similar to: My iptables (RH 7.2) firewall included

Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall Any suggestions? Rob van Overbruggen Settings and stats: Server: Eth1 :

#!/bin/sh PPP=(ppp0 ppp1) IP=(`ifconfig ${PPP[0]}|sed -n 2p|column -s ":" -t|awk ''{print $3}''` `ifconfig ${PPP[1]}|sed -n 2p|column -s ":" -t|awk ''{print $3}''`) GATEWAY=(`ifconfig ${PPP[0]}|sed -n 2p|column -s ":" -t|awk ''{print $5}''` `ifconfig ${PPP[1]}|sed -n 2p|column -s ":" -t|awk ''{print

Hi, My home setup is as following: - 1024/128 kbit ADSL - FC3 I set up HTB to prioritize traffic. I am not very pleased with the obtained results. The scope of my setup is to have some ssh sessions with remote servers while browsing websites and running aMule Nothing complicated (I think... ;). The very high priority traffic (ssh), gets stuck when I start aMule and make an FTP download.

Hi Here is a short description of my network: ppp0 (adsl) ppp1 (adsl) | | | | --------------------- | Router | | Firewall | | MASQUERAD | | DNAT | | | | eth0 | --------------------- | | | ---------------------- |

As was briefly discussed on IRC, ffmpeg and mplayer currently output two somewhat incompatible YUV4MPEG streams. This meant that encoder_example could take input from mplayer, but not ffmpeg or movtoy4m (a QuickTime->Y4M tool). This is a patch that fixes this issue and should allow encoder_example to take input from either format: diff -urd xiph-cvs/theora/examples/encoder_example.c

Hi All, I''m looking for some comments on an issue that I''d had since the start of the week. In short the problem appears to potentially be an overwhelming of the conntrack tables, where connection state is lost and packets dropped. A combination of using htb & U32 QOS to clamp the smtp traffic to 128kb on a 512kb sync line, some sizeable bulk emails sent from the

Hi, system info: ubuntu 7.04 (Host OS) samba 3.0.24 (installed with apt-get) vmware-server 6.0.1 windows XP (Guest OS) I was using the iptables script provided by iptablesrocks.org. It's been quite useful, but I ran into a problem when I tried to connect samba. Without any iptables rules, I have no problem when connecting host os(ubuntu samba server) from guest os Windows XP. I referenced

Believe me: Read the FAQ Checked over and over This might be toooooo stupid to be documented. Please bear with me. Any help ? Situation: single card standalone "firewall" (used like a "personal firewall"). Have sshd running on the FW. Want the sshd daemon to be accessible only from 2 LANs: 1) My other home LAN machine 2) IBM intranet machines (9.0.0.0) Whatever I have

Thanks Miroslav, for your help - much appreciated. > > RICE PARTITION SIZE: In a zero-partition-order Rice block, the > > documentation says the number of samples in the partition is equal > > to the frame's blocksize. Surely this should be equal to the > > frame's-blocksize-minus-the-predictor-order, since we shouldn't need > > to encode residual for

I have what strikes me as an odd problem with shorewall. Let me describe my setup. My desktop (alfred) is connected to the network through an ADSL modem. I am running rp-pppoe, and this works perfectly. I have a small home network, with two LANs; an Ethernet LAN (including a machine running Windows XP), and a WiFi LAN, including the laptop (william) I am using now. All the computers except for

Hi, I asked a few questions about the flac format a couple of weeks ago. One more (if you don't mind) about the Rice coding. The Rice parameter "k" can't be zero (unless I'm mistaken), yet the FLAC spec says the Rice parameter can range from 0 to 15. I guessed, and tried adding one before using the parameter (i.e. assuming the range was really 1 to 16), and that didn't

I have problem getting answer on http request from all my local subnets but not from local subnet. Ping and requests on ports 21 22 23 25 110 works fine. I logged port 80 in rules files and I got accept entry same for local subnet and other subnets. Local subnet is 192.168.6 Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT= MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00

Date: Sun, 19 Oct 2003 00:59:22 +0200 > On Sat, Oct 18, 2003 at 07:21:08PM +0000, Dan Stowell wrote: > > I asked a few questions about the flac format a couple of weeks ago. > > One more (if you don't mind) about the Rice coding. The Rice > > parameter "k" can't be zero (unless I'm mistaken), yet the FLAC spec > > says the Rice parameter can range

Hi, I'm trying to write a FLAC decoder for my Java audio app. Can I ask a couple of questions to this list about the format? I think there are a couple of things not-quite-mentioned in the official spec. RICE CODING: Which order are Rice-coded numbers stored in? (a) [sign-bit][low-order bits]["k" zeroes][1] (b) [sign-bit]["k" zeroes][1][low-order bits] (c)

i''ve read your http://lartc.org/howto/lartc.rpdb.multiple-links.html article as well as Advanced IP Routing (esp. chapter 10.4) and still unable to make this thing work. am i that helpless? :) is there anyone to guide me through the multiple ISP setup? into details. i got 2 dsl connections from different ISPs (A and B), both connections use PPPoE, both got assigned with dynamic IPs

My dcgui-qt (chat/file-sharing program) doesn''t work and I''m pretty sure it''s my firewall settings. dcgui-qt is a direct connect (file sharing & chat) client. According to the FAQ here (http://dcplusplus.sourceforge.net/faq/faq.php) all I should need to do is: ------- #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL #

> ?is.finite `is.finite' and `is.infinite' return a vector of the same length as `x', indicating which elements are finite or not. is.finite() of a list seems to return a vector of the length of the list, but with value FALSE if any list element isn't finite. Is this intended? > l4 <- list(NA,1,2,3); l4; length(l4); is.finite(l4) [[1]] [1] NA [[2]] [1] 1

Hello! My system is: Internet ADSL(PPPoE) ---> ppp0 [LINUX server(router)] eth0 ---> LAN Server(router) is running on LINUX Slackware 8.1. I have recompiled a 2.4.22 kernel, enabled all QoS support in the kernel config, including HTB. My ADSL bandwidth is 256Kbit/s for download and 64Kbit/s for upload. I use the following HTB+IPTABLES configuration, because I want to reduce bandwith for

Hi, I have shorewall version 1.4.10g on Redhat 9 Local clients are on eth1 in subnet 192.168.3.0/24. eth0 is for the outside (over xdsl with includes a ppp0 interface). Nessus (nessusd) is installed *on the firewall* and managed trough nessus (the client or frontend) running on one of the internal machines. When I was running a scan against 194.152.181.36 I observed several entries like

Hi, with the attached config my gaming ping is still +20ms, even if the line isn''t saturated..can anybody give me a hint how to get a better response time? my line: 1024/128kbit outbound: one htb qdisc for gaming (7kbps) prio 0 ceil 14kbps<- should get more traffic when needed. Htb again for irc and default. inbound: css, irc, p2p, default <- same shema as before, give css