firewall blocks ppp0?

firewall blocks ppp0?

[Haines Brown]

I'm setting up a copy of RedHat 8.0 on a machine that is intended as a
standalone machine with DSL access to Internet.

I have eth0 up and running, and did the adsl-setup with my usual valid
information. The problem comes trying to make ppp0 active. It tries,
but cycles between active and inactive.

When I run adsl-start with debugging, it tells me that I'm set up for
demand-connection. I definitely have eth0 set to be permanently
up. Does this alert refer instead to ppp0? If so, perhaps this is what
I'd expect. Is that right?

I'm also told: ipchains: Protocol not available

That sounds to me as if my firewall (which I set to be "high"
protection), may be blocking the ppp protocol. Does this seem to be
the case?

I went to pursue this, and ran ipchains -L, but got the error message
that this command is incompabible with my kernel.

What to do?

Haines Brown
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: firewall blocks ppp0?

[Haines Brown]

Chuck,

>  I use Roaring Penguin PPPOE. http://www.roaringpenguin.com/pppoe/ I
> selected permanent connection, but I am unsure if this applies to
> eth# or ppp#. :-| 'adsl-setup' and 'adsl-start' are script names
> with my application (Roaring Penguin).  I am assuming that your
> using the same or similar.
> 
>  How do you know "I definitely have eth0 set to be permanently up" ?
>  Actually, I'm betting that it is ppp# that is set to demand or
>  permanent.

Yes, I also use the roaring penguin, My eth0 is made active during
boot, for I can run ifconfig and see that it is up as soon as I've
finished booting. The ppp0, on the other hand, is not up until
adsl-start is run. That is, ppp0 is on demand, while eth0 is
permanent. That's my impression, anyway. pppd is a daemon which I
assume is meant normally to be on demand.

Actually, when I run redhat-configuration-network, I see not only
eth0, but also ppp0 (trying to be active). That's not right. ppp0
should not appear (or at least it does not show up under RH7.3 as I
speak to you). I may have some kind of problem in that pppd is trying
to start ppp, rather than my starting pppoe by means of adsl-start

>  It seems that your dsl connection (PPPOE?) application is setting
> up IPCHAINS, but your kernel is using IPTABLES.

That may be, but then a good percentage of folks who get RedHat 8.0
must reconfigure and recompile their kernel, which I doubt.

> - configure IPTABLES to replace your dsl-connection application's
> attempt to use IPCHAINS.

This was my inclination, for I gather IPTables are better. I've got a
copy of Bastille, which should make my life a lot easier, not only
spotting the source of any difficulty, but setting up a secure set of
rules.

Haines
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Who is running Red Hat 8.0 and Roaring Penguin?

[Chuck Gelm]

 Please address your linux-newbie messages to
linux-newbie@vger.kernel.org
 and not to 
linux-newbie@hartford-hwp.com
 and not to
nc8q@gelm.net without linux-newbie@vger.kernel.org

 as I cannot 'reply' to linux-newbie@vger.kernel.org
 without adding that address manually &
 I see no reason to reply to you alone.

 If you cannot do this, I'll edit to suit. ;-)

Haines Brown wrote:
> 
> Chuck,
> 
> >  I use Roaring Penguin PPPOE. http://www.roaringpenguin.com/pppoe/ I
> > selected permanent connection, but I am unsure if this applies to
> > eth# or ppp#. :-| 'adsl-setup' and 'adsl-start' are script names
> > with my application (Roaring Penguin).  I am assuming that your
> > using the same or similar.
> >
> >  How do you know "I definitely have eth0 set to be permanently up" ?
> >  Actually, I'm betting that it is ppp# that is set to demand or
> >  permanent.
> 
> Yes, I also use the roaring penguin, My eth0 is made active during
> boot, for I can run ifconfig and see that it is up as soon as I've
> finished booting. 

 Yes, AFAIK, the eth# device that PPPOE is going to use should be up.
However, it should not have an IP address.

>  The ppp0, on the other hand, is not up until
> adsl-start is run. That is, ppp0 is on demand, while eth0 is
> permanent. That's my impression, anyway. pppd is a daemon which I
> assume is meant normally to be on demand.

 This is your choice for ppp#: demand or permanent.
For a DSL connection, I recommend permanent, especially if you are
having problems with demand.

> Actually, when I run redhat-configuration-network, I see not only
> eth0, but also ppp0 (trying to be active). That's not right. ppp0
> should not appear (or at least it does not show up under RH7.3 as I
> speak to you). I may have some kind of problem in that pppd is trying
> to start ppp, rather than my starting pppoe by means of adsl-start

Seems reasonable.

> >  It seems that your dsl connection (PPPOE?) application is setting
> > up IPCHAINS, but your kernel is using IPTABLES.
> 
> That may be, but then a good percentage of folks who get RedHat 8.0
> must reconfigure and recompile their kernel, which I doubt.

Who is running Red Hat 8.0 and Roaring Penguin?

 I run Roaring Penguin v3.3 and it created IPCHAINS.
I run kernel 2.2.19 as it uses IPCHAINS by default.
IIRC, kernel 2.4.x uses IPTABLES by default.

So, perhaps your Roaring Penguin installation created an
IPCHAINS ruleset and your kernel is using IPTABLES.

Again:

- Create an IPTABLES ruleset for your current kernel.
  Roaring Penguin did not do this. (?)

- Rebuild your current kernel to use IPCHAINS.
  The IPCHAINS ruleset you choose when you configured Roaring Penguin.

HTH, Chuck

> > - configure IPTABLES to replace your dsl-connection application's
> > attempt to use IPCHAINS.
> 
> This was my inclination, for I gather IPTables are better. I've got a
> copy of Bastille, which should make my life a lot easier, not only
> spotting the source of any difficulty, but setting up a secure set of
> rules.
> 
> Haines
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Who is running Red Hat 8.0 and Roaring Penguin?

[Haines Brown]

Chuck,

> Date: Sun, 24 Nov 2002 13:55:11 -0500
> From: Chuck Gelm <nc8q@gelm.net>
> X-Accept-Language: en
> CC: linux-newbie@hartford-hwp.com
> 
>  Please address your linux-newbie messages to
> linux-newbie@vger.kernel.org and not to
> linux-newbie@hartford-hwp.com and not to nc8q@gelm.net without
> linux-newbie@vger.kernel.org
> 
>  as I cannot 'reply' to linux-newbie@vger.kernel.org without adding
>  that address manually & I see no reason to reply to you alone.
> 
>  If you cannot do this, I'll edit to suit. ;-)

Chuck. I quite understand. Somehow a CC: linux-newbie@vger.kernel.org
got in there, and so when I replied, it was reproduced. The header of
this message looks clean, and so it's a kind of test. It goes to you,
and a CC: for the list and back to me.
 
>  Yes, AFAIK, the eth# device that PPPOE is going to use should be
> up.  However, it should not have an IP address.

Yes, the eth0 is up and running. The problem was that the
configuration utility gave me the choice of a static address or DHCP,
and I was unable to enter " ". I can get back to the files themselves,
but right now on the machine I'm using, I have a permanent address for
my machine (192.168.0.1) that is simply ignored when I set up a DSL
connection.

> > Actually, when I run redhat-configuration-network, I see not only
> > eth0, but also ppp0

I simply killed that unwanted ppp0, and it goes better.

> Who is running Red Hat 8.0 and Roaring Penguin?

15% of all linux users? ;-)

With eth0 up and running, and having defined the inteface property in
network configuration, I then proceed to configure Roaring Penguin.

Before I do I run adsl-status and am told, naturally, that there's no
/etc/ppp/pppoe.conf file. I then proceed to configure Roaring Penguin
(I'm comfortable with that), and at the end save the
configuration. However, no /etc/ppp/pppoe.conf file shows up.

Then I start adsl and get: ipchains: protocol not available. My first
reaction was that iptables were blocking ppp, but now I don't think
so. Nevertheless, when I run

      ipchains -L ...  REJECT tcp anysource anydest tcp
      flags:SYN,RSG,AC...

However, I can read the error above to mean that ipchains is telling
me there's no ppp protocol running. That, with the absense of a
configuraion file, suggests that Roaring Penguin failed to configure
pppoe. I did all this as root, but I'll have to check permissions,
etc. to make sure the configuration file can be created. Also, I can
try importing my old config file, which should be the same.

Haines
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Who is running Red Hat 8.0 and Roaring Penguin?

[Chuck Gelm]

:-)


Haines Brown wrote:
> 
> Chuck,
> 
> > Date: Sun, 24 Nov 2002 13:55:11 -0500
> > From: Chuck Gelm <nc8q@gelm.net>
> > X-Accept-Language: en
> > CC: linux-newbie@hartford-hwp.com
> >
> >  Please address your linux-newbie messages to
> > linux-newbie@vger.kernel.org and not to
> > linux-newbie@hartford-hwp.com and not to nc8q@gelm.net without
> > linux-newbie@vger.kernel.org
> >
> >  as I cannot 'reply' to linux-newbie@vger.kernel.org without adding
> >  that address manually & I see no reason to reply to you alone.
> >
> >  If you cannot do this, I'll edit to suit. ;-)
> 
> Chuck. I quite understand. Somehow a CC: linux-newbie@vger.kernel.org
> got in there, and so when I replied, it was reproduced. The header of
> this message looks clean, and so it's a kind of test. It goes to you,
> and a CC: for the list and back to me.
> 
> >  Yes, AFAIK, the eth# device that PPPOE is going to use should be
> > up.  However, it should not have an IP address.
> 
> Yes, the eth0 is up and running. The problem was that the
> configuration utility gave me the choice of a static address or DHCP,
> and I was unable to enter " ". I can get back to the files themselves,
> but right now on the machine I'm using, I have a permanent address for
> my machine (192.168.0.1) that is simply ignored when I set up a DSL
> connection.

 To remove the IPADDRESS from eth0, do
ifconfig eth0 down
ifconfig eth0 0.0.0.0 up

> > > Actually, when I run redhat-configuration-network, I see not only
> > > eth0, but also ppp0
> 
> I simply killed that unwanted ppp0, and it goes better.
> 
> > Who is running Red Hat 8.0 and Roaring Penguin?
> 
> 15% of all linux users? ;-)

Naw, not how many or percentile, but who, specifically,
can help us with a replica of your system.  ;-)

> With eth0 up and running, and having defined the inteface property in
> network configuration, I then proceed to configure Roaring Penguin.
> 
> Before I do I run adsl-status and am told, naturally, that there's no
> /etc/ppp/pppoe.conf file. I then proceed to configure Roaring Penguin
> (I'm comfortable with that), and at the end save the
> configuration. However, no /etc/ppp/pppoe.conf file shows up.

locate pppoe.conf
 on my system reports:
/etc/ppp/pppoe.conf
/usr/local/rp-pppoe-3.5/configs/pppoe.conf

 I think that 'adsl-setup' should have created a
'pppoe.conf' file.  Where it was placed, I'm not sure.


> Then I start adsl and get: ipchains: protocol not available. My first
> reaction was that iptables were blocking ppp, but now I don't think
> so. 

>       I think that IPTABLES is blocking IPCHAINS.

- I think that the default Red Hat 8.0 kernel uses
   IPTABLES and not IPCHAINS.  
- I think that rp-pppoe_v3.x uses IPCHAINS and not IPTABLES.

- I think that when (if?) adsl-setup creates an IPCHAINS ruleset
   it is useless to your kernel as your kernel is expecting
   an IPTABLES ruleset.  :-|

>     Nevertheless, when I run
> 
>       ipchains -L ...  REJECT tcp anysource anydest tcp
>       flags:SYN,RSG,AC...
> 
> However, I can read the error above to mean that ipchains is telling
> me there's no ppp protocol running. That, with the absense of a
> configuraion file, suggests that Roaring Penguin failed to configure
> pppoe. I did all this as root, but I'll have to check permissions,
> etc. to make sure the configuration file can be created. Also, I can
> try importing my old config file, which should be the same.
> 
> Haines

 Give Ray what he asked for. 
  "uname -a", "ifconfig -a", & "netstat -nr".  
 I've edited some IP addresses.  Here are mine:

Linux firewall 2.2.19.firewall #8 Wed Aug 28 18:23:22 EDT 2002 i486
unknown

Chain input (policy ACCEPT):
target     prot opt     source                destination          
ports
DENY       udp  ----l-  anywhere             anywhere              any
->   0:1023
DENY       tcp  ----l-  anywhere             anywhere              any
->   0:1023
DENY       tcp  -y--l-  anywhere             anywhere              any
->   any
DENY       icmp ----l-  anywhere             anywhere             
echo-request
Chain forward (policy DENY):
target     prot opt     source                destination          
ports
MASQ       all  ------  anywhere             anywhere              n/a
Chain output (policy ACCEPT):

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt
Iface
000.72.131.1    0.0.0.0         255.255.255.255 UH        0 0          0
ppp0
192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0
eth0
127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0
lo
0.0.0.0         000.72.131.1    0.0.0.0         UG        0 0          0
ppp0

 And here is my pppoe.conf for your perusal:

ETH='eth1'
USER='this_is@edited.net'
DEMAND=no
DNSTYPE=NOCHANGE
PEERDNS=no
DNS1=
DNS2= 000.000.000.000 ;-)
DEFAULTROUTE=yes
CONNECT_TIMEOUT=30
CONNECT_POLL=2
ACNAME=
SERVICENAME=
PING="."
CF_BASE=`basename $CONFIG`
PIDFILE="/var/run/$CF_BASE-adsl.pid"
SYNCHRONOUS=no
CLAMPMSS=1412
LCP_INTERVAL=20
LCP_FAILURE=3
PPPOE_TIMEOUT=80
FIREWALL=MASQUERADE	; <---- see /etc/ppp/firewall-standalone
LINUX_PLUGIN=
PPPOE_EXTRA=""
PPPD_EXTRA=""

HTH, Chuck
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Who is running Red Hat 8.0 and Roaring Penguin?

[Haines Brown]

    To remove the IPADDRESS from eth0, do
   ifconfig eth0 down
   ifconfig eth0 0.0.0.0 up

Yes, I did get rid of it. 

   > > Who is running Red Hat 8.0 and Roaring Penguin?
   > 
   > 15% of all linux users? ;-)

   Naw, not how many or percentile, but who, specifically,
   can help us with a replica of your system.  ;-)

My feeble attempt at humor.

   > With eth0 up and running, and having defined the inteface property in
   > network configuration, I then proceed to configure Roaring Penguin.
   > 
   > Before I do I run adsl-status and am told, naturally, that there's no
   > /etc/ppp/pppoe.conf file. I then proceed to configure Roaring Penguin
   > (I'm comfortable with that), and at the end save the
   > configuration. However, no /etc/ppp/pppoe.conf file shows up.

   locate pppoe.conf
    on my system reports:
   /etc/ppp/pppoe.conf
   /usr/local/rp-pppoe-3.5/configs/pppoe.conf

    I think that 'adsl-setup' should have created a
   'pppoe.conf' file.  Where it was placed, I'm not sure.

This turned out very interesting. Despite the message I quote, roaring
penguin under RH8.0 no longer stgores its configuration in
/etc/pppoe.conf. I know it stores info becasue when I rerun adsl-setup
I see it, but there's now no pppoe.conf file.

    Give Ray what he asked for. 
     "uname -a", "ifconfig -a", & "netstat -nr".  

I will when I can. switching hard disks when there's a bunch strung on
three different scsi channels is a pain.  So I have to leap in and out
fairly quickly. I'll get the info and pass it along asap.

    I've edited some IP addresses.  Here are mine:

Thanks. Info appreciated. I'll compare at this end as soon as I can.

And here is my pppoe.conf for your perusal:

   DNS1=
   DNS2= 000.000.000.000 ;-)

What's this? I have some onfiburation in
/etc/sysconfig/network-scripts/ifcfg.conf. It is somewwhats like your
own. But you have a much bigger ppp0e timeout value, and I may try
that because I'm begginng to seuspec a timing problem.

Haines 
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Help with Roaring Penguin & Red Hat 8.0?

[Chuck Gelm]

Haines Brown wrote:
<big snip>
> Thanks. Info appreciated. I'll compare at this end as soon as I can.
> 
> And here is my pppoe.conf for your perusal:
> 
>    DNS1=
>    DNS2= 000.000.000.000 ;-)
> 
> What's this? I have some onfiburation in
> /etc/sysconfig/network-scripts/ifcfg.conf. It is somewwhats like your
> own. But you have a much bigger ppp0e timeout value, and I may try
> that because I'm begginng to seuspec a timing problem.

 rp-pppoe may recognize that your system is a different distribution
than mine and places configuration files in different places as
appropriate.  I showed you how I looked for pppoe.conf, but you
didn't show us how you searched for 'pppoe.conf'.  I'm worried
that you only looked in a specific directory. :-|  Maybe your
distribution doesn't even use a file named 'pppoe.conf'! :-|

 Other than adding "adsl-start" to my 'rc.local',
I edited no other files.  The 'install' procedure and
'adsl-setup' is all I did. :-|

 I see that it is difficult for you to view settings whereas
you need to reboot a busy system.  My system ("firewall") is
an old 80486dx33 that I bought a year or so ago for 5 USD. :-)

 I'm still holding on to these concepts:

- RP-PPPOE creates an IPCHAINS ruleset & Red Hat 8.0 uses IPTABLES.
  i.e. You never end up with 'valid' instructions to the kernel
  about handling packets with your DSL modem.

- eth0 should not have an IP address.
  ppp0 gets the IP address.
  Notice that my eth1 device does appear in my 'netstat -nr' report,
  and that my ppp0 device does.

HTH, Chuck
> 
> Haines
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Help with Roaring Penguin & Red Hat 8.0?

[Haines Brown]

Well, made some progress, but not quite there yet.

I find that adsl-configure does not write the configuration file as it
should in /etc/ppp/pppoe.conf. I had to get the default sample and
reconstruct it by hand.

Not only does adsl-configure not write a configuration file, but
adsl-stop does not work either. That is, using the new configuration
file, I run adsl-start, and then when I check with ifconfig, I see
that I indeed now have ppp0 running, and it has been given an IP
address by my DSL provider.

Unfortunately, though, that's as far as I get. For example, when I try
to ping something, ping just hangs. adsl-status tells me the link is
down, even though ppp0 has a valid IP address.

Then when I run adsl-stop, it has no effect! The ppp0 process won't
die! The only way I can get rid of it is to run ifconfig down
ppp0. That does remove the entry in the table that comes up when I run
ifconfig.

However, it does not really remove the process from memory. So, if I
run adsl-start again, it creates ppp1, even though ifconfig does not
list ppp0. If I do it gain, I get ppp2, etc. Each time I run
adsl-start, it creates a new thread that is numbered in sequence, but
adsl-stop does not kill the thread. Each of these pppN processes has
its own assigned IP address.
 
>  I'm still holding on to these concepts:
> 
> - RP-PPPOE creates an IPCHAINS ruleset & Red Hat 8.0 uses IPTABLES.
> i.e. You never end up with 'valid' instructions to the kernel about
> handling packets with your DSL modem.

This terrifies me, knowing absolutely nothing of ip
tables. Furthermore, it strikes me as very odd that RH 8.0 would ship
with an application (rp is part of the distribution of RH 8.0) that is
incompatible with the shipped kernel. Mistakes can occur, of course,
but wouldn't we have heard about it by now?

Is there any way I can verify that iptables is in fact blocking
packets sent by pppoe, or that roaring penguin depends on ipchains? I
gather that ipchains and iptables can co-exist, so how do I verify
that the specific rules are in conflict?

> - eth0 should not have an IP address.  ppp0 gets the IP address.
> Notice that my eth1 device does appear in my 'netstat -nr' report,
> and that my ppp0 device does.

eth0 has the address 168.192.0.1 on my present machine because at one
time eto0 was the intrface for a LAN. That it comes up with that
address one my this machine, even though it is stand-alone, does not
seem to prevent DSL from working. In any case, on the new machine I'm
trying to get to work, the eth0 now comes up with no address.

Haines
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Help with Roaring Penguin & Red Hat 8.0?

[Chuck Gelm]

Haines Brown wrote:
> 
> Well, made some progress, but not quite there yet.
<snip>
> Unfortunately, though, that's as far as I get. For example, when I try
> to ping something, ping just hangs. adsl-status tells me the link is
          ^^^^^^^^^  ^^^^^^^^^^^^^^^
What are you trying to ping, an IP address or a domain name?
This could be a routing problem.

> down, even though ppp0 has a valid IP address.
<snip>
> eth0 has the address 168.192.0.1 on my present machine because at one
> time eto0 was the intrface for a LAN. That it comes up with that
> address one my this machine, even though it is stand-alone, 
> does not seem to prevent DSL from working. In any case, on the new 
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
What does work?

> machine I'm trying to get to work, the eth0 now comes up with no
> address.

 What version of rp-pppoe are you trying to run?

Chuck

> Haines
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Help with Roaring Penguin & Red Hat 8.0?

[Haines Brown]

> > Well, made some progress, but not quite there yet.  <snip> >
> Unfortunately, though, that's as far as I get. For example, when I
> try > to ping something, ping just hangs. adsl-status tells me the
> link is ^^^^^^^^^ ^^^^^^^^^^^^^^^ What are you trying to ping, an IP
> address or a domain name?  This could be a routing problem.

I first tried a common domain name, and when that didn't work, the IP
address of my DNS, which is valid for sure.

> > down, even though ppp0 has a valid IP address.  <snip> > eth0 has
> the address 168.192.0.1 on my present machine because at one > time
> eto0 was the intrface for a LAN. That it comes up with that >
> address one my this machine, even though it is stand-alone, > does
> not seem to prevent DSL from working. In any case, on the new
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ What does work?

Simply having a handshake with the DSL server and obtaining from it an
IP address. So hardware (and port, I assume) work.
> 
> > machine I'm trying to get to work, the eth0 now comes up with no
> > address.
> 
>  What version of rp-pppoe are you trying to run?

I'll find out when I manage to boot the other HD, but it is the
default roaring penguin packaged with RH 8.0.

Haines
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Help with Roaring Penguin & Red Hat 8.0?

[Ray Olszewski]

Haines --

While I cannot help you diagnose at the level of peculiarities in the 
interaction between RP-PPPoE and other parts of RH-8.0, I might be able to 
offer some suggestions based on "rounding up the usual suspects" for your 
configuration. If you'd like this, please post (from a time when ppp0 is up 
and configured) the complete, unedited output of the following commands:

         ifconfig -a
                 (to check the status of ALL interfaces)
         netstat -nr
                 (to check if you have a problem with your routing table)
         ipchains -nvL
         iptables -nvL
                 (one of those two will error out, but perhaps the other 
will succeed)
         ping a.b.c.d
                 (replace a.b.c.d with your default gateway, as reported by 
netstat -nr)
         ping e.f.g.h
                 (replace e.f.g.h with the IP address of ppp0)
                 (in these last 2 cases, if ping "just hangs", tell us what 
it reports when you
                 SIGINT (^C) out of it)

Now a couple of specifics, below.

At 04:50 PM 11/26/02 -0500, Haines Brown wrote:
[...]
> >  I'm still holding on to these concepts:
> >
> > - RP-PPPOE creates an IPCHAINS ruleset & Red Hat 8.0 uses IPTABLES.
> > i.e. You never end up with 'valid' instructions to the kernel about
> > handling packets with your DSL modem.
>
>This terrifies me, knowing absolutely nothing of ip
>tables. Furthermore, it strikes me as very odd that RH 8.0 would ship
>with an application (rp is part of the distribution of RH 8.0) that is
>incompatible with the shipped kernel. Mistakes can occur, of course,
>but wouldn't we have heard about it by now?

My memory of RP-PPPoE is that it is extremely easy to misconfigure it; the 
app is very tempramental. If you are not doing a "by the book" 
configuration of it (RH seems to want you to use an X-based app called 
"Internet Druid", whatever that is), you might be running into some 
sufficiently uncommon problem that it doesn't get talked about. Or there 
may not be very many RH 8.0 users running RP-PPPoE (your humorously-offered 
15% estimate seems extraordinarily high to me).

>Is there any way I can verify that iptables is in fact blocking
>packets sent by pppoe, or that roaring penguin depends on ipchains? I
>gather that ipchains and iptables can co-exist, so how do I verify
>that the specific rules are in conflict?

First, the PPPoE part of RP does NOT depends on either ipchains or 
iptables. RP-PPPoE seems to have an associated firewall that uses ipchains. 
But since you are running a standalone system, not a router, you should be 
able to connect just fine (for test purposes, anyway) with no firewall 
rulesets (either ipchains or iptables) installed.

Second, the way to find out what rules are blocking packets is to list your 
rules. The "iptables -nvL" command does this for iptables; if it does not 
work, then there is no other way to check.

Third, ipchains and iptables CANNOT "co-exist". 2.2.x kernels use ipchains; 
2.4.x kernels use iptables. Period. What *might* be the case is that RH 
supplies some userspace program that lets you configure an iptables kernel 
using ipchains syntax (but if they do, it is not a backward-compatibility 
app I am acquainted with ... Debian seems to have nothing like it). There 
was such an app that handled the similar change in firewalling code between 
2.0.x kernels (ipfwadm) and 2.2.x kernels (ipchains).



--
-------------------------------------------"Never tell me the odds!"--------
Ray Olszewski					-- Han Solo
Palo Alto, California, USA			  ray@comarre.com
-------------------------------------------------------------------------------

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: firewall blocks ppp0?

[Ray Olszewski]

Haines -- My attempt to reply to your initial message bounced due to the 
error in your To: line that someone else already pointed out (but that I 
didn't notice when replying, only when I found the bounce this morning) -- 
you really need to fix this.

As I read both this and your earlier posting, you have three independent 
configuration issues, namely --

1. ppp0  "cycles between active and inactive". If you are using RP-PPPoE in 
"on demand" mode, this may be normal. The interface gets dropped (either by 
your end or by the ISP) when there is no traffic, and it gets restored (by 
your end) when there is new traffic. If more is going on here, you will 
need to describe the problem in more detail to get help. (BTW, while pppd 
is a daemon, it can be configured in different ways -- "on demand" is one, 
and "permanent", that is, restore the connection whenever it goes down due 
to action from the other end, is another. When I had the misfortune to use 
a PPPoE connection a couple of years back, my router, using a prepackaged 
LEAF image that ran RP-PPPoE, was set for "permanent", and it worked nicely 
here with SBC's DSL service.)

2. "ipchains -L" does not work ("got the error message that this command is 
incompabible with my kernel."). Odd, since you also report that in a 
different context, the ipchains commands returns an error message ("I'm 
also told: ipchains: Protocol not available"), and ipchains has to run to 
be able to return this message.  The inconsistency here is the first thing 
to address. Please run (as root) "ipchains -nvL" and if you get an error 
message, quote the EXACT, COMPLETE message, and the EXACT command you 
enter, in your followup to us. Also identify your kernel ("uname -a" will 
serve). And finally, tell us the context in which some ipchains command IS 
running.

3. You think your firewall might be interfering with the ppp protocol. The 
way you state it, this is unlikely, since with ipchains-based firewalls, 
"protocol" refers only to layer 4 (transport layer - TCP, UDP, ICMP, 
mainly), not  layer 2 (link layer - Ethernet, ppp). The ipchains error 
message you quote is almost surely just an error in a -A or -I command 
(specifically, its -p argument) to ipchains. But to be sure, please provide 
context -- where are you "told" this (in a log file? in the dmesg buffer? 
on a console?) and what precedes and follows it there?

But your firewall and your PPPoE connection may be interfering with each 
other in a different way. If ppp0 stops and restarts, its IP address 
probably changes. Most firewalls (especially ones set to "high" protection, 
as you say yours is) block all external-interface traffic not to your 
external IP address. If your external (ppp0) IP address changes, the 
ipchains rulesets have to be cleared and restored to reflect the new IP 
address. RP-PPPoE has a way to do this, but whether it works with your 
firewall package ... well, who can guess? What firewall package are you 
using? Did you provide for RP-PPPoE to restart the firewall whenever it 
comes up?

One last thought ... what does it mean when you say "My eth0 is made active 
during boot, for I can run ifconfig and see that it is up as soon as I've 
finished booting"? The term "active" has no specific meaning, but if you 
can see the interface with "ifconfig" (rather than with "ifconfig -a"), 
that implies that it has a IP address assigned to it. In my (admittedly 
limited) experience, an eth* interface being used for PPPoE does NOT get an 
IP address assigned to it; at the network layer, your external connection 
is over ppp0, not eth0. If you are assigning an IP address to this 
interface, that might be part of your problem. Hard to say without more 
information, such as the complete output of "ifconfig -a" and "netstat -nr" 
(one way to display your routing table).

At 01:01 PM 11/24/02 -0500, Haines Brown wrote:
>Chuck,
>
> >  I use Roaring Penguin PPPOE. http://www.roaringpenguin.com/pppoe/ I
> > selected permanent connection, but I am unsure if this applies to
> > eth# or ppp#. :-| 'adsl-setup' and 'adsl-start' are script names
> > with my application (Roaring Penguin).  I am assuming that your
> > using the same or similar.
> >
> >  How do you know "I definitely have eth0 set to be permanently up" ?
> >  Actually, I'm betting that it is ppp# that is set to demand or
> >  permanent.
>
>Yes, I also use the roaring penguin, My eth0 is made active during
>boot, for I can run ifconfig and see that it is up as soon as I've
>finished booting. The ppp0, on the other hand, is not up until
>adsl-start is run. That is, ppp0 is on demand, while eth0 is
>permanent. That's my impression, anyway. pppd is a daemon which I
>assume is meant normally to be on demand.
>
>Actually, when I run redhat-configuration-network, I see not only
>eth0, but also ppp0 (trying to be active). That's not right. ppp0
>should not appear (or at least it does not show up under RH7.3 as I
>speak to you). I may have some kind of problem in that pppd is trying
>to start ppp, rather than my starting pppoe by means of adsl-start
>
> >  It seems that your dsl connection (PPPOE?) application is setting
> > up IPCHAINS, but your kernel is using IPTABLES.
>
>That may be, but then a good percentage of folks who get RedHat 8.0
>must reconfigure and recompile their kernel, which I doubt.
>
> > - configure IPTABLES to replace your dsl-connection application's
> > attempt to use IPCHAINS.
>
>This was my inclination, for I gather IPTables are better. I've got a
>copy of Bastille, which should make my life a lot easier, not only
>spotting the source of any difficulty, but setting up a secure set of
>rules.




--
-------------------------------------------"Never tell me the odds!"--------
Ray Olszewski					-- Han Solo
Palo Alto, California, USA			  ray@comarre.com
-------------------------------------------------------------------------------

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: firewall blocks ppp0?

[Haines Brown]

Ray,

I've cleaned up some difficulties due to my floundering about (a
strangely gummed up configuration), and while the situyation seems a
bit simpler now, it still remains obscure to me. One exemple of my
confusion is that if I run adsl-status when adsl is down, it tells me
it can't find /etc/ppp/pppoe.conf, but that file no longer holds pppoe
configuration information under RH 8.0.

The simplest way to describe the present situation is to provide a bit
of the debug log:

> ...
> sent [LCP EchoRep id=0x0 magic=0xb81d9109]
> rcvd [IPCP ConfReq id=0x6c <addr 64.252.160.1>]
> sent [IPCP ConfAck id=0x6c <addr 64.252.160.1>]
> rcvd [IPCP ConfNak id=0x1 <addr 64.252.164.224>]
> sent [IPCP ConfReq id=0x2 <addr 64.252.164.224>]
> rcvd [IPCP ConfAck id=0x2 <addr 64.252.164.224>]
> local  IP address 64.252.164.224
> remote IP address 64.252.160.1
> Script /etc/ppp/ip-up started (pid 4916)
> rcvd [LCP EchoReq id=0x0 magic=0x3ddca2a6]
> sent [LCP EchoRep id=0x0 magic=0xb81d9109]
> Script /etc/ppp/ip-up finished (pid 4916), status = 0x0
> Script /usr/sbin/pppoe 
>       -p 
>	-I eth0 
>	-T 20 
>	-U  
>	-m 1412    
>	-D 0-0 
>	finished (pid 4906), status = 0x1
> Modem hangup
> Script /etc/ppp/ip-down started (pid 4950)
> Connection terminated.
> Connect time 0.4 minutes.
> Sent 30 bytes, received 58 bytes.
> Waiting for 1 child processes...
> script /etc/ppp/ip-down, pid 4950
> Script /etc/ppp/ip-down finished (pid 4950), status = 0x0

What this looks like to me is that I've actually shook hands with my
DSL provider and gotten back an IP address. The script ip-up seems to
have done its job succecssfully (exit code 0). Then the command pppoe
-p is issued to write the pppoe process ID to the file
/var/run/pppoe-adsl.pid.pppoe.

It finishes with status 0x1. I know about exit code 0 or 1, but have
no idea what 0x1 implies. Did the process complete satisfactorily or
not?  In any case, I get a hangup at that point. Apparently timing out
after a series of: "ipchains: Protocol not available" statements.

I don't understand why a successful connection results in a
hangup. The -T timeout option of 20 seconds seems about the time it takes for
my connection to die. I gather that timeout can cause trouble if
there's no traffic. The solution is to use lcp-echo-internal option
for pppd. The pppoe timeout should be about four times the LCP echo
interval. Any idea where one implements the LCP echo option?

The -m clamp value of 1412 for TCP max segment size is appropriate for
a LAN behind a gateway. Since I'm not in that situation, the option
could be omitted, I guess.

The -D option specifies the file in which to dump debug informaitno. I
gather this really slows down the process, and so wonder if it might
be causeing a timeout.

Is it possible that the dump slows things down too much, and the
Protocol not available statements just is the result of waiting for
pppoe to got going?

What I'm running now on my old system is 
  ...
  PPPOE_TIMEOUT=20
  LCP_FAILURE=3
  LCP_INTERVAL=20
  CLAMPMSS=1412
  CONNECT_POLL=6
  CONNECT_TIMEOUT=60

I don't think I have the new system configured much differently.

I'm profoundly ignorant about all these things, but something is
triggering a shutdown.

>   As I read both this and your earlier posting, you have three
>   independent configuration issues, namely --
>
>   1. ppp0 "cycles between active and inactive". If you are using
>   RP-PPPoE in "on demand" mode, this may be normal.

Yes. I set up pppoe to be run when I ask it to run, and I've concluded
the irregularity may be normal as the connection is established.

>   2. "ipchains -L" does not work ("got the error message that this
>   command is incompabible with my kernel."). Odd,

Yes, but my getting rid of a flakey configuration seems to have
stopped that behavior.

>   But your firewall and your PPPoE connection may be interfering
>   with each other in a different way. If ppp0 stops and restarts,
>   its IP address probably changes. Most firewalls (especially ones
>   set to "high" protection, as you say yours is) block all
>   external-interface traffic not to your external IP address. If
>   your external (ppp0) IP address changes, the ipchains rulesets
>   have to be cleared and restored to reflect the new IP
>   address. RP-PPPoE has a way to do this, but whether it works with
>   your firewall package ... well, who can guess? What firewall
>   package are you using? Did you provide for RP-PPPoE to restart the
>   firewall whenever it comes up?

I can't give good answers here. The firewall package is that which
shipped with RH8.0. While I've since run Bastille, I didn't use it to
mess with IPchains. But what you say may again point to timing as
pppoe tries to readjust to a new ipaddress. As for your last question,
the only configuration parameter in roaring penguin pppoe utility is
to state that I've a stand alone machine. Did you have something else
in mind here?

   One last thought ... what does it mean when you say "My eth0 is
   made active during boot, for I can run ifconfig and see that it is
   up as soon as I've finished booting"? The term "active" has no
   specific meaning,

I originally had diven my machine an IP address (something like
168.192.0.1) because I've had my mahcine on a LAN, but now am just
happy to get it to work as a stand-along workstation. When eth0 had an
address, ifconfig recported it; when I made a DSL connection, the
number changed to whatever my provider provides. I subsequently tried
to cut the IP address, and I believe (not sure) that now ifconfig
shows the eth0 as up, but with noi address until pppoe is started..


Haines Brown
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: firewall blocks ppp0?

[Ray Olszewski]

OK. Just as a reminder ... I don't run Red Hat here, and I don't currently 
run PPPoE on my Debian-based router. So I can't help with specifics at the 
level of what config file the RH-8.0 version or RP-PPPoE uses.

Having said that, I think you yourself have spotted the problem. A severely 
edited version of your report, below, focuses on it.

At 03:57 PM 11/25/02 -0500, Haines Brown wrote:
[...]
> > Script /usr/sbin/pppoe
> >       -p
> >       -I eth0
> >       -T 20
> >       -U
> >       -m 1412
> >       -D 0-0
> >       finished (pid 4906), status = 0x1

The problem you have here is with the -T setting. It tells pppoe to exit if 
there is no link-layer (ppp) traffic for 20 seconds.  As you go on to 
comment ...

>I don't understand why a successful connection results in a
>hangup. The -T timeout option of 20 seconds seems about the time it takes for
>my connection to die. I gather that timeout can cause trouble if
>there's no traffic. The solution is to use lcp-echo-internal option
>for pppd. The pppoe timeout should be about four times the LCP echo
>interval. Any idea where one implements the LCP echo option?

This is a pppd option ("lcp-echo-interval", not "lcp-echo-internal", BTW). 
Put it wherever the RH-8.0 implementation of pppd stores its settings (on 
my Debian system, this would be in /etc/ppp/options, but YMMV ... check 
*your* version of the pppd man page for this info).
[...]


--
-------------------------------------------"Never tell me the odds!"--------
Ray Olszewski					-- Han Solo
Palo Alto, California, USA			  ray@comarre.com
-------------------------------------------------------------------------------

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: firewall blocks ppp0?

[Chuck Gelm]

Haines Brown wrote:
<big snip> 
 
> I originally had diven my machine an IP address (something like
> 168.192.0.1) because I've had my mahcine on a LAN, but now am just
> happy to get it to work as a stand-along workstation. When eth0 had an
> address, ifconfig recported it; when I made a DSL connection, the
> number changed to whatever my provider provides. I subsequently tried
> to cut the IP address, and I believe (not sure) that now ifconfig
> shows the eth0 as up, but with noi address until pppoe is started.

 eth0 never gets an IP address in my situation.
 Are you 'forcing' an IP address on via 'ip-up' or something?
 RP-PPPOE assigns an IP address to ppp0, not eth0.

 After 'normal' install of rp-pppoe-3.5  ;-) 
 Run:     I put adsl-start in my /etc/rd.d/rc.local script.
 I edited no files (other than rc.local) to get RP-PPPOE to work.
:-|
 This how it works for me.  Perhaps your is different. But....
Again I mention that the eth# device that attaches to the DSL modem
does not have an IP address.  Ala:

This is my LAN NIC:
eth0 Link encap:Ethernet  HWaddr 00:20:AF:10:63:D3  
     inet addr:192.168.0.1  Bcast:192.168.0.255  Mask:255.255.255.0
     UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
     RX packets:10581519 errors:14 dropped:0 overruns:14 frame:14
     TX packets:11506381 errors:0 dropped:0 overruns:0 carrier:0
     collisions:1837 txqueuelen:100 
     RX bytes:2017650304 (1924.1 Mb)  TX bytes:3952593210 (3769.4 Mb)
     Interrupt:5 Base address:0x300 

This is my DSL NIC:
eth1 Link encap:Ethernet  HWaddr 00:20:AF:19:F4:58  
     UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
     RX packets:2260684 errors:4 dropped:0 overruns:4 frame:4
     TX packets:1435674 errors:0 dropped:0 overruns:0 carrier:3
     collisions:8 txqueuelen:100 
     RX bytes:3069518901 (2927.3 Mb)  TX bytes:115487500 (110.1 Mb)
     Interrupt:10 Base address:0x200 

It is my ppp# device that gets an IP address from my DSL-ISP provider:
ppp0 Link encap:Point-to-Point Protocol  
     inet addr:123.456.789.210  P-t-P:123.456.789.1 
Mask:255.255.255.255
     UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1492  Metric:1
     RX packets:2253580 errors:0 dropped:0 overruns:0 frame:0
     TX packets:1429007 errors:0 dropped:0 overruns:0 carrier:0
     collisions:0 txqueuelen:10 
     RX bytes:3465872234 (3305.3 Mb)  TX bytes:118613004 (113.1 Mb)

HTH, Chuck

> Haines Brown
> -
> To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.linux-learn.org/faqs
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: firewall blocks ppp0?

[Chuck Gelm]

[-- Attachment #1: Type: text/plain, Size: 1978 bytes --]

How/why did your message arrive as

From:    Haines Brown <brownh@hartford-hwp.com>  Sat 6:55 PM
Subject: firewall blocks ppp0?
     To: linux-newbie@hartford-hwp.com
                     ^^^^^^^^^^^^^^^^^
                      ???????????????

This does not allow a 'reply all'    :-(

Dear Haines Brown:

 I use Roaring Penguin PPPOE. http://www.roaringpenguin.com/pppoe/
I selected permanent connection, but I am unsure if this applies
to eth# or ppp#. :-|  'adsl-setup' and 'adsl-start' are script
names with my application (Roaring Penguin).  I am assuming that
your using the same or similar.

 How do you know "I definitely have eth0 set to be permanently
 up" ?  Actually, I'm betting that it is ppp# that is set to
 demand or permanent.

 It seems that your dsl connection (PPPOE?) application is
setting up IPCHAINS, but your kernel is using IPTABLES.

You can:

- reconfigure (make config) your kernel to use IPCHAINS.

- configure IPTABLES to replace your dsl-connection application's
  attempt to use IPCHAINS.

HTH, Chuck

Haines Brown wrote:
> 
> I'm setting up a copy of RedHat 8.0 on a machine that is intended as a
> standalone machine with DSL access to Internet.
> 
> I have eth0 up and running, and did the adsl-setup with my usual valid
> information. The problem comes trying to make ppp0 active. It tries,
> but cycles between active and inactive.
> 
> When I run adsl-start with debugging, it tells me that I'm set up for
> demand-connection. I definitely have eth0 set to be permanently
> up. Does this alert refer instead to ppp0? If so, perhaps this is what
> I'd expect. Is that right?
> 
> I'm also told: ipchains: Protocol not available
> 
> That sounds to me as if my firewall (which I set to be "high"
> protection), may be blocking the ppp protocol. Does this seem to be
> the case?
> 
> I went to pursue this, and ran ipchains -L, but got the error message
> that this command is incompabible with my kernel.
> 
> What to do?
> 
> Haines Brown

[-- Attachment #2: nsmail8M.TMP --]
[-- Type: message/delivery-status, Size: 384 bytes --]

[-- Attachment #3: nsmailIN.TMP --]
[-- Type: message/rfc822, Size: 2641 bytes --]

From: Chuck Gelm <nc8q@gelm.net>
To: Haines Brown <brownh@hartford-hwp.com>
Cc: linux-newbie@hartford-hwp.com
Subject: Re: firewall blocks ppp0?
Date: Sun, 24 Nov 2002 11:48:58 -0500
Message-ID: <3DE102FA.85D8F85D@gelm.net>

Dear Haines Brown:

 I use Roaring Penguin PPPOE. http://www.roaringpenguin.com/pppoe/
I selected permanent connection, but I am unsure if this applies
to eth# or ppp#. :-|  'adsl-setup' and 'adsl-start' are script
names with my application (Roaring Penguin).  I am assuming that
your using the same or similar.

 How do you know "I definitely have eth0 set to be permanently
 up" ?  Actually, I'm betting that it is ppp# that is set to
 demand or permanent.

 It seems that your dsl connection (PPPOE?) application is
setting up IPCHAINS, but your kernel is using IPTABLES.

You can:

- reconfigure (make config) your kernel to use IPCHAINS.

- configure IPTABLES to replace your dsl-connection application's
  attempt to use IPCHAINS.

HTH, Chuck

Haines Brown wrote:
> 
> I'm setting up a copy of RedHat 8.0 on a machine that is intended as a
> standalone machine with DSL access to Internet.
> 
> I have eth0 up and running, and did the adsl-setup with my usual valid
> information. The problem comes trying to make ppp0 active. It tries,
> but cycles between active and inactive.
> 
> When I run adsl-start with debugging, it tells me that I'm set up for
> demand-connection. I definitely have eth0 set to be permanently
> up. Does this alert refer instead to ppp0? If so, perhaps this is what
> I'd expect. Is that right?
> 
> I'm also told: ipchains: Protocol not available
> 
> That sounds to me as if my firewall (which I set to be "high"
> protection), may be blocking the ppp protocol. Does this seem to be
> the case?
> 
> I went to pursue this, and ran ipchains -L, but got the error message
> that this command is incompabible with my kernel.
> 
> What to do?
> 
> Haines Brown
> -
> To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.linux-learn.org/faqs

Re: firewall blocks ppp0?

[Haines Brown]

> Date: 	Sun, 24 Nov 2002 12:02:57 -0500
> From: Chuck Gelm <nc8q@gelm.net>
> X-Accept-Language: en
> Sender: linux-newbie-owner@vger.kernel.org
> X-Mailing-List: 	linux-newbie@vger.kernel.org
> 
> This is a multi-part message in MIME format.
> --------------3637FA4FE80086AB2A08BE64
> Content-Type: text/plain; charset=us-ascii
> Content-Transfer-Encoding: 7bit
> 
> How/why did your message arrive as
> 
> From:    Haines Brown <brownh@hartford-hwp.com>  Sat 6:55 PM
> Subject: firewall blocks ppp0?
>      To: linux-newbie@hartford-hwp.com
>                      ^^^^^^^^^^^^^^^^^
>                       ???????????????
> 
> This does not allow a 'reply all'    :-(

Wow! Never noticed that before. I'm having a terrible time with users
being unable to start X, and thought an identity conflict might be the
cause. However, when I run # hostname, I'm whom I think I am 

But sentmail is here doing something strange. I"ve no idea what could
cause this.

Haines
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs