similar to: iptables question

Hi All , My first message and I have a little problem with my FC6 box trying to block emule traffic using layer7 . Here my network : Internet --------- ADSL Router ------------------- FC6 Box -------------------- Emule Box external ADSL : Dynamic Internal ADSL : 192.168.254.1 external FC6 : 192.168.254.3 internal FC6 : 192.168.253.1 Emule Box : 192.168.253.3 I guess that everything

Hi! Before anything, here is my hardware/software informations : Hardware : -IBM x345, 1 CPU, 1G RAM, IBM ServeRAID controlle -6 HD used with LVM, 2 volume group, 12 logical volumes all running ext3 Software : -RedHat Linux Enterprise AS (Academic) 3.0 update 1 -Kernel 2.4.21-4.0.2.EL -samba-3.0.2-6.3E -Running an apache 2 web server -On normal use, there is only 10-15 computers

Hello: I have a machine running CentOS 5 x86_64. It is running apache httpd and tomcat. For some reason, after running for a few days, web requests stop responding. It happened again this morning. I check the syslog and see a HUGE number of logs like this: OUTPUT IN= OUT=eth0 SRC=[MyIP] DST=[OutsideIP] LEN=532 TOS=0x00 PREC=0x00 TTL=64 ID=52669 DF PROTO=TCP SPT=80 DPT=54697 WINDOW=61

I've been seeing this kind of crap now for some time, and only in the past couple of weeks did I realize I was using the Plus Kernel instead of the normal stock kernel. Could this have something to do with it? Messages also appear mentioning something about a PowerNow K-8, which I thought was something you'd see from an AMD processor, not a quad core intel 64 bit box. Any insight

Hi all, I''m tring to isolate P2P traffic, specifically BitTorrent, for my QoS scripts. I can''t seem to completely isolate ALL BitTorrent traffic. I identify & mark packets and then use tc filters to put them into appropriate classes. My firewall rules (below) do the markings. My VoIP boxes'' and ICMP traffic get highest priority (mark 1). Then comes DNS, SSH,

Ned, Thank you very much for the response. Great example following through on the premise. It sounds like I need to have a better understanding of the traffic patterns on my network to know the optimal order for iptables filtering rules. My brief example - Premise: I want to limit outsiders from interfering with LAN client machines. So, I have the following rules regarding forwarding traffic:

Hai,   Just a questions, this might be a bug, might not, but for this one i need some help.   Setup, debian 9.   Member server samba 4.9.3 AD DC servers samba 4.8.7   Im setting up the member with a very tight firewall, so nothing in/our/routed unless its defined. Im using UFW firewall for it.   I notice the following in my member its firewall logs, and this only happend when i run : id or

At the current time I am not subscribed to the mailing list. I have a blacklist that I got from www.peerguardian.net that is rather large ( 81 kb). When shorewall start command is issued it takes about 20 mins for it to load. Is this normal or should I do this another way? Also I noticed something very strange with shorewall .. I have cron do a shorewall restart command every 24 hours and

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=448 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Component|ip_conntrack |nf_conntrack ------- Additional Comments From laforge@netfilter.org 2006-02-14 09:05 MET ------- ipv6 conntrack is

I've been getting LOTS of messages like the below in the daily log, and from all indications, it appears to all be related to the cpu; the machine is just over a year old, and was the old vortex.wa4phy;net server from the downtown co-lo site. Aside from huge log files, and lots of other fluff, numerous problems of other nature have started cropping up. Anyone have any suggestions as to

I know i'm new to the list but i'd like to propose something for tincd daemon. I'd like to mark all sockets established by a tincd process with a mark passed as an argument in the command line. What could be the purpose of this new option? The goal of this option is to be able to have several tincd process running at the same time using the same port but using different ip. In

Hi, system info: ubuntu 7.04 (Host OS) samba 3.0.24 (installed with apt-get) vmware-server 6.0.1 windows XP (Guest OS) I was using the iptables script provided by iptablesrocks.org. It's been quite useful, but I ran into a problem when I tried to connect samba. Without any iptables rules, I have no problem when connecting host os(ubuntu samba server) from guest os Windows XP. I referenced

I updated my secondary DNS server from 5.3 to 5.4 today. After the update, named would not start. A bit of investigation found that all of the files in /var/named/chroot/var/named/data had been turned into links to themselves! Fortunately, since this is a secondary DNS, all I had to do was delete the files, replace the root hints file and let everything else copy back over from the master. If

http://bugzilla.netfilter.org/show_bug.cgi?id=601 Summary: log messages with flags "ACK PSH FIN" Product: netfilter/iptables Version: unspecified Platform: All OS/Version: Debian GNU/Linux Status: NEW Severity: minor Priority: P3 Component: ip_conntrack AssignedTo: laforge at

On Tue, 4 Dec 2018 15:53:29 +0100 "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote: > Hai, >   > Just a questions, this might be a bug, might not, but for this one i > need some help. > Setup, debian 9. >   > Member server samba 4.9.3 > AD DC servers samba 4.8.7 >   > Im setting up the member with a very tight firewall, so nothing

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=448 Summary: IPv6 conntrack does not work on a tunnel interface Product: netfilter/iptables Version: unspecified Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: ip_conntrack AssignedTo: laforge@netfilter.org

Good Evening, I am trying to forward packages on an internal device using iptables: /sbin/iptables -A FORWARD -i eth0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT but the packages are still blocked, e.g.: Feb 6 20:58:28 firewall kernel: DROP-TCP IN=eth0 OUT=eth0 SRC=192.168.100.177 DST=172.28.2.184 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=16609 PROTO=TCP SPT=7166 DPT=3590 WINDOW=0

Hi ! I need a plot for data extending over several orders of magnitude on the y axis. The following command generates a nice looking semi-log plot for my data: plot(x,y,log="y",type="l",lty=3, ylim=c(0.01,2),yaxp=c(0.01,1,1),las=1) I would appreciate having also minor tick marks in-between the 3 major ticks obtained with the above command. The "minor.tick" function

I have a server that frequently hangs while rebooting. I see no errors, but during the boot process it stops at this stage: Initializing hardware... storage network audio The cursor sits just after the word "audio" and I have to do a hard reset to get out of it. This server has no audio capabilities, so I am thinking that I just need to disable the audio stuff so it doesn't

Hi! I have many problems getting this thing to work. There''s a host with two network interfaces, where there are two routers to Internet in two separated networks. The host uses multihop routing for deciding to which router send the packets... but the routing decision is wrong made. Some packets with source address of one NIC, go to other network. I have a host with three NICs in it: