Displaying 20 results from an estimated 5000 matches similar to: "Problem with two providers:Need to route packets on the interface on which they arrives."
2006 Dec 14
5
blocking traffic on the FORWARD chain using physdev
Currently using physdev on a bridge to try and isolate certain paths
across and to the bridge. It all works except when trying to stop the
flow in one direction on the FORWARD chain?? Can someone please help??
Below is the testing done so far.
eth1 <---> BRIDGE <---> eth0
# Block (eth0 ---> eth1) - blocks both directions and not just one??
iptables -A FORWARD -m physdev
2005 Feb 10
7
RoutesKeeper
I just stumped on the following project:
http://selab.edu.ms/twiki/bin/view/Networking/RoutesKeeperProject
From the page:
> Free as in GPL: Yes, it''s very important, we all love Mr. Richard
> Stallman • Load balancing: Use unlimited number of internet
> connections simultaneously • Fail over: You still get persistent
> internet access although some of your connections
2005 Feb 16
11
Load Balancer setting for Public Servers
Hello,
I have finished setting up the load balancer with IPROUTE ... also patch the
kernel to support DGD and now it''s working fine with the valuable guide at
LARTC website, Julian Anastasov, and the kind people in this mailing list.
Now I would like to launch a web server and a ftp server to the public but
I''m stuck into a problem and really need your help.
Currently internal
2005 Jun 24
6
Is it that difficult?
Hello,
You will find in attachment the layout of my
current physical configuration.
For now, the Cable ISP is not used. Since it
is a dynamic ISP, my mailserver is rejected and
my domain name registers on blacklists like ORDB
and al.
I want it to be used as a default gateway except
for my mail server that would be seen as coming
from my "honest" ADSL ISP.
Here is
2005 Nov 25
1
2 WAN links and DNAT
Hi
Here is a short description of my network:
ppp0 (adsl) ppp1 (adsl)
| |
| |
---------------------
| Router |
| Firewall |
| MASQUERAD |
| DNAT |
| |
| eth0 |
---------------------
|
|
|
----------------------
|
2006 Dec 12
1
Multihoming & routing & NAT problem
As suggested on the netfilter list, I''m posting here too:
Current network layout:
Internet
|
----100.100.251.217----
/ (router) \ Internet
| | |
100.100.251.220 100.100.251.218
2007 Mar 02
8
DNAT and Load Balancing
Hi all!
After that good thread "DGD patch not detecting dead gateway" I was
able to set up a Load Balancing with ping based DGD (without Julian
Anastasov patch). But now I''m facing a new problem and tried some
options, with only partial solutions.
I made a script based on
http://www.mail-archive.com/lartc@mailman.ds9a.nl/msg16257.html (Thank
you Manish Kathuria),
2009 May 29
5
CONNMARK target and connmark match support in Ubuntu kernel
Hi,
as per the shorewall MultiISP documentation ( http://www1.shorewall.net/MultiISP.html
), it says
"Use of this feature requires that your kernel and iptables include
CONNMARK target and connmark match support (Warning: Standard Debian™
and Ubuntu™ kernels are lacking that support!)."
it means MultiISP wont work properly if i am using Ubuntu server. if
yes whats the
2007 Mar 15
3
Traffic Shaping over Satellite Internet
I''ve set up Traffic Shaping on a Linux Router.
Using HTB with SFQ, i''m trying to slow down
heavy downloading for 20 subscribers over
a 2048 kbit downlink. I''m classifying internet related
traffic using iptables marking.
bri0 is my local lan bridge, receiving egress traffic destined for subscribers.
tc qdisc add dev bri0 root handle 1: htb default 2
tc class add dev
2006 Mar 13
1
Dynamic Zones and IPSET (with a DNAT for good measure!)
Hello all,
I have been putting together a shorewall firewall together for a couple
of days, but have hit a bit of a dead end.
I am using Shorewall 3.0.5
Shorewall has detected the following iptables/netfilter capabilities:
NAT: Available
Packet Mangling: Available
Multi-port Match: Available
Extended Multi-port Match: Available
Connection Tracking Match: Available
Packet Type
2005 Feb 21
12
NAT
Hello,
I installed my linux server for 3 months now. It does almost everything
(dns, web & mail server, firewall ...).
I just encounterd two problems with the firewall: behind this server
there are 2 computers: i got emule on one and msn on the other. The
problem is that I can''t configure well the firewall fore these 2 rules.
I''ve added DNAT rules but it
2005 Jun 27
1
routing incoming port 82
Hi,
I have two DSL line from the different provider connected to my Linux
Router Firewall. Server_A is behind the Linux Router Firewall.
DSL0 --
| ---- LINUX_ROUTER_FW -- SERVER_A
DSL1 --
I have the following IPTABLES command to make incoming access to Server
A''s web service throught port 82 as below: -
$IPTABLES -t nat -A PREROUTING -i eth1 -p tcp --dport 82 -j DNAT
2006 Apr 08
4
source routing does not work with extra ip addresses
I set up this config:
+------+
-+ ISP1 +--+
+------+ | +-------+
+--+ linux |
+------+ | +-------+
-+ ISP2 +--+
+------+
No problem. Standard setup with two ISP''s. Both routed subnets. Default
gateway is ISP1. No magic here.
Now I put a server behind the Linux box. I want the server to be
reachable on an /extra/ IP in the routed subnet of ISP2.
+------+
-+ ISP1
2007 Oct 18
4
exporting service on multiple wan
Hi all,
I''ve a routing problem. I''m setting up a router based on debian (kernel
2.4).
I need to setup routing to export an ftp service (ftp server is in dmz)
to 2 wan (both).
I setup prerouting ad forward rule with no problem.
The problem is that reply packet use default gateway (default wan) even
though they are enter using the other wan.
I solved it marking packets in input
2005 Dec 18
3
connection tracking
Hello
I have some rules inserted in the NAT table dual SNAT and DNAT for a
connection
They use at some moment the same port of the outside network.
The problem i have is that the connection tracking in the kernel checks
first the oldest rule and then the newest one.
I use a system based on ARM XScale processor. Is that the default behaviour
and how can i change this behaviour?
Marius
2004 Mar 16
4
split route questions
I am working on a split route and ShoreWall system. I reviewed the
lartc documentation but have a few areas that I still need help on.
Here is my network:
64.xxx.xxx.1/25 66.xxx.xxx.129/26
| |
#################################################
# Eth2 64.xxx.xxx.2 eth0 66.xxx.xxx.130 #
#
2005 Jun 06
20
2 ISQs
Hello,
I tried to find the answer to my problem already but
it is a specialised one I think because nothing was
found.
I previously have a ISP who was very fast ("extreme
speed" service from Cable Modem) but that blocked
SMTP port and some other for poor non-commercial
users... And it gives dynamic addresses so no DNS
at home without tricks...
So I went to another
2005 Aug 09
4
Too slow computer?
Hello! I''ve put some questions on this list some weeks
ago and I''ve got good answers. Thank you!
Now I''ve finished my (beautyful) script and I ran it
on my router...
About my script:
It routes packages based on their destination on the
Internet. I have about 1650 preffered destination
networks listed in some file. The script read this
file and marks every package for
2005 Dec 27
3
Ingress policing (matching netfilter marks)
Hi,
I''m having issues with policing my incoming traffic by matching packet marks
made by iptables. I''ve checked as many sites and guides as I can find, and I
seem to be doing the exact same thing as they all are, but there''s still no
success. As such, I was wondering if anyone can have a quick look to see if
I''ve done anything obviously stupid?
Essentially, I
2011 Dec 16
1
[Bug 680] Packets disappear after NAT on 2nd gateway
http://bugzilla.netfilter.org/show_bug.cgi?id=680
Willie <MidSpeck at hotmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |MidSpeck at hotmail.com
--- Comment #8 from Willie <MidSpeck at hotmail.com> 2011-12-16 21:29:19 ---
I