Linux-Networking Digest #867, Volume #9 Wed, 13 Jan 99 08:13:48 EST
Contents:
Re: NT and Samba problem ("Jonas")
Re: need better info on settting up SAMBA ("Glenn Davy")
Re: Lunux questions ("Glenn Davy")
telnet ("Glenn Davy")
Re: Asuscom ISDNLink I-IN100-ST-DV (Andreas Hinz)
Re: routing problem (Brian McCauley)
Re: Firewall/Routing question (Brian McCauley)
Re: ip-up problem (Larry Rivera)
Apache SSL and libdbm (Eric Mosley)
Re: Apache 1.3.3 - multiple cgi-bin/ dir's without ScriptAlias? (Brian McCauley)
Re: How to setup routing? (Brian McCauley)
Re: Email server for Linux (Duncan Simpson)
Re: Does anyone play net Quake2? (jasonvp@@m1ndspr1ng.NOSPAM.com)
Re: Problem w second NE2000 card (Rob van der Putten)
----------------------------------------------------------------------------
From: "Jonas" <[EMAIL PROTECTED]>
Subject: Re: NT and Samba problem
Date: Wed, 13 Jan 1999 13:07:29 +0100
I had the same problem and I gave up and dissabled encypted passwords on my
NT mashine and now it works just fine.
/Jonas
------------------------------
From: "Glenn Davy" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc,comp.os.linux.setup
Subject: Re: need better info on settting up SAMBA
Date: Wed, 13 Jan 1999 22:48:46 +1100
So how far have you got? I'm a bit of the same mind as you but I've got
through a few samba networks.
Forgive me if my references to howtos aren't quite correct as I'm drudging
from memory here:
1) Get NIC going - checkout ethernet how to and NET3
2) Make sure IP's going, can you ping your self?
3) Make sure hosts and networks file ok.
4) Setup routing table - Of all the crap I've read on routing the linux
howto is by far the one that made the most sense. It even enabled me to get
the novel routing going which the novel manuals couldn't help me get!
5) Make sure other machine(s) is connected etc and runing TCP/IP and you can
ping each other
6) Get samba package. I've only played with 1.18something. I believe 2 is
out now.
7) Compile and install. With NT there are issues relating to encrypted
passwords. Make sure you read the various files that are included with samba
8) Edit /etc/smb.conf and do lots of reading. This file sets up your shares
among many other things
9) run smbd -D and nmbd -D
10) See if NT can see shared resources
I hope I haven't forgotton any stages. You may have to play with the
smbpasswd file/command.
11) Buy a Mac and install Netatalk, just for kicks ;^)
Hope this helps
Glenn
------------------------------
From: "Glenn Davy" <[EMAIL PROTECTED]>
Crossposted-To: alt.linux,alt.os.linux,hk.comp.os.linux,tw.bbs.comp.linux
Subject: Re: Lunux questions
Date: Wed, 13 Jan 1999 23:02:50 +1100
As best I know (and keen for anyone to improve my understanding here)
>bin --------------- binaries (programs/commands) go here
>dev -------------- device files. The 'filename' the sw referes to when
writing to a device e.g. a Serial port might be ttyS1, master hard drive
hda
>boot ------------ ??
>etc ------------- Configuration files
>home ---------- your users place on the hard drive, e.g. /home/glenn is
where I would store my shit on your system.
>lib ----------- ???? I think where library files (equiv to microsofts dll's
live)
>lost+found --------- ????
>mnt ------------ a convenient place to mount drives eg. mount /dev/fd0
/mnt -tMSDOS may mount a dos formated disk inyour 'A:" drive
>proc --------- This is cool fun. Info re all your processes live here as
does all sorts of revealing info about your system - the kind of things
nortons used to tell us dos users
>root -------- ?????
>sbin ---------- Secure binaries. Programs used only by root not any other
users
>tmp ---------- ??????
>usr -------------- Software packages available to users generally go here -
I have Apache, Netscape, MySQL, SAMBA off the top of my head
>var -------------- Where things that vary in size regularly go. Spools for
printers and other devices, mail boxes, news like this etc.
Hope this is a start
Glenn
------------------------------
From: "Glenn Davy" <[EMAIL PROTECTED]>
Subject: telnet
Date: Wed, 13 Jan 1999 23:04:28 +1100
Can anyone tell me how to change the terminal emulation in telnet? Bottom
line is I need to emulate scoansi on some linux terminal. Any ideas?
Glenn
------------------------------
From: [EMAIL PROTECTED] (Andreas Hinz)
Crossposted-To: comp.os.linux.help,comp.os.linux.misc,uk.comp.os.linux
Subject: Re: Asuscom ISDNLink I-IN100-ST-DV
Date: Wed, 13 Jan 1999 08:16:53 GMT
On Mon, 11 Jan 1999 18:47:49 -0000, Tom Furie <[EMAIL PROTECTED]> wrote:
>
>According to the documentation, the card only works if the driver is
>installed as a module, but 'make *config' doesn't allow the option of
>loading 'hisax support for Asuscom' as a module.
>
This is what i have selected:
<M> ISDN support
[*] Support audio via ISDN
<M> HiSax SiemensChipSet driver support
[*] HiSax Support for EURO/DSS1
[*] HiSax Support for ASUSCOM cards
Using 2.0.35 patched to 2.0.36, isdn4linux-3.0beta1.
Check news://de.alt.compm.isdn4linux and
http://www.isdn4linux.de/download.php3 for more info.
--
Med venlig hilsen / Best regards
Andreas Hinz
------------------------------
From: Brian McCauley <[EMAIL PROTECTED]>
Subject: Re: routing problem
Date: Mon, 11 Jan 1999 23:55:38 +0000
Jan Stifter <[EMAIL PROTECTED]> writes:
> Vincent Zweije wrote:
> >
> >
> > Your [sic] not using reserved IP addresses will give you two problems:
> >
> > (1) The true owners of the masqueraded addresses will not be reachable.
> > This might be a real problem, as they are no doubt with the same ISP.
> >
> > (2) The true owners of the masqueraded addresses will be very unhappy
> > with you when packets leak out unmasqueraded.
> >
>
> I agree with these 2 points. I thought about the solution to use 192.168.*
> adresses but
> I would have then 2 IP-Ranges on my network:
> a.b.c.224 - 239 for servers (www, dns, mail, ...)
> 192.168.1.* (for clients)
> This will cause me a lot of routing trouble and I am not sure, whether this is
> possible in all the clients I have (WindowsNT, Mac, Linux, Unix, ...)
> If it is possible, can you tell me how?
It is possible. Just use IP alias to give the Linux box's ethernet
card a 192.168.1.* alias and allow the Linux box to route freely
between 192.168.1/24 and a.b.c.224/28. Client's default gateway
setting should point the the Linux box using whichever IP address is
local to them.
--
\\ ( ) No male bovine | Email: [EMAIL PROTECTED]
. _\\__[oo faeces from | Phones: +44 121 471 3789 (home)
.__/ \\ /\@ /~) /~[ /\/[ | +44 121 627 2173 (voice) 2175 (fax)
. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://www.wcl.bham.ac.uk/~bam/
###LL LL\\ (Brian McCauley) |
------------------------------
From: Brian McCauley <[EMAIL PROTECTED]>
Subject: Re: Firewall/Routing question
Date: 13 Jan 1999 12:22:56 +0000
[EMAIL PROTECTED] (Skeeter Hartwig) writes:
> I'm trying to set up a packet filtering firewall and have run into a
> small problem. I'll describe the setup first:
>
> I have three machines, *.*.40.77, *.*.40.78, and *.*.40.79. I'm using
> *.* here just to try to keep some privacy here, but the addresses are
> 'official' static IP addresses. Ok, it used to be that these three
> machines connected to the internet by using a gateway of *.*.40.1 ...
> What I am trying to do is set up a filtering firewall between those
> three machines and the old gateway. The new firewall machine I've set
> up has an IP of *.*.40.76. I've set up the other machines to have
> their gateway be this new machine, *.*.40.76 and the new machine then
> is the only one using a gateway of *.*.40.1. Here is a diagram of how
> the gateways are set up:
>
> (*.*.40.1) <-(to the internet)
> |
> (*.*.40.76) <-(new firewall machine)
> / | \
> (*.*.40.77) (*.*.40.78) (*.*.40.79) <-(machines behind new fw)
What OS is *.*.40.1 running?
Can we see its routing table please so that we can judge for
ourselves if this diagram is accurate?
Having a "firewall" that can be bypassed by software is a "Bad Thing".
--
\\ ( ) No male bovine | Email: [EMAIL PROTECTED]
. _\\__[oo faeces from | Phones: +44 121 471 3789 (home)
.__/ \\ /\@ /~) /~[ /\/[ | +44 121 627 2173 (voice) 2175 (fax)
. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://www.wcl.bham.ac.uk/~bam/
###LL LL\\ (Brian McCauley) |
------------------------------
From: Larry Rivera <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Crossposted-To: linux.redhat.ppp
Subject: Re: ip-up problem
Date: Wed, 13 Jan 1999 08:39:16 -0400
Jonas wrote:
>
> Hi
>
> I' trying to setup a Linux Router Project (LRP) using one NIC and a modem.
> I've figured out that my firewall rules should go in my ip-up script.
Firewall rules go in /etc/inet.d/network.sh and this can be accessed via
the LRP menu:
Linux Router Project -- configuration menu
1 ) Network settings
2 ) System settings
3 ) Package settings
b) Back-up ramdisk
h) Help
q) quit
============================================================================
Selection:
Select 1. Network settings to access the /etc/init.d/network.sh file.
Firewall rules can be found about 2/3 down the file. The /etc/ppp/ip-up
file is essential for (among other things) setting up routes on
serial/ppp lines after they come up. (ip-down reverses the actions of
ip-up)
> I use LRP and it's based on debian Linux. I'm more used to RedHat but I'm
> still very green on linux in general. In the ip-up script it says that the
> file shouldn't be changed, and that the changes should be made in ip-up.d
> directory.
I've never seen this before in LRP. Changes to the ip-up/down scripts
are also accessed via the menu above under selection 3 (Package
Settings) Of course you must have the package copied to your boot disk
(ppp.lrp, pslave.lrp, etc.) and specified in syslinux.cfg in order for
these options to be loaded at boot time and appear in the menu.
> in my /etc/ppp/ip-up it says:
> .....
> run-parts /etc/ppp/ip-up.d
Perhaps you should try using the portslave package instead of ppp
(provided you can set up a Radius Server on the same subnet for
authentication) It is better suited for serial ppp connections.
> .....
> I've put a file named firewall in the directory containing my firewall rules
No need for this, just configure all firewall rules as stated above. The
default firewall rules in network.sh are:
ipfwadm -F -p deny
so you just need to add the permit statements, etc.
> . Made it executable, but when i run pppd and a connection is made it
> doesn't execute the script. Why? Is the name wrong or what?
>
> TIA /Jonas
There is no need to change any files directly in LRP. The menu system
allows easy editing of all pertinent configuration files. Make sure you
back up any changes to the floppy disk after you are done.
------------------------------
From: [EMAIL PROTECTED] (Eric Mosley)
Subject: Apache SSL and libdbm
Date: 12 Jan 1999 16:07:36 GMT
Hi,
Any ideas on this...
I have Redhat 5.1 installed.
I'm trying to get Apache with SSL up and running, but with one problem.
First I tried apache_1_2_6+ssl_1_17_tar.gz as Apache 1.2.6 is installed by
default.
(I got the SSLeay-0_9_0b_tar.gz and installed it, as with the SSLeay rpm
theres no ssl.h which is needed to build.)
Making Apache_SSL is failing due to the fact that I have no -ldbm or
libdbm.o or whatever. Should this be installed by default?
When I tried apache-ssl-1_3_3-1_28-0_src_rpm.gz which is the latest I get
the same type errors.
When I put in -lgdbm (which I have) I get loads of compile errors from
Apache_SSL complaining about no functions like:
Unidentified reference to BIO_new
Unidentified reference to BIO_ctrl
Unidentified reference to BIO_free
etc.
etc.
etc.
How do I fix this? Is it just that I should have libdbm? Where can I get
that?
Thanks in advance.
Eric
------------------------------
From: Brian McCauley <[EMAIL PROTECTED]>
Crossposted-To: comp.os.linux.misc
Subject: Re: Apache 1.3.3 - multiple cgi-bin/ dir's without ScriptAlias?
Date: Mon, 11 Jan 1999 17:57:38 +0000
[EMAIL PROTECTED] (Chris) writes something not related to Linux:
> I am running Apache 1.3.3 on RedHat Linux 5.1 (Manhattan) with kernel
> 2.0.35. I have successfully setup several user directories, and I
> want each to have its own /cgi-bin/. Do I put a dir called "cgi-bin"
> in the UserDir (for me it's /home/user/html) and put a ScriptAlias in
> srm.conf. My question is this: can I setup a "directory mask" such as
> /home/*/html/cgi-bin/ somewhere in the conf files for all user
> cgi-bin/ directories? I plan on having MANY users on this system and
> I do not want to overload my srm file with that many ScriptAlias
> lines. Any help is greatly appreciated!
To allow CGI scripts to be placed anywhere, not just in ScriptAlias
directories, you can put "ExecCGI" in your "Options".
Once you've done this then a user can make all files in a directory
behave as CGI scripts by putting the following in the in the .htaccess
file for the directory:
SetHandler cgi-script
Additionally you can put "AddHandler cgi-script cgi" in the srm.conf
so that any file with a .cgi suffix is treated as a CGI script and
there is then no need to sepatare the scripts into separate
directories.
--
\\ ( ) No male bovine | Email: [EMAIL PROTECTED]
. _\\__[oo faeces from | Phones: +44 121 471 3789 (home)
.__/ \\ /\@ /~) /~[ /\/[ | +44 121 627 2173 (voice) 2175 (fax)
. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://www.wcl.bham.ac.uk/~bam/
###LL LL\\ (Brian McCauley) |
------------------------------
From: Brian McCauley <[EMAIL PROTECTED]>
Subject: Re: How to setup routing?
Date: Mon, 11 Jan 1999 17:47:38 +0000
"Conrad Hagemans" <[EMAIL PROTECTED]> writes:
> I have a Red Hat (5.1) Linux box setup that is hooked up to the internet
> with a PPP connection to our ISP.
> I have a network card installed to hook the box onto out local network. And
> i added a second networkcard to
> connect the machine to other servers in front of the firewall. The box has
> an official IP address.
>
> Our company has an official c-class domain. 195.240.233.0
>
> Our internal network is using an in-official network range (but is behind
> the firewall) 120.120.0.0
Do not use 120.120/16 use one of the official intranet ranges.
> The PPP connection has ip address 195.240.233.1
> The internal network card ip address 120.120.18.111
> The card for use in front of the firewall IP address 195.240.233.10
Why? Why not 195.240.233.1 - would make things simpler.
> I connected the in front the fireall card to a hub to link the box to an
> extra server with IP address 195.240.233.20
>
> This server cannot be reached from the internet. Why???????
How do you expect the router 154.9.48.67 to learn that 195.240.233.1
is the router for the 195.240.233.0/24 network?
How does your ISP expect the router 154.9.48.67 to learn that
195.240.233.1 is the router for the 195.240.233.0/24 network?
If the answers to these questions are different then that'll be
part of your problem.
> The rc.local file (fragement)
Notably this fragment does not include any commands to allow
195.240.233.20 to talk (unmasqueraded) to the internet.
Do not specify maquerading where you don't want it.
--
\\ ( ) No male bovine | Email: [EMAIL PROTECTED]
. _\\__[oo faeces from | Phones: +44 121 471 3789 (home)
.__/ \\ /\@ /~) /~[ /\/[ | +44 121 627 2173 (voice) 2175 (fax)
. l___\\ /~~) /~~[ / [ | PGP-fp: D7 03 2A 4B D8 3A 05 37...
# ll l\\ ~~~~ ~ ~ ~ ~ | http://www.wcl.bham.ac.uk/~bam/
###LL LL\\ (Brian McCauley) |
------------------------------
From: [EMAIL PROTECTED] (Duncan Simpson)
Subject: Re: Email server for Linux
Date: 13 Jan 1999 11:11:46 GMT
In <77ghgo$7a7$[EMAIL PROTECTED]> [EMAIL PROTECTED] writes:
>Hi all,
<stuff snipped>
>Does Linux have any packages similar to Exchange Server in this regard? I
>have set up Red Hat in the past, version 4.2 I think, have only seen glimpses
>of the latest (5 something) so I am not totally clueless, just mostly :-)The
>major concerns are:
If you want an email server take your chocie out of sendmail, qmail
and postmap? (IBM's secure offering, same auithor as
tcpwrappers). After the recent rumniations on bugtraq abiout it the
secure has been improved in the later.
>- being able to acces from Windows 95 clients
Install an IMAP or POP server. Euroda, netscape and all other known
clients speak IMAP 2 or POP 3. Most speak both. The clients that will
speak to an IMAP or POP server inlcude all versions of Outlook.
>- being able to use their internet domain & email addresses provided with that
>domain.
All decent MTAs feature this, including all the suggestions
above. Virtual domains, auto-repsonse addresses, pointers to email
reading robots and so forth are all supported as well. Exchange costs
you $$$ per user and $$$$ per client. Sendmail does all this free, all
your users need is an account on the linux box (most POP and IMAP
daemons will use the password for the standard Un*x databases). If you do
want them to have shell access just make there shell a shell script along the lines of
#!/bin/sh
cat <<EOF
You are only allowed POP and IMAP access to this server. Persistent attempts
to get unauthorised shell access will result in discplinary action.
The management
EOF
sleep 60
exit 0
>Would be nice to provide dial up connectivity also, but I think we could live
>with Win95 handling that.
No serious problem. Linux will act as a dial on demand IP masquerading host
if you ask nicely. This is no longer hard on the smoother distributions now
that people have dial-on-demand ISDN boxen attatched to their networks.
Duncan (-:
------------------------------
From: jasonvp@@m1ndspr1ng.NOSPAM.com
Subject: Re: Does anyone play net Quake2?
Date: 13 Jan 1999 13:03:28 GMT
Reply-To: jasonvp@@m1ndspr1ng.NOSPAM.com
Morgan V. <[EMAIL PROTECTED]> wrote:
: Have you looked at http://www.planetquake.com/linux/? They have a link to the
: Linux Quake HOWTO as well.
I hadn't until just now. Thanks, but this seems to be dedicated to actually
*playing* Quake2 on Linux. That's not what I'm trying to do. I guess the
question is more related to Linux's IP masquerading/forwarding than it is
Quake2. I'm trying to play Quake2 on a Windblows box that's using a Linux box
as a forwarder.
jas
--
Jason Van Patten | subtlety (n) |
jasonvp@@m1ndspr1ng.NOSPAM.com | The art of choosing the lighter |
AOL IM: Jason VP | sledgehammer. |
Any opinions expressed here are actually yours, you just don't know it. Yet.
To reply to me: jasonvp at mindspring dot com
------------------------------
From: Rob van der Putten <[EMAIL PROTECTED]>
Subject: Re: Problem w second NE2000 card
Date: Wed, 13 Jan 1999 14:05:07 +0100
Hi there
On Tue, 12 Jan 1999, Scott W. Petersen wrote:
> I had to make the lilo changes AND compile the ne2000 in the kernel NOT
> as a module and boom.
Insmod can be used in a way which tells ne.o at which io addresses and
irqs the various ne2000 cards are and which card is eth0 and which is
eth1. It takes some fiddling with quotes and commas but it did the trick
for me.
Regards,
Rob
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.networking) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Networking Digest
******************************
