date:20070917

Re: [Vyatta-users] Firewall rules

2007-09-17 Thread An-Cheng Huang

Hi Tony,

The firewall configuration syntax only allows 1 source address within each 
rule, so for your example you can specify 3 rules, one for each IP address you 
want to block.

An-Cheng

Tony Cratz wrote:
 Hello:
 
   I'm new to Vyatta any before I start to do an install and
   screw myself I would like a question answered.
 
   In setting up a firewall rule I would like to reject all
   connections from the IP addresses of (as an example)
   216.239.32.10, 66.218.71.63, 192.18.99.5
   Is the following possible or do I need to break the source
   out them into different source sections?
 
   rule 1 {
   action reject
   source {
   address: 216.239.32.10
   address: 66.218.71.63
   address: 192.18.99.5
   }
   }
 
 
   Tony
 ___
 Vyatta-users mailing list
 Vyatta-users@mailman.vyatta.com
 http://mailman.vyatta.com/mailman/listinfo/vyatta-users
___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users

Re: [Vyatta-users] What are bridge groups in Vyatta OFR and how they work?

2007-09-17 Thread Paco Alcantara

If I have understood well, a bridge group allows the computer to work as a
switch where I can create groups of interfaces that belongs to the same
network domain. And I can also run spanning tree protocol in these  group of
interfaces.

Some questions though,
is it possible to assign virtual interfaces to create VLANs?

In case it is possible, may I create VLANs in a bridge group that has not
assigned an IP address in a specific interface??

Thanks a lot!!

Paco.

On 9/17/07, Robert Bays [EMAIL PROTECTED] wrote:

 Paco,

 bridging hasn't been tested extensively, but here is a two second
 overview.

  configure
 # create a virtual bridge group/interface
  create interfaces bridge br0
  commit
 # add a physical interface to a virtual bridge group
  create interfaces ethernet eth0 bridge-group bridge br0
  commit

 There are configuration options for both the bridge group and the
 physical interfaces.  'show bridge br0 [macs|spanning-tree]' should show
 you the status of what you have configured.

 Cheers,
 Robert.

 Paco Alcantara wrote:
 
  I have seen the funtionallity of bridge-groups but I have not found any
  documentation about what is and how it works? (apart from the command
  description).
 
  Has anyone documentation about this topic?
 
 
  
 
  ___
  Vyatta-users mailing list
  Vyatta-users@mailman.vyatta.com
  http://mailman.vyatta.com/mailman/listinfo/vyatta-users

___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users

Re: [Vyatta-users] Error setting up VLANS

2007-09-17 Thread Rodney Prescott

Hi Robert,

Thanks for the response, please find the tail of the logfile,  
basically states interface  not recognised

Help would be most appreciated!

wthree:/var/log# tail messages
Sep 17 09:17:58 localhost xorp_rtrmgr: [ 2007/09/17 09:17:58  ERROR  
xorp_rtrmgr:3935 RTRMGR +701 /home/autobuild/builds/master/ 
2007-08-23-1113/ofr/xorp/xorp/rtrmgr/master_conf_tree.cc  
commit_pass2_done ] Commit failed: 102 Command failed Interface error  
on eth1.10: interface not recognized
Sep 17 09:18:17 localhost xorp_fea: [ 2007/09/17 09:18:17  ERROR  
xorp_fea:3994 FEA +99 /home/autobuild/builds/master/2007-08-23-1113/ 
ofr/xorp/xorp/fea/ifconfig_set.cc push_config ] Interface error on  
eth1.10: interface not recognized
Sep 17 09:18:17 localhost xorp_fea: [ 2007/09/17 09:18:17 WARNING  
xorp_fea XrlFeaTarget ] Handling method for ifmgr/0.1/ 
commit_transaction failed: XrlCmdError 102 Command failed Interface  
error on eth1.10: interface not recognized
Sep 17 09:18:17 localhost xorp_rtrmgr: [ 2007/09/17 09:18:17  ERROR  
xorp_rtrmgr:3935 RTRMGR +701 /home/autobuild/builds/master/ 
2007-08-23-1113/ofr/xorp/xorp/rtrmgr/master_conf_tree.cc  
commit_pass2_done ] Commit failed: 102 Command failed Interface error  
on eth1.10: interface not recognized
Sep 17 09:19:19 localhost login[12798]: (pam_unix) check pass; user  
unknown
Sep 17 10:30:23 localhost kernel: bnx2: eth1 NIC Link is Down
Sep 17 11:34:15 localhost kernel: bnx2: eth0 NIC Link is Down
Sep 17 11:40:50 localhost xorp_fea: [ 2007/09/17 11:40:50  ERROR  
xorp_fea:3994 FEA +99 /home/autobuild/builds/master/2007-08-23-1113/ 
ofr/xorp/xorp/fea/ifconfig_set.cc push_config ] Interface error on  
eth1.10: interface not recognized
Sep 17 11:40:51 localhost xorp_fea: [ 2007/09/17 11:40:50 WARNING  
xorp_fea XrlFeaTarget ] Handling method for ifmgr/0.1/ 
commit_transaction failed: XrlCmdError 102 Command failed Interface  
error on eth1.10: interface not recognized
Sep 17 11:40:51 localhost xorp_rtrmgr: [ 2007/09/17 11:40:50  ERROR  
xorp_rtrmgr:3935 RTRMGR +701 /home/autobuild/builds/master/ 
2007-08-23-1113/ofr/xorp/xorp/rtrmgr/master_conf_tree.cc  
commit_pass2_done ] Commit failed: 102 Command failed Interface error  
on eth1.10: interface not recognized

On 18/09/2007, at 11:57 AM, Robert Bays wrote:

 Hi Guys,

 I know this response is *way* overdue...  Sorry about that.  FWIW, I
 just tried this on a freshly booted livecd and didn't see any errors.
 Maybe there is a clue in the /var/log/messages file?

 Cheers,
 Robert.

 Nick Davey wrote:
 Hmm, that's odd. I'm getting the same problem on eth1 on my OFR.

  set interfaces ethernet eth1 vif 1024
 [edit]
 [EMAIL PROTECTED] commit
 [edit]
 Commit Failed
 102 Command failed Interface error on eth1.1024 : interface not  
 recognized

 I attempted to just create the VLAN interface without IPing it to  
 see if
 there was some sort of race condition, but that doesn't seem to be  
 the
 case. I also tried with a higher VLAN id in case that was some  
 sort of
 issue. This also seems to affect the web interface, as I can't create
 vif's from the web interface. Maybe I'm doing something wrong though.
 The weird thing is is that I'm already using VLAN interfaces...

 Nick

 On 9/6/07, *Rodney Prescott* [EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED] wrote:

 Hi,

 Trying as per the documentation set up VLANs on the Community  
 version
 2.2

 So here is the problem

 [edit]
 [EMAIL PROTECTED] set interfaces ethernet eth1 vif 40 address
 10.10.40.65 http://10.10.40.65 prefix-length 24
 [edit]
 [EMAIL PROTECTED] commit
 [edit]
 Commit Failed
 [EMAIL PROTECTED] led Interface error on eth1.40: interface not
 [EMAIL PROTECTED]
 [edit]

 Does it on both the WEB interface and as above on the CLI,  
 gets the
 same error message when Commit is used on the web as well


 HELP, as I need to have VLANs running for the Wireless Gear I am
 running, the multi SSIDs need unique VLANS

 Thanks in anticipation
 ___
 Vyatta-users mailing list
 Vyatta-users@mailman.vyatta.com mailto:Vyatta- 
 [EMAIL PROTECTED]
 http://mailman.vyatta.com/mailman/listinfo/vyatta-users
 http://mailman.vyatta.com/mailman/listinfo/vyatta-users



 - 
 ---

 ___
 Vyatta-users mailing list
 Vyatta-users@mailman.vyatta.com
 http://mailman.vyatta.com/mailman/listinfo/vyatta-users

___
Vyatta-users mailing list
Vyatta-users@mailman.vyatta.com
http://mailman.vyatta.com/mailman/listinfo/vyatta-users

Re: [Vyatta-users] Firewall rules

Re: [Vyatta-users] What are bridge groups in Vyatta OFR and how they work?

Re: [Vyatta-users] Error setting up VLANS

3 matches

Site Navigation

Mail list logo

Footer information