Displaying 20 results from an estimated 3000 matches similar to: "Policy routing with IPFW"
2003 May 07
4
IPFW Bandwidth throttling?
I am trying to limit outgoing SMTP traffic to about 14 Mbps and these are
the IPFW rules I am using.
${fwcmd} add pipe 1 tcp from 192.168.0.0/24 to any 25 out via dc0
${fwcmd} pipe 1 config bw 14Mbit/s
I've tried multiple tweaks to the pipe rule and I seem to be missing
something. I only get about half the bandwidth I specify. Is this normal
behavior? Is there something wrong
2004 Feb 06
1
ipfw question
Dear All.
I want to use 'not' for 2 addresses (for both) in ipfw2 rule.
The only way that looks like what I need is
# ipfw add count from IP1 to not IP2,IP3
But does this rule indeed makes what I want? Does it count all
packets destined to addresses other then IP2 AND IP3?!
No other syntax works.
For example more logically correct
not IP2 AND not IP3
or even
not { IP2 or IP3 }
are
2003 Jun 02
6
4.8-Stable DummyNet
Hi. We just opened a gaming center and have chosen to run a FreeBsd box for
our firewall. IPFW is configured at it's very basic running natd through rl0
and allowing any to any connections from the lan to the outer world. Natd
controls access to the lan.
We have a 6.0 mb/s ADSL net connection for all the gaming clients to use,
however if a gamer starts downloading a file, that file
2006 Dec 24
1
Question regarding Split Access description
Hi All,
I''m a big user of the LARTC document but am currently stuck with a question
around section 4.2 (http://lartc.org/howto/lartc.rpdb.multiple-links.html)
in relation to "Routing for multiple uplinks/providers".
I''m wanting to do a similar setup to the diagram where I have - lets just
say for the moment - two uplink providers where I want to route over two
2004 Feb 19
2
traffic normalizer for ipfw?
Hi there,
Is there some way to configure ipfw to do traffic
normalizing ("scrubbing", as in ipf for OpenBSD)? Is
there any tool to do it for FreeBSD firewalling?
I've heard that ipf was ported on current, anything
else?
TIA,
/Dorin.
__________________________________
Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.
http://antispam.yahoo.com/tools
2005 Jun 11
1
problem with ip route and multiple lans
Hi, I have a little problem to setup iproute in my network
It looks like this:
---- ----- ------
R1 R2 R3
---- ----- ------
| | |
| | |
-------------------------------
ETH1 ETH2 ETH3
ETH0 ETH4 -------------> DMZ
------------------------------
|
|
2004 Aug 26
13
Load Balance simply doesn´t work...
i´ve been searching for a load balance solution since a month
ago... what i can say is that it simply doesn´t work. I was
unable to find one guy that did it with sucess. When "load
balance" is the subject of the message on the list, the
message is simply ignored.
So... if it doesn´t work... why LARTC don´t delete it from the
HOW TO and answer us with some "it simply doesn´t
2020 Jul 23
5
Off Topic bash question
I have a simple script:
#!/bin/bash
#
index=0
total=0
names=()
ip=()
while read -r LINE
do
NODENAME=` echo $LINE | cut -f 1 -d ','`
IP=` echo $LINE | cut -f 2 -d ','`
names[index]="$NODENAME"
ip[index]="$IP"
index=`expr index+1`
total=`expr total+1`
done <<< $(cat list.txt)
simple file:
more list.txt
name1,ip1
name2,ip2
name3,ip3
output when
2009 Dec 04
2
hey please help me my 3rd email of how to change From fileld username in sip packet
hy
Hope everyone is fine, I have one issue coming in asterisk , What i am doing
is i am generating a callback if some one calls at a specif access number on
asterisk,
Asterisk sends a busy signal to the calling party that he received a request
from party and then sends the call back to the person from where asterisk
received a request but in From field as you can see below astrisk is sending
the
2004 Oct 27
2
Interdomain trust across the NAT
Hi,
can I establish interdomain trust between two domains across NAT.
If yes, please how???
Thank you, Sopik Bronislav
2006 Jun 09
5
Redirect Host to Host
Hello
I have a PC with 2 IPs publics IP1 in eth0 and IP2 in eth0:0
I want to do a redirection of IP2 to an other public IP IP3 in an other
laptop (other network)
- for all ports : IP2 ---> IP3
- for juste www : IP2:www --> IP3:www
i tried many combination with shorewall-3.0.7-4, but no sucess
no help from google,
Thanks in advance
Laurent
2009 Oct 28
2
combining iptables parameters
Hi all,
is there a way to combine iptables parameters like: iptables -A OUTPUT
-p UDP & -p TCP -d $IP1 & -d $IP2 ?
Best Regards
Marcus
2004 Nov 20
2
Same GW for load balancing
Hi
I want to use two dsl (or more) lines to increase my internet bandwidth.
Our dsl lines are dhcp serviced. Both of them provide the same Def GW and different IPs for each ethernet interface (same subnet).
¿Is it possible to balance outgoing traffic "using" the interface as a
criteria? No point on choosing gateway by IP.
¿Could someone give me a clue on how to deal with this?
(first
2007 Jul 05
4
Load Balancing , MSN and SSL
HI All ,
I am running a FC6 box with two internet links with load balance . Every
thing is working fine expect the MSN connection that failed and reconnect
every time and SSL connections . I would link to know if with the nona
howto I could fix that .
I have been tried with no success to redirect that connection only to one
link but its look like do not work . Here my configuration :
2003 Oct 30
1
Using racoon-negotiated IPSec with ipfw and natd
[ -netters, please Cc me or security@ with replies. ]
I'm running into trouble integrating dynamic racoon-based IPSec into a network
with ipfw and natd. I need to be able to allow VPN access from any address
from authenticated clients. I've got the dynamic VPN working, with racoon
negotiating SAs and installing SPs, but the problem is that I can't tell
whether an incoming packet on
2006 Jan 05
5
multiple links and nat
Hi, this might be a dumb question, but I''m not finding much
information online.
I''m trying to setup a 2.6 linux box to run nat across multiple
upstream links as a simple way to aggregate bandwidth. I found the
instructions in lartc section 4.2
(http://lartc.org/howto/lartc.rpdb.multiple-links.html) fairly clear
and straightforward. I implemented those, and a couple of trivial
2007 Oct 18
4
exporting service on multiple wan
Hi all,
I''ve a routing problem. I''m setting up a router based on debian (kernel
2.4).
I need to setup routing to export an ftp service (ftp server is in dmz)
to 2 wan (both).
I setup prerouting ad forward rule with no problem.
The problem is that reply packet use default gateway (default wan) even
though they are enter using the other wan.
I solved it marking packets in input
2004 Sep 01
2
IPFW and icmp
I'm not a master of the internet RFCs, but I do believe icmp messages have
different types.
Now to enable traceroute for IPFW, I might put in a rule like this:
ipfw add pass icmp from any to me
However, how would I make a rule to limit icmp messages to just those used
by traceroute? Can the messages be distinguished as such?
A dynamic rule that exists only for the duration of a traceroute
2007 Jan 19
2
2.6.17 kernels and equalize patch
Hi
Everybody in the list
I have a situation like this
------ (IP1)
linux |----eth0.40------ |
router | | |
box | (IP2) |------|Client Router ( Destiantion Net DNET)
|----eth0.41------ | | /27 subnet
------
I just want to balance the load of bandwidth per packet based between the
two vlan interfaces to Client Destination network
2005 Apr 27
1
Problems with DNAT
Hi, i''m a shorewall users and i have the following problem:
I have one class C range of IP''s and i have three zones (net, dmz , loc)
I need create one rule to dnat one valid ip address (but not in use in
one computer) to one invalid host in my loc zone.
How i do?
I try this:
DNAT net:200.200.200.200 dmz:200.193.137.38 tcp
137,138,139,445 -