similar to: iptables match u32

hi everybody, I used to test this rules on my gateway : iptables -I FORWARD -p udp -m length --length 39 -m u32 --u32 ''27&0x8f=7'' --u32 ''31=0x527c4833'' -j DROP This was working with a 2.6.16 kernel but now i upgraded to 2.6.17 it give me the following message : [ 5333.870000] ip_tables: u32 match: invalid size 0 != 2028 iptables: Unknown error -1 I tried

Hi All, Can anybody suggests how can I disable netfilter for bridged traffic in linux-2.4.27 kernel ? Thanks and Regards, Senthil

Hi, I am currently using a 2.4 kernel with multipath routing patch v5 to send outgoing packets in a 1:1 ratio over two lines, however the lines do not actually have equal upstream bandwidth, one has 800kbit and the other 600kbit, so ideally I would like to send packets in a 4:3 ratio, is there anything in 2.6 or a patch for 2.4 that could be used to do that? I tried this ugly hack but it

This is my simple situation: I want to policy download and shape upload going through my router. It has two interfaces: eth0 (10.4.10.222/24 connected to LAN) and eth1 (172.16.0.1/24 connected to my laptop). My setup: [eth1] tc qdisc add dev eth1 root handle 1: htb default 999 tc qdisc add dev eth1 parent 1: classid 1:1 htb rate 1Mbit tc filter add dev eth1 protocol ip parent 1:0 prio 1 u32 match

Hi, I am trying to categorize the network traffic and to send it out across two different providers. For this I mark the packets in the firewall (in the PREROUTING chain of table mangle), and then use another routing table for the marked packets, which has a different gateway from the main routing table. Basicaly I am following the cookbook example in this page:

Hi, I have two connections to the Internet. I implemented the load balancing as described in chapter 4.2 "Routing for multiple uplinks/providers" The problem that occurred is that the client applications like Yahoo Messenger or even PuTTY (SSH client) are loosing the connection very often. Does anyone experienced this problem? Does anyone knows an workaround for this problem?

Hi, this is my Linux Box ---------------------------- LAN 1 -----|--eth1 <---br1--->eth0.1 | | \ | | eth0--|----- 802.1q tagged 1 Mbps link | / | LAN 2 -----|--eth2 <---br2--->eth0.2 | ---------------------------- I have to bridge the 2 lans

Hi. there is a way to MARK udp VOIP (SIP) traffic, in order to put in a highest prio class ? Traffic flow seems start on udp 5060 port, but next both server and client seems jump to a random(?) port. I can''t use CONNMARK because is udp traffic. I only see a pattern for L7 patch in order to SIP traffic identification , but I run 2.4 kernel series . When you patch 2.4 kernel with

Hi list, I have a problem I thought was simple first, but now I''m stuck. In a nutshell, it''s about redundant uplinks at an outside location. Crude ASCII-Art follows: Internet | | +------------+ | cisco with | | uplinks | +------------+ | | ATM interface +----------+ ... | alvarion | | | wireless

Hi i am sharing my connection in my office with my partners ... I want to limit my connection to 20kilobyte but i dont know how to do that :( Can u plz hep me ? --------------------------------- How low will we go? Check out Yahoo! Messenger’s low PC-to-Phone call rates. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl

Hello, I''m following this HOWTO http://linux-ip.net/html/adv-multi-internet.html to route outgoing SSH from a secondary ISP. I can see using tcpdump,jnettop,iftop that when one of the computers located in my internal network is trying to SSH to a box online using SSH, packets are routed via the secondary internet ethernet card. However, packets don''t seem to know how to get back.

On my debian woody (kernel 2.4.31) the tcpdump doesn''t work with imq0 devices. If I try to tcpdump imq devices there is no packet seen: [...] rt1:~# tcpdump -n -i imq0 Warning: arptype 65535 not supported by libpcap - falling back to cooked socket tcpdump: WARNING: imq0: no IPv4 address assigned tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on

Hello all, I have a CentOS box that has a NIC (eth0) on which I defined 4 VLAN's (counting the NIC itself): eth0, eth0.1, eth0.2 and eht0.3. Initially the Cisco switch was not partitioned into VLAN's which means that the only VLAN running on it was the default one (VLAN 1). I have then played with VLAN's a bit on the switch and at this point have two: VLAN 1 (which is default and can

Hi everybody, sorry for posting again, however I''ve moved the problem now ;-) After digging a bit deeper, I''ve successfully set up the routing as such, it works for incoming as well as outgoing packets that take the default route. Changing some of the routes using IP works as well. When I mark some outgoing packets in order to send them via another route (the fast leased line

I have to match my packets based on MAC address, which I cannot do in the POSTROUTING chain, so I do it in PREROUTING using MARK. Then, I match on the MARK in the POSTROUTING chain to do a CLASSIFY. But this does not seem to work: wireless-r1 bwlimit # iptables -L -v -n -t mangle Chain PREROUTING (policy ACCEPT 3353K packets, 941M bytes) pkts bytes target prot opt in out source

Hi! I''m doing load balancing for 5 dsl lines, each one with a dsl router attached to a linux machine ethernet plug. The problem is that I''m adding 15 more dsl lines, and I don''t have enough PCI slots in the linux machine to sum up 20 ethernet plugs (I already have 2 quad ethernet cards). So I''m considering connecting all dsl routers and the linux machine to a

Ok ive been trying to get this to work for about half a year now. Ive searched all over the internet for a solution for my problem. Ive found some solutions, but they only led me to yet more problems. What we want to do is the following: I live in a student complex with 7 other people. Every room has its own internet connection from the same ISP. Ip, gateway, subnet are asigned through dhcp on

Hi, I have several users on the lanside each allocated separate IP addresses. I need to allocate th traffic to each IP addresses certain portion of total uplink. Say, 192.168.0.2 rate 128kbps, ceil 128kbps. 192.168.0.3 rate 65kbps, ceil 128kbps 129.168.0.4 rate 64kbps, ceil 64kbps. and so on.... Also, for each user i would like to prioritize the traffic within the allocated bandwidth. say for

I couldn''t find anyone who had actually made it work via google so I guess I''ll ask here. My setup is a VPN point to point link. The VPN is a modified version of Openvpn where I''m using zlib compression to improve the compression a bit. The goal is to shape traffic coming from a routing server through the vpn to the endpoint of the vpn and in such a way maximize the

Hi everybody! I''m using an edge bridge box with two ethernet cards to shape traffic in a WAN link. I''m running Debian 3.1 stable with kernel 2.6.8 and iproute from packages. I recompiled the kernel with the following built-in options: [*] 802.1d Ethernet Bridging [*] QoS and/or fair queueing <*> HTB packet scheduler <*> SFQ queue [*] QoS support