I dunno if these questions have been asked before or if there's something I'm just doing wrong, but for some reason I have a problem
Sisela installs quite nicely, gets an IP and sets up routing without too much bother, and as far as I can see everything works, i.e. sisela can ping www.google.com , sisela can ping another box attached to it (172.24.12.34) and that box can ping sisela. Everything works fine.
At this point I try setting up IP Masquerading/IP Forwading with the following
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -o eth0 -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -s 172.24.0.0/16 -o eth0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
However upon trying to ping www.google.com on 172.24.12.34, nothing happens. This is quite odd, since I've used the same code (with stuff like logging and some basic port-filtering) on both slackware and debian installations and its worked more or less perfectly.
have I assumed something sisela needs to be told explicity, or is there another way of doing this or something ?
Sorry if this is incredibly trivial and a waste of time, but I'm somewhat perplexed.
Oh and can the 0.3a code be compiled from the 0.3 ? I'd like sisela to boot with "pcifix" automatically and have a feeling I'll have to compile it into the code.
Thanks for your help, and thanks for what is otherwise a very cool disc :)
Mark
On Wed, Jan 21, 2004 at 10:34:51PM +0000, s0233421 wrote:
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -A FORWARD -o eth0 -i eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -s 172.24.0.0/16 -o eth0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
I think you may have things muddled up in that first rule. I assume by the second and third that the external interface you're routing and masquerading onto is eth0, so should the rule to allow traffic on established connections back not be -i eth0 -o eth1?
Oh and can the 0.3a code be compiled from the 0.3 ? I'd like sisela to boot with "pcifix" automatically and have a feeling I'll have to compile it into the code.
The only changes in the 0.3a images currently lurking in the download directory are updates to pimd.
The 'pcifix' boot option is the same as the normal one but with the kernel parameter pci=biosirq. Add this to the end of the main 'append' line in your syslinux.cfg to make this the default.
Martin
Hello all!
I saw a very good tool called wavemon thats show's in real time statistics about wireless cards but i can't ran in sisela 0.3.
When i try run ./wavemon they says cannot find the file.
Anybody can help me ?
Thanks, André.
On Wed, Jan 21, 2004 at 11:24:13PM -0200, Andre Ribeiro wrote:
I saw a very good tool called wavemon thats show's in real time statistics about wireless cards but i can't ran in sisela 0.3.
When i try run ./wavemon they says cannot find the file.
Because of the way the programs and libraries on the disk have been compiled to save space, you generally can't add software to a Sisela system and have it work - sorry!
Everything is compiled against the uClibc library, a more compact alternative to the standard GNU libc. Binaries built for GNU libc (which is what you'll get if you compile software on your usual Linux system) won't work. There are no extra libraries beyond the absolute basics that were needed, so for example no ncurses (a library useful for drawing pretty pictures with text, required by Wavemon).
Furthermore, all the libraries are trimmed during the build process to include only the functions that were actually needed for the programs on the disk. So even if a program is compiled against uClibc and only uses libc functions, it may still not work.
If you'd like extra software in your Sisela build, ask me and I'll try to include it in a custom build, or the next version. Or, download the source package and have a go at adding it yourself.
Martin
Thankyou Martin, i haven't skills to add software alone. I think if you the floppy have space and you add some software like wavemon, scp and a ssh client.
I saw the sshd server builtin the Sisela can't accept scp external connections too, and i like that to make secure backups of the entire system.
Thanks again, Andre.
-----Mensagem original----- De: sisela-admin@earth.li [mailto:sisela-admin@earth.li] Em nome de Martin Ling Enviada em: quinta-feira, 22 de janeiro de 2004 00:41 Para: sisela@earth.li Assunto: Re: [sisela] Another Tools/wavemon
On Wed, Jan 21, 2004 at 11:24:13PM -0200, Andre Ribeiro wrote:
I saw a very good tool called wavemon thats show's in real time statistics about wireless cards but i can't ran in sisela 0.3.
When i try run ./wavemon they says cannot find the file.
Because of the way the programs and libraries on the disk have been compiled to save space, you generally can't add software to a Sisela system and have it work - sorry!
Everything is compiled against the uClibc library, a more compact alternative to the standard GNU libc. Binaries built for GNU libc (which is what you'll get if you compile software on your usual Linux system) won't work. There are no extra libraries beyond the absolute basics that were needed, so for example no ncurses (a library useful for drawing pretty pictures with text, required by Wavemon).
Furthermore, all the libraries are trimmed during the build process to include only the functions that were actually needed for the programs on the disk. So even if a program is compiled against uClibc and only uses libc functions, it may still not work.
If you'd like extra software in your Sisela build, ask me and I'll try to include it in a custom build, or the next version. Or, download the source package and have a go at adding it yourself.
Martin
On Thu, Jan 22, 2004 at 12:38:57PM -0200, Andre Ribeiro wrote:
Thankyou Martin, i haven't skills to add software alone. I think if you the floppy have space and you add some software like wavemon, scp and a ssh client.
I should be able to add support for scp access (the dropbear server does support this; it just needs the scp program available, which is small).
Wavemon I'm afraid I don't think will fit because of the size of the ncurses library it requires. An SSH client is also unlikely, unless someone were to write one that shared common code with the dropbear server.
Martin
Please all,
Where can i find the directory of the messages ?
Thanks, André.
On Wed, Jan 21, 2004 at 11:25:15PM -0200, Andre Ribeiro wrote:
Where can i find the directory of the messages ?
The mailing list archive is at:
http://www.earth.li/pipermail/sisela/
- but appears to be currently missing messages from 2002 and most of 2003. I took these down for a bit to remove some spam that crept in, and they seem to have not been re-indexed after they were put back. I'll see to fixing this (and the spam still left in 2003).
The mailing list is now moderated, so you shouldn't see any more spam.
Martin
Hello!
How can i use GRE and IPIP tunneling ?
Thanks, André.
On Sun, Feb 15, 2004 at 09:18:40PM -0300, Andre Ribeiro wrote:
How can i use GRE and IPIP tunneling ?
Add and modify tunnels with the "ip tunnel" command.
http://www.linuxforum.com/linux-advanced-routing/lartc.tunnel.gre.html
gives some good examples with GRE - the principle is the same with IPIP.
Martin
Can i made more than 1 tunnel ? I saw a interface gre0 exists but i can't see the gre1.
Thanks again.
On Sun, Feb 15, 2004 at 09:27:42PM -0300, Andre Ribeiro wrote:
Can i made more than 1 tunnel ? I saw a interface gre0 exists but i can't see the gre1.
Yes, use "ip tunnel add".
e.g.
ip tunnel add gre1 mode gre local any remote 192.168.1.2 ttl inherit pmtudisc
See http://the.earth.li/~martin/temp/ip.html
for the manual page to the ip command, which gives full options.
Martin