similar to: Mark on FTP passive traffic

Hi, I regularly have errors (kernel: dst cache overflow) and crash of a firewall under Linux 2.6.17 and the route patch from Julian Anastasov. With rtstat I see that the route cache size increases regularly without never decreasing. I have this parameters: fw:/proc/sys/net/ipv4/route# grep . * error_burst:1250 error_cost:250 gc_elasticity:15 gc_interval:60 gc_min_interval:0

Hi, I have a computer which is used as router/firewall/VPN with four network card. One connected on the LAN (br0, 10.0.0.0/24), the three others to three different ISP, eth0 192.168.1.0/29, eth1 192.168.0.0/24, eth2 192.168.2.0/29. This computer is under Linux 2.6.11 with the Julian Anastasov routes patch. The configuration by default is to balance the load on the three interfaces. Then, I

Hi, Perhaps as you know it Schneider Electric acquired APC, which involves the combination of APC and MGE. http://www.apc-mge.com MGE is an important contributor for NUT with for example Arnaud Quette, it's does not that the MGE strategy for the free software is stopped by Schneider Electric or APC. It is the good moment to make pressure on Schneider Electric, MGE and APC to support the

Hello, I''m starting at the RR, and I''m trying to use google charts to generate some graphs in a single plugin in rails. But I''m testing the samples that are giving errors. I think it must be configuration error. Someone who has used google charts on rails help me? Since already thank you! Juliana. =================================================================

Please, I would like to know how to generate a truncated multivariate normal distribution k - dimensional, X ~ NT(mu, Sigma), where the elements of X to be non-negative (except the first), and the first dimension is strictly larger than zero. Example: X ~ NT_2(mu, Sigma), where mu=c(0.5, 0.5) and Sigma=c([120, 191], [191,154]), with X_1>0 and X_2>=0 Could anybody help

Hi all! I am a long time lurker, but have not posted until now. My old trusted firewall machine broke a couple of weeks ago and I replaced it with a XEN domU that is using DNAT and has two interfaces. The firewall domU and the FTP server domU are both guests on the same dom0. All three machines are running Debian/etch (stable) and Shorewall has version 3.2.6. I can''t get FTP to work

Hi, I want to be able to specify actions for different classes of traffic in any of these four ways, and I''d like to use only HTB if possible: 1. No guranteed rate, No ceil 2. Guaranteed rate, No ceil 3. No guranteed rate, Ceil specified 4. Guaranteed rate, Ceil specified For types 2, 3 and 4 there can be several classes of each, with different rates and ceilings. 4 is ofcourse easy.

Hi! I have read all informations i could find, but some things are still not clear. My setup is: ---INTERNET1(eth0)-\ /- Local net1 (eth2) GW ---INTERNET2(eth1)-/ \- Local net2 (eth3) I have NAT and a working setup using HTB,SFQ, classifying with the iptables -j CLASSIFY way. I shape only the traffic coming from the internet heading to the intranet. I would like

Hello. I'm moving from a very old Fedora Core 1 to CentOS 4.4, what a change!! Three year ago, I wrote some script (network related) and worked very well. Now, I can put into init.d by means of chkconfig and I restarted the system, but always hang when executing my srcipt (in my new centos 4.4). There a manual for making scripts for init.d? there is some new requirement by which it does not

What is the best way to temporarily setup a port relay. I'm trying to diagnose a problem with Cisco's latest VPN client and need to determine if the problem is port number related. e.g. VPN client---------23-(Linux box to relay port)-------xx-(Telnet server) (Keep in mind this is temporary and for debugging purposes) Thanks, Frank M. Ramaekers Jr. Systems Programmer

Hi guys, i have a problem with a configuration what i''m trying to do. I have two computers with linux, A and B, connected in the same network with this configuration: PC1 A: 192.168.192.1 PC2 B: 192.168.192.30 The PC1 A is a firewall doing nat... this one is connected to the internet via an adsl modem and of course it have its own public ip , and the router B is a smtp server but

Processing commands for control at bugs.debian.org: > submitter 192827 Jos? Luis Gonz?lez <jlgonzal at ya.com> Bug #192827 [xdiskusage] xdiskusage: Printing doesn't manage non-ASCII characters Changed Bug submitter to 'Jos? Luis Gonz?lez <jlgonzal at ya.com>' from 'Jos?? Luis Gonz??lez <jlgonzal at ya.com>' > submitter 208308 R?diger Kuhlmann

Hi, I recently changed my motherboard to Gigabyte GA-7DPXDW+ and I can't get onboard AC97 sound to work. I added 'device pcm' to my kernel config file and sndstat returns FreeBSD Audio Driver (newpcm) Installed devices:", nothing ;( Any hints ? I'm running FreeBSD 4.8-STABLE

Aprovados lista publicada Jacu?pe: Tangar? da Serra: ANA CAROLINA PINTO COSTA, LISLY KATELLY DE PAULA MARTINS, FRANCISCO HELSON DE LIMA NERES, PAULO RAFAEL PEREIRA SOARES, JO?O CARLOS MOREIRA DE CARVALHO, DAMI?O JOVENAL DOS SANTOS, MARIA GORETTI LIMA FREIRE, JANIMERY BARBOSA DE ABREU MELO. SHYSLAINE ARA?JO BEZERRA, ARIANE SOARES SILVA, LUCAS MOREIRA DIAS, GILSON POLICARPO DE S?, REBECA DE FREITAS

Lista dos aprovados em concurso Matriz de Camaragibe: Ant?nio Jo?o: ADEL?ENNE KIRLEY, JULIANA RODRIGUES ALVES, ERICH DOUGLAS MOREIRA CHAVES, MAYSA RAQUEL DA SILVA, JO?O CARLOS MOREIRA DE CARVALHO, CARLOS ALEXANDRE SILVA DE LIMA, MANOEL LEYVSON MACHADO MATOS, IANN MARZZO SAMPAIO LIBOS. ROBERTO BEZERRA FERREIRA, DIONE MARIA DA SILVA, MARIANA COSTA OLIVEIRA, JORGE ROBERTO PRUDENCIO NASCIMENTO,

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=107 Summary: Kernel panic when using NAT + FTP - ftp_conntrack problem Product: netfilter/iptables Version: linux-2.4.x Platform: i386 OS/Version: All Status: NEW Severity: major Priority: P2 Component: NAT

Hi All How to classify packets belonging to a FTP session? Port 21 session is easy. but what about data transfers? Their port numbers (both) are above 1024. I was thinking about ip_conntrack_ftp. Something like: iptables -A FORWARD -p tcp --sport 1024: --dport 1024: \ -m state --state ESTABLISHED,RELATED -j CLASSIFY --set-class X:Y But what if I also have ip_conntrack_irc, for instance.

Hi all, I want to run vsftp behind a firewall.(i.e DMZ zone) . It is runnig as passive ftp. the theroy behind passive ftp is , - FTP server's port 21 from anywhere ( Client initiates connection) - FTP server's port 21 to ports > 1024 (Server responds to client's control port) - FTP server's ports > 1024 from anywhere (Client initiates data connection to

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=107 ------- Additional Comments From laforge@netfilter.org 2003-06-30 17:10 ------- This is strange, we've never had a bug report regarding this issue. btw:I'm running 2.4.20 with prixm2 and hostap driver as a gateway in my home, too. regarding your router: can you configure it to use a serial console (if it has no

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=107 ------- Additional Comments From laforge@netfilter.org 2003-08-19 12:14 ------- The posting you are referring to is a 2.4.10 kernel. I don't even remember how many bugs have been fixed since then... so I wouldn't consider this as a current bug report. Regarding your problem, I really don't see how this could