Displaying 16 results from an estimated 16 matches similar to: "[patch] Raw sockets in jails"
2004 May 06
3
tcng ingress policing question
Hi all
I started playing with tcng to generate my tc rules, but I have some
difficulty implementing my rules...
The script below generates an error:
# Device eth0
tc qdisc add dev eth0 ingress
beginner.tc:2: don''t know how to build meter for this
The script is below, I changed the real IP numbers for XXs and YYs,
since it doesn''t really matter what they are. eth0 is the
2006 Apr 23
1
fsck_ufs locked in snaplk
Colleagues,
one of my servers had to be rebooted uncleanly and then I have backgrounded
fsck locked for more than an our in snaplk:
742 root 1 -4 4 1320K 688K snaplk 0:02 0.00% fsck_ufs
File system in question is 200G gmirror on SATA. Usually making a snapshot
(e.g., for making dumps) consumes 3-4 minutes for that fs, so it seems to me
that filesystem is in a deadlock.
Any
2004 Jan 29
1
RE: LARTC digest, Vol 1 #1564 - 6 msgs
Martin,
If I understand whay you are suggesting, there is a problem in your
design: It will only work if you use Hide NAT. The problem is that the
ip_src == IP0 rule is wrong: The ip_src is not changed by the router and
it is not equal to the IP of any of the machine interfaces.
Can you think of a solution that will work in the following reasonabl
scenario:
Lets say I have two T1 internet
2007 Jul 01
1
FW filter unused/unloaded ???
Hi all.
I''ve written a small htb script that uses U32 and FW (marked by IPTABLES) filters, but TC doesn''t seem to be using the "cls_fw.o" module !!!
I''m using redhat v9.0, kernel 2.4.8-20, iproute 2.4.7-7.
Here is my script:
==========================================================
#####################
#Interface definition
#####################
2004 Aug 05
6
TC-ng questions/problems
Hi all,
We have 2 class C networks that are connected by a Linux router with the internet. We want to apply traffic control (bandwidth control). For that we wrote the tcc script below. We have 2 problems:
1. To establish a 2 megagit download we must actually set the value to 2500kbps. Is there a possible reason for that?
2. If we enable the WAN device we get very hight ping times (they change
2004 May 20
1
tcng configuration question??
Greetings all,
OK - just started playing around with traffic shaping - have imq and htb
and (I think) everything else I need in the kernel and running well. My
initial lab task was to protect a H.323 session over a simulated half T1
while adding bulk traffic - got that accomplished after slogging through
learning tc and decided in short order that a more intuitive interface
would be
2004 Jan 15
3
Shaping Device Aliases
Hi.
I understand that device aliases (e.g. eth2:3) are not shapeable. Does
anybody know if this functionality is planned in the future?
Anyway, for the time being the only option that seems to leave is to
fwmark packets differently for each device alias and then shape based
on that.
Is it possible to set multiple marks on the packets? Alternatively, is
it possible to check for a specific
2004 Aug 05
4
NAT & tc filter addresses
Is there a flow diagram as to where tc actions take place with respect
to NAT and other iptables functions on a multihomed box (private &
public NICs) ? Are tc filter rules consulted before or after NATing?
My real interest is in basic understanding first, and then solving a
real problem second.
Example:
Firewall Public NIC 123.123.123.1
Firewall Private NIC 192.168.168.1
Dedicated Video
2004 May 05
3
Simple HTB setup with tcng
Hello all,
I am trying to set up a simple htb based system, where packets with
source ip 10.0.0.1 should have their own class.
I plan to use tcng to set it up easier.
Is there something wrong in my tcng file ?
~/tcng$ cat htb
/*
*/
#include "fields.tc"
#include "ports.tc"
dev eth0 {
htb ( ) {
class ( rate 600kbps, ceil 600kbps )
{
2003 Jun 08
1
redirect unauthorized users to a login page (natd as a transparent proxy)
Hello
I am trying to redirect all http traffic of unauthorized wifi users on a
wireless hotspot to a login page. The problem I have is that I can not
disable the regular address translation (I want the source address to stay
the same).
10.0.0.7 is the wifi client
195.250.155.29 is the web wifi user tries to access from his browser
195.113.17.94 is my login page
10.0.0.1 is the wifi
2004 Jan 28
1
Problems with multipath routing.
Hi all, I have setup two multipath route tables on my system for doing
failover routing, What I want it''s that if GW at route1 of the MP is dead,
traffic goes by route2, for doing that I have created the multipath routes as
follows:
ip route add table mail.traffic proto static nexthop via ${GW1} dev eth1
weight 1 nexthop via ${GW2} dev eth1 weight 250
But it does not run as I
2004 Sep 17
4
Guaranteed rate per class and maximum ceiling per element in class???
Hi all,
It is my understanding that with HTB, the rate and the ceiling are divided over the elements of the class. E.g. using a rate of 100 kb and a ceiling of 2000 kb for a class with 10 elements on a 100Mb NIC, the effect of the ceiling will be that if all elements are generating their maximimum possible trafic they will be effectively limited to ~ ceiling / number of elements, in this case
2012 Apr 25
1
forwarding packets to service in same host without using loopback network
This question is not about linux usage. But still i think user list
is a good crowd for linux programmer. So here it goes.
I have this libnetfilter_queue application which receives packets from
kernel based on some iptables rule. Before going straight to my
problem, i'm giving a sample workable code and other tools to set up a
test environment so that We problem definition and possible
2006 Jun 23
2
TCNG question
Hey all, i have a class.
class ( <$call1> ) if ip_dst == 10.100.1.6 && tcp_dport == 22
if ip_src == 10.100.1.4 && tcp_sport == 22
;
Now when i apply this traffic TO 6 on port 22 is indeed limited to the speed
i specify BUT it doesn''t seem to take the src into account at all. If i
change the src to anything, even an address that
2006 Mar 17
1
Fatal trap 12: page fault while in kernel mode / current process=12 (swi1: net)
this is 6.0-STABLE as for Mar 17.
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2006 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.1-PRERELEASE #2: Fri Mar 17 11:05:32 UTC 2006
vlad@host:/usr/src/sys/amd64/compile/DEF_WEB
Timecounter
2013 Jul 24
1
NFS deadlock on 9.2-Beta1
Two machines (NFS Server: running ZFS / Client: disk-less), both are running FreeBSD r253506. The NFS client starts to deadlock processes within a few hours. It usually gets worse from there on. The processes stay in "D" state. I haven't been able to reproduce it when I want it to happen. I only have to wait a few hours until the deadlocks occur when traffic to the client machine