Solaris/ZFS question

<div>
Hey guys,<br><br>
I know this is a little "off topic" (from the linux-specific stuff), but I have an interesting question for you...<br><br>
Over the weekend a directory "source" was somehow moved from the root SMB share to \process\source.&nbsp; My boss and I are VERY sure that this was caused by an accidental drag-and-drop by an employee at that office (he was working remotely).<br><br>
Anyway, it came up that I am not an "expert" with Solaris and because of that we can't be sure if this was a system issue or a human-error issue.<br><br>
So I'm curious:&nbsp; Can Solaris/ZFS somehow, randomly move data (in this case directories w/content inside) from one area to another on it's own?&nbsp; I was not doing anything on the system at the time (no disk checks, backups, etc.).<br><br>
Thanks<br><br><br><br><table cellspacing="0" cellpadding="0" width="100%"><tr>
<td>
Robert Parkhurst<br>
IT Engineer<br>
Scarab Digital Imaging<br>
110 Broadway, Suite 190<br>
San Antonio, TX 78205<br>
Office:&nbsp;&nbsp;&nbsp; 210.527.1390<br>
Mobile:&nbsp;&nbsp; 210.289.2538
</td>
</tr></table>
</div>

Re: Solaris/ZFS question

Accidents (sometimes) happen. 

Can an OS move specific files/directories from, say "/home" to "/trash"? Unless you are running an AI
system, chances are good that the move was user-inflicted. You may be able to get the target creation
information and correlate that to the remote access window.

Is "/process/source" a protected structure? 
Can it be protected?

>>> Robert Parkhurst <rparkhurst@...> 12/04/2007
10:01 >>>
Hey guys,

I know this is a little "off topic" (from the linux-specific stuff), but
I have an interesting question for you...

Over the weekend a directory "source" was somehow moved from the root
SMB share to \process\source.  My boss and I are VERY sure that this was
caused by an accidental drag-and-drop by an employee at that office (he
was working remotely).

Anyway, it came up that I am not an "expert" with Solaris and because of
that we can't be sure if this was a system issue or a human-error issue.

So I'm curious:  Can Solaris/ZFS somehow, randomly move data (in this
case directories w/content inside) from one area to another on it's own?
I was not doing anything on the system at the time (no disk checks,
backups, etc.).

Thanks

Robert Parkhurst
IT Engineer
Scarab Digital Imaging
110 Broadway, Suite 190
San Antonio, TX 78205
Office:    210.527.1390
Mobile:   210.289.2538

SAMBA logs

<div>
Hey guys,<br><br>
I have a SAMBA question...&nbsp; On Sunday we had someone "mysteriously" move 168GB of data from one directory to another.&nbsp; We're pretty sure this was due to a simple drag-and-drop mistake (done from a windowsXP workstation or by a badly written script (windows side also)).<br><br>
However, when questioned no one from the office in question remembers if they worked during the time the move took place (we know about when it happened because of the "create date" fields of the files/folders).<br><br>
Is there a way to enable a level of logging on SAMBA so that we can see exactly what files are moved/copied from where to where and by who (or by machine/IP)??<br><br><br>
Thanks<br><br><br><br><table cellspacing="0" cellpadding="0" width="100%"><tr>
<td>
Robert Parkhurst<br>
IT Engineer<br>
Scarab Digital Imaging<br>
110 Broadway, Suite 190<br>
San Antonio, TX 78205<br>
Office:&nbsp;&nbsp;&nbsp; 210.527.1390<br>
Mobile:&nbsp;&nbsp; 210.289.2538
</td>
</tr></table>
</div>

Re: SAMBA logs

<div>
Hey Robert when I googled your question this is what I got:&nbsp;&nbsp; "
By default, logs are placed in 
samba_directory
/var/smbd.log and 
samba_directory
/var/nmbd.log, where 
samba_directory is the location where Samba was installed
(typically, 
/usr/local/samba). As we mentioned in Chapter 4, 
Disk Shares , you can override the location and name using
the 
log 
file configuration option in 
smb.conf. This option accepts all of the substitution variables
mentioned in Chapter 2, 
Installing Samba on a Unix System, so you could easily have
the server keep a separate log for each connecting client by specifying
the following in the 
[global] section of 
smb.conf :"<br><br><a class="moz-txt-link-freetext" href="http://www.oreilly.com/catalog/samba/chapter/book/ch09_01.html">http://www.oreilly.com/catalog/samba/chapter/book/ch09_01.html</a><br><br>
This is where I got it.:o)<br><br>
Carlos<br><br><br>
Robert Parkhurst wrote:
<blockquote cite="mid1196808495.31046.40.camel <at> scarabsuperbad" type="cite">

Hey guys,<br><br>
I have a SAMBA question...&nbsp; On Sunday we had someone "mysteriously"
move 168GB of data from one directory to another.&nbsp; We're pretty sure
this was due to a simple drag-and-drop mistake (done from a windowsXP
workstation or by a badly written script (windows side also)).<br><br>
However, when questioned no one from the office in question remembers
if they worked during the time the move took place (we know about when
it happened because of the "create date" fields of the files/folders).<br><br>
Is there a way to enable a level of logging on SAMBA so that we can see
exactly what files are moved/copied from where to where and by who (or
by machine/IP)??<br><br><br>
Thanks<br><br><br><br><table cellpadding="0" cellspacing="0" width="100%"><tr>
<td>
        Robert Parkhurst<br>
IT Engineer<br>
Scarab Digital Imaging<br>
110 Broadway, Suite 190<br>
San Antonio, TX 78205<br>
Office:&nbsp;&nbsp;&nbsp; 210.527.1390<br>
Mobile:&nbsp;&nbsp; 210.289.2538
        </td>
      </tr></table>

_______________________________________________
ALG-technical mailing list <a class="moz-txt-link-freetext" href="http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical">http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical</a>

</blockquote>
</div>

keycode input on X11

I thought I would try posting this over here too:

> I have a little time right now and I'm trying to get X keyboard input
> working on SDL 1.3. But, I am having a bit of a problem. The new SDL
> 1.3
> way of doing keyboard input is to always pass an SDLK_* that
> represents
> a real, physical, key on the keyboard. Personally I like that a lot
> because it lets be be sure that if I get the SDLK_W key it is the same
> physical key no matter what language is on the key caps. 
> 
> The trouble is that X11 keyboard input is designed to hide the
> physical
> keycodes. Oh, it gives them to you, but they are not documented, they
> can be different on every implementation of X11 and even different for
> different kinds of keyboards attached to the same implementation. The
> idea is that an application running on X can be running on any kind of
> a
> device and you shouldn't have to worry about the kind of keyboard you
> are using. X11 hides all that and just gives the application a
> "virtual"
> keyboard that uses standard "keysyms".
> 
> This was a great idea back in the early 1980s when everyone was
> building
> their own unique keyboards. Now days, it kind of sucks.... Not to
> mention that it makes translating from X11 keycodes to SDLK_* a very
> dicey proposition.
> 
> Now that I have explained the problem I am going to ask for some help.
> I
> have been digging around in the xfree86 and X.org source code and it
> looks like they both use the same keycodes on all versions of Linux,
> and
> maybe on all versions of the server. I do not know for sure if this is
> true. If it is, then we can handle a large number of systems very
> simply. 
> 
> So, if you know more than I do about what these servers are doing,
> then
> please let me know and tell me where to look in the source and docs.
> 
> OTOH, if you are using X11 with a non US-English keyboard, please run
> xmodmap -pk and send the out to me at bob@...
> 
>         Thank You,
> 
>                 Bob Pendleton
--

-- 
+--------------------------------------+
+ Bob Pendleton: writer and programmer +
+ email: Bob@...             +
+ web: www.GameProgrammer.com          +
+ www.Wise2Food.com                    +
+ nutrient info on 7,000+ common foods +
+--------------------------------------+

vsftp configuration question

<div>
Hey all!<br><br>
I have an FTP question..&nbsp; One of the servers I manage at my company is the FTP server.&nbsp; Long story short, we setup this server almost a year ago to be "temporary".&nbsp; Unfortunately due to lack of resources and the fact that it became so used that it was near impossible to try and migrate to something more permanent, it's been stuck on a 1U (supermicro) P4 w/512MB RAM and 160GB HDD (dedicated to FTP).&nbsp; The boot drive is another 40GB I think.&nbsp; The worst part:&nbsp; It's running XP.<br><br>
Now, XP has done well actually (though I've tried not to think about security risks tooo much).&nbsp; The FTP server we're using is "Bulletproof FTP server v2.3.1".<br><br>
We've got to migrate the FTP over mostly because we keep running out of drive space on the FTP drive and on a VMware box we can give it a HUGE drive.<br><br>
What I want is to migrate the FTP server from XP/bulletproof -&gt; Ubuntu (7.04/7.10?)/vsftp (or another one).&nbsp; VSFTP looks good because it's big on security.<br><br>
What I need to know is:<br>
I see a global option to limit number of connections per IP.&nbsp; Can this be changed on a per-account basis?&nbsp; For example, could we set a global limit of "2 connections per IP" but for account "blah1" we change that to "6 connections per IP"?<br><br>
I know there's more questions I have, but that's the big one.&nbsp; I know it'd probably be easier just to set a global limit of say 10 connections per IP, but my boss really likes/wants that feature that comes with bulletproof.<br><br><br>
Thanks!<br><br><br><table cellspacing="0" cellpadding="0" width="100%"><tr>
<td>
Regards,<br><br><br><br>Robert Parkhurst<br>
IT Engineer<br>
Scarab Consulting<br>
110 Broadway, Suite 190<br>
San Antonio, TX 78205<br>
Office:&nbsp; 210.527.1390<br>
Mobile:&nbsp; 210.289.2538
</td>
</tr></table>
<br>
</div>

Re: vsftp configuration question

Robert Parkhurst wrote:
> What I want is to migrate the FTP server from XP/bulletproof -> Ubuntu
> (7.04/7.10?)/vsftp (or another one).  VSFTP looks good because it's big
> on security.

If you go with Ubuntu, I would suggest the LTS release, which was 6.06.
No, you're not getting the bleeding edge versions, but you won't be
dist-upgrading every six months. It is supported for five years, so 6.06
will be good until 2011. The next release, 8.04 is supposed to be the
next LTS release.

You might have some say that Ubuntu isn't a great choice for servers,
but I've run several and not had any problems. At least you are sure to
get five years out of a release. Debian stable and RHEL/CentOS are good
alternatives you might want to look into. I haven't played with SUSE in
a while, so I can't recommend or discourage it.

> What I need to know is:
> I see a global option to limit number of connections per IP.  Can this
> be changed on a per-account basis?  For example, could we set a global
> limit of "2 connections per IP" but for account "blah1" we change that
> to "6 connections per IP"?

From the vsftpd.conf manpage:

  user_config_dir
    This powerful option allows the override of  any  config  option
    specified in the manual page, on a per-user basis. Usage is sim-
    ple, and is  best  illustrated  with  an  example.  If  you  set
    user_config_dir  to  be /etc/vsftpd_user_conf and then log on as
    the user "chris", then vsftpd will apply  the  settings  in  the
    file  /etc/vsftpd_user_conf/chris  for  the duration of the ses-
    sion. The format of this file is  as  detailed  in  this  manual
    page!  PLEASE NOTE that not all settings are effective on a per-
    user basis. For example, many settings only prior to the  user’s
    session  being  started.  Examples  of  settings  which will not
    affect any behviour on a per-user basis include  listen_address,
    banner_file, max_per_ip, max_clients, xferlog_file, etc.

So, while you can have a lot of flexibility for most options on a
per-user basis, you can't override the per-ip max connection. It seems
that by moving the max_per_ip check to fire after the authentication
check wouldn't be too difficult, but I don't have time at the moment to
dig through the code.

> I know there's more questions I have, but that's the big one.  I know
> it'd probably be easier just to set a global limit of say 10 connections
> per IP, but my boss really likes/wants that feature that comes with
> bulletproof.

There is ProFTPD, which does support per-user connection limiting[1]. It
has a pretty good record for security and they have an FAQ addressing it
that is worth looking at[2]. ProFTPD supports modules like Apache for
extended functionality, which is nice. It's robust set of features and
extensibility have always made it an attractive option for me, though
I've used vsftpd more in the past year.

[1] http://preview.tinyurl.com/yt3q7b
[2] http://www.proftpd.org/docs/faq/linked/faq-ch6.html

Cheers!
Daniel
_______________________________________________
ALG-technical mailing list http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical

Re: vsftp configuration question

<div>
Thanks for the reply!&nbsp; I stumbled across a HOWTO sometime after I sent the reply.&nbsp; The howto is for "Debian Etch" but works on Ubuntu 7.10 and should work on any distribution (though you'll have to find the packages on your own/through your distro packaging system).&nbsp; The HOWTO gives the basics on virtual users authenticating against a MySQL DB.&nbsp; It's at:&nbsp; <a href="http://www.howtoforge.com/vsftpd_mysql_debian_etch">http://www.howtoforge.com/vsftpd_mysql_debian_etch</a> for anyone who's interested.<br><br>
As far as the user-specific settings I"ll have to play with that more.&nbsp; The Howto didn't have any examples on it, but the man page did :) <br><br>
As far as vsftp goes, I really like it!&nbsp; And I think it's more than enough to get my boss to want to convert from XP-&gt;linux for FTP (and later, FTP+ssl).&nbsp; Now we just have to migrate over....<br><br><br><br><br><br><br><table cellspacing="0" cellpadding="0" width="100%"><tr>
<td>
Regards,<br><br><br><br>Robert Parkhurst<br>
IT Engineer<br>
Scarab Consulting<br>
110 Broadway, Suite 190<br>
San Antonio, TX 78205<br>
Office:&nbsp; 210.527.1390<br>
Mobile:&nbsp; 210.289.2538
</td>
</tr></table>
<br><br>
On Thu, 2007-12-20 at 20:25 -0600, Daniel J. Givens wrote:
<blockquote type="CITE">

Robert Parkhurst wrote:
&gt; What I want is to migrate the FTP server from XP/bulletproof -&gt; Ubuntu
&gt; (7.04/7.10?)/vsftp (or another one).  VSFTP looks good because it's big
&gt; on security.

If you go with Ubuntu, I would suggest the LTS release, which was 6.06.
No, you're not getting the bleeding edge versions, but you won't be
dist-upgrading every six months. It is supported for five years, so 6.06
will be good until 2011. The next release, 8.04 is supposed to be the
next LTS release.

You might have some say that Ubuntu isn't a great choice for servers,
but I've run several and not had any problems. At least you are sure to
get five years out of a release. Debian stable and RHEL/CentOS are good
alternatives you might want to look into. I haven't played with SUSE in
a while, so I can't recommend or discourage it.

&gt; What I need to know is:
&gt; I see a global option to limit number of connections per IP.  Can this
&gt; be changed on a per-account basis?  For example, could we set a global
&gt; limit of "2 connections per IP" but for account "blah1" we change that
&gt; to "6 connections per IP"?

From the vsftpd.conf manpage:

  user_config_dir
    This powerful option allows the override of  any  config  option
    specified in the manual page, on a per-user basis. Usage is sim-
    ple, and is  best  illustrated  with  an  example.  If  you  set
    user_config_dir  to  be /etc/vsftpd_user_conf and then log on as
    the user "chris", then vsftpd will apply  the  settings  in  the
    file  /etc/vsftpd_user_conf/chris  for  the duration of the ses-
    sion. The format of this file is  as  detailed  in  this  manual
    page!  PLEASE NOTE that not all settings are effective on a per-
    user basis. For example, many settings only prior to the  user&rsquo;s
    session  being  started.  Examples  of  settings  which will not
    affect any behviour on a per-user basis include  listen_address,
    banner_file, max_per_ip, max_clients, xferlog_file, etc.

So, while you can have a lot of flexibility for most options on a
per-user basis, you can't override the per-ip max connection. It seems
that by moving the max_per_ip check to fire after the authentication
check wouldn't be too difficult, but I don't have time at the moment to
dig through the code.

&gt; I know there's more questions I have, but that's the big one.  I know
&gt; it'd probably be easier just to set a global limit of say 10 connections
&gt; per IP, but my boss really likes/wants that feature that comes with
&gt; bulletproof.

There is ProFTPD, which does support per-user connection limiting[1]. It
has a pretty good record for security and they have an FAQ addressing it
that is worth looking at[2]. ProFTPD supports modules like Apache for
extended functionality, which is nice. It's robust set of features and
extensibility have always made it an attractive option for me, though
I've used vsftpd more in the past year.

[1] <a href="http://preview.tinyurl.com/yt3q7b">http://preview.tinyurl.com/yt3q7b</a>
[2] <a href="http://www.proftpd.org/docs/faq/linked/faq-ch6.html">http://www.proftpd.org/docs/faq/linked/faq-ch6.html</a>

Cheers!
Daniel
_______________________________________________
ALG-technical mailing list <a href="http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical">http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical</a>

</blockquote>
</div>

Re: vsftp configuration question

<div>
Congrats Robert. Glad to hear that you are move another piece of
equipment over to Linux. <br><br>
Carlos<br><br>
Robert Parkhurst wrote:
<blockquote cite="mid1198245777.7847.5.camel <at> superbad1" type="cite">

Thanks for the reply!&nbsp; I stumbled across a HOWTO sometime after I sent
the reply.&nbsp; The howto is for "Debian Etch" but works on Ubuntu 7.10 and
should work on any distribution (though you'll have to find the
packages on your own/through your distro packaging system).&nbsp; The HOWTO
gives the basics on virtual users authenticating against a MySQL DB.&nbsp;
It's at:&nbsp; <a href="http://www.howtoforge.com/vsftpd_mysql_debian_etch">http://www.howtoforge.com/vsftpd_mysql_debian_etch</a>
for anyone who's interested.<br><br>
As far as the user-specific settings I"ll have to play with that more.&nbsp;
The Howto didn't have any examples on it, but the man page did :) <br><br>
As far as vsftp goes, I really like it!&nbsp; And I think it's more than
enough to get my boss to want to convert from XP-&gt;linux for FTP (and
later, FTP+ssl).&nbsp; Now we just have to migrate over....<br><br><br><br><br><br><br><table cellpadding="0" cellspacing="0" width="100%"><tr>
<td>
Regards,<br><br><br><br>Robert Parkhurst<br>
IT Engineer<br>
Scarab Consulting<br>
110 Broadway, Suite 190<br>
San Antonio, TX 78205<br>
Office:&nbsp; 210.527.1390<br>
Mobile:&nbsp; 210.289.2538
        </td>
      </tr></table>
<br><br>
On Thu, 2007-12-20 at 20:25 -0600, Daniel J. Givens wrote:
  <blockquote type="CITE">
    Robert Parkhurst wrote:
&gt; What I want is to migrate the FTP server from XP/bulletproof -&gt; Ubuntu
&gt; (7.04/7.10?)/vsftp (or another one).  VSFTP looks good because it's big
&gt; on security.

If you go with Ubuntu, I would suggest the LTS release, which was 6.06.
No, you're not getting the bleeding edge versions, but you won't be
dist-upgrading every six months. It is supported for five years, so 6.06
will be good until 2011. The next release, 8.04 is supposed to be the
next LTS release.

You might have some say that Ubuntu isn't a great choice for servers,
but I've run several and not had any problems. At least you are sure to
get five years out of a release. Debian stable and RHEL/CentOS are good
alternatives you might want to look into. I haven't played with SUSE in
a while, so I can't recommend or discourage it.

&gt; What I need to know is:
&gt; I see a global option to limit number of connections per IP.  Can this
&gt; be changed on a per-account basis?  For example, could we set a global
&gt; limit of "2 connections per IP" but for account "blah1" we change that
&gt; to "6 connections per IP"?

From the vsftpd.conf manpage:

  user_config_dir
    This powerful option allows the override of  any  config  option
    specified in the manual page, on a per-user basis. Usage is sim-
    ple, and is  best  illustrated  with  an  example.  If  you  set
    user_config_dir  to  be /etc/vsftpd_user_conf and then log on as
    the user "chris", then vsftpd will apply  the  settings  in  the
    file  /etc/vsftpd_user_conf/chris  for  the duration of the ses-
    sion. The format of this file is  as  detailed  in  this  manual
    page!  PLEASE NOTE that not all settings are effective on a per-
    user basis. For example, many settings only prior to the  user&rsquo;s
    session  being  started.  Examples  of  settings  which will not
    affect any behviour on a per-user basis include  listen_address,
    banner_file, max_per_ip, max_clients, xferlog_file, etc.

So, while you can have a lot of flexibility for most options on a
per-user basis, you can't override the per-ip max connection. It seems
that by moving the max_per_ip check to fire after the authentication
check wouldn't be too difficult, but I don't have time at the moment to
dig through the code.

&gt; I know there's more questions I have, but that's the big one.  I know
&gt; it'd probably be easier just to set a global limit of say 10 connections
&gt; per IP, but my boss really likes/wants that feature that comes with
&gt; bulletproof.

There is ProFTPD, which does support per-user connection limiting[1]. It
has a pretty good record for security and they have an FAQ addressing it
that is worth looking at[2]. ProFTPD supports modules like Apache for
extended functionality, which is nice. It's robust set of features and
extensibility have always made it an attractive option for me, though
I've used vsftpd more in the past year.

[1] <a href="http://preview.tinyurl.com/yt3q7b">http://preview.tinyurl.com/yt3q7b</a>
[2] <a href="http://www.proftpd.org/docs/faq/linked/faq-ch6.html">http://www.proftpd.org/docs/faq/linked/faq-ch6.html</a>

Cheers!
Daniel
_______________________________________________
ALG-technical mailing list <a href="http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical">http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical</a>

  </blockquote>

_______________________________________________
ALG-technical mailing list <a class="moz-txt-link-freetext" href="http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical">http://austinlug.org/cgi-bin/mailman/listinfo/alg-technical</a>

</blockquote>
</div>

dhcp configuration / cannot get ubuntu laptop to talk to internet via my desktop as dhcp server.

Hello,

Need a network-dhcp hacker/doer/etc. or someone who has been here to
help if possible.

I have successfully configured my desktop to act as a dhcp server, and
also enabled ipforwarding via the yast2 gui. (I am running Suse 10.0).
(I have included the dhcp.conf file below which was successful in
supplying a client lease on the laptop with a default gateway
and /etc/resolv.conf pointing to my prismnet dialup nameservers.)

I tried some basic pinging back and forth to let me know I have
connectivity (my laptop was assigned 192.1.1.200, my desktop is
192.1.1.1, and my subnet on eth0 (both systems talking to each other
over crossover) is net=192.1.1.0, netmask=255.255.255.0)

The basic details of my setup are below as exhibit A and B. I probably
have some missing pieces to take care of and/or maybe firewall issues.
Is 192.1.1.0 OK as an internal fixed subnet? Or should I be using
something else.

Any assistance or pointers would be appreciated.

Thanks,
Newton

Exhibit A: my dhcp.conf file
#
#   DHCP Server Config File
#
ddns-update-style none;
ignore client-updates;

authoritative;

option domain-name                      "example.com";
default-lease-time                      86400;   # 24 hours
max-lease-time                          172800;  # 48 hours

subnet 192.1.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;
        option broadcast-address        192.168.1.255;
        option domain-name-servers      192.168.1.1;
        option ntp-servers              192.168.1.1;
        range   192.1.1.101   192.1.1.200;
        option routers 192.1.1.1;
        option domain-name-servers 209.198.128.11, 209.198.128.27;
}

Exhibit B: (laptop's view of the network)
eth0      Link encap:Ethernet  HWaddr 00:16:D4:DE:D8:39  
          inet addr:192.1.1.200  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::216:d4ff:fede:d839/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:18 errors:0 dropped:0 overruns:0 frame:0
          TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2271 (2.2 KiB)  TX bytes:5665 (5.5 KiB)
          Interrupt:16 
route -n:
Kernel IP routing table
Destination     Gateway  Genmask      Flags  Metric Ref    Use Iface
192.1.1.0       0.0.0.0  255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0  255.255.0.0     U     1000   0        0 eth0
0.0.0.0         192.1.1.1 0.0.0.0       UG    0      0        0 eth0

cat /etc/resolv.conf:
# generated by NetworkManager, do not edit!

search example.com

nameserver 209.198.128.11
nameserver 209.198.128.27

-- 

pub   4096R/6447518D 2007-07-05
Key fingerprint = 52BF 4EEA 3CD7 5698 EC68  56B7 B196 B8DD 6447 518D
Newton Hammet (Software Engineer and Mathematician) <newton@...>
Key servers: pgp.mit.edu, others...

Hello,

Need a network-dhcp hacker/doer/etc. or someone who has been here to
help if possible.

I have successfully configured my desktop to act as a dhcp server, and
also enabled ipforwarding via the yast2 gui. (I am running Suse 10.0).
(I have included the dhcp.conf file below which was successful in
supplying a client lease on the laptop with a default gateway
and /etc/resolv.conf pointing to my prismnet dialup nameservers.)

I tried some basic pinging back and forth to let me know I have
connectivity (my laptop was assigned 192.1.1.200, my desktop is
192.1.1.1, and my subnet on eth0 (both systems talking to each other
over crossover) is net=192.1.1.0, netmask=255.255.255.0)

The basic details of my setup are below as exhibit A and B. I probably
have some missing pieces to take care of and/or maybe firewall issues.
Is 192.1.1.0 OK as an internal fixed subnet? Or should I be using
something else.

Any assistance or pointers would be appreciated.

Thanks,
Newton

Exhibit A: my dhcp.conf file
#
#   DHCP Server Config File
#
ddns-update-style none;
ignore client-updates;

authoritative;

option domain-name                      "example.com";
default-lease-time                      86400;   # 24 hours
max-lease-time                          172800;  # 48 hours

subnet 192.1.1.0 netmask 255.255.255.0 {
        option routers                  192.168.1.1;
        option subnet-mask              255.255.255.0;
        option broadcast-address        192.168.1.255;
        option domain-name-servers      192.168.1.1;
        option ntp-servers              192.168.1.1;
        range   192.1.1.101   192.1.1.200;
        option routers 192.1.1.1;
        option domain-name-servers 209.198.128.11, 209.198.128.27;
}

Exhibit B: (laptop's view of the network)
eth0      Link encap:Ethernet  HWaddr 00:16:D4:DE:D8:39  
          inet addr:192.1.1.200  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::216:d4ff:fede:d839/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:18 errors:0 dropped:0 overruns:0 frame:0
          TX packets:51 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:2271 (2.2 KiB)  TX bytes:5665 (5.5 KiB)
          Interrupt:16 
route -n:
Kernel IP routing table
Destination     Gateway  Genmask      Flags  Metric Ref    Use Iface
192.1.1.0       0.0.0.0  255.255.255.0   U     0      0        0 eth0
169.254.0.0     0.0.0.0  255.255.0.0     U     1000   0        0 eth0
0.0.0.0         192.1.1.1 0.0.0.0       UG    0      0        0 eth0

cat /etc/resolv.conf:
# generated by NetworkManager, do not edit!

search example.com

nameserver 209.198.128.11
nameserver 209.198.128.27

--

-- 

pub   4096R/6447518D 2007-07-05
Key fingerprint = 52BF 4EEA 3CD7 5698 EC68  56B7 B196 B8DD 6447 518D
Newton Hammet (Software Engineer and Mathematician) <newton@...>
Key servers: pgp.mit.edu, others...