"The Linux Gazette...making Linux just a little more fun!"


(?) The Answer Guy (!)


By James T. Dennis, answerguy@ssc.com
LinuxCare, http://www.linuxcare.com/


(?) New Kernel Loses Ether Driver; Dial on Demand and Masquerading

A grabbag of user questions.

From Adams, James on Sun, 02 May 1999

(?) Answer Guy,

I know you are extrmely busy and such, I hope you can point me in the right direction. I am trying to find the tell all instructions for recompiling a new kernel for RH5.2 (Mandrake 5.3). I have tried repeatedly to do this but still no luck.

The main problem I run into is that my ethernet no longer works after booting into the "new" setup. Something about SCIOFLAGS (I think), and the network is not working.

(!) That means that you haven't successfully included the driver for your ethernet adapter. You have to know what sort of driver it takes. I realize that this is the problem. There is no easy way to tell this from a running kernel --- none the entries under /proc seem to say which ether driver is active. You might find your ethernet card mentioned in /proc/pci (a list of PCI devices recognized by your kernel). Otherwise just open the case and look at the actual card hardware.
One trick I've occasionally used during installfests is an ugly hack. I cd to /lib/modules/preferred/net (or thereabouts) and do something like:
for i in ./*; do insmod $i && echo $i; done
... which tries to load EVERY available module in that directory. This could hang the system, but usually it just spits out the name(s) of any modules that successfully detect a card that they can drive.

(?) If you could point me in the right direction I would forever be in your debt (sort of). I also want to be able to have dial on demand, I have a small home network and want to use it with ipfwadm.

Thanks
in Advance
Jim Adams

(!) There is a program called 'diald' which used to be the main "dial on demand" daemon (driver). However, I've read that the latest versions of PPP have some built in "on demand" features.
I must admit that I haven't been using modem PPP for the last several months. I'm spoiled rotten by my DSL line (which as only been down once since I got it). I'd only been using POTS PPP occasionally in the last couple of years since I was using ISDN (with its own dial-on-demand in my Trancell/WebRamp ISDN router) --- so I was only using diald/pppd when that was being flaky.
However, I've been meaning to play with the new pppd options at some point. So I'll look into it.
I presume that you mean that you want to use your PPP link through IP masquerading (when you say "with ipfwadm"). There are numerous HOWTOs and numerous back issues of my column where I've discussed masquerading. The short form is to use the following commands on your router (the Linux box with the ethernet the PPP links on it):
echo 1 > /proc/sys/net/ipv4/ip_forward
(to enable routing)
and:
ipfwadm -F -a acc -m -D 0.0.0.0/0 -S 192.168.0.0/16
ipfwadm -F -a acc -m -D 0.0.0.0/0 -S 10.0.0.0/8
ipfwadm -F -a acc -m -D 0.0.0.0/0 -S 172.16.0.0/12
(you only need one of these, but all of them won't hurt).
This last set of commands adds a set of rules to the Linux packet filtering tables to masquerade any source addresses in the 192.168.*.*, the 10.*.*.* and the 172.16.*.* through 172.31.*.* ranges. Those are all of the addressed reserved in RFC 1918 for "private" use.
As I've discussed before you should also put in some packet filtering and anti-spoofing rules to protect your home network from outside attack. Crackers and script-kiddies are not a myth --- I see probes on my network all the time and I've just recently let one of my system get cracked into (I was being sloppy with that one --- it's part of why my mail was down for a couple of weeks; though only a small part).


Copyright © 1999, James T. Dennis
Published in The Linux Gazette Issue 42 June 1999
HTML transformation by Heather Stern of Starshine Techinical Services, http://www.starshine.org/


[ Answer Guy Index ] 1 2 3 4 5 6
7 8 9 10 11 12
13 14 15 16 17 18
19 20 21 22 23 24


[ Table Of Contents ] [ Front Page ] [ Previous Section ] [ Next Section ]