Linux-Networking Digest #180, Volume #12 Tue, 10 Aug 99 19:13:52 EDT
Contents:
DHCP and NT. ("Chuck \"PUP\" Payne")
Re: IPChains Nightmare ("John Clement")
Re: HOME NETWORK CONNECT TO INTERNET BY PPP NOT WORK !! (Monte Phillips)
Re: Errors SIOCADDRT and TIOCSER (Clifford Kite)
Re: Problem running blizzards di ("gonZo theGreaT")
Re: symbolic link not work in ftpd (Jan-Albert van Ree)
----------------------------------------------------------------------------
From: "Chuck \"PUP\" Payne" <[EMAIL PROTECTED]>
Subject: DHCP and NT.
Date: Tue, 10 Aug 1999 17:06:09 -0000
I have a small network. A couple of Linux Boxes and One NT Server. I have
set up one of the Linux Boxes to be a DHCP Server, so that all our computers
can use it. Our Macs and Linux boxes are happy. They can get their IP and
get out, and get their files, but my NT workstation and 98 machine are
crying cuz, they can't see the NT Server, and can't log into the NT Domain.
Was I suppose to set something up in the dhcpd.conf to let the Wintel boxes
know there is NT Server they need to point once they get thier Ip? Or do I
need to install Samba?
Any help would be great.
Chuck Payne
Sr. System Administrator
GDI Engineering
------------------------------
From: "John Clement" <[EMAIL PROTECTED]>
Subject: Re: IPChains Nightmare
Date: Tue, 10 Aug 1999 16:06:20 -0500
I'm also still fairly new to IP-Chains, so I won't say that I know exactly
what your script causes.
Are you able to use your internet connection with this script? I would
suspect that it would deny ALL incoming tcp traffic (except from your
internet mail server) including any http traffic that you may have
requested. After all when looking for a web page, you send out a request
(which falls under the output rules) and you wait for an answer (which falls
under the input rules). However your rules only permits outside input from
your mail server.
Of course I could be wrong.
Andrew Taylor <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Hi,
>
> Ok, the first thing to do is to admit I'm an IP-Chains virgin. I've
> hopelessly bodged together my firewall and it basically allows me to
connect
> from my machine 192.168.1.2 to my server 192.168.1.1 and use it as a
gateway
> to my ppp link. Now I've spent today at work reading the how-to and I must
> admit it makes a lot of sense. I've created my rules which in theory are
> great, however, in practice they don't work. Is there anywhere I can go to
> get some more examples.
>
> I want to let local machines do what they want and I want to only allow
tcp
> connections from my isp's mail servers. As far as I can see I need the
> following
>
> ipchains -P input DENY
> ipchains -A input -s 192.168.1.0/24 -j ACCEPT
> ipchains -A input -s mail1.demon.net -d 192.168.1.1 -p tcp -j ACCEPT
> ipchains -A input -s mail2.demon.net -d 192.168.1.1 -p tcp -j ACCEPT
> ipchains -P output ACCEPT
> ipchains -A output -s 192.168.1.2 -j ACCEPT
> ipchains -p forward MASQ
> ipchains -A forward -s 192.168.1.2 -j MASQ
>
> Any comments ?
>
> Andy
>
>
------------------------------
From: [EMAIL PROTECTED] (Monte Phillips)
Crossposted-To: comp.os.linux.misc
Subject: Re: HOME NETWORK CONNECT TO INTERNET BY PPP NOT WORK !!
Date: Tue, 10 Aug 1999 20:57:59 GMT
trivial it is for your set up(needed you net work running, ipchains
installed and linux kernel 2.2.x)
try these lines from command line in this order
ipchains -P forward DENY
ipchains -A forward -i ppp0 -j MASQ
echo "1" > /proc/sys/net/ipv4/ip_forward
insmod ip_masq_ftp
If no errors then you are up and running, put those lines in your
/etc/rc.local and it will do them at boot up.
That of course is about as minimal as you can get, but it works. You
will be able to access the modem (ppp0) on linux simultaneouly by all
clients, including linux. BTW if you are on cable or such that
accesses internet by ether card merely make the -i ppp0 into -i
eth(x)
g'Luk
>Hi Tom,
>Not quite sure what your trying to do but it seems like you want to give
>your local subnet access to the internet using your Linux machine to
>"masqurade" traffic to your ppp0 link. This is not as simple as you make it
>out to be. You cannot simply add the ppp0 default gateway address to your
>routing table. You must set up "IP Masqurading". This is not trivial and I
>don't recall the presice procedure but I will try and describe it roughly.
>First thing you want to do it get you local network and dial-up setup
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: Errors SIOCADDRT and TIOCSER
Date: 10 Aug 1999 17:19:27 -0500
RA ([EMAIL PROTECTED]) wrote:
: Just something I came across after building 2.2.10 kernel.
: The error messages come up only during boot. I was wondering
: if somebody might have an idea. The actual mesgs are:
: SIOCADDRT : Invalid argument
: TIOCSER ? ioctl obsolete, ignored
You likely need to read the linux/Documentation/Changes file. Among
other things net-tools need upgrading. Also the route command needs
more arguments specified.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* Microsoft is a great marketing organization.
* It _has_ to be */
------------------------------
From: "gonZo theGreaT" <[EMAIL PROTECTED]>
Subject: Re: Problem running blizzards di
Date: Tue, 10 Aug 1999 21:45:40 GMT
> The problem is that masquerading does not allows incoming
> traffic. One solution is to install socks5 proxy server - it
> supports UDP proxying.
Is it possible to involve multiple clients at the same time with
socks5-proxy ?
Cause masquerading only works for one connection. :(
thanx
Gonzo
------------------------------
From: Jan-Albert van Ree <[EMAIL PROTECTED]>
Subject: Re: symbolic link not work in ftpd
Date: Tue, 10 Aug 1999 20:34:06 +0200
Mars schreef:
>
> I'm running RH 6.0 and I want to make a vfat partition available for
> ftpd. So I make a symbolic link /mnt/dos to /home/ftp/pub/dos. It
> doesn't work while cd to that directory. I also try making a symbolic
> link /mnt/cdrom to /home/ftp/pub/cdrom and it fails too. It seems I
> cannot use other filesystem for ftpd. Am I missing anything?
Have you checked the permissions for the link and the files?
--
Jan-Albert "Sliver" van Ree | [EMAIL PROTECTED]
3D Sims Archive maintainer | http://www.3dgamers.com
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
