Displaying 20 results from an estimated 2000 matches similar to: "Classful queues"
2007 Aug 23
2
Classful queuing solution
Dear all,
I am trying to set up multi-user traffic control. In short, I want each
user (each IP) to be hard limited to 128kbit download and 64kbit upload.
On top of that, I want interactive traffic (ICMP, ACK packets, SSH, etc)
to be prioritised to minimise latency. It sounds like it ought to be
done with a classful qdisc but I don''t really know what I''m doing. I
think I
2007 Sep 14
3
make tc stop!
I want to stop shaping from running on my box, without rebooting it.
What''s the best way to get rid of any tc rules?
I have tried "tc qdisc del dev eth0 root" which appeared to be
successful but traffic through my box is still very slow.
Cheers,
Jonathan
------------------------
Jonathan Gazeley
ResNet | Wireless & VPN Team
Information Systems & Computing
University
2007 Aug 29
11
tc not matching
Dear all,
I''m having real problems getting tc to do anything useful at all. I''m
also under pressure to get this fixed before the students start arriving
later this month (I work in a university).
In short, I want each IP address to be hard limited to 128kbit down,
64kbit up, never to be allowed more bandwidth than this. It is also
important that the latency remains
2012 Jan 09
1
puppet-selinux
Hi all,
I''m having some problems working with puppet-selinux[1]
I''ve successfully deployed the module in nodes.pp and got it to set
various SELinux modes, by using
class { selinux: mode => ''permissive'' }
or
class { selinux: mode => ''enforcing'' }
Now I want to load a custom SELinux policy file. According to the docs,
the correct
2003 Jun 03
0
natd and logging
I have setup natd, enabled logging with -l and it is working
perfectly. However is there a more detailed log to see the translation
tables. I need to log the ipaddress internal 172.*.*.* to the outside with
what port is being used. natd just seems to log the statistics such as
icmp=5 and so on. If natd does not have this function what does?
2003 Jun 08
1
redirect unauthorized users to a login page (natd as a transparent proxy)
Hello
I am trying to redirect all http traffic of unauthorized wifi users on a
wireless hotspot to a login page. The problem I have is that I can not
disable the regular address translation (I want the source address to stay
the same).
10.0.0.7 is the wifi client
195.250.155.29 is the web wifi user tries to access from his browser
195.113.17.94 is my login page
10.0.0.1 is the wifi
2003 Oct 30
1
Using racoon-negotiated IPSec with ipfw and natd
[ -netters, please Cc me or security@ with replies. ]
I'm running into trouble integrating dynamic racoon-based IPSec into a network
with ipfw and natd. I need to be able to allow VPN access from any address
from authenticated clients. I've got the dynamic VPN working, with racoon
negotiating SAs and installing SPs, but the problem is that I can't tell
whether an incoming packet on
2007 Jul 30
17
tc n00b
Hi everyone,
I''m new to tc but I need to use it to set up shaping on a new NAT box.
In short:
Each user must have their upload limited to 128kbit and downlink limited
to 256kbit.
Global bandwidth to be limited to 100Mbit
Interactive packets to have higher priority
200+ users, so need to match packets fast
So far I have managed to get the download limits working. However I need
to
1998 Jul 19
0
scaling SAMBA to handle ResNet students
We are planning to provide a personal network directory for our ResNet
Win95 users using one samba server and I'm wondering whether we are apt to
encounter any issues of scale that might affect us in moving from 100 users
to over 1000.
I can see some problems keeping the Win95 computer identity unique on each
system, but I wonder if there are known limits to the size of a single
workgroup,
2003 Jul 16
0
accessing a jail via localhost
I'm facing a problem with accessing a HTTPd (Apache) jail locally. Consider
this jail scenario:
/etc/hosts:
127.0.0.1 localhost foo.com
172.16.0.1 apache
/etc/natd.conf:
use_sockets yes
same_ports yes
unregistered_only yes
redirect_port tcp 172.16.0.1:80 80
redirect_port tcp 172.16.0.1:443 443
/etc/firewall.sh
...
${fwcmd} add divert natd all from any to any via ${oif}(IPFW)
...
rl0, my
2003 Sep 15
5
strange problem with: ed driver / 4.9-PRE
Hi,
in the kernel I have these lines:
[...]
device miibus # MII bus support
device rl
device ed
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
options IPFIREWALL_VERBOSE_LIMIT=0 #limit verbosity
options IPDIVERT #divert sockets
options DUMMYNET
2003 Jun 02
6
4.8-Stable DummyNet
Hi. We just opened a gaming center and have chosen to run a FreeBsd box for
our firewall. IPFW is configured at it's very basic running natd through rl0
and allowing any to any connections from the lan to the outer world. Natd
controls access to the lan.
We have a 6.0 mb/s ADSL net connection for all the gaming clients to use,
however if a gamer starts downloading a file, that file
2003 May 12
1
[Fwd: Re: Down the MPD road]
Made a typo in the cc: line. Coffee time, I guess.
-------- Original Message --------
Date: Mon, 12 May 2003 19:52:17 -0400
From: Bob K <melange@yip.org>
To: Michael Collette <metrol@metrol.net>
CC: freebsd.-security@freebsd.org
Subject: Re: Down the MPD road
> I did this, and it does correct the immediate problem. Of course, it
> also
> creates a new glitchy.
>
2003 Nov 21
0
how to get IPFW rules for SMTP server behind NAT server "right"?
hi all,
i've been struggling with setting appropriate rules for an SMTP-server
behind by NAT'd firewall.
it's not that there is too little info on the web -- or here, for that
matter -- there's scads of it for seemingly endless configs/req'ts --
none that seem to be exactly my own.
bottom line: i'm a bit confused, and looking for some experienced
advice.
my goals (for
2003 May 22
0
VPN IPSEC WIRELESS
I am having problems in the implementation of a VPN, below made a project of my net:
INTRANET
(10.0.0.0/24)
|
10.0.0.5
xl0
NetBSD IPNAT ( map wi0 10.0.0.0/24 -> 192.168.213.10 )
wi0
192.168.213.10/30
|
|
Wireless
VPN
|
|
192.168.213.9/30
xl2
FreeBSD NATD ( divert natd all from any to any )
xl0
200.x.x.5/24
|
200.x.x.1/24
2003 Aug 18
0
question about routing, firewall, natd and bridge
Hallo there,
I had to change the provider. And after that my public IP adress are
routed straight through FreeBSD Box. What is it
best way to do it?
I personally done it the way, where exist the localnet alias for every
interface... eg..
ifconfig_ed0="inet 62.168.40.188 netmask 255.255.255.252 broadcast
62.168.40.191"
after that there is local interface 192.168.1.1/255
and it's
2003 Jul 03
2
ATA-186 de-register
Is it just me or do others have a problem with the ATA-186
de-registering? Every couple of hours, if I don't make use of the ATA
connected line, I find that I have to unplug and let the ATA reboot.
After that it is good to go for awhile, but eventually I have to repeat
the process. My ATA sits behind a NATd firewall, any ideas what might
cause the de-registration?
Kim C. Callis
2006 Jan 22
1
classless qdisc and classful qdisc
Hello, I''m still new in using tc...I wanna ask...
1. what is the difference between classless and classful qdisc?? when I made
a qdisc, are I must create both of that qdisc...???
2. what is the difference beetween three of the classless qdisc in linux
redhat 2.4, sfq pfifo and tbf if I using the htb classful qdisc ??? because
when I use htb classful qdisc it means I made a qdisc that
2005 Jul 14
1
Single-table inheritance and eager loading
I have a people table with four types of people: clients, spouses,
children, and others all setup using single-table inheritance with a
foreign key back to a household record.
A Household has_one client and spouse, and has_many children and
others. I want to use a single "Household.find(@session
[:household_id], :include => [:client, :spouse, :children, :others])"
2006 Oct 03
2
Two domains on one network?
I feel I should know the answer to this, but I wanted to verify. I have a
bunch of Windows PC's running Win 2K Pro, on three subnetworks. Two of the
subnets are served by Unix (FreeBSD) boxes running NATD, but all are joined
to a domain being run on a Win 2K Pro server in another building on the
campus. So far I haven't joined the two Unix boxes to the domain.
I'd like to