similar to: CONNTRACK problem

Dear All I am trying a very simple set up: (a bit long message follows) #Flush previous definitions $TC qdisc del dev $VVNET root >&/dev/null $TC qdisc del dev $INTERNET root >&/dev/null $IPT -t mangle -D PREROUTING -i $INTERNET -d 200.231.56.0/24 -j IMQ --todev 0 # Mothers off all disciplines $TC qdisc add dev $VVNET root handle 1: htb default FFFF r2q 1 $TC qdisc add dev

Hi All How to classify packets belonging to a FTP session? Port 21 session is easy. but what about data transfers? Their port numbers (both) are above 1024. I was thinking about ip_conntrack_ftp. Something like: iptables -A FORWARD -p tcp --sport 1024: --dport 1024: \ -m state --state ESTABLISHED,RELATED -j CLASSIFY --set-class X:Y But what if I also have ip_conntrack_irc, for instance.

Hi all I'am trying to list the shares of our W2K server and got this error message. $ smbclient -L cvl added interface ip=192.168.100.1 bcast=255.255.255.255 nmask=0.0.0.0 session request to CVL failed (Called name not present) Password: Anonymous login successful Domain=[CVL-SERVER-1] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager] tree connect failed:

On Mon, 18 Jan 2016 16:09:17 -0200 "Ethy H. Brito" <ethy.brito at inexo.com.br> wrote: > On Mon, 18 Jan 2016 09:38:52 -0800 (PST) > Steve Edwards <asterisk.org at sedwards.com> wrote: > > > On Mon, 18 Jan 2016, Ethy H. Brito wrote: > > > > >> how to flush user input before READ()? > > > > How about a read() to a dummy variable

Hi All I am fighting this for 3 days and could not find any reason it is not working the way I want to (or I the way think it should). Internet output interface = eth2 (htb qdisc) Internet input interface = imq0 (eth2 attached - htb qdisc) main class = imq0 1:1 sub1 = 1:ffff (default) sub2 = 1:10 (src ports 1433/tcp or 1434/tcp or 81/tcp or 82/tcp) sub3 = 1:11 (src and dst port 25/tcp )

Hi All Can someone tell me what am I doing wrong? These was suposed to catch icmp type 8. Why ''match u8'' does not work? # tc filter add dev eth0 protocol ip parent 1: prio 2 \ u32 \ match u16 0x0800 0xffff at -2 \ match u8 8 0xff at 20 \ flowid 1:5 Illegal "match" # # tc filter add dev eth0 protocol ip parent 1: prio 2 \ u32 \ match

Hi How does Windows interpret the 'x' attribute for the file's 'other' attribute field? If I give a *file* a 0775 permission Windows XP clients cannot see the file. Not even the group members. If I change this permission to 0774 the file becomes visible to everyone. (smbclient sees the file either way). This file in under a directory which has 2775 as permission and

Dear All I am kinda frustrated with the lack of help some developers are dispensing to this problem (read ignoring it). A few days ago (december 22th) I reported a problem with ''tc filter match mark'' against 2.4 kernel series and got no answers that could lead me to any solution. This is a steady problem that occurs in kernel 2.4 series and match mark (at least for me). I

Subject: Re: [LARTC] inspecting what''s going in a class Date: Monday 05 December 2005 09:38 From: "Ethy H. Brito" <ethy.brito@inexo.com.br> To: jasonb@edseek.com On Mon, 5 Dec 2005 00:59:46 -0500 Jason Boxman <jasonb@edseek.com> wrote: > > > Sadly not possible with tc-filter. But perhaps I could do this for tc > > > with Vincent Perrier''s

Hi All I''d like to use an iptables mark together with u32 filter. Something like this, for instance: tc filter add dev imq0 protocol ip parent 1:0\ prio 2 handle 55\ u32 match u8 1 0xff at 0x09 flowid 1:22 (all icmp packets marked with 55 goes to class 1:22) But I got ''Illegal filter ID'' as answer. Is this combination possible? -- Ethy H. Brito /"\

Dears I wrote a small program that converts a ASCII hierarchical HTB model (nice name, no!) to those nasty bunch of tc statments. It is a 0.0.0-prealpha code so be gentle! ;-) This means a lots of buffer overflows and the like. I am not worried with these by now. My concern is: is this a good idea? any future on that? is it a duplicated effort? Would somebody tell me if it could be of some

Hi All Is the filter rule bellow supposed to classify icmp request/reply packets? $TC filter add dev eth2 protocol ip \ parent 1:0 prio 1 u32 \ match ip dst 192.168.0.1 \ match icmp type 8 0xff flowid 100 $TC filter add dev eth2 protocol ip \ parent 1:0 prio 1 u32 \ match ip dst 192.168.0.1 \ match icmp type 0 0xff flowid 100 it is accepted by tc but I think it is not

Dear all 1) Could you happen to know why smbmnt, smbmount and smbumount are not compiled whem I rum "make" from the source directory? I found (for example) bin/testparms in the PROGS1 Makefile variable but no reference to those little fellows. 2) How do I change the config directory to be /etc instead of /usr/local/samba/lib? I tryed "./configure --sysconfdir=/etc" and it

Hi All Is the filter rule bellow supposed to classify icmp request/reply packets? $TC filter add dev eth2 protocol ip \ parent 1:0 prio 1 u32 \ match ip dst 192.168.0.1 \ match icmp type 8 0xff flowid 100 $TC filter add dev eth2 protocol ip \ parent 1:0 prio 1 u32 \ match ip dst 192.168.0.1 \ match icmp type 0 0xff flowid 100 it is accepted by tc but I think it is not

Hi All After a Dial() I get: WARNING[7964][C-000075a8]: app_dial.c:2437 dial_exec_full: Unable to create channel of type 'SIP' (cause 20 - Subscriber absent) if the subscriber is not registered. Is there a way from dialplan to know, *before* Dial(), if a destination Subscriber is a) not registered or b) busy ? I need to redirect a call to some other Subscriber if (s)he is not there

Hi All I've installed Samba 2.0.3 and coudn't put "unix passowrd sync" to work. I set: passwd program = /usr/bin/passwd %u passwd chat = *New*password:* %n\n *Re-enter*new*password:* %n\n*changed.* passwd chat debug = Yes unix password sync = Yes log level = 100 The password page says "The password for 'user' has been changed". In fact it has been

I visited yesican.chsoft.biz and the author proposes a way to match packets by less than some size . Here is the thing: match u16 0x0000 0xffb0 at 2 With this match he says that packet with less than 80 bytes will match the rule. Well, 0xffb0 translates to 1111 1111 1011 0000 (which is -80 BTW). So, if I am correct any packet with bits 4 and/or 5 set (together with any of the 4

Hi, I'm running CentOS 4 with most of the latest updates, but am having trouble with iptables and the CONNMARK target. Is it available in the CentOS 4 kernel? Running on i386: kernel: 2.6.9-67.0.4.ELsmp iptables: v1.2.11 # iptables -t mangle -A PREROUTING -j CONNMARK --set-mark 1 iptables: No chain/target/match by that name I see I do have the CONNMARK lib in

Hello guys, I am still in doubt about this kind of server. So my question is about the "prio" at routing tables like: I have 3 tables in /etc/iproute2/rt_tables: 201 201 202 202 222 222 In table 201 there is the rules about my internet link (frame relay) that comes into eth0. So I made this route into it: [root@ns2 iproute2]# ip route show table 201 default via

Dear users I got this msg accessing s share: server:~# smbclient '\\localhost\Adm1' -U gabriela Added interface ip=192.168.0.254 bcast=192.168.0.255 nmask=255.255.255.0 Password: Domain=[EQUATORIAL] OS=[Unix] Server=[Samba 2.0.5a] smb: \> put lixo2 ERRDOS - ERRnoaccess (Access denied.) opening remote file \lixo2 The smb.conf says [Adm1] comment = Adm-Financeiro path