Greetings!
I've made some progress on troubleshooting this "ssh & port 22 problem". Here was my original post:
When I try to connect from a remote machine to my one at home using ssh I get the error message "ssh: connect to host 64.146.133.1 port 22: Connection refused" -- but using ssh in the outgoing direction (i.e. from home to the remote location) works fine.
Here's what's happened since:
I have two machines (PuteA and PuteB) sharing an ActionTec DSL modem. The IP I was using was that of my "Gateway" ISP (64.146.133.1) -- an error. But when I used the correct, static IP address of the ActionTec (64.146.133.52) I got this message:
ssh: connect to host 64.146.133.52 port22: Connection refused
I thought I had port forwarding (for port 22) set correctly on the modem. For troubleshooting, my ISP advised me to run "tcpdump -n host 192.168.0.2" on PuteA, where 192.168.0.2 is the "internal" IP of PuteA. Then I logged on to the remote location from PuteB and tried to ssh from there to PuteA using the static IP address. The ssh from the remote location timed out with the same "port 22: connection refused" message. The tcpdump on Pute A gave this message:
tcpdump: listening on eth0 17:27:33.662753 arp who-has 192.168.0.2 tell 192.168.0.1
where 182.168.0.1 is the "internal" IP of the modem. (Sorry if I have this terminology wrong.)
My ISP says the problem is the firewall on PuteA and that he doesn't do linux firewalls.
Here are my replies to the people who responded to my first post:
(1) "Do you have the firewall configured to deny incoming packets to port 22?" How do I check this?
(2) "You need to check that sshd is running on your system." Yes. I comes up with each boot. Also "service sshd status" gives "sshd (pid 787) is running".
(3) "sshd uses /etc/hosts.allow and /etc/hosts.deny. Check that they are configured to allow your remote machine in." Both files have only commented lines.
(4) "Also, if your /etc/ssh/sshd_config file has VerifyReverseMapping turned on, you will get kicked out if your remote address does not work with a reverse dns lookup." There's a "VerifyReverseMapping no" line in the file but it's been commented out.
(5) "Just to be sure: when you are at home machine, try 'ssh localhost'. If this works, you probably need to check your firewall." It seems to work -- I ssh to the machine itself.
(6) "This is common on every system I have ever loaded with FC2. Your iptables are blocking the connection. You can do one of the following: iptables -A INPUT -m tcp -p tcp --dport 22 - j ACCEPT" I tried this. The ssh to PuteA from the remote location still times out.
(7) "Oh yes I also took out the REDHAT firewall entrie as I dont have a clue as to how to work with it." I've fiddled endlessly with this "system tool" at each of the three levels of security as well as using the "customize" option to set eth0 as a trusted device and to allow incoming ssh. It doesn't show the settings that actually exist.
(8) "If your fedora box is connected directly to a DSL modem, you should be able to find your IP address by running ifconfig from the command line and looking for 'inet addr:' (probably under 'eth0')." eth0 Link encap:Ethernet HWaddr 00:40:05:81:60:8E inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2184 errors:0 dropped:0 overruns:0 frame:0 TX packets:2005 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:1122075 (1.0 Mb) TX bytes:190214 (185.7 Kb) Interrupt:5 Base address:0x3000 Could this be the problem -- the "inet addr" of 192.168.0.4? As far as I can tell, the modem is 192.168.0.1, PuteA is 192.168.0.2, and PuteB is 192.168.0.3. I haven't set anything as 192.168.0.4.
(9) "nmap 64.146.133.52" (The 1598 ports scanned but not shown below are in state: closed) Port State Service 23/tcp open telnet 53/tcp open domain 80/tcp open http Shouldn't ssh be here? And what's telnet doing open? The books have me scared to death of this... hackers, crackers, script kiddies, etc.
Thanks for the help! Jerry Magnus
Go to the menu and system setting and click on "Security level". Unmark telnet and mark ssh. And bang omg your done.
On Wednesday 06 October 2004 01:54, Gerhard Magnus wrote:
I have two machines (PuteA and PuteB) sharing an ActionTec DSL modem. The IP I was using was that of my "Gateway" ISP (64.146.133.1) -- an error. But when I used the correct, static IP address of the ActionTec (64.146.133.52) I got this message:
ssh: connect to host 64.146.133.52 port22: Connection refused
I thought I had port forwarding (for port 22) set correctly on the modem.
which internal machine are you forwarding to? (ie see the lower answer about ifconfig)
For troubleshooting, my ISP advised me to run "tcpdump -n host 192.168.0.2" on PuteA, where 192.168.0.2 is the "internal" IP of PuteA. Then I logged on to the remote location from PuteB and tried to ssh from there to PuteA using the static IP address. The ssh from the remote location timed out with the same "port 22: connection refused" message. The tcpdump on Pute Here are my replies to the people who responded to my first post:
(1) "Do you have the firewall configured to deny incoming packets to port 22?" How do I check this?
service iptables status or iptables -L -v (the v is verbose, which will include the interfaces too)
"service sshd status" gives"sshd (pid 787) is running".
so that's not the problem. neither, it would appear is tcp_wrappers (the hosts.allow/deny files)
eth0 Link encap:Ethernet HWaddr 00:40:05:81:60:8E inet addr:192.168.0.4 Bcast:192.168.0.255 Mask:255.255.255.0 Could this be the problem -- the "inet addr" of 192.168.0.4? As far as I can tell, the modem is 192.168.0.1, PuteA is 192.168.0.2, and PuteB is 192.168.0.3. I haven't set anything as 192.168.0.4.
This I believe is the issue here. ifconfig does not tell lies. your eth0 device is currently set to 192.168.0.4. Are you by any chance using your modem as a dhcp server? incidentally, try (on your fedora box) nmap -sP 192.168.0.0/24 which will tell you which machines are up with which ip addresses on your local network (it's a ping scan). You may need to install nmap first. try ssh-ing to from your other host
you can reconfigure the interface (to what you expected) using netconfig: netconfig -d eth0 set your ip address and the other bits then do a service network restart.
then try ssh again.
(9) "nmap 64.146.133.52" (The 1598 ports scanned but not shown below are in state: closed) Port State Service 23/tcp open telnet 53/tcp open domain 80/tcp open http Shouldn't ssh be here? And what's telnet doing open? The books have me scared to death of this... hackers, crackers, script kiddies, etc.
no idea. it's not difficult to turn off, however. See Matthew's post about this.
HTH
Stuart
Gerhard Magnus wrote:
Shouldn't ssh be here? And what's telnet doing open? The books have me scared to death of this... hackers, crackers, script kiddies, etc.
Um.
First of all, let me say that it's a bad idea to have any un-necessary services open to the Internet. It gives crackers more targets: you only need one service to have a vulnerability and you're vulnerable.
In practice, unless you've got a badly written daemon, one more port is not going to make much of a difference.
But unless you actually *use* them, an open telnet port is no more insecure than an open ssh port (as Fedora ships it).
SSH has a number of security advantages: * you can use per-user authorized keys, not passwords.
* data is sent encrypted, not in plain text.
* users have some assurance that they're connecting to the server they want to connect to (and not a man-in-the-middle attack).
There are others but, like the last two points above, they're only of any use when legitimate users connect. If you don't actually make any connections, then no data of any kind (that you care about) flows, and you don't care whether it's encrypted or not. Likewise, if you don't connect to a server, it's kind of moot whether it's the right one or not!
So what about the first one? You can turn password authentication off with SSH servers, which means that only users who configure personal keys can connect. If no-one is using SSH, then the chance is there aren't any keys configured, keeping everyone out.
If password authentication is turned on, then an attacker is reduced to looking for vulnerabilities or brute-forcing passwords. You can try those with either server, but Fedora will limit the speed at which connections can be tried, and this limit is what stops it being practical.
So the difference effectively boils down to which server is more likely to have vulnerabilities. The OpenSSH team is *extremely* good, but there have been vulnerabilities in the past, and the server has to be more complex than a telnet daemon.
(You've had good advice for the rest of your problem...)
James.
I'm trying to set up Azureus using the Stanton Finley installation notes (http://stanton-finley.net/fedora_core_5_installation_notes.html). I have 3 linux boxes (192.168.1.11-13) behind a router (192.168.1.1) and a DSL modem (192.168.0.1). I've followed the instructions for modifying iptables to open TCP ports 6881-6999 and a single UDP port in that range -- I've chosen UDP port 6973.
There's an Azureus configuration wizard panel for selecting an incoming TCP listening port between 6882 and 6999 that corresponds to the number of the port selected for the udp iptables firewall port (6973). When I click the test button I get the error message:
Testing port 6973: NAT error
The instructions say: "Be sure that the tcp and udp port ranges that you open with iptables are also opened in your router if you have one." I'm assuming this is the source of my problem.
Here's how I've set up port forwarding on the DSL modem and the router:
The DSL Actiontec modem has a "Port Forwarding" page on which I've added these two lines to the "List of Forwarded Ports", where 192.168.1.1 is the address of the router: 6881-6999 tcp 192.168.1.1 6973-6973 udp 192.168.1.1
The Linksys router has a "Port Range Forwarding" page on which I've added these two entries, where 192.168.1.12 is the address of the Linux box where I want to use Azureus and bittorrent: 6881-6999 tcp 192.168.1.12 6973-6973 udp 192.168.1.12
Thanks for the help! Jerry
Gerhard Magnus wrote:
I'm trying to set up Azureus using the Stanton Finley installation notes (http://stanton-finley.net/fedora_core_5_installation_notes.html). I have 3 linux boxes (192.168.1.11-13) behind a router (192.168.1.1) and a DSL modem (192.168.0.1). I've followed the instructions for modifying iptables to open TCP ports 6881-6999 and a single UDP port in that range -- I've chosen UDP port 6973.
There's an Azureus configuration wizard panel for selecting an incoming TCP listening port between 6882 and 6999 that corresponds to the number of the port selected for the udp iptables firewall port (6973). When I click the test button I get the error message:
Testing port 6973: NAT error
If your router is a firewall/router (as many of them are, nowadays), you probably need to go into the router config panel and open up the same ports there as well.
Good luck.
I'm trying to set up an NFS file server on one of the boxes on my LAN and have gotten stuck. On the server, I used system-config-nfs to create the following /etc/exports file:
/home/magnusg/music 192.168.1.11(rw,sync) 192.168.1.12(rw,sync) 192.168.1.13(rw,sync)
to allow the other three boxes r/w access to the directory /home/magnusg/music on the server (192.168.1.14).
Also on the server, I used system-config-services to start nfs and nfslock on run levels 3 and 5. Then I checked NFS4 on the firewall configuration widget system-config-firewall to open tcp and udp ports 2049. Then I rebooted the server.
On one of the clients I then did (as root):
mkdir /mnt/PuteF mount 192.168.1.14:/home/magnusg/music /mnt/PuteF
and got the error message: mount: mount to NFS server '192.168.1.14' failed: System Error: No route to host
I'm guessing I need to open more ports, but which ones and where? The four boxes are connected to a Linksys router.
Thanks for the help! --Jerry
On Monday 24 March 2008 00:43:44 Gerhard Magnus wrote:
I'm trying to set up an NFS file server on one of the boxes on my LAN and have gotten stuck. On the server, I used system-config-nfs to create the following /etc/exports file:
/home/magnusg/music 192.168.1.11(rw,sync) 192.168.1.12(rw,sync) 192.168.1.13(rw,sync)
to allow the other three boxes r/w access to the directory /home/magnusg/music on the server (192.168.1.14).
Also on the server, I used system-config-services to start nfs and nfslock on run levels 3 and 5. Then I checked NFS4 on the firewall configuration widget system-config-firewall to open tcp and udp ports 2049. Then I rebooted the server.
On one of the clients I then did (as root):
mkdir /mnt/PuteF mount 192.168.1.14:/home/magnusg/music /mnt/PuteF
and got the error message: mount: mount to NFS server '192.168.1.14' failed: System Error: No route to host
I'm guessing I need to open more ports, but which ones and where? The four boxes are connected to a Linksys router.
Thanks for the help! --Jerry
Hi
Try turning your firewall off completely for a while - "service iptables stop" or "service ip6tables stop" will do it from the shell.
I don't bother with firewalls on my internal network machines, but then my kids are only young!
If turning it off makes nfs work then turn it back on using service iptables start and send the output from service iptables status to the list.
N
On Mon, 2008-03-24 at 06:15 +0000, Nicholas Robinson wrote:
On Monday 24 March 2008 00:43:44 Gerhard Magnus wrote:
I'm trying to set up an NFS file server on one of the boxes on my LAN and have gotten stuck. On the server, I used system-config-nfs to create the following /etc/exports file:
/home/magnusg/music 192.168.1.11(rw,sync) 192.168.1.12(rw,sync) 192.168.1.13(rw,sync)
to allow the other three boxes r/w access to the directory /home/magnusg/music on the server (192.168.1.14).
Also on the server, I used system-config-services to start nfs and nfslock on run levels 3 and 5. Then I checked NFS4 on the firewall configuration widget system-config-firewall to open tcp and udp ports 2049. Then I rebooted the server.
On one of the clients I then did (as root):
mkdir /mnt/PuteF mount 192.168.1.14:/home/magnusg/music /mnt/PuteF
and got the error message: mount: mount to NFS server '192.168.1.14' failed: System Error: No route to host
I'm guessing I need to open more ports, but which ones and where? The four boxes are connected to a Linksys router.
Thanks for the help! --Jerry
Hi
Try turning your firewall off completely for a while - "service iptables stop" or "service ip6tables stop" will do it from the shell.
I don't bother with firewalls on my internal network machines, but then my kids are only young!
If turning it off makes nfs work then turn it back on using service iptables start and send the output from service iptables status to the list.
N
After executing "service iptables stop" on both server and client I was able to mount the shared directory. After running "service iptables start" on both boxes I am still able to access files in the shared directory from the client.
Here's the output of service iptables status on the server (with the firewalls back up):
root@PuteF Mon Mar 24 11:30:51 [129] /home/magnusg $ service iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT) num target prot opt source destination
Chain RH-Firewall-1-INPUT (1 references) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0 5 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353 6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631 8 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2049 10 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:2049 11 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 12 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:111 13 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
...and on the client:
root@PuteB Mon Mar 24 11:42:33 [240] /mnt/PuteF/mp3/songs $ service iptables status Table: filter Chain INPUT (policy ACCEPT) num target prot opt source destination 1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT) num target prot opt source destination
Chain RH-Firewall-1-INPUT (1 references) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 3 ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0 5 ACCEPT udp -- 0.0.0.0/0 224.0.0.251 udp dpt:5353 6 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:631 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:631 8 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 9 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 10 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
I really want to learn samba eventually but I thought I'd master something simpler first :)
On Sun, 2008-03-23 at 17:43 -0700, Gerhard Magnus wrote:
I'm trying to set up an NFS file server on one of the boxes on my LAN and have gotten stuck. On the server, I used system-config-nfs to create the following /etc/exports file:
/home/magnusg/music 192.168.1.11(rw,sync) 192.168.1.12(rw,sync) 192.168.1.13(rw,sync)
to allow the other three boxes r/w access to the directory /home/magnusg/music on the server (192.168.1.14).
Also on the server, I used system-config-services to start nfs and nfslock on run levels 3 and 5. Then I checked NFS4 on the firewall configuration widget system-config-firewall to open tcp and udp ports 2049. Then I rebooted the server.
On one of the clients I then did (as root):
mkdir /mnt/PuteF mount 192.168.1.14:/home/magnusg/music /mnt/PuteF
and got the error message: mount: mount to NFS server '192.168.1.14' failed: System Error: No route to host
I'm guessing I need to open more ports, but which ones and where? The four boxes are connected to a Linksys router.
Thanks for the help! --Jerry
No route to host sounds more like a connection problem. You can ssh between the machines? -- ======================================================================= All right, you degenerates! I want this place evacuated in 20 seconds! ======================================================================= Aaron Konstam telephone: (210) 656-0355 e-mail: akonstam@sbcglobal.net
On Mon, 2008-03-24 at 10:38 -0600, Aaron Konstam wrote:
On Sun, 2008-03-23 at 17:43 -0700, Gerhard Magnus wrote:
I'm trying to set up an NFS file server on one of the boxes on my LAN and have gotten stuck. On the server, I used system-config-nfs to create the following /etc/exports file:
/home/magnusg/music 192.168.1.11(rw,sync) 192.168.1.12(rw,sync) 192.168.1.13(rw,sync)
to allow the other three boxes r/w access to the directory /home/magnusg/music on the server (192.168.1.14).
Also on the server, I used system-config-services to start nfs and nfslock on run levels 3 and 5. Then I checked NFS4 on the firewall configuration widget system-config-firewall to open tcp and udp ports 2049. Then I rebooted the server.
On one of the clients I then did (as root):
mkdir /mnt/PuteF mount 192.168.1.14:/home/magnusg/music /mnt/PuteF
and got the error message: mount: mount to NFS server '192.168.1.14' failed: System Error: No route to host
I'm guessing I need to open more ports, but which ones and where? The four boxes are connected to a Linksys router.
No route to host sounds more like a connection problem. You can ssh between the machines?
ssh works fine. I've been googling this problem and found that other people have had it and it may be a serious bug. Could it be that NFS doesn't work in fedora and that everybody uses samba anyway?
Gerhard Magnus wrote:
On Mon, 2008-03-24 at 10:38 -0600, Aaron Konstam wrote:
No route to host sounds more like a connection problem. You can ssh between the machines?
ssh works fine. I've been googling this problem and found that other people have had it and it may be a serious bug. Could it be that NFS doesn't work in fedora and that everybody uses samba anyway?
Nope, NFS works fine in FC8, both the default kernel, and a number of the upgrade kernels, no one in their right mind uses SAMBA within a group of Linux/Unix machines, Samba is typically only used when exporting Linux/Unix disk to machines that don't have NFS support.
"no route to host" *IS* a connection problem, run the commands "netstat -r" and "ifconfig -a" on both the server and client machine, and return the output.
Roger
On Mon, 2008-03-24 at 12:55 -0500, Roger Heflin wrote:
Gerhard Magnus wrote:
On Mon, 2008-03-24 at 10:38 -0600, Aaron Konstam wrote:
No route to host sounds more like a connection problem. You can ssh between the machines?
ssh works fine. I've been googling this problem and found that other people have had it and it may be a serious bug. Could it be that NFS doesn't work in fedora and that everybody uses samba anyway?
Nope, NFS works fine in FC8, both the default kernel, and a number of the upgrade kernels, no one in their right mind uses SAMBA within a group of Linux/Unix machines, Samba is typically only used when exporting Linux/Unix disk to machines that don't have NFS support.
"no route to host" *IS* a connection problem, run the commands "netstat -r" and "ifconfig -a" on both the server and client machine, and return the output.
Roger
OK... Here's the server:
magnusg@PuteF Mon Mar 24 11:22:24 [264] ~ $ netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 link-local * 255.255.0.0 U 0 0 0 eth0 default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
magnusg@PuteF Mon Mar 24 11:24:27 [265] ~ $ ifconfig -a eth0 Link encap:Ethernet HWaddr 00:16:76:C2:73:01 inet addr:192.168.1.14 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::216:76ff:fec2:7301/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:50516340 errors:0 dropped:0 overruns:0 frame:0 TX packets:25841001 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:3951842179 (3.6 GiB) TX bytes:1853560016 (1.7 GiB) Base address:0x20e0 Memory:e0300000-e0320000
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1665 errors:0 dropped:0 overruns:0 frame:0 TX packets:1665 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1492676 (1.4 MiB) TX bytes:1492676 (1.4 MiB)
...and the client:
magnusg@PuteB Mon Mar 24 11:26:53 [564] ~ $ netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.0 * 255.255.255.0 U 0 0 0 eth0 192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0 link-local * 255.255.0.0 U 0 0 0 eth0 default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0
magnusg@PuteB Mon Mar 24 11:27:03 [565] ~ $ ifconfig -a eth0 Link encap:Ethernet HWaddr 00:13:20:8C:8D:D2 inet addr:192.168.1.13 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::213:20ff:fe8c:8dd2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:271098 errors:0 dropped:0 overruns:0 frame:0 TX packets:141001 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:386786386 (368.8 MiB) TX bytes:9791269 (9.3 MiB)
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:334 errors:0 dropped:0 overruns:0 frame:0 TX packets:334 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:36716 (35.8 KiB) TX bytes:36716 (35.8 KiB)
virbr0 Link encap:Ethernet HWaddr 06:D4:47:1F:4A:72 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 inet6 addr: fe80::4d4:47ff:fe1f:4a72/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:29 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:5150 (5.0 KiB)
Gerhard Magnus wrote:
On Mon, 2008-03-24 at 12:55 -0500, Roger Heflin wrote:
Gerhard Magnus wrote:
On Mon, 2008-03-24 at 10:38 -0600, Aaron Konstam wrote:
No route to host sounds more like a connection problem. You can ssh between the machines?
ssh works fine. I've been googling this problem and found that other people have had it and it may be a serious bug. Could it be that NFS doesn't work in fedora and that everybody uses samba anyway?
Nope, NFS works fine in FC8, both the default kernel, and a number of the upgrade kernels, no one in their right mind uses SAMBA within a group of Linux/Unix machines, Samba is typically only used when exporting Linux/Unix disk to machines that don't have NFS support.
"no route to host" *IS* a connection problem, run the commands "netstat -r" and "ifconfig -a" on both the server and client machine, and return the output.
RogerOK... Here's the server:
...and the client:
I don't see anything in either that stands out as wrong, both machines are plugged into the "LAN" ports of the router?
Try "arp -a" on both the client and server, and see what returns.
If the arp command does not show the other machine, try pinging the other machine and rerun the "arp -a".
And can you both ping and ssh both directions? client -> server and server -> client?
Roger
On Mon, 2008-03-24 at 13:49 -0500, Roger Heflin wrote:
Gerhard Magnus wrote:
On Mon, 2008-03-24 at 12:55 -0500, Roger Heflin wrote:
Gerhard Magnus wrote:
On Mon, 2008-03-24 at 10:38 -0600, Aaron Konstam wrote:
No route to host sounds more like a connection problem. You can ssh between the machines?
ssh works fine. I've been googling this problem and found that other people have had it and it may be a serious bug. Could it be that NFS doesn't work in fedora and that everybody uses samba anyway?
Nope, NFS works fine in FC8, both the default kernel, and a number of the upgrade kernels, no one in their right mind uses SAMBA within a group of Linux/Unix machines, Samba is typically only used when exporting Linux/Unix disk to machines that don't have NFS support.
"no route to host" *IS* a connection problem, run the commands "netstat -r" and "ifconfig -a" on both the server and client machine, and return the output.
RogerOK... Here's the server:
...and the client:
In trying to fix this, I've since run "service iptables stop" on both boxes to shut down the firewalls. Then I was able to mount the shared directory on the client without problems. I started iptables again and can still see the shared directory on the client.
I don't see anything in either that stands out as wrong, both machines are plugged into the "LAN" ports of the router?
yes
Try "arp -a" on both the client and server, and see what returns.
Here's the server: magnusg@PuteF Mon Mar 24 12:04:28 [270] ~ $ arp -a PuteB.SMAssociates.com (192.168.1.13) at 00:13:20:8C:8D:D2 [ether] on eth0 ...and the client: magnusg@PuteB Mon Mar 24 12:11:05 [583] /mnt/PuteF $ arp -a PuteF.SMAssociates.com (192.168.1.14) at 00:16:76:C2:73:01 [ether] on eth0 ? (192.168.1.1) at 00:06:25:09:6C:22 [ether] on eth0
If the arp command does not show the other machine, try pinging the other machine and rerun the "arp -a".
"arp -a" on the server shows the client, while "arp -a" on the client shows the server.
And can you both ping and ssh both directions? client -> server and server -> client?
yes, both ping and ssh work fine. Is there some other port I need to open to get this to work?
On Mon, Mar 24, 2008 at 3:17 PM, Gerhard Magnus magnus@agora.rdrop.com wrote:
On Mon, 2008-03-24 at 13:49 -0500, Roger Heflin wrote:
Gerhard Magnus wrote:
On Mon, 2008-03-24 at 12:55 -0500, Roger Heflin wrote:
Gerhard Magnus wrote:
On Mon, 2008-03-24 at 10:38 -0600, Aaron Konstam wrote:
No route to host sounds more like a connection problem. You can ssh between the machines?
ssh works fine. I've been googling this problem and found that other people have had it and it may be a serious bug. Could it be that NFS doesn't work in fedora and that everybody uses samba anyway?
Nope, NFS works fine in FC8, both the default kernel, and a number of the upgrade kernels, no one in their right mind uses SAMBA within a group of Linux/Unix machines, Samba is typically only used when exporting Linux/Unix disk to machines that don't have NFS support.
"no route to host" *IS* a connection problem, run the commands "netstat -r" and "ifconfig -a" on both the server and client machine, and return the output.
RogerOK... Here's the server:
...and the client:
In trying to fix this, I've since run "service iptables stop" on both boxes to shut down the firewalls. Then I was able to mount the shared directory on the client without problems. I started iptables again and can still see the shared directory on the client.
I don't see anything in either that stands out as wrong, both machines are plugged into the "LAN" ports of the router?
yes
Try "arp -a" on both the client and server, and see what returns.
Here's the server: magnusg@PuteF Mon Mar 24 12:04:28 [270] ~ $ arp -a PuteB.SMAssociates.com (192.168.1.13) at 00:13:20:8C:8D:D2 [ether] on eth0 ...and the client: magnusg@PuteB Mon Mar 24 12:11:05 [583] /mnt/PuteF $ arp -a PuteF.SMAssociates.com (192.168.1.14) at 00:16:76:C2:73:01 [ether] on eth0 ? (192.168.1.1) at 00:06:25:09:6C:22 [ether] on eth0
If the arp command does not show the other machine, try pinging the other machine and rerun the "arp -a".
"arp -a" on the server shows the client, while "arp -a" on the client shows the server.
And can you both ping and ssh both directions? client -> server and server -> client?
yes, both ping and ssh work fine. Is there some other port I need to open to get this to work?
-- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
from the looks of it you are using NFSv3 exports, so enabling NFS4 on the firewall tool buys you nothing. Here is one solution, first it tells the NFS daemons what ports to listen on, the the iptables rules open up those ports:
[ajn@pensieve2 ~]$ sudo cat /etc/sysconfig/nfs RPCNFSDCOUNT=25 STATD_PORT=10002 STATD_OUTGOING_PORT=10003 MOUNTD_PORT=10004 RQUOTAD_PORT=10005 [ajn@pensieve2 ~]$ sudo cat /etc/sysconfig/iptables <snip> -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 111 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 111 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 2049 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 2049 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 10000 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 10001 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 10002:10005 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 10002:10005 -j ACCEPT <snip>
note: the 2049 ports are for nfs4
On Mon, 2008-03-24 at 15:29 -0400, Alastair Neil wrote:
from the looks of it you are using NFSv3 exports, so enabling NFS4 on the firewall tool buys you nothing.
I'd come to a similar conclusion about my own system. I'm using the auto mounting system [1] to get to shared resources, and I'd enabled the NFS4 option in the firewall configuration. You'd think that that Fedora would use NFS4 by default, but it doesn't seem to.
It makes the automounter and firewall options rather useless. Prior releases had an easy way around it (NB: a workaround, not a real solution): You could mark a particular interface as being trustworthy. So that, eth0, for instance, was treated as your LAN, without firewall rules in the way, and ppp0 as WAN with lots of protection from firewall rules.
1. e.g. cd /net/server/filestore/ And it'd auto-mount the "filestore" export from the "server" in the "/net" directory.
On Mon, 24 Mar 2008 07:51:26 -0700 Gerhard Magnus magnus@agora.rdrop.com wrote:
Could it be that NFS doesn't work in fedora and that everybody uses samba anyway?
No, it couldn't be. I use and have used NFS on every Fedora release up to and including F8 without difficulty. And I don't use Samba at all.
On Sun, 23 Mar 2008 17:43:44 -0700, Gerhard Magnus wrote:
I'm trying to set up an NFS file server on one of the boxes on my LAN and have gotten stuck. On the server, I used system-config-nfs to create the following /etc/exports file:
/home/magnusg/music 192.168.1.11(rw,sync) 192.168.1.12(rw,sync) 192.168.1.13(rw,sync)
to allow the other three boxes r/w access to the directory /home/magnusg/music on the server (192.168.1.14).
Also on the server, I used system-config-services to start nfs and nfslock on run levels 3 and 5. Then I checked NFS4 on the firewall configuration widget system-config-firewall to open tcp and udp ports 2049. Then I rebooted the server.
On one of the clients I then did (as root):
mkdir /mnt/PuteF mount 192.168.1.14:/home/magnusg/music /mnt/PuteF
and got the error message: mount: mount to NFS server '192.168.1.14' failed: System Error: No route to host
I'm guessing I need to open more ports, but which ones and where? The four boxes are connected to a Linksys router.
Thanks for the help! --Jerry
This has been discussed over and over again on this list.
The NFS server needs some rpc services in addition to nfs proper, such as mountd, statd, lockd and rquotad. NFS proper runs on port 2049. What ports do you suppose the rpc services run on?
Believe it or not, by default, these are assigned random ports when those services are started (when you start nfs). To see what they happen to be, run rpcinfo as root on the nfs server:
rpcinfo -p
If you stop/start the nfs server you'll see different ports.
At any rate, you need to open these ports in the firewall. First you force them to be non-random, by specifying what you want them to be in /etc/sysconfig/nfs. For instance
RQUOTAD_PORT=4000 LOCKD_TCPPORT=4001 LOCKD_UDPPORT=4001 MOUNTD_PORT=4002 STATD_PORT=4003
Once you've pinned them down, you open them in the firewall (on the nfs server) once and for all.
Furthermore, you need to open the portmapper in the firewall as well (i.e. port 111 both tcp and udp). The portmapper is needed to tell the nfs clients what the rpc ports are.
That's all.
One more thing. You don't need to put anything in /etc/fstab unless you want the exported partitions to be mounted permanently on the clients. Run the automounter on the clients, and then the exported partitions get mounted on demand. Ex. on a client
cd /net/my_nfs_server/my_exported_partition
mounts it first, then changes directory.
On Tue, 2008-03-25 at 02:46 +0000, Amadeus W.M. wrote:
On Sun, 23 Mar 2008 17:43:44 -0700, Gerhard Magnus wrote:
I'm trying to set up an NFS file server on one of the boxes on my LAN and have gotten stuck. On the server, I used system-config-nfs to create the following /etc/exports file:
/home/magnusg/music 192.168.1.11(rw,sync) 192.168.1.12(rw,sync) 192.168.1.13(rw,sync)
to allow the other three boxes r/w access to the directory /home/magnusg/music on the server (192.168.1.14).
Also on the server, I used system-config-services to start nfs and nfslock on run levels 3 and 5. Then I checked NFS4 on the firewall configuration widget system-config-firewall to open tcp and udp ports 2049. Then I rebooted the server.
On one of the clients I then did (as root):
mkdir /mnt/PuteF mount 192.168.1.14:/home/magnusg/music /mnt/PuteF
and got the error message: mount: mount to NFS server '192.168.1.14' failed: System Error: No route to host
I'm guessing I need to open more ports, but which ones and where? The four boxes are connected to a Linksys router.
This has been discussed over and over again on this list.
so thanks for your patience in going over it one more time.
The NFS server needs some rpc services in addition to nfs proper, such as mountd, statd, lockd and rquotad. NFS proper runs on port 2049. What ports do you suppose the rpc services run on?
Believe it or not, by default, these are assigned random ports when those services are started (when you start nfs). To see what they happen to be, run rpcinfo as root on the nfs server:
rpcinfo -p
If you stop/start the nfs server you'll see different ports.
At any rate, you need to open these ports in the firewall. First you force them to be non-random, by specifying what you want them to be in /etc/sysconfig/nfs. For instance
RQUOTAD_PORT=4000 LOCKD_TCPPORT=4001 LOCKD_UDPPORT=4001 MOUNTD_PORT=4002 STATD_PORT=4003
Once you've pinned them down, you open them in the firewall (on the nfs server) once and for all.
Furthermore, you need to open the portmapper in the firewall as well (i.e. port 111 both tcp and udp). The portmapper is needed to tell the nfs clients what the rpc ports are.
That's all.
One more thing. You don't need to put anything in /etc/fstab unless you want the exported partitions to be mounted permanently on the clients. Run the automounter on the clients, and then the exported partitions get mounted on demand. Ex. on a client
cd /net/my_nfs_server/my_exported_partition
mounts it first, then changes directory.
Now everything works fine.
Thanks for the help and the clear explanation as to what's going on here!
Gerhard Magnus wrote:
I'm trying to set up Azureus using the Stanton Finley installation notes (http://stanton-finley.net/fedora_core_5_installation_notes.html). I have 3 linux boxes (192.168.1.11-13) behind a router (192.168.1.1) and a DSL modem (192.168.0.1). I've followed the instructions for modifying iptables to open TCP ports 6881-6999 and a single UDP port in that range -- I've chosen UDP port 6973.
I believe that the recommendation is now to _avoid_ using ports 6881 to 6999 (see http://www.azureuswiki.com/index.php/PortIsBlacklisted). The azureuswiki (http://www.azureuswiki.com) has pretty helpful information on getting things working. I believe that azureus will only use one port (for both TCP & UDP), so there is no need to blow big holes in your firewall. Various ISPs are apparently either rate-limiting (most likely) or blocking (unlikely??) the old typical bittorrent ports, so you may just have better luck if you switch to a different higher-numbered port--make your router and any FC5 iptables firewalling rules let in the packets for the port that you choose.
Here's how I've set up port forwarding on the DSL modem and the router:
The DSL Actiontec modem has a "Port Forwarding" page on which I've added these two lines to the "List of Forwarded Ports", where 192.168.1.1 is the address of the router: 6881-6999 tcp 192.168.1.1 6973-6973 udp 192.168.1.1
The Linksys router has a "Port Range Forwarding" page on which I've added these two entries, where 192.168.1.12 is the address of the Linux box where I want to use Azureus and bittorrent: 6881-6999 tcp 192.168.1.12 6973-6973 udp 192.168.1.12
I guess I'm confused as to how the router and the DSL modem are connected to your network--If the DSL modem is doing NAT for you, and so is the router (rather odd, but should work), then you may have things set correctly, but then the router is using two interfaces, perhaps 192.168.0.X connected to the DSL modem, and 192.168.1.1 connected to the linux machines--if so, you probably want to have the DSL modem forward to 192.168.0.X (whatever the router's address is on that subnet)--the DSL modem likely doesn't know about the 192.168.1.X network.
If you aren't running NAT on both the DSL modem and the router, then you likely only need port forwarding configured on the one that is doing NAT (the router, I'm guessing).
Thanks for the help! Jerry
Hope that helps,
-se
On Wed, 2006-09-06 at 09:28 -0700, Steven Ellis wrote:
Gerhard Magnus wrote:
I'm trying to set up Azureus using the Stanton Finley installation notes (http://stanton-finley.net/fedora_core_5_installation_notes.html). I have 3 linux boxes (192.168.1.11-13) behind a router (192.168.1.1) and a DSL modem (192.168.0.1). I've followed the instructions for modifying iptables to open TCP ports 6881-6999 and a single UDP port in that range -- I've chosen UDP port 6973.
I believe that the recommendation is now to _avoid_ using ports 6881 to 6999...
Here's how I've set up port forwarding on the DSL modem and the router:
The DSL Actiontec modem has a "Port Forwarding" page on which I've added these two lines to the "List of Forwarded Ports", where 192.168.1.1 is the address of the router: 6881-6999 tcp 192.168.1.1 6973-6973 udp 192.168.1.1
The Linksys router has a "Port Range Forwarding" page on which I've added these two entries, where 192.168.1.12 is the address of the Linux box where I want to use Azureus and bittorrent: 6881-6999 tcp 192.168.1.12 6973-6973 udp 192.168.1.12
I guess I'm confused as to how the router and the DSL modem are connected to your network--If the DSL modem is doing NAT for you, and so is the router (rather odd, but should work), then you may have things set correctly, but then the router is using two interfaces, perhaps 192.168.0.X connected to the DSL modem, and 192.168.1.1 connected to the linux machines--if so, you probably want to have the DSL modem forward to 192.168.0.X (whatever the router's address is on that subnet)--the DSL modem likely doesn't know about the 192.168.1.X network.
I think this is exactly what's happening: the modem sees the router as 192.168.0.3 while the Linux machines see the router as 192.168.1.1. How is this address 192.168.0.3 assigned? Where does the translation to 192.168.1.1 occur?
If you aren't running NAT on both the DSL modem and the router, then you likely only need port forwarding configured on the one that is doing NAT (the router, I'm guessing).
The DSL modem provided by the phone company has only one output, which has forced me to use a router to connect my local network. I would like to use a more standard configuration for the modem and router, as it might make troubleshooting problems like this one with azureus easier. I assume this means having NAT running only on the router.
The DSL modem has a static IP address assigned by my ISP. My boxes on the LAN also have static addresses.
I've tried changing settings on the router and modem but then I can't reach the net from the LAN.
Any suggestions as to how to proceed in making this configuration more standard (and transparent to this user) would be much appreciated.
Jerry
After installing FC6 I noticed something resembling the return of the old Redhat software update icon on the panel. Running the application worked fine the first time but I seem to have lost the icon somehow. What's this program called? How do I get it back running in the background and notifying me about available updates?
Thanks for the help! --Jerry
Gerhard Magnus wrote:
After installing FC6 I noticed something resembling the return of the old Redhat software update icon on the panel. Running the application worked fine the first time but I seem to have lost the icon somehow. What's this program called? How do I get it back running in the background and notifying me about available updates?
Thanks for the help! --Jerry
run system-config-services from the command line and look for "yum-updatesd". If that service is running, you have nothing more to do. My system alerts me periodically when updates are available.
Richard England wrote:
Gerhard Magnus wrote:
After installing FC6 I noticed something resembling the return of the old Redhat software update icon on the panel. Running the application worked fine the first time but I seem to have lost the icon somehow. What's this program called? How do I get it back running in the background and notifying me about available updates?
Thanks for the help! --Jerry
run system-config-services from the command line and look for "yum-updatesd". If that service is running, you have nothing more to do. My system alerts me periodically when updates are available.
Further to that: the icon is from puplet {the pup applet}. Once you have applied any outstanding updates, a minute or so later, puplet hides it's icon. If the yum-updatesd eventually finds some extra updates, it informs puplet so that the icon will then be displayed again.
DaveT.
I've recently installed FC8 and have been trying to get the sound to work. The system-config-soundcard plays its tune but everything else is silent. Back in the day, you only had to turn up the volume on alsamixer but now when I try starting alsamixer I get the message " *** PULSEAUDIO: Unable to connect: Connection refused."
Does each application have to be configured to work with pulseaudio?
Why does something as simple as sound on a PC require a Senior Tech to work in Fedora?
For starters: (1) How do I get the mplayer plugin I have up and running in Firefox to include sound? (2) How do I get sound from xmms?
Any roadmaps or even pointers in the right direction would be appreciated.
Jerry
On Tuesday 29 January 2008 22:15, Gerhard Magnus wrote:
I've recently installed FC8 and have been trying to get the sound to work. The system-config-soundcard plays its tune but everything else is silent. Back in the day, you only had to turn up the volume on alsamixer but now when I try starting alsamixer I get the message " *** PULSEAUDIO: Unable to connect: Connection refused."
Does each application have to be configured to work with pulseaudio?
Why does something as simple as sound on a PC require a Senior Tech to work in Fedora?
For starters: (1) How do I get the mplayer plugin I have up and running in Firefox to include sound? (2) How do I get sound from xmms?
Any roadmaps or even pointers in the right direction would be appreciated.
Jerry
Personally, I just disabled pulseaudio on F8, when I found it complaining with the PULSEAUDIO: Unable to connect: Connection refused, sort of thing.
Easily done with a yum remove alsa-plugins-pulseaudio
Now your sound should be back working as it was before.
Nigel.
On Tue, 2008-01-29 at 22:59 +0100, Nigel Henry wrote:
On Tuesday 29 January 2008 22:15, Gerhard Magnus wrote:
I've recently installed FC8 and have been trying to get the sound to work. The system-config-soundcard plays its tune but everything else is silent. Back in the day, you only had to turn up the volume on alsamixer but now when I try starting alsamixer I get the message " *** PULSEAUDIO: Unable to connect: Connection refused."
Does each application have to be configured to work with pulseaudio?
Why does something as simple as sound on a PC require a Senior Tech to work in Fedora?
For starters: (1) How do I get the mplayer plugin I have up and running in Firefox to include sound? (2) How do I get sound from xmms?
Any roadmaps or even pointers in the right direction would be appreciated.
Jerry
Personally, I just disabled pulseaudio on F8, when I found it complaining with the PULSEAUDIO: Unable to connect: Connection refused, sort of thing.
Easily done with a yum remove alsa-plugins-pulseaudio
Now your sound should be back working as it was before.
Nigel.
Thanks for the quick fix -- sometimes the old ways are best.
In trying to fix this I looked at a lot of different pulseaudio documentation (and user complaints). Could someone suggest the most reliable source(s) of information about getting this interesting software to work?
I've been experimenting with setting up an ftp server on a home network. The instructions I've been looking at for getting vsftpd operational include using "mount --bind" commands for mounting other directories to /var/ftp (neat trick!) The how-to says:
Whenever you restart your computer, you have to bind the directories every time, so that they are shown on the ftp server. To skip binding every time, write everything (all commands for binding) in a mount.sh file and run it whenever you restart your computer.
Confession: This will be my first unix script. A whole new world awaits! Where do I put it? How do I guarantee it will be run at boot time?
Thanks for the help! Jerry
On Wed, 2008-02-20 at 11:10 -0800, Gerhard Magnus wrote:
I've been experimenting with setting up an ftp server on a home network. The instructions I've been looking at for getting vsftpd operational include using "mount --bind" commands for mounting other directories to /var/ftp (neat trick!) The how-to says:
Whenever you restart your computer, you have to bind the directories every time, so that they are shown on the ftp server. To skip binding every time, write everything (all commands for binding) in a mount.sh file and run it whenever you restart your computer.
Confession: This will be my first unix script. A whole new world awaits! Where do I put it? How do I guarantee it will be run at boot time?
Thanks for the help! Jerry
I don't think you have to make a script. Just put the mounts in /etc/fstab
/directory/to/share /var/ftp/whatever none --bind
I'm not an expert, but it did work here
Henning Larsen
Gerhard Magnus wrote:
I've been experimenting with setting up an ftp server on a home network. The instructions I've been looking at for getting vsftpd operational include using "mount --bind" commands for mounting other directories to /var/ftp (neat trick!) The how-to says:
Whenever you restart your computer, you have to bind the directories every time, so that they are shown on the ftp server. To skip binding every time, write everything (all commands for binding) in a mount.sh file and run it whenever you restart your computer.
Confession: This will be my first unix script. A whole new world awaits! Where do I put it? How do I guarantee it will be run at boot time?
I don't want to keep you from getting starting writing scripts, but I don't see why you'd need to write one to setup a bind mount at boot. Just add an entry to /etc/fstab for the mount point. The syntax would be something like this:
/real/path /path/you/are/binding none rw,bind 0 0
See man fstab for more details (though the man page doesn't cover anything specific for bind mounts).
On Tue, 29 Jan 2008 13:15:38 -0800, Gerhard Magnus wrote:
I've recently installed FC8 and have been trying to get the sound to work. The system-config-soundcard plays its tune but everything else is silent. Back in the day, you only had to turn up the volume on alsamixer but now when I try starting alsamixer I get the message " *** PULSEAUDIO: Unable to connect: Connection refused."
Does each application have to be configured to work with pulseaudio?
Why does something as simple as sound on a PC require a Senior Tech to work in Fedora?
For starters: (1) How do I get the mplayer plugin I have up and running in Firefox to include sound? (2) How do I get sound from xmms?
Any roadmaps or even pointers in the right direction would be appreciated.
Jerry
If you run mplayer at the prompt, then
mplayer -ao pulse ... # will use pulse mplayer -ao alsa ... # will use alsa, if yo so prefer, which is the default in mplayer.
To force it to use pulse by default put
ao = pulse
in ~/.mplayer/config
I guess if you do that, then mplayer plug-in would have sound too.
I no longer use xmms, but I remember it had a menu where you could select which sound system to use (alsa, oss, esd). Not sure if it has pulseaudio yet.
I am using pulseaudio ok for the most part, with two exceptions:
1) When watching a full length movie with mplayer in full screen mplayer freezes after about 20-30 minutes into the movie (but I can go to another screen, open a shell and kill it). This only happens with pulseaudio, not with alsa, so I'm using mplayer with alsa (although I haven't tested this behavior with the latest updates).
2) flite (which is used by things like roadnav, or mail notification) doesn't know about pulseaudio, or I don't know how to tell it to use pulseaudio, so I can't use it at all, which is too bad. I think flite is a good replacement for festival, and should become the default speech synthesis system. Hope this bug will be fixed in a future release.
I can get flite (and probably anything else) to work with alsa if I remove alsa-plugins-pulseaudio (no need to remove other pulseaudio rpms). I'm ok with pulseaudio for now.
On Wed, 2006-09-06 at 09:28 -0700, Steven Ellis wrote:
Gerhard Magnus wrote:
I'm trying to set up Azureus using the Stanton Finley installation notes (http://stanton-finley.net/fedora_core_5_installation_notes.html). I have 3 linux boxes (192.168.1.11-13) behind a router (192.168.1.1) and a DSL modem (192.168.0.1). I've followed the instructions for modifying iptables to open TCP ports 6881-6999 and a single UDP port in that range -- I've chosen UDP port 6973.
Here's how I've set up port forwarding on the DSL modem and the router:
The DSL Actiontec modem has a "Port Forwarding" page on which I've added these two lines to the "List of Forwarded Ports", where 192.168.1.1 is the address of the router: 6881-6999 tcp 192.168.1.1 6973-6973 udp 192.168.1.1
The Linksys router has a "Port Range Forwarding" page on which I've added these two entries, where 192.168.1.12 is the address of the Linux box where I want to use Azureus and bittorrent: 6881-6999 tcp 192.168.1.12 6973-6973 udp 192.168.1.12
I guess I'm confused as to how the router and the DSL modem are connected to your network--If the DSL modem is doing NAT for you, and so is the router (rather odd, but should work), then you may have things set correctly, but then the router is using two interfaces, perhaps 192.168.0.X connected to the DSL modem, and 192.168.1.1 connected to the linux machines--if so, you probably want to have the DSL modem forward to 192.168.0.X (whatever the router's address is on that subnet)--the DSL modem likely doesn't know about the 192.168.1.X network.
My network configuration is the "odd" one described above. I changed the DSL modem port forwarding IP to 192.168.0.3, the address assigned to the router by its DHCP. Now everything works fine. Thanks for the help!
I believe that the recommendation is now to _avoid_ using ports 6881 to 6999. I believe that azureus will only use one port (for both TCP & UDP), so there is no need to blow big holes in your firewall. Various ISPs are apparently either rate-limiting (most likely) or blocking (unlikely??) the old typical bittorrent ports, so you may just have better luck if you switch to a different higher-numbered port--make your router and any FC5 iptables firewalling rules let in the packets for the port that you choose.
port 6973 works fine -- maybe my ISP doesn't see bittorrent as a problem... yet anyway :}
I'm running FC5 and trying to import the GPG key for the freshrpms repository. But the command
rpm --import http://freshrpms.net/packages/RPM-GPG-KEY.txt
keeps giving me this error message:
error: http://freshrpms.net/packages/RPM-GPG-KEY.txt: import read failed(-1). Segmentation fault
Do I have the command wrong or is there some other problem? Thanks for the help!
On Tue, 2006-11-07 at 08:19 -0800, Gerhard Magnus wrote:
I'm running FC5 and trying to import the GPG key for the freshrpms repository. But the command
rpm --import http://freshrpms.net/packages/RPM-GPG-KEY.txt
keeps giving me this error message:
error: http://freshrpms.net/packages/RPM-GPG-KEY.txt: import read failed(-1). Segmentation fault
If I try to look at that keyfile, I get a 403 error.
e.g. Try lynx http://freshrpms.net/packages/RPM-GPG-KEY.txt
So, either there's a problem at the website, or you've got the address down wrong.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tim wrote:
On Tue, 2006-11-07 at 08:19 -0800, Gerhard Magnus wrote:
I'm running FC5 and trying to import the GPG key for the freshrpms repository. But the command
rpm --import http://freshrpms.net/packages/RPM-GPG-KEY.txt
keeps giving me this error message:
error: http://freshrpms.net/packages/RPM-GPG-KEY.txt: import read failed(-1). Segmentation fault
If I try to look at that keyfile, I get a 403 error.
e.g. Try lynx http://freshrpms.net/packages/RPM-GPG-KEY.txt
So, either there's a problem at the website, or you've got the address down wrong.
If you actually read the website instructions, and follow them, you will have solved your problem.
- --
David
On Tue, 2006-11-07 at 19:50 -0800, David Boles wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Tim wrote:
On Tue, 2006-11-07 at 08:19 -0800, Gerhard Magnus wrote:
I'm running FC5 and trying to import the GPG key for the freshrpms repository. But the command
rpm --import http://freshrpms.net/packages/RPM-GPG-KEY.txt
keeps giving me this error message:
error: http://freshrpms.net/packages/RPM-GPG-KEY.txt: import read failed(-1). Segmentation fault
If I try to look at that keyfile, I get a 403 error.
e.g. Try lynx http://freshrpms.net/packages/RPM-GPG-KEY.txt
So, either there's a problem at the website, or you've got the address down wrong.
If you actually read the website instructions, and follow them, you will have solved your problem.
I've been following the instructions here: http://www.stanton-finley.net/fedora_core_5_installation_notes.html but it seems the command for importing the GPG key for the freshrpms repository has stopped working:
root@PuteA Wed Nov 08 07:56:02 [77] ~ $ rpm --import http://freshrpms.net/packages/RPM-GPG-KEY.txt error: http://freshrpms.net/packages/RPM-GPG-KEY.txt: import read failed(-1). Segmentation fault
By "the webpage instructions" I assume you mean http://freshrpms.net/packages/ under "Getting started" where it says:
Since Red Hat Linux 8.0, rpm handles package signature checking internally. This is why you should feed rpm the public keys used to sign the packages you want to install. This can be easily done by downloading the RPM-GPG-KEY-freshrpms file above then running :
rpm --import RPM-GPG-KEY-freshrpms
But when I execute this I get:
root@PuteA Wed Nov 08 07:55:57 [76] ~ $ rpm --import RPM-GPG-KEY-freshrpms error: RPM-GPG-KEY-freshrpms: import read failed(-1).
So maybe someone can tell me what are these "website instructions" I need to "actually read"? Thanks for the help! Jerry
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gerhard Magnus wrote:
I've been following the instructions here: http://www.stanton-finley.net/fedora_core_5_installation_notes.html but it seems the command for importing the GPG key for the freshrpms repository has stopped working:
It seems to me that Stanton's instructions could be simplified.
root@PuteA Wed Nov 08 07:56:02 [77] ~ $ rpm --import http://freshrpms.net/packages/RPM-GPG-KEY.txt error: http://freshrpms.net/packages/RPM-GPG-KEY.txt: import read failed(-1). Segmentation fault
The files that you're trying to import doesn't exist (pull it up in your web browser to verify that). It shouldn't cause rpm to segfault though. That's a bug in rpm.
So maybe someone can tell me what are these "website instructions" I need to "actually read"?
The instructions are hidden on the FreshRPMS home page. :)
"The easiest way to install freshrpms.net packages is to click here from within firefox, choose to open with Software Installer (the default) then go to Add/Remove Software from the main menu, where new applications will be available in the list."
- -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ====================================================================== I need not suffer in silence while I can still moan, whimper, and complain.
Todd, maybe you have a typo or a wrong link. I tried this and it worked:
[root@myhost ~]# rpm --import http://freshrpms.net/RPM-GPG-KEY-freshrpms [root@myhost ~]# echo $? 0
I think this time will work. Regards
Linux user number 433512 Free as in Freedom: http://counter.li.org
--------------------------------- Cheap Talk? Check out Yahoo! Messenger's low PC-to-Phone call rates.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Ed Landaveri wrote:
Todd, maybe you have a typo or a wrong link.
Yes, that was the point. The typo is on Stanton Finley's site that Gerhard was following.
I tried this and it worked:
[root@myhost ~]# rpm --import http://freshrpms.net/RPM-GPG-KEY-freshrpms [root@myhost ~]# echo $?
Yes, using the right URL rpm will import just fine. But more importantly in this case, there is a much easier way to install the FreshRPMS GPG key, as illustrated on the freshrpms.net page which I quoted.
Either way, I use Livna for the things I can't get from Core or Extras. Anything they don't have I package myself. :)
- -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ====================================================================== No statement should be believed because it is made by an authority. -- Hans Reichenbach
--- Gerhard Magnus magnus@agora.rdrop.com wrote:
By "the webpage instructions" I assume you mean http://freshrpms.net/packages/ under "Getting started" where it says:
Since Red Hat Linux 8.0, rpm handles package signature checking internally. This is why you should feed rpm the public keys used to sign the packages you want to install. This can be easily done by downloading the RPM-GPG-KEY-freshrpms file above then running :
rpm --import RPM-GPG-KEY-freshrpms
But when I execute this I get:
root@PuteA Wed Nov 08 07:55:57 [76] ~ $ rpm --import RPM-GPG-KEY-freshrpms error: RPM-GPG-KEY-freshrpms: import read failed(-1).
I've only used this command once myself. But, I think you need to run it from the folder that contains the key file. Or, possibly, put the key file in the same folder that the other keys are in. I did both just to be sure.
____________________________________________________________________________________ Sponsored Link
Mortgage rates near 39yr lows. $420k for $1,399/mo. Calculate new payment! http://www.LowerMyBills.com/lre
On Tuesday 07 November 2006 17:19, Gerhard Magnus wrote:
I'm running FC5 and trying to import the GPG key for the freshrpms repository. But the command
rpm --import http://freshrpms.net/packages/RPM-GPG-KEY.txt
keeps giving me this error message:
error: http://freshrpms.net/packages/RPM-GPG-KEY.txt: import read failed(-1). Segmentation fault
Do I have the command wrong or is there some other problem? Thanks for the help!
Hi Gerhard. I have had problems sometimes importing keys directly from the site. Usually I just DL the key into my /home/user directory, then as root run, rpm --import <keyname> changing keyname for the key you have DL'd.
So in the case of FC6, I went to http://zod.freshrpms.net , then near the top of the home page is a section "apt yum and others" . I use apt so I clicked on that, and that takes you to a page where you can DL a package which will add repos to, in my case /etc/apt/sources.list, and I believe it installs the key as well. If you just want the key, and want to add the URL's for the repo's manually, work your way down the page to the section "Configuration files" . I clicked on "apt build page" , which takes you to a page where you can DL the key, sources.list, and other stuff. I've just right clicked on the key, then save link as, then put the key in my /home/user directory. Then as I've said, su to root on the CLI, and run, rpm --import RPM-GPG-KEY.freshrpms You'll be returned to the prompt if it has installed ok, but if you want to check, run as user, rpm -q -a --last , and the key should be at the top of the list. You will still need to add the the URL for freshrpms to, if your using Apt, to /etc/apt/sources.list, or if your using Yum, to /etc/yum.repos.d. If your using Yum it might just be easier to DL the package for FC6, which is under the heading "Downloads of Yum for Fedora Core". I think this includes the key, but if you have already imported the key, it should make little difference.
I've had no problem with freshrpms for FC5 (bordeaux), and there shouldn't be a problem with FC6 (zod).
Nigel.
On Wed, 2006-11-08 at 20:41 +0100, Nigel Henry wrote:
On Tuesday 07 November 2006 17:19, Gerhard Magnus wrote:
I'm running FC5 and trying to import the GPG key for the freshrpms repository. But the command
rpm --import http://freshrpms.net/packages/RPM-GPG-KEY.txt
keeps giving me this error message:
error: http://freshrpms.net/packages/RPM-GPG-KEY.txt: import read failed(-1). Segmentation fault
Do I have the command wrong or is there some other problem? Thanks for the help!
Hi Gerhard. I have had problems sometimes importing keys directly from the site. Usually I just DL the key into my /home/user directory, then as root run, rpm --import <keyname> changing keyname for the key you have DL'd.
So in the case of FC6, I went to http://zod.freshrpms.net , then near the top of the home page is a section "apt yum and others" . I use apt so I clicked on that, and that takes you to a page where you can DL a package which will add repos to, in my case /etc/apt/sources.list, and I believe it installs the key as well. If you just want the key, and want to add the URL's for the repo's manually, work your way down the page to the section "Configuration files" . I clicked on "apt build page" , which takes you to a page where you can DL the key, sources.list, and other stuff. I've just right clicked on the key, then save link as, then put the key in my /home/user directory. Then as I've said, su to root on the CLI, and run, rpm --import RPM-GPG-KEY.freshrpms You'll be returned to the prompt if it has installed ok, but if you want to check, run as user, rpm -q -a --last , and the key should be at the top of the list. You will still need to add the the URL for freshrpms to, if your using Apt, to /etc/apt/sources.list, or if your using Yum, to /etc/yum.repos.d. If your using Yum it might just be easier to DL the package for FC6, which is under the heading "Downloads of Yum for Fedora Core". I think this includes the key, but if you have already imported the key, it should make little difference.
I've had no problem with freshrpms for FC5 (bordeaux), and there shouldn't be a problem with FC6 (zod).
Nigel.
This was very helpful -- thanks!
-
Aaron Konstam -
Alastair Neil -
Amadeus W.M. -
David -
Development discussions related to Fedora -
Ed Landaveri -
Frank Cox -
George Arseneault -
Gerhard Magnus -
Henning Larsen -
James Wilkinson -
Mathew Lowland -
Nicholas Robinson -
Nigel Henry -
Richard England -
Roger Heflin -
Steve Ellis -
Steve Juranich -
Stuart Sears -
Tim -
Todd Zullinger