Linux-Networking Digest #353, Volume #12 Wed, 25 Aug 99 02:13:31 EDT
Contents:
Re: PPP works (finally) but is too slow for anything ([EMAIL PROTECTED])
Re: fun with "old" machines (Ken Booth)
lpd remote printing question..--- its simple (Mikey)
PPP works (finally) but is too slow for anything ("Matthew O. Persico")
Re: Cracks for Linux?^ (Bill Bonde)
Need help w/ firewall rule for SSL (https) (Lee Allen)
TFTP Server??? ("Todd K. Tuttle")
Re: squid + http-proxy from isp (Daniel Kiracofe)
ID/Password and audit logs (bewale)
separate remote log files ? (Adam)
Magical Samba Config (tofu)
DUN to MSN? (mikez)
Using pppd with the others. ([EMAIL PROTECTED])
NFS state (Wei Yang)
cs: Unable to map card memory! (Paul Waite)
color telnet client (tofu)
syn flood (Patrick)
3com OfficeConnect and RH60 (John George Niesz)
Servers not responding when access from network (Matthew)
securing irc clients and gateway machine with ipchains ("sham khalil")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: Re: PPP works (finally) but is too slow for anything
Date: Wed, 25 Aug 1999 02:21:58 GMT
In article <[EMAIL PROTECTED]>,
Matthew O. Persico <[EMAIL PROTECTED]> wrote:
>Redhat 6.0 KDE's kppp (you MUST upgrade to the rpms on the errata site or
>else fuggetabatit!) is a very good connect wizard. However, I have my modem
>set to 57600, yet I am connected VERY slow - I can see by the byte counts
>on the monitoring tools. Any advice as to what to set to get my 48K speeds
>that I see under NT on same box? And no. it is not a winmodem.
...<snip>...
I had this problem. I solved it this way. Whenever I reboot the computer
or cycle power to the modem, I run minicom, and exit it without resetting
the modem (ALT-Q or whatever). Then, when I run pppd, it connects at
high speed. Presumably, one could set the initialization string of pppd
to do whatever magic it is that minicom does, and I've tried to study
what minicom does and put it in pppd, but I've never gotten it to work, so
I just use my seat of the pants solution.
--
No statement is wholly true, not even this one.
also: remove "UhUh" and "Spam" to get my real email address -----
------------------------------
From: Ken Booth <[EMAIL PROTECTED]>
Subject: Re: fun with "old" machines
Date: Tue, 24 Aug 1999 22:18:02 -0500
A couple of years ago I set up a Slackware 2.2.0.1 , upgraded to 2.0.1 kernel on
a 386/25/8M box.
(kernel compile ~3Hrs!). It still worked (even more slowly) when some memory
went out and left me with only 4 Mb.
Just recently, I put RH 5.2 on a 486 DX2/66, but as memory is cheap these days,
I just sprang for 32M of new memory.
--
Regards, Ken
I AM.
Nick Rout wrote:
> I did an ftp install of rh 6 on a 486 with 8M of memory and it did not
> work (I think because it needs to build a fairly large ram disk). I added
> 4M to make a total of 12M and the ftp install worked fine.
>
> I have also run rh 5.2 on 486 dx2/66 and it ran fine in console mode but
> a bit s l o w in X!!
>
> In article <7pv684$4v7m$[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] says...
> > In article <[EMAIL PROTECTED]>,
> > Michiel van der Kraats <[EMAIL PROTECTED]> wrote:
> > | A client of mine wants to use an internal mailing systems which might
> > | eventually be connected to the Internet. I suggested using Linux for
> > | this. He has a bunch of old 486DX2/66 machines with 4MB collecting dust.
> > | Can such a machine be used for IMAP e-mail and possibly DNS or should I
> > | at least put some more memory in it?
> >
> > I would say yes to both. The machines will undoubtedly work just the way
> > they are, but would be loads better with a bit more memory.
> >
> > I believe Slackware will install in 4MB, I think redhat takes 8, don't
> > quote me on that.
> >
------------------------------
From: [EMAIL PROTECTED] (Mikey)
Subject: lpd remote printing question..--- its simple
Date: Wed, 25 Aug 1999 03:09:34 GMT
Hi..
I have a good amount of Linux boxes that use a remote queue to print
to various printers...
The question is how do I remove the burst page from printing, I can
type "lpr -h" to do it, but how do I tell Linux to do it everytime it
prints....
thanks
mike nichols
[EMAIL PROTECTED]
------------------------------
From: "Matthew O. Persico" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: PPP works (finally) but is too slow for anything
Date: Tue, 24 Aug 1999 21:18:41 -0400
Redhat 6.0 KDE's kppp (you MUST upgrade to the rpms on the errata site or
else fuggetabatit!) is a very good connect wizard. However, I have my modem
set to 57600, yet I am connected VERY slow - I can see by the byte counts
on the monitoring tools. Any advice as to what to set to get my 48K speeds
that I see under NT on same box? And no. it is not a winmodem.
--
Matthew O. Persico
You'll have to pry my Emacs from my cold dead oversized
control-pressing left pinky finger. -- Randal L. Schwartz
------------------------------
From: Bill Bonde <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.apps,comp.os.linux.misc
Subject: Re: Cracks for Linux?^
Date: Tue, 24 Aug 1999 12:38:03 -0700
Bryan wrote:
>
> In comp.os.linux.development.apps Bill Bonde <[EMAIL PROTECTED]> wrote:
> : Bryan wrote:
> : >
> : > optimally, I'd pay the $20 IF I could get source. ie, I don't mind at
> : > all paying for somone's effort, but when things break (and it appears
> : > they do, sometimes, with oss) then I want to be able to fix it.
> : >
> : > otoh, I understand that they CANNOT release source since they had to
> : > sign an NDA to get specs on some cards. one card that I own and NEED
> : > drivers for is only NDA and even then, the oss guys aren't really on
> : > the ball about delivering high quality and FULL FUNCTIONAL drivers for
> : > it (the card is a sonorus studi/o - which has been claiming linux
> : > support for well over a year now, but still does not have multichannel
> : > i/o working).
> : >
> : > so I have mixed feelings about oss. if they would do a complete job
> : > and in a timely manner, I'd support them. but since their
> : > implementation for the card I need is far from complete, I'll hold
> : > onto my money. vote with your dollars, I always say.
> : >
> : Vote with your dollars and don't buy sound cards and the like
> : from companies that refuse to release specs to people making
> : drivers. If this sort of information were freely available to
> : all, drivers and even new ideas for uses of hardware would be
> : made available.
>
> I was told that linux drivers WOULD be coming, which is why I chose
> THIS soundcard company over another close competitor. true, there are
> SOME drivers for linux for this card, but it still falls WAY SHORT of
> the total abilities of this fine piece of hardware. and for pro
> audio, there is nothing that is GPL'd. nothing. ziltch. that's just
> life.
>
> I tried talking with the manuf. and driver writers and go nowhere
> fast. the manuf would still not release specs and would not choose
> another person to write the drivers. so I'm stuck with a card that
> has minimal linux support and while it supposedly works under 'doze,
> that isn't why I bought the card in the first place. if I wanted
> lockups and crashes, I didn't need an expensive card for that - 'doze
> alone can manage that with standard off the shelf hardware ;-)
>
> someday before I grow too old, maybe this company will retire this
> hardware design and THEN they won't be afraid of releasing specs. the
> card will still be useful but just not the latest tech, so the fear of
> publishing the api won't be so 'scary' to them..
>
This isn't why they don't give out the API. The problem is that
they just don't get it. They think that the programming interface
is something that is theirs. The truth is that we must make it
clear that it is owned or at least controlled by those who plunk
down their hard earned cash for the hardware in question. This
issue is actually more important than Linux itself.
------------------------------
From: [EMAIL PROTECTED] (Lee Allen)
Subject: Need help w/ firewall rule for SSL (https)
Reply-To: [EMAIL PROTECTED]
Date: Tue, 24 Aug 1999 14:42:39 GMT
My firewall is apparently blocking SSL because I cannot access an
https web site through my firewall (ie, browser inside the firewall,
https site outside).
I'm not good at firewall rules.
I have added a rule to allow the firewall to return responses to port
443. All outgoing traffic is allowed. But it's still not working.
Could someone provide example firewall rules that would enable me to
access https web sites?
Many thanks.
-Lee Allen
------------------------------
From: "Todd K. Tuttle" <[EMAIL PROTECTED]>
Subject: TFTP Server???
Date: Tue, 24 Aug 1999 22:49:13 -0500
Does the tftpd work or is it just for show??? Seems like it ought to be
pretty straight forward, but I can't get it to work. I have it starting in
the inetd.conf file. Things will connect, but nothing past there. It would
be nice to have for upload router flashes. Have tried since an early version
of Slackware, but no go. Anyone ever get this to work?
Thanks in advance,
Todd K. Tuttle
------------------------------
From: Daniel Kiracofe <[EMAIL PROTECTED]>
Subject: Re: squid + http-proxy from isp
Date: Wed, 25 Aug 1999 03:53:16 GMT
Norbert Bous <[EMAIL PROTECTED]> wrote:
: I need some advice in setting up squid 2.2. My isp required using his
: proxy on port 8080 for http-protocol. Where in squid.conf could I set
: this feature?
I think what you want is the cache_peer option (set it to parent).
------------------------------
From: bewale <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.security
Subject: ID/Password and audit logs
Date: Tue, 24 Aug 1999 22:54:27 -0400
Quick question:
I'm planning on setting up a school computer lab with ~80 MS NT4 clients
and two RH Linux servers (one file/print (samba) and another for
networking (firewall, DHCP, DNS, NAT, etc)). The networking Linux
server will be tri-homed; a cable modem connection on one interface, an
internal 10.2 network on another, and a DMZ on the third. My ISP
provides a static IP address for the cable connection. I was planning
on using IPCHAINS to do the NAT/Firewalling.
The problem:
Any of the 800+ students will be able to use the 80 computers. I need a
way to track/log/audit internet usage per individual (not per IP address
or machine, as that doesn't help) with at least a user ID, time/date
stamp, URL, TO and From IP addresses. Traditionally this is done by a
proxy type firewall and assigning an ID and passwords to each user.
Does this functionality exist with the standard dist of RH 6.0? Is
there any free (or cheap) software to do this? If this functionality
exists, can it read/function off the existing etc\passwd or
etc\smbpasswd, or am I going to have to setup a third set of ID and
passwords? I've read the IPCHAINS How-To, and it doesn't seem to fit
the bill. I've heard squid might be the answer.?.?
The real question: Can I get most (if not all) of the functionality of
a commercial firewall (e.g. Checkpoint, Gauntlet, Raptor, etc) using RH
6.0 and freeware utilities? ... and how?
Thanks,
Brian
------------------------------
Date: Tue, 24 Aug 1999 20:58:16 -0700
From: Adam <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.help
Subject: separate remote log files ?
Hi,
I've recently set up remote logging from one linux box (RH6.0) to
another. Everything seems fine except for one thing: all log entries
for both machines are written to the same files. I can't get the log
host to write separate log files for itself and the other machine.
There must be a way to do this but I can't seem to find the syntax. Or
is this a job for perl? Any help greatly appreciated. -Adam
In /etc/syslog.conf of loghost, I've made various pathetic attempts,
e.g.,
@barney /var/log/[file]
*.barney /var/log/[file]
barney.* /var/log/[file]
*.* @barney /var/log/[file]
[barney is being logged remotely]
thanks for any help..
------------------------------
From: tofu <[EMAIL PROTECTED]>
Subject: Magical Samba Config
Date: Tue, 24 Aug 1999 23:24:43 -0400
After reading the man pages and faqs, I did my best to configure samba.
Unfortunately, I could not access any directories from Windows. "net
use \\linuxbox\share"
resulted in a password prompt and eventually just told me I couldn't log
on. Frustrated, I gave up and turned off the Windows machine. Today I
came home from work, restarted Windows and tried the command again. It
worked! The linux machine has been on the whole time and I haven�t
changed a damn thing since the last time I attempted �net use�
What just happened??
------------------------------
From: mikez <[EMAIL PROTECTED]>
Subject: DUN to MSN?
Date: Tue, 24 Aug 1999 20:28:48 +1700
I've tried to get connected to my MSN account wit hLinux
but it tells me that I don't have valid username/password.
What do I need to do differently with Linux?
[EMAIL PROTECTED]
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: [EMAIL PROTECTED]
Subject: Using pppd with the others.
Date: Wed, 25 Aug 1999 04:14:34 GMT
Hi,
I can use pppd with root, but the others can't use.
Would anyone know how to run pppd with the other users, thanks.
- Kevin
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Wei Yang)
Subject: NFS state
Date: 25 Aug 1999 04:22:09 GMT
Hi,
Is there a program on Linux that can show the NFS state such as
the "nfsstat" on HP and SUN? thanks,
Wei Yang
UNIX SysAdmin
Department of Physics
Colorado State Univ.
------------------------------
From: [EMAIL PROTECTED] (Paul Waite)
Crossposted-To: comp.os.linux.portable
Subject: cs: Unable to map card memory!
Date: 25 Aug 1999 04:56:21 GMT
Hi all,
I'm sure the fix for this is common knowledge
somewhere.
I'm trying to get networking going on an Acer
TravelMate 512DX using Dave Hinds PCMCIA package.
Card services finds my O2Micro OZ6832
PCI-to-Cardbus at bus 0 slot 19, mem 0x68000000.
There is a whole lot of other stuff (available
on request if needed), and then it tries to map
the card memory, but fails with the error message
above.
Socket 0 holds an Accton EN2226 10/100 Ethernet
card.
In its other life, running NT, the laptop's resource
usage is as follows:
1000h-100fh O2 Micro OZ6832/6833 Carbus Controller
06000000h-06000fffh PCMCIA Card Services
06010000h-06010fffh O2 Micro OZ6832/6833 Carbus Controller
06011000h-06011fffh Accton Fast Ethercard-16
06011000h-06012fffh O2 Micro OZ6832/6833 Carbus Controller
06012000h-06012fffh Accton Fast Ethercard-16
06013000h-06013fffh O2 Micro OZ6832/6833 Carbus Controller
I've tried many memory ranges, the latest being..
0x06011000-0x06013fff
With the above setting the actual message in
/var/log/messages was:
initialising socket 0
cs: memory probe 0x6011000-0x6013fff: excluding
0x6011000-0x6014fff
cs: unable to map card memory!
socket 0: Anonymous Memory
My Linux is RedHat 2.0.36
Cheers,
Paul.
--
++++++++++++++++++++++++++++++++++++++++++
Paul Waite
------------------------------
From: tofu <[EMAIL PROTECTED]>
Subject: color telnet client
Date: Tue, 24 Aug 1999 23:27:38 -0400
Is there a way to telnet into a linux machine from a Windows client and
get the pretty colors that �ls �color� normally gives? I�ve been
searching for a telnet client that will do this but I�m wondering if
it�s even possible.
Just point me to the correct man page and I�ll take it from there ; )
------------------------------
From: [EMAIL PROTECTED] (Patrick)
Subject: syn flood
Date: 25 Aug 1999 03:54:24 GMT
when i type dmesg, i find that someone is syn flooding to me...
003. Sending cookies.
Warning: possible SYN flood from 123.123.123.123 on 100.0.0.1:7003. Sending cookies.
Warning: possible SYN flood from 123.123.123.123 on 100.0.0.1:7004. Sending cookies.
Warning: possible SYN flood from 123.123.123.123 on 100.0.0.1:7004. Sending cookies.
Warning: possible SYN flood from 123.123.123.123 on 100.0.0.1:7005. Sending cookies.
Warning: possible SYN flood from 123.123.123.123 on 100.0.0.1:7003. Sending cookies.
Warning: possible SYN flood from 123.123.123.123 on 100.0.0.1:7003. Sending cookies.
other than building firewall, any method to solve?
--
------------------------------
From: John George Niesz <[EMAIL PROTECTED]>
Subject: 3com OfficeConnect and RH60
Date: Tue, 24 Aug 1999 23:46:10 -0400
I bought a 3com OfficeConnect NIC before i installed linux. It works fine
through Win98, but is not recognized at all in RH6. upon reading the
howto, it appeared to me that this NIC is not supported right now, that
there are no drivers made specifically for this card. Are than any
drivers that will work, perhaps a module that was actually made for
another 3com card but works fine for this one too? or do i have to go and
buy a different NIC? if so, what would yuo reccommend? Thanks in
advance! I hate using windows for anything but games!!!!
John
------------------------------
From: Matthew <[EMAIL PROTECTED]>
Subject: Servers not responding when access from network
Date: Wed, 25 Aug 1999 03:53:40 GMT
Hi,
I have set up a RedHat 6.0 system with 2.2.11 kernel running as a masq
gateway for my little internal network to share my DSL link. When I was
using Redhat 5.2, everything works fine. I was able to run my web, ftp,
telnet, phonepatch and fsgs servers. Once I upgrade my system to Redhat
6.0, I couldn't access my phonepatch (H.323 switchboard) and fsgs
(battle.net) servers. However, I can access the servers from the
gateway machine itself. Also, telnet, ftp and web servers work great.
Does anyone know what I need to do to run daemons other than standard
services? Do I need to do some configuration that is different from RH
5.2 for RH 6.0?
Any help would be appreciated.
Thanks,
Matthew
------------------------------
From: "sham khalil" <[EMAIL PROTECTED]>
Subject: securing irc clients and gateway machine with ipchains
Date: Wed, 25 Aug 1999 13:55:08 +0800
i'm configuring rh6.0 and kernel 2.2.11 to be a gateway server for my
network to dial-up internet access. i've also installed ipchains on the
gateway server. my setup has masq all forward rules. i have also loaded
the ip_masq_irc. i have blocked all input to external interface for port
below 1024, netbus and certain icmp.
/sbin/ipchains -P forward DENY
/sbin/modprobe ip_masq_irc
/etc/hosts.deny file has
ALL:ALL
/etc/hosts.allow file has
ALL:192.168.0.1
ALL:192.168.0.2 # i have all trusted local ip in this file
now the irc client could connect outside irc servers. i do not need to set
the firewall for the configuration on mirc is this the correct setup for
the client and server? some people say without configuring the firewall
options on mirc client will leave the client pc wide open for abuses and
attacks. is it true?
if i try to set the firewall options on mirc client to my gateway server,
the client could not connect to irc server anymore. i'm not sure if
ip_masq_irc support socks 5 or socks 4.
thanks
sham khalil
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
