similar to: load balancing and DNAT

The LARTC howto correctly describes load balancing and split access for traffic from a machine with multiple ISP connections (http://www.lartc.org/lartc.html#LARTC.RPDB.MULTIPLE-LINKS) -- *provided* the traffic originates from the machine itself (i.e. traffic regularly handled by the INPUT and OUTPUT chains of iptables). When forwarding traffic from an attached local network, the following

I have tried using iptraf for my NAT firewall to analyse the IP traffic. Basically I am faced with this difficulty of related the source IP to the outgoing interface to the internet, so I am wondering if anyone has a suggestion for a different ways to do it, or a suggestion for a better tool. Details :- Supposed : eth0 - LAN eth1 - WAN1 eth2 - WAN2 And then

This problem is driving nuts, so I am seeking help here. Your help will be deeply appreciated. I have made myself a Linux bridge with eth1 and eth0 to form br0. Then I run a script to configure tc with htb on it. But I can never match non-icmp traffic ( such as tcp and udp ) with TOS or DSCP values such as 0x68. The full story as follows :- 1. On the source testing machine, I do this to set

Hi, I have a few remote user who use a PPTP based VPN. The server is running PoPToP (http://www.poptop.org/), and a pppd patched to support MPPE/MPPC for (some) added security. Currently, users authentication information is stored in plaintext in /etc/ppp/chap-secrets. I'd like to be able to put users into LDAP, and have ppp authenticate either directly against LDAP, or against Samba (with an

I am running Poptop 1.1.4 VPN server, Samba 3.0.6, RH 9 (2.4.20-8 patched for mppe-mppc). When the end user connects via VPN, they can create a share to the samba shared folder that was created. When they clost the explorer window, then reopen the shared drive from the "My Computer" view, the share can not be re-opened with the error that the mapped drive is alreay in use. I have

Subject almost says it all, I wonder if there is a way for me to use iptables matches like l7 and/or ipp2p match in a bridge ( one ethernet in and one ethernet out ) ? Regards.

Normally when we talk about traffic control, we are talking about doing traffic control (tc) using a router, ie packets into an interface and based on routing, they goes out to somewhere else. However I have a box with two interfaces, eth0 and eth1 added to a bridge br0 and I would like to perform traffic control via the two interfaces. Is that supposed to work the same as the router

Ok, on to new swamps. I would like to enable PPTP on CentOS4 to accept connections from clients running MicroSoft Win2K and XP pro from outside our firewall. I am testing pptpd-1.2.3-0 and tells me that I need kernel support for MPPE, which I suppose is MicroSoft's own form of PtoP encryption. Is there a way of doing this without rebuilding the kernel? If so, how? Regards, Jim --

I am not sure how to determine the separator, but 'which' shows "/usr/bin/ntlm_auth". I already ran it while on-site. Since it is broken, I cannot remote in. I will have to show up on-site again, possibly Thursday. Lead IT/IS Specialist Reach Technology FP, Inc On 10/27/2015 01:41 PM, Michael Wandel wrote: > Hey, > > On 27.10.2015 17:53, Ryan Ashley wrote: >>

I am not sure if this is a windows problem or a Samba problem. We have a network consisting of a mixture of Samba and windows servers running under a windows PDC. The network is a WAN with radio (802.11B) point-to-point links between buildings within the campus, and frame relay and ADSL links to interstate offices. The interstate offices have windows BDC's. Most of the desktops are win2k

I have a server currently connecting to a pptp remote server. This server(lns\lac) has the option for pptp connections and l2tp connections. The l2tp connections are not using ipsec encryption at all. I have seen couple guides\tutorials on the internet: - https://raymii.org/s/tutorials/IPSEC_L2TP_vpn_on_CentOS_-_Red_Hat_Enterprise_Linux_or_Scientific_-_Linux_6.html -

Thank you, Rowland. I will be going by this afternoon and I will check. The thing is, if it IS "\", how do I enter that into the pptp-options file? The entire list of parameters are in quotes, so do I need a double-backslah or anything? Lead IT/IS Specialist Reach Technology FP, Inc On 10/27/2015 05:21 PM, Rowland Penny wrote: > On 27/10/15 21:05, Ryan Ashley wrote: >> I am

Hey John, I do not require encryption at all, it's a secure and internal channel but it requires me to connect via either pptp or l2tp. This is the reason I am asking. I had the chance of finding the SoftEther Project which gives a lot in terms of VPN Client and Server. At: http://www.softether-download.com/en.aspx But yet to try it. Also they have all sorts of beta versions but not

I have a requirement which I guess it is not too unusually, however I haven''t quite figured out how to do it and couldn''t find any examples which handle that. I have made myself a Linux-based bridge, eth0 bridged with eth1 to form br0. In this bridge, I run ''tc'' script to handle QoS. So far nothing unusual. However, what''s different is that this

lartc-request@mail man.ds9a.nl To: lartc@mailman.ds9a.nl Sent by: cc: lartc-bounces@mail Subject: LARTC Digest, Vol 20, Issue 13

With 2.4.28 and Julian Anastasov''s http://www.ssi.bg/~ja/routes-2.4.27-9.diff patch, I get the following when I attempt to build my kernel. Any ideas? Thanks! gcc -D__KERNEL__ -I/usr/src/linux/include -Wall -Wstrict-prototypes -Wno-trigraphs -O2 -fno-strict-aliasing -fno-common -fomit-frame-pointer -pipe -mpreferred-stack-boundary=2 -march=i686 -fno-unit-at-a-time -nostdinc

As you are probably aware, this is a ever green topic. I have personally tried doing it, testing it and verifying it and I am myself finding this problem challenging and frustrating. Most of the scripts will recommend some form of rate limiting ( or policing ) on the download. But the challenge is how to determine the correct value for the policing ? Lot of the recommendation says use x %

hi there, I just wanted to share a recent discovery I did on how to setup a secure VPN implementation for linux 2.4.x (I''m using 2.4.20 but it should be working, as far as documentation states, for > 2.4.18) without using FreeS/WAN. The tool (ipsec_tunnel: http://ringstrom.mine.nu/ipsec_tunnel/, by Tobias Ringström) is a kernel module based on ipip and ip_gre. It uses CyptoAPI to

I try to setup a PPTP VPN server on Centos 7 and from client a router Vodafone Station (Firmware 5.4.8.1.316.1.21) On c7 I have install this: [root at s-virt tmp]# rpm -q pptpd ppppptpd-1.4.0-2.el7.x86_64ppp-2.4.5- 33.el7.x86_64 and setup all file and firewall like howto say.This now is my config: /etc/pptpd.conf:option /etc/ppp/options.pptpd/etc/pptpd.conf:logwtmp/etc/pptpd.conf:localip

Assuming if I have rules matching the same packet, the one chosen is the lower preference value or the high ? For example # ip rule list .... 100 from 192.168.1.0/24 lookup main 200 from all fwmark 5 lookup first ..... Packet is matching both rules, the one with priority/preference 100 or 200 is selected ? _______________________________________________ LARTC mailing list /