The Packets, Life and everything
FreeBSD freebsd:~ $ netstat -rWRouting tablesInternet:Destination Gateway Flags Nhop# Mtu Netif Expiredefault 11.155.93.1 UGS 6 1500 em011.155.93.0/24 link#1 U 3 1500 em011.155.93.77 link#2 UHS 5 16384 lo0localhost link#2 UH 1 16384 lo0Internet6:Destination Gateway Flags Nhop# Mtu Netif Expire::/96 link#2 URS 6 16384 lo0default fe80::1%em0 UGS 7 1500 em0localhost link#2 UHS 1 16384 lo0::ffff:0.0.0.0/96 link#2 URS …
Sometimes you may need to stop configuration Sync in an Fortinet Cluster config system ha set sync-config disableend If we are just dealing with Interfaces in a cluster we can also use fnsysctl ifconfig Links https://community.fortinet.com/t5/FortiGate/Technical-Tip-Types-of-HA-Sync/ta-p/197135
Some interestion observation over the past weeks, is that i have seen Linux is selecting only even source ports. So lets have a closer look. An exampleDoes this have any effect? How does LACP work?Does this make a difference? Yes certainly it does make a diffrence. What can we do? Where does this come from? …
Continue reading "Source Port selection on Linux results allways in even ports"
unzip <FILE>.zip tar --zstd -cvf <FILE>.tar.zstd <FOLDER> touch -r <FILE>.zip <FILE>.tar.zstd
Quick setup a Central Syslog Server https://wiki.freebsd.org/Ports/sysutils/syslog-ng Install Syslog NG pkg install syslog-ng Edit the Configuration /usr/local/etc/syslog-ng.conf @version: 4.4source s_remote { tcp(port(514)); udp(port(514));};destination d_remote { file( "/var/log/remote/${HOST}/${YEAR}_${MONTH}_${DAY}.log" create-dirs(yes) );};log { source(s_remote); destination(d_remote);}; Enables the Service sysrc syslog_ng_enable="YES" Create nessesary directory mkdir /var/log/remotechown root:wheel /var/log/remotechmod g+w /var/log/remote Start the Service service syslog-ng start
FreeBSD Wifi - RTL8821CEEdimax USB WiFi - RTL8188CUSRealtek Edimax AC600 (EW-7811UTC) - RTL8811AU FreeBSD Wifi - RTL8821CE pciconf -l -vrtw880@pci0:5:0:0: class=0x028000 rev=0x00 hdr=0x00 vendor=0x10ec device=0xc821 subvendor=0x10ec subdevice=0xc821 vendor = 'Realtek Semiconductor Co., Ltd.' device = 'RTL8821CE 802.11ac PCIe Wireless Network Adapter' class = network Driver compatiblity vi /boot/loader.confcompat.linuxkpi.skb.mem_limit=1 Enable Setting in rc.conf sysrc wlans_rtw880="wlan0"sysrc create_args_wlan0="country …
src_ip=IP | stats count earliest(_time) AS Earliest, latest(_time) AS Latest by src_ip dest_ip action wanin wanout lanin lanout | eval Earliest=strftime(Earliest,"%Y-%m-%d %H:%M:%S") | eval Latest=strftime(Latest,"%Y-%m-%d %H:%M:%S")
Get the interface IPsip a | grep inet | awk '{print $2}' | cut -d/ -f1 cphaprob -m tablestat ---- Unique IP's Table ---- Member Interface IP-Address MAC-Address (Local)0 2 13.49.132.78 00:1c:7f:c3:ff:b80 24 192.168.0.2 00:1c:7f:a5:ff:d7 1 2 13.49.132.79 00:1c:7f:c3:ff:cc1 24 192.168.0.3 00:1c:7f:a5:ff:6f https://community.checkpoint.com/t5/Security-Gateways/How-to-send-G-ARP-manually/td-p/69895 echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind ip l | grep UP | grep -v …
Lately i decided to migrate my VM ESX Servers over to FreeBSD VM bhyve Installing pkg install vm-bhyve bhyve-firmware Configuration Storage zfs create zroot/bhyve zfs set recordsize=64K zroot/bhyve zfs create zroot/bhyve/.templates Add the following lines to /etc/rc.conf: # needed for virtualization support vm_enable=โYESโ vm_dir=โzfs:zroot/bhyveโ Now, add the following line to the end of /boot/loader.conf: # needed for …
cat $FWDIR/boot/modules/fwkern.conf fw_allow_simultaneous_ping=1 fwha_monitor_all_vlan=1 vmalloc_softretry_enable=1 initial_hmem_pct=30 initial_hmemmax_pct=50 hmem_avoid_vmalloc=2 fwha_vmac_disable_promisc_on_standby=1
Check interface settings in SMS. Bond4 should be sync Mgmt should be Cluster + Sync
Patrick Marc's Networks 