[nos-bbs] JNOS >< Linux communication problem

Miroslav Skoric skoric at eunet.rs
Thu Jun 14 14:02:40 EDT 2012 

On 06/14/2012 11:14 AM, Alan Sieg WB5RMG wrote:

> Misko said :
>
>> ACCEPT net fw tcp ssh,www,https,smtp,pop3,pop3s,imap2,imaps,submission
>
> Perhaps you want to add TELNET to this list of accepted protocols ..?..
> Good luck   /;^)
>

Already tried that ... now tried again .. the line looks like this:

ACCEPT net fw tcp 
ssh,www,https,smtp,pop3,pop3s,imap2,imaps,submission,telnet

then restarted shorewall... but the change did not help.

Other ideas?

Thanks,
Misko

>
>
>
>> On 06/10/2012 11:52 PM, Maiko Langelaar wrote:
>>
>>>
>>> Look at this diagram, perhaps it will help you :
>>>
>>> http://www.langelaar.net/projects/jnos2/documents/practical/jnosntwk.jpg
>>>
>>> Regards,
>>>
>>> Maiko
>>>
>>
>> Hi Maiko and others,
>>
>> Thank you for that suggestion. I looked at the diagram and tried to make
>> something similar here (see autoexec.nos attached). But it did not work.
>> I mean, I am still only able to telnet to JNOS mailbox from Debian
>> terminal (and even that only if my firewall, Shorewall, is temporarily
>> stopped).
>>
>> Unfortunately, as soon as I stop the firewall, I can not ping anymore
>> the IP address of Linux eth0 card from the other machine in the LAN. So,
>> in order to ping Linux comp again from the LAN, I have to restart
>> Shorewall (see its 'rules' file attached) - but then the local telnet
>> Linux-to-JNOS becomes disabled somehow.
>>
>> Besides these issues with telnet access, I tried to use AXIP and/or
>> AXUDP to link JNOS machine with BPQ32 computers. (Before doing that, and
>> in order to check if AXIP/UDP works in my LAN, I booted Debian comp as
>> WinXP/BPQ32 and everything went well with those three BPQ32 nodes.) But
>> when returned the first comp to Linux/JNOS again, I realized that AXIP
>> and/or AXUDP did not work in between Linux comp and its neighboring machine.
>>
>> Here is the structure of my LAN:
>>
>> (1)                     (2)                    (3)
>> Debian/JNOS (or WinXP)  WinXP/BPQ32 (or Deb)   WinXP/BPQ32 (or Ubuntu)
>> eth0 192.168.1.2<---->  NIC1 192.168.1.1
>> tun0 192.168.1.3        NIC2 192.168.0.1<--->  NIC 192.168.0.2
>> JNOS 192.168.1.4
>>
>> Here are the files, the 'autoexec.nos' at the first (1) computer:
>>
>> # Enable JNOS to log events to dated files in /jnos/logs directory
>> #
>> log on
>> #
>> # Maximize TCP performance for standard LAN having MTU 1500
>> #
>> tcp mss 1460
>> tcp window 5840
>> #
>> tcp maxwait 30000
>> tcp retries 5
>> #
>> ip address 192.168.1.4
>> #
>> # Hostname and default ax25 call
>> #
>> hostname yt7mpb
>> ax25 mycall yt7mpb
>> #
>> # Local DNS is done via the 'domain.txt' file !
>> #
>> # Create a network interface. This allows us to talk to the linux
>> # box on which JNOS is running - and in turn - to the internet.
>> #
>> attach tun tun0 1500 0
>> #
>> ifconfig tun0 ipaddress 192.168.1.4
>> ifconfig tun0 netmask 255.255.255.0
>> ifconfig tun0 mtu 1500
>> #
>> # Give it a chance to come up
>> #
>> pause 1
>> #
>> # JNOS creates the TUN device, so JNOS needs to do some post configuration,
>> # by shelling out to the linux command line and running 'ifconfig' command.
>> #
>> shell ifconfig tun0 192.168.1.3 pointopoint 192.168.1.4 mtu 1500 up
>> #
>> route add default tun0
>> #
>> # Attach AXIP wormhole to a remote system
>> #
>> attach axip axi0 256 192.168.1.1
>> #
>> ifconfig axi0 description "axip wormhole"
>> #
>> # Attach AXUDP wormhole to a remote system
>> #
>> attach axudp axu0 256 192.168.1.1
>> #
>> ifconfig axu0 description "axudp wormhole"
>> #
>> # Attach a kiss enabled TNC
>> #
>> attach asy ttyS0 - ax25 vhf 4096 256 9600
>> #
>> ifconfig vhf description "vhf - 1200 baud port"
>> #
>> param vhf 2 256
>> param vhf 3 1
>> param vhf 5 1
>> #
>> param vhf TxDelay 25
>> #
>> # Beacon out the RF port every 20 minutes
>> #
>> #
>> ax25 bctext "internet gateway"
>> ax25 bcinterval 1200
>> ax25 bc vhf
>> ax25 bc axi0
>> ax25 bc axu0
>> #
>> # Netrom configuration
>> #
>> attach netrom
>> netrom alias R1
>> netrom call yt7mpb-1
>> netrom interface vhf 192 10
>> netrom interface axi0 192 10
>> netrom interface axu0 192 10
>> #
>> # Start the engines
>> #
>> start ax25
>> start telnet
>> start smtp
>> start netrom
>> #
>>
>> ... the next file is the output of 'ifconfig' after JNOS is started:
>>
>> root at localhost:/usr/local/jnos# ifconfig
>> eth0      Link encap:Ethernet  HWaddr 00:4f:4e:62:e3:f5
>>             inet addr:192.168.1.2  Bcast:192.168.1.255  Mask:255.255.255.0
>>             inet6 addr: fe80::24f:4eff:fe62:e3f5/64 Scope:Link
>>             UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>>             RX packets:1207 errors:0 dropped:0 overruns:0 frame:0
>>             TX packets:304 errors:0 dropped:0 overruns:0 carrier:0
>>             collisions:0 txqueuelen:1000
>>             RX bytes:105999 (103.5 KiB)  TX bytes:30642 (29.9 KiB)
>>             Interrupt:17 Base address:0xa000
>>
>> eth1      Link encap:Ethernet  HWaddr 00:00:00:21:6e:a9
>>             UP BROADCAST MULTICAST  MTU:1500  Metric:1
>>             RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>>             TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>>             collisions:0 txqueuelen:1000
>>             RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
>>             Interrupt:22 Base address:0xa000
>>
>> lo        Link encap:Local Loopback
>>             inet addr:127.0.0.1  Mask:255.0.0.0
>>             inet6 addr: ::1/128 Scope:Host
>>             UP LOOPBACK RUNNING  MTU:16436  Metric:1
>>             RX packets:52439 errors:0 dropped:0 overruns:0 frame:0
>>             TX packets:52439 errors:0 dropped:0 overruns:0 carrier:0
>>             collisions:0 txqueuelen:0
>>             RX bytes:5870330 (5.5 MiB)  TX bytes:5870330 (5.5 MiB)
>>
>> tun0      Link encap:UNSPEC  HWaddr
>> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
>>             inet addr:192.168.1.3  P-t-P:192.168.1.4  Mask:255.255.255.255
>>             UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
>>             RX packets:20 errors:0 dropped:0 overruns:0 frame:0
>>             TX packets:20 errors:0 dropped:0 overruns:0 carrier:0
>>             collisions:0 txqueuelen:500
>>             RX bytes:1088 (1.0 KiB)  TX bytes:1648 (1.6 KiB)
>> root at localhost:/usr/local/jnos#
>>
>> ... finally, here is the content of the Shorewall's 'rules' file:
>>
>> #SECTION ESTABLISHED
>> #SECTION RELATED
>> SECTION NEW
>> ACCEPT net fw icmp 8
>> ACCEPT net fw tcp ssh,www,https,smtp,pop3,pop3s,imap2,imaps,submission
>> ACCEPT net fw udp https
>> ACCEPT loc fw icmp
>> ACCEPT fw loc icmp
>> ACCEPT net loc icmp
>>
>> ********
>>
>> So, I know that Maiko is busy with programming but wondered if maybe
>> somebody else here has enough experience with similar setup. Btw, I
>> forgot to say that on the third comp (3) I also run WinPack and my basic
>> idea was to try it to connect to the JNOS mailbox. In fact, I am in the
>> final step of writing a book chapter on security in ham packet networks,
>> and I used that LAN setup for simulating real digi/bbs network. (Until
>> now, I covered several tests with accessing WinFBB and/or LinFBB by
>> using WinPack and its MD2 password ability, so the final idea was to see
>> what JNOS offers related to the secure user/sysop authentication.) Until
>> the deadline I still have a week or so to perform some tests with JNOS,
>> so any advise will be appreciated.
>>
>> Regards,
>>
>> Misko
>>
>> _______________________________________________
>> nos-bbs mailing list
>> nos-bbs at tapr.org
>> https://www.tapr.org/cgi-bin/mailman/listinfo/nos-bbs
>>
>
>

More information about the nos-bbs mailing list