Search Results

Search found 95574 results on 3823 pages for 'mac osx server'.

Page 124/3823 | < Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131  | Next Page >

  • How to open a server port outside of an OpenVPN tunnel with a pf firewall on OSX (BSD)

    - by Timbo
    I have a Mac mini that I use as a media server running XBMC and serves media from my NAS to my stereo and TV (which has been color calibrated with a Spyder3Express, happy). The Mac runs OSX 10.8.2 and the internet connection is tunneled for general privacy over OpenVPN through Tunnelblick. I believe my anonymous VPN provider pushes "redirect_gateway" to OpenVPN/Tunnelblick because when on it effectively tunnels all non-LAN traffic in- and outbound. As an unwanted side effect that also opens the boxes server ports unprotected to the outside world and bypasses my firewall-router (Netgear SRX5308). I have run nmap from outside the LAN on the VPN IP and the server ports on the mini are clearly visible and connectable. The mini has the following ports open: ssh/22, ARD/5900 and 8080+9090 for the XBMC iOS client Constellation. I also have Synology NAS which apart from LAN file serving over AFP and WebDAV only serves up an OpenVPN/1194 and a PPTP/1732 server. When outside of the LAN I connect to this from my laptop over OpenVPN and over PPTP from my iPhone. I only want to connect through AFP/548 from the mini to the NAS. The border firewall (SRX5308) just works excellently, stable and with a very high throughput when streaming from various VOD services. My connection is a 100/10 with a close to theoretical max throughput. The ruleset is as follows Inbound: PPTP/1723 Allow always to 10.0.0.40 (NAS/VPN server) from a restricted IP range >corresponding to possible cell provider range OpenVPN/1194 Allow always to 10.0.0.40 (NAS/VPN server) from any Outbound: Default outbound policy: Allow Always OpenVPN/1194 TCP Allow always from 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) OpenVPN/1194 UDP Allow always to 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) Block always from NAS to any On the Mini I have disabled the OSX Application Level Firewall because it throws popups which don't remember my choices from one time to another and that's annoying on a media server. Instead I run Little Snitch which controls outgoing connections nicely on an application level. I have configured the excellent OSX builtin firewall pf (from BSD) as follows pf.conf (Apple App firewall tie-ins removed) (# replaced with % to avoid formatting errors) ### macro name for external interface. eth_if = "en0" vpn_if = "tap0" ### wifi_if = "en1" ### %usb_if = "en3" ext_if = $eth_if LAN="{10.0.0.0/24}" ### General housekeeping rules ### ### Drop all blocked packets silently set block-policy drop ### all incoming traffic on external interface is normalized and fragmented ### packets are reassembled. scrub in on $ext_if all fragment reassemble scrub in on $vpn_if all fragment reassemble scrub out all ### exercise antispoofing on the external interface, but add the local ### loopback interface as an exception, to prevent services utilizing the ### local loop from being blocked accidentally. ### set skip on lo0 antispoof for $ext_if inet antispoof for $vpn_if inet ### spoofing protection for all interfaces block in quick from urpf-failed ############################# block all ### Access to the mini server over ssh/22 and remote desktop/5900 from LAN/en0 only pass in on $eth_if proto tcp from $LAN to any port {22, 5900, 8080, 9090} ### Allow all udp and icmp also, necessary for Constellation. Could be tightened. pass on $eth_if proto {udp, icmp} from $LAN to any ### Allow AFP to 10.0.0.40 (NAS) pass out on $eth_if proto tcp from any to 10.0.0.40 port 548 ### Allow OpenVPN tunnel setup over unprotected link (en0) only to VPN provider IPs ### and port ranges pass on $eth_if proto tcp from any to a.b.8.0/24 port 1194:1201 ### OpenVPN Tunnel rules. All traffic allowed out, only in to ports 4100-4110 ### Outgoing pings ok pass in on $vpn_if proto {tcp, udp} from any to any port 4100:4110 pass out on $vpn_if proto {tcp, udp, icmp} from any to any So what are my goals and what does the above setup achieve? (until you tell me otherwise :) 1) Full LAN access to the above ports on the mini/media server (including through my own VPN server) 2) All internet traffic from the mini/media server is anonymized and tunneled over VPN 3) If OpenVPN/Tunnelblick on the mini drops the connection, nothing is leaked both because of pf and the router outgoing ruleset. It can't even do a DNS lookup through the router. So what do I have to hide with all this? Nothing much really, I just got carried away trying to stop port scans through the VPN tunnel :) In any case this setup works perfectly and it is very stable. The Problem at last! I want to run a minecraft server and I installed that on a separate user account on the mini server (user=mc) to keep things partitioned. I don't want this server accessible through the anonymized VPN tunnel because there are lots more port scans and hacking attempts through that than over my regular IP and I don't trust java in general. So I added the following pf rule on the mini: ### Allow Minecraft public through user mc pass in on $eth_if proto {tcp,udp} from any to any port 24983 user mc pass out on $eth_if proto {tcp, udp} from any to any user mc And these additions on the border firewall: Inbound: Allow always TCP/UDP from any to 10.0.0.40 (NAS) Outbound: Allow always TCP port 80 from 10.0.0.40 to any (needed for online account checkups) This works fine but only when the OpenVPN/Tunnelblick tunnel is down. When up no connection is possbile to the minecraft server from outside of LAN. inside LAN is always OK. Everything else functions as intended. I believe the redirect_gateway push is close to the root of the problem, but I want to keep that specific VPN provider because of the fantastic throughput, price and service. The Solution? How can I open up the minecraft server port outside of the tunnel so it's only available over en0 not the VPN tunnel? Should I a static route? But I don't know which IPs will be connecting...stumbles How secure would to estimate this setup to be and do you have other improvements to share? I've searched extensively in the last few days to no avail...If you've read this far I bet you know the answer :)

    Read the article

  • Mysterious "media" volume mounted on desktop Mac OS X

    - by Allen
    I have a mysterious volume mounted on my desktop that I can't seem to forcibly unmount. I've tried using umount and also diskutil, but it seems to automatically remount itself. I've copied my hdd with Time Machine, and copied it onto a new computer, and it also has the drive mounted on it. It's not pointing to anything and I can't open it, nor can I forcibily remove it by hand with rm -Rf. Any ideas? I noticed this problem after I upgraded to Mountain Lion from Lion. It causes problems because when I try to select a file using the built in Finder dialog box, it freezes for a few minutes because it tries to cache or read into the "media" mounted volume.

    Read the article

  • Open original Microsoft Office document (not "version 1") on Mac OS X Lion restart

    - by FlyingMolga
    My MacBook Pro running Lion has been frequently freezing lately, and I've had to restart with the power button. When Lion starts up again, the Microsoft Office applications that were running start and load different autosaved versions of the documents I had open (i.e. it does not open abc.xlsx but [version 1] of abc.xlsx). Sometimes it also opens the original files. Several times I've inputted data into these "version 1" files, only to try to save it and realize that it isn't the original file and is sometimes missing data that is contained in the original file. Is there any way to make autorecover open the actual document with the unsaved changes, instead of making a new temporary version?

    Read the article

  • Spoof MAC address in Windows 7: Bypass

    - by lpd
    I am trying to spoof the MAC address of my new Win7 laptop. To do so I tried specifying an alternate value from the Device Manager which took no effect. I also tried from the registry, as per other threads here, to no avail. Interestingly I also found the registry contained a path 000X\Ndi\params\NetworkAddress\default REG_SZ, but changing that had no effect either :( I can only guess I share the same issue here: http://forums.anandtech.com/showthread.php?t=2096480 as the wireless adaptor is the same brand bundled with the same operating system. So my question is - is there anything better I can do to achieve a spoofed physical address than rollback the drivers to some older version?

    Read the article

  • Cross join problem query

    - by user66121
    i have following table structure HUB_DETAILS (Master) Branch_ID Branch_Name VTRCheckList (Master) CLid CLName VTRCheckListDetails (Detail) CLid Branch_ID VTRValue vtrRespDate Actually when i run the following query it does comes with all the Checklist names alongwith all branch names but shows the value in every branch infact only 1 branch has data in the given date criteria. it should show 0 if there is no data in checklist of the respective branch. SELECT VTRCheckList.CLName, Hub_Details.BranchName, sum(cast(VTRCheckListDetails.VtrValue as int)) as 'Total' FROM VTRCheckListDetails INNER JOIN VTRCheckList ON VTRCheckListDetails.CLid = VTRCheckList.CLid CROSS JOIN Hub_Details where Convert(date,VTRCheckListDetails.vtrRespDate, 105) >= convert(date,'01-01-2011',105) and Convert(date, VTRCheckListDetails.vtrRespDate, 105) <= convert(date,'30-01-2011',105) GROUP BY VTRCheckList.CLName, Hub_Details.BranchName

    Read the article

  • Linux USB to work as cd rom on mac

    - by user157483
    I am working in driver development in linux USB modules. I have written driver for usb and it is working as cd rom in windows machine 1)I made first partation as fat32 "modprobe g_hidmass file=/dev/mmcblk0p1 cdrom=1 stall=0 removable=1" this works fine in windows 2)I made first partation as hfs partation "modprobe g_hidmass file=/dev/mmcblk0p1 cdrom=1 stall=0 removable=1" but same thing i applied with hfs partation in MAC it is getting error like this "The disk you inserted was not readable by this computer" in diskutil it is shown as CD-rom but not reading the file system. frame like this Please help me how can I overcome this error...

    Read the article

  • mac os x, find all symbolic links that point to files on a different volume

    - by Eddified
    In my ~ dir, I have some symlinks that point to "/Volumes/Macintosh HD 2/..." and I want to find them all recursively. A look at the man page for 'find' says the '-lname' argument will search the symbolic link contents. It appears to work, but not recursively: $ pwd /Users/myusername $ sudo find . -lname '/Volumes*' $ cd Documents/ $ sudo find . -lname '/Volumes*' ./Documents on Win7 ./work.rtf What's going on? How can I make this work recursively? -- The 'find' program is supposed to always work recursively. I checked perms, they look ok, but as you can see I used "sudo" just to be sure... no dice. $ ls -ld Documents/ drwx------+ 14 myusername staff 476 Jan 12 16:32 Documents/

    Read the article

  • Resetting default Input Method in Mac OS 10.6

    - by Tim Visher
    I'm a Dvorak guy. I recently installed a new machine at the inlaws who are not Dvorak people. I stupidly selected Dvorak as my Input Method of choice while installing OS X. Now, all of the users I created default to Dvorak and need to go through the manual process of removing Dvorak as their Input Method of choice and instead choosing U.S. I have no idea how far reaching the implications might be. Could be that any time another user is added they will default to Dvorak. Right now, I'd like to set the default back to U.S. How can I do that? Behaviors I'm looking for include that when the Input Menu is not shown at the Login Screen, U.S. is the keyboard layout. Any future users created should default to U.S. with no Input Menu in the menu bar. Any users created already should have their default layout be U.S. Thanks in advance!

    Read the article

  • PATH env variable on Mac OS X and/or Eclipse

    - by Jason S
    When I print out the path in bash, it prints this: /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11/bin When I run System.out.println(System.getenv("PATH")); in Java running under Eclipse, it prints /usr/bin:/bin:/usr/sbin:/sbin How can I figure out why there is this discrepancy? I need to add /usr/local/bin to the PATH and make it available to Java apps under Eclipse. (note: I have made no modifications system paths, so these are the defaults set by the OS or perhaps by one or more of the applications i've installed.)

    Read the article

  • Repair corrupt hard disk on Mac without install CD

    - by Sarah
    The hard disk of my late 2009 MacBook Pro appears to have become corrupted. I am traveling and do not have my install CD (and won't for several weeks, nor will I be anywhere near an Apple store). The hard disk is not the original, which failed in June 2011. It's some Hitachi replacement installed by IT. History: I was typing an email this afternoon, my computer suddenly started making soft clicking sounds and then froze. I was not moving around. I rebooted, which took a while. I heard more clicking sounds and the computer froze at least once again. It's now kind of working, with mdworker sucking up one CPU. There are no awkward hard drive sounds when I run Chrome or play music. However, when I launched Stickies, I found no trace of my saved Stickies. I ran a live disk verification from within Disk Utility, and it reported Problem: As reported, I don't have access to an installation disc and am nowhere near an area where I can get one for at least two weeks. I have the option of asking someone to go to some trouble and expense to get one for me, but I'm not sure it's worth it: I've read that I can use fsck from single-user mode to repair the disk. Should I just try this? Is it risky? I'm concerned that the clicky sound portends imminent (mechanical) hard drive failure, so it's not worth doing a silly repair. This hard disk is backed up, but I definitely won't be able to access the backup while traveling. I'd like to maximize the probability that I can keep using my computer (and all its current files) while traveling. Update I bit the bullet and ran fsck -fy from single-user mode. It only needed one pass (modification) to reach the "okay" stage. However, rebooting took nearly 5 min and involved several rounds of scratchy sounds and a few bad clicks. I'm now back to kind of using my computer (the same files are missing as before). When I ran live disk verification from Disk Utility this time, however, it reported that the volume appears to be OK. Am I right to infer from the scratchy sounds, however, that my hard drive is still rapidly on its way out? Is there anything else I can do to increase its functionality over the next few weeks?

    Read the article

  • Mac PPC_7100 ROM for SheepShaver?

    - by Good_quess
    Hello everybody, I still own a PPC 7100/80av, that I bought in early 1995. The Mac is still running fine, but I am not using it often these days. I recently came across SheepShaver and would like to take my old games and apps to the emulation. For SheepShaver I would like to use a copy of my 7100's ROM. Did anybody succeed in saving a working copy of this machines ROM? I tried CopyRom and GetRom, but all I ever saved was a 4MB file good for nothing. I am just wondering what I am missing. Any ideas would be very welcome. Thank you!

    Read the article

  • Git completion __git_ps1 really slow on Mac

    - by mckeed
    I've had __git_ps1 in my bash prompt for a while, but just recently (I noticed it after I did some messing around with Homebrew and rbenv), it has slowed down my prompt horribly. When I'm in a git directory I have to wait 3-4 seconds after every command for the prompt to appear. If I just mash return and watch the Activity Monitor, it shows that distnoted and Finder are using more CPU than normal during the delay. Could something git-completion.bash is doing be triggering a notification to Finder? Maybe it involves folder actions or something?

    Read the article

  • Rsync to a WebDAV filesystem on OSX copies all files regardless of being changed or not.

    - by MarceloR
    I am trying to sync my (Mac) desktop, with an iPad and an iPhone. OSX mounts WebDAV as a native filesystem, but syncing results in all files in my directory structure being copied again. This occurs when I use rsync -a or even a simple rsync -r. Various iPhone OS apps use the WebDAV server in iPhone OSX to transfer files. This occurs on several apps I use including GoodReader.

    Read the article

  • How to run a command from anywhere in Mac OS X

    - by pabloruiz55
    I need to use a command for converting my images to pvrtc. It is located in /Developer/Platforms/iPhoneOS.platform/Developer/usr/bin/texturetool. Right now I have to be inside that folder to be able to use the command. How can I set it up so I can run this command from anywhere? Thanks

    Read the article

  • Mac always boots with incorrect display gamma (for years now including Lion)

    - by Alex Wayne
    I think somewhere, something got installed but I have no idea what or how to fix it :( Basically, my old MacBook Pro running 10.5 Leopard had a problem where on boot it would show everything on the screen in a very sort of crunched color space. Everything below 15% white would just be pure black, everything above 85% white would be pure white and all colors look to be a touch more saturated. It's garish. To fix it, I found that I could boot into almost any fullscreen 3D game. When the game launches, the colors would still be off, but when I then quite the game and return the desktop everything is normal again. I've noticed Blizzard games work most reliably for this (World of Warcraft or Starcraft2). This problem has followed me through the years. When I upgraded to an iMac I migrated everything over to it, and the issue now happens on the iMac too. I then got a new MacBook Pro for work and migrated my iMac over to that, and it has the problem too. I had thought that it was an OS bug, but upgrading to 10.6 Snow Leopard didn't fix it and neither did 10.7 Lion. Furthermore I can't find any reference on any forum or help site where anyone else has this problem. If anyone has any idea what processes or settings or apps I should look at to figure out why this is happening I should would appreciate it! It looks sort of irresponsible when I open my laptop in the office to work and then boot up Starcraft 2 full screen...

    Read the article

  • Mac OS X: How to change the color label of files from the Terminal

    - by Svish
    Is there a way I can set the color label of a file to some color when in the Terminal? I know that the following command lists some info about what the color currently is, but I can't figure out how to do something about it. Like change it. mdls -name kMDItemFSLabel somefile.ext The reason I would like to know is that I want to recursively mark all files in a folder of a certain type with a certain color label (in my case gray). I know how to do the finding: find . -name "*.ext" And I know how I can run the command afterwards for each file using -exec, but I need to know how to do the actual labeling... I would like a solution that only involves commands built-in to Mac OS X. So preferably no 3rd party stuff, unless there is no other way.

    Read the article

  • Script apparently changing file permissions on Mac OS to 000

    - by half_bit
    I wrote a little shellscript that helps installing a web application. The script itself just downloads a zip archive, extracts it and changes the permissions of the extracted files to the one needed to run the webapp. The problem now is that some users reported that after running my script, all the permissions of every file in their home directory or even on their whole computer changed to 000 (except the actual unzipped files which do have the correct permissions). The only lines in my script actually doing IO are these: URL="http://foo.com/" FILENAME="some.zip" curl --silent "$URL$FILENAME" -o $FILENAME > /dev/null echo "Unzipping...\c" if unzip -oqq $FILENAME > /dev/null then chmod -R 777 app/tmp app/webroot app/Config/database* app/configuration* chown -R www:www * rm $FILENAME echo "\t\t\tOK" exit 0 else echo "\t\t\tERROR" exit 1 fi I seriously can't explain this to myself. How can this even be possible? It is entirely possible that the users accidentally ran the script in their home directory, but that still wouldn't explain why the permissions where set to 000, not www/777.

    Read the article

  • Mac has IP address, can connect to router but can't connect outside

    - by partition
    Weird problem, my MacBook can't connect anywhere right now! The router works, it gets an IP, it can log into to the router but it can't resolve anything! The router works as I connected another device to it and it connected to the net. The MacBook doesn't have any strange DNS configurations either, just 192.168.1.1 for the router I even tried tethering it to my phone, and it still would not connect to the net... help?

    Read the article

  • Mac OS X - detect file system read

    - by quano
    I want to know what files a specific application is trying to access on my disk. I know that you can use fs_usage, but this outputs events from all applications. I know that you can target a single application, but only one that is already running. I want to detect all readfile-events an application is trying to do, ever since it is started. I don't want to miss out on any event. How do you achieve this?

    Read the article

  • Mac terminal: Resource temporarily unavailable

    - by user167108
    I'm getting an error message in the Mac Terminal when I try to run several different processes. I did some googling and looking on this site, and found out that it might be related to having too many processes running at one time. However, I'm getting these error messages when I only have a few windows open (much fewer than I was accustomed to having). Looking in activity Monitor, my %User number is at around 25%, and the %System number is around 15%. In the past, I have had both much much higher (until the people at the Apple store told me to keep an eye on it). So with these numbers lower now, what explains the Resource temporarily unavailable error message? heroku (cloud hosting) console -bash: fork: Resource temporarily unavailable -bash-3.2$ upon opening new window in the terminal sh: fork: Resource temporarily unavailable sh: fork: Resource temporarily unavailable trying to run -bash: fork: Resource temporarily unavailable

    Read the article

  • mac os x default editor for .dotsystemfiles

    - by jasonkuhrt
    This is a seemingly simple question but I can't find an answer so far despite search quite a bit. I'd like that when I open a .dotsystemfile in finder (i.e. .htaccess or .vimrc) it opens in a different editor than textedit. Doing the regular change-all in the info panel won't do the trick as it gives the following error: " An error occurred while changing the application that opens “.vimrc” because not enough information is available. Do you want to open “.vimrc” with “MacVim.app”? " This isn't a huge issue but it is like a small splinter that I've love removed. Thanks for any helpful information.

    Read the article

< Previous Page | 120 121 122 123 124 125 126 127 128 129 130 131  | Next Page >