Using ifconfig - Q&A

Using ifconfig - Q&A

Post by Drew Wre » Fri, 02 Nov 2001 05:20:13



The following question was answered by Mark Thacker, a
Technical Strategist for Sun Microsystems.

Question:
I'm using Solaris 7 x86.  I connect to Internet using DHCP
via my cable modem.  However, after I connect to Internet, I
cannot re-connect using my (Win9x) laptop as the DHCP
address is not released by my Solaris box.  I've tried
"ifconfig iprb1 dhcp release" command but still get the same
problem.  I wonder whether there is any other method to
release my DHCP address.  My last resort is to ask my cable
modem provider to release the DHCP mapping at their server
side.

Answer:
I'm surprised the "ifconfig" command doesn't seem to work.
It works fine on my machine on the local network here at
Sun.  However, I'm running Solaris 8, and I'd recommend that
you upgrade to that to get the latest DHCP enhancements.

For my cable modem at home, rather than connect directly I
use a combined firewall/NAT/DHCP gateway device which gives
me 255 addresses on a local private subnet and avoids any
problem of the kind you see.

I'm wondering if you are running the Solaris machine as a
firewall device or similar as iprb1 implies to me this is
the second iprb interface.  Is there anything in the
configuration of your system (e.g.  network stack) that
isn't standard?

I wonder if the provider is accepting additional information
from the Solaris box that is somehow prohibiting the Windows
machine from being granted an IP address?

Does "ifconfig iprb1 dhcp status" tell you that you are
offline after the release?

Other thoughts:  if you do have 2 interfaces on your Solaris
box, you can set it up as a router and get a NAT package
(ipfilter?)  so you then don't have to connect the Windows
machine to the provider.

Final thought - stay secure.  You'll need to harden your
Solaris system - take a lok over in the Security discussions
here at Techtarget.

Source: http://searchsolaris.techtarget.com

 
 
 

Using ifconfig - Q&A

Post by DE GRA » Sat, 10 Nov 2001 23:04:43


Some Cable modem Internet service Providers systems are setup to require
that the modem be powered down {disconnected from power supply} then powered
back up to clear out the MAC address of the interface that was connected to
the cable modem. This makes room for a new assignment.
Other service providers require that the old host MAC address be manually
removed by the service provider anytime a new interface {nic/router}is
connected to a cable modem.

This is done in part  to control the assignment of IP address, least someone
connects dozens of machines via hub or other to a cable modem, and have
routable IP address assigned to them all.

Anyone toggling between mutable boxes or laptops should check with their
cable modem internet service provider for the correct procedure


Quote:> The following question was answered by Mark Thacker, a
> Technical Strategist for Sun Microsystems.

> Question:
> I'm using Solaris 7 x86.  I connect to Internet using DHCP
> via my cable modem.  However, after I connect to Internet, I
> cannot re-connect using my (Win9x) laptop as the DHCP
> address is not released by my Solaris box.  I've tried
> "ifconfig iprb1 dhcp release" command but still get the same
> problem.  I wonder whether there is any other method to
> release my DHCP address.  My last resort is to ask my cable
> modem provider to release the DHCP mapping at their server
> side.

> Answer:
> I'm surprised the "ifconfig" command doesn't seem to work.
> It works fine on my machine on the local network here at
> Sun.  However, I'm running Solaris 8, and I'd recommend that
> you upgrade to that to get the latest DHCP enhancements.

> For my cable modem at home, rather than connect directly I
> use a combined firewall/NAT/DHCP gateway device which gives
> me 255 addresses on a local private subnet and avoids any
> problem of the kind you see.

> I'm wondering if you are running the Solaris machine as a
> firewall device or similar as iprb1 implies to me this is
> the second iprb interface.  Is there anything in the
> configuration of your system (e.g.  network stack) that
> isn't standard?

> I wonder if the provider is accepting additional information
> from the Solaris box that is somehow prohibiting the Windows
> machine from being granted an IP address?

> Does "ifconfig iprb1 dhcp status" tell you that you are
> offline after the release?

> Other thoughts:  if you do have 2 interfaces on your Solaris
> box, you can set it up as a router and get a NAT package
> (ipfilter?)  so you then don't have to connect the Windows
> machine to the provider.

> Final thought - stay secure.  You'll need to harden your
> Solaris system - take a lok over in the Security discussions
> here at Techtarget.

> Source: http://searchsolaris.techtarget.com


 
 
 

1. Using Default ACL Entries - Q&A

The following question was answered by Mark Thacker, a
Technical Strategist for Sun Microsystems.

Question:              
I have dir /test/1/2/3 and I have some files in 3 as 4,5,6.
The owner for /test is u1:g1.

Now I have to give rwx permissions to u2:g2 from directory 2
onwards to all file including directory 2 to u2 and also to
all files u1 may create in future in /2 and inside.

Right now I granted access to u2 setfacl on all existing
files inside dir 2 and dir 2 but if u1 creates any new file
u2 does not have access to it

How can I achieve this ?

Answer:
An ACL provides fine-grained file security by enabling you
to define file permissions for the owner, owner's group,
others, specific users and groups, and default permissions
for each of those categories.  Although you can explicitly
assign ACLs to individual files and directories, it is often
more useful to take advanatage of default ACL entries.  You
can set default ACL entries on a directory that will apply
to files and directories created within the directory.
Files and directories created in a directory that has
default ACL entries will inherit those ACL entries.

In the specific situation described in the question, default
ACLs can be applied to directory 2 giving user u2 and group
g2 rwx access which will then apply to newly created
objects.  The ACL syntax and rules for well formed ACLs are
a bit tricky.  It is much easier to use the GUI that is
provided with the CDE File Manager.

1.  Select the directory /test/1/2 in the File Manager, and
open the Properties dialog.

2.  Select the Permissions radio button at the top, and then
Show Access Control List button.

3.  Select "Default User" under the Type list.  Specify that
u2 has rwx.  Apply this setting.

4.  Select "Default Group" and specify that g2 has rwx, and
Apply it.

Note that three other Default ACL types are automatically
applied to the directory at the same time.  The Default
Owner, Default Group, and Default Mask are required when
Default User or Default Group are assigned.

Since u2 may create files that need to be read by u1, you
should create default ACL entries for u1 and g1 also.

Source: http://searchsolaris.techtarget.com

2. GDM user question-

3. ifconfig le0 and ifconfig le1 show same MAC address

4. Any experience using HP SureStore 8?

5. Weird ifconfig error: ifconfig: ioctl (SIOCAIFADDR): File exists

6. additional up2date channels

7. ifconfig -a = ifconfig: ioctl (SIOCGIFFLAGS): no such interface

8. LD_LIBRARY_PATH Question.

9. BSD V4.0 and ifconfig crashes using le0 (DE203AB device)

10. www virtual server using ifconfig alias

11. HELP: Question on using ifconfig to alias network card

12. howto check ip address in shell without using ifconfig?

13. ifconfig using RARP