Linux-Networking Digest #571, Volume #12 Mon, 13 Sep 99 08:13:30 EDT
Contents:
basic network setup ("noIDea")
NFS starting ("F.Besserve")
redirecting packets w/ IP Masq (Roger)
ipchains / ICQ question (Dirk Fahrensohn)
Re: ipchains / ICQ question (Dirk Fahrensohn)
Re: Linux Security (Erik de Castro Lopo)
Re: basic network setup ("Kelvin Tsang")
Re: pppd remote ip address resolution problems ("Geoff Thornton")
Re: PPP connections and DNS servers (Clifford Kite)
Re: Redhat 6.0 & PPP Question ("Amir J. Katz")
compile tulip.c ("Josef MEYER GmbH")
linux 2.0 modem setup. RedHat 6.0 (Lyn Battle)
Re: can you telnet to a cable modem? (tofu)
Re: Netscape 4.6 + JAVA -> freezes (Wolfgang Feierabend)
Providing video services (Tuomo Pyhala)
Re: HELP FTP won't UnShut! (M. Buchenrieder)
Re: can you telnet to a cable modem? ("Donald Gordon")
new network interface (tofu)
----------------------------------------------------------------------------
From: "noIDea" <[EMAIL PROTECTED]>
Subject: basic network setup
Date: Sun, 12 Sep 1999 21:44:03 +1000
could anyone point me to a good site with information on basic networking,
between caldera linux and win98?
thanks
------------------------------
From: "F.Besserve" <[EMAIL PROTECTED]>
Subject: NFS starting
Date: Mon, 13 Sep 1999 11:39:40 +0200
I installed RedHat 6.0 on a files server and NFS dont'start automatically
rebooting the system ; Before with RedHat 5.2 all
was right. Is there a bug in 6.0 concerning NFS starting ?
------------------------------
From: Roger <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.questions
Subject: redirecting packets w/ IP Masq
Date: Mon, 13 Sep 1999 04:50:31 -0500
I have a question about redirecting packets w/ IP masquerade.
I'd like to be able to have tcp packets going to a certain port on my
linux machine to be redirected to a port on another computer in my small
home lan..
lich - linux machine 192.168.0.1
pete - win98 machine 192.168.0.4
I'd like to have the ability to ftp to a port, say 10240, on my linux
machine and have those packets redirected to a machine on my interal
lan.
I've read up on ipchains and have tried to get this to work but have
been unsucessful. I tried using this rule but it didn't work. For the
life of me I can't figure out whats wrong with this..
ipchains -A input -s 0/0 --sport 10240 -p tcp -j REDIRECT -d 192.168.0.4
--dport 21 -b
>From my understanding, this rule will take any incoming tcp packets
going to port 10240 and redirect them to 192.168.0.4 port 21 and the -b
will employ this rule to work in both directions
It appears to have worked when I list the ipchains status rules
[root@lich smbtest]# /etc/rc.d/init.d/filter status
Chain input (policy ACCEPT):
target prot opt source destination
ports
REDIRECT tcp ------ anywhere 192.168.0.4 10240
-> ftp => any
REDIRECT tcp ------ 192.168.0.4 anywhere ftp
-> 10240 => any
Chain forward (policy DENY):
target prot opt source destination
ports
MASQ all ------ 192.168.0.0/24 anywhere n/a
Chain output (policy ACCEPT):
But when I ftp to my linux machine at port 10240 things just die....
[root@lich smbtest]# ftp localhost 10240
ftp: connect: Connection refused
ftp>
Any help on how I could accomplish this would be helpful..
Thanks..
------------------------------
From: Dirk Fahrensohn <[EMAIL PROTECTED]>
Subject: ipchains / ICQ question
Date: Mon, 13 Sep 1999 11:38:18 +0200
Hello,
I am trying to setup something like this:
ICQ server LinuxFW
LinuxFW ICQClient
IP int ext ext
int IP
192.168.0.2 192.168.0.1 212.79.x.x 195.222.x.x
192.168.0.1 192.168.0.2
_______ Intranet_________ ________Internet__________
_______Intranet_______
I want to connect from a private network with a windows icq-client
through a linux-firewall (Kernel 2.2.10) through the internet through a
second linux-firewall to an icq-server in another private network.
How do i have to configure ipchains, masquerading or portforwarding to
make this work? icq uses port 4000.
Thanks for your help. Any suggestions are welcome.
Dirk Fahrensohn
------------------------------
From: Dirk Fahrensohn <[EMAIL PROTECTED]>
Subject: Re: ipchains / ICQ question
Date: Mon, 13 Sep 1999 11:50:23 +0200
Sorry,
the image should have been sonmething better.
I try to describe the setup:
1. PC (Windows) with ICQ - client LAN IP: 192.168.0.2
2. Linux PC with firewall (LAN IP: 192.168.0.1, WAN IP: 195.222.x.x)
3. Linux PC with firewall (LAN IP: 192.168.0.1, WAN IP: 212.79.x.x)
4. PC (Windows) with ICQ server LAN IP: 192.168.0.2
> ICQ server LinuxFW
> LinuxFW ICQClient
> IP int ext ext
> int IP
> 192.168.0.2 192.168.0.1 212.79.x.x 195.222.x.x
> 192.168.0.1 192.168.0.2
> _______ Intranet_________ ________Internet__________
> _______Intranet_______
>
> I want to connect from a private network with a windows icq-client
> through a linux-firewall (Kernel 2.2.10) through the internet through a
> second linux-firewall to an icq-server in another private network.
> How do i have to configure ipchains, masquerading or portforwarding to
> make this work? icq uses port 4000.
> Thanks for your help. Any suggestions are welcome.
>
> Dirk Fahrensohn
Thanks for all suggestions.
Dirk
------------------------------
From: Erik de Castro Lopo <[EMAIL PROTECTED]>
Crossposted-To:
alt.os.linux.caldera,alt.linux,alt.linux.sux,alt.os.linux,comp.os.linux.hardware
Subject: Re: Linux Security
Date: Mon, 13 Sep 1999 19:37:52 +1000
TURBO1010 wrote:
>
> After having my system compromised, and someone being able to create another
> account on my system equivalent to root, I managed to nuke my system, and
> now am ready to start all over. I want suggestions as to how to secure the
> system, so that it's not compromised anymore. I have to have ftp since I
> transfer files from remote locations to home. Telnet, I can do without if
> there is an alternative, and I want to run apache. Don't care about mail,
> finger, talk or anything like that. Suggestion are welcome, so that this
> mishap doesn't happen again. Thanks in advance
Check out this paper on armouring Linux:
http://www.enteract.com/~lspitz/linux.html
Erik
--
+-------------------------------------------------+
Erik de Castro Lopo [EMAIL PROTECTED]
+-------------------------------------------------+
"Fifty years of programming language research, and we
end up with C++ ???" --Richard A. O'Keefe
------------------------------
From: "Kelvin Tsang" <[EMAIL PROTECTED]>
Subject: Re: basic network setup
Date: Mon, 13 Sep 1999 18:04:16 +0800
Try this link : http://www.samba.org
Kelvin
--
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#
Hong Kong OS/2 User Group
http://www.os2.org.hk
news://www.freeforum.org/comp.os.os2
Psion Fan Club - Hong Kong
http://
news://www.freeforum.org/comp.pda.psion
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#
noIDea ���g��峹 <[EMAIL PROTECTED]>...
>could anyone point me to a good site with information on basic networking,
>between caldera linux and win98?
>
>thanks
------------------------------
From: "Geoff Thornton" <[EMAIL PROTECTED]>
Subject: Re: pppd remote ip address resolution problems
Date: Mon, 13 Sep 1999 19:51:32 +1000
I Solved the bit about cant find module char-major-108, but I still cant
resolve the remote ip address, my log now reads:
>
> Sep 13 16:27:03 fruitbat kernel: CSLIP: code copyright 1989 Regents of the
> University of California
> Sep 13 16:27:03 fruitbat kernel: PPP: version 2.3.7 (demand dialling)
> Sep 13 16:27:03 fruitbat kernel: PPP line discipline registered.
> Sep 13 16:27:03 fruitbat kernel: Serial driver version 4.27 with no serial
> options enabled
> Sep 13 16:27:03 fruitbat kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A
> Sep 13 16:27:03 fruitbat kernel: ttyS01 at 0x02f8 (irq = 3) is a 16550A
> Sep 13 16:27:03 fruitbat kernel: registered device ppp0
> Sep 13 16:27:38 fruitbat pppd[326]: pppd 2.3.7 started by root, uid 0
> Sep 13 16:27:38 fruitbat pppd[326]: Using interface ppp0
> Sep 13 16:27:38 fruitbat pppd[326]: Connect: ppp0 <--> /dev/ttyS0
> Sep 13 16:27:47 fruitbat kernel: PPP BSD Compression module registered
> Sep 13 16:27:47 fruitbat kernel: PPP Deflate Compression module registered
> Sep 13 16:27:47 fruitbat pppd[326]: Could not determine remote IP address
> Sep 13 16:27:47 fruitbat pppd[326]: Connection terminated.
> Sep 13 16:27:47 fruitbat pppd[326]: Connect time 0.2 minutes.
> Sep 13 16:27:47 fruitbat pppd[326]: Sent 361 bytes, received 503 bytes.
> Sep 13 16:27:47 fruitbat pppd[326]: Exit.
>
> --
>
> Regards Geoff :)
> ==================
> [EMAIL PROTECTED]
>
>
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: PPP connections and DNS servers
Date: 12 Sep 1999 11:43:56 -0500
Tom ([EMAIL PROTECTED]) wrote:
> Heres a copy of some of my files:
> /etc/resolv.conf
> nameserver 203.63.15.2
> nameserver 203.63.15.6
See if 203.63.15.1 and 192.189.54.17 work any better as nameservers.
The hosts for the IP address currently in your resolv.conf file seem to
believe that these two are nameservers for them. Using nslookup and
specifying each of those hosts as the server.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* 97.3% of all statistics are made up. */
------------------------------
From: "Amir J. Katz" <[EMAIL PROTECTED]>
Subject: Re: Redhat 6.0 & PPP Question
Date: Mon, 13 Sep 1999 11:20:11 +0200
Reply-To: [EMAIL PROTECTED]
Can some guru shed some light (or direct to an RTFM :-) regarding this
whole compression and VJ issue?
Personally, I could not connect to my ISP until I added "novj" to my
/etc/ppp/options file.
Thanks.
Ross Crawford wrote:
>
> Rob Martin <[EMAIL PROTECTED]> wrote in message
> news:7BOB3.9930$[EMAIL PROTECTED]...
> > Hello all, especially those with answers!
> >
> >
> > modprobe: can't locate module ppp-compress-21
> > modprobe: can't locate module ppp-compress-26
> > modprobe: can't locate module ppp-compress-24
> >
> > On some occasions they repeat three or four times in the same sequence.
> >
> > Anyone familiar with this problem? Any ideas?
> >
> Rob,
>
> Add the following lines to /etc/conf.modules:
>
> alias ppp-compress-21 bsd_comp
> alias ppp-compress-24 ppp_deflate
> alias ppp-compress-26 ppp_deflate
>
> Regards,
>
> ROSCO
--
---
/* Amir J. Katz mailto:[EMAIL PROTECTED] */
/* [remove '_fubar' for real addr] */
/* BMC Software, IT Process Automation Business Unit */
/* http://www.bmc.com */
/* Is "Tired Old Cliche" one ? (Steven Wright) */
------------------------------
From: "Josef MEYER GmbH" <[EMAIL PROTECTED]>
Subject: compile tulip.c
Date: Mon, 13 Sep 1999 12:26:08 +0200
i have a problem with compiling the file tulip.c. in order to do this i
would need the file driver_ops.h but i cannot find this file anywhere. i
have installed the kernel-sources of the 2.0 and 2.2 kernel but i cannot
find this file! i'm using suse 6.2.
thanx,
Gerald
------------------------------
From: Lyn Battle <[EMAIL PROTECTED]>
Subject: linux 2.0 modem setup. RedHat 6.0
Date: Mon, 13 Sep 1999 10:31:16 GMT
I have a Pc 300mhz, 128mg RAM, 6 gig Hd, CDRom.Dvd.
I have a multitech modem 56k, internal, and I cannot setup my modem so I
can connect via ppp to the 'net. I have tried ppp,and Kppp in RedHat 6.0,
when I have followed the setup process and try to test my modem, it says,
modem either busy, or I get nothing after modem ready, I have tried all the
How to pages and I cannot set this up, I feel it might be simple but I
cannot do it! I have installed and configured the application itself , set
up sound etc, can only print in B&W, and am learning the difference from
DOS windows to linux. I do not seem to have any irq conflicts, my mouse
works, I have checked out my device managers etc in Win 95. What should I
try next?? many thanks,
Lyn Battle
================== Posted via CNET Linux Help ==================
http://www.searchlinux.com
------------------------------
From: tofu <[EMAIL PROTECTED]>
Subject: Re: can you telnet to a cable modem?
Date: Mon, 13 Sep 1999 07:01:16 -0400
Probably, your ISP is blocking port 23 for security reasons (ie. they are
paranoid)
Try running your telnet server on a different port.
tofu
[EMAIL PROTECTED] wrote:
> I just installed Red Hat linux 6.0 on my system. I can telnet into my
> system through my local network, but not through the internet. I don't
> get ANY response if I do it through the net (say, from work). Not even
> a login prompt. And I know telnet is working because I can do it
> locally.
>
> Interestingly, my FTP server is responding to requests on the net. Do
> cable modems somehow prevent telnet access or something? I checked my
> hosts.deny file too.
>
> Any suggestions?
>
> Sent via Deja.com http://www.deja.com/
> Share what you know. Learn what you don't.
------------------------------
From: Wolfgang Feierabend <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,netscape.public.mozilla.java
Subject: Re: Netscape 4.6 + JAVA -> freezes
Date: Mon, 13 Sep 1999 10:38:32 GMT
In article <[EMAIL PROTECTED]>,
Eitzenberger Thomas <[EMAIL PROTECTED]> wrote:
> Nils Bluethgen wrote:
>
> > Hello out there,
> >
> > I have a question about NETSCAPE 4.6 / 4.61 and JAVA. On some (not
on
> > all!) of our computers (we run linux-RH6.0) Netscape freezes when I
open
> > the URL
> >
> > http://www.stadtplandienst.de/query;ORT=b;LL=13.420389x52.54105
> >
> > with JAVA enabled. Without JAVA there's no problem,
> >
> > I read about the wrong fontpath-settings, but this does
> > not seem to be the problem, since chkfontpath --list prints:
> >
> > Current directories in font path:
> > 1: /usr/X11R6/lib/X11/fonts/misc
> > 2: /usr/X11R6/lib/X11/fonts/75dpi/:unscaled
> > 3: /usr/X11R6/lib/X11/fonts/100dpi/:unscaled
> > 4: /usr/X11R6/lib/X11/fonts/Type1
> > 5: /usr/X11R6/lib/X11/fonts/Speedo
> > 6: /usr/X11R6/lib/X11/fonts/75dpi
> > 7: /usr/X11R6/lib/X11/fonts/100dpi
> > 8: /usr/X11R6/lib/X11/fonts/cyrillic
> > 9: /usr/X11R6/lib/X11/fonts/mytype1
> > 10: /usr/X11R6/lib/X11/fonts/ttfonts
> > 11: /usr/share/fonts/default/Type1
> >
> > I also upgraded to Netscape 4.61, which gave the same result. Has
someone
> > an idea?
> >
> > Nils
>
> Hi !
>
> It might have something to do with a bug in 4.61 concerning JavaScript
Java
> LiveConnect.
> Check out if it works with NS 4.5
>
> mfg ET
>
>
I had the same problem with NS 4.5! It was the main reason to update to
4.6. Neither 4.5 nor 4.6 is running perfectly with Java enabled. Some
Java applets will do and others will not. Try http://sydsvenskan.se with
Java enabled. This swedish newspaper has a Java programmed selection box
at the left side of their home page. Use it two to four times and the
communicator will hang. Switch off Java and try again. This "none-Java"
version works fine. This is only an example. I had the same problem with
other sites too. Using the communicator without Java since then.
BTW: I use NS 4.6, KDE 1.1 and SuSE Linux 6.1 (Kernel 2.2.5).
Has anybody already asked Netscape about the problem?
Regards to everyone
Wolfgang
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (Tuomo Pyhala)
Subject: Providing video services
Date: Mon, 13 Sep 1999 11:03:51 GMT
I was wondering if there are any open source or even linux based tools to
provide video-services over tcp/ip based network. Services that we would
provide are real time and previously stored streams. Definitely it would
be nice to have also Windows-clients. It would be also nice to have
somehow encrypted streams (limited viewability).
What kind of resources (bandwidth,CPU,etc.) per stream i need to get
quality comparable to normal TV broadcasts and how about simultaneous
streams? In technical view solution should probably use multicasting.
Is there anything even subset of this functionality available?
TIA.
------------------------------
Crossposted-To: comp.os.linux.misc
From: [EMAIL PROTECTED] (M. Buchenrieder)
Subject: Re: HELP FTP won't UnShut!
Date: Mon, 13 Sep 1999 06:27:52 GMT
[Non-existant newsgroups col.questions and col.help deleted. If your
server still carries these bogus groups, please contact your local
newsadmin and ask him to install PGP-verify for control messages]
[FollowUp-To: set]
"Christopher R. Thompson" <[EMAIL PROTECTED]> writes:
>>
>> >Help! I ftpshut my sever and now I can't get it started again. What do I
>> >do?
>>
>> [...]
>>
>> RTFM. "man ftpshut" will tell you.
>>
[...]
>YRTFM. FYI rm /etc/shutmsg seemed to work. No thanks to you.
Well, it's certainly not my fault if your manpage is incomplete.
[...]
>ftpshut(8) ftpshut(8)
[...]
> The [ warning-message . . .] will be formatted to be 75
> characters wide. knows about the actual string length of
> the magic cookies.
[...]
There's a paragraph missing. My version reads :
"Running this command will create a file that the server will use
to determine when to shutdown. Once the shutdown has occured, the
server will continue to refuse connections until this file is re-
moved. The location of this file is specified by the "shutdown"
stanza in the "ftpaccess" file."
Michael
--
Michael Buchenrieder * [EMAIL PROTECTED] * http://www.muc.de/~mibu
Lumber Cartel Unit #456 (TINLC) & Official Netscum
Note: If you want me to send you email, don't munge your address.
------------------------------
From: "Donald Gordon" <[EMAIL PROTECTED]>
Subject: Re: can you telnet to a cable modem?
Date: Mon, 13 Sep 1999 23:05:08 +1200
Can you ping youself from the internet?
What is the IP your cable modem gives your PC (is it 192.168.x / 172.x.x.x /
10.x.x.x) or something else?
Don
[EMAIL PROTECTED] wrote in message <7ri0m1$vbb$[EMAIL PROTECTED]>...
>I just installed Red Hat linux 6.0 on my system. I can telnet into my
>system through my local network, but not through the internet. I don't
>get ANY response if I do it through the net (say, from work). Not even
>a login prompt. And I know telnet is working because I can do it
>locally.
>
>Interestingly, my FTP server is responding to requests on the net. Do
>cable modems somehow prevent telnet access or something? I checked my
>hosts.deny file too.
>
>Any suggestions?
>
>
>Sent via Deja.com http://www.deja.com/
>Share what you know. Learn what you don't.
------------------------------
From: tofu <[EMAIL PROTECTED]>
Subject: new network interface
Date: Mon, 13 Sep 1999 07:06:59 -0400
This topic isn't covered by the networking How-To.
How does one add a new network interface? I've installed a second
ethernet card identical to the first (3com Etherlink III), set up the
IRQ and IO so there are no conflicts, and linux recognises them both at
boot time.
but... I still only have the eth0 interface. I've also added an alias
and the correct options for eth1 to conf.modules. I still only have
eth0 when I run ifconfig.
Anyway, assuming I get this to work, what will I use to configure the
second interface (IP address and such)
I'm useing SuSE 6.1 BTW
tofu
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
