Linux-Networking Digest #373, Volume #12 Thu, 26 Aug 99 15:13:35 EDT
Contents:
inetd: bind: Address already in use (Matt Kirk)
Re: Netgear FA310TX (Eric Wampner)
Re: Win98 newsreader through IP MASQ ("Robert_Glover")
Re: Do I have to subnet with ipchains??? ("Robert_Glover")
Re: houston, we have a problem with our network... (Bob James)
Re: Firewall Rules ("Robert_Glover")
Re: How to get rdate working? ("YouDontKnowWho")
Re: Bootpc? ("YouDontKnowWho")
Re: Mirroring through a socks server (Stephen Granger)
compaq built-in scsi controller ("Victor Sia")
Re: IP Masqerading - Win95 client wont work!! (Stew Benedict)
How do I change DHCP renewal time (Lorenz Glaza)
Re: How to reload sendmail? ("Derek")
Re: VMware - wow! (puddin tame)
Re: VMware - wow! (John Edwards)
Newbie looking for the best linux book to buy (Nick Hargraves)
[newbie] proxy services? (Kenneth Wong)
Re: Printing needs lpd restarted ("Mitch Appleby")
Re: PPP fails after ISP "upgraded" (Stephen Moehle)
Specifying proxy server for netscape (Suresh Muthuswami)
How to get on the WWW ("Guy Forssman")
No one is answering the PLIP questions, Why? (Xiaoguang Zhang)
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (Matt Kirk)
Subject: inetd: bind: Address already in use
Date: Thu, 26 Aug 1999 12:50:12 GMT
Hi,
I am running a pentium 2 box with redhat 6.0 on it.... At times during
the day it becomes unavailable for connection.
I checked the messages log in /var/log/messages and every ten minutes
for the last 4 days it has recorded:
inetd[108940] linuxconf/tcp: bind Address already in use
inetd[108940] auth/tcp: bind Address already in use
inetd[108940] finger/tcp: bind Address already in use
inetd[108940] login/tcp: bind Address already in use
inetd[108940] shell/tcp: bind Address already in use
inetd[108940] telnet/tcp: bind Address already in use
inetd[108940] ftp/tcp: bind Address already in use
Any suggestions on this problem?
~Matt
------------------------------
From: Eric Wampner <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.development.system,comp.os.linux.hardware,linux.dev.net
Subject: Re: Netgear FA310TX
Date: Thu, 26 Aug 1999 11:19:05 -0400
Dave Platt wrote:
> A less expensive workaround for the problem would simply be to recognize
> the symptoms of the chip error and reset the chip, discarding the
> damaged packets (and potentially dropping transmit packets on the
> floor). It would be up to the higher layers in the protocol stack to
> recover from the loss of data. I did something like this a few years
> ago to fix the AMD "lance" driver so that it would recover from
> busmastering errors.
BTW - This works great, I am a Zeos P90 with the AMD53C790 (er 970?)
chip,
I get bus master errors on my console all the time with no apparent
problem
with the network.
If thats the same problem, I think resetting the chip and dumping the
packets works fine for a casual workstation.
eric
--
Eric Wampner Orlando Software Group, Inc. [EMAIL PROTECTED]
Software Engineer (407) 366-0909 [EMAIL PROTECTED]
Systems Administrator fax (407) 366-2721 [EMAIL PROTECTED]
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: Win98 newsreader through IP MASQ
Date: Thu, 26 Aug 1999 14:36:22 -0000
You need to masquerade nntp to access a news server.
Vlar Schreidlocke wrote in message
<[EMAIL PROTECTED]>...
>I have several Win98 machines connected to a Linux box running RH 6.0
>with IP Masquerade. I have http and ftp working, but I can't seem to
>figure out how to get Agent 1.5 (Win98 newsreader) to connect and get
>newsgroups through the Linux box. I have read the ip-masq-HOWTO-1.77
>several times with no results on this particular problem. What am I
>missing? Can anyone help?
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: Do I have to subnet with ipchains???
Date: Thu, 26 Aug 1999 15:57:07 -0000
You don't have to re-number them, but you will need to put them on a
physically separate segment and set up routing for them. The
"ipchains computer" would act as the gateway/firewall. If there are a
large number of these computers to be protected, then I would have to
recommend sub-netting them. Otherwise you'll have to establish host
routes for each of them, and that could be tedious.
Warren Flemmer wrote in message
<7q3jpv$2bpq$[EMAIL PROTECTED]>...
>Hi all
>
>Can ip-chains only be used between two different networks or can it
be used
>to protect part of one network?
[snip]
------------------------------
From: Bob James <[EMAIL PROTECTED]>
Subject: Re: houston, we have a problem with our network...
Crossposted-To: alt.os.linux,comp.os.linux.questions
Date: Thu, 26 Aug 1999 15:45:58 GMT
> i was given this by pac bell for my DSL line:
> IP: 216.102.106.76
> gateway: 216.102.106.254
> subnetmask: 216.102.106.254
Subnet mask is ALL wrong. It should be something like 255.255.255.0=20
(standard Class C), or 255.255.255.224 (subnetted Class C). No IP is=20=
going to work with that kind of mask.
--=20
Bob James |mailto:[EMAIL PROTECTED]
IS Manager |http://www.orielinc.com
Oriel Incorporated |(608) 238-8134 x223
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: Firewall Rules
Date: Thu, 26 Aug 1999 16:47:40 -0000
Well, I like a modular ruleset myself. It's not any more secure, but
it eases administration. I'll try to explain it here using input
rules as my example.
First, packets are directed into chains based upon the DEVICE they
came from. This means that all rules in the chain eth0-in (for
example) will no longer require the '-i eth0' option. That makes them
more readable. The input chain looks something like this:
# the lookback device is handled first to get it out of the picture
ipchains -A input -i lo -j ACCEPT
ipchains -A input -s 127.0.0.0/8 -b -j DENY # lo data already accepted
above!
ipchains -A input -i eth0 -j eth0-in
ipchains -A input -i eth0 -j eth1-in
ipchains -A input -j DENY # we should wonder where this packet came
from!
Then inside the device specific chain I can exercise knowedge about
that device (ie. prevent spoofing, block private IP addresses,
whatever).
# let's assume that eth0 is connected to a private network (10.11.0.0)
and
# that the router/firewall/"this box" is 10.11.0.1
ipchains -A eth0-in -s ! 10.11.0.0/8 -j DENY
ipchains -A eth0-in -s 10.11.0.1/32 -j DENY # spoofing the router (how
rude)
ipchains -A eth0-in -j intra-in # use generic rules for the rest
The intra-in chain simply allows certain traffic to leave the
10.11.0.0 network. In it you don't have to check the source address
on each rule, because you've already done that for the entire intra-in
chain. And if you have another intranet, you can use the intra-in
chain to treat packets from that network device exacly as the other
intranet packets are treated.
You can do the same thing for packets comming in from the internet
with an inet-in chain. In it you would want to protect your private
network(s). This rule is among the first in my inet-in chain.
# this rule also blocks spoofing of our private net from outside
ipchains -A inet-in -d 10.11.0.0/8 -b -j DENY # nothing gets to our
private network
Tt might also be a good idea to block all class A, B, and C IP
addresses comming in from the internet.
If you add another device that allows internet access, then you simply
make it use the inet-in chain. It's rather easy.
At this point I think you get the idea, so I'll stop. Does anyone
have any ideas about how to organize their rules?
------------------------------
From: "YouDontKnowWho" <[EMAIL PROTECTED]>
Subject: Re: How to get rdate working?
Date: Thu, 26 Aug 1999 17:02:41 GMT
To specifiy a host, I think you have to put a '-s' in front of the
host name/IP.
--
Principle of Minimum Access: "That which is not explicitly permitted
is denied."
ANNOUNCER: And now we return to our regularly scheduled, uncommonly
entertaining thread...
Thomas Lim wrote in message <[EMAIL PROTECTED]>...
>OS: Red Hat 6
>
>Does anyone know how to set up rdate?
>
>When I try to use rdate, I got the following message:
>
># rdate 192.168.1.18
>rdate: No such file or directory
>
>What does the message mean?
>
>
------------------------------
From: "YouDontKnowWho" <[EMAIL PROTECTED]>
Subject: Re: Bootpc?
Date: Thu, 26 Aug 1999 17:02:40 GMT
Check out DHCP, too. It works as a BOOTP server.
--
Principle of Minimum Access: "That which is not explicitly permitted
is denied."
ANNOUNCER: And now we return to our regularly scheduled, uncommonly
entertaining thread...
Jim Connery wrote in message ...
>Can anyone lead me to some info on bootpc? Any information at all
would be
>great! I cant seam to find anything about it.
>
>Thanks!
>Jim Connery
>[EMAIL PROTECTED]
>
>
>
------------------------------
Date: Thu, 26 Aug 1999 22:10:48 +1000
From: Stephen Granger <[EMAIL PROTECTED]>
Subject: Re: Mirroring through a socks server
Eric Leroy wrote:
>
> Hi,
>
> I have to go through a socks proxy server, and I am desperately looking
> for a mirroring tool.
>
> I managed to have rftp working, so I know my connection/config is ok but
I'm in the same situation, behind a socks proxy server. I'm having
trouble socksifing basic programs. Would you be able to some where,
where it tells me how to socksify programs such as telnet, ftp, etc.
> I can't find any socksified mirroring program.
>
can't really help you out with that, sorry...
> With a standard config, I was using fmirror which was working great. The
> source is available and doesn't look too big. Could anyone please help
> me to compile it to work through that socks server?
>
> Thanks,
> Sfo
Thanks
Stephen Granger
[EMAIL PROTECTED]
------------------------------
From: "Victor Sia" <[EMAIL PROTECTED]>
Subject: compaq built-in scsi controller
Date: Fri, 27 Aug 1999 00:27:39 +1000
Hi,
I am trying to install Redhat 6.0 in my old Compaq Prosignia
server(486 Dx2-66) which comes with an embedded fast-scsi-2 controller, but
Redhat does not have the driver. Does anyone know any alternate scsi driver
or where to get the driver for this scsi controller ? I have searched in the
Redhat website but does not has any compaq driver.
Thanks .
regards
Victor
------------------------------
From: [EMAIL PROTECTED] (Stew Benedict)
Subject: Re: IP Masqerading - Win95 client wont work!!
Date: 26 Aug 1999 16:29:30 GMT
Reply-To: stewb AT earthlink DOT net
No you don't need ICS, just a working TCPIP setup.
On Sat, 21 Aug 1999 21:23:38 GMT, Sunil P. Khatri <[EMAIL PROTECTED]> wrote:
>I installed IP masquerading, and my gateway and (linux) clients
>work just fine with the configuration and strong ipfwadm rulesets
>that are described in the latest IP-Masquerading HOWTO (v. 1.77).
>My gateway runs kernel 2.0.30.
>
>However, when I put a Win95 client on the local network, with the
>settings as described in the IP-Masquerading HOWTO (I set the IP
>address, netmask, gateway address and DNS server addresses in the
>TCP_IP->NIC properties) the win95 client can only ping the other
>machines on the local network, but cant ping any outside machine.
>
>Any idea why this is the case?
>
>My conjecture is that the IP-Masquerading HOWTO was written for win95
>and win98 clients that support the ICS (internet connection sharing)
>option in networking. My win95 client does not have this module. Does
>this make sense?
>
>Muchas thanks
>Sunil
--
------------------------------
From: [EMAIL PROTECTED] (Lorenz Glaza)
Subject: How do I change DHCP renewal time
Date: Thu, 26 Aug 1999 15:37:44 GMT
I am running a dhcp client and it gets the renewal time among other things
from the DHCP server. I want to force in a renewal time. The renewal time
I get from the server is 14400 seconds or 4 hours. I want to force this
to be 60 seconds. Has anyone tried this? I just want to make more frequent
dhcp offerings. Perhaps there is somewhere in the source code I can
hard code this? Any help would be much appreciated. a
Lates,
Lorenz
------------------------------
From: "Derek" <[EMAIL PROTECTED]>
Subject: Re: How to reload sendmail?
Date: Thu, 26 Aug 1999 17:14:32 GMT
Florian Waas wrote in message ...
>
>starshum#[EMAIL PROTECTED] writes:
>
>> How do you reload sendmail daemon after applying changes to its
>> settings?
If you're using sendmail >8.9.x try
killall -1 sendmail
it will reread all its config files
------------------------------
From: puddin tame <[EMAIL PROTECTED]>
Crossposted-To: athome.users-unix,comp.os.linux.misc,comp.os.linux.setup
Subject: Re: VMware - wow!
Date: Thu, 26 Aug 1999 11:05:06 -0500
I guess you have the hardware to run something like this at home? No? Then
try VMware.
steve mcadams wrote:
> Jason Pell wrote:
>
> > You must have a base OS on which to run a virtual machine, thus the
> > reason
> > it is called a _virtual_ machine..
>
> From this I conclude that yes, it is in fact a crude hack.
>
> I guess most people have no experience with true virtual machine
> operating systems like IBM's VM/ESA (or whatever its latest version has
> been renamed to, I've been away from it since 93).
>
> They have an operating system they called CP (Control Program) that runs
> the base hardware. Its sole purpose in life is to TRANSPARENTLY host
> other operating systems. The operating systems running on top of it can
> not tell they are not running natively. You can even run CP
> second-level on top of CP to debug it. It runs at full processor speed,
> the systems on top of it run at full processor speed except that there
> are lot of interrupts happening that are processed by CP and result in
> remapping of memory and hardware to allow sharing of the processor and
> its associated hardware on a transparent basis.
>
> It is my understanding that the Intel x86 architecture lacks a couple of
> instructions that make TOTAL TRANSPARENCY impossible. This is why I was
> initially skeptical.
>
> If vmware is running on top of NT or on top of Linux then at best it is
> acting as an interpreter. Better than nothing but absolutely not a true
> virtual machine operating system by the definition that I'm used to.
------------------------------
From: [EMAIL PROTECTED] (John Edwards)
Crossposted-To: athome.users-unix,comp.os.linux.misc,comp.os.linux.setup
Subject: Re: VMware - wow!
Date: 26 Aug 1999 17:24:30 GMT
steve mcadams ([EMAIL PROTECTED]) wrote:
:
: I hope that I didn't imply that I thought it was fraudulent or
: anything. I just don't see it as very useful compared to a true virtual
: machine operating system. Its reliability will probably be on the same
: order as WINE.
Not while WINE is in alpha phase it won't. Maybe in a few years time
it might mature, until then....
: I'm sure there are things one could do with it, but
: personally I don't think I'd want to fiddle with it.
I use it as a development platform, the "undoable disk" is _very_ useful.
: Buying a used
: system for $300 or so would give reality and Win/Linux network easily
: enough.
With NT capable systems hitting the second hand market, that could be
a more worthwhile purchase, but takes up a more workspace/electrical
power/network sockets, etc.
--
-= John Edwards =-
-= Computing Service, Brunel University =-
-= Email: [EMAIL PROTECTED] =-
------------------------------
From: [EMAIL PROTECTED] (Nick Hargraves)
Subject: Newbie looking for the best linux book to buy
Date: Thu, 26 Aug 1999 09:29:02 -0800
I want to get Linux up and running on my computer
and eventually master the OS. My main reason behind this is
that I want to run a mud and the best way to do this is with linux.
I'm looking for a book that is a complete guide that will bring
me all the way through the installation, and be able to help
me through setting up a linux server. I have found hundreds
of titles to choose from but I have no clue as to which one to
choose.
Thanks for the Help,
Nick
-**** Posted from RemarQ, http://www.remarq.com/?b ****-
Real Discussions for Real People
------------------------------
From: Kenneth Wong <[EMAIL PROTECTED]>
Subject: [newbie] proxy services?
Date: Thu, 26 Aug 1999 13:44:05 -0400
Hi,
I've got a general question about home networks connected to the
internet via cable modem.
right now, I'm using NT with Wingate 3 as my proxy server. It works
pretty well, seeing as though there's next to no configuration to be done.
And, after installing clients on the one other machine in the house,
there was no need to setup any applications to go through the proxy.
Wingate handled all that for me.
I was wondering whether the same type of setup could be accomplished
with Apache or Squid on my Linux box. Or if I should be reading up on
other technologies in order to get this type of setup up and running.
Ken.
------------------------------
From: "Mitch Appleby" <[EMAIL PROTECTED]>
Subject: Re: Printing needs lpd restarted
Date: Thu, 26 Aug 1999 11:07:45 -0500
found me answer
I am printing to an HP laser jet and it needs
:rp=lp:\
the 'lp' was missing .. apparently control-panel does not add that when
using the HP filter.
Mitch
Mitch Appleby wrote in message ...
>using Linux (Redhat 5.2)
>
>When ever anyone (root or a samba client) tries to print I get "jobs queued
>, but cannot start daemon". After this I input " /ect/rc.d/init.d/lpd
>restart", then the job prints. I have to do this 'every time'. Why?
>Please help.
>
>Mitch Appleby
>IS Admin
>Dubuque Stamp
>
>
------------------------------
From: Stephen Moehle <[EMAIL PROTECTED]>
Subject: Re: PPP fails after ISP "upgraded"
Date: Thu, 26 Aug 1999 09:14:07 -0700
Thanks. That worked.
Stephen Moehle
Clifford Kite wrote:
<snip>
> You should be able to use a reserved IP address, say 192.168.0.1, with
> pppd's IP addresses option in this way:
>
> :192.168.0.1
>
> to give the remote an IP address it can use as yours for the connection.
<snip>
------------------------------
From: Suresh Muthuswami <[EMAIL PROTECTED]>
Subject: Specifying proxy server for netscape
Date: Thu, 26 Aug 1999 20:51:31 +0300
In the windows version of Netscape, there's a way of specifying proxy
servers. However, in the Linux version (Netscape Communicator 4.61 --
came with Linux mandrake), this is absent. I am thus unable to use
Netscape. I should mention that there's another web browser on my
machine (this was there along with the KDE environment) and this does
have an option for specifying the proxy server. Once this option is
given, then it works fine, even if a bit slowly.
Since I like Netscape, I would like to use it, but I can't find a way of
specifying the proxy server. Can someone help?
Thanks,
Suresh
------------------------------
From: "Guy Forssman" <[EMAIL PROTECTED]>
Subject: How to get on the WWW
Date: Thu, 26 Aug 1999 20:41:35 +0200
Hi all,
I have Linux 6 and I know the modem works because it trys to connect to
Worldonline.be
But it get disconnected all the time. Worldonline says they use Chap instead
of PAP.
How do i tell netcfg that and what is CHAP
And for instance where do i put the primary dns 212.233.1.34
and the secondary one dns 212.233.2.34.
Thanks a lot in advance GuyF
[EMAIL PROTECTED] or [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Xiaoguang Zhang)
Crossposted-To: comp.os.linux.setup
Subject: No one is answering the PLIP questions, Why?
Date: 26 Aug 1999 18:32:29 GMT
There have been quite a few questions about PLIP not working
with 2.2.x kernels. So far no one has given any answer or help.
Please if PLIP is working for you pleae give us some help!
I'm reposting my question below:
I have read several posts regarding problems with plip using
2.2.xx kernels. I am having the same problems. Let me summarize
the common symptoms.
1. 2.0.xx kernels work fine;
2. 2.2.5-22 (stock RedHat 6.0 kernel) cannot load the plip.o
module, complaining about some unresolved symbols;
3. Later 2.2.xx kernels (specifically 2.2.11), when compiled
with plip and parport modules, but WITHOUT lp support, complains
about "device or resource busy." "cat /proc/devices" shows something
like,
Character devices:
1 mem
2 pty
3 ttyp
4 tty0
5 ptmx
7 vcs
10 misc
14 sound
128 ptm
136 pts
Block devices:
2 fd
3 ide0
ie, there is no lp device (thus shouldn't be any conflict). Also
note that the io and irq settings are all standard, as evident by
the fact that 2.0.xx kernels work fine.
I think there is something wrong with the 2.2.xx kernels for the plip
support. Or maybe it's a configuration problem. Can you help?
Xiaoguang Zhang
--
Computational Physics and Engineering Division,
Oak Ridge National Laboratory
423-241-0200 [EMAIL PROTECTED] http://theory.ms.ornl.gov/~xgz
Intel and Microsoft already have plenty of money, so don't give them yours.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
