| |
| |
| |
|
Comments:
<0> Yeah, I might try connlimit.
<1> rob0:
<1> http://lists.netfilter.org/pipermail/netfilter/2006-March/065118.html
<2> is it possibill to set a rule that all packaes whit come in from interface br0 with dst port 67 are not forwarded to the device tun0 ?
<2> s/packaes/package
<2> what i wanne ask if i can hide soem trafic from one of my network devices that's lisening on my wireless device?
<3> tat_: yes, just block them in FORWARD
<2> danieldg : i tried , but i couldn't succeed. could you help me if i explain you my problem ?
<0> djr: ty!
<0> tat_: I think the FORWARD blocking only works if you have CONFIG_BRIDGE_NETFILTER=y.
<0> If not, you probably have to use ebtables(8).
<0> See also -m physdev in the man page.
<2> rob0 : i use allready mac filtering on the br0 abd it works.
<2> i use chillispot which startsup tun0 and listens then truth tun0 on br0, i wan't based on the src mac decide if dhcp reqests comming in on br0 should be seen by tun0, i just don't understand i make a rule which doesn't forward the packegs to tun0.
<4> RE
<1> tat_ proxy_arp
<2> djr : what do you mean ?
<5> hello all!
<5> someone know a good document to build routing with iptables?
<6> anyone here know what apf is ?
<7> heh
<8> hello I would like some advice. I have a farely complex network I am trying to setup. client1 attached to host1 inet 169.254.0.0, and host1 is on an lan inet 192.168.0.0, nated to the internet. client1 is a vpn through host1 accross the net to openvpn server. now I have several identical client1 host1 setups all vpned together on a 10.8.0.1 lan. there are services on the vpn that must be accessed by the host1 and client1 machines. my question should I se
<8> t up a nat on the client1 or should I use openvpns bridge interface? :o
<9> mirc+dcc
<9> ow i mean
<9> xchat+dcc any tip to free it on iptables
<7> um
<7> gotta specify ports
<7> forward them
<10> hi
<10> iam building traffic monitor and i need to ask when iptables counters are zero-ed ? from time to time i have it zero-ed, i dont know what zeroed it..
<11> hello..
<11> anybody here?
<11> i need help on forwarding port 6112 to use another provider
<0> Devilion: /topic, "having NAT issues?"
<12> can I create a rule for packet accounting with matches only ARP packets?
<12> or is that only ebtables?
<13> hi. what could be wrong with this ? iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT /// iptables: No chain/target/match by that name
<14> korst3n: ipt_state module is not loaded or not built in your running kernel
<13> peejix, do i have to compile kernel from over?
<0> tweakt: yes, ebtables or arptables.
<13> (thank you btw)
<14> korst3n: just mark STATE match as a module in your kernel config and do a make modules modules_install
<12> rob0: can I get traffic stats from it like iptables -L -v shows?
<14> korst3n: most of the time, this module is already built/enabled in the kernel. Did you build your own kernel from scratch recently ?
<13> peejix, kk thank you so much
<13> yes, im using gentoo , i compiled kernel from over with iptables support
<14> korst3n: have fun, then :)
<13> but i dont see state match support in IP:Netfilter config.
<14> rob0: how's the ipt_iplist module ?
<13> peejix, ?
<13> network pack filtering -> IP:NetFilter configuration -> there i dont have state match
<14> korst3n: what kernel ?
<13> 2.6.15-gentoo-r1
<13> i have many X Match supports but not state match support
<13> and i have that in /lib/iptables/libipt_state.so
<14> uhm... that's right. I wonder what happened recently...
<13> but its in gentoo security guide
<13> http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=12
<0> peejix: thanks again for that. Still not deployed. I'm trying to get the consensus of 3 other co-owners of this machine. As it happens, we've got a bug in -m recent.
<13> peejix, would 2.6.16-r7 fix it?
<13> gentoo-sources of course
<14> korst3n: it looks to me that some re-organizing happened in the netfilter tree past months. I'm searching the mailing list where *the hell* is ipt_recent or have been merged with what...
<13> peejix, thank you so much im waiting
<14> ok, found it... it's now named xt_state
<14> part of the x_table saga
<13> peejix, and where is that ?
<14> korst3n: look at the Core Netfilter Configuration
<14> and activate X table support
<13> there i only have netfilter netlink inferface
<14> I'm looking v2.6.16.16
<13> ok i'll grab that one
<13> 2.6.16-r7
<13> thank you so much
<15> anyone know good syntax for firewalk?
<15> to do a complete scan of a computer
<4> ?!
<7> uh speak english?
<13> yes i saw state match support now
<13> thank you again peejix
<16> is there a way to limit up a programs connections? i.e. torrent's connection?
<16> is there any module called IMQ on kernel 2.6?
<16> for qos management?
<13> peejix, im on new kernel and iptables still give me error on this line
<13> korst3n ~ # iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
<13> iptables: No chain/target/match by that name
<4> RE
<17> hello
<17> one for help please
Return to
#iptables
or
Go to some related
logs:
cambiar de window manager en debian
#mysql
#suse
obfuscate bash script
#linux
#qemu
qtparted raid1
attr AND rootkit
#gaim
rapydtk
|
|