Displaying 20 results from an estimated 3000 matches similar to: "Restrict access to certain ips."
2004 Jun 16
7
Trafic monitor
Hello !
I use Slackware Linux on a box for routing and SNAT for a small network:
|eth0: 80.97.108.1|
|
|
|eth1: 192.168.1.1| ..........| my network (192.168.1.0/24)|
I search for a tool show-me on real time the trafic made by all/one IPon the interface eth1, somethings simple ; EX:
192.168.1.10 ........... x kbit/s
192.168.1.11 ........... y kbit/s
192.168.1.12
2003 May 05
5
iproute2: gatewayed routes in ancillary tables
Hello all,
Tomas Bonnedahl and I recently corresponded about a rather odd behaviour
with routes in ancillary routing tables.
We both receive a "Network is unreachable" error when we try to add
gatewayed routes to ancillary tables and the main routing table does not
contain an entry for the gateway IP.
It seems that unless a route to the gateway IP exists in the main routing
table, I
2004 Oct 05
4
U32 Port Range
Hi all...
How do i set U32 to filter a port range, instead of a single port?
In normal use: source port 80 we use: "... match ip sport 80 0xffff ..."
- I know that is something about the 0xffff parameter....
I need to filter ports 1 ~ 1024 to a higher priority class... i tried with
IPTABLES MARK and TC FW, but it''s not working....
(...)
# iptables -t mangle -A PREROUTING -p
2003 May 07
4
dsmark, unkown
Hi,
I want to use the dsmark, but it always says: "unkown qdisc", although I
have enabled it (y in Network options), and I have my kernel recompiled.
I am using SuSE 8.1, 2.4.20 Kernel, tc available at the HTB site (with
already precompiled HTB queue).
Can anybody find the problem?
thx
_________________________________________________________________
MSN 8 helps eliminate e-mail
2003 Sep 05
8
where is "equalize" kernel patch?
I found following paragraph in the man page of iproute2.
equalize
allow packet by packet randomization on multipath routes.
Without this modifier, the route will be frozen to one selected
nexthop, so that load splitting will only occur on per-flow base.
equalize only works if the kernel is patched.
^^^^^^^^^^^^^^^^^
Now, where
2002 Nov 27
7
one dude about rt_tables
Can I add routes to rt_tables by hand with the vi editor?
If I add a route to that file, it will be there if I reboot the box?
I am sure there are stupid questions but I can''t find the answer into the
papers I have here.
Luis Miguel Cruz Miranda.
CCNA - Systems Administrator
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
2004 Nov 23
2
ip rule to remove
hi thanks for your reply heh "Example: ip del rule pref 32742" is
syntically wrong :)
and when i tried "ip rule del 32742" it gives me error
# ip rule del 32742
Error: argument "32742" is wrong: Failed to parse rule type
so how to get get of these extra rules?
0: from all lookup local
32742: from all fwmark 0x2 lookup squid.out
32743: from all fwmark 0x2
2002 Jan 25
1
rsync: future of the --server option
Hello list members,
I notice here that the --server option is listed as undocumented.
http://rsync.samba.org/rsync/fom-serve/cache/88.html
My question is that the --server option is not documented, and I'd like
not to build functionality into one of my systems without trusting that it
will be there in the future.
I was able to find the --server option simply by watching the rsync
entries
2003 Mar 25
2
Public Router using Private Links
I am running a public core router using private links from my provider.
Details:
RH7.3
9 interfaces (all Intel)
eth0 is default gateway and has a private IP address
all other interfaces are links to other routers or networks
eth3 has a public IP address
The core router will rarely need to access sites out on the internet, but when it does it cannot get there because the eth0 has a private IP
2003 Feb 04
3
tc htb stats
I have an htb qdisc setup and it is shaping my traffic wonderfully but
I''ve just recently started taking a look at the output from the command
tc -s class ls dev eth?
Looking at the "rate" line I thought to myself..."cool I can use this to
graph throughput avg.es without having to worry about the "Sent bytes"
rolling over or being lost when the htb qdisc is
2005 Jul 10
7
QOS HELP PLEASE
ive got problems with my network (120 people)
ive got big pings (300ms)m whereas there are normally about 19ms.
i do not know if my qos is proper (fast i mean).
www.tdi.pozman.pl/fir2 - my qos
www.tdi.pozman.pl/rules - my firewall
can sb tell me if do it ok ?
--
*Dariusz ''tdi'' Dwornikowski | Gentoo | admin at pozman.pl |
2004 Aug 02
5
Route policy preference value
Assuming if I have rules matching the same packet,
the one chosen is the lower preference value or
the high ?
For example
# ip rule list
....
100 from 192.168.1.0/24 lookup main
200 from all fwmark 5 lookup first
.....
Packet is matching both rules, the one with priority/preference
100 or 200 is selected ?
_______________________________________________
LARTC mailing list /
2002 Nov 27
5
transparent PAT
Hello, everyone!
I would like to solve the following problem. Btw, I''m terribly
sorry about the pseudo-asciiart, but that''s all I can paint as
a tropology. I''m hoping it''ll be enough.
----Internet----
|
|
|
eth0
machine A
routing+ipchains
eth1
|
------------------ machine B
So, given I''m running kernel 2.4.19 and using ipchains
2003 Mar 04
2
Routing based on fwmark
I''m having trouble routing on high fwmarks, I want to use a lot of
different marks for 2 routes so that I can QoS based on the marks
ip rule looks like this:
0: from all lookup local
32751: from all fwmark 31 lookup dslout
32752: from all fwmark 30 lookup dslout
32753: from all fwmark 29 lookup dslout
32754: from all fwmark 28 lookup dslout
32755: from
2003 Jul 28
6
snooping - the crux of the problem
I have a computer with two interfaces, say with addresses 192.168.1.1
and 192.168.1.2. I want to set up routing such that when I ping
192.168.1.1 it goes out through 192.168.1.2 and not to the local
interface.
Is this possible - all my attempts so far have been unsuccessful? If
so, pointers, etc. would be gratefully appreciated.
Jim
--
Jim Redman
(505) 662 5156 x85
2004 Nov 23
4
how to remove rules
hi
I have trying to remove the extra rules from my routing tables,
however with no luck
Also I want to know these duplicate entries have an effect on packets
going routed?
I have this overwhelming rules lists from my predessor who added the
"ip rule add fwmark" entries in firewall script, and on each run of
firewall script its creates an extra entry in routing table.
Now what I want to
2002 Dec 30
9
QoS (HTB) without IP address
Hi all,
After a long reading of the LARTC, I were able to set up a working HTB
config on my firewall.
But my question is :
Can I use a "ip less" box to do QoS ? With bridging software (or even
without?) or thing like this and use an u32 filter to direct the traffic to
the right class ?
In other words, I can''t modify the existing network config or inster into
(netmask is
2003 Jun 16
1
RE: CBQ-wondershaper superior over HTB-wondershaper?
Hello Thilo,
What did you find superior with CBQ-wondershaper over HTB-wondershaper? We have not been using wondershaper specifically but our simple tests so far seem to show that htb is much easier to configure for a given target shape (i.,e accurate) compared to CBQ.
Torsten
-----Original Message-----
From: Thilo Schulz [mailto:arny@ats.s.bawue.de]
Sent: Saturday, June 14, 2003 8:55 AM
To:
2003 Apr 15
3
SNAT or DNAT or what?
Hello,
I have a Debian-Woody-3.0 Router with 3 NIC''s.
Kernelversion 2.4.18
+------------+ +-------------+
| | | |
|192.168.1.1 | | 192.168.2.1 |
| DSL-Router | | ISDN-Router |
+------------+ +-------------+
| |
2002 Sep 10
3
RE: 4 nic advanced routing question update
ok i will do it in text:
66.92.114.46 eth0
209.141.2.194 eth1
192.168.119.101 eth2
192.168.120.101 eth3
What i have is a linux box RH7.3 which will eventually run Shorewall Firewall. On this box there is eth0 66.92.114.46 conneted to isp1 and eth1 209.141.2.194 connected to isp2
It also has eth2 192.168.119.101 and eth3 192.168.120.101 which will connect to a failover appliance which has 2 wan