on is very natural,
and I believe the usage of a custom chain for each of theses rules is a bit overkill..
Any thoughts ?
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
Hello,
Attached patch should fix the tftp conntrack patch to
make it apply properly again.
Have a nice day,
Fabrice.
http://fabnetwork.ifrance.com/fabnetwork/
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for admin
x/netfilter_ipv4/ip_conntrack_pptp.h
linux-2.4.18-pptp3.01//include/linux/netfilter_ipv4/ip_conntrack_pptp.h
--- linux-2.4.18-newnat/include/linux/netfilter_ipv4/ip_conntrack_pptp.h Thu
Jan 1 01:00:00 1970
+++ linux-2.4.18-pptp3.01//include/linux/netfilter_ipv4/ip_conntrack_pptp.h
t when designing the
framework for 2.5, since it's got to be rewritten to support
netlink.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
ds, GG.
Opps, looks like I forgot to update the extensions HOWTO .. :(
Will fix that, and the hacking HOWTO as well.
Thanks.
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
forgetting about something, some simple
> solution.
> Regards,
> Maciej Soltysiak
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
probably move it there.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
s/libipt_mark.c
ld -shared -o extensions/libipt_mark.so extensions/libipt_mark_sh.o
...
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
On Wednesday 22 May 2002 14:47, Ben Reser wrote:
> On Wed, May 22, 2002 at 03:36:51PM +0800, Fabrice MARIE wrote:
> > Well, say your firewall is 202.58.4.3,
> > your webservers are 202.58.4.7-20 and all traffic from outside to your
> > webservers is filtered by your firewall.
ll do it
by hand with the old patch, but you'll need many rules,
one for each webserver in our case. And sure enough, if you fake to
an ip address not allocated to you by your ISP and
your ISP have an egress filter, then it will be dropped...
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R
ing the dest of the original packet as the fake
source IP), as per explained in this thread :
http://lists.samba.org/pipermail/netfilter/2002-February/020237.html
I've reformated the patch so it will apply on the latest CVS tree.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Enginee
?
Shouldn't it be casted to 'ipt_entry_target *' instead ?
Sorry if didn't understand, but I'm just curious.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
ish)
http://www.netfilter.org/documentation/HOWTO/cn/NAT-HOWTO.html (or Chinese)
http://www.netfilter.org/documentation/HOWTO/netfilter-hacking-HOWTO.html (English)
Happy coding.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly h
in broken/ directory because it use to have problems
to apply due to a bug I introduced in the runme script of patch-o-matic,
but now, it works already, and should probably be moved to the extra/ directory.
Happy hacking,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://w
he trivial
nfmark patches in pom for an exampla). This way, compatibility is
kept at all times. There is already a trivial reject with fake source
patch in pom that modify ipt_reject.c and libipt_reject.c, you might
want to have a look at it.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&a
1, at instalation time).
The kernel patch have been made on a
2.4.19-pre5-jp9, it _should_ (I didn't test on other kernels..)
work on other kernels, I doubt iptable_filter.c
changed since a while..
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://ww
Hello,
Now it's the turn to the mark match
to be able to match nfmarks bitwise,
as indicated by the TODO. You will
find attached the patch to the
current CVS tree. Hope that helps.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.cel
removes all the IP
options (bu zeroing them all out). Instead of zeroing all the
options, you can most probably just fill in the options you want.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
Hello,
Any news to what is going to happen with the testsuite ? Just curious.
Last time I tryied to compile it, it wouldn't even compile
anymore..
Any plan to have a testsuite for iptables2/linux-2.5.x ?
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Netw
e patches have changed slightely to include
the warnings you advised.
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
diff -uNr cvs/nefilter/userspace/patch-o-matic/r
Hello,
On Monday 25 February 2002 16:47, Harald Welte wrote:
> On Fri, Feb 22, 2002 at 11:15:32PM +0800, Fabrice MARIE wrote:
> > You will find attached a patch to runme that allows
> > patches to userspace/ directory. It's especially useful
> > to keep compatib
nt to apply it will still have the old libipt_MARK.c
and libipt_REJECT.c
Meanwhile, people who want it can have it...
Hope that helps,
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
Hello
On Wednesday 20 February 2002 18:30, Harald Welte wrote:
> On Wed, Feb 20, 2002 at 01:02:55PM +0800, Fabrice MARIE wrote:
> > [..]
> > This should work fine now, please apply.
> I hope do_gettimeofday also works with old kernels,
It should work, the declaration is
mp but kernel time instead */
+ if (info->kerneltime)
+ {
-+ get_fast_time(&kerneltimeval);
++ do_gettimeofday(&kerneltimeval);
+ packet_local_time = kerneltimeval.tv_sec;
+ }
+ else
--
Fabrice MARIE
Senior R&
as possible, so I can do something
else while it patches :)
> The changes are somewhat overlapping in diff format, and is why I
> haven't posted them yet.
> Up til some day ago I was using the -y patch, and listed each
> individual patch I wanted to apply.
Thanks again,
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
nice to clarify/backup ...
Have a nice day,
Fabrice.
--
Fabrice MARIE
Senior R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown
26 matches
Mail list logo
