search for: pubif

...o fragmentation, but I'm only guessing. The dnssec page refered to above indicates there may be a fragment re-assembly issue causing ip6tables problems. Now I'm a newbie to IPv6 so I might be making a mistake. This is my firewall script. #!/bin/bash IPT6="/sbin/ip6tables" PUBIF="sit1" LOCAL="eth0" echo "Starting IPv6 firewall..." $IPT6 -F $IPT6 -X $IPT6 -t mangle -F $IPT6 -t mangle -X #unlimited access to loopback $IPT6 -A INPUT -i lo -j ACCEPT $IPT6 -A OUTPUT -o lo -j ACCEPT # Defaults $IPT6 -P INPUT DROP $IPT6 -...

it's a normal desktop machines iptables firewall: If i want to block udp on dport 80 on the output chain, then is this enough? i want to only allow tcp on it! iptables -P OUTPUT DROP iptables -A OUTPUT -o $PUBIF --dport 80 -j ACCEPT or i need this rule? iptables -P OUTPUT DROP iptables -A OUTPUT -o $PUBIF -p tcp --dport 80 -j ACCEPT the second one is the good one? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/2...

...=OVSBridge STP=off ONBOOT=yes DEVICE=prodif DEVICETYPE=ovs TYPE=OVSBridge STP=off IPADDR=172.22.55.1 NETMASK=255.255.255.240 GATEWAY=172.22.55.14 ONBOOT=yes DEVICE=vpnif DEVICETYPE=ovs TYPE=OVSBridge STP=off ONBOOT=yes ... and nics attached to some of these openvswitches: DEVICE=eth0 OVS_BRIDGE=pubif DEVICETYPE=ovs TYPE=OVSPort ONBOOT=yes DEVICE=eth1 OVS_BRIDGE=prodif DEVICETYPE=ovs TYPE=OVSPort ONBOOT=yes ...

Hi all, I have a strange behavior with a CentOS7 host (fully patched). I have configured nics as old style format: ifcfg- ... due to I need to use openvswitch for my vms. All works well, except when I reboot this server. Systemd spends 6 min. to startup this host!!! .. It stops with: "A start job is running for LSB: Raise network ...". Are not supposed that systemd startups

Hello all, I need a virtual firewall/router solution. I''m thinking of a netscreen 1000 but I want to know if it can be done in Linux. Here is my idea: 1 Linux box 2 GigE interfaces 1 interface setup with a public IP address ($PUBIP) 1 interface setup with 802.1q VLAN trunking with 100 vlans assigned ($VLAN1-$VLAN100) a /25 subnet routed to $PUBIP from my core routers All $VLAN