Current setup: I'm running ipchains as a firewall and to proxy
my other machine to the Web via DSL. This Linux firewall has
two NIC cards: one with a public IP address, the other on
my private 10.100.100 network. I have a web server on the private
network (10.100.100.20). How do I configure ipchains to redirect
all web requests at my firewall to the web server on my internal
network?
--
Mitchel Vernor, mitboy@hotmail.com
You'll need to use a port forwarding tool (such as redir or ipmasqadm) to ``redirect'' all requests that try to connect to port 80 (assuming you are using the default port) of your firewall's address to the web server's address. redir is a user-space program that has some limitations, but works with older kernel versions. ipmasqadm (which I recommend) works with 2.2.x (some 2.1.x also) and it is kernel-based.
Assuming all other input, output and forward chains are present, you should simply add:
ipmasqadm portfw -f ipmasqadm portfw -a -P tcp -L EXTERNAL_FIREWALL_IP 80 -R 10.100.100.20 80to your startup script.
More information on port forwarding under kernel versions 2.2 and higher,
including examples, can be found at
http://www.monmouth.demon.co.uk/ipsubs/portfw-2.2.html.
--
Chad Robinson, Chad.Robinson@brt.com
If you don't have ipmasqadm on your system, you can find it here:
http://juanjox.kernelnotes.org/.
You need at least kernel 2.2.x for this to work (although there are
patches for 2.0.x), and your kernel must have IP: ipportfw
masq support (EXPERIMENTAL), which is an option you can select
only if you checked
``Prompt for development and/or incomplete code/drivers'' during
configuration.
--
Marc Merlin, marc_bts@valinux.com
Can I have a PPP connection that supports TCP/IP using a null
modem between Win98 and Linux boxes? Any one of the machines
needs to dial up to the other.
I am using Red Hat 5.2.
--
Kiran, ajay@cc.usu.edu
Yes, you can. I would set up the Win98 machine to
``call'' the Linux system
by double-clicking on a dial-up connection. I prefer this way, since the
Windows machine expects to ``log in'' to the remote system and the Linux box
can provide that ``login''. For this to work, you have to take care
of the proper setup (pin out) of the serial cable that connects the
machines together. Also, depending on the cable setup, it
would be a good idea to tell the Windows machine, at the dialup port
configuration setup, not to wait for the dial tone before dialing. The Linux
box will not provide a dial tone. On the Linux side, you can create a new
login ID with a password and configure it to have the PPP daemon as the login
shell, instead of the usual bash. Also, you have to set up the serial port
on the Linux box to provide the login automatically all the time.
A good page that explains this in great detail is
http://www.linuxgazette.com/issue41/smyth.html.
--
Felipe E. Barousse, fbarousse@piensa.com
A friend who uses Debian 2.1 tried to install Red Hat 6.0
into another partition of his hard disk. The installation process
of Red Hat has deleted the partition table of his hard drive. We need
a way to recover some important files which are in the Debian
partition. We can't access the partition. Can you explain some way
to do it?
--
Alexis Serafin, sith@arrakis.es
If you know exactly what the partition table looked like before the crash, you can simply write a new partition table that looks exactly like the old one, mount the old partitions and back up the data. If the install process was aborted immediately after the new partition table was written, this alone may solve the problem. If all else fails, try this: make a partition that includes the whole disk (say, /dev/hdb1), mount that and raw-copy the entire disk to a big file (on another disk) with something like:
dd if=/dev/hdb1 of=/bigdisk/recovered.data bs=512Then, try to piece the files together using /bigdisk/recovered.data. Personally, I've tried only the dd step, so there may be problems with this approach beyond the fact that stitching up the files manually is awfully difficult. Consider it a desperation strategy. I know it's never helpful to hear this after the disaster occurs, and please don't think I'm not sympathetic, but the best way to deal with problems like these is always prevention: keep backups, and print out critical information such as partition tables before you need it. This is the voice of bitter experience speaking.
While it is hard, you can look for the boot partition signature (55 AA at
the end of the block, I believe) and locate the partitions on your disk. The
above requires a disk editor, such as diskedit from Norton, and once you have
the partition offsets, you can go to the partition table (first block of
your disk, apply the partition table view and key in the numbers). Note
that it's not trivial, and having another computer as a model to
look at and copy from helps quite a bit.
You can also try fixdisktable which automates this (only for primary
partitions, though); it can be found at
http://bmrc.berkeley.edu/people/chaffee/fat32.html.
--
Marc Merlin, marc_bts@valinux.com
A frequently asked question is how to remove Linux from a computer. What about removing Windows 98 safely? I had Windows 98 on the first partition of my hard disk (/dev/hda1) and Red Hat 6.0 on logical partitions (/dev/hda5, 6, ...). I was able to dual-boot using LILO, which was installed on the master boot record. One day, I decided to part with Windows 98 forever. I ran mke2fs on /dev/hda1 and divided it into three partitions. Now when I boot my computer, LILO does not appear at all, and I need to boot using a floppy.
I tried to install LILO (by running /sbin/lilo), but in vain. I tried removing LILO and re-installing it, but when I ran /sbin/lilo -u, I got the following error message:
The boot sector of /dev/hda does not have a LILO signature.I booted the machine using a Windows 98 boot disk, ran fdisk /mbr and reinstalled LILO. Nothing doing.
I got a CD of TurboLinux from the March issue of Linux Journal, installed
it on the new partitions I created and had LILO installed in the master
boot record. It didn't work.
What should I do to boot using LILO again?
--
Tam Laying, tamlayin@oupchina.com.hk
Make sure your lilo.conf file looks like this:
boot=/dev/hda compact # faster, but won't work on all systems. ramdisk = 0 map=/boot/map install=/boot/boot.b prompt timeout=100 image=/boot/vmlinuz label=linux root=/dev/hda5 read-onlyThen run lilo, and it should install a fresh boot block. Your problem may have been linked to partitions being shifted or renamed when you created the new ones.
When playing movie files in Linux, the video is very jumpy and there
is no sound. I have set up my Soundblaster Live! which works okay.
I also have a Voodoo2 3dfx card--do I have to set this card up
to allow trouble-free movie playing? My video card is an ATI
all-in-wonder pro with 16MB. The PC is a PII/333 with 128MB RAM.
--
Graham Bell, grahambell@bigfoot.com
There are many issues when playing video (and audio), not only in Linux but
in other operating systems as well. First, if you intend to play video
from the Internet, such as streaming video, make sure you get a good
connection, the faster the better. This way, the video quality will improve
substantially. There may
be adjustments on your software related to quality of video vs.
video-playback speed: the best image quality may be slower, and some frames may
get lost.
Also, be sure to check that the formats you are trying to play
are consistent according to the software you are using in terms of versions. If your
software does not fully support the video formats you want to play, it may
not work as expected. I would set up all the hardware and make
``local'' tests
to ensure everything works fine, then I would go watch on-line
broadcasts.
--
Felipe E. Barousse, fbarousse@piensa.com
You did not mention which video program (xanim?) or video format
(avi, mpeg, real video) you are using. There are some known issues with each
format I've mentioned, and the client part available is somewhat limited.
Recently, Real Networks released a client (RealPlayer) with better Linux
support, and it is running okay.
--
Mario de Mello Bittencourt Neto, mneto@argo.com.br
I am connecting a Linux server to a Macintosh. I have installed
Netatalk, and everything seems to be running. When I go to
the Macintosh, I can see the Linux server and access any file I want
from it. However, if I try to save to the Linux server, I get a
message telling me I do not have ``Make Changes'' permission
and cannot do that. My Windows 98 machines work fine, so I do
not believe it is a chmod issue. I think it is something
I am missing in the NetaTalk configuration.
--
Aime Emery, aemery@northtroyconsulting.com
It looks like there is a problem related to passwords. NetaTalk
must be
compiled with shadow password support if your Linux uses them. Also, there is
a huge variety of options to configure NetaTalk and all its related protocols.
A useful web page for you to check on these parameters is
http://thehamptons.com/anders/netatalk/.
--
Felipe E. Barousse, fbarousse@piensa.com
After installing Red Hat Linux, when it is booted, I get:
Failed Message Starting sshd.error Could not load host key: /etc/ssh/ssh_host_key: no such file or directory
How do I fix this?
--
Qamar Ansari, qamar@hotmail.com
sshd tries to find ssh_host_key by looking for the HostKey entry in its configuration file (normally /etc/ssh/sshd_config), falling back to a default of /etc/ssh/ssh_host_key. Ensure the HostKey file name in the configuration file matches the location of the ssh_host_key file you want to use. Some ssh installations put all ssh files directly under /etc, so maybe your file is there for some reason (although this is unlikely). If the ssh_host_key file doesn't exist at all, you can create a new one by running
ssh-keygen -f /etc/ssh/ssh_host_keyas root.
I am unable to receive any e-mail from MSN; however, I can
send mail. I am perplexed. I am positive I entered the
POP3 server correctly. The problem is consistent with
all mail programs I have tried. Although I am disenchanted
with Microsoft, my choice of ISPs is limited here.
--
Frank Elston, felston@msn.com
Any ISP that answers the phone for a
reasonable price is a good ISP; there is no shame in using MSN.
Try getting your POP e-mail manually. Run the command telnet
my.pop.server,
where my.pop.server is the POP3 server given to you by MSN. When you
connect, type the command USER myusername. Then type
the command PASS mypassword. If you receive an error
at any point, you will know if you are
using the wrong server, user name and/or password.
--
Chad Robinson, Chad.Robinson@brt.com
First, are you positive about having POP service contracted from your local
MSN shop? POP3 has several setup parameters; some of them are
security related. Play around with SSL-enabled connections and test if it
works by toggling any of these configurations. Besides, MSN should provide
you with all relevant information on how to connect to their service,
at least from a Windows PC. From that information, you can take what is
needed to configure your Linux machine.
--
Felipe E. Barousse, fbarousse@piensa.com