Ahoy,
those patches are meant to be applied to vanilla (clean, umpatched) kernels.
Are you sure your kernel is from www.kernel.org without anything applied before? (and
better not even afterwoods, since then it's defiatly those patches breaking the stuff.
The collected patch is just the CVS patche
Pressed R instead of L :(
Replying to Joakim Axelsson:
> Are you doing any NAT? Some of the state in -m conntrack are now some other
> state.
Yes, I'm DNATing, but according to conntrack sources, as far as I can see,
new states (SNAT, DNAT) are |= (bitwise ored) to statebits and if I leave
other
Hi,
I have released my latest transparent proxy patches, now with most functions
in place. It's available at
http://www.balabit.hu/en/downloads/tproxy (the link at the bottom)
I've also uploaded some sample programs, which perform the following:
* listen on a foreign address
* connect using a f
Hi,
After my first experience with traffic shapping using Martin's htb [1]
shapper with packets marked by an iptables match we got thinking about a
new match based on connection duration/traffic. This would allow a match
something like:
iptables -t mangle -A POSTROUTING -p tcp --conn-traffic 0:5
On Thu, Apr 18, 2002 at 11:00:37AM +0100, alex wrote:
> 1. Can the byte counting code be hacked ontop of the core conntrack code
> or should it done by an additonal module?
The problem with this is sooner or later this field would wrap and your
match would work right.
But the only reasonable dat
On Thu, Apr 18, 2002 at 04:41:08AM -0700, Ben Reser wrote:
> The problem with this is sooner or later this field would wrap and your
> match would work right.
I meant wouldn't. This is what happens when I write emails at 4 am.
--
Ben Reser <[EMAIL PROTECTED]>
http://ben.reser.org
What differe
Hi
I am finding that if I put a -j QUEUE target in the middle of a set of rules the
rest of the rule do NOt get hit.
Does -j QUEUE ether accepts or drops the packet there?
How do you have a packet continue with the rest of ther rules after the QUEUE
target?
Shaun
Not being a core Netfilter developer, but this is my opinions:
alex wrote:
> 1. Can the byte counting code be hacked ontop of the core conntrack code
> or should it done by an additonal module?
If you think these byte counters is something that may interest other
users then having it in the cor
On Thu, Apr 18, 2002 at 08:22:57AM +0200, Patrick Schaaf wrote:
> Hi Joakim & all,
>
> > We (me and Martin) has discussed a table, "border", that is the absolutly
> > first thing that is being travered after leaving the netcard driver.
>
> I like the idea (a lot!), as well as the placement, but
RECRUITLogics would like to take this opportunity to help you complete your hiring
campaign free of charge, and connect with thousands of recruiters and staffing
professionals across North America.
We are now offering you the opportunity to post your available positions in our
database free of
Title: [PATCH] Trivial PPTP conntrack typo fix (was: RE: ip_nat_pptp)
Hi Harald,
... a typo in the Makefile patch prevented the ip_conntrack_pptp
module from compiling, see Robert's mail to the Netfilter list.
Regards,
Filip
diff -urN netfilter-orig/userspace/patch-o-matic/extra/pptp-conn
Hi All,
Today we create a connection tracking entry for every
new packet that we see, whether valid, invalid or
even for one that will be dropped in future by filter.
Is there an advantage in this design approach?
Does it make sense not to create these entries so that
an intruder is not able to
Ankit Jain wrote:
> Today we create a connection tracking entry for every
> new packet that we see, whether valid, invalid or
> even for one that will be dropped in future by filter.
>
> Is there an advantage in this design approach?
Simplicity and cleanness.
> Does it make sense not to create
On Fri, Apr 19, 2002 at 04:28:13AM +0200, Sneppe Filip wrote:
> Hi Harald,
>
> ... a typo in the Makefile patch prevented the ip_conntrack_pptp
> module from compiling, see Robert's mail to the Netfilter list.
thanks, patch applied
> Regards,
> Filip
--
Live long and prosper
- Harald Welte /
14 matches
Mail list logo