similar to: Routing packets in and out

Hello, I'm trying to set up port forwarding in IPTABLES and so far it's working great from the internet, but when I attempt from my internal LAN using the External IP address, it fails. EXTIF="eth0" INTIF="eth1" EXTIP="xxx.xxx.xxx.xxx" INTNET="192.168.1.0/24" INTIP="192.168.1.1" PORTFWIP="192.168.1.13" >From the internet,

ei tuka imam edin pf conf obache pravi mnogo nomera, kato se pusne parvoto koeto e dropva paketi, timeoutva po serverite i t.n.. i speed-a e mnogo baven, vijte ako nqkoi moje da otkrie generalna greshka da reply :) vapreki che ne e freebsd-specific :P ne sym go pisal az a i ne sam mnogo mnogo zapoznat s pf zatova ako nqkoi moje da pomogne e dobre doshyl :) btw moje i neshto ot tia opcii kato set

Okay here is my setup: Gentoo Box running 2.6.4 w/ 4 NICs 1 NIC is for internal network 3 NICs are for external network The machine has a static address assigned to the internal network nic. This nic runs dhcp and dns forwarding. The other 3 nics have external dynamic IP addresses. All will have the same gateway. There are 3 NICs because this is a very large pipe, that will only allocate a

Hi, I am trying to have some routing done between two subnets. One is 192.168.1.0/24 and has my LAN computers running a mix of Windows 98/XP clients. There are two linux machines on this network running Samba. Another is 192.168.0.0/24 and has the other LAN. Only my linux machines have two NICs, one for each LAN. I am trying out one of these linux machines to be the gateway for both the

I am using the madwifi driver with the patch to allow changing of the MAC address and I have two other ethernet interfaces plus a pppoe interface. My outbound connection is ppp0. I have ath0, eth1, eth2 for internal interfaces. I have added these three interfaces to br0. Once the traffic leaves the linux router, it gets NAT'd and goes out through ppp0. All traffic on all segments works

Hello, I have a webcam that I wish to view from the internet. It is a wireless linksys model with an ip address of 192.168.1.15. I have it set on port 8081, 192.168.1.15:8081. I am using the IP Masquerade HowTo script. Here's the rule I added to my firewall script: EXTIF="ppp0" INTIF="eth1" EXTIP="`$IFCONFIG $EXTIF | grep inet | cut -d : -f 2 | cut -d \ -f

Easy question here: I have a test network that looks like this (apologies for my lack of ascii skills): [hostc]---------------[Firewall]192.168.42.1 (EXTIF: eth0) /10.0.0.1 (INTIF: eth1) 192.168.42.10 (wan) |(lan) | +-------------[hosta] 10.0.0.10 (port 4242) | +-------------[hostb]

Hi all, I need a little help, i am studing htb to control user bandwidth (download/upload) and I made a script as below to test. I am testing using ttcp tool from by linux box to other linux (192.168.200.51). my box <---- Linux = more than 128kbit mybot -----> Linux = get 128kbit But I want to control both ways, what am I missing? script: EXTIF=eth0 INTIF=eth1 TC=/sbin/tc DOWN=128

Hi, this is a followup to "Problem with HTB and ceil", the problem with the ceiling has been resolved, thanks to the memebers on this m/g. Now I have the problem that packets get into the correct classe with the correct marks but the prios are not respected. I have 4 different classes: 1. voip class / prio 0 / mark 100 / voip traffic 2. ACK class / prio 1 / mark 200 / ACK packets to

I suppose a few questions pop up on this list about access Samba through a firewall. ?I have been very successful running Samba through a firewall, until today. ?I hit a stumbling block. I have a Linux Firewall with the public IP Address of 134.x.x.140 <it is not the exact ip address, but close>. ?I am using NAT and port forwarding to send traffic destined for 137, 138,139, and 445 for BOTH

Hi, What do you think about this solution for skype specific QoS: function HTB_shape { ########################################################### # Shapes the traffic of an interface, limiting the late # # Arguments are DEV,RATE DEV=$1 RATE=$2 [...] PORT=dport if [ $DEV == $EXTIF ]; then PORT=sport fi iptables -t mangle -A MYSHAPER-$DEV -p tcp --$PORT 4000 -j MARK --set-mark

Hi there. I have followed some documents found here and there, but do not have already success implementing a script using iptables and iproute. What I need is to send all traffic trough an ADSL line, but mail trough an expensive and slow DS0. The mail server lies on the PC acting also as firewall. I include the script. When using that I get some error messages (I found that the flush command

Hi, This is the first time I write to the list. My english is not so good, but I hope I''ll be understood. I have 4 adsl routers, plugged on a linux box, and this box e used to connect to a local network. The linux box has 5 NICs. eth0: local network inet 10.0.0.56/24 brd 10.0.0.255 scope global eth0 eth1: adsl router 1 inet 192.168.254.1/24 brd 192.168.254.255 scope global

Hello all, My set up is a fractionated t1, with 1-6 voice channels, 21-24 data channels. I have a t100P installed in a amd 1500 with 512meg. Question: In order to set up the data channels, is the following correct? 1) compile new kernel with generic hdlc support 2) compile hdlc from hq.pm.waw.pl/hdlc 3) uncomment KFLAGS+=DConfig_ZAPATA_NET in zaptel makefile 4) compile zaptel, 5 compile rest

Hello All, I am battling a problem I don't know how to fix... Here is the scenario: Fractionated T1 with 1-6 channels voice, 21-24 channels data. Comes into a box with Digium T100P, splits off data channes with HDLC, to devicec pvc0, This works fine, but I have a routing problem getting to my machines! Here is the current set up... sethdlc hdlc0 fr lmi ansi sethdlc hdlc0 create 44

Hi! I have configured traffic shaping with htb and imq but when i am downloading the latency for example on the Bnet class is very high ..... example: 65 kb/s download best latency: 56ms lateny on bnet class while downloading: 400 350 250 350 400 100 300 200 80 200 300 250 ..... To get informations about latency i am marking ping packets with iptables. I want to play during other users

Gents, first of all thanks for tinc, and thanks in advance for your advice. At the risk of revealing my stupidity and opening myself to ridicule.... I am trying to connect a new remote lan into an existing tinc vpn with the central tinc vpn server located at 10.57.132.1 on the 10.57.132.0/24 subnet. I set up this central tinc vpn server myself along with several other remote lans linked to

Hello. I'm moving from a very old Fedora Core 1 to CentOS 4.4, what a change!! Three year ago, I wrote some script (network related) and worked very well. Now, I can put into init.d by means of chkconfig and I restarted the system, but always hang when executing my srcipt (in my new centos 4.4). There a manual for making scripts for init.d? there is some new requirement by which it does not

Hello, I am trying to get LDAP running. So far, the server is running but I cannot connect to port 389 or the server using webmin or phpldapadmin. It could be my ISP has blocked this port but I'm not sure. I have tried to telnet to port 389 but it is refused. All other services run fine. I user the iptables ruleset found in the IP-Masquerade HowTo. Below is the ruleset I follow for

Hello, I''m wondering which of these filters is the best method for filtering ACK packages to achieve lowest delay possible on a dsl-link. This one ist from the wondershaper from the lartc-site: /sbin/tc filter add dev $EXTIF parent 1:0 protocol ip prio 0 u32 \   match ip protocol 6 0xff \   match u8 0x05 0x0f at 0 \   match u16 0x0000 0xffc0 at 2 \   flowid 1:10 Thats a suggestion