I've set up an OpenBSD 4.2 firewall with two ISP connections. ISP1
has static addressing and is the firewall's default gateway. ISP2 is
DHCP-configured, and I've modified dhclient-script to put the ISP2 gateway
only into a second routing table using "route -T 1 add". All of this
works fine,
I have a simple OpenVPN bridge environment set up:
-[OpenBSD]-
|
* bridge0 contains tun0 and hme1
Connectivity and routing work as expected, but when I ping from the client
to the OpenBSD server, I get terribly high ping time
atistics ---
60 packets transmitted, 60 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.277/1.419/4.906/0.461 ms
//llx
On Saturday 01 December 2007 23.57:47 Bryan S. Leaman wrote:
I have a simple OpenVPN bridge environment set up:
-[OpenBSD]-
---
I have a multiple ISP router/firewall running 4.2. To make FTP work
properly over both gateways, I found and applied the following patch to
ftp-proxy **see link below** and it's working great (apparently pftpx is
very similar to ftp-proxy). Without this fix, my second ftp-proxy process
(for I
with ftp-proxy? Or am I not understanding how these tags are to be used?
To test my theory, I modified filter.c in ftp-proxy and set
pfr.rule.quick=0, and now my tagged rule matches and the reply-to works.
Thanks,
Bryan
On Tue, 4 Dec 2007, Camiel Dobbelaar wrote:
Bryan S. Leaman wrote:
I
Andres Salazar wrote:
Hello,
For some reason I cannot get this to work properly... We have a
1Megabyte/sec connection, and I want this box to be capped at up to
200KiloBytes/sec .
However everytime I try, it just always ends up using the entire link.
If I modify it to 1Kb , it ends up using aro
Andres Salazar wrote:
Thank you for your suggestions.. however in this particular case I
still can download at 615Kbytes/sec .. at least now I can download at
a lesser rate with the following:
altq on $t_externa bandwidth 200Kb hfsc queue { bulk, ack }
queue ack bandwidth 20% priority 2 qlimit 5
Hi All,
I have a production firewall on a Sun V120 running OpenBSD 4.5 sparc64,
with 2 active interfaces. Two weeks ago, the gem1 interface suddenly hung
and I was able to revive it using "ifconfig gem1 down; ifconfig gem1 up".
I found the following m...@openbsd thread from March 2009:
http://w
Daniel Ouellet wrote:
Bryan S. Leaman wrote:
Hi All,
I have a production firewall on a Sun V120 running OpenBSD 4.5 sparc64,
with 2 active interfaces. Two weeks ago, the gem1 interface suddenly
hung
and I was able to revive it using "ifconfig gem1 down; ifconfig gem1
up". I
Daniel Ouellet wrote:
I am not saying it's the same problem here, but it sure behave the
exact same way. See if you have timeout in the logs or not from that
hme driver. But without you doing more tests on your box, it will not
be looked at before it's done for sure.
I really hope it help you
As I continue to work on my previous issue with my Sun V120 and network
hangs, I decided to install 4.6 release onto an HP DL360 G4 box with the
latest BIOS and firmware updates as a possible replacement for the Sun.
After many hours of load testing and changing configurations, I found that
I alwa
I'm converting a pf ruleset to work with the new nat/rdr changes in 4.6
-current and I came across an issue that seems like a problem in the way
"tagged" rules are handled. It's breaking ftp-proxy with tagging when I
try to apply additional rules to the tagged packets. The result is that I
can lo
Henning Brauer wrote:
* Bryan S. Leaman [2009-11-13 01:12]:
I'm converting a pf ruleset to work with the new nat/rdr changes in 4.6
-current and I came across an issue that seems like a problem in the way
"tagged" rules are handled. It's breaking ftp-proxy with tagging
Claudio Jeker wrote:
On Fri, Nov 13, 2009 at 05:44:41PM +0100, Henning Brauer wrote:
* Bryan S. Leaman [2009-11-13 17:37]:
Henning Brauer wrote:
* Bryan S. Leaman [2009-11-13 01:12]:
I'm converting a pf ruleset to work with the new nat/rdr changes in 4.6
-cu
14 matches
Mail list logo
