Re: View dummynet connections
I know that command but it doesn't seem to do the job. It doesn't show me the active connections thru/to the box. Cheers, Siddhartha Subhro wrote: ipfw pipe list Regards S. On Tue, 28 Sep 2004 19:40:55 +0530, Siddhartha Jain <[EMAIL PROTECTED]> wrote: Hi, FreeBSD 4.10-RELEASE I am using dummynet in the bridge mode. Is there a way that I can see the active connections going through each pipe in the form of source IP/port and destination IP/port pairs? Thanks, Siddhartha ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
View dummynet connections
Hi, FreeBSD 4.10-RELEASE I am using dummynet in the bridge mode. Is there a way that I can see the active connections going through each pipe in the form of source IP/port and destination IP/port pairs? Thanks, Siddhartha ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: install info
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Joey Fenley wrote: | Installing FreeBSD on hosting server for first time, has dual scsi with | raid, loaded FreeBSD but after rebooting error state please insert | bootable media. | | | very confused, | | Joey Do you remember what did you do with the option of installing MBR? -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBJNbdOGaxOP7knVwRAibzAJ99jBU4VlP2M/GJTIF5MSm/wGqHmwCggmRJ Tfo7rrQkI3a8yDzsCS3GdUg= =sXjv -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PostgreSQL || MySQL
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Parahat Melayev wrote: | Hi ppl, | | we are planning to programm Instant Messaging server | which will be serving for thousands or many thousands | of users. | | if you have experience in this area which DB server you | suggest to use at the backend and can you share your | experiences please. | | thank you, | Parahat Melayev http://www.wlug.org.nz/PostgresVsMysql Should help depending on your application needs. If you are not going to write to the database often then LDAP might be a better idea. HTH, Siddhartha -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBJM7FOGaxOP7knVwRAuRSAJ4vaMCDEY6Xa9gyGW1iJesAmmhotwCfaPQl idWuT2sGU2jFi8U5ho9kq8Q= =gg8y -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Research questions on FreeBSD 4.10
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jason Tan wrote: | Hi, | | | I am currently doing a research on FreeBSD 4.10 Release System for a | presentation to an institution of 400 students. | | I would like to enquire on several questions regarding the Operating | System : - | | - Process Management / Model | - Scheduling | * Is it preemptive ? | * Discuss the algorithm | - Threading model | * User, kernel or hybrid? | - File System | * Discuss more than one if applicable | - Device management | - Memory management | - Programming language supported (and recommendation) | - Networking support | - Security model | * User security | * File System security | - Compare the current version of the OS that you're researching with the | previous and future version | | | We look forward for your speedy reply. | | | Thanks and Regards, | | | Jeff Neufield Jeff/Jason, Spend $53.99 on http://www.awprofessional.com/title/0201702452 And Google, google and google!! HTH, Siddhartha -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBJF8POGaxOP7knVwRAsGuAJ0UqCXw6dVFkeeQH+9TF+qoKnsPtACdElfG PYH9RfMFMaDOUQwTAWjSyK8= =chIF -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Harddrive beginning to expire?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [EMAIL PROTECTED] wrote: | Hello, | | I'm seeing this entry in my /var/log/messages approx. every three hours: | | Aug 17 06:09:07 judea /kernel: (da5:ahc0:0:5:0): WRITE(06). CDB: a 0 1 f9 a 0 | Aug 17 06:09:07 judea /kernel: (da5:ahc0:0:5:0): RECOVERED ERROR asc:5d,0 | Aug 17 06:09:07 judea /kernel: (da5:ahc0:0:5:0): Failure prediction threshold exceeded field replaceable unit: 1 | Aug 17 09:28:52 judea /kernel: (da5:ahc0:0:5:0): WRITE(06). CDB: a 0 1 f9 a 0 | Aug 17 09:28:52 judea /kernel: (da5:ahc0:0:5:0): RECOVERED ERROR asc:5d,0 | Aug 17 09:28:52 judea /kernel: (da5:ahc0:0:5:0): Failure prediction threshold exceeded field replaceable unit: 1 | | This 4.9-STABLE box is running 7 SCSI drives in a vinum stripped array. | Question, is this the beginning of the end for drive da5? | If the setup has been working error free ealier and the errors have started coming up recently then it looks like you have a disk that needs replacement. - -- Siddhartha Jain (CISSP) Consulting Engineer Netmagic Solutions Pvt Ltd Bombay - 400063 Phone: +91-22-26850001 Ext.128 Fax : +91-22-26850002 http://www.netmagicsolutions.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIizOOGaxOP7knVwRAnR1AJ4ictuNJr7WL86dbouCmSvY4dqgrACfSMy1 Cr8sSc2xp8A2WKSmjEZ5qes= =QZT+ -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: hosts.allow Question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Long Story wrote: | Hello everyone, | |Because of the MASS failure tries to connect to my server using | random passwords |I decided to allow only my IP to access the server. http://www.die.net/doc/linux/man/man5/hosts.allow.5.html - -- Siddhartha Jain (CISSP) Consulting Engineer Netmagic Solutions Pvt Ltd Bombay - 400063 Phone: +91-22-26850001 Ext.128 Fax : +91-22-26850002 http://www.netmagicsolutions.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIiUDOGaxOP7knVwRAtiQAJsEwRrkHHHpP40dauJxv7eUPduKVQCgi/RZ TGzrLReOco2hhbo4L52Pu78= =UDqD -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Newbies Question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Valéry wrote: | REF : documentation | http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-start.html | | | Hi, | i'm installing FreeBSD in order to change my NT5.1 | with Apache & ftp server. | I'm comming from IBM OS/390 mainframe and don't know | anything on Unix like systems. I'm a C/C++ developper too. | | My question beeing very simple, i think you don't need | technical information, but see on * lines below. | | Q : how to launch the "Kernel Configuration Menu" script | as described on Ch 2.3.2 (fig. 2.1) ? | | i don't have any option to do that on the Loader Menu (i tried all) | i tried to "grep-find" the script (or command) but fails. | | * i'm using/booting from FreeBSD 5.2.1, disc-1 | * boot0 & boot1 are Ok | * Loader Ok | * Sysinstall running Ok | Note : a mini-install of 5.2.1 is currently installed on my HDD | and seem to work properly. I would like to configure more | accurately my Kernel now. | | Great thanks, FreeBSD is exactly what i want, | First you might want to move away from 5.2.1 to 4.10 because 5.2.1 isn't stable release. 4.10 is the stable release or wait till 5.3 gets released. Also, see this http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html - -- Siddhartha Jain (CISSP) Consulting Engineer Netmagic Solutions Pvt Ltd Bombay - 400063 Phone: +91-22-26850001 Ext.128 Fax : +91-22-26850002 http://www.netmagicsolutions.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIfmEOGaxOP7knVwRAhgvAJ0Ri6EdjVeGhg4Ej/uPl5xc4cfOBQCeOAXX t3wpvYduXBAcsa9UARrlt0Y= =p0C7 -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ELF Kernel
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dennis George wrote: | What is elf kernel ? | ELF is a binary file format. Stands for Executable and Linking format. The kernel must support this format so that files made in this format can be loaded, read and executed by the kernel. http://www.cs.ucdavis.edu/~haungs/paper/node10.html Now the kernel itself is a big binary file. Under FreeBSD, the kernel itself is a dynamically linked ELF binary. Goto "/" and issue "file kernel" and see the results. Ofcourse, there are unconfirmed rumours that Linus Torvarlds was just the front man for Santa Claus and the Tooth fairy, who actually wrote the Linux kernel alongwith elves and hence the name Elf Kernel ;) HTH, - -- Siddhartha Jain (CISSP) Consulting Engineer Netmagic Solutions Pvt Ltd Bombay - 400063 Phone: +91-22-26850001 Ext.128 Fax : +91-22-26850002 http://www.netmagicsolutions.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBId7WOGaxOP7knVwRAo6bAJ49Pp6U7rvmuSodd0RuaH3fwHgLAQCeMGVd N5VXUzzI14VeoYhuqfxpKoA= =umxi -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Is promiscuous mode bad?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 horio shoichi wrote: | On Mon, 16 Aug 2004 14:24:00 +0200 | Ruben de Groot <[EMAIL PROTECTED]> wrote: | |>On Sun, Aug 15, 2004 at 07:53:10PM -0700, Kevin Stevens typed: |> |>>A lot of network scanners also trigger on NICS in promiscuous mode |>>(there's a way to detect them, I forget the details at the moment) |>>because admins want to know if any hosts are out there sniffing. |> |>How sure are you about that? AFAIK there's no way to detect a NIC in |>promiscuous mode *from the outside*. I would be very interested in a network |>scanner that could. |> |>Ruben |> |>___ |>[EMAIL PROTECTED] mailing list |>http://lists.freebsd.org/mailman/listinfo/freebsd-questions |>To unsubscribe, send any mail to "[EMAIL PROTECTED]" |> | | | Ping it with wrong mac. | Don't you have to be on the same broadcast domain to do a MAC ping? I mean how would you do a MAC ping over the internet? - -- Siddhartha Jain (CISSP) Consulting Engineer Netmagic Solutions Pvt Ltd Bombay - 400063 Phone: +91-22-26850001 Ext.128 Fax : +91-22-26850002 http://www.netmagicsolutions.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIdSMOGaxOP7knVwRAkUCAJ4m3u55mbVps9skAyr3OnMrMLxBBACffMDf blzs3L+y384dbZna0ZqCEwA= =dYSX -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Security question - uids of 0
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 James A. Coulter wrote: | The following appeared in my latest daily security run output: | | Checking for uids of 0: | root 0 | toor 0 | | This is the first time I've seen this message. | | I checked /etc/passwd and found this: | | root:*:0:0:Charlie &:/root:/bin/csh | toor:*:0:0:Bourne-again Superuser:/root: | | I am running FreeBSD 4.10 as a gateway/router/firewall with IPFW for a small | home LAN. | | I ran ps -aux and looked for any processes owned by "toor" but didn't find any. | | Is this something to be concerned about? | | Sorry if this is an obvious question, but I am still very much a newbie | and trying to learn what I can about security. http://freebsd.active-venture.com/faq/security.html#TOOR-ACCOUNT - -- Siddhartha Jain (CISSP) Consulting Engineer Netmagic Solutions Pvt Ltd Bombay - 400063 Phone: +91-22-26850001 Ext.128 Fax : +91-22-26850002 http://www.netmagicsolutions.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIM3MOGaxOP7knVwRAv1HAJ4+/67fLaZbpgR3U25vy9xGMLtelQCeKhdO iTuVWEHFhbH/n+1tXxNIYFY= =RBsX -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Is promiscuous mode bad?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 JJB wrote: | Promiscuous mode can also be enabled on most hardware routers. A | hardware router in front of a private network with promiscuous mode | enabled allows public internet users to access (sniff) all the | traffic passing through the router as well as insert packets. This | is major security leak and one that spoofers look for. | I am curious, how do you do that? From what I understand, a promiscous mode allows someone on the box to see all packets that hit the interface. How does it allow an attacker (outside the box) to sniff packets hitting that interface? Thanks, - -- Siddhartha Jain (CISSP) Consulting Engineer Netmagic Solutions Pvt Ltd Bombay - 400063 Phone: +91-22-26850001 Ext.128 Fax : +91-22-26850002 http://www.netmagicsolutions.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIMWrOGaxOP7knVwRAj1nAJ9Ae+5APNi4YgeSNwxMkrv7jwUbjQCeLftp 8BIhFJfN9b5S2xUTDctKcuI= =bt2X -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Create multiple jails by copying
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, I created one jail in FreeBSD 4.10. Since the compile time for make world and make distribution is too high, I copied the contents of jail1 to jail2 this way: jailbsd:/jails/jail1# find . | cpio -pdmv /jails/jail2 jail1 is functional. Now, when I run: # mount -t procfs proc /jails/jail2/proc (No complaints/errors) #jail /jails/jail2 jail2 10.1.1.173 /bin/sh /etc/rc I get an error from sendmail-client, sshd, cron, sendmail cannot chdir(/var/spool/clientmqueue/): Permission denied Program mode requires special privileges, eg., root or TrustedUser But "ps ax" reveals that in the jail: syslogd, sshd, cron are running but sshd kicks out the user after entering username/password. What do I need to modify in jail2 to make it work? I am guessing its some file permissions? Thanks, Siddhartha -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBHh8QOGaxOP7knVwRAvxjAJ0ZDekNiSIWmD67nD+kGZAZ09Dr9QCeJUyS EG9eGAZSmHheXV7qvYHjXXs= =ztKJ -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
propolice patch on 4.10
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I wanted the propolice protection for my 4.10 FreeBSD install. So I downloaded the latest available propolice patch (for 4.8) and patched the source (seemed to go ok). Now after going thru the entire rebuild process, how do I verify that the propolice thing is active and fine? thanks, Siddhartha -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBHgguOGaxOP7knVwRAs5DAJ428pXMgtLhqdPWdQIG7jp3FyaAFwCfTV0L TjWCWx5GeRDAZGBuDLBbQFk= =xoKI -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD support for TCP-Offload Engine NICs
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, Does FreeBSD support any TOE cards from say Adaptec or Intel? Can DUMMYNET use the TCP offloading part to do its job more efficiently? Thanks, Siddhartha -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBG1UTOGaxOP7knVwRAjNSAJ9yiI2dkJPInkQF5MQOttJntlv3CACdGvok EyEoPZPjnu4Ep4v67TDyoY0= =ylLu -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Using IPFW & DUMMYNET with an existing IPFILTER/IPNAT setup for QoS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 J. Seth Henry wrote: | Hello, | I have an existing FreeBSD based router/internet gateway system that is using | ipfilter & ipnat. It performs quite well, and my wife would be mightily | irritated if I screwed it up. :) | http://www.phildev.net/ipf/IPFfreebsd.html#12 HTH, Siddhartha -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBGyumOGaxOP7knVwRAiaYAKCJweNshwFaDKBBAtYqq6SNCb9ZdQCbBZec VEmbnLEjV7arnsWz9k/jm2c= =xpRU -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Swappable Hard drives?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We've been buying Compaqs (DL-380s and 580s) for four years now and are happy. Also, IBM's boxes are good. We have a customer who bought Dell and IBM and found that Dell performed about 25% less than the IBM's for the same config. HTH, Siddhartha Robert Huff wrote: | Speaking of "swappable": I considering building a machine with | one or more hot-swappable SCSI drives. Can I do this under FreeBSD | (5.x)? | If so, what manufacturers and vendors do people recommend? | -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBF3vTOGaxOP7knVwRAueeAKCY1qFHd31hpjYYbz70Dc7v6fBkNgCeJbL0 LBSdkZqYcoRor8s1sztk+lg= =b6p4 -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Bandwidth shaping for different flows
Siddhartha Jain wrote: Hello, I want to do bandwidth shaping using dummynet. I want the box to act as a bridge only and no layer-3 filtering. To that effect, I have the following parameters in /etc/sysctl.conf: net.link.ether.bridge_cfg=ed0,rl0 net.link.ether.bridge=1 net.link.ether.bridge_ipfw=1 net.link.ether.ipfw=1 net.inet.ip.fw.one_pass=1 net.inet.ip.fw.enable=0 My first question is that does this ensure that packets are processed at the bridge level and not at layer-3? I am a bit confused between these two parameters: net.link.ether.bridge_ipfw, and net.link.ether.ipfw What is the effect of each specifically? Still need to know this. Two is that I am trying to allocate different bandwidth limits for: 1. Internet to home-network-A (in and out) - 128Kbps 2. Home-network-B to Home-Network-A (in and out) - 1Mbps So I do: ipfw -f flush ipfw add pipe 1 ip from any to Network-A ipfw add pipe 2 ip from Network-B to Network-A ipfw pipe 1 config bw 128Kbit/s queue 10 ipfw pipe 2 config bw 1000Kbit/s queue 10 But I find that the effective limit is 128Kbps only for all transfers!! Why isn't the traffic between Network-A and B put in pipe-2? Sorry, stupid question. I realised that the packets enters a pipe as soon as one matches it profile and does not go thru the whole rule-base before entering a pipe. So just changed precedence. Works now. Thanks, Siddhartha ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Bandwidth shaping for different flows
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I want to do bandwidth shaping using dummynet. I want the box to act as a bridge only and no layer-3 filtering. To that effect, I have the following parameters in /etc/sysctl.conf: net.link.ether.bridge_cfg=ed0,rl0 net.link.ether.bridge=1 net.link.ether.bridge_ipfw=1 net.link.ether.ipfw=1 net.inet.ip.fw.one_pass=1 net.inet.ip.fw.enable=0 My first question is that does this ensure that packets are processed at the bridge level and not at layer-3? I am a bit confused between these two parameters: net.link.ether.bridge_ipfw, and net.link.ether.ipfw What is the effect of each specifically? Two is that I am trying to allocate different bandwidth limits for: 1. Internet to home-network-A (in and out) - 128Kbps 2. Home-network-B to Home-Network-A (in and out) - 1Mbps So I do: ipfw -f flush ipfw add pipe 1 ip from any to Network-A ipfw add pipe 2 ip from Network-B to Network-A ipfw pipe 1 config bw 128Kbit/s queue 10 ipfw pipe 2 config bw 1000Kbit/s queue 10 But I find that the effective limit is 128Kbps only for all transfers!! Why isn't the traffic between Network-A and B put in pipe-2? Also, if someone can point me to a document with lots of examples of dummynet usage. I found Luigi Rizzo's page a bit lacking examples of various scenarios. Thanks, Siddhartha -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBF1wYOGaxOP7knVwRAlThAJ940oz3Lgpqm46bbb2K0QoomV8GWwCfRs/p Z1QXCajpDaw+txXbBfFSCHQ= =zByh -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
IPFW + Bridge + Dummynet
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, I read all the FAQs and stuff I could find after googling and got IPFW+Bridging+Dummynet working but still wanted to confirm my config. Some basic info: == FreeBSD bsdband.netmagic.com 4.10-RELEASE FreeBSD 4.10-RELEASE #1: Fri Aug 6 22:45:47 IST 2004 [EMAIL PROTECTED]:/usr/src/sys/compile/MYKERNEL i386 At the tail of MYKERNEL config: === options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_DEFAULT_TO_ACCEPT options BRIDGE options DUMMYNET options HZ=1000 In /etc/sysctl.conf === net.link.ether.bridge_cfg=ed0,rl0 net.link.ether.bridge=1 net.link.ether.bridge_ipfw=1 net.link.ether.ipfw=1 net.inet.ip.fw.one_pass=1 net.inet.ip.fw.enable=0 Now, I want to do bandwidth shaping by using the box as a bridge only. I don't want any IP routing or firewalling to be done on the box. Are the above parameters proper and appropriate? Is there something else I should add for better performance etc? Thanks, Siddhartha -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBFLjROGaxOP7knVwRAs2RAJ93Yw7ReAgIr0sPMspIKYU6TcxV2ACfcN1j VoJghkrtGmcERwsoDanBry4= =NbTg -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"