[leaf-user] Re: Bering 1.0 - 1.2 Upgrade (continues) 1/2
No, Lynn, as you can see this first attempt to connect succeeded, and I was on for an hour. Now, I agree that since I got kicked off when four echoes failed there's strong suspicion that something was going on at the ISP PoP. But all the subsequent attempts to reconnect failed (using the same configuration!) until I rebooted. Now that also casts some suspicion on the Bering firewall as well. After all, if Bering fumbled the echo replies it might think the ISP was not responding. Bering terminated the link. I don't know the details of the protocol exchanges shown in the logs well enough to tell what's going on, except that the UID wasn't corrupted. Thought one of the experts might spot something. Nov 15 09:55:29 foxfire pppd[12823]: Starting link Nov 15 09:55:58 foxfire pppd[12823]: Serial connection established. Nov 15 09:55:58 foxfire pppd[12823]: using channel 1 Nov 15 09:55:58 foxfire pppd[12823]: Connect: ppp0 -- /dev/ttyS1 Nov 15 09:55:59 foxfire pppd[12823]: sent [LCP ConfReq id=0x1 mru 576 asyncmap 0x0 magic 0x8a6091e6 pcomp accomp] Nov 15 09:55:59 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x1 00 04 00 00 mru 1524 asyncmap 0xa auth pap pcomp accomp mrru 1524 endpoint [local:6d.61.78.2d.70.64.78] 17 04 6f 01] Nov 15 09:55:59 foxfire pppd[12823]: sent [LCP ConfRej id=0x1 00 04 00 00 mrru 1524 17 04 6f 01] Nov 15 09:55:59 foxfire pppd[12823]: rcvd [LCP ConfAck id=0x1 mru 576 asyncmap 0x0 magic 0x8a6091e6 pcomp accomp] Nov 15 09:55:59 foxfire pppd[12823]: rcvd [LCP ConfReq id=0x2 mru 1524 asyncmap 0xa auth pap pcomp accomp endpoint [local:6d.61.78.2d.70.64.78]] Nov 15 09:55:59 foxfire pppd[12823]: sent [LCP ConfAck id=0x2 mru 1524 asyncmap 0xa auth pap pcomp accomp endpoint [local:6d.61.78.2d.70.64.78]] Nov 15 09:55:59 foxfire pppd[12823]: sent [LCP EchoReq id=0x0 magic=0x8a6091e6] Nov 15 09:55:59 foxfire pppd[12823]: sent [PAP AuthReq id=0x1 user=[EMAIL PROTECTED] password=hidden] Nov 15 09:55:59 foxfire pppd[12823]: rcvd [LCP EchoRep id=0x0 magic=0x0] Nov 15 09:55:59 foxfire pppd[12823]: rcvd [PAP AuthAck id=0x1 ] Nov 15 09:55:59 foxfire pppd[12823]: sent [IPCP ConfReq id=0x1 addr 0.0.0.0 compress VJ 0f 01] Nov 15 09:55:59 foxfire pppd[12823]: rcvd [IPCP ConfReq id=0x1 compress VJ 0f 01 addr 209.102.126.5] Nov 15 09:55:59 foxfire pppd[12823]: sent [IPCP ConfAck id=0x1 compress VJ 0f 01 addr 209.102.126.5] Nov 15 09:55:59 foxfire pppd[12823]: rcvd [CCP ConfReq id=0x1 11 05 00 01 04] Nov 15 09:55:59 foxfire pppd[12823]: sent [CCP ConfReq id=0x1] Nov 15 09:55:59 foxfire pppd[12823]: sent [CCP ConfRej id=0x1 11 05 00 01 04] Nov 15 09:55:59 foxfire pppd[12823]: rcvd [IPCP ConfNak id=0x1 addr 209.102.126.143] Nov 15 09:55:59 foxfire pppd[12823]: sent [IPCP ConfReq id=0x2 addr 209.102.126.143 compress VJ 0f 01] Nov 15 09:56:00 foxfire pppd[12823]: rcvd [CCP ConfRej id=0x1] Nov 15 09:56:00 foxfire pppd[12823]: rcvd [CCP ConfReq id=0x2 11 06 00 01 01 03] Nov 15 09:56:00 foxfire pppd[12823]: sent [CCP ConfReq id=0x2] Nov 15 09:56:00 foxfire pppd[12823]: sent [CCP ConfRej id=0x2 11 06 00 01 01 03] Nov 15 09:56:00 foxfire pppd[12823]: rcvd [IPCP ConfAck id=0x2 addr 209.102.126.143 compress VJ 0f 01] Nov 15 09:56:00 foxfire pppd[12823]: Local IP address changed to 209.102.126.143 Nov 15 09:56:00 foxfire pppd[12823]: Remote IP address changed to 209.102.126.5 Nov 15 09:56:00 foxfire pppd[12823]: Cannot determine ethernet address for proxy ARP Nov 15 09:56:00 foxfire pppd[12823]: sent [IP data] 45 1b 00 40 b2 00 40 00 ... Nov 15 09:56:00 foxfire pppd[12823]: Script /etc/ppp/ip-up started (pid 11853) Nov 15 09:56:00 foxfire pppd[12823]: rcvd [CCP ConfRej id=0x2] Nov 15 09:56:00 foxfire pppd[12823]: Script /etc/ppp/ip-up finished (pid 11853), status = 0x100 Paul Rogers ([EMAIL PROTECTED]) http://www.xprt.net/~pgrogers/ http://www.angelfire.com/or/paulrogers/ Rogers' Second Law: Everything you do communicates. (I do not personally endorse any additions after this line. TANSTAAFL :-) The best thing to hit the internet in years - Juno SpeedBand! Surf the web up to FIVE TIMES FASTER! Only $14.95/ month - visit www.juno.com to sign up today! --- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: Bering 1.0 - 1.2 Upgrade (continues) 1/2
No, Lynn, as you can see this first attempt to connect succeeded, and I was on for an hour. Now, I agree that since I got kicked off when four echoes failed there's strong suspicion that something was going on at the ISP PoP. But all the subsequent attempts to reconnect failed (using the same configuration!) until I rebooted. Now that also casts some suspicion on the Bering firewall as well. After all, if Bering fumbled the echo replies it might think the ISP was not responding. Bering terminated the link. I don't know the details of the protocol exchanges shown in the logs well enough to tell what's going on, except that the UID wasn't corrupted. Thought one of the experts might spot something. Ok, I just looked far enough to see a PAP-failure authentication error on every subsequent attempt to reconnect. I'm not a PPP expert, but I thought this might narrow the possibilities. -- ~Lynn Avants Linux Embedded Appliance Firewall Developer http://leaf.sourceforge.net http://guitarlynn.homelinux.org:81 --- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering-uClibc 2.0 RC 3 Weblet trouble
Is anyone else seeing the Weblet problem I'm having with the cgi not finding the scripts? I'm getting 404 Not Found, File not found: /cgi-bin/add_any_query_here on scripts that are trying to access firewall statistic on the RC 3 Bering. The statuslights are also not shown in the 192.168.1.254 view. I have the std image with two changes. 1. dhcpd is giving addresses to internal network. 2. smc-ultra network cards with smc.ultra.o driver from the previous RC (and the needed 8390.o) are handling the internal and external traffic. Bering is run from a floppy drive by a 486/33MHz PC with 20M memory. Traffic goes through without problems so far only problem is that none of the logs are available from the Weblet. I have done this two times now with same results. Previous working version was the Bering-uClibc 2.0 Beta 3. I have been running this since it was released. I extracted the disk form the windows .exe at http://sourceforge.net/project/showfiles.php?group_id=13751 -M BTW. If this is double post for someone, I posted this earlier but the address was on the CC field and the post didn't show up on the SourceForge mailing list archive so I'm now re-posting it. --- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: [leaf-devel] [ leaf-Support Requests-764936 ] pulsar ADSL modem
On Wed, 02 Jul 2003 14:09:55 -0700, you wrote: I am trying to get an pulsar ADSL modem woking (www.traverse.com.au) with Bering 1.2. The problem is none of there drivers are working. 1/ Has anyone got the pulsar ADSL modem (or other PCI) modems working with bering Is there any word on a Bering 1.2 driver for the Traverse / Pulsar ADSL card? -- Best wishes, Malcolm --- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering-uClibc 2.0 RC 3 Weblet trouble
Hi Marko, Is anyone else seeing the Weblet problem I'm having with the cgi not finding the scripts? I'm getting 404 Not Found, File not found: /cgi-bin/add_any_query_here on scripts that are trying to access firewall statistic on the RC 3 Bering. The statuslights are also not shown in the 192.168.1.254 view. Thanks for reporting that - I don't know how I missed that when updating the package (probably because I used an old package to test, instead of the new one...). An updated version is in CVS (it should show up on the web-page some time tomorrow, due to viewcvs and therefore also the packages page running against the backup CVS-server) - if you don't want to wait that long, you can download the updated package at: http://leaf-project.org/devel/hejl/weblet.lrp Martin --- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] shorewall set up, was Bering 1.0 - 1.2 Upgrade (continues) 1/2
Hi At 19:45 16.11.2003, Richard Doyle wrote: Paul's original problem was a Shorewall misconfiguration. Bering Shorewall is configured for two ethernet connections: an external connection on eth0 and an internal connection on eth1. Paul has an external connection on ppp0 and an internal connection on eth0. The problem was solved by modifying /etc/shorewall/routestopped and /etc/shorewall/masq to fit his network (replacing eth0 and eth1 with ppp0 and eth0). I would recommend to use the params file for the shorewall set up. Then one can define the interfaces and related parameters in the params file without having to meddle with the setup in the other files at all. This might avoid confusion. my $0.02 Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] VPN shorewall options
Hello yet again, Sorry to be a bother. I have searched the Freeswan docs for any reference to the fswcert command with no luck. I need to know what command I should be using instead of the fswcert command. I did find a reference to it here http://cert.uni-stuttgart.de/archive/debian/security/2002/04/msg00160.html But that does not tell me much. Can anyone please tell me what command I need to do to get past this step in the procedure? The procedure is posted here: http://leaf.sourceforge.net/doc/guide/buipsec.html Again, I am sorry to have to be a bother but I am no guru by any stretch of the imagination and I have to get this working in short order. I hope someone can help me out. Thanks in advance! Troy -Original Message- From: Erich Titl [mailto:[EMAIL PROTECTED] Sent: Thursday, November 13, 2003 5:02 PM To: Troy Aden; Leaf-User (E-mail) Subject: RE: [leaf-user] VPN shorewall options Troy At 21:35 13.11.2003, Troy Aden wrote: Thanks for getting back to me. I have run into problems with one command in the IPSec procedure. Snip Make your ipsec server certificate # openssl req -newkey rsa:2048 -keyout serverKey.pem -out serverReq.pem # openssl ca -policy policy_anything -in serverReq.pem -days 1825 -out serverCert.pem -notext # openssl x509 -in serverCert.pem -outform DER -out x509cert.der # fswcert -k serverKey.pem ipsec.secrets Snip The fswcert line gives me an error saying that the command is not found. With recent versions of freeSWan this is not needed anymore, please see the FreeS/Wan docs for details. HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This SF. Net email is sponsored by: GoToMyPC GoToMyPC is the fast, easy and secure way to access your computer from any Web browser or wireless device. Click here to Try it Free! https://www.gotomypc.com/tr/OSDN/AW/Q4_2003/t/g22lp?Target=mm/g22lp.tmpl leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
