Re: [leaf-user] wisp and dns/dhcp
Hi Vladimir At 15:29 19.08.2002, you wrote: David Ondzes wrote: I have two problem... 1) I can not ssh into my wisp box from the outside. Did you run tcpdump as I suggested? It looks like my problem. 2) I can not resolve hostnames from my wisp box. Should dhcp supply my wisp box with dhs server and default gateway info ? Or should I enter it with wdistconfig ? Default gateway will be supplied by DHCP, however you have to enter DNS manually. Why is this so, when option domain-name-servers ip-address [, ip-address... ]; The domain-name-servers option specifies a list of Domain Name System (STD 13, RFC 1035) name servers available to the client. Servers should be listed in order of preference. Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Another Bering CD creating problem
Craig At 01:38 15.08.2002, you wrote: Hi (again) folks, :-) I want to include more .lrp packages (like the IPSec stuff, for example) on my Bering floppy...which will ultimately end up on a Bering bootable CD. The problem is...there's a lot more stuff that I want to end up on the CD than will (temporarily, while you back it up) fit on the Bering floppy. How do manage to incorporate, juggle, etc., all of the additional packages that you might want from floppy to bootable CD??? I'm following the Bering documentation, but it doesn't seem to address the lack of space issue that I can see. Thank you again! It probably boils down to a hen and egg problem. The easiest way to accomplish what you want is to do it on a Linux system where you create the iso image directly from a common 'root' directory using mkisofs. I believe the software Luis is referring to in his docs will do the same on a M$ box. Basically you copy everything you need (all the lrp's) to a common directory, then you have to juggle with the isolinux stuff and the necessary modules in initrd and you should be done. Actually the docs are very good. I am about to bild a 'building skeleton' for LEAF CD's. I just don't seem to have that much time with these long summer evenings (it will be a *X based tool); HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1refcode1=vs3390 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] wisp install problem ?
David David Ondzes wrote the following at 17:20 13.08.2002: I hope this is the correct forum for wisp related questions, if not please let me know. I am trying to install wisp to an 8 meg SanDisk CF card via my SanDisk ImageMate SDDR-31 USB reader. My dd command is writing less then it is reading, will the 1 less record matter ? See output below. I don't know if this is just one record. Looking at the size of wisp-dist_2290_img_wdist.bin (8'126'464) this would be 8'126'464 / 512 = 15872 blocks. Mabe you should first copy to a hard disk and see how many records are actually copied. Vladimir will certainly know the exact figures. HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Secure DOM
Hi everybody I happened to stumble across this link, I know it is not HW protect, but at least this company seems to allow end users under Linux to protect the content of the DOM Any experience Thanks Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Using ifconfig?
Craig IIRC Dachstein by default does not have ifconfig but the iproute2 command suite, e.g. you have to use ip. There is a ifconfig.lrp module at http://leaf.sourceforge.net/devel/cstein/Packages/ifconfig.htm HTH Erich At 16:04 29.07.2002, you wrote: Hi everyone, How do I, or I should say, WHERE do I run the ifconfig command from??? I've tried just logging in to Dachstein, and changing to the sbin directory and nothing works. Hmmph, I'm stumped! Thank you, have a great week. Craig --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code=31 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Using ifconfig?
Craig Craig wrote the following at 17:59 29.07.2002: Hi folks, I'm confused. My Dachstein CD already has an ifconfig.lrp file on it. Do I need a different ifconfig.lrp module? Why doesn't the one I have work? Thanks. Sorry, a was not aware you had the CD version, you may have to specify which modules to load to the ramdisk, IIRC this is in the the lrpkg.cfg file on your floppy. HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: Dice - The leading online job board for high-tech professionals. Search and apply for tech jobs today! http://seeker.dice.com/seeker.epl?rel_code1 leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] MAC to IP matching
Hi At 02:29 25.07.2002, you wrote: Hi. Yes, it's me again. YUK Among other things I dont think I have a motherboard with 7 PCI slots. You may consider a NIC with multiple RJ45 connectors, I believe they all get their own MAC (and of course ethxx) HTH THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: Jabber - The world's fastest growing real-time communications platform! Don't just IM. Build it in! http://www.jabber.com/osdn/xim leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] DHCP Stuff
Hi David At 03:15 18.07.2002, you wrote: Hi. Me again! By way of a reminder, I am the bloke who has a perfectly functional Eigerstein box who wants to upgrade to Dachstein or Bering but found that Dachstein would recognise the NICs and run the tulip driver as required, find a good 10baseT link beat, but then DHClient couldn't pick up IP info and DHCP isn't serving IP info internally. I have been playing around with this router of mine with the following results: 1. I couldn't find any DHClient and DHCPD logs. Is that significant? When the box boots progress info DOES appear on the screen. 2. I tried the Dachstein distro that has been set up for Bigpond cable but that was the same. 3. I tried Bering rc3 and that was the same as well. Could it be that the firewall is blocking the DHCP data from the ISP? They're broadcasting on 10.96.4.1. That would assume that the Dachstein filters were different to the Eigerstein filters and that Shorewall was blocking the same packets as Dachstein. It definitely could be try ipchains -L input you should see something like DENY all l- 10.0.0.0/8 anywhere n/a and have a look in your messages log instructions how to overcome this can be found in http://www.mail-archive.com/leaf-devel@lists.sourceforge.net/msg04115.html HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] 2 different networks with eigerstein beta 2
Hi Claas Claas Anders Rathje wrote the following at 20:16 16.07.2002: On Tue, 16 Jul 2002 19:09:04 +0200 Erich Titl [EMAIL PROTECTED] wrote: The only thing that comes to mind right away is that the NIC to your 2nd network is _NOT_ part of the network 192.168.0.x. To me that looks a bit strange. Actually it is, but I made a typo, of course it is not 192.168.1.254 because that is already taken by the lrp-box, it is 192.168.0.254, so the diagram should look like: OK Just a shot in the dark You have to tell the LEAF/LRP box to NAT the traffic from 192.168.0.x to your external address and vice versa and route it through 192.168.1.253, unless you do another NAT on your server. Why don't you connect the 192.168.0.x network directly to your LEAF/LRP box? This might make life easier. | World Wide Web | || || PPPoE ___|| | LRP-Box | | dynamic IP| | | | 192.168.1.254 | |_| || _ internal net __| | 100Mbit/switched --| Clients range .1.1 - .1.253 | 192.168.1.x |_| ___||__ | my Server | | 192.168.1.253 | | | | 192.168.0.254 | |___| || seccond internal net 10Mbit/BNC-Ethernet 192.168.0.x || ___||__ | Clients range | | .0.1 - .0.253 | |___| Sorry for that... but the basic problem is that I want my lrp box to server more than just the 192.168.1.x network... and since I spread lrp a bit around to people i know, i know that not only i would like lrp to route different ranges of ips... So long... Claas Rathje --- This sf.net email is sponsored by: Jabber - The world's fastest growing real-time communications platform! Don't just IM. Build it in! http://www.jabber.com/osdn/xim leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: Jabber - The world's fastest growing real-time communications platform! Don't just IM. Build it in! http://www.jabber.com/osdn/xim leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] 2 different networks with eigerstein beta 2
Hi Claas Claas Anders Rathje wrote the following at 22:09 16.07.2002: On Tue, 16 Jul 2002 21:23:35 +0200 Erich Titl [EMAIL PROTECTED] wrote: OK Just a shot in the dark You have to tell the LEAF/LRP box to NAT the traffic from 192.168.0.x to your external address and vice versa and route it through 192.168.1.253, unless you do another NAT on your server. Well, it routes through 192.168.1.253 because i can telnet on my lrp box and ping clients in the .0.x net... But how do I tell the LRP box to route .1.1 as it does AND .0.x ? Why don't you connect the 192.168.0.x network directly to your LEAF/LRP box? This might make life easier. Well... Then I would need another NIC and another loong cable ;) Not necessarily, I don't know why your server needs 2 NICS :-(, but whatever... But I think it would be the same because I can tell the machine i'm sitting on to be 192.168.0.2 for example and *bing* I cannot connect to the WWW anymore and this one iss direktly (well theres a switch between me and the LRP Box) connected... That is still my problem... I don't know Eigerstein but the problem I see is that you have to NAT something you are not even directly connected to. This means IMHO that you have to actively modify the NAT rules in that box. I think this is something the configuration was not meant to be THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: Jabber - The world's fastest growing real-time communications platform! Don't just IM. Build it in! http://www.jabber.com/osdn/xim leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] DNS request timed out
Craig At 01:10 10.07.2002, you wrote: Hi folks, For those who have replied, I'm running the vanilla, Dachstein CD. The only thing I have changed from the default configuration is to uncomment the correct NIC drivers, and changed the root password. That's it. I've left everything else alone...if it ain't broke... you know the rest! :-) kindly give us some more information please see http://leaf.sourceforge.net/mod.php?mod=userpagemenu=11page_id=4 for details regards Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by:ThinkGeek Two, two, TWO treats in one. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: Software write-protect (Was: Re: [leaf-user] Floppies)
Hi Jeff Newmiller wrote the following at 08:37 30.06.2002: On Sat, 29 Jun 2002, Richard Amerman wrote: All logging should idealy be done off site using a syslog deamon. Agreed. The most important thing is not to have a breach and second to fix weaknesses. In this situation flushing the memory IS the best solution to insure this, though it is not the only one, and would rarely be that practicle or worth the hastle. Absolutely disagree. Rebooting is a waste of time. If there is a way in, rebooting does nothing to prevent repetition. If there is not, rebooting serves no purpose. If you are faced with a break-in in-progress, you need to disable external network access until the problem is rectified... not reboot. Agreed, but now we have to see how we can stop such a skillful attacker. How can we protect the RAM disks from someone determined enough to upload and execut code bytewise. Anyone can fingerprint the IP stack and scan our system for loopholes. Some firewall products detect this and drop the IP of the attacker immediately until reboot. Do we have such a feature? regards Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: Software write-protect (Was: Re: [leaf-user] Floppies)
Hi I believe the security concerns are well understood. But if we have someone on our doorstep with the ability Charles pointed out, of course he/she will be able to place some malware on our ram disk. It is not as bad es having an infected non volatile storage but I believe this attacker would be clever enough to fool the poor firewall user and make him feel secure. So even if we have write protected disks we probably would have to reboot periodically or have some other (non foolproof) prevention for such a scenario. Any thoughts ... regards Erich Mike Noyes wrote the following at 19:14 29.06.2002: On Sat, 2002-06-29 at 08:34, Mike Noyes wrote: On Sat, 2002-06-29 at 06:15, Manfred Schuler wrote: one reason for software write protection is that people using flash/hard disk at the moment have no other possibilities. And even if it is not perfect, it is better than nothing. Manfred, I forgot to mention SCSI as a solution for hard drives. SCSI drives have had the ability to do hardware write-protect for many years. Manfred, There are alternatives to software write-protect. Current generation flash disks are capable of hardware write-protect. They use two different approaches: * Custom ATA controllers on the IDE compatible flash disk. ATA-Disk Module http://www.sst.com/products/58sm_lm.html ATA-Disk Chip Application Notes http://www.sst.com/superflash/pdf/222.pdf ATA-Disk Module Product Brief http://www.sst.com/ata_disk/admbrief.pdf ATA-Disk Module (Apacer) http://www.apacer.com/product/flash/index_adc_adm.html * A software and hardware combination that changes the write state of the flash disk in hardware. Secure Disk on Module (SDOM) http://www.pqi.com.tw/eng/ourproduct/sdom.htm -- Mike Noyes [EMAIL PROTECTED] http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ --- This sf.net email is sponsored by:ThinkGeek No, I will not fix your computer. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by:ThinkGeek No, I will not fix your computer. http://thinkgeek.com/sf leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re:[leaf-user] Weblet
Lynn [EMAIL PROTECTED] wrote the following at 20:36 26.06.2002: Message: 6 From: guitarlynn [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [leaf-user] Weblet Date: Tue, 25 Jun 2002 17:14:05 -0500 On Tuesday 25 June 2002 16:57, Richard Amerman wrote: Has anyone made any modifications to weblet that displays configuration files? How about adding authentication to weblet? I'm starting some work on one for Dachstein, but I'm starting from scratch on it. I think someone had come up with something that worked with Bering in some form, but there was no link or email left to get it (that I know of). In any case, to do it securely there is a lot of additions and work to create one. Mosquito only uses web-configuration it might be worth a try. I am playing around with weblet to get some kind of a web based configuration. Authentication is certainly an issue there and I am very interested in anything that should come up in that aspect. Does anyone know why the cgi-bin/whatever.cgi?parameter1=value1parameter2=value2 passing in weblet is disabled? thanks Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 --- This sf.net email is sponsored by: Jabber Inc. Don't miss the IM event of the season | Special offer for OSDN members! JabberConf 2002, Aug. 20-22, Keystone, CO http://www.jabberconf.com/osdn leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: leaf-user digest, Vol 1 #937 - 14 msgs
Hi [EMAIL PROTECTED] wrote the following at 05:03 07.06.2002: To recap: The plan is to force internal network to resolve MULLAN.DNS2GO.COM to 192.168.1.128. External requests of course will already find their way to 192.168.1.128 via the INTERN_SERVERS in network.conf You are trying to masq a HOST in a zone you don't own. This is critical to your internal network because you will miss out all lot of unknown hosts in the zone (unless you copy them all the time.) As I pointed out in an earlier message you have to (somehow) _own_ the zone. For example if you _own_ the subdomain mullan.dns2go.com then you can place any host you like into that subdomain, e.g. myhost.mullan.dns2go.com. This way you are responsible for the entire mullan.dns2go.com namespace. But imagine what happens if you put a _host_ mullan.dns2go.com at dns2go.com DNS server and then override the dns2go.com zone in your own DNS server by claiming authority (even just for internal use). How is your internal client supposed to know that the host foodle.dns2go.com needs to be looked up at dns2go.com whereas mullan.dns2go.com should be looked up on your internal DNS server. I don't know if you can get an entire subdomain at dns2go or any other dynamic dns provider. But you can always get your own domain which you can park on one of the many dynamic DNS services which allow any doman name. This is not really the direct answer to your question but watch out for such a set up. Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas - http://devcon.sprintpcs.com/adp/index.cfm?source=osdntextlink leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Using HOSTS file
Hi At 09:33 06.06.2002, you wrote: Message: 9 From: John Mullan [EMAIL PROTECTED] To: 'Lee Kimber' [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: [leaf-user] Using HOSTS file Date: Wed, 5 Jun 2002 22:54:53 -0400 At 08:38 PM 6/5/2002 -0400, you wrote: I use DNS2GO to handle my dynamic IP for the benefit of the outside world (one day I'll register my own domain). But for now, if anyone in the internal network trys to browse mullan.dns2go.com it won't work (of course). What I would like is for the LEAF box to recognize this DNS request and translate it to the internal IP (192.168.1.128). Can anyone tell me how to do this? I thought it might be the HOSTS file but that doesn't seem to work. You will have to implement your own DNS server to do that. This is not a trivial task because you don't own DNS2GO. It might be better to register your own domain and then you can basically do with it what you want. For exampe I own think.ch, it is hosted at zoneedit.com, but for my internal network I override it with my own DNS server. regards THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Detecting Disconnected Network
Hi Kiril If I read your script correctly then there might be a little glitch At 18:49 28.05.2002 -0700, you wrote: my last version of the script for pinging hosts follows. if there is a more elegant and reliable way to react in such rare situations, i will be glad to hear it. regards, kiril #!bin/bash PING_REMOTE_HOSTS=host1.com host2.com host3.com for HOST in $PING_REMOTE_HOSTS do UP=0 while [ $UP -eq 0 ] do sleep 120 ping $HOST -qc 1 /dev/null 21 UP=$? done echo $HOST is down, trying next host... done Once you have wasted all the hosts in your list you restart your network, although IMHO this only means that host3.com cannot be pinged. I believe you want to do something like #!bin/bash PING_REMOTE_HOSTS=host1.com host2.com host3.com UP=0 while true do while [$UP -eq 0] do sleep 120 UP = 1 # this would break the inner loop for HOST in $PING_REMOTE_HOSTS do ping $HOST -qc 1 /dev/null 21 UP = $?# if any ping returns 0 it is OK done done echo network is down. restarting... /etc/init.d/network reload sleep 60 done I have not tested this :-( Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] A NET question
Hi At 16:54 21.05.2002 -0700, you wrote: I'm gonna try commenting out the *.emerg line. Thanks again man. I'll definitely keep you posted. I would not just comment it out but save the data in a file. See syslog.conf(5) for an explanation of the syslog configuration file format. Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Bering LEAF from hard disk/PCengines CF adapter
Hi folks Message: 9 Date: Sat, 18 May 2002 20:04:24 -0700 From: Victor McAllister [EMAIL PROTECTED] To: leaf-user [EMAIL PROTECTED] CC: David Ondzes [EMAIL PROTECTED] Subject: Re: [leaf-user] Bering LEAF from hard disk added list back in in case others are interested. They carry three types of ide to compact flash adapters. There is a new model shipping next week that plugs right into the motherboard without a cable called CFDISK.5b. It is the cheapest - $13 + shipping etc. http://pcengines.com/testordr.htm They do not have a secure order site - so I have e-mailed orders in and then mailed a check which works pretty fast. It might be worth if someone orderes a few of them. It is especially difficult to get these items in europe, as the normal delivery is way too expensive for what it's worth, and then cheques are not very common on the old continent. I guess if we could get together an order of 20 and someone of the list based in the US would be willing to mail it for a small profit everyone could get real good conditions. Just a thought Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Hundreds of nodes, one monster rendering program. Now that's a super model! Visit http://clustering.foundries.sf.net/ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Re: leaf-user digest, Vol 1 #892 - 10 msgs
Hi folks ssh -L 110:host2:110 -L 143:host2:143 user@host2 (I am trying to use IMAP only - but it's hard) Maybe I am just dense but I am wondering why you don't just use SSL/TLS to connect to your IMAP service. I believe this is a documented feature of an IMAP server and an IMAP client should just be able to use it. I use this with courier-imap and it has worked fine for more than a year. No need for stunnel (which is fine by the way) or any ssh forwarding, just plain old port 993. Of course you will have to generate a certificate, but there is openssl... :-) regards Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Question about Dynamic DNS
Hi At 05:36 05.05.2002 -0700, you wrote: --__--__-- Message: 1 Date: Sat, 4 May 2002 17:07:09 -0700 (PDT) From: John Desmond [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [leaf-user] Question about Dynamic DNS I just got myself an account on dyndns.org and, as I wait for the FQDN to waft through the world's DNS servers, I thought I might ask how others have avoided dyndns abuse. They say they'll block your name if you automatically update their server with the same ip you had last time. I noticed that when I reboot the router I often receive the same ip as I had before. I guess ez-ipupdate caches the ip, but that gets lost on the reboot (ESBeta2). Has anyone developed some script to compare the interface ip to an ip received from a web-based ip checker before calling ez-ipupdate? I have not done this but why not just dig or nslookup for the FQDN before launching ez-ipupdate and then decide if it is needed? something like if (my_new_ip != nslookup(myhost.dyndns.org)) ez_ipupdate(my_new_ip); that should cover most circumstances unless you are rebooting often, getting a new address all the time and TTL's are longer than your reboot interval. HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Have big pipes? SourceForge.net is looking for download mirrors. We supply the hardware. You get the recognition. Email Us: [EMAIL PROTECTED] leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[Leaf-user] RE: Bering from CD
Hi --__--__-- Message: 4 From: Charles Steinkuehler [EMAIL PROTECTED] To: Christian HOSTELET [EMAIL PROTECTED], Luis.F.Correia [EMAIL PROTECTED], LEAF [EMAIL PROTECTED] Subject: Re: [Leaf-user] RE: Bering from CD Date: Tue, 26 Mar 2002 12:15:16 -0600 It's just that my system is ready with the two floppies and I would like to generate a CD. But I'm not in hurry... CS You might take a look at the Dachstein CD, to see how it's done. I suggest using CD-RW disks until you get something close to working, unless you like having lots of coasters! You will need to add the IDE, CD-ROM, and ISO-FS modules to your root ramdisk image, and get linuxrc to load them before it tries to install pacakges. It might be even interesting to look into the isolinux stuff. This removes the need for floppy images completely. IMHO this makes the creation of a CD much easier. It is part of the syslinux stuff and can be found at http://syslinux.zytor.com Good luck Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] 3c509 and DHCP
Hi At 12:09 24.03.2002 -0800, you wrote: Greetings! I have a box running the latest release of Bering and it works fine with some old NE2000 clone cards. However, I'm running out of these cards but have a good supply of 3c509b cards so I tried swapping them out and enabling the proper driver. ... Is there something peculiar about these cards and dhclient? I found that the 3c509 has it's own mind which ethxx it wants to be. So whatever you may think is eth0 it might not be. Try swapping the cables. regards Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Leaf-user digest, Vol 1 #746 - 4 msgs
At 12:15 21.03.2002 -0800, you wrote: Message: 3 Date: Thu, 21 Mar 2002 13:35:57 -0600 (CST) From: w [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Leaf-user] dnscache/tinydns for dhcp aquired dns servers Hi, I have a question I hope someone can help me with. Here goes: I'm running dachstein on a 1722K floppy, with dhclient.lrp, dhcpd.lrp, daemontl.lrp, tinydns.lrp and dnscache.lrp. Currently I'm in the testing phase, but I hope to use this setup in a couple of situations soon. Question: DMACHINE, (Better know as my dachstein 233MHZ machine), uses the dhclient to obtain an IP for it's eth0 interface. Also in the lease information, is the external DNS server IP(s). Normally, the dhclient would update /etc/resolv.conf with this DNS information, but I've turned this functionality off, and instead have an resolv.conf entry point to my eth1 interface, on which dnscache is running. dnscache uses tinydns, (running on the loopback interface), for my internal network DNS resolution. I would like dnscache to use the DNS server IP(s) in the lease information for external resolution, (without manually updating the configuration). One way to do this is to update /etc/dnscache/env/DNS0 (or /etc/dnscache/env/DNS1) after the dhcplient lease has been aquired, and start/restart the dnscache server. Is something like this functionality already implemented? Much thanks guys and gals Will Add something like echo $new_ip_address /etc/dnscache/env/DNS0 to your /etc/dhclient-exit-hooks file and restart dnscache HTH Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] 4 NIC LRP -Dachstein CD- only one internal IP forwards to internet
Hi folks Charles commented the following At 11:43 07.03.2002 -0800, you wrote: Make sure you've added all your internal networks to the INTERN_NET variable in /etc/network.conf. If that's not the problem, we'll need more information about your firewall setup, including network.conf settings, and the output of net ipfilter list I tried to find documentation on multiple internal interfaces but failed. I just found the network.txt file on lrp.steinkuehler.net/files/packages/network.txt. Could anyone please clarify the format of INTERN_IF INTERN_NET INTERN_IP for more than one internal interface Thanks Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Leaf-user digest, Vol 1 #707 - 14 msgs
Hi Charles At 02:21 08.03.2002 -0800, you wrote: Finally, as a constructive suggestion, does anyone think it would be useful if all ipchains rules where built up in one place in the config, and it was all done in a more 'tabular' fashion, so that rules could be added easily, and options such as logging for some of the defaults could be easily switched off. Probably, but it would take a lot of work. Are you volunteering? I am in the process to propose a little LEAF base VPN here. I might find some spare hours to look into it. I might just list the ipchains/ipmasqadm commands as they are built by the ipfilter.conf. I am pretty sure this will still fit on the floppy. Could anyone suggest a superset of rules which will just be pumped through the firewall set up script. Instead of executing the rules we could just dump them into a file and then see where we get. This should us a good idea how deep we will have to wade. Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Dachstein CD VPN with X.509 Certs howto
Hi William Craig, It's now available as part of the Patch Manager tracker. Scroll down to the bottom of the page, and you'll see a link to download the Vpndachw.doc file. I hope this helps. It might help Craig but unfortunately not everybody has an account at sourceforge. Would it be possible to publish in a public place. If not would you mind sending me a copy of the word document, I might be tempted to transfer it to .pdf as this is a more portable format. Thanks a lot Erich [ 525202 ] Dachstein CD VPN using X.509 Certs http://sourceforge.net/tracker/index.php?func=detailaid=525202group_id=137 51atid=313751 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Leaf-user digest, Vol 1 #672 - 12 msgs
At 12:06 23.02.02 -0800, you wrote: Message: 8 Date: Sat, 23 Feb 2002 07:36:15 -0800 (PST) From: Eric House [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Leaf-user] How do packages install symlinks in /etc/rc?.d/ ? PS My package updates local DNS to include the names of local hosts granted dhcp leases. The init.d script exists only to add a line to /etc/crontab. If there's a better way to do that please let me know. I was wondering if it was not worth giving those local hosts fixed addresses using the MAC address in dhcpd.conf. That way you may save yourself the trouble of updating the IP addresses in DNS. The addresses of most local hosts will normally not change that frequently. Just my 2 cents Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Re: Leaf Mail Command
Hi Simon Simon Bolduc wrote the following at 18:58 06.02.2002: Seems that Rogers is using ESMTP as the protocol - which isn't really POP before SMTP (as far as I can tell at least) - using a program called postie I am able to mail via a command line - without telling it what my pop server's address is. So I guess I'll just scp the necessary log files over to my server - and have it do the mailing - oh well not as efficient as it was - but at least it'll work. S ESMTP is an extension to SMTP. Normally an ESMTP capable server supports SMTP. You can check on the server like luna telnet luna 25 Trying 194.124.158.50... Connected to luna.think.ch. Escape character is '^]'. 220 luna.think.ch ESMTP Sendmail 8.12.0/8.12.0; Wed, 6 Feb 2002 21:49:28 +0100 ehlo jupiter 250-luna.think.ch Hello luna.think.ch [194.124.158.50], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH DIGEST-MD5 CRAM-MD5 250-STARTTLS 250-DELIVERBY 250 HELP mail from: [EMAIL PROTECTED] 250 2.1.0 [EMAIL PROTECTED] Sender ok rcpt to: testuser 250 2.1.5 testuser... Recipient ok data 354 Enter mail, end with . on a line by itself test . 250 2.0.0 g16KnSbV004853 Message accepted for delivery quit 221 2.0.0 luna.think.ch closing connection Connection closed by foreign host. this is a ESMTP session. If your server supports this, then you can find a host of applications which will do that for you on the net. The normal *X mail command is a frontend to sendmail which will do (E)SMTP for you, but a full fledged sendmail distribution is way too big for a floppy based machine. have a look at http://www.engelschall.com/sw/smtpclient/ this might fit on a LEAF machine regards Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Leaf Mail Command
Hi Simon [EMAIL PROTECTED] wrote the following at 20:47 05.02.2002: Date: Tue, 5 Feb 2002 11:52:13 -0800 (PST) From: Jack Coates [EMAIL PROTECTED] To: Simon Bolduc [EMAIL PROTECTED] Cc: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [Leaf-user] Leaf Mail Command If it is POP-before-SMTP like Jack suggests then authentication using small tools would be quite easy. You can check on the protocol with telnet luna telnet foodle 110 Trying xxx.xxx.xxx.xxx... Connected to foodle.xxx.xx Escape character is '^]'. +OK Qpopper (version 4.0.3) at foodle.xxx.xx starting. user testuser +OK Password required for testuser. pass foodle +OK testuser has 2 visible messages (0 hidden) in 1289 octets. quit +OK Pop server at foodle.xxx.xx signing off. Connection closed by foreign host. This little sequence is all it requires to authenticate against POP. regards Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] Hardware router Linux look-alike
Hi folks Maybe it's worth to hava a look at http://www.fli4l.de/e_index.htm They apparently did quite a good job on the config stuff using a GUI client, maybe it's adaptable Date: Sun, 03 Feb 2002 23:31:45 -0800 From: Matt Schalit [EMAIL PROTECTED] Subject: Re: [Leaf-user] Hardware router Linux look-alike To: [EMAIL PROTECTED] Stewart Adey wrote: Does anyone know how _HARD_ it would be to create an interface like so many commerically available hardware routers on the market? Start small. There's nothing wrong with learning how to shell script. Btw, David has mentioned a few times that his menu configuration system is almost done. You can use his dialog.lrp to make menus. And there's Xdialog I think to for remote usage. regards Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: hn.org and domain names
Hi Paul At 20:58 29.01.2002 -0800, you wrote: Message: 5 From: Paul Rimmer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Tue, 29 Jan 2002 17:58:16 -0700 Subject: [Leaf-user] hn.org and domain names This is a bit off topic but I'm desperate for some help. I finally purchased a domain name through godaddy.com, ronin-tech.com (recommended at hn.org). I then created a vanity and virtual domain mapping acount at hn.org. hn.org gave me delegated servers which I entered at godaddy.com (ns1.hn.org and aux1.hn.org). When I log into my account at godaddy it shows these two machines as the name servers. I am hoping to use HN's services to map my domain to my dynamic ip-address (see http://hn.org/www/overview/virtual/). If I understand that correctly then they only provide vanity dynamic dns which means your ronin-tech.com entry would need to be spelled something like bash-2.03$ nslookup ronin-tech.hn.org Server: sunix Address: 10.10.0.10 Non-authoritative answer: Name:ronin-tech.hn.org Address: 24.67.74.14 Maybe that is what you are looking for. Ror REAL dynamic DNS you may have a look at zoneedit.com. They provide dynamic DNS with your real domain name. regards Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
Re: [Leaf-user] dhcpd.leases
Hi David At 18:26 28.01.2002 -0800, you wrote: Message: 3 From: david goodrich [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Mon, 28 Jan 2002 19:28:52 -0600 Subject: [Leaf-user] dhcpd.leases Is there a dhcpd.leases or equivalent file where I can determine which computers have leased which ip's? one would /think/ something like this exists, but I can't find it... I'm running dachstein 1.0.2 floppy, w/ the included dhcpd. Thanks. -david Look into /var/state/dhcp Erich THINK Püntenstrasse 39 8143 Stallikon mailto:[EMAIL PROTECTED] PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16 ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: OT: ssh keys
Hi [EMAIL PROTECTED] wrote the following at 14:54 26.01.2002: Message: 12 Date: Sat, 26 Jan 2002 04:57:29 -0800 (PST) From: Charles Baker [EMAIL PROTECTED] To: leaf-user [EMAIL PROTECTED] Subject: [Leaf-user] OT: ssh keys I generated a ssh key on a machine behind my lrp box and placed that key on a remote machine so that I could do key-based authentication instead of password authentication. However, when I try to ssh to the remote box, it doesn't recognize me, the host names don't match because the connection is masqueraded as coming from the lrp box. Suggestions? I have not seen a situation yet where the IP played any role, as authentication is based on the key. I am using Putty on a Wintel box as client from almost anywhere with the same key and never had a problem. I guess you should check the traffic to/from port 22 first, then look at the authentication log on the host. HTH Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: How to add hub functions into Dachstein floppy versionfirewall?
I am a newbie to Linux firewall. I downloaded the Dachstein image and = installed in a P100 PC with 64MB RAM and two Linksys Ethernet cards. = Every thing works fine connecting to a DSL modem on one end and my home = PC on the other end of the firewall box. I have two spare 3Com 3C509B-TPO Ethernet ISA cards. I want to add the = 3Com cards to the Linux firewall and have the one Linksys card and two = 3Com cards working as a Hub. This way I can have a local three = computers network that can talk to each other and share one ISP IP = address for Internet access. That's what I use mine for, just add the cards, add the various ethxx entries to network.conf add the necessery subnets( because it is not a hub but a full fledged router). Don't forget the dhcpd process. It has to service all the subnets/interfaces. I have a cable modem uplink which works just like a bridge, while you probably have PPPoE uplink, but this makes no big difference. My set up is a an old Dell with a 3C509 on board, 2 3C905 on the ISA bus and a realtek based ne200 clone on PCI. It works fine off single floppy with 32 MB Memory. Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Leaf-user digest, Vol 1 #567 - 11 msgs
At 20:06 20.01.2002 -0800, you wrote: Date: Mon, 21 Jan 2002 00:34:25 +0100 From: Ewald Wasscher [EMAIL PROTECTED] To: Tom Atwater [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: [Leaf-user] Updating port forwarding with dynamic IP Tom Atwater wrote: snip There is a newer Dachstein-PPPoE package available here: http://leaf.sourceforge.net/devel/khadley/ The current problem I have is this: When Earthlink updates the dynamic IP, the LRP box does not update the port forwarding from address with the new dynamic IP. That's wierd. That means that the firewall rules aren't reloaded (or there is a bug in the firewall scripts). So the web and ssh servers are no longer accessible from the outside. If I reboot the LRP box, everything is fine, but that is a manual process, and naturally I want it to be automatic. I know what the LRP commands are to update the from IP for port forwarding: # Get new dynamic IP EXT_IP=`/sbin/ip addr show dev ppp0 | grep inet | cut -f2 -d' '` # Clear old port fwd entries /usr/sbin/ipmasqadm portfw -f # Add entries with new dynamic IP /usr/sbin/ipmasqadm portfw -n -a -P tcp -L dynamic_ip 22 192.168.1.200 22 /usr/sbin/ipmasqadm portfw -n -a -P tcp -L dynamic_ip 80 192.168.1.200 80 If you use the Eigerstein builtin firewall you should reload/restart the firewall like this: svi network ipfilter reload I don't know about Eiger...(actually there is no mountain called Eigerstein ;-) ) but on Dachstein this is normally done in the dhclient-exit-hooks, so it is automatic. Maybe you want to debug what your dhclient does when the address changes. Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
[Leaf-user] Re: Leaf-user digest, Vol 1 #552 - 4 msgs
Hi [EMAIL PROTECTED] wrote the following at 21:13 16.01.2002: --__--__-- Message: 2 Date: Wed, 16 Jan 2002 18:30:11 + (GMT) From: =?iso-8859-1?q?Alex=20McLintock?= [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: [Leaf-user] blackholing at the ISP? how to diagnose? Hi Folks, I am after advice because my first DachStein (floppy) installation is stuck. I am not getting any response from my ISP except for the initial DHCP I had some problems getting the D-Link 528's to be recognised but that was because I thought they were tulip based (like other later D-Links). They required pci_scan, ne2k_pci, and 8390 to all be enabled/uncommented. My Internet provider is NTL:Home which is a UK based cable company. I know that that is working to some extent because I can get it working with a single windows98 box. I can configure it with DHCP and bobs your uncle. I then got DachStein DENYing absolutely everything that tried to leave the box. Happily a document on the sourceforge site gave me a clue. It said there was a single line in the Eiger network.conf file which denied any access when the external IP address was a local one such as 192.168.X.X or 10.X.X.X etc. Hooray says I. I have been getting addresses in the 10. range from my ISP. So I edit the file (1, 2 in lrfg) and find not one, but three lines which mention DENY and 10. ip address ranges. I comment them all out. So now I have a firewall which doesn't DENY packets going to the outside world but it doesn't seem to do anything with them. If I log in to the box and try pinging the outside world (eg ping www.yahoo.com or ping 22.22.22.22 ) I get no response, 100% packet loss. Any idea on what I should do now? I can't see any kind of traceroute function on the standard DachStein installation. Is that what I should look for? 1) I would try to find out the current status of your box, ip link | addr | route show will do nicely. If everything looks right then 2) switch off all firewalling and see what you get 3) look at the log files You should be able have some kind of diagnostic that way. regards Erich ___ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user