22C:178/055:134 Frequently Asked Questions

  1. Where can I learn about Unix, HPs, etc?
  2. How can I read and write on an MSDOS-format floppy disk using Unix?
  3. How can I print or save the output from a man command ?
  4. How can I see the routing tables?
  5. How can ping not work if traceroute works for some IP address?
  6. I tried using one of the lab machines, but now it wants a password.
    What is the password?
  7. I tried the command mcopy mfile a: but it printed some strange error message.
    What is wrong?
  8. How can I print the lecture notes in reduced size?
  9. I tried the sudo command but it asks for a password.
  10. I tried the mcopy command and it failed -- but I checked and there is no a: file. Why didn't it work?
  11. I tried the route command and the arp command, but the system said 'command not found'. What's up?
  12. Is there more information on tcpshow and tcpdump?


Where can I learn about Unix, HPs, etc?

The CS department has its own FAQ answering many such questions.


How can I read and write on an MSDOS-format floppy disk using Unix?

On an HP workstation that has a floppy disk drive, use various dos commands. Another FAQ lists some of the commands. You can also use the command man -k dos to list the commands, and then use man to get specific information for each command.

Under Linux, it is best to use the mtools that provide a look-alike substitute for DOS file commands tailored to the floppy drive (even using a: to designate the floppy drive!). A copy of the Linux man pages for mtools is located here.


How can I print or save the output from a man command ?

First, you need to find out where the text of the page you want to display is kept. Suppose you want to get, for example, the output from man gettimeofday. The first step is the hardest part --- you'll need to find the source file for the gettimeofday page. When you do a man gettimeofday command, you'll see, at the top of the man page, the character string

	gettimeofday(2)
This indicates that the page for gettimeofday is in section 2 of the man pages. The next step is to list out the sections of the man pages, which you do with the command ls /usr/man (for locally installed software, you may have to also do ls /usr/local/man or ls /usr/apps/man or ls /usr/pgk/man etc, depending on the whims of how the system administrator set up your system). You'll likely see a directory man2 listed, or perhaps a man2.Z directory, or something similar that implies section 2 of the pages. Now try a command such as
	ls /usr/man/man2.Z/gettim*
(or a similar variation in other directories; there are faster ways of tracking down the file using find as well on some systems). On the computer science HP systems, you'll see the response
        /usr/man/man2.Z/gettimeofda.2
Notice how the final y of the name was truncated (frustrating, but that's just the way it is). I recommend here that you copy this file to your own directory, so you can easily manipulate it.
        cp /usr/man/man2.Z/gettimeofda.2 tempfile.Z
The letter Z above is an indication that the file copied was previously compressed (we suspect this because the directory name is man2.Z; when you see a file or directory name that has a suffix of .Z or .gz then it is very likely in compressed format). Now you'll need to uncompress the file with the command
        gunzip tempfile.Z
This removes the file tempfile.Z and creates the file tempfile (see man uncompress or man gunzip if you want to know the details). Finally, we have something to work with. You may now edit the file tempfile, but you'll notice it is not exactly the man gettimeofday result you want! But we are almost done. All it takes now is the command
	groff -man tempfile > output.ps
to format the page and store it in a file called output.ps, which will be a postscript file ready to print or display with the ghostview utility. On the other hand, if you want just an ascii-like output, the command
	nroff -man tempfile | lp -dpXXX
could be used to print the pages directly to printer XXX. There a section on printing man pages in the departmental
FAQ also, but with considerably less explanation.


How can I see the routing table?

On the Linux systems, this is easy: just use the route command with no operands or options, and it will display the current routing table. Unfortunately, this doesn't work on the HP systems, where the syntax for route is different. On the HP systems use the command netstat -rnv and you will get a representation of the routing table; the routing address and netmask are displayed together, as follows:

Routing tables
Dest/Netmask    Gateway         Flags   Refs     Use  Interface  Pmtu PmtuTime
127.0.0.1/255.255.255.255
                127.0.0.1       UH         0   47339  lo0        4608
128.255.28.148/255.255.255.255
                127.0.0.1       UH         0  745489  lo0        4608
default/0.0.0.0 128.255.28.240  UG        24  786654  lan0       1500
128.255.28.0/255.255.255.0
                128.255.28.148  U         29 3638857  lan0       1500
In this somewhat cryptic output, we see that the netmask for 127.0.0.1 is 255.255.255.255, and that any destination address of the form 128.255.28.x will match the table's last entry, and be sent on the lan0 interface. Since the flag on the last line is U and not UG, the last line is not a gateway, so the "Gateway" column in the last line (showing 128.255.28.148) is not really meaningful --- the actual hardware address will be filled in from the ARP table using the 128.255.28.x destination address in the datagram.


How can ping not work if traceroute works for some IP address?

This seems puzzling at first: after all, both commands use ICMP to get their results. The answer can be found by careful reading of the man pages for these two commands and some knowledge of datagram filtering. Let's consider how the two commands use ICMP.

  1. The ping command sends out an ICMP datagram with the ECHO_REQUEST bit turned on. Then ping waits for an ICMP datagram to come back with ECHO_RESPONSE turned on (see ping manpage for details).
  2. The traceroute commands sends out a UDP packet with a fixed, low value for the ttl field. Then traceroute waits for an ICMP datagram to come back with the TIME_EXCEEDED bit turned on (see traceroute manpage for details).
In each case, the command waits for an ICMP response. Some hosts or firewalls have been modified to avoid "denial of service" attacks due to "ICMP flooding". One such modification is to refuse to send back ECHO_RESPONSE datagrams, thus ignoring ping requests. Sometimes this modification allows some ECHO_RESPONSE within the local subnet, so that the administrators can still use ping within the subnet for debugging purposes, while denying ECHO_REQUEST datagrams coming from outside the subnet. It's difficult to say exactly where the filtering of such requests is done, since so much depends on the firewall architecture and the operating systems involved. But there is clearly a difference between the ECHO_RESPONSE use of ICMP and the TIME_EXCEEDED use of ICMP, which allows a host or firewall to exhibit different behaviors for these two types of datagrams.


I tried using one of the lab machines, but now it wants a password. What is the password?

To preserve some stability and prevent accidental erasure of files, we have given the root a password. Henceforth, you should logon as user, which has the password user. If you need to use some superuser command, such as ping -f 128.255.28.3 (a flooding ping), then prefix the command with sudo, for example sudo ping -f 128.255.28.3 will execute the command as superuser. Also, we now have assigned permanent names and IP numbers to the lab machines. The name of each machine is its number in English, so the machine names are one, two, three, and so on. The IP numbers are 128.255.28.x where x is the machine number (1-9).


I tried the command mcopy mfile a: but it printed some strange error message. What is wrong?

This mystery was solved by the TA. It seems that some students earlier typed in the command copy myfile a: (or similar), which created a file called a: on the local directory! This confuses the mcopy command. The solution is to erase the a: file, with the command rm a: and then try your mcopy command again.


How can I print the lecture notes in reduced size?

The following answer was contributed by a class member, Andy Bergen (bergen@cs.uiowa.edu). Thanks Andy!

Here are a few ways to make the slides nice and small (yet readable)

PDF
1. Load the .pdf file into Acrobat Reader.
2. Print to a file, call it slides.ps
   Be sure to click the "Shrink to Fit" option
The file is now on your system (account, whatever) in .ps format.
3.  Reduce it to "x" slides per page with:
	psnup -l -x slides.ps slidessmall.ps
	I use x as 2 or 4, depending.  
slidessmall.ps now is a postscript file of the 2upped or 4upped notes.

4.  Use pstops to further process the slides
	pstops 1:0@.92 slidessmall.ps slidesfinal.ps

5.  Then print!  
	lp -p105 slidesfinal.ps

PS
1.  Right click on the link to download the file to your system.
2.  Get it to .ps format (unzip if necessary)
3.  Repeat steps 3-5 above.

There are also man pages for psnup and pstops
I can explain further or demonstrate if necessary.


I tried the sudo command but it asks for a password.

Give it your logon password (user). The sudo tries to limit this nagging by asking for the password only once every five minutes in a session where you are sudo-ing.


I tried the mcopy command and it failed -- but I checked and there is no a: file. Why didn't it work?

The mcopy command may require superuser privileges. Therefore instead the command mcopy myfile a: use sudo mcopy myfile a:


I tried the route command and the arp command, but the system said 'command not found'. What's up?

Some of the administrative and network commands are in the /sbin directory, which is not the default command path for user. Try /sbin/route and /sbin/arp to use these commands. In addition, you may need to use sudo if you are changing some network parameters rather than just information-only usages of these commands.


Is there more information on tcpshow and tcpdump?

There are Linux manpages for tcpshow and tcpdump. If you want to try tcpdump in our lab network of PCs, here is what to do:

  1. From one of the machines, type the command sudo tcpdump and supply the password if needed. Do nothing further on this machine.
  2. Then, on another machine, try some networking command such as ping five (or another command that does not involve the machine running tcpdump). You should see output on the machine running tcpdump.
  3. After you have seen some output, stop the tcpdump with control-c. Read the manpage for tcpdump --- it explains how to save the output into a file for later analysis.
  4. Warning! For reasons that I do not yet understand, this version of tcpdump sometimes crashes the operating system or gets it in a "stuck" state. If this happens, you will have to turn the machine off and turn it back on to restart.


Ted Herman
25 February 1998