similar to: iptables rules disappearing!!!

Which kernel supports the iptables'' -m dstlimit? Do I need a patch or something else to get it to work? Is it too experimental? -- Покотиленко Костик <casper@meteor.dp.ua>

Hi. I have a Server''s network with some servers in it, all with 192.168.1.0/25 ips. There is also a router in that network with ip 192.168.1.1. This router also connected to a client''s network 10.10.0.0/16 with ip 10.10.100.1. All services on each server are given their virtual address from one of two virtual networks 192.168.1.128/28 and 192.168.1.144/28. 192.168.1.128/28 is

Hi. The task: 1. There 3 servers and a router with 2 PPPoE connections (let call them: ppp0, ppp1). 2. There are several groups of Inet-clients to be served (Servers, Clients and Club). 3. The task is: - to route Club through the ppp1; - to Servers and Clients through ppp0; (Next is reproduced from memory and may be slightly incorrect) router # netstat -nr Kernel IP routing table

Hi. I have strange troubles with DNATing UDP packets. The situation: 1. We have local network 10.10.0.0/16 2. We have a "server network" 192.168.1.0/25 connected with local network by a router 10.10.100.1 (other ip 192.168.1.1). 3. Web server is located at 192.168.1.2 4. There are HW pingers in the net 10.10.0.0/16 whose do ping 10.10.100.1 every second. The ping is the UDP packet

---------- Forwarded message ---------- Received: from brimstone.netspace.org (brimstone.netspace.org [128.148.157.143]) by blues.jpj.net (backatcha) with ESMTP id CAA13949; Fri, 14 Nov 1997 02:08:13 -0500 (EST) Received: from unknown@netspace.org (port 25452 [128.148.157.6]) by brimstone.netspace.org with ESMTP id <818-20257>; Fri, 14 Nov 1997 01:41:22 -0500 Received: from NETSPACE.ORG by

Hi all, Is any way to logs tcp connection (not packets)? something like this: src_IP dst_Ip, srcPort, dst_port bytes_send bytes_received? Any netfilter extension? 2 issue: eth0------- connection 1 NET ---------gw (linux) eth1--------connection 2 Real bandwitch on connection 1 and connection 2 is depend on different things

https://bugzilla.netfilter.org/show_bug.cgi?id=1306 Bug ID: 1306 Summary: burst packets becomes burst bytes Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at netfilter.org

Dear all, I am working on a linux box (2.4.22 kernel) which is used as a bridge. And I want to add traffic control rules on it by client''s MAC. Does anyone has such experience on how to do that? Thank you very much!! Best regards, Henry _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

Hello everyone, really not sure if this is a LARTC question or not, but I have several hundred users all MASQ''d behind a single static IP. Users are reporting that certain websites are blacklisting that single static external IP for various reasons. What I would like to do is use several external IP''s and have a MASQ''d user getting a random one each time. Here is

Test FDB ageing of user entry created by bridge fdb replace ADDR dev <DEV> master dynamic Use LOW_AGEING_TIME variable in forwarding.config to set a low ageing time. Beware, DSA might not accept the ageing time you want. Check the age_time_coeff value for your driver. Signed-off-by: Hans J. Schultz <netdev at kapio-technology.com> --- .../net/forwarding/bridge_locked_port.sh |

Hello All, I was curious to know if I can do traffic shaping on abonded Interface? Ex: I have to interfaces eth1 and eth2 which i have bonded together as bond0 , now the question is can I do shaping on eth1 and eth2 ?? Thanks KartheeK --------------------------------- Here''s a new way to find what you''re looking for - Yahoo! Answers Send FREE SMS to your

On Sat, Mar 18, 2023 at 03:10:10PM +0100, Hans J. Schultz wrote: > +# Test of dynamic FDB entries. > +locked_port_dyn_fdb() > +{ > + local mac=00:01:02:03:04:05 > + local ageing_time > + > + RET=0 > + ageing_time=$(bridge_ageing_time_get br0) > + tc qdisc add dev $swp2 clsact > + ip link set dev br0 type bridge ageing_time $LOW_AGEING_TIME > + bridge link set dev

Hi All! I need to deploy a bridge firewall using linux kernel 2.6. I had success using kernel 2.4 plus br-nf patch. But the configuration does not work with kernel 2.6. If the default policy for the iptables FORWARD chain is ACCEPT I have a bridge. If iptables FORWARD chain is DROP I have an insulator (no packet flows). Any hint? I did some google search and in many places they say "kernel

Hi All, I''m trying to do some traffic shaping on an ethernet bridge. Currently, I have the following setup working: ifconfig eth0 down brctl addbr br0 brctl addif br0 eth0 brctl addif br0 eth1 brctl stp br0 off ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 up This creates a bridge consisting of eth0 and eth1. So far so good. I now want to use tc to shape traffic

The UDP binding logic will reuse local port numbers immediately. This causes problems for TFTP, which assumes a very low probability of a source port number being reused. The consequence is that lpxelinux.0 may end up downloading an incorrect file (e.g. attempting to download pxelinux.cfg/default but actually receiving a copy of ldlinux.c32, due to the port number having been reused). Fix by

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=536 kaber@trash.net changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|laforge@netfilter.org |kaber@trash.net ------- Additional Comments From kaber@trash.net 2007-01-28 02:35 MET ------- I can reproduce this, but

Hello everybody. I''m running linux 2.6.19 with nth match to alternatively snat outgoing connections to two different ip addresses for load balancing between two adsl lines: Here is: $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport --dports 80,443 -m statistic --mode nth --every 2 -j SNAT --to adslA $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport

On Sun, Mar 26, 2023 at 05:41:06PM +0200, Hans Schultz wrote: > On Mon, Mar 20, 2023 at 10:44, Ido Schimmel <idosch at nvidia.com> wrote: > >> + $MZ $swp1 -c 1 -p 128 -t udp "sp=54321,dp=12345" \ > >> + -a $mac -b `mac_get $h2` -A 192.0.2.1 -B 192.0.2.2 -q > >> + tc_check_packets "dev $swp2 egress" 1 1 > >> + check_fail $?

************* Announcing the Matrox Meteor Video Capture Driver. ************* The Meteor is a reasonably priced capture card for PCI (*see warning below) bus computers. The Meteor is sold directly from Matrox** at: Canada and USA 514-685-2630 or 1-800-361-4903 (voice) 514-685-2853 (fax) UK 0793.614.002 (voice) 0793.614.336 (fax) Asia Pacific 852.877.5387 (voice)

On Fri, Sep 4, 2015 at 4:28 PM, Geert Stappers via Syslinux <syslinux at zytor.com> wrote: > On Fri, Sep 04, 2015 at 09:15:07AM -0700, syslinux-bot for Erwan Velu wrote: >> Commit-ID: 66105926f3d748de827eb863913171efb9624165 >> Gitweb: http://www.syslinux.org/commit/66105926f3d748de827eb863913171efb9624165 >> Author: Erwan Velu <erwanaliasr1 at gmail.com>