Tibbs, Richard wrote:
Then back up etc package, right?
Rick.
Or make it part of another package. This might be better
cheers
Erich
---
SF.Net email is sponsored by: Tell us your software development plans!
Take this survey and enter to win a
Hi everybody
I have a little issue with MSS clamping on a DSL connected Bering
System, maybe someone can enlighten me.
Shorewall release is 1.4.8 and yes, I have set CLAMPMSS to Yes
I see outgoing ftp connections to a remote site fail during a store
operation, the remote site sets MSS to 1460,
Pascal OFFREDO wrote:
OpenVpn 2.0 final has been released
Has anyone built a leaf package with this release ?
Yes, for Bering 1.x
regards
Erich
---
SF email is sponsored by - The IT Product Guide
Read honest candid reviews on hundreds of IT
Ted
[EMAIL PROTECTED] wrote:
...BTW, my leaf system is based on Bering 1.0, but runs with a 2.4.27 kernel. The leaf system runs on
an old pentium, with plenty of memory ( 100 MB, I think), and 2 floppy disks.
Finally, (and I don't know if this means anyting), when I was using the snort18.lrp
cpu memhd wrote:
Using buildtool to build openswan for bering-uclibc 2.3 beta (kernel
2.4.29). Copy ipsec.lrp to LEAF box... everything seems normal except
ipsec does not load ipsec_aes.o like it used to before.
IIRC this was never loaded by the original (FreeSWan) code. It is pretty
trivial
rule del iif lo table from.fw priority 500
finally this goes to /usr/local/bin/check_connection
#!/bin/sh
#
# Copyleft 2005 Erich Titl ([EMAIL PROTECTED])
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU General Public License as published
Bob
Robert K Coffman Jr - Info From Data Corporation wrote:
I've got an application where I'd like to use a rack mounted PC for a Bering
uClibc firewall. Doesn't need to be fancy, I only need two NICS although a
third would be nice (or a PCI slot.)
I'd also like to get it shipped ASAP.
Don't
Joe
Joe Nelson wrote:
I'm trying to implement some pretty basic TC stuff. I've got the lrp
loaded but I don't really know how to use TC very well. There's so
many options, types of queues, etc, etc that frankly I'm a little lost
right now. All I need to do is limit a few IPs to a certain speed.
Andrea
Andrea Galmacci - awd wrote:
Not really Erich - where I can find it? The LEAF site has become almost
unusable and most of the links are dead...
Try to search the leaf-devel archives for webconf. Nathan Angelacos
wrote and published it. I have it on my revamped Bering...
My I ask a
Hi folks
I am currently implementing madwifi with wireless extensions 16 on
Bering. Could anyone please point me to information about
/etc/network/if-pre-up.d/wireless, especially how the parameters are
passed to it.
Thanks
Erich
---
SF
Hi
I am running a number of sites using fwbuilder 2.05 on Bering 1.2. There
should be no relevant changes to uClibc though, as the interface is the
iptables command.
Not expecting any existing stuff I just wrote my own fwb.lrp which
basically just starts /etc/firewall/firewall.fw generated by
Troy
Troy Aden wrote:
I am looking over a procedure for graphing specific ports with MRTG using
shorewall accounting to track port usage. The problem is that it seems the
procedure that I found is meant for someone who is running shorewall on a
full blown Linux box not a Bering L.E.A.F box. I am
Troy
Troy Aden wrote:
Thanks for the response. So that is great to hear that it is doable. Does
anyone have a way to actually do it? I need a practical example that I can
use. Sorry but I have absolutely no Perl hacking skills whatsoever. Has
anyone done this?
I have not done it, just had a
Tibbs, Richard wrote:
Dear list.
I have X.509 certificates and private keys generated by openssl.
I am currently using these to support an openvpn tunnel between two
Bering 1.2 firewalls home and office. viz:
tls-server
dh dh1024.pem
ca itec-ca.crt
cert office.crt
key office.key
I would like to
Rick
this is the xSWan syntax, it has nothing to do with tun/tap
Erich
Tibbs, Richard wrote:
Dear list.
I have a ipsec road warrior config that allows my laptop so successfully
connect to internal machines through a Bering 1.2 firwall with FreeSwan
1.99. I also have an openvpn tunnel connected to
Hi folks
I have a situation where the user wants to transfer a large amount of
data across a NATed connection. On the uplink side I see bursty
behaviour, e.g. groups of average 6 packets ftp data before I see the
ack's going up, whereas on the local side the acks are more
dispersed.
Rick
Tibbs, Richard wrote:
I would interested in an openvpn2.x lrp for libc...
Preferably with ip route and lzo compiled in.
You can try here
http://leaf.think.ch/styx/pre/bin/openvpn-2.0_rc6/
It is not packaged, early pre whatever
Just copy it to your existing openvpn location, possibly
Kevin
Kevin Kloet wrote:
Greetings,
I'm on a Bering uClibc 1.2 setup and I'm looking to find out what the
command is to release and renew an IP on this router. My net
connection is PPPoE.
It does not appear that the dhclient command is available on this
system and I have not been able to find an
Hans Ulrich Niedermann wrote:
Erich Titl [EMAIL PROTECTED] writes:
Jon Aubrey de Lavenu wrote:
I am currently using Bering v1.2 with a 2.4.20 kernel ad I am having
problems loading a ax25.o module and I cant find an mkiss.o module
for this kernell.
I was just wondering if anyone had
Jon
Jon Aubrey de Lavenu wrote:
Hi all
I am currently using Bering v1.2 with a 2.4.20 kernel ad I am having
problems loading a ax25.o module and I cant find an mkiss.o module for
this kernell.
I was just wondering if anyone had successfully un ax25 on leaf?
The standard Bering config does not
Bob
Bob von Knobloch wrote:
Dear List,
There was a recent posting from Erich Titl regarding a patched kernel
for WRAP applications, that then allowed a reboot (hopefully remote).
Can anyone point me to the information (Erich ??). I have tried the
archives, but am probably searching
Brock
Brock Nanson wrote:
Hi Erich,
Well, there isn't much I can tell you. The box in question resides 8
hours away. It worked for approximately 6 months, then I got the call
from that office to tell me it wouldn't boot. They sent the CF back
to me and I poked around it a little. Not much
Brock
Brock Nanson wrote:
I've got several boxes running several versions of Bering and Bering
uClibc, all on Compact Flash cards. They've all been reliable, except
for one box. Twice in the last six months, the box has failed to
boot. The CF is recognized in the BIOS, but no boot
Eric
I have a 8Mb or a 32 MB image which you can use to start from. I never
used PXE, but I believe it takes a non standard BIOS.
cheers
Erich
[EMAIL PROTECTED] wrote:
I was wondering if anyone has created a img I could load onto my
WRAP? I don't have any linux boxes with CF cards readily
rawdata wrote:
On Wed, 22 Dec 2004, Erich Titl wrote:
Yep, the problem is, bin/bash is also in initrd.list, why I would not
know. I will check with Charles which did som modification in this
area early this year
cheers
Erich
Cheers to you, Erich. I commented out bin.bash in initrd.list
Max
rawdata wrote:
Basically just lrpkg -i :-)
And lncurses.lrp. And lrdline2.lrp.
You will have to relink /bin/sh with /bin/ash to make all Bering
scripts happy. Dig in the archives, there is a message explaining the
details.
Did you try the bash package in the glibc 2.0 directory?
Thanks
rawdata wrote:
I found the bash.lrp package from Charles Steinkuehler's Bering-CD
site and would like to use it with my pre-existing Bering 1.2 setup.
What exactly is involved (obviously more than lrpkg -i etc...), and
what other modifications do I have to make for it (I've read that it
Mike
Mike Noyes wrote:
On Sun, 2004-12-19 at 08:22, William Brinkman wrote:
I was thinking of putting a wireless bering system
together and noticed that the Package Repository for
glibc-2.0 has packages A-S but T-Z are missing. I
looked with both the IE and Foxfire browsers.
As far as I can
Tibbs, Richard wrote:
I am not sure the laptop needs a route to 192.168.10.0.
In fact, although the tunnel between homefw and officefw is working --
I can ping either end of the tunnel IPs (10.1.10.1,2) from the other --
I can't get access to the individual subnets.
Although there is no route to
Hi
Victor McAllister wrote:
I am in need of a simple static web server running on a fanless
compact flash box. I have used LEAF for so long that it jis easier to
run the box on LEAF than to figure out how to get a minimal system
from a redhat. (It will not run on the same box as the
Martin Hejl wrote:
Hi Richard,
Tibbs, Richard wrote:
I sent the following item to the openvpn user's list and the reply
advised it was possible by running two instances of openvpn with
separate config files.
One option would be to include an extra config file somewhere and
manually start it on
Rick
Tibbs, Richard wrote:
Erich,
The float directive in the bering openvpn.conf allows the WinXP
wireless nic to get a variable IP. Since I am rebooting quite often,
and LEAFs have no memory of the ip to mac address, so it would come up
192.168.1.3 or .4.
OK, but still you are tunnelling
Rick
Tibbs, Richard wrote:
the pt-to-pt tunnel needed to know how to get to the other.
Not the endpoints, your local end point is a device which is linked to
an address and knows the other end of the tunnel. The local and remote
directives apparently take care of the routing issues.
Hi
cpu memhd wrote:
I asked this question before but received no replies, I will ask again,
if anyone knows
Is it possible to create environment variables in linux/unix like you
would in DOS using CONFIG.SYS or AUTOEXEC.BAT? That is, a variable that
is accessible to any subsequent running program?
Rick
Tibbs, Richard wrote:
Dear list.
Although I have a p2p tunnel up between linux, and WinXP started, there
are some strange things happening. I have segments of configs and log
files for each system. It looks like this:
WINXP ---WLANBering 2.4.20 firewall+openvpn DSLmodem ---
Rick
Tibbs, Richard wrote:
According to openvpn site/list opevpn 2.11beta or beyond will fix the XP
SP2 problems. I somewhat amazed that I see the packets from the fw to
the winxp box being REJECTed by shorewall, despite the configs as
follows:
shorewall log:
firewall Shorewall:all2all:REJECT: IN=
Rick
Tibbs, Richard wrote:
Hello, list.
I am trying to locate an lzo.lrp for bering 1.2 (non-uclibc).
Is there one?
I am loading a libz.lrp for IPsec, but I am trying out openvpn.
TIA
Rick.
I assume you want to use that for openvpn. The binary I sent you does
not include lzo compression for
Rick
Tibbs, Richard wrote:
Yep. James Yonan has some comments about IPSec complexity in his 2004
presentation to linuxfest northwest (openvpn.sourceforge.net)
I will give Openvpn a try first with PSK, then try to move on to
certificates. It looks like the openvpn howto tells you to use the
Scott A. Young wrote:
Erich, thanks for the info.
So then I *_do_* need to generate certificates even if I'm just using
pre-shared keys?
IFAIK _no_, just make sure you do not have an empty file where a cert
would be searched for. The code I looked at would do that weird thing
with a file
Scott
Scott A. Young wrote:
Hi All, I'm also back on the subnet-to-subnet ipsec setup. Even with all the
info on the list and archives, I'm at a loss.
Both ends of connection are bering-uclibc v2.2.1 boxes w/ipsec. According to
the bering userguide chapter 15, you don't need certificates if your
Troy
Troy Aden wrote:
Hello again.
I have fought with this for a week now and I must be missing something.
First of all, if I use a conn statement that has %defaultroute for right=,
I get an error that the statement does not exist. However, if I use a
right=(IP) and rightnexthop=(gateway), the
Phuoc
[EMAIL PROTECTED] wrote:
Dear Bering friends,
is there a kernel with parallel port modul for Bering 1.2?
IIRC the parport drivers are compiled as modules, download the modules
tarball and look for yourself.
Or how I can compile a new kernel form my self?
There is documentation at
Roger E McClurg wrote:
Hi List,
I have been running Bering 1.2 from CF using GRUB as a boot loader for a
while now. I decided to try Bering uClibc 2.2 on the same system. I tried
to use the same GRUB configuration for uClibc as I did for 1.2, but that
did not work. Bering never loaded the RAM
Phuoc
[EMAIL PROTECTED] wrote:
Thank you Erich, I will read the documentation.
I've download the parport.o and parport_pc.o.
I already declear it in the /etc/modules file.
#parallel port
parport.o
parport_pc.o
now I still not success to make a node /dev/parport0
can you help me?
Maybe
Troy
It is a bit confusing for me, as I am always using left for the local system,
right for the remote.
Assumptions
S'Toon
external IP address 135.115.157.162
internal networks 192.168.161.0/24 192.168.162.0/24 192.168.163.0/24
Victoria
external IP address 24.35.38.129
internal network
Looking at my mail there are a few typos. Long live cut and paste :-(
Erich Titl wrote:
Troy
It is a bit confusing for me, as I am always using left for the local system,
right for the remote.
Assumptions
S'Toon
external IP address 135.115.157.162
internal networks 192.168.161.0/24
Mailing Lists wrote:
Yesterday I started with a vanilla bering-uclibc-2.2.2 boot floppy
disk, insmod-ed ide drivers end then try to mount a NEW and UNTOUCHED
BiWin CF.
Same results.
Is there something else I can try??
Try a different CF brand and in case it works return the BiWin CF's.
Try a
Hi
cpu memhd wrote:
Bering uClibc 2.2 - I got SSH working a few weeks ago. Now for some
reason it takes 40 seconds to display a console screen after I login. I
have read that this is likely a reverse DNS problem. But why should it
matter if I'm using private, 10.x.x.x IPs? Also, I don't recall
Troy
Troy Aden wrote:
Hello all, This may seem a silly question but I have not been able to find
any info in any how-to or docs and I am hoping someone here can help me out.
http://www.freeswan.org/freeswan_trees/freeswan-1.98b/doc/manpage.d/ipsec.conf.5.html
The question is : How do I setup
Gianni
Mailing Lists wrote:
Hi folks, does anyone know how to circumvent this problem when I try
to mount (an umount) my Leaf bering uclibc-2.2.2 CompactFlash
hda: task_no_data_intr: status=0x51 { DriveReady SeekComplete Error }
hda: task_no_data_intr: error=0x04 { DriveStatusError }
hda: Write
Rick
At 21:14 10.11.2004 -0500, you wrote:
No, didn't set CLAMPMSS. The chief symptom so far has been a bad route.
I think it was an error like
Ioctlsroute or some such code.
What is the MSS that you would recommend for Ipsec? The SA is getting
established OK so far (so UDP is not the
Al
At 00:10 11.11.2004 -0500, ALParada wrote:
I did backup root but never considered the memory issue. I'm using a 128 MB
stick and allocating 10 MB to the system with 3 MB for the logs. I can't say
I looked at the space thinking there must be plenty.
I found one of the most frequent glitches I
KP
At 08:46 09.11.2004 +0100, K.-P. Kirchdörfer wrote:
Am Dienstag, 9. November 2004 07:03 schrieb bino:
Erich Titl writes:
Hi Folks
anyone still sticking with Bering glibc, but interested in Nathan
Angelacos' webconf package. I have ported mhttpd and webconf to
Bering glibc.Anyone
HI
At 17:52 09.11.2004 +0100, [EMAIL PROTECTED] wrote:
Hello,
is it possible to install a gcc compiler on a Bering 1.2 system?
It might, but you will certainly be lacking header files. Better use UML or
a chrooted environment.on a developments system.
cheers
Erich
THINK
Püntenstrasse 39
8143
Nathan
At 08:31 28.10.2004 -0400, Nathan Angelacos wrote:
A web-based configuration package for Bering-uClibc is available at:
http://cvs.sourceforge.net/viewcvs.py/leaf/devel/nangel/webconf/lrp/webconf.lrp
This package provides the monitoring functions of weblet and adds web-based
tools to
Nathan
I succeeded to compile haserl for Bering glibc, now it seems there is a
problem with page rendering.
I just get the unrendered text on the output, is this a mime type problem?
I get well rendered output when I use the sh-httpd pages with mini-httpd.
Thanks
Erich
THINK
Püntenstrasse 39
Hi Folks
anyone still sticking with Bering glibc, but interested in Nathan
Angelacos' webconf package. I have ported mhttpd and webconf to Bering
glibc.Anyone interested in a test
http://leaf.think.ch/styx/1.2/packages/
cheers
Erich
THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
Thorsten
At 22:21 01.11.2004 -0800, Thorsten von Eicken wrote:
I'd like to have multiple systems on my WRAP board running Bering uClibc and I must
be overlooking the obvious. I have a large CF (256MB) and would like to have 2
complete system images so I can experiment with one and keep the
Victo
At 23:55 29.10.2004 -0700, Victor McAllister wrote:
Eric House wrote:
Victor,
I saw your post on the LEAF list on getting going with a WRAP board.
I have a Soekris (4501) and need another, and can't decide whether to
go with what I'm familiar with or to use the excuse to try something
new.
Victor
At 09:30 30.10.2004 -0700, Victor McAllister wrote:
According to Erich Titl's instructions on LEAF.
Quote:
The Bering kernel has the softdog driver compiled statically into the
kernel. It must be made a module in order to use the wd1100 driver.
uClibc seems to use both softdog and wd1100
Ronny
At 23:14 08.10.2004 +0200, Ronny Aasen wrote:
using bering and bering-uclibc, for routers not firewalls
i keep running into the arp table limit and the ip_conntrack limit.
the arp limit is noticed by the message 'neighbour table overflow' in
dmsg, and fixed by
echo 16
Ronny
bad code fragment in my first message due to cut and paste :-(
arp_table_adjust()
{
. /etc/network/options
echo adjusting arp table values...
echo adjusting the arp entry stale time...
[ X$gc_stale_time != X ] for i in `find /proc/sys/net/ipv4/neigh/ -name
Andrew
http://leaf.think.ch/ADM/
At 16:24 27.10.2004 -0500, Andrew Nance wrote:
Hi group,
I was thinking about getting away from booting and saving all info on the
floppy on my Bering-uClibc 2.2 box
I would like to have write protection like on the floppy, where it can be
turned on and off.
A CD
At 15:34 25.10.2004 -0700, you wrote:
...
Now if LEAF/Bering just had an easy way to upgrade packages
Mhhh... actually there was a suggestion (and contribution) long time ago by Alex
Rhomberg IIRC.
Erich
THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint:
At 13:32 18.10.2004 +0200, you wrote:
I think you have right!!
After some minutes(!) and a lot of failing handshakes,
M why does it fail?
connection was
established!
The problems is now performance. I need a crypto tunnel with a speed higher
than 14.400 Mbits/s end not 5-6 Mbits/s
At 17:07 18.10.2004 +0200, you wrote:
The only thing I can tell you is that openvpn uses openssl libraries
According to the openvpn docs the default cipher is blowfish which, according to its
author, Bruce Schneier, does 8MB/s on a Pentium 150. The routing capabilities of both
machines in
Hi folks
Some time ago there was a thread about multi port. Well I set up such a beast
yesterday with Bering 1.2, a NexGate NSA 1125. Here is the link to the HW.
http://www.nexcom.com/0330/NexWeb/WebEN/ObjView.aspx?ObjID=Prod*1241
cheers
Erich
THINK
Püntenstrasse 39
8143 Stallikon
Gianni
At 15:33 14.10.2004 +0200, Mailing Lists wrote:
Hi, I'm trying to build an openvpn tunnel with TLS encryption on my
pcengines WRAP.1D
I follow instructions found on examples on openvpn site.
Now, example 1 (tunnel without encryption) works, example 2 (tunnel with
static key encryption)
Ray
At 09:35 11.10.2004 +0930, Ray Dekens wrote:
In Bering 2.1rc1 I had
.
.
.
auto eth1
iface eth1 inet static
address 192.168.0.253
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
up ip route delete default
up ip route add default via 192.168.0.1
this
Ray
please show the result of your ip route commands when executed manually at
the console along with the output of ip route show.
Comment inline
At 17:58 11.10.2004 +0930, you wrote:
Ok - heres the complete - tried suggested change - still didn't work !
If you're wondering - interface is
At 16:40 11.10.2004 -0400, you wrote:
Hello, list:
I tried an experiment and added the routefilter option on eth0 to the
internet. Before I did that, with spoofprotect = yes in
/etc/network/options, I executed iptables -L.
Then, put the routefilter option on eth0 in shorewall, rebooted, and ran
Dale
can you install tcpdump on those Bering boxes and monitor the traffic on
their interfaces. You might see what happens when you try to connect.
Erich
THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16
Hi
As a first step you might set it in the /etc/network/interfaces file when
the interface with the highest number (ethxx) comes up
Erich
At 23:40 08.10.2004 +0200, Eric Spakman wrote:
Hello Ronny,
Currently there is no standard way to set those values in either
Bering or Bering-uClibc. One
Hi everybody
I ran into a problem today with a site which wanted to upload some html data using
frontpage. I saw the ftp STOR request qoing out from the firewall but no data. The log
showed icmp type 3 packets blocked at the inside interface specifying a mtu size of
1492, typical for ADSL.
Tom
At 09:16 07.10.2004 -0700, you wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Erich Titl wrote:
Hi everybody
I ran into a problem today with a site which wanted to upload some
html data using frontpage. I saw the ftp STOR request qoing out from the
firewall but no data. The log showed
At 00:48 07.10.2004 +1300, you wrote:
The problem I had was ezipupdate would use the dyndns detect my ip
service only if you specified a ip of 0.0.0.0 and no interface.
The problem with that was to run ezipupdate as a daemon it needs an
interface specified.
Worked great at commond line
Bruce
At 09:55 05.10.2004 +1300, Bruce McNamara wrote:
A while back I posted problems I was having using ezipupdate on Bering
uClib V2.2 behind a adsl router and having hassles getting the correct
external IP address.
In the end I abandoned ezipupdate (nothing wrong with it I just couldn't
get
Bruce
At 23:08 05.10.2004 +1300, Bruce McNamara wrote:
I use dyndns as my provider.
That's probably it, I am using zoneedit and hardly ever had a problem. Either dyndns
changed it's request format ort they are plain and simply broken. They alway return a
code 2xx which means success, even with
Bob
At 10:15 05.10.2004 -0400, Robert K Coffman Jr - Info From Data Corporation
wrote:
I'm using dyndns.org and ezipupdate on Bering 1.2 on several boxes - no
problems so far.
I was puzzled myself, it might be different for the various zones dyndns
services.
I was using gotdns.org, no success...
Hi
At 10:47 04.10.2004 +0200, you wrote:
Hallo,
I've running Bering 1.2 in a 64 MB CompactFlash.
I've mounted my CF as /dev/hda1 nowdays I've got
from time to time unused cluster in my CF.
my questions are:
1) why I got this problem?
2) how can I solve this problem?
sounds like a corrupted
Cal
At 14:35 01.10.2004 -0400, you wrote:
Has anyone had problems rendering the LEAF status pages in Mozilla?
All I get in the Mozilla 1.4.2 browser window is the plain-text source
of the main page. However, if I bring it up in MSIE it works fine.
Runs fine with Mozilla 1.6b
cheers
Erich
THINK
At 12:14 30.09.2004 -0400, Glenn A. Thompson wrote:
*Anyway* the above link lists the price at ~ $14, which is *way* cheaper
than memorystick+adaptor.
Only problem (for me anyway) is that the TS32MDOM40V won't fit in a Soekris
4501, which I think is going to be my next standard platform.
Just for
Jon
At 07:30 30.09.2004 +0200, Jon Clausen wrote:
Hi
I've recently set up a couple of Bering boxes using CF as boot media. It
works, boot is fast etc... but... I'm not particularly fond of the fact that
there's no HW write-protect option for CF.
I suggested a kind of write protection for IDE
Hi everybody
I know there has been a thread on this issue, I am losing the default oute regularly
on a link with dhcp and ipsec. Typically the default route is taken over by the ipsec
interface when this occurs. The proposed solution was always `check the link`. Has
anyone made progress in
Bob
At 08:10 29.09.2004 -0400, you wrote:
Erich,
I'd be interested in the versions you are running. I'm on Bering 1.2 and I
have a single IPSEC tunnel and am using DHCP for my external interface
(cable modem.) I've never seen this happen.
Same thing here, I found the situation become a lot
Hi Sergio
At 18:50 28.09.2004 -0300, Sergio D. Morilla wrote:
take for instance when there's a connectivity problem on my ISP's
end - should bering automatically restore the connection when it
becomes possible to do so (ie. the ISP sorted the problem)? i
don't know how to do something like
Rick
At 08:26 29.09.2004 -0400, Tibbs, Richard wrote:
We have noticed the same thing here when testing IPsec with Bering 1.2 across the
campus net.
The same configuration that works one switch away from the firewall won't work a
subnet + a router away, and the logs show some message like no
Hi
At 08:18 29.09.2004 -0400, M Lu wrote:
Hi Jaap, thank you for the information.
I have started to load tc.lrp, bash.lrp (as the wonder-script is a bash
script) and load all modules specified in the qos-htb howto. I also modified
slightly the script, commenting 4 lines
#echo Please read the
Rick
At 10:03 29.09.2004 -0400, Tibbs, Richard wrote:
Hmm. Our setup is like this:
CampusNet Bering 1.2 Internal net 192.168.10.0/24
Eth0eth1
Static DHCP to internal hosts
We are using ipsec to simply ping a machine on the internal network.
Works
At 10:12 29.09.2004 -0700, Peter Mueller wrote:
#tc class add dev $DEV parent 1:1 classid 1:20 htb rate
$[9*$UPLINK/10]kbit \
tc class add dev $DEV parent 1:1 classid 1:20 htb rate `expr
9 \* $UPLINK / 10`kbit \
burst 6k prio 2
possibly the same thing. I did not have any performance
Charles
At 09:23 29.09.2004 -0500, Charles Steinkuehler wrote:
Erich Titl wrote:
Hi everybody
I know there has been a thread on this issue, I am losing the default
oute regularly on a link with dhcp and ipsec. Typically the default route
is taken over by the ipsec interface when this occurs
Hi everybody
Networks 83.0.0.0 and 84.0.0.0 have been assigned to RIPE last year. In my version
(1.4.8) of shorewall these networks are still blocked by the rfc1918 rules. It it
probably worthwhile to remove these two networks from /etc/shorewall/rfc1918 if they
should still be there.
cheers
Patrick
At 13:34 23.09.2004 +0200, Patrick Benson wrote:
Erich Titl wrote:
Hi everybody
Networks 83.0.0.0 and 84.0.0.0 have been assigned to RIPE last year. In my version
(1.4.8) of shorewall these networks are still blocked by the rfc1918 rules. It it
probably worthwhile to remove
Tom
At 17:06 19.09.2004 -0700, Tom Eastep wrote:
Folks,
I can't keep this up. The demands that my job and my personal life are
currently placing on me are such that supporing Shorewall to the extent that
I have been doing is just not possible any more.
I will continue to be active on the
Rick
At 16:14 17.09.2004 -0400, Tibbs, Richard wrote:
Dear list.
My first gig is developing a Bering 1.2 firewall for a coffee house.
I expect to be paid in food and soy lattes ;-)
Here is the situation: Coffee shop owner wants to support wireless for
the customers. Owner has one or two business
Juergen
At 18:48 07.09.2004 -0300, Juergen Maulko wrote:
Hi folks,
I have thrown together a LEAF-package of the NoCatSplash-daemon.
It is build with uClibc and statically linked against glib 1.2.10. So it should
work ok with Bering uClibc. I have tested it with uClibc-Bering 2.2 and
2.1. Since
Rick
At 16:55 08.09.2004 -0400, you wrote:
Dear list: question about a Bering 1.2 environment:
I noticed that an lsmod reveals no iptables module.
But there is an iptables executable and so libs.
I suggest you look at the iptables.lrp file using tar, it is a bit long to
list here. It holds the
Eric
At 06:31 19.08.2004 -0700, Eric House wrote:
I've been running LRP and Bering in various forms for about four years
(currently Bering-uClibc), and have probably set up new systems about
20 times (at home and for friends, not professionally.) It's gotten
to be a chore, and that feeling keeps
James
At 09:09 18.08.2004 +0100, James Neave wrote:
Hi all,
I now have an SSH Sentinel client to get through our company Bering box.
After some initial mistakes with the PSK, the diagnostics for SSH-S now
declare our connection functional, but it still does not connect.
I guess this is the
At 06:18 09.08.2004, Chris Lee wrote:
Hi,
I am using Bering-uClibc_2.2-beta5 HDD version.
Is it possible to download and install additional packages w/o go back to
DOS?
sure, just download the package to the installation media and load it using
lrpkg.
Erich
THINK
Püntenstrasse 39
8143 Stallikon
601 - 700 of 1037 matches
Mail list logo