search for: spidersat

Hi I am currently learning iptables and would like to see the output of shorewall rules in iptables format, as I would like to make a script for the rules instead of using shorewall. Kind Regards William _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

...bug in > CentOS and display htb rates correctly. > > [1] http://freshmeat.net/projects/htb-stats/ > -- > Luciano > > > ------------------------------ > > Message: 8 > Date: Wed, 26 Apr 2006 17:55:03 -0000 > From: "William Bohannan" <william.bohannan@spidersat.net> > Subject: [LARTC] trying to get time control working > To: <lartc@mailman.ds9a.nl> > Message-ID: <003d01c6695a$9220e400$043bdcc1@ACCSSWILLIAM> > Content-Type: text/plain; charset="us-ascii" > > Hi > > I am currently trying to get time control w...

Skipped content of type multipart/alternative-------------- next part -------------- GRANT INSERT ON cdr.* TO root@localhost IDENTIFIED BY '8anana?!'; USE cdr; CREATE TABLE cdr ( uniqueid varchar(32) NOT NULL default '', userfield varchar(255) NOT NULL default '', accountcode varchar(20) NOT NULL default '', src varchar(80) NOT NULL

Currently have a bridge working, would now like to add a third virtual nic so the machine can do nat as well to local users, however after a crazy amount of ready cant seem to get my head around it. Please help. Have a working bridge below (etc/network/interfaces and eth0 is the internet side interface so a virtual interface like eth1:0 would be nice :) auto lo iface lo inet loopback auto br0

Hi I am current trying to set up a guaranteed minimum rate for the leaf (1:1x). Also would I be correct in saying that the quantum is the dividing rule (so if I keep it the same "1532" and keep all the leafs in "1:1x" prio 3 they should all get the same amount of bandwidth shared across them equally?). For example below would the "rate" in the "1:1x" leaf

Having a problem with classid and prio and position. Wondering if someone could help? Below I have pasted a part of my current rules, now it consists of one chain and two pipes. If they both use 60Kbit which one would get priority? Would it be the one with the better prio or the one with the lower classid or would it be the one which is first on the list? /sbin/tc class add dev eth1 parent

Hi I have written my firewall rules and it is working great, blocking p2p with layer7 and ipp2p between pm and 6am, also using ulog to get in all into mysql only problem is when it comes to accounting for the local traffic as all it shows is ip address, I have been looking around for a command to get the "windoz" name from an ip address then a quick script to change the log entries to

Hi use traffic shaping on my local lan and it keeps all drops packets by logging them to mysql via ulogd. Since there is windows and apple users on the network I would like to have their "computer names" instead of ip address to make for easy accounting. Does anyone know of a script or tool to get the ip address of a drop packet and turn it into a computer name (via wins or something

Hi I am using traffic shaping on br0 and working nicely. Only problem is when I nat off br0 with a third nic I run into the following problems when traffic shaping: Wondering if anyone has had success with the following layout??? ______br0(eth0,eth1)---------eth1 --- local network | | (public address)

Hi installed Debian with bridging enabled then I install squid. Squid work if I manually enter proxy setting in firefox. Then I ran the following to make it transparent: echo 1 > /proc/sys/net/ipv4/ip_forward ebtables -t broute -A BROUTING -p IPv4 --ip-protocol 6 --ip-destination-port 80 -j redirect --redirect-target ACCEPT iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80

Hi I am currently trying to get time control working but come up with an error.. /sbin/iptables -t mangle -A ms-chain-eth0-1:11 -m time --datestart 2006:01:26:17:00:00 --datestop 2006:12:26:18:00:00 -j CLASSIFY --set-class 1:111 iptables: Unknown error 4294967295 iptables -m tos -help displays the help for it I am using Debian with kernel 2.6.15-2, iproute2-2.6.16-060323, iptables 1.3.5,

Hi I am currently trying to get time control working but come up with an error.. /sbin/iptables -t mangle -A ms-chain-eth0-1:11 -m time --datestart 2006:01:26:17:00:00 --datestop 2006:12:26:18:00:00 -j CLASSIFY --set-class 1:111 iptables: Unknown error 4294967295 iptables -m time -help displays the help for it I am using Debian with kernel 2.6.15-2, iproute2-2.6.16-060323, iptables 1.3.5,

Hi I am having problems trying to get a time match with iptables 1.3.5 and the latest pom it says time match only works in the prerouting stage but I really need to use the classify command which only works in the postrouting. Does any one have a patch for 2.6 kernel, latest pom and iptables 1.3.5 so time matching can occur in the post routing? machinenemae login: ipt_time loading ipt_time:

Hi I am having problems trying to get a time match with iptables 1.3.5 and the latest pom it says time match only works in the prerouting stage but I really need to use the classify command which only works in the postrouting. Does any one have a patch for 2.6 kernel, latest pom and iptables 1.3.5 so time matching can occur in the post routing? machinenemae login: ipt_time loading ipt_time:

Hi Having a problem trying to figure out how to shape local services running on the debian box (asterisk, squid etc) as currently the voice only seems to be getting shaped one way when making external calls. For example I have the rules below (these are the matching rules only not the actual policy rules): #Create Chain for local traffic (outbound) /sbin/iptables -t mangle -A match-all -m

Not sure this is the correct place to post this but I am looking to have status of the firewall and traffic control (active, disabled, stopped etc) on a webpage controlled via something like pid as the machine has many things running on it, like firewall, traffic control, data collection for graphing the traffic flows, as well as other services like squid etc. Any ideas would be most helpful.

Happy New Year. Finally got my fw and tc rules down pat for the bridge, now interested in introducing a third nic to have nat on the box as well. Does anyone have a idea of a good place to start reading up on the subject, mainly interested in how to setup the flow direction to start with as to get a overall understanding of the flow, found that help best. Internet --- eth0 --- eth1 ---

Hi I have been using Shorewall for a while now and find it very useful and easy to configure, I am learning iptables and having trouble getting the bridge to successfully work with squid, although I get it working with Shorewall straight away? Does anyone know the rules to successfully use squid with a transparent bridge? Internet – router - (bridge eth0 – eth1) – local lan auto lo iface lo

Trying to use the policy drop rule with the bridged firewall, when I removed the first line the transparent proxy works great? It seems a bit strange as from reading several articles on it I thought the following occurs. 1st line - if it doest match it gets dropped on the local filter input. 2nd line - redirects the traffic off the link layer into the network layer ready for line 3. 3rd line -

Currently using physdev on a bridge to try and isolate certain paths across and to the bridge. It all works except when trying to stop the flow in one direction on the FORWARD chain?? Can someone please help?? Below is the testing done so far. eth1 <---> BRIDGE <---> eth0 # Block (eth0 ---> eth1) - blocks both directions and not just one?? iptables -A FORWARD -m physdev