Linux-Networking Digest #50, Volume #12 Thu, 29 Jul 99 20:13:40 EDT
Contents:
Re: Connecting linux-win95 (Vidar Andresen)
Re: 40Sec Delay When FTP gets the USER on MASQ:ed machines (Bernd Eckenfels)
Re: Remote Printing and RedHat 6.0 ([EMAIL PROTECTED])
Re: Intel Ether pro 10 hangs PC (Vidar Andresen)
Re: ethernet can't access DSL, gateway (John Brashier)
setting up X server to be a "client".. (David Pollack)
firewall question (MEGANET SUPPORT)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Vidar Andresen)
Subject: Re: Connecting linux-win95
Date: Thu, 29 Jul 1999 22:00:25 GMT
In article <tKHm3.2463$[EMAIL PROTECTED]>,
"�� �- ��" <[EMAIL PROTECTED]> wrote:
[...]
>but when I ping the other IP from either machines, it never gave me any
>information but those such as '..Time Out'.. or just nothing.
>
>I think more possibility is that my linux box is a little bit awfully
>configurated.
Have you based yourself on the ISP-Hookup-HOWTO? I just looked at it,
the __text__ version. Covers a lot of this. Something strange have
happend with that. A lot of filnames; and with that context; seems to
have been lost on the way.
ftp://metalab.unc.edu/pub/Linux/docs/HOWTO/ISP-Hookup-HOWTO that is.
ftp://metalab.unc.edu/pub/Linux/docs/HOWTO/other-formats/html/ISP-Hookup-HOWTO-html.tar.gz
and http://www.kvaleberg.com/ISP-Hookup-HOWTO.html seems ok.
What follows is pure speculation. Maybe nonsens. I am not into
routing, i try to understand the logic in this.
>#route
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 164.124.244.43 * 255.255.255.255 UH 0 0 0 ppp0
> 192.168.1.0 * 255.255.255.0 U 0 0 2 eth0
> 127.0.0.0 * 255.0.0.0 U 0 0 2 lo
> default 164.124.244.43 0.0.0.0 UG 0 0 6 ppp0
So far your default route is out on ppp0.
Guess something like this sets it:
exec pppd connect \
'chat -v -f /etc/ppp/chatscript' \
-detach crtscts modem defaultroute \
user marve \
/dev/modem 38400
When ppp0 is down, i guess it could be removed. (if it is not part of
'dial up on demand'). Dont bother.
Traffic to 192.168.1.* is ment to go over 'eth0', (that is over the
nic named 'axl' with a given adresss 192.168.1.1. or is it? ) And
what 192.168.1.* not cover shall go to out over ppp0.
> #netstat -rn
Same.
> /etc/hosts
> #164.124.101.2 chol.dacom.co.kr
> 127.0.0.1 localhost localhost.localdomain
> 192.168.1.1 axl axl.gnu.net myweb homepage
> 192.168.1.2 apple apple.gnu.net
Nice. I guess. No harm.
>/etc/sysconfig/network
>NETWORKING=yes
>FORWARD_IPV4=false
>HOSTNAME=localhost.localdomain
C'mon, give yourself a _real_ name. In /etc/sysconfig/network as:
HOSTNAME="axl"
and in /etc/HOSTNAME with the line:
axl
This is my /etc/sysconfig/network (the domainname is bogus, does not
matter. (Until you get your own domaine whitc answers to real ip-nr,
running off that machine.) You might need to fill inn the lines
'FORWARD_IPV4="yes"' 'GATEWAY' 'GATEWAYDEV' if you plan to be a
gateway/router for the rest of your lan. Later.
NETWORKING=yes
FORWARD_IPV4="yes"
HOSTNAME="vlb-486"
DOMAINNAME=nonline.no
GATEWAY=""
GATEWAYDEV=""
NISDOMAIN=""
>/etc/sysconfig/network-script/ifcfg-eth0
>DEVICE=eth0
>IPADDR=192.168.1.1
>NETMASK=255.255.255.0
>NETWORK=192.168.1.0
>BROADCAST=192.168.1.255
>ONBOOT=yes
>BOOTPROTO=none
OK.
>/etc/resolv.conf
>search dacom.co.kr
>nameserver 164.124.101.2
You need for the ppp/internet-side. (maybe not 'search dacom.co.kr',
but why not if it is working.)
_But_ i have a /etc/host.conf (two lines)
order hosts, bind
multi on
+-------------+ Linuxconf 1.11 (subrev 18) +-------------+
| +------------+ Network configurator +------------+ |
| Th| +----------+ Client tasks +-----------+ | |
| | Thi| | IP | |
| Us| net| Basic host information # | em | |
| an| (or| Name server specification (DNS) # | | |
| fo| | Routing and gateways # | | |
| | | Host name search path # | | |
| | | Network Information System (NIS) # | | |
[...]
which is the result of 'Host name search path' set to
| You must tell the system in which order |
| the various name services must be probed |
| |
| hosts mean /etc/hosts is probed NIS stand |
| for Network Information System dns stands |
+-----| for Domain Name Service | ----+
| +-| | + |
| Th| | [*] Multiple IPs for one host | | |
| | | ( ) hosts, NIS, dns | | |
| Us| | ( ) hosts, NIS | | |
| an| | ( ) hosts, dns, NIS | | |
| fo| | (*) hosts, dns | | |
| | | ( ) hosts | | |
| | | ( ) NIS, hosts, dns | | |
| | | ( ) NIS, hosts | | |
| | | ( ) NIS, dns, hosts | | |
| | | ( ) NIS, dns | | |
| | | ( ) NIS | | |
| | | ( ) dns, hosts, NIS | | |
| | | ( ) dns, hosts | | |
| | | ( ) dns, NIS, hosts | | |
+---+-| ( ) dns, NIS | + --+
| ( ) dns |
If you have dns first, (and not running any kind of namserever) you
might be in trouble. like this?:
/etc/host.conf
order bind, hosts
multi on
As I see it, (and that could be nonsens) it would have ment to go
somewhere here:
search dacom.co.kr
nameserver 164.124.101.2
To resolve names to ip-adresses on your own privat network. Will not
work.
Can you on the machine (192.168.1.1) do a 'ping axl' ? and get a
reply? (And who is answering? Maybee 'axl is at 192.168.1.1'?
Maybee not. If you tried to ping lets say 'homepage' (wich is set
under /etc/hosts to be an alias for 192.168.1.1. If there was a
homepage.dacom.co.kr i guess that would be where you ended. trust
none. Especially not axl.dacom.co.kr or apple.dacom.co.kr;)
A /ect/host.deny (Only uncommented lines) like this?
ALL : ALL
A /ect/host.allow (Only uncommented lines.)
ALL: 127.0.0.1
ALL: 192.168.1.1
ALL: 192.168.1.2
This far. You only _serve_ local adresses.
The '127.0.0.1' on the machine is 'localhost.localdomain' and
'localhost'
> /etc/hosts
> #164.124.101.2 chol.dacom.co.kr
> 127.0.0.1 localhost localhost.localdomain
> 192.168.1.1 axl axl.gnu.net myweb homepage
> 192.168.1.2 apple apple.gnu.net
So is also your hostname......
>/etc/sysconfig/network
>NETWORKING=yes
>FORWARD_IPV4=false
>HOSTNAME=localhost.localdomain
Confusing.
I fear, if everyting goes wrong, that a ping to your own ip-addr
192.168.1.1 and name 'axl' and any alias on 192.168.1.1 will end up
going to '127.0.0.1'. Which is 'localhost.localdomain'
A ping to 'localhost', 'localhost.localdomain' '127.0.0.1' osv.. will
all end up there.
And so will all traffic wich should have entered the cable trough
eth0.
That could mean that even if the nic is up and working with an
ip-adress, there is 'no route to nic'. No way out. You are:
Lost In Loopback
(exept the ppp, i guess that works fine)
Chess?
Mvh Vidar Andresen
------------------------------
From: Bernd Eckenfels <[EMAIL PROTECTED]>
Crossposted-To: comp.security.firewalls
Subject: Re: 40Sec Delay When FTP gets the USER on MASQ:ed machines
Date: 29 Jul 1999 22:44:53 GMT
In comp.security.firewalls Michael Shuldman <[EMAIL PROTECTED]> wrote:
> No. The correct response is RST (reset), see rfc793.
it is dangerous to send RST as a Router, instead of "icmp administatvely
prohipited" (but the last icmp type is not used since a few systems dont
understand it).
Greetings
Bernd
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Remote Printing and RedHat 6.0
Date: Thu, 29 Jul 1999 21:53:58 GMT
I have the same account setup on my personal machine and the print
server and I still get the same message.
James Hubbard
[EMAIL PROTECTED]
In article <[EMAIL PROTECTED]>,
"Grahame M. KellyBoth types of receipt" <[EMAIL PROTECTED]> wrote:
> >> I have
> > > > remote printing setup so that print jobs destined for the one of
the
> > > > other networks goes to the local server, then to other network
> > server,
> > > > and finally it is sent to the printer.
> > > >
> > > > My problem is that I recently upgraded one of the servers to
RedHat
> > > 6.0
> > > > and now it no longer accepts remote print jobs. Here are the
error
> > > > messages:
> > > >
> > > > lpd[18145]: Can't create temp cfp file
> > > > lpd[18145]: w_engineer: can't scan /var/spool/lpd/w_engineer
> > > >
> > > > Is this a bug with the lpd? I've noticed that this was listed
as
> > bug
> > > on
> > > > the Debian bug list when doing a www.deja.com search. Does
anybody
> > > know
> > > > what I can do to fix this?
> > > >
> > > > Thanks
> > > > James Hubbard
> > > >
> > > > Sent via Deja.com http://www.deja.com/
> > > > Share what you know. Learn what you don't.
> > > >
> > >
> > > Sent via Deja.com
> http://www.deja.com/
> > > Share what you know. Learn what you don't.
> > >
> >
> > Sent via Deja.com http://www.deja.com/
> > Share what you know. Learn what you don't.
>
> I had to put a valid user account on the RH 6.0 system
> to get remote printing to work across the network.
> Give this a try.
>
> Cheers, Grahame
>
> --
> Grahame Kelly - V,P, SLUG (Sydney Linux Users Group)
> Junk Mail filter enabled, send all replies to:
> Email Address = gmkelly (at) zip (dot) com (dot) au
> Web Site = www (dot) slug (dot) com (dot) au
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Vidar Andresen)
Crossposted-To: comp.os.linux.hardware
Subject: Re: Intel Ether pro 10 hangs PC
Date: Thu, 29 Jul 1999 22:00:04 GMT
In article <[EMAIL PROTECTED]>, phil bull <[EMAIL PROTECTED]> wrote:
>I'm running Red Hat 6.0 on an Intel P90 PC box. I have an oldish ISA
>Intel Ether Pro10 network card. It's a combo card with 10BaseT, BNC and
>AUI connectors. The chip is marked FA82595TX.
>
>The PC hung during Linux installation when it tried to probe the card,
>so I substituted and old NE2000 card, which worked fine until it
>suffered hardware failure. So I'm having to try the Intel card again.
>I've changed the conf.modules file to read:
>
> alias eth0 eepro
> options eepro io=0x230 irq=11
Is that the right values? (setup util/jumpers for/on the nic?)
Any conflict 'cat /proc/interrupts'
'cat /proc/ioports'
>which ties in with a response I saw to someone else's posting. However,
>the PC hangs during boot when it tries to start eth0.
The source (../drivers/net/eepro.c) have a lot of info.
The sizes of the receive and transmit buffers can now be
changed via lilo or insmod. Lilo uses the appended line
"ether=io,irq,debug,rx-buffer,eth0" where rx-buffer is in KB
unit. Modules uses the parameter mem which is also in KB
unit, for example "insmod io=io-address irq=0 mem=rx-buffer."
The receive buffer has to be more than 3K or less than 29K.
Otherwise, it is reset to the default of 24K, and, hence, 8K
for the trasnmit buffer (transmit-buffer = 32K -
receive-buffer).
and more..
Mvh Vidar Andresen
------------------------------
From: John Brashier <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: ethernet can't access DSL, gateway
Date: Thu, 29 Jul 1999 16:05:10 -0700
> Ray,
> I have both of the cards installed in my Linux box. "eth0" is set to my static
> IP, and "eth1" is set to 192.168.1.1 as the main machine on my LAN that the
> others will use as gateway to the internet under Masquerade
> I am pinging both cards from the machine they are in.
>
> I have no router, and I am running just the Simple rule firewall as outlined
> in the masquerade howto.
Thanks,
John
------------------------------
From: David Pollack <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux
Subject: setting up X server to be a "client"..
Date: Thu, 29 Jul 1999 15:21:10 -0700
I was wondering hwo to run X as a client so that I could telnet onto one
linux. Then when I run an X program it would run the on linux box that I
am on (with X running of course). I am running redhat 6.0 and XFree
3.3.3.1 (stock RH6). I always get a "no route to IP" or something like
that. The error looks like _X11transINETConnet_.
Thanks for the help.
Things that I have tried
export DISPLAY=my.computer.ext:0.0
same as above with IP address.
------------------------------
From: MEGANET SUPPORT <[EMAIL PROTECTED]>
Subject: firewall question
Date: Thu, 29 Jul 1999 18:59:42 -0400
I'm currently doing ip masq which is working great. Iam using ipfwadm
and
NOT ip chains.
I'm usinf red hat 5.2 with the 5.2 kernel.
the question is how do i redirect all tcp traffic for ftp to another
computer in this case 192.168.0.3.
i included my rc.local file wich shows ip masq (working) and my attempt
at
what im asking to do.
I tested this by going to my lan computer and ftp to the firewall it did
not redirect to the 192.168.0.3 computer wich is a win 98 computer, also
no ftp server (for now) program is running on that win 98 comp. This was
to
be i test and i wanted to get an error mesg.
This di not happened i got logged in to the ftp server on my firewall
machine instead.
#mod probing for ipmasq
/sbin/depmod -a
/sbin/modprobe ip_masq_ftp
/sbin/modprobe ip_masq_raudio
/sbin/modprobe ip_masq_irc
#deny all not from my lan
ipfwadm -F -p deny <-----tried it without this, it didn't work.
#take packets from the 192.168.x.x lan and route it to 0.0.0.0, default
route
ipfwadm -F -a m -S 192.168.0.0/24 -D 0.0.0.0/0
***the problem starts here****
#redirect incoming requests such as ftp and fwd to another computer
ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 1024:65535 -D 192.168.0.3 21
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
