Search Results

Search found 10550 results on 422 pages for 'syntax rules'.

Page 229/422 | < Previous Page | 225 226 227 228 229 230 231 232 233 234 235 236  | Next Page >

• Apache url rewrite to Nginx

  - by Kaloyan

  i work on a little php platform and my server is nginx. The first version of this php site was developed for Apache server. I need to upgrade the site and to migrate it to nginx server. The problem is url rewriting. I have this simple url rewrite rules in my Apache server: RewriteEngine On RewriteBase /simple-php/ RewriteCond %{REQUEST_FILENAME} !-d [NC] RewriteCond %{REQUEST_FILENAME} !-f [NC] RewriteRule ^(.*)$ viewpost.php?id=$1 [QSA,L] I can't "translate" this to nginx rewrite syntax. Can anybody help me? P.S. I can read both documentations, but i have not this time, just need fast solution. Thanks!

  Read the article

• windows 2008 R2 TS printer security - can't take owership

  - by Ian

  I have a Windows 2008 R2 server with Terminal server role installed. I'm seeing a problem with an ordinary user who is member of local printer operators group on the server. If the user opens a cmd window using ‘run as administrator’ they can run printmanager.msc without needing to enter their password again. In printmanager they can change the ownership of redirected (easy print) printers without problems. If, from the same cmd window, they use subinacl to try and change the onwership of the queue to themselves they get access denied: >subinacl.exe /printer "_#MyPrinter (2 redirected)" /setowner="MyDom\MyUsr" Elapsed Time: 00 00:00:00 Done: 1, Modified 0, Failed 1, Syntax errors 0 Last Done : _#MyPrinter (2 redirected) Last Failed: _#MyPrinter (2 redirected) - OpenPrinter Error : 5 Access denied so, same context, same action but one works and one doesn't. Any ideas for this odd behaviour? I'm using subinacl x86 on an x64 server as I can't find anything more up to date. I've tried with icacls and others but couldn't get them to do anything with printers.

  Read the article

• is there any valid reason for users to request phpinfo()

  - by The Journeyman geek

  I'm working on writing a set of rules for fail2ban to make life a little more interesting for whoever is trying to bruteforce his way into my system. A good majority of the attempts tend to revolve around trying to get into phpinfo() via my webserver -as below GET //pma/config/config.inc.php?p=phpinfo(); HTTP/1.1 GET //admin/config/config.inc.php?p=phpinfo(); HTTP/1.1 GET //dbadmin/config/config.inc.php?p=phpinfo(); HTTP/1.1 GET //mysql/config/config.inc.php?p=phpinfo(); HTTP/1.1 I'm wondering if there's any valid reason for a user to attempt to access phpinfo() via apache, since if not, i can simply use that, or more specifically the regex GET //[^>]+=phpinfo\(\) as a filter to eliminate these attacks

  Read the article

• Can only connect to sql server express 2012 via named pipes

  - by YetAnotherDeveloper

  I have sql server express 2012 installed on windows 2008, locally everything works just fine i can connect via tcpip and named pipes. Remotely i can connect with ssms only using named pipes. I have tried disabling the firewall on both sides to eliminate blocking traffic. i have toggled the tcpip setting on and off (i read somewhere that they got it working just but flipping them off and back on). I have double/triple checked all the settings that i'm aware of and everything seems to be correct. Tcp is enabled Tcp port is set to 1433, udp port is set to 1434 Server has static ip Start up log says: Server is listening on [ 'any' 1433]. Firewall rules are in place Any suggestions on things that i can look into? i have really just run out of ideas.

  Read the article

• PhpMyAdmin Hangs On MySQL Error

  - by user75228

  I'm currently running PhpMyAdmin 4.0.10 (the latest version supporting PHP 4.2.X) on my Amazon EC2 connecting to a MySQL database on RDS. Everything works perfectly fine except actions that return a mysql error message. Whether I perform "any" kind of action that will return a mysql error, Phpmyadmin will hang with the yellow "Loading" box forever without displaying anything. For example, if I perform the following command in MySQL CLI : select * from 123; It instantly returns the following error : ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '123' at line 1 which is completely normal because table 123 doesn't exist. However, if I execute the exact same command in the "SQL" box in Phpmyadmin, after I click "Go" it'll display "Loading" and stops there forever. Has anyone ever encountered this kind of issue with Phpmyadmin? Is this a bug or I have something wrong with my config.inc.php? Any help would be much appreciated. I also noticed these error messages in my apache error logs : /opt/apache/bin/httpd: symbol lookup error: /opt/php/lib/php/extensions/no-debug-non-zts-20060613/iconv.so: undefined symbol: libiconv_open /opt/apache/bin/httpd: symbol lookup error: /opt/php/lib/php/extensions/no-debug-non-zts-20060613/iconv.so: undefined symbol: libiconv_open /opt/apache/bin/httpd: symbol lookup error: /opt/php/lib/php/extensions/no-debug-non-zts-20060613/iconv.so: undefined symbol: libiconv_open Below are my config.inc.php settings : <?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * phpMyAdmin sample configuration, you can use it as base for * manual configuration. For easier setup you can use setup/ * * All directives are explained in documentation in the doc/ folder * or at <http://docs.phpmyadmin.net/>. * * @package PhpMyAdmin */ /* * This is needed for cookie based authentication to encrypt password in * cookie */ $cfg['blowfish_secret'] = 'something_random'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ /* * Servers configuration */ $i = 0; /* * First server */ $i++; /* Authentication type */ $cfg['Servers'][$i]['auth_type'] = 'cookie'; /* Server parameters */ $cfg['Servers'][$i]['host'] = '*.rds.amazonaws.com'; $cfg['Servers'][$i]['connect_type'] = 'tcp'; $cfg['Servers'][$i]['compress'] = true; /* Select mysql if your server does not have mysqli */ $cfg['Servers'][$i]['extension'] = 'mysqli'; $cfg['Servers'][$i]['AllowNoPassword'] = false; $cfg['LoginCookieValidity'] = '3600'; /* * phpMyAdmin configuration storage settings. */ /* User used to manipulate with storage */ $cfg['Servers'][$i]['controlhost'] = '*.rds.amazonaws.com'; $cfg['Servers'][$i]['controluser'] = 'pma'; $cfg['Servers'][$i]['controlpass'] = 'password'; /* Storage database and tables */ $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin'; $cfg['Servers'][$i]['bookmarktable'] = 'pma__bookmark'; $cfg['Servers'][$i]['relation'] = 'pma__relation'; $cfg['Servers'][$i]['table_info'] = 'pma__table_info'; $cfg['Servers'][$i]['table_coords'] = 'pma__table_coords'; $cfg['Servers'][$i]['pdf_pages'] = 'pma__pdf_pages'; $cfg['Servers'][$i]['column_info'] = 'pma__column_info'; $cfg['Servers'][$i]['history'] = 'pma__history'; $cfg['Servers'][$i]['table_uiprefs'] = 'pma__table_uiprefs'; $cfg['Servers'][$i]['tracking'] = 'pma__tracking'; $cfg['Servers'][$i]['designer_coords'] = 'pma__designer_coords'; $cfg['Servers'][$i]['userconfig'] = 'pma__userconfig'; $cfg['Servers'][$i]['recent'] = 'pma__recent'; /* Contrib / Swekey authentication */ // $cfg['Servers'][$i]['auth_swekey_config'] = '/etc/swekey-pma.conf'; /* * End of servers configuration */ /* * Directories for saving/loading files from server */ $cfg['UploadDir'] = ''; $cfg['SaveDir'] = ''; /** * Defines whether a user should be displayed a "show all (records)" * button in browse mode or not. * default = false */ //$cfg['ShowAll'] = true; /** * Number of rows displayed when browsing a result set. If the result * set contains more rows, "Previous" and "Next". * default = 30 */ $cfg['MaxRows'] = 50; /** * disallow editing of binary fields * valid values are: * false allow editing * 'blob' allow editing except for BLOB fields * 'noblob' disallow editing except for BLOB fields * 'all' disallow editing * default = blob */ //$cfg['ProtectBinary'] = 'false'; /** * Default language to use, if not browser-defined or user-defined * (you find all languages in the locale folder) * uncomment the desired line: * default = 'en' */ //$cfg['DefaultLang'] = 'en'; //$cfg['DefaultLang'] = 'de'; /** * default display direction (horizontal|vertical|horizontalflipped) */ //$cfg['DefaultDisplay'] = 'vertical'; /** * How many columns should be used for table display of a database? * (a value larger than 1 results in some information being hidden) * default = 1 */ //$cfg['PropertiesNumColumns'] = 2; /** * Set to true if you want DB-based query history.If false, this utilizes * JS-routines to display query history (lost by window close) * * This requires configuration storage enabled, see above. * default = false */ //$cfg['QueryHistoryDB'] = true; /** * When using DB-based query history, how many entries should be kept? * * default = 25 */ //$cfg['QueryHistoryMax'] = 100; /* * You can find more configuration options in the documentation * in the doc/ folder or at <http://docs.phpmyadmin.net/>. */ ?>

  Read the article

• IIS7 Rewrite rule being duplicated across 2 different websites (unwanted)

  - by Matt

  We have a IIS7 on Windows Server 2008. It is hosting a handful of sites, on a handful of ip addresses. 2 of those sites are actually wildcards on the domain: *.firstdomain.com *.seconddomain.com However, I am finding that any URL Rewrite rules I add for one of these "websites", is automatically in the URL Rewrite section for the other. Similarly, if I disable the rule in in one, it disables in the other. This doesn't happen with the other sites defined on this server, just these two. I look at the parent (top level, the server as a whole), and the rule is not there. Any idea what's going on here?

  Read the article

• Forward request through IPTables

  - by Jeremy

  I have a server running CentOS with 50 IP addresses on it. I was looking to use it as a proxy server (not just HTTP), but can't find any examples on how to set up the IP Tables. I want to proxy into IP-X and have my request look like its coming from IP-X. I currently do this on squid, but we need to proxy more than just HTTP traffic. Here is an example of the squid config: acl users src 255.255.255.255 #Locked down IP address acl all src 0.0.0.0/0.0.0.0 # http access rules http_access deny !users http_access allow users http_reply_access deny !users http_reply_access allow users icp_access deny all #ip_addresses acl ip3 myip 10.1.1.3 tcp_outgoing_address 10.1.1.3 ip3 Do to IP restrictions I need access to IMAP, POP and SMTP through a proxy. I want to use the server I already pay for that has 50 IPs on it as the proxy server.

  Read the article

• Firewall still blocking port 53 despite listing otherwise?

  - by Tom

  I have 3 nodes with virtually the same iptables rules loaded from a bash script, but one particular node is blocking traffic on port 53 despite listing it's accepting it: $ iptables --list -v Chain INPUT (policy DROP 8886 packets, 657K bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo any anywhere anywhere 2 122 ACCEPT icmp -- any any anywhere anywhere icmp echo-request 20738 5600K ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- eth1 any anywhere node1.com multiport dports http,smtp 0 0 ACCEPT udp -- eth1 any anywhere ns.node1.com udp dpt:domain 0 0 ACCEPT tcp -- eth1 any anywhere ns.node1.com tcp dpt:domain 0 0 ACCEPT all -- eth0 any node2.backend anywhere 21 1260 ACCEPT all -- eth0 any node3.backend anywhere 0 0 ACCEPT all -- eth0 any node4.backend anywhere Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 15804 packets, 26M bytes) pkts bytes target prot opt in out source destination nmap -sV -p 53 ns.node1.com // From remote server Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2011-02-24 11:44 EST Interesting ports on ns.node1.com (1.2.3.4): PORT STATE SERVICE VERSION 53/tcp filtered domain Nmap finished: 1 IP address (1 host up) scanned in 0.336 seconds Any ideas? Thanks

  Read the article

• What is the right iptables rule to allow apt-get to download programs?

  - by anthony01

  When I type something like sudo apt-get install firefox, everything work until it asks me: After this operation, 77 MB of additional disk space will be used. Do you want to continue [Y/n]? Y Then error messages are displayed: Failed to fetch: <URL> My iptables rules are as follows: -P INPUT DROP -P OUTPUT DROP -P FORWARD DROP -A INPUT -i lo -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A INPUT -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT -A OUTPUT -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT What should I add to allow apt-get to download updates? Thanks

  Read the article

• Is there a convenient method to pull files from a server in an SSH session?

  - by tel

  I often SSH into a cluster node for work and after processing want to pull several results back to my local machine for analysis. Typically, to do this I use a local shell to scp from the server, but this requires a lot of path manipulation. I'd prefer to use a syntax like interactive FTP and just 'pull' files from the server to my local pwd. Another possible solution might be to have some way to automatically set up my client computer as an ssh alias so that something like scp results home:~/results would work as expected. Is there any obscure SSH trick that'll do this for me? Working from grawity's answer, a complete solution in config files is something like local .ssh/config: Host ex HostName ssh.example.com RemoteForward 10101 localhost:22 ssh.example.com .ssh/config: Host home HostName localhost Port 10101 which lets me do commands exactly like scp results home: transferring the file results to my home machine.

  Read the article

• Log with iptalbes which user is delivering email to port 25

  - by Maus

  Because we got blacklisted on CBL I set up the following firewall rules with iptables: #!/bin/bash iptables -A OUTPUT -d 127.0.0.1 -p tcp -m tcp --dport 25 -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --gid-owner mail -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --uid-owner root -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --uid-owner Debian-exim -j ACCEPT iptables -A OUTPUT -p tcp -m limit --limit 15/minute -m tcp --dport 25 -j LOG --log-prefix "LOCAL_DROPPED_SPAM" iptables -A OUTPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable I'm not able to connect to port 25 from localhost with another user than root or a mail group member - So it seems to work. Still some questions remain: How effective do you rate this rule-set to prevent spam coming from bad PHP-Scripts hosted on the server? Is there a way to block port 25 and 587 within the same statement? Is the usage of /usr/sbin/sendmail also limited or blocked by this rule-set? Is there a way to log the username of all other attempts which try to deliver stuff to port 25?

  Read the article

• Privoxy rule to block Facebook spying

  - by bignose

  Recently, my server's Privoxy rules to block Facebook's spying have failed. How can I block current Facebook spying links? Since soon after [the inception of Facebook's so-called “Open Graph” cross-site tracking widgets][1] (those “Like” bugs on numerous websites), I blocked them by using this rule (in user.action) on our site's Privoxy server: { +block-as-image{People-tracking button.} } .facebook.com/(plugins|widgets)/(like|fan).* That worked fine; the spying bugs no longer appeared on any web page. Today I noticed that they're all making it past that filter [edit: no, they're not]. SOLUTION: The proxy was being silently ignored, though this was not obvious in the client. The above rule continues to work fine.

  Read the article

• Unable to change IP address for eth0 without restart in Ubuntu

  - by Rodnower

  I have Ubuntu 12.04.1 installed. I tried to change the IP address of the interface eth0 in /etc/network/interfaces from 192.168.1.3 to 192.168.1.4 auto lo iface lo inet loopback pre-up iptables-restore < /etc/iptables.up.rules auto eth0 iface eth0 inet static address 192.168.1.4 gateway 192.168.1.1 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 sudo service networking status When I issue: sudo service networking restart I get this response: stop: Unknown instance: networking stop/waiting And IP remains 192.168.1.3: eth0 Link encap:Ethernet HWaddr 00:1e:33:71:cd:a4 inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::21e:33ff:fe71:cda4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3861 errors:0 dropped:0 overruns:0 frame:0 TX packets:3291 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3423285 (3.4 MB) TX bytes:521854 (521.8 KB) Interrupt:45 Base address:0x4000 Only after restart does the IP change. Any ideas?

  Read the article

• getting a weird error whenever I try restarting apache

  - by Binny Zupnick

  I'm trying to install apache, php5, mysql, and phpmyadmin. And I'm following a tutorial but this error keeps happening here's the error: apache2: Syntax error on line 227 of /etc/apache2/apache2.conf: Could not open configuration file /etc/phpmyadmin/apache.conf: No such file or directory Action 'configtest' failed. The Apache error log may have more information. ...fail! I've tried removing all of them and reinstalling but, to no avail. I'm pulling my hair out over this so, thanks in advance! =) edit: during the tutorial I screwed up and deleting something, lol, so I know that's the issue I just don't know what to do about it now

  Read the article

• Routing connections to passthrough a local machine

  - by xiamx

  Please tell me if what I'm trying to do is feasible. I have a router named "R" which is connected to WAN. R allows adding rules to the routing table. There are numerous of machines connected to the LAN port of R, they all have ip addresses 192.168.1.* assigned with DHCP on R. Among those machines, there's a machine C with ip address 192.168.1.100. I want all traffic of other machines in the subnet to pass-through machine C where some filtering and logging will be done. Is this possible? Is there a name for what I'm trying to do? (so i can do more googling later)

  Read the article

• postfix cannot send email

  - by AKLP

  I'd like to mention that im really new to this so please bear with me. I'm trying to setup a forum software to send emails via postfix but I think my server has the port 25 blocked. I tried running these: works: ping alt2.gmail-smtp-in.l.google.com don't work: telnet alt2.gmail-smtp-in.l.google.com 25 telnet 66.249.93.114 25 tried flushing iptables and then using these rules but didn't work either: sudo iptables --flush sudo iptables -P INPUT ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -P FORWARD ACCEPT sudo iptables -F sudo iptables -X doing a telnet on 25 port to localhost url works but nothing when telnet'ing in none local urls. mail.log: Oct 17 01:20:24 webhost postfix/smtp[3642]: connect to alt2.gmail-smtp-in.l.google.com[2607:f8b0:400e:c03::1a]:25: Connection timed out Oct 17 01:20:24 webhost postfix/smtp[3643]: connect to alt2.gmail-smtp-in.l.google.com[2607:f8b0:400e:c03::1a]:25: Connection timed out Oct 17 01:20:24 webhost postfix/smtp[3642]: 4744380032: to=<[email protected]>, relay=none, delay=2892, delays=2741/0.03/150/0, dsn=4.4.1, status=deferred (connect to alt2.gmail-smtp-in.l.google.com[2607:f$

  Read the article

• How to configure something like "Reflexive ACL" on OpenBSD?

  - by Earlz

  My U-Verse modem has something called "Reflexive ACL" described as Reflexive ACL: When IPv6 is enabled, you can enable Reflexive Access Control Lists to deny inbound IPv6 traffic unless this traffic results from returning outgoing packets (except as configured through firewall rules). This seems like a pretty good way to keep from having to maintain a firewall on each computer behind my router that gets handed an IPv6 address. It sounds about like a NAT, which for my small home network is all I want right now. Now my modem sucks as a router though, so I'm in the process of configuring an OpenBSD router to do that. I've got IPv6 supported and all that and my OpenBSD router will hand out IPv6 addresses by rtadvd. Now I want to keep people from having instant access to my local network through IPv6. How would I best do something like Reflexive ACL with pf in OpenBSD 5.0?

  Read the article

• How to open a server port outside of an OpenVPN tunnel with a pf firewall on OSX (BSD)

  - by Timbo

  I have a Mac mini that I use as a media server running XBMC and serves media from my NAS to my stereo and TV (which has been color calibrated with a Spyder3Express, happy). The Mac runs OSX 10.8.2 and the internet connection is tunneled for general privacy over OpenVPN through Tunnelblick. I believe my anonymous VPN provider pushes "redirect_gateway" to OpenVPN/Tunnelblick because when on it effectively tunnels all non-LAN traffic in- and outbound. As an unwanted side effect that also opens the boxes server ports unprotected to the outside world and bypasses my firewall-router (Netgear SRX5308). I have run nmap from outside the LAN on the VPN IP and the server ports on the mini are clearly visible and connectable. The mini has the following ports open: ssh/22, ARD/5900 and 8080+9090 for the XBMC iOS client Constellation. I also have Synology NAS which apart from LAN file serving over AFP and WebDAV only serves up an OpenVPN/1194 and a PPTP/1732 server. When outside of the LAN I connect to this from my laptop over OpenVPN and over PPTP from my iPhone. I only want to connect through AFP/548 from the mini to the NAS. The border firewall (SRX5308) just works excellently, stable and with a very high throughput when streaming from various VOD services. My connection is a 100/10 with a close to theoretical max throughput. The ruleset is as follows Inbound: PPTP/1723 Allow always to 10.0.0.40 (NAS/VPN server) from a restricted IP range >corresponding to possible cell provider range OpenVPN/1194 Allow always to 10.0.0.40 (NAS/VPN server) from any Outbound: Default outbound policy: Allow Always OpenVPN/1194 TCP Allow always from 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) OpenVPN/1194 UDP Allow always to 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) Block always from NAS to any On the Mini I have disabled the OSX Application Level Firewall because it throws popups which don't remember my choices from one time to another and that's annoying on a media server. Instead I run Little Snitch which controls outgoing connections nicely on an application level. I have configured the excellent OSX builtin firewall pf (from BSD) as follows pf.conf (Apple App firewall tie-ins removed) (# replaced with % to avoid formatting errors) ### macro name for external interface. eth_if = "en0" vpn_if = "tap0" ### wifi_if = "en1" ### %usb_if = "en3" ext_if = $eth_if LAN="{10.0.0.0/24}" ### General housekeeping rules ### ### Drop all blocked packets silently set block-policy drop ### all incoming traffic on external interface is normalized and fragmented ### packets are reassembled. scrub in on $ext_if all fragment reassemble scrub in on $vpn_if all fragment reassemble scrub out all ### exercise antispoofing on the external interface, but add the local ### loopback interface as an exception, to prevent services utilizing the ### local loop from being blocked accidentally. ### set skip on lo0 antispoof for $ext_if inet antispoof for $vpn_if inet ### spoofing protection for all interfaces block in quick from urpf-failed ############################# block all ### Access to the mini server over ssh/22 and remote desktop/5900 from LAN/en0 only pass in on $eth_if proto tcp from $LAN to any port {22, 5900, 8080, 9090} ### Allow all udp and icmp also, necessary for Constellation. Could be tightened. pass on $eth_if proto {udp, icmp} from $LAN to any ### Allow AFP to 10.0.0.40 (NAS) pass out on $eth_if proto tcp from any to 10.0.0.40 port 548 ### Allow OpenVPN tunnel setup over unprotected link (en0) only to VPN provider IPs ### and port ranges pass on $eth_if proto tcp from any to a.b.8.0/24 port 1194:1201 ### OpenVPN Tunnel rules. All traffic allowed out, only in to ports 4100-4110 ### Outgoing pings ok pass in on $vpn_if proto {tcp, udp} from any to any port 4100:4110 pass out on $vpn_if proto {tcp, udp, icmp} from any to any So what are my goals and what does the above setup achieve? (until you tell me otherwise :) 1) Full LAN access to the above ports on the mini/media server (including through my own VPN server) 2) All internet traffic from the mini/media server is anonymized and tunneled over VPN 3) If OpenVPN/Tunnelblick on the mini drops the connection, nothing is leaked both because of pf and the router outgoing ruleset. It can't even do a DNS lookup through the router. So what do I have to hide with all this? Nothing much really, I just got carried away trying to stop port scans through the VPN tunnel :) In any case this setup works perfectly and it is very stable. The Problem at last! I want to run a minecraft server and I installed that on a separate user account on the mini server (user=mc) to keep things partitioned. I don't want this server accessible through the anonymized VPN tunnel because there are lots more port scans and hacking attempts through that than over my regular IP and I don't trust java in general. So I added the following pf rule on the mini: ### Allow Minecraft public through user mc pass in on $eth_if proto {tcp,udp} from any to any port 24983 user mc pass out on $eth_if proto {tcp, udp} from any to any user mc And these additions on the border firewall: Inbound: Allow always TCP/UDP from any to 10.0.0.40 (NAS) Outbound: Allow always TCP port 80 from 10.0.0.40 to any (needed for online account checkups) This works fine but only when the OpenVPN/Tunnelblick tunnel is down. When up no connection is possbile to the minecraft server from outside of LAN. inside LAN is always OK. Everything else functions as intended. I believe the redirect_gateway push is close to the root of the problem, but I want to keep that specific VPN provider because of the fantastic throughput, price and service. The Solution? How can I open up the minecraft server port outside of the tunnel so it's only available over en0 not the VPN tunnel? Should I a static route? But I don't know which IPs will be connecting...stumbles How secure would to estimate this setup to be and do you have other improvements to share? I've searched extensively in the last few days to no avail...If you've read this far I bet you know the answer :)

  Read the article

• Using robocopy and excluding multiple directories

  - by GorrillaMcD

  I'm trying to copy some directories from a server before I restore from backup (my latest backup was corrupt, so I have to use an older one :( ). I'm in the Windows Recovery Environment and have access to the server's file system G:\ and my backup media C:\. But, since I'm more familiar with Linux, I'm having a bit of trouble with the command line in Windows, specifically robocopy. I want to copy multiple directories (maintaining the same directory structure) from G:\ to C:\ while excluding others (namely, the Windows and Program Files folders). I can't figure out the syntax for the /XD option. I was hoping to do something like: robocopy G: C:\backup /CREATE /XD "dir1","dir2", ...

  Read the article

• Looking for a way execute a task on all files in a directory (recursively) on Windows

  - by stzzz1

  I have a huge number of mp4 video files that needs to have a volume boost. I need a way to execute a ffmpeg audio filter on all files in a specified base directory (and in subdirectories as well). My problem is that I'm working on a Windows computer and I have no knowledge of its shell syntax. I would like to do the equivalent of what this bash script does : TARGET_FILES=$(find /path/to/dir -type f -name *.mp4) for f in $TARGET_FILES do ffmpeg -i $f -af 'volume=4.0' output.$f done I spent quite some time this afternoon looking for a solution but the recursive nature of what I need (that is so simple with find!) isn't too clear. Any help would be greatly appreciated!

  Read the article

• file:// command-line arguments

  - by Cory Grimster

  Is it possible to pass command-line arguments to a program that is invoked via a file:// url? I'm trying to include Remote Desktop links in a wiki page that lists some servers: <a href="file:///c|/windows/system32/mstsc.exe /v:serverName">serverName</a> When I omit the argument the link works fine, but when I include it the link doesn't work. I Googled around a bit and couldn't find any references to this. I suspect that the answer is that file:// urls simple don't accept arguments (I can think of all kinds of ways to abuse them if they do), but I thought I'd throw it out there in case I've simply got the syntax wrong. Thanks.

  Read the article

• using modrewrite to change http to https? (not redirect)

  - by PaulHanak

  This might sound a little crazy, but bare with me. I basically have an include file, lets say inc-navigation.html, that has absolute paths (http://www.pathtoimage.com/image.com) that are on EVERY PAGE. Well, using SSL, I can't use that same include file because it is not referencing https:// What a pain! SO, I was maybe thinking of using htaccess to do a url rewrite of all references of HTTP to HTTPS when the browser requests a https page. Again, just to be clear, I don't want to "redirect", just "replace". So, I have this.... RewriteCond %{HTTPS} !=on RewriteRule ^http$ https but it doesn't seem to be working. I probably have the syntax wrong though. :) Of course, this is even if this type of thing is even possible!?

  Read the article

• How to force Windows XP to rename a file with a special character?

  - by codeLes

  I have a song that Windows can't play because there is a question mark in the name of the file. "Where Have All the Cowboys Gone?.ogg" // as an example So I try to rename it and Windows complains whether I try it in Explorer or from command prompt. Error I get when trying to copy, rename, or move is: The Filename, directory name, or volume label syntax is incorrect Is there a Windows way to force a rename in this case? Update I'll keep an eye on this question, but after 13 answers and many attempts (aside form 3rd party solutions) it seems that Windows can't do this (or at least my windows can't, no short names). So I'm accepting the answer which was my original solution anyway of using Linux. It would be nice to see Windows handle this somehow, so don't stop just because I've accepted this answer, the question still stands!

  Read the article

• Unable to ping between subnets and out to internet

  - by battlemidget

  My setup is Modem - Linksys router - Laptop with 2 devices (wlan0/eth0) - desktop machine Router is 192.168.1.1 gateway to the internet Laptop wlan0 is 192.168.1.4 with a gw of 192.168.1.1 Laptop eth0 is 192.168.2.254 which acts as a second gateway desktop is 192.168.2.100 On laptop i've setup ip_forward to 1, and have inserted 2 iptables rules -A FORWARD -i eth0 -o wlan0 -j ACCEPT -A FORWARD -i wlan0 -o eth0 -j ACCEPT The laptop can ping outside the network (i,e, yahoo.com) it can not ping 192.168.2.100. The desktop can ping 192.168.2.254 but nothing outside the network or 192.168.1.0 subnet. On laptop ip route show lists: 192.168.2.0/24 dev eth0 proto kernel scope link src 192.168.2.254 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.4 127.0.0.0/8 dev lo scope link default via 192.168.1.1 dev wlan0 What am I missing to make my desktop go through the laptop in order to access the router which provides access to the internet? Thanks

  Read the article

• Scp only a specific folder

  - by Ben

  Some command line syntax I don't know how to set, am a noob sometimes, sorry is that's obvious Let's says I have the following path for all my assets : /var/www/site/system/images/{image_id}/{format}/{file}.{extension} Inside the {image_id} folder, I have multiple formats (original, medium, thumb, etc...). I only want to import the /var/www/site/system/images/{image_id}/original folder, and keep the structure locally scp -r username@server:/var/www/site/system/images/*/original ~/Site/site/system/images This one does get it all, but all the files end up in the same and unique folder, no structure. I'd like to keep the structure. Is there something to do for it ?

  Read the article

< Previous Page | 225 226 227 228 229 230 231 232 233 234 235 236  | Next Page >