Linux-Networking Digest #279, Volume #12 Wed, 18 Aug 99 22:13:34 EDT
Contents:
Re: pppd in 'setuid-root' mode (John Hasler)
Re: Securing Linux NFS (Garrett Wollman)
Re: tn3270 questions; need help (Cokey de Percin)
Dynamic IP addressing with KDE ("Nick")
Now that I have IP Masq running.... (Eric Rouse)
Re: Linux and MSExchange Mail (sandrews)
dhcpcd and MAC address (Don Jerman)
Can't check mail on the OE or Netscape Messanger.. ([EMAIL PROTECTED])
Re: repost solution to: "why it takes 20years to telnet to RedHat Linux" (sandrews)
Artisoft AE-2 Ethernet Cards....Anyone had any luck? (Chris)
Re: C++ templates: More than Turing Complete? (David Schwartz)
Re: PPP problem (ggarside)
----------------------------------------------------------------------------
From: John Hasler <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: pppd in 'setuid-root' mode
Date: Wed, 18 Aug 1999 21:57:51 GMT
Clifford Kite writes:
> Only for root or if the device file name comes from a privileged source.
As it should. Users should not be configuring network interfaces. Pppd
should not be passed any command line option other than 'call <provider>'
by users. The less said about .ppprc the better.
> Yes, they do.
Users do not have to be able to to write to the port. Pppd on Debian works
just fine without it.
--
John Hasler This posting is in the public domain.
[EMAIL PROTECTED] Do with it what you will.
Dancing Horse Hill Make money from it if you can; I don't mind.
Elmwood, Wisconsin Do not send email advertisements to this address.
------------------------------
From: [EMAIL PROTECTED] (Garrett Wollman)
Crossposted-To: comp.protocols.kerberos
Subject: Re: Securing Linux NFS
Date: 19 Aug 1999 00:52:31 GMT
In article <[EMAIL PROTECTED]>, Ken Raeburn <[EMAIL PROTECTED]> wrote:
>That still leaves open the question of what principal on the client
>side is doing the authenticating. Using a per-host principal would
>probably be easiest.
The Berkeley/Guelph NFS implementation does it per-user. Here's
the gory details from nfssvc(2):
NFSSVC(2) FreeBSD System Calls Manual NFSSVC(2)
NAME
nfssvc - NFS services
SYNOPSIS
#include <sys/param.h>
#include <sys/mount.h>
#include <sys/time.h>
#include <nfs/rpcv2.h>
#include <nfs/nfs.h>
#include <unistd.h>
int
nfssvc(int flags, void *argstructp)
DESCRIPTION
The nfssvc() function is used by the NFS daemons to pass information into
and out of the kernel and also to enter the kernel as a server daemon.
The flags argument consists of several bits that show what action is to
be taken once in the kernel and the argstructp points to one of three
structures depending on which bits are set in flags.
On the client side, nfsiod(8) calls nfssvc() with the flags argument set
to NFSSVC_BIOD and argstructp set to NULL to enter the kernel as a block
I/O server daemon. For NQNFS, mount_nfs(8) calls nfssvc() with the
NFSSVC_MNTD flag, optionally or'd with the flags NFSSVC_GOTAUTH and
NFSSVC_AUTHINFAIL along with a pointer to a
struct nfsd_cargs {
char *ncd_dirp; /* Mount dir path */
uid_t ncd_authuid; /* Effective uid */
int ncd_authtype; /* Type of authenticator */
int ncd_authlen; /* Length of authenticator string */
u_char *ncd_authstr; /* Authenticator string */
int ncd_verflen; /* and the verifier */
u_char *ncd_verfstr;
NFSKERBKEY_T ncd_key; /* Session key */
};
structure. The initial call has only the NFSSVC_MNTD flag set to specify
service for the mount point. If the mount point is using Kerberos, then
the mount_nfs(8) daemon will return from nfssvc() with errno == ENEEDAUTH
whenever the client side requires an ``rcmd'' authentication ticket for
the user. Mount_nfs(8) will attempt to get the Kerberos ticket, and if
successful will call nfssvc() with the flags NFSSVC_MNTD and
NFSSVC_GOTAUTH after filling the ticket into the ncd_authstr field and
setting the ncd_authlen and ncd_authtype fields of the nfsd_cargs struc-
ture. If mount_nfs(8) failed to get the ticket, nfssvc() will be called
with the flags NFSSVC_MNTD, NFSSVC_GOTAUTH and NFSSVC_AUTHINFAIL to de-
note a failed authentication attempt.
On the server side, nfssvc() is called with the flag NFSSVC_NFSD and a
pointer to a
struct nfsd_srvargs {
struct nfsd *nsd_nfsd; /* Pointer to in kernel nfsd struct */
uid_t nsd_uid; /* Effective uid mapped to cred */
u_long nsd_haddr; /* Ip address of client */
struct ucred nsd_cr; /* Cred. uid maps to */
int nsd_authlen; /* Length of auth string (ret) */
u_char *nsd_authstr; /* Auth string (ret) */
int nsd_verflen; /* and the verfier */
u_char *nsd_verfstr;
struct timeval nsd_timestamp; /* timestamp from verifier */
u_long nsd_ttl; /* credential ttl (sec) */
NFSKERBKEY_T nsd_key; /* Session key */
};
to enter the kernel as an nfsd(8) daemon. Whenever an nfsd(8) daemon re-
ceives a Kerberos authentication ticket, it will return from nfssvc()
with errno == ENEEDAUTH. The nfsd(8) will attempt to authenticate the
ticket and generate a set of credentials on the server for the ``user
id'' specified in the field nsd_uid. This is done by first authenticat-
ing the Kerberos ticket and then mapping the Kerberos principal to a lo-
cal name and getting a set of credentials for that user via. getpwnam(3)
and getgrouplist(3). If successful, the nfsd(8) will call nfssvc() with
the NFSSVC_NFSD and NFSSVC_AUTHIN flags set to pass the credential map-
ping in nsd_cr into the kernel to be cached on the server socket for that
client. If the authentication failed, nfsd(8) calls nfssvc() with the
flags NFSSVC_NFSD and NFSSVC_AUTHINFAIL to denote an authentication fail-
ure.
The master nfsd(8) server daemon calls nfssvc() with the flag
NFSSVC_ADDSOCK and a pointer to a
struct nfsd_args {
int sock; /* Socket to serve */
caddr_t name; /* Client address for connection based sockets */
int namelen;/* Length of name */
};
to pass a server side NFS socket into the kernel for servicing by the
nfsd(8) daemons.
RETURN VALUES
Normally nfssvc() does not return unless the server is terminated by a
signal when a value of 0 is returned. Otherwise, -1 is returned and the
global variable errno is set to specify the error.
ERRORS
[ENEEDAUTH] This special error value is really used for authentication
support, particularly Kerberos, as explained above.
[EPERM] The caller is not the super-user.
SEE ALSO
mount_nfs(8), nfsd(8), nfsiod(8)
HISTORY
The nfssvc() function first appeared in 4.4BSD.
BUGS
The nfssvc() system call is designed specifically for the NFS support
daemons and as such is specific to their requirements. It should really
return values to indicate the need for authentication support, since
ENEEDAUTH is not really an error. Several fields of the argument struc-
tures are assumed to be valid and sometimes to be unchanged from a previ-
ous call, such that nfssvc() must be used with extreme care.
BSD June 9, 1993 2
--
Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same
[EMAIL PROTECTED] | O Siem / The fires of freedom
Opinions not those of| Dance in the burning flame
MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick
------------------------------
From: Cokey de Percin <[EMAIL PROTECTED]>
Crossposted-To: comp.unix.aix,comp.os.linux.misc
Subject: Re: tn3270 questions; need help
Date: Thu, 19 Aug 1999 01:36:12 +0000
Raymonds Doetjes wrote:
>
> What kinda terminal srever do you have?
>
> Raymond
>
> "J. Otto Tennant" wrote:
>
> > This is a question about tn3270 in general, not about the particular
> > operating system it is running on.
> >
> > There is a central computer and several remote terminals. (They
> > happen to be IBM 3101s, but they could be anything, even an ADM-3a.)
> > The remote terminals are connected to a "terminal server" which
> > has an IP address (192.168.10.2, just to be definite.) The several
> > remote terminals respond to ports 2000, 2001, 2002, and so on as
> > telnet sessions.
> >
> > When I boot up the central computer, I want to treat these remote
> > terminals as 3270s and splash a legacy logon screen to them.
> >
I don't believe you really want to treat the remote terminals as 3270s.
A 3270 is a rather special breed of terminal and is only used to access
IBM OS/MVS or AS/400 (or similar) machines, usually EBCDIC - NOT ascii
based machines.
I haven't worked with terminal servers, but I would suspect that there
is a way to display a login banner. How this is done might vary between
terminal servers.
> > I also need to hook them up to a daemon which receives requests,
> > processes them, and responds to them.
AFAIK, there should be a piece of software that talks to the terminal
server and runs on your central machine that does this. This is similar
to getty running on a machine and talking to one port on a multiport
serial board only in this case the board itself in remote and connected
by an ip network.
> >
> > I have exhausted my knowledge of networking, although I'm fairly
> > certain the solution must be straightforward.
> >
> > In principle, if I could write:
> >
> > tn3270 host port <192.168.10.2:2000 >192.168.10.2:2000
> >
> > it would work like magic (I think).
I don't believe that that will work. Tn3270 is special type of terminal
emulator, and will not connect/talk to a terminal server in the way you're
trying to do.
> >
> > What I need to do is associate a pty with the remote IP/port.
> >
> > (The terminal server also provides ports 3000, 3001, etc. which
> > are more "raw" than a telnet port, but I've forgotten the name
> > of the service.)
> >
> > I'm not certain I have explained the problem well enough for
> > anyone to comment.
> >
> > --
> > J.Otto Tennant [EMAIL PROTECTED]
> > Forsan et haec olim meminisse juvabit.
> > Charter Member of the Vast Right Wing Conspiracy
Best
Cokey
--
==================================================================
Cokey de Percin, DBA Email:
Policy Management Systems Corp. Work - [EMAIL PROTECTED]
Columbia, South Carolina Home - [EMAIL PROTECTED]
------------------------------
From: "Nick" <[EMAIL PROTECTED]>
Subject: Dynamic IP addressing with KDE
Date: Wed, 18 Aug 1999 18:31:37 -0700
I was wondering if anyone could help a new person configure a Dynamically
Allocating IP client so that I can dial my ISP under Linux. I am running
SuSE Linux 6.1 which has KDE 1.1 and Gnome 1.0. Any help is appreciated.
Thank you.
Nick
------------------------------
From: [EMAIL PROTECTED] (Eric Rouse)
Subject: Now that I have IP Masq running....
Date: Thu, 19 Aug 1999 01:34:17 GMT
I tried to connect to the gateway machine via telnet... I was
presented with the login screen as I expected but the system wouldn't
let me log in... I didn't change anything other then the settings in
the How-To I was following.
Any thoughts?
Regards,
Eric
------------------------------
From: sandrews <[EMAIL PROTECTED]>
Subject: Re: Linux and MSExchange Mail
Date: Wed, 18 Aug 1999 21:34:35 -0400
On Wed, 18 Aug 1999, [EMAIL PROTECTED] wrote:
>i was wondering if there were any packages which would allow me to
>receive our internal e-mail which is handled by Exchange server. I can
>receive internet mail, however. Any help would be appreciated.
>
>
>Sent via Deja.com http://www.deja.com/
>Share what you know. Learn what you don't.
It may not be YOUR problem......................
Try to telnet into the exchange server on port 25 (SMTP) and port 110 (POP3).
If you can't it's not your problem it's your administrators problem. I have
had the same problem as you but in my case I have to try to get our brain dead
MS admin's to look into the problem ( Yes it's a bitch, they don't understand
shit). If both ports are open then you can use any standard email client.
------------------------------
From: Don Jerman <[EMAIL PROTECTED]>
Subject: dhcpcd and MAC address
Date: Wed, 18 Aug 1999 21:14:36 -0400
Can anyone help me get my DHCP client to use a spoofed MAC address to
talk to the server? I'm lazy and I want to be able to use the same
network link with more than one machine by un-plugging (as well as
building a masquerading set-up, but let's solve this first).
Ok, I have figured out the hardware problem (I think) and got my d-link
530TX+ recognized by the system (TX-errors == 0 now, and on boot it
finds the right MAC address). In the meantime I got my DSL provider to
configure their DHCP server to talk to my laptop's ethercard (which does
not respond to attempts to change its MAC address). I've use ifconfig
eth0 hw ether xxxxxxxxxxxxxxx to reconfigure my big box's address, but I
get no response from the server (although ifconfig reports packets sent
and received). pump and dhcpcd both report no answer to the
DHCP_DISCOVER message and time out. The card is working now under
Win98 with the reconfigured MAC address. (yes, I had to install the
virus to get them to install the ADSL, and no, they won't help me with
Linux).
Do these programs do something evil with ioctl() that's getting around
whatever ifconfig is doing? I did read the source, but I'm not sure
where that business is going on yet... I did try dhcpcd -I xxxxxxxxxxxx
-h djerman -d to test and got the same answer.
(I was on call tonight and I couldn't afford 20 minutes on hold to the
ISP -- I'll test with the real MAC address and set up the hub to test
the cards tomorrow).
Thanks!
-d
------------------------------
From: [EMAIL PROTECTED]
Subject: Can't check mail on the OE or Netscape Messanger..
Date: Thu, 19 Aug 1999 01:00:10 GMT
I'm using qpopper ver. 2.53 on the Redhat Linux 5.0.
And it compiled not support shadow passwd.
(My linuxbox doesn't using shadow passwd)
And i can see it work well with
# telnet localhost 110
user
pass
But I can't check my mailbox on the OE or Netscape Messanger.
It always give me "The passwd you given is wrong..."
What makes me embrassed is this problem applied all the E-mail IDs.
Only some ID does.
Help me....
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: sandrews <[EMAIL PROTECTED]>
Subject: Re: repost solution to: "why it takes 20years to telnet to RedHat Linux"
Date: Wed, 18 Aug 1999 21:41:35 -0400
On Wed, 18 Aug 1999, Lindoze 2000 wrote:
>can someone please repost the solution to why it takes 2minutes to
>telnet to
>RedHat dist.?
>
>--
>Thank you for your valuable input. Your useful answers will benifit
>other users as well.
>You are Linux!
>
>
>
Fix your DNS or your resolver order. It's probly looking for DNS then hosts in
the hosts config file. What is happening is telnet waits for the DNS to time
out and then goes to the host file where it most likely finds the IP it's
looking for.
------------------------------
From: [EMAIL PROTECTED] (Chris)
Subject: Artisoft AE-2 Ethernet Cards....Anyone had any luck?
Date: Thu, 19 Aug 1999 01:00:52 GMT
I just got 2 Artisoft AE2 ethernet cards from a guy I work
with. Currently they are not on the supported list but I am wondering
if anyone else out there has found a compatible module for this card.
Any help is appreciated.
Thx, Chris
------------------------------
From: David Schwartz <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.apps,comp.os.linux.development.system
Subject: Re: C++ templates: More than Turing Complete?
Date: Wed, 18 Aug 1999 18:01:19 -0700
> In fact, given any script which terminates (in any scripting language)
> it should be at least *possible* to produce an equivalent assembly
> program (or equivalent C program or whatever) of finite length and
> complexity, should it not?
This question only seems interesting because you are not being precise
in your use of the word 'equivalent'.
DS
------------------------------
From: ggarside <[EMAIL PROTECTED]>
Subject: Re: PPP problem
Date: Thu, 19 Aug 1999 01:09:15 GMT
Hmmm, I don't use RedHat (I use Slackware) so I may be all wet......
I don't like the look of the two default routes in your routing table
(0.0.0.0 in the destination column). Take a look in your boot files (in Slackware
they're things like /etc/rc.d/rc.inet1) and see if the default setup inserts a
default route. It'll likely be to your localnet (the 192.168.1.254).
On Slackware it looks like this:
/sbin/route add default gw ${GATEWAY} netmask 0.0.0.0 metric 1
If so, comment this out, so your routing table has no default before establishing the
ppp link. Make sure that you have the defaultroute option included for the ppp
scheme. Then, when you negotiate your ip address from the ISP, you should also find
just one default route gets put in the table, and things should work 8-)
HTH,
Geoff.
[EMAIL PROTECTED] wrote:
> Hi,
>
> I am a little new to the Linux world and would like some help on getting
> my ppp working. I installed RH6.0 a few days ago and have still not been
> successful with ppp.
>
> When I execute the ppp and chat scripts (copied and changed from
> /usr/doc), the modem dials out and I get an IP address allocated to my
> machine, but I am not able to ping anyplace except the IP address I am
> assigned. I have checked /etc/resolv.conf for an erroneous entry, and to
> me it looks ok. It doesn't matter if I use an IP address or a domain
> name in the ping. There is still no response.
>
> Entries in my log:
>
> Aug 18 15:13:51 zeus kernel: CSLIP: code copyright 1989 Regents of the
> University of California
> Aug 18 15:13:51 zeus kernel: PPP: version 2.3.3 (demand dialling)
> Aug 18 15:13:51 zeus kernel: PPP line discipline registered.
> Aug 18 15:13:51 zeus kernel: registered device ppp0
> Aug 18 15:13:51 zeus pppd[1631]: pppd 2.3.7 started by root, uid 0
> Aug 18 15:13:52 zeus chat[1632]: timeout set to 3 seconds
> Aug 18 15:13:52 zeus chat[1632]: abort on (\nBUSY\r)
> Aug 18 15:13:52 zeus chat[1632]: abort on (\nNO ANSWER\r)
> Aug 18 15:13:52 zeus chat[1632]: abort on (\nRINGING\r\n\r\nRINGING\r)
> Aug 18 15:13:52 zeus chat[1632]: send (rAT^M)
> Aug 18 15:13:52 zeus chat[1632]: expect (OK)
> Aug 18 15:13:52 zeus chat[1632]: rAT^M^M
> Aug 18 15:13:52 zeus chat[1632]: OK
> Aug 18 15:13:52 zeus chat[1632]: -- got it
> Aug 18 15:13:52 zeus chat[1632]: send (ATH0^M)
> Aug 18 15:13:52 zeus chat[1632]: timeout set to 30 seconds
> Aug 18 15:13:52 zeus chat[1632]: expect (OK)
> Aug 18 15:13:52 zeus chat[1632]: ^M
> Aug 18 15:13:53 zeus chat[1632]: ATH0^M^M
> Aug 18 15:13:53 zeus chat[1632]: OK
> Aug 18 15:13:53 zeus chat[1632]: -- got it
> Aug 18 15:13:53 zeus chat[1632]: send (ATDT594-9858^M)
> Aug 18 15:13:53 zeus chat[1632]: expect (CONNECT)
> Aug 18 15:13:53 zeus chat[1632]: ^M
> Aug 18 15:14:09 zeus chat[1632]: ATDT594-9858^M^M
> Aug 18 15:14:09 zeus chat[1632]: CONNECT
> Aug 18 15:14:09 zeus chat[1632]: -- got it
> Aug 18 15:14:09 zeus chat[1632]: send (^M)
> Aug 18 15:14:09 zeus chat[1632]: expect (sername:)
> Aug 18 15:14:09 zeus chat[1632]: 14400/ARQ/V32/LAPM/V42BIS^M
> Aug 18 15:14:10 zeus chat[1632]: ^M
> Aug 18 15:14:10 zeus chat[1632]: Annex Command Line Interpreter *
> Copyright 1991 Xylogics, Inc.^M
> Aug 18 15:14:10 zeus chat[1632]: ^M
> Aug 18 15:14:10 zeus chat[1632]: Checking authorization, Please
> wait...^M
> Aug 18 15:14:10 zeus chat[1632]: username:
> Aug 18 15:14:10 zeus chat[1632]: -- got it
> Aug 18 15:14:10 zeus chat[1632]: send (my_userid^M)
> Aug 18 15:14:11 zeus chat[1632]: expect (assword:)
> Aug 18 15:14:11 zeus chat[1632]: my_userid^M
> Aug 18 15:14:11 zeus chat[1632]: password:
> Aug 18 15:14:11 zeus chat[1632]: -- got it
> Aug 18 15:14:11 zeus chat[1632]: send (my_password^M)
> Aug 18 15:14:11 zeus chat[1632]: expect (nnex:)
> Aug 18 15:14:11 zeus chat[1632]: ^M
> Aug 18 15:14:11 zeus chat[1632]: ^M
> Aug 18 15:14:11 zeus chat[1632]: Permission granted; Type telnet or ppp
> for network connection^M
> Aug 18 15:14:11 zeus chat[1632]:
> -------------------------------------------------------------------------------^M
>
> Aug 18 15:14:11 zeus chat[1632]:
> Aug 18 15:14:11 zeus chat[1632]: To start ppp connection type ppp at the
> annex prompt after logging in.^M
> Aug 18 15:14:11 zeus chat[1632]: ^Iannex:
> Aug 18 15:14:11 zeus chat[1632]: -- got it
> Aug 18 15:14:11 zeus chat[1632]: send (ppp^M)
> Aug 18 15:14:11 zeus pppd[1631]: Serial connection established.
> Aug 18 15:14:11 zeus pppd[1631]: Using interface ppp0
> Aug 18 15:14:11 zeus pppd[1631]: Connect: ppp0 <--> /dev/ttyS1
> Aug 18 15:14:13 zeus kernel: PPP BSD Compression module registered
> Aug 18 15:14:13 zeus kernel: PPP Deflate Compression module registered
> Aug 18 15:14:16 zeus pppd[1631]: local IP address 128.198.66.19
> Aug 18 15:14:16 zeus pppd[1631]: remote IP address 128.198.66.66
>
> Output of my netstat -rn is as follows:
>
> Kernel IP routing table
> Destination Gateway Genmask Flags MSS Window irtt
> Iface
> 192.168.1.1 0.0.0.0 255.255.255.255 UH 0 0 0
> eth0
> 128.198.66.66 0.0.0.0 255.255.255.255 UH 0 0 0
> ppp0
> 192.168.1.0 192.168.1.1 255.255.255.0 UG 0 0 0
> eth0
> 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0
> eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0
> lo
> 0.0.0.0 128.198.66.66 0.0.0.0 UG 0 0 0
> ppp0
> 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0
> eth0
>
> Output of ifconfig is as follows:
>
> eth0 Link encap:Ethernet HWaddr 00:00:21:62:61:8D
> inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
>
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:514 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:100
> Interrupt:12 Base address:0x280
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:3924 Metric:1
> RX packets:275 errors:0 dropped:0 overruns:0 frame:0
> TX packets:275 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:0
>
> ppp0 Link encap:Point-to-Point Protocol
> inet addr:128.198.66.19 P-t-P:128.198.66.66
> Mask:255.255.255.255
> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
> RX packets:6 errors:0 dropped:0 overruns:0 frame:0
> TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:10
>
> I have been looking for ideas in this newsgroup and have looked at the
> PPP-HOWTO as well. I don't know what I am missing. I am very thankful
> for any help offered.
>
> Thanks,
> Krishna.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
