similar to: Lost packets and strange "behaviour" of my TC rules

Hello All, I'm running Samba 3.0.24 as PDC and file server on Gentoo Linux, AMD64, 2.6.19 kernel, 100MBit/s network, and experience quite slow file transfers from Samba to WinXP SP2 clients: the speed is varying, but is about 1-2Mb/s at best. I spent quite some time investigating the issue, here are the intermediate results: 1) This happens only when transferring _from_ _Samba_ to

I was comparing some traces from SCP and SFTP when transferring the same file 200MB file between the same host pairs. Even when I put SFTP in batch mode I noticed that I saw 403208 bytes from the receiver in comparison to 3368 bytes with SCP. I've attached the relevant output from tcptrace below (the b->a column is the return side of the trace). Mostly I'm just curious as to what

Dear All, I''m using the kernel 2.6.6, iproute2-2.4.7.20020116, iptables v1.2.9, and gentoo. I have a leased-line 64 kbps. I can see the counter works in iptables, but in the htb, it doesn''t go to the right class (it always go to the default class). Any help will be appreciated here''s my htb conf #!/bin/bash tc qdisc del dev eth1 root tc qdisc add dev eth1 root

Hello, This is on Centos 6 and not something I think is wrong with Centos 6 but I am looking to see if anybody else has experienced this and if there is solution. So thanks up front for indulging me. Because Linux makes routing decisions before SNAT it is causing problems when trying to use FTP with two upstream providers in a load balanced setup. Other than ftp, things seem to work OK. Below

Hello, > > I have a vector wherein the cases are either uniform or mixed-strings (so > "AAAAAAAAAAA" vs "ABABABABA"). Different parts > of the vector apply to > different users, so [1:29] is one guy, [30:50] is another, and [51:70] is > another. There are about > 100,000 users, and I have an object that lists where each user's range > begins (ie

Hello all. We have three tunnels over the internet between our "central" gateway and some branch office gateway. Each gateway has eth0 on its LAN an eth1 on the internet. We use DSL lines and eth1''s have the internet IP directly attached on it. Each gateway, also, acts as iptables NAT gateway. The outgoing bandwith is 300 kbit, and we tried this (i.e.) on each tunnel: tc

I have problem getting answer on http request from all my local subnets but not from local subnet. Ping and requests on ports 21 22 23 25 110 works fine. I logged port 80 in rules files and I got accept entry same for local subnet and other subnets. Local subnet is 192.168.6 Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT= MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00

Hi folks, I have the following in my firewall (condensed version) [CentOS 4.2: 2.6.9-11.EL.i686 kernel]: INPUT: --state ESTABLISHED,RELATED -j ACCEPT -p tcp -j REJECT --reject-with tcp-reset -j REJECT OUTPUT: ACCEPT The connection is over a wireless link so packets _do_ get dropped even though throughput is around 100-400 kB/s (depending on atmospheric conditions, etc.) Now I've noticed

All, Recently on an Ultra 10 running Solaris 8: -- SunOS toasty 5.8 Generic_108528-20 sun4u sparc SUNW,Ultra-5_10, -- using a pre-compiled package of rsync 2.5.6 from sunfreeware.com: -- bash-2.03$ rsync --version rsync version 2.5.6 protocol version 26 Copyright (C) 1996-2002 by Andrew Tridgell and others <http://rsync.samba.org/> Capabilities: 64-bit files, socketpairs, hard links,

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:08.sack Security Advisory The FreeBSD Project Topic: Infinite loop in SACK handling Category: core Module: netinet Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:08.sack Security Advisory The FreeBSD Project Topic: Infinite loop in SACK handling Category: core Module: netinet Announced:

I have encountered a situation where I would like to use tftp-hpa to retrieve a file that resides within an absolute path containing a ':' character. Ala, "tftp foobar -c get C:2/tftpdir/myfile". Since the tftp client automatically converts the host:file syntax, I get an error "tftp: C: Unknown host". I made a chage to the tftp client code to add a literal mode (-l),

I thought I had this all worked out, but it seems not. The following tc configuration: tc qdisc del dev ppp0 root 2> /dev/null > /dev/null tc qdisc add dev ppp0 root handle 1: tbf rate 120kbit burst 1200 limit 1 tc qdisc add dev ppp0 parent 1:1 handle 2: prio bands 3 tc qdisc add dev ppp0 parent 2:1 handle 10: sfq perturb 20 tc qdisc add dev ppp0 parent 2:2 handle 20: sfq perturb 20 tc

Hi, We have problems to backup a large /home directory (+/- 12Go) with rsync (daemon mode) and BackupPC on ADSL static IP 4Mbps/380Kbps for the backed-up machine and Internet 10Mbps for the backup server, the rsync options are: '--numeric-ids', '--perms', '--owner', '--group', '--devices',

Re-submitted for 0.44. b.t.w. I notice that the new 0.44 'R' option is not documented in the tftp man page. ----------------------------------------- I have encountered a situation where I would like to use tftp-hpa to retrieve a file that resides within an absolute path containing a ':' character. Ala, "tftp foobar -c get C:2/tftpdir/myfile". Since the tftp client

--7ZAtKRhVyVSsbBD2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Netfilter Core Team Security Advisory =20 CVE: CAN-2003-0467 Subject: Netfilter / NAT Remote DoS Released: 01 Aug 2003 Effects: Under limited circumstances, a remote user may be able to crash

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=464 ------- Additional Comments From netfilter@linuxace.com 2006-07-15 18:38 MET ------- Jurgen: you are behind a box which doesn't understand the SACK option. From your trace: 02:52:32.237095 IP 134.76.88.65.11064 > 84.132.150.225.32805: P 237274514:237275954(1440) ack 372631662 win 181 <nop,nop,timestamp 229942196

ip_forward was not enabled, now it is. Still same result: On VPN_office I use 'tcpdump -npi any icmp and host 192.168.1.1' and ping 192.168.1.1 from the client: 5:28:42.646203 IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id 1584, seq 1, length 64 15:28:43.663014 IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id 1584, seq 2, length 64 15:28:44.688133 IP 172.16.0.3 >

Firstly I don''t think this is a shorewall problem, but I suspect shorewall might be able to solve it for me. I''ve posted this so far at http://mandrakeusers.org/index.php?showtopic=18942 I''ve stumble upon a problem that has me stumped I have a multipath router using 2.6.8.1 with patches from here http://www.ssi.bg/~ja/#routes basic setup: ___ ISP1

Hello, I have this problem: when my mail server on the DMZ starts a connection to the internet it''s ip (213.58.230.26) is "masqueraded" with the firewall ip (213.58.230.50). I wouldn''t mind but there is a one customer who rejects the connection because it makes reverse dns and finds no dns entry for the firewall ip. How can i correct this? Thanks, MSantos shorewall