On Wed, Feb 16, 2005 at 04:27:33AM -0700, jared r r spiegel wrote:
> On Wed, Feb 16, 2005 at 08:41:57AM +0100, Nicolas wrote:
> >
> > [FTP CLIENT]--[DEBIAN]--[OBSD BASTION]-WAN[FTP SERVER]
> >
> > The Debian machine does ftp masquerading, but I don't see anything
> > anormal on that machi
On Wed, Feb 16, 2005 at 04:27:33AM -0700, jared r r spiegel wrote:
> On Wed, Feb 16, 2005 at 08:41:57AM +0100, Nicolas wrote:
> >
> > [FTP CLIENT]--[DEBIAN]--[OBSD BASTION]-WAN[FTP SERVER]
> >
> > The Debian machine does ftp masquerading, but I don't see anything
> > anormal on that machi
Bob wrote:
In my ruleset, I've only defined a table for a huge list of IP addresses
belonging to adservers. I've no doubt that a table will perform better
than a list in this case.
But when does a table begin to outperform a list? I imagine a list is
quicker when the list contains two or three
* Bob <[EMAIL PROTECTED]> [2005-02-16 18:40]:
> In my ruleset, I've only defined a table for a huge list of IP addresses
> belonging to adservers. I've no doubt that a table will perform better
> than a list in this case.
>
> But when does a table begin to outperform a list? I imagine a list is
> In my ruleset, I've only defined a table for a huge list of IP addresses
> belonging to adservers. I've no doubt that a table will perform better
> than a list in this case.
> But when does a table begin to outperform a list? I imagine a list is
> quicker when the list contains two or three it
jared r r spiegel wrote:
> i myself am still learning about HFSC, and experimenting, however
> if you search pf list archives for 'jared hfsc', you can see a lot
> of posts by me or in re: to me about HFSC.
>
> of note:
>
> http://marc.theaimsgroup.com/?l=openbsd-pf&m=105691519510241&w=2
In my ruleset, I've only defined a table for a huge list of IP addresses
belonging to adservers. I've no doubt that a table will perform better
than a list in this case.
But when does a table begin to outperform a list? I imagine a list is
quicker when the list contains two or three items, but
On Wed, Feb 16, 2005 at 08:47:37AM +0100, Nicolas wrote:
>
> You're right, everything is blocked by default on the bastion, not just
> inbound but also outbound! What ports, hosts and direction should I
> allow, in your opinion?
welp, i still don't have the answer about why ftp-proxy tried to m
On Wed, Feb 16, 2005 at 08:41:57AM +0100, Nicolas wrote:
>
> [FTP CLIENT]--[DEBIAN]--[OBSD BASTION]-WAN[FTP SERVER]
>
> The Debian machine does ftp masquerading, but I don't see anything
> anormal on that machine.
>
> The error message on the bastion, in /var/log/daemon, is:
> ftp-proxy[
Thanks a lot, Bob!
I'll try and use this hfsc scheduler, then I'll post the results.
Best regards,
Alexandre Ilha
Network Administration
TeleHUMANA Communications
http://www.telehumana.com.br
Bob wrote:
Alexandre Ilha wrote:
Hello, everybody.
We've been trying to get "borrow" to work for us, but
> On Fri, Feb 11, 2005 at 15:39 +, Bob wrote:
> > Preferably that apply directly to PF which uses three SC types, not two.
meaning also using an on the upperlimit directive?
i'm still just using upperlimit as a hard number, and not using a
curve for that.
On Wed, Feb 16, 2005 at 01
11 matches
Mail list logo
