similar to: asterisk and iptables

Hi, I just migrated my office's server from Slackware64 14.1 to CentOS 7. So far everything's running fine, I just have a few minor details to work out. I removed the firewalld package and replaced it by a simple Iptables script: --8<---------------------------------------------------- #!/bin/sh # # firewall-lan.sh IPT=$(which iptables) MOD=$(which modprobe) SYS=$(which sysctl)

Hi, I''m having issues with policing my incoming traffic by matching packet marks made by iptables. I''ve checked as many sites and guides as I can find, and I seem to be doing the exact same thing as they all are, but there''s still no success. As such, I was wondering if anyone can have a quick look to see if I''ve done anything obviously stupid? Essentially, I

I thought that the below email would be of interest to LARTC readers. I wasted quite a bit of time tracking down this "feature" (bug?). Any comments that shed light on this would be appreciated. In short, "tc filter" + htb + bridging works only with ip_forward off. Andrew Athan ----------------------------------------------------------------------- All: It seems that

i''ve read your http://lartc.org/howto/lartc.rpdb.multiple-links.html article as well as Advanced IP Routing (esp. chapter 10.4) and still unable to make this thing work. am i that helpless? :) is there anyone to guide me through the multiple ISP setup? into details. i got 2 dsl connections from different ISPs (A and B), both connections use PPPoE, both got assigned with dynamic IPs

Hello! My system is: Internet ADSL(PPPoE) ---> ppp0 [LINUX server(router)] eth0 ---> LAN Server(router) is running on LINUX Slackware 8.1. I have recompiled a 2.4.22 kernel, enabled all QoS support in the kernel config, including HTB. My ADSL bandwidth is 256Kbit/s for download and 64Kbit/s for upload. I use the following HTB+IPTABLES configuration, because I want to reduce bandwith for

Hi, I use for a customer a Linux router/firewall with 1 internal interface connected to the LAN and 3 external interfaces connected to 3 different ISP. I use a kernel 2.6.17 with a routes patch from Julian Anastasov. I mark outgoing FTP traffic for the routing. With the rules below I do not have a problem with the active/normal FTP to connect on FTP server. But the passive FTP does not pass

i''m using one line on eth2 only for web traffic eth1 is my internal line and eth0 is my main line to internet . i''m marking packets like this i have default route on eth0 iptables -t mangle -A PREROUTING -i eth1 -p tcp --dport 80 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1 -p tcp --sport 80 -j MARK --set-mark 66 iptables -t mangle -A PREROUTING -i eth1

Hi.... Help me please!!! I am using Linux Redhat as router of the my network. I am to making NAT and firewall. In my iptables script, I need make 3 MARKs for the same packet, as following # It marks the packets that will go for link ADSL (I have 2 links - adsl 2Mb and ''dedicate link'' 256Mb ) # I am using ''ip rule / ip route'' to make this iptables

Hi i have a debian box working as a router.. it works quite well, now i want to give more than 1 ip.. is it possible to do it? some of them must be an open ip.. i mean.. all ports opened is it possible? how should i do it? Here is my nat.sh script just in case someone wants it.. (comments r in spanish.. and not right) Thanks in advance, #!/bin/sh echo "AthoS LaN Generando

I have 2 internet connections and i;m trying to use squid as transparent proxy but every time squid is using first internet line but i want to use second internet line . i have this settings and without squid it''s working i have default route on the first internet connection. iptables -t nat -I POSTROUTING -o eth2 -p tcp --dport 80 -s 192.168.0.0/24 -d ! 192.168.0.0/16 -j SNAT --to

Hi, with the attached config my gaming ping is still +20ms, even if the line isn''t saturated..can anybody give me a hint how to get a better response time? my line: 1024/128kbit outbound: one htb qdisc for gaming (7kbps) prio 0 ceil 14kbps<- should get more traffic when needed. Htb again for irc and default. inbound: css, irc, p2p, default <- same shema as before, give css

Hi, I am connected to two DSL providers (DSL 1 - 1Mbps downlink/384kbps uplink and DSL 2 - 2Mbps downlink/512kpbs uplink) I would like to only allow ftp, pop3 and http via the DSL 1 and only smtp, ipsec and pptp via DSL 2. How can I do so? Can I use iproute to route these protocols? Below is my ip routing: - # DSL 1 ip route add 2.2.2.208/30 dev eth0 src 2.2.2.210 table 1 ip route add

Dear all, =0D =0D 3 Computers are linked together with cross over cable and computer B is t= he=0D router. =0D =0D Computer A - Starlight Video Server(Solaris) =0D - 192.168.0.11 =0D =0D Computer B - Iptables(Linux) =0D - eth0 - 192.168.0.12 =0D - eth1 - 158.192.92.102 =0D =0D Computer C - Video receiver(Windows) =0D - 158.192.92.105 =0D =0D First =0D # echo "1" >

Hi there. I have followed some documents found here and there, but do not have already success implementing a script using iptables and iproute. What I need is to send all traffic trough an ADSL line, but mail trough an expensive and slow DS0. The mail server lies on the PC acting also as firewall. I include the script. When using that I get some error messages (I found that the flush command

Hey Andreas, how i catch this traffic using L7 filter?, i´ve installed l7 filter now, but i don´t kwnow to use the kind of filter...!!! Can you help me? Thx.- Terraja-based 2007/4/29, lartc-request@mailman.ds9a.nl <lartc-request@mailman.ds9a.nl>: > > Send LARTC mailing list submissions to > lartc@mailman.ds9a.nl > > To subscribe or unsubscribe via the World

Hi, system info: ubuntu 7.04 (Host OS) samba 3.0.24 (installed with apt-get) vmware-server 6.0.1 windows XP (Guest OS) I was using the iptables script provided by iptablesrocks.org. It's been quite useful, but I ran into a problem when I tried to connect samba. Without any iptables rules, I have no problem when connecting host os(ubuntu samba server) from guest os Windows XP. I referenced

Hello. I have a 1024/256kbit ADSL and tried to shape outgoing traffic in order to improve latency. Here is my config. UPLOAD_RATE="256" UPRATE="$[4*$UPLOAD_RATE/5]" (a little smaller) UP70="$[7*$UPRATE/10]kbit" UP30="$[3*$UPRATE/10]kbit" UP20="$[2*$UPRATE/10]kbit" UPRATE="${UPRATE}kbit" IF="eth2" IPTABLES="iptables -t

Alejandro, So, i did try the script that you give to me, and the problems its continues.- Maybe the problem was in the IPTABLES rules, i attach the complete script below: ##################### ifconfig imq0 up tc qdisc add dev imq0 handle 1: root htb default 30 tc class add dev imq0 parent 1: classid 1:1 htb rate 500kbit ceil 2000kbit tc class add dev imq0 parent 1:1 classid 1:10 htb rate

Actually i gave up, i tried and tried and tried so many times, upgrading software falling back to an old version but it didn''t work, that''s it. i can''t do work together tc with iptables and iproute2 when i mark a packet with iptables tc doesn''t recognize them so it falls at the default leaf of the tc''s tree what i like is to mark packets depending on

hi all i m connecting to my samba server from a windows xp client. whenever i started my firewall script the client used to take 4 minutes to connect to the samba server and i run IRIS (sniffer) on my windows xp box it captures a packet as shown below ------------------------------------------------------------------------------------------------------------------------------------- OPTIONS /