[freenet-support] Limiting outgoing connections to a certain port range...
Since I'm unfortunate enough to be on a bandwidth cap I like to monitor where my bandwidth is going so I can shut down anything that's guzzling loads of bandwidth. I do this through simple IPTABLES rules, as it gives a nice breakdown of what's using what. Unfortunately, as freenet just claims a random port to connect out on, I can't do this management. I would like an option to restrict the port range bound to if it's possible. I'm not overly worried about any privacy issues this may cause, I don't mind if it's off by default, but if it's possible it would be nice to have. If I could figure out where in the source this is done I may be able to submit a patch or something... -- Phillip Hutchings [EMAIL PROTECTED] http://www.sitharus.com/ ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Limiting outgoing connections to a certain port range...
Hi, > I like to monitor > where my bandwidth is going... I do this through simple > IPTABLES rules, One way to do this might be to run freenet under its own user account (I tweaked the start-freenet.sh script to su to user "freenet" when starting the node) and use iptables' owner match support to match packets belonging to this user. HTH Stephen Yahoo! Messenger - Communicate instantly..."Ping" your friends today! Download Messenger Now http://uk.messenger.yahoo.com/download/index.html ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
RE: [freenet-support] Stable build 5078
The Freenet I'm running on my Windows machine says it is version 00.5.2.8 (March 14, 2004). How does "build 5078" compare with that? thanks -Original Message- From: Toad [mailto:[EMAIL PROTECTED] Sent: Monday, May 03, 2004 4:30 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [freenet-support] Stable build 5078 * Replies will be sent through Spamex to [EMAIL PROTECTED] * For additional info click -> http://www.spamex.com/i/?v=3880664 Freenet stable build 5078 is now available. The snapshots have been updated. All stable branch users should upgrade ASAP. Changelog: * Make 5077 mandatory. This is a fairly significant change. 5077 made huge changes, including some fundamental changes to how freenet routes ("bidirectional routing" - all connected nodes may be routed to); for the network to work effectively, we need the whole of stable to be running more or less the same code. * Lots of bugfixes. * New, cleverer startup script for unix-like systems. -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
[freenet-support] Re: too big log! Use logrotate
On Fri, 30 Apr 2004 23:34:08 +1000, Cameron GArnham wrote: > Heare is a dump of the freenet dir: : > -rw-r--r--1 garnham garnham 5715853312 Apr 30 23:17 freenet.log : > System: > > OS debian "testing" > > currently the log is 5.7GB there MUST be a cap!. Please have a look at logrotate http://packages.debian.org/unstable/admin/logrotate /Ole ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
[freenet-support] Re: Limiting outgoing connections to a certain port range...
On Wed, 05 May 2004 00:00:40 +1200, Phillip Hutchings wrote: > Since I'm unfortunate enough to be on a bandwidth cap I like to monitor > where my bandwidth is going so I can shut down anything that's guzzling > loads of bandwidth. I do this through simple IPTABLES rules, as it > gives a nice breakdown of what's using what. > > Unfortunately, as freenet just claims a random port to connect out on, > I can't do this management. I would like an option to restrict the port > range bound to if it's possible. IPtables can look at which user runs the process owning the connection. If you run freenet as a freenet user then it should be possible to separate these connections from other connections. Please post you solution if you get it to work. /Ole ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Re: Limiting outgoing connections to a certain port range...
On 5/05/2004, at 6:56 AM, Ole Tange wrote: On Wed, 05 May 2004 00:00:40 +1200, Phillip Hutchings wrote: Since I'm unfortunate enough to be on a bandwidth cap I like to monitor where my bandwidth is going so I can shut down anything that's guzzling loads of bandwidth. I do this through simple IPTABLES rules, as it gives a nice breakdown of what's using what. Unfortunately, as freenet just claims a random port to connect out on, I can't do this management. I would like an option to restrict the port range bound to if it's possible. IPtables can look at which user runs the process owning the connection. If you run freenet as a freenet user then it should be possible to separate these connections from other connections. Please post you solution if you get it to work. I checked on that before posting to the list, and the module is only valid in the OUTPUT chain. Since Freenet sends data both ways it's not much use for this. -- Phillip Hutchings [EMAIL PROTECTED] http://www.sitharus.com/ ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Stable build 5078
Hi, On Tuesday 04 May 2004 06:33, Paul Schauble wrote: > The Freenet I'm running on my Windows machine says it is version 00.5.2.8 > (March 14, 2004). How does "build 5078" compare with that? Open the fproxy start page and see what build it says at the top. You'll need to upgrade to 5078 because pretty soon you'll find that your node won't be able to talk to the network - build 5078 won't talk to nodes older than 5077 and as people upgrade, older nodes will be left by the wayside. And besides, with 5077 came vast performance improvements - I can actually retrieve all the sites on the start page for the first time in months, and the vast majority of sites that I try contacting from the FIND index. And my system doesn't max out with 500+ threads, 100% bandwidth and a seriously lagged text console after a few hours like it did for a while. Regards, Stephen p.s. It's been a long haul but I think that latest round of development has really paid off. Freenet-Stable really does seem quite stable right now. To all the developers: nice work! Thanks for all your efforts! ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Re: Limiting outgoing connections to a certain port range...
> I checked on that before posting to the list, and the module is only > valid in the OUTPUT chain. Since Freenet sends data both ways it's not > much use for this. I use this "-m owner" match, it works well and is sufficient. There is no point in limiting the input rate (well, at least in most setups), because the packets already arrived at your box, when you limit them. The peers slow down after some time, but when your box starts to drop packets you even lose more bandwith for retransmission. When you have asymmetric connection, the uplink will be the harder problem. good byte ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
Re: [freenet-support] Re: Limiting outgoing connections to a certain port range...
On 5/05/2004, at 2:18 PM, Martin Scheffler wrote: I checked on that before posting to the list, and the module is only valid in the OUTPUT chain. Since Freenet sends data both ways it's not much use for this. I use this "-m owner" match, it works well and is sufficient. There is no point in limiting the input rate (well, at least in most setups), because the packets already arrived at your box, when you limit them. The peers slow down after some time, but when your box starts to drop packets you even lose more bandwith for retransmission. When you have asymmetric connection, the uplink will be the harder problem. I don't care about rate limiting, but I do care about bandwidth usage monitoring. I'm going to poke in the freenet source at the weekend and see if I can put the code in... -- Phillip Hutchings [EMAIL PROTECTED] http://www.sitharus.com/ ___ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]