devil-linux-discuss — General Mailing List for all discussions

Re: [Devil-Linux-discuss] pam-radius problem 1.2.10

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Fri, April 21, 2006 03:51, fe...@fr... wrote:
> With DL 1.2.10 (17/04/06), we have the following problem with pam_radius.
>
>
> Apr 20 14:37:42 src@rad-client sshd[3598]: PAM unable to
> dlopen(/lib/security/pam_radius_auth.so) Apr 20 14:37:42 src@rad-client
> sshd[3598]: PAM [error: /lib/security/pam_radius_auth.so:
> undefined symbol: __guard] Apr 20 14:37:42 src@rad-client sshd[3598]: PAM
> adding faulty module: /lib/security/pam_radius_auth.so
>
> The same config is working with a Debian, and we also tested the 1.2.9
> (not
> working) and 1.2.10 (21/03/06 module missing).
>
> Any idea?

It looks like there's a problem with the gcc stack smashing protector.

I will prepare a newer version and upload it to the ftp server. I'll let
you know once it's up there.


- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iEYEARECAAYFAkRI1vgACgkQUcytMSbs+YUAPQCeO1S598b2mUZ/8L4tUuNPDQRt
QKAAn2lP789I84hlQVE0ovIWX+h0U4ya
=rtR7
-----END PGP SIGNATURE-----

[Devil-Linux-discuss] pam-radius problem 1.2.10

[<fe...@fr...>]

With DL 1.2.10 (17/04/06), we have the following problem with pam_radius.=


Apr 20 14:37:42 src@rad-client sshd[3598]: PAM unable to dlopen(/lib/secu=
rity/pam_radius_auth.so)
Apr 20 14:37:42 src@rad-client sshd[3598]: PAM [error: /lib/security/pam_=
radius_auth.so:
undefined symbol: __guard]
Apr 20 14:37:42 src@rad-client sshd[3598]: PAM adding faulty module: /lib=
/security/pam_radius_auth.so

The same config is working with a Debian, and we also tested the 1.2.9 (n=
ot
working) and 1.2.10 (21/03/06 module missing).

Any idea? 

Nouveau: le premier abonnement ADSL sans taxe mensuelle!
Changez d=E8s =E0 pr=E9sent pour sunrise ADSL free.
http://www.sunrise.ch/fr/privatkunden/iminternetsurfen/adsl/adsl_abosundp=
reise/adsl_gelegenheitssurfer/adsl_free.htm

Re: [Devil-Linux-discuss] Feature request: Stone Steps Webalizer

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi Alberto,

I included a couple more of your contributions in the next DL release.

Thanks!
  Heiko

On Fri, December 16, 2005 05:14, Dr. Alberto Benati wrote:
> I have got a devil-script for awstats:
> http://awstats.sorceforge.net
>
>
> See to http://econtools.economia.unife.it/devil-linux
>
>
> Al
>
>
> --
>
>
>
> ---------- Original Message -----------
> From: "Heiko Zuerker" <he...@zu...>
> To: dev...@li...
> Sent: Thu, 15 Dec 2005 20:56:50 -0600 (CST)
> Subject: Re: [Devil-Linux-discuss] Feature request: Stone Steps Webalizer
>
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>
>> Hey,
>>
>>
>> On Thu, December 15, 2005 15:54, Gert van den Berg wrote:
>>
>>> The webalizer version that is included with devil linux gives me some
>>>  problems with squid log files. The errors I recieve drastically
>>> reduce when I use stone steps webalizer (which I ran on my windows PC
>>> to check) It was no serious change in te resulting report, only faster
>>> executing (with less warnings).
>>>
>>>
>>>
>>> Link:
>>> http://www.stonesteps.ca/projects/webalizer/
>>> It is under the GPL and based on the original webalizer (Which was not
>>>  updated for quite some time)
>>>
>>> Are there any other log analizers included with Devil Linux that I
>>> can use for analizing squid log files?
>>>
>>> It also supports some additional log file types. (such as specific
>>> apache support, with user-agent stats)
>>
>> Anybody have an opinion about this?
>>
>>
>>> Since I'm making a lot of feature requests at the moment, I consider
>>> downloading the build system so I can help implementing the features.
>>> How
>>> large can I expect the download to be? I have an ADSL account with a
>>> 3GB
>>> monthly cap (South Africa has the most expensive broadband access in
>>> the world...), so large download may have to wait until the 31st.
>>
>> Any help is very much appreciated.
>> Sending patches, will make sure that your feature request get considered
>>  for inclusion a lot faster.
>>
>> The build system is not that big, it is currently around 450MB.
>>
>>
>> - --
>>
>>
>> Regards
>> Heiko Zuerker
>> http://www.devil-linux.org
>>
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.2 (GNU/Linux)
>>
>>
>> iD8DBQFDoizxUcytMSbs+YURArLsAJ9FxFmfDuY9juvin402rQKkZN8dGwCgkZLD
>> SkG/ltEYFJ/2PfVG/0RhK1U=
>> =xB+3
>> -----END PGP SIGNATURE-----
>>
>>
>> -------------------------------------------------------
>> This SF.net email is sponsored by: Splunk Inc. Do you grep through
>> log files for problems?  Stop!  Download the new AJAX search engine that
>> makes searching your log files as easy as surfing the  web. DOWNLOAD
>> SPLUNK! http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
>> _______________________________________________
>> Devil-linux-discuss mailing list
>> Dev...@li...
>> https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss
>>
> ------- End of Original Message -------
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc. Do you grep through log
> files for problems?  Stop!  Download the new AJAX search engine that makes
>  searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
> http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
> _______________________________________________
> Devil-linux-discuss mailing list
> Dev...@li...
> https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss
>
>


- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iEYEARECAAYFAkRAZGwACgkQUcytMSbs+YUEVgCgqCxC9A8vsYIUOOb9hc4SsVub
pUkAn3r4sC7N6qFfB+XgOyWdqcu26+Kx
=b5zx
-----END PGP SIGNATURE-----

Re: [Devil-Linux-discuss] Install default config location problem

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Thu, April 13, 2006 15:32, Dick Middleton wrote:
> Serge,
>
>
>> Friday, March 3, 2006, 12:47:12 AM, you wrote:
>>
>>
>>> There's two points:
>>>
>>
>>> 1)  there is no choice about where the file is stored even if several
>>>  possible media are found. 2)  there is no option to say - please
>>> don't save it at all at this  time.
>> Please, evaluate this patch.
>>
>
> I'll try to do this next week.  I've been a bit busy for the last couple
> of weeks.  Something to do with school holidays ;-)
>
> BTW, thanks for doing this, I thought my comments had fallen on deaf
> ears.  Pleasant surprise.

It's not the ears, we're all pretty busy too.

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkQ+uj4ACgkQUcytMSbs+YXB7wCgiFFuT7LpXwCA23bN6LMvf+/q
Ar4An1DUD6yedeySo1T08py40dDwTafu
=GBIN
-----END PGP SIGNATURE-----

Re: [Devil-Linux-discuss] Install default config location problem

[Dick M. <di...@li...>]

Serge,

> Friday, March 3, 2006, 12:47:12 AM, you wrote:
> 
>> There's two points:
> 
>>    1)  there is no choice about where the file is stored even if several
>>       possible media are found.
>>    2)  there is no option to say - please don't save it at all at
>>       this  time.
> Please, evaluate this patch.

I'll try to do this next week.  I've been a bit busy for the last couple 
of weeks.  Something to do with school holidays ;-)

BTW, thanks for doing this, I thought my comments had fallen on deaf 
ears.  Pleasant surprise.

Dick



> Short description:
>  - the device suggested for configs coping is showed
>   (if "N" is pressed then the next device will be suggested. BTW: this
>    behavior is implemented from the very outset - I've added only
>   device showing)
>  - if there is no suitable device ( or user chooses "N" for all
>   suggested devises) the loading without configuration media will be
>   suggested. 

Re: [Devil-Linux-discuss] Is there a problem with MPPE in Devil-Linux release 1.2.9?

[Marc G. <mgu...@cv...>]

Dear Serge,

Thank you for the prompt reply.  I did not know the syntax had changed for 
that option.  Now that I have changed the lines you mentionned in the 
configuration file, MPPE works perfectly with my existing firewall rules and 
PPTP configuration.

Sincerely,

Marc Guimond

----- Original Message ----- 
From: "Serge Leschinsky" <fi...@in...>
Sent: Thursday, April 13, 2006 02:31

> Please check that your options.pptpd looks like the following (in the
> mppe related part):
>
> #require-mppe-128
> #nomppe-40
> mppe required,stateless,no56,no40

Re: [Devil-Linux-discuss] DL 1.2.9 strange effects - Filesystem, postfix, vmware?

[Heiko Z. <he...@zu...>]

On Thu, April 13, 2006 13:05, Kari Mattsson wrote:
>

> We (actually our customer) have been running 1.2.6 as a firewall in ESX
> 2.5.2 (2 different update levels) since it came out.  It is rock solid.
> 1 CPU, 128 MB RAM, 4 NICs.  Best uptime 3+ months.  The only time DL is
> booted, is when the whole system is upgraded.
>
> 1.2.6 (i686 server version) is the stock one, no vmware tools.

Good to know, thanks for the infos.

> I presume you guys are talking about the free VMware Server?  I think it
> might be a good thing to mention.

Yes it's the free one. If I get approval, I only want to add the vmxnet
and the vmmemctl (memory management for ESX server) modules. They seem to
be the same between the various versions.
If they deny the request, you will still be able to use a DL version with
VMWare support, but you'll have to compile it yourself. I will leave the
scripts and the only thing you'd have to do is copy the source files over.

> One interesting side note: DL virtual machine is still not working in
> proxy-arped DMZ. I've been forced to use Gentoo and Debian instead. I've
> boiled down the problem to the pcnet32.o in DL - it doesn't like the
> virtual switch or something. If/when we can change to vmxnet or even the
> vlance driver in VMware Tools, I think the problem will vanish.

Since you have ESX, try the e1000 drivers. I heard they behave better.

> By the way, on VMware ESX, when I launch 10 DL VMs of same version, it
> first takes up quite a lot of memory. After a while ESX finds identical
> 4K block in memory and collapses each block in to one.  It save *a lot*
> memory :-)

Wow that's pretty cool !

-- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

Re: [Devil-Linux-discuss] DL 1.2.9 strange effects - Filesystem, postfix, vmware?

[Kari M. <ka...@tr...>]

We (actually our customer) have been running 1.2.6 as a firewall in ESX =
2.5.2 (2 different update levels) since it came out.  It is rock solid.  1 =
CPU, 128 MB RAM, 4 NICs.  Best uptime 3+ months.  The only time DL is =
booted, is when the whole system is upgraded.

1.2.6 (i686 server version) is the stock one, no vmware tools.

I presume you guys are talking about the free VMware Server?  I think it =
might be a good thing to mention.

One interesting side note: DL virtual machine is still not working in =
proxy-arped DMZ. I've been forced to use Gentoo and Debian instead. I've =
boiled down the problem to the pcnet32.o in DL - it doesn't like the =
virtual switch or something. If/when we can change to vmxnet or even the =
vlance driver in VMware Tools, I think the problem will vanish.

By the way, on VMware ESX, when I launch 10 DL VMs of same version, it =
first takes up quite a lot of memory. After a while ESX finds identical 4K =
block in memory and collapses each block in to one.  It save *a lot* memory =
:-)


Terveisin/With kind regards/Med h=C3=A4lsningar/Lugupidamisega,

Kari Mattsson
Trivore oy

--=20
http://trivore.com/   mailto:kar...@tr...   =
tel:+358-50-69000


_____ Alkuper=C3=A4inen viesti _____
Aihe:	Re: [Devil-Linux-discuss] DL 1.2.9 strange effects - Filesystem,      =
     postfix, vmware?
Tekij=C3=A4:	"Heiko Zuerker" <he...@zu...>
P=C3=A4iv=C3=A4m=C3=A4=C3=A4r=C3=A4:		13. huhtikuuta 2006 17:02:35

Re: [Devil-Linux-discuss] DL 1.2.9 strange effects - Filesystem, postfix, vmware?

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> vmware esx ist up to date (2.5.2 Build 21059). The time between the crashes

I just took a quick look at this document:
http://www.vmware.com/pdf/esx_systems_guide.pdf
They list that SuSE 8.2 is not supported in the MP config on the newer ESX
servers. Wasn't 8.2 still based on Kernel 2.4 ?
Maybe there's a general issue with ESX and Kernel 2.4 with MP.

Maybe you should throw that question at the VMWare support.

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkQ+dmYACgkQUcytMSbs+YWbjwCeKiAewNhOdPrX0FIDkMVBh71g
wjYAn2yJo2Ma+IWF4p7vFrtn1aA5rdj1
=OP8z
-----END PGP SIGNATURE-----

Re: [Devil-Linux-discuss] DL 1.2.9 strange effects - Filesystem, postfix, vmware?

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Thu, April 13, 2006 10:51, Udo Lembke wrote:
> Heiko Zuerker schrieb:
>
>>
>> Interesting !
>> Are you on the latest version of your VMWare release?
>> If I have some time this weekend, I'll test it on my box.
>> How long does it usually take until it crashes?
>> Which CPU version of DL are you using? i586-SMP ?
>>
>>
>>
>>> BTW. knows anybody a possibility to turning-off hot-plug on
>>> processor? To test the effect, because the Machine with the vi-problem
>>> is still running.
>>>
>>
>> - --
>>
>>
>> Regards
>> Heiko Zuerker
>> http://www.devil-linux.org
>>
>>
>>
>
> Hi Heiko,
> vmware esx ist up to date (2.5.2 Build 21059). The time between the crashes
> are very different - between hours and month - some time after the first
> reboot all works, sometime i need four reboots. The webserver runs for
> month without problems - til i change yesterday the config (i often change
> the config before) and apache dont start - also after a reboot. Then i
> took one processor away and the system runs...
>
> I use the devil-linux-1.2.9-i686-SMP-server version.

I'm still communicating with VMWare about including their modules into DL,
but I'm not sure that will really help.

What did you set as OS Type ? Other Linux 2.4 Kernel ? If not, please do so.
You could also try to play with the acceleration setting for the VM and
make sure debugging infos is off.

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkQ+dN8ACgkQUcytMSbs+YWjKgCfezdHzHlAo14hLRH+Af4m2mEx
argAnivBb+dkfx491eD7A6VsidYmAPTa
=At48
-----END PGP SIGNATURE-----

Re: [Devil-Linux-discuss] DL 1.2.9 strange effects - Filesystem, postfix, vmware?

[Udo L. <ul...@ab...>]

Heiko Zuerker schrieb:
>
> Interesting !
> Are you on the latest version of your VMWare release?
> If I have some time this weekend, I'll test it on my box.
> How long does it usually take until it crashes?
> Which CPU version of DL are you using? i586-SMP ?
>
>   
>> BTW. knows anybody a possibility to turning-off hot-plug on processor?
>> To test the effect, because the Machine with the vi-problem is still
>> running.
>>     
>
> - -- 
>
> Regards
>   Heiko Zuerker
>   http://www.devil-linux.org
>
>   

Hi Heiko,
vmware esx ist up to date (2.5.2 Build 21059).
The time between the crashes are very different - between hours and 
month - some time after the first reboot all works, sometime i need four 
reboots.
The webserver runs for month without problems - til i change yesterday 
the config (i often change the config before) and apache dont start - 
also after a reboot. Then i took one processor away and the system runs...

I use the devil-linux-1.2.9-i686-SMP-server version.

Best regards

Udo Lembke

Re: [Devil-Linux-discuss] DL 1.2.9 strange effects - Filesystem, postfix, vmware?

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Thu, April 13, 2006 06:19, Udo Lembke wrote:
> Hi,
> it seems that i found the problem with devil-linux on vmware. On all
> virtual devil-linux (1.2.6 and 1.2.9) machines which have two processors
> assigned strange things occours: - vi crashed with Double signal, exiting;
> Segmentation fault
> - apache died after starting, without an error
> - mailserver problems described before
>
>
> With only one processor it looks better - but only for a short time
> tested (since yesterday).

Interesting !
Are you on the latest version of your VMWare release?
If I have some time this weekend, I'll test it on my box.
How long does it usually take until it crashes?
Which CPU version of DL are you using? i586-SMP ?

> BTW. knows anybody a possibility to turning-off hot-plug on processor?
> To test the effect, because the Machine with the vi-problem is still
> running.

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkQ+WfsACgkQUcytMSbs+YXRQgCeIBq3y4wwlpygXE2uc13wsnFd
MwIAn1/bXGGZGaql4yA01CC8NgEqAGhi
=5uCG
-----END PGP SIGNATURE-----

Re: [Devil-Linux-discuss] DL 1.2.9 strange effects - Filesystem, postfix, vmware?

[Udo L. <ul...@ab...>]

Hi,
it seems that i found the problem with devil-linux on vmware.
On all virtual devil-linux (1.2.6 and 1.2.9) machines which have two 
processors assigned strange things occours:
- vi crashed with Double signal, exiting; Segmentation fault
- apache died after starting, without an error
- mailserver problems described before

With only one processor it looks better - but only for a short time 
tested (since yesterday).

BTW. knows anybody a possibility to turning-off hot-plug on processor? 
To test the effect, because the Machine with the vi-problem is still 
running.

Best regards

Udo Lembke

Re: [Devil-Linux-discuss] Is there a problem with MPPE in Devil-Linux release 1.2.9?

[Serge L. <fi...@in...>]

Dear Marc,

Thursday, April 13, 2006, 12:50:44 AM, you wrote:

> I was until recently using Devil-Linux 1.2.5 with and accepted
> inbound PPTP connections without any problems.  I have upgraded to
> Devil-Linux 1.2.9 last week and revised all my configurations and
> rules.  With a nearly identical configuration to what I had before,
> PPTP connections can no longer be accepted when using MPPE
> encryption (see example 1 below). 

Please check that your options.pptpd looks like the following (in the
mppe related part): 

#require-mppe-128
#nomppe-40
mppe required,stateless,no56,no40



-- 
Best regards,
 Serge                            mailto:fi...@in...

[Devil-Linux-discuss] Is there a problem with MPPE in Devil-Linux release 1.2.9?

[Marc G. <mgu...@cv...>]

Good afternoon,

I searched in the forums but did not find the answer to my question.  If =
this has already been answered, could you please direct me to the =
answer?  I was until recently using Devil-Linux 1.2.5 with and accepted =
inbound PPTP connections without any problems.  I have upgraded to =
Devil-Linux 1.2.9 last week and revised all my configurations and rules. =
 With a nearly identical configuration to what I had before, PPTP =
connections can no longer be accepted when using MPPE encryption (see =
example 1 below).

At first I suspected that perhaps I had a bad firewall rule preventing =
GRE traffic.  However, when I remove the "mppe-required" line in =
"/etc/ppp/options.pptpd", I only get an error saying the client insists =
on using MPPE.  So when I disable MPPE encryption on the client side as =
well, then the client successfully connects (see example 2 below). I do =
get a GRE checksum error, but I am not using a Windows client during =
that specific test, so perhaps something changed in the algorythm the =
client is using.

I want to know how I could get MPPE working with Devil-Linux 1.2.9 and =
also how to enforce it in the configuration file.

Thank you,

Marc Guimond

-----

Example 1:

Apr  7 17:05:34 src@firewall pptpd[3769]: MGR: Manager process started
Apr  7 17:05:34 src@firewall pptpd[3769]: MGR: Maximum of 11 connections =
available
Apr  7 17:05:36 src@firewall pptpd[3770]: CTRL: Client 70.80.201.112 =
control connection started
Apr  7 17:05:36 src@firewall pptpd[3770]: CTRL: Starting call (launching =
pppd, opening GRE)
Apr  7 17:05:36 src@firewall pppd[3771]: In file /etc/ppp/options.pptpd: =
unrecognized option 'mppe-required'
Apr  7 17:05:36 src@firewall pptpd[3770]: GRE: =
read(fd=3D6,buffer=3Deff6880,len=3D8196) from PTY failed: status =3D -1 =
error =3D Input/output error, usually caused by unexpected termination =
of pppd, check option syntax and pppd logs
Apr  7 17:05:36 src@firewall pptpd[3770]: CTRL: PTY read or GRE write =
failed (pty,gre)=3D(6,7)
Apr  7 17:05:36 src@firewall pptpd[3770]: CTRL: Reaping child PPP[3771]
Apr  7 17:05:36 src@firewall pptpd[3770]: CTRL: Client 70.80.201.112 =
control connection finished

Example 2:

Apr  7 17:23:38 src@firewall pptpd[4267]: MGR: Manager process started
Apr  7 17:23:38 src@firewall pptpd[4267]: MGR: Maximum of 11 connections =
available
Apr  7 17:23:40 src@firewall pptpd[4268]: CTRL: Client 70.80.201.112 =
control connection started
Apr  7 17:23:40 src@firewall pptpd[4268]: CTRL: Starting call (launching =
pppd, opening GRE)
Apr  7 17:23:40 src@firewall pppd[4269]: Plugin =
/usr/lib/pptpd/pptpd-logwtmp.so loaded.
Apr  7 17:23:40 src@firewall pppd[4269]: pppd 2.4.3 started by root, uid =
0
Apr  7 17:23:40 src@firewall kernel: divert: not allocating divert_blk =
for non-ethernet device ppp0
Apr  7 17:23:40 src@firewall pppd[4269]: Using interface ppp0
Apr  7 17:23:40 src@firewall pppd[4269]: Connect: ppp0 <--> /dev/pts/0
Apr  7 17:23:40 src@firewall pptpd[4268]: GRE: Bad checksum from pppd.
Apr  7 17:23:41 src@firewall pppd[4269]: found interface eth1 for proxy =
arp
Apr  7 17:23:41 src@firewall pppd[4269]: local  IP address 192.168.0.101
Apr  7 17:23:41 src@firewall pppd[4269]: remote IP address 192.168.0.102
Apr  7 17:32:40 src@firewall syslog-ng[597]: STATS: dropped 0
Apr  7 17:35:02 src@firewall pppd[4269]: LCP terminated by peer (User =
request)
Apr  7 17:35:02 src@firewall pppd[4269]: Connect time 11.4 minutes.
Apr  7 17:35:02 src@firewall pppd[4269]: Sent 0 bytes, received 0 bytes.
Apr  7 17:35:02 src@firewall pppd[4269]: Modem hangup
Apr  7 17:35:02 src@firewall pppd[4269]: Connection terminated.
Apr  7 17:35:02 src@firewall pptpd[4268]: CTRL: EOF or bad error reading =
ctrl packet length.
Apr  7 17:35:02 src@firewall pptpd[4268]: CTRL: couldn't read packet =
header (exit)
Apr  7 17:35:02 src@firewall pptpd[4268]: CTRL: CTRL read failed
Apr  7 17:35:02 src@firewall pptpd[4268]: CTRL: Reaping child PPP[4269]
Apr  7 17:35:02 src@firewall pppd[4269]: Exit.
Apr  7 17:35:02 src@firewall kernel: divert: no divert_blk to free, ppp0 =
not ethernet
Apr  7 17:35:02 src@firewall pptpd[4268]: CTRL: Client 70.80.201.112 =
control connection finished

Re: [Devil-Linux-discuss] Examples

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, April 12, 2006 14:25, Leon wrote:
> Greetings to the list,
> I have just jumped into using Devil Linux as a firewall/VPN and found it a
>  lot largeer than it was a while back.  Presumably that is good.
> However, I
> am on a time crumch and need to get this up quickly.  Is there anyplace,
> beyond the distribution where I can get examples?  Or someone who
> wouldn't mind me pickin their brain

Google around, you find solutions for most problems on the web.
Things like VPN, proxy or mail setups are the same as in all other
distributions. It get's a little different if you need harddisk support,
but that's all documented.

You can also post your questions here, but please don't expect from other
people to do your work. Folks tend to help more, when they see that you
did your homework before you ask questions.

Just my 2 cents. ;-)

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkQ9VoEACgkQUcytMSbs+YXcOgCfU9ZdQyxkQd053Zi7ndsDHDDd
BIgAn0WAtSJorwW2Ggo3/Quz9OH5zGKJ
=qBiG
-----END PGP SIGNATURE-----

[Devil-Linux-discuss] Examples

[Leon <le...@do...>]

Greetings to the list,
  I have just jumped into using Devil Linux as a firewall/VPN and found it a
lot largeer than it was a while back.  Presumably that is good.  However, I
am on a time crumch and need to get this up quickly.  Is there anyplace,
beyond the distribution where I can get examples?  Or someone who wouldn't
mind me pickin their brain

Leon Sonntag
Network Administrator

Re[6]: [Devil-Linux-discuss] SATA problem

[Serge L. <fi...@in...>]

Dear Heiko.

Friday, April 7, 2006, 6:15:35 PM, you wrote:

>> Of course.  I've tested ISO and USB only. I'll check the rest of boot
>> options (without CF due to lack of CF adapter) and write message to the
>> list. If it's OK, I'll check in the changes in the scripts too.

> Yes of course.
> I got a CF card, I'll test it once you checked in the changes and uploaded
> everything to the ftp server.
The busybox-1.1.2 was released while I was writing and testing patches.
http://www.busybox.net/downloads/busybox-1.1.2.tar.bz2

It's good news because modprobe from bb-1.1.2 seems working correctly.

My config for bb-1.1.2 is in the attachment (I've added some options
to the modutil section).

-- 
Best regards,
 Serge                            mailto:fi...@in...

Re: [Devil-Linux-discuss] port forwarding

[ross p. <ras...@ya...>]

Well, I found out that it is connecting through PPPoA, and it must be a DSL router because I have wireless gateway.  Tomorrow, I will try bypassing the DL firewall, and connect my server directly to the internet, and see if I can connect like that.  Then I should be able to determine if the problem is with the DSL router, or my firewall.  In the meantime, does anyone else have any suggestions to offer?

Tarnai György <tar...@r-...> wrote:       Interesting... I would approach this problem by  checking if DL is really the problem in this case. You can do that by connecting  your computer on the network between your DSL "modem" (which I assume is a  broadband router actually) and DL, on the 192.168.0.xxx subnet, and try to  connect to the stream through DL via it's external IP (192.168.0.3). If that  doesn't work try moving the server to the same network and subnet and try if you  can access it from the internet through your DSL modem. In this way you can make  sure the problem is really with DL and not with your DSL modem.
  
 On the other hand there might be a problem with the  firewall rules, for instance I'm not sure that ShoutCast servers are using TCP  to stream media or it may be using TCP connections that don't work well in some  NAT scenarios. May be worth to check that.
  
 Also I would check what does this DSL "modem"  really do. DSL modems (at least here in Hungary) are devices that interfaces  with the DSL network and allows to initiate the connection via PPPoE. DSL  routers are devices where you can connect some form of internet connection  (Fixed IP, DHCP or PPPoE client) via its WAN ethernet interface and routing or  NATing it to client machines on the internal network via it's internal ethernet  interface. Of course there are lots of devices now that are combining some or  more of these features for ex.
 DSL interface routers or boadband routers with  direct DSL connection so it is not straightforward what your device is capable  doing not to mention that a lot depends on the internal software it is  using. 
  
 And at last but not least it would be better if  you'd sent DL's exact network configuration (IP's, subnet masks, gateway, etc.)  to check there's no problem there.
  
 Best regards:
  
 George Tarnai
  
    ----- Original Message ----- 
   From:    ross    paskett 
   To: dev...@li...    
   Sent: Friday, April 07, 2006 8:58  PM
   Subject: [Devil-Linux-discuss] port    forwarding
   

I am running an internet server on my local network. The server    streams media through: ip is 192.168.1.7 port 8007.  I have port    forwarding setup in my firewall.rules file, and I have turned it on my DSL    modem.  On my DSL modem, the rule is:
Forward ports 8000-8010 to    machine 192.168.0.3(devil linux), then devil linux should forward connections    on port 8007 to 192.168.1.7(internal radio server), but when I try to connect    to my machine from the outside world, it can't.  I can connect and stream    my music internally, from windows or mac, just not from the outside    world.  Internally, I just connect to 192.168.1.7:8007 in winamp, and it    plays my music.  can someone help?  below is the port forwarding    section of my firewall.rules file.

# Uncomment/modify the next 4 lines    to forward a service to an internal IP.
SERVER_IP=192.168.1.7   #    Internal IP of    server.
PORT=8007                  # 22 = SSH.  Change to 80 for web server, etc.
${IPTABLES} -A    PREROUTING -i ${OUT_DEV} -t nat -p TCP --dport $PORT -j DNAT --to    ${SERVER_IP}:${PORT}
${IPTABLES} -A FORWARD -p TCP -d ${SERVER_IP} --dport    $PORT -i ${OUT_DEV} -o ${INT_DEV} -j ACCEPT

      

---------------------------------
   Yahoo! Messenger with Voice. Make    PC-to-Phone Calls to the US (and 30+ countries) for 2�/min or less.      

---------------------------------
   Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great    rates starting at 1¢/min.


ross paskett
ras...@ya...
		
---------------------------------
Love cheap thrills? Enjoy PC-to-Phone  calls to 30+ countries for just 2¢/min with Yahoo! Messenger with Voice.

Re: [Devil-Linux-discuss] port forwarding

[<adm...@r-...>]

Interesting... I would approach this problem by checking if DL is really =
the problem in this case. You can do that by connecting your computer on =
the network between your DSL "modem" (which I assume is a broadband =
router actually) and DL, on the 192.168.0.xxx subnet, and try to connect =
to the stream through DL via it's external IP (192.168.0.3). If that =
doesn't work try moving the server to the same network and subnet and =
try if you can access it from the internet through your DSL modem. In =
this way you can make sure the problem is really with DL and not with =
your DSL modem.

On the other hand there might be a problem with the firewall rules, for =
instance I'm not sure that ShoutCast servers are using TCP to stream =
media or it may be using TCP connections that don't work well in some =
NAT scenarios. May be worth to check that.

Also I would check what does this DSL "modem" really do. DSL modems (at =
least here in Hungary) are devices that interfaces with the DSL network =
and allows to initiate the connection via PPPoE. DSL routers are devices =
where you can connect some form of internet connection (Fixed IP, DHCP =
or PPPoE client) via its WAN ethernet interface and routing or NATing it =
to client machines on the internal network via it's internal ethernet =
interface. Of course there are lots of devices now that are combining =
some or more of these features for ex.
DSL interface routers or boadband routers with direct DSL connection so =
it is not straightforward what your device is capable doing not to =
mention that a lot depends on the internal software it is using.=20

And at last but not least it would be better if you'd sent DL's exact =
network configuration (IP's, subnet masks, gateway, etc.) to check =
there's no problem there.

Best regards:

George Tarnai

  ----- Original Message -----=20
  From: ross paskett=20
  To: dev...@li...=20
  Sent: Friday, April 07, 2006 8:58 PM
  Subject: [Devil-Linux-discuss] port forwarding


  I am running an internet server on my local network. The server =
streams media through: ip is 192.168.1.7 port 8007.  I have port =
forwarding setup in my firewall.rules file, and I have turned it on my =
DSL modem.  On my DSL modem, the rule is:
  Forward ports 8000-8010 to machine 192.168.0.3(devil linux), then =
devil linux should forward connections on port 8007 to =
192.168.1.7(internal radio server), but when I try to connect to my =
machine from the outside world, it can't.  I can connect and stream my =
music internally, from windows or mac, just not from the outside world.  =
Internally, I just connect to 192.168.1.7:8007 in winamp, and it plays =
my music.  can someone help?  below is the port forwarding section of my =
firewall.rules file.

  # Uncomment/modify the next 4 lines to forward a service to an =
internal IP.
  SERVER_IP=3D192.168.1.7   # Internal IP of server.
  PORT=3D8007               # 22 =3D SSH.  Change to 80 for web server, =
etc.
  ${IPTABLES} -A PREROUTING -i ${OUT_DEV} -t nat -p TCP --dport $PORT -j =
DNAT --to ${SERVER_IP}:${PORT}
  ${IPTABLES} -A FORWARD -p TCP -d ${SERVER_IP} --dport $PORT -i =
${OUT_DEV} -o ${INT_DEV} -j ACCEPT




-------------------------------------------------------------------------=
-----
  Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ =
countries) for 2=EF=BF=BD/min or less.


-------------------------------------------------------------------------=
-----
  Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great =
rates starting at 1=A2/min.

Re: [Devil-Linux-discuss] port forwarding

[<tar...@r-...>]

Interesting... I would approach this problem by checking if DL is really =
the problem in this case. You can do that by connecting your computer on =
the network between your DSL "modem" (which I assume is a broadband =
router actually) and DL, on the 192.168.0.xxx subnet, and try to connect =
to the stream through DL via it's external IP (192.168.0.3). If that =
doesn't work try moving the server to the same network and subnet and =
try if you can access it from the internet through your DSL modem. In =
this way you can make sure the problem is really with DL and not with =
your DSL modem.

On the other hand there might be a problem with the firewall rules, for =
instance I'm not sure that ShoutCast servers are using TCP to stream =
media or it may be using TCP connections that don't work well in some =
NAT scenarios. May be worth to check that.

Also I would check what does this DSL "modem" really do. DSL modems (at =
least here in Hungary) are devices that interfaces with the DSL network =
and allows to initiate the connection via PPPoE. DSL routers are devices =
where you can connect some form of internet connection (Fixed IP, DHCP =
or PPPoE client) via its WAN ethernet interface and routing or NATing it =
to client machines on the internal network via it's internal ethernet =
interface. Of course there are lots of devices now that are combining =
some or more of these features for ex.
DSL interface routers or boadband routers with direct DSL connection so =
it is not straightforward what your device is capable doing not to =
mention that a lot depends on the internal software it is using.=20

And at last but not least it would be better if you'd sent DL's exact =
network configuration (IP's, subnet masks, gateway, etc.) to check =
there's no problem there.

Best regards:

George Tarnai

  ----- Original Message -----=20
  From: ross paskett=20
  To: dev...@li...=20
  Sent: Friday, April 07, 2006 8:58 PM
  Subject: [Devil-Linux-discuss] port forwarding


  I am running an internet server on my local network. The server =
streams media through: ip is 192.168.1.7 port 8007.  I have port =
forwarding setup in my firewall.rules file, and I have turned it on my =
DSL modem.  On my DSL modem, the rule is:
  Forward ports 8000-8010 to machine 192.168.0.3(devil linux), then =
devil linux should forward connections on port 8007 to =
192.168.1.7(internal radio server), but when I try to connect to my =
machine from the outside world, it can't.  I can connect and stream my =
music internally, from windows or mac, just not from the outside world.  =
Internally, I just connect to 192.168.1.7:8007 in winamp, and it plays =
my music.  can someone help?  below is the port forwarding section of my =
firewall.rules file.

  # Uncomment/modify the next 4 lines to forward a service to an =
internal IP.
  SERVER_IP=3D192.168.1.7   # Internal IP of server.
  PORT=3D8007               # 22 =3D SSH.  Change to 80 for web server, =
etc.
  ${IPTABLES} -A PREROUTING -i ${OUT_DEV} -t nat -p TCP --dport $PORT -j =
DNAT --to ${SERVER_IP}:${PORT}
  ${IPTABLES} -A FORWARD -p TCP -d ${SERVER_IP} --dport $PORT -i =
${OUT_DEV} -o ${INT_DEV} -j ACCEPT




-------------------------------------------------------------------------=
-----
  Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ =
countries) for 2=EF=BF=BD/min or less.


-------------------------------------------------------------------------=
-----
  Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great =
rates starting at 1=A2/min.

[Devil-Linux-discuss] port forwarding

[ross p. <ras...@ya...>]

I am running an internet server on my local network. The server streams media through: ip is 192.168.1.7 port 8007.  I have port forwarding setup in my firewall.rules file, and I have turned it on my DSL modem.  On my DSL modem, the rule is:
Forward ports 8000-8010 to machine 192.168.0.3(devil linux), then devil linux should forward connections on port 8007 to 192.168.1.7(internal radio server), but when I try to connect to my machine from the outside world, it can't.  I can connect and stream my music internally, from windows or mac, just not from the outside world.  Internally, I just connect to 192.168.1.7:8007 in winamp, and it plays my music.  can someone help?  below is the port forwarding section of my firewall.rules file.

# Uncomment/modify the next 4 lines to forward a service to an internal IP.
SERVER_IP=192.168.1.7   # Internal IP of server.
PORT=8007               # 22 = SSH.  Change to 80 for web server, etc.
${IPTABLES} -A PREROUTING -i ${OUT_DEV} -t nat -p TCP --dport $PORT -j DNAT --to ${SERVER_IP}:${PORT}
${IPTABLES} -A FORWARD -p TCP -d ${SERVER_IP} --dport $PORT -i ${OUT_DEV} -o ${INT_DEV} -j ACCEPT


		
---------------------------------
Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ countries) for 2�/min or less.
		
---------------------------------
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.  Great rates starting at 1¢/min.

Re: Re[4]: [Devil-Linux-discuss] SATA problem

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Fri, April 7, 2006 09:08, Serge Leschinsky wrote:
> Dear Heiko,
>
>
> Friday, April 7, 2006, 5:44:07 PM, you wrote:
>
>
>>>> There's also a newer version of busybox now. They contacted me just
>>>> a couple days ago and said the mount problem may be solved (major
>>>> rewrite of mount).  So we could try updating busybox first.
>>> Yes. I've seen it already. But modprobe doesn't work anyway (
>>> moreover it doesn't work at all in the clean 1.1.1 without
>>> busybox-1.1.1.fixes.patch).
>
>> Where can I find this patch?
>>
> http://www.busybox.net/downloads/busybox-1.1.1.fixes.patch
>
>
>
>>> bb-1.1.1 was build without any problem. No script modification is
>>> required. It looks like a good candidate for update.
>> Cool
>> We need to test the several boot options (CF card, USB, ISO, harddisk),
>> since the newer BB had issues with some of them.
> Of course.  I've tested ISO and USB only. I'll check the rest of boot
> options (without CF due to lack of CF adapter) and write message to the
> list. If it's OK, I'll check in the changes in the scripts too.

Yes of course.
I got a CF card, I'll test it once you checked in the changes and uploaded
everything to the ftp server.

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkQ2dAcACgkQUcytMSbs+YVpOgCeOAr/FOr2qhMghX7OktkKned+
dXYAoIxTfNQHEg28bebeWmUwjznIm6TJ
=Luu0
-----END PGP SIGNATURE-----

Re[4]: [Devil-Linux-discuss] SATA problem

[Serge L. <fi...@in...>]

Dear Heiko,

Friday, April 7, 2006, 5:44:07 PM, you wrote:

>>> There's also a newer version of busybox now. They contacted me just a
>>> couple days ago and said the mount problem may be solved (major rewrite
>>> of mount).  So we could try updating busybox first.
>> Yes. I've seen it already. But modprobe doesn't work anyway (
>> moreover it doesn't work at all in the clean 1.1.1 without
>> busybox-1.1.1.fixes.patch).

> Where can I find this patch?
http://www.busybox.net/downloads/busybox-1.1.1.fixes.patch


>> bb-1.1.1 was build without any problem. No script modification is
>> required. It looks like a good candidate for update.
> Cool
> We need to test the several boot options (CF card, USB, ISO, harddisk),
> since the newer BB had issues with some of them.
Of course.  I've tested ISO and USB only. I'll check the rest of boot
options (without CF due to lack of CF adapter) and write message to the
list. If it's OK, I'll check in the changes in the scripts too.

-- 
Best regards,
 Serge                            mailto:fi...@in...

Re: Re[2]: [Devil-Linux-discuss] SATA problem

[Heiko Z. <he...@zu...>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Fri, April 7, 2006 03:15, Serge Leschinsky wrote:
> Dear Heiko,
>
>
> Thursday, April 6, 2006, 8:43:09 PM, you wrote:
>
>>> Heiko, what do you think about dynamical compiling busybox (anyway we
>>>  link it against glibc, not uclibc ) and adding modprobe from
>>> modutils package (or building modprobe statically )?
>
>> The problem is the size of the initrd, when we start using libraries it
>>  might get tight on 32 MB systems. Compiling modprobe statically might
>> help.
> I made /sbin/test in the initrd file system and copied there insmode and
> modprobe (symlink) from modutils package. I modified load_modules script
> from "/sbin/modprobe $MODULE" to "/sbin/temp/modprobe $MODULE" as well. It
> seems working correctly.

Cool.
So we have a workaround if BB doesn't work either in the new version.

>>> The option  "BUSYBOX_CONFIG_FEATURE_INSMOD_KSYMOOPS_SYMBOLS" can
>>> affect too. I'm going to check how this option inclusion/exclusion
>>> affects modules loading.
>
>> There's also a newer version of busybox now. They contacted me just a
>> couple days ago and said the mount problem may be solved (major rewrite
>> of mount).  So we could try updating busybox first.
> Yes. I've seen it already. But modprobe doesn't work anyway (
> moreover it doesn't work at all in the clean 1.1.1 without
> busybox-1.1.1.fixes.patch).

Where can I find this patch?

> bb-1.1.1 was build without any problem. No script modification is
> required. It looks like a good candidate for update.

Cool
We need to test the several boot options (CF card, USB, ISO, harddisk),
since the newer BB had issues with some of them.

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iEYEARECAAYFAkQ2bKcACgkQUcytMSbs+YU0IgCgiYu2mCHXoUSa+5JV8r5kUQAG
j8YAn371Ek/pqCIGFnVWGf+TsLQ/wsX+
=erHn
-----END PGP SIGNATURE-----