Hi guys,
I know this should go to the openswan list, but no one seems to want to help
or respond. I was hoping one of you guys might be able to help me out.
I'm having an issue setting up a tunnel that I need some help with.
I have included the relevant files below
My first issue is when
Hi guys,
I'm trying to get nameif to work but I'm at a loss on where to implement if
on startup?
Also the "temp name/rename" doesn't seem to work.
If I reboot.
This is my interfaces
eth0: 00:25:90:35:35:9e
eth1: 00:25:90:35:35:9f
My /etc/mactab contains
em0: 00:25:90:35:35:9e
em1: 00:25
Hi guys,
I finally have my build environment up and working but now I wish to say
build pmacctd for i686.
How do I specify that it is to be built for the i686 ARCH?
Cheers
Adam
--
Don't let slow site performance ruin you
Wooo hoo I got it sorted. (enough that my buildenv is underway)
Just FYI for others
git://leaf.git.sourceforge.net/gitroot/leaf/bering-uclibc
cd bering-uclibc
git fetch --all
git checkout maint
cd ..
mv bering-uClibc/.git bering-uClibc.git
wget --quiet
https://raw.github.com/git/git/master/co
Hmm I was following the wiki, how do I get the 4.3.x one then?
I just want to compile for the 4.3.1
Cheers
Adam
-Original Message-
From: Andrew [mailto:ni...@seti.kr.ua]
Sent: Wednesday, 10 October 2012 3:43 PM
To: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] ./buildtool.pl bu
I've managed to get a bit further
It seems I needed to add the following
yum install perl-DateTime
yum install perl-Hash-Merge
[leaf@ad-nix ~]$ git clone
git://leaf.git.sourceforge.net/gitroot/leaf/bering-uclibc
Cloning into bering-uclibc...
remote: Counting objects: 15148, done.
remote: Comp
Hi all,
I just installed a fresh Fedora 15 x64 bit.
Following
http://sourceforge.net/apps/mediawiki/leaf/index.php?title=Bering-uClibc_4.x
_-_Developer_Guide_-_Preparing_the_Build_Environment
Installed all pre-requisites via yum.
yum install perl-Config-General perl-TimeDate
yum install c
Hi guys,
Can I get the pmacct package with --enable-mysql on it or whatever is needed
to be able to use the mysql plugin.
I'm using 4.3.1-rc1
Cheers
Adam
--
Don't let slow site performance ruin your business. Deploy Ne
Nevermind RTFM
# syst_size Size of / (root) ramdisk (Default is 40 MB)
# tmp_size Size of /tmp ramdisk (Default is 50% of physical RAM)
# log_size Size of /var/log ramdisk (Default is 3 MB)
I'll take the facepalm now...
Sorry to waste the bytes.
Cheers
Ad
-Original Me
The machine in question has 4GB of RAM in it.
firewall# free
total used free shared buffers
Mem: 415036862756 40876120 1048
-/+ buffers: 61708 4088660
Swap:000
How/
Hi guys,
I'm running 4.3.1-rc1
I did a fresh install booting off a 1GB USB, when I run the f) Find & load
modules for hardware I get the following error.
Selection: f
Extracting modules from modules.tgz... tar: write error: No space left on
device
Done.
Running module loading...Done
Hi Kp,
ntpd does "run" fine, as in /etc/init.d/ntpd start
But it's not "starting" on reboot/power on.
My /etc/default/ntpd
firewall# cat ntpd
# This file controls the activity of ntpd
# ntpd control (yes means start daemon).
NTPDRUN=yes
# ntpd options
# -l activates server mode
# -p peer (can
Hi all,
I added the package bbntpd to my 4.3.1 machine and adjusted the settings as
per
http://sourceforge.net/apps/mediawiki/leaf/index.php?title=Bering-uClibc_4.x
_-_User_Guide_-_Basic_Configuration_-_Setup_a_small_timeserver
But ntpd doesn't seem to start on reboot?
Is there an additional ste
Hi Kp,
For me I'm mainly after the real time alerting and attack countermeasures.
The web interface for reporting not sure much as I know that requires a http
engine and the like on the leaf box.
Thank you for looking into this.
Cheers
Adam
-Original Message-
From: KP Kirchdoerfer [mailt
Hi all,
Is there a chance we could get fwlogwatch as a package for Leaf?
http://fwlogwatch.inside-security.de/
Cheers
Adam
--
How fast is your code?
3 out of 4 devs don\\\'t know how their code performs in production
Hi all,
I have a problem I need a little help with.
Sometime ago (3.x) my setup was working a dream, ulogd + mysql output had
all the logging heading into a mysql db.
I moved to 4.0 and as you all know iptables dumps it's output into the
kernel ring buffer which just fills dmesg with rubbish.
To
Thanks Andrew :)
I know you guys all know you are great with what you do, but you guys REALLY
ARE
I've been running leaf/bering on too many machines to count now, near on 6+
years, still going strong and still my preferred machine for just about
anything. Core and Border routers, failov
Hi all,
How do I change the order of NIC detection? or how can I force the system to
load e1000e BEFORE the igb driver?
Bering-uClibc_4.2_i686_syslinux_vga
Mar 26 14:54:14 firewall kernel: [4.565407] Copyright (c) 2007-2011
Intel Corporation.
Mar 26 14:54:14 firewall kernel: [4.565556] i
Never mind... I answered my own question...
LBA!!
I had the partition type as W95 FAT32 in fact I should have had W95 FAT32
(LBA) all sorted now.
Sorry for the waste or bytes ;)
Cheers
Adam
-Original Message-
From: ads...@genis-x.com [mailto:ads...@genis-x.com]
Sent: Friday, 23 Marc
Hi guys,
I went to setup a "remote" box and have hit a few snags that I need some
guidance on, I "used" to be able to do this but I've either forgotten a step
or something isn't right.
Basically I have a machine that has a CDROM and a single 80GB SATA drive in
it.
I boot the machine from CD (usin
I have one on it's way as well, and was going to have a play with leaf on
it.
Couple of things, the B board does have Ethernet but it's 10/100 due to it
being connected via the USB bus.
The GPIO's are serial not sure on the highest buad rate, but I'm not sure if
it would be quick enough to handle
Not to mention MTBF on sticks is shocking, I have been usb booting and logging
for a while, I haven't been able to have a stick last more then 6-8 months in a
live machine before it just goes belly up. If you do want to use usb make sure
it has ware level support.
Look into using SATA/IDE (ATA)
And this wasn't an issue in the 3.x because?
-Original Message-
From: david M brooke [mailto:l...@davidmbrooke.co.uk]
Sent: Saturday, 27 August 2011 4:31 AM
To: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] Shorewall Logging and dmesg
On 25 Aug 2011, at 14:17, Erich Titl wrot
It's damn annoying.
Tom suggested moving to ulogd but I believe that's broken in 4.x? (no mysql
support).
I mainly want to offload my shorewall logs to mysql, that's my bigger
picture.
Things worked much nicer in 3.x (well they all worked and played nice)
Anyone have any suggestions?
Cheers
Hi guys,
Since moving to 4.x shorewall is dumping all it's output to dmesg as well
as the log files configured via syslog-ng.
How do I stop shorewall from outputting to dmesg?
Firewall# dmesg
[8572449.856591] Shorewall:net2loc:DROP:IN=eth0 OUT=bond0 SRC=61.20.139.104
DST=210.15.229.197 LEN=61 TO
Hi all,
Soo I've scratched my head on this one for a couple of hours and can't seem
to figure out the right combination.
I'm using Bering-uClibc_4 RC1.
I copied the bonding.ko into /lib/modules and following
http://sourceforge.net/apps/mediawiki/leaf/index.php?title=Bering-uClibc_4.x
_-_User_Gui
ave a play with setting up my own source package in
buildtoo etc.. Just awesome..
Thanks again to the bering-uClibc crew.
Cheers
Ad
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AdStar
Sent: Thursday, 11 May 2006 16:31
To: leaf-user@lists.sourceforge.net
Subj
Gidday leaf crew,
Does anyone have compiled uuencode for bering uclibc.
Cheers
Ad
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
Support Request -- http://le
om: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eric Spakman
Sent: Monday, 8 May 2006 17:29
To: Philippe Jayet
Cc: leaf-user@lists.sourceforge.net; AdStar
Subject: Re: [leaf-user] Netflow type output from leaf-bering machine
Hello Philippe, Ad,
> Hi Ad,
>
>
>> What I'm
Hi all,
I've done some search and have found a bunch of information about collecting
netflows from cisco etc etc.
What I'm after is there any application that would have my leaf bering
machine OUTPUT netflow information. So I can collect the flows from my leaf
router in another application. As I h
PROTECTED]
Sent: Thursday, 29 December 2005 10:26
To: AdStar
Cc: leaf-user@lists.sourceforge.net
Subject: Re: [leaf-user] Setting the correct timezone in TZ
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
AdStar wrote:
| Stupid me..
|
| I'm running Bering-uClibc
| Linux firewall 2.4.31 #1 Thu Aug
Stupid me..
I'm running Bering-uClibc
Linux firewall 2.4.31 #1 Thu Aug 18 21:03:20 CEST 2005 i686 unknown
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AdStar
Sent: Thursday, 29 December 2005 10:04
To: leaf-user@lists.sourceforge.net
Subject:
Howdy all,
I've tried to set my timezone via /etc/TZ file but it doesn't seem to work.
I can put this setting in EET-10EDT and the date command ALMOST outputs the
correct time (it's out an hour), so I tried EET-10EDT-11 but the output of
date switches to UTC time.
I dug around the web and came up
Hi all,
I was wondering if one of you guys that know there way round bering-uclibc
could compile a ulogd.lrp that has mysql support.
I know I asked this on the list some time ago, and I've been totally pulling
my hair out trying to do it myself (yes it's been months, I've finally given
up, I j
Hi all,
I posted the below to the ulogd mailing lists sometime ago, but the list
seems to be dead (not alot of activity on it for sometime now).
I was hoping someone here might be able to help me out. I'm running Bering
as my firewall.
All I want to be able to do is log my firewall traffic to a my
Hi there,
Umm I'm not to flash at the whole *nix side of things, so I thought I would
ask.
Has/Can anyone make up the ulogd.lrp package for me but include the mysql
stuff.
Seen as Shorewall etc can output via ulogd I thought it would be nice to
have my firewall info going into mysql for me to the
Hi guys,
I'm trying to setup a VPN (openvpn version 1.5.0) connection from my home
(ADSL, static IP) to my Office (Static IP).
Both networks have a leaf Bering machine as there firewalls, both running
shorewall 1.4.7c. I followed the guide at
http://www.shorewall.net/1.4/OPENVPN.html but I'm not 1
Hi all,
I'm running Bering as my firewall.
I have 2 Intel 100Mb NIC's in the machine (PCI).
My uplink is a 1Gb link via cisco router etc..
I've been running some speed test and can only seem to manage ~500kB/s per
connection downloading from a nearby ftp server.
I can open multiple connections t
Hello peoples,
I'm running Bering with shorewall as my firewall. I run servu ftp as my ftp
server behind the firewall.
I'm currently using the ip_conntrack stuff but I'm not sure if it is
working.
After some searching on the web I have updated my /etc/modules to contain
ip_conntrack_ftp ports=21,
Hi all,
Has anyone got a ulogd.lrp package with the mysql plugin?
I've searched everywhere on the web, and not being to confident with linux
I'm not sure how to compile ulogd as a package for bering.
I'm running Bering 1.2
Linux talon 2.4.20 #1 Sun May 11 18:53:34 CEST 2003 i686 unknown
any help
Hi all,
Has anyone got a ulogd.lrp package with the mysql plugin?
I've searched everywhere on the web, and not being to confident with linux
I'm not sure how to compile ulogd as a package for bering.
I'm running Bering 1.2
Linux talon 2.4.20 #1 Sun May 11 18:53:34 CEST 2003 i686 unknown
any help
Hi Tom,
I've noticed the following entries in my shorwall.log file and of course my
secondary isn't able to contact my primary DNS server to update its zone
files.
Oct 28 19:46:53 pyro Shorewall:FORWARD:REJECT: IN=eth1 OUT=eth1
MAC=00:02:b3:61:64:6e:00:02:b3:5f:c3:5c:08:00 SRC=10.0.100.11 DST=10
Hi Tom,
Does a "shorewall restart" issue a "shorewall stop" then "shorwall start" or
is it something else?
The reason I ask is I wish to save the "accounting" counters to a file BEFORE
the firewall restarts.
I thought I could place the script in the stop file but wasn't sure if it
would be call
Hi Tom,
Does the release of 1.4.7b have this rolled into it, or do I still need to
grab the files from the CVS?
Cheers
Adam
Tom Eastep <[EMAIL PROTECTED]> wrote:
> On Wed, 2003-10-22 at 13:26, AdStar wrote:
> > Hi All,
> >
> > I'm trying to do this in my acc
Hi All,
I'm trying to do this in my accounting rules..
What are the restrictions on chain names etc?
30-80:COUNT - eth0eth1:10.0.100.30 tcp80
30-80:COUNT - eth1:10.0.100.30 eth0tcp- 80
DONE30-80
31-80:COUNT - eth0eth1:10.0.100.31 tcp80
Hi all,
I'm running a bering firewall in my production environment and have a couple
of questions about the accounting side of things with shorewall and firewall
load.
How often are the counters reset, is it only on a shorewall restart (firewall
reboot etc)?
If I wanted to track traffic from a s
192.168.0.0 255.255.255.0 192.168.0.1
any input from the gallery as I'm only guessing here :( I don't have the
smart/info/knowlege for this stuff.
Cheers
Adam
Tom Eastep <[EMAIL PROTECTED]> wrote:
> On Tue, 30 Sep 2003, AdStar wrote:
>
> > wooo hooo it works...
wooo hooo it works...
The sad part is I'm not sure why, cold reboot, and off it all went.
Before I was just doing a shorewall restart...
Anyways BIG thanks to Tom and of course thanks to all on the list.
Cheers
Adam
_
Genis-X Webmail, http://www.genis-x.c
s a clue to determining whether it > > is the
> ping or the reply that is failing to arrive. (Or you can do the > > > same
tests
> with http and snmp, of course.)
Ray when you say NAT traffic from the LAN is masq it above achive the same
thing?
Cheers
Adam
Tom Eastep <[EMA
On Mon, 2003-09-29 at 15:58, AdStar wrote:
> > So would I have to add a route to the Modem so it goes via eth0??
> > If so do you know if this an impact on t my DSL connection?
> >
>
> I would masquerade your local network out of eth0.
>
>
So would I have to add a route to the Modem so it goes via eth0??
If so do you know if this an impact on t my DSL connection?
Tom Eastep <[EMAIL PROTECTED]> wrote:
> On Mon, 2003-09-29 at 13:53, AdStar wrote:
>
> >
> > If anyone could point me in the right direction o
Hi all,
I've searched everywhere on the web and have found nothing to do with this
config (Tom touches on it in his FAQ's but I can't seem to get it to work).
I'm running Bering with shorewall 1.4.2
Here is my setup.
--- --
| ADSL MODEM |---
Hi all,
I've got a couple of quick questions (no brainers for the pro's) that I
need a hand answering, I figured it easier to wait a while to get a list of
questions that hopefully you can all help me out with...
I'm running eiger static with a "bastardised" (if there is such a word)
version of th
Thanks Charles for getting back to me so promptly on this...
I'm actually using your Eiger static (but have it running off a HDD etc,
I'm also running with "some" parts taken from your extended scripts).
Will I be able to setup the same with this or will have to move over to the
Dachstein build?
Hi all,
I have multiple "REAL" IP's aliased to eth0,
202.??.??.10 (default eth0)
202.??.??.11 alias0
202.??.??.12 alias1
202.??.??.13 alias2
etc
Is it possible to map an internal IP so that all it's outbound traffic
looks like it's coming from one of the aliased IP's
I wish to be able to setup
ox
spit the output of the monitoring to syslog or it's own log, but I will be
glad to have it send it over the network to a monitoring machine. (on a
side note can you setup syslog to a remote machine currently??)
Well that's my rant/want's. if anyone can give me some input on this th
56 matches
Mail list logo
