On Sun, May 3, 2009 at 7:26 AM, Fabian Wenk wrote:
> Hello Daniel
>
> On 27.04.09 18:19, Daniel Dias Gonçalves wrote:
>>
>> What may be happening ? I'm with polling enabled on all interfaces, can
>> you influence ?
>
>> If I disable the polling, no network interface work, begins to display
>> "em4
Hello Daniel
On 27.04.09 18:19, Daniel Dias Gonçalves wrote:
What may be happening ? I'm with polling enabled on all interfaces, can
you influence ?
If I disable the polling, no network interface work, begins to display
"em4 watchdog timeout".
If you are using polling on the Ethernet interf
Daniel Dias Gonçalves wrote:
Julian,
You could give an example of rules with tables?
I'm sorry I forgot that you want to count packets from each client.
tables won't work for that.
for counting I suggest the technique I show below,
but for just allowing, you can add allowable addresses to
a
On Mon, 27 Apr 2009, Daniel Dias Gonçalves wrote:
> What may be happening ? I'm with polling enabled on all interfaces, can you
> influence ?
>
> em0: port 0x7000-0x703f mem
> 0xdfa0-0xdfa1 irq 16 at device 8.0 on pci4
> em1: port 0x7400-0x743f mem
> 0xdfa2-0xdfa3 irq 17 a
You may want to investigate using pf; i'm not sure whether they handle
this better.
Me, I'd investigate writing a "tree" ipfw rule type. Ie, instead of
having a list of rules, all evaluated one at a time, I'd create a rule
implementing a subrule match on ip/netmask with some kind of action
(allow,
Going to another example.
If I wanted that each authentication (username and password) in captive
portal, set up rules limiting the speed of the user's IP, as I do? I can
create two rules for the in / out for each user associated with a pipe?
When simulating this with a script adding hundreds o
What may be happening ? I'm with polling enabled on all interfaces, can
you influence ?
em0: port 0x7000-0x703f mem
0xdfa0-0xdfa1 irq 16 at device 8.0 on pci4
em1: port 0x7400-0x743f mem
0xdfa2-0xdfa3 irq 17 at device 8.1 on pci4
em2: port 0x8000-0x803f mem
0xdfb0-0xdfb
Julian,
You could give an example of rules with tables?
Julian Elischer escreveu:
Daniel Dias Gonçalves wrote:
Very good thinking, congratulations, but my need is another.
The objective is a Captive Porrtal that each authentication is
dynamically created a rule to ALLOW or COUNT IP authentica
Daniel Dias Gonçalves wrote:
Very good thinking, congratulations, but my need is another.
The objective is a Captive Porrtal that each authentication is
dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm
testing is what is the maximum capacity of rules supported, therefore
You'd almost certainly be better off hacking up an extension to ipfw
which lets you count a /24 in one rule.
As in, the count rule would match on the subnet/netmask, have 256 32
(or 64 bit) integers allocated to record traffic in, and then do an
O(1) operation using the last octet of the v4 addres
Bill Moran wrote:
In response to Daniel Dias Gonçalves :
Very good thinking, congratulations, but my need is another.
The objective is a Captive Porrtal that each authentication is
dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm
testing is what is the maximum capacity
On Fri, 24 Apr 2009, Daniel Dias Gonçalves wrote:
> The latency in the interface em6 increased an average of 10ms to 200 ~ 300ms
> Hardware:
> CPU: Intel(R) Xeon(TM) CPU 3.20GHz (3200.13-MHz 686-class CPU)
> Logical CPUs per core: 2
> FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
> cp
In response to Daniel Dias Gonçalves :
> Very good thinking, congratulations, but my need is another.
> The objective is a Captive Porrtal that each authentication is
> dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm
> testing is what is the maximum capacity of rules sup
Very good thinking, congratulations, but my need is another.
The objective is a Captive Porrtal that each authentication is
dynamically created a rule to ALLOW or COUNT IP authenticated, which I'm
testing is what is the maximum capacity of rules supported, therefore
simultaneous user.
Underst
The latency in the interface em6 increased an average of 10ms to 200 ~ 300ms
Hardware:
CPU: Intel(R) Xeon(TM) CPU 3.20GHz (3200.13-MHz 686-class CPU)
Logical CPUs per core: 2
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
cpu0: on acpi0
p4tcc0: on cpu0
cpu1: on acpi0
p4tcc1: on cpu1
cpu2
Daniel Dias Gonçalves wrote:
Hi,
My system is a FreeBSD 7.1R.
When I add rules IPFW COUNT to 254 IPS from my network, one of my
interfaces increases the latency, causing large delays in the network,
when I delete COUNT rules, everything returns to normal, which can be ?
My script:
of cours
In response to Daniel Dias Gonçalves :
>
> My system is a FreeBSD 7.1R.
> When I add rules IPFW COUNT to 254 IPS from my network, one of my
> interfaces increases the latency, causing large delays in the network,
> when I delete COUNT rules, everything returns to normal, which can be ?
Not sure
Daniel Dias Gonçalves wrote:
> Hi,
>
> My system is a FreeBSD 7.1R.
> When I add rules IPFW COUNT to 254 IPS from my network, one of my
> interfaces increases the latency, causing large delays in the network,
> when I delete COUNT rules, everything returns to normal, which can be ?
How much laten
18 matches
Mail list logo
