similar to: tc filter and fwmark

I have a rather unusual setup within which I'd like to run samba. At this point I have: a) 3 networks (all private IP's) b) net1, net2 are interconnected by a router. net1 has a host that also acts as a WINS server and is local master, domain master, preferred master for it's group. (linux slack7.0, samba 2.0.5) router between net1, net2 has an IP in each network and samba

After carefull reading (LARTC) and experimentation, I am in a dead end... I am using several IPIP tunnels (linux ipip module, IP protocol 4). I''d like to filter packets going through these tunnes to different classes, on the ingress device, based on source and destination IP _INSIDE THE TUNNEL_. First I tried the nexthdr bit. As explained in LARTC, nexthdr jumps to the next header

> I'm pretty sure that is incorrect. The inside_net is the ip address of > the asterisk server, and the inside_mask is the subnet mask. At least > that is how I have mine setup in my sip.conf, and it works. > > inside_mask for the internal mask would make more sense to me as well :) > > -- > Leif Madsen <leif@hacklocalhost.com> > http://www.hacklocalhost.com

Thanks to ww and his patch on bug #104, I have successfully implemented Asterisk behind NAT without using STUN or anything crazy. It's quite straight forward. Until this gets tested enough and put into CVS, you will have to patch your chan_sip.c file to do this. I'm sure within the next few days this will get put merged into CVS if no one finds any problems. I tried this on chan_sip.c

I''ve kept this one on the back burner for a while, waiting for it to mature before attempting to use it, and now having seen OpenBSD ship with IPSec I''m getting a bit impatient =). What is the status of IPSec for Linux (and more specifically RedHat)? By this I mean I just did some www browsing/etc and found about a half dozen different implimentations, ranging from NRL, to a

I have successfully configured two servers and I am now trying to connect via iax. When I attempt to call from one ext, 2006(server viop1) to extension 3006 (server voip2) I receive a timeout or "call failed 403 forbidden. The information I am receiving from the console is below. Apr 26 10:53:32 WARNING[311313]: channel.c:1745 ast_request: No channel type registered for 'IAX'

Hi Everyone, I perform a snapshot and a zfs send on a filesystem with a recordsize of 16k, and redirect the output to a plain file. Later, I use cat sentfs | zfs receive otherpool/filesystem. In this case the new filesystem''s recordsize will be the default 128k again. The other filesystem attributes (for example atime) are reverted to defaults too. Okay, I can set these later,

Hi list, I''m new to this list, I just subscribed because I have some ackward about IPRoute2. First, while playing with NetFilter'' "MARK" target, I met a weird behaviour once I tried to use this marks in the RPDB : the packets where successfully marked, but it seemed that RPDB didn''t succed in matching them (for those who already know the answer, I only used

Hi, I''ve got 2 lines from two diffrent ISP''s, one is a leased line and another a DSL line, I route certain ips over the DSL line for faster access and would like email to go over the leased line as it has a static ip and is our sending mailserver ip I would like to send mail to the same ips that is routed over DSL via the leased line, otherwise my server gets blacklisted with

Hi everybody, I''m trying to set up routing for 2 links to the internet on a box which produces traffic itself (e.g. DNS) and will route all our local traffic. AS one route is quick and expensive and the other one slow and cheap, I want to be able to route packets for some high-level protocols to the second link. If I correctly understood table 3-2 in

Hello! Currently I am marking packets with IPMARK, and then using following rules: 1: class add dev eth0 parent 1:4 classid 1:100a htb rate $rate ceil $ceil quantum 1600 2: qdisc add dev eth0 parent 1:100a handle 100a:0 sfq perturb 10 3: filter add dev eth0 protocol ip parent 1:0 pref 30 handle 4106 fw classid 1:100a 4: class add dev eth1 parent 1:2 classid 1:100a htb rate $rate ceil $ceil

I made a script to test if in a moultiple gateway setup all default connection are up, regardless of the fact that that gateway is the default gw. Suppose adsl1 and adsl2 are present, and all traffic goes by default to adsl1, and you want to test if adsl2 is ok. 1. I use mangles from iptables to mark icmp packets to some test machines 2. I set up a routing table for each adsl 3. I use

I would like to route ssh in my network via DSL2 and all other trafic via DSL1. So far I menaged to do it for LAN2 but there are still WLAN1,LAN3 and LAN1 to go. On all routers I added table "pilicka" with rule for fwmark and I fwmarked ssh. # ip rule show 0: from all lookup local 32765: from all fwmark 0x3 lookup pilicka 32766: from all lookup main 32767: from all lookup

Hi all, Below is my network diagram: - eth0 (adsl 1) eth1 (adsl 2) | | | | | | | | ----------------- | | | Gateway | | | ----------------- | | | tun0 Below is my iptables scripting to mark certain ports: -

Hi, I had a nice router which was able to split my outgoing webtraffic over a dsl line, then I got a power failure and now my settings are lost and I don''t get it to run. I''ve configured a iptable rule like: /sbin/iptables -A PREROUTING -t mangle -i eth1 -s 192.168.1.10 -p TCP --dport 80 -j MARK --set-mark 1 and ip rule add fwmark 1 lookup 10 ip route add default via

Hi, not sure if it will work, i''ve 2 leased lines, behind line 1 is a webserver, this server should answer all incomming http requests through leased line 1, the webserver self parses other webserver, this outbound traffic should go over leased line 2. i''ve successfully added fwmark with iproute, but if i set the policy for the webserver to use leased line 2 (for parsing other

hi again list, first off thanks for the tips roy. here my question. i''m using ip based classes in my htb config. i would like to give some people (eg 192.168.0.20) 4mbit but only if he downloads from certain ip classes. i have my iptables marking those classes with 1 for upload and 0 for download. and finally the question: what''s the appropriate tc (or maybe iptables) command

Hi, Here I am trying something simple. My objective is to make ip rule fwmark command work :) Network Diagram: --- 192.168.250.197 (eth0) Linux Box (eth1) 192.168.8.88 -------------192.168.8.122 (eth0) Windows XP Client Configuration done on Linux Box:- (1) [root@g webauth]# iptables -t mangle -A PREROUTING -j MARK --set-mark 5 [root@g webauth]# iptables -t mangle -L Chain PREROUTING (policy

hi all, sorry for the re-post, but i am in a bad way ... trying to fwmark in OUTPUT --mangle has led to a null result for a routing table lookup. has anyone successfully accomplished this -- can you comment on your distro/iptables version ? in your debt, charles on redhat 8 with iptables 1.2.8 _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl

Hello.. How can I specify a class for htb based on a fwmark and user ip ? For instance: I have some routes marked with fwmark and their are very-high speed connections... But only to some IP''s.. For the rest , I must limit the user to 64Kbits Now , how can I limit the high speed connections ? I must create a rule and take in account both fwmark and IP ? To be more specific , I want