I found following paragraph in the man page of iproute2.
equalize
allow packet by packet randomization on multipath routes.
Without this modifier, the route will be frozen to one selected
nexthop, so that load splitting will only occur on per-flow base.
equalize only works if the kernel is patched.
^^^^^^^^^^^^^^^^^
Now, where can I find
this patch ?
(I''m using kernel 2.4.21)
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Jihoon, [ snip ] : Now, where can I find : this patch ? : (I''m using kernel 2.4.21) I believe this is one of Patrick McHardy''s patches: http://trash.net/~kaber/ -Martin -- Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Jihoon Chung wrote:> > I found following paragraph in the man page of iproute2. > > equalize > > allow packet by packet randomization on multipath routes. > Without this modifier, the route will be frozen to one selected > nexthop, so that load splitting will only occur on per-flow base. > equalize only works if the kernel is patched. > ^^^^^^^^^^^^^^^^^ > > Now, where can I find > this patch ? > (I''m using kernel 2.4.21)google "lartc equalize patch" http://trash.net/~kaber/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Martin A. Brown wrote:>I believe this is one of Patrick McHardy''s patches: > > http://trash.net/~kaber/ >It''s actually not written by my but by Guus Sliepen. I just ported it to 2.4.18 and fixed some bugs. Regards, Patrick> >-Martin > > >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Does this patch work on kernel 2.4.21 or 2.4.22? (I''m curently using 2.4.21 and planning to switch to 2.4.22 in near future) Thanks. Alex ----- Original Message ----- From: "Martin A. Brown" <mabrown-lartc@securepipe.com> To: "Jihoon Chung" <jhchung@lab.sig-n.com> Cc: <lartc@mailman.ds9a.nl> Sent: Friday, September 05, 2003 6:07 PM Subject: Re: [LARTC] where is "equalize" kernel patch?> Jihoon, > > [ snip ] > > : Now, where can I find > : this patch ? > : (I''m using kernel 2.4.21) > > I believe this is one of Patrick McHardy''s patches: > > http://trash.net/~kaber/ > > -Martin > > -- > Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Does this patch work on kernel 2.4.21 or 2.4.22? (I''m curently using 2.4.21 and planning to switch to 2.4.22 in near future) Thanks. Alex ----- Original Message ----- From: "Martin A. Brown" <mabrown-lartc@securepipe.com> To: "Jihoon Chung" <jhchung@lab.sig-n.com> Cc: <lartc@mailman.ds9a.nl> Sent: Friday, September 05, 2003 6:07 PM Subject: Re: [LARTC] where is "equalize" kernel patch?> Jihoon, > > [ snip ] > > : Now, where can I find > : this patch ? > : (I''m using kernel 2.4.21) > > I believe this is one of Patrick McHardy''s patches: > > http://trash.net/~kaber/ > > -Martin > > -- > Martin A. Brown --- SecurePipe, Inc. --- mabrown@securepipe.com > > _______________________________________________ > LARTC mailing list / LARTC@mailman.ds9a.nl > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ >_______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
Hi. I''m trying to enable a firewall on my linux router. eth0 router: Internet Connection eth1 router: LAN connection I want allow to my LAN users: browse web pages, and send and recieve email, and nothing more, because this router is connected to a VSAT connection, and upload bandwidth is very small. Also, I need to manage Linux router from a Internet host via ssh and ftp. Is ok next configuracion ? Thank you very much. ... mac iptables -A OUTPUT -p tcp --dport 80 -o eth0 -j ACCEPT iptables -A OUTPUT -p tcp --dport 25 -o eth0 -j ACCEPT iptables -A OUTPUT -p tcp --dport 110 -o eth0 -j ACCEPT iptables -A OUTPUT -p tcp --dport 22 -o eth0 -j ACCEPT iptables -A OUTPUT -p tcp --dport 21 -o eth0 -j ACCEPT iptables -A OUTPUT -p tcp --dport 20 -o eth0 -j ACCEPT iptables -A OUTPUT -p tcp --dport 53 -o eth0 -j ACCEPT iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Protección contra Syn-flood (inundación mediante Syn): iptables -A OUTPUT -p tcp --syn -m limit --limit 1/s -j ACCEPT #Furtivo buscando puertos (port scanner): iptables -A OUTPUT -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT #Ping de la muerte: iptables -A OUTPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT # iptables -A OUTPUT -m state --state NEW -i ! ppp0 -j ACCEPT iptables -A OUTPUT -j DROP _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
I forget next data: Kernel 2.4.20 iptables 1.2.8 iproute (last stable) RH72 :-) -> -> Hi. -> -> I''m trying to enable a firewall on my linux router. -> -> eth0 router: Internet Connection -> eth1 router: LAN connection -> -> I want allow to my LAN users: browse web pages, -> and send and recieve email, and nothing more, because -> this router is connected to a VSAT connection, and -> upload bandwidth is very small. -> -> Also, I need to manage Linux router from a Internet -> host via ssh and ftp. -> -> Is ok next configuracion ? -> -> Thank you very much. -> ... mac -> -> -> iptables -A OUTPUT -p tcp --dport 80 -o eth0 -j ACCEPT -> iptables -A OUTPUT -p tcp --dport 25 -o eth0 -j ACCEPT -> iptables -A OUTPUT -p tcp --dport 110 -o eth0 -j ACCEPT -> iptables -A OUTPUT -p tcp --dport 22 -o eth0 -j ACCEPT -> iptables -A OUTPUT -p tcp --dport 21 -o eth0 -j ACCEPT -> iptables -A OUTPUT -p tcp --dport 20 -o eth0 -j ACCEPT -> iptables -A OUTPUT -p tcp --dport 53 -o eth0 -j ACCEPT -> iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -> -> -> # Protección contra Syn-flood (inundación mediante Syn): -> iptables -A OUTPUT -p tcp --syn -m limit --limit 1/s -j ACCEPT -> -> #Furtivo buscando puertos (port scanner): -> iptables -A OUTPUT -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m -> limit --limit 1/s -j ACCEPT -> -> #Ping de la muerte: -> iptables -A OUTPUT -p icmp --icmp-type echo-request -m limit -> --limit 1/s -j ACCEPT -> -> -> # iptables -A OUTPUT -m state --state NEW -i ! ppp0 -j ACCEPT -> iptables -A OUTPUT -j DROP -> _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
On Wednesday 10 September 2003 15:09, ThE PhP_KiD wrote:> I forget next data: > > Kernel 2.4.20 > iptables 1.2.8 > iproute (last stable)Thx for the information, but this mailing list is to discuss problems about iproute2+tc. So for problems about traffic shaping with tc and advanced routing problems. Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.oftc.net _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/