[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] tail of woe: eth0 as ethI, ipchains, and dhcpd

Subject: Re: [cobalt-users] tail of woe: eth0 as ethI, ipchains, and dhcpd
From: josh <josh@xxxxxxxxxxxxxxxxxx>
Date: Thu May 16 07:34:28 2002
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Just figure I'd go through and answer my own post in case anyone is
interested in the answers. Most of the problems weren't hard to
solve. And most could be solved by Reading the Manuals. Thus everyone
on the list was correct in not replying.

On Mon, May 13, 2002 at 03:49:50PM -0400, Josh Kuperman wrote:
> I tried to get my server into production this weekend. I'm pretty
> annoyed about what really made it impossible.
> 
> I realized some parts were going to be time consuming and awkward. I
> would either have to forward e-mail from some old accounts or create
> accounts for all the users first. It would be nice if I knew of a
> utility where I could simply clone accounts from another redhat
> server.

I could have exported a text file (tab separated values) with the user
names, full names, passwords, and a mail-aliase. I could have set it
up to automatically generate a passwd or use the user names as a
passwd. There is apparently no option to take the existing encrypted
passwords from the /etc/shadow on one machine and put them in another;
I don't know if that is possible or not -- I may have been able to get
away with it, but it probably isn't worth it. Its on page 61 of my
copy of the RaQ XTR manual. Answer to this one RTFM.

> 
> I do think that it should be stated in bold letters that the SSH
> Package at package master has tcp wrapper support compiled in. And it
> was very annoying after I got a vt510 hooked up to the serial port to
> find that in addition to not supporting Mozilla with the web, the RaQ
> interface won't support the provided Lynx broswer either. [ I suppose
> some compainies just want everyone to use Microsoft Product!]

The first part has already been discussed.  So far I have found no
browser other than MSIE that works.Does anyone have a list of browsers
that work and browsers that fail.

> 
> Has anyone configured DHCPD on a RaQ XTR or another system with two
> ethernet interfaces? Where do you change the script so that DHCP is
> only done for one interface?

I had to change the script in /etc/rc.d/init.d/dchdp so where it used
to read:
	daemon /usr/sbin/dhcpd
it now reads:
	daemon /usr/sbin/dhcpd eth0

without that it will error out and not start unless it is configured
to dish out the ips for the subnet that eth1 (et al) our on. This is
sort of an RTFM too, only I had to go to the web to find the pages
provided by the Internet Software Consortium makers of BIND, INN, and
DHCP.

> 
> There seems to be an IPCHAINS script that initiates a lot of
> accounting chains. Where should I be adding my own. Is there something
> to edit -- there's a warning that /etc/ipchains.conf is created by
> log_traffic. I couldn't find anything on where to put my chains. Can I
> just run ipchains-restore at the end of /etc/rc.d/rc.local? If I can
> I'd like to do a lot of this before next weekend. Is there an easy was
> to port forward mail, dns requests, etc over to the old server and
> then bring each service up one at a time on the the new one. [I stuck
> an old DSL/Cable router on my connection to deal with some problems
> and I don't think it is working well enough, i.e. it can't handle the
> traffic.]

My solution was to mimic the /etc/rc.d/init.d/ipchains script. That
used a shell script file contain ipchains commands to set up and
create accounting chains. However as the /etc/ipchains.conf file is
apparently generated by something, I just added my own local chains
script afterword.

			/bin/sh /etc/ipchains.conf
			/bin/sh /etc/localchains.conf

> 
> My major problem was the labeling of the ethernet ports on the RaQ
> itself. ON the web page they are labled eth0 and eth1 for setup and on
> the front of the RaQ they are labelled 0 and 1. Sadly the connection
> in the back are labeled 1 for 0 and II for eth1, I took the II as a
> zero -- the print is small -- and thus was never connecting the inside
> and outside to the right network.

I still think that have a light for eth0 in front and setting for eth0
on the GUI match the port with a 1 (or an I) in front of it sucks.

-- 
Josh Kuperman                       
josh@xxxxxxxxxxxxxxxxxx

References:
- [cobalt-users] tail of woe: eth0 as ethI, ipchains, and dhcpd
  - From: Josh Kuperman

Prev by Date: RE: [cobalt-users] [RAQ 4] [Neomail] [open relay]
Next by Date: Re: [cobalt-users] New RaQ 550
Previous by thread: [cobalt-users] tail of woe: eth0 as ethI, ipchains, and dhcpd
Next by thread: [cobalt-users] Forward mail from RAQ4 to Microsoft Exchange Server IP address.

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index