File: answer.html

package info (click to toggle)
lg-issue16 2-4
links: PTS
area: main
in suites: hamm, slink
size: 1,256 kB
ctags: 75
sloc: tcl: 89; makefile: 31; sh: 3
file content (857 lines) | stat: -rw-r--r-- 32,288 bytes
<!--startcut =======================================================  -->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> 
<html>
<head>
<title>The Answer Guy Issue 16</title>
</head>

<BODY BGCOLOR="#EEE1CC" TEXT="#000000" LINK="#0000FF" VLINK="#0020F0"
ALINK="#FF0000" >
<!--endcut =========================================================  -->
<H4>&quot;Linux Gazette...<I>making Linux just a little more fun!</I>&quot;
</H4>
<P> <hr> <P> 

<!-- ===============================================================  -->
<center>
<H1><A NAME="answer">
<img src="../gx/ans.gif" alt="" border=0 align=middle>
The Answer Guy
<img src="../gx/ans.gif" alt="" border=0 align=middle>
</A></H1> <BR>
<H4>By James T. Dennis,
<a href="mailto:jimd@starshine.org">jimd@starshine.org</a><BR> 
Starshine Technical Services, <A HREF="http://www.starshine.org/">
http://www.starshine.org/</A> </H4> 
</center>

<p><hr><p>
<H3>Contents:</H3>
<ul>
<li><a HREF="./answer.html#address">SATAN URL Correction</a>
<li><a HREF="./answer.html#edi">EDI on Linux</a>
<li><a HREF="./answer.html#zmod">zmodem</a>
<li><a HREF="./answer.html#run">Running the Internet with Linux</a>
<li><a HREF="./answer.html#spawn">Respawning Too Fast</a>
<li><a HREF="./answer.html#map">Problems with Keyboard Mapping</a>
<li><a HREF="./answer.html#modsp">Modem Speed</a>
<li><a HREF="./answer.html#duplic">Duplicating a Linux Installed Hard Drive</a>
<li><a HREF="./answer.html#fire">Using Linux Box as a Firewall</a>
</ul>

<p><hr><p> 
<!--================================================================-->

<a name="address"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
SATAN URL Correction
</h3>
<P> <B> 
From: Richard White, <a href="mailto:whiter@digex.net">whiter@digex.net</a><br>
In the Linux Journal #14, you made reference to
ftp.cs.perdue.edu...(grin) Doesn't exist. I think that it was supposed
to be ftp.cs.purdue.edu.  
</B><p><b>
-- Richard D. White, Business Connectivity Technical Support
</B> <P> 
<img align=bottom alt=" " src="../gx/ans2.gif">
	Yes!  That was, of course, a typo.  
	But other than that -- did you find the info useful?

<P> <img align=bottom alt=" " src="../gx/ques.gif">
<B> 
Yes. Very. I've just downloaded SATAN and a few of the other security
tools. I work in customer service for leased lines and I occasionally
assist customers in configuring their firewalls. Learning what holes there
are and how to plug them is very worthwhile knowledge.
</B> <P> 
<img align=bottom alt=" " src="../gx/ans2.gif">
	Have you tried cops (Dan Farmer's earlier host based
	auditing package) or Tiger (Texas A&amp;M University)?
<p>
	Have you gotten tripwire running?  I (and most of the 
	rest of the Linux community that's tried it) had a 
	little trouble with Tripwire.  I had fussed it into
	submission a number of months ago -- forgotten about
	it.  Then recently I had to fetch and build a new 
	copy.  
<p>
	I encountered the same problems building it -- and the
	same problems with the README.linux  I found myself 
	muttering that someone -- anyone -- ought to prepare
	a proper set of patches that allow the Linux user to
	just compile the thing with minimal effort.
<p>
	Now I'm not a programmer (although I do "play one 
	on the 'net") so I really didn't feel qualified to 
	do this.  However I never have been able to inspire
	or manage much of a volunteer effort in others so
	I did it myself.
<p>
	Creating a set of patches involved teaching myself
	how to use CVS (version control system).  I'm thinking
	of writing up an article on using CVS to track local
	changes in downloaded source trees and cutting diffs
	so you can share the work you do with others on the
	net.
<p>
	Naturally I'd use tripwire as one example -- 
	probably pgp as another.  I'm also planning on 
	importing my kernel sources into CVS.
<p>
	If your interested you could get my patch and let
	me know if it works.  It's about 150 lines of text
	that seems to work for me using Larry Wall's standard
	'patch' program.
<p>
-- Jim


<p><hr><p> 
<!--================================================================-->

<a name="edi"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
EDI On Linux
</h3>
<P> <B> 
From: Adam Morrisom, <A HREF="mailto:adam@morrison.iserv.net">
adam@morrison.iserv.net</A> <br>
I have just got management to permit me to install our first Linux box,  right
next to our not-so-mighty RS/6000.  So far it has operated flawlessly (which
is exactly what I expected).  And suddenly Linux is a possible solution for
jst about every problem we have (they loved the price tag).  Now I have to
implement EDI, and I was wondering if any software is available for Linux, I
haven't been able to find anything, on the software map, sunsite or any where
else. Any pointers or people to contact would be greatly appreciated.
</B> <P>  <B>
	Adam,
</B> <P> 
<img align=bottom alt=" " src="../gx/ans2.gif">
	You certainly put in an good entry in Jim's
	"Stump the techie" contest.
<p>
	I've heard of EDI (electronic data interchange) and 
	vaguely recalled that it is a data format specification
	for electronic commerce (mostly in the mainframe world
	where X.25 predominates over TCP/IP).
<p>
	However I haven't heard of any projects or products
	being available specifically for Linux.
<p>
	Here's a few web pages that I did dig up that might
	help:
<ul>
<li><a href="http://www.spedi.com/products/unix.html">
St. Paul Software Products - UNIX</a>
<li><a href="http://www.marin.cc.ca.us/~shadow/bookmark.html">
Shad's Bookmark file</a>
<li><a href="http://www.premenos.com/">
Premenos Technology Corporation</a> 
<li><a href="http://www.teren.com/edi.html">  
More About Electronic Data Interchange (EDI)</a>
<li><a href="http://www.fss.gsa.gov/edi_mae.html">
RFC Archives -- RFC1767</a>
<li><a href="ftp://ds.internic.net/rfc/rfc1767.txt">
TSI International</a>
<li><a href="http://www.tsisoft.com/pages/hotlinks.htm">
1994 EDI-L (Electronic Data Interchange Issues)</a> 
<li><a href="http://www.ima.com/mlarchive/lists/edi-l.1994/0241.html">
Mailing List Archive: Re: PC based EDI</a>
<li><a href="http://www.uniforum.org/news/html/publications/ufm/\1995-Indes.html
#anchor5495158">
Uniforum: 1995 Index</a>
</ul>
<P>
	I hope these help.  Basically it looks like there are 
	not "shrinkwrap" or "off-the-shelf" EDI packages for any
	platform. Good luck.  
<p>
	 One approach you may take is to contact the publishers
	 or authors of your existing EDI applications and see if
	 they can do the port for you.
<p>
-- Jim
<p><hr><p> 
<!--================================================================-->

<a name="zmod"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
zmodem
</h3>
<P> <B>
 Help answer guy!  I cannot download from the net!  Here's the story:
 - I run linux v2.0.0.  I am using minicom v1.71.  I have NOT touched my
   file transfer protocols since I installed, so they would be the
   default configs.
</B> <P>
<img align=bottom alt=" "src=" ../gx/ans2.gif">
I hate debugging serial line problems.

<p>	Here's the basic litany for solving modem problems:

<p>	What happens at lower speeds?  What IRQ is this serial
	line using?  What sort of UART is installed? 
	What are the flow control settings?  Does the cable
	have conductors for all of the flow control signals?
	How is the modem configured (hardware and init strings)?

<p>	minicom 1.71 is pretty old.  I have 1.75 here -- and
	there may be even newer versions up on sunsite.

<p>	Incidentally -- you should probably upgrade to 
	Linux kernel version 2.0.29 or so.

<p>	Your problem may not be related to either of these
	factors -- but it won't hurt to upgrade.

<p>	The first thing I'd check is Minicom's configuration
	for init strings and flow control.  Try an init string
	of:
<PRE> 
	AT&amp;C1&amp;D2
</PRE> 
<p>	 ... (which I remember from years of supporting 
	 PCAnywhere as well as seeing it in my current
	 configuration).  These set the modem's behavior
	 for the DCD (device carrier detect) and flow control.
	 I don't remember which is which and what the other
	 numbers do -- look them up in your modem's manual if 
	 you're curious).

<p>	Then make sure that minicom's "Serial port setup"
	specifies "Hardware Flow Control" is "on."

<p>	When having problems with serial lines and modems I
	find it handy to get the digital equivalent of a 
	"second opinion."  -- Do you run any other comm
	software on this system (pppd, uucp/cu, mgetty --
	dial-in, seyon)?  Do those work reliably when transferring
	data (putting the line under load)?

<p>	I'd suggest getting a copy of C-Kermit from Columbia 
	University <a href="mailto:kermit.columbia.edu">kermit.columbia.edu
        </a>.  No offense to 
	Miguel van Smoorenburg but minicom was having problems
	on my system, too.  C-Kermit is doesn't have any of the 
	full screen, ncurses "feel" to it but does a good solid
	job of talking to the modem.  It's scripting capabilities
	are also far more advanced than minicom's 'runscript' --
	and has features that would be to force 'minicom' to 
	do through an 'expect' script (for example).

<p>	Do you have another account on another system (BBS or
	ISP)?  Do your file transfers work O.K. to or from 
	there?  The problem may be with your ISP rather than
	at your end.

<p>	What if you try a different protocol -- such as
	kermit?  Kermit is often characterized as "slow"
	compared to zmodem -- but this is largely because 
	it's default is tuned for the very noisy, unreliable 
	connections that were common when it was created
	(almost 20 years ago). 

<p>	After checking with another comm. program I'd look a 
	little lower.  Using the commands:
<PRE> 
	stty -a < /dev/modem
</PRE> 
<p>	 ... and 
<PRE> 
	setserial -a /dev/modem
</PRE> 
<p>	(both of these assuming you have a "modem" link to 
	the appropriate <code>/dev/ttyS*</code> entry on your system).

<p>	Make sure that your stty reports crtscts (for the 
	flow control).  Then make sure that the cable between
	your computer and your modem has all those pins
	connected.

<p>	Double check that you don't have an IRQ conflict.  These
	are insidious in that they may not show up until the
	port is under load.

<p>	In addition check to see that you have a high speed 
	UART (16550AFN) on that port.

<p>	Next I'd check the modem's configuration.  You can
	see some of that with AT&amp;V (which on many Hayes
	modems dumps the configuration date and S-register
	values to your terminal).  Look at the Init strings
	that you are using in Minicom and look in the 
	modem manual for recommended init strings for similar
	software. 

<p>	After checking all of that I'd shutdown and boot
	up in DOS (if you don't have a copy of DOS you can 
	consider downloading a copy of Caldera's OpenDOS.
	I'm not sure what the licensing terms will be -- but
	I did read that we're all invited to play with it for 
	90 days).  Along with a copy of DOS you also need
	a Telix, Qmodem, Procomm, or other comm. package.
	There are many of these in shareware -- Telix is my
	personal favorite.

<p>	(Note:  I am not advocating use of these packages
	without respect to their licenses.  If you choose to 
	continue to use Telix or OpenDOS -- even for the 
	occasional troubleshooting session; please read and 
	abide by their licensing and registration.  Yes,
	I have fully legal copies of Telix (DOS and Windows)).

<p>	In any event I like to check from plain old DOS
	since the old real mode program loader is so 
	minimal.  You could try building a Linux kernel 
	with no support for TCP/IP and stripping out all 
	of the device drivers except the serial and console 
	support and booting that in single user mode ... and 
	that still isn't close.

<p>	The idea is to see if any of your other devices or
	hardware features are conflicting.
<P> <B>
<img align=bottom alt=" " src=" ../gx/ques.gif">
 i am a best internet shell account, i believe iris but i don't
  know the version.
</B> <P>
<img align=bottom alt=" " src=" ../gx/ans2.gif">
	I'm guessing that you mean that your account is at
	best.com and that they are running Irix (SGI).
	(Which is interesting -- since I would have guessed
	Sun/Solaris for them -- but what do I know).

<p>	Note:  Irix and Solaris are not known for sterling
	serial line support.  They are currently geared for
	ethernet TCP/IP support -- on the assumption that 
	most sites will use terminal servers (small dedicate
	devices that convert serial connections to telnet
	sessions).  Consequently I've heard that the copies
	of rz/sz that ship with these should routinely be 
	replace with newer sources from the 'net.
<P> <B>
<img align=bottom alt=" " src=" ../gx/ques.gif">
i have a usrobotics sportster 28.8 modem
</B> <P>
<img align=bottom alt=" " src=" ../gx/ans2.gif">
	
Internal or external?
<p>	Personally I don't like the Sportster series.
	Their Courier's are nice (but spendy).  I currently
	use a Practical Peripherals -- but my next modem will
	probably be a Zyxel.
<P> <B>
<img align=bottom alt=" " src=" ../gx/ques.gif">
I type<code>sz &lt;filename&gt;</code>
    things go along fine until about 40k than i will get a couple of different
    error messages:
 <PRE> 
	 BAD CRC:0
</PRE> 
 		sometimes followed by another attempt at downloading
 		(usually only a bit or two) than the same error OR 
<PRE> 
 	GARBAGE COUNT EXCEEDED:0
</PRE> 
 		followed by a time-out.
<p>AARRGH!  what the heck is going on?  u can email me privately if you would
 prefer, as this is probably a totally common problem and i am just not
 looking in the right place!
</B> <P>
</H3> <img align=bottom alt=" " src=" ../gx/ans2.gif">
<p>	My guess would that you don't have a high speed UART.
	Or that your flow control isn't properly set.

<p>	The reason I guess this is that 40K is a reasonable
	amound of data for the modem to get and buffer while
	you system does a context switch.  The buffer overruns
	(in a 16450 -- older, low-speed UART) could easily be
	fatal to the transfer in the first context switch.

<p>	With the 16550 UART -- the UART has a 16 byte FIFO 
	buffer.  That's enough for the UART to change 
	the state on the handshaking lines (lowering the 
	CTR -- clear to receive -- line) and enough still
	store the incoming data while the other system
	responds (stops sending).

<p>	At 28.8Kbps coming into a 16450's (one byte!) buffer
	the sender will have tossed a lot of bits out before 
	getting the message (that your system is dropping 
	them all on the floor).

<p>	I am copying this to the Linux Gazette *because* it
	is a common problem.  Most of us in the real world
	use modem -- we don't have T1's or ISDN/ethernet
	bridges (actually I do have a Tracell WebRamp but 
	I'm not using it yet).  So we are still stuck fighting 
	with these problems.

<p>	I'm hoping that USB (IEEE 1394 "Firewire") actually 
	takes off in the next year.  It's been hanging in the 
	wings, timidly for about two years now and it's LONG 
	overdue.

<p>	Has anyone out there run a USB board under Linux?  
	
<p>	For those who are lost about "Firewire" refer to:
<ul>
<li><a href="http://www.usar.com/indact/standard/firewf.htm">
	USAR Systems -- Fireware Info</a>
<li><a href="http://www.adaptec.com/firewire/1394main.html">	
The IEEE-1394 High Performance Serial Bus  -- Adaptec's FAQ</a>
<li><a href="http://www.1394ta.org">	
IEEE 1394 Trade Assoc. -- Firewire, USB, serial bus</a>
</ul>
<p>	If you have any Linux news on this topic -- mail it to 
	<a href="Mail to:tag@starshine.org">tag@starshine.org</a>.

<p>
--Jim

<p><hr><p> 
<!--================================================================-->

<a name="run"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Running the Internet with Linux
</h3>
<P> <B> 
From:Ricardo Romero <a
href="mailto:rromero@netfriendly.com"> rromero@netfriendly.com</a>
<p>Hi, my name is Ricardo Ribeiro Romero and i live in Brazil, i try to run
 INTERNET from linux but this not run, you may help-me?
<P>Tks, <BR> 
 Romero, Ricardo
</B> <P>
</H3> <img align=bottom alt=" " src=" ../gx/ans2.gif">
	At the risk of seeming unfriendly, Romero, I'd have to
	suggest that you might want to look for a local consultant
	or computer specialist to help you.

<p>	Questions to a publication -- particularly a free publication
	which is entirely supported by the volunteer efforts of the
	writers and the generous sponsorship of SSC have to be 
	fairly specific and of reasonably broad interest.

<p>	Any reasonable distribution of Linux includes all of the
	utilities you need to connect to the Internet as a client
	and all of the utilities that most people would ever want
	to be a service provider.  

<p>	It is not clear from your message whether you are trying 
	to set your system up as a server/provider or as a client
	or both.

<p>	There are several good books that go into broad coverage
	of Networking with Linux (which is largely the same as 
	networking under other forms of Unix).  My personal favorite
	would be the Linux Documentation Project's Network Administrator's
	Guide (LDP NAG for short).  This is available electronically
	(as text, postscript, TeX, or HTML) and is probably on any 
	set of CD's that you'd buy.  You can also purchase a professionally
	bound and printed copy from O'Reilly & Associates (among others).

<p>	Along with that O'Reilly also publishes a book called something
	like: "Getting Connecting: Establishing a Presence on the Internet" 
	(That would be the "Pig" book) by Kevin Dowd).  If you're trying
	to set yourself up as an ISP or if your want to have a 
	dedicated connection to the net (say for your office) than 
	this is probably what you want.

<p>	Personally I recommend that most small business and private
	people avoid "dedicated" or "permanent/full-time" connections
	to the 'net.  It's much less expensive to configure UUCP for 
	mail and news -- and look at virtual hosting and/or co-location
	for serving up web pages and other services.  This can be 
	supplemented with demand dialed PPP (using scripts or diald)
	to provide the web access -- over a modem or via ISDN.

<p>	One of the big benefits of ISDN is the lower latency.  A 
	modem connection takes about 30 seconds to 1 minute to
	dial, ring, connect, and negotiate.  ISDN can do that in 
	about 3 seconds.  You'll be much less reluctant to hang
	up and quit hogging your ISP's phone line if you know that
	you can get back in about 3 seconds.

<p>	In addition to the lower expense running your site as a 
	disconnected network relieves you of quite a bit of the
	security concerns associated with a full time net connection.
	Sure -- your PPP link is inherently bi-directional (people
	can connect back to your through it and attempt to exploit
	the same services that they my attack on a fully connected
	site).  However you'll be there to notice any additional
	load or any anomalies -- and your whole site is considerably
	less attractive to crackers anyway.

<p>	(People who connect their Linux systems to the 'net via PPP 
	really should take a 1 hr course on securing their hosts.
	Maybe I'll crank out an article on that sometime).

	Romero,

<p>	Back to your question.  Please try reading up about 
	these connections and/or consider hiring a local consultant.
	I don't know anything about the phonesystems in Brazil -- 
	and I get a little sketchy about ISP's if I get more than
	about 200 miles inland from the Pacific Coast.

<p>
  --Jim

<p><hr><p> 
<!--================================================================-->

<a name="spawn"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Respawning too Fast
</h3>
<P> <B> 
From: Igor Markov <a href="mailto:imarkov@math.ucla.edu">imarkov@math.ucla.edu</a>
My question is about the infamous "Resapawning too fast" message
from init. This message appears in my /var/log/messages
every 5 minutes (of course!) for xdm
I'm just guessing that this is for "The Answer Guy"

 init: Id "x" respawning too fast: disabled for 5 minutes
 
However, xdm is running (I see it in ps output and I don't have
problems using it).
</B> <P>
</H3> <img align=bottom alt=" " src=" ../gx/ans2.gif">
You don't show the appropriate lines from your
	your /etc/inittab but they should look something like:

	<p>	# Run xdm in runlevel 5 (and 4 for me)
		x:45:respawn:/usr/bin/X11/xdm -nodaemon

<p>	(Note: I run xdm in 4 and 5 which unusual -- but 
	4 is my custom default -- with 12 VCs, xdm in VC13
	-- accessed by the right alt-key + F1 -- and syslog
	output on VC 15, VC14 is used for stray open commands
	or to redirect pesky output from backgrounded processes).

<p>	My guess would be that you don't have the -nodaemon
	switch on yours. (Try adding it).
	
<p>	If I'm mistaken than the troubleshooting will be
	more involved.  Check with the vendor for your
	distribution of Linux and see if they have some 
	patches.  

<p>	Red Hat users may want to look at:

	<a href="http://www.redhat.com/support/docs/errata.html">
http://www.redhat.com/support/docs/errata.html</a>
<p>	... to see what's been fixed since your CD was burned. 

<p>	Also you may want to look in your xdm-config file
	(/etc/X11/xdm/xdm-config -- if you're lucky -- otherwise
	it could be in .... /usr/X11R6/....????).

<p>	The best introduction to xdm I've ever found was in
	_The_Shell_Hacker's_Guide_to_X_and_Motif_ from John
	Wiley & Sons.
<P> <B>
<img align=bottom alt=" " src="../gx/ques.gif">
 It seems that init tries to spawn a second xdm.
 I couldn't confirm or reject this hypothesis...  
 (egrep xdm /etc/* /etc/*/*  did not show anything promising) 
 Thank you
</B> <P>
</H3> <img align=bottom alt=" " src="../gx/ans2.gif">
	Respawning too fast indicates that the program
	is exiting (pretty much immediately) and that init
	figures that there must be some bad problem.  For
	example if getty is respawning it may be that it's
	attempt to grab the serial line is failing (like
	there is no serial driver configured in your kernel
	and you forgot to load the module -- or something like that).

<p>	If xdm is loading and forking off a daemon (it's default)
	then this will look like an exit/failure to init.  The
	-nodaemon will force xdm to run from the console in which
	init started it (not try to "background" itself as it would
	do if you ran it from a command line).

<p>	The fact that your copy is working suggests this -- but when 
	you log out of your xdm session you might have to way upto 
	five minutes for init to decide to try xdm again (unless
	your xdm logout configuration is doing the respawning or
	something weird).
<p>
--Jim


<p><hr><p> 
<!--================================================================-->
<a name="map"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Problems with Keyboard Mapping
</h3>
<P> <B> 
From: Gilbert R. Payson 
<a
href="mailto:g.payson@edina.xnc.com">g.payson@edina.xnc.com</a><BR> 
Hello.  I have three (okay, four) linux machines in Germany.
 My problem is this:  In Xwindows, my keyboard mapping is almost perfect.
 But, there are a few problems:
 </b>
<p><b> @ doesn't work.
It brings me to the last edited line (like an up-arrow)
How can I fix this?
 </b>
<p><b> thanx!  -gil
</B> <P>
<img align=bottom alt=" " src=" ../gx/ans2.gif">
	I think you want to look at the xmodmap command.
	You'll also want to look at the following HOW-TO 
	documents:
<ul>
<li><a href="http://sunsite.unc.edu/LDP/HOWTO/Keyboard-HOWTO.html">
Keyboard HOWTO</a>
<li><a href="http://sunsite.unc.edu/LDP/HOWTO/mini/Key-Setup">
Key Setup mini-HOWTO</a>

</ul>
<p>
--Jim
<p><hr><p> 
<!--================================================================-->

<a name="modsp"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Modem Speed
</h3>
<P> <B> 
From:Scott Atwood<a href="mailto:atwood@cs.stanford.edu">
atwood@cs.stanford.edu</a><BR> 
 I'd like to make a comment regarding a question from "The Answer Guy"
 column in issue 13 of Linux Gazette about combining modems to increase
 speed.  This question reflects a common misconception of equating
 bandwidth with speed.  Latency is a much more important measure of
 percieved speed, especially in interactive applications, such as
 telnet sessions, and web browsing.  Combining modems will increase
 bandwidth, but latency will remain unaffected.  For a more complete
 treatment of this subject, see: 
 <a
href="http://rescomp.stanford.edu/~cheshire/rants/Latency.html">http://rescomp.stanford.edu/~cheshire/rants/Latency.html</a><BR>
an essay by Stuart Cheshire, author of Bolo.
</B> <P>

</H3> <img align=bottom alt=" " src=" ../gx/ans2.gif">
	I finally got around to reading your article.  It was
	very interesting.

<p>	I thought I had warned the reader that doubling his
	bandwidth would only help on large, bulk transfers --
	but perhaps I overlooked it.
<p>
--Jim

<p><hr><p> 
<!--================================================================-->

<a name="duplic"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Duplicating a Linux Installed Hard Disk
</h3>
<P> <B> 
 I have installed slackware on my PC and I'm completely satisfied. I want
 to duplicate my linux installed hard disk : Can I use my 1st hard disk
 as a source and copy all of its contents to a 2nd blank linux-formated
 hard disk? If I put this 2nd disk into another PC, it will boot Linux 
 normally?
</B> <P>
<p><img align=bottom alt=" " src=" ../gx/ans2.gif">
	You can just use the 'dd' ("disk dump" or "data dump")
	command on the raw devices.  This will work if the two drives
	are identical with no bad sectors.

<p>	Many years ago I'd have said you were an idiot to even consider
	it.  Now I'd recommend against in much milder language.

<p>	The difference is that modern drives -- IDE and SCSI are 
	capable of autotranslation (so the BIOS and often the 
	Unix/Linux disk drivers don't need to know the true
	geometry of the disk.  Most drives these days also have 
	spare sectors on every track -- during a low level format 
	spares are mapped into use for any bad sector on a particular
	track.  Using this scheme (which is normally completely 
	transparent to the host machine -- it's all in the drive's
	electronics) it is rare to see any bad sectors on a drive
	(until all the spares for a given track are used up).

<p>	So it is technical feasible to do this.

<p>	However I'd say that you're much safer to spend a little
	more time and "do it right."

<p>	Use fdisk to partition the new drive (presumably to set its
	partitions to match those on your first drive.  You can 
	do this without downing the system.  I personally prefer to
	follow the advice and reboot after writing a new partition 
	table -- but that's probably a force of habit from too
	many years of DOS and OS/2.

<p>	Then do a<code>mke2fs -c /dev/hdbX</code> (where X is the partition
	number) for each of these new partitions.

<p>	Then do a:
<PRE>  
		mount /dev/hdbX /mnt/tmp
		find . -mount | cpio -pvum  /mnt/tmp
</PRE> 
<p>	... to each of them.

<p>	Now your are almost done.  The only problem is that
	your lilo boot map (on your existing drive) probably
	doesn't match the lilo configuration on the new one.

<p>	The most reliable way of dealing with that is to 
	take the new drive to the new system -- boot from a 
	rescue floppy  using the root=/dev/hdaX command
	line parameters (on the lilo prompt line from the 
	rescue floppy) and edit the /etc/lilo.conf.  Then
	run lilo and reboot.

<p>	That's all there is to it.  That's about seven steps
	(with 3 of them being repeated for each filesystem on 
	the drive(s).  The amount of time this takes is dwarfed
	by the actual task of opening your case and getting the
	jumpers on the new drive working right (which is far worse
	for IDE than most SCSI in my experience).

<p>	Why is this better?  Well it deals with bad blocks and
	small difference in geometry.  It also ensures that the 
	new copy is defragmented.  Other than that -- it just 
	"feels" like a better way.

<p>
 --Jim

<p><hr><p> 
<!--================================================================-->

<a name="fire"></a>
<h3><img align=bottom alt=" " src="../gx/ques.gif">
Using the Linux Box as a Firewall
</h3>
<P> <B> 
From: Tim Gray <a href="mailto:timgray@lambdanet.com">
timgray@lambdanet.com</a> <BR> 
 Hi, I have a small problem that might affect others out there..
 I am trying to get my linux box to act as a "firewall" of sorts for
 my wife's Windows 95 computer. (I haven't been able to get her to 
 switch yet)
 I installed ne2000 compatable boards in each, ran cable, installed 
 everything as per
 per linux network administrators guide.  The problem I have is 
 getting Packets
 destined for internet to go out the modem line when it's not connected. 
 I need a way to have linux automatically fire up my dial-up connection when 
 it sees that the remote computers want to use it. and possibly kill the 
 connection after a period of non use. 

<P> Thank you.  Tim
</B> <P>
<img align=bottom alt=" " src=" ../gx/ans2.gif">
	This arrangement is referred to a a "Proxy" server --
	which is only a component of certain firewall architectures.

<p>	Specifically you appear to be trying to set up a "dial on 
	demand Masquerading proxy host."  (if I understand you
	correctly).

<p>	The first tool you need for this is called 'diald' --
	(the 'dial daemon').

<p>	The most recent version that I know of is at:

<p>	<a href="ftp://sunsite.unc.edu/pub/Linux/system/network/serial/">
ftp://sunsite.unc.edu/pub/Linux/system/network/serial/</a>
<p>	... and is named:
<PRE> 
		 diald-0.16.tar.gz
</PRE> 
<p>	I just set this up (literally while this draft was
	loaded in my mailer).  It was suprisingly easy.

<p>	Just edited the make file (just to change the 
	LIBDIR, BINDIR, etc directories to point at /usr/local/...)
	did a make and a make install.  Then I created a file 
	named /etc/diald.conf with just the 'lock' directive in it.
	I did this so I can more readily support multiple diald
	configurations -- as I'll explain presently:

<p>	I created a /etc/diald/ directory and put in a 
	file like:
<PRE> 
device /dev/modem
connect "chat -f /etc/ppp/connect"
speed 38400
modem
defaultroute
crtscts
redial-timeout 120
connect-timeout 120
mode ppp
dynamic
local 192.168.1.1
remote 192.168.1.2
include /usr/lib/diald/standard.filter
</PRE> 
<p>	Obviously yours will differ in a few spots.
	the -f parameter to your connect line should point
	to whatever chat script you use manually.  You might
	change the device line -- although I highly recommend
	that you consistently configure all of your packages to 
	use /dev/modem (which is just a symlink to the real
	serical device on my system).  

<p>	I currently have diald, pppd (manual), uucp, kermit,
	minicom, and mgetty all sharing this modem and properly
	using the same lock files throughout.

<p>	The local and remote addresses are apparently arbitrary --
	I use addresses that are listed in RFC1918 (nee 1597)
	which reserves several sets of addresses which the 
	IANA/InterNIC promise not to give out to "real" internet
	sites.

<p>	Then added the following two lines to my /etc/rc.local:
<PRE> 
		modprobe slip
		/usr/local/sbin/diald -f /etc/diald/rahul
</PRE> 
<p>	(Where the rahul file is the one I've listed above and
	refers to one of my PPP providers).

<p>     Once you have your system reliably dialing your provider
	on demand -- the next step is to get routing working
	from your wife's system to the internet.

<p>	I would recommend bringing up the ppp connection manually
	and doing all the routing/masquerading/proxying configuration 
	and testing with the line "nailed" up.  

<p>
--Jim 

<!--================================================================-->
<P> <hr> <P> 
<center><H5>Copyright &copy; 1997, James T. Dennis <BR> 
Published in Issue 16 of the Linux Gazette April 1997</H5></center>

<P> <hr> <P> 
<!--================================================================-->
<A HREF="./lg_toc16.html"><IMG SRC="../gx/indexnew.gif" ALT="[ TABLE OF 
CONTENTS ]"></A> <A HREF="../index.html"><IMG SRC="../gx/homenew.gif" 
ALT="[ FRONT PAGE ]"></A> 
<A HREF="lg_bytes16.html"><IMG SRC="../gx/back2.gif" ALT=" Back "></A>
<A HREF="./library.html"><IMG SRC="../gx/fwd.gif" ALT=" Next "></A>
<!--startcut =======================================================  -->
</body> 
</html>
<!--endcut =========================================================  -->