search for: extif

...and if there is any bandwidth left, proceed with the class with the next lower prio. That doesnt happen, any excess b/w will be spread all across the classes/prios. Now here is the script: -------------------------------------------- #!/bin/bash # # Shell-Skript fuer Quality of Service mit HTB # EXTIF=ppp0 INTIF=eth0 if [ "$1" = "start" ]; then ############ # Outgoing ############ ## Root /sbin/tc qdisc add dev $EXTIF root handle 1:0 htb default 400 ## Hauptklasse /sbin/tc class add dev $EXTIF parent 1:0 classid 1:1 htb rate 380kbit ceil 380kbit /sbin/tc class add dev $EXTIF...

...trol user bandwidth (download/upload) and I made a script as below to test. I am testing using ttcp tool from by linux box to other linux (192.168.200.51). my box <---- Linux = more than 128kbit mybot -----> Linux = get 128kbit But I want to control both ways, what am I missing? script: EXTIF=eth0 INTIF=eth1 TC=/sbin/tc DOWN=128 UP=64 IP=192.168.200.201 ################## # $TC qdisc del $EXTIF root 2> /dev/null > /dev/null # $TC qdisc add dev $EXTIF root handle 0: htb default 1 $TC class add dev $EXTIF parent 0: classid 1 htb rate 128Kbit ceil 128Kbit # $TC filter add dev $EXTIF...

...ly :) vapreki che ne e freebsd-specific :P ne sym go pisal az a i ne sam mnogo mnogo zapoznat s pf zatova ako nqkoi moje da pomogne e dobre doshyl :) btw moje i neshto ot tia opcii kato set timeout i optimization da e :] Macros: define common values, so they can be referenced and changed easily. extif="fxp1" # replace with actual external interface name i.e., dc0 intif="fxp0" # replace with actual internal interface name i.e., dc1 internal_net="172.16.0.0/16" external_addr="192.168.173.34" loif="lo0" set timeout { interval 30, frag 10 } s...

Hello. I'm moving from a very old Fedora Core 1 to CentOS 4.4, what a change!! Three year ago, I wrote some script (network related) and worked very well. Now, I can put into init.d by means of chkconfig and I restarted the system, but always hang when executing my srcipt (in my new centos 4.4). There a manual for making scripts for init.d? there is some new requirement by which it does not

...ose>. ?I am using NAT and port forwarding to send traffic destined for 137, 138,139, and 445 for BOTH TCP and IP to an internal host of 10.0.0.245. ?This internal host has two network interface cards, 10.0.0.245 and 10.0.0.246. ? Here are my firewall rules: ??$IPTABLES -A PREROUTING -t nat -i $EXTIF -p tcp --dport 137 -d 134.x.x.140 -j DNAT --to-destination 10.0.0.245:137 ??$IPTABLES -A PREROUTING -t nat -i $EXTIF -p udp --dport 137 -d 134.x.x.140 -j DNAT --to-destination 10.0.0.245:137 ??$IPTABLES -A PREROUTING -t nat -i $EXTIF -p tcp --dport 138 -d 134.x.x.140 -j DNAT --to-destination 10.0....

Hi, I am trying to setup a shaper for my linux box and I am experiencing some problems. What I am trying to do is priorizing packets on the egress link, therefore I have setup some prio classes etc. The priorizing seem to work but the problem is that the ceil parameter doesnt seem to work on non leafs. This is what stats show: > class htb 1:1 root rate 3000bit ceil 3000bit burst 1602b/8 mpu

I have a little home network with one Windows 98 PC and a pc running linux. My idea is that as soon as DSL is finally made available to my area (which I keep getting told will be real soon now) I want to route it through the linux box and up to the Windows PC, using IP masquerading, etc. At present I have samba enabled on the unix box which opens up several worthwhile conveniences to me:

...back * 255.0.0.0 U 0 0 0 lo default 192.168.253.254 0.0.0.0 UG 1 0 0 eth0 ------------------------------------------------------------- firewall from first box: #!/bin/bash IPTABLES=/usr/sbin/iptables #IPTABLES=echo EXTIF="eth0" INTIF="hdlc0" echo " External Interface: $EXTIF" echo " Internal Interface: $INTIF" echo " Clearing existing rules" $IPTABLES -P INPUT ACCEPT $IPTABLES -F INPUT $IPTABLES -P OUTPUT ACCEPT $IPTABLES -F OUTPUT $IPTABLES -P...

Hello, I'm trying to set up port forwarding in IPTABLES and so far it's working great from the internet, but when I attempt from my internal LAN using the External IP address, it fails. EXTIF="eth0" INTIF="eth1" EXTIP="xxx.xxx.xxx.xxx" INTNET="192.168.1.0/24" INTIP="192.168.1.1" PORTFWIP="192.168.1.13" >From the internet, if I type in http://xxx.xxx.xxx.xxx:81 it works. When use a computer on my LAN and type in http://19...

...during other users downloading and i want to keep my voicechat useable ... i need low latency It would be nice if you could help ... I am happy about every answer :) using: gentoo p200mmx 64mb ram 2.4.20 kernel my script: ### Traffic Shaper ## down 768kbit ## up 128kbit tc qdisc add dev $EXTIF root handle 1:0 htb default 13 tc class add dev $EXTIF parent 1:0 classid 1:1 htb rate 16kbps ceil 16kbps prio 0 # Gamevoice tc class add dev $EXTIF parent 1:1 classid 1:11 htb rate 3kbps ceil 14kbps prio 0 # Bnet tc class add dev $EXTIF parent 1:1 classid 1:12 htb rate 7kbps ceil 14kbps prio 1 # N...

...I'm not sure. I have tried to telnet to port 389 but it is refused. All other services run fine. I user the iptables ruleset found in the IP-Masquerade HowTo. Below is the ruleset I follow for opening ports for external access. For some reason it won't open 389. $IPTABLES -A INPUT -i $EXTIF -m state --state NEW,ESTABLISHED,RELATED \ -p tcp -s $UNIVERSE -d $EXTIP --dport 389 -j ACCEPT Where $EXTIF = eth0 and $EXTIP = my ipaddress Does anyone know what I may be doing wrong? TIA

Hello, I have a webcam that I wish to view from the internet. It is a wireless linksys model with an ip address of 192.168.1.15. I have it set on port 8081, 192.168.1.15:8081. I am using the IP Masquerade HowTo script. Here's the rule I added to my firewall script: EXTIF="ppp0" INTIF="eth1" EXTIP="`$IFCONFIG $EXTIF | grep inet | cut -d : -f 2 | cut -d \ -f 1`" $IPTABLES -A FORWARD -i $EXTIF -o $INTIF -p tcp --dport 8081 -m state \ --state NEW,ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A PREROUTING -t nat -p tcp -d $EXTIP --dport 808...

Hi! I have some problem in my asterisk 1.4.2, I've installed it on centOS 5.2 and this didn't accept voip QoS and can't route the packets having voip QoS. So I should change voip packets to be routing with centOS. I want to use iproute2 but i don't what to do after installing iproute2. Anyone could help me please? -------------- next part -------------- An HTML attachment was

Hello, I''m wondering which of these filters is the best method for filtering ACK packages to achieve lowest delay possible on a dsl-link. This one ist from the wondershaper from the lartc-site: /sbin/tc filter add dev $EXTIF parent 1:0 protocol ip prio 0 u32 \   match ip protocol 6 0xff \   match u8 0x05 0x0f at 0 \   match u16 0x0000 0xffc0 at 2 \   flowid 1:10 Thats a suggestion from the german computer magazine c''t: iptables -A POSTROUTING -t mangle -o $EXTIF -p tcp -m length --length :64 -j MARK --set-m...

...ill initialize the firewall when executed. # Created on 11 Mar 2004 # echo -e "\n\nLoading firewall..\n" # Location of iptables and kernel module programs IPTABLES=/sbin/iptables DEPMOD=/sbin/depmod MODPROBE=/sbin/modprobe IFCONFIG=/sbin/ifconfig # Set external and internal interfaces EXTIF="ppp0" INTIF="br0" FILTER_NET="192.168.0.0/16" echo " External Interface: $EXTIF" echo " Internal Interface: $INTIF" #-------------------------------------------------- #----- No editing is required below this line ----- echo -en " loa...

...tensions.conf: [sipgate-test] exten => _X.,1,Answer() exten => _X.,n,GoTo(home,447,1) [home] exten =>447,1,NoOp(${CALLERID(num)}) exten =>447,n,NoOp(${CALLERID(all)}) exten=>447,n,Dial(SIP/nhi-riverside-sip) And iptables on the router for Asterisk A: $IPT -t nat -A PREROUTING -i $EXTIF -p udp --dport 5060 -j DNAT --to 10.10.10.180:5060 $IPT -A FORWARD -p udp --dport 5060 -m state --state NEW -d 10.10.10.180 -j ACCEPT # for sip, also port forward rtp ports $IPT -t nat -A PREROUTING -i $EXTIF -p udp --dport 10000:20000 -j DNAT --to 10.10.11.180 # sip rtp $IPT -A FORWARD -i $EX...

...x kernel 2.6 native ipsec don't create ipsec* interface (if I am not wrong this is something backported on kernel 2.4 RHEL3) just add a route to remote network through eth0, so if I want to ssh the vpn server on his internal ip from the other side of the vpn I need $IPTABLES -A INPUT -i *$EXTIF* -s $MYEXTNETWORK -d $INTIP -p tcp -m tcp --dport 22 -j ACCEPT and this is true for any other rule I would use ipsec0 in, I have to use $EXTIF. Even if I am going to set sshd to listen on a different port, I am a little worried this could harm my machine in any way. Comments are welcome Have...

Easy question here: I have a test network that looks like this (apologies for my lack of ascii skills): [hostc]---------------[Firewall]192.168.42.1 (EXTIF: eth0) /10.0.0.1 (INTIF: eth1) 192.168.42.10 (wan) |(lan) | +-------------[hosta] 10.0.0.10 (port 4242) | +-------------[hostb] 10.0.0.20 (port 2424) All of those machines are vms I create...

...ded commented option for IRC nat module #            - Added additional use of environment variables #            - Added additional formatting #       0.63 - Added support for the IRC IPTABLES module #       0.62 - Fixed a typo on the MASQ enable line that used eth0 #              instead of $EXTIF #       0.61 - Changed the firewall to use variables for the internal #              and external interfaces. #       0.60 - 0.50 had a mistake where the ruleset had a rule to DROP #              all forwarded packets but it didn''t have a rule to ACCEPT #              any packets to b...

...tc.netfilter.html CONFIG_IP_ADVANCED_ROUTER, CONFIG_IP_MULTIPLE_TABLES and CONFIG_IP_ROUTE_FWMARK is enabled in the kernel. I have added the line "201 tunnel.out" to /etc/iproute2/rt_tables . After the PPTP tunnel comes up, the following is run. $TUNNEL is the PPTP tunnel (ppp0), and $EXTIF my regular WAN interface (eth1). # Open firewall for the tunnel. iptables -A FORWARD -i ${TUNNEL} -o eth0 -m state --state \ ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -o ${TUNNEL} -j ACCEPT iptables -t nat -A POSTROUTING -o ${TUNNEL} -j MASQUERADE # Mar...