LDP
/
old-www
1
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity
old-www/LDP/LG/issue16/answer.html

864 lines
32 KiB
HTML
Raw Permalink Blame History

<!--startcut ======================================================= -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<title>The Answer Guy Issue 16</title>
</head>
<BODY BGCOLOR="#EEE1CC" TEXT="#000000" LINK="#0000FF" VLINK="#0020F0"
ALINK="#FF0000" >
<!--endcut ========================================================= -->
<H4>&quot;Linux Gazette...<I>making Linux just a little more fun!</I>&quot;
</H4>
<P> <hr> <P>
<!-- =============================================================== -->
<center>
<H1><A NAME="answer">
<img src="../gx/ans.gif" alt="" border=0 align=middle>
The Answer Guy
<img src="../gx/ans.gif" alt="" border=0 align=middle>
</A></H1> <BR>
<H4>By James T. Dennis,
<a href="mailto:jimd@starshine.org">jimd@starshine.org</a><BR>
Starshine Technical Services, <A HREF="http://www.starshine.org/">
http://www.starshine.org/</A> </H4>
</center>
<p><hr><p>
<H3>Contents:</H3>
<ul>
<li><a HREF="./answer.html#address">SATAN URL Correction</a>
<li><a HREF="./answer.html#edi">EDI on Linux</a>
<li><a HREF="./answer.html#zmod">zmodem</a>
<li><a HREF="./answer.html#run">Running the Internet with Linux</a>
<li><a HREF="./answer.html#spawn">Respawning Too Fast</a>
<li><a HREF="./answer.html#map">Problems with Keyboard Mapping</a>
<li><a HREF="./answer.html#modsp">Modem Speed</a>
<li><a HREF="./answer.html#duplic">Duplicating a Linux Installed Hard Drive</a>
<li><a HREF="./answer.html#fire">Using Linux Box as a Firewall</a>
</ul>
<p><hr><p>
<!--================================================================-->
<a name="address"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
SATAN URL Correction
</h3>
<P> <B>
From: Richard White, <a href="mailto:whiter@digex.net">whiter@digex.net</a><br>
In the Linux Journal #14, you made reference to
ftp.cs.perdue.edu...(grin) Doesn't exist. I think that it was supposed
to be ftp.cs.purdue.edu.
</B><p><b>
-- Richard D. White, Business Connectivity Technical Support
</B> <P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Yes! That was, of course, a typo.
But other than that -- did you find the info useful?
<P> <img align=bottom alt=" " src="../gx/ques.gif">
<B>
Yes. Very. I've just downloaded SATAN and a few of the other security
tools. I work in customer service for leased lines and I occasionally
assist customers in configuring their firewalls. Learning what holes there
are and how to plug them is very worthwhile knowledge.
</B> <P>
<img align=bottom alt=" " src="../gx/ans2.gif">
Have you tried cops (Dan Farmer's earlier host based
auditing package) or Tiger (Texas A&amp;M University)?
<p>
Have you gotten tripwire running? I (and most of the
rest of the Linux community that's tried it) had a
little trouble with Tripwire. I had fussed it into
submission a number of months ago -- forgotten about
it. Then recently I had to fetch and build a new
copy.
<p>
I encountered the same problems building it -- and the
same problems with the README.linux I found myself
muttering that someone -- anyone -- ought to prepare
a proper set of patches that allow the Linux user to
just compile the thing with minimal effort.
<p>
Now I'm not a programmer (although I do "play one
on the 'net") so I really didn't feel qualified to
do this. However I never have been able to inspire
or manage much of a volunteer effort in others so
I did it myself.
<p>
Creating a set of patches involved teaching myself
how to use CVS (version control system). I'm thinking
of writing up an article on using CVS to track local
changes in downloaded source trees and cutting diffs
so you can share the work you do with others on the
net.
<p>
Naturally I'd use tripwire as one example --
probably pgp as another. I'm also planning on
importing my kernel sources into CVS.
<p>
If your interested you could get my patch and let
me know if it works. It's about 150 lines of text
that seems to work for me using Larry Wall's standard
'patch' program.
<p>
-- Jim
<p><hr><p>
<!--================================================================-->
<a name="edi"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
EDI On Linux
</h3>
<P> <B>
From: Adam Morrisom, <A HREF="mailto:adam@morrison.iserv.net">
adam@morrison.iserv.net</A> <br>
I have just got management to permit me to install our first Linux box, right
next to our not-so-mighty RS/6000. So far it has operated flawlessly (which
is exactly what I expected). And suddenly Linux is a possible solution for
jst about every problem we have (they loved the price tag). Now I have to
implement EDI, and I was wondering if any software is available for Linux, I
haven't been able to find anything, on the software map, sunsite or any where
else. Any pointers or people to contact would be greatly appreciated.
</B> <P> <B>
Adam,
</B> <P>
<img align=bottom alt=" " src="../gx/ans2.gif">
You certainly put in an good entry in Jim's
"Stump the techie" contest.
<p>
I've heard of EDI (electronic data interchange) and
vaguely recalled that it is a data format specification
for electronic commerce (mostly in the mainframe world
where X.25 predominates over TCP/IP).
<p>
However I haven't heard of any projects or products
being available specifically for Linux.
<p>
Here's a few web pages that I did dig up that might
help:
<ul>
<li><a href="http://www.spedi.com/products/unix.html">
St. Paul Software Products - UNIX</a>
<li><a href="http://www.marin.cc.ca.us/~shadow/bookmark.html">
Shad's Bookmark file</a>
<li><a href="http://www.premenos.com/">
Premenos Technology Corporation</a>
<li><a href="http://www.teren.com/edi.html">
More About Electronic Data Interchange (EDI)</a>
<li>
RFC Archives -- RFC1767 (link dead 2-Apr-2001: article removed)
<li><a href="ftp://ds.internic.net/rfc/rfc1767.txt">
TSI International</a>
<li><a href="http://www.tsisoft.com/pages/hotlinks.htm">
1994 EDI-L (Electronic Data Interchange Issues)</a>
<li><a href="http://www.ima.com/mlarchive/lists/edi-l.1994/0241.html">
Mailing List Archive: Re: PC based EDI</a>
<li><a href="http://www.uniforum.org/news/html/publications/ufm/\1995-Indes.html
#anchor5495158">
Uniforum: 1995 Index</a>
</ul>
<P>
I hope these help. Basically it looks like there are
not "shrinkwrap" or "off-the-shelf" EDI packages for any
platform. Good luck.
<p>
One approach you may take is to contact the publishers
or authors of your existing EDI applications and see if
they can do the port for you.
<p>
-- Jim
<p><hr><p>
<!--================================================================-->
<a name="zmod"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
zmodem
</h3>
<P> <B>
Help answer guy! I cannot download from the net! Here's the story:
- I run linux v2.0.0. I am using minicom v1.71. I have NOT touched my
file transfer protocols since I installed, so they would be the
default configs.
</B> <P>
<img align=bottom alt=" "src=" ../gx/ans2.gif">
I hate debugging serial line problems.
<p> Here's the basic litany for solving modem problems:
<p> What happens at lower speeds? What IRQ is this serial
line using? What sort of UART is installed?
What are the flow control settings? Does the cable
have conductors for all of the flow control signals?
How is the modem configured (hardware and init strings)?
<p> minicom 1.71 is pretty old. I have 1.75 here -- and
there may be even newer versions up on sunsite.
<p> Incidentally -- you should probably upgrade to
Linux kernel version 2.0.29 or so.
<p> Your problem may not be related to either of these
factors -- but it won't hurt to upgrade.
<p> The first thing I'd check is Minicom's configuration
for init strings and flow control. Try an init string
of:
<PRE>
AT&amp;C1&amp;D2
</PRE>
<p> ... (which I remember from years of supporting
PCAnywhere as well as seeing it in my current
configuration). These set the modem's behavior
for the DCD (device carrier detect) and flow control.
I don't remember which is which and what the other
numbers do -- look them up in your modem's manual if
you're curious).
<p> Then make sure that minicom's "Serial port setup"
specifies "Hardware Flow Control" is "on."
<p> When having problems with serial lines and modems I
find it handy to get the digital equivalent of a
"second opinion." -- Do you run any other comm
software on this system (pppd, uucp/cu, mgetty --
dial-in, seyon)? Do those work reliably when transferring
data (putting the line under load)?
<p> I'd suggest getting a copy of C-Kermit from Columbia
University <a href="mailto:kermit.columbia.edu">kermit.columbia.edu
</a>. No offense to
Miguel van Smoorenburg but minicom was having problems
on my system, too. C-Kermit is doesn't have any of the
full screen, ncurses "feel" to it but does a good solid
job of talking to the modem. It's scripting capabilities
are also far more advanced than minicom's 'runscript' --
and has features that would be to force 'minicom' to
do through an 'expect' script (for example).
<p> Do you have another account on another system (BBS or
ISP)? Do your file transfers work O.K. to or from
there? The problem may be with your ISP rather than
at your end.
<p> What if you try a different protocol -- such as
kermit? Kermit is often characterized as "slow"
compared to zmodem -- but this is largely because
it's default is tuned for the very noisy, unreliable
connections that were common when it was created
(almost 20 years ago).
<p> After checking with another comm. program I'd look a
little lower. Using the commands:
<PRE>
stty -a < /dev/modem
</PRE>
<p> ... and
<PRE>
setserial -a /dev/modem
</PRE>
<p> (both of these assuming you have a "modem" link to
the appropriate <code>/dev/ttyS*</code> entry on your system).
<p> Make sure that your stty reports crtscts (for the
flow control). Then make sure that the cable between
your computer and your modem has all those pins
connected.
<p> Double check that you don't have an IRQ conflict. These
are insidious in that they may not show up until the
port is under load.
<p> In addition check to see that you have a high speed
UART (16550AFN) on that port.
<p> Next I'd check the modem's configuration. You can
see some of that with AT&amp;V (which on many Hayes
modems dumps the configuration date and S-register
values to your terminal). Look at the Init strings
that you are using in Minicom and look in the
modem manual for recommended init strings for similar
software.
<p> After checking all of that I'd shutdown and boot
up in DOS (if you don't have a copy of DOS you can
consider downloading a copy of Caldera's OpenDOS.
I'm not sure what the licensing terms will be -- but
I did read that we're all invited to play with it for
90 days). Along with a copy of DOS you also need
a Telix, Qmodem, Procomm, or other comm. package.
There are many of these in shareware -- Telix is my
personal favorite.
<p> (Note: I am not advocating use of these packages
without respect to their licenses. If you choose to
continue to use Telix or OpenDOS -- even for the
occasional troubleshooting session; please read and
abide by their licensing and registration. Yes,
I have fully legal copies of Telix (DOS and Windows)).
<p> In any event I like to check from plain old DOS
since the old real mode program loader is so
minimal. You could try building a Linux kernel
with no support for TCP/IP and stripping out all
of the device drivers except the serial and console
support and booting that in single user mode ... and
that still isn't close.
<p> The idea is to see if any of your other devices or
hardware features are conflicting.
<P> <B>
<img align=bottom alt=" " src=" ../gx/ques.gif">
i am a best internet shell account, i believe iris but i don't
know the version.
</B> <P>
<img align=bottom alt=" " src=" ../gx/ans2.gif">
I'm guessing that you mean that your account is at
best.com and that they are running Irix (SGI).
(Which is interesting -- since I would have guessed
Sun/Solaris for them -- but what do I know).
<p> Note: Irix and Solaris are not known for sterling
serial line support. They are currently geared for
ethernet TCP/IP support -- on the assumption that
most sites will use terminal servers (small dedicate
devices that convert serial connections to telnet
sessions). Consequently I've heard that the copies
of rz/sz that ship with these should routinely be
replace with newer sources from the 'net.
<P> <B>
<img align=bottom alt=" " src=" ../gx/ques.gif">
i have a usrobotics sportster 28.8 modem
</B> <P>
<img align=bottom alt=" " src=" ../gx/ans2.gif">
Internal or external?
<p> Personally I don't like the Sportster series.
Their Courier's are nice (but spendy). I currently
use a Practical Peripherals -- but my next modem will
probably be a Zyxel.
<P> <B>
<img align=bottom alt=" " src=" ../gx/ques.gif">
I type<code>sz &lt;filename&gt;</code>
things go along fine until about 40k than i will get a couple of different
error messages:
<PRE>
BAD CRC:0
</PRE>
sometimes followed by another attempt at downloading
(usually only a bit or two) than the same error OR
<PRE>
GARBAGE COUNT EXCEEDED:0
</PRE>
followed by a time-out.
<p>AARRGH! what the heck is going on? u can email me privately if you would
prefer, as this is probably a totally common problem and i am just not
looking in the right place!
</B> <P>
</H3> <img align=bottom alt=" " src=" ../gx/ans2.gif">
<p> My guess would that you don't have a high speed UART.
Or that your flow control isn't properly set.
<p> The reason I guess this is that 40K is a reasonable
amound of data for the modem to get and buffer while
you system does a context switch. The buffer overruns
(in a 16450 -- older, low-speed UART) could easily be
fatal to the transfer in the first context switch.
<p> With the 16550 UART -- the UART has a 16 byte FIFO
buffer. That's enough for the UART to change
the state on the handshaking lines (lowering the
CTR -- clear to receive -- line) and enough still
store the incoming data while the other system
responds (stops sending).
<p> At 28.8Kbps coming into a 16450's (one byte!) buffer
the sender will have tossed a lot of bits out before
getting the message (that your system is dropping
them all on the floor).
<p> I am copying this to the Linux Gazette *because* it
is a common problem. Most of us in the real world
use modem -- we don't have T1's or ISDN/ethernet
bridges (actually I do have a Tracell WebRamp but
I'm not using it yet). So we are still stuck fighting
with these problems.
<p> I'm hoping that USB (IEEE 1394 "Firewire") actually
takes off in the next year. It's been hanging in the
wings, timidly for about two years now and it's LONG
overdue.
<p> Has anyone out there run a USB board under Linux?
<p> For those who are lost about "Firewire" refer to:
<ul>
<li><a href="http://www.usar.com/indact/standard/firewf.htm">
USAR Systems -- Fireware Info</a>
<li><a href="http://www.adaptec.com/firewire/1394main.html">
The IEEE-1394 High Performance Serial Bus -- Adaptec's FAQ</a>
<li><a href="http://www.1394ta.org">
IEEE 1394 Trade Assoc. -- Firewire, USB, serial bus</a>
</ul>
<p> If you have any Linux news on this topic -- mail it to
<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a>.
<p>
--Jim
<p><hr><p>
<!--================================================================-->
<a name="run"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Running the Internet with Linux
</h3>
<P> <B>
From:Ricardo Romero <a
href="mailto:rromero@netfriendly.com"> rromero@netfriendly.com</a>
<p>Hi, my name is Ricardo Ribeiro Romero and i live in Brazil, i try to run
INTERNET from linux but this not run, you may help-me?
<P>Tks, <BR>
Romero, Ricardo
</B> <P>
</H3> <img align=bottom alt=" " src=" ../gx/ans2.gif">
At the risk of seeming unfriendly, Romero, I'd have to
suggest that you might want to look for a local consultant
or computer specialist to help you.
<p> Questions to a publication -- particularly a free publication
which is entirely supported by the volunteer efforts of the
writers and the generous sponsorship of SSC have to be
fairly specific and of reasonably broad interest.
<p> Any reasonable distribution of Linux includes all of the
utilities you need to connect to the Internet as a client
and all of the utilities that most people would ever want
to be a service provider.
<p> It is not clear from your message whether you are trying
to set your system up as a server/provider or as a client
or both.
<p> There are several good books that go into broad coverage
of Networking with Linux (which is largely the same as
networking under other forms of Unix). My personal favorite
would be the Linux Documentation Project's Network Administrator's
Guide (LDP NAG for short). This is available electronically
(as text, postscript, TeX, or HTML) and is probably on any
set of CD's that you'd buy. You can also purchase a professionally
bound and printed copy from O'Reilly & Associates (among others).
<p> Along with that O'Reilly also publishes a book called something
like: "Getting Connecting: Establishing a Presence on the Internet"
(That would be the "Pig" book) by Kevin Dowd). If you're trying
to set yourself up as an ISP or if your want to have a
dedicated connection to the net (say for your office) than
this is probably what you want.
<p> Personally I recommend that most small business and private
people avoid "dedicated" or "permanent/full-time" connections
to the 'net. It's much less expensive to configure UUCP for
mail and news -- and look at virtual hosting and/or co-location
for serving up web pages and other services. This can be
supplemented with demand dialed PPP (using scripts or diald)
to provide the web access -- over a modem or via ISDN.
<p> One of the big benefits of ISDN is the lower latency. A
modem connection takes about 30 seconds to 1 minute to
dial, ring, connect, and negotiate. ISDN can do that in
about 3 seconds. You'll be much less reluctant to hang
up and quit hogging your ISP's phone line if you know that
you can get back in about 3 seconds.
<p> In addition to the lower expense running your site as a
disconnected network relieves you of quite a bit of the
security concerns associated with a full time net connection.
Sure -- your PPP link is inherently bi-directional (people
can connect back to your through it and attempt to exploit
the same services that they my attack on a fully connected
site). However you'll be there to notice any additional
load or any anomalies -- and your whole site is considerably
less attractive to crackers anyway.
<p> (People who connect their Linux systems to the 'net via PPP
really should take a 1 hr course on securing their hosts.
Maybe I'll crank out an article on that sometime).
Romero,
<p> Back to your question. Please try reading up about
these connections and/or consider hiring a local consultant.
I don't know anything about the phonesystems in Brazil --
and I get a little sketchy about ISP's if I get more than
about 200 miles inland from the Pacific Coast.
<p>
--Jim
<p><hr><p>
<!--================================================================-->
<a name="spawn"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Respawning too Fast
</h3>
<P> <B>
From: Igor Markov <a href="mailto:imarkov@math.ucla.edu">imarkov@math.ucla.edu</a>
My question is about the infamous "Resapawning too fast" message
from init. This message appears in my /var/log/messages
every 5 minutes (of course!) for xdm
I'm just guessing that this is for "The Answer Guy"
init: Id "x" respawning too fast: disabled for 5 minutes
However, xdm is running (I see it in ps output and I don't have
problems using it).
</B> <P>
</H3> <img align=bottom alt=" " src=" ../gx/ans2.gif">
You don't show the appropriate lines from your
your /etc/inittab but they should look something like:
<p> # Run xdm in runlevel 5 (and 4 for me)
x:45:respawn:/usr/bin/X11/xdm -nodaemon
<p> (Note: I run xdm in 4 and 5 which unusual -- but
4 is my custom default -- with 12 VCs, xdm in VC13
-- accessed by the right alt-key + F1 -- and syslog
output on VC 15, VC14 is used for stray open commands
or to redirect pesky output from backgrounded processes).
<p> My guess would be that you don't have the -nodaemon
switch on yours. (Try adding it).
<p> If I'm mistaken than the troubleshooting will be
more involved. Check with the vendor for your
distribution of Linux and see if they have some
patches.
<p> Red Hat users may want to look at:
<a href="http://www.redhat.com/support/docs/errata.html">
http://www.redhat.com/support/docs/errata.html</a>
<p> ... to see what's been fixed since your CD was burned.
<p> Also you may want to look in your xdm-config file
(/etc/X11/xdm/xdm-config -- if you're lucky -- otherwise
it could be in .... /usr/X11R6/....????).
<p> The best introduction to xdm I've ever found was in
_The_Shell_Hacker's_Guide_to_X_and_Motif_ from John
Wiley & Sons.
<P> <B>
<img align=bottom alt=" " src="../gx/ques.gif">
It seems that init tries to spawn a second xdm.
I couldn't confirm or reject this hypothesis...
(egrep xdm /etc/* /etc/*/* did not show anything promising)
Thank you
</B> <P>
</H3> <img align=bottom alt=" " src="../gx/ans2.gif">
Respawning too fast indicates that the program
is exiting (pretty much immediately) and that init
figures that there must be some bad problem. For
example if getty is respawning it may be that it's
attempt to grab the serial line is failing (like
there is no serial driver configured in your kernel
and you forgot to load the module -- or something like that).
<p> If xdm is loading and forking off a daemon (it's default)
then this will look like an exit/failure to init. The
-nodaemon will force xdm to run from the console in which
init started it (not try to "background" itself as it would
do if you ran it from a command line).
<p> The fact that your copy is working suggests this -- but when
you log out of your xdm session you might have to way upto
five minutes for init to decide to try xdm again (unless
your xdm logout configuration is doing the respawning or
something weird).
<p>
--Jim
<p><hr><p>
<!--================================================================-->
<a name="map"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Problems with Keyboard Mapping
</h3>
<P> <B>
From: Gilbert R. Payson
<a
href="mailto:g.payson@edina.xnc.com">g.payson@edina.xnc.com</a><BR>
Hello. I have three (okay, four) linux machines in Germany.
My problem is this: In Xwindows, my keyboard mapping is almost perfect.
But, there are a few problems:
</b>
<p><b> @ doesn't work.
It brings me to the last edited line (like an up-arrow)
How can I fix this?
</b>
<p><b> thanx! -gil
</B> <P>
<img align=bottom alt=" " src=" ../gx/ans2.gif">
I think you want to look at the xmodmap command.
You'll also want to look at the following HOW-TO
documents:
<ul>
<li><a href="http://sunsite.unc.edu/LDP/HOWTO/Keyboard-HOWTO.html">
Keyboard HOWTO</a>
<li><a href="http://sunsite.unc.edu/LDP/HOWTO/mini/Key-Setup">
Key Setup mini-HOWTO</a>
</ul>
<p>
--Jim
<p><hr><p>
<!--================================================================-->
<a name="modsp"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Modem Speed
</h3>
<P> <B>
From:Scott Atwood<a href="mailto:atwood@cs.stanford.edu">
atwood@cs.stanford.edu</a><BR>
I'd like to make a comment regarding a question from "The Answer Guy"
column in issue 13 of Linux Gazette about combining modems to increase
speed. This question reflects a common misconception of equating
bandwidth with speed. Latency is a much more important measure of
percieved speed, especially in interactive applications, such as
telnet sessions, and web browsing. Combining modems will increase
bandwidth, but latency will remain unaffected. For a more complete
treatment of this subject, see:
<a
href="http://rescomp.stanford.edu/~cheshire/rants/Latency.html">http://rescomp.stanford.edu/~cheshire/rants/Latency.html</a><BR>
an essay by Stuart Cheshire, author of Bolo.
</B> <P>
</H3> <img align=bottom alt=" " src=" ../gx/ans2.gif">
I finally got around to reading your article. It was
very interesting.
<p> I thought I had warned the reader that doubling his
bandwidth would only help on large, bulk transfers --
but perhaps I overlooked it.
<p>
--Jim
<p><hr><p>
<!--================================================================-->
<a name="duplic"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Duplicating a Linux Installed Hard Disk
</h3>
<P> <B>
I have installed slackware on my PC and I'm completely satisfied. I want
to duplicate my linux installed hard disk : Can I use my 1st hard disk
as a source and copy all of its contents to a 2nd blank linux-formated
hard disk? If I put this 2nd disk into another PC, it will boot Linux
normally?
</B> <P>
<p><img align=bottom alt=" " src=" ../gx/ans2.gif">
You can just use the 'dd' ("disk dump" or "data dump")
command on the raw devices. This will work if the two drives
are identical with no bad sectors.
<p> Many years ago I'd have said you were an idiot to even consider
it. Now I'd recommend against in much milder language.
<p> The difference is that modern drives -- IDE and SCSI are
capable of autotranslation (so the BIOS and often the
Unix/Linux disk drivers don't need to know the true
geometry of the disk. Most drives these days also have
spare sectors on every track -- during a low level format
spares are mapped into use for any bad sector on a particular
track. Using this scheme (which is normally completely
transparent to the host machine -- it's all in the drive's
electronics) it is rare to see any bad sectors on a drive
(until all the spares for a given track are used up).
<p> So it is technical feasible to do this.
<p> However I'd say that you're much safer to spend a little
more time and "do it right."
<p> Use fdisk to partition the new drive (presumably to set its
partitions to match those on your first drive. You can
do this without downing the system. I personally prefer to
follow the advice and reboot after writing a new partition
table -- but that's probably a force of habit from too
many years of DOS and OS/2.
<p> Then do a<code>mke2fs -c /dev/hdbX</code> (where X is the partition
number) for each of these new partitions.
<p> Then do a:
<PRE>
mount /dev/hdbX /mnt/tmp
find . -mount | cpio -pvum /mnt/tmp
</PRE>
<p> ... to each of them.
<p> Now your are almost done. The only problem is that
your lilo boot map (on your existing drive) probably
doesn't match the lilo configuration on the new one.
<p> The most reliable way of dealing with that is to
take the new drive to the new system -- boot from a
rescue floppy using the root=/dev/hdaX command
line parameters (on the lilo prompt line from the
rescue floppy) and edit the /etc/lilo.conf. Then
run lilo and reboot.
<p> That's all there is to it. That's about seven steps
(with 3 of them being repeated for each filesystem on
the drive(s). The amount of time this takes is dwarfed
by the actual task of opening your case and getting the
jumpers on the new drive working right (which is far worse
for IDE than most SCSI in my experience).
<p> Why is this better? Well it deals with bad blocks and
small difference in geometry. It also ensures that the
new copy is defragmented. Other than that -- it just
"feels" like a better way.
<p>
--Jim
<p><hr><p>
<!--================================================================-->
<a name="fire"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Using the Linux Box as a Firewall
</h3>
<P> <B>
From: Tim Gray <a href="mailto:timgray@lambdanet.com">
timgray@lambdanet.com</a> <BR>
Hi, I have a small problem that might affect others out there..
I am trying to get my linux box to act as a "firewall" of sorts for
my wife's Windows 95 computer. (I haven't been able to get her to
switch yet)
I installed ne2000 compatable boards in each, ran cable, installed
everything as per
per linux network administrators guide. The problem I have is
getting Packets
destined for internet to go out the modem line when it's not connected.
I need a way to have linux automatically fire up my dial-up connection when
it sees that the remote computers want to use it. and possibly kill the
connection after a period of non use.
<P> Thank you. Tim
</B> <P>
<img align=bottom alt=" " src=" ../gx/ans2.gif">
This arrangement is referred to a a "Proxy" server --
which is only a component of certain firewall architectures.
<p> Specifically you appear to be trying to set up a "dial on
demand Masquerading proxy host." (if I understand you
correctly).
<p> The first tool you need for this is called 'diald' --
(the 'dial daemon').
<p> The most recent version that I know of is at:
<p> <a href="ftp://sunsite.unc.edu/pub/Linux/system/network/serial/">
ftp://sunsite.unc.edu/pub/Linux/system/network/serial/</a>
<p> ... and is named:
<PRE>
diald-0.16.tar.gz
</PRE>
<p> I just set this up (literally while this draft was
loaded in my mailer). It was suprisingly easy.
<p> Just edited the make file (just to change the
LIBDIR, BINDIR, etc directories to point at /usr/local/...)
did a make and a make install. Then I created a file
named /etc/diald.conf with just the 'lock' directive in it.
I did this so I can more readily support multiple diald
configurations -- as I'll explain presently:
<p> I created a /etc/diald/ directory and put in a
file like:
<PRE>
device /dev/modem
connect "chat -f /etc/ppp/connect"
speed 38400
modem
defaultroute
crtscts
redial-timeout 120
connect-timeout 120
mode ppp
dynamic
local 192.168.1.1
remote 192.168.1.2
include /usr/lib/diald/standard.filter
</PRE>
<p> Obviously yours will differ in a few spots.
the -f parameter to your connect line should point
to whatever chat script you use manually. You might
change the device line -- although I highly recommend
that you consistently configure all of your packages to
use /dev/modem (which is just a symlink to the real
serical device on my system).
<p> I currently have diald, pppd (manual), uucp, kermit,
minicom, and mgetty all sharing this modem and properly
using the same lock files throughout.
<p> The local and remote addresses are apparently arbitrary --
I use addresses that are listed in RFC1918 (nee 1597)
which reserves several sets of addresses which the
IANA/InterNIC promise not to give out to "real" internet
sites.
<p> Then added the following two lines to my /etc/rc.local:
<PRE>
modprobe slip
/usr/local/sbin/diald -f /etc/diald/rahul
</PRE>
<p> (Where the rahul file is the one I've listed above and
refers to one of my PPP providers).
<p> Once you have your system reliably dialing your provider
on demand -- the next step is to get routing working
from your wife's system to the internet.
<p> I would recommend bringing up the ppp connection manually
and doing all the routing/masquerading/proxying configuration
and testing with the line "nailed" up.
<p>
--Jim
<!--================================================================-->
<P> <hr> <P>
<center><H4>Previous "Answer Guy" Columns</H4></center>
<P>
<A HREF="../issue13/answer.html">Answer Guy #1, January 1997</A><BR>
<A HREF="../issue14/answer.html">Answer Guy #2, February 1997</A><br>
<A HREF="../issue15/answer.html">Answer Guy #3, March 1997</A>
<P><HR><P>
<center><H5>Copyright &copy; 1997, James T. Dennis <BR>
Published in Issue 16 of the Linux Gazette April 1997</H5></center>
<P> <hr> <P>
<!--================================================================-->
<A HREF="./index.html"><IMG SRC="../gx/indexnew.gif" ALT="[ TABLE OF
CONTENTS ]"></A> <A HREF="../index.html"><IMG SRC="../gx/homenew.gif"
ALT="[ FRONT PAGE ]"></A>
<A HREF="lg_bytes16.html"><IMG SRC="../gx/back2.gif" ALT=" Back "></A>
<A HREF="./library.html"><IMG SRC="../gx/fwd.gif" ALT=" Next "></A>
<!--startcut ======================================================= -->
</body>
</html>
<!--endcut ========================================================= -->
Reference in New Issue View Git Blame Copy Permalink