Displaying 20 results from an estimated 30000 matches similar to: "Optimizing CentOS for gigabit firewall"
2008 Feb 09
3
IPtables Possibility
Hi,
I just wonder if I can replace PIX firewall with machine having IPTable as my firewall. I want to control our firewall but
due to the lack of knowledge in configuring PIX, i want to replace it with Linux or BSD. I do not have the time now to
learn the complexity of PIX and yet I want to know what happening in my firewall and control it as much as possible.
Do you think it is justifiable for
2004 Feb 19
2
traffic normalizer for ipfw?
Hi there,
Is there some way to configure ipfw to do traffic
normalizing ("scrubbing", as in ipf for OpenBSD)? Is
there any tool to do it for FreeBSD firewalling?
I've heard that ipf was ported on current, anything
else?
TIA,
/Dorin.
__________________________________
Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.
http://antispam.yahoo.com/tools
2008 Feb 24
2
Internet Load Balancing and Failover
Hi All,
Does anyone have any experience connecting two or more DSL/Cable modems to
a Linux box to provide load balancing and failover?
I've done some googling and found a few resources but very few solid
experiences.
I'm trying to optimize my LAN->Internet traffic for a bunch of
workstations.
Shawn
2006 Jul 14
1
Any ongoing effort to port /etc/rc.d/pf_boot, /etc/pf.boot.conf from NetBSD ?
Hi,
[I have added freebsd-security to recipient list as I consider
this issue a security risk]
Paul Schenkeveld wrote:
> Hello,
>
> On Fri, Jul 14, 2006 at 01:26:38PM +0300, Ari Suutari wrote:
>> Hi,
>>
>> Does anyone know if there are any plans to bring
>> pf boot-time protection (ie. /etc/rc.d/pf_boot and
>> related config files) from NetBSD to FreeBSD
2006 Apr 17
3
[LLVMdev] OpenBSD. (Was: 1.7 Pre-Release Ready for Testing)
Hi again,
I wrote:
> > I would like to test but the I modigied the configure to make
> > unknown = OpenBSD and Unix
>
> Have you looked at ./config.log. ./configure creates this as it runs
> as a trace of the path it took through ./configure. Work backwards
> from the end to find out what it didn't like.
I remember SourceForge's compile farm has an OpenBSD x86
2006 Apr 17
0
[LLVMdev] OpenBSD. (Was: 1.7 Pre-Release Ready for Testing)
I just added __OpenBSD__ everywhere __FreeBSD__ was being tested (there
were about a dozen places). I suspect we'll have to add one for NetBSD
also one day (even DragonflyBSD?). INT8_MAX and friends ought to be
declared by <stdint.h>. It is on FreeBSD.
Ralph Corderoy wrote:
>Hi again,
>
>I wrote:
>
>
>>>I would like to test but the I modigied the
2007 Sep 11
3
Centos Router
With the current discuss of "Performance of CentOS as a NAT gateway", I
am curious how many people out there are using CentOS as a
Router/Firewall in an enterprise or service provider environment. For
myself I am not really concerned about NAT just a stateful firewall.
The other half of my questions is about performance. I have read many
articles and posts on the net about
2003 Aug 07
1
FreeBSD - Secure by DEFAULT ?? [hosts.allow]
Hi,
I need to know what the implications are to make use of the hosts.allow file
on a FreeBSD Production Server (ISP Setup)? The reason I'm asking, is that
I've recently decommisioned a Linux SendMail Server to a FreeBSD Exim
Server, but with no Firewall (IPTABLES) yet.
Besides the fact that it only runs EXIM and Apache, is it necessary to
Configure rc.Firewall? or can I only make use of
2013 Oct 01
2
pfsync between 8.4 and 9.2
I just started rolling out 9.2 to all our production machnes, which
are currently on 8.4. We have tested it pretty throughly internally
and are very happy with it, but as part of the deployment have hit
a problem. We have a pair of boxes running as a firewall using carp
and pfsync. One of the - the 'passive' one - has been upgraded to
9.2, and all works fine as far as carp si concerned,
2006 Apr 18
1
[LLVMdev] OpenBSD. (Was: 1.7 Pre-Release Ready for Testing)
I'll Check it out.. is it in the CVS or the release yet.. or how do I apply a patch to it... thanks much for the update.. I'll feel better about the whole thing..OpenBSD is really nice with the pro-police stack and would like to see an alternative to the GCC only compiler chain of tools especially as it is based on a somewhat archaic optiminzation backend and procedural stuff is pretty
2005 Jul 02
3
packets with syn/fin vs pf_norm.c
Hi,
First of all, I know that not dropping SYN/FIN isn't really a big deal, it
just makes no sense. But since it doesn't make any sense, I don't see
the reason why not to discard them.
I'm running pf on FreeBSD 5.4-RELEASE-p3 and I scrub any traffic. I've
read some other posts on google and as far as I can tell, clearly invalid
packets (like packets with SYN/RST set) is
2004 Apr 05
4
memdisk : booting OpenBSD and NetBSD
hi there.
I'm trying to boot several OSes floppy images from a cdrom via memdisk.
Actually, Linux and FreeBSD boots fine, but, while i'm using the same method,
I couldn't get into booting netbsd nor openbsd.
The boot process seems to hang up, in those two cases, when the second stage
native bootloader try to load the kernel (i'm not absolutely sure about this).
The native first
2007 Mar 12
8
[Bug 1295] [PATCH] Transparent proxy support on Linux
http://bugzilla.mindrot.org/show_bug.cgi?id=1295
Summary: [PATCH] Transparent proxy support on Linux
Product: Portable OpenSSH
Version: 4.6p1
Platform: Other
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: ssh
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2014 Jan 23
1
Call for testing: OpenSSH-6.5
Hi
When NetBSD added strnvis they swapped around the argument order.
On OpenBSD:
int strnvis(char *, const char *, size_t, int)
On NetBSD:
int strnvis(char *, size_t, const char *, int);
Don't ask me why.
On Thu, Jan 23, 2014 at 12:56:48PM +1100, Darren Tucker wrote:
> On Thu, Jan 23, 2014 at 12:13 PM, Hisashi T Fujinaka <htodd at twofifty.com> wrote:
> > #1
2012 Jan 19
3
RFC PATCH: bring OpenBSD stdarg in line with FreeBSD one
Having an absolute path in a #include confuses distcc''s pump mode.
Since AFAICS OpenBSD''s stdarg handling uses the builtins, I think we
should just treat it like we do NetBSD.
I don''t have an OpenBSD box to test on, though. :( Any OpenBSD
enthusiasts care to comment?
Tim.
diff --git a/xen/include/xen/stdarg.h b/xen/include/xen/stdarg.h
index 57e2c0e..cb870ac 100644
2007 Feb 14
5
Bandwidth shapping device
I have a link to a building (e.g. 10Mb/s) and want to split up the
bandwidth to different users. Each user should get e.g., 512kB/s plus
256kB/s dedicated for VoIP.
What kind of device can I use for that ? (managing switch ??? which one?)
bye
Ronald Wiplinger
2018 Nov 06
3
openSSH versions
Hi,
I notice here:
https://www.openssh.com/releasenotes.html
That the versions always have a <number> and a <number>p1.
Does the p1 indicate a patch? So does it mean that <number> and <number>p1 are two different versions?
It doesn?t describe the differences between the two in case they are different versions.
I would appreciate some clarification.
Thanks,
Roee.
2009 May 23
7
Intel Atom systems?
Any comments on CentOS 5 on Intel Atom CPUs?
I need to build a couple of inexpensive systems that will be used
primarily as gateway/firewall systems with OpenVPN, and need
recommendations in reliable hardware platforms. These will need
two NICs.
Bill
--
INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice:
2014 Sep 25
7
Does dovecot work OK on *BSD?
Hi all,
I have a dovecot server on my Debian Wheezy desktop computer. My days
with Debian are limited, and I'm investigating several 'BSD's:
OpenBSD
FreeBSD
PCBSD
NetBSD
DragonflyBSD
etc
Is there any reason Dovecot wouldn't work on any of those? Does anyone
know if those OS's have packages for Dovecot, or do I need to compile
it myself?
Thanks,
SteveT
Steve Litt
2015 Nov 26
2
How disable forwarding-only connections (i.e. non-shell/command non-sftp connections)? (Maybe this is a feature request!)
On 2015-11-26 13:33, Darren Tucker wrote:
> On Thu, Nov 26, 2015 at 4:11 PM, Tinker <tinkr at openmailbox.org> wrote:
>> The goal is to get a script invoked *at login time*,
>
> This part I follow, but having a script run is just a means to an end
> not the end itself. What is the script going to do?
>
>> so that the authentication only is known to the client