users February 2006

users@lists.fedoraproject.org

585 participants
783 discussions

by Keith Lofstrom

I am planning on running a Virtual Private Network from my Fedora firewall out to a UML virtual colo (running RH9) at another site. That site will be the place I present services to the world; httpd, ssh, sftp, smtp. This is to comply with the "no servers" and dynamic ip restrictions on my Comcast connection to the net; if my firewall always drives an outbound connection to the colocation site, I am not worried about changes of ip address, and I am not opening any inbound ports. There are a number of options for the VPN - the most attractive are cipe ( http://sites.inka.de/sites/bigred/devel/cipe.html ) and FreeSwan ( http://www.freeswan.org/ ), though I am told that one can do all this through an ssh tunnel. I would rather have simple and secure than super-duper; I have plenty of bandwidth, and will send outbound http and smtp from the firewall, so the main bandwidth user will be incoming spam/b/b/b/b mail. Anyone have some experiences to share about setting up VPN? Is there anything about either cipe or FreeSwan that is likely to break with FC1 or FC2? Keith -- Keith Lofstrom keithl(a)ieee.org Voice (503)-520-1993 KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon" Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs

3 months, 3 weeks

8
8
0 / 0

Problems with 3COM 3C900Combo

by Christian Moller

Hi all Fedora users, I have just joined this list. I am running the latest Fedora but I can't get my 3C900Combo networking card to work. I can see that the card is installed but no IP-address is asigned to it and I can't set it. So I think that there is a bug in that driver. Any other user out there who have a solution for this? Best regards and thanks, Christian

4 years, 8 months

2
1
0 / 0

RAGE XL Framebuffer

by Yanick Quirion

Hi all I know that is not a specific question about Fedora, but I can't find answer on the kernel mailing list. Is somebody having server with integrated ATI RAGE XL video card? Is it possible to patch the kernel to support this video card? If I add VGA=791 in my grub.conf, I will have a resolution of 1024x768 which is good, but the display is very slow (especially when the screen is scrolling). If I use I this: "video=aty128fb:1024x768@70" it will not work. I'm using kernel 2.4.22 but I will try 2.6.0-test11 today. If somebody has a patch, a link or anything else that can help me, it will be appreciated. Thanks for your help. Regards, ----------- Yanick Quirion Administrateur Réseau/Network Manager NEOKIMIA INC. Institut de Pharmacologie de Sherbrooke 3e étage (Édifice Z5) 3001 12e avenue Nord Sherbrooke, Québec CANADA J1H 5N4 Tél.: +1 819 820-6040 Direct: +1 819 820-6855 Fax.: +1 819 820-6841 email: Yanick.Quirion(a)neokimia.com

4 years, 8 months

2
1
0 / 0

Soundblaster

by Antonio Montagnani

I have two similar PC (old Pentium but workin fine) In Pc no.1 I upgraded from RH8 to Fedora and it went fine: Soundblaster is working fine In Pc no.2 I made a fresh installation but in redhat-sound-config Fedora doesn't see any card, that was working on Redhat 9 after soundconfig... Where is the trick?? I assume that my Sounblaster is an old 16...but fine on a router/firewall. Tnx Antonio

4 years, 8 months

4
6
0 / 0

Network problems on new FC4 box - please help.

by William W. Austin

I had to replace a disk (the one with all of the home directories on it) on an FC3 box, and so I bought a new drive (particulars unimportant). To make a long story short, I decided to put FC4 on this box, and so I installed the new drive and put the root filesystem on it. I still have the old FC3 root drive and can boot to either for comparison... Under FC3, I have no network problems that I can detect; however, under FC4 there are two distinct (related? no idea) problems which have eluded me. I have tried looking up both of these in the archives, but have had no luck (some similar issues, but nothing exactly like either of these unless I missed them). Problem 1: network card goes to sleep. This machine has 2 network cards, both on-board. The 1GB card L(Intel 82540EM) goes to the smartswitch to tolk to the local network, and does not show any problems. The other card (nVidia nForce2) is a 100MB card and talks to the DSL modem. Periodically I cannot connect to the internet at all - or even ping the DSL modem. This happens irregularly but about 5-10 times/day. If I reboot back to FC3, the problem does not occur. Network configurations between the two (FC3/FC4) are as identical as I can make them. The first few times the problem occurs, sometimes retarting networking works, but eventually a full sys reboot is the only thing which works. Problem 2: slow local network. Under FC3 throughput on the LOCAL network (1GB lan) is very fast. Under FC4, the best I have seen is ONE transfer of about 1.2 MB/s - and throughput drops to as low as 50-75KB/s at times. Again, this does not occur under FC3 but does under FC4. Again the same setup as nearly as I can make it. No workaround found so far. Any suggestions would be greatly appreciated. -- william w. austin waustin(a)speakeasy.net "life is just another phase i'm going through. this time, anyway ..."

10 years, 2 months

6
5
0 / 0

Kernel numbers

by Jeff Stevens

What does it mean to see an rpm with a kernel of 2.6.10-1.741_FC3, when we go to a site like http://www.kernel.org and see the latest kernel is at 2.6.10? If one wanted to compile their own kernel from this site, would they be losing fixes/etc. from the "-1.741_FC3" portion? Thanks, still learning here... -- Jeffrey Stevens gpg --keyserver pgp.mit.edu --recv-keys D2E5A4E8 Key fingerprint: 1C86 8717 E485 FA4D B9EF 96E2 A1AC 4B00 D2E5 A4E8

11 years, 8 months

9
15
0 / 0

Re: Port forwarding

by Andy

Hi, Jari Marikainen wrote: > I would like to forward incoming traffic from internet to > "<195.198.111.x> port 80" to "<some other ip on the internet> port 80" > in FC3 on the same interface. I would try the DNAT/SNAT iptables targets, along the lines of: iptables -t nat -A PREROUTING -p tcp --dport 80 -d 195.198.111.x \ -j DNAT --to-destination 65.114.4.69 iptables -t nat -A POSTROUTING -p tcp --dport 80 -d 65.114.4.69 \ -j SNAT --to-source <your external IP address on this machine> The second line makes the real server send it's replies through the same path (otherwise it will reply directly to the client) You have to enable/allow forwarding for everything to work. hth, /Andy

11 years, 9 months

5
4
0 / 0

MySQL for an absulute beginner - Need recommandation

by Barry Yu

Would appreciate point me to a place where I could find the info in learning MySQL as an absolute begginer.

11 years, 11 months

18
26
0 / 0

Re: printer problem fixed -- but why?

by Andrew Couture

Do you have 'cups' installed? Why not use 'http://localhost:631/', it works well. If you printer doesn't have a driver there, try the 'gutenprint-' package. It is not a *rpm yet, but the instructions are straight forward. andy

11 years, 11 months

5
5
0 / 0

ssh and port 22 problem, cont.

by Gerhard Magnus

Greetings! I've made some progress on troubleshooting this "ssh & port 22 problem". Here was my original post: When I try to connect from a remote machine to my one at home using ssh I get the error message "ssh: connect to host 64.146.133.1 port 22: Connection refused" -- but using ssh in the outgoing direction (i.e. from home to the remote location) works fine. Here's what's happened since: I have two machines (PuteA and PuteB) sharing an ActionTec DSL modem. The IP I was using was that of my "Gateway" ISP (64.146.133.1) -- an error. But when I used the correct, static IP address of the ActionTec (64.146.133.52) I got this message: ssh: connect to host 64.146.133.52 port22: Connection refused I thought I had port forwarding (for port 22) set correctly on the modem. For troubleshooting, my ISP advised me to run "tcpdump -n host 192.168.0.2" on PuteA, where 192.168.0.2 is the "internal" IP of PuteA. Then I logged on to the remote location from PuteB and tried to ssh from there to PuteA using the static IP address. The ssh from the remote location timed out with the same "port 22: connection refused" message. The tcpdump on Pute A gave this message: > tcpdump: listening on eth0 > 17:27:33.662753 arp who-has 192.168.0.2 tell 192.168.0.1 where 182.168.0.1 is the "internal" IP of the modem. (Sorry if I have this terminology wrong.) My ISP says the problem is the firewall on PuteA and that he doesn't do linux firewalls. Here are my replies to the people who responded to my first post: (1) "Do you have the firewall configured to deny incoming packets to port 22?" How do I check this? (2) "You need to check that sshd is running on your system." Yes. I comes up with each boot. Also "service sshd status" gives "sshd (pid 787) is running". (3) "sshd uses /etc/hosts.allow and /etc/hosts.deny. Check that they are configured to allow your remote machine in." Both files have only commented lines. (4) "Also, if your /etc/ssh/sshd_config file has VerifyReverseMapping turned on, you will get kicked out if your remote address does not work with a reverse dns lookup." There's a "VerifyReverseMapping no" line in the file but it's been commented out. (5) "Just to be sure: when you are at home machine, try 'ssh localhost'. If this works, you probably need to check your firewall." It seems to work -- I ssh to the machine itself. (6) "This is common on every system I have ever loaded with FC2. Your iptables are blocking the connection. You can do one of the following: iptables -A INPUT -m tcp -p tcp --dport 22 - j ACCEPT" I tried this. The ssh to PuteA from the remote location still times out. (7) "Oh yes I also took out the REDHAT firewall entrie as I dont have a clue as to how to work with it." I've fiddled endlessly with this "system tool" at each of the three levels of security as well as using the "customize" option to set eth0 as a trusted device and to allow incoming ssh. It doesn't show the settings that actually exist. (8) "If your fedora box is connected directly to a DSL modem, you should be able to find your IP address by running ifconfig from the command line and looking for 'inet addr:' (probably under 'eth0')." eth0 Link encap:Ethernet HWaddr 00:40:05:81:60:8E inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2184 errors:0 dropped:0 overruns:0 frame:0 TX packets:2005 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1122075 (1.0 Mb) TX bytes:190214 (185.7 Kb) Interrupt:5 Base address:0x3000 Could this be the problem -- the "inet addr" of 192.168.0.4? As far as I can tell, the modem is 192.168.0.1, PuteA is 192.168.0.2, and PuteB is 192.168.0.3. I haven't set anything as 192.168.0.4. (9) "nmap 64.146.133.52" (The 1598 ports scanned but not shown below are in state: closed) Port State Service 23/tcp open telnet 53/tcp open domain 80/tcp open http Shouldn't ssh be here? And what's telnet doing open? The books have me scared to death of this... hackers, crackers, script kiddies, etc. Thanks for the help! Jerry Magnus

11 years, 11 months

21
42
0 / 0

← Newer
1
2
3
4
...
79
Older →

Jump to page: