* [Comm] вопросы по netams
@ 2005-03-27 14:14 Aleksey E. Birukov
2005-03-27 23:51 ` [Comm] Re: [isp] " Aleksey E. Birukov
0 siblings, 1 reply; 2+ messages in thread
From: Aleksey E. Birukov @ 2005-03-27 14:14 UTC (permalink / raw)
To: community; +Cc: isp-list
[-- Attachment #1: Type: text/plain, Size: 3398 bytes --]
Помогите решить несколько вопросов по netams
1. В netams.log содержится запись:
27.03.2005 17:44:33.9609 ds_libpcap:1 [ERR]: failed to open pcap interface:
ioctl
: No such device
2. Следуя рекомендациям из файла netams-README.ALT добавил в свой rc.firewall
строчки (в самый конец файла) - произошла полная блокировка трафика.
INPUT -p all -j QUEUE
FORWARD -p all -j QUEUE
OUTPUT -p all -j QUEUE
Что я не так делаю?
--
$uname -a
Linux localhost 2.6.10-wks26-up-alt5 #1 Tue Feb 22 17:02:48 MSK 2005 i686
unknown unknown GNU/Linux
$ lsmod
Module Size Used by
binfmt_misc 11784 1
vmnet 25244 2
vmmon 158348 0
ip_queue 11544 0
sd_mod 18064 0
sg 37664 0
sr_mod 18468 0
scsi_mod 119168 3 sd_mod,sg,sr_mod
radeon 126792 0
af_packet 22280 2
lp 11176 0
fan 5892 0
snd_intel8x0 32320 1
snd_ac97_codec 70904 1 snd_intel8x0
snd_pcm 90632 2 snd_intel8x0,snd_ac97_codec
snd_timer 25604 1 snd_pcm
snd 55268 6 snd_intel8x0,snd_ac97_codec,snd_pcm,snd_timer
soundcore 9824 1 snd
snd_page_alloc 9860 2 snd_intel8x0,snd_pcm
analog 11808 0
ns558 5632 0
gameport 4608 2 analog,ns558
tsdev 7488 0
psmouse 26764 0
parport_pc 40260 1
parport 35016 2 lp,parport_pc
8250_pnp 8576 0
8250 32548 1 8250_pnp
serial_core 22272 1 8250
floppy 58096 0
evdev 9216 0
pcspkr 3820 0
ohci_hcd 22152 0
ehci_hcd 32644 0
usbcore 116728 3 ohci_hcd,ehci_hcd
w83627hf 27552 0
i2c_sensor 3712 1 w83627hf
i2c_isa 2176 0
i2c_core 22288 3 w83627hf,i2c_sensor,i2c_isa
nls_cp866 5376 2
nls_koi8_r 5376 2
smbfs 63608 3
8139too 25600 0
mii 5120 1 8139too
ipt_MASQUERADE 3712 6
iptable_nat 26312 2 ipt_MASQUERADE
ipt_owner 3840 2
ipt_state 2048 3
iptable_filter 3712 1
ip_tables 19072 5
ipt_MASQUERADE,iptable_nat,ipt_owner,ipt_state,iptable_filter
subfs 7936 3
dm_mod 57984 0
capability 4872 0
commoncap 8192 1 capability
agpgart 33064 0
ip_conntrack_ftp 72624 0
ip_conntrack 45460 4
ipt_MASQUERADE,iptable_nat,ipt_state,ip_conntrack_ftp
processor 27948 0
button 8592 0
ac 6404 0
ide_cd 39684 0
cdrom 38684 2 sr_mod,ide_cd
rtc 12744 0
ext3 126344 2
jbd 58136 1 ext3
mbcache 8708 1 ext3
ide_disk 19328 4
ide_generic 1408 0 [permanent]
amd74xx 12572 0 [permanent]
ide_core 126288 4 ide_cd,ide_disk,ide_generic,amd74xx
--
$respect
[-- Attachment #2: Type: application/pgp-signature, Size: 190 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Comm] Re: [isp] вопросы по netams
2005-03-27 14:14 [Comm] вопросы по netams Aleksey E. Birukov
@ 2005-03-27 23:51 ` Aleksey E. Birukov
0 siblings, 0 replies; 2+ messages in thread
From: Aleksey E. Birukov @ 2005-03-27 23:51 UTC (permalink / raw)
To: isp-list; +Cc: community
[-- Attachment #1: Type: text/plain, Size: 4438 bytes --]
В сообщении от 27 Март 2005 18:14 Aleksey E. Birukov написал(a):
> Помогите решить несколько вопросов по netams
> 1. В netams.log содержится запись:
> 27.03.2005 17:44:33.9609 ds_libpcap:1 [ERR]: failed to open pcap interface:
> ioctl
>
> : No such device
>
С этим вопросом я разобрался (была ошибка в конфигурционном файле)
> 2. Следуя рекомендациям из файла netams-README.ALT добавил в свой
> rc.firewall строчки (в самый конец файла) - произошла полная блокировка
> трафика. INPUT -p all -j QUEUE
> FORWARD -p all -j QUEUE
> OUTPUT -p all -j QUEUE
>
> Что я не так делаю?
А вот этот вопрос остается открытым. netams.conf весь "дефолтный" изменен
только сетевой интерфейс. На всякий случай привожу сервис processor:
service processor
lookup-delay 60
flow-lifetime 180
policy oid 0B23C6 name ip target proto ip
policy oid 0C9869 name www target proto tcp ports 80 81 8080 3128
policy oid 034873 name mail target proto tcp ports 25 110
restrict all pass local pass
unit group oid 00DC51 name CLIENTS acct-policy ip www mail
unit host oid 095CFF name server ip 192.168.0.1 acct-policy ip www mail
unit user oid 08944A name client1 ip 192.168.0.10 email client1@domain.ru
parent
unit net oid 0558EC name LAN ip 192.168.0.0 mask 255.255.255.0 acct-policy ip
www
storage 1 all
>
> --
> $uname -a
> Linux localhost 2.6.10-wks26-up-alt5 #1 Tue Feb 22 17:02:48 MSK 2005 i686
> unknown unknown GNU/Linux
>
> $ lsmod
> Module Size Used by
> binfmt_misc 11784 1
> vmnet 25244 2
> vmmon 158348 0
> ip_queue 11544 0
> sd_mod 18064 0
> sg 37664 0
> sr_mod 18468 0
> scsi_mod 119168 3 sd_mod,sg,sr_mod
> radeon 126792 0
> af_packet 22280 2
> lp 11176 0
> fan 5892 0
> snd_intel8x0 32320 1
> snd_ac97_codec 70904 1 snd_intel8x0
> snd_pcm 90632 2 snd_intel8x0,snd_ac97_codec
> snd_timer 25604 1 snd_pcm
> snd 55268 6
> snd_intel8x0,snd_ac97_codec,snd_pcm,snd_timer soundcore 9824
> 1 snd
> snd_page_alloc 9860 2 snd_intel8x0,snd_pcm
> analog 11808 0
> ns558 5632 0
> gameport 4608 2 analog,ns558
> tsdev 7488 0
> psmouse 26764 0
> parport_pc 40260 1
> parport 35016 2 lp,parport_pc
> 8250_pnp 8576 0
> 8250 32548 1 8250_pnp
> serial_core 22272 1 8250
> floppy 58096 0
> evdev 9216 0
> pcspkr 3820 0
> ohci_hcd 22152 0
> ehci_hcd 32644 0
> usbcore 116728 3 ohci_hcd,ehci_hcd
> w83627hf 27552 0
> i2c_sensor 3712 1 w83627hf
> i2c_isa 2176 0
> i2c_core 22288 3 w83627hf,i2c_sensor,i2c_isa
> nls_cp866 5376 2
> nls_koi8_r 5376 2
> smbfs 63608 3
> 8139too 25600 0
> mii 5120 1 8139too
> ipt_MASQUERADE 3712 6
> iptable_nat 26312 2 ipt_MASQUERADE
> ipt_owner 3840 2
> ipt_state 2048 3
> iptable_filter 3712 1
> ip_tables 19072 5
> ipt_MASQUERADE,iptable_nat,ipt_owner,ipt_state,iptable_filter
> subfs 7936 3
> dm_mod 57984 0
> capability 4872 0
> commoncap 8192 1 capability
> agpgart 33064 0
> ip_conntrack_ftp 72624 0
> ip_conntrack 45460 4
> ipt_MASQUERADE,iptable_nat,ipt_state,ip_conntrack_ftp
> processor 27948 0
> button 8592 0
> ac 6404 0
> ide_cd 39684 0
> cdrom 38684 2 sr_mod,ide_cd
> rtc 12744 0
> ext3 126344 2
> jbd 58136 1 ext3
> mbcache 8708 1 ext3
> ide_disk 19328 4
> ide_generic 1408 0 [permanent]
> amd74xx 12572 0 [permanent]
> ide_core 126288 4 ide_cd,ide_disk,ide_generic,amd74xx
--
$respect
[-- Attachment #2: Type: application/pgp-signature, Size: 190 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2005-03-27 23:51 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-03-27 14:14 [Comm] вопросы по netams Aleksey E. Birukov
2005-03-27 23:51 ` [Comm] Re: [isp] " Aleksey E. Birukov
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git