Hello everyone,
I used google to search the mail list archive, but didn't get any
results for my issue. This is my second day working on the problem and
my colleagues don't have any suggestions. This post is a little long,
but I hope thorough enough to give all relevant information.
Here is my
Folks;
Looking through the previous mails, it looks like there were plans to
implement Kill configuration for interfaces... Anyone know what the
status of this is or where I can look?
I need this for a home environment where ISP provides the IP information
via DHCP...
KW
_
> Meaning Glendale?
Yes.
-- Dave
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Meaning Glendale?
--
Aubrey Wells
Senior Engineer
Shelton | Johns Technology Group
A Vyatta Ready Partner
www.sheltonjohns.com
On Dec 12, 2007, at 2:48 PM, Dave Roberts wrote:
> the bug is fixed in the next version
___
Vyatta-users
> Ya... it doesn't make breakfast for me in the morning
> either... oh well.
> Maybe next version ;)
The nice thing about open source is its relentless improvement. ;-)
In this particular case, the bug is fixed in the next version. Because of
the structural work we have been doing over the past
tta.com/mailman/listinfo/vyatta-users
>
> ___
> Vyatta-users mailing list
> Vyatta-users@mailman.vyatta.com
> http://mailman.vyatta.com/mailman/listinfo/vyatta-users
___
Vyatta-users mailin
The best solution seems to be a init script as follows:
ip route add blackhole 172.16.0.0/20
ip route add blackhole 10.0.0.0/8
ip route add blackhole 192.168.0.0/16
Too bad, I keep running into limitations on Vyatta..I am not complaining
though, its free and seems to work well overall.
Thanks,
Unfortunately there is a known bug with discard. See
http://bugzilla.vyatta.com/show_bug.cgi?id=1933
stig
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:vyatta-users-
> [EMAIL PROTECTED] On Behalf Of Peter Wohlers
> Sent: Wednesday, December 12, 2007 9:22 AM
> To: Shane McKinley
I *think* that with linux routing you point the next-hop to 127.0.0.1
(i think theres an optional -blackhole operator that goes along with
that) and it will drop the packets. I don't know if this will work
within the confines of vyatta/xorp though.
--
Aubrey Wells
Senior Engi
> ok ok !
>
> my error !
>
> sorry ! ;)
There is a law of the universe somewhere that you're most likely to notice
your own mistake right after posting to an Internet mailing list. ;-)
If this phenomenon hasn't yet been named yet, I hereby dub it "Dave's
Law." ;-)
-- Dave
_
Hmm, that doesn't seem to do the trick. Just for giggles, I am running
v3.
"ERROR: node "next-hop": argument "discard" is not a valid "IPv4": value
must be an IP address in dotted decimal form.
[edit]"
:O
Shane McKinley
Habersham EMC
-Original Message-
From: Peter Wohlers [mailto:[EMA
Try the 'discard' operator
so
set protocols static route x.x.x.x/x discard
or maybe it's
set protocols static route x.x.x.x/x next-hop discard
--Peter
Shane McKinley wrote:
> I am trying to figure out how to insert a null route into my Vyatta OFR.
>
> I tried:
>
> set protocols static route
I am trying to figure out how to insert a null route into my Vyatta OFR.
I tried:
set protocols static route x.x.x.x/x next-hop 0.0.0.0
But then it does not show when executing:
show route
Any ideas?
Thanks,
Shane McKinley
Habersham EMC
___
Vyatta-
No problem - we all make them :-)
Justin
On 12/12/07, Andrea Zaini <[EMAIL PROTECTED]> wrote:
> ok ok !
>
> my error !
>
> sorry ! ;)
>
> -Messaggio originale-
> Da: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] conto di Andrea
> Zaini
> Inviato: mercoledì 12 dicembre 2007 9.18
> A: [EM
ok ok !
my error !
sorry ! ;)
-Messaggio originale-
Da: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] conto di Andrea
Zaini
Inviato: mercoledì 12 dicembre 2007 9.18
A: [EMAIL PROTECTED]
Oggetto: [Vyatta-users] R: Routing problem
Details :
ExternalInternal
Ah, piffle - looks like that bug was fixed after VC3 was released. You need
to correct /opt/vyatta/sbin/vpn-config.pl .You can get the corrected
version from
http://suva.vyatta.com/git/?p=ofr.git;a=blob_plain;f=cli/scripts/vpn/vpn-config.pl;hb=HEAD
or you can just comment out the check, if you're
The patch did work, thanks.
Ciao
Mathias
> I know this worked in earlier versions, but it seems the current release
> has added an overly restrictive syntax check. If you login as root we
> can fix this on the fly by changing the file
> /opt/vyatta/share/ofr/template/vpn/ipsec/site-to-site/pe
Hi Josh,
There is no firewall by default on Vyatta.
Your firewall rule does not prevent packets from "external" to your
Vyatta itself.
You can apply the firewall instance as in, out and local per interface.
You have used in, meaning that packets entering that interface will be
filtered by the firew
Details :
ExternalInternal eth0 eth1
.2 169.68.1 68.1068.869.10
Router|--|FW|
--|Vyatta||PC| 192.168.69.1 -
Test2 Network
192.169.68.x | Def GW : .6
19 matches
Mail list logo