Linux-Networking Digest #163, Volume #12 Mon, 9 Aug 99 16:14:00 EDT
Contents:
afpd crashes with RH 6.0 ("David Lefebvre")
Re: Firewall setup... what to install? (Steven Micallef)
Re: Help setting up an SSL web server (Ken)
HWAddress -> IP address ("Almer. S. Tigelaar.")
NT and Linux on a workstation. ("Sage Mage")
Split Horizon Default Route??? ("David Peavey")
cheap ethernet card (david)
Re: gnome ppp help! (Ian Fiske)
NSSWITCH??? (David)
Re: need telnet client for NT ("Charles Stack")
Help on error when building mod_perl apache? (Eric Remy)
IEEE 802.1Q (hwj)
Re: network access (Jan-Albert van Ree)
Linux Webserver Security ([EMAIL PROTECTED])
Re: Samba Client Woes (Jonathon Spaeth)
Looking for X25 hardware/softeware solution (Karl)
Re: home network setup. (Abacab)
Netgear EEPROM gone?? (Leonard Hardy)
----------------------------------------------------------------------------
From: "David Lefebvre" <[EMAIL PROTECTED]>
Subject: afpd crashes with RH 6.0
Date: Mon, 9 Aug 1999 14:52:09 -0400
Hello all,
I have a Vectra XM2 486/66 on which I installed Red Hat 6.0. I configured
it as a DHCP and Samba server and everything works fine. Then I tried to
configure it as an AppleTalk file server and I am facing a wall.
I installed
ftp://contrib.redhat.com/libc6/i386/netatalk-1.4b2+asun2.1.0-5.i386.rpm
and set up very minimal configuration files. atalkd starts without
problems, but afpd keeps exiting out on me because of a segmentation
violation.
Has anyone seen a similar problem before? Any idea would be welcome.
Thanks,
David
------------------------------
From: Steven Micallef <[EMAIL PROTECTED]>
Subject: Re: Firewall setup... what to install?
Date: Mon, 9 Aug 1999 18:29:57 +1000
On Sun, 8 Aug 1999, Jan-Albert van Ree wrote:
> Charles Stack schreef:
> >
> > Try the IPChains-HowTo. With three lines of "code" you'll have your
> > firewall up and running in no time. Of course, you'll need to install
> > ipchains if it isn't already installed. Also, in this month's Linux
> > Magazine, there was an excellent example showing how do exactly what you
> > request.
>
> > Jan-Albert van Ree <[EMAIL PROTECTED]> wrote
> > > Here's the story... I'm getting cablemodem soon. Our cablemodem company
> > > uses standard 3Com 509b cards to connect. Now I want to set up a firewall
> > > so I can connect multiple PC's to the internet over the cable modem since
> > I
> > > only have one valid IP. I also have a 3Com 905 networkcard in the Linux
> > > box. Now should I install only firewall, or proxy server, IP Masqueing? I
> > > read the Firewall and IP Masquering HOWTO's but still I can't seem to find
> > > out which is more appropriate? I only want to be able to mail/ftp/surf and
> > > ICQ through the Firewall (and perhaps some online gaming lateron...) but
> > > the firewall will also be a www and ftp server that should be available
> > for
> > > everybody.
> > >
> > > Any suggestions? Thanks a lot in advance!
>
> Well I read it, and it seems I can't easily use it, I am running RedHat 5.2
> with 2.0.36 kernel and I am not planning on upgrading anytime soon. So I
> decided to use the Firewall+IP Masquerading. Any things I migt run into
> that won't work , like playing Quake or something similair?
You should have no problems providing your ipfwadm rules are setup
properly. You should have IP Masquerading with the default policies as
accept for forwarding and accept for In/Out.
ipfwadm -F -p accept
ipfwadm -I -p accept
ipfwadm -O -p accept
And you should be set. Of course, if you want to block certain IPs or
ports, then it gets a little more complex, but for games, etc., you
should have no problems.
> --
> Jan-Albert "Sliver" van Ree | [EMAIL PROTECTED]
> 3D Sims Archive maintainer | http://www.3dgamers.com
>
>
--
Steven Micallef
AuNIC: SM936-AU
------------------------------
From: Ken <[EMAIL PROTECTED]>
Subject: Re: Help setting up an SSL web server
Date: Mon, 09 Aug 1999 17:07:04 GMT
Well, "easy to setup" and "SSL web server" usually aren't used in the
same sentence. All depends on your Linux experience.
I just setup an Apache based SSL server on Redhat60. My first word of
advice ... FORGET ABOUT RPMS!!!
I tried 4 different RPM distributions (including Mandrake's Secure
Server) ... while all worked, they were also terrible performers ...
broken gifs and background images over a 100Mb/s LAN!
After installing Apache, OpenSSL, and Mod_ssl from tar balls, I have a
screaming secure server!
Check out http://www.modssl.org and have fun!
-Ken
Peter wrote:
> What is a good and easy-to-setup SSL web server, preferably a daemon
> process. I work in Boston and have to administer a linux box in
> california! Any mini-HOWTOs would be helpful.
>
> Thanks
>
> --
> --Peter Eacmen
> [EMAIL PROTECTED]
------------------------------
From: "Almer. S. Tigelaar." <almer-t@!SPAMbigfoot.com>
Subject: HWAddress -> IP address
Date: Mon, 9 Aug 1999 20:28:43 +0200
Hello,
I am looking for a utility or a 'way' to translate the hardware address of
an ethernet card into an IP adress.
I am on a LAN and I know someone else is on that LAN too, but all I know is
his
Hardware (MAC) address and he does not have a TCP/IP or UDP connection to
me.
How do I find out his 'IP address'?
Thank you in advance,
Almer. S. Tigelaar.
almer-t@!NOSPAMbigfoot.com
(remove !NOSPAM to reply, pls post to this newgroup, so everybody can
benefit from an anwer)
------------------------------
From: "Sage Mage" <[EMAIL PROTECTED]>
Subject: NT and Linux on a workstation.
Date: 03 Aug 1999 23:59:27 PDT
I have a small NT network that I manage and I want to install Linux onto a
workstation to let some people find security holes and such. What is the
best way to dual boot, a Linux/NT box. How should I install and in what
systems in what order, what kind of partitions shoudl I use ect...
Thanx for your time,
SageMage
------------------------------
From: "David Peavey" <[EMAIL PROTECTED]>
Subject: Split Horizon Default Route???
Date: Mon, 9 Aug 1999 11:29:18 -0700
Can anyone help me here. I am tring to set up a Linux box as a "router"
that isn't running any exterior gateway protocols but rather uses static
routing. The configuration is as follows...
I have 2 NIC's in the box. On each side of the NIC's are other INTERNET
routers. There are several thousand nets on each side of my box. I don't
want to run any exterior gateway protocols but rather would like to just let
the other routers do their jobs. I have tried to simplify this question to
stay focused on the main problem. Don't ask me why I want to do this
because the configuration is actually a lot more complicated than this.
So here's what I want to do... I would like any packets comming in on NIC 1
to be routed to NIC 2, if they aren't destined for the Linux box itself.
And any packets comming in on NIC 2 to be routed out NIC 1 if the packets
aren't destined for the linux box itself. This amounts to a "Split Horizon"
Default route... That is I would like to have 2 defaults.. One for each
interface. Does anyone know if (or how) to configure the routing tables for
this?
Thanks In advance,
Dave
------------------------------
From: david <[EMAIL PROTECTED]>
Subject: cheap ethernet card
Date: Mon, 09 Aug 1999 21:07:55 +0000
I have recently bought a cheap ethernet card. The reference on the box
is "Soho-PCI".
I wonder if the latest version of Linux kernel will recognize it.
I am currently running Linux 2.0.35 with the Caldera OepenLinux 1.3
distribution.
Does anyone know if there are available drivers and modules for it, if
so where could I get them ?
Thanks,
David
------------------------------
From: Ian Fiske <[EMAIL PROTECTED]>
Subject: Re: gnome ppp help!
Date: Mon, 09 Aug 1999 17:30:54 GMT
I did that and it does the same thing it did with gnome ppp. it connects
for about 2 seconds and disconnects. i read the ppp-how-to and it said
that this meant that i probably have change change something about my
script for my isp. it said that i should log in with something like
minicom to see exactly what my isp's login looked like. but its all crazy
ascii characters! any ideas?
thanks,
ian
Fedge wrote:
> I'm sure your problem can be fixed my reading the PPP-HOW-TO from the
online
> doc's, but in general heres the best way I know how:
>
> 1. from the control panel choose the modem (phone) icon and set the
ttySx to
> your modem com port (ttyS0 = com1)
>
> 2. copy /usr/doc/ppp-2.3.7/scripts/* to /etc/ppp
>
> 3. xedit (or whatever you prefer) the ppp-on scriptfrom /etc/ppp to
reflect
> your user name, password and ISP's tel. number. You probably don't need
to
> change the IP's unless you're not DHCP. Near the bottom of the script
you'll
> see something that indicates what ttySx the script will use and the baud
> rate. Change these to reflect the modem setting in step 1. and the baud
of
> your modem. Save the file.
>
> 4. xedit your /etc/resolv.conf file to reflect you DNS servers. Your ISP
can
> provide you these. Save the file.
>
> (you need to make the rest executable by chmod'ing the permissions of the
> next files.)
> 5. chmod +x /etc/ppp/ppp-on
> 6. chmod +x /etc/ppp/ppp-on-dialer
> 7. chmod +x /etc/ppp/ppp-off
>
> now type: /etc/ppp/ppp-on
> if the entries from above are correct you should be surfin'
> to disconnect type: /etc/ppp/ppp-off
>
>
> Happy Trails
> Fedge
> Ian Fiske <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > hi,
> > i just got a real modem (not a winmodem) and i'm trying to get ppp
working
> > with gnome ppp. i open up the little debugging window so that i can
see
> > what's going on. it get to where it says
> > CONNECT 15200 (or whatever speed it was)
> > and then it spits out a bunch of ascii garbage!
> >
> > my script is really simple:
> > receive ogin:
> > send my username
> > receive sword:
> > send my password
> >
> >
> > by the way i'm using mediaone (not a cable modem, just regular ppp).
> > and do i do anything with PAP?
> >
> > and i know i'm so close to getting it to work cause its actually
talking
> > to the other computer! by the way i have redhat 6.0
> >
> > thanks,
> > ian
> >
> >
> >
> > ------------------ Posted via CNET Linux Help ------------------
> > http://www.searchlinux.com
>
>
================== Posted via CNET Linux Help ==================
http://www.searchlinux.com
------------------------------
From: David <[EMAIL PROTECTED]>
Subject: NSSWITCH???
Date: Mon, 09 Aug 1999 12:11:18 -0700
I have NIS installed on my small network at home. In the HOW-TO it
mentions NSSWITCH and I'm unsure if I need this. What does this do
exactly? Is this the program that enables NIS to handle dns services or
something like that? If someone could please explain I would appreciate
it. Thanks.
------------------------------
From: "Charles Stack" <[EMAIL PROTECTED]>
Subject: Re: need telnet client for NT
Date: Mon, 9 Aug 1999 13:55:42 -0400
Try CRT from VanDyke Software
www.vandyke.com
I use it and it works great. Also, they have an SSH version as well.
Charles
------------------------------
From: [EMAIL PROTECTED] (Eric Remy)
Crossposted-To: comp.os.linux.setup,comp.infosystems.www.servers.unix
Subject: Help on error when building mod_perl apache?
Date: Mon, 09 Aug 1999 15:45:53 -0400
Howdy. I'm trying to build a mod_perl apache server for my Linux server
and am having some difficulties. The machine is a Dell 6100 dual PPro
machine running a bog-standard RH6.0 SMP setup (with the DoS bug patched)
The error message it's giving me hasn't been of much help:
[edremy@learn mod_perl-1.21]# perl Makefile.PL
Configure mod_perl with ../apache_1.3.6/src ? [y] y
Shall I build httpd in ../apache_1.3.6/src for you? [y] y
Appending mod_perl to src/Configuration
Using config file: /home/edremy/modperlapache/mod_perl-1.21/src/Configuration
Creating Makefile
+ configured for Linux platform
+ setting C compiler to gcc
+ setting C pre-processor to gcc -E
+ checking for system header files
+ adding selected modules
+ doing sanity check on compiler and options
/usr/bin/ld: cannot open -lgdbm: No such file or directory
collect2: ld returned 1 exit status
make: *** [dummy] Error 1
** A test compilation with your Makefile configuration
** failed. This is most likely because your C compiler
** is not ANSI. Apache requires an ANSI C Compiler, such
** as gcc. The above error message from your compiler
** will also provide a clue.
The machine builds a vanilla Apache without any errors, and I seriously
doubt that gcc isn't ANSI (heh). I'm clearly missing a needed file-
anyone know what it is?
--
Eric Remy. Chemistry Learning Center Director, Virginia Tech
"But simply by putting my hair into a ponytail I transform into the
coolest guy in the office"- Wally, _Dilbert_
------------------------------
From: hwj <[EMAIL PROTECTED]>
Subject: IEEE 802.1Q
Date: Mon, 09 Aug 1999 21:22:31 +0200
I am considering an implementation of IEEE 802.1Q (VLAN) for Linux. Is
anybody coordinating things like that?. Anybody care to join in?
Henrik
------------------------------
From: Jan-Albert van Ree <[EMAIL PROTECTED]>
Subject: Re: network access
Date: Mon, 09 Aug 1999 21:25:53 +0200
Theresa Zelkwitz schreef:
>
> I have a server with redhat 5.2 for a win95 network.. I have set up
> samba and three user groups, they seem to be working properly except for
> after the win95 computer has been rebooted. The linux server shows up
> on our network but is not accessible for about 15 minutes after reboot,
> what can be done to correct this?
You need to make the Linux box the browse master in the network, so it will
keep a list of PC's connected. This can be done by adding the following
lines to smb.conf :
os level = 33
preferred master = yes
local master = yes
--
Jan-Albert "Sliver" van Ree | [EMAIL PROTECTED]
3D Sims Archive maintainer | http://www.3dgamers.com
------------------------------
From: [EMAIL PROTECTED]
Subject: Linux Webserver Security
Date: Mon, 09 Aug 1999 17:15:53 GMT
I am setting up a webserver for the first time.
I have just installed Redhat Linux 6.0 onto a
Dell Poweredge 1300 server and I need information
on securing the server, anything from blocking
unauthorized access to setting up SSL. I am
using the most recent versions of Apache, Perl &
MySQL. I would appreciate any information or
point me in the right direction, as I want to
make the security on this box tighter than a
gnats butt.
Thanks !
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Jonathon Spaeth <[EMAIL PROTECTED]>
Crossposted-To: linux.samba
Subject: Re: Samba Client Woes
Date: Mon, 09 Aug 1999 12:31:26 -0500
root wrote:
> OK. I've read every piece of documentation out there, but I still
> can't get my linux box to see any hosts on my system that aren't in
> /etc/lmhosts AND I can't make it log in to my NT server which you must
> do on my network before you can use any share. Here is some basic info
> on my system:
>
> -MS NT4 server with 99% windows workstations.. and then there's me with
> Redhat Linux 6.0
> -DHCP
> -No wins server
> -behind a firewall/proxy (shouldn't affect anything, right?)
> -computers represented by 10.1.1.x
> -default gateway 10.1.1.1
> -able to ping any system in local network.
> -unable to ping systems outside the network due to firewall
> -i have DNS addresses in there, but mainly just for my internet??
> -system administrator is an ass who won't help me.
> -the internt works so i know my network card works.
>
> This is how you set up a workstation in windows:
> -TCP/IP network using DHCP, so in windows, I don't set a wins server, a
> dns.. nothing. dhcp does it.
> -Client for microsoft networks logs into an NT domain at boot named
> TELECON
> -File and printer sharing exists
> -Intel ether express 10/100
>
> then you just log in when windows reboots.
>
> This is what I've done so far in Linux:
> -installed samba with basic redhat setup
> -these lines exists in /etc/services:
> netbios-ns 137/tcp # NETBIOS Name Service
> netbios-ns 137/udp
> netbios-dgm 138/tcp # NETBIOS Datagram Service
> netbios-dgm 138/udp
> netbios-ssn 139/tcp # NETBIOS session service
> netbios-ssn 139/udp
>
> -i'm loading smbd and nmbd through inetd.conf. here are the lines:
> #SAMBA services
> netbios-ssn stream tcp nowait root /usr/sbin/smbd smbd
> netbios-ns dgram udp wait root /usr/sbin/nmbd nmbd
>
> -this is my smb.conf
> [global]
>
> security = server
> config file = /etc/smb.conf
> announce as = Win95
> share modes = yes
> encrypt passwords = yes
> smb passwd file = /etc/smbpasswd
> mangle case = yes
> case sensitive = no
> default case = lower
> preserve case = yes
> short preserve case = no
> password level = 0
> preferred master = no
> os level = 0
> null passwords = yes
> dead time = 0
> debug level = 0
> domain master = no
> load printers = no
> password server = TELECON
> comment = Ben
> workgroup = TELECON
> [Root]
> available = yes
> public = yes
> guest only = no
> writable = no
> browseable = yes
> only user = no
> comment = The root dir of my HD.
> path = /
> write list = root
>
> -here are some common error messages:
> smbmount '\\halo\' -U polidore -W TELECON
> Password:
> SMBtconX failed. ERRDOS - ERRnosuchshare
> Perhaps you are using the wrong sharename, username or password?
> Some servers insist that these be in uppercase
>
> BUT halo is in my lmhosts file. This is what happens when I use one
> that's not:
> smbmount '\\robert\' -U polidore -W TELECON
>
> cli_open_sockets: Unknown host ROBERT.
>
> This is what happens when I try to log in to my NT server with
> smbpasswd:
> smbpasswd -j TELECON
> modify_trust_password: Can't resolve address for TELECON
> 1999/07/27 11:20:08 : change_trust_account_password: Failed to change
> password for domain TELECON.
>
> Can someone please help me. I've been working on this for 2 days, and
> I'm at my wit's end. Also, please send me a cc: of your replies.
>
> Thanks in advance,
> Ben Polidore
> [EMAIL PROTECTED]
If you're behind a proxy/firewall, does it act as a bridge and forward all
broadcast traffic? If not, then you're going to have to either use a wins
server or put every host in your lmhosts file.
------------------------------
From: Karl <[EMAIL PROTECTED]>
Subject: Looking for X25 hardware/softeware solution
Date: Mon, 09 Aug 1999 15:31:39 -0400
I currently have a SCO server w/32 serial ports
connected to an X25 pad. Support personel telnet
the server, connect to the X25 pad via the serial
port(s) and administer remote unix systems.
I want to get rid of the serial port board in the
server and the external X25 async pad and replace
them with a hardware/software solution that resides
entirely in the unix server. I prefer the server to
run Linux. I need software frontend to hardware/driver
X25 interface to be able to use scripting (kermit,
minicom, seyon, etc) to place calls on our X25 network
via virtual tty devices. I've contacted Eicon Technologies
and Sagnoma(wanpipe) but haven't got satisfactory
answers yet.
Karl Senseman
Rite Aid Corporation
[EMAIL PROTECTED]
remove "_"'s to reply via email
--
I hear and I forget.
I see and I remember.
I do and I understand.
-- Confuscius --
------------------------------
From: Abacab <[EMAIL PROTECTED]>
Subject: Re: home network setup.
Date: Mon, 09 Aug 1999 21:30:30 +0100
Hi Evan,
> The servers are right next to each other but the workstations
> are 120, 40, & 50ft away.
> What kind of hardware/setup would I need?
With these distances you can use either coax or UTP.
It depends on the topology: With coax you have one cable passing all
pc's, so like
+---+------+-----+
PC1 PC2 PC3 PC4
With UTP you have a hub, with separate cables to each PC:
PC1----------| Hub|-------PC3
PC2----------| |-------PC4
Choose what is most convient to lay out the cables.
Coax cable is more expensive per meter, but you don't need a hub.
You can create your own coax cables with a little bit soldering,
but for UPT connectors you will need a special tool.
(Or you buy the expensive ready cables: I chose the hub solution,
my hub costed $50, and for each cable I payed $15 :-(
Good luck,
Abacab
------------------------------
From: Leonard Hardy <[EMAIL PROTECTED]>
Subject: Netgear EEPROM gone??
Date: 9 Aug 1999 19:53:54 GMT
I have a Netgear FA310 installed with Mandrake 5.3. I am receiving the
following messages at boot time:
missing EEPROM this interface may not work
SIOCSIFFLAGS: Resource temporarily unavailable
using the DIAG.EXE program, under DOS, supplied by Netgear, I get a
similiar message about the EEPROM being corrupted. Netgear says, we don't
officially support Linux, but if the EEPROM is hosed throw the card
away....
Any other thoughts?
Regards,
==============================================================================
Len Hardy Bartlett, IL USA
[EMAIL PROTECTED] --Work :-(
[EMAIL PROTECTED] --Play ;-)
http://www.xnet.com/~ljhardy/bartll.shtml Bartlett Little League
on the web...
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
