similar to: [Bridge] Help needed about IP class finding in a bridge netfilter module

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=512 ------- Additional Comments From yi_he@pmc-sierra.com 2006-10-23 09:09 MET ------- I've met the problem in the 2.4 kernel as well, and I modified the source linux/net/ipv4/netfilter/ip_nat_pptp.c like this: in function pptp_outbound_pkt(): ...... switch (msg = ntohs(ctlh->messageType)) { case

http://bugzilla.mindrot.org/show_bug.cgi?id=697 Summary: ending slash is not used Product: Portable OpenSSH Version: 3.7.1p1 Platform: PPC OS/Version: AIX Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: openssh-bugs at mindrot.org ReportedBy: ramses at

Hi all Iam trying to implement "route add " using netlink. The changes are not reflected in the routing table. I have given my code and screen shots of the routing tables. Can anybody tell me is there any mistake iam making in defining the fields . or any other mistake iam commiting thanxs viji //////////////////////////////////// CODE

Hi We have applied the routing patches from http://www.ssi.bg/%7Eja/#routes. To 2.6.15 this seems to have broken our output natting. Has anyone else experienced this or any advice on how to fix. Is this working on the newer kernel i.e. 2.6.19 ? Any help would be appreciated. -- Tim Haak email: tim@haak.co.uk cel: 0837787100 First love is only a little foolishness and a lot of curiosity,

When i want to delete my test bridge, using: ifconfig eth0 down ifconfig eth1 down ifconfig br0 down brctl delif br0 eth0 brctl delif br0 eth1 brctl delbr br0 i get this error message from the kernel on the console: unregister_netdevice: waiting for br0 to become free. Usage count =3D 2 The brctl user-level command is blocked. Could you explain me what could likely be the cause of this error?

Hello, i need to write a little personal patch in the bridge code. For this patch, i need to know the original src and dst mac addresses of the packet incoming to the bridge. As i work on a brouter (some packets are bridged, some are routed based on ebtable rules), packets that are routed have their mac addresses modified by the IP stack). I put a software probe in br_input.c::br_handle_frame( ),

Hi, i am testing two bridges by sending to it random packets using hping2. First i create a random-length file, then i send it a lot of time on the wire using this command: for ($i=0; $i<50000; $i++) { hping2 -q -c 1 -d $data_len -E random.file 10.0.0.10 } My problem is that some packets are lost. Here is my setup: PC1 (10.0.0.1) ===== BR1 --------- BR2 ===== PC2 (10.0.0.10)

Hello all, i would like to build a setup to generate VLAN frames (respecting the IEEE 802.1Q standard) for testing purpose. How to configure a Linux bridge for it to become a VLAN switch? Is it possible? What user tool to use for that? brctl? Regards, Louis

Hey, The company I work for is in the market for a new firewall. Right now we're hosting all of our own stuff (on CentOS servers) behind an old checkpoint firewall. I think Checkpoint is overkill for our needs and very expensive, plus I don't like the "per-user" charges of some commercial solutions. What do you guys suggest that we upgrade to? Here are some of the

Any recommendations on an economical layer 3 switch? Preferably something that you have hands on experience with connecting to IP phones with attached PCs? Specifically I need the ability to set the VLAN in the phone to tag voice packets and to set a native VLAN on a per port basis on the switch to put the untagged packets from the attached PC into a separate VLAN. POE is not a requirement

Hi! Due to yet unknown reasons, the mailinglist configuration and archives have been deleted from lists.samba.org. This is very unfortunate, since no none of the two mailinglists is reachable anymore. The netfilter core team feels very sorry about this incident, and we have contacted the samba.org people for resolving this issue. The mailinglists had been scheduled to move to

Pablo Neira Ayuso <pablo at netfilter.org> has used the 'sudo' feature to access Bugzilla using your account. Pablo Neira Ayuso <pablo at netfilter.org> did not provide a reason for doing this. If you feel that this action was inappropriate, please contact pablo at netfilter.org. For more information on this feature, visit

Hi All, Can anybody suggests how can I disable netfilter for bridged traffic in linux-2.4.27 kernel ? Thanks and Regards, Senthil

Hi all, I haven''t been paying attention to this for a while, but now that I download the latest patch-o-matic-ng, I see that most of the patches are gone... Anybody have an idea where I can download the ''extras'' repository? Specifically geoip. Thanks! -justin

Hi all, I am having a small problem with netfilter on Linux kernel 2.6.11.4. It seems not all packets are hitting the pre-routing chain. In pre-routing, I have the following rules: $IPTABLES -t nat -A PREROUTING -i $IF_OUT -d 10.50.18.22 -j DNAT --to-destination 192.168.1.22 $IPTABLES -t nat -A PREROUTING -i $IF_OUT -d ! 10.50.18.21 -m limit --limit 5/second -j LOG --log-prefix

I have a box with only 1 IP (lets say 10.0.0.1) which has an ipip tunnel to another machine (lets say 10.2.0.1)(different networks) i wan''t all packets coming to 10.0.0.1 destination port 80 be routed thru the tunnel device and be answered by 10.2.0.2 (which has an interface configured with 10.0.0.1). It works if the incoming ip address is not configured on the receiving machine

Dear all, My os: Redhat 9 with 2.4.20 shipped kernel with redhat. I have even changed my hardware and tried but same error. I have changed the kernel to 2.4.21 then also i m getting this error. when i am starting my bandwidth script i m getting below errors. then my machine gets unusable. This is surely something related with tc /iptables and kernel but i cant sort out what is the problem. Can

hi i am running Debian/GNU Linux with 2.4.26 kernel and radius server my kernel conf looks like this <*> Packet socket [ ] Packet socket: mmapped IO < > Netlink device emulation [*] Network packet filtering (replaces ipchains) [*] Network packet filtering debugging [ ] Socket Filtering <*> Unix domain sockets [*] TCP/IP networking [*] IP: multicasting [*] IP: advanced

A merged patch usable on 2.6.10 has been placed in: http://shorewall.net/pub/shorewall/contrib/IPSEC/ipsec-nat-2.6.10.patch ftp://shorewall.net/pub/shorewall/contrib/IPSEC/ipsec-nat-2.6.10.patch This patch was posted today on the Netfilter Development list -- I have not tested it. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net

I read LinuxFest NW 2005 Presentation pdf. On page 32, mentioned it required patches on kernel 2.6.x and netfilter and It only said that SuSE 9.2 and 9.3 had patches on it''s stock kernel. I''m using Redhat AS 4. Anybody knows does the stock kernel and netfilter had theses patches patched ? or How should I know the kernel and netfilter had these patches applied ? thanks!