Re: [Rule-list] RULE and Networking (Observations)

[Michael Fratoni]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 29 July 2002 01:37 am, Geoff Burling wrote:
> First, I am aware that RULE is alpha-quality software. It is very
> reliable in many respects (unlike the software of a certain US
> corporation located to the North of me), but unreliable in
> others. The point of this post is to document some of these
> unreliable characteristics.

Thanks for the feedback. Specific comments below.

> 1. I installed the networking packages of RULE -- selecting the
> network, sendmail, & sshd options -- but found the network abilities
> less than complete. One item I noticed that was not installed was the
> rpm for xinetd, 7.x's replacement for the more familiar inetd demon.
> Since I haven't been following the RULE mailing list from the
> beginning, I don't know if the omisison was intentional -- & done
> for good reaons -- or an oversight.

In the default install, there should be no packages installed that need 
xinetd functionality. Even in a more complete RedHat install, the only 
things requiring xinetd are portmap (for nfs) and sgi_fam, which also 
requires portmap. If I'm mistaken here, please correct me.

> 2. Although the ethernet card link light is showing green, I do not
> have full functionality. For example, I cannot telnet to my main
> computer on my LAN, although I could telnet to it when I was running
> an old version of Slackware on my 486, & I can also telnet into it
> from my SparcStation 10. (This is running an incomplete installation
> of Debian Linux.) However, I can ssh into the 486 from my main computer
> with no problem.

How are you calling ping? By ip address or FQDN? 
What is the output of '/sbin/route -n'?
What is the output of /sbin/ifconfig?
Have you defined a nameserver and gateway?
What are the contents of /etc/hosts and /etc/resolv.conf?
Did kudzu detect the network card and offer to configure it on the first 
reboot after install? 

I'll look at adding more complete network setup to the installer, if 
necessary.

> 3. Further, ping has been demonstrating some, er, interesting
> qualities. I can ping the testbed 486 from the main computer, but from
> the testbed cannot ping the main computer, nor the SparcStation.
> However, if I do a ``ping -b 192.168.1.255" (my LAN is on the
> 192.168.1.0 subnet), the testbed can ping all of the other computers.

See above. 

> 4. The following is an nmap probe of the 486 from my main computer:
>
> Starting nmap V. 2.53 by address@hidden ( www.insecure.org/nmap/ )
> Interesting ports on zander (192.168.1.101):
> (The 1519 ports scanned but not shown below are in state: closed)
> Port       State       Service
> 22/tcp     open        ssh
> 111/tcp    open        sunrpc
> 827/tcp    open        unknown
> 2048/tcp   open        dls-monitor
>
> Nmap run completed -- 1 IP address (1 host up) scanned in 1 second
>
> (I have enabled nfs by running ``/sbin/service nfs start"; the relevant
> script in /etc/init.d doesn't appear to properly start it.)

Have you manually installed the xinetd package, and is portmap configured 
to start at boot time? The /etc/init.d script should work, as that is the 
same script called by 'service nfs start'. I'll have to look into this 
more.

> Although sendmail was installed by default, neither port 25 or 110
> (the assigned SMTP & POP ports) are visible. However, sendmail *is*
> running:

By default, Red Hat's sendmail listens on only 127.0.0.1. To change it, 
you have to edit /etc/mail/sendmail.mc, adjust (or comment out) the 
DAEMON_OPTIONS line, and regenerate /etc/sendmail.cf using mc.
For example:
In /etc/mail/sendmail.mc,
Change "DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')"
to:
"dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')"
then:
'm4 /etc/mail/sendmail.mc > /etc/sendmail.cf'

> 5. Lastly, running nfs has some interesting problems. While I admit
> that I'm not an nfs guru (I only started making this function work
> a week ago), I'm having problems mounting mounting directories under
> the / filesystem. I suspect this is because the testbed computer is not
> opening transient ports (I can supply log entries if someone
> wants to challenge my nfs configuratin skils). What makes this even
> more puzzling is the fact I can successfully mount any removable disk
> -- /mnt/floppy, /mnt/floppy1 (the 5-1/4 inch floppy drive), &
> /mnt/cdrom -- via nfs. (I entertained myself by taking an iso file on
> the nfs-mounted cdrom drive & burning it to a cdrom on my main
> computer. The iso image works quite nicely.)

I'm not an NFS guru, so bear with me.
Have you listed the filesystems in /etc/exports, and exported them?
I don't believe it is enough to just export /, as I remember, you have to 
export specific directories. You might (for example) try exporting 
/home/{username} and see if that works. Please let me know.

- -- 
- -Michael

pgp key:  http://www.tuxfan.homeip.net:8080/gpgkey.txt
Red Hat Linux 7.2 in 8M of RAM: http://www.rule-project.org/
- --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAj1FKuMACgkQn/07WoAb/SsNpACgqbSQ6GXKmelPUFVcfmWj8SqT
zUUAoIeHqxRxCPZsfduP/Iyd/sR9Y0My
=F/+o
-----END PGP SIGNATURE-----