Linux-Networking Digest #543, Volume #12 Fri, 10 Sep 99 18:13:43 EDT
Contents:
Re: Setting the source IP address (QuestionExchange)
Re: ICQ server on Linux (Bernd Eckenfels)
transparent proxy with squid (Bernd Broermann)
Sharing a PPP connection on a LAN (Mark Santelli)
Cable Modem/Routing Problem? ("R. Terpilowski")
[Help] kernel: eth0: Transmit timeout, status 0d 0000 media 08 ("Simon")
Root nfs, last step. Help! (wmm)
Re: Linux as router (Steve Lamb)
Re: Redhat 6.0 & PPP Question (Scott Nolde)
PPPd and weird /var/log/messages (Habibi4me)
Re: traffic conting (QuestionExchange)
Re: fwtk http-gw problems with linux-2.2.9 (Mandrake 6) ("barfoo")
Re: eth0 in promiscuous mode (Someone)
Re: ethernet failed on install with mandrake 6.0 (RH 6.0) (Peter Wyzlic)
2 q's ([EMAIL PROTECTED])
adding an alias'ed IP? ([EMAIL PROTECTED])
Re: Tulip cards in production? ("Tad")
----------------------------------------------------------------------------
From: QuestionExchange <[EMAIL PROTECTED]>
Subject: Re: Setting the source IP address
Date: 10 Sep 1999 20:27:57 GMT
> I have a machine with three IP addresses on a single NIC. As
load picks
> up I will move to additional machines, but right now they all
sit as
> aliases on the one machine.
>
> I have to establish sockets to other machines which use
wrappers. They
> don't want entries for all IP addresses, as a security issue.
The
> question is, when I am initiating a connect to a remote
machine and have
> aliases, how do I force the connect to be "from" one IP
rather than
> another.
>
> I played with routing and managed to get into a few loops,
hopefully
> there's an easier way than using an ipchain to drop outgoing
packets
> into user space and diddle them!
>
> --
> bill davidsen <[EMAIL PROTECTED]> CTO, TMR Associates, Inc
> "So let it be written, so let it be dumb." Pharaoh Dufus the
last...
>
>
>
Get the "iproute" package from ftp://ftp.inr.ac.ru/ip-routing/
and install it.
Then with "ip" command you can set source address for specific
destinations.
--
This answer is courtesy of QuestionExchange.com
http://www.questionexchange.com/servlet1/showUsenetGuest?ans_id=3207&cus_id=USENET&qtn_id=2977
------------------------------
From: Bernd Eckenfels <[EMAIL PROTECTED]>
Subject: Re: ICQ server on Linux
Date: 10 Sep 1999 19:06:55 GMT
Jim Thomas <[EMAIL PROTECTED]> wrote:
> Actually, there's a thing called "licq" - but I haven't tried it
> lately. You have to set up an account with a "real" (i.e. Windoze ICQ
> package) in order to use it.
This is a client not a server. There are a lot of icq clients. The server is
named already.
Greetings
Bernd
------------------------------
Date: Fri, 10 Sep 1999 21:38:47 +0200
From: Bernd Broermann <[EMAIL PROTECTED]>
Subject: transparent proxy with squid
Hello ,
I want to setup a transparent proxy for http on SuSE 6.2
kernel 2.2.12 with squid-1.NOVM.21-65
There are always cut of the domain names
/var/squid/logs/access.log:
mylinux - - [09/Sep/1999:20:48:15 +0200] "GET /comics/dilbert/"
ERR_INVALID_URL:NONE 567
Firewall:
/sbin/ipchains -A input -i eth0 -p tcp -s $LOCALNET 1024: --dport 80
-j REDIRECT 8080
/sbin/ipchains -A output -i eth0 -p tcp --sport 80 -d $LOCALNET 1024:
-j ACCEPT ! -y
and /etc/squid.conf:
http_accel virtual
httpd_accel_uses_host_header on
http_accel_port 80
http_accel_with_proxy on
There must be something going wrong .
Has you an idea ?
Thanks,
bernd
------------------------------
From: Mark Santelli <[EMAIL PROTECTED]>
Subject: Sharing a PPP connection on a LAN
Date: Fri, 10 Sep 1999 14:57:17 GMT
Hi,
I have a small network. The Linux box is running Caldera 2.2 and is used to
dial into my ISP using PPP. The other box is a windows NT machine. The
Windows box has it's default gateway set to the Linux box and the route
command on the Windows box looks OK.
I can comminicate both ways on my private network. Ping, telnet, ftp
everything works! Whin I dial in to the internet on the Linux box everything
work and I have access to the Internet.
The IP of my Linux box is 100.22.100.2
The IP of the Windows box is 100.22.100.10
---After I have connected to my ISP my routing table looks like this:
route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
216.13.42.2 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
100.22.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 216.13.42.2 0.0.0.0 UG 0 0 0 ppp0
---And my ifconfig is:
ifconfig
eth0 Link encap:Ethernet HWaddr 00:20:AF:D4:95:F9
inet addr:100.22.100.2 Bcast:100.22.100.255 Mask:255.255.255.0
IPX/Ethernet 802.2 addr:0020AFD495F9
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:186 errors:0 dropped:0 overruns:0 frame:0
TX packets:28 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:7 Base address:0x280
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:172 errors:0 dropped:0 overruns:0 frame:0
TX packets:172 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
ppp0 Link encap:Point-to-Point Protocol
inet addr:216.13.42.154 P-t-P:216.13.42.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
I have ip_forwarding enabled on the Linux box during the bootup sequence.
I would like to give access to the Internet to the Windows machine but it
doesn't work. Do I have to set up another route? Could anyone show
me what I am doing wrong?
Thanks,
Mark
------------------------------
From: "R. Terpilowski" <[EMAIL PROTECTED]>
Subject: Cable Modem/Routing Problem?
Date: Fri, 10 Sep 1999 08:27:43 -0700
Hi there,
I have searched long and hard through the newsgroups as well as several
books and was up pretty late last night trying to figure this thing out,
but with no luck. Here's my problem. I have just got a cable modem and I
am trying to connect to the @home network with RH6.0 . I have a static ip
and my network card has been detected ok so it looks like i'm good to go.
I believe that I have set everything up under the netcfg ok (ip, gateway,
DNS servers), but i'm
having some problems. When i try to ping one of @home's DNS servers i
either get a message saying that the network is unreachable or my machine
will just sit there pinging and then state 50 packets sent 0 recieved. I
was able to connect to the network alright under windoze.
Any help would be greatly appreciated!!
Please let me know if you need more info.
I would also appreciate an emailed copy of your response
TIA
Rob
------------------------------
From: "Simon" <[EMAIL PROTECTED]>
Subject: [Help] kernel: eth0: Transmit timeout, status 0d 0000 media 08
Date: Fri, 10 Sep 1999 11:44:42 -0400
Hi.
My log file says:
Sep 11 00:42:16 ns kernel: eth0: Transmit timeout, status 0d 0000 media 08.
Sep 11 00:42:16 ns kernel: eth0: Tx queue start entry 65433 dirty entry
65429.
Sep 11 00:42:16 ns kernel: eth0: Tx descriptor 0 is 002a05ea.
Sep 11 00:42:16 ns kernel: eth0: Tx descriptor 1 is 002a2237. (queue head)
Sep 11 00:42:16 ns kernel: eth0: MII #32 registers are: 1000 782d 0000 0000
05e1 0000 0000 0000.
Sep 11 00:42:16 ns kernel: eth0: Tx descriptor 3 is 102a203c.
Sep 11 00:42:16 ns kernel: eth0: Tx descriptor 2 is 002a205d.
What is this all about?
Is it safe to ignore?
I'm using Redhat 6.0, kernel 2.2.5-22
Thanks in advance.
--
// Shikatronics INC --- Global Source Of Memory Upgrades
// Seehyun Lee <[EMAIL PROTECTED]> ICQ# 3413400
// Programmer @Shikatronics.com, Tel:1-800-637-6477 x276
------------------------------
From: wmm <[EMAIL PROTECTED]>
Subject: Root nfs, last step. Help!
Date: Fri, 10 Sep 1999 19:31:14 GMT
I 'm trying remote boot from Red Hat 6.0 server(2.2.5 or 2.2.10 kernel) via
root nfs and I can't remount / from ro to rw.
On server side I get errors like this:
Aug 31 23:32:52 test kernel: fh_verify: root/etc permission failure,acc=13,
error=30
I have server exports:
/clients/root 192.168.1.0/255.255.255.0 (rw,no_root_squash)
/clients/c1/var 192.168.1.0/255.255.255.0 (rw,no_root_squash)
/clients/c1/tmp 192.168.1.0/255.255.255.0 (rw,no_root_squash)
/usr 192.168.1.0/255.255.255.0 (ro,no_root_squash)
/home 192.168.1.0/255.255.255.0 (rw,no_root_squash)
on clients side /proc/mounts looks like this (after remote boot):
/dev/root / nfs rw,addr=192.168.1.2 0 0
^^^^
/proc proc rw 0 0
but for every write operation I get : "error ... , read only system".
I tried portmap: 192.168.1.0/255.255.255.0 (and others) entry in
hosts.allow but it`s not working too.
Strange but I can mount nfs rw from this server on other machine (with hard
disk).
best regards
Mark Mazur
[EMAIL PROTECTED]
================== Posted via CNET Linux Help ==================
http://www.searchlinux.com
------------------------------
From: [EMAIL PROTECTED] (Steve Lamb)
Subject: Re: Linux as router
Date: 10 Sep 1999 15:30:41 GMT
Reply-To: [EMAIL PROTECTED]
On Fri, 10 Sep 1999 11:36:01 +0300, Andrejs Shtrumfs <[EMAIL PROTECTED]> wrote:
>I have a linux box with two network interfaces and a win95 box. Eth0 on
>linux is connected to RadioLink going to ISP. Eth1 - to win95. Linux
>have to act as router. But i cannot ping the linux box from win95 and
>vice versa. Ifconfig shows that both interface are up. What can be the
>problem?
What are the network settings on the two machines? Have you verified that
the cable between the two is good? Is the Linux box dorectly connected to the
Win95 box? If so, is the cable a crossover instead of straight through?
--
Steve C. Lamb | I'm your priest, I'm your shrink, I'm your
ICQ: 5107343 | main connection to the switchboard of souls.
===============================+=============================================
------------------------------
From: Scott Nolde <[EMAIL PROTECTED]>
Subject: Re: Redhat 6.0 & PPP Question
Date: Thu, 09 Sep 1999 23:59:42 GMT
Add these lines to /etc/conf.modules:
alias ppp-compress-21 bsd_comp
alias ppp-compress-24 ppp_deflate
alias ppp-compress-26 ppp_deflate
- Scott
Rob Martin wrote:
>
> Hello all, especially those with answers!
>
> I'm running Redhat 6.0 on Intel, and I've managed to get a PPP connection
> (apparently) going using pppd and a chatscript. Phew!
>
> However, once I have a connection that looks good (my system log ends with
> "Connect: ppp0 <--> /dev/ttyS0") and try it with Netscape, I find I can't go
> anywhere today. (Sorry for the Micro$oft allusion!)
>
> Trying ping to my remote host works, generally in about 300 msecs (some
> going to 12000 or more msecs).
>
> Going back to my system log, I consistently find several entries 5 secs
> after the "Connect: ppp0 <--> /dev/ttyS0" that go like this:
>
> modprobe: can't locate module ppp-compress-21
> modprobe: can't locate module ppp-compress-26
> modprobe: can't locate module ppp-compress-24
>
> On some occasions they repeat three or four times in the same sequence.
>
> Anyone familiar with this problem? Any ideas?
>
> Incidently, I'm using a CNet external V.90 modem, and I don't have much of a
> init string on it...right now just AT&F&K3 (although I also tried simply
> ATZ).
>
> Regards to all (and again, especially the ones who can help me!!),
> Rob Martin
--
================================================
Scott Nolde
[EMAIL PROTECTED]
================================================
------------------------------
From: Habibi4me <[EMAIL PROTECTED]>
Subject: PPPd and weird /var/log/messages
Date: Fri, 10 Sep 1999 12:38:20 -0400
Hi,
I have a ppp connection to the internet through a modem. After the pppd
makes the connection, my /var/log/messages file keeps getting bigger and
bigger. When I checked the the /var/log/messages file, it looks like
the pppd keeps dummping a "rcvd" and "sent" messages as seen below:
Sep 10 09:05:17 toba pppd[26382]: sent [IPCP ConfReq id=0x2 <addr
209.246.176.13Sep 10 09:05:17 toba modprobe: modprobe: Can't locate
module ppp-compress-24
Sep 10 09:05:17 toba pppd[26382]: rcvd [IPCP ConfAck id=0x2 <addr
209.246.176.13Sep 10 09:05:17 toba pppd[26382]: Cannot determine
ethernet address for proxy AR
Sep 10 09:05:17 toba pppd[26382]: local IP address 209.246.176.132
Sep 10 09:05:17 toba pppd[26382]: remote IP address 209.244.43.129
Sep 10 09:05:17 toba pppd[26382]: Script /etc/ppp/ip-up started (pid
26386)
Sep 10 09:05:17 toba pppd[26382]: Script /etc/ppp/ip-up finished (pid
26386), st
Sep 10 09:05:46 toba pppd[26382]: sent [LCP EchoReq id=0x1
magic=0xc734d022]
Sep 10 09:05:46 toba pppd[26382]: rcvd [LCP EchoRep id=0x1
magic=0x0]
Sep 10 09:06:16 toba pppd[26382]: sent [LCP EchoReq id=0x2
magic=0xc734d022]
Sep 10 09:06:16 toba pppd[26382]: rcvd [LCP EchoRep id=0x2 magic=0x0]
Sep 10 09:06:46 toba pppd[26382]: sent [LCP EchoReq id=0x3
magic=0xc734d022]
Sep 10 09:06:46 toba pppd[26382]: rcvd [LCP EchoRep id=0x3
magic=0x0]
:
.
Does anyone have any clues to this? Also why the "modprobe" complained
that it could not locate the "module ppp-compress-24"
--
[EMAIL PROTECTED]
PS. Remove "4m" from e-mail address to enable reply.
------------------------------
From: QuestionExchange <[EMAIL PROTECTED]>
Subject: Re: traffic conting
Date: 10 Sep 1999 20:27:1 GMT
> I want to count the traffic over the line for each ip-
address.
> I have a redhat Linux 6.0 and 2 network cards in my computer.
> Does anybody know which software can do this.
>
> Thanx for any help.
>
> Roman Berngruber
>
>
>
>
ipchains
Example simplest script:
#!/bin/sh
ADDRESSES="1.1.1.1 2.2.2.2 3.3.3.3 ..."
for ADDR in ${ADDRESSES}; do
ipchains -A input -s ${ADDR}
ipchains -A output -d ${ADDR}
done
If you are interested only in traffic through a ppp line:
#!/bin/sh
ADDRESSES="1.1.1.1 2.2.2.2 3.3.3.3 ..."
for ADDR in ${ADDRESSES}; do
ipchains -A input -d ${ADDR} -i ppp0
ipchains -A output -s ${ADDR} -i ppp0
done
--
This answer is courtesy of QuestionExchange.com
http://www.questionexchange.com/servlet1/showUsenetGuest?ans_id=3202&cus_id=USENET&qtn_id=2962
------------------------------
From: "barfoo" <[EMAIL PROTECTED]>
Crossposted-To: comp.security.firewalls
Subject: Re: fwtk http-gw problems with linux-2.2.9 (Mandrake 6)
Date: Fri, 10 Sep 1999 18:49:04 +0200
Not sure if I am talking about the same problem...
There's a problem with IE4 and http-gw.
- IE4 send requests using 1.1 (configuring it to use 1.0 is a real
challenge! On NT, you'll ave to enable or disale or do anything to "IP
routing"in network configuration. don't ask me what IP routing has to do
with HTTP).
- when it receives the proxy response, IE4 ignores the response line that
states the response is 1.0.
- http-gw forwards the request using the same protocol as specified by the
client. This is a bug.
To solve the problem, modify the code of http-gw to always send HTTP/1.0
when forwarding HTTTP requests
(for example, edit process_request() and check if the proto is http, if so,
make it "HTTP/1.0")
Regards,
Gord Shier <[EMAIL PROTECTED]> a �crit dans le message :
[EMAIL PROTECTED]
> Hi.
>
> I have been using the TIS fwtk http proxy. When I upgraded my machine
> to Mandrake 6 (linux-2.2.9) from RedHat 5.1 Manhattan (linux-2.0.34),
> I noticed that some pages (especially generated from form POSTs) do
> not get back to the http client from the proxy.
>
> Here's what's happening (as monitored with a network sniffer):
> 1. client POSTs the form to the proxy
> 2. the proxy POSTs the form to the server
> 3. the server responds to the proxy (all in one packet with the tcp
> 'end-of-data' flag set)
> 4. the proxy reads the first line of the response (HTTP/1.1 200 OK),
> and sends it to the client (with the tcp 'reset-connection' flag set)
> 4. the proxy reads the rest of the response lines from the server and
> attempts to write them to the client, but no data actually goes onto
> the network.
>
> The difference (between old system and new) seems to be that the proxy
> sets the tcp 'reset-connection' flag, and that any data sent after
> that is discarded somewhere between the application and the interface.
>
> I don't think that this is an http-gw issue (as I've gone through the
> code fairly carefully), but I wonder if anyone else has seen this
> problem.
>
> At the same time, I was wondering if any of the linux networking gurus
> might know why this is happening.
>
> Best regards to all.
> Gord.
> [EMAIL PROTECTED]
------------------------------
From: Someone <[EMAIL PROTECTED]>
Subject: Re: eth0 in promiscuous mode
Date: Fri, 10 Sep 1999 09:42:27 -0700
thebrownhighlander wrote:
>
> In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] says...
> > promiscous mode means that the card will capture every frame on the network
> > & pass it up to a higher layer, where it willl be discarded. This mode is
> > normally only useful for running network sniffer programs, so disabling it
> > may improve your performance.
> sorry for the bother but how would i disable this sniffer? i don't even
> know what it is.
Probably the arpwatch daemon. You can use setup to disable arpwatch if
you
run Redhat.
Jochen
------------------------------
From: [EMAIL PROTECTED] (Peter Wyzlic)
Subject: Re: ethernet failed on install with mandrake 6.0 (RH 6.0)
Date: 10 Sep 1999 20:27:43 GMT
On Fri, 10 Sep 1999 19:31:14 GMT, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
>Hey all, I have been looking around to try to find some walk
>through for installing a card not found during the
>installation... I have a linksys 10/100 PCI on a P-II, but
>every site I go to links to another, and I am only finding bits
>of information. I'm not at the point where I know even where to
>put modules, what modules do, etc. Does anyone know a good site
>that won't take me in circles?
Most or at least the most substancial nic drivers can be found
via Donald Becker's site:
http://cesdis.gsfc.nasa.gov/linux/drivers
However, I don't know if your card is supported. Check it.
If you have downloaded a suitable driver (c source file) you have
to put it into a directory where you store the linux kernel
sources. Then rebuild the kernel.
Peter
--
"A great many people think they are thinking when they are merely
rearranging their prejudices." -- William James
------------------------------
From: [EMAIL PROTECTED]
Subject: 2 q's
Date: Fri, 10 Sep 1999 21:06:09 GMT
First question- How do you make a ftp server upload directory, where
users can enter the directory and upload to it, but not be able to see
anything inside it.
Second- How do i restrict my ftp user account- named mp3, from telneting
to the computer? The user sholud be able to ftp but not telnet. The
account is in the ftp group.
BTW- I'm using RH 6.0 and ncftpd
Thanks
Dave
[EMAIL PROTECTED]
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED]
Subject: adding an alias'ed IP?
Date: Fri, 10 Sep 1999 20:33:54 GMT
How can I tell if I have properly configured the
kernel for IP aliasing and/or
what else am I doing wrong. I am trying to do the
following under 5.2:
./ifconfig eth0.1 198.115.xxx.xxx netmask
255.255.255.0
and I get this back:
SIOCSIFADDR: Operation not supported by device
eth0.1: unknown interface.
SIOCSIFNETMASK: Operation not supported by device
thanks,
Brett Tofel
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Tad" <[EMAIL PROTECTED]>
Subject: Re: Tulip cards in production?
Date: Fri, 10 Sep 1999 14:21:22 -0700
Adam Bartels wrote in message <[EMAIL PROTECTED]>...
>The tulip chip is a DEC product. I have had excellent results with Netgear
>FA310TX 10/100 cards. They are cheap too, 25 - 30 USD retail.
Didn't they stop using the Tulip chip on these?
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
