Linux-Networking Digest #978, Volume #9 Sat, 23 Jan 99 18:13:32 EST
Contents:
Re: IPCHAINS package - where is it ? (Mark Hahn)
Samba Setup (Scallica)
Kernel Mailing List ("Jose Antonio C. Baduria, Jr.")
LINUX, 3COM ImpactIQ, ISDN, etc, etc, etc... (Keith Tucker)
Re: demand dialing with pppd ("[EMAIL PROTECTED]")
Re: Networking problem -SOS (autodata)
Re: Getting through the masquerade? (Daniel Wilson)
A trip down memory lane... ("Nick Sharratt")
Re: ipfwadm forwarding versus paired input/output rules (Bernd Eckenfels)
Re: TCP wrappers busted my mountd? ("Steven J. Hathaway")
ppp-server problem ("tim")
Re: Newbie: question about for kernel update for PCI NE2000 Redhat4.2 (Tobias Frech)
Re: Linux Dial Upon Demand Internet Server (James Wenger)
Re: Setting up RH 5.2 for ip_forwarding (Tommy Wareing)
Re: DHCP and DNS (again) ("Steven J. Hathaway")
----------------------------------------------------------------------------
From: Mark Hahn <[EMAIL PROTECTED]>
Subject: Re: IPCHAINS package - where is it ?
Date: 23 Jan 1999 20:09:17 GMT
> I'm searching for the IPCHAINS package - I got to
> http://www.adelaide.net.au/~rustcorp/ipfwchains/ipfwchains.html but all the
> links from there appear to be broken. I've also scanned various archive
> sites as well with no luck. Can someone provider a pointer ?
a little guessing yeilds:
ftp://ftp.starshadow.com/pub/rustcorp/ipchains/
I infer that Paul Russell tried to move the tree to a US web site,
which appears to be less than functional...
------------------------------
From: [EMAIL PROTECTED] (Scallica)
Subject: Samba Setup
Date: 23 Jan 1999 20:56:01 GMT
Hey,
I have Samba 2.0 running on Redhat 5.2. I can see my computer in Network
Neighborhood in Win 95, but I cannot see any of my shares. I defined them
properly in my smb.conf file. I am not sure what else to do. Any suggestions?
Thanx.
------------------------------
From: "Jose Antonio C. Baduria, Jr." <[EMAIL PROTECTED]>
Subject: Kernel Mailing List
Date: Mon, 18 Jan 1999 08:20:59 +0000
Hello,
Does anyone know how to be part of the Kernel Mailing List. I have
been waiting for the release of
Linux 2.2 and would like to be informed about it.
Thanks
------------------------------
From: Keith Tucker <[EMAIL PROTECTED]>
Subject: LINUX, 3COM ImpactIQ, ISDN, etc, etc, etc...
Date: Sat, 23 Jan 1999 15:20:21 -0600
OK, I am going to take the plunge into ISDN land. I want to be able to
set up my Linux (2.0.30) box to have a connection to my ISP through a
3COM ImpactIQ external TA (connected to a on-board serial port), and use
the linux box as a WEB server, POP 3 server, as well as a masquerading
box for a couple of other Windoze machines connected to it through
ETHERNET. I am also planning to use the 3COM TA to provide my voice
lines in the house. I was going to use a PIPELINE 75, but my ISP that I
plan to use recommended against it saying that they use 3COM equipment
and they have had not to good results with the Ascend stuff. Anyway,
after reading several posts on this NG, I have come to the conclusion
that getting the 3COM unit to work with Linux using mlppp is somewhat
iffy. I would appreciate any advice, criticism, help, whatever, about
doing this from people who have experience doing this with the
aforementioned stuff. If anyone can point me to any good documentation,
that would be great. Thanks in advance.
Keith Tucker
[EMAIL PROTECTED]
------------------------------
From: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.setup
Subject: Re: demand dialing with pppd
Date: Sat, 23 Jan 1999 13:42:28 -0800
Demand dialing requires pppd version 2.3.5
Juergen Fiedler wrote:
>
> Hello,
>
> I have Slackware 3.6 with pppd 2.2, pl 0. I set my ppp connection up
> with pppsetup. This created a ppp-up file that takes a -d option to run
> pppd in dial-on-demand mode.
> In that mode, pppd uses the following option file:
>
> >-------SNIP-------<
> lock
> defaultroute
> noipdefault
> modem
> /dev/cua1
> 57600
> crtscts
> debug
> passive
> asyncmap 0
> name "abcdefg"
> ipcp-accept-local
> ipcp-accept-remote
> 0.0.0.0:10.10.10.10
> demand
> connect "/usr/sbin/chat -v -f /etc/ppp/pppscript"
> >-------SNIP-------<
>
> Now, if I run 'ppp-go -d', pppd complains about an unknown command
> 'demand' - and probably rightfully so, since this option is not
> mentioned in the pppd documentation. Is there a newer version of pppd
> that would support this option. Or am I completely on the wrong track?
> Should I just forget it and try to set up diald?
>
> TIA,
> Juergen
------------------------------
From: autodata <[EMAIL PROTECTED]>
Subject: Re: Networking problem -SOS
Date: Sat, 23 Jan 1999 10:18:00 -0600
Reply-To: [EMAIL PROTECTED]
Thomas:
Check out ...
http://www.eunuchs.org/linux/samba.html
... this is an excellent article. There are only two things it does not
address:
1. a change you must make to your /etc/rc.d/init.d/smb. (change the line
daemon nmbd -D
to..
daemon nmbd -D -G your-group-name)
2. Make sure you set the rights on any shared directories
It may not be a problem, but you want to set up a Class C network, and the
IP addresses you are tryinmg to use are outside the typical Class C ranges.
My systems have Class C IP addresses starting at 192.168.1.1 etc.
Gerald Jensen
Thomas Chai wrote:
> Hi,
> I have recently bought 2 network card 3COM - 3c509 for my 2 machine
> one running Windows98 and one running Linux ver 2.0.29. I installed both
> network cards in the respective machine and everything seems ok. Since I
> have only 2 machine instead of buying a hub to connect the machines, I
> crossed a Cat 5 UTP cable. (pin 1-3 and 2-6).
>
> I setup the following network....
> Win98 IP : 192.9.201.2
> Netmask : 255.255.255.0
>
> Linux IP :192.9.201.1
> Netmask :255.255.255.0
>
> my problem is that they can't talk to each other....but the weird thing is
>
> when i ping from my Win98 machine, I get no response...but when I do
> arp -a.....the ethernet address for Linux machine seems to corresponce to
> the network card at Linux machine....
> But if I do it the other way around....ie ping from linux and not getting
> response, and arp -a shows ethernet address 00:00:00:00:00:00 for my Win98
> network card.....
>
> Can someone please tell me what's wrong with my config? I know the card is
> alright and the cable to...(i guess)
>
> Thomas
------------------------------
From: Daniel Wilson <[EMAIL PROTECTED]>
Subject: Re: Getting through the masquerade?
Date: Sat, 23 Jan 1999 21:45:11 +0000
[EMAIL PROTECTED] wrote:
>
> Hi,
>
> Our local university has just connected some of the living areas for students
> close to the university to internet through 10 Mbit ethernet, which imho is a
> really great thing to do. ;)
>
> But the downside of it that they are using some kind NAT to masquerade all of
> our ip-addresses.
>
> I do however have access to real ip-adresses outside the masqueraded network,
So you have machines on the internet with real IP's that you can use ?
> and am wondering if it would be possible to tunnel the traffic to thoose
> ip-addresses to my "behind that boring firewall" network.
>
> If it hadn't been for the masquerading the task of tunneling ip-adresses would
> be next to trivial, but now it isn't.
>
> Is there some kind of software or magic setup thing that can open a
> connection from my computers to a computer outside the firewall and then
> tunnel back to me?
>
> BTW, I have spooken to the admin on our site and they have no problems with me
> messing around.
>
> I have some spare computers with multiple ethenet cards, so putting up some
> kind of router would be no problem.
>
> Any suggestions would be welcome .... ;)
>
> /N
I was connected in a similar way to my university network. However, we
had real IP's not masqueraded ones. Usually masqueraded IP's will be in
the internal ranges (192.168., 172.16., and 10.). It could be that your
admin just has a firewall set up to deny UDP through, which is what we
had. The only reason we had to let UDP through was for games, such as
quake. The quake proxy is able to encapsulate UDP in TCP providing you
have a remote participating site, so thats how we got round that one
(credit to Greigg if he's reading this...)
I expect all you really need is a bit of software that will do this
encapsulation for you, unfortunately I do not know of any such software
:( Its probably not that hard to write, given the correct knowledge
that is.. You'd probably want to have a linux machine set up aside from
your own machine, set that linux "router" as your default-route gateway
on your own machine.
How you would get that linux box to do the required tunnelling is beyond
me I'm afraid :(
If you do have any success of get any further with this, please drop me
a mail cos I expect it would come in useful when I move back to uni next
year ;)
Regards,
*********************************
Daniel Wilson
------------------------------
From: "Nick Sharratt" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.linux.misc,comp.os.linux.portable,comp.os.linux.powerpc,comp.os.linux.setup
Subject: A trip down memory lane...
Date: Sat, 23 Jan 1999 21:48:26 -0000
giskard wrote in message
>Things like open, save and save as are common terms to us but totally
confusing to a beginner.
*L*...was glad to read this, as it reminded me of using a Commador (geesh,
can't spell it now!) PET (8K, tape storage, great fun *reminiscent rye
grin*), and finding that the command to keep my carefully written 'hello
world' program for posterity was 'SAVE'...the fun I had with SAVE"ME", and
SAVE"THE-WORLD", mind you, I was only 13(ish) ;-)
Flippancy aside, its good to remember back to those days now I have to teach
people who've never touched a computer before, and you're comment will
probably mean I'll be a little more tolerant of their errors and questions
for a few days at least!
------------------------------
From: Bernd Eckenfels <[EMAIL PROTECTED]>
Subject: Re: ipfwadm forwarding versus paired input/output rules
Date: 23 Jan 1999 22:27:33 GMT
Leon Harris <[EMAIL PROTECTED]> wrote:
> It seems to me that everything that this ruleset can accomplish (except
> masquarading) can be accomplished with a pair of
> ipfwadm -I and ipfwadm -O rules. Could anyone please clarify this for
> me?
Yes you are right, as long as the routing table does not change.
> As I understand it, -I rules look at a packet before it enters an
> interface, -O rules determine whether it is allowed to leave a
> particular interface. Do forwarding rules operate at the level of a
> particular interface, or upon some kernel structure? If not, what is the
> precedence of the rules.
They operate on the destination interface for every packet which is not
accepted by the host itself. This means it is basically the same to deny a
packet in an -I rule (if is not destinated to the host itself) or in an -F
rule.
If you do redirection or masquerading or binding to foreign addresses
(transparent proxy) this is a bit more complicated.
Greetings
Bernd
------------------------------
From: "Steven J. Hathaway" <[EMAIL PROTECTED]>
Subject: Re: TCP wrappers busted my mountd?
Date: Sat, 23 Jan 1999 14:33:26 -0800
Have you read the documentation for "nfsd" because "mountd" us used
to mount resources that are shared via nfs. For security reasons, you
may also wish to filter, via command line, the resources that are
shared.
If you are trying to share to a PC based NFS product instead of
unix/linux
based products, you may also need another authentication program suchas
pcnfs, hclnfs, bwnfs, or other that can authenticate a pc to unix
userid.
- Steve Hathaway
David J. Topper wrote:
>
> Hey folks,
>
> I just set up a MOSTLY CLOSED tcp wrapper schema. Now my machines can't
> mount? But I thought mountd had nothing to do with wrappers. Besides
> that, I have all the machines that need to talk to each other defined in
> /etc/hosts.allow.
>
> I CAN telnet between all the machines.
>
> ?
> (804) 924-6887
------------------------------
From: "tim" <[EMAIL PROTECTED]>
Crossposted-To: alt.os.linux,aus.computers.linux,comp.os.linux.misc,comp.os.linux.setup
Subject: ppp-server problem
Date: Fri, 22 Jan 1999 21:32:22 +0100
Hi !
I installed a linux-dialin-server and started a connection from a win95-pc.I
can get a connection and log in, but I am not able to ping the ra-server
from windows dos-box and vice versa and so I am not able to start a ftp to
the server to down- or upload files. I tried nearly everything to get rid of
the problem, but I can't see the point.
/etc/ppp/options :
lock
115200
crtscts
modem
debug
/etc/ppp/dialin :
silent
auth
+chap
-ipx-protocol
200.1.1.1:200.1.1.2
proxyarp
-defaultroute (tried it also without this)
/AutoPPP/ - - / usr/sbin/pppd file /etc/ppp/dialin
(in /etc/mgetty+sendfax/login.config)
The kernel has IP-Forwarding compiled in
I'm using S.U.S.E. 5.2
I tried to get help earlier in a different newsgroup, but got no help
Every help is welcome
Thanks in advance
Tim
------------------------------
From: Tobias Frech <[EMAIL PROTECTED]>
Subject: Re: Newbie: question about for kernel update for PCI NE2000 Redhat4.2
Date: Sat, 23 Jan 1999 23:44:20 +0100
Hi Maarten!
You can mount FAT-Partitions from Linux. So you can access them like a
normal subdir.
Do "man mount"
probably you have to do something like
mount -t vfat /dev/hda1 /mnt
This will mount the first partition to the subdir /mnt.
I can't remember which option determined the partition type, use (vfat,
msdos or fat). I guessed -t here. Have a look in "man mount".
Hope it helped a bit.
Ciao, TobiF
Maarten Sanders wrote:
>
> Hi everyone,
> I am an absolute newbie on Linux (so I write this under Win) and a
> have a problem to which I cannot find an answer. I borrowed a Redhat
> 4.2 cd and managed to install Redhat 4.2 and LILO. The problem is
> that I need an updated kernel (redhat4.2 comes with 2.0.30) to get my
> NIC working. The problem is that I download (under Win) an updated
> kernel but it is over 2 MB, kernel-2_0_36-3_i386.rpm. I have not a
> clue how to get this file on my linux partitions. (Where should I put
> it anyway?)
> How to solve the problem above?
> Kind regards,
> Maarten Sanders.
> P.S. If possible I would like to receive a copy any answer also by
> mail.
>
> ===========
> sending mail? remove .nospam from my e-mail address
------------------------------
From: James Wenger <[EMAIL PROTECTED]>
Subject: Re: Linux Dial Upon Demand Internet Server
Date: Fri, 22 Jan 1999 12:41:36 +0000
Jay,
did you install the docs, howtos etc?
if so, there is a mini howto
(/usr/doc/HOWTO/unmaintained/mini/Dial-On-Demand) and an IP Masquerade
(/usr/doc/HOWTO/mini/IP-Masquerade) that I found useful in setting up a
similar wingate replacement.
Hope that's some use
-James
Jay Bramble wrote:
>
> Ok, I am a moron when it comes to Linux. Just starting to really use it
> and I need help from all of you Guru's.
>
> I have set up a second machine that is running RedHat 5.2. My first machine
> is a WinSlows 98 machine. I have Samba running with out too much trouble
> (share access, not user access).
>
> My Linux box is a P-166 with 98Mgs of memory (lots of it) and (1) 1.2 Gig
> IDE (NT Server), 85Mg IDE(Root) and (4) 1.5 Gig SCSI-2 drives. /usr,
> /user/local, /home, /arcs.
>
> What I want to do is move my 56k modem to my Linux box and have it be my
> dialup connection. I am using Wingate on my 98 machine now, so my son and
> daughter can use their machines on the net, but I have to start the dial up
> process on my 98 machine.
>
> How can I get Linux to do this automatically?
>
> I know this is a BIG question..........
>
> In case you are interested, I run NT Server on this box too. Dual Boot.
> To play and figure out how to get it to be a DNS, DHCP and RAS box.
> But mainly I use it and my kids machines as a Rendering Farm for a piece of
> RayTrace Animation software called LIGHTWAVE. Using Screamer Net I can have
> 4 CPU's processing the animations instead of just 1 CPU. Really cool and
> FASSSST....
--
------------------------------
From: [EMAIL PROTECTED] (Tommy Wareing)
Subject: Re: Setting up RH 5.2 for ip_forwarding
Date: Fri, 22 Jan 1999 11:51:48 GMT
On Fri, 15 Jan 1999 00:32:27 GMT, [EMAIL PROTECTED] wrote:
>What do I put in my /proc/sys/net/ipv4/ip_forward file to enable
>ip_forwarding. I have a handy text editor, joe, for editing this.
>
>Also, it appears that one of the rc script files is set up to read this file.
>Do I need to do anything more to this file?
I'm quoting RedHat 5.1 (but I presume 5.2 works the same), from
memory, so caveats apply, but I'm sure a little application of the
obvious will correct my faulty memory.
if you look in /etc/sysconfig/network you'll find a line which reads
IPV4_FORWARD=NO
change the NO to YES
This is read by one of the rc scripts which obligingly the does the
"echo 1 > /proc/..." for you.
--
Tommy Wareing
Database Administrator
MIS Group
Learning Resources
Oxford Brookes University
01865 483372
------------------------------
From: "Steven J. Hathaway" <[EMAIL PROTECTED]>
Subject: Re: DHCP and DNS (again)
Date: Sat, 23 Jan 1999 14:50:11 -0800
Placing a forwarding directive in the corporate DNS is not the answer.
This will usually tell your corporate DNS to forward ALL UNRESOLVED
DNS queries to your local server, whether they be for your domain or
not.
Hopefully your local DNS server is a subdomain off of your parent
corporate domain. Then you can have your corporate network
administrator
place an NS resource record in the corporate DNS pointing to your local
DNS to resolve addresses related to your local subdomain.
$ORIGIN parent.com
department IN NS localdns.department.parent.com.
localdns.department.parent.com IN A 192.168.43.3
; Note that the A address is glue for the parent to keep NS happy.
; If the NS nameserver is not underneath the "parent.com" domain, then
; the A record is not required and can be resolved by forwarding the
; query toward the Internet root servers.
You are responsible then to manage the "localdns.department.parrent.com"
that is serving DNS resolution for the parent to subdomain
"department.parent.com."
Note: this may also cause some security conserns with your corporate
management
in that your local addresses may be browsed by Internet hackers as a
quick
way to find computers to attack.
Some sites have what they call a public DNS that is known to the world,
and a private DNS that resolves workstation and device addresses within
the department or corporation. Local DNS is often protected by residing
inside firewalls and allow block transfers only to authorized servers.
- Steven J. Hathaway
Stephen Carville wrote:
>
> Is it possible to have a DNS server forward a request to another
> server? Specifically, I want the primary DNS server for my company to
> forward unresolved requests for our local domain to the DHCP server
> which will also be running named. This way I can keep the database on
> the DHCP server up to date but update the primary server at longer
> intervals -- maybe once per day. From RTing the FM this _looks_
> possible (using the forwarding directive?) but my experience with DNS
> is too limited for me to commit to it.
>
> It requires over two minutes for our primary DNS server to reload the
> database so updating it every few minutes is not an viable option.
>
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
