similar to: Error in "15.10 Example of full nat solution with QoS"?

i''ve read your http://lartc.org/howto/lartc.rpdb.multiple-links.html article as well as Advanced IP Routing (esp. chapter 10.4) and still unable to make this thing work. am i that helpless? :) is there anyone to guide me through the multiple ISP setup? into details. i got 2 dsl connections from different ISPs (A and B), both connections use PPPoE, both got assigned with dynamic IPs

Hi, system info: ubuntu 7.04 (Host OS) samba 3.0.24 (installed with apt-get) vmware-server 6.0.1 windows XP (Guest OS) I was using the iptables script provided by iptablesrocks.org. It's been quite useful, but I ran into a problem when I tried to connect samba. Without any iptables rules, I have no problem when connecting host os(ubuntu samba server) from guest os Windows XP. I referenced

Hello again, unfortunately the following /etc/sysconfig/iptables file does not work: *nat :INPUT ACCEPT :OUTPUT ACCEPT :PREROUTING ACCEPT :POSTROUTING ACCEPT #-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080 -A PREROUTING -p tcp -m tcp -d 144.76.184.154/32 --dport 80 -j REDIRECT --to-ports 8080 COMMIT *filter :INPUT DROP :OUTPUT ACCEPT :FORWARD DROP -A INPUT -m state --state

Good evening, on a CentOS 7 LAMP (not gateway) dedicated server I am using iptables-services with the following /etc/sysconfig/iptables: *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [294:35064] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp -m

Hello Gordon and others On Tue, Jun 21, 2016 at 4:13 PM, Gordon Messmer <gordon.messmer at gmail.com> wrote: > On 06/21/2016 02:30 AM, Alexander Farber wrote: > >> -A PREROUTING -p tcp -m tcp -d 144.76.184.154/32 --dport 80 -j REDIRECT >> --to-ports 8080 >> > > > I think you have the ports backward, here. > here the problem description again: I have

Hello, I wonder if someone could use the TPROXY with Shorewall and transparent Squid  with using the routing rules on shorewall (tcrules) for hosts / networks (LAN) with multiples providers (WANs) directly from the internal network on port 80 (with TPROXY transparent squid or REDIRECT). On this issue, the routing rules is not work propertly because the source is the

Hello, my linux show me that: server2 root # ip route add default scope global nexthop via 192.168.5.1 dev eth2 weight 1 nexthop via 192.168.160.1 dev eth0 weight 1 RTNETLINK answers: Invalid argument What can I do???? Thanks Matias --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.726 / Virus Database: 481 - Release Date:

Hi ! I have a single host which is connected via an 512kbit ADSL link to the n= et. I quite often use some realaudio application that uses some bandwidth = and I want to avoid other traffic to scale that bandwidth down. So I used = some classes (with htb) on imq0 device and applied some filters and it see= ms to work in most cases. However, there are some sites with which downloa= d is

Hi, I''m having issues with policing my incoming traffic by matching packet marks made by iptables. I''ve checked as many sites and guides as I can find, and I seem to be doing the exact same thing as they all are, but there''s still no success. As such, I was wondering if anyone can have a quick look to see if I''ve done anything obviously stupid? Essentially, I

I have posted this question to the netfilter mailing list along with #ebtables, #iptables, and #netfilter. Nobody has really responded, so I''m led to believe that it is either incredibly complicated or *really* simple. Please, somebody throw me a bone here! Ok, on with the show... I have a bridge (br0) with two interfaces (eth1 and eth2). Neither br0, eth1, or eth2 have an

I''ve been trying to match multiple public IPs in an ingress qdisc. The idea is to allow these specific IPs and aggregate value of 256 kbits incoming to the interface. Can anyone tell me how this can be effectively done if at all possible with tc? Thanks in advance -- Corey Rogers <jrog@sunbeach.net> _______________________________________________ LARTC mailing list /

Hi Here is a short description of my network: ppp0 (adsl) ppp1 (adsl) | | | | --------------------- | Router | | Firewall | | MASQUERAD | | DNAT | | | | eth0 | --------------------- | | | ---------------------- |

Hi, I have a default class for my un-marked traffic (prio 5) and a prio 0 class for the important stuff, but I do not understand why my download traffic is duplicated in both. It work fine for my upload traffic (same setting except the red class but I have the same result if I create an esfq instead). Any comments/information will be appreciated. Below my config : tc commands from my scirpt :

Hi, I got the following lines from ''Linux Advanced Routing & Traffice Control HOWTO'' and got confused! iptables -A PREROUTING -i $INDEV -t mangle -p tcp --syn \ -j MARK --set-mark 1 tc qdisc add dev $INDEV handle ffff: ingress tc filter add dev $INDEV parent ffff: protocol ip prio 50 handle 1 fw \ police rate 1kbit burst 40 mtu 9k drop flowid

Hi all! I''m trying to shape traffic in a dorm''s network (4 mbit symmetrical internet link, about 200 computers, heavy p2p usage). The router is a p4xeon running linux 2.6.9 with the qnet patches (http://kem.p.lodz.pl/~peter/qnet/). When I activate ip_forward I get >20% packet loss and a lot of duplicates. Any ideas? I attach my shaping script. Thank you very much in advance,

Can anyone tell me whether I have a routing problem, or an openVPN problem, or something else? I''ve stared at this for so long I think I must be looking in the wrong place! I have 3 machines: Machine A has single ethernet card, eth0, 192.168.5.5 Machine B has eth0, 192.168.5.? on the local net, eth1, 81.2.x.y to the internet, and

Can someone verify that using fw as a filter in iproute2-2.6.11-050330 is broken. Doesn''t seem to work in any case and I saw an earlier post that would lead me to believe this is the case. If so does anyone have a temporary fix? Thanks, Troy

Am 23.06.2020 08:43, schrieb Luca Bertoncello: And another thing, I discovered right now... > Could you suggest me something to restrict the problem? > Currently, I think the problem can be: > > 1) on Asterisk > 2) on my Gateway/Firewall A couple of years ago I added this entry in my firewall: /sbin/iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS

Hello. I'm moving from a very old Fedora Core 1 to CentOS 4.4, what a change!! Three year ago, I wrote some script (network related) and worked very well. Now, I can put into init.d by means of chkconfig and I restarted the system, but always hang when executing my srcipt (in my new centos 4.4). There a manual for making scripts for init.d? there is some new requirement by which it does not

Hi, I have a problem with asterisks on Linux. Looks like it is a iptables problem. My external client (eyebeam, on a different computer) cannot register to the asterisk server, but the asterisk server itself *looks* working. If I dial one of the incoming phone numbers for the server, I can see the call arriving in Asterisk (using asterisk -r). I tried nmap on my server, and this is the result: