get pppd to append nameservers to resolv.conf - Ubuntu

This is a discussion on get pppd to append nameservers to resolv.conf - Ubuntu ; Moe Trin wrote: > On Tue, 05 Feb 2008, in the Usenet newsgroup alt.os.linux.ubuntu, in article > , Jonathan N. Little wrote: > >> Moe Trin wrote: > >>> That smells of firewall, I think. >> Oh I am going ...

+ Reply to Thread
Page 3 of 3 FirstFirst 1 2 3
Results 41 to 46 of 46

Thread: get pppd to append nameservers to resolv.conf

  1. Re: get pppd to append nameservers to resolv.conf

    Moe Trin wrote:
    > On Tue, 05 Feb 2008, in the Usenet newsgroup alt.os.linux.ubuntu, in article
    > <2abd$47a92263$40cba7c5$9555@NAXS.COM>, Jonathan N. Little wrote:
    >
    >> Moe Trin wrote:

    >
    >>> That smells of firewall, I think.

    >> Oh I am going to have to study up on on IPTables... My old router used
    >> IPChains... I downloaded firestarter, might be a way for me to ease in.

    >
    > The definitive site is http://www.netfilter.org/documentation/HOWTO/
    > but you can probably get by by reading the Security-Quickstart-HOWTO
    > from the LDP (which should be on your system):
    >
    > -rw-rw-r-- 1 gferg ldp 278012 Jul 23 2002 Security-Quickstart-HOWTO


    No, I guess the original install didn't install them. I am rectifying
    that. I have to admit Ubuntu is a change from Linux tradition. I
    remember always having to do the "custom" install to winnow down the
    "everything AND the kitchen sink" installs to a reasonable installation.

    >
    >> Because I sshd running on that box I have notice a couple of folks
    >> trying to ssh in, on from Mexico hammered unsuccessfully away for a
    >> couple of days. I want to close the port on the ppp0.

    >
    > Depending on what else you have going on, the usual solution is to
    > just drop everything by default, and allow only the specific IPs or IP
    > ranges that you want. I don't offer any services to the world at large,
    > and only allow new incoming connections from a three ranges (a /22 and
    > two /24s outside at the moment).


    Oh we're definitely going to have to break out the old Linux
    Administration Handbook...the MySql database that in the process of
    developing is just going to have to wait.

    >
    >>> Technically, that's wrong, as the last line is saying that the entire
    >>> world is directly connected to your ppp0 interface. The last line
    >>> "should" read
    >>>
    >>> default 64.203.136.35 0.0.0.0 U 0 0 0 ppp0

    >
    >> Okay, yes it should. Back with my old MDK8 box that was the router the
    >> table was
    >>
    >> Kernel IP routing table
    >> Destination Gateway Genmask Flags MSS Window irtt Iface
    >> 255.255.255.255 * 255.255.255.255 UH 0 0 0 eth0

    >
    > Are you using DHCP? That's the only reason that address would be needed.


    Yes, laptops get connected to my lan often and among other things I
    often get computers in to fix...

    >
    > [troubleshooting "won't start link"]
    >
    >> I'll take some time to digest this. Again thanks for your help.

    >
    > Other than your old setup screwing with the /etc/resolv.conf file,
    > was it working properly?


    Yes

    > The change from the wvdial setup to the
    > simple script shouldn't have made that much of a difference.


    I don't think it has. Upon the first setup of the wvdial and setup to
    use as Linux router the instructions said to add:

    iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

    but

    iptables -L shows a bit more, So because I really do not understand the
    iptables syntax yet I need to study a but to decipher what I am looking at.

    Basically the dialup works fine, it just take a bit of time to initially
    start the dialup process on the first time you start pppd. Afterwards
    the modem starts right up after the connection go stale. My systems run
    24/7 so it is not a crisis and I can "fix it" once I learn more. It is
    most likely the firewall. I want to read up on this IPTables, first. The
    link you gave me looks most helpful. I'm feeling a little "snowed" at
    the moment.

    --
    Take care,

    Jonathan
    -------------------
    LITTLE WORKS STUDIO
    http://www.LittleWorksStudio.com

  2. Re: get pppd to append nameservers to resolv.conf

    On Wed, 06 Feb 2008, in the Usenet newsgroup alt.os.linux.ubuntu, in article
    , Jonathan N. Little wrote:

    > Moe Trin wrote:


    >> The definitive site is http://www.netfilter.org/documentation/HOWTO/
    >> but you can probably get by by reading the Security-Quickstart-HOWTO
    >> from the LDP (which should be on your system):
    >>
    >> -rw-rw-r-- 1 gferg ldp 278012 Jul 23 2002 Security-Quickstart-HOWTO

    >
    >No, I guess the original install didn't install them. I am rectifying
    >that.


    The netfilter.org HOWTOs aren't part of the LDP series, but the reason
    I was suggesting the Security-Quickstart-HOWTO is that it's old enough to
    cover both IPCHAINS and iptables.

    >I have to admit Ubuntu is a change from Linux tradition. I remember
    >always having to do the "custom" install to winnow down the
    >"everything AND the kitchen sink" installs to a reasonable installation.


    Some of it is interdependence (program A requires program B, etc.), but
    we've been making our own install images since we started using Linux
    in 1993. A "new" computer will get one of six or seven possible types
    of installation (two types of workstation, five(?) types of server) to
    keep things under control.

    >Oh we're definitely going to have to break out the old Linux
    >Administration Handbook...the MySql database that in the process of
    >developing is just going to have to wait.


    ;-)

    >> was it working properly?

    >
    >Yes
    >
    >> The change from the wvdial setup to the simple script shouldn't have
    >> made that much of a difference.

    >
    >I don't think it has.


    What I was looking at was the initial connection delay.

    >Upon the first setup of the wvdial and setup to use as Linux router the
    >instructions said to add:
    >
    >iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
    >
    >iptables -L shows a bit more, So because I really do not understand the
    >iptables syntax yet I need to study a but to decipher what I am looking at.


    The "Quickstart" howto may help in that regard. Decoding the extra rules
    may need you to read the netfilter.org material. 'iptables' is far more
    capable (and therefore complex) when compared to IPCHAINS.

    >Basically the dialup works fine, it just take a bit of time to initially
    >start the dialup process on the first time you start pppd. Afterwards
    >the modem starts right up after the connection go stale. My systems run
    >24/7 so it is not a crisis and I can "fix it" once I learn more. It is
    >most likely the firewall.


    The routing table didn't show IPv6, but have you got that disabled on
    your network? Some systems try IPv6 and wait for it to time out before
    trying IPv4. I doubt your ISP supports IPv6 anyway.

    >I want to read up on this IPTables, first. The link you gave me looks
    >most helpful. I'm feeling a little "snowed" at the moment.


    Take your time - some of this stuff really is complex.

    Old guy

  3. Re: get pppd to append nameservers to resolv.conf

    Moe Trin wrote:
    > On Wed, 06 Feb 2008, in the Usenet newsgroup alt.os.linux.ubuntu, in article
    > , Jonathan N. Little wrote:
    >
    >> Moe Trin wrote:




    > The "Quickstart" howto may help in that regard. Decoding the extra rules
    > may need you to read the netfilter.org material. 'iptables' is far more
    > capable (and therefore complex) when compared to IPCHAINS.
    >
    >> Basically the dialup works fine, it just take a bit of time to initially
    >> start the dialup process on the first time you start pppd. Afterwards
    >> the modem starts right up after the connection go stale. My systems run
    >> 24/7 so it is not a crisis and I can "fix it" once I learn more. It is
    >> most likely the firewall.

    >
    > The routing table didn't show IPv6, but have you got that disabled on
    > your network? Some systems try IPv6 and wait for it to time out before
    > trying IPv4. I doubt your ISP supports IPv6 anyway.
    >
    >> I want to read up on this IPTables, first. The link you gave me looks
    >> most helpful. I'm feeling a little "snowed" at the moment.

    >
    > Take your time - some of this stuff really is complex.


    Well fixed the initial delay to bring the dialup connection. Yep it was
    the firewall, but I wimped-out. I use Firestarter. A couple of clicks
    and I was up and running...no delay. And seemed very simple to configure
    for local services.

    My parabolic|cantenna performed very well at my friend's house 8.5 mi
    from the xmitter, got full 7-bar connection within his house. Gale-force
    winds prevented me from testing ant my house 10.5 miles in the opposite
    direction. Maybe next weekend and I might loose this dialup...

    --
    Take care,

    Jonathan
    -------------------
    LITTLE WORKS STUDIO
    http://www.LittleWorksStudio.com

  4. Re: get pppd to append nameservers to resolv.conf

    On Mon, 11 Feb 2008, in the Usenet newsgroup alt.os.linux.ubuntu, in article
    , Jonathan N. Little wrote:

    >> Take your time - some of this stuff really is complex.

    >
    >Well fixed the initial delay to bring the dialup connection. Yep it was
    >the firewall, but I wimped-out. I use Firestarter. A couple of clicks
    >and I was up and running...no delay. And seemed very simple to configure
    >for local services.


    The bottom line is "is it doing what you want?" If it is, then you're
    home free. The firewall itself is a base part of the kernel, and tools
    like Firestarter are one of MANY interfaces available to configure that
    firewall.

    >My parabolic|cantenna performed very well at my friend's house 8.5 mi
    >from the xmitter, got full 7-bar connection within his house. Gale-force
    >winds prevented me from testing ant my house 10.5 miles in the opposite
    >direction.


    I don't get much information out of these user-friendly type of displays.
    Is that measuring "signal-to-noise ratio"? "signal strength"? Bit error
    rates? The way we test a link is to try to connect to a server just on
    the other side of the link to be tested, and then download (perhaps several
    times) a massive file - such as a kernel source tarball

    -rw-rw-r-- 1 536 536 56929634 Feb 11 07:38 linux-2.6.22.18.tar.gz

    and see how long it takes - what kind of errors are showing up in the
    ifconfig output - and so on. Signal strength in wireless is a very
    illusionary value. Those 7 bars probably refer to minimal to maximum
    signal, and for a 11 M/B wireless link, that probably means a 60 to 70
    decibel range (above ~-10 dBm, you are shouting into the receiver and
    the distortion makes it hard to hear, while below ~-80 dBm is nothing
    but noise). Strong signals reflecting around the room and stepping
    on each other do not make for "I can hear you clearly" and what we're
    concerned with is transferring data.

    You should limit these link tests (jamming exercises as we used to call
    them) to your own link and servers. Trying to download the kernel from
    ftp.kernel.org isn't going to give a good indication, because you are in
    effect testing every link between you an California. Some of those are
    probably busy.

    >Maybe next weekend and I might loose this dialup...


    Don't throw it away until _everything_ is working. I've still got POTS
    lines even though there are three broadband links into the house. They
    are handy to have when the world goes pear-shaped.

    Old guy

  5. Re: get pppd to append nameservers to resolv.conf

    Moe Trin wrote:
    > On Mon, 11 Feb 2008, in the Usenet newsgroup alt.os.linux.ubuntu, in article
    > , Jonathan N. Little wrote:
    >
    >>> Take your time - some of this stuff really is complex.

    >> Well fixed the initial delay to bring the dialup connection. Yep it was
    >> the firewall, but I wimped-out. I use Firestarter. A couple of clicks
    >> and I was up and running...no delay. And seemed very simple to configure
    >> for local services.

    >
    > The bottom line is "is it doing what you want?" If it is, then you're
    > home free. The firewall itself is a base part of the kernel, and tools
    > like Firestarter are one of MANY interfaces available to configure that
    > firewall.


    Yes it is. I'm happy. I'm still absorbing the changes to apache from 2.0
    to 2.2 on this Ubuntu... my little "grey cells" just could not absorb
    IPTables...

    >
    >> My parabolic|cantenna performed very well at my friend's house 8.5 mi
    >>from the xmitter, got full 7-bar connection within his house. Gale-force
    >> winds prevented me from testing ant my house 10.5 miles in the opposite
    >> direction.

    >
    > I don't get much information out of these user-friendly type of displays.
    > Is that measuring "signal-to-noise ratio"? "signal strength"? Bit error
    > rates? The way we test a link is to try to connect to a server just on
    > the other side of the link to be tested, and then download (perhaps several
    > times) a massive file - such as a kernel source tarball
    >
    > -rw-rw-r-- 1 536 536 56929634 Feb 11 07:38 linux-2.6.22.18.tar.gz
    >
    > and see how long it takes - what kind of errors are showing up in the
    > ifconfig output - and so on. Signal strength in wireless is a very
    > illusionary value. Those 7 bars probably refer to minimal to maximum
    > signal, and for a 11 M/B wireless link, that probably means a 60 to 70
    > decibel range (above ~-10 dBm, you are shouting into the receiver and
    > the distortion makes it hard to hear, while below ~-80 dBm is nothing
    > but noise). Strong signals reflecting around the room and stepping
    > on each other do not make for "I can hear you clearly" and what we're
    > concerned with is transferring data.
    >
    > You should limit these link tests (jamming exercises as we used to call
    > them) to your own link and servers. Trying to download the kernel from
    > ftp.kernel.org isn't going to give a good indication, because you are in
    > effect testing every link between you an California. Some of those are
    > probably busy.


    Thanks some very good tips. Wish I have some SWR meter. The company is
    BridgMAXX but the local company, a cell phone, DirectTV deal obviously
    knows less than nothing about WiMAX. He just hands out modems. I have
    some large files on my hosting server to test with. WiMAX was sure
    impressive in town...

    >
    >> Maybe next weekend and I might loose this dialup...

    >
    > Don't throw it away until _everything_ is working. I've still got POTS
    > lines even though there are three broadband links into the house. They
    > are handy to have when the world goes pear-shaped.


    Yes and this WiMAX is very "barebones" just internet access, no POP
    NNTP, just essentially like sitting in Starbucks with a laptop.

    Thanks again for all your assistance.


    --
    Take care,

    Jonathan
    -------------------
    LITTLE WORKS STUDIO
    http://www.LittleWorksStudio.com

  6. Re: get pppd to append nameservers to resolv.conf

    On Fri, 15 Feb 2008, in the Usenet newsgroup alt.os.linux.ubuntu, in article
    , Jonathan N. Little wrote:

    >Moe Trin wrote:


    >> The bottom line is "is it doing what you want?" If it is, then you're
    >> home free. The firewall itself is a base part of the kernel, and tools
    >> like Firestarter are one of MANY interfaces available to configure that
    >> firewall.

    >
    >Yes it is. I'm happy. I'm still absorbing the changes to apache from 2.0
    >to 2.2 on this Ubuntu... my little "grey cells" just could not absorb
    >IPTables...


    iptables has been around for eight years now. Best place to learn it
    (especially if you know IPCHAINS) is the
    http://www.netfilter.org/documentation/HOWTO/ site, and specifically

    [TXT] NAT-HOWTO.txt 24-Dec-2006 16:06 25K
    [TXT] netfilter-double-nat-HOWTO.txt 24-Dec-2006 16:06 9.4K
    [TXT] netfilter-extensions-HOWTO.txt 24-Dec-2006 16:06 79K
    [TXT] netfilter-hacking-HOWTO.txt 24-Dec-2006 16:06 84K
    [TXT] netfilter-mirror-HOWTO.txt 24-Dec-2006 16:06 8.1K
    [TXT] networking-concepts-HOWTO.txt 24-Dec-2006 16:06 28K
    [TXT] packet-filtering-HOWTO.txt 24-Dec-2006 16:06 52K

    that last one.

    >Thanks some very good tips. Wish I have some SWR meter. The company is
    >BridgMAXX but the local company, a cell phone, DirectTV deal obviously
    >knows less than nothing about WiMAX. He just hands out modems. I have
    >some large files on my hosting server to test with. WiMAX was sure
    >impressive in town...


    SWR meters at 2.4 GHz are "interesting". While I like the VSWR to be
    down below 1.10:1 (return loss > 26.5 dB), the resulting insertion
    loss (0.02 dB) really isn't a factor. Heck, even a 2.0:1 (return loss
    ~9.5 dB) only costs you 0.5 dB in extra insertion loss. In virtually
    all installations, if your loss margin is that close, you've got
    other problems to solve. Most often, I can get by using a decent
    directional coupler and "calibrated" power sensor or a sensor and a
    variable attenuator. Some of the tricks of the ARRL can be used here.
    Yes, it helps if you've been dinking with cables in this range before. ;-)

    >> Don't throw it away until _everything_ is working. I've still got POTS
    >> lines even though there are three broadband links into the house. They
    >> are handy to have when the world goes pear-shaped.

    >
    >Yes and this WiMAX is very "barebones" just internet access, no POP
    >NNTP, just essentially like sitting in Starbucks with a laptop.


    Oh, wonderful. At least at Starbucks or McD, you can complain to someone
    and they'll get it fixed in a day or three.

    Will your existing provider act as an upstream for you?

    >Thanks again for all your assistance.


    Glad to be able to help.

    Old guy

+ Reply to Thread
Page 3 of 3 FirstFirst 1 2 3