[leaf-user] Mailing List
Everyone, Traffic on the list is unusually low. Is something wrong with the list I should be aware of? --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Mailing List
I am seeing your post. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Noyes Sent: Friday, September 17, 2004 12:07 PM To: [EMAIL PROTECTED] Subject: [leaf-user] Mailing List Everyone, Traffic on the list is unusually low. Is something wrong with the list I should be aware of? --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] DMZ for wireless coffee-shop hotspot
Dear list. My first gig is developing a Bering 1.2 firewall for a coffee house. I expect to be paid in food and soy lattes ;-) Here is the situation: Coffee shop owner wants to support wireless for the customers. Owner has one or two business machines that need to be protected from the Internet -- and the wireless customers. The architecture I thought might work well is: Internet DSL - Bering 1.2 internal net (business machines) | | DMZ | Wireless access point / | \ Customers Are there any issues using a DMZ for the wireless segment? TIA, Rick. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Mailing List
Everyone, Traffic on the list is unusually low. Is something wrong with the list I should be aware of? I imagine the traffic is low because people are reading the manuals. Many posts used to be repeats - same problems encountered by others - but with LEAFs excellent documentation perhaps we are encountering fewer problems but more boxen. Cheers to the Bearing and uClibC developers for their excellent documentation. Just upgraded three LEAF boxes in the last couple of weeks. The only minor problems I had was when I skipped something in the docs. Maybe its time for a /. article on uClibC Leaf. That would pick up the traffic. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Mailing List
At 01:27 PM 9/17/2004 -0700, Victor McAllister wrote: Everyone, Traffic on the list is unusually low. Is something wrong with the list I should be aware of? I imagine the traffic is low because people are reading the manuals. Many posts used to be repeats - same problems encountered by others - but with LEAFs excellent documentation perhaps we are encountering fewer problems but more boxen. Cheers to the Bearing and uClibC developers for their excellent documentation. Just upgraded three LEAF boxes in the last couple of weeks. The only minor problems I had was when I skipped something in the docs. Maybe its time for a /. article on uClibC Leaf. That would pick up the traffic. Actually, if you look at the archive, you'll see that there has been a pretty steady downward trend in leaf-user message traffic by month over almost 3 years. This month is a slight abberration, but not marked one. I suspect the reason for the overall trend down is a mix of several things: 1. Our releases are pretty mature and stable, so less goes wrong on the code side. So there is less to ask about. 2. There are a LOT of other router-scale Linux distros out there. We have more competition. 3. Home NATing routers from Linksys, Netgear, D-Link, and the rest are more competitive with home-built routers than they used to be. Plain routers are dirt cheap, and even ones with 802.11g can be almost free (I just bought one for about $US2, net after a $30 rebate) ... just try to get 802.11g (or even b) workijng with Linux. Hah! 4. Part of our traffic used to be people discussing general issues (not specific to LEAF releases) of routing and firewalling. That discussion seems to have gone somewhere else. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] DMZ for wireless coffee-shop hotspot
At 04:14 PM 9/17/2004 -0400, Tibbs, Richard wrote: Dear list. My first gig is developing a Bering 1.2 firewall for a coffee house. I expect to be paid in food and soy lattes ;-) Here is the situation: Coffee shop owner wants to support wireless for the customers. Owner has one or two business machines that need to be protected from the Internet -- and the wireless customers. The architecture I thought might work well is: Internet DSL - Bering 1.2 internal net (business machines) | | DMZ | Wireless access point / | \ Customers Are there any issues using a DMZ for the wireless segment? Yeah, sort of. DMZ typically refers to a network designed to connect servers to the Internet. It gets protects with a firewall ruleset that allows incoming access only to a specified list of services, and outgoing access only as needed to provide those services. For example, here I run my mail server on a DMZ interface. That interface has a ruleset that ACCEPTs only -- incoming traffic on the SMTP and POP3 ports (and ssh, if from the LAN interface). -- outgoing traffic to SMTP, DNS, NTP, and maybe a couple of other ports. -- no SNAT, and DNAT only for the incoming ports needed above. What you want for your wireless clients is quite different, pretty much a second LAN, not really a DMZ. It will probably be a different /24 network from the business network. It will be NAT'd for outgoing connections, and it may have some usage controls that enforce whatever Terms of Service the owner wants to provide service under. For example, he probably wants to do something to presvent being used by SPAMmers. He may want to limit the bandwidth that customers can use. He may want to distinguish customers from freeloaders ... or from laptops in cars parked outside his establishment. These are the usual issues with setting up wireless access anywhere more crowded than Gilligan's Island. He may even want to impose things like time limits and time charges ... though I surmise that you and he are contemplating a free service, since that seems to be the trend, at least around here. The main thing you always want to prevent is traffic going from the customer LAN to the business LAN. Easy to do with iptables ... though I don't offhand know the right entries for Shorewall, this is common enough that I bet Tom's docs have an example for it. --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: leaf-user digest, Vol 1 #2419 - 6 msgs
I'm still receiving them, and saving them against the day I need them, but rarely reading them. 1. Our releases are pretty mature and stable, so less goes wrong on the code side. So there is less to ask about. I think that's part of it. People don't want 1/4 drills, they want 1/4 holes! My Bering 1.2 seems to be protecting me. Last work I did was when I changed boxes and the new one didn't want to boot non-standard floppies, so I had to make it boot with grub from an IDE drive shared with RHL and Win98--and then disable the IDE support once it connects. When the uClibc version came out what I saw seemed to present me with the option of doing nothing or hassling with another difficult installation and customization? 2. There are a LOT of other router-scale Linux distros out there. We have more competition. From the user's point of view, most don't understand all the details of firewalling, able to judge the benefits of Shorewall vs other approaches. But what they do experience is the installation and customization process. I've always felt Bering should have easier ways to customize all its parameters. Granted grand schemes would be difficult to do and keep everything small, but a parameterized variables file wouldn't be so large. 3. Home NATing routers from Linksys, Netgear, D-Link, and the rest are more competitive with home-built routers than they used to be. Plain routers are dirt cheap, and even ones with 802.11g can be almost free (I just bought one for about $US2, net after a $30 rebate) ... just try to get 802.11g (or even b) workijng with Linux. Hah! True. I'm afraid any vulnerability, perhaps influenced by their race to sell product as cheaply as possible, would spread like wildfire. And updates, such as when I went from Bering 1.0 to 1.2, means buying a new box. Paul Rogers ([EMAIL PROTECTED]) http://www.xprt.net/~pgrogers/ http://www.angelfire.com/or/paulrogers/ Rogers' Second Law: Everything you do communicates. (I do not personally endorse any additions after this line. TANSTAAFL :-) Get your name as your email address. Includes spam protection, 1GB storage, no ads and more Only $1.99/ month - visit http://www.mysite.com/name today! --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
