[nos-bbs] JNOS >< Linux communication problem
Miroslav Skoric
skoric at eunet.rs
Wed Jun 13 19:28:43 EDT 2012
On 06/10/2012 11:52 PM, Maiko Langelaar wrote:
>
> Look at this diagram, perhaps it will help you :
>
> http://www.langelaar.net/projects/jnos2/documents/practical/jnosntwk.jpg
>
> Regards,
>
> Maiko
>
Hi Maiko and others,
Thank you for that suggestion. I looked at the diagram and tried to make
something similar here (see autoexec.nos attached). But it did not work.
I mean, I am still only able to telnet to JNOS mailbox from Debian
terminal (and even that only if my firewall, Shorewall, is temporarily
stopped).
Unfortunately, as soon as I stop the firewall, I can not ping anymore
the IP address of Linux eth0 card from the other machine in the LAN. So,
in order to ping Linux comp again from the LAN, I have to restart
Shorewall (see its 'rules' file attached) - but then the local telnet
Linux-to-JNOS becomes disabled somehow.
Besides these issues with telnet access, I tried to use AXIP and/or
AXUDP to link JNOS machine with BPQ32 computers. (Before doing that, and
in order to check if AXIP/UDP works in my LAN, I booted Debian comp as
WinXP/BPQ32 and everything went well with those three BPQ32 nodes.) But
when returned the first comp to Linux/JNOS again, I realized that AXIP
and/or AXUDP did not work in between Linux comp and its neighboring machine.
Here is the structure of my LAN:
(1) (2) (3)
Debian/JNOS (or WinXP) WinXP/BPQ32 (or Deb) WinXP/BPQ32 (or Ubuntu)
eth0 192.168.1.2 <----> NIC1 192.168.1.1
tun0 192.168.1.3 NIC2 192.168.0.1 <---> NIC 192.168.0.2
JNOS 192.168.1.4
Here are the files, the 'autoexec.nos' at the first (1) computer:
# Enable JNOS to log events to dated files in /jnos/logs directory
#
log on
#
# Maximize TCP performance for standard LAN having MTU 1500
#
tcp mss 1460
tcp window 5840
#
tcp maxwait 30000
tcp retries 5
#
ip address 192.168.1.4
#
# Hostname and default ax25 call
#
hostname yt7mpb
ax25 mycall yt7mpb
#
# Local DNS is done via the 'domain.txt' file !
#
# Create a network interface. This allows us to talk to the linux
# box on which JNOS is running - and in turn - to the internet.
#
attach tun tun0 1500 0
#
ifconfig tun0 ipaddress 192.168.1.4
ifconfig tun0 netmask 255.255.255.0
ifconfig tun0 mtu 1500
#
# Give it a chance to come up
#
pause 1
#
# JNOS creates the TUN device, so JNOS needs to do some post configuration,
# by shelling out to the linux command line and running 'ifconfig' command.
#
shell ifconfig tun0 192.168.1.3 pointopoint 192.168.1.4 mtu 1500 up
#
route add default tun0
#
# Attach AXIP wormhole to a remote system
#
attach axip axi0 256 192.168.1.1
#
ifconfig axi0 description "axip wormhole"
#
# Attach AXUDP wormhole to a remote system
#
attach axudp axu0 256 192.168.1.1
#
ifconfig axu0 description "axudp wormhole"
#
# Attach a kiss enabled TNC
#
attach asy ttyS0 - ax25 vhf 4096 256 9600
#
ifconfig vhf description "vhf - 1200 baud port"
#
param vhf 2 256
param vhf 3 1
param vhf 5 1
#
param vhf TxDelay 25
#
# Beacon out the RF port every 20 minutes
#
#
ax25 bctext "internet gateway"
ax25 bcinterval 1200
ax25 bc vhf
ax25 bc axi0
ax25 bc axu0
#
# Netrom configuration
#
attach netrom
netrom alias R1
netrom call yt7mpb-1
netrom interface vhf 192 10
netrom interface axi0 192 10
netrom interface axu0 192 10
#
# Start the engines
#
start ax25
start telnet
start smtp
start netrom
#
... the next file is the output of 'ifconfig' after JNOS is started:
root at localhost:/usr/local/jnos# ifconfig
eth0 Link encap:Ethernet HWaddr 00:4f:4e:62:e3:f5
inet addr:192.168.1.2 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::24f:4eff:fe62:e3f5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1207 errors:0 dropped:0 overruns:0 frame:0
TX packets:304 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:105999 (103.5 KiB) TX bytes:30642 (29.9 KiB)
Interrupt:17 Base address:0xa000
eth1 Link encap:Ethernet HWaddr 00:00:00:21:6e:a9
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:22 Base address:0xa000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:52439 errors:0 dropped:0 overruns:0 frame:0
TX packets:52439 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:5870330 (5.5 MiB) TX bytes:5870330 (5.5 MiB)
tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.168.1.3 P-t-P:192.168.1.4 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:20 errors:0 dropped:0 overruns:0 frame:0
TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:1088 (1.0 KiB) TX bytes:1648 (1.6 KiB)
root at localhost:/usr/local/jnos#
... finally, here is the content of the Shorewall's 'rules' file:
#SECTION ESTABLISHED
#SECTION RELATED
SECTION NEW
ACCEPT net fw icmp 8
ACCEPT net fw tcp ssh,www,https,smtp,pop3,pop3s,imap2,imaps,submission
ACCEPT net fw udp https
ACCEPT loc fw icmp
ACCEPT fw loc icmp
ACCEPT net loc icmp
********
So, I know that Maiko is busy with programming but wondered if maybe
somebody else here has enough experience with similar setup. Btw, I
forgot to say that on the third comp (3) I also run WinPack and my basic
idea was to try it to connect to the JNOS mailbox. In fact, I am in the
final step of writing a book chapter on security in ham packet networks,
and I used that LAN setup for simulating real digi/bbs network. (Until
now, I covered several tests with accessing WinFBB and/or LinFBB by
using WinPack and its MD2 password ability, so the final idea was to see
what JNOS offers related to the secure user/sysop authentication.) Until
the deadline I still have a week or so to perform some tests with JNOS,
so any advise will be appreciated.
Regards,
Misko
More information about the nos-bbs
mailing list