Re: Re-post, with additional questions/infomation: Traffic monitoring/logging question
Hellow, The problem need to be split in 2: - where to take the information from - how to analyse them. To get a good accounting, especially with a NAT'ed situation, simply use some accounting rules in iptables on your firwall. From there, you need some scripts that 'll collect the information and storge them in the approriate way. IPAC does it but does not store it properly, cricket need to be extended by adding a script, same for MRTG. Hope that help, JeF On Tue, Mar 05, 2002 at 10:50:26PM +0100, Auke Rensen wrote: > Hi list(eners), > > Thanks for the previous suggestions. > Despite this suggestions, we still can't find a suitable solution. > > We have looked at NTOP , IPAC and MRTG. > MRTG does not give us the right information in the right for, so this > ain't an option. > > It seems that both other utils need some in depth knowledge to let them > fit our situation. > > Let me try to explain the situation a bit better. > > We've got a firewall witch connects multiple LAN's to the internet. > On both LAN's there are public services, witch are accessable from the > internet via NAT rules. > > We need to track and log all possible traffice and analize it on a > daily, weekly and monthly basis, so we can devide te cost of the connection. > > Here are the questions about IPAC and NTOP. > > IPAC: > 1.) Does IPAC support DNAT, SNAT and forward rules? > 2.) Does anyone have /know some documentation on IPAC > 3.) Has someone succesfully implemented this in a similar situation? > > NTOP: > 1.) Does anyone know how to log and store the collected data? > 2.) Does anyone know how to insert specific source/destination rules? > > > I hope someone can help us further. > > Anyway, thanks in advance. > > > > A.M. (Auke) Rensen > Senior System Engineer > > Ovation B.V. > > > > > > Original message: > = > For our company's shared internet connection, I'm looking for a utility > to monitor and log the generated traffic over the internet connection. > As you can see there are two LAN's connected to a firewall/proxy server. > The firewall uses IPTables, DNAT and SNAT. > > > > > Situation sketch > > -- > | Internet | > -- > | > _| > / >| <= eth0 > _| > |__| --- > |__| <= | Debian GNU/Linux Firewall | > | | <= | Release: Unstable | > | | <= | Kernel: 2.4.16| > |+ === | <= | Proxy: Squid | > | | --- > | | > | | > |__| > eth1 => || <= eth2 > || > ||__ > | | > | | > |---|---| | > LAN1 | > | > |---|---| > LAN2 > > > > > What I'm looking for is a application (or a combination of multiple) > witch can build some usage reports. > We need this information to share the bill of the internet connection > fairly. > I'd like to be able to create daily, weekly, monthly and yearly reports. > What I'd like to know is if someone knows a utility witch is at least > capable of giving the following statistics: > > Traffic from: > - > - LAN1 <=> internet, in bytes. > - LAN2 <=> internet, in bytes. > - LAN1 <=> LAN2, in bytes. > - Total amount of traffic from all LAN's <=> Internet. > > Reports: > > I'd prefer the reports in some kind of graphical way, but plain text > would also be fine. > I need to get "per host statistics", to compare them to the total amount > of traffic > > Note: > - > The clients on both LAN's use the firewall as proxy server (...) > This traffic MUST also be included in the statistics. > > > I know this all CAN be done, but I don't know where to start. > Can anybody help me? > > > Thanks in advance, > > > > A.M. (Auke) Rensen > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- -> Jean-Francois Dive --> [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Inexpensive gigabit copper NICs?
Apparently, on Tue, Mar 05, 2002 at 10:06:29AM -0500, Jeff S Wheeler wrote: > Can anyone recommend some inexpensive GIGE NICs that use CAT 5 instead > of fibre pairs? I just want to run some back-to-back from a busy NFS > server to a couple of its clients for now. I have not even looked into > GIGE copper switches but I imagine they ROI would not be very high for > my shop just yet :-) > Check out the D-Link DGE-550T http://www.dlink.com/products/gigabit/dge550t/ It appears to be supported in the 2.4.x kernels (maybe 2.2 but I don't have that to check) and it lists for only $89. I've actually been thinking of trying these myself so, if you get them and they work well, I'd love to hear about it. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: LDAP: EMAIL SERVER AND BIND
On Mon, Mar 04, 2002 at 12:58:10PM +, falkom wrote: > Hi all! > > I try to install qmail + vpopmail in ldap server. It is not working > well. > > Please, could you tell me any email server (POP/SMTP) to work well in > ldap server, please? The Debian default MTA, Exim, works with LDAP. > And please, can you tell me if there is documentation to join LDAP with > Bind? There's nothing mainstream yet. A look on freshmeat.net for 'ldap bind' will give you quite a bit. Tim PS: Now, what I'm working on is virtual hosting and LDAP. Anyone have pointers on that? I'm creating users with 'adduser --host /home/domain.com/username username' to group the accounts per domain, but I still have the name collision. -- >< >> Tim Sailer (at home) >< Coastal Internet,Inc. << >> Network and Systems Operations >< PO Box 671 << >> http://www.buoy.com >< Ridge, NY 11961 << >> [EMAIL PROTECTED][EMAIL PROTECTED] >< (631)924-3728 (888) 924-3728 << >< -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re-post, with additional questions/infomation: Traffic monitoring/logging question
Hi list(eners), Thanks for the previous suggestions. Despite this suggestions, we still can't find a suitable solution. We have looked at NTOP , IPAC and MRTG. MRTG does not give us the right information in the right for, so this ain't an option. It seems that both other utils need some in depth knowledge to let them fit our situation. Let me try to explain the situation a bit better. We've got a firewall witch connects multiple LAN's to the internet. On both LAN's there are public services, witch are accessable from the internet via NAT rules. We need to track and log all possible traffice and analize it on a daily, weekly and monthly basis, so we can devide te cost of the connection. Here are the questions about IPAC and NTOP. IPAC: 1.) Does IPAC support DNAT, SNAT and forward rules? 2.) Does anyone have /know some documentation on IPAC 3.) Has someone succesfully implemented this in a similar situation? NTOP: 1.) Does anyone know how to log and store the collected data? 2.) Does anyone know how to insert specific source/destination rules? I hope someone can help us further. Anyway, thanks in advance. A.M. (Auke) Rensen Senior System Engineer Ovation B.V. Original message: = For our company's shared internet connection, I'm looking for a utility to monitor and log the generated traffic over the internet connection. As you can see there are two LAN's connected to a firewall/proxy server. The firewall uses IPTables, DNAT and SNAT. Situation sketch -- | Internet | -- | _| / | <= eth0 _| |__| --- |__| <= | Debian GNU/Linux Firewall | | | <= | Release: Unstable | | | <= | Kernel: 2.4.16| |+ === | <= | Proxy: Squid | | | --- | | | | |__| eth1 => || <= eth2 || ||__ | | | | |---|---| | LAN1 | | |---|---| LAN2 What I'm looking for is a application (or a combination of multiple) witch can build some usage reports. We need this information to share the bill of the internet connection fairly. I'd like to be able to create daily, weekly, monthly and yearly reports. What I'd like to know is if someone knows a utility witch is at least capable of giving the following statistics: Traffic from: - - LAN1 <=> internet, in bytes. - LAN2 <=> internet, in bytes. - LAN1 <=> LAN2, in bytes. - Total amount of traffic from all LAN's <=> Internet. Reports: I'd prefer the reports in some kind of graphical way, but plain text would also be fine. I need to get "per host statistics", to compare them to the total amount of traffic Note: - The clients on both LAN's use the firewall as proxy server (...) This traffic MUST also be included in the statistics. I know this all CAN be done, but I don't know where to start. Can anybody help me? Thanks in advance, A.M. (Auke) Rensen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
radius mysql no log activity
Dear Radius users, I am having a difficult time setting up freeradius (v0.4) on a Debian Testing system to work with SQL. Using the test program, radtest, I get no notification whatsoever that it is making a connection to the server. However, when I disable the SQL module and just use the 'users' file, I get authentication messages. I have attached several of my configuration files. If more are needed, I would be happy to provide them. When configured for SQL use, here is the output of 'radiusd -X': intrepid:~# radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: //etc/raddb/clients.conf Config: including file: //etc/raddb/snmp.conf Config: including file: //etc/raddb/sql.conf main: prefix = "/" main: localstatedir = "//var" main: logdir = "/var/log/radiusd-freeradius" main: libdir = "/usr/lib/freeradius" main: radacctdir = "/var/log/radiusd-freeradius/radacct" main: hostname_lookups = no read_config_files: reading dictionary read_config_files: reading clients read_config_files: reading realms read_config_files: reading naslist main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = "//var/run/radiusd/radiusd.pid" main: bind_address = 127.0.0.1 IP address [127.0.0.1] main: user = "root" main: group = "root" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: proxy_requests = no main: debug_level = 0 read_config_files: entering modules setup Module: Library search path is /usr/lib/freeradius Module: Loaded System unix: cache = no unix: passwd = "/etc/passwd" unix: shadow = "(null)" unix: group = "/etc/group" unix: radwtmp = "/var/log/radiusd-freeradius/radwtmp" unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded SQL sql: driver = "rlm_sql_mysql" sql: server = "localhost" sql: port = "" sql: login = "radius" sql: password = "**" sql: radius_db = "radius" sql: acct_table = "radacct" sql: acct_table2 = "radacct" sql: authcheck_table = "radcheck" sql: authreply_table = "radreply" sql: groupcheck_table = "radgroupcheck" sql: groupreply_table = "radgroupreply" sql: usergroup_table = "usergroup" sql: nas_table = "nas" sql: dict_table = "dictionary" sql: sqltrace = off sql: sqltracefile = "/var/log/radiusd-freeradius/sqltrace.sql" sql: deletestalesessions = yes sql: num_sql_socks = 32 sql: sql_user_name = "%{User-Name}" sql: authorize_check_query = "SELECT id,UserName,Attribute,Value FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id" sql: authorize_reply_query = "SELECT id,UserName,Attribute,Value FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id" sql: authorize_group_check_query = "SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value FROM radgroupcheck,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id" sql: authorize_group_reply_query = "SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value FROM radgroupreply,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id" sql: authenticate_query = "SELECT Value,Attribute FROM radcheck WHERE UserName = '%{User-Name}' AND ( Attribute = 'Password' OR Attribute = 'Crypt-Password' ) ORDER BY Attribute DESC" sql: accounting_onoff_query = "UPDATE radacct SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay = %{Acct-Delay-Time} WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime <= '%S'" sql: accounting_update_query = "UPDATE radacct SET FramedIPAddress = '%{Framed-IP-Address}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress= '%{NAS-IP-Address}'" sql: accounting_start_query = "INSERT into radacct (RadAcctId, AcctSessionId, AcctUniqueId
Re: Load balancing web servers
On Tue, Mar 05, 2002 at 09:09:25AM -, Mark Ng wrote: > http://www.linuxvirtualserver.org/ ). Currently runnign that set up in a 4 http server setup, we find it's working excellently for our needs. Besudes the fact that the LVS 'jsut plain works' and that you can add servers whenever you want, you also get to call a machine in your facility eLViS - which is cool. Just be scared when someone says 'eLViS really is dead' (we're running two eLViS (elvii?) for redundancy in case 'the king is dead') Best of luck > > Hope you find this useful. > > > -Original Message- > > From: Craigsc [mailto:[EMAIL PROTECTED]] > > Sent: 05 March 2002 09:02 > > To: Debian-Isp; Andrew Claassen > > Subject: Load balancing web servers > > > > > > Hi fellows > > > > I need to know if it is possible to do load > > balancing across two machines on Apache web > > server and if so what software I can use ?> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Inexpensive gigabit copper NICs?
Can anyone recommend some inexpensive GIGE NICs that use CAT 5 instead of fibre pairs? I just want to run some back-to-back from a busy NFS server to a couple of its clients for now. I have not even looked into GIGE copper switches but I imagine they ROI would not be very high for my shop just yet :-) -- Jeff S Wheeler [EMAIL PROTECTED] Software DevelopmentFive Elements, Inc http://www.five-elements.com/~jsw/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Load balancing web servers
> you can use the dns records > > wwwINA10webserver1 > wwwINA20webserver2 > wwwINA30webserver3 The "A" (ADDRESS) RDATA format doesn't use a "preference" value: wwwINAwebserver1 wwwINAwebserver2 wwwINAwebserver3 Note that this is not "load balancing". It is not figured out by actual load or capacity. It just does a "round robin" and is often called "load sharing". Also note that outside DNS caches used for many lookups will defeat the "balancing" so make sure your time-to-lives are low. Jeremy C. Reed echo 'G014AE824B0-07CC?/JJFFFI?D64CB>D=3C427=>;>6HI2>
Re: slow telnet and ftp connections
Well, I've have added to my /etc/hosts the Ip of my win client and now it is working fine. At least from inside the network. For the ftp from the outside network mybe I should deactivate the reverseDNS and identLookups of my ftp server. Thanks to everybody! Josep - Original Message - From: "Luis Cano" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, March 05, 2002 11:57 AM Subject: RE: slow telnet and ftp connections > Seguramente intentas hacer el telnet al nombre de la máquina, y al > intentar hacer la resolución inversa, no existe en el DNS. Por eso > te va lento. > > La solución sería meter el nombre de tu máquina en la zona de resolución > inversa. > > Otra opción, para detectar si ese es realmente el problema, es meter en > el fichero hosts de la máquina desde donde ejecutas el cliente el nombre > de tu máquina y tu IP. Al resolver, la conexión te irá perféctamente. > > Pruébalo, y nos cuentas. > > Un saludo. > > -Mensaje original- > De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Enviado el: martes, 05 de marzo de 2002 11:41 > Para: [EMAIL PROTECTED] > CC: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Asunto: slow telnet and ftp connections > > > My System: > potato with the security updates. > proftpd > telnetd > > My Problem: > telnet and ftp (local network) connections to my server from win clients > (CUTE FTP, MSIE, Putty ...) are very slow: > The Telnet running is not slow when connection is done, so the anoying thing > is just the connection. > > Linux telnet client connect to the server very fast. > But Win telnet client also connects to another server out of the network > very fast ?! > > So I don't know which could be the problem? > > Josep > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: tool(s) to analyze contents of tcp-sessions
On Mon, 04 Mar 2002 17:53:12 +0100, Olivier Macchioni writes: >> I'm looking for a tool with which I could analyze the contents >> (payload) of captured tcp-sessions. >tcpflow Ah, yes. That one comes _very_ close to what I need. Thanks. BTW, ethereal I already know, but it's not too useful when only the payload of packets are of interest and you have to analyze ~ 20 MB of data out of ~ 30 different, mostly simultaneous, connections. cheers, &rw -- / Ing. Robert Waldner | Security Engineer | CoreTec IT-Security \ \ <[EMAIL PROTECTED]> | T +43 1 503 72 73 | F +43 1 503 72 73 x99 / msg05638/pgp0.pgp Description: PGP signature
RE: slow telnet and ftp connections
Seguramente intentas hacer el telnet al nombre de la máquina, y al intentar hacer la resolución inversa, no existe en el DNS. Por eso te va lento. La solución sería meter el nombre de tu máquina en la zona de resolución inversa. Otra opción, para detectar si ese es realmente el problema, es meter en el fichero hosts de la máquina desde donde ejecutas el cliente el nombre de tu máquina y tu IP. Al resolver, la conexión te irá perféctamente. Pruébalo, y nos cuentas. Un saludo. -Mensaje original- De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Enviado el: martes, 05 de marzo de 2002 11:41 Para: [EMAIL PROTECTED] CC: [EMAIL PROTECTED]; [EMAIL PROTECTED] Asunto: slow telnet and ftp connections My System: potato with the security updates. proftpd telnetd My Problem: telnet and ftp (local network) connections to my server from win clients (CUTE FTP, MSIE, Putty ...) are very slow: The Telnet running is not slow when connection is done, so the anoying thing is just the connection. Linux telnet client connect to the server very fast. But Win telnet client also connects to another server out of the network very fast ?! So I don't know which could be the problem? Josep -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [mailinglists] slow telnet and ftp connections
Hi, the problem is the DNS Lookup. check your DNS Settings, that should solve the problem. regards, Philipp Am 05.03.2002 11:41:19, schrieb <[EMAIL PROTECTED]>: >My System: >potato with the security updates. >proftpd >telnetd > >My Problem: >telnet and ftp (local network) connections to my server from win clients >(CUTE FTP, MSIE, Putty ...) are very slow: >The Telnet running is not slow when connection is done, so the anoying thing >is just the connection. > >Linux telnet client connect to the server very fast. >But Win telnet client also connects to another server out of the network >very fast ?! > >So I don't know which could be the problem? > >Josep > > >-- >To UNSUBSCRIBE, email to [EMAIL PROTECTED] >with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: slow telnet and ftp connections
I've found that some applications rely on the /etc/hosts file else they are really slow to kick in. swat is a great example of this. Make sure your windows machines are referenced in there and see if that helps it. I have pseudo-static IPs for all my machines (constant DHCP), so it's not a problem, but if they have dynamic IPs then you'd have to work out how to update the hosts file automatically, which I have never done. Hope this helps, Matt Lambie - Original Message - From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, March 05, 2002 6:41 PM Subject: slow telnet and ftp connections > My System: > potato with the security updates. > proftpd > telnetd > > My Problem: > telnet and ftp (local network) connections to my server from win clients > (CUTE FTP, MSIE, Putty ...) are very slow: > The Telnet running is not slow when connection is done, so the anoying thing > is just the connection. > > Linux telnet client connect to the server very fast. > But Win telnet client also connects to another server out of the network > very fast ?! > > So I don't know which could be the problem? > > Josep > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
slow telnet and ftp connections
My System: potato with the security updates. proftpd telnetd My Problem: telnet and ftp (local network) connections to my server from win clients (CUTE FTP, MSIE, Putty ...) are very slow: The Telnet running is not slow when connection is done, so the anoying thing is just the connection. Linux telnet client connect to the server very fast. But Win telnet client also connects to another server out of the network very fast ?! So I don't know which could be the problem? Josep -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: RE : BGP4/OSPF routing daemon for Linux? Hardware?
The main question is to know what you'll do with your BGP. Will this be connected to the internet and get the full Routing Table ? If yes, plan to get a decent amount of memory (i'd go for 256Mo of memory). Cpu wise, if you have to switch 100Mo full duplex, you'll need some ressources to handle it, so dont plan on a too small one. So, at the end, a standard Off the market PC should be ok as the actual configs are quite impressive now. Hope that help, Cheers, JeF On Tue, Mar 05, 2002 at 10:48:46AM +0100, Anders Gjære wrote: > what hardware is nessesary to run a bgp/zebra router on i386-platform, > routing a 100mbit line? > > mvh > anders gjære > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- -> Jean-Francois Dive --> [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE : BGP4/OSPF routing daemon for Linux? Hardware?
what hardware is nessesary to run a bgp/zebra router on i386-platform, routing a 100mbit line? mvh anders gjære -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Load balancing web servers
Will the nameserver send out webserver1, webserver2, webserver3, webserver1... etc as the first, second, thrid, fourth requests, in a cycle-like fashion? Never knew that... thanks ;) Matt Lambie - Original Message - From: "Johnno" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Tuesday, March 05, 2002 5:15 PM Subject: Re: Load balancing web servers > you can use the dns records > > wwwINA10webserver1 > wwwINA20webserver2 > wwwINA30webserver3 > > etc... > > - Original Message - > From: "Craigsc" <[EMAIL PROTECTED]> > To: "Debian-Isp" <[EMAIL PROTECTED]>; "Andrew Claassen" > <[EMAIL PROTECTED]> > Sent: Tuesday, March 05, 2002 10:02 PM > Subject: Load balancing web servers > > > > Hi fellows > > > > I need to know if it is possible to do load > > balancing across two machines on Apache web > > server and if so what software I can use ?> > > > > ..Craig > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: BGP4/OSPF routing daemon for Linux?
On Sat, Mar 02, 2002 at 09:50:50AM +1100, Donovan Baarda wrote: > On Fri, Mar 01, 2002 at 02:36:34PM +1100, Jean-Francois Dive wrote: > > On Fri, Mar 01, 2002 at 02:26:32AM +0100, Tommy van Leeuwen wrote: > [...] > > For the ios interface, i reckon it does already exist. some > > guys at the Cisco TAC in brussel are working on it. > > I know I saw a project for providing an open source IOS > interface for linux somewhere... so it does exist, but I'm not > sure what state it's in. There was also a project to port > linux to cisco boxes... :-) [snip] Zebra has an IOS interface of sorts... -- Michael Wood <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Load balancing web servers
you can use the dns records wwwINA10webserver1 wwwINA20webserver2 wwwINA30webserver3 etc... - Original Message - From: "Craigsc" <[EMAIL PROTECTED]> To: "Debian-Isp" <[EMAIL PROTECTED]>; "Andrew Claassen" <[EMAIL PROTECTED]> Sent: Tuesday, March 05, 2002 10:02 PM Subject: Load balancing web servers > Hi fellows > > I need to know if it is possible to do load > balancing across two machines on Apache web > server and if so what software I can use ?> > > ..Craig > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Load balancing web servers
Your answers are squid in httpd-accelerator mode ( http://www.squid-cache.org ) or linux virtual server ( http://www.linuxvirtualserver.org/ ). Hope you find this useful. > -Original Message- > From: Craigsc [mailto:[EMAIL PROTECTED]] > Sent: 05 March 2002 09:02 > To: Debian-Isp; Andrew Claassen > Subject: Load balancing web servers > > > Hi fellows > > I need to know if it is possible to do load > balancing across two machines on Apache web > server and if so what software I can use ?> > > ..Craig > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Load balancing web servers
Hi fellows I need to know if it is possible to do load balancing across two machines on Apache web server and if so what software I can use ?> ..Craig -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Spammers hammering our mail servers
Hello Andrew On 4 Mar 2002, at 14:06, Andrew Tait wrote: > Every so often we have spammers hammering our mail servers (running Exim) > attempting to relay messages. They fail of course, however they sit there, > some times for several weeks, attempting e-mail address after e-mail > address. Are these spammers really trying to relay or are they trolling for addresses to spam by trying every name in a dictionary? I get logs like these: 2002-03-05 06:30:53 verify failed for SMTP recipient [EMAIL PROTECTED] from <[EMAIL PROTECTED] > H=lsanca1-ar14-113-104.lsanca1.dsl.gtei.net (mail.nowhere.com) [4.42.113.104] 2002-03-05 06:30:53 verify failed for SMTP recipient [EMAIL PROTECTED] from <[EMAIL PROTECTED]> H=ls anca1-ar14-113-104.lsanca1.dsl.gtei.net (mail.nowhere.com) [4.42.113.104] 2002-03-05 06:30:54 verify failed for SMTP recipient [EMAIL PROTECTED] from <[EMAIL PROTECTED]> H=lsanca1-ar14-113-104.lsanca1.dsl.gtei.net (mail.nowhere.com) [4.42.113.104] 2002-03-05 06:30:54 verify failed for SMTP recipient [EMAIL PROTECTED] from <[EMAIL PROTECTED]> H =lsanca1-ar14-113-104.lsanca1.dsl.gtei.net (mail.nowhere.com) [4.42.113.104] 2002-03-05 06:30:55 verify failed for SMTP recipient [EMAIL PROTECTED] from <[EMAIL PROTECTED]> H =lsanca1-ar14-113-104.lsanca1.dsl.gtei.net (mail.nowhere.com) [4.42.113.104] > The two options I can see so far are either a program monitoring the > rejectlog file to detect abuse, or an exim filter. I don't have a solution for the above. Maybe the solution is a patch to exim that causes an increasing delay after each verification failure. This would have to be coupled to a configuration which limits the number of concurrent connections exim will accept from an IP address. (Available via the smtp_accept_max_per_host directive). Have you had a look at the exim documentation, web site and mailing list etc? Regards Ian - Ian Forbes ZSD http://www.zsd.co.za Office: +27 21 683-1388 Fax: +27 21 674-1106 Snail Mail: P.O. Box 46827, Glosderry, 7702, South Africa - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]