29/07/95 v3.0 README2: A LINUX-TO-DEMON-INTERNET CONFIGURATION GUIDE BASE: CONFIGURING SLACKWARE LINUX FOR INTERNET ACCESS AND E-MAIL ================================================================ Copyright 1994-5 John A. Phillips. john@linux.demon.co.uk This README is valid for Slackware 2.3.0, 2.2.0 and 2.1.0. It describes a basic networking set-up using dip as your dialler, SLIP/CSLIP or PPP as the serial line protocol, with e-mail using sendmail, deliver and elm. Some of the files you need to install or modify are contained in the package, for you to copy directly into place. See the list at the end of this README. Configuration should be done as user root. You will occasionally find references such as [12.1] in the text. These are section numbers in the NET-2-HOWTO, included with this Linux distribution (in /usr/doc/faq/howto), containing further relevant information. 2A Requirements and installation notes -------------------------------------- I assume you have installed at least disk sets A and N. Disk sets AP and F are strongly recommended. They contain the manual pages, various editors, GNU diffutils, which is (IMHO) indispensable, and the FAQs. Disk set D is recommended for the compilers and other development tools. From amongst the optional packages of disk set N, these are required for basic network set-up. Other packages from disk set N are needed for the other packages in this guide. Some may also need to be excluded. Please see the relevant README(s) BEFORE you do the complete installation. elm Required as your mail user agent, pine is an alternative tcpip Required for networking deliver Required as the local mail delivery agent for sendmail mailx Recommended as a background mail user agent pine Recommended as an alternative mail user agent to elm sendmail Required as the mail transport agent for network mail smailcfg Recommended (for generating your own sendmail config file) uucp Not required unless you also have a uucp mail/news feed dip Required as the dialler for (C)SLIP and PPP access ppp Required (if you want to use PPP) The kernel must have SLIP, CSLIP and/or PPP installed [8] in order to use the relevant protocol. You will get an error on trying to connect to DIS if this is not done. Some Slackware kernels (those I've tried) have these already set up but you may be unlucky and have to recompile and reinstall (see [8] and /usr/src/linux/README). I recommend you do not ask the Slackware install package to configure networking for you unless you have a separate Ethernet. The correct set-up is achieved for (C)SLIP or PPP by following this document. * Please create an unpriveleged user if you don't already have one. This package assumes you have at least one non-root user, because it is not a good idea to regularly use ftp, mail, news, etc. from the root account. User root should just be used for configuration and other things that can only be done as the superuser. Make sure you set a password for root and for all other users you have. Remember that whilst connected to DIS, your computer is on the Internet. People will be able to telnet and ftp into your machine, as well as you being able to telnet and ftp to other machines. This can be blocked, but I don't deal with the methods in this package. The default Unix editor is vi with which you should become familiar before starting. Elm, for example, uses it for composing mail messages. If you don't like vi, it is often possible to make programs use another editor, by adding these lines to one of your shell start-up files (if you use bash as your shell - /etc/profile, $HOME/.bash_profile or $HOME/.profile): EDITOR=/usr/bin/joe export EDITOR VISUAL=/usr/bin/joe export VISUAL In many applications this will cause joe to be used instead of a default editor. This is just an example and some applications have special config files you can edit. I'm told joe looks like WordStar, but you can use any other editor that suits you instead. 2B Set up the clock ------------------- You need to decide whether to keep your PC's CMOS clock set to local time, or set permanently to GMT (alternatively known as UTC). Using GMT is the normal way to achieve automatic winter/summer time corrections in Unix, but if you want DOS to have the correct time when you run it, you may have to use local time and change the CMOS clock twice a year. * If you are operating your CMOS clock on GMT, edit /etc/rc.d/rc.S to change the "/sbin/clock -s" line to read: /sbin/clock -u -s If you keep your CMOS clock on local time, /etc/rc.d/rc.S is correct, but you must, later on, edit certain configuration files to reflect this. I'll remind you to do this in the section(s) where the files are set up. 2C Set up networking -------------------- This section assumes you have only one network connection, through your serial interface and modem using (C)SLIP or PPP. * Set up /etc/hosts [11.4.1]. This file is in the package for you to copy into place and configure. You only need three entries: (i) the loopback address; (ii) your own name and address; and (iii) the name and address of a router at the DIS end [9.2.5]. Whichever vPoP or tPoP you use, you can always use the same router. Change "158.152.XXX.YYY" to your IP address, and use your own (single-word) host name in place of "" here and throughout this document (and in the example files). 127.0.0.1 localhost 158.152.XXX.YYY .demon.co.uk 158.152.1.222 demon-du.demon.co.uk demon-du Optionally, you can add other machines to this file as well. I do not recommend this, but it will save a little on network traffic in looking up IP addresses. However you must maintain the list properly, and any changes of IP address are not automatically followed. See "Demon.txt" in the DIS documentation for a current list of Demon's machines. As an optional alternative to keeping /etc/hosts up to date with extra host names to speed up name resolution, the BIND package gives details of how to run a name server (named) [11.4.2] to keep a local cache of names and IP addresses for the machines you use often. * Check /etc/networks [11.4.3]. It should have only the following line (apart from comments): loopback 127.0.0.0 NOTE: the lines "default 0.0.0.0" and "localnet 158.152.0.0" are recommended in the current NET-2-HOWTO. However they make no difference in my case. * Check the file /etc/host.conf [11.4.4]. It should read as follows: order hosts, bind multi on This orders the name resolver to look first in /etc/hosts for IP addresses for a specified name, before asking the name server(s) in /etc/resolv.conf (bind). It also allows multiple IP addresses per host name. * In /etc/resolv.conf [11.4.5] (the file is in this package) you should specify Demon's name servers (by IP address). It should read as follows: search demon.co.uk nameserver 158.152.1.65 nameserver 158.152.1.193 nameserver 192.68.174.95 * Set up the /etc/HOSTNAME file [11.4.6] to contain a single line with your fully-qualified domain name (fqdn), like this: .demon.co.uk * Edit the fall back fqdn in /etc/rc.d/rc.M. This isn't really required, because you've already set up /etc/HOSTNAME, but it tidies up a loose end. ... # If there's no /etc/HOSTNAME, fall back on this default: if [ ! -r /etc/HOSTNAME ]; then echo ".demon.co.uk" > /etc/HOSTNAME fi ... * Check /etc/rc.d/rc.inet1 [9.3, 9.3.1]. It just needs to configure the loopback interface [9.4] and then add the route to the loopback net. If you do not have any network connection other than the serial interface using (C)SLIP or PPP, these should be the only lines (apart from comments and local shell assignments): /sbin/ifconfig lo 127.0.0.1 /sbin/route add -net 127.0.0.0 If you want to be able to refer to your machine by name when you are not connected to DIS (rather than just calling it localhost), then you should arrange for the dummy interface to be compiled into the kernel [8] (if it is not already) and place these commands in /etc/rc.d/rc.inet1. /sbin/ifconfig dummy .demon.co.uk /sbin/route add -host .demon.co.uk Using the dummy interface can get over occasional problems associated with a networked machine that is only sometimes connected to the Internet. If you used the Slackware network configuration option, then the Ethernet parts of this file will be set up which will cause non-fatal errors at boot time (assuming you actually have no Ethernet card). * Check /etc/rc.d/rc.inet2 [9.3, 9.3.2, 11.1, 11.2]. It is probably correct but should contain the following essential bits (there may be other bits as well - don't change them yet!): # Constants. NET="/usr/sbin" echo -n "Starting daemons:" # Start the SYSLOGD/Klogd daemons. These must come first. if [ -f ${NET}/syslogd ] then echo -n " syslogd" ${NET}/syslogd echo -n " klogd" ${NET}/klogd fi # Start the INET SuperServer if [ -f ${NET}/inetd ] then echo -n " inetd" ${NET}/inetd else echo "no INETD found. INET cancelled!" exit 1 fi Other daemons, such as the line printer daemon (lpd), name server (named), SUN RPC portmapper, etc. may also be started here. Decide later whether you want to run them or not. They are not essential for a basic network service (and running routed can actually break your IP connection). Leave rc.inet2 as it is for now if the essential bits above are in place. 2D Set up sendmail ------------------ There are other Mail Transport Agents (MTAs) such as Smail. This section assumes you are setting up sendmail. * Install /etc/sendmail.cf, the configuration file for sendmail. The file produced by the Slackware installation scripts (using the SMTP+BIND option) is good but not 100% accurate for a system only intermittently connected to the Internet. The sendmail.cf file contained in this package needs no editing and should be installed instead. The m4 file, linux.demon.mc, which I used to generate this sendmail.cf is included as well. If you ever want to create a sendmail.cf, install the file in /usr/src/sendmail/cf/cf and run "m4 linux.demon.mc" in that directory. * In /etc/rc.d/rc.M, remove the "-q 15m" from the line that runs sendmail (and from the "echo" line above it). If you leave the option there, sendmail will try to deliver queued mail to the network every 15 minutes. If you are not on-line and there is mail in the queue, it will leave an error message in one of the logfiles every time. The mail queue is explicitly processed, whenever you connect, by scripts that are installed later, so it is not normally necessary to ask the sendmail daemon to try delivery on its own. * Install /etc/aliases, the global mail aliases list. You should alias mail for at least root, postmaster, MAILER-DAEMON, usenet and news to real users. The user postmaster is required for all hosts connected to the Internet. Since sendmail employs the pseudo-user MAILER-DAEMON, it is a good idea to make sure someone receives any mail for this user (e.g. error reports from MAILER-DAEMON that bounce back). The users news and usenet may receive error messages from C News or INN - someone should see these. Finally, the root account should not normally be used for mail. /etc/aliases should have these entries, with your own non-root user(s) substituted for : usenet:news news: postmaster: root: MAILER-DAEMON: This file is in the package and may be copied into place then configured. You can add other aliases here later if you wish (after which you need to install the new aliases as described below). * Re-boot now (with "shutdown -t3 -r now" or just Control-Alt-Del) to get the system name right after the previous edits and run sendmail with the correct configuration file. Then log in as root and run the following command to install the aliases: /usr/sbin/sendmail -bi This creates /etc/aliases.dir and /etc/aliases.pag (database files containing your aliases in dbm format). Running the command "newaliases" is equivalent. 2E Set up basic network access ------------------------------ * Install the following files from the package: /usr/local/sbin/start.dip /usr/local/sbin/stop.dip /usr/local/sbin/querypost /usr/local/sbin/querystatus /usr/local/sbin/setclock No configuration is required for the first four. If you decided in section 2B to run your CMOS clock on local time rather than GMT, edit the first executable line of setclock, changing the default zone from "GMT" to "local". If you want to shut down the connection automatically after a certain period with no (C)SLIP traffic, controlled from your side of the DIS link, you will need to install the slip_idle source code from ftp.demon.co.uk in directory /pub/linux/Demon and edit the end of start.dip. I believe there is an equivalent pppd_idle package in Demon.v3.4.tar.gz in the above directory. 2F Set up (C)SLIP ----------------- * Install /usr/local/etc/demon_slip.dip, the (C)SLIP dialler script from the package. Make sure it is owned by root and cannot be read by anyone else (since it will contain your login name and password). You must edit this to set your own hostname (twice), password, your gateway (PoP) telephone number, the modem port, the DTE speed (how fast your computer talks to the modem), and the modem set-up commands. See Demon's "Modem.txt" and the instructions for your modem for details of the correct set-up requirements. Depending on your modem, it is possible you may have to make significant changes to this script, to deal, for example, with busy tones or other failures. You may also wish to edit the script to set idle=0 in the protocol line at login if you wish Demon's machine to keep the connection up even if no traffic is being sent or received. The example script asks (with idle=240) for the link to be dropped after four minutes of idling. 2G Set up PPP ------------- * Install /usr/local/etc/demon_ppp.dip, the PPP dialler script from the package. Make sure it is owned by root and cannot be read by anyone else (since it will contain your login name and password). You must configure this file. It is just like setting up demon_slip.dip (section 2F), except that you only have to set your own hostname once. * Copy into /etc/ppp the files in ./ppp from this package. No editing is needed. The installed files are: /etc/ppp/ip-up /etc/ppp/ip-down /etc/ppp/options * For Slackware 2.1.0 and 2.2.0, copy dip-3.3.7m from this package into /sbin. Then make static links to it from /sbin/dip and /sbin/diplogin using the following commands: cd /sbin ln -sf dip-3.3.7m dip ln -sf dip-3.3.7m diplogin NOTE: dip-3.3.7i (Slackware 2.1.0) and dip-3.3.7l (Slackware 2.2.0) will not work with PPP, although they will work with (C)SLIP. * For Slackware 2.3.0, the original dip-3.3.7n knows about PPP but thinks pppd is in directory /usr/sbin. Fix this with the following commands: cd /usr/sbin ln -s ../lib/ppp/pppd pppd 2H Set up elm ------------- There are other Mail User Agents (MUAs) such as pine. This section assumes you are setting up elm. * Edit /var/lib/elm/elm.rc to tell elm about your machine and its names. You need to set up the following lines: hostname = hostdomain = .demon.co.uk hostfullname = .demon.co.uk * Install /var/lib/elm/aliases.text to specify the global elm aliases. These are used on mail from local elm users. They should duplicate the aliases for sendmail (which are used for mail arriving from the network). This file is in the package and may be copied into place and configured with your own non-root user(s) substituted for : usenet = Local Usenet Administrator = news news = Local Usenet Administrator = postmaster = Local Postmaster = root = Local System Administrator = MAILER-DAEMON = Local Sendmail MAILER-DAEMON = * After setting this up, run newalias -g to install the aliases (this creates the files aliases, aliases.dir and aliases.pag). After adding more aliases in the future you must run "newalias -g" again to install them. * If you want to run elm whenever you type "mail" (as well as "elm"), you should make sure your users have the command mail aliased to elm, so elm becomes their foreground mailer. A line in /etc/profile such as: alias mail=elm will do this (for all bash users). The same line in the file .bash_profile in each user's home directory will also work for bash. * The text (up to the first four lines) in the file .signature in your home directory will be added to the end of news posts as a signature. To make sure elm knows this file as well (assuming you want the same signature on your mail), add the line "signature = ~/.signature" to ~/.elm/elmrc. Run elm first to create the ~/.elm directory and set up a default elmrc file if it's not there already. * For Slackware 2.2.0 only, fix a bug that stops elm from working, with: chmod 771 /var/spool/mail E-mail should now work. Mail to users on your site should be delivered immediately. Off-site mail should go into the mail queue (use "mailq" to see it). You can send test mail to your own site via Demon by addressing it to either @post.demon.co.uk:@.demon.co.uk, or %.demon.co.uk@post.demon.co.uk. Please test mail, if you wish to, as a non-root user. Using root to receive and send mail is often considered a security risk. 2I Check access to Demon Internet Services ------------------------------------------ At this point, you will be able to send and receive mail, and ftp, telnet etc. will work. I assume here that your DIS account is already set up and working and that you don't need to do anything special to log on. If you wish to prevent incoming mail from arriving whilst you test other networking services, find the PID of the sendmail daemon with "ps -aux", and kill the process with "kill ". To start receiving mail again, either re-boot or re-start sendmail with "/usr/sbin/sendmail -bd". * To connect, run this command: /usr/local/sbin/start.dip slip Just "start.dip" on its own is equivalent, since I have made slip the default. DIP should execute the script in demon_slip.dip and the system should log in automatically with (C)SLIP. The network connection should be active when the command prompt comes back. If you need to interrupt start.dip, it may be necessary to press Control-C twice. If you want to use PPP, use "start.dip ppp" instead. Alternatively, edit the first executable line of start.dip and change "slip" to "ppp" if you wish start.dip to use PPP by default instead of (C)SLIP. * To do a test ftp transfer on a couple of files, log in to your machine, as an ordinary user, on another virtual terminal (e.g. press Alt-F2 for VT2, or Ctrl-Alt-F2 to get there from X-windows), and execute: $ cd /tmp $ ftp ftp.demon.co.uk ... Name: anonymous ... Password: @.demon.co.uk ftp> cd /pub/test ftp> bin ftp> hash ftp> get fullfile ftp> get regularfile ftp> quit $ Other commands like "telnet", "traceroute", "whois", "finger", etc. should also work. Please see the manual pages for further details. * To close down the connection, go back to the root terminal (press Alt-F1 if you logged root onto VT1), and run this command: /usr/local/sbin/stop.dip Wait a few seconds and then check that the phone line has been put back on hook. If DIP fails to cause the modem to hang up, turn off the power to your modem for a few seconds, or pull out the plug. You should be able to set up the modem via the initialization commands in demon_slip.dip and demon_ppp.dip to hang up when DIP hangs up. DIP negates (drops) the DTR line when it hangs up; your modem's documentation should show you how to hang up the line when DTR is negated. The command &D2 is common but not universal. See Modem.txt and your modem's documentation for help. If you have a V.32bis/V.42bis modem (14400 bits/second with compression), and things are not very busy at the DIS end, you should have received fullfile (102400 bytes) in about 64 seconds (about 1.6 kbytes/second), and regularfile (102400 bytes) in about 37 seconds (about 2.7 kbytes/second). If your modem's V.42bis compression has better than minimum performance, regularfile may arrive more quickly, at up to 3.7 kbytes/second. This assumes a DTE rate of 38,400 bps or more. At a DTE rate of 19,200 bps, regularfile may only arrive at about 1.9 kbytes/second. If you have a V.34 modem and can drive the serial port at 57,600 bps or preferably greater, you may get up to twice the download speeds above. 2J Trouble? ----------- For de-bugging purposes, I suggest you try, in this order: ping -c5 127.0.0.1 ping -c5 localhost ftp localhost ping -c5 demon-du.demon.co.uk ping -c5 ftp.demon.co.uk ftp ftp.demon.co.uk These commands try out increasing levels of networking service. Those which work and those which don't, and especially the error messages from the failures, may give clues as to what is wrong. The first three should work properly off-line, and trying the next two off-line provides useful data from the error messages. Make sure you try the last three on line as well. If ping works to external machines, but other things, such as ftp and telnet do not, it is possible that the DIS gateway machine you are using understands SLIP but not CSLIP (clootie in Edinburgh has had, and may still have this problem). In this case change the "mode CSLIP" line in demon_slip.dip to "mode SLIP". Alternatively try PPP which avoids this problem. If the modem appears locked, but in fact it is not, this could be because dip is sometimes bad at removing its lock file /var/spool/uucp/LCK..ttyS1 (or LCK..ttyS0 etc.). This lock file may have been left behind by a previous dip session. Remove this file by hand if pppd complains when the modem is actually available. If you get the "network unreachable" error with "DIP: tty: set_disc(1): Invalid argument" when DIP is run, it means you don't have SLIP and/or CSLIP compiled into your kernel. You will need to re-compile and re-install the kernel using the instructions in /usr/src/linux/README [8]. A "network unreachable" error on its own suggests some other configuration fault. There are, unfortunately, too many possible causes of this for specific advice here to be useful. The commands "ping", "route", "netstat", "ifconfig", "cat /proc/net/dev" etc. are useful for de-bugging. Please see the manual pages for further information. 2K Summary and notes -------------------- At this point, your basic set-up is complete. You go on-line with the command /usr/local/sbin/start.dip (or just start.dip). You can use either "ppp" or "slip" as a parameter to start.dip to explicitly select the serial line protocol, rather than just using the default. You go off-line with /usr/local/sbin/stop.dip. These commands must be executed by user root. When you go on-line, your CMOS clock is updated from a network time server (and you can run the "setclock" script separately if you wish). Also your mail is checked and a list is printed on the screen (again, you can run "querypost" separately). Finally, Demon's status messages are fetched and printed (using the "querystatus" script, which can also be run separately). You will get incoming mail delivered whenever you go on-line, and mail will also be delivered to you periodically whilst you remain on-line. Mail that has arrived on your machine should be readable with the command "elm" (or "mail" if you log in after setting up an alias for elm). Outgoing mail will be put into the mail queue if you send it whilst you are off-line (revealed by running "mailq"). When you go on-line, start.dip will automatically send any queued mail to the network. Whilst on-line, sendmail will immediately pass to the network any mail you send. To force sendmail to try delivering queued mail, run "/usr/sbin/sendmail -q" when on-line. To check if any of your network connections are still active, you can run "netstat -t", or "netstat -nt". When connections reach the TIME_WAIT state, they have completed, and will not be interrupted by a shut down. 2L Files in this package ------------------------ File name (Slackware) Location in this package ===================== ======================== /var/lib/elm/aliases.text base/elm/aliases.text /etc/aliases base/etc/aliases /usr/local/etc/demon_ppp.dip base/etc/demon_ppp.dip /usr/local/etc/demon_slip.dip base/etc/demon_slip.dip /etc/hosts base/etc/hosts /usr/src/sendmail/cf/cf/linux.demon.mc base/etc/linux.demon.mc /etc/resolv.conf base/etc/resolv.conf /etc/sendmail.cf base/etc/sendmail.cf /etc/ppp/ip-down base/ppp/ip-down /etc/ppp/ip-up base/ppp/ip-up /etc/ppp/options base/ppp/options /sbin/dip-3.3.7m base/sbin/dip-3.3.7m /usr/local/sbin/querypost base/sbin/querypost /usr/local/sbin/querystatus base/sbin/querystatus /usr/local/sbin/setclock base/sbin/setclock /usr/local/sbin/start.dip base/sbin/start.dip /usr/local/sbin/stop.dip base/sbin/stop.dip END OF README2