search for: local_out

...d in the OUTPUT chain. > | > Yes -- the ipsec+netfilter patches are applied. Here is the same test > with the bridge removed and the local ip address transfered to one of > the network cards: The problem is ipv4_sabotage_out in the briding code. It prevents the packet from hitting the LOCAL_OUT hook while it is still unencrypted. When it hits the bridging code and its LOCAL_OUT hook it's too late. Not sure how to handle it yet. Regards Patrick

Hi all, I have Asterisk 13 running and I'm currently trying to get PJSIP working on TCP. My transport looks like this. My box is not behind NAT. [transport-tcp] type=transport protocol=tcp bind=0.0.0.0:5061 My endpoint looks like this: [user1] type=endpoint transport=transport-tcp context=local_out disallow=all allow=alaw allow=ulaw allow=g722 auth=user1 aors=user1 direct_media=no rtp_symmetric=yes force_rport=yes rewrite_contact=yes [user1] type=auth auth_type=userpass password=123456 username=user1 [user1] type=aor remove_existing=yes max_contacts=1 I have two endpoints user1 and user 2....

Hello, I''m stuck IPSECing my wireless network at home and would appreciate any comments. I appologize in advance if I''m wasting your time with trivia - I''m not a professional and staring at the problem for days from various angles hasn''t done me any good ... My home server/firewall (morannon) is hooked up through an USB to ethernet adapter (eth1) to my DSL

Poking around in the bridge latency issue I have, I discovered this netfilter patch. http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=2751 In my case I was getting a slew of ip_local_deliver: bad skb: PRE_ROUTING LOCAL_IN LOCAL_OUT POST_ROUTING entries. I didn''t see this on the list so I posted for reference. Regards, Ted _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel

...- Fix PSD match for psd-delay-threshold > 100 [ Steven Coenen, Dennis Koslowski ] - ip6tables alignment fixes=20 [ Andreas Herrmann ] - patch-o-matic: - Fix NAT-related bug in TCP window tracking code [ Jozsef Kadlecsik ] - Fix support for DNAT of locally-originated connections (NAT in LOCAL_OUT)=20 [ Henrik Nordstrom, Harald Welte ] - Fix string match (is now SMP safe) [ Gianni Tedesco ] - Fix TFTP conntrack/nat helper (now also catches first packet) [ Magnus Boden ] Changes from 1.2.5: - Added global PREFIX makefile variable for all paths [ Harald Welte ] - If compiled witho...

...- Fix PSD match for psd-delay-threshold > 100 [ Steven Coenen, Dennis Koslowski ] - ip6tables alignment fixes=20 [ Andreas Herrmann ] - patch-o-matic: - Fix NAT-related bug in TCP window tracking code [ Jozsef Kadlecsik ] - Fix support for DNAT of locally-originated connections (NAT in LOCAL_OUT)=20 [ Henrik Nordstrom, Harald Welte ] - Fix string match (is now SMP safe) [ Gianni Tedesco ] - Fix TFTP conntrack/nat helper (now also catches first packet) [ Magnus Boden ] Changes from 1.2.5: - Added global PREFIX makefile variable for all paths [ Harald Welte ] - If compiled witho...

...n locally generated packets are sent through something like br0.1000. This is what the patch does: - add vlan_dev_hard_start_xmit_p, because br_netfilter.c needs to know the address of vlan_dev_hard_start_xmit(). When the local machine sends a packet through br0.1000, we need to allow filtering in LOCAL_OUT/FILTER on the bridge out port, so we need to be able to postpone the iptables filtering. - add nf_bridge->netoutdev for vlan. When the local machine sends a packet through br0.1000, iptables -o br0.1000 should match instead of iptables -o br0. In the bridge code, it is not known that the out dev...

Among other things, I run an http server on my home DSL line (6M/768kbit). The content includes several large image galleries, and when certain crawlers hit our server w/ multiple large image uploads, we end up with large ping time delays - sufficient to disrupt the kids'' on-line gaming. Attempts to control this with robots.txt has not be very successful; Solaris IPQoS appears quite