RE: [leaf-user] RE: wifi modules

2005-12-12 Thread Luis.F.Correia 
Hi!

 -Original Message-
 From: Matija Papec [mailto:[EMAIL PROTECTED] 
 I will do it, but probably only this weekend.
 Module will be compiled for the latest Bering uClibc version.
 
 Tnx!

Meanwhile I haven't got the chance to do it, ie: it has slipped my mind...

Luis Correia   
Bering uClibc Team Member

PGP Fingerprint: BC44 D7DA 5A17 F92A CA21 9ABE DFF0 3540 2322 21F6 
Key Server: http://pgp.mit.edu



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] syslog message: firewall kernel: ip_conntrack: table full, dropping packet.

2005-12-12 Thread Chera Bekker 

Hello Eric,

Thanks for you reply. After increasing the ip_conntrack_max value to 
4096 I did find a curious entry in my messages log file

:
   firewall kernel: __alloc_pages: 0-order allocation failed (gfp=0x1d2/0)

This happened twice about a day ago.

According to the bucu-conntrack guide the amount for memory used by 4096 
connections (with hash size equal to max conntrack) is 4096 x 308 = 1.2 Mb.


My LEAF box has 16 Mb RAM and cat /proc/meminfo gives:

   total:used:free:  shared: buffers:  cached:
Mem:  14725120 11927552  2797568040960  6443008
Swap:000
MemTotal:14380 kB
MemFree:  2732 kB
MemShared:   0 kB
Buffers:40 kB
Cached:   6292 kB
SwapCached:  0 kB
Active:   5924 kB
Inactive: 1700 kB
HighTotal:   0 kB
HighFree:0 kB
LowTotal:14380 kB
LowFree:  2732 kB
SwapTotal:   0 kB
SwapFree:0 kB

So there should be enough memory left for the conntrack table. Anyway 
the firewall is still up and running.


I set the new max conntrack number using

   echo 4096  /proc/sys/net/ipv4/ip_conntrack_max.

How can I make this setting permanent? I have seen the option  
net.ipv4.netfilter.ip_conntrack_max in /etc/sysctl.conf but which 
package should I backup then?


Regards

Chera Bekker



Eric Spakman wrote:


Hello Chera,

There is some information about this setting in the following
Bering-uClibc guide and the links section in this guide.

http://leaf.sourceforge.net/doc/guide/bucu-conntrack.html

Eric

 


Hello List,


I have noticed that when running a p2p client behind my Bering firewall
my syslog gets flooded with the message:

|firewall kernel: ip_conntrack: table full, dropping packet.|
||
Allmost all entries in /proc/net/ip_conntrack pointed to the internal
machine running the client.

|I noticed that the value in |/proc/sys/net/ipv4/ip_conntrack_max was
set to 1024. I have increased this value to 4096 which seems to have put a
(temporary?) lid on things. My question is if the increase in the
number of connections will somehow have a negative impact on the
performance of the firewall?

Any information is appreciated.


Regards


Chera Bekker






---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log
files for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


   






---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/
 





---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] copy Bering floppy to CF card

2005-12-12 Thread Chera Bekker 

Hello Eric,

Thanks for your reply. Does it make sense to create some swap space on 
the CF?


Regards

Chera Bekker


Eric Spakman wrote:


Hello Chera,

The easiest way is to use initrd_ide.lrp (with ide boot modules) from:
http://leaf.sourceforge.net/bering-uclibc/index.php?module=pagemasterPAGE_user_op=view_pagePAGE_id=3MMN_position=3:3
if you are using Bering-uClibc 2.3.x
If you are using Bering-uClibc 2.2.x, you can find initrd_ide with 2.4.26
modules in:
http://cvs.sourceforge.net/viewcvs.py/leaf/bin/packages/uclibc-0.9/20/2.4.26/

Rename the initrd_ide.lrp package to initrd.lrp

Read the documentation on
http://leaf.sourceforge.net/doc/guide/buci-ide.html;
on how to setup Bering-uClibc to use on CF. You can use the configured
packages from your floppy, so you shouldn't have to change a lot.

Eric

 


Hello List,


Right now I am running a Bering uclib firewall from a floppy. I am
thinking of buying an IDE CF reader to boot the firewall from a CF card.
What would be the easiest way to copy the contents of my current Bering
floppy to a CF card which is mounted as /dev/hda1 and to make the CF card
bootable?

Thanks for any help.


Regards


Chera Bekker




---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log
files for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/


   



 





---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

RE: [leaf-user] Puzzling Shorewall log entry?

2005-12-12 Thread Robert K Coffman Jr - Info From Data 
Jim,

Since nobody else has replied, I'll take a crack.

An rfc1918 packet arrived at your external interface and you have
norfc1918 specified on that interface.

Most likely originated from your ISP's equipment, hit your firewall, and was
dropped by norfc1918.  A successful guess of your internal network # is, as
far as I know, worthless to a potential attacker.  I am not personally aware
of any attack based on guessing internal network #s 

BTW, don't think of these addresses as unroutable for they are certainly
routable.  But most internet routers will not route them by default.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jim Ford
Sent: Saturday, December 10, 2005 8:26 AM
To: leaf-user
Subject: [leaf-user] Puzzling Shorewall log entry?


Trying to understand the Shrorewall logs on my Bering ULibC setup, I'm
puzzled over the following entry, of which I've had several:

Dec 10  06:47:01firewallrfc1918 DROPeth0eth1
192.168.0.2 192.168.1.64TCP 259554321   1410215655
63659   ACK PSH 0

The rfc1918 address 192.168.0.2 is not one I use and as it's unroutable,
should not have arrived at my eth0. 192.168.1.64 is the IP address of the
machine I'm running Azereus on. The destination port 54321 is the one I use
for my Azereus bittorrent client. The source port 2595 is 'World Fusion 1' -
whatever that might be!

Has someone taken a guess at what the private IP address range I might be
using, spoofed it and tried tried to slip in via my open Arereus port? If
so, what would have happened if they had correctly guessed at the IP range I
use?

(BTW, am I giving anything important to potential intruders by revealing the
above info?)

Jim Ford



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37alloc_id865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] OpenVPN

2005-12-12 Thread Sylvain Pelletier 
Hi,

I would like to get the feedback of people who have succesfully
installed/tested openvpn with bering.

Thanks

Sylvain


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37alloc_id865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] copy Bering floppy to CF card

2005-12-12 Thread Eric Spakman 
Hello Chera,


 Thanks for your reply. Does it make sense to create some swap space on
 the CF?

No, that isn't necessary or used. Bering-uClibc is running in memory, the
flash is only used for booting.

 Regards


 Chera Bekker

Regards,
Eric



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] syslog message: firewall kernel: ip_conntrack: table full, dropping packet.

2005-12-12 Thread Eric Spakman 
Hello Chera,

 Hello Eric,


 Thanks for you reply. After increasing the ip_conntrack_max value to
 4096 I did find a curious entry in my messages log file
 :
 firewall kernel: __alloc_pages: 0-order allocation failed (gfp=0x1d2/0)

 This happened twice about a day ago.

I don't know what this message means, maybe someone else on the list?
But a quick Google gave some notes about the system running out of virtual
memory, so tight memory may be the problem.
You can take a look with top to see which processes use a lot of virtual
memory.


 According to the bucu-conntrack guide the amount for memory used by 4096
 connections (with hash size equal to max conntrack) is 4096 x 308 = 1.2
 Mb.


 My LEAF box has 16 Mb RAM and cat /proc/meminfo gives:


 total:used:free:  shared: buffers:  cached:
 Mem:  14725120 11927552  2797568040960  6443008
 Swap:000
 MemTotal:14380 kB
 MemFree:  2732 kB
 MemShared:   0 kB
 Buffers:40 kB
 Cached:   6292 kB
 SwapCached:  0 kB
 Active:   5924 kB
 Inactive: 1700 kB
 HighTotal:   0 kB
 HighFree:0 kB
 LowTotal:14380 kB
 LowFree:  2732 kB
 SwapTotal:   0 kB
 SwapFree:0 kB


 So there should be enough memory left for the conntrack table. Anyway
 the firewall is still up and running.

 I set the new max conntrack number using


 echo 4096  /proc/sys/net/ipv4/ip_conntrack_max.

 How can I make this setting permanent? I have seen the option
 net.ipv4.netfilter.ip_conntrack_max in /etc/sysctl.conf but which package
 should I backup then?

You could indeed set it in /etc/sysctl.conf (lrcfg - 2 - 10), the file
is saved with the backup of the etc.lrp package.

 Regards


 Chera Bekker


Regards,
Eric



 Eric Spakman wrote:


 Hello Chera,


 There is some information about this setting in the following
 Bering-uClibc guide and the links section in this guide.


 http://leaf.sourceforge.net/doc/guide/bucu-conntrack.html


 Eric




 Hello List,



 I have noticed that when running a p2p client behind my Bering
 firewall my syslog gets flooded with the message:

 |firewall kernel: ip_conntrack: table full, dropping packet.|
 ||
 Allmost all entries in /proc/net/ip_conntrack pointed to the internal
 machine running the client.

 |I noticed that the value in |/proc/sys/net/ipv4/ip_conntrack_max was
  set to 1024. I have increased this value to 4096 which seems to have
 put a (temporary?) lid on things. My question is if the increase in
 the number of connections will somehow have a negative impact on the
 performance of the firewall?

 Any information is appreciated.



 Regards



 Chera Bekker







 ---
 This SF.net email is sponsored by: Splunk Inc. Do you grep through log
  files for problems?  Stop!  Download the new AJAX search engine that
 makes searching your log files as easy as surfing the  web.  DOWNLOAD
 SPLUNK!
 http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click
 --
 --
 leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/









 ---
 This SF.net email is sponsored by: Splunk Inc. Do you grep through log
 files for problems?  Stop!  Download the new AJAX search engine that
 makes searching your log files as easy as surfing the  web.  DOWNLOAD
 SPLUNK!
 http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click
 
  leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/






 ---
 This SF.net email is sponsored by: Splunk Inc. Do you grep through log
 files for problems?  Stop!  Download the new AJAX search engine that makes
  searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
 http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click
 
 leaf-user mailing list: leaf-user@lists.sourceforge.net
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 Support Request -- http://leaf-project.org/






---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request --

Re: [leaf-user] OpenVPN

2005-12-12 Thread Erich Titl 

Sylvain

Sylvain Pelletier wrote:

Hi,

I would like to get the feedback of people who have succesfully
installed/tested openvpn with bering.


I am running it on multiple systems without a hitch using Bering glibc

cheers

Erich



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] OpenVPN

2005-12-12 Thread Mailing Lists 

Tens of installations using bering uclibc

Ciao
Gianni



Hi,

I would like to get the feedback of people who have succesfully
installed/tested openvpn with bering.



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] RE: wifi modules

2005-12-12 Thread Matija Papec 
 -Original Message-
 From: Matija Papec [mailto:[EMAIL PROTECTED] 
 I will do it, but probably only this weekend.
 Module will be compiled for the latest Bering uClibc version.
 
 Tnx!

Meanwhile I haven't got the chance to do it, ie: it has slipped my
mind...

LOL 
Ok, I'll be waiting. :)



Matija

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] Re: TCP Destination port DPT=2703 Blocked by Bering uClibc 2.3.1

2005-12-12 Thread Kwon 
That’s strange! 192.168.73.76 is a Gentoo Linux email (Postfix) and web 
(Apache) server. Why would this server try to contact 66.151.150.12 
(d1.cloudmark.com)?


Finally figure out! TCP 7, 2703 and UDP 6277 are used by DCC/Razor.
I now have the following rules in /etc/shorewall/rules:

# DCC/Razor specific rules:
ACCEPT  dmz net tcp 7,2703
ACCEPT  dmz net udp 6277



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

[leaf-user] What modules are needed for shorewall 3.0 traffic shaping?

2005-12-12 Thread M Lu 

Hi,

I upgraded to shorewall 3.x and would like to use the built-in traffic 
shaping. After creating some simple tc-files I started shorewall and I got 
error


Processing /etc/shorewall/tcdevices...
RTNETLINK answers: Invalid argument

and I think that some modules (for HTB?) are missing. According to shorewall 
documentation: ...For builtin support, you need the HTB scheduler, the PRIO 
pseudoscheduler and SFQ queue. The other scheduler or queue algorithms are 
not needed...


Can somebody list what modules I need to specify in /etc/modules?

Thank you.

M Lu 



---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/

Re: [leaf-user] What modules are needed for shorewall 3.0 traffic shaping?

2005-12-12 Thread Jaap Eldering 
On Mon, Dec 12, 2005 at 11:55:23PM -0500, M Lu wrote:
 
 I upgraded to shorewall 3.x and would like to use the built-in traffic 
 shaping. After creating some simple tc-files I started shorewall and I got 
 error
 
 Processing /etc/shorewall/tcdevices...
 RTNETLINK answers: Invalid argument
 
 and I think that some modules (for HTB?) are missing. According to 
 shorewall documentation: ...For builtin support, you need the HTB 
 scheduler, the PRIO pseudoscheduler and SFQ queue. The other scheduler or 
 queue algorithms are not needed...
 
 Can somebody list what modules I need to specify in /etc/modules?

For these you need:

sch_htb
sch_prio
sch_sfq

You can find these in directory kernel/net/sched of the modules tree.

Jaap


---
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637alloc_id=16865op=click

leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://leaf-project.org/