Akin Nomad wrote:
Which of these IP addresses you will not find allocated to PC, which
can work in internet through IP protocol? (you can choose only one
variant)
a: 192.168.0.3
b: 230.30.3.3
c: 2001:16c8:ffd7::b:33.255.3.2
d: 2001:16d8:ffd7::405
e: 10.40.20.0
f: fe80::2c0:26ff:2001:16d8
Would this be acceptable for filing a crash report, or is this out of
your scope?
If you can type in the text, that should be fine. Don't expect multiple
developers to try and make head or tail of a .jpg though...
As mentioned here recently, if the machine is rebooted rather than
In the passive modes session, i counted 4 pf rules being added, as
also in the active modes. But reading ftp-proxy(8) i can see the
following reference:
snip excerpt from man page
I.e., two rules for active mode and three for passive mode. I could
not understand what happened to the others
I'm stuck on some obvious pf table error but I can't see it.
snip
## Tables (File content shown in brackets)
table admins file /etc/tAdmins ( 192.168.0.3 )
table managers file /etc/tManagers (192.168.0.2)
table operators file /etc/tOperators (192.168.0.128)
table http-managers file
The painless way to do this is with webservers on non-routable
addresses, NAT and two interfaces. Is that out of the question?
In any case man pf.conf says:
Redirections cannot reflect packets back through the interface they
arrive on, they can only be redirected to hosts connected to different
ns.foo.bar is a dns slave that makes AXFR zone transfer from my server
(mybox). Why is the traffic
blocked on the first lines? What kind of traffic is that? Perhaps I
don't understand DNS fully,
but I thought zone transfers were made using TCP only, and ordinary
queries UDP.
Zone transfers
Get tcpdumps on both router interfaces with and without the reassemble
tcp option. Do this for a similar file on both a working website and
broken (ebay) website.
On both router interfaces? Wouldn't the external if be enough?
You're probably right. But my theory is that if you're going to
Unfortunately I cannot determine why only some sites have troubles
and that's why I seeking advice here on howto further diagnose
the problem.
Any hints are appreciated!
It's a stab in the dark but I would start with the assumption that some
sites are using server load balancing and that
so, the ping is ok when its not going trough the tunnel...but via the
tunnel, the MTU size
sinks to 1330 max.
How to get that not to sink ?
You probably can't - your VPN tunnel is adding IP and IPsec headers
which cause packets to grow beyond the DSL provider's MTU. (BTW some DSL
services
My goal with the bridge is to filter all traffic coming in from the
outside world, while allowing servers my servers behind the bridge
to connect freely even if their traffic has to travel out to the
router and back(keep state?).
My point of confusion is whether or not to turn on
# tcpdump -n -i sis2 'icmp'
19:21:05.848459 wan_if.ip external.host: icmp: echo request
19:21:05.868202 external.host wan_if.ip: icmp: echo reply
19:21:05.868499 wan_if.ip external.host: icmp: host wan_if.ip unreachable
I was obviously expecting the first two lines but I assumed that PF
I have never setup STP but if you were to use a hub you are only
moving the convegence problem to the devices on the end, be it a
router or clients. Instead of a few next hop mac updates between a
switch and the STP bridges , all the devices would need to update thus
increasing total
I tried to connect the cable for the internet directly to one
of the client machines behind the firewall (Debian GNU/Linux
3.1) and the site loads perfectly, so I came to the
conclusion that my PF rules are blocking the packets. So, I
left a minimal PF setup (pass all keep state + NAT),
Some hard disks have a write protect jumper. I've got an old Seagate
Barracuda (ST3217N) that has this - although it's not something I've
ever tried to use.
Steve
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Matt Garman
Sent: 01 July 2005 16:06
To:
14 matches
Mail list logo
