Email me off list for some examples. I hope you are using something bigger than a 2651xm because the config gets too large for nvram otherwise. I'll also send you a script for converting the encap file to tunnels/routes too.
73
Jason ky9j
-------- Original message --------
From: Phil Pacier - AD6NH <ad6nh(a)aprs2.net>
Date: 02/15/2014 4:34 PM (GMT-05:00)
To: AMPRNet working group <44net(a)hamradio.ucsd.edu>
Subject: [44net] Cisco IOS Example?
(Please trim inclusions from previous messages)
_______________________________________________
Good day all. Does anyone have a rough example of a 44Net tunnel setup
for Cisco IOS? I only have a /32 to play with and would like to put it
on the WAN router. Thanks!
--
Phillip Pacier - AD6NH
APRS Tier2 Network Coordinator
---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
Is it just me..... or when first logging into the portal, it appears to not
take your username and password, and gives you a second login screen.
And then the second login screen does log you in.
Am I the only one seeing this ??
Wm Lewis (KG6BAJ)
AMPR Net IP Address Coordinator - Northern and Central California Regions
(A 100% Volunteer Group)
(530) 263-1595 (Home/Office)
______________________________________________
----------
This message is for the designated recipient only and MAY CONTAIN
PRIVILEGED OR CONFIDENTIAL INFORMATION.
If you have received it in error, please notify the sender immediately and
delete the original. Any other use of this E-mail is prohibited.
Brian / Chris:
I take some of that back.....
Upon further testing, if I edit someone's region description, the portal
tells me it saved it. But when I go back into the record, it is *not saved*
at all.
So, bug report of a different nature.
Thanks
Bill Lewis / KG6BAJ
Good day all. Does anyone have a rough example of a 44Net tunnel setup
for Cisco IOS? I only have a /32 to play with and would like to put it
on the WAN router. Thanks!
--
Phillip Pacier - AD6NH
APRS Tier2 Network Coordinator
---
This email is free from viruses and malware because avast! Antivirus protection is active.
http://www.avast.com
44net-request(a)hamradio.ucsd.edu wrote:
> Subject:
> Re: [44net] ampr-ripd 1.8 released
> From:
> "Marius Petrescu" <marius(a)yo2loj.ro>
> Date:
> 02/12/2014 06:15 AM
>
> To:
> "'AMPRNet working group'" <44net(a)hamradio.ucsd.edu>
>
>
> Hi Rob,
>
> -w is a good idea and I will implement it.
>
> Regarding the daemon function, AFAIK it is not available on all systems and
> does not have a standardized behavior.
> I wrote the code as portable as possible (e.g. static memory allocations,
> minimal needed libraries).
> Since the only action on the parent is exit(), I don't think that waiting
> time is relevant.
>
> Thank you for your input.
>
> Marius, YO2LOJ
Ok. I think daemon is available on many Unix/Linux-like platforms. However, it is not a
very complicated function. What you wrote in ampr-ripd is nearly the same, except for
that daemon() closes stdin, stdout and stderr when going to daemon mode.
At least on a debian system, when ampr-ripd is started from a shell script under /etc/init.d,
and when it does not close the controlling tty, init keeps a process running (startpar) that
waits until it does that. I think that is part of the logic that prints the OK or FAIL messages
in the init procedure.
So, you could add some fclose or close calls in that part of the code. (only when verbose=0)
I used the following workaround before I discovered daemon():
ampr-ripd -options </dev/null >/dev/null 2>&1
Rob
44net-request(a)hamradio.ucsd.edu wrote:
> Subject:
> Re: [44net] 44Net Digest, Vol 3, Issue 33
> From:
> Steve Wright <stevewrightnz(a)gmail.com>
> Date:
> 02/11/2014 11:41 PM
>
> To:
> 44net(a)hamradio.ucsd.edu
>
>
>> >
>> >
>> > Any connects from ports
>> >below 1024 are highly suspect for being reflection attacks so above I
>> >block them all.
> Another good trick is to block all outgoing connects to port 80 - this
> makes it quite inconvenient for a virus to download its payload. In fact,
> block all outgoing connects, and allow only what YOU want to do.
Well, I do have that on the webserver at work. What those injection-attacks on
PHP programs often do is include something that is fetched from a remote webserver.
As the webserver cannot make outgoing connects, this always fails.
However, for a typical hamradio computer that serves both as a server and a client,
blocking outgoing port 80 is a bit unpractical.
The attack is still/again going on, this time with source port 119:
21:49:23.716879 216.18.208.109 -> 44.137.41.97 TCP 52 nntp > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
21:49:24.514385 216.18.208.109 -> 44.137.41.101 TCP 52 nntp > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
21:49:24.819003 216.18.208.109 -> 44.137.41.97 TCP 52 [TCP Port numbers reused] nntp > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
21:49:25.914034 216.18.208.109 -> 44.137.41.97 TCP 52 [TCP Port numbers reused] nntp > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
21:49:25.927587 216.18.208.109 -> 44.137.41.101 TCP 52 [TCP Port numbers reused] nntp > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
21:49:27.009032 216.18.208.109 -> 44.137.41.97 TCP 52 [TCP Port numbers reused] nntp > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
21:49:27.349359 216.18.208.109 -> 44.137.41.101 TCP 52 [TCP Port numbers reused] nntp > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
21:49:28.106015 216.18.208.109 -> 44.137.41.97 TCP 52 [TCP Port numbers reused] nntp > http [SYN] Seq=0 Win=8192 Len=0 MSS=1460 WS=256 SACK_PERM=1
Rob
