v3.2 README2: A LINUX-TO-DEMON-INTERNET CONFIGURATION GUIDE 10/05/96 BASE: CONFIGURING SLACKWARE LINUX FOR INTERNET ACCESS AND E-MAIL ================================================================ Copyright 1994-6 John A. Phillips. john@linux.demon.co.uk This README has been tested on Slackware 3.0, 2.3, 2.2 and 2.1. There are earlier versions for Slackware 2.0 and 1.2. It describes basic, static IP, serial-line networking with Demon Internet, using dip for the dialler, SLIP/CSLIP or PPP as the serial line protocol, with e-mail using sendmail, deliver and elm. It does not cover PoP. Files you may need are contained in the package. See the list at the end of this README. Configuration should be done as user root. You will occasionally find references such as [12.1] in the text. These are section numbers in the NET-2-HOWTO in /usr/doc/faq/howto if you installed disk set F. You will find relevant additional detail there. 2A Requirements and installation notes -------------------------------------- I assume you have installed at least disk sets A and N. I recommend installing disk sets AP and F. They contain the manual pages, various editors, GNU diffutils, which is (IMHO) indispensable, and the FAQs. Disk set D is recommended for the compilers and other development tools, Under Slackware 3.0 you *must* install the libaout package from disk set D for some key applications to work, such as sendmail and dip. From amongst the optional packages of disk set N, several are required for the basic network set-up: elm Required as your mail user agent (NOTE 1) tcpip Required for networking deliver Required as the local mail delivery agent for sendmail sendmail Required as the mail transport agent for network mail dip Required as the dialler for (C)SLIP and PPP access ppp Required if you want to use PPP NOTE 1: You don't have to install elm if you install pine or another mail reader instead. However only elm is described in this guide. NOTE 2: Other optional packages from disk set N are needed in other parts in this guide (e.g. if you want to install usenet news). Please see the READMEs in the other packages. The kernel must have SLIP, CSLIP and/or PPP installed in order to use the relevant protocol. Some Slackware kernels have these already set up, but you may be unlucky and have to install the Linux kernel source, recompile and reinstall it (see [8], and /usr/src/linux/README if you have the kernel source installed). You should not ask the Slackware installer to configure networking for you unless this is for a separate Ethernet. If you do anyway, it will probably block your serial-line access. See section 2C about fixing the rc.inet1 file if you have run Slackware's netconfig. * Please create an unpriveleged (i.e. non-root) user if you don't already have one. This package assumes you have at least one. It is not a good idea to regularly use ftp, mail, news, etc. from the root account. It should just be used for configuration and other things that can only be done as the superuser. You can run "adduser" which will do the job for you if you follow the prompts. BTW, do not use capital letters in user names (just when setting them up) as this can confuse some applications. Also, make sure you set a password for root and for all other users you have. Remember that whilst connected, your computer is on the Internet and should be protected as well as possible. * The default Unix editor is vi with which you should become familiar before starting. Elm, for example, uses it for composing mail messages. If you don't like vi, it is often possible to make programs use another editor by adding these lines to one of your shell start-up files. If you use bash as your shell the files are /etc/profile (for everybody) or ~/.bash_profile (for an individual): EDITOR=/usr/bin/joe export EDITOR VISUAL=/usr/bin/joe export VISUAL In many applications this will cause /usr/bin/joe to be used instead of the default editor. This is just an example and some applications have special config files you can (or must) edit instead. I'm told joe looks like WordStar, but you can use any other editor that suits you instead. 2B Set up the clock ------------------- You must decide whether to keep your PC's CMOS clock set to local time, or set permanently to GMT (also known as UTC). GMT is the normal way to get automatic winter/summer time corrections in Unix. If you want DOS to have the correct time when you run it with a GMT clock, install clk360rs.zip from a SIMTEL archive. Alternatively, use local time and change the CMOS clock twice a year. * If you are operating your CMOS clock on GMT, edit /etc/rc.d/rc.S to change the "/sbin/clock -s" line to read: /sbin/clock -u -s If you keep your CMOS clock on local time, /etc/rc.d/rc.S is correct, but you must edit certain configuration files to reflect this. I'll remind you to do this in the section(s) where the files are set up. 2C Set up networking -------------------- This section assumes you have only one network connection, through your serial interface and modem using (C)SLIP or PPP. * Set up /etc/hosts [11.4.1]. You only need two entries: (i) the loopback address; and (ii) your own host name and IP address. Change "AAA.BBB.CCC.DDD" to your IP address, and use your own (single-word) host name in place of "" here, throughout this README, and in the example files. 127.0.0.1 localhost AAA.BBB.CCC.DDD .demon.co.uk You can add other machines to this file as well, but I do not recommend it. It will save a little on network traffic in looking up IP addresses, but you must maintain the list properly, and any changes of IP address are not automatically followed. * Set up /etc/hosts.deny to deny everybody access your machine. This is a good security measure for a machine on the Internet unlil you are sure of what you are doing. Add this line to the file: ALL: ALL Then set up /etc/hosts.allow to allow just local users to access your machine's networking. Add this line and configure the name: ALL: 127.0.0.1 .demon.co.uk See "man 5 hosts_access" for more details of changing these files. * Check /etc/networks [11.4.3]. It should have only the following line (apart from comments): loopback 127.0.0.0 NOTE: lines for "default" and "localnet" are recommended in the NET-2-HOWTO. They are not needed in this serial-line set-up. * Check the file /etc/host.conf [11.4.4]. It should read as follows: order hosts, bind multi on This orders the name resolver to look first in /etc/hosts to find IP addresses for a host name, before asking the name server(s) listed in /etc/resolv.conf. It also allows multiple IP addresses per host name. * In /etc/resolv.conf [11.4.5] you should specify Demon's name servers by IP address. This file is in the package. It should read: search . demon.co.uk nameserver 158.152.1.58 nameserver 158.152.1.43 * Set up the /etc/HOSTNAME file [11.4.6] to contain a single line with your fully-qualified domain name (FQDN), like this: .demon.co.uk * Edit the fall back FQDN in /etc/rc.d/rc.M. This isn't really needed, since you've already set up /etc/HOSTNAME, but it tidies up a loose end. ... # If there's no /etc/HOSTNAME, fall back on this default: if [ ! -r /etc/HOSTNAME ]; then echo ".demon.co.uk" > /etc/HOSTNAME fi ... * Check /etc/rc.d/rc.inet1 [9.3, 9.3.1]. It only needs to configure the local loopback interface [9.4] with these lines: /sbin/ifconfig lo 127.0.0.1 /sbin/route add -net 127.0.0.0 If you used the Slackware network configuration option and the Ethernet parts of this file have been set up, this may cause non-fatal errors at boot time (assuming you actually have no Ethernet card), and may block your serial line access. If you don't have an Ethernet, all parts of rc.inet1 after the two lines above should be commented out. If you do have an Ethernet, then this is where to set it up, but don't include the "route add default" line since this will divert traffic away from the serial line to the Ethernet. If you want to refer to your machine by its host name when you are not connected (rather than just calling it localhost), then you should arrange for the dummy interface to be compiled into the kernel [8] (if it is not already) and place these commands in /etc/rc.d/rc.inet1. /sbin/ifconfig dummy .demon.co.uk /sbin/route add -host .demon.co.uk The dummy interface can get you over occasional problems associated with a networked machine that is only sometimes connected to the Internet. * Check out /etc/rc.d/rc.inet2 [9.3, 9.3.2, 11.1, 11.2]. It is normally correct but you can check that it starts certain daemons in the correct order. These should be: syslogd klogd inetd Leave rc.inet2 as it is if the essential bits above are in place. Other daemons, such as the line printer daemon (lpd), name server (named), SUN RPC portmapper, etc. may also be started here. You can leave them as they are for now and decide later whether you want to run them or not. They are not essential for a basic network service. NOTE: Do not start up routed in rc.inet2 unless you know what you are doing, as it can block your serial line IP connection. 2D Set up sendmail ------------------ There are other Mail Transport Agents (MTAs) such as Smail. This section assumes you are setting up sendmail. * Install /etc/sendmail.cf, the configuration file for sendmail. The file installed by the Slackware 2.* setup (the SMTP+BIND option) is close but not 100% OK. The sendmail.cf file contained in this package needs no editing and should be installed instead. The file linux.demon.mc, which I used to generate this sendmail.cf, is included as well. If you ever want to create a sendmail.cf, ensure the Slackware m4 and smailcfg packages are installed, put linux.demon.mc in /usr/src/sendmail/cf/cf, and run "m4 linux.demon.mc" in that directory. * In /etc/rc.d/rc.M, remove the "-q 15m" from the line that runs sendmail (and from the "echo" line above it). If you leave the option there, sendmail will try to deliver queued mail to the network every 15 minutes. If you are not on-line and there is mail in the queue, it will leave an error message in one of the logfiles every time. The mail queue is explicitly processed whenever you connect, by scripts that are installed later, so it is not normally necessary to ask the sendmail daemon to try delivery on its own. * Install /etc/aliases, the global mail aliases list. You should alias mail for at least root, postmaster, MAILER-DAEMON, usenet and news to real users. Use your own non-root user(s) substituted for : usenet:news news: postmaster: root: MAILER-DAEMON: All hosts connected to the Internet *must* have a postmaster address. Sendmail employs the pseudo-user MAILER-DAEMON, so it is a good idea to make sure someone receives any mail for this user (e.g. error reports that can't be delivered). The users news and usenet may receive error messages from C News or INN - someone should see these. Finally, for safety reasons, the root account should not normally be used for mail. This file is in the package and may be copied into place then configured. You can add other aliases here later if you wish (after which you need to install the new aliases as described below). * Re-boot now (with "shutdown -t3 -r now" or just Control-Alt-Del) to get the system name right after the previous edits and run sendmail with the correct configuration file. Then log in as root and run the following command to install the aliases: /usr/sbin/sendmail -bi This creates /etc/aliases.dir and /etc/aliases.pag (database files containing your aliases in dbm format). Running the command "newaliases" is equivalent. 2E Set up basic network access ------------------------------ * Install the following files from the package: /usr/local/sbin/start.dip /usr/local/sbin/stop.dip /usr/local/sbin/querypost /usr/local/sbin/querystatus /usr/local/sbin/setclock No configuration is required for the first four. If you decided in section 2B to run your CMOS clock on local time rather than GMT, edit the first executable line of setclock, changing the default zone from "GMT" to "local", otherwise leave this one alone too. 2F Set up (C)SLIP ----------------- * Install /usr/local/etc/demon_slip.dip, the (C)SLIP dialler script from the package. Make sure it is owned by root and cannot be read by anyone else (since it will contain your login name and password). You must edit this to set your own hostname (twice), password, your gateway (PoP) telephone number, the modem port, the DTE speed (how fast your computer talks to the modem), and the modem set-up commands. See Demon's "Modem.txt" and the instructions for your modem for details of the correct modem set-up requirements. Depending on your modem, it is possible you may have to make significant changes to this script, to deal, for example, with busy tones or other failures. You may also wish to edit the script to set idle=0 in the protocol line at login if you wish Demon's machine to keep the connection up even if no traffic is being sent or received. The example script asks (with idle=240) for the link to be dropped after four minutes of idling. Note that this script asks for SLIP (with "mode SLIP"), not compressed SLIP (CSLIP). The Ascend terminal servers at Demon do not at the time of writing support CSLIP. They may do so at some time in the future. 2G Set up PPP ------------- * Install /usr/local/etc/demon_ppp.dip, the PPP dialler script from the package. Make sure it is owned by root and cannot be read by anyone else (since it will contain your login name and password). You must configure this file. It is just like setting up demon_slip.dip (section 2F), except that you only have to set your own hostname once. * Copy into /etc/ppp the files in ./ppp from this package. No editing is needed. The installed files are: /etc/ppp/ip-up /etc/ppp/ip-down /etc/ppp/options * For Slackware 2.1 and 2.2 only, to run PPP you must update your version of dip and its manpage. Copy dip-3.3.7n from this package into /sbin. Then make static links to it from /sbin/dip and /sbin/diplogin using the following commands: cd /sbin ln -sf dip-3.3.7n dip ln -sf dip-3.3.7n diplogin Then copy the new manpage, dip.8, from the package into /usr/man/man8 and remove the old page (/usr/man/preformat/cat8/dip.8.gz). NOTE: dip-3.3.7i (Slackware 2.1) and dip-3.3.7l (Slackware 2.2) will not work with PPP, although they will work with (C)SLIP. * For Slackware 2.3 only, the dip-3.3.7n executable knows how to use PPP so you don't have to update it, but it thinks pppd is in directory /usr/sbin. Fix this with the following commands: cd /usr/sbin ln -s ../lib/ppp/pppd pppd 2H Set up elm ------------- There are other Mail User Agents (MUAs) such as pine. This section assumes you are setting up elm. * Edit /var/lib/elm/elm.rc to tell elm about your machine and its names. You need to set up the following lines: hostname = hostdomain = .demon.co.uk hostfullname = .demon.co.uk * Install /var/lib/elm/aliases.text to specify the global elm aliases. These are used on mail from local elm users. They should normally duplicate the aliases for sendmail (which are used for mail arriving from the network). This file is in the package and may be copied into place and configured with your own non-root user(s) substituted for : usenet = Local Usenet Administrator = news news = Local Usenet Administrator = postmaster = Local Postmaster = root = Local System Administrator = MAILER-DAEMON = Local Sendmail MAILER-DAEMON = * After setting this up, install the aliases with newalias -g This creates the files aliases, aliases.dir and aliases.pag. After adding more aliases in the future you must run "newalias -g" again to install them. * If you want to run elm whenever you type "mail" (as well as "elm"), you should make sure your users have the command mail aliased to elm, so elm becomes their foreground mailer. A line in /etc/profile such as: alias mail=elm will do this for all bash users. For individuals, the same line in the file ~/.bash_profile (in the user's home directory) will also work. * In Slackware 2.1 only, elm mistakenly thinks BST is GMT+2 hours. To fix this, you can use the environmental variable TZ. Put "export TZ=GMT0BST,M3.5.0/01:00:00,M10.5.0/02:00:00" in /etc/profile. The manpages for "newctime" and "newtzset" explain more about TZ. * The text in the file .signature in your home directory will be added to the end of your e-mail if you add the line "signature = ~/.signature" to ~/.elm/elmrc. Run elm first to create the ~/.elm directory and set up a default elmrc file if it's not there already. * If you want to keep a copy of mail you send, add the line "copy = on" to the ~/.elm/.elmrc file. Mail will be copied to the file ~/Mail/sent and may be reviewed later in elm by changing to the "=sent" folder. * For Slackware 2.2 only, fix a bug that stops elm from working, with: chmod 771 /var/spool/mail E-mail should now work. Mail to users on your site should be delivered immediately. Off-site mail should go into the mail queue (see it with "mailq"). You can force local mail to go via Demon by addressing it to either "@post.demon.co.uk:@.demon.co.uk", or "%.demon.co.uk@post.demon.co.uk". Please test mail, if you wish to, as a non-root user. Using root to receive and send mail is often considered a security risk. 2I Check access to Demon Internet Services ------------------------------------------ I assume here that your Demon account is already set up and working, and that you don't need to do anything special to log on. If you do have a brand new unused account, you will probably have to log on using a standard comms program to set up your account and set your password. At a pinch "dip -t" can do this if you set up the modem port, go into term mode, execute the account set-up manually, exit to dip's command mode and then quit, but other programs may be better. At this point, you should be able to send and receive mail, and ftp, telnet etc. will work. If you wish to prevent incoming mail from arriving whilst you test other networking services, find the PID of the sendmail daemon with "ps -aux", and kill the process with "kill ". To start receiving mail again, either re-boot or re-start sendmail with "/usr/sbin/sendmail -bd". * To connect, run this command: /usr/local/sbin/start.dip slip Just "start.dip" on its own is equivalent, since I have made slip the default. DIP should execute the script in demon_slip.dip and the system should log in automatically with (C)SLIP. The network connection should be active when the command prompt comes back. If you need to interrupt start.dip, it may be necessary to press Control-C twice. If you want to use PPP, use "start.dip ppp" instead. Alternatively, edit the first executable line of start.dip and change "slip" to "ppp" if you wish start.dip to use PPP by default instead of (C)SLIP. * To do a test ftp transfer on a couple of files, log in to your machine, as an ordinary user, on another virtual terminal (e.g. press Alt-F2 for VT2, or Ctrl-Alt-F2 to get there from X-windows), and execute: $ cd /tmp $ ftp ftp.demon.co.uk ... Name: anonymous ... Password: @.demon.co.uk ftp> cd /pub/test ftp> bin ftp> hash ftp> get fullfile ftp> get regularfile ftp> quit $ Other commands like "telnet", "traceroute", "whois", "finger", etc. should also work. Please see the manual pages for further details. * To close down the connection, go back to the root terminal (press Alt-F1 if you logged root onto VT1), and run this command: /usr/local/sbin/stop.dip Wait a few seconds and then check that the phone line has been put back on hook. If DIP fails to cause the modem to hang up, turn off the power to your modem for a few seconds, or pull out the plug. You should be able to set up the modem via the initialization commands in demon_slip.dip and demon_ppp.dip to hang up when DIP hangs up. DIP negates (drops) the DTR line when it hangs up; your modem's documentation should show you how to hang up the line when DTR is negated. The command &D2 is common but not universal. See Demon's Modem.txt and your modem's documentation for help. If you have a V.32bis/V.42bis modem (14400 bits/second with compression), and things are not very busy at the Demon end, you should have received fullfile (102400 bytes) in about 64 seconds (about 1.6 kbytes/second), and regularfile (102400 bytes) in about 37 seconds (about 2.7 kbytes/second). If your modem's V.42bis compression has better than minimum performance, regularfile may arrive more quickly, at up to 3.8 kbytes/second. This assumes a DTE rate of 38,400 bps or more. At a DTE rate of 19,200 bps, regularfile may only arrive at about 1.9 kbytes/second. If you have a V.34 modem and can drive the serial port at 57,600 bps or preferably greater, you may get about twice the download speeds above. 2J Trouble? ----------- For de-bugging purposes, I suggest you try, in this order: ping -c5 127.0.0.1 ping -c5 localhost ftp localhost ping -c5 158.152.1.222 ping -c5 demon-du.demon.co.uk ftp ftp.demon.co.uk These commands try out increasing levels of networking service. Those which work and those which don't, and especially the error messages from the failures, may give clues as to what is wrong. The first three should work properly off-line, and trying the next two off-line provides useful data from the error messages. Make sure you try the last three on line as well. If ping works to external machines, but other things, such as ftp and telnet do not, it is possible that the gateway machine you are using understands SLIP but not CSLIP. In this case change the "mode CSLIP" line in demon_slip.dip to "mode SLIP". Alternatively try PPP which avoids this problem. If the modem appears locked, but in fact it is not, this could be because dip is sometimes bad at removing its lock file /var/spool/uucp/LCK..ttyS1 (or LCK..cua1, LCK..modem etc.). This lock file may have been left behind by a previous dip session. Remove this file by hand if pppd complains when the modem is actually available. If you get "network unreachable" with "DIP: tty: set_disc(1): Invalid argument" when DIP is run, it means you don't have SLIP and/or CSLIP compiled into your kernel. You will need to re-compile and re-install the kernel using the instructions in /usr/src/linux/README [8]. A "network unreachable" error on its own suggests some other configuration fault. There are, unfortunately, too many possible causes of this for specific advice here to be useful. The commands "ping", "route", "netstat", "ifconfig", "cat /proc/net/dev" etc. are useful for de-bugging. Please see the manual pages for further information. 2K Summary and notes -------------------- At this point, your basic set-up is complete. You go on-line with the command /usr/local/sbin/start.dip (or just start.dip). You can use either "ppp" or "slip" as a parameter to start.dip to explicitly select the serial line protocol, rather than just using the default. You go off-line with /usr/local/sbin/stop.dip. These commands must be executed by user root, or perhaps through the sudo package by normal users (which I haven't tried myself). When you go on-line, your CMOS clock is updated from a network time server (and you can run the "setclock" script separately if you wish - but this may only be done by root). Also your mail is checked and a list is printed on the screen (root can run "querypost" separately). Finally, Demon's status messages are fetched and printed (using the "querystatus" script, which can also be run separately by root). You will get incoming mail delivered whenever you go on-line, and mail will also be delivered to you periodically whilst you remain on-line. Mail that has arrived on your machine should be readable with the command "elm" (or "mail" if you log in after setting up an alias). Outgoing mail will be put into the mail queue if you send it whilst you are off-line (revealed by running "mailq"). When you go on-line, start.dip will automatically send any queued mail to the network. Whilst on-line, sendmail will immediately pass to the network any mail you send. To force sendmail to try delivering queued mail, run "/usr/sbin/sendmail -q" when on-line. To check if any network connections are still active, you can run "netstat -t", or "netstat -nt". When connections reach the TIME_WAIT state, they have completed, and will not be interrupted by a shut down. 2L Files in this package ------------------------ File name (Slackware) Location in this package ===================== ======================== /var/lib/elm/aliases.text base/aliases.text /etc/aliases base/aliases /usr/local/etc/demon_ppp.dip base/demon_ppp.dip /usr/local/etc/demon_slip.dip base/demon_slip.dip /usr/src/sendmail/cf/cf/linux.demon.mc base/linux.demon.mc /etc/resolv.conf base/resolv.conf /etc/sendmail.cf base/sendmail.cf /usr/man/man8/dip.8 base/dip.8 /etc/ppp/ip-down base/ip-down /etc/ppp/ip-up base/ip-up /etc/ppp/options base/options /sbin/dip-3.3.7n base/dip-3.3.7n /usr/local/sbin/querypost base/querypost /usr/local/sbin/querystatus base/querystatus /usr/local/sbin/setclock base/setclock /usr/local/sbin/start.dip base/start.dip /usr/local/sbin/stop.dip base/stop.dip END OF README2