[freenet-support] Limiting outgoing connections to a certain port range...

2004-05-04 Thread Phillip Hutchings 
Since I'm unfortunate enough to be on a bandwidth cap I like to monitor 
where my bandwidth is going so I can shut down anything that's guzzling 
loads of bandwidth. I do this through simple IPTABLES rules, as it 
gives a nice breakdown of what's using what.

Unfortunately, as freenet just claims a random port to connect out on, 
I can't do this management. I would like an option to restrict the port 
range bound to if it's possible.

I'm not overly worried about any privacy issues this may cause, I don't 
mind if it's off by default, but if it's possible it would be nice to 
have. If I could figure out where in the source this is done I may be 
able to submit a patch or something...
--
Phillip Hutchings
[EMAIL PROTECTED]
http://www.sitharus.com/

___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] Limiting outgoing connections to a certain port range...

2004-05-04 Thread Stephen Mollett 
Hi,

> I like to monitor 
> where my bandwidth is going... I do this through
simple
> IPTABLES rules,

One way to do this might be to run freenet under its
own user account (I tweaked the start-freenet.sh
script to su to user "freenet" when starting the node)
and use iptables' owner match support to match packets
belonging to this user.

HTH
Stephen






Yahoo! Messenger - Communicate instantly..."Ping" 
your friends today! Download Messenger Now 
http://uk.messenger.yahoo.com/download/index.html
___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

RE: [freenet-support] Stable build 5078

2004-05-04 Thread Paul Schauble 
The Freenet I'm running on my Windows machine says it is version 00.5.2.8
(March 14, 2004). How does "build 5078" compare with that?

  thanks

-Original Message-
From: Toad [mailto:[EMAIL PROTECTED]
Sent: Monday, May 03, 2004 4:30 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [freenet-support] Stable build 5078


* Replies will be sent through Spamex to [EMAIL PROTECTED]
* For additional info click -> http://www.spamex.com/i/?v=3880664

Freenet stable build 5078 is now available. The snapshots have been
updated. All stable branch users should upgrade ASAP.

Changelog:
* Make 5077 mandatory. This is a fairly significant change. 5077 made
  huge changes, including some fundamental changes to how freenet
  routes ("bidirectional routing" - all connected nodes may be routed to);
  for the network to work effectively, we need the whole of stable to be
  running more or less the same code.
* Lots of bugfixes.
* New, cleverer startup script for unix-like systems.
--
Matthew J Toseland - [EMAIL PROTECTED]
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.

___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

[freenet-support] Re: too big log! Use logrotate

2004-05-04 Thread Ole Tange 
On Fri, 30 Apr 2004 23:34:08 +1000, Cameron GArnham wrote:

> Heare is a dump of the freenet dir:
:
> -rw-r--r--1 garnham  garnham  5715853312 Apr 30 23:17 freenet.log
:
> System:
> 
> OS debian "testing"
> 
> currently the log is 5.7GB there MUST be a cap!.

Please have a look at logrotate 
http://packages.debian.org/unstable/admin/logrotate

/Ole


___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

[freenet-support] Re: Limiting outgoing connections to a certain port range...

2004-05-04 Thread Ole Tange 
On Wed, 05 May 2004 00:00:40 +1200, Phillip Hutchings wrote:

> Since I'm unfortunate enough to be on a bandwidth cap I like to monitor 
> where my bandwidth is going so I can shut down anything that's guzzling 
> loads of bandwidth. I do this through simple IPTABLES rules, as it 
> gives a nice breakdown of what's using what.
> 
> Unfortunately, as freenet just claims a random port to connect out on, 
> I can't do this management. I would like an option to restrict the port 
> range bound to if it's possible.

IPtables can look at which user runs the process owning the connection. If
you run freenet as a freenet user then it should be possible to separate
these connections from other connections.

Please post you solution if you get it to work.


/Ole

___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] Re: Limiting outgoing connections to a certain port range...

2004-05-04 Thread Phillip Hutchings 
On 5/05/2004, at 6:56 AM, Ole Tange wrote:
On Wed, 05 May 2004 00:00:40 +1200, Phillip Hutchings wrote:
Since I'm unfortunate enough to be on a bandwidth cap I like to 
monitor
where my bandwidth is going so I can shut down anything that's 
guzzling
loads of bandwidth. I do this through simple IPTABLES rules, as it
gives a nice breakdown of what's using what.

Unfortunately, as freenet just claims a random port to connect out on,
I can't do this management. I would like an option to restrict the 
port
range bound to if it's possible.
IPtables can look at which user runs the process owning the 
connection. If
you run freenet as a freenet user then it should be possible to 
separate
these connections from other connections.

Please post you solution if you get it to work.
I checked on that before posting to the list, and the module is only 
valid in the OUTPUT chain. Since Freenet sends data both ways it's not 
much use for this.
--
Phillip Hutchings
[EMAIL PROTECTED]
http://www.sitharus.com/

___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] Stable build 5078

2004-05-04 Thread Stephen Mollett 
Hi,

On Tuesday 04 May 2004 06:33, Paul Schauble wrote:
> The Freenet I'm running on my Windows machine says it is version 00.5.2.8
> (March 14, 2004). How does "build 5078" compare with that?

Open the fproxy start page and see what build it says at the top. You'll need 
to upgrade to 5078 because pretty soon you'll find that your node won't be 
able to talk to the network - build 5078 won't talk to nodes older than 5077 
and as people upgrade, older nodes will be left by the wayside. And besides, 
with 5077 came vast performance improvements - I can actually retrieve all 
the sites on the start page for the first time in months, and the vast 
majority of sites that I try contacting from the FIND index. And my system 
doesn't max out with 500+ threads, 100% bandwidth and a seriously lagged text 
console after a few hours like it did for a while.

Regards,
Stephen

p.s. It's been a long haul but I think that latest round of development has 
really paid off. Freenet-Stable really does seem quite stable right now. To 
all the developers: nice work! Thanks for all your efforts!

___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] Re: Limiting outgoing connections to a certain port range...

2004-05-04 Thread Martin Scheffler 
> I checked on that before posting to the list, and the module is only
> valid in the OUTPUT chain. Since Freenet sends data both ways it's not
> much use for this.

I use this "-m owner" match, it works well and is sufficient. There is no 
point in limiting the input rate (well, at least in most setups), because the 
packets already arrived at your box, when you limit them.
The peers slow down after some time, but when your box starts to drop packets 
you even lose more bandwith for retransmission.

When you have asymmetric connection, the uplink will be the harder problem.

good byte
___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]

Re: [freenet-support] Re: Limiting outgoing connections to a certain port range...

2004-05-04 Thread Phillip Hutchings 
On 5/05/2004, at 2:18 PM, Martin Scheffler wrote:
I checked on that before posting to the list, and the module is only
valid in the OUTPUT chain. Since Freenet sends data both ways it's not
much use for this.
I use this "-m owner" match, it works well and is sufficient. There is 
no
point in limiting the input rate (well, at least in most setups), 
because the
packets already arrived at your box, when you limit them.
The peers slow down after some time, but when your box starts to drop 
packets
you even lose more bandwith for retransmission.

When you have asymmetric connection, the uplink will be the harder 
problem.
I don't care about rate limiting, but I do care about bandwidth usage 
monitoring. I'm going to poke in the freenet source at the weekend and 
see if I can put the code in...

--
Phillip Hutchings
[EMAIL PROTECTED]
http://www.sitharus.com/
___
Support mailing list
[EMAIL PROTECTED]
http://news.gmane.org/gmane.network.freenet.support
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support
Or mailto:[EMAIL PROTECTED]