Linux-Networking Digest #412, Volume #12 Mon, 30 Aug 99 13:13:28 EDT
Contents:
how to set full duplex? ([EMAIL PROTECTED])
samba passwd encrypt question ("David Murray")
Re: PPP problem (Clifford Kite)
Online hardware reference? (BadMango)
Re: Ipchains & udp port forwarding (for a game) (Rob Brunelle)
Re: Help ! IP Forwarding only works one way :( (Udate) ("Robert_Glover")
Re: DHCP with Mandrake 6.0 ("Robert_Glover")
Re: kppp OK but can't ping ("Robert_Glover")
Re: NFS and GNU Linker producing corrupted executables (RHL 2.2.5-15/2.2.11 and AIX
4.2.1) ("Martin Knoblauch")
Re: MySQL, chroot and shared libs ("Sean O'Dell")
redirects ("Robert_Glover")
Re: Crossover RJ45 ethernet cables - Re: Cable problem? (David C.)
Re: Delta Force Port Masquing (Rob Brunelle)
RCP help (Max Wheatley)
NIS and .rhosts required? (Brian Dudek)
Re: dhcpd won't start ("Robert L. Klungle")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED]
Subject: how to set full duplex?
Date: Mon, 30 Aug 1999 14:37:02 GMT
I have connected my linux box(with D-link 10/100 baseT card DFE-530TX)
and laptop (with DFE-650TX) using a crossover cable. I am running cat5.
I see that the 10/100 light is "on" but I see that the full duplex mode
is "off". How do I set it to full duplex. On linux I added the option
"full_duplex=1" on the conf.modules file for via-rhine driver. I had my
win98 laptop set for "Auto Sense". On a related note, In win98, In the
drivers properties, the the following options were only supported
Auto sense
100 baseT
10BaseT
10BaseT full-duplex
I tried a ftp of a 50Mb gzipped tar file and transferred at ~ 500
Kbytes/sec Its it low? (my laptop btw has only 16Mb memory running WIN98
and is slow)
Any pointers would be greatly appreciated.
Thanks
ramana
------------------------------
From: "David Murray" <[EMAIL PROTECTED]>
Subject: samba passwd encrypt question
Date: Mon, 30 Aug 1999 15:51:57 GMT
I am sorry if this has been asked before but I can't find anything on it..
I have a mixed environment of Windows 95, Windows 98, Windows NT, and Linux.
(Well, Macs too, but they are not important to this question) I have Samba
running on Linux. Now.. Windows 98 and NT like encrypted passwords to be
on. So I turn on password encryption in samba and setup an /etc/smbpasswd
file and create the users, etc.. works great.. now the 98 and NT systems can
share files. However, now the 95 workstations can't! They won't ever get
past the password prompt. So I turn password encryption off and now the
opposite is true.. Windows 95 works but 98 and NT don't.
For now I have gone into the registry of my NT and 98 systems and
enabled plaintext passwords and that resolves it for now. However, I'd like
Samba to go ahead and use encrypted passwords on NT and 98 and somehow know
to use plaintext on 95. Is there any way to add encryption to Windows 95?
There has to be a solution to this problem.
--DavidM
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Crossposted-To: comp.os.linux.setup
Subject: Re: PPP problem
Date: 30 Aug 1999 09:54:21 -0500
test ([EMAIL PROTECTED]) wrote:
: Aug 30 15:37:29 SUNA_ENT4 pppd[1922]: IPCP: timeout sending
: Config-Requests
: Aug 30 15:37:29 SUNA_ENT4 pppd[1922]: Connection terminated.
: I don't know what IPCP does or why it would time out with this ISP.
Try adding the pppd option asyncmap a0000 . This often cures obscure
problems with flow control. Also remove the escape FF pppd option,
if present. If this doesn't help then use the pppd debug option to get
more detail about what's what in the PPP link negotiations.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* I gave up on politics when no matter who I voted for, I regretted it.
* -- Pepper...and Salt, WSJ */
------------------------------
From: [EMAIL PROTECTED] (BadMango)
Subject: Online hardware reference?
Date: 30 Aug 1999 15:17:25 GMT
Hi group,
Does anyone know of a computer hardware reference site? Specifically looking
for information online dealing with scsi and ide drive compatibility issues.
Thanks!
Badmango
------------------------------
From: rbrunelle@"nospam".bigfoot.com (Rob Brunelle)
Subject: Re: Ipchains & udp port forwarding (for a game)
Date: Mon, 30 Aug 1999 15:24:10 GMT
This is what I did to get Baldur's Gate to work. The incoming control port is
47624. It looks like the delta force control port is 15856.
/usr/sbin/ipmasqadm autofw -F
# forward Baldur's Gate packets
/usr/sbin/ipmasqadm autofw -A -r tcp 47624 47624 -h 192.168.1.100
/usr/sbin/ipmasqadm autofw -A -r udp 47624 47624 -h 192.168.1.100
/usr/sbin/ipmasqadm autofw -A -r tcp 2300 2399 -h 192.168.1.100
/usr/sbin/ipmasqadm autofw -A -r udp 2300 2399 -h 192.168.1.100
On Sat, 12 Jun 1999 22:44:58 +0200, [EMAIL PROTECTED] (tomislav) wrote:
>I have a linux box serving as a gateway for my 2 win98 boxes with
>ipmasquerading. I'm trying to play a windows game on the net from one of
>my windows boxes (Delta Force). The problem is that it doesn't work. This
>is what I get from tcpdump:
>
>tojo.1034 > 38.187.59.48.15856: udp 24
>
>I've read all the ipchains HOWTOs i still can't get it to work. Someone
>told me i should use ipmasqdm, and i got that but i still haven't been
>able to get it to work.
>
>Novalogic (the makers of the game) support team told me this:
>"You can try ports 0x0df0 and 0x0df1 (3568 and 3569)"
>but i don't get it what they meant.
>
>Can someone please help me.
>Thank you.
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: Help ! IP Forwarding only works one way :( (Udate)
Date: Mon, 30 Aug 1999 14:53:46 -0000
It sounds like you might be blocking icmp echo-reply packets from
being forwarded. Or since you probably already thought of that, I
suggest that maybe you have another, more general rule that is
"gobbling up" the echo-reply before it reaches your accounting rule in
the forwarding chain.
Darks wrote in message <7qe3ge$63u$[EMAIL PROTECTED]>...
>[EMAIL PROTECTED] wrote:
>> On 30 Aug 1999 00:24:27 GMT, Darks <[EMAIL PROTECTED]> wrote:
>
>> Did you configure the gateway addresses of each network to be the
>> corresponding IP addresses of the router box?
>
>yes. actually if i do a ping from the eth1 net (192.168.1.x) to the
>eth0 net (192.168.3.x) it traverses the linux router. a reply packet
is
>generated but it gets stuck on the router. it appears in the tcpdump
>of eth0, but it never appears in the forwarding chain, nor in the
>tcpdump of eth1.( i inserted a logging rule in the forwwarding chain)
>if i do a ping from the eth0 net to the eth1 net the echo-request
packet
>also gets stuck someweher between the eth0 interface of the router
and
>the kernels networking code.
>
>i don�t understand this, why does forwarding work from eth1 -> eth0
but
>not the other way ??
>
>btw: i also tested tcp and udp packets. same problem :((
>
>cya
>
>Holger
>--
> _/\/\/\/\/\____________________________/\/\___________________
> _/\/\____/\/\__/\/\/\______/\/\__/\/\__/\/\__/\/\____/\/\/\/\_
> _/\/\____/\/\______/\/\____/\/\/\/\____/\/\/\/\____/\/\/\/\___
> _/\/\____/\/\__/\/\/\/\____/\/\________/\/\/\/\__________/\/\_
> _/\/\/\/\/\____/\/\/\/\/\__/\/\________/\/\__/\/\__/\/\/\/\___
>______________________________________________________________
> http://www.fet.org [EMAIL PROTECTED]
>
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: DHCP with Mandrake 6.0
Date: Mon, 30 Aug 1999 14:50:20 -0000
Nicolas Hinze wrote in message <7qe3ee$rkh$[EMAIL PROTECTED]>...
>Hi,
>
>I using Mandrake 6.0 and I installed the thing through the web (FTP).
But
>after the installation the network is not working. I'm on a DHCP
network. I
>have an Intel Etherjet 10/100 Board.
>The board is loaded in kernelcfg under eth0.
>
>Any ideas ?
Yes. pump is broken. It handles DHCP for you. Get the latest
version or pump from the updates section of a RedHat mirror or look at
using the latest version of dhcpcd.
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: kppp OK but can't ping
Date: Mon, 30 Aug 1999 14:55:51 -0000
Can you ping your gateway (204.144.246.48) ?
------------------------------
From: "Martin Knoblauch" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.setup,comp.os.linux.development,comp.os.linux.development.kernel,comp.unix.aix
Subject: Re: NFS and GNU Linker producing corrupted executables (RHL 2.2.5-15/2.2.11
and AIX 4.2.1)
Date: Sun, 29 Aug 1999 14:30:43 +0200
David Elder wrote in message
<[EMAIL PROTECTED]>...
>
>3) Results:
>
> a) All of the .o files compiled to either the local
> or NFS file systems compare as Identical.
>
> b) Executables that are written on the NFS file system
> do NOT work. They generate an error:
> Memory Fault (core dump).
>
first thing to check would be that the lock demon is running (and working
to specs :-( I have seen this on other system combinations and lockd was
usually involved.
Martin
--
============================================================
Martin Knoblauch
Compaq Computer EMEA BV
E-Mail: [EMAIL PROTECTED]
Std.Disclaimer: Not speaking for COMPAQ in any form on this medium
------------------------------
From: "Sean O'Dell" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.development.apps,comp.os.linux.development.system,comp.os.linux.security
Subject: Re: MySQL, chroot and shared libs
Date: Mon, 30 Aug 1999 08:14:57 -0700
I just did from the shell and it simply says it can't run /sbin/ldconfig, as
I would expect since /cage doesn't exist. But I knew what you meant and
replaced /cage with the root directory of my program and it says "cannot
execute /sbin/ldconfig" again as I would expect since within the chrooted
environment, /sbin/ldconfig doesn't exist. But I knew what you meant so I
created a hard link that mimiced the existence of /sbin/ldconfig and tried
again and it did something I didn't expect finally. It said can't open
/usr/lib nor /lib, which, while I didn't know about ldconfig, isn't
surprising since within the chrooted environment, /usr/lib and /lib do not
exist, nor can I create hard links to directories to make them exist there.
So, except for the fact that I'm looking into ldconfig as some sort of
possibility towards creating hard links to libraries my program needs (which
I'm not sure it does), I'm back to where I started.
Thank you for mentioning ldconfig though. At least I have somewhere to look
now.
-Sean
<[EMAIL PROTECTED]> wrote in message
news:7qdpnq$n3p$[EMAIL PROTECTED]...
> Have you done "chroot /cage /sbin/ldconfig" ? If you haven't, you should.
>
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: redirects
Date: Mon, 30 Aug 1999 12:36:32 -0000
Can someone explain what icmp redirects are and what they do. I've
looked all over, but I only find vague references implying that they
will change my routing table. What if I had only static routes? I
recently blocked these with a firewall, but I'm wondering what I've
gained or lost by doing that.
Also, do these things affect my browser (netscape)? I ask because I
noticed that there was a connection to a site that I didn't think I
should have had a connection to. I thought it might have been some
kind of redirect attack where they redirect my traffic to their site
and have a look at what I'm looking at.
Thanks for any insight!
------------------------------
From: [EMAIL PROTECTED] (David C.)
Subject: Re: Crossover RJ45 ethernet cables - Re: Cable problem?
Date: 30 Aug 1999 12:02:27 -0400
[EMAIL PROTECTED] (James Knott) writes:
> [EMAIL PROTECTED] (David C.) wrote:
>>
>> They're accomodating still-used EIA premesis wiring standards. The
>> standards are T568A and T568B. Here's a slide I dug up on the web
>> that shows them: http://www.bicsi.org/techsem/sld008.htm
>>
>> Since the graphic is small, here's what it describes:
>>
>>
>> T568A T568B
>>
>> 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8
>> | | | | | | | | | | | | | | | |
>> \ / | \ / | \ / \ / | \ / | \ /
>> | | | | | | | | | |
>> 3 | 1 | 4 2 | 1 | 4
>> \ / \ /
>> \ / \ /
>> \ / \ /
>> | |
>> 2 3
>>
>> Pair 1 (centered in both) is what's always used for voice. Ethernet
>> does not use this pair because you don't want to blow out equipment
>> if someone should accidentally patch an Ethernet port to a voice
>> port. You may not care, but manufacturers really don't like
>> replacing blown parts, and customers don't like being denied
>> warrantee service.
>>
>> Note that pairs 2 and 3 are oppositely numbered in the two standards.
>>
>> If you've got a T568A patch panel and you need to patch something
>> over to a T568B panel, you need a crossover cable that swaps pairs 2
>> and 3.
>>
>> The decision to use 2 and 3 for Ethernet makes perfect sense in this
>> context, because you don't need to design new crossover cables. The
>> same cables you use for linking different-standard patch panels can
>> be used to link Ethernet cards and hubs.
>>
>> In other words, using this standard means there are only two kinds of
>> cables - straight and crossover. Instead of three - straight,
>> crossover-for-Ethernet and crossover-for-panels. Being able to keep
>> only two kinds of patch-cords on hand instead of three is a big win
>> for any department that has to maintain the wiring. It's a similarly
>> big win for the cable manufacturers, who only need two versions of
>> every cable in their catalog instead of three.
>
> The same cable can also be used for token ring, which uses pairs on
> pins 4/5 & 3/6.
How is that possible?
How can a cable crossing pairs 2 and 3 work for a network where signals
are sent on pairs 1 and 2 (or pairs 1 and 3, depending on your
patch-panel configuration)?
Either way, it's a moot point for token ring. AFAIK, token ring can not
work without it's MAU (TR functional equivalent of an ethernet hub).
I've never heard of anybody using crossover cable to directly connect TR
hosts to each other.
-- David
------------------------------
From: rbrunelle@"nospam".bigfoot.com (Rob Brunelle)
Subject: Re: Delta Force Port Masquing
Date: Mon, 30 Aug 1999 15:25:38 GMT
This is what I did to get Baldur's Gate to work. The incoming control port is
47624. From a previous message, I think the delta force control port is 15856.
/usr/sbin/ipmasqadm autofw -F
# forward Baldur's Gate packets
/usr/sbin/ipmasqadm autofw -A -r tcp 47624 47624 -h 192.168.1.100
/usr/sbin/ipmasqadm autofw -A -r udp 47624 47624 -h 192.168.1.100
/usr/sbin/ipmasqadm autofw -A -r tcp 2300 2399 -h 192.168.1.100
/usr/sbin/ipmasqadm autofw -A -r udp 2300 2399 -h 192.168.1.100
On Tue, 13 Jul 1999 19:07:38 GMT, [EMAIL PROTECTED] wrote:
>Has anyone been able to play a network game of Delta Force on a win 98
>machine behind a ip masquing machine? If you have please explain how.
>
>Thanks
>
>
>Sent via Deja.com http://www.deja.com/
>Share what you know. Learn what you don't.
------------------------------
From: Max Wheatley <[EMAIL PROTECTED]>
Subject: RCP help
Date: Mon, 30 Aug 1999 21:14:47 +1200
Hi Guys
I need some help ....
Once upon a time I used to use this line in a script file to backup my
files on one of the other machines on my network:
/bin/tar -cv root@violet:/dev/nst0 *
Now somewhere along the way, about shadow passwords, it all stopped
working.
rsh = works ok
rlogin = works ok
rcp = no
tar above = no
rsh -l root machiname ls = dosn't work.
Could someone ie me a few clues ??
Thanks
--
[EMAIL PROTECTED]
[EMAIL PROTECTED]
------------------------------
From: Brian Dudek <[EMAIL PROTECTED]>
Subject: NIS and .rhosts required?
Date: Mon, 30 Aug 1999 09:57:47 -0600
Is NIS required for an rlogin that does not require a password? I have
set up my .rhosts file, so the password should not be needed ( even
without NIS ? ), but the user is prompted when logging into another box.
NIS makes network admin easy but does it add this type of
functionality? I some respects I can see that it would because the
password file would be a single network shared file.
If my assumption is correct, that one would negate the need for another,
then there must be something in my network setup that is creating the
problem?
I have found no documentation on the uses of the .rhosts file and little
on NIS, any good URLs or text I should check out?
Thanks,
Brian
------------------------------
From: "Robert L. Klungle" <[EMAIL PROTECTED]>
Subject: Re: dhcpd won't start
Date: Mon, 30 Aug 1999 16:21:24 GMT
[EMAIL PROTECTED] wrote:
> Hi Bob,
>
Hi Ruedi
>
> I'm a newbie myself. A first look at the information you provided
> gave me the following impressens:
> 1. the dhcpd.conf file looks veru cluttered
This config is a copy of the example in the docs/How-To. Left in
commented
Stuff so I could see variations original writer used and compare with
what I had.
> 2. There may be syntax errors in the file in the sense that you
> comment a lot of the information out using "#".
As above, #s were original. Checked for syntax errors, and inserted one
deliberately
to see if they were being detected. They were.
>
> 3. There may be some confusion about network addresses, IP addresses
> and address range to serve.
>
> So, going with points number 1 and 2 above, the active portion of your
> file looks like this:
>
> option domain-name "bda.com";
> default-lease-time 600;
> max-lease-time 7200;
>
> subnet 4.33.3.35 netmask 255.255.248.0 {
> option broadcast-address 4.33.7.255;
> option routers bat.bda.com;
> }
>
> host bat {
> hardware ethernet 00:A0:C9:82:C1:E8;
> server-name "bat.bda.com";
> }
>
> So, what's missing?
>
> 1. When I set up my system with 3 NICs, I got the impression that you
> have to define a subnet for every card.
I understand this is only true for cards you want to dynamically allocate
IP addresses to/from. I have one NIC to the ISP (dyamic, eth1) and one
to the LAN internal address (192.21.41.xx). I saw how puting a range on
these caused dhclient to allocate out of and to these. Don't want this.
they
are fixed (non-dynamic).
>
> 2. I don't see a range parameter in the subnet definition that would
> tell dhcpd what addresses to hand out.
Can't have a range on a dynamically allocated IP since don't know what
it will be until ISP offers and dhclient accepts. Could be anything and
might/will change over time.
>
> 3. None of the addresses mentioned in you posting (even those in the
> comment lines) indicate that you are using the addresses for private
> networks (10.x.x.x or 172.16.x.x or 192.168.x.x) that you assign to
> the clients -- that's kind of dangerous.
>
The private addresses are 192.21.41.xx. These are blocked from going out
so, as the documentation states, anything can be used (10.x.x.x. and
192.168.x.x
are conventions)
>
> So, my third and last point (for the moment) is about network
> addresses versus IP addresses and what Netmask have to do with it. I
> have a hard time to believe that your subnet actually starts at
> 4.33.3.35. That looks to me more like an IP address for your host.
It is. This is the one and only address offered by the ISP during
negotiation,
and dhclient assigned it to the Internet interface card (eth1). Since
dhcpd seemed
to want a subnet statement to monitor leases with, I put this one in,
knowing
it may not be valid later if dhclient and the ISP negotiated something
else.
Since dhcpd complained anyway, it seemed to me it wasn't being satisfied
with what was being given to it.
> How
> do you find what the network address is?
You can see it with ifconfig or /var/state/dhcp/dhclient.leases.
> Read Section 5.1.4 of the
> NET-3-Howto and Section 7 the IP-Subnetworking miniHowto. The other
> stuff in those howtos is worth reading, too.
Have done so about 10 times each, as well as the man pages, and the new
"Linux
Complete" from sybex. As far as I can tell, everything matches what they
all say,
but no joy :-(.
I am going to start reading the code and see if I can determine the
context under which the "subnet missing" message occurs.
The more I read, the more I get the impression that dhclient and dhcpd
should be
doing nearly the same thing. Maybe dhcpd is not needed; but dhclient,
even though
it continues to run in the background, doesn't give me the impression it
is maintiaining
the lease on the IP address. But maybe I am wrong and it is. The line has
been up for
two weeks with a need to reset the IP address only once (dhclient).
>
>
> Hope this helps somewhat,
cheers and TKS for response....bob
>
>
> Ruedi
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
