PROTECTED])
Re: Netscape scraps Limux! ("Piotr Kaminsky")
Re: 40Sec Delay When FTP gets the USER on MASQ:ed machines (Jesper Dybdal)
Works statically, but can't get DHCP working ([EMAIL PROTECTED])
Re: DHCP/Static IP not working ([EMAIL PROTECTED])
Help with samba encrypted passwords (Spammo)
How to config AnonFTP for default binary transfer mode? ("Steve Snyder")
Re: PAM authenticating to Novell NDS or NT Domain? ("Doug")
Re: How does it work? (Britt)
Re: POP Mail? ([EMAIL PROTECTED])
rsh, rcp Reliant Unix <-> Linux ("Roland Weber")
Can browse some sites but not all. Why? (=?ISO-8859-1?Q?Einar_S=2E_Ids=F8?=)
Re: 40Sec Delay When FTP gets the USER on MASQ:ed machines (Dave Perks)
Re: ppp - ping OK but no telnet/ftp/netscape - answer. (Clifford Kite)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: redhat.networking.general
Subject: Re: diald goes up every 4 -5 min
Date: Tue, 27 Jul 1999 13:09:42 -0400
Just tell diald to ignore winblows netbios requests!
In diald conf... filter
ignore tcp tcp.source=tcp.netbios-ns,tcp.dest=tcp.netbios-ns
ignore tcp tcp.source=tcp.netbios-dgm,tcp.dest=tcp.netbios-dgm
ignore tcp tcp.source=tcp.netbios-ssn,tcp.dest=tcp.netbios-ssn
ignore udp udp.source=udp.netbios-ns,udp.dest=udp.netbios-ns
ignore udp udp.source=udp.netbios-dgm,udp.dest=udp.netbios-dgm
ignore udp
udp.source=udp.netbios-ssn,udp.dest=udp.netbios-ssn
Then diald will not dial outside for winblows lookups
rob wrote:
>
> Hello all,
>
> Thanks for the advice so far recieved. I now have it down to every 15 min.
>
> that it dials out!
>
> here is the culprit accurding to tcpdump -i eth0:
>
> arp who has abby.chelsea.com tell barbie.chelsea.com
>
> arp reply abby.chelsea.com is at 0:0:b4:85:22:7c
>
> 127.0.0.2.61076 > 204.209.196.5.domain:1251+ (46)
>
> 127.0.0.2.61076 > 204.209.196.5.domain:1251+ (46)
>
> 127.0.0.2.61076 > 204.209.196.5.domain:1251+ (46)
>
> abby.chelsea.com.137 > 192.168.1.255.137: udp 50
>
> barbie.chelsea.com.137 > abby.chelsea.com.137:udp 62
>
> abby.chelsea.com.139 > barbie.chelsea.com.1111: . ack 1 win 32736
>
> barbi.chelsea.com.1111 > abby.chelsea.com.139: . ack 1 win 8508 (DF)
>
> It seems to play this scenario out every 14 or 15 minutes, over and over.
>
> abby is gateway print server firewall(ipfwadm) ip masq is enabled.
>
> barbie is win 95 with brwse access to abby with samba but"NO" permissions
>
> enabled . Print shares are available to barbie. I have 1 other linux box
>
> "carly" that is used spareingly as a www machine.
>
> I run RH 5.2 with a few added modules
>
> As I said in an earlier post I am very new to this and trying my best to
>
> solve my own problems. So if it is brutally simple to you guru's out there
>
> please be gentle!
>
> Thanks again for any time taken to help me out...
>
> Rob
>
> ------------------ Posted via SearchLinux ------------------
> http://www.searchlinux.com
--
Come Visit Our Website
http://www.freeyellow.com/members/creative-services
Please Visit Our Sponsers (We get paid per visit)
------------------------------
From: Brad Barfield <[EMAIL PROTECTED]>
Subject: tcpdump and libpcap
Date: Wed, 28 Jul 1999 10:08:15 -0400
Reply-To: @cisco.com
Can anyone point me towards some good documentation on libpcap? Also,
does anyone happen to know the file format of dump files produced with
"tcpdump -w"? I need to convert from one file format to a tcpdump
(libpcap) compatible format.
thanks,
brad
------------------------------
From: "Neil Marko" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux
Subject: How does it work?
Date: Wed, 28 Jul 1999 14:00:39 GMT
I have a simple 10base2 nework. I am using Linux (Slack 4.0) as a router
and hence it has 2 NIC's in it and IPchain have been configured and are
working fine. One NIC is to the Internet and one on my LAN. When a
workstation (NT or 98) puts an Ethernet packet on the LAN with the tcp/ip
destination somewhere on the Internet, will the Linux machine read that
packet and route it IF I do not set the default gateway on the workstation
to be the IP address of the Linux LAN card? What configuration needs to be
set to do this? Is it related to "promiscuous mode?"
I want to do this to avoid have to have Linux route every packet on my LAN
(it is thinnet). This only slows things down. I want the LAN to function
even if the Linux box is not running?
Thanks,
Neil Marko
------------------------------
From: "Zsolt Mate" <[EMAIL PROTECTED]>
Subject: Req: TeraTerm keymap for linux
Date: Wed, 28 Jul 1999 15:56:37 +0200
Hello!
Does anyone uses TeraTerm with linux and have a _fully_working_ keymap ?
If so, would he/she send it to me...
Thanks in advance
____________________________________
Mate Zsolt
mailto:[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: ifconfig - unbinding a IP from a NIC card? RH 5.2
Date: Wed, 28 Jul 1999 13:58:37 GMT
In article <[EMAIL PROTECTED]>,
Alex Harrington <[EMAIL PROTECTED]> wrote:
> Not sure but maybe this will work??
>
> (I have split the ip into sections for ease of writing it as follows:
> 192.168.1.1
> a . b .c.d
> so for 'a' read '192' etc..)
>
> /sbin/ifconfig eth0:d a.b.c.d
> /sbin/route add -host a.b.c.d dev eth0:d
>
> replacing a,b,c and d with the correct IP address for your Linux box.
>
> This may work, it may not - I really don't know - just an intelligent
> guess.
>
> NO GUARANTEES. You may be advised to wait for some more replies from
> somebody who has more experience here than me.
>
> Alex -
>
> [EMAIL PROTECTED] wrote:
> >
> > Help!
> > I accidently bound a workstation IP address to my Red Hat 5.2 server
> > ethernet card and and now I get the message on the workstation that
I
> > have a IP address conflict.
> >
> > Here are the commands that I did on on my Red Hat 5.2 Primary
Server:
> >
> > /sbin/ifconfig eth0:31 200.200.200.31
> > /sbin/route add -host 200.200.200.31 dev eth0:31
> >
> > Please post the commands that will unbind this IP from the server so
> > that I can reuse this IP for a workstation.
> >
> > Thank You,
> > A new web administrator.
> >
> > Sent via Deja.com http://www.deja.com/
> > Share what you know. Learn what you don't.
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Piotr Kaminsky" <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,comp.protocols.smb,comp.os.linux,linux.redhat.ppp,linux.redhat.misc
Subject: Re: Netscape scraps Limux!
Date: Tue, 27 Jul 1999 22:06:31 -0400
Monte Phillips <[EMAIL PROTECTED]> wrote in message =
news:[EMAIL PROTECTED]...
> Well Andrew, as a matter fact it does. AAnd if you'd give it some
> thought you would see: That one netscape is the primary browser in the
> *nix world. Being such it is also the primary source by which many
> access SAMBA files. =20
> If Netscape screws linux then samba will suffer because many potential
> users of *nix will say to hell with it and stay with windows. Andrew
> I know you are a longtime unix man, to bad really since it gives you a
> myopic view on the world. =20
> I realize unix has been a cozy little clique for decades, but the
> future requires recruits, good, smart recruits. Anything which may
> hinder that effort is or should be a concern of all aspects of this
> effort.
> You may think little of linux, but it is the talent pool of the future
Interesting... Same thing was said about OS/2.=20
Which will prevail, in your opinion?
------------------------------
From: Jesper Dybdal <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,comp.security.firewalls,alt.os.linux.slakware,alt.linux.slakware
Subject: Re: 40Sec Delay When FTP gets the USER on MASQ:ed machines
Date: Wed, 28 Jul 1999 16:10:48 +0200
"TRY" <[EMAIL PROTECTED]> wrote:
>You may see this delay due to the FTP server trying to establish an ident
>conection to your machine to "authenticate" you, if your firewall is set up
>to discard incoming ident requests. If you choose to reject ident messages
>(I think it is called reject in Linux parlance -- I mean: make the firewall
>return a "network unreachable"/"host unreachable" message) instead and the
>reason for the delay is ident messages, you should see a substantial
>speed-up due to this.
>
>I have seen this behaviour previously in SMTP connections through a firewall
>that dropped ident requests and the problem disappeared when ident requests
>where "rejected".
I set it up this way once, using ipfwadm to reject connections to
the auth/ident port.
It worked fine with _almost_ every mail server we communicated
with.
But there was at least one mail server out there who refused to
talk to us when the auth request was rejected in that way.
I therefore changed the packet filtering to accept auth requests,
and made sure that I had no server listening on that port. It
then gets rejected in a different way. This seems to work
correctly and without delay for all mail servers.
--
Jesper Dybdal, Denmark.
http://www.dybdal.dk (in Danish).
------------------------------
From: [EMAIL PROTECTED]
Subject: Works statically, but can't get DHCP working
Date: Wed, 28 Jul 1999 14:14:10 GMT
Trying to get a RH5.2 system on a Rogers@Home cable modem to work
through DHCP. This cable modem has been servicing a singular Win95
system without much problems for months now through DHCP. Now, I want
to share the connection amongst a bunch of computers through the RedHat
working as an IP masquerading server.
Okay, I've been trying to get the Linux working through DHCP, and I
went through every inch of the DHCP mini HOWTO manual, and nothing has
worked so far. The only thing that has worked is for me to turn off
DHCP and just manually configure everything statically. It works
beautifully, and various of the local participants say I should just
use it that way (statically), but I don't want to be the a**h*l* that
breaks the network's standards.
I think the problem is that the DHCP server at Rogers is using a
special feature of Windows to identify itself to the lan. The Rogers
technicians went and specifically setup the Windows machine's computer
name and workgroup settings to particular values in the Networking
control panel prior to enabling DHCP on the Win95 box, and I'm trying
to recreate that on Linux but with no success so far. Previously I was
under the impression that they must be using the machine's MAC address
to authenticate to DHCP. The Win95 machine and the Linux machine aren't
the same machines, they have different MAC addresses. I'm not sure what
to think: is it the MAC address that is the problem or the machine
name/workgroup name? Any ideas?
Yousuf Khan
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: DHCP/Static IP not working
Date: Wed, 28 Jul 1999 13:55:32 GMT
In article <[EMAIL PROTECTED]>,
Vinod B C <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I have Win NT4.0 on one partition and RH5.2 on another. DHCP works
> fine on Win NT, but on RH dhcp failed message is printed. When tried
> with a static IP also ping etc don't go thru.
> Any ideas ?
I have a similar problem to yours, which I will be posting a question
on very soon, but the only difference between my problem and your
problem is that I can get the Linux system to work with a static IP,
but not with DHCP. However, another box connected to the same cable
modem with Win95 on it, has no problems getting DHCP to work.
As for your static IP not working, I think I can help you there. You
have to make sure that you set your default gateway on the Linux setup
to be the same as what you would get on your NT setup. So get to your
NT setup and write down the IP address of your default gateway and then
use the same thing in Linux.
Yousuf Khan
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Spammo)
Subject: Help with samba encrypted passwords
Date: Wed, 28 Jul 1999 14:35:58 GMT
When I put the line 'encrypt passwords = yes' in my smb.conf, how come
testparm always shows it as 'no' (yes, I have restarted smbd)?
I'm using RH6.0 and I've tried 2.0.3 and 2.0.5 versions of samba (both
locally compiled) and I followed the directions in ENCRYPTION.txt to the
letter but still the problem persists. I have checked that I have only
one smb.conf and that it's the one used by smbd. The smbpasswd file is
where it should be and looks allright.
On another machine I have RH5.2 and samba version 1.9.18p10 and that one
works just fine.
//sampo
------------------------------
From: "Steve Snyder" <[EMAIL PROTECTED]>
Reply-To: "Steve Snyder" <[EMAIL PROTECTED]>
Subject: How to config AnonFTP for default binary transfer mode?
Date: Wed, 28 Jul 1999 14:47:31 GMT
How does one configure the anonymous ftp server that comes with RedHat
v6.0 such that binary is the default transmisstion mode? I'm getting
tired of people uploading ZIP files to my site in text-mode format.
Thank you.
***** Steve Snyder *****
------------------------------
From: "Doug" <[EMAIL PROTECTED]>
Subject: Re: PAM authenticating to Novell NDS or NT Domain?
Date: Wed, 28 Jul 1999 08:58:38 -0600
Damn...
At the PAM website, they make mention of authenticating to NDS if you have
the latest libncp package compiled..... Seems like a stretch to me, but I'm
grasping at straws here! :>)
Also, Novell's website specifically mentions their "NDS for Solaris" and
"NDS for Linux" software, but reading between the lines it sure looks like
that means you run a replica server on your *nix box.... And it probably
isn't anything remotely portable either....
Frankly, I'm not thrilled with the concept of running an actual NDS server
on Unix, when all I want is basically authentication services -- I don't
even want a silly filesystem/client/requestor!
Netware 5, despite being available for nearly a full year now, seems really
poorly supported by the Unix commercial software community, such as a pretty
damn near universal lack of a backup agent! Witness HP Omniback, et al.
I've been a big Novell fan for years, but I think NW5 is a little too late
to market, and some of the big fish are playing the waiting game to see how
well it fares in the long run before they devote a lot of effort to porting
code to it. Just my 2 cents.
Hopefully something will turn up...
Doug
Pascal Fleer <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hi Doug,
>
>
> Doug wrote:
>
> > Does the NCP crap require an IPX stack to be
available/loaded/configured?
> > What about in a Netware v5 pure-IP environment?
> >
>
> The NCP package is based on bindery mode connections, so all the
advantages of
> the NDS are lost. Beside of this,
> it has problems to talk with very recent implementations of the netware
servers
> over IPX - Netware 4.11 with latest
> service pack, and netware 5.0. ncpmount fails. with netware 3.x, 4.x no
problem.
>
> >
> > Failing NDS, how about authenticating to an NT domain controller? I
have
> > pam_ntdom working on 4 RH5 boxes, but I can't get pam_ntdom to compile
under
> > either Solaris 2.x or HPUX 10.20/11.0 because of unresolved symbols,
which
> > I'm guessing indicates at least one library is missing. Happens under
gcc,
> > Sparcworks compiler, and HP's real ansi compiler.
> >
>
> How about LDAP from Novell ?
>
> Has anybody seen NCP over IP, and NDS support for Linux ? I know that
Novell
> wants to make
> NDS for Linux available, but does include a so called requestor ?
> We have about 500 servers and about 80000 NDS objects, and the number of
Linux
> workstation is
> growing. Would be nice to use the advantages of the NDS.
>
> Pascal
>
>
------------------------------
From: Britt <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux
Subject: Re: How does it work?
Date: 28 Jul 1999 14:29:34 GMT
Neil Marko <[EMAIL PROTECTED]> wrote:
: I have a simple 10base2 nework. I am using Linux (Slack 4.0) as a router
: and hence it has 2 NIC's in it and IPchain have been configured and are
: working fine. One NIC is to the Internet and one on my LAN. When a
: workstation (NT or 98) puts an Ethernet packet on the LAN with the tcp/ip
: destination somewhere on the Internet, will the Linux machine read that
: packet and route it IF I do not set the default gateway on the workstation
: to be the IP address of the Linux LAN card? What configuration needs to be
: set to do this? Is it related to "promiscuous mode?"
The windows boxes need to know that the Linux machine is the gateway. This
should be something you set on the Windows machine, and there is probably
some routing entry needed on the Linux machine to tell it which NIC to
send the internet packets to. This would be the 'default' route you
get from a 'route -n' command. It should list the NIC for your upstream
link. Check the NET-2 HOWTO for info on setting this up.
Promiscuous mode has nothing to do with routing. Promiscous mode is a
setting where an ethernet card reads all packets on the wire. Any packet
for your gateway will be addressed to your router, so it will read it
normally.
: I want to do this to avoid have to have Linux route every packet on my LAN
: (it is thinnet). This only slows things down. I want the LAN to function
: even if the Linux box is not running?
If you set your windows machines to use the linux box as a gateway, the
only packets addressed for that box will be the out bound ones, so you
shouldn't have any problems.
B
=======================================================================
Britt Bolen [EMAIL PROTECTED] britt.bolen.com
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: alt.os.linux,alt.os.linux.slackware,comp.os.linux.misc
Subject: Re: POP Mail?
Date: Wed, 28 Jul 1999 14:38:43 GMT
well compile a popserver like qpopper or something and this will work
with sendmail. this work because that is what I am using
In article <[EMAIL PROTECTED]>,
Lindoze 2000 <[EMAIL PROTECTED]> wrote:
> anyone know how to tell if POP mail is running ?
>
> then how can I setup some pop client like netscape to read it.
> I have only IP addys, no Public Domain names (no company.com)
> How do you send someone email useing IP addresses?
> [EMAIL PROTECTED] does not work.
>
> --
>
> ##################################
> ## ##
> ## http://www.FusionPlant.com ##
> ## ##
> ##################################
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Roland Weber" <[EMAIL PROTECTED]>
Crossposted-To: de.comp.os.unix.sinix
Subject: rsh, rcp Reliant Unix <-> Linux
Date: Wed, 28 Jul 1999 17:12:53 +0200
Hallo,
ich habe heute versucht v. meinen Reliant Unix Kisten (mit 5.44 u. 5.43)
mit rsh, und rcp auf einen Linux PC (SuSe 6.1) zu kommen.
Hat nicht funktioniert, .rhosts bzw. hosts.equiv scheinen ignoriert zu
werden,
ich werde immer nach einem Passwort gefragt. In der anderen Richtung
(Linux -> Reliant) genau das selbe. Die Zugriffsrechte der Dateien sind
jeweils ok.
Koennen die beiden vieleicht schlicht nicht miteinander??
Roland Weber
------------------------------
From: =?ISO-8859-1?Q?Einar_S=2E_Ids=F8?= <[EMAIL PROTECTED]>
Subject: Can browse some sites but not all. Why?
Date: Wed, 28 Jul 1999 15:21:41 +0200
Hi all,
I'm having a problem with a dial-up network and am hoping that some of
you can help me:
My friend has a Linux box (Red Hat 6.0) that is connected to the
internet via a hub (direct connection from dorm to university). He also
has a modem. I use my modem in win98 to dial up his computer. By using a
valid IP (his ip is x.x.x.128 and mine is x.x.x.129) I can get on the
internet by ip-forwarding. I can telnet, ping, irc, browse etc... There
is one problem, however: I can't browse to certain sites that my friend
can browse to! Two examples of sites I can't browse are www.sierra.com
and www.heat.net. By sniffing my packages he found that I send a request
to the site, I receive and ack and send my ack out on the net again.
Then, when the actual www info is being sent, it stops at his NIC and is
not forwarded to my modem! As I said, this only happens at some sites. I
don't have a problem with yahoo, altavista etc. My friend can browse to
all the sites that I can't browse to.
Also, what is really weird is that I can use my windows telnet and telnet
to www.heat.net:80, type something, press enter and get html-code in my
telnet-window.
Does anyone have a clue as to why I can't browse some sites when I can
browse other sites? Is it a Linux problem or is it internet explorer
(I've also tried Opera - same problem)? Is it some sort of 'net-nanny'
built into Red Hat 6.0? ;)
Sincerely,
Einar S. Idsø
------------------------------
From: Dave Perks <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux,comp.security.firewalls,alt.os.linux.slakware,alt.linux.slakware
Subject: Re: 40Sec Delay When FTP gets the USER on MASQ:ed machines
Date: Wed, 28 Jul 1999 14:43:00 GMT
Jesper Dybdal wrote:
>
> "TRY" <[EMAIL PROTECTED]> wrote:
>
> >You may see this delay due to the FTP server trying to establish an ident
> >conection to your machine to "authenticate" you, if your firewall is set up
> >to discard incoming ident requests. If you choose to reject ident messages
> >(I think it is called reject in Linux parlance -- I mean: make the firewall
> >return a "network unreachable"/"host unreachable" message) instead and the
> >reason for the delay is ident messages, you should see a substantial
> >speed-up due to this.
> I set it up this way once, using ipfwadm to reject connections to
> the auth/ident port.
>
> It worked fine with _almost_ every mail server we communicated
> with.
>
> But there was at least one mail server out there who refused to
> talk to us when the auth request was rejected in that way.
Yes, "network unreachable" code 0 or "host unreachable" code 1 can
discourage the originating system... better to use the more accurate
"port unreachable" code 3.
--
The opinions expressed in this message are my personal
opinion and in no way reflect the views of my employer.
Søren Kierkegaard says
"Life can only be understood backwards; but it must be lived forwards."
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: ppp - ping OK but no telnet/ftp/netscape - answer.
Date: 28 Jul 1999 08:44:16 -0500
[EMAIL PROTECTED] wrote:
: If I have missed something obvious then please tell me, however it what
: I'm saying is correct I hope it helps some other struggling souls.
You didn't miss something obvious, thanks very much for this post.
It would certainly be useful to see the output of "route -n" both with
and without this fix. This would provide insight into the root cause
of the problem.
TIA
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* The wealth of a nation is created by the productive labor of its
* citizens. */
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
