A low profile mini network for Linux

Without a telnet connection into your Linux system you cannot do much. Unfortunately getting an IP address and routing in place is not always easy to arrange on short notice.

The following describes a very minimal network when running under VM. We created a private subnet for the Linux virtual machine(s) and use CMS Pipelines TCP/IP support to connect that subnet to your primary TCP/IP stack.

This approach does not require any changes to your production TCP/IP.

In the examples setup I'll use the following userids.

The alternative stack. A normal class G userid with a R/O link to the TCPIP 591 disk and IUCV ALLOW and IUCV ANY directory statements.
Your production stack.
Ordinary class G userid that runs a pipeline to connect the two networks.
One of the virtual machines running Linux

Configure the LINUXTCP stack


:nick.LINUXTCP :type.server :class.stack :owner.RVDHEIJ :diskwarn.


When I defined this I didn't have the IUCV options in the directory so I did a CTC link. You should be able to do an IUCV link as well. device dev_700 CTC 700 link link_linuxvm ctc 1 dev_700 The 192.168.16 subnet is one of the private subnets that you can use internally but that can not go out to the Internet. home link_linuxvm The following will let you tn3270 from your Linux virtual machine to your VM system, if you need that. port 23 tcp intclien internalclientparms port 23 endinternalclientparms When you add move Linux guests you need to think about routing. gateway = link_linuxvm defaultsize host bsdroutingparms true endbsdroutingparms start dev_700


This one works for me. /* */ 'VMLINK TCPIP 591 TCPIP 592 ( NONAMES' 'DEF CTC 700' ; 'COUPLE 700 TO LINUXVM 700' 'DEF CTC 701' ; 'COUPLE 701 TO LINUXVM 701' 'TCPRUN' Your LINUXVM userid should do something similar so you get yout connection also when LINUXVM starts up after LINUXTCP.

Verify the setup

Now put a TCPIP DATA on your A-disk with tcpipuserid linuxtcp First try to ping (the stack itself). When that works you should be able to ping (to verify the connection to your Linux virtual machine).

The next test could be to telnet or ftp to (still using the modified TCPIP DATA file.

Configure WARPHOLE

The WARPHOLE userid runs the WARPHOLE EXEC. The program is in fact a stripped down version of TCPSNIFF from John Hartmann.


The core pipeline has a number of segments like this: \ tcplisten <i>from-port</i> user tcpip reuseaddr | spawner tcpclient linuxvm <i>target</i> user linuxtcp You need one of those for each port on the production network that you want to connect to your Linux virtual machine. If you reverse them you can make a port on the LINUXTCP stack that goes out. /* WARPHOLE EXEC TCP/IP Socket Relay */ /* Author: Rob van der Heij, 27 Oct 1999 */ ports = '23 25 80' 'PIPE(end \ name WARPHOLE.EXEC:3)', '\ var ports', '| split', '| spec ,tcplisten 100, 1 w1 n ,user tcpip reuseaddr, nw x4f nw', ',spawner tcpclient, nw w1 nw ,user linuxtcp, nw', 'x4f nw ,cons, nw', '| join * ,\\,', '| var pipe1' 'PIPE (end \ name WARPHOLE.EXEC:7)' pipe1 return rc


/* SPAWNER REXX Spawn a subprocess like InetD does it */ /* Author: Rob van der Heij, 27 Oct 1999 */ signal on error arg process /* Process plus arguments */ do forever 'peekto req' /* Wait for connection request */ 'callpipe (end \ name SPAWNER.REXX:4)', '\ var req ', /* Take the request */ '| spec 65.16 1', /* Requester address & port */ '| socka2ip', /* Make it readable */ '| spec w3 1 ,:, n w2 n', '| var whosthat' say whosthat 'calling' process 'addpipe (end \ name SPAWNER.REXX:9)', '\ *.output: ', '| i: fanin ', '| tcpdata ', '|' process , '| elastic ', '| i:' 'callpipe( end \) *: | take', '| c: count lines', '| *:', /* Feed it one request */ '\ c: | var cnt' if cnt = 0 then 'readto' /* Reject the connection */ 'sever output' /* Cut it loose */ end error: return rc * ( rc ^= 12 )

Verify WarpHole

Rename your modified TCPIP DATA file and check for listening ports: netstat ( select user warphole This should give you something like this VM TCP/IP Netstat Level 320 Active Transmission Blocks User Id Conn Local Socket Foreign Socket State ---- -- ---- ----- ------ ------- ------ ----- WARPHOLE 1860 *..10025 *..* Listen WARPHOLE 1234 *..10023 *..* Listen WARPHOLE 1363 *..10080 *..* Listen From VM you can now telnet 10023 to logon to Linux, or from your workstation to your production stack port 10023.

Remember you telnet into Linux with a VT220 emulator or such, not a tn3270. I found IVT very useful (search on www.shareware.com for VT220.