Linux-Setup Digest #758, Volume #19 Wed, 4 Oct 00 00:13:12 EDT
Contents:
Re: NIC recommendation (Mike)
Re: install linux Redhat 6.2 on windows 98 (basavaraju)
Re: Confused (David Efflandt)
Re: slow? ([EMAIL PROTECTED])
Re: disable blanking screen (David Efflandt)
Syslinux (Andrew Overholt)
Re: FTP Installation ? (David Efflandt)
Re: Best dist for 486/33? ([EMAIL PROTECTED])
Re: Help! ISA Modem (David Efflandt)
Re: disable blanking screen (Art Wagner)
IDENT install ("D|Ck")
Re: Mandrake is a Piece Of Shit!! ("Pixelised")
Re: What is fat32x?? (David Efflandt)
Ipchain setup and logging. (Bill Pringlemeir)
Re: PPP and routing. (John Hasler)
Re: slow? (moonie;))
----------------------------------------------------------------------------
From: Mike <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,comp.os.linux.hardware
Subject: Re: NIC recommendation
Date: Tue, 03 Oct 2000 20:14:49 -0600
Listen bro, don't listen to what everyone else has said, some people
are on crack. Like one of the replies to the post recommends using
any DEC "tulip" based card. From everything I have found
(Hardware-HOWTO, searching the web) the Netgear, it is supported by
linux, versions without a "D1" printed on it use the DEC Tulip driver,
while others use a linux driver provided by Netgear.
Why is that card NOT the best choice for your system.
Tulip cards are good, the cheapest tulip cards I have found are from
LinkSys, and they are great on the linux support.
Peace
Mike
On Tue, 03 Oct 2000 21:41:37 GMT, "wm" <[EMAIL PROTECTED]> wrote:
#Hi all,
#
#I recently purchased a NetGear NIC model FX-310 that I discovering is NOT
#the best choice for my Cyrix P150 Linux (RH 5.2) box. Could anyone make a
#recommendation for a more appropriate card??
#
#Thanks,
#Walt
#
------------------------------
From: basavaraju <[EMAIL PROTECTED]>
Subject: Re: install linux Redhat 6.2 on windows 98
Date: Wed, 04 Oct 2000 02:30:03 -0000
Eric wrote:
>
> basavaraju wrote:
> >
> > sir/madam
> >
> > i have windows 98 os pII 350 mhz 17gb hdd 4mb svga display.
> > I want to try & install linux 6.2 redhat on existing win 98
> > I tried once my partitions torn with loss of data. I donot have any
> > friends to help me/ guide me to install. can you help me?
> >
> > basavaraju
> >
> > thanks you for reply. may i request you little elaborated version how
free up my hard disc
> > Posted via CNET Help.com
> > http://www.help.com/
>
> First of all, get parted, and use it to free up some space on your disc
> (approx 2 GB). Then put the RH disc in and install the linux OS (use
> fdisk to create the linux partitions, diskdruid will complain about the
> 1024 Cyl. problem. You can solve this afterwards, or free up some space
> below cyl 1024 too (~10 MB) where you can place /boot
>
> Eric
--
Posted via CNET Help.com
http://www.help.com/
------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Subject: Re: Confused
Date: Wed, 4 Oct 2000 02:36:31 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On Tue, 3 Oct 2000 11:55:21 -0400, D|Ck <[EMAIL PROTECTED]> wrote:
>Ok.. i set up KPPP .. everything seemed to be working GREAT.. i am crusing
>the web... Got BitchX running in my console.. so i start exploring my new
>installation of Mandrake 7.1. I open up some menus.. and click on programs..
>and nothing happens. They dont load.. No matter what i click on .. even the
>process list.. terminal.. Nothing will open. So i disconnect from the
>internet.. waited confused for about 30 seconds and Poof they all worked
>again.. click and there was the program.. reconnected to interenet.. nothing
>worked again. The only phrase that comes to mind is.. WTF? Anyone know whats
>wrong???
If you have not set a hostname, perhaps 'localhost' is being changed to
the DNS name of your ppp IP. Since KDE thinks it is running on
'localhost' it does not allow anything from your then current hostname to
connect to X. Once you disconnect, your hostname reverts back to
'localhost' and everything works again.
Somewhere I saw an option to NOT change your hostname when pppd connects,
but not sure where that was. Another solution is to set a hostname with
linuxconf or DrakConf and add that hostname to /etc/hosts (if you don't
have a network card you could use 127.0.0.2 for your hostname).
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://hammer.prohosting.com/~cgi-wiz/ http://cgi-help.virtualave.net/
------------------------------
From: [EMAIL PROTECTED]
Crossposted-To: comp.os.linux.misc
Subject: Re: slow?
Date: Wed, 04 Oct 2000 02:25:15 GMT
In article <[EMAIL PROTECTED]>,
Jeph Herrin <[EMAIL PROTECTED]> wrote:
> down while halting the machine). the video card has 1MB,
> not a lot, but it shouldn't make the machine crawl (should it?).
I have Mandrake 7.1 on three machines, a 450MHz K6-2 with a fairly new
(by my standards) video card (an ATI<I forget what>) with 16M of RAM, a
P166 with an on-board mach 64 based video systam, and a P166 with a
really old 1M Cirrus-Logic based video card.
The K6 is quite snappy running KDE, much nicer than my SPARC 20 at work.
This is my primary machine at home.
The P166 with the on-board card is noticably slower, but still good
enough. It's the desktop machine in my workshop at home.
The other P166 is my server (web, news, mail, samba, printer, dhcp for
when I bring my work laptop home), and while I do occasionally log in on
the console and run X based apps under KDE, it's a real dog for that
use. You can actually see the text repainting in xterms when you move
them, or when a program blinks the text as a "visual bell".
Both P166 machines have 64M of RAM, the K6 has 256M (good for vmware,
and when debugging a program witf "electric fence").
I blame the video card, as both P166 machine feel about the same when I
log in over the network and X back to the K6. For a server it does not
matter though, I doubt I ever upgrade.
I'd try a newer video card before giving up.
--
Jim Buchanan [EMAIL PROTECTED] [EMAIL PROTECTED]
=================== http://www.buchanan1.net/ ==========================
"I think one general rule of software design is that you should be
writing a program that you want to use." -Eric Allman
========================================================================
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Subject: Re: disable blanking screen
Date: Wed, 4 Oct 2000 02:41:24 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On Tue, 03 Oct 2000, Damien Mattei <[EMAIL PROTECTED]> wrote:
>i install linux for newbies in dual boot with windows , the machine is
>in a public organisation
>user comes see the blanked screen thinking that the machine is powered
>off
>and they press... the POWER button stopping the cpu and making linux os
>crash
>
>i want to know how to remove the screen saver (not to configure DPMS ,i
>know that) that blank the screen in text console and X windows.
The program that controls screen blank or power saving in the console is
'setterm'. You can add a statement for that in /etc/rc.d/rc.local.
For X you would need to configure a screensaver and disable any DPMS
and/or comment out any power_saver in XF86Config.
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://hammer.prohosting.com/~cgi-wiz/ http://cgi-help.virtualave.net/
------------------------------
From: Andrew Overholt <[EMAIL PROTECTED]>
Subject: Syslinux
Date: Wed, 04 Oct 2000 02:41:30 GMT
Hi,
I recently upgraded my kernel and made a boot disk (I can't boot off my
hard disk ... something to do with LBA or something?). I didn't use
syslinux, however, I just did a dd. I have another syslinux disk that
I've been trying to use as I need to pass arguments to the kernel.
I tried to copy the new kernel image to the syslinux disk and call it
`linux' but this doesn't seem to work as I keep getting "Boot
failed" errors. I have the same partition table as before so the root=
line is alright. All I want to do is make both my ethernet cards work
so I want to pass something like: ether=0,0x300,eth0 ether=0,0x310,eth1
... is this possible in any way? I'd appreciate any help.
Thanks,
Andrew
--
Andrew Overholt
University of Toronto
Engineering Society Webmaster 2000-2001
http://engsoc.skule.ca
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Subject: Re: FTP Installation ?
Date: Wed, 4 Oct 2000 02:57:14 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On Tue, 3 Oct 2000 20:51:11 +0100, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>I seem to recall hearing about people installing Linux via FTP. Can one
>wipe one's machine and use a boot disk and connect to the correct FTP etc?
I downloaded an entire Slackware set once which took something like 10 hrs
at 28.8K for 110 MB. I also installed FreeBSD 3.4 via ftp which took 11
hrs at V.90. On the other hand I once got a 7 CD set including RH,
Slackware, Debian and sunsite mirrors for $12 (I forget if that include $5
shipping) from www.cheapbytes.com. I guess which is more feasable depends
upon the speed and cost of your connection and what your time is worth.
Now that Mandrake loads over 1 GB of files on your drive, it makes me
wonder how long that would take, or what happens if you make a mistake
somewhere in the middle of it.
On the other hand if you have a fast cable or dsl connection, all you need
to start the ftp install is a couple of boot floppies.
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://hammer.prohosting.com/~cgi-wiz/ http://cgi-help.virtualave.net/
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Best dist for 486/33?
Date: Wed, 04 Oct 2000 03:00:33 GMT
This might be a little off topic, but this machine has a Novell card
without an RJ-45 connector. It has a thinnet connector and another
serial looking one which might be for a transciever or some other
cabling I'm not familiar with. Can I get an adapter so I can keep
using Rj-45, or do I need a new card?
Roper
--
Banner ad blocking with one file:
http://www.21stcentury.net/~flan/hosts.html
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Subject: Re: Help! ISA Modem
Date: Wed, 4 Oct 2000 03:11:12 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On Tue, 03 Oct 2000, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>I have an ISA USRobotics Sportster internal 56k
>
>i assume its not winmodem b/c it has jumpers and its ISA, plus its way
>bigger than my other winmodem.
>
>However, i dont know that.
>
>How can i tell?
>and if its hardware only, whats the next step in configuring it?
If it is hard jumpered and does not conflict with onboard serial ports,
then it should show up in boot messages. If it is PnP then you have to
'pnpdump > /etc/isapnp.conf' edit that for desired port and irq and then
use setserial (from /etc/rc.d/rc.serial or /etc/rc.d/rc.local) to tell
Linux where it is.
Sometimes even if a PnP capable modem is hard jumpered, Windows will still
use PnP to set a different port and irq than it is jumpered for. I have
found that the Windows settings will work in Linux, even if they disaggree
with jumper settings, by simply using setserial, without having to use
isapnp. If it is specifically jumper for PnP, then then you do have to
set up isapnp.
>I have RedHat 6.2 and it doesnt see it at boot.
>
>Do i have to do something first? such as setserial?
Yes if it is PnP or the hard jumpered irq is not the standard irq for that
port, you have to use setserial.
>Or might i have to compile a driver.
All real modems use the same serial driver. Although, you might need
different modem init strings for different modems.
>I have done neither of these but would like to know how.
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://hammer.prohosting.com/~cgi-wiz/ http://cgi-help.virtualave.net/
------------------------------
From: Art Wagner <[EMAIL PROTECTED]>
Subject: Re: disable blanking screen
Date: Tue, 03 Oct 2000 20:14:59 -0700
David Efflandt wrote:
>
> On Tue, 03 Oct 2000, Damien Mattei <[EMAIL PROTECTED]> wrote:
> >i install linux for newbies in dual boot with windows , the machine is
> >in a public organisation
> >user comes see the blanked screen thinking that the machine is powered
> >off
> >and they press... the POWER button stopping the cpu and making linux os
> >crash
> >
> >i want to know how to remove the screen saver (not to configure DPMS ,i
> >know that) that blank the screen in text console and X windows.
>
> The program that controls screen blank or power saving in the console is
> 'setterm'. You can add a statement for that in /etc/rc.d/rc.local.
>
> For X you would need to configure a screensaver and disable any DPMS
> and/or comment out any power_saver in XF86Config.
>
> --
> David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
> http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
> http://hammer.prohosting.com/~cgi-wiz/ http://cgi-help.virtualave.net/
No. In X a program called "xset" will take care of blanking, DPMS, and
lots of other settings. At least under RedHat. Try "man xset" or "xset q"
to get more info.
Art
------------------------------
From: "D|Ck" <[EMAIL PROTECTED]>
Subject: IDENT install
Date: Tue, 3 Oct 2000 23:17:25 -0400
2 questions actually..
1> BitchX and Xchat both ask for Ident to be installed. I know how to do it
in windows.. but no idea in linux.. i am running mandrake 7.1
2> where can i find a good telnet program that uses ssh1 ? is there one in
mandrake or kde?
D|Ck
------------------------------
From: "Pixelised" <pixelised@hotmail(DOT)com>
Crossposted-To: comp.os.linux.misc,comp.os.linux.questions,comp.os.linux.x
Subject: Re: Mandrake is a Piece Of Shit!!
Date: Wed, 4 Oct 2000 14:15:31 +1000
"Brandon Hoppe" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Henry Kruuskopf wrote:
> >
> > I dunno why your copy of this nice dist. screws up. I installed it and
> > everything went fine. I didn't use lnx4win, but i installed it by
booting
> > from cd-rom. I have also installed it from dos using autoboot.bat.
> >
> > I think your problems might come from lnx4win.
> > Just boot from cd-rom or use autoboot.bat from dos (remember to have
cd-rom
> > drivers loaded it u use autoboot.bat)
> >
> > Only problem i encountered was that Mandrake altered my extended dos
partion
> > to linux extended partion and i couldn't accsess to it from windows.
This
> > had simply solution. Just change the type of extended partion from linux
to
> > win and everything is cool.
> >
> > For my opinion, Mandrake is realy good dist. to workstation computer for
> > generic daily use. With right piece of hardware you can do everything on
> > Linux that you did in windows.
> > For right piece of hardware i mean right display adapter with right 3D.
> > (3DFX works better on Linux than other OpenGL boards. correct me if im
wrong
> > :)
> >
> > -Wmute
>
> Perhaps your right. lnx4win does sound like the culprit here. I have
> installed LM 7.0 on another machine with no problems. That's why I came
> back to put 7.1 on this laptop. I didn't have to use lnx4win last time.
> So, I'll take your suggestion and try autoboot.bat and give that a shot
> and post the results.
>
> CORRECTION: lnx4win is a Piece Of Shit!! :)
If autoboot.bat method fails, and I am assuming that you downloaded Mandrake
here; it might be possible that the iso image you downloaded could be
corrupt. I've had similar problems with Redhat Linux 6.2 for the Alpha
having corrupted python scripts. So I bought a copy of the Install CD, and I
haven't encountered any of the earlier problems since :o)
------------------------------
From: [EMAIL PROTECTED] (David Efflandt)
Subject: Re: What is fat32x??
Date: Wed, 4 Oct 2000 03:31:03 +0000 (UTC)
Reply-To: [EMAIL PROTECTED]
On Tue, 03 Oct 2000, Svend Olaf Mikkelsen <[EMAIL PROTECTED]> wrote:
>Jim Bisnett <[EMAIL PROTECTED]> wrote:
>
>>I am in the process of converting my system from win98 to a dual boot
>>linux and win98. I used Fips successfully and I have two partitions. I
>>deleted the second one since I own partition magic 3.0. (It needs some
>>free space to move things.) After deleting the new partition I attempted
>>to move it, but for some reason partition magic says that the win98
>>partition is other not fat32. When I requested the info on the partition
>>it listed it as fat32x. What is fat32x. fdisk says the partion is a
>>fat32 partition.
>>
>>I have been trying to reformat everything so I have been going this more
>>complicated path. I have moved partitions in the past with this software
>>and have had no problem.
>>
>> Jim
>
>FAT32X is a primary FAT32 partition that ends cylinder 1024 or later.
>The content is exact the same as a FAT32 partition. The ID (type) of a
>FAT32X partition is 0x0C. For other FAT32 partitions it is 0x0B.
>
>If the partition ends (0 based) cylinder 1023 or below, you can safely
>change the ID from 0C to 0B using Linux fdisk.
The 'b' or 'c' type has to do with partition size, not where it is on the
disk. A FAT32 partition (primary or logical) that is < 1024 cyl in size
is type b, even if it is (or extends) beyond cyl 1024. For example on my
laptop the drive ends at cyl 1099 and the last logical partition is type
'b' created by Win98 fdisk.
--
David Efflandt [EMAIL PROTECTED] http://www.de-srv.com/
http://www.autox.chicago.il.us/ http://www.berniesfloral.net/
http://hammer.prohosting.com/~cgi-wiz/ http://cgi-help.virtualave.net/
------------------------------
Subject: Ipchain setup and logging.
From: Bill Pringlemeir <[EMAIL PROTECTED]>
Date: Wed, 04 Oct 2000 03:39:18 GMT
[sorry if this is out of context for this group, please redirect if so.]
I have run an ipchain script that is suppose to deny all TCP connections
initiated from other machines. At least that is what I am trying to
do with this line.
ipchains -A input -l --syn -p tcp -i $EXTIF -s $ANY -d $ANY 1023:65535 -j DENY
I then run a script that does a telnet to a bunch of ports to try and
verify that attempts are being logged and denied. I tried to get SATAN
to work, but I couldn't get it to produce anything. When a telnet to
port 1024 is performed, I get a telnet connection to some Gnome Orbit
thing. I tried to type things here and managed to hose up X with it so
I would like to disallow this port. I am unsure if you could use it to
monitor keys, etc.
tia,
Bill
btw, is there a good net reference for shell programming?
[start port scanning script]
#!/bin/sh
MYIP=`ifconfig ppp0 2>/dev/null| grep inet | cut -d : -f 2 | cut -d \ -f 1`
for i in 1 2 3 4 5 6 7 8 9; do telnet $MYIP $i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 1$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 2$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 3$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 4$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 5$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 6$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 7$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 8$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 9$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 10$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 11$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 12$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 13$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 14$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 15$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 16$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 17$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 18$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 19$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 20$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 21$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 22$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 23$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 24$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 25$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 26$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 27$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 103$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 104$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 105$i;done
for i in 0 1 2 3 4 5 6 7 8 9; do telnet $MYIP 106$i;done
[end port scanning script]
[start ipchain script]
#!/bin/sh
#
# firewall-standalone This script sets up firewall rules for a standalone
# machine
#
# Interface to Internet
EXTIF=ppp+
ANY=0.0.0.0/0
# default policies.
ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P forward DENY
# flush all chains (nothing).
ipchains -F forward
ipchains -F input
ipchains -F output
echo -n "Port Blocks.."
# Deny TCP and UDP packets to privileged ports
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 0:1023 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 0:1023 -p tcp -j DENY
echo -n "."
# ---- Specific port blocks on the external interface ----------
# This section blocks off ports/services to the outside that have
# vulnerabilities. This will not affect the ability to use these services
# within your network.
# NetBEUI/Samba
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 137:139 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 137:139 -p tcp -j DENY
echo -n "."
# Microsoft SQL
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 1433 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 1433 -p tcp -j DENY
echo -n "."
# Postgres SQL
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 5432 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 5432 -p tcp -j DENY
echo -n "."
# Network File System
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 2049 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 2049 -p tcp -j DENY
echo -n "."
# MySQL
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 3306 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 3306 -p tcp -j DENY
echo -n "."
# X Displays
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 5999:6010 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 5999:6010 -p tcp -j DENY
echo -n "."
# X Font Server :0-:2-
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 7100:7101 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 7100:7101 -p tcp -j DENY
echo -n "."
# Back Orifice (logged)
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 31377 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 31377 -p tcp -j DENY
echo -n "."
# NetBus (logged)
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 12345:12346 -p udp -j DENY
ipchains -A input -l -i $EXTIF -s $ANY -d $ANY 12345:12346 -p tcp -j DENY
echo -n "."
echo "Done!"
# ------------------- High Unprivileged ports -
# These are opened up to allow sockets created by connections allowed by
# ipchains. Do not allow connection to be initiated on this ports by
# an external entity.
echo -n "High Ports.."
ipchains -A input -l --syn -p tcp -i $EXTIF -s $ANY -d $ANY 1023:65535 -j DENY
ipchains -A input -p tcp -i $EXTIF -s $ANY -d $ANY 1023:65535 -j ACCEPT
ipchains -A input -p udp -i $EXTIF -s $ANY -d $ANY 1023:65535 -j ACCEPT
echo -n "."
echo "Done!"
# ------------------------------------------------------------ Basic Services -
echo -n "Services.."
# ftp-data (20) and ftp (21)
#ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 20 -j ACCEPT
#ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 21 -j ACCEPT
#echo -n ".."
# ssh (22)
ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 22 -j ACCEPT
echo -n "."
#telnet (23)
#ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 23 -j ACCEPT
#echo -n "."
#smtp (25)
#ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 25 -j ACCEPT
#echo -n "."
# DNS (53)
#ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 53 -j ACCEPT
#ipchains -A input -p udp -s $ANY -i $EXTIF -d $ANY 53 -j ACCEPT
#echo -n ".."
# http (80)
#ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 80 -j ACCEPT
#echo -n "."
#POP-3 (110)
#ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 110 -j ACCEPT
#echo -n "."
# identd (113)
#ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 113 -j ACCEPT
#echo -n "."
# nntp (119)
# ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 119 -j ACCEPT
# echo -n "."
# https (443)
# ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 443 -j ACCEPT
# echo -n "."
# ICQ Services (it's a server service) (4000)
# ipchains -A input -p tcp -s $ANY -i $EXTIF -d $ANY 4000 -j ACCEPT
# echo -n "."
echo "Done!"
# ---------------------------------------------------------------------- ICMP -
echo -n "ICMP Rules.."
# Use this to deny ICMP attacks from specific addresses
# ipchains -A input -b -i $EXTERNALIF -p icmp -s <address> -d $ANY -j DENY
# echo -n "."
# Allow incoming ICMP
ipchains -A input -l -p icmp -s $ANY -i $EXTIF -d $ANY -j ACCEPT
ipchains -A input -l -p icmp -s $ANY -i $EXTIF -d $ANY -j ACCEPT
echo -n ".."
# Allow outgoing ICMP
ipchains -A output -p icmp -s $ANY -d $ANY -j ACCEPT
ipchains -A output -p icmp -s $ANY -d $ANY -j ACCEPT
echo -n "...."
echo "Done!"
[end ipchain script]
--
YOW!! Everybody out of the GENETIC POOL!
------------------------------
From: John Hasler <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.networking,comp.os.linux.misc,alt.os.linux
Subject: Re: PPP and routing.
Date: Wed, 4 Oct 2000 02:31:47 GMT
Lavinius writes:
> just add this line to /etc/ppp/options defaultroute
He already has it. Pppconfig takes care of that.
> that should be it .. I hope
It won't. Pppd will not replace an existing default route.
> oh and in /etc edit resolv.conf and add nameserver 0.0.0.0
He already has that: pppconfig takes care of it as well.
> I run Slack7 but I guess its not that much diff then Debian
While Debian allows you to edit config files by hand, it does not force you
to do so.
--
John Hasler
[EMAIL PROTECTED] (John Hasler)
Dancing Horse Hill
Elmwood, WI
------------------------------
From: moonie;) <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: slow?
Date: Tue, 3 Oct 2000 23:52:04 -0400
On Tue, 03 Oct 2000, James Fitzgerald wrote:
>I recently installed Mandrake 7.1 on a 1 year old Dell Optiplex 500 MHz PIII
>(the first machine I ever ran that took the doze out of Windows). I find
>the graphics based programs that came with Mandrake (both KDE and Gnome)
>rather slow-loading, 20 to 30 seconds and more sometimes (especially
>Netscape!). Most commands executed at the command line are reasonably fast,
>though loading a small file in emacs took longer than I thought it would.
>My own non-expert guess is that some aspects of this version of Linux,
>particularly the GUI based elements, are not fully optimized to exploit the
>hardware. So do not expect miracles just from a hardware upgrade. I
>suspect that the improved versions of KDE and gnome that are becoming
>available may make some real difference.
>
>I am trying to learn Linux in order to use emacs in a fully enabled unix
>environment (as opposed to Windows versions of emacs), so I can wait for the
>graphical stuff to become better optimized for speed. Right now the
>graphical interfaces basically make it possible for me to get a system
>installed and up and running without having to learn how to configure all
>the tables and configuration files that need tweaking manually--that is
>truly the most formidable aspect of unix-type systems for those of us who
>are not primarily interested in computers for their own sake. If I had to
>learn to do all of that myself, I would be forced to stay with Windows.
>
>Cheers,
>Jim Fitzgerald
I honestly believe that most of the problems with the speed of Linux comes from
not having your HD optimised. I run RAID 0 striped and everything flys on just
a K6-III/450 with 128MB RAM. Look into hdparm.
--
moonie ;)
Registered Linux User #175104
http://counter.li.org
KDE2
Kernel 2.4.0-test5
XFree86 4.0 Nvidia .94 drivers
RAID 0 Striped
Test-Pilots-R-Us ;)
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.setup) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Setup Digest
******************************
