Search Results

Search found 27 results on 2 pages for 'horuskol'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/2 | 1 2  | Next Page >

  • A single request appears to have come from all the browsers? Should I be worried?

    - by HorusKol
    I was looking over my site access logs when I noticed a request with the following user agent string: "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12\",\"Mozilla/5.0 (Windows; U; Windows NT 5.1; pl-PL; rv:1.8.1.24pre) Gecko/20100228 K-Meleon/1.5.4\",\"Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/540.0 (KHTML,like Gecko) Chrome/9.1.0.0 Safari/540.0\",\"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Comodo_Dragon/4.1.1.11 Chrome/4.1.249.1042 Safari/532.5\",\"Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.0.16) Gecko/2009122206 Firefox/3.0.16 Flock/2.5.6\",\"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US) AppleWebKit/533.1 (KHTML, like Gecko) Maxthon/3.0.8.2 Safari/533.1\",\"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.8pre) Gecko/20070928 Firefox/2.0.0.7 Navigator/9.0RC1\",\"Opera/9.99 (Windows NT 5.1; U; pl) Presto/9.9.9\",\"Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-HK) AppleWebKit/533.18.1 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5\",\"Seamonkey-1.1.13-1(X11; U; GNU Fedora fc 10) Gecko/20081112\",\"Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; Zune 4.0; Tablet PC 2.0; InfoPath.3; .NET4.0C; .NET4.0E)\",\"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MS-RTC LM 8; .NET4.0C; .NET4.0E; InfoPath.3)" The request appears to have originated from 91.121.153.210 - which appears to be owned by these guys: http://www.medialta.eu/accueil.html I find this rather impressive - a request from 'all' user-agents. There's actually quite a few of these requests over at least the few days - so it naturally piqued my interested. Searching Google simply seems to produce a very long list of websites which make their Apache access logs publicly available... Is this some weird indication that we're being targeted? And by who?

    Read the article

  • Google CDN - using http vs https

    - by HorusKol
    All the examples of accessing google's CDN use https:// in the URL (including on Google itself) - but this has caused a problem when testing in Safari (certificate problem and also different domain). <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script> I have switched to calling it over http instead, but just wondering if this is a mistake or security issue?

    Read the article

  • Resources for Test Driven Development in Web Applications?

    - by HorusKol
    I would like to try and implement some TDD in our web applications to reduce regressions and improve release quality, but I'm not convinced at how well automated testing can perform with something as fluffy as web applications. I've read about and tried TDD and unit testing, but the examples are 'solid' and rather simple functionalities like currency converters, and so on. Are there any resources that can help with unit testing content management and publication systems? How about unit testing a shopping cart/store (physical and online products)? AJAX? Googling for "Web Test Driven Development" just gets me old articles from several years ago either covering the same examples of calculator-like function or discussions about why TDD is better than anything (without any examples).

    Read the article

  • apt-get install is not able to access /etc

    - by HorusKol
    I put together an ubuntu 12.04 server a couple of weeks ago and everything seemed fine until this morning. Suddenly, I'm having trouble installing new packages - at first I thought there was something wrong with tinyproxy and so I tried installing squid instead. However, I get similar results: Starting tinyproxy: tinyproxy: Could not open config file "/etc/tinyproxy.conf".\ ... /var/lib/dpkg/info/squid3.postinst: 1: /var/lib/dpkg/info/squid3.postinst: cannot open /etc/squid3/squid.conf: No such file It seems that apt-get is not creating the configuration files needed for these programs. I haven't modified any configuration or user groups since the last successful update/install of packages. /etc is present, and is populated with a nice healthy tree of configuration files. It is owned and grouped to root, and has the properties drwxr-xr-x - all the files and folders inside seem to be fine to, as far as I can tell. I've even been able to edit/save a couple as sudo. Full output from installing tinyproxy: Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: tinyproxy 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0 B/61.6 kB of archives. After this operation, 201 kB of additional disk space will be used. Selecting previously unselected package tinyproxy. (Reading database ... 58916 files and directories currently installed.) Unpacking tinyproxy (from .../tinyproxy_1.8.3-1_amd64.deb) ... Processing triggers for ureadahead ... Processing triggers for man-db ... Setting up tinyproxy (1.8.3-1) ... Starting tinyproxy: tinyproxy: Could not open config file "/etc/tinyproxy.conf". invoke-rc.d: initscript tinyproxy, action "start" failed. dpkg: error processing tinyproxy (--configure): subprocess installed post-installation script returned error exit status 70 Errors were encountered while processing: tinyproxy E: Sub-process /usr/bin/dpkg returned an error code (1) Result of strace after installation: 18467 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 18467 open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3 18467 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\200\30\2\0\0\0\0\0"..., 832) = 832 18467 open("/etc/tinyproxy.conf", O_RDONLY) = -1 ENOENT (No such file or directory)

    Read the article

  • Numpad doesn't work after booting up - forced to reconnect USB keyboard after startup

    - by HorusKol
    I've tried this on two different USB keyboards - both of which work fine on a different computer running Windows XP. For some reason, the numerical keypad doesn't work probably immediately after booting up - neither the numbers work, nor the 'home' commands and so on that you can use with the numlock off. It doesn't make a difference whether I press numlock on or off - the keypad doesn't work correctly no matter what state this is in. However, once I've booted the machine I can disconnect/reconnect the USB connector for the keyboard, and it will work exactly as expected. I'm running Gnome on Ubuntu 10.04. The only other USB devices connected is a mouse - and I've experienced no problems with that. This is a direct connection to the box (not via an external USB hub)

    Read the article

  • Prevent Apache restarting automatically after upgrading packages

    - by HorusKol
    Following on from an earlier question: Is there a way to download security updates and notify admin without installing the update? A large number of packages interact with Apache (especially PHP) such that security updates to those packages can cause the server to attempt to restart the service. While my earlier question was answered, I'm now thinking that I need a different solution. So - is there are way to allow security updates to be applied using apt, have an email sent to an administrator, and, most importantly, prevent services from being restarted at the end of the installation/update process? The administrator will then be able to log in and restart the service manually.

    Read the article

  • Installed Sun Java 6 - configuration problem when running as sudo

    - by HorusKol
    I have install Sun Java 6 on an Ubuntu server and set an environment variable in the default profile as per the instructions at http://www.edugate.ie/workshop-guides/shibboleth-2-identity-provider-installation-linux-debian-or-ubuntu I then try to run an installer for a Java servlet - but when I run it as myself, it cannot create the required directory in /opt. When I run it as sudo, I am told that JAVA_HOME is not correct and it doesn't even start the installer - shouldn't this be coming from /etc/profile like it is for my normal user?

    Read the article

  • sudo: source: command not found

    - by HorusKol
    I've been updating some of the default profile for bash, and saw from the tutorials I was following that I could reload the new profile with the new environment settings by using: source /etc/bash.bashrc The only thing is - the new environment variables were only available to my current user - and were ignored when I used sudo. They only became available to sudo when I closed my terminal session and rejoined. When I try to use: sudo source /etc/bash.bashrc I get the error: sudo: source: command not found Is there a simple way to load in the new bash profile settings for sudo without having to close the terminal and restart?

    Read the article

  • broken upgrade from 10.04 to 12.04 on a VPS - recoverable?

    - by HorusKol
    I have a VPS hosted 1500 km away. It originally came with 9.10 - and this morning I decided that I really should get to an LTS release, and figured I'd jump to 12.04. Researching, I discovered that there is no direct path between 9.10 and 12.04, but that I could upgrade via 10.04. After backing up my data, I dove in. The upgrade to 10.04 was successful, and I proceeded to upgrade to 12.04. Things started to go wrong. First, I got an error with GLIBC - I retried and got the same error. That's when I stopped the upgrade. I then tried another round of apt-get update && apt-get upgrade and got a list of "unmet dependencies": apt: Depends: ubuntu-keyring but it is not going to be installed Depends: libc6 (>= 2.15) but 2.11.1-0ubuntu7.11 is to be installed Depends: libstdc++6 (>= 4.6) but 4.4.3-4ubuntu5.1 is to be installed PreDepends: dpkg (>= 1.15.7.2) but 1.15.5.6ubuntu4.6 is to be installed apt-utils: Depends: libapt-pkg-libc6.10-6-4.8 libapt-inst1.4: Depends: libc6 (>= 2.14) but 2.11.1-0ubuntu7.11 is to be installed libapt-pkg4.12: Depends: libc6 (>= 2.15) but 2.11.1-0ubuntu7.11 is to be installed Depends: libstdc++6 (>= 4.6) but 4.4.3-4ubuntu5.1 is to be installed libc6: Depends: libc-bin (= 2.11.1-0ubuntu7.11) but 2.15-0ubuntu10.2 is to be installed libept0: Depends: libapt-pkg-libc6.10-6-4.8 libnih-dbus1: Depends: libnih1 (= 1.0.3-4ubuntu9) but 1.0.1-1 is to be installed I tried to see if I could do something about these - using apt-get -f install. This told me that I would need to upgrade my kernel. I found instructions on how to do this, but when I ran apt-get to install the new linux headers, I got the same dependency errors. I found another answer here where someone else had had an interruption in their upgrade - and tried the solution that worked for them: sudo apt-get -f dist-upgrade This resulted in the error: E: Could not perform immediate configuration on 'python2.7-minimal'.Please see man 5 apt.conf under APT::Immediate-Configure for details. (2) I tried to resolve this by: apt-get install -o APT::Immediate-Configure=false -f apt python-minimal But this simply ended up with this last list of dependency errors: apt: Depends: ubuntu-keyring but it is not going to be installed Depends: libc6 (>= 2.15) but 2.11.1-0ubuntu7.11 is to be installed Depends: libstdc++6 (>= 4.6) but 4.4.3-4ubuntu5.1 is to be installed PreDepends: dpkg (>= 1.15.7.2) but 1.15.5.6ubuntu4.6 is to be installed apt-utils: Depends: libapt-pkg-libc6.10-6-4.8 libapt-inst1.4: Depends: libc6 (>= 2.14) but 2.11.1-0ubuntu7.11 is to be installed libapt-pkg4.12: Depends: libc6 (>= 2.15) but 2.11.1-0ubuntu7.11 is to be installed Depends: libstdc++6 (>= 4.6) but 4.4.3-4ubuntu5.1 is to be installed libc6: Depends: libc-bin (= 2.11.1-0ubuntu7.11) but 2.15-0ubuntu10.2 is to be installed libept0: Depends: libapt-pkg-libc6.10-6-4.8 libnih-dbus1: Depends: libnih1 (= 1.0.3-4ubuntu9) but 1.0.1-1 is to be installed python: Depends: python-minimal (= 2.6.5-0ubuntu1) but 2.7.3-0ubuntu2 is to be installed python-apt: Depends: libapt-pkg-libc6.10-6-4.8 python-minimal: Depends: python2.7-minimal (>= 2.7.3) but it is not going to be installed Breaks: python-support (< 1.0.10ubuntu2) but 1.0.4ubuntu1 is to be installed synaptic: Depends: libapt-pkg-libc6.10-6-4.8 Any ideas on how to dig out of this hole?

    Read the article

  • How to resolve "svn: Can't find a temporary directory: Internal error"?

    - by HorusKol
    I have already googled the message, and I have plenty of disk space available on the SVN server (it's about 4% usage of 150 GB). I have noticed that when I try echo $TMPDIR at the command prompt on the SVN server I get nothing. What is making this a little confusing is that I only get this message from one location when I do an svn diff (that I've tested so far) - this error is not coming up when I try from three other computers (one of which is testing against the exact same repository, the other two are different repositories on the same svn server). About the only difference I can see is that the broken working copy is connecting to the server by an IP address where all the others are using a server name (although this resolves over DNS to the same IP Address). I'm hoping that I don't have to scratch the broken working copy and checkout a new one - unfortunately, this is a legacy project and not all changes have been properly revisioned.

    Read the article

  • Right-button drag-drop function in Gnome

    - by HorusKol
    While I don't really miss the annoyances that go with working on Windows, one thing I do wish I had in Gnome is the ability to hold the right-mouse button down on a file and drag it to get the context menu asking if I want to move or copy the file. I realise the default tries to be sensible (like in Windows - defaults to move if on the same volume, or copy if on different) and that it can be overridden with <ctrl> or <shift> - but i'm still used to the right-mouse drag option and keep getting frustrated when it doesn't work...

    Read the article

  • Shibboleth: found encrypted assertions, but no CredentialResolver was available

    - by HorusKol
    I've gotten a Shibboleth Server Provider (SP) up and running, and I'm using the TestShib Identity Provider (IdP) for testing. The configuration appears to be all correct, and when I requested my secured directory I was sent to the IdP where I logged in and then was sent back to https://example.org/Shibboleth.sso/SAML2/POST where I am getting a generic error message. Checking the logs, I am told: found encrypted assertions, but no CredentialResolver was available I have rechecked the configuration, and there I have: <CredentialResolver type="File" key="/etc/shibboleth/sp-key.pem" certificate="/etc/shibboleth/sp-cert.pem"/> Both of these files are present at those locations. I've restarted apache and retried, but still get the same error. I don't know if it makes a difference - but only a subdirectory of the site has been secured - the documentroot is publicly available.

    Read the article

  • cannot mount remote partition using fstab/fuse

    - by HorusKol
    Using a combination of http://ubuntu-tutorials.com/2007/01/02/mount-remote-directories-securely-with-ssh-ubuntu-6061-610/ and http://www.tuxfiles.org/linuxhelp/fstab.html I figured I could mount the root of another computer to somewhere on my new laptop to make it easier to transfer files and stuff. Now, I can connect through SSH and browser the files through an ad-hoc mount - but I would like to be able to do this automatically, and so had a look at fstab. my new entry in fstab is: remote_comp:/ /var/remote_comp fuse defaults 0 0 but testing with mount -a results in the following error: /bin/sh: remote_comp:/: not found I thought the problem was because I was trying to mount the root of the other computer, but even trying sub-directories result in the same error message.

    Read the article

  • Change the default browser which Kopete opens when you click a link?

    - by HorusKol
    I have FireFox as my desktop's default browser (Ubuntu/Gnome 9.10) and most applications open links into FF readily enough, including Choqok (a KDE twitter client). But Kopete insists on opening Konqueror - which is annoying as it takes an age to load, while FF is almost always open an simply needs a new tab. I've checked though the preferences of Kopete, and can't seem to find anything to make it use FF.

    Read the article

  • shibboleth: tomcat failing to start IdP listener

    - by HorusKol
    I have installed a Shibboleth Identity Provider as per http://www.edugate.ie/workshop-guides/shibboleth-2-identity-provider-installation-linux-debian-or-ubuntu However, testing only gave me a 404 from Tomcat, and when I checked the Tomcat logs, I saw that the IdP listener was not starting: 10/01/2011 11:25:31 AM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor idp.xml 10/01/2011 11:25:32 AM org.apache.catalina.core.StandardContext start SEVERE: Error listenerStart 10/01/2011 11:25:32 AM org.apache.catalina.core.StandardContext start SEVERE: Context [/idp] startup failed due to previous errors The IdP descriptor file has the following context: <Context docBase="/opt/shibboleth-idp/war/idp.war" privileged="true" antiResourceLocking="false" antiJARLocking="false" unpackWAR="true" /> I have confirmed that the WAR file is located as the Context above specifies - as I have found similar issues from other people where the WAR file was not found. However, the logs posted by those people indicate that the descriptor file was correctly read by Tomcat and their problem was with the WAR file itself. I'm assuming this is some kind of syntax error with the idp.xml, but cannot determine what it might be. Also - setting the Tomcat logging level to FINEST does not provide any additional information in the logs for this error.

    Read the article

  • Change popup format for Kopete in Gnome (Ubuntu 10.04)

    - by HorusKol
    After trialling Empathy which was included with Gnome/Ubuntu 10.04 I decided to go back to Kopete since I was losing chat messages. However, for some reason, Kopete is now displaying all popups in a big, ugly window with four options (ok, cancel, view, ignore, or something like that) that actually all seem to do nothing. I tried looking for options in Kopete to change the popup style to the nicer Gnome style one which goes up in the top-right of my desktop, but it doesn't seem to be possible with this release. So I had to resort to removing all popup messages from Kopete to prevent my screen being taking over by a popup requiring action for every incoming chat message. Unfortunately, this now means that I do not get any notifications when people message me - and so I can go a couple of hours without realising that they did. Anyone know how to get the nice, unobtrusive popups working in this version?

    Read the article

  • Setting up Shibboleth to secure part of a website

    - by HorusKol
    I've installed the Shibboleth module for apache on Ubuntu 10.04 using aptitude to install libapache2-mod-shib2 as per https://groups.google.com/group/shibboleth-users/browse_thread/thread/9fca3b2af04d5ca8?pli=1 and enabled the module (I have checked in /etc/apache2/mods-enabled) I then proceeded to secure a directory on the server by placing a .htaccess file with the following directives: AuthType shibboleth ShibRequestSetting requireSession 1 Require valid-user Now - I haven't set up an SSL host yet - and I also haven't set up the IdP - but I would expect that the server would block access to this directory - but I'm getting the content without any problems. I have restarted the apache service and I have no errors in the log files.

    Read the article

  • Connecting Evolution to MS Exchange via MAPI

    - by HorusKol
    I've been trying to get some information about the MAPI plugin for Evolution - but it all seems to in pieces everywhere, and also mostly a couple of years old. Anyone had any experience with getting Evolution connecting to MS Exchange via MAPI? Unfortunately, any other connection method (IMAP or WebDAV) is not an option - either because of not being allowed or just unusable.

    Read the article

  • Change popup format for Kopete in Gnome (Ubuntu 10.04)

    - by HorusKol
    After trialling Empathy which was included with Gnome/Ubuntu 10.04 I decided to go back to Kopete since I was losing chat messages. However, for some reason, Kopete is now displaying all popups in a big, ugly window with four options (ok, cancel, view, ignore, or something like that) that actually all seem to do nothing. I tried looking for options in Kopete to change the popup style to the nicer Gnome style one which goes up in the top-right of my desktop, but it doesn't seem to be possible with this release. So I had to resort to removing all popup messages from Kopete to prevent my screen being taking over by a popup requiring action for every incoming chat message. Unfortunately, this now means that I do not get any notifications when people message me - and so I can go a couple of hours without realising that they did. Anyone know how to get the nice, unobtrusive popups working in this version?

    Read the article

  • Proxy auto-config dnsResolve doesn't seem to resolve subdomains

    - by HorusKol
    We're running on a Windows domain, and have a DNS to control computer names on our intranet. The following PAC works great for basic hostnames on our intranet - but we're setting up some subdomain-like names (example, redesign.buildbox), and it isn't resolving these. These subdomains are resolvable through other means (such as nslookup). Other than checking to see if the host has ".buildbox" or other domain, is there a way to make it work? Maybe I could try appending the Windows domain to host (can you concatenate strings in a PAC)? function FindProxyForURL(url, host) { // If IP address is internal or hostname resolves to internal IP, send direct. var resolved_ip = dnsResolve(host); if (isInNet(resolved_ip, "129.2.2.0", "255.255.255.128")) return "DIRECT"; if (isInNet(resolved_ip, "10.1.1.0", "255.255.255.0")) return "DIRECT"; if (isInNet(resolved_ip, "150.1.2.0", "255.255.255.248")) return "DIRECT"; // All other traffic uses below proxies, in fail-over order. return "PROXY 192.111.222.111:8080; DIRECT"; }

    Read the article

  • Using rsync to migrate files between windows servers: problems with Excel spreadsheets

    - by HorusKol
    We've been migrating about 220 GB of data from a Windows 2003 Server to a Windows 2008 Server, and because of the time it would take to copy that data and the necessity of keeping it available for users, I came up with the idea of using rsync on an Ubuntu server to broker the migration. (I might have gone for a proper Windows solution - but the applications I found were a bit pricey for a one-shot like this - and permissions are not a problem). All well and good - and today I'm making the last sync and confirming that the new server is up-to-date using diff, but I"ve noticed an odd thing with Excel spreadsheets (.xls). Every instance of an Excel spreadsheet that has already been copied in a previous in a previous synchronisation is being marked as "already up-to-date" by rsync. However, when I then run a diff, I'm told that the files differ. I'm manually copying them, as there are but a handful, but I was wondering what might be causing this. No other filetype in the entire 220 GB tree has had any problem like this - just the Excel/xls files. It'd be great if someone could come up with an explanation.

    Read the article

  • How secure is a subnet?

    - by HorusKol
    I have an unfortunate complication in my network - some users/computers are attached to a completely private and firewalled office network that we administer (10.n.n.x/24 intranet), but others are attached to a subnet provided by a third party (129.n.n.x/25) as they need to access the internet via the third party's proxy. I have previously set up a gateway/router to allow the 10.n.n.x/24 network internet access: # Allow established connections, and those !not! coming from the public interface # eth0 = public interface # eth1 = private interface iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the private interface iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT # Masquerade (NAT) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Don't forward any other traffic from the public to the private iptables -A FORWARD -i eth0 -o eth1 -j REJECT However, I now need to enable access to users on our 129.n.n.x/25 subnet to some private servers on the 10.n.n.x/24 network. I figured that I could do something like: # Allow established connections, and those !not! coming from the public interface # eth0 = public interface # eth1 = private interface #1 (10.n.n.x/24) # eth2 = private interface #2 (129.n.n.x/25) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -o eth2 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the private interfaces iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT # Allow the two public connections to talk to each other iptables -A FORWARD -i eth1 -o eth2 -j ACCEPT iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT # Masquerade (NAT) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Don't forward any other traffic from the public to the private iptables -A FORWARD -i eth0 -o eth1 -j REJECT iptables -A FORWARD -i eth0 -o eth2 -j REJECT My concern is that I know that the computers on our 129.n.n.x/25 subnet can be accessed via a VPN through the larger network operated by the provider - therefore, would it be possible for someone on the provider's supernet (correct term? inverse of subnet?) to be able to access our private 10.n.n.x/24 intranet?

    Read the article

  • How to set a static route for an external IP address

    - by HorusKol
    Further to my earlier question about bridging different subnets - I now need to route requests for one particular IP address differently to all other traffic. I have the following routing in my iptables on our router: # Allow established connections, and those !not! coming from the public interface # eth0 = public interface # eth1 = private interface #1 (10.1.1.0/24) # eth2 = private interface #2 (129.2.2.0/25) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -m state --state NEW ! -i eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth0 -o eth2 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the private interfaces iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -A FORWARD -i eth2 -o eth0 -j ACCEPT # Allow the two private connections to talk to each other iptables -A FORWARD -i eth1 -o eth2 -j ACCEPT iptables -A FORWARD -i eth2 -o eth1 -j ACCEPT # Masquerade (NAT) iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # Don't forward any other traffic from the public to the private iptables -A FORWARD -i eth0 -o eth1 -j REJECT iptables -A FORWARD -i eth0 -o eth2 -j REJECT This configuration means that users will be forwarded through a modem/router with a public address - this is all well and good for most purposes, and in the main it doesn't matter that all computers are hidden behind the one public IP. However, some users need to be able to access a proxy at 192.111.222.111:8080 - and the proxy needs to identify this traffic as coming through a gateway at 129.2.2.126 - it won't respond otherwise. I tried adding a static route on our local gateway with: route add -host 192.111.222.111 gw 129.2.2.126 dev eth2 I can successfully ping 192.111.222.111 from the router. When I trace the route, it lists the 129.2.2.126 gateway, but I just get * on each of the following hops (I think this makes sense since this is just a web-proxy and requires authentication). When I try to ping this address from a host on the 129.2.2.0/25 network it fails. Should I do this in the iptables chain instead? How would I configure this routing?

    Read the article

  • svn merge - moved repository to a different server, and now getting 'has different repository root'

    - by HorusKol
    This is kind of similar to http://stackoverflow.com/questions/1601021/subversion-merge-has-different-repository-root-than - but appears to be a very different cause (especially as the answer for that question didn't resolve my problem). A while back, we swapped out the server where our SVN repositories are located - but we've been using an alias so that the old server name points to the new server. I've been getting in the habit where I will use the new server name wherever I checkout new working copies - but we having made changes to most of the current working copies as they are live websites. Until now, this hasn't been a problem - except that this morning I merged in some changes from my development branch to a working copy I have of the release version and I got the message "file has different repository root" and the merge stops dead. I know this is because I'm using the new server name when the development branch was updated via the old server name - but is there a simple way to fix this? Or if not a simple way - is there a well-documented way to fix this?

    Read the article

  • jQuery event.stopPropagation is not working on <a>

    - by HorusKol
    I have the following javascript: $('#ge-display').click(function (event) { window.open('/googleearth/ge-display.php','','scrollbars=yes,menubar=no,height=650,width=1000,resizable=yes,toolbar=yes,location=no,status=no'); event.stopPropagation(); return false; }); the element with id 'ge-display' is a standard link: <a href="/googleearth/ge-display.php" id="ge-display" target="_blank">Load Google Earth Plugin (in a new window)</a> The problem is - when I take out the 'return false;' line from the click event handler, the javascript popup opens, and then another browser window opens - I thought stopPropagation() would prevent the links own click handler? I've also tried stopImmediatePropagation() - but I still need to return false to stop the default behaviour of the link.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1 2  | Next Page >