Hello list, I''ve been using linux and open source software for over 5 years now and I want to give something back to the community. I''m working on a PHP-based project (SPITS). The aim of this project is to easly create a shaping script, using a web interface, without needing to know tc and iptables command line options. As the project is now in beta stage, soon a CSS stylesheet will be made, but i''m more interested in the easyness of the interface. Cosidering some of you have enoungh knowledge about tc qdisc/classes and iptables, i want you people to give it a try to SPITS. Only few qdisc types are available now, and 2 ip tables matches. I intend to make SPITS able to import qdisc types and iptables matches via xml, with documantation and information regarding command line options, kernel options and iptables libs needed by the system in order for the xml module(qdisc/match) to work propertly. Now the project is not documented at all. Only the few steps needed in order to setup a database and the config file. I''m really interested in your feedback, suggestions and bug reports. Version 0.0.9b can be downloaded at: http://spits.sf.net/ Next release will include a CSS stylesheet and the possibility to import/export via xml the shaping configuration made. Best regards, Iosif
Looks nice, do you have a demo page? Oliver -- Oliver Schulze L. Get my e-mail after a captcha test in: http://tinymailto.com/oliver
On Mon, 2006-09-04 at 15:02 -0400, Oliver Schulze L. wrote:> Looks nice, do you have a demo page?http://193.111.161.6/SPITS/site/index.php - is the management page http://193.111.161.6/SPITS/site/crontabs/spits.php - is the output generated by the script which should run as root, which actually runs as apache user now. Debuging output and executed commands can be seen in the output.> > Oliver >
On Tue, 2006-09-05 at 16:52 +0300, Iosif Peterfi wrote:> On Mon, 2006-09-04 at 15:02 -0400, Oliver Schulze L. wrote: > > Looks nice, do you have a demo page? > > http://193.111.161.6/SPITS/site/index.php - is the management pageSQL Injections is likely to be possible, also interfaces added cannot be deleted at this time, so, i suggest everyone to create a fake interface and play with his interface and the few qdiscs available :p> http://193.111.161.6/SPITS/site/crontabs/spits.php - is the output > generated by the script which should run as root, which actually runs as > apache user now. Debuging output and executed commands can be seen in > the output.View source in the browser as the output is plain text, not HTML :)> > > > > > > Oliver > > > > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >
Iosif Peterfi wrote:> > View source in the browser as the output is plain text, not HTML :) >tks Oliver -- Oliver Schulze L. Get my e-mail after a captcha test in: http://tinymailto.com/oliver
I''ve always had to either have routing on, or off on a system. For the first time this week I have a system on the internet but with one connection to a private network to manage a piece of network gear. The situation is where I have a server on a 802.1q trunk with 4 VLAN interfaces on the internet and needs standard routing across the interfaces, eth0.3, eth0.7, eth0.10, and eth0.11 all with public address space and has standard routing. I just turned up eth0.2 on a private network (192.168.x.x) that I need to prevent any traffic from the public interfaces from reaching. After dipping into the iprouting documentation, it''s only confused me more. I assume this is accomplished with a rule but sofar I have only been able to completely shut off access to the private network entirely including the server''s access to that subnet. Could someone point me to an example of how this can be done? Thank you! John Fulton Anchorage, AK
I''ll try that on-list this time...... An iptables rule in the FORWARD chain to DROP all packets to/from that network? Using the FORWARD chain should allow access from the server''s IP address, but not allowing any forwarded traffic. Regards, Leigh Leigh Sharpe Network Systems Engineer Pacific Wireless Ph +61 3 9584 8966 Mob 0408 009 502 email lsharpe@pacificwireless.com.au web www.pacificwireless.com.au -----Original Message----- From: jfulton@arctic.net [mailto:jfulton@arctic.net] Sent: Wednesday, September 06, 2006 5:08 AM To: lartc@mailman.ds9a.nl Subject: [LARTC] Routing question I''ve always had to either have routing on, or off on a system. For the first time this week I have a system on the internet but with one connection to a private network to manage a piece of network gear. The situation is where I have a server on a 802.1q trunk with 4 VLAN interfaces on the internet and needs standard routing across the interfaces, eth0.3, eth0.7, eth0.10, and eth0.11 all with public address space and has standard routing. I just turned up eth0.2 on a private network (192.168.x.x) that I need to prevent any traffic from the public interfaces from reaching. After dipping into the iprouting documentation, it''s only confused me more. I assume this is accomplished with a rule but sofar I have only been able to completely shut off access to the private network entirely including the server''s access to that subnet. Could someone point me to an example of how this can be done? Thank you! John Fulton Anchorage, AK _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc