to 30-50% of those requirements are arbitrary anyway ...
--
Bill Moran
Collaborative Fusion Inc.
wmo...@collaborativefusion.com
Phone: 412-422-3463x4023
IMPORTANT: This message contains confidential information
and is intended only for
capacity of rules supported, therefore
> simultaneous user.
>
> Understand ?
If you're only doing allow, then you'd be better off using a table,
which has much better performance than a bunch of separate rules.
If you're counting packets, I don't know if that approach w
.inet.ip.fw.verbose: 1
> net.inet.ip.fw.debug: 0
> net.inet.ip.fw.one_pass: 1
> net.inet.ip.fw.autoinc_step: 100
> net.inet.ip.fw.enable: 1
> net.link.ether.ipfw: 1
> net.link.bridge.ipfw: 0
> net.link.bridge.ipfw_arp: 0
>
> Thanks,
>
> Daniel
> ___
> freebsd-net@freebs
only
> exist in either local network, or remote VPN'ed network) to go through
> the tun0 device?
Any hack you would do to make this work is going to be unreliable at best.
Renumber your network so that routing can work as designed.
--
Bill Moran
Collaborative Fusion Inc.
http://people.
In response to Tom Judge <[EMAIL PROTECTED]>:
> Bill Moran wrote:
> > In response to R J <[EMAIL PROTECTED]>:
> >
> >> I am trying to use tcpdump (or snort, but they are both behaving the same
> >> in this case) to capture all the lines or cont
half of a sentence, and I don't see the rest of the lines.
> And ofcourse, alot of it seems to be hex or obfuscated html?
>
> What switches do I need to capture the entire lines of text?
Don't know about snort, but with tcpdump use -s0
--
Bill Moran
Collaborative Fusion
it's not a
managed switch, replace it because it's not working correctly and there's
nothing you can do about it.
> 3. Should i ever bother about this issue?
Yes. Something is wrong and it will be hurting your network performance.
--
You mention no details about your
local network, but I would guess that you have two separate IP ranges
on a single segment. Has the "attack" ended? If not, grab some tcpdumps
and see who's actually sending those packets.
What IP address does this machine have? What's the net
Eygene Ryabinkin <[EMAIL PROTECTED]> wrote:
>
> Thanks for the education! I have only one question: what it 'Yugo'?
> I had not found it in nearby dictionaries ;))
http://en.wikipedia.org/wiki/Yugo
--
Bill Moran
Collaborative Fusion Inc.
[EMAIL PROTECTED]
In response to Eygene Ryabinkin <[EMAIL PROTECTED]>:
> Mon, Feb 18, 2008 at 05:06:42PM -0500, Bill Moran wrote:
> > > I had faced such situation once: I had multihomed host that was
> > > running Apache daemon that was announced via two DNS names that
> > > wer
In response to Tom Judge <[EMAIL PROTECTED]>:
> Bill Moran wrote:
> > In response to Eygene Ryabinkin <[EMAIL PROTECTED]>:
> >
> >> Bill,
> >>
> >> Mon, Feb 18, 2008 at 04:36:18PM -0500, Bill Moran wrote:
> >>> I woul
In response to Eygene Ryabinkin <[EMAIL PROTECTED]>:
> Bill,
>
> Mon, Feb 18, 2008 at 04:36:18PM -0500, Bill Moran wrote:
> > I would suggest you ask yourself (and possibly the list) _why_ you think
> > multiple default routes is necessary ... what is it that you&
k yourself (and possibly the list) _why_ you think
multiple default routes is necessary ... what is it that you're hoping
to accomplish. I'm guessing your looking for some sort of redundancy,
in which case something like CARP or RIP is liable to be the correct
solution.
--
Bill Moran
Co
Michael DeMan <[EMAIL PROTECTED]> wrote:
>
> unsubscribe
As mentioned in the footer of every list mail:
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
Bill Moran
Collaborative Fusion Inc.
[EMAIL PROTECTED]
ace the faulty wiring. Just because it _seems_ to be OK
at 100 doesn't mean it is. If it's unable to work reliably at a
speed it should work at, you need to fix that.
b) Force the speed/duplex on both ends. One of the ugliest networking
problems I've seen is when the
t with no change in
> results. I have removed the machine at 10.11.12.252 with the only change
> being that the file-server can obtain NO connection to ANY IP address.
>
> Any help would be appreciated.
Why don't your cut/paste the output of ifconfig -a and netstat -rn
I suspect
st use a script like here :
The protocols designed to handle this are things like RIP and BGP.
However, in a case like yours, where you control both ends of things,
it's probably better to just use a script.
--
Bill Moran
Collaborative Fusion Inc.
[EMAIL PROTECTED]
Phone: 412-422-3463x4
In response to David DeSimone <[EMAIL PROTECTED]>:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Bill Moran <[EMAIL PROTECTED]> wrote:
> >
> > Let's flip the question around a bit: why would you _want_ the TCP
> > stack to accept frames
In response to Stephen Clark <[EMAIL PROTECTED]>:
> Bill Moran wrote:
>
> >In response to Stephen Clark <[EMAIL PROTECTED]>:
> >
> >>Sten Daniel Soersdal wrote:
> >>
> >>>Stephen Clark wrote:
> >>>
> >>>>
460 it get silently dropped. connection
> stalls.
>
> --
>
> "They that give up essential liberty to obtain temporary safety,
> deserve neither liberty nor safety." (Ben Franklin)
>
> "The course of history shows that as a government grows, liberty
>
In response to Bill Moran <[EMAIL PROTECTED]>:
> In response to Adam McDougall <[EMAIL PROTECTED]>:
>
> > On Tue, Jun 12, 2007 at 10:19:49AM -0400, Bill Moran wrote:
> >
> >
> > This one has got me pretty befuddled.
> >
> > We
ot using
non-blocking IO in the manner it was intended.
If you want properly closed connections, you turn of non-blocking before
you close the connection. If you want fast close that's not contingent on
anything, you close non-blocking and accept that some data may be lost and
some errors
In response to Adam McDougall <[EMAIL PROTECTED]>:
> On Tue, Jun 12, 2007 at 10:19:49AM -0400, Bill Moran wrote:
>
>
> This one has got me pretty befuddled.
>
> We're seeing some really odd behaviour with FreeBSD ignoring SYN packets.
> I've been
against a server with FreeBSD-current (the future 7.0) on
> it. In -current we've got detailed logging of LISTEN socket
> failures that allow rapid analysis of the problem.
This will take some time.
Also, I'm not seeing the problem on other, similar hardware. I'
Brief update to add another item to the list of things I've tried:
*) The problem occurs whether the em device is polling or not.
In response to Bill Moran <[EMAIL PROTECTED]>:
>
> This one has got me pretty befuddled.
>
> We're seeing some really odd behaviour with
0MB (71024640 sectors) RAID 1 (optimal)
SMP: AP CPU #3 Launched!
SMP: AP CPU #1 Launched!
SMP: AP CPU #2 Launched!
Trying to mount root from ufs:/dev/amrd0s1a
--
Bill Moran
Collaborative Fusion Inc.
http://people.collaborativefusion.com/~wmoran/
[EMAIL PROTECTED]
Phone: 412-422-3463x4023
__
ver modes (as well as other stuff)
and seems to be pretty well documented.
-Bill
>
> Cameron
>
> ----- Original Message -
> From: "Bill Moran" <[EMAIL PROTECTED]>
> To: "Cameron Haegle" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>;
Cameron Haegle wrote:
> I am trying to get the pptpclient working between my 4.2 server
> and my companies Microsoft VPN server.
>I have not found any really useful sites regarding the setup of this.
Are you using mpd? If not, that's probably the way to go.
/usr/local/share/doc/mpd has HTML doc
Harkirat Singh wrote:
>
> Hello!
>
> I want to measure UDP thruput of lossy channel, is there any tool
> which tests it? I looked at some of the tools but these do not take care
> of loss, I mean no retransmisson, just measure raw thruput of UDP (TTCP
> is one of these).
>
> I am lookin
29 matches
Mail list logo