search for: inet_ifac

..., iproute filter and tc filter.- i mean, when i do iptables -t mangle -A INPUT -p tcp --dport 80 -j MARK --set-mark 20 iptables -t mangle -A PREROUTING -p tcp --dport 25 -j MARK --set-mark 10 iptables -t mangle -A FORWARD -p tcp -i eth0 -o eth1 --dport 25 -j MARK --set-mark 10 $TC qdisc del dev $INET_IFACE root $TC qdisc add dev $INET_IFACE root handle 1: htb default 60 $TC class add dev $INET_IFACE parent 1: classid 1:1 htb rate 2048kbit burst 2k $TC class add dev $INET_IFACE parent 1:1 classid 1:10 htb rate 10kbit ceil 128kbit prio 5 quantum 1 burst 2k $TC qdisc add dev $INET_IFACE parent 1:10 h...

Hello All, I have a strange problem regarding samba 3.0.37 I have samba server installed in the local network behind NAT, the router iptables are configured as follows: #samba $IPT -t nat -A PREROUTING -i $INET_IFACE -p udp -d $INET_IP -m multiport --dports 137,138 -j DNAT --to-destination $FILESERV $IPT -t nat -A PREROUTING -i $INET_IFACE -p tcp -d $INET_IP -m multiport --dports 139,145 -j DNAT --to-destination $FILESERV #samba $IPT -A FORWARD -p udp -m state --state NEW -i $INET_IFACE -d $FILESERV -...

...caused by link owerloading and large packet loss.But my priority is cs trafik. I need to priorize this trafik(i know cs have many litle packets) but i need to priorize my cs server.And i need your help.I try wondersharper but without results. With this script i start my box now:(is this correct?) INET_IFACE=eth0 INET_NET=62.85.71.0/28 INET_GW=62.85.71.1 INET_IP=62.85.71.10 INET_BCAST_ADRESS=62.85.71.15 INET_MASK=255.255.255.240 DSL_IFACE=eth2 DSL_NET=81.198.4.0/28 DSL_GW=81.198.4.1 DSL_IP=81.198.7.159 DSL_BCAST_ADRESS=81.198.7.255 DSL_MASK=255.255.252.0 LAN_IFACE=eth1 LAN_IP=10.10.10.0 LAN_NET=10.10....

...ven though the echo request/reply packets are clearly flying across it. Look for yourself if you don''t believe me. Here is my traffic shaping script. Again, pretty basic stuff - nothing fancy. And it isn''t relevant to my issue. TC="/sbin/tc" $TC qdisc del dev $INET_IFACE root $TC qdisc del dev $TRUSTED1_IFACE root $TC qdisc del dev $DMZ_IFACE root $TC qdisc add dev $INET_IFACE root handle 1: prio # This *instantly* creates classes 1:1, 1:2, 1:3 $TC qdisc add dev $TRUSTED1_IFACE root handle 2: prio # This *instantly* creates classes 2:1, 2:2, 2:3 $TC qdisc add de...

...little problem. I had this some months ago but didn''t solve it back then. I have patched my kernel with Layer 7 support and patched my iptables to support it, too. Now I inserted this line in my firewall script on my router for testing purpose: $IPTABLES -t mangle -A POSTROUTING -o $INET_IFACE -p tcp -m layer7 --l7proto http -j DROP It works, BUT only if the connection is established by a pc BEHIND the router (the connection is blocked). If I try to establish a http connection from the router itself it works completely (layer 7 is NOT working, the connection is working, thats what...

...39;/inet addr/ { gsub(".*:", "", $2) ; print $2 }''` if [ "$TEMP" = '''' ]; then echo "Aborting: Unable to determine the IP of $nic ... DHCP problem?" exit 1 else echo "$TEMP" fi } #### 1.1 Internet Configuration. INET_IFACE="ppp0" INET_IP=`RetrieveIP $INET_IFACE` #### 1.2 Local Area Network configuration. LAN_IFACE="eth0" LAN_IP=`RetrieveIP $LAN_IFACE` LAN_IP_RANGE="192.168.0.0/24" #### 1.4 Localhost Configuration. LO_IFACE="lo" LO_IP="127.0.0.1" #### 1.5 IPTables...

Woops - my fat fingers hit the send key before I could put in a subject a minute ago. Hello - I am using kernel 2.4.27 and running into behavior I don''t know how to explain. I have 2 relevant interfaces. eth0 is external, eth1 is internal. My internal LAN is 10.10.10.0/24. My External range is 1.2.3.0/27 (dummied up). I have an H.323 videoconference device inside my internal

...bin/insmod e100 #/sbin/ifup eth1 ROUTER=`grep routers /var/lib/dhclient/dhclient-eth0.leases | head -1 | awk \ '{print $NF}' | sed 's/;//g'` route add default gw "$ROUTER" # # Sun Apr 3 09:11:44 EDT 2005 ############################## # IPTABLES="/sbin/iptables" INET_IFACE="eth0" OSPREY="192.168.252.3" INET_IP=`ifconfig eth0 | grep 'inet addr' | awk -F":" '{print $2}' | sed 's/ Bcast//'` LAN_IP="192.168.252.5" DHCP="yes" DHCP_SERVER=`grep dhcp-server-identifier /var/lib/dhclient/dhclient-eth0...

Here are some notes I have about Linux bridging. I''ll try to separate what I know I know from what I think I know. Let''s say I want to bridge eth0, eth1, and eth2 together, all with an IP Address of, say, 1.2.3.2. This is how to do it: echo "Setting up br0 to bridge eth0 with eth1 and eth2" /usr/sbin/brctl addbr br0 /usr/sbin/brctl addif br0 eth0

...e-init-tools) so the iptables has to be handled a = little differently. But what's got me is the errors popping up when trying = to start the bridge from this script I'm testing with (syntax OK) -------------------------------------- #!/bin/sh BR_IP=3D"192.168.1.14" BR_IFACE=3Dbr0 INET_IFACE=3D"eth1" LAN_IFACE=3D"eth0" # brctl addbr $BR_IFACE brctl addif $BR_IFACE $INET_IFACE brctl addif $BR_IFACE $LAN_IFACE ifconfig $INET_IFACE 0.0.0.0 ifconfig $LAN_IFACE 0.0.0.0 ifconfig $BR_IFACE up -------------------------------------- which works fine with the 2.4 kernel but...

Hello - What I want to do seems very simple - I want to make sure any H.323 traffic gets processed before anything else entering or leaving this network. The network has a videoconferencing device on the LAN at 192.168.16.4. A Linux firewall NATs an external IP Address to this internal address and I have appropriate SNAT and DNAT rules that work. The NAT and connection tracking rules all work