similar to: rule fwmark desn''t work for local packets (output chain)

--------------eth0---80.48.56.70---------- -------------80.48.56.65 ISP | my | router1 | | | linux | | | router2 ------------eth1---192.168.200.10----- ----------------192.168.1.1 ISP I''ve two ip from my isp one public and one internal. ISP have two routers router1 is gw for public ip and router2 is gw for internal

I'm installing openssl 0.9.5a and openssh 2.3.0p1 on an Ultra 5 running Solaris 8 with the latest cluster patch. Openssl installed without any problems. When I do a configure for openssh I get: Checking for OpenSSL directory. . . configure: error: Could not find working SSLeay / OpenSSL libraries, please install I've reinstalled openssl and everything is there. As a note I've

Hi All Apologies if this is obvious, but I''m a bit flaky around SSL certificates. NB puppet version 0.25.5 We use the brilliant feature of certificates where you can have Alternate DNS names for a certificate which is manifested in the puppet master config file as certdnsnames. All our clients connect to puppet-$ location.example.com, and if $location is down, we can point the CNAME to

hi for those who was fallowing this topic I can say that IP_ROUTE_MULTIPATH_CACHED must be disabled! After few tests I''m quite sure that this was cousing my problems. Now I''m using 2.5.15 kernel without patch of Julian Anastasov and load-balancing is working. lartc split-access how to and http://www.ssi.bg/~ja/nano.txt now both are working fine Now I will try to use fwmark

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, Anyone have any experience with either of these, I 'd appreciate some feedback? Plus it seems pretty easy to steal a connection with this. Zyxel Prestige 2000W WiSIP thanks, - -- Steve "They that would give up essential liberty for temporary safety deserve neither liberty nor safety." Benjamin

I've just installed openssh 2.3.0p1 on a number of Solaris 2.6 boxes. I've noticed that connect times can take up to 3 minutes when connecting from box a to box b with the new ssh client and daemon. When I connect using a pc client like f-secure or with an old ssh client on unix the connect times are wonderfully fast. Any idea why I would get slow connect times with the new client and

We are trying to get samba comiled with ldap support on Solaris 8. We're compiling version 3.0.9 with gcc 3.3. Here's the error that we get: Using FLAGS = -O -I./popt -Iinclude -I/nau/src/Net/samba-3.0.9/source/include -I/nau/src/Net/samba-3.0.9/source/ubiqx -I/nau/src/Net/samba-3.0.9/source/smbwrapper -I. -D_LARGEFILE_SOURCE -D_REENTRANT -D_FILE_OFFSET_BITS=64

Dear Duncan, Was close to giving up to use the parameterized rmarkown as vignettes. But your suggestions to use quote and eval, as well as to use the package parameter in data made it work, with all devtools::install,check,build and build_vignettes as well as with R CMD ... etc. But most importantly it also still works with: rmarkdown::render("vignettes/tr_srm_summary.Rmd",

I have two machines that we are having problems compiling version 4.3p2. Both machines are Solaris 8 and gcc 3.3.2 openssl 0.9.8a is installed on both machines as well. The first exhibits an error in log.h: In file included from bsd-arc4random.c:18: ../log.h: In function `fatal': ../log.h:56: warning: empty declaration ../log.h:65: error: parse error before "volatile"

Hi list, I''m new to this list, I just subscribed because I have some ackward about IPRoute2. First, while playing with NetFilter'' "MARK" target, I met a weird behaviour once I tried to use this marks in the RPDB : the packets where successfully marked, but it seemed that RPDB didn''t succed in matching them (for those who already know the answer, I only used

caching_thread()s do all their work under read access to extent_commit_sem. They give up on this read access only when need_resched() tells them, or when they exit. As a result, somebody that wants a WRITE access to this sem, might wait for a long time. Especially this is problematic in cache_block_group(), which can be called on critical paths like find_free_extent() and in commit path via

Hi, I''ve got 2 lines from two diffrent ISP''s, one is a leased line and another a DSL line, I route certain ips over the DSL line for faster access and would like email to go over the leased line as it has a static ip and is our sending mailserver ip I would like to send mail to the same ips that is routed over DSL via the leased line, otherwise my server gets blacklisted with

Hi everybody, I''m trying to set up routing for 2 links to the internet on a box which produces traffic itself (e.g. DNS) and will route all our local traffic. AS one route is quick and expensive and the other one slow and cheap, I want to be able to route packets for some high-level protocols to the second link. If I correctly understood table 3-2 in

Hello! Currently I am marking packets with IPMARK, and then using following rules: 1: class add dev eth0 parent 1:4 classid 1:100a htb rate $rate ceil $ceil quantum 1600 2: qdisc add dev eth0 parent 1:100a handle 100a:0 sfq perturb 10 3: filter add dev eth0 protocol ip parent 1:0 pref 30 handle 4106 fw classid 1:100a 4: class add dev eth1 parent 1:2 classid 1:100a htb rate $rate ceil $ceil

I made a script to test if in a moultiple gateway setup all default connection are up, regardless of the fact that that gateway is the default gw. Suppose adsl1 and adsl2 are present, and all traffic goes by default to adsl1, and you want to test if adsl2 is ok. 1. I use mangles from iptables to mark icmp packets to some test machines 2. I set up a routing table for each adsl 3. I use

I would like to route ssh in my network via DSL2 and all other trafic via DSL1. So far I menaged to do it for LAN2 but there are still WLAN1,LAN3 and LAN1 to go. On all routers I added table "pilicka" with rule for fwmark and I fwmarked ssh. # ip rule show 0: from all lookup local 32765: from all fwmark 0x3 lookup pilicka 32766: from all lookup main 32767: from all lookup

Hi all, Below is my network diagram: - eth0 (adsl 1) eth1 (adsl 2) | | | | | | | | ----------------- | | | Gateway | | | ----------------- | | | tun0 Below is my iptables scripting to mark certain ports: -

Hi, I had a nice router which was able to split my outgoing webtraffic over a dsl line, then I got a power failure and now my settings are lost and I don''t get it to run. I''ve configured a iptable rule like: /sbin/iptables -A PREROUTING -t mangle -i eth1 -s 192.168.1.10 -p TCP --dport 80 -j MARK --set-mark 1 and ip rule add fwmark 1 lookup 10 ip route add default via

Hi, not sure if it will work, i''ve 2 leased lines, behind line 1 is a webserver, this server should answer all incomming http requests through leased line 1, the webserver self parses other webserver, this outbound traffic should go over leased line 2. i''ve successfully added fwmark with iproute, but if i set the policy for the webserver to use leased line 2 (for parsing other

hi again list, first off thanks for the tips roy. here my question. i''m using ip based classes in my htb config. i would like to give some people (eg 192.168.0.20) 4mbit but only if he downloads from certain ip classes. i have my iptables marking those classes with 1 for upload and 0 for download. and finally the question: what''s the appropriate tc (or maybe iptables) command