Hello list,
I''ve been using linux and open source software for over 5 years now
and
I want to give something back to the community.
I''m working on a PHP-based project (SPITS). The aim of this project is
to easly create a shaping script, using a web interface, without needing
to know tc and iptables command line options.
As the project is now in beta stage, soon a CSS stylesheet will be
made, but i''m more interested in the easyness of the interface.
Cosidering some of you have enoungh knowledge about tc qdisc/classes
and iptables, i want you people to give it a try to SPITS.
Only few qdisc types are available now, and 2 ip tables matches.
I intend to make SPITS able to import qdisc types and iptables
matches via xml, with documantation and information regarding command
line options, kernel options and iptables libs needed by the system in
order for the xml module(qdisc/match) to work propertly.
Now the project is not documented at all. Only the few steps
needed in order to setup a database and the config file.
I''m really interested in your feedback, suggestions and bug
reports.
Version 0.0.9b can be downloaded at: http://spits.sf.net/
Next release will include a CSS stylesheet and the possibility to
import/export via xml the shaping configuration made.
Best regards,
Iosif
Looks nice, do you have a demo page? Oliver -- Oliver Schulze L. Get my e-mail after a captcha test in: http://tinymailto.com/oliver
On Mon, 2006-09-04 at 15:02 -0400, Oliver Schulze L. wrote:> Looks nice, do you have a demo page?http://193.111.161.6/SPITS/site/index.php - is the management page http://193.111.161.6/SPITS/site/crontabs/spits.php - is the output generated by the script which should run as root, which actually runs as apache user now. Debuging output and executed commands can be seen in the output.> > Oliver >
On Tue, 2006-09-05 at 16:52 +0300, Iosif Peterfi wrote:> On Mon, 2006-09-04 at 15:02 -0400, Oliver Schulze L. wrote: > > Looks nice, do you have a demo page? > > http://193.111.161.6/SPITS/site/index.php - is the management pageSQL Injections is likely to be possible, also interfaces added cannot be deleted at this time, so, i suggest everyone to create a fake interface and play with his interface and the few qdiscs available :p> http://193.111.161.6/SPITS/site/crontabs/spits.php - is the output > generated by the script which should run as root, which actually runs as > apache user now. Debuging output and executed commands can be seen in > the output.View source in the browser as the output is plain text, not HTML :)> > > > > > > Oliver > > > > > _______________________________________________ > LARTC mailing list > LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc >
Iosif Peterfi wrote:> > View source in the browser as the output is plain text, not HTML :) >tks Oliver -- Oliver Schulze L. Get my e-mail after a captcha test in: http://tinymailto.com/oliver
I''ve always had to either have routing on, or off on a system. For the first time this week I have a system on the internet but with one connection to a private network to manage a piece of network gear. The situation is where I have a server on a 802.1q trunk with 4 VLAN interfaces on the internet and needs standard routing across the interfaces, eth0.3, eth0.7, eth0.10, and eth0.11 all with public address space and has standard routing. I just turned up eth0.2 on a private network (192.168.x.x) that I need to prevent any traffic from the public interfaces from reaching. After dipping into the iprouting documentation, it''s only confused me more. I assume this is accomplished with a rule but sofar I have only been able to completely shut off access to the private network entirely including the server''s access to that subnet. Could someone point me to an example of how this can be done? Thank you! John Fulton Anchorage, AK
I''ll try that on-list this time......
An iptables rule in the FORWARD chain to DROP all packets to/from that network?
Using the FORWARD chain should allow access from the server''s IP
address, but not allowing any forwarded traffic.
Regards,
Leigh
Leigh Sharpe
Network Systems Engineer
Pacific Wireless
Ph +61 3 9584 8966
Mob 0408 009 502
email lsharpe@pacificwireless.com.au
web www.pacificwireless.com.au
-----Original Message-----
From: jfulton@arctic.net [mailto:jfulton@arctic.net]
Sent: Wednesday, September 06, 2006 5:08 AM
To: lartc@mailman.ds9a.nl
Subject: [LARTC] Routing question
I''ve always had to either have routing on, or off on a system.
For the first time this week I have a system on the internet but with
one connection to a private network to manage a piece of network gear.
The situation is where I have a server on a 802.1q trunk with 4 VLAN
interfaces on the internet and needs standard routing across the
interfaces, eth0.3, eth0.7, eth0.10, and eth0.11 all with public
address space and has standard routing.
I just turned up eth0.2 on a private network (192.168.x.x) that I
need to prevent any traffic from the public interfaces from reaching.
After dipping into the iprouting documentation, it''s only confused me
more. I assume this is accomplished with a rule but sofar I have only
been able to completely shut off access to the private network
entirely including the server''s access to that subnet.
Could someone point me to an example of how this can be done?
Thank you!
John Fulton
Anchorage, AK
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc