search for: ipabl

> From: "Roy" <roy@xxx.lt> > > I want to set interface to promisc mode and do all routing with iptables. > Is it somehow possible? as I see now kernel do not pass everything to > ipables. > > Basicaly I want to ignore ethernet addess and use only ip for routing. > > I suppose this may require writting special kernel driver or it > is possible > in other way? Probably you need only a kernel patched with ebtables/br-nf and use iptables extensions ROUTE, TTL/ttl,...

hello list, i have a small question regarding the imq patch from www.linuximq.net by default it makes only 2 devices. how can i add interfaces (imqX)? applying the patch to a linux kernel doesn''t let me build it as a module. thanks in advance, adrian _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc

...;'t remember when it happened, or if it coincided with a shorewall update, but if I have shorewall "running", my 100mbps connection is limited to about 1-6mbps per connection. This is with TC/Shaping/QoS disabled or enabled. I have no idea if its shorewall doing something funky or ipables or what, but if I stop shorewall, I can download from a vps I have at upwards of 10MB/s or more. With shorewall started, I get 300KBps max. That said, it seems to be a per connection limit. I can get multi MB/s speeds when downloading a debian iso over bittorrent for instance. I''ve...

Reading along the Net it seems that MAC marking is not working with egress HTB (because ipables marks packages based on --mac-source ). So my only choice is using ingress or u32. So this is how I did it: I called bellow script add_shaping DEV="eth0" tc qdisc add dev $DEV root handle 1: htb default 20 tc class add dev $DEV parent 1: classid 1:1 htb rate 200kbps ceil 200kbps tc c...

--SLDf9lqlvOQaIe6s Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Everybody! The netfilter core team proudly announces: The new netfilter/ipables project homepage. http://www.netfilter.org/ http://www.iptables.org/ as well as the old locations: http://netfilter.gnumonks.org/ http://netfilter.samba.org/ http://netfilter.filewatcher.org/ As we all know, the old homepage was quite OK for a small development project during the 2.3.x ser...

Hi Alex, and thanks for your time. Probably not. The servers are only configured like they where when they where parallel to the fw. Just the default gateway, same as for the external interface on the fw. That''s what the documentation instructed to configure the servers using arp. But is it required with extra configuration on the server connected via proxy arp? Or is it some parameter

Hi, I want to see bandwidth every ip address in the local network that passing my linux gateway in the console, may be it''s similar like mrtg (web based version) It''s possible ? Best regards, >--<Kristiadi Himawan>--<

...st are NATed and where the packet will really go. This can also lead to those ICMP error packets being dropped by stateful firewalls not recognizing the related connection. Vulnerable versions =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D All kernel patches from iptables package < ipables-1.2.6a are vulnerable. All versions of kernel >=3D 2.4.4 and up to (at least) 2.4.19-pre6 use a vulnerable version. Vendor status =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D The netfilter team has solved this bug with a patch that has been refused for inclusion in the linux kernel. They are work...