Linux-Networking Digest #426, Volume #12 Tue, 31 Aug 99 13:13:35 EDT
Contents:
Re: NFS and GNU Linker producing corrupted executables (RHL 2.2.5-15/2.2.11 and AIX
4.2.1) (Niklas Edmundsson)
Re: networking slows down (Tom Eastep)
Concerning NAT and IP_Masq.??? ([EMAIL PROTECTED])
Re: Concerning NAT and IP_Masq.??? (Pierre-Luc Simard)
web server behind firewall (Bill)
Linux-SNA (Jack Daniels)
Re: nfs mount doesn't see everything (Tom Eastep)
Re: Firewalling Question (Jack Daniels)
Re: Remote Admin of a Linux Box (Jack Daniels)
HELP! NT Registry problem on Linux Network ("Ronald L. Chichester")
Re: Problems with setting up a EZ2000(NE2000 compatiable ) network card on Linux
(LhD Administrator)
Re: Port Scanner (Vlar Schreidlocke)
Re: SS7 ??
Bad ICMP response on 2nd eth. interface (=?iso-8859-1?Q?Jean=2DFran=E7ois?= GOBBERS)
Re: Distributions (Joachim Feise)
Re: kppp OK but can't ping (Clifford Kite)
----------------------------------------------------------------------------
From: Niklas Edmundsson <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup,comp.unix.aix
Subject: Re: NFS and GNU Linker producing corrupted executables (RHL 2.2.5-15/2.2.11
and AIX 4.2.1)
Date: 31 Aug 1999 13:27:58 GMT
In comp.unix.aix Bernd Dammann <[EMAIL PROTECTED]> wrote:
> : > 1) RS6000 serves an NFS file system to the Linux box.
> : > NFS file system contains Fortran source code for a
> : > modelling program.
> : <zip>
> : This is a known bug in all Sun-licensed NFS-server code. IBM has been
> : informed of this, but I don't know if they have incorporated the fix by
> : SUN yet.
> Do you have more references? It is always easier to get a fix from
> IBM if you can tell them that it is a known problem. :-)
>From an old posting of mine:
The SunSolve bug id is 4071076 data over length in nfs header was
written to disk.
Linus Torvald's comment on the Solaris-bug was:
"Actually, it appears fine on the wire, this particular problem seems to
be due to Solaris getting a "merge adjacent packets" case wrong when the
merge happens to cross a 8kB boundary and the data payload of the first
packet is not divisible by four.."
> : Strangely enough, Linux seems to be the only OS that triggers it.
> Not really, we have the same problem with an HP-UX client against an AIX
> 4.2.1 NFS server (we didn't have the problem with 3.2.5 servers). I have
> reported this problem to IBM at the end of 1997, beginning of 1998 (don't
> remember exactly), but the fix they sent me was for bos.net.nfs.client,
> not for bos.net.nfs.server. We still have the problem, and I 'solved'
> it by writing a wrapper for the compilers on the HP box, that creates .o
> files in the local /tmp and moving them to the NFS server afterwards.
> Same for the linker. I guess IBM didn't do anything about it because
> the HP-UX client is still running HP-UX 9.0x, and IBM claims it is an
> HP problem.....
Oooh. The old "it's not my problem it's yours" situation ;)
> : My standard-test is compiling glib: ./configure --prefix=/tmp/foo ; make
> : It usually fails with messages like:
> : BFD: gstring.o: invalid string offset 13824 >= 77 for section `'
> : hash-test.o: file not recognized: File truncated
> : And so on...
> Hmm, the HP linker doesn't complain, but the executables won't run.
> I get either a core dump or the program starts writing strange
> characters to stderr and sits there forever.
Cool... :) Seriously, the linker shouldn't any kind of garbage as an
object-file. But it's HP-UX so I'm not that surprised :)
/Nikke - catching up on the news...
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Niklas Edmundsson, Admin @ {acc,hpc2n,ing}.umu.se | [EMAIL PROTECTED]
===========================================================================
Ensign Ro assimilated is ... Bajoran Borg
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
------------------------------
From: Tom Eastep <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: networking slows down
Date: Tue, 31 Aug 1999 14:51:54 +0000
Janet wrote:
>
> Hi,
>
> I have been recently been experiencing a problem with my networking
> slowing down. If I ping my other machine, the ping time is normally less
> than 1 ms. However, occasionally (it has happened 2 or 3 times in the
> last week), it becomes a lot slower, sometimes taking up to 30 ms.
> However, if I just restart networking (using the network startup script in
> /etc/rc.d/init.d), it goes back to the sub-1 time. Any ideas?
>
> Janet
I saw a similar problem on a DC21143-based NIC when used with the Tulip
driver (in my case, the ping time was 1-2 seconds). Switching to the
De4x5 driver seemed to avoid the problem.
-Tom
--
Tom Eastep \ Opinions expressed here
[EMAIL PROTECTED] \ are my own and not
Shoreline, Washington USA \ those of my employer
Work: [EMAIL PROTECTED] \________________________
------------------------------
From: [EMAIL PROTECTED]
Subject: Concerning NAT and IP_Masq.???
Date: Tue, 31 Aug 1999 14:36:25 GMT
Hello all,
I have a question concerning NAT and IP_Masquerading.
Here is my situation. I have 4 machines running IP to get on the
Internet, and only one valid IP address to use. What I want to do
is simple. I want to run a Linux firewall (IPCHAINS) that does address
translation for the rest of the machines. Which is better, IPCHAINS
with ip_masquerading or NAT for Linux?
I am not too concerned with the the firewall portion of it as I
want all trffic to go out and com in, my main concern is with the
address translation but am unsure of which one to use. From what I
understand (IP_masq HOWTO) not all ports work with masq. and in order
to use it I have to have a DNS set up and working on my private
network??? As for NAT I cant find too much documentatio out there.
Is there a way to do this using extrenal DNS servers?
Any help would be greatly appreciated.
Thanks in advance...
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Pierre-Luc Simard)
Subject: Re: Concerning NAT and IP_Masq.???
Reply-To: [EMAIL PROTECTED]
Date: Tue, 31 Aug 1999 14:59:18 GMT
Hi,
>Here is my situation. I have 4 machines running IP to get on the
>Internet, and only one valid IP address to use. What I want to do
>is simple. I want to run a Linux firewall (IPCHAINS) that does address
>translation for the rest of the machines. Which is better, IPCHAINS
>with ip_masquerading or NAT for Linux?
with one IP, IP-MASQ is what you want. NAT is an ASS to setup and will
do the same as IP-MASQ would do in this case since you have only one
ip.
>Is there a way to do this using extrenal DNS servers?
There is no prob with external DNS server. As for FTP or other similar
service you'll need to use portfw or such tools with other ip_masq
related modules
See Ip_Masquerading mini how-to
>Any help would be greatly appreciated.
>Thanks in advance...
>
>
>
>Sent via Deja.com http://www.deja.com/
>Share what you know. Learn what you don't.
------------------------------
From: Bill <[EMAIL PROTECTED]>
Subject: web server behind firewall
Date: Tue, 31 Aug 1999 14:52:03 GMT
I'm new to the game and would like to set up a firewall which I can
serve our web site through. Is that possible? Can anyone lead me to info
on how I would do that?
Thanks
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: Jack Daniels <[EMAIL PROTECTED]>
Subject: Linux-SNA
Date: Tue, 31 Aug 1999 17:02:16 +0200
Perhaps I'm asking the impossible, but does someone out there have a
copy of the GPL version of Linux-SNA. I see now that it has gone
commercial [namely via ICE], with a price tag that is obsurd
[~$8000.00us].
Regards.
--
Jack Daniels [EMAIL PROTECTED]
E-Solutions http://www.spyda.co.z/jack
Stocks & Stocks I.T. Work : +27 (0) 12 420 8555
------------------------------
From: Tom Eastep <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: Re: nfs mount doesn't see everything
Date: Tue, 31 Aug 1999 15:08:23 +0000
Timpie wrote:
>
> Hey there linux hackers,
>
> I recently set up linux (Caldera 2.2.5) on a pentium PC.
> When I try to nfs mount a partition from a Sun Solaris 2.5.1
> machine the strangest thing happens :
> I see all directories but some of them are empty (typically the
> largest 900MB), yet when I go on the nfs server it does contain
> files !!??
> Has any of you come accross such a behaviour ?
>
The directories that appear empty on your NFS client are probably
separate file systems. The Solaris NFS server (like knfsd on Linux) does
not allow you to cross server mount points. You will have to mount these
file systems separately.
-Tom
--
Tom Eastep \ Opinions expressed here
[EMAIL PROTECTED] \ are my own and not
Shoreline, Washington USA \ those of my employer
Work: [EMAIL PROTECTED] \________________________
------------------------------
From: Jack Daniels <[EMAIL PROTECTED]>
Subject: Re: Firewalling Question
Date: Tue, 31 Aug 1999 17:08:31 +0200
Patrick Finnegan wrote:
>
> I have set up an IPmasq firewall and am wondering if there is a way i
> can redirect a port on the firewall machine to a port on a machine that
> is behind the IPmasq firewall. Thanks much!
>
It's a bit of a kludge, but try using something like datapipe. You
should find it on freshmeat or similar.
in effect, you can [on the firewall] make it "pipe" port 80 to say port
8080 on an internal machine
datapipe 80 8080 172.16.9.2
(or whatever)
--
Jack Daniels [EMAIL PROTECTED]
E-Solutions http://www.spyda.co.z/jack
Stocks & Stocks I.T. Work : +27 (0) 12 420 8555
------------------------------
From: Jack Daniels <[EMAIL PROTECTED]>
Subject: Re: Remote Admin of a Linux Box
Date: Tue, 31 Aug 1999 17:13:57 +0200
> I remember having found (on the net somewhere...) some information about
> some cgi-bin/perl type of application which was doing these type of
> fonctions.
>
> If someone could help me in the research, i'd appreciate.
Take a look at something called "Webmin", it's available on
www.freshmeat.net
--
Jack Daniels [EMAIL PROTECTED]
E-Solutions http://www.spyda.co.z/jack
Stocks & Stocks I.T. Work : +27 (0) 12 420 8555
------------------------------
From: "Ronald L. Chichester" <[EMAIL PROTECTED]>
Subject: HELP! NT Registry problem on Linux Network
Date: Tue, 31 Aug 1999 09:57:09 -0500
Hi:
We removed our NT Small Business Server and replaced it with Linux
(Debian distribution). The project has proceeded relatively smoothly
until now. We first got Debian (with Samba) working on a spare server
and made that the NT domain controller. No problem there. The
NT workstation clients worked normally (although they caused everyone to
revert to the default settings upon changing domain names, causing some
heartache and headaches). The network ran fine on the spare Linux
server and allowed us to blow NT off of the main server and put Linux
on. We essentially made a duplicate of the spare Linux server onto the
main Linux server but changed the domain name so as not to confuse the
NT workstations. Then, last weekend, we switched from the spare Linux
server to the main one. In each case, we changed the domain name (for
example, first X (under NT), then Y under the spare Linux server, then Z
under the new main Linux server).
Now the NT users cannot change their default printer settings. They can
be changed as the administrator, but that is effective only as the
administrator, not for the user on that machine. Moreover, when the
Tools|Options settings in MS Word are changed, an error message appears
(Error 6, to be exact) stating that the registry cannot be changed.
Evidently, this same lack of registry authorization is the reason that
the users cannot set a default printer and thus none of the programs on
that workstation can print. Note, we did not experience this problem
when we made the first domain controller change to the spare Linux
server. By the way, the Linux clients all work fine (no suprise there).
Does anyone know what the problem is? The Luddites are gathering at the
gate...
Thanks in advance,
Ron
./.
------------------------------
From: LhD Administrator <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup
Subject: Re: Problems with setting up a EZ2000(NE2000 compatiable ) network card on
Linux
Date: Tue, 31 Aug 1999 15:31:03 GMT
Tony wrote:
> I have just got a EZ2000(NE2000 compatible) and have put it on my linux
box.
> When linux boots up it does not detect it. Can you please tell me how to
> set it up.
Do you have the ne.o or ne2k-pci.o driver loading? Have you tried the
usual insmod, modprobe, etc.?
LhD Administrator
LhD: Linux Hardware Database
http://lhd.datapower.com
================== Posted via CNET Linux Help ==================
http://www.searchlinux.com
------------------------------
From: [EMAIL PROTECTED] (Vlar Schreidlocke)
Subject: Re: Port Scanner
Date: Tue, 31 Aug 1999 16:09:00 GMT
I downloaded iplog, but I had some trouble compiling it on RedHat 6.0.
I'm relatively new at compiling files like this. I followed the
directions, but I had some errors. Can anyone give me some pointers on
how to correctly compile and install iplog for RedHat 6.0?
On Sat, 28 Aug 1999 17:27:08 GMT, "MALLEN" <[EMAIL PROTECTED]> wrote:
>http://www.insecure.org/nmap/index.html
>
>
>Vlar Schreidlocke <[EMAIL PROTECTED]> wrote in message
>news:[EMAIL PROTECTED]...
>> Where can I get it?
>>
>> On 27 Aug 1999 16:54:22 GMT, [EMAIL PROTECTED] (Duncan Simpson)
>> wrote:
>>
>> >In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Vlar
>Schreidlocke) writes:
>> >
>> >>What's a good Linux based port scanner that will scan my other Windows
>> >>98 computer on another dialup account to see what ports are active?
>> >>Also, what is a good Windows 98 based port scanner that I can test my
>> >>Linux box with. I am going to run my Linux (Red Hat 6.0) box as a
>> >>firewall and gateway connected to a cablemodem and I want to test my
>> >>vulnerability to hacking once I get everything setup. Hopefully the
>> >>port scanners you suggest will be able to scan single addresses, so
>> >>that I don't piss anybody else off.
>> >
>> >I personally like nmap, which includes various sorts of sleath scan
>> >too...and cute stuff like OS detection.
>>
>
------------------------------
From: [EMAIL PROTECTED] ()
Subject: Re: SS7 ??
Date: Tue, 31 Aug 1999 15:37:26 GMT
Reply-To: [EMAIL PROTECTED]
On Tue, 31 Aug 1999 23:55:59 +1000, Destroyer <[EMAIL PROTECTED]> wrote:
>Hi,
>
>Does anyone know if a SS7 protocol stack exists for linux ? If it does,
>where will I be able to find it ?
http://www.linuxtelephony.org/links.htm lists http://www.datakinetics.co.uk/
as an SS7 vendor with Linux support. I didn't really get a lot from their
site, but one could infer that the software/api they talk about would
include a stack (an ss7 line card isn't going to do you much good without
it).
R. Marc
------------------------------
From: =?iso-8859-1?Q?Jean=2DFran=E7ois?= GOBBERS <[EMAIL PROTECTED]>
Subject: Bad ICMP response on 2nd eth. interface
Date: Tue, 31 Aug 1999 18:43:52 +0200
Reply-To: [EMAIL PROTECTED]
Hello, happy Linuxers,
I'm trying to set up a firewall + masquerading, but net traffic on my
second card looks weird...
MB: EP-MVP3G
CPUs: 2 x PII (deschutes) @ 392MHz
PCI devices:
...
00:09.0 Ethernet controller: 3Com Corporation 3c905 100BaseTX
[Boomerang]
00:0c.0 Ethernet controller: Digital Equipment Corporation DECchip 21140
[FasterNet] (rev 22)
with interrupts (from /proc/interrupts):
17: 898 891 IO-APIC-level eth0, eth1
The network routes are (from netstat -r):
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
xxx.xxx.236.128 * 255.255.255.128 U 0 0 0
eth0
192.168.1.128 * 255.255.255.128 U 0 0 0
eth1
loopback * 255.0.0.0 U 0 0 0
lo
default xxx.xxx.236.254 0.0.0.0 UG 1 0 0
eth0
Now, pinging a machine on the subnet accessible through the first NIC:
PING xxx.xxx.236.227 (xxx.xxx.236.227): 56 data bytes
64 bytes from xxx.xxx.236.227: icmp_seq=0 ttl=255 time=0.7 ms
64 bytes from xxx.xxx.236.227: icmp_seq=1 ttl=255 time=1.2 ms
64 bytes from xxx.xxx.236.227: icmp_seq=2 ttl=255 time=0.4 ms
64 bytes from xxx.xxx.236.227: icmp_seq=3 ttl=255 time=0.4 ms
64 bytes from xxx.xxx.236.227: icmp_seq=4 ttl=255 time=1.4 ms
64 bytes from xxx.xxx.236.227: icmp_seq=5 ttl=255 time=0.3 ms
--- xxx.xxx.236.227 ping statistics ---
6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max = 0.3/0.7/1.4 ms
and a machine on the second one:
PING 192.168.1.130 (192.168.1.130): 56 data bytes
64 bytes from 192.168.1.130: icmp_seq=0 ttl=255 time=8686.3 ms
64 bytes from 192.168.1.130: icmp_seq=1 ttl=255 time=7694.2 ms
64 bytes from 192.168.1.130: icmp_seq=2 ttl=255 time=6694.4 ms
64 bytes from 192.168.1.130: icmp_seq=3 ttl=255 time=5694.6 ms
64 bytes from 192.168.1.130: icmp_seq=4 ttl=255 time=4694.8 ms
64 bytes from 192.168.1.130: icmp_seq=5 ttl=255 time=3694.9 ms
64 bytes from 192.168.1.130: icmp_seq=6 ttl=255 time=2695.0 ms
64 bytes from 192.168.1.130: icmp_seq=7 ttl=255 time=1695.2 ms
64 bytes from 192.168.1.130: icmp_seq=8 ttl=255 time=695.4 ms
64 bytes from 192.168.1.130: icmp_seq=9 ttl=255 time=1052.2 ms
64 bytes from 192.168.1.130: icmp_seq=10 ttl=255 time=51.2 ms
64 bytes from 192.168.1.130: icmp_seq=11 ttl=255 time=1805.4 ms
64 bytes from 192.168.1.130: icmp_seq=12 ttl=255 time=805.6 ms
--- 192.168.1.130 ping statistics ---
14 packets transmitted, 13 packets received, 7% packet loss
round-trip min/avg/max = 51.2/3535.3/8686.3 ms
I actually tested this on 2.2.9 and 2.2.12 with different configs, used
different hubs/cables/NICs/{other machines} configs, and I always get
the same result. Additionally, I didn't find anything relevant in the
static/dynamic docs. What have I missed ?
Thanks for your patience!
JF
--
GOBBERS Jean-Fran�ois - researcher -------------------
Universit� Catholique de Louvain | .~. |
UCL/FSA/ELEC/TELE | /V\ LINUX |
UCL/FS/PHYS/FYMA | // \\ |
Tel : +32-10-478546 | /( )\ INSIDE |
Fax : +32-10-472089 | ^^-^^ |
e-Mail : [EMAIL PROTECTED] -------------------
------------------------------
From: Joachim Feise <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux
Subject: Re: Distributions
Date: Tue, 31 Aug 1999 09:50:34 -0700
Reply-To: [EMAIL PROTECTED]
Well, I am using Slackware for exactly these reasons.
I am in control of the installation, not some kind of wizard that takes
me by the hand.
-Joe
root wrote:
>
> I've been using RedHat for about 3 months now, and I really like the
> whole linux thing. What I'm looking for though, is maybe a distrabution
> that's not quite so easy to set up. I'd really like to get my hands
> dirty, buckle down, and see what kind of problems I can encounter by
> using a distribution that's not quite so user friendly.
> Any sugestions?
> Thaks,
> David
--
===================================================================
Joachim Feise Ph.D. Student, Information & Computer Science
mailto:[EMAIL PROTECTED] http://www.ics.uci.edu/~jfeise/
===================================================================
Intel Inside: The world's most commonly used warning label.
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: kppp OK but can't ping
Date: 31 Aug 1999 11:43:46 -0500
Randy Frosh ([EMAIL PROTECTED]) wrote:
: # minicom works fine and I call the ISP from NT just fine so hardware
: # is all OK. But I can't use netscape after running kppp and connecting
: #
: # I can't ping the assigned DNS servers only myself (localhost)
[edited]
: Aug 24 06:59:38 localhost pppd[30305]: Using interface ppp0
: Aug 24 06:59:38 localhost pppd[30305]: Connect: ppp0 <--> /dev/ttyS0
: Aug 24 06:59:44 localhost kernel: PPP BSD Compression module registered
: Aug 24 06:59:44 localhost kernel: PPP Deflate Compression module
: registered
: Aug 24 06:59:44 localhost pppd[30305]: local IP address 199.45.181.192
: Aug 24 06:59:44 localhost pppd[30305]: remote IP address 204.144.246.48
You might check the IRQ configured for the modem's device file with
setserial and make sure that it's the same as the IRQ that the modem is
actually using.
The 4m 41s difference between the time the PPP kernel support module (not
entirely sure of that - I don't use a module) is loaded and the start
of pppd doesn't seem right, even allowing for calling and connecting.
However, the PPP negotiations complete quickly so this may not be the
problem.
Otherwise add the debug option and look at the link negotiation messages
to make sure that the PPP link negotiations actually do complete
satisfactorly. The routing and interface configurations looked OK and
the nameservers in resolv.conf seemed to be correct as well.
: # AFTER A FEW MINUTES netscape FINALLY DOES READ FILE index.html
Look at /etc/host.conf and make sure you have "order hosts, bind" and
not "order bind, hosts"
AIUI in more recent RH distributions the file /etc/nsswitch.conf may be
used in addition to (or in lieu of?) /etc/host.conf .
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* A salute to Inspector Baynes, of the Surry Constabulary, the only
police Inspector to ever best Mr. Sherlock Holmes at his own game.
"The Adventure of Wisteria Lodge", by Sir Arthur Conan Doyle. */
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
