search for: oifs

Hi all, I need some guidance to get my problem fixed. I believe there is an issue with the ''nth'' patch from the patch-o-matic, which is labeled as status ''works''. I have tunnels back and forth across the internet, using ''nth'' to balance packets between different public networks (over the tunnels). I need to access some networks over two

Hello, i hope this is the right list! I tried making a firewall for my laptop..it wasn't as terribly difficult as i thought it would be but i'm not sure if i forgot anything. And things can always be done better :) I'm not sure what i should've put under incoming connections... what i have put there now is pretty useless because the default is to deny, but should i accept any

https://bugzilla.netfilter.org/show_bug.cgi?id=1220 Bug ID: 1220 Summary: Reverse path filtering using "fib" needs better documentation Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: nft

Hi , this probably was asked many times before , but here it goes.. Until now i was using dsl_qos_queue - http://www.sonicspike.net/software/ Which limits outbound traffic and does packet priorites with iptables using MARKed packets.. works very well , I run a ftpserver + webserver so it''s usefull to set these 2 with lowest priority and my multiplayer gaming running on certain UDP ports

Hi there, Is there some way to configure ipfw to do traffic normalizing ("scrubbing", as in ipf for OpenBSD)? Is there any tool to do it for FreeBSD firewalling? I've heard that ipf was ported on current, anything else? TIA, /Dorin. __________________________________ Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want. http://antispam.yahoo.com/tools

https://bugzilla.netfilter.org/show_bug.cgi?id=884 Summary: the rule of TEE target with '--oif' option cannot be deleted. Product: iptables Version: 1.4.x Platform: i386 OS/Version: Fedora Status: NEW Severity: minor Priority: P5 Component: iptables AssignedTo:

In my recent security email, I got the following errors: cantona.dnswatchdog.com login failures: Aug 20 02:37:19 cantona sshd[9444]: fatal: Write failed: Operation not permitted Aug 20 04:30:42 cantona sshd[16142]: fatal: Write failed: Operation not permitted Aug 20 21:21:51 cantona sshd[45716]: fatal: Write failed: Operation not permitted So three questions: What is it? Should I be worried?

The man page gives this example, however, when I attempt to use it, it seems to block the whole set? Could someone tell me what's going wrong here please. Thanks heaps.. This works, ${fwcmd} add deny log all from any to 203.1.96.1 in via ${oif} This blocks the whole IP block, not just the list? ${fwcmd} add deny log all from any to 203.1.96.0/24{2,6-25,27-154,156-19

https://bugzilla.netfilter.org/show_bug.cgi?id=1221 Bug ID: 1221 Summary: "fib" produces strange results with an IPv6 default route Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5

dear useRs and developeRs, I am afraid it is a very basic question, but I did not find anything alike in the literature. The R standard graphics device shows the opportunity to activate the history of plots drawn within the current session. Th user can scroll back and see the last graphs (or same graph with some changes in parameters). I did not find out yet how to activate the history by code.

First of all, I''d like to thank Andy Furniss for his direction and for helping me get a working example up and running. For the following set up to work, you will need a linux computer at the ISP (server), a linux computer at the client location (client), and some a public range of IP''s you plan to send down to your client. (as this configuration involves patching the linux

https://bugzilla.netfilter.org/show_bug.cgi?id=1761 Bug ID: 1761 Summary: nft_fib checks only the main route table when iif is a slave of a master vrf interface Product: nftables Version: 1.0.x Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5

https://bugzilla.netfilter.org/show_bug.cgi?id=1057 Bug ID: 1057 Summary: Allow for multiple protocols to be specified in a rule Product: nftables Version: unspecified Hardware: x86_64 OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at

I seem to be stumped on this one. I have TCP packets destined to my external interface from 127.0.0.1 (Ack+Reset zero data) with source MAC of my default gateway and I can't seem to block this traffic. Snort picked up the traffic and I have confirmed with tcpdump. So I decided I needed to examine my anti-spoof rules. I already had this one deny ip from any to 127.0.0.0/8 in recv

https://bugzilla.netfilter.org/show_bug.cgi?id=1397 Bug ID: 1397 Summary: What am I doing wrong!? Product: nftables Version: unspecified Hardware: x86_64 OS: other Status: NEW Severity: normal Priority: P5 Component: nft Assignee: pablo at netfilter.org Reporter:

Hi. We just opened a gaming center and have chosen to run a FreeBsd box for our firewall. IPFW is configured at it's very basic running natd through rl0 and allowing any to any connections from the lan to the outer world. Natd controls access to the lan. We have a 6.0 mb/s ADSL net connection for all the gaming clients to use, however if a gamer starts downloading a file, that file

https://bugzilla.netfilter.org/show_bug.cgi?id=1673 Bug ID: 1673 Summary: bug egress hook virtio interface with VLAN Product: nftables Version: 1.0.x Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: kernel Assignee: pablo at netfilter.org

https://bugzilla.netfilter.org/show_bug.cgi?id=1672 Bug ID: 1672 Summary: bug egress hook virtio interface with VLAN Product: nftables Version: 1.0.x Hardware: All OS: other Status: NEW Severity: normal Priority: P5 Component: kernel Assignee: pablo at netfilter.org

In my project, I tried to use iptables, instead of bridge, to direct networking traffics from one VM to another in one host. What I am doing is I delete xen-br0, and I have two VMs that have IP addresses of 10.8.0.51 and 10.8.0.52. I use iptables -t mangle -A FORWARD -d 10.8.0.51 -j ROUTE --oif vif1.0 iptables -t mangle -A FORWARD -d 10.8.0.52 -j ROUTE --oif vif2.0 vif1.0 and vif2.0 are the

The man page gives this example, however, when I attempt to use it, it ssems to block the whole set? Could someone tell me what's going wrong here please. Thanks heaps.. This works, ${fwcmd} add deny log all from any to 203.1.96.1 in via ${oif} This blocks the whole IP block, not just the list? ${fwcmd} add deny log all from any to 203.1.96.0/24{2,6-25,27-154,156-19