I did something similar for YouTube. I used tc to reduce bandwidth to
all known IP addresses for YouTube... I set it to something like 64kbps
and set to lowest priority with no guaranteed bandwidth. I used
MasterShaper to generate the tc code then copied that on LEAF. Very
effective at makin
Hi Adam,
I see the Command not found error from your logfile. You might have a typo?
jerome
make[1]: /home/leaf/src/bering-uclibc/buildtool/staging/bin/i386-linux-gcc:
Command not found
make[1]: Entering directory
`/home/leaf/src/bering-uclibc/buildtool/source/buildenv/uClibc-0.9.28'
make[1]: /
Hi, Has anyone tried to use LEAF with the new ALIX boards from PC
Engines? Does it work straight away with the latest leaf release?
jerome
--
http://www.techsier.com - Blog
http://www.boholweb.com - Bohol tourism website
http://www.auza.net - enabling e-services in Bohol
---
Have a look at QBox http://content.cs.luc.edu/projects/comp412/q-box
... although I'm not sure if you want to insert another box into your
setup. However, I think you can use something like QBox to setup
priorities of the data traffic. Basically you need to setup the RDP
traffic as priority
Hi Luigi,
Probably none. I managed to get it working and have been using it since
without trouble.
jerome
Luigi Capriotti wrote:
>Hi all,
>
>are there any new developments in terms of the chillispot package that
>was discussed in October '06?
>
>Thanks in advance
>
>Luigi
>
>-
Yeah, checked the price here: http://www.routerboard.com/prices.html
The price of the 153 is not too bad vs. WRAP board and in fact, the 150
is quite attractive.
Erich Titl wrote:
>Jerome J. Auza wrote:
>
>
>>Hi, my favorite LEAF hardware, the WRAP board, is now EOL so I'
Hi, my favorite LEAF hardware, the WRAP board, is now EOL so I'm looking
for an alternative. The routerboard 153 is a potential replacement.
Has anyone tried LEAF on this hardware already? Any issues I should
expect? I haven't purchased one yet but I may if LEAF works on it.
---
Hi guys,
Is there anyway I can get Perl as a CGI app to accept GET or POST
requests using mini_httpd? The usual method of getting the form
variables don't seem to work:
read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});
@pairs = split(/&/, $buffer);
foreach $pair (@pairs) {
($name, $value) = sp
Hi Eric,
I missed to read this part of the doc. It does work now! Thanks for
pointing that out.
jerome
Eric Spakman wrote:
>Hi Jerome,
>
>
>
>>Hi Eric,
>>
>>
>>I observed the same issue. I used the lrcfg menu to change the TZ file.
>>Hardware is a PCengines WRAP. I tried changing it to HKT
Hi Eric,
I observed the same issue. I used the lrcfg menu to change the TZ file.
Hardware is a PCengines WRAP. I tried changing it to HKT and PHT but it
still displays UTC time. Right now I just mentally add 8 to the time I
see. :D
jerome
Eric Spakman wrote:
>Hello Eric,
>
>
>
>>So I insta
Hi Doug,
Try looking at /etc/syslinux.cfg. It should give you a clue what device
was used.
jerome
Doug Sampson wrote:
>>Doug Sampson wrote:
>>
>>
>>>This is dumb but here it goes...
>>>
>>>Much earlier this year I set up a router using Bering
>>>
>>>
>>uClibc 2.3.1 booting
>>
>>
I've seen something similar to this using a different LRP package. I
replaced the LRP file with another one that I was sure to be compiled
for the same verion of uClibc that I was using. That solved the issue.
Erich Titl wrote:
>Hi And
>
>and hansen wrote:
>
>
>>Hi Group!
>>
>>I have instal
Hi guys,
We got it working now. What we were missing was the chilli.iptables
file which was not properly loaded and run during boot. What worked for
me was the version that Eric sent. Thanks to Eric and Gianni for all
the help and pointers.
jerome
Jerome J. Auza wrote:
> Hi Eric, Gia
Hi Eric, Gianni,
We finally got chilli.lrp running and working partially. We were able
to get LEAF 3.0 beta 2 up and running with chilli giving out IP
addresses via DHCP properly. However, it doesn't redirect the page
yet. We tried with and without shorewall (we don't need the firewall
func
Hi,
The problem turned out to be that the serial port was deactivated
unintentionally. I was able to get back to the console by pressing on
the reset button as I plug in the power. The board is fine, fortunately. :)
jerome
Erich Titl wrote:
>Hi
>
>Jerome J. Auza wrote:
>
Hi Corey,
Your suggestion worked. I was missing the next-server statement. Thanks
a lot!
jerome
Corey Betka wrote:
>On Sat, 16 Sep 2006, Jerome J. Auza wrote:
>
>
>
>>I'm using a WRAP board with BIOS v1.11, with the intent on using PXEboot
>>to build the system
I'm using a WRAP board with BIOS v1.11, with the intent on using PXEboot
to build the system on the CF. The problem seems to be that the board
doesn't accept the IP address sent by the DHCP server. Looking at the
logs of the DHCP server, the server actually receive the request for IP
and resp
Hi,
My WRAP board is now stuck after I changed it to LBA mode. After the
change, the serial port no longer displays the boot sequence. Is there
a way I can reset it back to the factory default settings? The manual
on the web doesn't mention a way to reset to factory defaults.
jerome
--
Hi Gianni,
I'd be happy to help testing chilli referencing an external uam and
external radius.
jerome
Eric Spakman wrote:
>Hello Gianni,
>
>
>
>>I made some tests with chilli and radiusd.lrp.
>>All works fine and now I'm testing freeradius with the new 3.0 beta
>>
>>
>>
>That's great!
Hi,
Has anyone tried chillispot as a package in LEAF? I've used it in
regular PC's with Fedora Core 5 and works great as a captive portal and
I think it might be a good addition to LEAF. It doesn't have to have
freeradius together with it because a radius server can be on a separate
machine.
[EMAIL PROTECTED] wrote on 12/23/2005 10:18:03 AM:
> Follow up on this problem. I have progress of a sort. I attached my
> cardreader to yet another computer. The cardreader was attached as
> secondary master. This computer had a more modern BIOS which allowed
> booting from a LS/ZIP drive. And Y
[EMAIL PROTECTED] wrote on 12/21/2005 10:27:48 AM:
> Hi Eric and Tim,
>
> > I will ask Martin Hejl, but I think it can be disabled by default. If
> > that's the case it wil be removed or disabled in the next version of
> > Bering-uClibc.
> >
> > Thanks for reporting.
> I'm actually not sure why i
Tom Eastep <[EMAIL PROTECTED]> wrote on 12/20/2005 05:56:27 PM:
> The whole reason for having extension scripts in Shorewall is so that
people
> can use iptables features not directly supported by Shorewall. So by
> definition, if you need an extension script then you are doing things that
> ar
Hello!
I'm trying to completely understand the meaning of every bit of the port
knocking configuration. I've modified it quite a bit and it works
prefectly. My question is, though, what does the "--name" parameter do?
I've modified it to something different and it works fine, but I would
re
Tom Eastep <[EMAIL PROTECTED]> wrote on 12/20/2005 12:48:34 PM:
> On Tuesday 20 December 2005 09:29, Timothy J. Massey wrote:
>
> >
> > It adds 2 more logging lines, but it only affects the logging rules for
> > the 3 ports we're interested in, rather than th
Hello!
I've been breaking down the configuration of Bering-uClibc. In doing
so, I noticed that the only service enabled in inetd.conf is lrpStat. I
believe that this is the item found here: http://lrp.hejl.de/
Why is this here and enabled? I know that there isn't a Shorewall rule
to allo
2 -m recent --rcheck --name SSH
log_rule_limit $LEVEL $CHAIN SSHKnock DROP "" "$TAG" -A -p udp
--dport ! 22
fi
run_iptables -A $CHAIN -p tcp --dport 22 -m recent --rcheck
--seconds 60 --name SSH -j ACCEPT
run_iptables -A $CHAIN -p udp --dport 1599 -m
I'm running Bering-uClibc 2.2.3 on a Soekris 4801.
I seem to be having issues running DHCP relay. If I assign a static on
my linux client then routing and everything works as expected. I can
access the internet and traverse the openvpn tunnel just fine. It just
seems that dhcrelay is having t
Hello!
This is the *last* thing I need to work, and I'm ready to take over the
world! Or something...
I've got multiple subnet-to-subnet and subnet-to-host IPSec tunnels
working, with both plain RSA keys as well as certs. I've tested it with
Leaf firewall clients, Windows 2000 IPSec client an
"Peter Mueller" <[EMAIL PROTECTED]> wrote on 11/12/2004 12:42:27 PM:
> > left=68.208.33.25
> > leftsubnet=10.154.16.0/22
>
> > rightsubnet=10.154.16.0/255.255.252.0
>
> (If I'm reading this correctly..)
> In left's view, 10.154.16.0/.252 is owned by left. Ipsec routes get
a lower
> ro
Hello!
I have created a certificate-based tunnel between a Leaf firewall and a
Windows client using either the Windows 2000 VPN tool
(http://vpn.ebootis.de/) or SSH Sentinel. In both cases, the client
software establishes the connection, and according to Leaf's auth.log,
the tunnel is 100% est
I'm looking for some suggestions for Windows VPN software. I have three
requirements:
1) Works with SuperFreeS/WAN 1.99.6.2.
2) Must be able to use plain RSA keys, in addition to certificates and PSK
3) Must be able to work with SuperFreeS/WAN 1.99.6.2 when it (the
Windows computer, not the LEA
Hello!
I'm trying to set up a VPN between a Windows 2000 notebook and a Bering
1.2 LEAF firewall, running SuperFreeS/WAN 1.99.6.2.
On this firewall, I have two tunnels set up. One is a tunnel between
two LEAF firewalls bridiging two subnets, and works great. The other is
a tunnel designed for
Hi Scott,
DG from LEAF/Lince is statically compiled. You can use it in any LEAF
branch (in the teory ;-)).
http://cvs.sourceforge.net/viewcvs.py/leaf/bin/lince/dansgrdn.lrp?
rev=1.6&view=log
Regards
--
Juan J. Prieto <[EMAIL PR
Hi all, kernel security advisory: kernel 2.6 Remote DoS vulnerability. I
think kernel 2.4 is not affected.
- Mensaje reenviado
De: Tim Yamin <[EMAIL PROTECTED]>
Para: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED],
[EMAIL PROTECTED]
Asunto: [gentoo-announce] [ GLSA 200
gone thru' a gestation period!
Our aliases problem is resolved now, all by itself.
Thanks
--- J Oddissy <[EMAIL PROTECTED]> wrote:
> Hello,
>
>
>
>
http://www.lartc.org/howto/lartc.rpdb.
Hello,
A followup question to my earlier posting:
Is there a limit on how many number of aliases one
can set using Bering? If there is, what needs to be
done to increase it?
Thanks
--- J Oddissy <[EMAIL PROTECTED]> wrote:
>http://www.lartc.org/howto/lartc.rpdb.multiple-links.ht
Hello,
http://www.lartc.org/howto/lartc.rpdb.multiple-links.html#AEN268
We are trying to accomplish the routing for multiple
uplinks/prov
[EMAIL PROTECTED] wrote on 04/23/2004 05:52:30 PM:
Sorry for the delay, but I wanted to write and let others (and future
searchers) know what the resolution to this problem was:
> Timothy J. Massey wrote:
> > Hello!
> >
> > I'm using a Dachstein firewall with FreeS/W
Hello!
I'm using a Dachstein firewall with FreeS/WAN 1.91. I would like to set
up an IPsec VPN with either a Linksys BEFVP41 router, or a Windows 2000
computer behind it.
I have been unable to do either. The router won't negotiate a tunnel
with the LEAF firewall, and I can't seem to make the
[EMAIL PROTECTED] wrote on 03/13/2004 01:08:18 PM:
> Also you may want to check out
> http://www.voicepulse.com/default.aspx
>
> This is the other company I have heard mentioned on /. Not as
> much information on firewalls, but they use a different phone,
> so maybe its more "NAT friendly". Not
[EMAIL PROTECTED] wrote on 01/29/2004 08:00:09 AM:
> > I have been using Bering quite successfully for some time now, but I'm
> > at a spot where it would be good to evaluate a change to uClibc. I
> > haven't seen any discussion regarding development on Bering. Of
course,
> > most of the develo
Hello!
A few weeks ago I asked about LEAF-based solutions for monitoring
Internet (HTTP) usage. I had received a request from a client to do
just that, and I was looking for suggestions. I wanted to outline what
I ended up doing. Maybe it will be useful for someone else.
My first thought wa
Hello!
What is the future of Bering? Has it been supplanted by Bering-uClibc?
Or will there be future development on "traditional" Bering in parallel?
I have been using Bering quite successfully for some time now, but I'm
at a spot where it would be good to evaluate a change to uClibc. I
ha
[EMAIL PROTECTED] wrote on 01/22/2004 06:52:40 PM:
> >On a related question, is it possible to get the hostname of a computer
> >that has a DHCP lease from outside the firewall?
>
>
> I don't quite understand the question. What do you mean by "get the
> hostname"? Do you mean do something analogou
[EMAIL PROTECTED] wrote on 01/22/2004 03:37:21 PM:
> > Hello,
> >
> >Isn't it sufficient to add
> >
> > host hostname {
> >hardware ethernet
> >}
> >
> > to get "hostname" known to dns ?
> > No need to fix the IP address;
>
> Short answer: no.
On a related question, is it possible
[EMAIL PROTECTED] wrote on 01/14/2004 01:23:48 PM:
> At 10:43 AM 1/14/2004 -0500, Timothy J. Massey wrote:
> [...]
> > > If you want more details than this ... for example, if you want
the actual
> > > URLs logged, not just the IP addresses ... then a proxy server
> i
[EMAIL PROTECTED] wrote on 01/12/2004 04:19:04 PM:
> If "who" means source IP address and "where" destination IP address,
then
> just add rules to your router's firewall rulesets to log all outgoing
> packets to, and incoming packets from, ports 80 and 443. This won't get
> everything, since Web
Hello!
I have a client that wants to have the ability to track Web usage by
network users. My first thought was to use Squid to do this; however,
Squid is overkill for such a task. I don't have the storage or RAM for
any real caching, I just want to be able to create logs that document
who
Leaf Users,
This is a general question about the capability of Bering. I am trying to
connect 2 VPN clients from inside my network to their respective VPN
concentrators. I have successfully set up the Cisco VPN client to communicate
to my wife's company. One of the clients is a Cisco and the ot
do without knowing
> our servers exist.
>
> Good Luck
>
> Tony
>
>
>
> Julian Church wrote:
>
> > Hi Joe
> >
> > On Mon, 06 Oct 2003 20:23:58 -0500, j d <[EMAIL PROTECTED]> wrote:
> >
> >> Anyway, in the last two days
Hi all.
I've recently had some trouble with my Bering-uClibc configuration, so I've been
spending a lot of time with re-installation problems and not much with watching the fw
logs. Anyway, I've lately seen a real spike in behavior coming into the firewall, and
since I haven't changed any sho
l a little better that memory problems are low on the list. Thanks for the info.
-joe.
- Original Message -
From: "Robert Coffman - Info From Data Corporation" <[EMAIL PROTECTED]>
Date: Thu, 2 Oct 2003 07:11:06 -0400
To: "j d" <[EMAIL PROTECTED]>, &
Hi all. I've got the most annoying problem, and I think I'm...well, screwed. Just
today I was trying to back up my Bering floppy, when lrcfg's "back up floppy" submenu
failed on a segmentation fault. Ok, I thought; I've been playing around with
p9100.lrp for printserv duties lately, and maybe
Hi all.
I'm using Bering uClibc-2.0 b3, and I've tried to configure my box to take on print
server duties. I've followed the (excellent) instructions in this thread:
http://sourceforge.net/mailarchive/message.php?msg_id=3595773
...but I've hit a wall, it would seem, with the p910nd daemon. Wh
I'm wondering if there's a more direct path to upgrade from Bering-uClibc b3 --> b4
than to simply start from a fresh floppy and re-set all router parameters. I've read
that in some cases it's possible to simply overwrite the kernel (and, of course,
include any relevant changes in packages and
TECTED]
Subject: Re: [leaf-user] What do DNS0 and DNS1 do [Bering]?
> j d wrote:
> >
> > Okay, this might be a total newb question, but I've been looking around for a tip
> > and can't seem to find it.
> >
> > I've got a Bering V1.2 uClibc-0.9.15 box
we? Any help
would be greatly appreciated. After all I chose Linux/Bering for it's
stability.
J
---
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
---
s to be OK, at least for now.
But using this information are there any suggestions what could be the
matter and how to avoid it? The machine is 66 MHz Pentium with 32 Mb RAM,
no hard disk & 2 3C905C NICs. Anyone had similar problems? Any suggestions?
J
--
Okay, this might be a total newb question, but I've been looking around for a tip and
can't seem to find it.
I've got a Bering V1.2 uClibc-0.9.15 box up and running, pretty much as a defualt
firewall. Connectivity is good, now I'm just trying to make sure it's actually
WORKING as a firewall,
ding NAT.
>
> - Original Message -
> From: "Vladimir I." <[EMAIL PROTECTED]>
> To: "Timothy J. Massey" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Wednesday, November 06, 2002 2:28 PM
> Subject: Re: [leaf-user] Unable to
Hello!
I have worked to fix this problem all day and have
been unable to. Time to ask the list...
I have replaced an older firewall with a Dachstein
firewall. The firewall sits between a DSL router and
an Ethernet network. It also is configured for two
IPsec tunnels. There are several holes p
Okay,
i've come to the conclusion that bering (at least in my config)
can't reboot my machine. That said, what would be the best way
of achieving the same effect as a reboot? ie. how would I flush
everything and rerun all the startup scripts?
I need to do this, as pump is incapable of holding my
Howdy folks,
having problems w/ rebooting my bering machine..
I've moved everything from floppy to hda1, and it
boots just fine, etc...
however, if I try to reboot (with ctrl-alt-del, or
shutdown, or reboot, the machine hangs just before
it should reboot.. "restarting system" I think it
says. It
Hello all,
Once again, I'm having a problem with losing external network
connections. I'm relatively new to linux etc, so I don't really
know what to look for in fixing this.. ideally I'd like to set
up this router and be able to leave it for years at a time. Right
now it seems i have to mess aro
Just thought I'd update the list on the status of my DHCP lease..
it seems it's a network card issue. I've got 2 NE2000 compatible
ISA cards in here, and it seems the settings on one of them got
corrupted (or could Cogeco Cable be blocking the MAC?). Anyway,
a simple switch to the other (by revers
Quick question/problem about pump.
I had my Bering system setup working smoothly just yesterday.
Today I found that the internet gateway wasn't functioning.
It seems that Bering (pump) was unable to renegotiate a DHCP
lease with my cable provider. And now, it remains unable to
do so, even after r
On 17 Jan 2002 at 23:26, Larry Platzek wrote:
> Hi Richard:
> Just a quick change on the Dachstein Guide Appendix D Laptop Specific
> has a link "preparing the PC" that refers to es-preppc.html
> that should refer to ds-preppc.html.
Thanks. I'll try to get to it this weekend. (Oh, the perils of
Greetings, All:
I have a somewhat general question. I have been toying around
with modifying Dachstein to create a mini server (for such things as
an internal DNS server, perhaps DHCP, etc.) Since the basic thrust
of the xSteins is a router/firewall distribution, they all assume two
NICs,
Robert is correct. You will need to configure the adapters using
3Com's 3C5X9CFG.EXE program from DOS. I have done this a
number of times with the 3Coms, and have even documented some
of the details. Check out:
http://nw-hoosier.dyndns.org/rlohman/linux/firewall/es-contents.html
Look for the
Greetings, all:
I've been tasked with setting up a remote access solution for a
number of remote offices. I was pondering setting up an LRP (either
EigerStein or DachStein) box as a PPP dial-in box. I need to be
able to provide 12 lines in, however. My first thought was a multi-
port modem
ovide configs, etc if I'm not asking a simple
question.
Any help appreciated...Thanks
Greg J
I don't want to transfer files back and forth from my router, apparently
with the Oxygen release you can have it load files via tftp from a tftp
server, so instead of requiring two floppy disks, I can just stick one
in, and then load whatever else I need via tftp.
I could take this one step fart
Hi,
I was wondering if anyone has any information on getting Oxygen to boot
with TFTP or has any documentation to point me in the right direction.
- Thanks
- Brett Hoffman
___
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/li
74 matches
Mail list logo