Luciano Ruete wrote:
You need to use iptables CONNMARK to keep track of wich conn with
wich
ISP, see this[1] thread for reference and a nano HOWTO.
[1]http://mailman.ds9a.nl/pipermail/lartc/2006q2/018964.html
Thanks for the hint, however the really setup is
a little different and AFAIK the
Hi
Iam using the script below to limit usage for the computers on my lan
with respect to download and upload I have a 256kb up and 256 kb down
connection, I want limit the speed of each computer to 64kbyte down
and 32 up as a maximum.
The script below works however it limits the up and down of
Look at this:
iptables v1.3.6
Kernel 2.6.17
man iptables
search for SAME target:
SAME
Similar to SNAT/DNAT depending on chain: it takes a range of
addresses
(`--to 1.2.3.4-1.2.3.7') and gives a client the same
source-/destina-
tion-address for each connection.
Kajetan Staszkiewicz wrote:
Dnia środa, 13 grudnia 2006 18:55, Arik Raffael Funke napisał(a):
But the command given at the beginning does not work. It give in dmesg:
ip_tables: ipp2p match: invalid size 0 != 8
I had same problems when I had too new kernel with too old ipp2p. Try 0.8.2.
Still can't seem to block on the FORWARD chain in one direction. I
tried
ebtables -I FORWARD 1 -i eth0 -p ip --ip-protocol icmp -j DROP
Just as a test no other rules enabled at all (in iptables, tc or
ebtables), and it blocks both directions. Please can someone help?
Kind Regards
William
All good, had input instead of forward on the establish / related now
fixed. To test I used:
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -m physdev --physdev-in eth0 -p icmp -j DROP
works great!
Kind Regards
William
-Original Message-
Hi there.I'm Brenda from the Australia,I wanna work on a project relating to
VOIP QoS.I wanna evaluate IP over ATM against IP over Ethernet on the
following parameters relating to voice and video traffic;
bandwidth consumption
packet loss
packet delay(latency)
jitter
traffic thoroughput
Is this
Brenda Lindsay Williams wrote:
Hi there.I'm Brenda from the Australia,I wanna work on a project
relating to VOIP QoS.I wanna evaluate IP over ATM against IP over
Ethernet on the following parameters relating to voice and video traffic;
bandwidth consumption
packet loss
packet delay(latency)
Someone else asked a similar question a few weeks ago, but he wanted
to do some advanced if this then that session limiting.. Has
someone here done session limiting per host?
My situation is this: I have 2 direcway (Hughes now) satellites that
I'm sharing out to some clients. I only get
Mark Dueck wrote:
My situation is this: I have 2 direcway (Hughes now) satellites that I'm
sharing out to some clients. I only get about 50 sessions per sat, so
if any one of my clients has limewire or emule open with it's default
sessions set to 300, no one can browse, or it's extremely
Grant Taylor schrieb:
I personally have known that using -m state --state
ESTABLISHED,RELATED was not the most secure thing to use for returning
traffic.
Actually, what the described method accomplishes is not defeating the
firewall part, but the NAT part. If one of the hosts was not behind
a
Grant Taylor wrote:
I ran across an interesting article
(http://www.heise-security.co.uk/articles/print/82481) (1) that I think
any and all firewall administrators should take a few moments to read.
The article only reiterates the same old stories and FUD which have been
known for years.
I
12 matches
Mail list logo
