Displaying 20 results from an estimated 1000 matches similar to: "Shorewall 4.4.19.4"
2011 Apr 23
6
TC: Simple and complex configs interplay
Hello,
From a user perspective, the simple (tcpri) and complex TC configs
offers two rather distinct choices. A user can very well be OK with
only using the simple way and that''s very fine. Then again, even in
doing so, the more complex config options are available. What is the
interplay between the two as far as having some parameters configured
in both at the same time ? So far
2011 May 12
1
Patch for Samples6 zones
Hi,
Attached is patch for correcting zones in Samples6 for iv6
Thanks
Togan
------------------------------------------------------------------------------
Achieve unprecedented app performance and reliability
What every C/C++ and Fortran developer should know.
Learn how Intel has extended the reach of its next-generation tools
to help boost performance applications - inlcuding clusters.
2011 May 16
1
Proper use of MASQ in Multi-ISP config
I am wanting to verify that I am properly using the MASQ for a series of
hosts. I have 2 providers, and my providers file has the contents:
#NAME NUMBER MARK DUPLICATE INTERFACE GATEWAY
OPTIONS COPY
l3 1 100 main eth0.100 1.18.139.1
track,loose,fallback eth1
ws 2 200 main eth0.101 1.155.136.193
2010 Jan 21
6
Shorewall 4.4.6 and Multiple ISP with 2 routed subnets
Hello,
I have 2 ISP uplinks (zones: inet1 and inet2), each with a fixed IP on the outside and a routed subnet (/25 and /26) on the inside. So, behind the firewall i have 2 networksegments (lan1 and lan2) with public IP-addresses. The segments are completely isolated from eachother: hosts in zone "lan1" connect only to "inet1" and hosts in zone "lan2" only connect
2012 Sep 26
2
Error message starting Shorewall with TC simple enabled
Hi,
Hi, I get an error with TC Simple.
System:
shorewall 4.5.6.2
kernel 3.5.3
iptables 1.4.13
xtables 1.45
iproute2 3.5.1
OS: gentoo/linux amd64
when shorewall executes this command:
tc filter add dev eth0 protocol all prio 1 parent 1011: handle 1011 flow hash keys nfct-src divisor 1024
It fails with this error:
RTNETLINK answers: No such file or directory
We have an error
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2011 Mar 13
16
Shorewall 4.4.19 Beta 1
Beta 1 is now available for testing.
----------------------------------------------------------------------------
I. P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E
----------------------------------------------------------------------------
1) Previously /var/log/shorewall*-init.log was created in the wrong
Selinux context. The rpm''s have been modified to
2012 Jun 27
0
Shorewall 4.5.5.2
Shorewall 4.5.5.2 is now available for download.
Problems Corrected:
1) Previously, when ipp2p was used in the /etc/shorewall/tcpri file,
the generated code for saving the packet mark was clearing the
connection marks fields not having to do with traffic shaping. It
now only alters the traffic-shaping part of the connection mark.
2) Shorewall 4.4.11 allowed UID and GID ranges
2009 May 23
0
Shorewall 4.3.11
Shorewall 4.3.11 is now available for testing.
Much of what is in this release is below the surface. Many of the
modules have been reorganized to provide for more readable code and to
eliminate a lot of parameter passing.
----------------------------------------------------------------------------
P R O B L E M S C O R R E C T E D I N 4 . 3 . 11
2010 May 29
1
IFB0 throughput 3-4% lower than expected
I have two boxes for the purpose of testing traffic control and
my knowledge thereof (which is at the inkling stage). The boxes are
connected by 100Mbit ethernet cards via a switch.
For egress traffic via eth0 I achieve a throughput that is close to the
specified CEILing, particularly for values above 1mbit. Ingress traffic
does not seem so well behaved. Above about 1mbit rates achieved are
2002 Apr 03
3
pxelinux fron Floppy disk?
Hi there,
we are using a couple of Diskless Linux Workstations in conjunction with PXE
capabable Network cards to boot the system. This works fine using pxelinux.
However, there are a few workstations left, which are not able to boot via
PXE and thus this workstations need a Kernel on a floppy disk and an
additional initrd image.
The Problem with is, that both of them don't fit on a floppy
2023 Jul 21
0
[Bug 1650] fail to add missing element to nft sets after running some time - file exists
https://bugzilla.netfilter.org/show_bug.cgi?id=1650
--- Comment #5 from Wang Jian <larkwang at gmail.com> ---
>
> This internal:0:0-0 is incorrect error reporting.
>
> Could you run nftables with git HEAD? It contains this fix:
>
> commit 5e39a34b196d68b803911aa13066fef2f83dc98c
> Author: Pablo Neira Ayuso <pablo at netfilter.org>
> Date: Mon Mar 27 16:36:31
2004 Sep 26
1
REQ: A "tcfilter" program
Will someone please write a program that can be used to assist with u32
matches?
What I envision is something like ipchains'' "--check" option, which
tests a packet against the selected chain. tcfilter should check
against the loaded filters.
It would be REALLY nice if:
1) counters (showing the number of hits (in packets)) could be included.
2) a debug mode showing what the
2010 Jul 05
10
Problem with trafic shapping and openvpn
I''m using shorewall with openvpn and traffic shaping at all of our offices.
I have noticed for a while that occasionally ping times are excessive. Usually
this is during overnight off site backups but some times during the day.
I have assumed the is was an ISP issue but now I''m suspecting it''s problem
with openvpn and traffic shaping.
In the test case have 2 sites
2012 Oct 18
3
replacing random repeated numbers with a series of sequenced numbers
Hi all,
I have a dataset with one column like below:
ID
1001
1001
1001
1122
1122
1122
1421
1421
1789
1789
..
These numbers are no in sequence and they have different repeats. How could
replace them with sequenced numbers?
Such as follows replacing the ID column with the SID column.
ID SID
1001 1001
1001 1001
1001 1001
1122 1002
1122 1002
1122 1002
1421 1003
1421 1003
1789 1004
1789 1004
2014 Apr 08
2
[LLVMdev] Why "I = ++I" instead of "++I" in COFFDump.cpp ?
On Mon, Apr 7, 2014 at 12:09 PM, Joerg Sonnenberger <joerg at britannica.bec.de
> wrote:
> On Mon, Apr 07, 2014 at 08:38:58AM -0600, Richard wrote:
> > Oops, meant to send this to the mailing list instead of to Reid
> > privately. (Why cc the mailing list instead of just sending to the
> > mailing list?)
> >
> > In article <CACs=
>
2002 Aug 07
2
Re: [Shorewall-users] Common Rules
John,
I''m taking the liberty of copying the Shorwall Development list since I
believe that these issues will be of interest.
On Tue, 6 Aug 2002, Links at Momsview wrote:
> Tom,
> I''m not sure if you ever saw this document but it describes some of the
> reasons you are seeing strange packets
> after setting up NEW not SYN
>
2018 Nov 20
1
[Bug 1302] New: iptables v1.8.0 (nf_tables) has a problem inverting in-interface and maybe out
https://bugzilla.netfilter.org/show_bug.cgi?id=1302
Bug ID: 1302
Summary: iptables v1.8.0 (nf_tables) has a problem inverting
in-interface and maybe out
Product: iptables
Version: CVS (please indicate timestamp)
Hardware: x86_64
OS: All
Status: NEW
Severity: major
Priority:
2020 Jan 30
2
[Bug 1402] New: Race errors with nft
https://bugzilla.netfilter.org/show_bug.cgi?id=1402
Bug ID: 1402
Summary: Race errors with nft
Product: nftables
Version: unspecified
Hardware: All
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2017 Oct 06
6
[Bug 1188] New: nft fails to parse own output; unable to save-restore active state
https://bugzilla.netfilter.org/show_bug.cgi?id=1188
Bug ID: 1188
Summary: nft fails to parse own output; unable to save-restore
active state
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: critical
Priority: P5
Component: nft