Linux-Networking Digest #439, Volume #12 Wed, 1 Sep 99 15:13:39 EDT
Contents:
Re: IPX Routing with Linux (Gustin Kiffney)
Re: disable NNTP ("Robert_Glover")
Re: Can't access telnet or ftp server from win98 box ("Robert_Glover")
Re: IP Masq Changes in Kernel 2.2.12 ("Robert_Glover")
Re: NFS permission denied (Vincent Fox)
Re: RH 6.0, PPP, and my ISP (jsrockford)
Re: Trying to get IPX over PPP working. All I get is "Received bad configure-ack"
(James Carlson)
Re: PPP hostnames vs IP ([EMAIL PROTECTED])
Re: IPMASQADM ("Marc Marais")
Re: Hostname for PPP connection? (Edward S Meadows)
script or exec to allow system users to change pwds via web? ("matt shobe")
Re: Help: Rebooted linux-mandrake 6.0 - now it won't run (Simon Green)
----------------------------------------------------------------------------
From: Gustin Kiffney <[EMAIL PROTECTED]>
Subject: Re: IPX Routing with Linux
Date: Wed, 01 Sep 1999 17:16:36 GMT
The ipxripd is not really important - if you need automatic routing
tables use ipxd which is available as an RPM from redhat, I think.
What you probably don't have running yet is the configuration of the
ipx interfaces, which is done with ipx_configure, ipx_interface, and
ipx_route. First try
ipx_configure --auto_interface=on
and wait a minute or two, then see what's in /proc/net/ipx_interface
and /proc/net/ipx_route. If all goes well you can now see routes to
the various servers over all your devices. If not you'll have to
manually
configure the interfaces with ipx_interface, typing in frame types and
network addresses that match your networks, and then run ipx_route
to manually configure routes to your (usually Novell) servers that
are acting as routers (and that know where everything is).
[EMAIL PROTECTED] wrote:
> I have a 3 segment network that I am trying to route IPX on. My Linux
> Box (server and router) has three NiCs in it 1 100TX, 1 10bT, and 1
2Gh
> Wireless PCMCIA. I have TCP/IP routing fine over it, but I need IPX to
> talk to one of my print servers. I tried to follow the limited
> instructions for ipripd, but I could not even get the package to
> compile correctly on my RedHat 6. I managed to find a pre-compiled
i386
> binary, and installed it. it seems to run, but whenever I have my
print
> server software search my network, the log on the router reports that
> the package was ignored. I would like to know 3 things, 1 how to
> correctly compile the ipripd with my version of linux (I don't trust
> the precompiled), 2 extra options that need to be compiled with the
> kernel (I have IPX support already), and 3 what config needs to be
done
> with the software to get it to work. I am new to linux, so my working
> knowledge is a bit short.
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: disable NNTP
Date: Wed, 1 Sep 1999 14:30:35 -0000
I assume that you also checked for instances of a running news server
with 'ps -aux'?
[EMAIL PROTECTED] wrote in message <7qig6r$v9s$[EMAIL PROTECTED]>...
>I commented out the NNTP entry in inetd.conf and did a killall -HUP
>inetd but when I do a port scan, NNTP is still running. I looked
thru
>the rc directory but can't find anything relating to NNTP execpt
>in.nntp or something like that. How can I disable NNTP? Oh yeah,
it's
>a Red Hat 5.2 box
>
>Thanks
>Colin
>
>
>Sent via Deja.com http://www.deja.com/
>Share what you know. Learn what you don't.
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: Can't access telnet or ftp server from win98 box
Date: Wed, 1 Sep 1999 14:14:59 -0000
Did you check /var/log/messages when this happened?
kim wrote in message <37cd8400@tyson>...
>
>Hi,
>I'm having the same problem with my RH6.0. If you find the answer can
you
>let me know
>
>john <[EMAIL PROTECTED]> wrote:
>>Hello,>
>>I've just set up a brand new TCP/IP private network. As of now it
only
>>consists of one Linux box running RH5.2 and one Windows machine
>>(Win98). After some trial and tribulation (especially wi the win98
>>box) I've managed to be able to ping either host from the other,
and
>>download web pages from the win98 box off of the httpd running on
the
>>Linux machine. I want to be able to telnet and ftp to the Linux
from
>>the win box but trying to do so results in the following error
messages:
>>
>> Telnet on the win98 box says: "Connection to host lost"
>>
>> Ftp on the win98 box says: "Connected to bla.bla.bla" <about 5
>>seconds pass> "Connection closed by remote host."
>>
>>Telneting and ftping the Linux box from the Linux box is not a
problem.
>>Could this be related to /etc/hosts.allow and /etc/hosts.deny? I
have
>>them set to ALL:LOCAL and ALL:ALL respectively.
>>
>>Thanks to anyone that might be able to "throw me a bone."
>>
>>John
>>
>>
>
------------------------------
From: "Robert_Glover" <Please_reply_to@newsgroup>
Subject: Re: IP Masq Changes in Kernel 2.2.12
Date: Wed, 1 Sep 1999 14:43:27 -0000
>/sbin/ipchains -A input ! -y -j ACCEPT -p tcp -s 0/0 ftp
>/sbin/ipchains -A input ! -y -j ACCEPT -p tcp -s 0/0 ftp-data
Unless you have prior rules in your input chain to protect your
privileged ports, I suggest that you extend these rules a bit.
Something like this:
/sbin/ipchains -A input ! -y -j ACCEPT -p tcp -s 0/0 ftp -d 0/0
1024:65535
/sbin/ipchains -A input ! -y -j ACCEPT -p tcp -s 0/0 ftp-data -d 0/0
1024:65535
I admit this won't help you solve your problem, but it ought to be a
little safer. Now, I have a suggestion that may help. For the last
rule in your input chain use this:
# this temporary entry will log all packets denied (for input)
/sbin/ipchains -A input -l -j DENY
Then try to ftp somewhere, and have a look at /var/log/messages. This
is assuming that you system logging is turned on. You'll be able to
see what packets are being denied and you can address it that way.
Good Luck
------------------------------
From: [EMAIL PROTECTED] (Vincent Fox)
Subject: Re: NFS permission denied
Date: 1 Sep 1999 15:13:09 GMT
In <6maz3.8305$[EMAIL PROTECTED]> "mike" <[EMAIL PROTECTED]>
writes:
> I have been trying (unsuccessfully) to enable NFS. I have added the ip of
>the client machine into the servers /etc/exports file. I have tried about
>every variation of mounting the nfs directory that the how-tos have
>mentioned. And all I get is an error saying permissions denied from server.
>I am stumped. my /etc/exports reads one line
Here's something important, next time TELL US THE CLIENT!
I'm amazed at how many times I see threads like this and while
I would assume both systems are RedHat 6.0, a surprising number of
times I find out later it's mixed RedHat and Solaris or something.
Which is an issue. Do not forget to include info on both hosts
whenever you discuss client/server apps.
>/mnt/shared 216.133.209.30(rw)
>the mount commands I was trying was
>mount -t nfs APACHE:/mnt/shared /mnt/shared2
>mount -o rsize=1024,wsize=1024 APACHE:/mnt/shared /mnt/shared2
>APACHE is the nick for baybiz.net the server & both /mnt/shared &
>/mnt/shared2 were created on the respective machines
>Plus the permissions were set to 777 just in case.
>This is driving me mad. I have done this with slackware w/ no problem. I
>am using RH6 now. What could be the problem. Please reply to
>[EMAIL PROTECTED]
What's in your /etc/hosts.allow?
Did you read the man page for portmap carefully?
Particularly the following?
You have to use the daemon name portmap for the daemon name (even if the
binary has a different name). For the client names you can only use the
keyword ALL or IP addresses (NOT host or domain names).
Another common problem in this area seems to be that the KNFS
shipped with RedHat 6.0 is broken. It thinks it can do NFSv3
but doesn't negotiate this correctly. Worse yet, it doesn't
seem to fallback to NFSv2 when this fails in most cases.
The workaround for now seems to be to run mountd with NFSv3
disabled. I just hack it into the /etc/rc.d/init.d/network file as:
rpc.mountd --no-nfs-version 3
How RedHat 6.0 got out the door with an NFSv3 implementation
so badly broken it won't connect with Suns or pretty much anyone
else's implementation is a mystery to me.
There are other possible problems, but those are fairly likely ones.
--
"Who needs horror movies when we have Microsoft"?
-- Christine Comaford, PC Week, 27/9/95
------------------------------
From: jsrockford <[EMAIL PROTECTED]>
Subject: Re: RH 6.0, PPP, and my ISP
Date: Wed, 01 Sep 1999 18:05:46 GMT
Another solution to consider is to start X-Windows...run the
Control-Panel and select Network Configurator...setup your networking
from there...specifically the section on Interfaces...setup PPP; fill in
all the info for your ISP...then check the interface by activating it to
see if you log on correctly...then deactivate it and make sure it logs
off properly (you may need to upgrade the PPP package if it doesn't log
off properly--this is the case w/ Mandrake 6.0 which is patterned after
RedHat 6.0). Then if it's working, you can access the Internet from the
command line by typing: '/sbin/ifup ppp0' and logoff by typing:
/sbin/ifdown ppp0' May not be the answer you're looking for but it
works for me. [NOTE: you may want to consider removing and reinstalling
the PPP RPM package if your scripts are overly messed up...this will
reset them to their originally form.]
In article <[EMAIL PROTECTED]>,
Josh Thompson <[EMAIL PROTECTED]> wrote:
> I am trying to connect to my ISP (Intrex in Raleigh, NC). They don't
> officially support linux, but have several users connecting with it.
I
> have tried everything I can think of. I have set up the connection
with
> RedHat's netcfg, using scripts, connecting with minicom and then
> starting pppd after exiting, and a few other methods. I am using PAP.
> I have a Digicom Connection 144+ modem. I can connect to a terminal
> dialup somewhere else and use slirp without any problems. I have
> attached a script that I have tried, the output generated when
starting
> pppd from the command line after connecting with chat, and what is
> generated in my log files. What gives?!!
>
> ---------------script----------------
<deleted>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: James Carlson <[EMAIL PROTECTED]>
Crossposted-To: comp.protocols.ppp,linux.redhat.ppp
Subject: Re: Trying to get IPX over PPP working. All I get is "Received bad
configure-ack"
Date: 01 Sep 1999 08:11:37 -0400
Jeff Wiegley <[EMAIL PROTECTED]> writes:
> Sep 1 00:41:47 server kernel: ppp_ioctl: set flags to f070043
> Sep 1 00:41:47 server kernel: PPP BSD Compression module registered
> Sep 1 00:41:47 server kernel: PPP Deflate Compression module registered
> Sep 1 00:41:47 server pppd[623]: Received bad configure-ack: 01 06 78
> 4e ff 00 02 08 00 00 00 00 00 02
"bad configure-ack" means that the ipxcp.c:ipxcp_ackci() doesn't like
the format of the message, most likely because it doesn't match the
Configure-Request it sent.
At a guess, it looks like the peer randomly changed your node ID from
0:0:0:0:2:0 to 0:0:0:0:0:2. But that's only a guess.
Can you rerun this with "debug" enabled so we can see the full
negotiation?
> Also... Why does the peer disable compression and how can I get it to
> allow compression.
If you're talking about CCP, there's just no way to run CCP between
free software and Windoze. Sorry.
--
James Carlson, System Architect <[EMAIL PROTECTED]>
IronBridge Networks / 55 Hayden Avenue 71.246W Vox: +1 781 372 8132
Lexington MA 02421-7996 / USA 42.423N Fax: +1 781 372 8090
"PPP Design and Debugging" --- http://people.ne.mediaone.net/carlson/ppp
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: PPP hostnames vs IP
Date: Wed, 01 Sep 1999 15:32:57 GMT
You have to tell the machine where your dns servers reside. If you
don't know what the ip address to your dns server is, ask your isp.
Edit /etc/resolv.conf to:
domain pacbell.net
nameserver <ip address of dns server 1>
nameserver <ip address of dns server 1>
In article <[EMAIL PROTECTED]>,
Rick <[EMAIL PROTECTED]> wrote:
> Hi,
> I'm pretty new to Linux and am still getting my box up and
running. I
> have finally solved the problem of dialing my ISP successfully and
now am
> just tangling with the issue of accessing the web. I can ping
localhost
> and 205.188.247.66 (www.netscape.com) fine, but when I try pinging
> www.netscape.com itself, it can't find the host. I can open up the
IP in
> Netscape as well, but IP addresses only, not hostnames.
> My /etc/ppp/options file is as follows:
> lock
> domain pacbell.net
> ipcp-accept-remote
> ipcp-accept-local
> crtscts
> defaultroute
> debug
> modem
> /dev/ttyS0
> 115200
> noipdefault
> user rpez021
>
> My /etc/hosts file has this:
> 107.0.0.1 localhost localhost.domain.net
>
> Incidentally, I get no errors per se, and I have no resolv.conf
file
> anywhere, so the references I've seen to that in various postings are
lost
> on me. Please help if you can! And thanks a lot!
>
> ------------------ Posted via CNET Linux Help ------------------
> http://www.searchlinux.com
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Marc Marais" <[EMAIL PROTECTED]>
Subject: Re: IPMASQADM
Date: Wed, 1 Sep 1999 11:51:51 -0700
luke wrote in message <[EMAIL PROTECTED]>...
>Ok, i know that to play the games online, i need to use
>ipmasqadm....here is the information i got from the AvP tech site...the
>game runs on ports
>8000-9000 and the server 2300-2400. Now is there a way of setting a port
>range with ipmasqadm? Beacuse typing in 1100 commands could take a while
>:) thanks..
>--
>"Punk rock?!?!?! Isn't that the type of music where kids cut
>each other with razor blades and knives?"
I use:
ipchains -I input 1 -i eth1 -p TCP -d <internet_ip> 2300:2400 -j ACCEPT -m 9
ipchains -I input 1 -i eth1 -p UDP -d <internet_ip> 2300:2400 -j ACCEPT -m 8
ipmasqadm mfw -A -m 8 -r 192.168.1.10
ipmasqadm mfw -A -m 9 -r 192.168.1.10
All matching packets in the 2300:2400 port range are marked with 8 or 9. The
mfw module then forwards these packets to the internal host to the same port
(the port is not transated).
I allow all outgoing packets so the 2300:2400 range is all thats required.
Marc
------------------------------
From: [EMAIL PROTECTED] (Edward S Meadows)
Subject: Re: Hostname for PPP connection?
Date: 1 Sep 1999 14:47:25 -0400
Suppose that I could get my ISP to put my local machine into
their database. Wouldn't I need to associate that hostname
with an IP address? I don't see how that works with dynamic
IP addresses.
This must be a solved problem, since plenty of Linux users
get dynamic IP addresses when they connect to their ISP's.
Edward S. Meadows [EMAIL PROTECTED]
Dept. of Chemical Engineering Office: (302) 831-0726
University of Delaware Home/fax: (302) 369-0777
In article <7qjec7$[EMAIL PROTECTED]>,
Clifford Kite <kite@NoSpam.%�inetport.com> wrote:
>Edward S Meadows ([EMAIL PROTECTED]) wrote:
>
>: I connect my home machine to the world via a PPP connection
>: at the University of Delaware, where I work. The domain
>: there is udel.edu, so I gave my local machine the hostname
>: tiago.udel.edu. I find that I can't use mail from home
>: because my ISP rejects tiago.udel.edu as a valid hostname.
>
>: What should my hostname be in this case? The apparent
>: hostname that my ppp connection has on the remote machine is
>: ppp-as10-14.nss.udel.edu. Is that relevant?
>
>Host names must be added to the DNS data base by a network administrator
>before they can be used to access your host. Just defining your hostname
>won't do it. The ppp-as10-14.nss.udel.edu is the DNS name of the IP
>address used for that particular connection.
>
>--
>Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
>/* For every credibility gap, there is a gullibility fill.
> -- R. Clopton */
--
Edward S. Meadows [EMAIL PROTECTED]
Dept. of Chemical Engineering Office: (302) 831-0726
University of Delaware Home/fax: (302) 369-0777
------------------------------
From: "matt shobe" <[EMAIL PROTECTED]>
Subject: script or exec to allow system users to change pwds via web?
Date: Wed, 1 Sep 1999 13:34:10 -0500
There MUST be a freeware cgi thingy out there for Linux to allow ordinary
system users to perform passwd - style functions via a web page hosted on
the server. Problem is, I just can't find it, and I don't really have the
horsepower to build it meself. Any pointers, wise and wide-ranging
community?
-matt
www.burningdoor.com
------------------------------
From: Simon Green <[EMAIL PROTECTED]>
Subject: Re: Help: Rebooted linux-mandrake 6.0 - now it won't run
Date: Fri, 27 Aug 1999 16:35:39 +1000
This is a multi-part message in MIME format.
==============A1BC8E46F95A610F683E8544
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
1. Sendmail wasn't hung, it was waiting for a DNS resolution, which is
obviously not setup. Remove your nameservers, if any, from /etc/resolv.conf,
and put as the first line:
order hosts, bind
2. Never, ever, ever reset the computer with the reset button using any Unix.
Otherwise, you get what you got. Unix uses a write cache which is not synced
to disk unless it's shutdown in an orderly fashion.
3. From the prompt you have, run:
# umount /dev/hda7
# fsck -A -s
Answer yes to everything (I hope you've got backups, or don't need them).
4. shutdown -r now
With luck that should do it.
Cheers
Simon
"Chris M." wrote:
> I have installed Linux Mandrake 6.0, and the installation went fine. During
> the initial boot after installation, the boot hung on "starting sendmail",
> at that time, the computer was reset using the button on the front of the
> computer. Now the computer hangs on /dev/hda7: UNEXPECTED INCONSISTENCY;
> RUN fsck MANUALLY.
>
> Then I get a series of
> bash:id: command not found
> bash:id: command not found
> bash:id: command not found
> [: too many arguments
> bash:id: command not found
> bash:dircolors:command not found
> bash:mesg:command not found
> [root@(none) / root]#
>
> What do I do Now?
>
> The computer has been setup as a server.
>
> Any help or direction to a good location for help would be greatly
> appreciated.
>
> I do know now that you do not just turn off the computer with the Linux OS
>
> Thanks,
>
> Chris
==============A1BC8E46F95A610F683E8544
Content-Type: text/x-vcard; charset=us-ascii;
name="simong.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Simon Green
Content-Disposition: attachment;
filename="simong.vcf"
begin:vcard
n:Green;Simon
tel;cell:+61 419 479 908
tel;fax:+61 2 9202 8199
tel;work:+61 2 9202 8192
x-mozilla-html:FALSE
org:Logica Aldiscon;Customer Support
adr:;;5th floor, 76 Berry St ;Nth Sydney;NSW;2060;Australia
version:2.1
email;internet:[EMAIL PROTECTED]
title:Support Engineer
x-mozilla-cpt:;28288
fn:Simon Green
end:vcard
==============A1BC8E46F95A610F683E8544==
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
