RE: [leaf-user] SNMP
Hi! -Original Message- From: Joe Nelson [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 08, 2004 12:42 AM To: [EMAIL PROTECTED] Subject: [leaf-user] SNMP I'm having a little trouble getting snmpd to work correctly. I've installed the following packages on my Bering uClibc box: libm.lrp libsnmp.lrp snmpmibs.lrp netsnmpd.lrp netsnmpu.lrp A ps -aux shows that snmpd is running so that's good, but I can't query anything from it. I set up /etc/snmp/snmpd.conf exactly as it is shown in the documentation on http://leaf.sourceforge.net/doc/guide/bk05ch13.html (I changed the community name of course). Did you add open the needed port in Shorewall? Please add in Shorewall - Rules ACCEPT loc fw tcp 161 (I'm not sure though) And restart Shorewall. That should do the trick ;) Luis Correia UMSL - Unidade de Microinformatica e Sistemas Locais IIES - Instituto de Informática e Estatística da Solidariedade Tel: 21 423 00 27 - Fax: 21 423 00 01 PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 Key Server: http://pgp.mit.edu --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SNMP
Hi Joe, At 01:41 8-12-2004, Joe Nelson wrote: Since I have the netsnmpu.lrp installed, I thought that I'd be able to snmpwalk from the localhost. This is what I ran: snmpwalk -v2c -m ALL -c airwired -O vq localhost What happens if you try snmpwalk -v1 -c airwired localhost I don't get any output or any error messages. I think my problem lies with the snmpd.conf file, but I'm not really sure what else to change. Does anyone have a working copy that they'd be willing to share? Or do I have another problem? The snmpd.conf as described in the Bering-uClibc User Guide works for me, so that should not be a problem. You could also check /var/log/daemon.log. Each snmp query should result in one ore more lines. - Eric de Thouars --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] SNMP
Hi Joe, At 01:41 8-12-2004, Joe Nelson wrote: Since I have the netsnmpu.lrp installed, I thought that I'd be able to snmpwalk from the localhost. This is what I ran: snmpwalk -v2c -m ALL -c airwired -O vq localhost What happens if you try snmpwalk -v1 -c airwired localhost I don't get any output or any error messages. I think my problem lies with the snmpd.conf file, but I'm not really sure what else to change. Does anyone have a working copy that they'd be willing to share? Or do I have another problem? The snmpd.conf as described in the Bering-uClibc User Guide works for me, so that should not be a problem. You could also check /var/log/daemon.log. Each snmp query should result in one ore more lines. - Eric de Thouars --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Shorewall1.4 - Openvpn Strangeness
Dear list: I am having a weird problem with shorewall rejecting openvpn packets unless I include some redundant rules, that shorewall complains about (but that make things work). Below are the shorewall files and the resulting logs. Unless I uncomment the last 8 ACCEPTS in the rules file, I get Rejects of openvpn traffic from shorewall. Uncommenting those lines makes shorewall complain during bootup as it is working through the rules file before prompting for login. Any ideas?? TIA, Rick The shorewall zones file is net NET Internet loc Local Local Networks vpn1VPN-ipsec RoadWarrior bpn3WLAN-openvpnopenvpn The interfaces file is net eth0detect norfc1918 loc eth1detect dhcp vpn1ipsec0 vpn3tun0 The tunnels file is ipsec net 0.0.0.0/0 vpn1 generic:udp:5000loc 192.168.1.0/24 vpn3 firewall: -root- # more policy # # Shorewall 1.4 -- Sample Policy File For Two Interfaces ### #SOURCE DESTPOLICY LOG LEVEL LIMIT:BURST loc net ACCEPT # If you want open access to the Internet from your Firewall # remove the comment from the following line. #fw net ACCEPT loc vpn1ACCEPT #locvpn2ACCEPT loc vpn3ACCEPT fw vpn3ACCEPT net vpn3ACCEPT vpn1loc ACCEPT #vpn2 loc ACCEPT vpn3loc ACCEPT vpn3fw ACCEPT vpn3net ACCEPT fw loc ACCEPT net all DROPULOG all all REJECT ULOG #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE firewall: -root- # more rules # # Shorewall version 1.4 - Sample Rules File For Two Interfaces # PORTPORT(S) DEST # # Accept DNS connections from the firewall to the network # ACCEPT fw net tcp 53 ACCEPT fw net udp 53 # # Accept SSH connections from the local network for administration # ACCEPT loc fw tcp 22 ACCEPT net:137.45.192.73 fw tcp 22 ACCEPT net:137.45.34.77fw tcp 22 ACCEPT net:137.45.192.86 fw tcp 22 # # Allow Ping To And From Firewall # ACCEPT loc fw icmp8 ACCEPT net fw icmp8 ACCEPT fw loc icmp8 ACCEPT fw net icmp8 # Rules for openvpn (despite policies being set) #ACCEPT loc fw all #ACCEPT fw loc all #ACCEPT loc net all #ACCEPT net loc all #ACCEPT vpn3fw all #ACCEPT fw vpn3all #ACCEPT vpn3net all #ACCEPT net vpn3all # # Bering specific rules: # allow loc to fw udp/53 for dnscache to work # allow loc to fw tcp/80 for weblet to work # deleted for brevity firewall: -root- # The logs that result from the 8 ACCEPT lines being commented out are: f3:08:00 SRC=192.168.1.3 DST=192.168.1.254 LEN=88 TOS=00 PREC=0x00 TTL=128 ID=21018 PROTO=UDP SPT=5000 DPT=5000 LEN=68 Dec 9 11:18:48 firewall Shorewall:all2all:REJECT: IN=eth1 OUT= MAC=00:02:e3:12:7d:94:00:0e:35:15:24:f3:08:00 SRC=192.168.1.3 DST=192.168.1.254 LEN=88 TOS=00 PREC=0x00 TTL=128 ID=21079 PROTO=UDP SPT=5000 DPT=5000 LEN=68 Dec 9 11:18:58 firewall Shorewall:all2all:REJECT: IN=eth1 OUT= MAC=00:02:e3:12:7d:94:00:0e:35:15:24:f3:08:00 SRC=192.168.1.3 DST=192.168.1.254 LEN=88 TOS=00 PREC=0x00 TTL=128 ID=21154 PROTO=UDP SPT=5000 DPT=5000 LEN=68 Dec 9 11:19:09 firewall Shorewall:all2all:REJECT: IN=eth1 OUT= MAC=00:02:e3:12:7d:94:00:0e:35:15:24:f3:08:00 SRC=192.168.1.3 DST=192.168.1.254 LEN=88 TOS=00 PREC=0x00 TTL=128 ID=21207 PROTO=UDP SPT=5000 DPT=5000 LEN=68 Dec 9 11:19:18 firewall Shorewall:all2all:REJECT: IN=eth1 OUT= MAC=00:02:e3:12:7d:94:00:0e:35:15:24:f3:08:00 SRC=192.168.1.3 DST=192.168.1.254 LEN=88 TOS=00 PREC=0x00 TTL=128 ID=21256 PROTO=UDP SPT=5000 DPT=5000 LEN=68 Dec 9 11:19:30 firewall Shorewall:all2all:REJECT: IN=eth1 OUT= MAC=00:02:e3:12:7d:94:00:0e:35:15:24:f3:08:00 SRC=192.168.1.3 DST=192.168.1.254 LEN=88 TOS=00 PREC=0x00 TTL=128 ID=21329 PROTO=UDP SPT=5000 DPT=5000 LEN=68 Dec 9 11:19:40 firewall Shorewall:all2all:REJECT: IN=eth1 OUT= MAC=00:02:e3:12:7d:94:00:0e:35:15:24:f3:08:00 SRC=192.168.1.3 DST=192.168.1.254 LEN=88 TOS=00 PREC=0x00 TTL=128 ID=21381 PROTO=UDP SPT=5000
Re: [leaf-user] Re: [leaf-devel] ANN: leaf-project.org website
Hi Mike, Thank you for your hard work. I have found the following. It seems to me that the Addionnal packages for Bering-uClibc 2.x is old. I used to see a nice summary of the newly updated packages at the end. Now I do not see it anymore and there are not any things recent, e.g. 2004-09, 2004-10 etc. Also the link to this page from Read more to find out what's available today. is not correct, I had to click on Packages 2.x on the left side. And the site is quite slow especially when I click back, but it could be my connection too. - Original Message - From: Mike Noyes [EMAIL PROTECTED] To: leaf-devel [EMAIL PROTECTED] Cc: leaf-user [EMAIL PROTECTED]; leaf-announce [EMAIL PROTECTED] Sent: Tuesday, December 07, 2004 3:21 PM Subject: [leaf-user] Re: [leaf-devel] ANN: leaf-project.org website On Sun, 2004-12-05 at 19:42, Mike Noyes wrote: leaf.sourceforge.net is working properly, but something isn't quite right with leaf-project.org. I'll work on it tomorrow. Everyone, Our leaf-project.org domain should be working properly now. --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: [leaf-devel] ANN: leaf-project.org website
Am Donnerstag, 9. Dezember 2004 16:56 schrieb M Lu: Hi Mike, Thank you for your hard work. I have found the following. It seems to me that the Addionnal packages for Bering-uClibc 2.x is old. I used to see a nice summary of the newly updated packages at the end. Now I do not see it anymore and there are not any things recent, e.g. 2004-09, 2004-10 etc. This will be corrected, once Mike has added back the developer logins. Also the link to this page from Read more to find out what's available today. is not correct, I had to click on Packages 2.x on the left side. dto. kp --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering 1.2
Hi! I have a very basic question. how do I restart my network interface without reboot my bering BOX? I do changes in: /etc/network/interfaces /etc/hosts /etc/resolv.conf I'm running Bering 1.2 thank you very much Phuoc --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Bering 1.2
If I recall, it is something like 'svi networking restart' Luis Correia UMSL - Unidade de Microinformatica e Sistemas Locais IIES - Instituto de Informática e Estatística da Solidariedade Tel: 21 423 00 27 - Fax: 21 423 00 01 PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 Key Server: http://pgp.mit.edu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, December 09, 2004 4:38 PM To: leaf-user Subject: [leaf-user] Bering 1.2 Hi! I have a very basic question. how do I restart my network interface without reboot my bering BOX? I do changes in: /etc/network/interfaces /etc/hosts /etc/resolv.conf I'm running Bering 1.2 thank you very much Phuoc --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Samba for Bering uClibc
I've been reading up on this new branch of Bering, and I was considering taking the plunge until I realized that there does not seem to be a samba package for it. Does one exist? And if not, would the lrp that works with vanilla Bering work in uClibc as well? :Max --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: [leaf-devel] ANN: leaf-project.org website
On Thu, 2004-12-09 at 07:56, M Lu wrote: It seems to me that the Addionnal packages for Bering-uClibc 2.x is old. I used to see a nice summary of the newly updated packages at the end. Now I do not see it anymore and there are not any things recent, e.g. 2004-09, 2004-10 etc. M Lu, The bering-uclibc pages are a bit dated. I'll have to update from the last mysqldump of the old site. I knew this would be an issue, and I'll try to address it in a timely manner. Also the link to this page from Read more to find out what's available today. is not correct, I had to click on Packages 2.x on the left side. Is that the 'more' link under Extra Packages on http://leaf-project.org/bering-uclibc/ ? And the site is quite slow especially when I click back, but it could be my connection too. SF.net had some performance issues after the web farm upgrade (see link below). All should be well now. 2004-12-07 17:41:01 - Project Web Service https://sourceforge.net/docman/display_doc.php?group_id=1docid=2352 Thanks for the feedback. :-) -- Mike Noyes mhnoyes at users.sourceforge.net http://sourceforge.net/users/mhnoyes/ SF.net Projects: ffl, leaf, phpwebsite, phpwebsite-comm, sitedocs --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Samba for Bering uClibc
Hi; Am Donnerstag, 9. Dezember 2004 18:39 schrieb rawdata: I've been reading up on this new branch of Bering, and I was considering taking the plunge until I realized that there does not seem to be a samba package for it. Does one exist? AFAIK not. And if not, would the lrp that works with vanilla Bering work in uClibc as well? Definitely NO! Just interested, what's the purpose having samba on a router/firewall? kp --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: Samba for Bering uClibc
Just interested, whats the purpose having samba on a router/firewall? See http://shorewall.net/myfiles.htm -- I run Samba on my firewall to enable browsing between my WiFi and loc zones. -- some guy named Tom Eastep ;) http://lists.shorewall.net/pipermail/shorewall-users/2003-July/007201.html And if it's good enough for Tom... --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Re: Samba for Bering uClibc
On Thu, 2004-12-09 at 20:47 +0100, rawdata wrote: Just interested, whats the purpose having samba on a router/firewall? See http://shorewall.net/myfiles.htm -- I run Samba on my firewall to enable browsing between my WiFi and loc zones. -- some guy named Tom Eastep ;) http://lists.shorewall.net/pipermail/shorewall-users/2003-July/007201.html And if it's good enough for Tom... Although my network is no longer configured that way :-) As my wife and I move more and more to Linux and away from Windows, we have less and less need for Windows browsing and SMB access. -Tom -- Tom Eastep\ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] shorewall
Hi, I'm running Bering 1.2. to connect to internet I use my gateway. If I try to connect from my fw to internet I always get connection refused. but if I do ping ping the address it's working fine. what do I wrong? I'm loading: LRP=root,etc,local,modules,iptables,dnscache,shorwall,keyboard,beep,daemontl,ntpdate,dosfs,sshd,isdn this is my Rules of my shorewall: ACCEPT fw nettcp 80 ACCEPT netfw tcp 80 ACCEPT fw netudp 80 ACCEPT netfw udp 80 ACCEPT netfw icmp 80 ACCEPT fw neticmp 80 thank you for any help Kay ___ Gesendet von Yahoo! Mail - Jetzt mit 250MB Speicher kostenlos - Hier anmelden: http://mail.yahoo.de --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] kernel crash
Hi list, I'm using the Bering firewall for several years now. First standard Bering and now Bering-uClib. With both versions I have had a mysterious error when installing a new version now I have it with version 2.2.2. System: PII (I think) 90 Mhz 48 MB Ram, diskless. The error: After loading linuxrc etc. the system loads perfetctly until it has installed the modules for eth0 (3c905) and eth1 (ne2000) (found in kern.log) then the error appears: Unable to handle kernel paging request at virtual address 000e0001 Then a long list of registers values etc. are given (which I don't write down as I think they are too specific. It also says kernel Oops 0002) At that moment insmod is the running program. Of course the system is then unusable and halts. Luckily my old version is still functional. However I'm working with version 2.0 and would like to use 2.2.2. Has anybody any clue what's the problem? Thanks a lot. Joep -- Joel Louis Blom [EMAIL PROTECTED] --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Samba for Bering uClibc
The lack of a samba lrp has kept me from moving to uclibc as well. My firewall serves my home network not a business so there is not a huge worry that samba poses a security risk. I use a small hard drive in my firewall as a file repository for email clients so that no matter what machine I am sitting at, I am using the same mail files through a shared directory. Additionally I have set up a few scripts that stop internet access for my children's computers after a certain time of night so they don't stay up all night instant messaging. While configuring the scripts, I use the hard drive to copy the backup lrps to for easy addition to my leaf CD. Kory Krofft K.-P. Kirchdörfer wrote: Hi; Am Donnerstag, 9. Dezember 2004 18:39 schrieb rawdata: I've been reading up on this new branch of Bering, and I was considering taking the plunge until I realized that there does not seem to be a samba package for it. Does one exist? AFAIK not. And if not, would the lrp that works with vanilla Bering work in uClibc as well? Definitely NO! Just interested, what's the purpose having samba on a router/firewall? kp --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html --- SF email is sponsored by - The IT Product Guide Read honest candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
