[techtalk] Telnet, solaris and .profile
Hi! My home directory at work is mounted via NFS on my Linux box. It's got a .profile and a .bash_profile file. When I login from Linux, it reads my .bash_profile file. When I telnet into the Solaris 5.6 box that hosts my home directory, my .profile file is not read (and I don't want it to read my .bash_profile - they're different files for a reason). It's annoying me that I always have to . .profile after logging in. Is there any way I can automate this? Thanx for any answer Britta ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Netstat weirdness
On Wed, Aug 16, 2000 at 04:19:33PM -0500 or so it is rumoured hereabouts, [EMAIL PROTECTED] thought... > > Here's the route list you gave earlier: > |Destination Gateway Genmask Flags MSS Window irtt Iface > |63.251.67.560.0.0.0 255.255.255.248 U 0 0 0 eth0 > |192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 > |127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo > |0.0.0.0 63.251.67.570.0.0.0 UG0 0 0 eth0 > > The way the kernel routes packets is, for each route table entry, in > order, it takes the IP address you're trying to reach, binary-ANDs it > with the genmask, and then compares the result with the destination. > If it matches, it sends the packet to the specified interface. If the > G flag is NOT set, then this is a direct route; if G is not set, then > you're going out a gateway. So, in your case, 63.251.67.56 thru > 63.251.67.63 all go direct to eth0, 192.168.0.0 through 192.168.0.255 > all go direct to eth1, 127.0.0.0 thru 127.255.255.255 all go direct > thru lo (the loopback interface), and everything else is gatewayed to > 63.251.67.57 via eth0. This is perfectly consistent with your > ifconfig settings. > > The network on eth0 has the network address 63.251.67.56. This should > not be the IP address of any machine on that network, since subnet > address 0 is reserved. .56 is the network address and .63 is the > broadcast address for this subnet. > > In short, there's doesn't appear to be anything at all wrong with your > routing. > Question for you... I'm using an old 486 as internet gateway / router / firewall. I'm using a P200 as server / DNS / squid proxy (Well, I will be once I get around to configuring squid). I want to set things up so that clients need one IP address only for gateway, DNS, proxy etc. How do I set up the routing? Firewall192.168.1.254 Server 192.168.1.1 Clients 192.168.1.2-5 Client Routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.254 0.0.0.0 255.255.255.255 U 0 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.20.10.0.0.0 UG0 0 0 sl0 Server Routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.1.1 0.0.0.0 255.255.255.255 U 0 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.1.254 0.0.0.0 UG0 0 0 eth0 If I point a client to the server as it's gateway, nothing gets routed out through the gateway. Only if I give the actual gateway machine as gateway does the routing happen but I want to use the squid proxy transparently and supply only one IP address to be used for gateway / dns . Is it simply a matter of using ipchains to set up forwarding from the server to the gateway (which, itself, uses ipchains for the firewall / Ip masq)? -- Conor Daly <[EMAIL PROTECTED]> Domestic Sysadmin :-) ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [ILUG] Re: [techtalk] How a script is called
On Thu, Aug 17, 2000 at 01:24:25AM +0100 or so it is rumoured hereabouts, Fergal Daly thought... > At 19:48 16/08/00, Conor Daly wrote: > > > >Nice answers everyone but, alas, there is an implicit assumption that there's > >only one arg or none involved. I'm accepting up to three args in any order at > >present and have no control over how the script is called in the case of a > >pipe. > > Not trying to start (another ;-) fight but did you read my reply? Using if > [ -t 0 ] makes no assumptions about arguments, it is a common and standard > way of checking whether you're being piped or not. You can find it in no > less an authority than the Perl Cookbook and I'm sure many other places, > Fergal, Your (sexy) answer didn't appear at my mail client until after I posted the above response. I responded to that somewhere in this thread also. Thanks again!! :-) -- Conor Daly <[EMAIL PROTECTED]> Domestic Sysadmin :-) ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Netstat weirdness
On Thu, Aug 17, 2000 at 08:49:57AM +0100, Conor Daly wrote: > Question for you... > > I'm using an old 486 as internet gateway / router / firewall. I'm > using a P200 as server / DNS / squid proxy (Well, I will be once I get > around to configuring squid). I want to set things up so that clients > need one IP address only for gateway, DNS, proxy etc. How do I set up > the routing? [...snip...] > If I point a client to the server as it's gateway, nothing gets routed > out through the gateway. Only if I give the actual gateway machine as > gateway does the routing happen but I want to use the squid proxy > transparently and supply only one IP address to be used for gateway / > dns . > > Is it simply a matter of using ipchains to set up forwarding from the > server to the gateway (which, itself, uses ipchains for the firewall / > Ip masq)? It's even easier than that: you just need to tell the kernel to allow forwarded packets. If you are using a recent RedHat system (I think it needs to be 6.2 or later), then edit /etc/sysctl.conf and change the line that say net.ipv4.ip_forward=0 to be net.ipv4.ip_forward=1. On other distributions, there may be a similar method, but the general solution is just to do: echo 1 > /proc/sys/net/ipv4/ip_forward This simply tells the kernel that it is allowed to forward packets (you would have had to turn this on for your firewall box, but it may have been done magically for you by whatever you used to set up the firewall). Cheers, Malcolm -- Malcolm Tredinnickemail: [EMAIL PROTECTED] CommSecure Pty Ltd PGP signature
Re: [techtalk] cron help needed!
On Wed, Aug 16, 2000 at 03:17:32PM -0700, Amanda LeNay wrote: > We upgraded to Red Hat 6.2 (from 5.0) and now our cron jobs aren't > running. The cron log file isn't showing any errors - in fact it looks > like everything is running - only it isn't - nothing is executing. I > have tried restarting crond but I don't know what else to do at this > point. > > Any help would be much appreciated. Two suggestions to help diagnose your problem: (1) Look in /var/log/messages and see if anything was reported by crond. (2) Try to run the various scripts by hand (/var/log/cron shows the commands cron was trying to run) and see what appears. Apologies if these are obvious things that you've already tried, but I can't guess what else might be going wrong. My first thought is that some crucial file you are relying on has moved in the upgrade (some system thing that RH moved to a "better" location and you've hardcoded the path), but it's only a guess. Cheers, Malcolm -- Malcolm Tredinnickemail: [EMAIL PROTECTED] CommSecure Pty Ltd PGP signature
Re: [techtalk] Telnet, solaris and .profile
On Thu, Aug 17, 2000 at 09:33:50AM +0200 or so it is rumoured hereabouts, Britta Koch thought... > Hi! > > My home directory at work is mounted via NFS on my Linux box. It's got a > .profile and a .bash_profile file. When I login from Linux, it reads my > .bash_profile file. When I telnet into the Solaris 5.6 box that hosts my home > directory, my .profile file is not read (and I don't want it to read my > .bash_profile - they're different files for a reason). It's annoying me that I > always have to . .profile after logging in. Is there any way I can automate > this? > There's a way to pick up the Ip of the machine you're coming in from (can't think of it now). You could have something that checks that IP and does a source .profile on the basis of the IP. Does a .login or anything run? -- Conor Daly <[EMAIL PROTECTED]> Domestic Sysadmin :-) ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Netstat weirdness
On Thu, Aug 17, 2000 at 08:41:00PM +1000 or so it is rumoured hereabouts, Malcolm Tredinnick thought... > > On other distributions, there may be a similar method, but the general > solution is just to do: > > echo 1 > /proc/sys/net/ipv4/ip_forward > > This simply tells the kernel that it is allowed to forward packets (you > would have had to turn this on for your firewall box, but it may have > been done magically for you by whatever you used to set up the > firewall). > The "echo 1 > ... " line is indeed in use on the gateway in the firewall script, not sure if it is there on the server (both running RH6.2). I seem to remember (when using linuxconf) checking the "allow packet forwarding" on the server but doing it in the config files always seems to be the better route. I have found at times that, after modifying a config file with vi, linuxconf doesn't seem to read back the config from the same file(s). Does it keep a database of settings elsewhere or something? -- Conor Daly <[EMAIL PROTECTED]> Domestic Sysadmin :-) ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
Re: [techtalk] Netstat weirdness
On Thu, Aug 17, 2000 at 12:54:55PM +0100, Conor Daly wrote: > On Thu, Aug 17, 2000 at 08:41:00PM +1000 or so it is rumoured hereabouts, > Malcolm Tredinnick thought... > > > > On other distributions, there may be a similar method, but the general > > solution is just to do: > > > > echo 1 > /proc/sys/net/ipv4/ip_forward > > The "echo 1 > ... " line is indeed in use on the gateway in the > firewall script, not sure if it is there on the server (both running > RH6.2). I seem to remember (when using linuxconf) checking the "allow > packet forwarding" on the server but doing it in the config files > always seems to be the better route. > > I have found at times that, after modifying a config file with vi, > linuxconf doesn't seem to read back the config from the same file(s). > Does it keep a database of settings elsewhere or something? No. Linuxconf tries to parse the various configuration files to work out what the current settings are. In general, I think it is safer to use linuxconf all the time, just to keep everything sane. In this case, though, linuxconf (on RH6.2) will change the /etc/sysctl.conf file. If you do the same thing, I would recommend altering the comment before the line that sets up ip_forwarding (it is a particularly *stupid* comment, imho, since it says what the default setting does and if you change that setting without altering the comment, you are left wondering whether 1 means "enabled" or "disabled"). Cheers, Malcolm -- Malcolm Tredinnickemail: [EMAIL PROTECTED] CommSecure Pty Ltd PGP signature
RE: [techtalk] Telnet, solaris and .profile
Britta Koch, [EMAIL PROTECTED], said: > My home directory at work is mounted via NFS on my Linux box. > It's got a .profile and a .bash_profile file. When I login > from Linux, it reads my .bash_profile file. When I telnet into > the Solaris 5.6 box that hosts my home directory, my .profile > file is not read (and I don't want it to read my .bash_profile > - they're different files for a reason). It's annoying me that I > always have to . .profile after logging in. Is there any way > I can automate this? What shell are you using, and is it one that normally runs .profile? One way to do things differently on different computers is to have it check what os/hostname it is, and run a different file depending on what it comes up with. Here's a way that works in both bash and csh: in the 'main' script (say, .profile), have these two lines: ---cut--- source script.`uname` source script.`hostname` ---cut--- (and you can of course have stuff that you want to do all the time in the main file as well) the `` (backticks) mean "run this program and put the results here", so if I was on Linux, running uname gives me "Linux", so that would turn into "source script.Linux", and if I was on solaris, running uname gives me "SunOS", so that would turn into "source script.SunOS". Of course, change the "script" part of it to something that makes sense, like .profile if you're doing your profile.[1] So now, for each system you need os- or host- specific stuff in[2], create a file for the script.`uname` and script.`hostname`. One easy way to do this is to actually log in to the system you want it for, and do a emacs/vi/cat > or whatever literally script.`uname`, which prevents you from making any typos. You might also want to do an echo script.`uname` beforehand, just to make sure it makes sense. One disadvantage is that if you don't have a system-specific file for a particular system it'll give an error. I actually like this, because it lets me see if I'm missing any systems. hope this made sense and/or was useful.. [1] an alternative is to put the specific files in a different directory, like .profiles/ (you can probably figure out how to call them from the above) Another alternative is to run the files instead of sourcing them. This probably won't work very well for .profile kinds of things, but may work for other scripts, especially if for some reason you wrote them in different languages, or if some of them are symlinks to the 'real' programs and some of them are programs you wrote. [2] if you only want to do it on hostnames or only want to do it on unames, you can obviously just take the line out. You can also do it with other things, like possibly whether your home dir is local or nfs'd (I don't know if or how to do this, I haven't used nfs much) ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
RE: [techtalk] Telnet, solaris and .profile
On 17 Aug, Fan, Laurel wrote: > > What shell are you using, and is it one that normally runs .profile? I'm using the bash on a Solaris 5.6 machine. But it doesn't read ..bash_profile, either. Maybe I'll have to look in /etc/passwd or the Solaris equivalent. > > One way to do things differently on different computers is to have it > check what os/hostname it is, and run a different file depending on > what it comes up with. Here's a way that works in both bash and csh: > > in the 'main' script (say, .profile), have these two lines: > ---cut--- > source script.`uname` > source script.`hostname` > ---cut--- > Now that's an elegant solution! Thanx! Britta -- /"\ . . . . . . . . . . . . . [EMAIL PROTECTED] . . . . . . . . . . . . . \ / ASCII Ribbon Campaign "Wer mit der Speckseite nach der Wurst wirft, X- NO HTML/RTF in e-mailmuss sich nicht wundern, wenn sie dem Fass / \ - NO Word docs in e-mail die Krone ins Gesicht schlägt." ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
[techtalk] I asked my resident alphageek...
Date: Thu, 17 Aug 2000 09:56:54 -0500 (CDT) From: Jonathan Guthrie <[EMAIL PROTECTED]> To: J-Mag Guthrie <[EMAIL PROTECTED]> Subject: Re: Check this out On Thu, 17 Aug 2000, J-Mag Guthrie wrote: > http://www.abcnews.go.com/sections/tech/FredMoody/moody.html Oh, okay. He's the guy who added up all the columns listing defect counts for Linux distributions, including "aggregate" and concluded that Linux was the "worst operating system ever". He's got a lot of nerve complaining about people who do "not seem to read, understand, or otherwise know how to employ the English language" when he adds the aggregate total to all the other columns in the statistics to reach his conclusion. He's also lying in this column. He said nothing about relative market share in his previous message. He also quoted not ONE "security expert" as the basis of his conclusion The conclusion was based solely on the total number of defects reported. Based on the fact that he used "fighting words" in his original message, that he doesn't know what he's talking about, and the fact that he lies through his teeth about the focus of the previous article, I have to conclude that he's a moron. -- Jonathan Guthrie ([EMAIL PROTECTED]) Brokersys +281-580-3358 http://www.brokersys.com/ 12703 Veterans Memorial #106, Houston, TX 77014, USA ___ techtalk mailing list [EMAIL PROTECTED] http://www.linux.org.uk/mailman/listinfo/techtalk
