similar to: EBTables, iproute, etc.

Hi, Sorry to bother you all. I have a typical problem sharing DSL upstream bandwidth with users. I have 3 types of traffic high-priority, medium-priority and low priority. My upstream rate is 960kbits. Traffic (any priority) can vary in bandwidth from 0 to 960kbits. I have a test setup where I can pump 600kbit of high priority sustained and I have 400kbit of low priority traffic sustained. I

Trying to use the policy drop rule with the bridged firewall, when I removed the first line the transparent proxy works great? It seems a bit strange as from reading several articles on it I thought the following occurs. 1st line - if it doest match it gets dropped on the local filter input. 2nd line - redirects the traffic off the link layer into the network layer ready for line 3. 3rd line -

Hello! I have the following setup: 1) a connection to my ISP with a public IP (1.2.3.4) with the gateway 1.2.3.1 2) an allocated IP class with 64 addresses (5.6.7.192/26) 3) two LANs connected through two NICs: a) 192.168.0.0/24 on eth1 (192.168.0.1) b) 10.0.0.0/24 on eth2 (10.0.0.1) The IPs from the allocated class are all assigned to eth0. The networks are SNATed to the external IP and

Hi, [sorry for the crosspost, I don''t know whether this is a routing or ebtables problem] I want to redirect all HTTP traffic passing through my bridge to a squid proxy on another machine. However, setting up brouting as suggested in the ebtables examples doesn''t work and the packets get dropped on the floor completely. /\/\/\/\/\/\/\/\ +----------------------+

Still learning Xen, and would like to know if it''s possible to run Squid in D0 when running in bridging mode. I have iptables and ebtables going, and am able to log packets with those, but can''t seem to get any traffic out of the bridge into Squid in D0 (or through iptables in D0, for that matter). Information I''ve gathered so far is that I need

Hello list, I've posted here about this before, but I realise that it may have been assumed that the bridged vlans simply put a switch port in a blocking state and left my question ignored. So to recap. I have two tg3 interfaces named 'in' and 'out' and a bridge named 'br0' My vlan trunk is on the 'in' side of the network, and set as in.2, in.3 ... The

Is there a flow diagram as to where tc actions take place with respect to NAT and other iptables functions on a multihomed box (private & public NICs) ? Are tc filter rules consulted before or after NATing? My real interest is in basic understanding first, and then solving a real problem second. Example: Firewall Public NIC 123.123.123.1 Firewall Private NIC 192.168.168.1 Dedicated Video

Hello, I am experimenting with Snort and other IDS and I would like to use Xen for these tests. This would require me to use port mirroring to sent a bunch of packets to a NIC located on my Xen machine. I don''t really know how Xen networking works, but is it possible to give a domU direct access to a NIC ? Or at least give it enough access so that it can see packets that are not for the

Hi, I''ve asked this elsewhere and received hints but no one seems to have a concrete explanation :- What I am looking to do is to be able to configure a Linux based router to be able to share THE SAME SINGLE Public IP address between the linux router and a single computer on the lan acting as the DMZ host (NOT normal NAT IP sharing !). So basically you have a linux router with two

Hi Rahul, If you're certain that your problem isn't as Stephen suggested, you might want to have a look at this: --- (From http://ebtables.sourceforge.net/brnf-faq.html <http://ebtables.sourceforge.net/brnf-faq.html> ) How do I let vlan-tagged traffic go through a vlan bridge port and the other traffic through a non-vlan bridge port? Suppose eth0 and eth0.15 are ports of br0.

Hi I have been using Shorewall for a while now and find it very useful and easy to configure, I am learning iptables and having trouble getting the bridge to successfully work with squid, although I get it working with Shorewall straight away? Does anyone know the rules to successfully use squid with a transparent bridge? Internet – router - (bridge eth0 – eth1) – local lan auto lo iface lo

I have a computer with two interfaces, say with addresses 192.168.1.1 and 192.168.1.2. I want to set up routing such that when I ping 192.168.1.1 it goes out through 192.168.1.2 and not to the local interface. Is this possible - all my attempts so far have been unsuccessful? If so, pointers, etc. would be gratefully appreciated. Jim -- Jim Redman (505) 662 5156 x85

re I would like to do some firewalling and p2p shaping/limiting on one of the vlans in my network and I was thinking of using linux box as transparent bridged firewall/limiter. For this I''m planning to use AMD64 2.2Ghz box with 2 1gbit NIC (Broadcom 5721), that will be bridged. The box must be totally transparent and unseen in the network, as well as it should have much influence on

Hi all, This is my first post to this list. I hope someone can help me, I have been getting grey hairs trying to make this work! I have a bridge setup on a debian sarge box. The bridge is called br0 and sits between my cable modem and a non-name brand router/switch: [cable modem]----[eth1]---[br0]----[eth2]-----[no-name brand router] I have squid setup on the linux box and it works, I have

Hello. I''m trying to use vlan in domU, but have something strange: I created bridge on eth0. This interface was configured as trunk with vlan 300, 301. I use this bridge in my domU, and I can see tagged packets when run tcpdump in domU. Also I created interface on domU to work with vlan 300. On this interface I see untagged packets in vlan300. And everything looks fine. But when

https://bugzilla.netfilter.org/show_bug.cgi?id=1316 Bug ID: 1316 Summary: ebtables-nft support for broute Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: normal Priority: P5 Component: iptables over nftable Assignee: pablo at

Anyone to know iproute-save, iproute-restore like script similar iptables-save/restore ? that stores everytihng routes,rules,tables everything ... then init.d-script that among other things stores the state on shutdown :") (thats easy then) ----- http://linuxtoday.com/news_story.php3?ltsn=2004-12-08-004-32-OS-BZ-DT-0005 snip> MS Office is popular in the same way as heart disease is the

Here are some notes I have about Linux bridging. I''ll try to separate what I know I know from what I think I know. Let''s say I want to bridge eth0, eth1, and eth2 together, all with an IP Address of, say, 1.2.3.2. This is how to do it: echo "Setting up br0 to bridge eth0 with eth1 and eth2" /usr/sbin/brctl addbr br0 /usr/sbin/brctl addif br0 eth0

Hello, Normally, in addition to such qdisc scheduler mechanisms as FIFO, PQ, WRR, WFQ, are there any more? Then, there is a confusion on scheduler in Linux enviroment: Assume there is a qdisc, such as RED as a leaf qdisc in a router, we know, if there is packet which want to enqueue the packet, the Function red_enqueue is called, but when the packet leave the queue(when the Function red_dequeue

i have both packages round, what are the diffs iproute2 justa follow on too iproute? Chris K Ellsworth _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/