Monthly Archives

Articles indexed in August 2012

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 79/88 | < Previous Page | 75 76 77 78 79 80 81 82 83 84 85 86  | Next Page >

  • RadGrid Column Sizing

    - by Bunch
    I came across this column sizing weirdness the other day. Using a RadGrid the headers looked great. The rows with the data however sized however they felt like it, usually way too small. After looking around I came across this that solved my problem. Adding the meta tag of <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> in the head section of my aspx page was what I needed. My issue was pretty specific since I had to target IE8 for the app I was working on but it may apply to other scenarios as well. Tags: ASP.Net

    Read the article

  • Handling site not found and page not found with dynamic mass virtual hosting

    - by Rick Moynihan
    I have recently setup mass virtual hosting in Apache so that all we need to do is create a directory to create a new vhost. We're then also using wildcard DNS to map all subdomains to the server running our Apache instance. This works excellently, however I'm now having trouble configuring it to fail-over to an appropriate default/error-page when the vhost directory does not exist. The problem appears to be conflated between by my desire to handle the two error conditions: vhost not found i.e. there was no directory found matching the host supplied in the HTTP host header. I'd like this to display an appropriate site not found error page. The 404 page not found condition of the vhost. Additionally I have a specialised "api" vhost in its own vhost block. I've tried a number of variations and none seem to exhibit the behaviour I want. Here's what I'm working with right now: NameVirtualHost *:80 <VirtualHost *:80> DocumentRoot /var/www/site-not-found ServerName sitenotfound.mydomain.org ErrorDocument 500 /500.html ErrorDocument 404 /500.html </VirtualHost> <VirtualHost *:80> ServerName api.mydomain.org DocumentRoot /var/www/vhosts/api.mydomain.org/current # other directives, e.g. setting up passenger/rails etc... </VirtualHost> <VirtualHost *:80> # get the server name from the Host: header UseCanonicalName Off VirtualDocumentRoot /var/www/vhosts/%0/current # other directives ... e.g proxy passing to api etc... ErrorDocument 404 /404.html </VirtualHost> My understanding is that the first vhost block is used as the default, so I have this here as my catch all site. Next I have my API vhost, and then finally my mass vhost block. So for a domain that doesn't match the first two ServerName's and has no corresponding directory in /var/www/vhosts/ I'd expect it to fall-over to the first vhost, however with this setup, all domains resolve to my default site-not-found. Why is this? By putting the mass-vhost block first, I can get the mass-vhosts to resolve properly, but not my site-not-found vhost... and in this case I can't seem to find a way to distinguish between a page-level 404 in the vhost, and the case where the VirtualDocumentRoot fails to find a vhost directory (this appears to use the 404 also). Any help out of this bind is much appreciated!

    Read the article

  • Replace a SQL Server query with another before execution

    - by Kiranu
    I am trying to work with a legacy application in SQL Server which at some point does the following query SELECT serverproperty('EngineEdition') as sqledition The server replies with 2 (which is the correct edition), but the application closes since the app demands to be run over SQL Server Express which is 4. We don't have access to the code and the developer is long gone. Is there a way to configure SQL Server so that when this query is received it simply returns 4 and not the value of the property? Thanks

    Read the article

  • Apache vhosts config: Host Name instead of IP Address

    - by Johe Green
    I have a domain (example.com) hosted at an external provider. I directed the subdomain sub.example.com to my ubuntu server (12.04 with apache2). On my ubuntu server I have a vhost setup like this. The rest of the config is basically apache 2 standard: <VirtualHost *:80> ServerName sub.example.com ServerAlias sub.example.com ServerAdmin [email protected] DocumentRoot /var/www/sub.example.com ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined WSGIScriptAlias / /home/application/sub.example.com/wsgi.py <Directory /home/application/sub.example.com> <Files wsgi.py> Order allow,deny Allow from all </Files> </Directory> </VirtualHost> When I enter http://sub.example.com in my browser my application shows up fine. But the domain is replaced by the IP address of my server. Do I have to configure my server somewhere else to deliver all its content under my domain sub.example.com?

    Read the article

  • vps running out of memory, 200MB free

    - by demon
    At the beginning of this year I took a VPS for my website because I was running against the resource limits from a shared hosting. Here are the things I know: 2GB memory, with 1GB swap Debian X64 server ED installed Software running on the webserver: mysql apache postfix pop3 imap amavisd clamd cron fail2ban munin-node pure-ftpd spamd nginx Now for the setup: Nginx listens on port 80 and handles the static files, the php side is done by apache2 running mod_php in combi with apc(no var caching!). Iam using a pretty 'busy' drupal and phpbb stack on the server, for drupal iam using boost and authcache to handle of the server load with a pressflow stack. phpbb is just phpbb3 with some mods installed, but has at max 30 users online at a time.. The problem is that its staring to use the swap after a few days after a reboot and thus the site becomes slower. I'v added pictures of monit and munin, so maybe somebody can help me out... Monit: Munin:

    Read the article

  • IPSec policies on Mac OSX

    - by Helder
    Is there a way to configure IPSec policies on a Mac OSX, in a similar way to what you can do in Windows, with "Connection Security Rules"? I need to implement a service that will use an IPSec tunnel, and I might have to provide it to Macs as well. As I don't have access to a Mac, I've done some reading, and it seems that there is something called "racoon" that handles IPSec. Can anyone confirm this? Further, we will need to use certificates for authenticating the IPsec tunnel as well (as opposed to pre-shared keys). Can anyone confirm that this is also possible from a Mac OSX? Thank you!

    Read the article

  • Name resolution not working with ipv6 on centos

    - by jolivier
    I just installed CentOs 6.3 on a server to be installed in a data center, but cannot get name resolution / curl to work. I know this is because of it trying to use ipv6, since ping google.com works, curl -4 google.com works, but not curl google.com. I removed the ipv6 adress from the interface and it does not change anything. This is very problematic since most system tools like yum fail at name resolution currently. Browsers like Firefox work because they might be using another tool for name resolution than the one use by curl. I managed to fix this on workstations by completely disabling ipv6 following tutorials like this one / hardcoding name resolution in /etc/hosts. But since I am here configuring a server which will be later installed in a remote data center, I would like not to mess up, understand what is going on and fix it properly. Besides, I will face the same issue with more servers to come so I would really appreciate your help in understanding this problem and how to solve it. I would be happy to provide more information if needed to help understand what is going on. The current network configuration is a small enterprise network, with a DNS server (let's call it A) configured once a long time ago. dig google.com and dig -4 google.com are both refused by the A DNS. But this is also true for my workstation on which curl is working (and yes they both use the same A DNS server). Indeed this faulty server and my workstation have multiple nameservers in /etc/resolv.conf, and the second one is working fine for both of them, so if I remove A from my resolv.conf everything works fine! Regards, Olivier

    Read the article

  • virtual hosts on lighttpd can't load

    - by Jake
    Thats what I did: Added following code to lighttpd.conf $HTTP["host"] =~ "(^|\.)test\.com$" { server.document-root = "/home/test" } created /home/test Restarted Lighttpd but it doesn't load anything Google chrome Error: No data received Unable to load the webpage because the server sent no data. Here are some suggestions: Reload this webpage later. Error 324 (net::ERR_EMPTY_RESPONSE): The server closed the connection without sending any data. Firefox: The connection was reset The connection to the server was reset while the page was loading. The site could be temporarily unavailable or too busy. Try again in a few moments. If you are unable to load any pages, check your computer's network connection. If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. can you please explain How can I fix this? Really Thanks

    Read the article

  • Best security practice for small networks - wifi, lan,

    - by Grimlockz
    We regularly setup small networks for clients in different locations to allow them to work on different products now the question what should be the best security practice. Currently we have a wifi enabled with WPA2 and most laptops connect to this but some will connect to a cabled switch connecting to the router. We are thinking on what we should do to increase the security on our small networks - We do have have security on the laptops so you can share directly to the other persons drive by a simple Windows user account. Some suggestions are: We get a LAN switch with ACL control and mac filtering for the hard wired connections? We get acl working on the wifi via a good Cisco router? ipSec policies on all machines? IP filtering and fixed IPs? I suppose people are worried that anyone can plug into the switches and get the access to the network . Summary: Maintain a level of decent security that can be replicated easily to every setup that we do for clients

    Read the article

  • Remote execution in Workgroup network

    - by ayyob khademi
    Consider this scenario: Please don't say that it would be better if I created a Domain network; Just consider this scenario. 10 PCs are all interconnected via a switch to a workgroup network named WORKGROUP; PCs specs(all are the same): Windows XP SP2 en (build:2600.xpsp_sp2_rtm.040803-2158) I have full physical control over my own PC (one of those 10 PCs) and what I know about the other ones: IPs of all 10 PCs. Administrator account name of all 10 PCs. Administrator account password of all 10 PCs. How can I execute an application on the other PCs???(without touching them) How can modify their registry settings???(without touching them)

    Read the article

  • Server 2008 R2 boot is at 2 hours and counting. What now?

    - by Jesse
    This morning, we rebooted our Server 2008 R2 box. No problem, came right back up. Then we shut it down and let it install windows updates. While it was off, we added some RAM. Then we turned it back on. The system came right back up to the "press ctrl-alt-delete" screen, so far, so good. I logged in. The system got as far as "Applying Group Policy" -- then spent almost an hour applying drive mappings. Finally finished that, and has now spent 30 minutes on waiting for the Event Notification Service. I still haven't been able to log in. Remote desktop service doesn't appear to be running yet. I tried viewing the event log from another machine. I see that the box is writing to the Security log, but there are no events in System or Application in the last 45 minutes. Digging through the System log of events from 45 minutes ago, I see a bunch of timeouts: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. [lots of these] A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service. A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SessionEnv service. A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Schedule service. A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CertPropSvc service. What can I do? Should I try shutting it down remotely, or will that do more damage?

    Read the article

  • Oracle (xe) 10 vs 11 . Have I lost the SQL tuning pages ? Am I going out of my mind?

    - by Richard Green
    Ok .. so perhaps the title needs calming down a bit, but basically I am after the xe 11g equivalent of the pages that you can see here : http://docs.oracle.com/cd/B25329_01/doc/admin.102/b25107/getstart.htm#BABHJAGE whcih you can then navigate to stuff like "top 50 queries" and "longest running queries" etc etc. For the life of me, I can't find that on the most recent xe edition. Please can someone direct me to where I might find these very useful admin pages ! Or was I imagining it all along :-/ Edit: These are the pages I am after: http://docs.oracle.com/cd/B25329_01/doc/admin.102/b25107/monitoring.htm

    Read the article

  • Cannot log-in in the install of phpmyadmin on Ubuntu

    - by Sylario
    I just installed phpmyadmin and i am trying to login in /phpmyadminpath/setup. I am greeted by an invite similar to an apache protected folder (log/password displayed in a browser pop-up, not an html popup) asking for login pass. I cannot login using system password(root) or mysql passsword(also root) I already have rails app using this mysql, and i checked the mysql password in the config files. I cannot run any mysql command in my console because of the following error : ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) What is wrong with phpmyadmin and mysql?

    Read the article

  • NMap route determination on Windows 7 x64

    - by user30772
    C:\Windows\system32>nmap --iflist Starting Nmap 6.01 ( http://nmap.org ) at 2012-08-31 06:51 Central Daylight Time ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MTU MAC eth0 (eth0) fe80::797f:b9b6:3ee0:27b8/64 ethernet down 1500 5C:AC:4C:E9:2D:46 eth0 (eth0) 169.254.39.184/4 ethernet down 1500 5C:AC:4C:E9:2D:46 eth1 (eth1) fe80::5c02:7e48:8fbe:c7c9/64 ethernet down 1500 00:FF:3F:7C:7C:2B eth1 (eth1) 169.254.199.201/4 ethernet down 1500 00:FF:3F:7C:7C:2B eth2 (eth2) fe80::74e4:1ab7:1b7d:a0d0/64 ethernet up 1500 14:FE:B5:BA:8A:C3 eth2 (eth2) 10.0.0.0.253/24 ethernet up 1500 14:FE:B5:BA:8A:C3 eth3 (eth3) fe80::b03e:ddf5:bb5c:5f76/64 ethernet up 1500 00:50:56:C0:00:01 eth3 (eth3) 169.254.95.118/16 ethernet up 1500 00:50:56:C0:00:01 eth4 (eth4) fe80::b175:831d:e60:27b/64 ethernet up 1500 00:50:56:C0:00:08 eth4 (eth4) 192.168.153.1/24 ethernet up 1500 00:50:56:C0:00:08 lo0 (lo0) ::1/128 loopback up -1 lo0 (lo0) 127.0.0.1/8 loopback up -1 tun0 (tun0) fe80::100:7f:fffe/64 point2point down 1280 tun1 (tun1) (null)/0 point2point down 1280 tun2 (tun2) fe80::5efe:a9fe:5f76/128 point2point down 1280 tun3 (tun3) (null)/0 point2point down 1280 tun4 (tun4) fe80::5efe:c0a8:9901/128 point2point down 1280 tun5 (tun5) fe80::5efe:ac14:fd/128 point2point down 1280 DEV WINDEVICE eth0 \Device\NPF_{0024872A-5A41-42DF-B484-FB3D3ED3FCE9} eth0 \Device\NPF_{0024872A-5A41-42DF-B484-FB3D3ED3FCE9} eth1 \Device\NPF_{3F7C7C2B-9AF3-45BB-B96E-2F00143CC2F7} eth1 \Device\NPF_{3F7C7C2B-9AF3-45BB-B96E-2F00143CC2F7} eth2 \Device\NPF_{08116FE5-F0FF-498A-9BF1-515528C57C13} eth2 \Device\NPF_{08116FE5-F0FF-498A-9BF1-515528C57C13} eth3 \Device\NPF_{AA83C6CE-AB2E-4764-92D1-CDEAFBA7AD21} eth3 \Device\NPF_{AA83C6CE-AB2E-4764-92D1-CDEAFBA7AD21} eth4 \Device\NPF_{D0679889-E9D4-411D-BDC5-F4DDB758E151} eth4 \Device\NPF_{D0679889-E9D4-411D-BDC5-F4DDB758E151} lo0 <none> lo0 <none> tun0 <none> tun1 <none> tun2 <none> tun3 <none> tun4 <none> tun5 <none> **************************ROUTES************************** DST/MASK DEV GATEWAY 192.168.153.255/32 eth0 255.255.255.255/32 eth0 255.255.255.255/32 eth0 127.0.0.1/32 eth0 127.255.255.255/32 eth0 255.255.255.255/32 eth0 169.254.95.118/32 eth0 169.254.255.255/32 eth0 10.0.0.0.253/32 eth0 255.255.255.255/32 eth0 10.0.0.0.255/32 eth0 255.255.255.255/32 eth0 192.168.153.1/32 eth0 255.255.255.255/32 eth0 10.0.0.0.0/24 eth0 192.168.153.0/24 eth0 10.10.10.0/24 eth0 10.0.0.0.4 169.254.0.0/16 eth0 127.0.0.0/8 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 0.0.0.0/0 eth0 10.0.0.0.1 JMeterX - I worded that way in hopes of raising answer efficnecy, but that probably wasnt the smartest choice. IMHO the problem (could be a symptom) is that nmap retardedly chooses eth0 as the gateway interface for any and all networks. Here's the result: C:\Windows\system32>nmap 10.0.0.55 Starting Nmap 6.01 ( http://nmap.org ) at 2012-08-31 07:43 Central Daylight Time Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn Nmap done: 1 IP address (0 hosts up) scanned in 0.95 seconds C:\Windows\system32>nmap -e eth2 10.0.0.55 Starting Nmap 6.01 ( http://nmap.org ) at 2012-08-31 07:44 Central Daylight Time Nmap scan report for esxy5.dionne.net (10.0.0.55) Host is up (0.00070s latency). Not shown: 991 filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 427/tcp open svrloc 443/tcp open https 902/tcp open iss-realsecure 5988/tcp closed wbem-http 5989/tcp open wbem-https 8000/tcp open http-alt 8100/tcp open xprint-server MAC Address: 00:1F:29:59:C7:03 (Hewlett-Packard Company) Nmap done: 1 IP address (1 host up) scanned in 5.29 seconds Just to be clear, this is what makes absolutly no sense to me whatsoever. For reference, I've included similar info from an Ubuntu (that works normally) vm on the affected host below. Jacked Windows 7 **************************ROUTES************************** DST/MASK DEV GATEWAY 192.168.153.255/32 eth0 255.255.255.255/32 eth0 255.255.255.255/32 eth0 127.0.0.1/32 eth0 127.255.255.255/32 eth0 255.255.255.255/32 eth0 169.254.95.118/32 eth0 169.254.255.255/32 eth0 10.0.0.0.253/32 eth0 255.255.255.255/32 eth0 10.0.0.0.255/32 eth0 255.255.255.255/32 eth0 192.168.153.1/32 eth0 255.255.255.255/32 eth0 10.0.0.0.0/24 eth0 192.168.153.0/24 eth0 10.10.10.0/24 eth0 10.0.0.0.4 169.254.0.0/16 eth0 127.0.0.0/8 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 224.0.0.0/4 eth0 0.0.0.0/0 eth0 10.0.0.0.1 Working Ubuntu VM root@ubuntu:~# nmap --iflist Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-31 07:44 PDT ************************INTERFACES************************ DEV (SHORT) IP/MASK TYPE UP MAC lo (lo) 127.0.0.1/8 loopback up eth0 (eth0) 172.20.0.89/24 ethernet up 00:0C:29:0A:C9:35 eth1 (eth1) 192.168.225.128/24 ethernet up 00:0C:29:0A:C9:3F eth2 (eth2) 192.168.150.128/24 ethernet up 00:0C:29:0A:C9:49 **************************ROUTES************************** DST/MASK DEV GATEWAY 192.168.225.0/0 eth1 192.168.150.0/0 eth2 172.20.0.0/0 eth0 169.254.0.0/0 eth0 0.0.0.0/0 eth0 172.20.0.1 root@ubuntu:~# nmap esxy2 Starting Nmap 5.21 ( http://nmap.org ) at 2012-08-31 07:44 PDT Nmap scan report for esxy2 (172.20.0.52) Host is up (0.00036s latency). rDNS record for 172.20.0.52: esxy2.dionne.net Not shown: 994 filtered ports PORT STATE SERVICE 80/tcp open http 427/tcp closed svrloc 443/tcp open https 902/tcp closed iss-realsecure 8000/tcp open http-alt 8100/tcp open unknown MAC Address: 00:04:23:B1:FA:6A (Intel) Nmap done: 1 IP address (1 host up) scanned in 4.76 seconds

    Read the article

  • Apache stops serving requests when connections increase

    - by Gunjan
    The values for MaxClients, ServerLimit etc parameters are quite high (4000). Available RAM on the server is high too (~8G). Load average remains below 1 on a 24 core CPU. But when the number of visitors on the website increase apache just stops serving requests. The apache error log is blank and access log shows no more requests coming in. Restarting apache makes it work again until the number of requests increases again. Any ideas where to start looking? UPDATE Getting the below errors in apache error log on running it with LogLevel Debug [info] server seems busy, (you may need to increase StartServers, or Min/MaxSpareServers), spawning 32 children, there are 479 idle, and 1027 total children

    Read the article

  • Transparent proxy which preserves client mac address

    - by A G
    I have a customer that wants to intercept SSL traffic as it leaves their network. My proposed solution is to setup a proxy that is transparent and both layer 2 and layer 3 so it can simply be dropped into their network without any change in config required. The proxy has two NICs, one connected to the server, the other to the client. The client, proxy and gateway are under control of the customer, the server is not. For example: client --- Proxy --- gateway -|- server I have my proxy program configured with IP_TRANSPARENT socket option to it can respond to connections destined for a remote IP. I am using the following setup: iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --on-port 3128 --tproxy-mark 1/1 iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 1 ip rule add fwmark 1/1 table 1 ip route add local 0.0.0.0/0 dev lo table 1 The client in question is on its own subnet and has been configured so that the proxy is the default gateway. The result is: Client sends a frame to the proxy; source IP is client, source mac is client, destination IP is server, destination mac is proxy Proxy forwards this frame to the gateway; source IP is proxy, source mac is proxy, destination IP is server, destination mac is gateway Gateway forwards this to the server and gets a response back. Gateway sends reply back to proxy; source IP is server, source mac is gateway, destination IP is proxy, destination mac is proxy Proxy forwards this reply to client; source IP is server, source mac is proxy, destination IP is client, destination mac is client. The tproxy and iptables configuration lets the proxy send packets with a non local ip address. Is there a way to make something transparent at the mac address level? That is, put the client on the same subnet as the gateway. The gateway sees the source IP and mac as that of the client, even though they originated from the proxy. Could this be done by configuring the proxy as a bridge then use ebtables to escalate the traffic to be handled by iptables? When I use ebtables to push something up to iptables, it appears my proxy program doesn't respond to the packets as they are destined for the gateways's mac address, not the proxy's. What are some other potential avenues I could investigate? EDIT: When the client and gateway are on different subnets (and client has set the proxy as the gateway), it works as described in 1 to 5. But I want to know if it is possible to have the client and gateway on the same subnet and have the proxy fully transparent (ie client is not aware of the proxy). Thanks! EDIT 2: I can configure the proxy as a bridge using brctl, but cannot find a way to direct this traffic to my proxy program - asked here Possible for linux bridge to intercept traffic?. Currently, with the description numbered 1 to 5, it operates at layer 3; it is transparent on the client side (client thinks it is talking to the server's IP), but not on the gateway side (gateway is talking to the proxy's IP). What I want to find out is, is it possible to make this operate at layer 2, so it is fully transparent? What are the available options I should research? Thanks

    Read the article

  • Puppet permissions issue reported on client

    - by Jon Skarpeteig
    err: /File[/var/lib/puppet/lib]: Failed to generate additional resources using 'eval_generate': Error 400 on SERVER: Not authorized to call search on /file_metadata/plugins with {:ignore=>[".svn", "CVS", ".git"], :recurse=>true, :checksum_type=>"md5", :links=>"manage"} err: /File[/var/lib/puppet/lib]: Could not evaluate: Error 400 on SERVER: Not authorized to call find on /file_metadata/plugins Could not retrieve file metadata for puppet://example.com/plugins: Error 400 on SERVER: Not authorized to call find on /file_metadata/plugins What exactly causes this error, and how to fix it?

    Read the article

  • NGINX 301 and 302 serving small nginx document body. Any way to remove this behaviour?

    - by anonymous-one
    We have noticed that when using nginx internal 301 and 302 handling, nginx will serve a small document body with the appropriate Location: ... header. Something along the lines of (in html): 301 redirect - nginx. As appropriate in the above behaviour, a content-type text/html and content-length header is also sent. We do a lot of 302 and some 301 redirects, the above behaviour is wasted bandwidth in our opinion. Any way to disable this behaviour? One idea that crossed our mind was to set error_page 301 302 to an empty text file. We have not tested this yet, but I am assuming even with the above, the content-type and content-length (0) headers will be sent. So, is there a clean way to send a "body-less" 301/302 redirect with nginx?

    Read the article

  • Possible for linux bridge to intercept traffic?

    - by A G
    I have a linux machine setup as a bridge between a client and a server; brctl addbr0 brctl addif br0 eth1 brctl addif br0 eth2 ifconfig eth1 0.0.0.0 ifconfig eth2 0.0.0.0 ip link set br0 up I also have an application listening on port 8080 of this machine. Is it possible to have traffic destined for port 80 to be passed to my application? I have done some research and it looks like it could be done using ebtables and iptables. Here is the rest of my setup: //set the ebtables to pass this traffic up to ip for processing; DROP on the broute table should do this ebtables -t broute -A BROUTING -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP //set iptables to forward this traffic to my app listening on port 8080 iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --on-port 8080 --tproxy-mark 1/1 iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 1/1 //once the flows are marked, have them delivered locally via loopback interface ip rule add fwmark 1/1 table 1 ip route add local 0.0.0.0/0 dev lo table 1 //enable ip packet forwarding echo 1 > /proc/sys/net/ipv4/ip_forward However nothing is coming into my application. Am I missing anything? My understanding is that the target DROP on the broute BROUTING chain will push it up to be processed by iptables. Secondly, are there any other alternatives I should investigate? Edit: IPtables gets it at nat PREROUTING, but it looks like it drops after that; the INPUT chain (in either mangle or filter) doesn't see the packet.

    Read the article

  • Allowing users in from an IP address without certificate client authentication

    - by John
    I need to allow access to my site without SSL certificates from my office network and with SSL certificates outside. Here is my configuration: <Directory /srv/www> AllowOverride All Order deny,allow Deny from all # office network static IP Allow from xxx.xxx.xxx.xxx SSLVerifyClient require SSLOptions +FakeBasicAuth AuthName "My secure area" AuthType Basic AuthUserFile /etc/httpd/ssl/index Require valid-user Satisfy Any </Directory> When I'm inside network and have certificate - I can access. When I'm inside network and haven't certificate - I can't access, it requires certificate. When I'm outside network and have certificate - I can't access, it shows me basic login screen When I'm outside network and haven't certificate - I can't access, it shows me basic login screen and following configuration works perfectly <Directory /srv/www> AllowOverride All Order deny,allow Deny from all Allow from xxx.xxx.xxx.xxx AuthUserFile /srv/www/htpasswd AuthName "Restricted Access" AuthType Basic Require valid-user Satisfy Any </Directory>

    Read the article

  • Amazon EC2 Elastic Load Balancing - strategy for zero downtime server restart

    - by Yoga
    I have 5 web servers (Apache/mod_perl) behind Amazon EC2 Elastic Load Balancing, when I deploy codes to the web servers, I am doing this.. For each machine, shutdown the Apache Update the code Start over the server and proceed to the next server I think when my server is shutdown, ELB will not distribute request to my server, but how about the request still serving? I think a better approach is Stop accepting new request from ELB Sleep for sometimes, shutdown web server only if all requests are responded Update the codes Start the server again But how to perform (1) and (2) from my local sever? Do I need to use AWS API? or other easy way to do it? Thanks.

    Read the article

  • Fedora 11 System - Failed Hard Drive Removed, and Boot gets GRUB Hard Disk Error

    - by Mindful
    Greetings, I have a machine with a 120GB ATA drive that has what I thought to be non-essential data on it. I also have a 320GB SATA hard drive with the OS/Application/Files (good data I want to keep). My 120GB ATA is failing I believe, as my computer kept slowing to a halt. However, when I move the drive from BIOS my computer will not start, says "GRUB Hard Disk Error". I know that my Fedora system has an LVM setup. I am looking to just remove the 120GB drive from "the mix", and just have one hard drive. How do I recover ? Thank you. I have access to a Linux Live CD right now and can make any changes. However, it won't boot into my OS - it fails. UPDATE: here's my Grub.Conf # grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE: You have a /boot partition. This means that # all kernel and initrd paths are relative to /boot/, eg. # root (hd1,0) # kernel /vmlinuz-version ro root=/dev/VolGroup00/LogVol00 # initrd /initrd-version.img #boot=/dev/sda1 default=0 timeout=5 splashimage=(hd1,0)/grub/splash.xpm.gz hiddenmenu title Fedora (2.6.30.10-105.2.23.fc11.i686.PAE) root (hd1,0) kernel /vmlinuz-2.6.30.10-105.2.23.fc11.i686.PAE ro root=/dev/VolGroup00/LogVol00 rhgb quiet initrd /initrd-2.6.30.10-105.2.23.fc11.i686.PAE.img title Fedora (2.6.30.9-102.fc11.i686.PAE) root (hd1,0) kernel /vmlinuz-2.6.30.9-102.fc11.i686.PAE ro root=/dev/VolGroup00/LogVol00 rhgb quiet initrd /initrd-2.6.30.9-102.fc11.i686.PAE.img title Fedora (2.6.27.24-170.2.68.fc10.i686.PAE) root (hd1,0) kernel /vmlinuz-2.6.27.24-170.2.68.fc10.i686.PAE ro root=/dev/VolGroup00/LogVol00 rhgb quiet initrd /initrd-2.6.27.24-170.2.68.fc10.i686.PAE.img title Fedora (2.6.27.24-170.2.68.fc10.i686) root (hd1,0) kernel /vmlinuz-2.6.27.24-170.2.68.fc10.i686 ro root=/dev/VolGroup00/LogVol00 rhgb quiet initrd /initrd-2.6.27.24-170.2.68.fc10.i686.img title Fedora (2.6.27.21-170.2.56.fc10.i686) root (hd1,0) kernel /vmlinuz-2.6.27.21-170.2.56.fc10.i686 ro root=/dev/VolGroup00/LogVol00 rhgb quiet initrd /initrd-2.6.27.21-170.2.56.fc10.i686.img title Fedora (2.6.27.19-170.2.35.fc10.i686) root (hd1,0) kernel /vmlinuz-2.6.27.19-170.2.35.fc10.i686 ro root=/dev/VolGroup00/LogVol00 rhgb quiet initrd /initrd-2.6.27.19-170.2.35.fc10.i686.img title Upgrade to Fedora 10 (Cambridge) kernel /upgrade/vmlinuz preupgrade repo=hd::/var/cache/yum/preupgrade stage2=http://chi-10g-1-mirror.fastsoft.net/pub/linux/fedora/linux/releases/10/Fedora/i386/os/images/install.img ks=hd:UUID=f11769ba-29bc-46de-8c40-a949720a438e:/upgrade/ks.cfg initrd /upgrade/initrd.img title Win rootnoverify (hd0,0) chainloader +1

    Read the article

  • Best way to build / implement a corporate developer Linux distro with multiple kernels?

    - by Garen
    At work we have Linux users who understandably prefer using Ubuntu. Problem is, we also have developer tools that only work with 'officially' supported Linux distributions that use much older 2.6.18 based kernels. (And even if they worked with newer ones, the vendors could always say they won't "support" the software unless it's on one of their 'officially' supported platforms.) We could of course just tell them to use CentOS or something else 2.6.18-based, and I'm sure their response would be something like: "you can take Ubuntu from our cold, dead hands." :) Which brings to me some questions--is there any good/easy/recommended way to run something like Ubuntu as a host VM and Centos 5.x as a guest OS (with which system--Xen,KVM,VMWare, ...?), and then roll that into our own custom internal distribution that could be easily installed? KVM looks like a good high-performance option just recently included in RHEL 5.4, but if hardware support for virtualization like Intel-VT or AMD-V is necessary, then I'd guess only those folks with fairly new PCs will be able to do it. Would be very interested to hear how anyone else has addressed this kind issue. EDIT: The target audience / users of this kind of system would be developers, each one needs to run locally licensed commercial software, so building out some separate beefy central machines isn't an option unfortunately due to license restrictions. Even if that weren't the case, a couple developers could quickly eat up the resources with parallel builds. :) Ideally, I was hoping there was some step-by-step guide out there to build your own pre-built distribution that had e.g. CentOS 5.x and Ubuntu Desktop as a guest.

    Read the article

  • What is the risk of introducing non standard image machines to a corporate environment

    - by Troy Hunt
    I’m after some feedback from those in the managed desktop or network security space on the risks of introducing machines that are not built on a standard desktop image into a large corporate environment. This particular context relates to the standard corporate image (32 bit Win XP) in a large multi-national not being suitable for a particular segment of users. In short, I’m looking at what hurdles we might come across by proposing the introduction of machines which are built and maintained by a handful of software developers and not based on the corporate desktop image (proposing 64 bit Win 7). I suspect the barriers are primarily around virus definition updates, the rollout of service packs and patches and the compatibility of existing applications with the newer OS. In terms of viruses and software updates, if machines were using common virus protection software with automated updates and using Windows Update for service packs and patches, is there still a viable risk to the corporate environment? For that matter, are large corporate environments normally vulnerable to the introduction of a machine not based on a standard image? I’m trying to get my head around how real the risk of infection and other adverse events are from machines being plugged into the network. There are multiple scenarios outside of just the example above where this might happen (i.e. a vendor plugging in a machine for internet access during a presentation). Would a large corporate network normally be sufficiently hardened against such innocuous activity? I appreciate the theory as to why policies such as standard desktop images exist, I’m just interested in the actual, practical risk and how much a network should be protected by means other than what is managed on individual PCs.

    Read the article

  • Developer hardware autonomy in a managed desktop environment [closed]

    - by Troy Hunt
    I’m looking for some feedback on how developer PCs are managed within environments that have a strict managed desktop policy (normally large corporations). For example, many corporate environments control the installation of software and the deployment of patches and virus updates through a centralised channel. This usually means also dictating the OS version and architecture (32 bit versus 64 bit) which will likely also mean standardised hardware configurations. I’m particularly interested in feedback from developers who work in this sort of environment but have a high degree of autonomy over their machines. This might mean choosing your own hardware vendor, OS type and version and perhaps how the machines are built and maintained. I have several specific questions: How do you satisfy the needs of security, governance etc whilst maintaining your autonomy? For example, how do you address concerns about keeping virus definitions and OS patches up to date? Do you have a process for gaining exemption from standard desktop builds and if so, what do you need to demonstrate in order to get this? How have you justified this need to the decision makers? Essentially, what is the benefit to your role as a developer by having this degree of autonomy? Thanks very much everyone. Update: There's a great post from Jean-Paul Boodhoo which addresses the developer tool component of the quesiton here: http://blog.jpboodhoo.com/TheFallacyOfTheStandardizedDeveloperMachineimage.aspx

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 75 76 77 78 79 80 81 82 83 84 85 86  | Next Page >