Best of Technical Support

Our experts answer your technical questions.
Configuring ipchains

Current setup: I'm running ipchains as a firewall and to proxy my other machine to the Web via DSL. This Linux firewall has two NIC cards: one with a public IP address, the other on my private 10.100.100 network. I have a web server on the private network (10.100.100.20). How do I configure ipchains to redirect all web requests at my firewall to the web server on my internal network? —Mitchel Vernor, mitboy@hotmail.com

You'll need to use a port forwarding tool (such as redir or ipmasqadm) to “redirect” all requests that try to connect to port 80 (assuming you are using the default port) of your firewall's address to the web server's address. redir is a user-space program that has some limitations, but works with older kernel versions. ipmasqadm (which I recommend) works with 2.2.x (some 2.1.x also) and it is kernel-based.

Assuming all other input, output and forward chains are present, you should simply add:

ipmasqadm portfw -f
ipmasqadm portfw -a -P tcp -L EXTERNAL_FIREWALL_IP 80
-R 10.100.100.20 80

to your startup script. —Mario de Mello Bittencourt Neto, mneto@argo.com.br

More information on port forwarding under kernel versions 2.2 and higher, including examples, can be found at www.monmouth.demon.co.uk/ipsubs/portfw-2.2.html. —Chad Robinson, Chad.Robinson@brt.com

If you don't have ipmasqadm on your system, you can find it here: http://juanjox.kernelnotes.org/. You need at least kernel 2.2.x for this to work (although there are patches for 2.0.x), and your kernel must have IP: ipportfw masq support (EXPERIMENTAL), which is an option you can select only if you checked “Prompt for development and/or incomplete code/drivers” during configuration. —Marc Merlin, marc_bts@valinux.com

PPP Networking

Can I have a PPP connection that supports TCP/IP using a null modem between Win98 and Linux boxes? Any one of the machines needs to dial up to the other. I am using Red Hat 5.2. —Kiran, ajay@cc.usu.edu

Yes, you can. I would set up the Win98 machine to “call” the Linux system by double-clicking on a dial-up connection. I prefer this way, since the Windows machine expects to “log in” to the remote system and the Linux box can provide that “login”. For this to work, you have to take care of the proper setup (pin out) of the serial cable that connects the machines together. Also, depending on the cable setup, it would be a good idea to tell the Windows machine, at the dialup port configuration setup, not to wait for the dial tone before dialing. The Linux box will not provide a dial tone. On the Linux side, you can create a new login ID with a password and configure it to have the PPP daemon as the login shell, instead of the usual bash. Also, you have to set up the serial port on the Linux box to provide the login automatically all the time. A good page that explains this in great detail is www.linuxgazette.com/issue41/smyth.html. —Felipe E. Barousse, fbarousse@piensa.com

Recovery after Partitioning

A friend who uses Debian 2.1 tried to install Red Hat 6.0 into another partition of his hard disk. The installation process of Red Hat has deleted the partition table of his hard drive. We need a way to recover some important files which are in the Debian partition. We can't access the partition. Can you explain some way to do it? —Alexis Serafin, sith@arrakis.es

If you know exactly what the partition table looked like before the crash, you can simply write a new partition table that looks exactly like the old one, mount the old partitions and back up the data. If the install process was aborted immediately after the new partition table was written, this alone may solve the problem. If all else fails, try this: make a partition that includes the whole disk (say, /dev/hdb1), mount that and raw-copy the entire disk to a big file (on another disk) with something like:

dd if=/dev/hdb1 of=/bigdisk/recovered.data bs=512

Then, try to piece the files together using /bigdisk/recovered.data. Personally, I've tried only the dd step, so there may be problems with this approach beyond the fact that stitching up the files manually is awfully difficult. Consider it a desperation strategy. I know it's never helpful to hear this after the disaster occurs, and please don't think I'm not sympathetic, but the best way to deal with problems like these is always prevention: keep backups, and print out critical information such as partition tables before you need it. This is the voice of bitter experience speaking. —Scott Maxwell, maxwell@ScottMaxwell.org

While it is hard, you can look for the boot partition signature (55 AA at the end of the block, I believe) and locate the partitions on your disk. The above requires a disk editor, such as diskedit from Norton, and once you have the partition offsets, you can go to the partition table (first block of your disk, apply the partition table view and key in the numbers). Note that it's not trivial, and having another computer as a model to look at and copy from helps quite a bit. You can also try fixdisktable which automates this (only for primary partitions, though); it can be found at bmrc.berkeley.edu/people/chaffee/fat32.html. —Marc Merlin, marc_bts@valinux.com

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix