Linux-Networking Digest #556, Volume #12 Sat, 11 Sep 99 22:13:22 EDT
Contents:
3c59x in half-duplex (Ian Wehrman)
question about network card (Pete)
Re: Browsers and Linux (John Hasler)
Re: samba-2.0.5b vs rh6.0/any 2.2 kernel ("Gene Heskett")
Re: Help: Linux Netscape can't do DNS lookups using ADSL (Hal Burgiss)
slow download, fast upload? (Roderic Tse)
Re: ifconfig question (David Crooke)
Need modem help with linux...outside realm of HOWTOs (JackNB)
Re: D-Link NIC (Roderic Tse)
Re: named fails since upgrading from RH5.1 to RH5.2 (Roderic Tse)
Re: SupraMax PCI Modem under Red Hat 5.2 (C. C. McPherson)
Configuring Windoze/Linux network ([EMAIL PROTECTED])
Squid.conf dns_nameservers setting ("Mark Thomas")
Re: 2nd NIC won't load (Peter Cioe)
Re: masquerading incoming http requests? (Jason Rosenberg)
Re: Cable Modem/Routing Problem? ([EMAIL PROTECTED])
Re: Automatically dial the internet from my firewall/router? (David Crooke)
Re: sound problems!!!!!! ([EMAIL PROTECTED])
Re: ifconfig question ("grater")
Re: Using redir to expose a web-server behind firewall? (Jason Rosenberg)
Re: Restricting download traffic through router (Wim Van Dijck)
----------------------------------------------------------------------------
From: Ian Wehrman <[EMAIL PROTECTED]>
Subject: 3c59x in half-duplex
Date: Sat, 11 Sep 1999 20:02:55 -0500
hello all,
i'm trying to get my friend's 3com 3c905b up and running on our net, and
am having some difficulties. the 3c59x module doesn't show any problems
loading and getting an address from the dhcp server, and at first glance
the thing almost appears to work. however, it tends to show about 40%
packet loss, especially on large files, independent of the server at the
other end. i personally am running a 3c900 in half-duplex mode just
fine, and have read various things that lead me to believe the card
would work better on resnet in half-duplex, 10baseT mode. i am trying to
use the 'options' flag with insmod to get the 3c59x module to go
half-duplex, but can't seem to find a combination that's doing it (i'm
checking this with donald becker's vortex-diag program). has anyone else
had a similar problem? does anyone have a clue about how to get the
3c905 into half-duplex? am i on the right track?
any help would be really appreciated.
later,
ian
------------------------------
From: [EMAIL PROTECTED] (Pete)
Crossposted-To: alt.os.linux,comp.os.linux.questions
Subject: question about network card
Date: 11 Sep 1999 23:33:55 GMT
dear all,
i'm trying to get DSL going on my machine. i'm pretty knowledgable about
linux, but know very little about networking (although i'm learning).
here is ifconfig:
eth0 Link encap:Ethernet HWaddr 00:C0:F0:48:DF:5A
inet addr:216.102.106.76 Bcast:216.102.106.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:18 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:18 Base address:0xe800
and dmesg:
tulip.c:v0.91 4/14/99 [EMAIL PROTECTED]
eth0: Lite-On 82c168 PNIC rev 32 at 0xe800, 00:C0:F0:48:DF:5A, IRQ 18.
eth0: MII transceiver #1 config 3100 status 7829 advertising 01e1.
and question:
when i try to telnet to a remote host, the tx/rx light on the dsl splitter
blinks off and on, but the telnet 'hangs' till i control-c out of it.
when i try to telnet to myself (telnet 216.102.106.76), it works. i can
log into my machine and everything.
does this mean that my ethernet card is absolutely configured ok and the
problem lies in networking configuration? or is there still the
possibility that my card isn't configured correctly?
thanks!
pete
------------------------------
From: John Hasler <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,comp.os.linux.setup
Subject: Re: Browsers and Linux
Date: Sat, 11 Sep 1999 19:56:30 GMT
Ernest writes:
> And, you would noice that I have never complained nor exused my
> browser. I get the distict feeling that it is all the people that use
> Netscape that have been complaining and insisting.
Why would anyone in his right mind read news with a Web browser? I use
gnus, myself.
> All the rest of use what we have.
So what stops you from getting something different?
--
John Hasler This posting is in the public domain.
[EMAIL PROTECTED] Do with it what you will.
Dancing Horse Hill Make money from it if you can; I don't mind.
Elmwood, Wisconsin Do not send email advertisements to this address.
------------------------------
Date: 11 Sep 99 20:26:18 -0500
From: "Gene Heskett" <[EMAIL PROTECTED]>
Subject: Re: samba-2.0.5b vs rh6.0/any 2.2 kernel
Unrot13 this;
Reply to: <[EMAIL PROTECTED]>
Gene Heskett sends Greetings to Carl Anderson;
CA> to properly get smbmount on a redhat 6.0 system
CA> cd to packaging/RedHat inside the samba source tree
CA> and (read README)...
CA> To produce the RPMS simply type:
CA> sh makerpms.sh
CA> Im confused us1.samba.org and s2.samba.org show samba.2.0.5a as
CA> current
CA> where are you getting the 2.0.5b from??
Would you believe a typo? :-)
Cheers, Gene
--
Gene Heskett, CET, UHK |Amiga A2k Zeus040 50 megs fast/2 megs chip
Ch. Eng. @ WDTV-5 |A2091,GuruRom,1g Seagate,CDROM,Multiface III
|Buddha + 4 gig WDC drive, 525 meg tape
|Stylus Pro, EnPrint, Picasso-II, 17" vga
RC5-Moo! 690kkeys/sec isn't much, but it all helps
email gene underscore heskett at iolinc dot net
--
------------------------------
From: [EMAIL PROTECTED] (Hal Burgiss)
Crossposted-To: comp.dcom.xdsl,comp.os.linux.misc
Subject: Re: Help: Linux Netscape can't do DNS lookups using ADSL
Reply-To: [EMAIL PROTECTED]
Date: 11 Sep 1999 20:35:34 -0500
On 11 Sep 1999 19:03:35 -0500, Hal Burgiss <[EMAIL PROTECTED]> wrote:
>On Fri, 10 Sep 1999 16:27:51 GMT, [EMAIL PROTECTED] <[EMAIL PROTECTED]>
>wrote:
>>Hi,
>>
>>This is a really strange problem. I've been using a stock RedHat 5.2
>>system for about a year with no problems. I recently got ADSL service
>>from BellSouth. It works really well, except for one (really important)
>>thing: Netscape Navigator can't do DNS lookups properly. Here're the
>>facts:
>>
>> * Doing a "nslookup hostname.com" works fine. DNS lookups also
>> work fine for other software, such as lynx, ping, ssh, etc.
>> * When Netscape tries to do a DNS lookup, its CPU usage goes up to
>> 95%, and my other ADSL networking dies (i.e., all my telnet
>> sessions are hung, ping hangs, etc.). When I hit "stop" in
>> Netscape, my networking is fine (i.e., telnet connections
>> weren't dropped, just hung). I have left Netscape for 10
>> minutes to see what happens, and it never completes the DNS
>> lookup.
>> * I have tried this with Netscape versions 4.51, 4.6, and 4.07
>> with the same results.
>> * In desperation, I setup a caching DNS server on my machine, and
>> put 127.0.0.1 in my /etc/resolv.conf. So now when I want to go
>> to foo.com, I do a "nslookup foo.com", and then I can go to
>> foo.com from Netscape, since foo.com will already be in named's
>> cache, and Netscape will look it up quickly and proceed as
>> normal. Obviously, this is a non-optimal way to browse the web.
>> * I have tried a variety of different name servers, including ones
>> at my company, the ones that DHCP sets up in
>> /etc/resolv.conf.dhcp, and the root nameservers that my named
>> uses. Same effect for all of them.
>> * I never had any problems like this when I was using PPP for
>> internet service.
>>
>
>With RH6, NS 4.61 and BS ADSL, I have had no problems. Which doesn't
>solve your problem, but I would have to think this is not a NS problem
>per se. Is NS using a proxy by any chance?
>
Correction to 'no problems at all': just had a bizarre NS lockup, which
not only took down X, but put my monitor into sleep mode (no screen at
all), and locked the keyboard. I suspect the Alcatel is involved somehow
since dhcp kept failing until I powered down/up the Alcatel.
--
Hal B
[EMAIL PROTECTED]
--
Linux helps those who help themselves
------------------------------
From: Roderic Tse <[EMAIL PROTECTED]>
Subject: slow download, fast upload?
Date: Sun, 12 Sep 1999 03:36:30 +0800
i have a really strange problem with my 100Mbps LAN, which is that i can
send files from a pc to my linux at 3Mb/s but the other way i only get
8kb/s.
i first noticed this problem when i tried to use samba on the linux to
serve files. i then tried it with ftp and got the same results. i'm not
very familiar with networking details, so i'm kinda stumped. is this a
common problem or have i done something wrong with my setup?
the linux serves as a gateway to my cable modem. eth0 is a 3com
3c900-tpo and eth1 is a d-link dfe-530tx.
eth0 Link encap:Ethernet HWaddr 00:60:08:A9:DA:23
inet addr:202.169.227.166 Bcast:202.169.227.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:88380 errors:0 dropped:0 overruns:0 frame:0
TX packets:48466 errors:0 dropped:0 overruns:0 carrier:0
collisions:93 txqueuelen:100
Interrupt:12 Base address:0x7000
eth1 Link encap:Ethernet HWaddr 00:50:BA:A6:26:8F
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:101944 errors:0 dropped:0 overruns:0 frame:0
TX packets:97445 errors:0 dropped:0 overruns:0 carrier:0
collisions:18 txqueuelen:100
Interrupt:5 Base address:0x6c00
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:2795 errors:0 dropped:0 overruns:0 frame:0
TX packets:2795 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
i also enabled masquerading for my LAN. other than this, i haven't
messed with the ip layer.
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
target prot opt source destination
ports
MASQ all ------ 192.168.1.0/24 anywhere n/a
Chain output (policy ACCEPT):
i would appreciate any comments or assistance. thank you in advance!
--
Sig? Oh yeah... here ya go:
^C
------------------------------
From: David Crooke <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: ifconfig question
Date: Sun, 12 Sep 1999 00:32:15 GMT
Michael Starkie wrote:
>
> My default route is through my ehternet device ( eth0 ). When I want
> to connect to a private network using ppp, I must bring down my ehternet
> device so that my ppp device ( ppp0 ) is used as a default device. Must
> I do this? I can't ping any IP address inside the private network until
> I issue: "/sbin/ifconfig eth0 down". After this I can ping any host
> inside the private network. The ehternet device is configured with a
> dynamic IP address by DHCP as is the ppp device. After I finish using
> the private network by exiting ppp, I can't use the ethernet device by
> simply issuing" "/sbin/ifconfig eth0 up" because this command does not
> bind the original IP address that was once assigned to this device. How
> to I reconfigure the eth0 device with the original IP address?
It shouldn't be necessary to take down the ethernet card - just make
sure there is an appropriate netmask and routing for the private network
set to use ppp0 and all will be well, and you can use both
simultaneously.
Dave
--
David Crooke, Austin TX, USA. +1 (512) 656 6102
"Open source software - with no walls and fences, who needs Windows
and Gates?"
------------------------------
From: JackNB <[EMAIL PROTECTED]>
Subject: Need modem help with linux...outside realm of HOWTOs
Date: Sun, 12 Sep 1999 00:33:49 +0000
System: Laptop
Modem: Foresson, internal with Rockwell RCVDL56ACF
This is NOT a winmodem!
Init string: Same under both w98 and linux RH6.0 (kernel-2.2.10)
IRQs: Same under both OSs
Under w98, downloads proceed at 40-50kbs with few, if any stalls.
Problem:
Under linux, downloads start at 50+k and drop to
zero almost immediately, stalls for varying periods of time, then
sawtooths between high speed and stalls. Stalls last from seconds to
minutes. Effectively linux is unusable to download any file more than a
few kb.
Have tried various packet sizes and varied init strings and most every
other variable; made no difference.
Another even stranger phenomenon: linux refuses to connect to any
Netscape ftp site; Communicator 6.1 installed. No other ftp site is
involved.
Would appreciate any help.
Thanks.
Jack.
------------------------------
From: Roderic Tse <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux
Subject: Re: D-Link NIC
Date: Sun, 12 Sep 1999 05:42:57 +0800
Glossifah wrote:
> Nearly 934916940 seconds after the Epoch, M O'Neill <[EMAIL PROTECTED]>
>wrote:
> > Cross posted:
> > comp.os.linux.networking
> > alt.os.linux
> >
> > What driver is used with the D-link 10Mbs PCI network card?
> >
d-link dfe-530tx uses via-rhine driver. this is a 10/100 card though.
--
Sig? Oh yeah... here ya go:
^C
------------------------------
From: Roderic Tse <[EMAIL PROTECTED]>
Subject: Re: named fails since upgrading from RH5.1 to RH5.2
Date: Sun, 12 Sep 1999 05:37:36 +0800
Mark Worsdall wrote:
> Could it be that since rh5.2 it has compiled something different, it
> seems not to be reading all my primary files like it once did?
your bind is version 8 now, which works slightly differently from bind 4.
instead of the named.boot, it reads the config from named.conf and it has a
different format. there's a converter somewhere which will make your named.boot
into a named.conf, but i can't remember what it's called now.
--
Sig? Oh yeah... here ya go:
^C
------------------------------
From: [EMAIL PROTECTED] (C. C. McPherson)
Crossposted-To: comp.os.linux.hardware,comp.os.linux.setup,comp.os.linux.misc
Subject: Re: SupraMax PCI Modem under Red Hat 5.2
Date: Sat, 11 Sep 1999 08:51:55 -0400
> Hi.
>
> I bought a SupraMax 56k PCI and it works fine under Windows 9x/NT.
> I tried to use it under Red Hat Linux 5.2 and I could not get the modem
> to work.
>
> Before I bought it, I checked
>
>http://www.redhat.com/corp/support/hardware/intel/52/rh52-hardware-intel-14.html#ss14.3
>
> and it says that the following (among others) are incompatible modems:
>
> - Plug-and-Play (PNP) modems (these may be set up via isapnptools and
> setserial).
> - Modems that require software drivers for compression, error
> correction, high-speed operation, etc.
> - PCI Memory Mapped Modems (these do not act like serial ports)
> - Internal SupraExpress 56k
> - Internal SupraSonic 56k
> - ...
>
> But is says nothing about SupraMax. So I assumed it would work.
>
> I have read now "Modems: Traditional, Controller-less and Soft" white
> paper
> http://www.supra.com/products/white-papers/communications/c-less_paper.html
>
> and now I am afraid that is too late.
>
> Is it possible to get the modem working in a different OS other that
> Windows 9x/NT ?
> And is it possible to get the modem working under Linux ?
>
> Thank you
> Goncalo
> [EMAIL PROTECTED]
>
>
>
>
Sorry but 99% of PCI modems are win modems. Best bet, since the manufactures
hide the winmodem fact (which should be illegal), is get an external modem.
Before buying any modem, you need to check out
http://www.o2.net/~gromitkc/winmodem.html
this is a very extensive list of modems and type.
Clyde
------------------------------
From: [EMAIL PROTECTED]
Subject: Configuring Windoze/Linux network
Date: Sun, 12 Sep 1999 00:09:31 GMT
I have just put together a new Linux box which I want to act as a server
for web/database development that I can hit from a Windows machine.
Redhat 6.0 installed fine and I think it is detecting the network cards
under Linux (SoHoWare Network Plus kit with 2 10/100 cards and a five
port hub). The card installed fine under windows and I get a light on
the card and the hub.
Under Linux the nic light stays on at bootup until the 'configuring
eth0' line where it goes off and then flashes a few times before going
out completely when the machine is ready for a login.
I have done a dmesg to see that it is a tulip v.89H and it is set to
IRQ9, but there are no error messages here. If I run ifconfig it
reports the ip address of eth0 etc and shows the interrupt at 9 with
base address of 0xd800, but it shows lots of Transmit errors and the nic
light remains off.
I ran tulip-diag and everything looks fine
Rx - 'Waiting for packets'
Tx - 'Idle'
Do I need to do some other configuration to get the nic light to come
on. There will only be two machines on the network and I used 10.0.0.1
for the IP and 255.0.0.0, any problems with this. I'm searching through
stuff online to see if I've missed something?
Do I need to install the new version of tulip ??
Does anyone know of a good tutorial for setting up a very simple home
network of 1 pc & 1 Linux server that they could point me to or help in
any other way, I'd really appreciate it.
Gary
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "Mark Thomas" <[EMAIL PROTECTED]>
Subject: Squid.conf dns_nameservers setting
Date: Sun, 12 Sep 1999 02:01:44 +0100
I am trying to use the dns_nameservers setting in squid.conf to override my
default DNS servers specified in my resolv.conf file, however it doesn't
seem to be having an effect, and lookups go to the DNS servers specified in
resolv.conf.
The appropriate line is entered as: -
dns_nameservers <ip1> <ip2>
(Without the brackets)
Are any other settings required to make this work?, if not does anyone have
any ideas what the problem might be.
Thank, Mark
------------------------------
From: Peter Cioe <[EMAIL PROTECTED]>
Subject: Re: 2nd NIC won't load
Date: Sun, 12 Sep 1999 00:36:09 GMT
I got it to work, not sure if this is the correct way.
I copied the /etc/sysconfig/network-scripts/ifcfg-eth0
and created ifcfg-eth1 edited it to the 2nd NIC's settings. Now when I
reboot it loads both eth0 and eth1. I also did the same and eth2
loaded.
Is this the best way to fix my problem?
Thanks
Peter
Peter Cioe wrote:
>
> Hello,
>
> I am trying to install a 2nd and 3rd NIC card in two my Redhat 5.0 box.
> I have 3 NE2000 compatible cards.
>
> eth0 loads fine by itself, eth1 will not load unless I type:
> modprobe eth1
>
> the conf.modules file looks like this:
> alias eth0 ne
> alias eth1 ne
> options eth0 -o ne-0 io=0x240 irq=9
> options eth1 -o ne-1 io=0x220 irq=5
>
> I tried modifying lilo.conf adding:
> append="ether=9,0x240,eth0 ether=5,0x220,eth1"
>
> and I also tried changing that to:
> append="ether=0,0,eth1"
>
> Saw that in another posting.
>
> Nothing will get the 2nd NIC card to load by itself, eventually I want
> to get a 3rd NIC up and working.
>
> Any hints?
> Thanks in advance
> Peter
------------------------------
From: Jason Rosenberg <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: masquerading incoming http requests?
Date: Sun, 12 Sep 1999 01:27:21 GMT
Johann wrote:
>
> Jason Rosenberg schrieb:
>
> > I want to have a web-server running on a machine on my
> > internal net which doesn't have an official external IP address.
> > Is this possible.
> >
> > I haven't seen anything indicating it would be possible from
> > any of the HOWTO's and various linux documentation I've seen so far.
> >
> > What I am thinking would be necessary would be a way to route incoming
> > http packets to the internal server. Is this possible.
> >
> > Essentially, it would require the firewall system to be checking incoming
> > http packets, and to forward them to the appropriate internal system
> > based on the URL, using packet masquerading.
> >
> > Is this reasonable, has it been done, what are the issues, etc.?
> >
> > Jason
>
> This is a part of the IP Masquerade HOWTO
Actually, it is not described in the IP Masquerade HOWTO I saw? What
section?
I did see it talk about redirecting certain ports, but didn't explicitly talk
about dealing with http and internal web-servers.
I am now slowly learning more, that apparently port 80 is used for webservers,
and so I should redirect 80 to my web-server. However, this limits the
number of webservers I can have to just 1 on my LAN. What I was hoping for,
actually, was to have a way to interpret different sub-directories within
the incoming URL and use that to redirect appropriately. Is that possible?
Jason
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Cable Modem/Routing Problem?
Date: Sun, 12 Sep 1999 01:31:21 GMT
On Fri, 10 Sep 1999 08:27:43 -0700, "R. Terpilowski" <[EMAIL PROTECTED]> wrote:
Ok. This might work. I found that with cable modems (where I live) I had to run a
DHCP client on
my linux server. The IP I have is static, same one after every power failure but
still have to run
the client. With the other technology ADSL (phone company) the DHDP client is not
required.
>Hi there,
>I have searched long and hard through the newsgroups as well as several
>books and was up pretty late last night trying to figure this thing out,
>but with no luck. Here's my problem. I have just got a cable modem and I
>am trying to connect to the @home network with RH6.0 . I have a static ip
>and my network card has been detected ok so it looks like i'm good to go.
>I believe that I have set everything up under the netcfg ok (ip, gateway,
>DNS servers), but i'm
>having some problems. When i try to ping one of @home's DNS servers i
>either get a message saying that the network is unreachable or my machine
>will just sit there pinging and then state 50 packets sent 0 recieved. I
>was able to connect to the network alright under windoze.
>
>Any help would be greatly appreciated!!
>Please let me know if you need more info.
>I would also appreciate an emailed copy of your response
>
>TIA
>
>Rob
>
------------------------------
From: David Crooke <[EMAIL PROTECTED]>
Subject: Re: Automatically dial the internet from my firewall/router?
Date: Sun, 12 Sep 1999 00:38:08 GMT
Dale Pontius wrote:
>
> But be careful if you're running any sort of DNS, because I've
> heard no end of trouble with people getting spurious dials in
> that circumstance. I'm running caching nameserver, so I haven't
> even tried. Besides, the rest of the family appreciates some
> determinism in telephone availabity.
>
> Dale Pontius
> DEPontius AT usa DOT net
There is no problem with DNS per se, you just have to make sure that
applications aren't causing DNS lookups which go offsite (and cause a
dial) when you don't want them to.
My mother's machine is running diald 0.99 on SuSe 5.3 with DNS, no
trouble.
Dave
--
David Crooke, Austin TX, USA. +1 (512) 656 6102
"Open source software - with no walls and fences, who needs Windows
and Gates?"
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.networking,comp.os.linux,comp.os.linux.x
Subject: Re: sound problems!!!!!!
Date: Sun, 12 Sep 1999 00:59:37 GMT
In article <7re2dv$9h3@rain>,
"exploser" <[EMAIL PROTECTED]> wrote:
> I have set my soundcard by sndconfig, it work in the test and i have
heard
> Linus Torvald's sound!! but when i started the X-window, it does not
show
> any sound effect, even if i try to use X11amp,it failed to play any
> MP3!!Why??Please help me to solve it!!!!!thx!!
>
>
I'm afraid it might be that the Enlightenment window manager,
or something like that, have done locking the sound device.
If it is the Enlightenment's fault, read their FAQ for
releasing the sound device for other process.
--end of rep--
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: "grater" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: ifconfig question
Date: Sat, 11 Sep 1999 20:23:01 -0500
Don't bring your eth0 device down. All you need to do is delete the default
route for eth0 and add the default route for ppp0 when you make your ppp
connection ( ppp ip-up scripts would be a good place ). Then do the
opposite when you bring your ppp connection down ( ppp ip-down scripts ).
For example (add to /etc/ppp/ip-up.local if using RedHat distribution ):
/sbin/route del default eth0
/sbin/route add default ppp0
Then add the eth0 default route back:
/sbin/route add default gw "ip address of your gateway"
You might try just adding the ppp0 route, but if I remember correctly, I had
to remove the eth0 default route.
Michael Starkie <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> My default route is through my ehternet device ( eth0 ). When I want
> to connect to a private network using ppp, I must bring down my ehternet
> device so that my ppp device ( ppp0 ) is used as a default device. Must
> I do this? I can't ping any IP address inside the private network until
> I issue: "/sbin/ifconfig eth0 down". After this I can ping any host
> inside the private network. The ehternet device is configured with a
> dynamic IP address by DHCP as is the ppp device. After I finish using
> the private network by exiting ppp, I can't use the ethernet device by
> simply issuing" "/sbin/ifconfig eth0 up" because this command does not
> bind the original IP address that was once assigned to this device. How
> to I reconfigure the eth0 device with the original IP address?
>
>
>
------------------------------
From: Jason Rosenberg <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: Using redir to expose a web-server behind firewall?
Date: Sun, 12 Sep 1999 01:22:35 GMT
David Crooke wrote:
>
> Jason Rosenberg wrote:
> >
> > I was considering having that NT machine be my proxy-firewall
> > server (using something like WinGate).
>
> That's possible, but all advocacy and religion aside, this is one of
> those things that Linux really does do better than NT ;-)
>
I am definitely willing to believe this, I just want to make sure that
everything will connect, and it's beginning to sound like it will...
> >
> > Alternatively, I would like to consider using the linux
> > machine as my proxy-firewall. But I wonder whether this
> > is possible. Can I still have a web-server behind the
> > firewall remain externally visible?
>
> Yes, absolutely. You just need to forward the appropriate port(s) to the
> NT box.
> Linux makes a great low impact firewall / masq server.
>
Can you refresh me a little on ports. Is there a master list available
as to what the excepted conventions are for port number assignments, etc.
Is 80 the excepted port for web-server requests? What about ftp, etc.?
It sounds like I would be limited to having only 1 web-server machine
behind the firewall, if the convention is that 80 is always used for
webservers, and if I can only redirect based on port number. I could
only ever be redirecting to 1 webserver. Which is ok, for now, but
may become a restriction later....
I was just looking at a Windows product called SyGate, which looks a
hell of a lot better than WinGate. It does vaguely claim to support
webservers behind the fire-wall, but so far I haven't been able to
get any details. Anyone know if SyGate on Windows will support multiple
webservers behind the firewall?
> >
> > I still would need to have IIS server external internet
> > requests. Can the redir facility be used to direct
> > specific incoming requests to my NT machine?
> >
> > Also, how secure would files be on the fire-wall linux machine?
>
> No more or less secure than they would be if it wasn't acting as a
> firewall. This depends on the "face" it is presenting to the outside
> world. For good security, set it up to block incoming connections on all
> ports except the ones you actually need (like 80 for the webserver)
>
Sounds reasonable. I would still want to be able to pass through connections
from known ip-addresses, so that I could telnet in if I had to? Is this
also possible? I realize it would be a bit less secure.
Jason
------------------------------
From: Wim Van Dijck <[EMAIL PROTECTED]>
Subject: Re: Restricting download traffic through router
Date: Sun, 12 Sep 1999 00:50:07 +0200
Yes, well, that's what I had in mind. My firewall is based on ipchains (I
followed the trinityOS from David Ranch), but I don't know how to set up this
specific cronjob.... :o(
I really need this, since I don't want to lose my cable account (for life...).
Rob wrote:
> Set up accounting with something like ipchains or ipfwadm and have a cronjob
> which watches the output of this and fires off a warning email when a certain
> level of traffic is exceeded
>
> Rob
>
> Wim Van Dijck <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Hi all,
> >
> > I was wondering how I could restrict the traffic coming through my Linux
> > router.
> > My ISP has this policy that when you have a download rate of more than
> > 500 Mb on one day, you get kicked. I don't have a problem with that, but
> > we have 6 computers here, connected to the net through my Linux box, and
> > sometimes, 500 is easily superseded.
> > I have had three warnings up to now, and the next one means permanent
> > banning.
> >
> > I was thinking now either to set up the Linux box to stop all
> > troughcoming traffic once it reached 450 Mb a day, or either slowing it
> > down. However, I have no idea how to do this.
> > It would also be nice, to have restrictions per user, i.e. that if
> > someone here at home, reached 300Mb, that only his connection would slow
> > down, and that a message would be send to his pager (icq).
> >
> > Is all this possible? If there are better alternatives, please let me
> > know. I don't want to risk losing my cable connection (not to mention my
> > good name... :o) )
> >
> > Thanks a lot for any help... (I already searched through howtos and
> > dejanews, but alas...)
> > Wim Van Dijck
> >
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
