similar to: Connection tracking flush

I am trying to shape a client (somewhat advanced). This is my target: Client is 192.168.2.224. I would like to allow him to download with 500000 bits/sec in general. But, for a specific port(say 22), i would like him to download with 300000 bit/sec only. The problem is that my configuration (maybe wrong) allows him to download with 800000 bit/sec. (500000 generally + 300000 on port 22) I thought

I was wondering if there is a queue with which I could have a regular rate limit at some kbits (say 256kbits) for my ethernet stations, but allow burstable sessions with a multiple limit (512 kbits) for a specific time (say 3 minutes). Of course, this is the same with having bursts of some Megabit buckets (measuring bits and not time), but for such big bursts i think it isn''t what i

Hi guys, Can you take a look at this? :) +-----------+ | | eth1-|- | | -|-eth0---LAN--- | | eth2-|- | | | +-----------+ - eth0 is connected to the LAN having the IP=LAN_IP eth1 is connected to the first ISP having IP=ISP_IP_1 and GW=ISP_GW_1 eth2 is connected to the second ISP having IP=ISP_IP_2 and GW=ISP_GW_2 I need

this : iptables -A FORWARD -i internal-interface -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -j DROP doesn''t seem to work for active-ftp .. i even manualy loaded ip_conntrack_ftp but as u see it is unused : # lsmod Module Size Used by Not tainted ip_conntrack_ftp 4272 0 (unused) iptable_nat

Hi, I have setup a Linux box similar to the load balanced method in the LARTC guide(conns: LAN,DMZ,ISP1,ISP2). When running clients like Jabber/MSN it seems like the route gets lost in the table after a while. What can I change to increase the "tracking" time in the tables?? Cheers, Daniel. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl

Hello I have some rules inserted in the NAT table dual SNAT and DNAT for a connection They use at some moment the same port of the outside network. The problem i have is that the connection tracking in the kernel checks first the oldest rule and then the newest one. I use a system based on ARM XScale processor. Is that the default behaviour and how can i change this behaviour? Marius

Hello every body: I have RedHat fedora core 2 machine, using iptables and squid. I am having a lot of problems with peer2peer traffic. (bittorrent, kazaa, etc.) so I have installed ipp2p from rpm. Every thing was ok until I use iptables rules. I get this error. [root@router iptables]# iptables -A INPUT -p tcp -m ipp2p --ipp2p -j DROP iptables: No chain/target/match by that name sames

i just got a ''ip_conntrack: table full, dropping packet'' because a p2p-application ran amok. i''ve killed the process but /proc/net/ip_conntrack still got more than 7000 (now stale) entries of 8184 max. since the table is now after ~70 minutes down to 6995 entries, i wonder if i can flush this table manually. the entries in there look like tcp 6 155674

We'd like to be able to activate zlib_save per-user or per-mailbox, but it seems to be global, all or nothing. Search of this list revealed a comment from Timo in 2012: http://www.dovecot.org/list/dovecot/2012-March/064909.html where he was thinking that compression per-namespace would be a worthy feature. Was that done? I'm in the process of replacing a 2.0 system with 2.2 EE. The

Hi, The new version ipp2p 0.8.0 is released. Klaus -- www.ipp2p.com

We have a Linux box that is acting as the gateway to the internet for about 400 people, typically there are not more then 50 of them using the internet at any given time. We would like to provide different levels of access to different users. For example 128kbps to some users and 256kbps to others. We have considered creating a class and qdisc for each user (using htb) however we don''t

Hi, Has anyone used TC in a wireless environment, which is dynamic. I understand that the parameters for queuing are static and cannot be changed unless the queuing discipline is deleted and reloaded with different parameters. If anyone can share any experience, that would be helpful. Thanx. Azim. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl

We're using sieve with LMTP. We want to have lda_mailbox_autocreate and lmtp_save_to_detail_mailbox. Is there a way to make the "detail" case-insensitive? If so I have not found it yet. I suppose we could lowercase the input string for the SQL userdb query, but that's not what is wanted. The idea being that if a user makes a mailbox called "Test" is that user+test

Hello, I am running v2.0.13. In my dovecot.conf I have: userdb { args = /etc/dovecot/dovecot-usrdb-ldap.conf driver = ldap } passdb { args = /etc/dovecot/dovecot-passdb-ldap.conf driver = ldap } Is it legitimate to include multiple ldap userdb's, like: userdb { args = /etc/dovecot/dovecot-usrdb-ldap1.conf driver = ldap } passdb { args =

Hi, We're using dovecot to provide pop3 for a number of mailboxes. The setup is pretty simple: Each user / domain has a mailstore in /data/mailstore/<domain>/<user>/Maildir (backed by NFS). Passwords are in simple passwd-file format in the top level domain directory eg: # cat /data/mailstore/foo.com/.passwd user:{plain}password The passdb setup looks like this. passdb {

Hello folks.. Does any of you know if it is possible to rewrite the ip src in a packet. I have a problem involving a DMZ with external IP addresses routed trough a single WAN IP. When the server initiates a connection, it looks like it comes from the WAN ip instead of it''s designated External IP routed through the WAN. So in short, Is it possible to rewrite the packet in the router,

Once again I have updated Timo's auth patch for Postfix 2.2.1 to work with a 2.3 snapshot. It applied cleanly and compiled and is running for me, but is not really tested. This is Timo's code, not mine. All I did was manually edit in the rejects from the old patch. Find it here if you're interested: http://www.nodns4.us/postfix-2.3-20051121-dovecot-auth.patch.gz md5sum:

I have a friend who is preparing to set up a small Postfix/Dovecot mail system. There are only approximately 25 users. He wants to use Berkeley DB in a similar fashion to the way Postfix does. I told him I do not believe Dovecot supports that. I could not find any documentation relating to it. 1) Does Dovecot support Berkeley DB? 2) Are their any plans to incorporate that feature into Dovecot?

Smtp1.song.fi and smtp2.song.fi, our list servers, seem to have gotten listed in the bl.spamcop.net RBL. Spamcop listings are temporary and will time out, and because of occasional major false positives (or perhaps collateral damage?) like this I don't use it to reject mail. Anyone who IS using Spamcop to reject mail has missed much of today's list traffic. -- mail to this

Hi, I am having some major problems with 2 digium cards in two seperate servers they are both TDM400P cards one has 4 fxo ports and the other has 1 fxo port. First problem, the card with 4 FXO ports is fine until there is a storm in the area, then all 4 lines are massively static filled making phone calls barely understandable until the system is rebooted or the zaptel modules are unloaded and