Daniel's page

In the separate document Upgrading to Linux 2.4.0 I include a few things to think about when upgrading. Linux IPv6 contains info about getting IPv6 into your Linux system.

Linux Setup Issues

In late Februrary 2000 I bought myself a new PC. Of course I installed Linux on the thing and configured it from there. I decided to write all my configuring quirks on this web page to perhaps help others...

Partitioning / dual boot

I have a need to be able to run Windows at odd times. Therefore I needed to make my machine dual-boot.

Start with making a partition big enough for your Windows installation. Don't add any other patitions, since the Windows 98 installer will eat as much as possible when you install it.

When you've installed win*, you go ahead and install your favourite Linux (I picked Redhat 6.1). You should add your Linux partitions in the installation process. Redhat's installer adds a "target" for the windows/DOS partitions it finds by default, without you having to think about it. So when you enter 'dos' at the lilo prompt after having installed the Linux as well, it will boot Windows.

Of course you can mount the Windows partitions when you run Linux so you can still transfer files between the environments that way!

ISDN PPP on-demand with callback

Of course I wanted my internet connection up and running as fast as possible! I have an ISDN Terminal Adapter and the company I work for has a callback feature (using an Ascend Max access switch).

My ISDN TA (a Zyxel Omni.net) is one of those async emulating ones. It makes my machine to believe and act as if it is a true modem. I can use the normal async PPP stuff.

Callback. I downloaded the latest pppd (2.3.11 at the time) and I applied the CBCP (Callback Control Protocol) patch that is included in the archive (the patch included in pppd 2.4.0 doesn't apply cleanly, you'll figure out how to do that little change manually). Although it didn't help! ;-/ It seems the Ascend sends something back my pppd doesn't like. Time to patch. I did a very tiny little change... (this patch is also feasable on pppd 2.4.0 as I've done it on that too)

--- fsm.c.org	Wed Mar 15 15:26:45 2000
+++ fsm.c	Wed Mar 15 15:26:49 2000
@@ -439,7 +439,7 @@
     if (id != f->reqid || f->seen_ack)		/* Expected id? */
 	return;					/* Nope, toss... */
-    if( !(f->callbacks->ackci? (*f->callbacks->ackci)(f, inp, len):
+    if( 0 && !(f->callbacks->ackci? (*f->callbacks->ackci)(f, inp, len):
 	  (len == 0)) ){
 	/* Ack is bad - ignore it */
 	error("Received bad configure-ack: %P", inp, len);

... now I could connect and negotiate a callback. I named my modified daemon cpppd.

So I issue 'cpppd call condb' to connect the first time. For this to work fine I need two files, the /etc/ppp/peers/condb file:

ttyS0 115200
connect '/usr/sbin/chat -v -f /etc/ppp/chat-con'
user [user]
callback [mynum]

You'll have to edit the user and the callback lines obviously for this to work. In my case, we have some weird domain logon so we have to enter 'domain\user', and since the \ letter is an escape letter in this file, it must be 'domain\\user' to work. The [IP] should also be replaced with your peer IP address. If you want this to be an on-demand connection (that the demand option enforces), you must specify an IP address, but if you don't care for on-demand you can just put it to zero (0). The password must be entered in the /etc/ppp/pap-secrets file, where a line could look like:

[user] * [password] *

For my domain stuff, the user part once again needed to be 'domain\\user'.

The connect script, /etc/ppp/chat-con, I use from my profile above looks like:

"" \d+++\dATH
OK "at&K1"
OK "atdi[num]"

... where [num] of course is the telephone number I dial to the ISDN connection in the other end.

When the 'cpppd' exits the callback hopefully has been negotiated. To answer the soon expected incoming call, we start a second daemon. This time, we don't need any callback support why we can (and should) run the stock pppd instead: pppd call conrcv. This then uses my peer profile named conrcv that differs slightly from the callback one, the /etc/ppp/peers/conrcv then looks like:

ttyS0 115200
connect '/usr/sbin/chat -v -f /etc/ppp/chat-conrcv'

... and the chat script it uses is a simple one that just performs:


Of course, I put everything together in a tiny script that I call in my /etc/rc.d/rc.local so that everything this is made automatically every time I boot my machine. The script looks like:

#! /bin/sh
while [ -z "" ]; do
  cpppd call condb -detach
  pppd call conrcv -detach
  sleep 1

IP Masquerading

kernel 2.2-style

Since I now have my on-demand callback PPP connection everything is fine for my single machine. But of course there are more machines in my home that want to get a connection to the internet.

To enable another computer to "go through" my machine to reach the internet, I chose to use IP masquerading. This way, my computer hides the other one(s) so that to the peerm everything seems to come from my computer alone.

There are brilliant documents on how to do this, but this is the script I've used successfully: (I should mention this works with my 2.2.12 kernel)

#! /bin/sh
#Needed  to initially load modules
/sbin/depmod -a
#Supports  the proper masquerading of FTP file transfers using the PORT method
/sbin/modprobe ip_masq_ftp
#Enable  IP forwarding since it is disabled by default since
echo "1" > /proc/sys/net/ipv4/ip_forward
#MASQ  timeouts
#-   2 hrs timeout for TCP session timeouts
#-  10 sec timeout for traffic after the TCP/IP "FIN" packet is received
#-  160 sec timeout for UDP traffic (Important for MASQ'ed ICQ users)
/sbin/ipchains -M -S 7200 10 160
#Enable  simple IP forwarding and Masquerading
#NOTE : The following is an example for an internal LAN address in
#the  10.0.0.x network with a or a "24" bit subnet mask or
#just  a single specified host.
#Please  change this network number and subnet mask to match your internal LAN
/sbin/ipchains -P forward DENY
#This  would be for a whole network:
#/sbin /ipchains -A forward -s -j MASQ
#This  is for a single specific machine:
/sbin/ipchains -A forward -s -j MASQ

Of course you need to make sure that the script correctly points out your machine(s).

A nice effect of this, is that the on-demand connection works as it is supposed to even when my second computer tries to access the outside world!

kernel 2.4-style

#For  more of this, see netfilter.samba.org
#Load  the NAT module (this pulls in all the others).
#(I  have this compiled in my kernel)
#modprobe  iptable_nat
#In  the NAT table (-t nat), Append a rule (-A) after routing (POSTROUTING)
#for  all packets going out ppp0 (-o ppp0) which says to MASQUERADE the
#connection  (-j MASQUERADE).
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
#Turn  on IP forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

Very Simple Samba Disk Sharing

Since there's a million different pages covering Samba, I'll just make some short notes what I had to change in the default config to have machine keep a network disk sharable to allow my other computer mount it as a network disk using Windows 98, without specifying a password.

Change the line in /etc/smb.conf that says security = user to instead become security = share.

Add a section in the 'Share Definitions' that looks something like:

    comment = General Data Disk
    path = /data
    read only = No
    guest ok = Yes

Make samba reload the config file and fly...

Advice: to share a FAT-parition with samba. You want to read my non-root-write-DOS edit to allow non-root users to write to it, as unless you wanna run samba as root you won't be able to write to that shared disk otherwise!

Allow Non-root Write Access to FAT Disks

When you have your Windows FAT partition mounted by Linux on boot time, you might sooner or later find it annoying to have to be root to write to that disk.

So, to allow anyone write acess, check out your /etc/fstab file for the line that holds the FAT mount. Similar to:

/dev/hda1               /windows                auto    defaults        0 0

Now, edit the file and replace 'defaults' with 'umask=0'.

The new line would then look similar to:

/dev/hda1               /windows                auto    umask=0         0 0

To try this out immediately without reboot, do 'umount [dos disk]' and then 'mount [dos disk]' where in my example [dos disk] would be /windows:

% umount /windows
% mount /windows

Enable Ultra-DMA/66 for the HD

Kindly suggested by Björn Stenberg

Even though your hard disk may support Ultra-DMA/66, at least Redhat Linux does no attempts at enabling this. It makes the disk speed a lot slower than it has to be. In my case, all it takes is a command line like:

    /sbin/hdparm -d1 -m16 -X66 /dev/hda
to make the speed go from some 4MB/s to some 18-20MB/s. You can make a little speed test with hdparm -t.

Swedish Keyboard Setup

Kindly suggested by Björn Stenberg

To make the console keyboard work, /etc/sysconfig/keyboard should look like:


To get X behave as you want (without using 'setxkmap se' every time you startx), the file /usr/X11R6/lib/X11/XF86Config should have two options set accordingly:

    Option "XkbModel"   "pc102"
    Option "XkbLayout"  "se"

In my file they were set to some american default values.

Get pictures from a USB Canon Digital camera

Solution worked out in cooperation with Björn Stenberg

Get the 's10sh' program from http://www.kyuzz.org/antirez/s10sh.html and install it.

Make sure you have either compiled your kernel with built-in USB support or you have it as a kernel module. If you have it as a module, run 'insmod usbcore'. Also make sure you have 'usbdevfs' enabled in the kernel config.

Add a line to your /etc/fstab that looks similar to:

usb /proc/bus/usb usbdevfs defaults,user 0 0

Mount the usb file system with 'mount usb'.

Run s10sh as 's10sh -u' (you may need to be root or to set the correct properties).

Get your pictures!

daniel at haxx dot se