similar to: "Multiple Internet Connections" with four interfaces

Hi All, I have an asterisk box on my DMZ, and I'm using a PF for my firewall, I can make a call but some reasons I have a dead air. Any Ideas? below are my rules... ext_if = "bce0" int_if = "bce1" altitude = "172.16.1.0/24" #### machines #### vbox = "172.16.1.1" uci = "172.16.1.4" voices = "203.172.x.1" ipc =

Hello, I have problems with htb. The problem is that when I download any file via shaper with htb, the traffic is very dinamic, it jumps, for example: if i have set ceil = 128kbit the results that it jumps from 112kbps to 144kbps or smth like that maybe its not very bad, but when the traffic drops down to 40kbps or less and then after 1 or 2 seconds jumps to 144kbps, its bad :-( and it is often.

Has anybody on this managed to get ChilliSpot and Shorewall to work together? I have managed to get it to work with the supplied firewall script but if I wanted to do my firewall like that I would not be using Shorewall. At any rate, I am having all kinds of trouble translating the supplied rules to something that Shorewall would understand. If anybody has already done it I would love to see the

Beta 3 is now available for testing. Problems Corrected: 1) The value ''0'' is once again accepted in the IN_BANDWIDTH columns of tcinterfaces and tcrules, and causes no ingress policing to be configured. 2) MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when $FW:<address> is entered in the SOURCE column of the tcrules file. New Features: 1) The

Beta 3 is now available for testing. Problems Corrected: 1) The value ''0'' is once again accepted in the IN_BANDWIDTH columns of tcinterfaces and tcrules, and causes no ingress policing to be configured. 2) MARK_IN_FORWARD_CHAIN=Yes no longer generates an error when $FW:<address> is entered in the SOURCE column of the tcrules file. New Features: 1) The

I'm trying to use pf + ftp-proxy n a 6.1-PRERELEASE machine. I have this line on inetd.conf: ftp-proxy stream tcp nowait root /usr/libexec/ftp-proxy ftp-proxy -n And this lines on pf.conf: rdr on $int_if proto tcp from any to any port ftp -> 127.0.0.1 port ftp-proxy pass in quick on $ext_if inet proto tcp from any port ftp-data to $ext_if:0 user proxy flags S/SA keep

Hi all, I've recently upgraded a system from CentOS 4.4 to CentOS5, and now when the system boots, the r8169 ethernet card doesn't come up. After the boot sequence, if I type "ifup eth1 | ifup eth1.10 | ifup eth1.203" then the adapter starts up ok. It seems to be something with the boot sequence it loads the ethernet adapters a different way around (ie 4.4 eth0 is now

I try use setup traffic shaping with Shorewall-4.0.2 and have fault. When i start Shorewall with tc-files configured i get follow messages: ... RTNETLINK answers: No such file or directory We have an error talking to the kernel ERROR: Command "tc filter add dev eth2 parent ffff: protocol ip prio 50 u32 match ip src 0.0.0.0/0 police rate 500kbit burst 10k drop flowid :1" Failed

The Shorewall Team is pleased to announce the availability of Shorewall 4.5.0. ---------------------------------------------------------------------------- P R O B L E M S C O R R E C T E D I N T H I S R E L E A S E ---------------------------------------------------------------------------- 1) This release includes all defect repair included in 4.4.27.1-4.4.27.3. 2) The start

Hi ! I have an error in this script as it is not working and I can''t figure out what that is. Anyone can help? Thanks! #!/bin/bash ### unitati de masura pt debit # kbps - kilobytes per second # mbps - megabytes per second # kbit - kilbits per second # mbit - megabits per second EXT_IF="eth0" INT_IF="eth1" TC=/sbin/tc IPTABLES=/sbin/iptables # RATE

Hi Andreas! I mainly understand what you mean, I tried to fix something on the script, I don''t know if I did it well. Can you take another look on it please and if is wrong to make the corrections directly on it so that I see where the mistake is... With this script I want to make limits for IP class 85.120.48.0/25 for international traffic in 256 KBps classes and for metropolitan

Hi, I'm having trouble getting networking to work and I'm not sure what I'm doing wrong. The network interface of the host is connected to a switch-port that is configured as trunk and allows tagged traffic for vlan id 10. The host itself has the interfaces eth1.10 and eth1 defined. eth1.10 is configured with the primary ip address of the host system and eth1 is slave of the bridge

Hi all, I''m sure I''m soing something wrong here. I am trying to set up a rate limit inside another rate limit. eg. I have a 512K rate limit on a particular VLAN. I am using an IFB so that packets passing through the bridge are counted at each port.(ie the throughput is limited to 512K, not just the traffic in one direction.) This part works OK, but I also want to limit a

I am running 2.4.20 with Julian Anastasov''s patches (routes-2.4.20-9.diff), iptables v1.2.6a, iproute2-ss010824 on Debian. I have set up our internal gateway to multihome 2 T1''s as described in http://www.linuxvirtualserver.org/~julian/nano.txt . The only difference is that I use multiple IP''s on the external interfaces. EXA A.B.C.225 --------------------

If you are willing to patch your iptables and kernel to support the ROUTE target, the code in CVS project Shorewall2/ now supports very flexible routing. As an example, I run Squid in my DMZ for transparent proxy. Rather than the complex routing setup described in http://shorewall.net/Shorewall_Squid_Usage.html, I now use this single entry in /etc/shorewall/routes to route all HTTP requests from

Hi, I got this error when i tried to type for some of those. "sysctl: unknown oid...." any idea.. my server seems to be very lagged, where else the network connection seems fine, i think BSD itself as my other redhat box is fine. What else can i do to get optimum protection. Thanks. ----- Original Message ----- From: "Per Engelbrecht" <per@xterm.dk> To: