Linux-Networking Digest #611, Volume #12 Thu, 16 Sep 99 17:13:44 EDT
Contents:
Re: No "socket" command (but the man page exists). (Raymond Hendrey)
Squid acl definition (Thomas Strauss)
Re: Dial-in server blues.... (Raymonds Doetjes)
Samba Install? (Whitt)
Re: Problem with log-in on NT RAS (Clifford Kite)
Re: pppd says "Unsupported protocol (0xc029) received" (Clifford Kite)
Re: Attacks bringing my system down! ("YouDontKnowWho")
mgetty, callback application (Leonard Hardy)
Driver for D-Link DFE 650TX PCMCIA NIC (Tung-Sheng Lin)
Re: Connect two computers directly via ethernet card (Steve)
Re: Recommendation for 100Mbps Switched Ethernet hardware (David C.)
Re: AutoPPP and assigning ip numbers based on port! (Dustin Puryear)
Re: Netscape 4.6 + JAVA + *xdm* -> freezes (btoc)
Re: Rename the server ("Pat Crean")
----------------------------------------------------------------------------
From: Raymond Hendrey <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: No "socket" command (but the man page exists).
Date: Thu, 16 Sep 1999 09:34:35 -0500
Maxwell MacLeod wrote:
>
> Hi Folks,
> I've found a man page on my system for this command, but the command
> itself can't be found. If anyone has any ideas how I can install this,
> I'd much appreciate it!
>
> Thanks,
> Max.
Hi,
I believe that the man page you are referring to describe the socket()
function. This function is part of the C programming language, not part
of the shell command set. The parenthesis "()" following the command
indicate that it is a function within a programming language.
Hoping that this helps,
RayH :-)
--
+---------------------------------------------------------------------+
| Raymond C. Hendrey (Consultant) Phone: (847) 538-4218 |
| Motorola, Inc. Fax: (847) 538-4315 |
| Private Network Management Internet: [EMAIL PROTECTED] |
| Mailstop: IL02/RM1055C X400: [EMAIL PROTECTED] |
+---------------------------------------------------------------------+
------------------------------
From: Thomas Strauss <[EMAIL PROTECTED]>
Subject: Squid acl definition
Date: Thu, 16 Sep 1999 13:20:37 +0200
Hi,
I have a little question on squid. I try to setup an acl for src with a
filename.
In that file i want to hold all the ipaddresses which are allowed to
access my proxy.
In the squid.conf file I entered:
acl allowed_hosts src "/etc/good_hosts"
In the /etc/good_hosts I entered:
10.0.0.100/255.255.255.0
When I reconfigure squid (squid -k reconfigure) I get the error:
aclParseIpData: Bad host/IP: ''
Can anybody tell me what's wrong?
Any hint is highly appreciated
thomas
------------------------------
From: Raymonds Doetjes <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: Dial-in server blues....
Date: Thu, 16 Sep 1999 19:49:07 +0200
Hoi kees, met welke andere systemen probeer jij het dan?!
Want je moet wel duidelijk opletten dat deze systemen LCP en PAP aware
zijn. (Chap is nog steeds behoorlijk schaars in de wereld van PPP).
Bovendien is HDLC alleen vaak tricky, want sommige ISDN ta's proberen
alleen X.75, V120 of V110, maar goed dat is een kleinigheidje de meeste
nieuwe adapters doen ook frame-relay (HDLC).
Waarom er eigenlijk in gods naam nog een protocol over het ISDN protocol is
getrokken is mij nog steeds een raadsel. Met name is het belangrijk dat de
DUN clients van de andere systemen LCP en PAP ondersteuning moeten kennen
in jou geval zelfs chap. Anders ontkom je er niet aan om een inlog script
te moeten maken dat de gebruiker inlogged en vervolens de pppd op start met
server:lokaal adres.
Raymond
Kees Sprangers wrote:
> Hi all,
>
> I'm trying to set up a dialin server for ISDN, but I only get it working
> for WIN95 clients.
> With a analog modem things are working allright for every client.....
>
> When a WIN95 client logs in I can see the login name and password coming
> in in the metty.ttyI0 log file, but with other clients username and
> password doesn't seem to be transmitted, and the server tries to startup
> /bin/login @.
> With the same dialer (client) I can dial to other ISP's succesfull
> though...
>
> nb. I use CHAP as authentication protocol, and HDLC for ISDN.
> Anybody any idea what I'm doing wrong here? Are there some good howto's
> or FAQ's? I can only find info about ISP hookup's through ISDN.
> Please let me know if you need more information...
>
> Kees
> --
>
> Reply to: [EMAIL PROTECTED] (Kees Sprangers FXS'81)
>
> OMEGAM Environmental Research
> PO box 94685
> 1096 AR Amsterdam
> The Netherlands
> Tel: ++31 20 5976666
> Fax: ++31 20 5976777
> http://www.omegam.nl
------------------------------
From: Whitt <[EMAIL PROTECTED]>
Subject: Samba Install?
Date: Thu, 16 Sep 1999 15:27:23 GMT
(RH 6.0)
When I try to install a printer (via printtools)...networked to an NT 4
box (can ping the
NT 4 box, btw) I get an error stating that I need to install SAMBA.
Ok...I've searched the HOWTOS etc, but alas, could not find the
info...nothing in my /usr/docs dir either...
help or a good pointer to a howto would be great....plenty of printer
howtos, but all seem to assume samba is happening....
thanks!
..wf
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: Problem with log-in on NT RAS
Date: 16 Sep 1999 13:01:58 -0500
Michael Saunders ([EMAIL PROTECTED]) wrote:
> I occasionally have to dial into my office (which uses an NT network
> for the remote access) using the NT RAS services from my RH5.2 box.
> Anyway, until a couple of weeks ago, the CHAP/PAP setup I had on my
> Linux box worked just fine. Then, they changed some NT "domain" stuff
> around at work, and now, I can't connect to the network (it just hangs
> up on me).
> I haven't found any errors in any of the log files to tell me what is
> happening (dmesg says that ppp0 has been registered, and so on). I'm
> suspecting that the "new and improved" NT setup at work is requiring
> some kind of "domain" login, which I don't *think* Linux can do...
The server may not be a domain controller, in which case from the pppd
source packages README.MSCHAP80:
If your RAS server is not the domain controller and is not a
'stand-alone' server then it must make a query to the domain controller
for your domain.
You need to specify the domain name with the user name when you attempt
to use this type of a configuration. The domain name is specified with
the local name in the chap-secrets file and with the option for the
'name' parameter.
For example, the previous example would become:
DialupNT domain\\customer47 foobar
domain\\customer47 DialupNT foobar
and
pppd name 'domain\\customer47' remotename DialupNT <other options>
or add:
name domain\\customer47
remotename DialupNT
when the Windows NT domain name is simply called 'domain'.
> Of course, maybe they switched to MSCHAP2 (I heard that Linux can't
> handle that yet, either).
There's a MSCHAP v2 patch for ppp-2.3.8 package at
"http://www.moretonbay.com/vpn/releases/
ppp-2.3.8-mppe-others-norc4_TH7.diff.gz
> Does anyone have any ideas? Can I turn-up the debugging info level
> to see what's happening?
You can add the pppd debug option, which provides detailed PPP link
negotiation messages.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* I gave up on politics when no matter who I voted for, I regretted it.
* -- Pepper...and Salt, WSJ */
------------------------------
From: kite@NoSpam.%�inetport.com (Clifford Kite)
Subject: Re: pppd says "Unsupported protocol (0xc029) received"
Date: 16 Sep 1999 13:16:32 -0500
Paul Cooper ([EMAIL PROTECTED]) wrote:
> My ISP recently changed to PAP and as soon as they did that, my connection
> script bit the dust.... pppd writes "Unsupported protocol (0xc029)
> received" to my system log and then it hangs up!
> So, I went in and changed all the stuff in linuxconf for PAP
> authentication, and changed my login script to meet my ISP's needs but I
> get the following log errors...(the xs contain the correct ip addresses)
> Sep 16 05:25:02 bunny pppd[1014]: Connect: ppp0 <--> /dev/cua1
> Sep 16 05:25:05 bunny pppd[1014]: Remote message:
> Sep 16 05:25:06 bunny pppd[1014]: local IP address xxx.xxx.xxx.xxx
> Sep 16 05:25:06 bunny pppd[1014]: remote IP address xxx.xxx.xxx.xxx
> Sep 16 05:25:06 bunny pppd[1014]: IPCP terminated by peer
This is the problem, IPCP terminated. You can find out more by adding
the pppd debug option and looking at the PPP link negotiation messages
in the appropriate log file in /var/log .
> Sep 16 05:25:06 bunny pppd[1014]: Unsupported protocol (0xc029) received
This is MS's callback protocol, if you don't expect callback then it's
not the problem. Pppd can support it to a limited extent but you have
to apply the patch in README.cbcp in the pppd source tree.
--
Clifford Kite <kite@inet%�port.com> Not a guru. (tm)
/* 97.3% of all statistics are made up. */
------------------------------
From: "YouDontKnowWho" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: Attacks bringing my system down!
Date: Thu, 16 Sep 1999 16:36:32 GMT
Sounds like you need a firewall REAL BAD. Also, have you looked into
/etc/hosts.allow and /etc/hosts.deny? You can stop many of these
attacks at their very beginning by refusing connects from certain
hosts or domains. The traffic will remain, but you could minimize the
effect of the Telnet and FTP attempts.
You might want to start by completely closing up your Linux server(s)
and then start opening them up a little bit at a time (see the
"Principle of Minimum Access" below). Also, check out the following
two URLs:
1. Setting up a firewall: http://rlz.ne.mediaone.net/linux/ . This
is a really good site. If you need help customizing the firewall
script, post a message here (under the same thread, please!) and I'll
try to help you out.
2. Securing Linux: http://www.securityportal.com/lasg/ . This is
pretty good guide on security for Linux systems. The author used to
have a PDF (Acrobat) version of the guide that you could download from
this site, but he appears to have given up on that (too much of a
hassle). I have a fairly recent copy, which should help you get
going.
Good luck!
--
Principle of Minimum Access: "That which is not explicitly permitted
is denied."
ANNOUNCER: And now we return to our regularly scheduled, uncommonly
entertaining thread...
Justin Smith wrote in message
<[EMAIL PROTECTED]>...
I've posted to this group before about how my Redhat 6.0 system
goes down every few days with dire error messages (like "Aiee !
system panic...).
I ran diagnostics on my machine and it passed all tests. At the same
time,
our departmental Sun systems (Ultrasparc servers) slow down to a
crawl --- and it
turned out that some hackers are attacking our systems with pings and
telnets (a packet sniffer disclosed that our high-speed network is
completely saturated by pings, ftp's and telnets from a few sources.
The question is: how do I prevent these attacks from crashing my Linux
system?
(Disconnecting from the network is not an option...). They slow down
Solaris
systems (during the attack itself) but don't kill them off. Our system
adminstrator
said that the Linux kernel is full of race conditions that cause it to
crash under these circumstances...
Is there some way to reconfigure my system to make it less vulnerable?
--
______________________________________________________________________
|
Time blows wildly against my door | Justin R. Smith
Stirring discarded sorrows | Department of Mathematics
and
Like dead leaves of summers past | Computer Science
Memories of forgotten lore | Drexel University
Making way for new tomorrows | Philadelphia, PA 19104
New hopes, new fears, |
and new ways that last | Office: (215) 895-1847
|
c Justin R. Smith, March 14, 1994 | Fax: (215) 895-1582
My home page: http://www.mcs.drexel.edu/~jsmith
------------------------------
From: Leonard Hardy <[EMAIL PROTECTED]>
Subject: mgetty, callback application
Date: 16 Sep 1999 17:27:49 GMT
This is what I want to do:
Use mgetty on my home Linux box to accept a call from my PC at work. When
a specific ID is entered, I want the Linux box to disconnect the current
call, and then place a call to my personal ISP, starting PPP etc., thus
making my Linux box available via the Intranet. I have seen examples of
callback where the callback occurs to a specific number and then a login
prompt is issued. This is not what I need. Can mgetty do what I need it
to do? I have tried XRINGD to do this, but it is not very reliable.
If anyone has mgetty config files that will help me, that would be
appreciated.
==============================================================================
Len Hardy Bartlett, IL USA
[EMAIL PROTECTED] --Work :-(
[EMAIL PROTECTED] --Play ;-)
http://www.xnet.com/~ljhardy/bartll.shtml Bartlett Little League
on the web...
------------------------------
From: Tung-Sheng Lin <[EMAIL PROTECTED]>
Subject: Driver for D-Link DFE 650TX PCMCIA NIC
Date: Thu, 16 Sep 1999 12:09:59 -0700
Hi,
Does anyone know how to make this card work in Linux? What kind of
driver should I use for this card? Thanks!
--
Tung-Sheng Lin
===============================================
The Communication Sciences Institute
Department of Electrical Engineering - Systems
University of Southern California
Los Angeles, California USA
===============================================
------------------------------
From: Steve <[EMAIL PROTECTED]>
Subject: Re: Connect two computers directly via ethernet card
Date: Thu, 16 Sep 1999 18:40:16 GMT
You've got a way to go. You also either need a crossed twisted pair wire
to connect the ethernet cars together or a mini-hub to connect them and
have posibility of other PC's being added via the remaing ports. Look at
any mailorder catalog or PC store, hubs can cost less then $30.
Assign IP addresses and netmasks to the 2 PC's, if you are NOT connected
to the Internet by anything other than a modem - and your question seems
to indicate you aren't - you can use any range of numbers that are
especially for internal networks.
Choose one of the following ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
Assign your IP's in the same subnet, i.e. machine one 172.16.1.1 and
machine two 172.16.1.2 . If using these numbers set the netmask to
255.255.255.0. Set this using either linuxconf (RH and varients) or
netcfg or whatever tool you distro provides to do this.
Choose which method you want to use to connect and make sure it's
activated. NFS is native to Linux and can be used to share files, you
have to set up a directory to export and then import it on the other
machine. FTP can be used to transfer files back and forth but requires
you to use an FTP program like GFTP or the command line version ftp.
SAMBA usees a protocl and structure compatable with Windows networking,
it can be a challenge to set up.
Best bet, get a book on networking for Linux and sit down and study it.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Slava <[EMAIL PROTECTED]> wrote:
> Hi ! if some one can explain to how can i connect two computers
> under linux RH 6.0
> (Two computers are connected via ethernet interface, i mean that
network
> adaoters are installed on both computers ).
> My question is what should i do to continue ?
> Thank's
> Regard Slava.
>
Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
------------------------------
From: [EMAIL PROTECTED] (David C.)
Crossposted-To: comp.sys.ibm.pc.hardware.networking
Subject: Re: Recommendation for 100Mbps Switched Ethernet hardware
Date: 16 Sep 1999 15:11:38 -0400
Bryan <Bryan@[EMAIL PROTECTED]> writes:
>
> I'm an snmp nut <g>, so any pointers to some snmp-managable switches
> in the low-cost catagory?
I don't know of any, but that doesn't mean they don't exist.
I'd recommend going to some of the more popular on-line catalogs and run
some searches. You may be as surprised as I was when I found a 5 port
unmanaged switch for $100.
-- David
------------------------------
From: [EMAIL PROTECTED] (Dustin Puryear)
Crossposted-To: comp.os.linux.misc
Subject: Re: AutoPPP and assigning ip numbers based on port!
Date: Thu, 16 Sep 1999 19:49:43 GMT
On 15 Sep 1999 19:22:50 GMT, [EMAIL PROTECTED] (Bill Unruh) wrote:
>In <[EMAIL PROTECTED]> [EMAIL PROTECTED] (Dustin Puryear) writes:
>
>>where aa.bb.cc.dd is the server and ww.xx.yy.zz is the client. But how
>>does this work with AutoPPP? I can only specify one options file for
>>AutoPPP to call when bringing up pppd, so how can I assign an ip
>>address to each port?
>
>AutoPPP does not call options files, pppd does.
>man pppd
>Options Files section
>e, set up
>/etc/ppp/options.ttyS1
That was my mistake. I was using /usr/sbin/pppd file ../options for
the AutoPPP command line.
---
Dustin Puryear
[EMAIL PROTECTED]
------------------------------
From: btoc <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,netscape.public.mozilla.java
Subject: Re: Netscape 4.6 + JAVA + *xdm* -> freezes
Date: Thu, 16 Sep 1999 14:39:50 -0400
Nils Bluethgen wrote:
> Hello out there,
>
> I have a question about NETSCAPE 4.6 / 4.61 and JAVA. On some (not on
> all!) of our computers (we run linux-RH6.0) Netscape freezes when I open
> the URL
>
> I also upgraded to Netscape 4.61, which gave the same result. Has someone
> an idea?
>
> Nils
hi,
i have added the fonts as suggested, but my prob is on my xterminal with
xdm. java runs on the console just
fine, but as soon as java starts on my xterminal the window disappears! any
ideas?
--
bye, leon
Leon Haverly Compuwork 770/426-5509 fax 916/314-5919 [EMAIL PROTECTED]
Marietta, GA 30064 home 770/422-9355 www.compuwork.com
------------------------------
From: "Pat Crean" <[EMAIL PROTECTED]>
Subject: Re: Rename the server
Date: Thu, 16 Sep 1999 15:43:08 -0400
hostname --help
Michael Lundberg <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> How do you rename an existing Linux server? I have been searching for
> information on this, but cannot seem to find any. I would like to rename
> the server (hostname and domain name) on an existing server. Is there an
> easy way to do this without rebooting?
>
> Thanks,
> Michael Lundberg
> [EMAIL PROTECTED]
>
> ------------------ Posted via CNET Linux Help ------------------
> http://www.searchlinux.com
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
