similar to: wondershaper and dmzs

Hi, this might be a dumb question, but I''m not finding much information online. I''m trying to setup a 2.6 linux box to run nat across multiple upstream links as a simple way to aggregate bandwidth. I found the instructions in lartc section 4.2 (http://lartc.org/howto/lartc.rpdb.multiple-links.html) fairly clear and straightforward. I implemented those, and a couple of trivial

I''m trying to use ssh_authorized_key to manage my user''s ssh keys. I basically have this (across a couple of files): class user::virtual { @user { "seph": ensure => "present", uid => "2001", comment => "seph", home => "/home/seph", shell =>

I''ve been using camptocamp''s iptables module. It works pretty well, lets me define rules in various modules, etc. Now I find myself needing to generate a commented list of it''s rules. I notice that the README has a nice exec suggestion. But, when I try it, I can''t get it to work. In my iptables/manifests/init.pp I have: Iptables { before =>

Hello everyone. I''ve been trying to get Qos to work here for two days now, but it REALLY doesn''t seem to work the way I want to. Here is my situation: Internet Wireless LAN Firewall DMZ Local lan As you can see, I got a Debian box in the middle as my firewall with 3 network interfaces and a wireless one. I use

Inspired by the recent thread titled "Array input of dirs, ensuring their existence" I thought I''d write up the problem I''m running into. I was chatting on irc about it, I don''t think puppet has a clean solution. Like the other poster, I''m defining an object that takes an array. In my case, I''m defining gpg keystore, which can contain a

Hi all, I''m a new puppet user and I''m running into some weirdness around creating users on solaris. (puppet version 0.23.2) The virt_all_users way of managing users seems pretty reasonable, but I don''t see how to deal with user specific groups with that. I have: class virt_all_users { @user { "seph": ensure => "present",

I''ve gotten wondershaper to work in my linux box, which is part of a 3 computer network that shares the same dsl connection. The linuxbox handles most bulk down and uploading, and the other 2 are mainly for surfing and such. What I need from wiondershaper is that it should perform it''s tasks with all of the traffic to the dsl modem, but do nothing with the internal traffic

I''m trying to setup a puppetmaster, and I''ve got a couple of questions. The first, is a design question. Since I expect to eventually have multiple puppetmaster servers, I''d like to name this one to be named puppet1.example.com. But I''d like my clients to connect via a cname as puppet.example.com. Is this pretty standard? Is there some more common way?

Hi, When i do ''wshaper start'' the interface i have defined stops routing traffic for some reason. It resumes routing when i do ''wshaper stop''. I''m using debian stable (3.0 woody) with debian''s default 2.4.18-686 kernel. When I run the script I get no errors, and when I do a ''status'', everything looks correct. Can ANYONE

Hi all, I want to use puppet to distribute keys to multiple users. I wanted to do something like we have already: - define a key per real person - define groups containing several keys, people can be in multiple groups - deploy these groups of keys to specific users however it looks like the ssh_authorized_key resource ties a key and a user together so it looks like I fall at the first

Package: xen-hypervisor-3.0-unstable-1-i386-pae Version: 3.0-unstable+hg11561-1 It's great having a pae hypervisor packaged for debian, but it'd be a lot more useful with a pae kernel seph

greetings all, i''ve searched high and low for this, but can''t seem to find an answer anywhere.. having read the docs and the wondershaper script itself, it occurred to me that the documentation promises an immediate drop in interactive app latency, specifically mentioning SSH as a big winner. however, looking through the script i can''t really tell just *how*

Hi, I just installed wondershapper 1.1a on my ipcop firewall box. I have roadrunner cable with a ftp server setup. My download speed is 2mbit (I get 225 KBytes) and my upload is 384kbit (I send at 43 KBytes). What should the settings in wshaper? I can ping yahoo.com at 90msec with little traffic.....and at around 220msec with full upload traffic. Mark

Hi, first of all, let me thank you for your great Shoreline Firewall. I use it with great success at home (protecting my WiFi connection). And now if I could have a question about traffic shaping. I did read everything I could find but I still have two problems: first, the MARK from tcrules is not working in HTB based simple tc filter line ("handle $MARK fw classid 1:20"). If I switch

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, been awhile since I''ve written. I now have a situation where I get to use traffic shaping for a client. ~ We implemented the WonderShaper script on our own firewall and experienced no problems. I made some modifications to it to add IPSec protocol packets into the 1:10 high priority class using the u32 filter. ~ So far on our

Is there a way to apply wondershaper w/ htb to a port range? I have a ftp server on port 65432 and passive ports 50000-60000. Is there a way to set a range? or do they have to be individually listed? The following doesnt seem to work: # low priority source ports NOPRIOPORTSRC=65432, 50000:60000 # low priority destination ports NOPRIOPORTDST= Mark

Hi I am very unclear about the wonder shaper and a bit of a novice with Unix all together I have a question for you and I hope you can answer Basically my office is getting a couple of people slowing down the network so ive been looking around and found wondershaper What I want to know is that can I rather than having low priority ports have it with high priority ports And

Hi, First time post to list - hope I''ve not messed up on the etiquette! I have a server running in a DMZ behind a wireless ADSL router. I recently implemented wondershaper, which did exactly what it should have, but, of course, knobbled the local bandwidth into the server too, as it''s going via the same (and only) interface. So, I''ve been playing with wondershaper,

Hi, I have a question conercing wondershaper. I''m using the Clarkconnect linux distribution for my linux router and I tried to use wondershaper. On start up of wshaper, there are no errors or any other problems but I''m not sure if it''s running correctly. Only one qdisc / one class is used and when I start an uplink ftp transfer, my ping time is growing up to 1700ms - I

Hi, I really like the wondershaper script, it works very well for me. My question is this. Is there a way to get certain remote hosts to be excluded from the shaping? I ask because I don''t have my box connected directly through the net. It sits behind a nat device, and has ports forwarded in for services. I''d like to limit the ports and services, but only to things going outside