Displaying 20 results from an estimated 21 matches for "redton".
Did you mean:
reston
2005 Jan 03
8
load balancing and DNAT
Does anyone know if load balancing and DNAT work well together? I know
that load balancing and NAT do not, but what about a simple port forward?
I can''t apply Julian Anastasov''s patches, because they don''t work with
PPTP patches. :/
Anyhow, a simple:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport xxx -j DNAT --to
yyy:xxx
iptables -I FORWARD -i eth0 -d yyy -p
2014 Nov 23
3
Live Disk Snapshot Not Supported
# virsh snapshot-create-as small snap1 --disk-only --atomic
error: Operation not supported: live disk snapshot not supported with this
QEMU binary
OS used: CentOS 7
#virsh version
Compiled against library: libvirt 1.1.1
Using library: libvirt 1.1.1
Using API: QEMU 1.1.1
Running hypervisor: QEMU 1.5.3
Any help would be greatly appreciated.
Best Regards,
Payes
2006 Oct 12
0
help
...han "Re: Contents of LARTC digest..."
Today''s Topics:
1. Drop packets using tc ? (Ming-Ching Tiew)
----------------------------------------------------------------------
Message: 1
Date: Thu, 12 Oct 2006 10:52:28 +0800
From: "Ming-Ching Tiew" <mingching.tiew@redtone.com>
Subject: [LARTC] Drop packets using tc ?
To: <lartc@mailman.ds9a.nl>
Message-ID: <00ad01c6eda9$74606c50$0100a8c0@newlife>
Content-Type: text/plain; charset="iso-8859-1"
I have a linux bridge in an embedded system with limited tools.
I want to drop these...
2007 Feb 21
10
Split access, load balancing AND forwarding: HOW?
The LARTC howto correctly describes load balancing and split
access for traffic from a machine with multiple ISP connections
(http://www.lartc.org/lartc.html#LARTC.RPDB.MULTIPLE-LINKS) --
*provided* the traffic originates from the machine itself (i.e.
traffic regularly handled by the INPUT and OUTPUT chains of
iptables).
When forwarding traffic from an attached local network, the
following
2007 Sep 05
6
NAT-aware traffic analysis
I have tried using iptraf for my NAT firewall to analyse the IP traffic.
Basically I am faced with this difficulty of related the source IP
to the outgoing interface to the internet, so I am wondering if
anyone has a suggestion for a different ways to do it, or a suggestion
for a better tool.
Details :-
Supposed : eth0 - LAN
eth1 - WAN1
eth2 - WAN2
And then
2007 Jan 23
0
determine internet connection duration
Anyone has idea of what would be the best way to track
connection time some a particular user to the internet ?
Imagine a wifi network where the users will connect to the
system via DHCP ( there is no PPPOE session involved ).
If there is a need to track internet usage based on connection
time ( to the internet ), what would be the best way to track it ?
Appreciate any input or ideas.
2006 Oct 12
0
Drop packets using tc ?
I have a linux bridge in an embedded system with limited tools.
I want to drop these packets from flowing across the bridge,
NETBEUI - TCP port 135-139
UDP port 137-139
TCP/UDP port 445
Also all broadcast and multicast.
Is there a way to accomplish it using ''tc'' ? If the packets cannot
be dropped, I will be happy
2006 Dec 29
3
Using iptables level7/ipp2p match in a bridge
Subject almost says it all, I wonder if there is a way for me
to use iptables matches like l7 and/or ipp2p match in a
bridge ( one ethernet in and one ethernet out ) ?
Regards.
2006 Sep 16
2
Traffic Control in a bridge
Normally when we talk about traffic control, we are talking about
doing traffic control (tc) using a router, ie packets into an
interface and based on routing, they goes out to somewhere else.
However I have a box with two interfaces, eth0 and eth1 added to
a bridge br0 and I would like to perform traffic control via the
two interfaces. Is that supposed to work the same as the router
2004 Nov 01
0
Ipsec route and non-ipsec route
I am machines on IPsec VPN which is a subnet of my bigger
LAN ( ie I have machines on the LAN which is not in the VPN ),
specifically :-
192.168.132.0/29:0 -> internet ---> 192.168.1.192/27:0
( local subnet ---> internet--> remote subnet )
# ip route list
...
192.168.1.192/27 via 21x.18x.11x.8x dev ipsec0
192.168.1.0/24 via 192.168.15.146 dev eth0
...
Now, the machines in the
2004 Jul 02
0
Best throughput routing or least latency routing
Correct me if I am wrong, RIP is kind least hop routing, but
is there a way for me to have best throughput routing or
least latency routing ?
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
2004 Apr 13
0
Re: split route and kernel panic
OK I have sufficient evidence now that my split route
( multipath routing ) is inducing kernel panic and also
frequent connection lost. The split route may not be
the culprit but I can safely say that without using the
split route, my system is perfectly stable.
I have set up the split route according to
http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.rpdb.multiple-links.html
I could use
2004 May 13
0
Multiipath routing - can''t ping links from LAN after default routes
I have a Linux with 3 LAN interfaces doing multipath
NAT to two internet links via ADSL. The question I
have is after I added the default route on each of the
routing table, I can''t ping the external interfaces of the
Linux from the LAN ( pinging from the Linux itself is
OK ). But pinging beyond the two external interfaces
( eg the default route ) is OK.
I use symbolic names here :-
2004 May 25
0
Does weight route and nat make sense ?
After many attempts to get weight multipath routing
to work reliable on my NAT firewall, I am beginning to
think, maybe it simply does not make sense to combine
them together.
I get various kinds of problems with this configuration,
especially with long-connecting session ( eg PcAnywhere ).
After various investigations, my conclusion is that
PcAnyWhere has a mechanism to "detect"
2004 May 31
1
skip other iptables marking if packet is already marked
I have many iptables setmark commands, but as soon
as there is one match, I would like to skip all the rest.
How to do this.
-------not-working-not-mark-zero-is-not-accepted---------
iptables -t mangle -A PREROUTING ..... -j MARK --set-mark .....
iptables -t mangle -A PREROUTING -m MARK ! --mark 0 -j ACCEPT
iptables -t mangle -A PREROUTING ..... -j MARK --set-mark .....
iptables -t mangle -A
2005 Mar 23
1
syn flood protection - inside initiated attacks
Perhaps someone will help me on this :-
I have read a lot of examples of syn flood protect on the INPUT chain.
That I have no question at all.
I wonder if it make sense to perform syn flood protection
at the FORWARD chain ? If packets are originated from a
LAN worm, and are not targetted at the firewall itself, but
rather at hosts in the internet, will it cause problem with
the firewall itself,
2008 Jun 12
3
Dial Command Option D Early Bridged
Dear All,
The documentation of the Dial Command, says the following about Option D:
D([called][:calling]) - Send the specified DTMF strings *after* the called party has answered,
but before the call gets bridged.
However, in my experience, the timing the call get bridged is not consistance,
sometimes even before sending the DTMF strings.
Anyone share this experience?
How to make sure
2004 Aug 02
5
Route policy preference value
Assuming if I have rules matching the same packet,
the one chosen is the lower preference value or
the high ?
For example
# ip rule list
....
100 from 192.168.1.0/24 lookup main
200 from all fwmark 5 lookup first
.....
Packet is matching both rules, the one with priority/preference
100 or 200 is selected ?
_______________________________________________
LARTC mailing list /
2007 Feb 05
2
tc filter matches ip fileds inside pppoe frames
I have a requirement which I guess it is not too unusually, however I haven''t
quite figured out how to do it and couldn''t find any examples which handle that.
I have made myself a Linux-based bridge, eth0 bridged with
eth1 to form br0.
In this bridge, I run ''tc'' script to handle QoS.
So far nothing unusual.
However, what''s different is that this
2007 Sep 27
5
QoS for VoIP
As you are probably aware, this is a ever green topic.
I have personally tried doing it, testing it and verifying it
and I am myself finding this problem challenging and frustrating.
Most of the scripts will recommend some form of rate limiting
( or policing ) on the download. But the challenge is how to
determine the correct value for the policing ?
Lot of the recommendation says use x %