Write Protect
|
View:
New views
16 Messages
—
Rating Filter:
Alert me
|
 |
Write Protect
by Mike Noyes-2
::
Rate this Message:
Subject was: Re: [leaf-user] Project Admin
On Mon, 2009-08-10 at 08:39 -0700, Mike Noyes wrote: > On Mon, 2009-08-10 at 10:18 +0200, Gordon Bos wrote: > -snip- > > The concept of having read-only media to boot from has, in my opinion, > > not lost its validity. The thought of being able to reboot and loose > > anything a hacker has changed, is very assuring. Obviously you'll still > > need to plug the leak that the hacker discovered, but at least you have > > no immediate worry about others discovering the hackers backdoor. > -snip- > > Gordon, > Hardware write protect is something that concerns our project members. > See: > > http://www.mail-archive.com/search?q=write+protect&l=leaf-devel%40lists.sourceforge.net Gordon, You can obtain a write protect hardware option fairly easy now. It's not like it was seven years ago, when a hardware hack (ADM module using the LD017 controller chip) was necessary. http://reviews.cnet.com/usb-flash-drives/?filter=502909_14791771_ -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: leaf, sourceforge/sitedocs ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by Mike Noyes-2
::
Rate this Message:
On Mon, 2009-08-10 at 09:27 -0700, Mike Noyes wrote:
> Subject was: Re: [leaf-user] Project Admin > On Mon, 2009-08-10 at 08:39 -0700, Mike Noyes wrote: > > On Mon, 2009-08-10 at 10:18 +0200, Gordon Bos wrote: > > -snip- > > > The concept of having read-only media to boot from has, in my opinion, > > > not lost its validity. The thought of being able to reboot and loose > > > anything a hacker has changed, is very assuring. Obviously you'll still > > > need to plug the leak that the hacker discovered, but at least you have > > > no immediate worry about others discovering the hackers backdoor. > > -snip- > > > > Gordon, > > Hardware write protect is something that concerns our project members. > > See: > > > > http://www.mail-archive.com/search?q=write+protect&l=leaf-devel%40lists.sourceforge.net > > Gordon, > You can obtain a write protect hardware option fairly easy now. It's not > like it was seven years ago, when a hardware hack (ADM module using the > LD017 controller chip) was necessary. > > http://reviews.cnet.com/usb-flash-drives/?filter=502909_14791771_ Gordon, Kanguru and Imation look like they have this segment targeted. http://www.kanguru.com/kanguruusbflash.html http://www.imation.com/en/Imation-Products/USB-Flash-Drives--Accessories/ -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: leaf, sourceforge/sitedocs ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by Ralph Green
::
Rate this Message:
Howdy,
This is pretty interesting. I thought no one was making them with write protect anymore. I have been using a USB to SD card adapter and SD cards, because the SD cards usually have a write protect switch. Now, I wonder if any of these write protectable USB drives use good NAND memory. Most of them these days are MLC(junk), instead of SLC. None of the drives in this list said anything in their specs about the type of flash chips they are using. Do you know any that use SLC(Single Level Cell) and have a write protect switch? If they were close to reasonably priced, I'd have to go buy a few. Good day, Ralph On Mon, 2009-08-10 at 09:27 -0700, Mike Noyes wrote: > You can obtain a write protect hardware option fairly easy now. It's not > like it was seven years ago, when a hardware hack (ADM module using the > LD017 controller chip) was necessary. > > http://reviews.cnet.com/usb-flash-drives/?filter=502909_14791771_ > > ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by skate
::
Rate this Message:
My USB "sticks" (I have three.) that I use for my routers are two
Imation 32 MB and one Memorex 128 MB drive. I purchased them a few years ago and decided to use them in my leaf boxes when I upgraded USB drives for personal and work use and my leaf boxes. I think that one may be able to find the Imation drives floating around somewhere but the Memorex one I picked up at Target for a song since they were closing them out. I don't know what technology they are using. I'd have to check. Take Care, Fred Stevens On 8/10/09, Ralph Green <sfreader@...> wrote: > Howdy, > This is pretty interesting. I thought no one was making them with > write protect anymore. I have been using a USB to SD card adapter and > SD cards, because the SD cards usually have a write protect switch. > Now, I wonder if any of these write protectable USB drives use good NAND > memory. Most of them these days are MLC(junk), instead of SLC. None of > the drives in this list said anything in their specs about the type of > flash chips they are using. Do you know any that use SLC(Single Level > Cell) and have a write protect switch? If they were close to reasonably > priced, I'd have to go buy a few. > Good day, > Ralph > > On Mon, 2009-08-10 at 09:27 -0700, Mike Noyes wrote: >> You can obtain a write protect hardware option fairly easy now. It's not >> like it was seven years ago, when a hardware hack (ADM module using the >> LD017 controller chip) was necessary. >> >> http://reviews.cnet.com/usb-flash-drives/?filter=502909_14791771_ >> >> > > > ------------------------------------------------------------------------------ > Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day > trial. Simplify your report design, integration and deployment - and focus > on > what you do best, core application coding. Discover what's new with > Crystal Reports now. http://p.sf.net/sfu/bobj-july > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@... > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by Mike Noyes-2
::
Rate this Message:
On Mon, 2009-08-10 at 14:39 -0500, Ralph Green wrote:
> This is pretty interesting. I thought no one was making them with > write protect anymore. I have been using a USB to SD card adapter and > SD cards, because the SD cards usually have a write protect switch. > Now, I wonder if any of these write protectable USB drives use good NAND > memory. Most of them these days are MLC(junk), instead of SLC. None of > the drives in this list said anything in their specs about the type of > flash chips they are using. Do you know any that use SLC(Single Level > Cell) and have a write protect switch? If they were close to reasonably > priced, I'd have to go buy a few. Ralph, I suggest you contact Kanguru and Imation directly, and ask them about the NAND memory they use. http://www.kanguru.com/kanguruusbflash.html http://www.kanguru.com/about.html#contact http://www.imation.com/en/Imation-Products/USB-Flash-Drives--Accessories/ http://www.imation.com/en/Contact-Us/ Please report any information gleaned back to our list. Thanks. -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: leaf, sourceforge/sitedocs ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by Victor McAllister
::
Rate this Message:
On Mon, 2009-08-10 at 09:27 -0700, Mike Noyes wrote:
>> You can obtain a write protect hardware option fairly easy now. It's not >> like it was seven years ago, when a hardware hack (ADM module using the >> LD017 controller chip) was necessary. >> >> http://reviews.cnet.com/usb-flash-drives/?filter=502909_14791771_ >> Write protected hardware requires physical access to the LEAF box. A software write protect has the advantage that you can set and unset the read and write access to the boot media with putty, ssh. I use two scripts loaded by local.lrp. Granted this is a little cumbersome because you have to keep a copy of three modules on your desktop machine and scp / winscp them over as needed. If you command a reboot, the machine is restored to read write status since the scripts are only run manually via ssh. ************** #! /bin/ash # rm-ide by Victor McAllister # This script removes modules to prevent # access to the boot media - CF ide disk echo MODULES="ide-disk ide-detect ide-core" BOOTDIR="/boot/lib/modules" LIBDIR="/lib/modules" for MODULE in ${MODULES} do rmmod ${MODULE} rm ${BOOTDIR}/${MODULE}.o rm ${LIBDIR}/${MODULE}.o done echo echo "The modules needed for IDE access are not plugged into" echo "the kernel or located in the TWO modules directories." echo echo "The Compact Flash is NOT accessible." ######## #! /bin/sh # load-ide by Victor McAllister # echo "Ths script installs ide modules to access Compact Flash" echo "First copy the files ide-core.o ide-dectect.o ide-disk.o" echo "using SCP to the /lib/modules directory." echo MODULES="ide-core ide-detect ide-disk" LIBDIR="/lib/modules" BOOTDIR="/boot/lib/modules" for MODULE in ${MODULES} do insmod ${MODULE} cp ${LIBDIR}/${MODULE}.o ${BOOTDIR}/${MODULE}.o done if (lsmod | grep ide-) then echo echo "Mount the CF possibly using: mount -t msdos /dev/hda1 /mnt" echo echo "modules necessary are also in /boot/lib/modules" echo "for possible backing up your configuration." else echo echo "IDE modules not loaded - CF drive not accessible." echo "Did you forgot to SCP the files to /lib/modules?" fi ####### ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by Gordon Bos
::
Rate this Message:
Victor McAllister wrote:
> Write protected hardware requires physical access to the LEAF box. A > software write protect has the advantage that you can set and unset the > read and write access to the boot media with putty, ssh. I use two > scripts loaded by local.lrp. Granted this is a little cumbersome because > you have to keep a copy of three modules on your desktop machine and > scp / winscp them over as needed. If you command a reboot, the machine > is restored to read write status since the scripts are only run manually > via ssh. I'm kind of puzzled why you would not run the delete script at boottime. How can you be sure that the system won't reboot without you knowing it? Statements as to computer security have been around since the early days. "No system is ever really secure". "If you want to make a system completely secure, you should enclose it in concrete and drop it in the ocean". "All barriers fail if someone can get physical access to the system". Which roughly translates in that the highest level of security is reached by a system that is console operated only (and not connected to other computers, but that's not an option in this case). In regards to LRP and LEAF I've always respected that rule and never added any remote access to the box. No ssh, no https. Gordon ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by Victor McAllister
::
Rate this Message:
Gordon Bos wrote:
> Victor McAllister wrote: > >> Write protected hardware requires physical access to the LEAF box. A >> software write protect has the advantage that you can set and unset the >> read and write access to the boot media with putty, ssh. I use two >> scripts loaded by local.lrp. Granted this is a little cumbersome because >> you have to keep a copy of three modules on your desktop machine and >> scp / winscp them over as needed. If you command a reboot, the machine >> is restored to read write status since the scripts are only run manually >> via ssh. >> > > I'm kind of puzzled why you would not run the delete script at boottime. > How can you be sure that the system won't reboot without you knowing it? > if I do an uptime and it says 1 day - I will investigate why. (I use a WRAP with a 12 volt battery connected via diodes in parallel with the power supply. The dsl modem and switches are on a UPS. If the AC goes down, my network connection stays up for several hours so laptops can still have access. That is why the LEAF stays up even when the power goes down several times a year.). I only need to SCP the modules over to back up a configuration change. The files necessary for boot are still on the boot media, just not in ram. As you say, no security is perfect. Someone who reads this post, if they could break in, could figure out what modules to bring along. They would need SSH access which is only open to specific public IPs. > Statements as to computer security have been around since the early > days. "No system is ever really secure". "If you want to make a system > completely secure, you should enclose it in concrete and drop it in the > ocean". "All barriers fail if someone can get physical access to the > system". > > Which roughly translates in that the highest level of security is > reached by a system that is console operated only (and not connected to > other computers, but that's not an option in this case). In regards to > LRP and LEAF I've always respected that rule and never added any remote > access to the box. No ssh, no https. > > Gordon > ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by Mike Noyes-2
::
Rate this Message:
On Mon, 2009-08-10 at 19:40 -0700, Victor McAllister wrote:
> On Mon, 2009-08-10 at 09:27 -0700, Mike Noyes wrote: > >> You can obtain a write protect hardware option fairly easy now. It's not > >> like it was seven years ago, when a hardware hack (ADM module using the > >> LD017 controller chip) was necessary. > >> > >> http://reviews.cnet.com/usb-flash-drives/?filter=502909_14791771_ > >> > Write protected hardware requires physical access to the LEAF box. Victor, Indeed. > A software write protect has the advantage that you can set and unset > the read and write access to the boot media with putty, ssh. I use two > scripts loaded by local.lrp. Granted this is a little cumbersome > because you have to keep a copy of three modules on your desktop > machine and scp / winscp them over as needed. If you command a reboot, > the machine is restored to read write status since the scripts are > only run manually via ssh. Please commit your script to our cvs repository. Thanks. > ************** > #! /bin/ash > # rm-ide by Victor McAllister > # This script removes modules to prevent > # access to the boot media - CF ide disk > echo > > MODULES="ide-disk ide-detect ide-core" > BOOTDIR="/boot/lib/modules" > LIBDIR="/lib/modules" > > for MODULE in ${MODULES} > do > rmmod ${MODULE} > rm ${BOOTDIR}/${MODULE}.o > rm ${LIBDIR}/${MODULE}.o > done > echo > echo "The modules needed for IDE access are not plugged into" > echo "the kernel or located in the TWO modules directories." > echo > echo "The Compact Flash is NOT accessible." > > ######## > > #! /bin/sh > # load-ide by Victor McAllister > # > echo "Ths script installs ide modules to access Compact Flash" > echo "First copy the files ide-core.o ide-dectect.o ide-disk.o" > echo "using SCP to the /lib/modules directory." > echo > > MODULES="ide-core ide-detect ide-disk" > LIBDIR="/lib/modules" > BOOTDIR="/boot/lib/modules" > > for MODULE in ${MODULES} > do > insmod ${MODULE} > cp ${LIBDIR}/${MODULE}.o ${BOOTDIR}/${MODULE}.o > > done > > if (lsmod | grep ide-) > then > > echo > echo "Mount the CF possibly using: mount -t msdos /dev/hda1 /mnt" > echo > echo "modules necessary are also in /boot/lib/modules" > echo "for possible backing up your configuration." > > else > echo > echo "IDE modules not loaded - CF drive not accessible." > echo "Did you forgot to SCP the files to /lib/modules?" > fi > > ####### -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: leaf, sourceforge/sitedocs ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
|
|
|
Re: Write Protect
by Mike Noyes-2
::
Rate this Message:
On Tue, 2009-08-11 at 08:53 -0700, Paul Rogers wrote:
> > Write protected hardware requires physical access to the LEAF box. A > > software write protect has the advantage that you can set and unset the > > read and write access to the boot media with putty, ssh. I use two > > If you can, then somebody else can. Ultimately, there's no software > scheme that can provide the surety of a well-engineered hardware > protection. Is what you're protecting important enough to go lay > hands on the box? Paul, In many situations it's not practical to perform on-site maintenance on a client's machine. Each level of write protection has advantages and disadvantages. -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: leaf, sourceforge/sitedocs ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Write Protect
by Mike Noyes-2
::
Rate this Message:
On Mon, 2009-08-10 at 13:02 -0700, Mike Noyes wrote:
> On Mon, 2009-08-10 at 14:39 -0500, Ralph Green wrote: > > This is pretty interesting. I thought no one was making them with > > write protect anymore. I have been using a USB to SD card adapter and > > SD cards, because the SD cards usually have a write protect switch. > > Now, I wonder if any of these write protectable USB drives use good NAND > > memory. Most of them these days are MLC(junk), instead of SLC. None of > > the drives in this list said anything in their specs about the type of > > flash chips they are using. Do you know any that use SLC(Single Level > > Cell) and have a write protect switch? If they were close to reasonably > > priced, I'd have to go buy a few. > > Ralph, > I suggest you contact Kanguru and Imation directly, and ask them about > the NAND memory they use. Ralph, >From what I can tell, it looks like the Imation Pivot and Kanguru Defender Pro use SLC. http://www.google.com/search?q=Imation+Pivot+NAND+SLC http://www.imation.com/en/Imation-Products/USB-Flash-Drives--Accessories/Pivot-Flash-Drive/ http://www.google.com/search?q=Kanguru+Defender+Pro+NAND+SLC http://www.kanguru.com/defenderpro.html -- Mike Noyes <mhnoyes at users.sourceforge.net> http://sourceforge.net/users/mhnoyes/ SF.net Projects: leaf, sourceforge/sitedocs ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Kernel crash with vlan on Bering 3.1 Kernel 2.4.34
by Erich Titl
::
Rate this Message:
Hi folks
has anyone successfully used vlan tagging on the above mentioned release. I have the folowing set up on a WRAP with natsemi interfaces ################################################################ # # eth2 / Fixed IP # auto eth2 iface eth2 inet static address 10.250.21.1 netmask 255.255.255.0 ################################################################ # end of generated interface file ################################################################ auto eth2.34 iface eth2.34 inet static address 192.168.223.1 netmask 255.255.255.0 ################################################################ So eth2 is untagged while eth2.34 is a tagged interface it shows up like 5: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0d:b9:00:80:42 brd ff:ff:ff:ff:ff:ff inet 10.250.21.1/24 scope global eth2 6: ipsec0: <NOARP> mtu 0 qdisc noop qlen 10 link/void 7: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10 link/void 8: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10 link/void 9: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10 link/void 10: eth2.34: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue link/ether 00:0d:b9:00:80:42 brd ff:ff:ff:ff:ff:ff inet 192.168.223.1/24 scope global eth2.34 so basically it looks like the vlan tagging is enabled and working, but as soon as I try to use the eth2.34 interface, for example to ping a station on that vlan like 192.168.223.11 the kernel panics with a NULL pointer dereference. STYX# ping 192.168.223.11 PING 192.168.223.11 (192.168.223.11): 56 data bytes Unable to handle kernel NULL pointer dereference at virtual address 0000003c *pgd = 0 *pmd = 0 Oops: 0000 CPU: 0 EIP: 0010:[<c48c31ae>] Not tainted EFLAGS: 00010206 eax: 00000000 ebx: 00000022 ecx: c391af00 edx: c48c5af4 esi: 00000000 edi: 00000081 ebp: 00000040 esp: c0229f0c ds: 0018 es: 0018 ss: 0018 Process swapper (pid: 0, stackpage=c0229000) Stack: c37bd81e c48c41b2 00000000 00000022 c391af00 00000000 00000081 00000040 c01920c3 c391af00 00000000 c48c5af4 c345e000 c0226b28 00000000 c019215b c391af00 00036ca3 c0226bf0 c0226b28 00036ca3 00000046 c0192242 c0226b28 Call Trace: [<c48c41b2>] [<c01920c3>] [<c48c5af4>] [<c019215b>] [<c0192242>] [<c0121df2>] [<c011492c>] [<c0111c0e>] [<c01167b8>] [<c0111c0e>] [<c0110018>] [<c0111c31>] [<c0111c89>] [<c01039c7>] [<c0110199>] Code: ff 70 3c e8 65 ff ff ff 89 c2 31 c0 85 d2 59 74 07 0f b7 c3 <0>Kernel panic: Aiee, killing interrupt handler! In interrupt handler - not syncing Thanks for pointers Erich ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Kernel crash with vlan on Bering 3.1 Kernel 2.4.34
by Dillabough, Dave
::
Rate this Message:
Hi Erich,
It is working for me with 2.4.34 in one office and on my test LAN. I will be rolling it out in 12 other offices in the next month or so. Here is my configuration. >From /etc/interfaces # Step 2: configure internal interface auto eth1 iface eth1 inet static address 192.168.101.254 netmask 255.255.255.0 broadcast 192.168.101.255 vlan_raw_device eth1 # Add VLANS auto eth1.5 iface eth1.5 inet static address 192.168.201.254 netmask 255.255.255.0 broadcast 192.168.201.255 vlan_raw_device eth1 up echo 1 > /proc/sys/net/ipv4/conf/eth1.5/arp_filter up echo 2 > /proc/sys/net/ipv4/conf/eth1.5/arp_ignore up echo 1 > /proc/sys/net/ipv4/conf/eth1.5/rp_filter ip addr shows 4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:40:63:ef:c4:b1 brd ff:ff:ff:ff:ff:ff inet 192.168.101.254/24 brd 192.168.101.255 scope global eth1 6: eth1.5: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue link/ether 00:40:63:ef:c4:b1 brd ff:ff:ff:ff:ff:ff inet 192.168.201.254/24 brd 192.168.201.255 scope global eth1.5 The tagged VLAN is being used for public Internet access in a few meeting rooms and with a WiFi access point. I am using HP 2600 series switches to tie it all together. The LEAF hardware is a VIA Mini-ITX EK10000G which uses the via-rhine driver. I also have a couple of Intel boards in the system which use the eepro100 driver but I am only using VLANs on the via-rhine interface. The system has been in place for about 2 months without issues with light loading. Let me know if you need any other details. Dave -----Original Message----- From: Erich Titl [mailto:erich.titl@...] Sent: Wednesday, August 12, 2009 5:10 AM To: leaf-user@... Subject: [leaf-user] Kernel crash with vlan on Bering 3.1 Kernel 2.4.34 Hi folks has anyone successfully used vlan tagging on the above mentioned release. I have the folowing set up on a WRAP with natsemi interfaces ################################################################ # # eth2 / Fixed IP # auto eth2 iface eth2 inet static address 10.250.21.1 netmask 255.255.255.0 ################################################################ # end of generated interface file ################################################################ auto eth2.34 iface eth2.34 inet static address 192.168.223.1 netmask 255.255.255.0 ################################################################ So eth2 is untagged while eth2.34 is a tagged interface it shows up like 5: eth2: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether 00:0d:b9:00:80:42 brd ff:ff:ff:ff:ff:ff inet 10.250.21.1/24 scope global eth2 6: ipsec0: <NOARP> mtu 0 qdisc noop qlen 10 link/void 7: ipsec1: <NOARP> mtu 0 qdisc noop qlen 10 link/void 8: ipsec2: <NOARP> mtu 0 qdisc noop qlen 10 link/void 9: ipsec3: <NOARP> mtu 0 qdisc noop qlen 10 link/void 10: eth2.34: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue link/ether 00:0d:b9:00:80:42 brd ff:ff:ff:ff:ff:ff inet 192.168.223.1/24 scope global eth2.34 so basically it looks like the vlan tagging is enabled and working, but as soon as I try to use the eth2.34 interface, for example to ping a station on that vlan like 192.168.223.11 the kernel panics with a NULL pointer dereference. STYX# ping 192.168.223.11 PING 192.168.223.11 (192.168.223.11): 56 data bytes Unable to handle kernel NULL pointer dereference at virtual address 0000003c *pgd = 0 *pmd = 0 Oops: 0000 CPU: 0 EIP: 0010:[<c48c31ae>] Not tainted EFLAGS: 00010206 eax: 00000000 ebx: 00000022 ecx: c391af00 edx: c48c5af4 esi: 00000000 edi: 00000081 ebp: 00000040 esp: c0229f0c ds: 0018 es: 0018 ss: 0018 Process swapper (pid: 0, stackpage=c0229000) Stack: c37bd81e c48c41b2 00000000 00000022 c391af00 00000000 00000081 00000040 c01920c3 c391af00 00000000 c48c5af4 c345e000 c0226b28 00000000 c019215b c391af00 00036ca3 c0226bf0 c0226b28 00036ca3 00000046 c0192242 c0226b28 Call Trace: [<c48c41b2>] [<c01920c3>] [<c48c5af4>] [<c019215b>] [<c0192242>] [<c0121df2>] [<c011492c>] [<c0111c0e>] [<c01167b8>] [<c0111c0e>] [<c0110018>] [<c0111c31>] [<c0111c89>] [<c01039c7>] [<c0110199>] Code: ff 70 3c e8 65 ff ff ff 89 c2 31 c0 85 d2 59 74 07 0f b7 c3 <0>Kernel panic: Aiee, killing interrupt handler! In interrupt handler - not syncing Thanks for pointers Erich ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Kernel crash with vlan on Bering 3.1 Kernel 2.4.34
by Erich Titl
::
Rate this Message:
Hi Dave
Dillabough, Dave wrote: > Hi Erich, > > It is working for me with 2.4.34 in one office and on my test LAN. I will be rolling it out in 12 other offices in the next month or so. Here is my configuration. > > From /etc/interfaces > Thanks for the info, after a few hours debugging the vlan driver I figured something out, it appears that the 8021q module conflicts with the vlan module, don't ask me why Anyway after loading only 8021q the problem appears to be gone. cheers Erich ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
|
|
Re: Kernel crash with vlan on Bering 3.1 Kernel 2.4.34
by Dillabough, Dave
::
Rate this Message:
I'm not using the vlan package only the 8021q module with a static config so that makes sense.
-----Original Message----- From: Erich Titl [mailto:erich.titl@...] Sent: Wednesday, August 12, 2009 11:40 PM To: Dillabough, Dave Cc: leaf-user@... Subject: Re: [leaf-user] Kernel crash with vlan on Bering 3.1 Kernel 2.4.34 Hi Dave Dillabough, Dave wrote: > Hi Erich, > > It is working for me with 2.4.34 in one office and on my test LAN. I will be rolling it out in 12 other offices in the next month or so. Here is my configuration. > > From /etc/interfaces > Thanks for the info, after a few hours debugging the vlan driver I figured something out, it appears that the 8021q module conflicts with the vlan module, don't ask me why Anyway after loading only 8021q the problem appears to be gone. cheers Erich ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@... https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/ |
| Free embeddable forum powered by Nabble | Forum Help |
