IPTABLES doesn't work on initial boot

Posted on by
Reply

Now for a long long time I have been perplexed by why my firewall never works on my linux boxes on initial boot. 

When you run iptables –list is shows all the rules but never works until you run it again under the root account.  Now I finally got around to finding out why and its because the ipv4 forwarding is being reset somewhere down the boot chain.  Yep I found it, what you need to do is edit /etc/sysctl.conf and change the net.ipv4.ip_forward = 1 as this is set to 0 by default and switches off all forwarding used in any firewall script.

Now I did have the forwarding set in the script but the sysctl appears to run after all the startup processes.

Hope this helps as it certainly has been puzzling me for sometime.

FTP on Linux Freezes on command – ls

Posted on by
Reply

Something that I was suffering from when I tried to use ftp on linux, everytime I tried to do ‘ls’ to list the files FTP would freeze and not seem to do anything.

After quite a lot of pain, I noticed that a few of the important modules had not been loaded for the firewall – IPTABLES.  You must have the following modules loaded or built into your kernel for FTP to work through the firewall …

  • ip_conntrack
  • ip_conntrack_ftp
  • ip_nat_ftp

if you want to load them as modules then use modprobe.

Getting the Source Code for the Kernel of Linux Fedora 3 Distribution

Posted on by
Reply

Fedora no longer installs the source for its installations so if you need to rebuild the kernel you will need to get the source the easiest way is as follows:

  1. up2date –get-source kernel
  2. Install kernel-.src.rpm (given the default RPM configuration, the files this package contains will be written to /usr/src/redhat/) [NOTE: if this fails you should find the kernel src rpm from your up2date and download it manually and then use rpm -i ]
  3. Change directory to /usr/src/redhat/SPECS/, and issue the following command: rpmbuild -bp –target= kernel.spec (Where target is the desired target architecture.)
  4. On a default RPM configuration, the kernel tree will be located in /usr/src/redhat/BUILD/.
    In resulting tree, the configurations for the specific kernels shipped in Fedora Core 3 are in the /configs/ directory. For example, the i686 SMP configuration file is named /configs/kernel--i686-smp.config. Issue the following command to place the desired configuration file in the proper place for building:
  5. cp ./.config
  6. Issue the following command:  make oldconfig if you want to use the oldconfig or make menuconfig if you want to put in new stuff

then read the readme.txt file which comes with Fedora for building but normally do the following

  1. make
  2. make modules_install install

this now updates grub (if your using it) automatically

Building the Linux-ATM software on Fedora Core 3 on a VIA C3 Processor

Posted on by
Reply

Recently I built the linux-atm software, which is an atm utility which allows me to use my pci ADSL card on linux.

The latest release is version 2.4.1 which I pulled down off of sourceforge, and I then tried to compile it.  This is what I fell fowl of..

1. The source has four compilation errors which are at lines with default: in the case statements these need ; after them, you can either edit the four bits of source code yourself or get a patched version of the code from here.

2. Then I kept getting the error ‘storage size of req is not know’ and ‘invalid application of sizeof to incomplete type atmif_soic’ which I realised that I had the paths to my kernel source incorrect.  Now I put in a symbolic link to the source so /usr/src/linux pointed to /usr/src/redhat/BUILD/kernel-2.6.9/linux-2.6.9/include [ which is where the source really was ].  So to correct this error I typed this before running the configure of linux-atm.

CFLAGS=-I/usr/src/linux ./configure

and that got me over that problem.

3.  Then I got the error ‘config.h:6:2 error including kernel header in userspace use the glibc headers instead’ in atmdev.h to get around this I changed the line config.h to autoconf.h

Then it all worked and everything was installed into /usr/local/bin and /usr/local/sbin.

Hope that has helped someone.  The linux-atm package has been around for sometime but I didnt think the documentation or notes about how to change the path to pick up your distributions source code was that clear.

My Old Mate Rick

Posted on by
Reply

Had a chat with my old mate Rick Marden last night. Same old stuff what are we going to do to make us millionares? Were like a couple of old boys when we get together on the telephone.  Any way he is alive and well and looking toward the future of 2005 for all those that know him.

Infact he was telling me about this new light cube that his wife bought for her design work, apparently its like a tent and is white with lots of light.

Take a look at her handy work, prizes go to whoever can tell me what it is !!

SPV C500 replaces my old SPV E200 on an Orange Tariff

Posted on by
1

I saw a couple of weeks ago that Orange are now doing the new SPV C500 Microsoft Smart Phone as a free upgrade, so thought I would take advantage of that when my plan was up for renewal.  Initial thoughts on the new phone is that it is lightweight and bulk free compared to the other phone and it seems not to eat batteries. 

Bad thoughts are that there is no desk holster available unlike the E200 which is a little bit of a pain but there is a usb cable so it can plug into it.  Other downsides are that the SD has to go in under the battery and this is fiddly and took me a little while until I got to work out exactly how it slots in 🙂

Other than that upgrade was seamless and it certainly does feel good.  Here are the shots of it.

 

After using it for a couple of months, I would even say its one of the best phones I have ever owned !!

Terminal Services and Licensing: No Terminal Server License Servers

Posted on by
Reply

Had to add some new terminal server licenses today for a client of mine and had a whale of  a time.  Installed the licenses which seemed to work no problem, then when I tried to connect to the remote machine kept getting the error that it couldnt connect due to “No Terminal Server License Servers”.

Then tried to ring Microsoft to see what they would say about it, firstly normal thing, ring a number that my license reseller gave me and go through to India or somewhere similar, and they were license activation rather than license help, the guy couldnt even understand me saying “can you give me a techinial support number”.  Then when he did understand me the other number was also somewhere else in India who said yes they could help me but I would have to purchase some technical support, now I know you dont get nothing for nothing but I have just purchased licenses surely I should be eligable for some help installing them oh no !!  So basically decided to try to fix the problem myself with the aid of google. 

Any way back to the problem, it would seem that the terminal services manager on the box couldnt resolve where the terminal services license server was in the domain so I had to tell it specifically by adding a registry key to that effect.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

\TermService\Parameters\LicenseServers\

in my instance I put the ip address of the license server rather than the netbios name and rebooted and worked a treet.

PHP5, MySQL, IIS and WINDOWS 2003 Server

Posted on by
Reply

Had some bother with the extensions of php5, php_mysql.dll and libmysql.dll under my latest installation on windows 2003 server.  When using the mysql_connect function to connect to a mysql database kept getting the error message

“mysql_drop_db could not be located in the dynamic link library libmysql.dll”

Now I had moved the libmysql.dll into the c:\windows\system32 directory, uncommented the extension in php.ini but was still getting this message, eventually realised that the new libmysql that comes with versions 4 & 5 of mysqlsql dont have these functions in them any more.  Therefore when you use php5 you must put libmysql.dll from the php5 zip file into the windows directory otherwise you get the above error.

I am not sure if you will lose functionality or not by doing this as the mysql engine will still use what ever version is in mysql/bin (from installation) but the current version php5 is compiled against mysql version 3 and still needs the function defs of that version.