Search Results

Search found 26179 results on 1048 pages for 'linux from scratch'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 324/1048 | < Previous Page | 320 321 322 323 324 325 326 327 328 329 330 331  | Next Page >

  • NAT ports - how do they work?

    - by Davidoper
    I have the following network schema: Computer A: three nics: NIC 1 (eth0): dhcp, public internet NIC 2 (eth1): static 192.168.1.1, gateway for Computer B NIC 3 (eth2): static 192.168.2.1, gateway for Computer C Computer B: static 192.168.1.2, using gateway 192.168.1.1 (NIC 2). Computer C: static 192.168.2.2, using gateway 192.168.2.1 (NIC 3). So I applied this to get NAT working: iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE Every computer can connect to the internet now. I have been applying rules to the main computer (Computer A), like dropping connections to some ports, e.g ssh: iptables -A INPUT -p tcp --dport 22 -j DROP But for instance, now I would like only allow connections for ports 20,21,22,53 and 80 in Computer C, and ignore the outside traffic if it's not related to those ports. The allowed connections should be FROM Computer C to outside, but not from outside to Computer C (I mean - Computer C is not hosting any HTTP or SSH, but it is going to use them as a client). I guess this sould be done like this: iptables -A OUTPUT -i eth2 -o eth0 -p tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth2 -o eth0 -p tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT The last rule (dropping any other traffic different from those) is at the end of the configuration, so -A should be working correctly. The thing is... it is not working. If I put the last rule like this: iptables -A FORWARD -i eth2 -o eth0 -j DROP It just drops everything and, for instance, port 21 (previously opened as you can see above) is not either working. Can you tell me what could I have done wrong? I have been struggling with this problem for some time and I am unable to solve it. Thanks!

    Read the article

  • Block IP Address including ICMP using UFW

    - by dr jimbob
    I prefer ufw to iptables for configuring my software firewall. After reading about this vulnerability also on askubuntu, I decided to block the fixed IP of the control server: 212.7.208.65. I don't think I'm vulnerable to this particular worm (and understand the IP could easily change), but wanted to answer this particular comment about how you would configure a firewall to block it. I planned on using: # sudo ufw deny to 212.7.208.65 # sudo ufw deny from 212.7.208.65 However as a test that the rules were working, I tried pinging after I setup the rules and saw that my default ufw settings let ICMP through even from an IP address set to REJECT or DENY. # ping 212.7.208.65 PING 212.7.208.65 (212.7.208.65) 56(84) bytes of data. 64 bytes from 212.7.208.65: icmp_seq=1 ttl=52 time=79.6 ms ^C --- 212.7.208.65 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 79.630/79.630/79.630/0.000 ms Now, I'm worried that my ICMP settings are too generous (conceivably this or a future worm could setup an ICMP tunnel to bypass my firewall rules). I believe this is the relevant part of my iptables rules is given below (and even though grep doesn't show it; the rules are associated with the chains shown): # sudo iptables -L -n | grep -E '(INPUT|user-input|before-input|icmp |212.7.208.65)' Chain INPUT (policy DROP) ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-input (1 references) ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-input (1 references) DROP all -- 0.0.0.0/0 212.7.208.65 DROP all -- 212.7.208.65 0.0.0.0/0 How should I go about making it so ufw blocks ICMP when I specifically attempt to block an IP address? My /etc/ufw/before.rules has in part: # ok icmp codes -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ACCEPT -A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT -A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT -A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT -A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT I'm tried changing ACCEPT above to ufw-user-input: # ok icmp codes -A ufw-before-input -p icmp --icmp-type destination-unreachable -j ufw-user-input -A ufw-before-input -p icmp --icmp-type source-quench -j ufw-user-input -A ufw-before-input -p icmp --icmp-type time-exceeded -j ufw-user-input -A ufw-before-input -p icmp --icmp-type parameter-problem -j ufw-user-input -A ufw-before-input -p icmp --icmp-type echo-request -j ufw-user-input But ufw wouldn't restart after that. I'm not sure why (still troubleshooting) and also not sure if this is sensible? Will there be any negative effects (besides forcing the software firewall to force ICMP through a few more rules)?

    Read the article

  • Free space on Dedi' in CentOS

    - by Trance84
    It will sound stupid but i need to figure out how much disk space i have in my dedicated server, it runs CentOS6...the last command i issued was this [root@ks34900 ~]# df -h Filesystem Size Used Avail Use% Mounted on rootfs 9.7G 6.4G 2.9G 69% / /dev/root 9.7G 6.4G 2.9G 69% / none 1000M 288K 1000M 1% /dev /dev/sda2 914G 200M 868G 1% /home But again, stupid as it may sound... i cant figure out how much space i have in "/" folder (root) And is it possible that "/usr" have a different space (partition)?

    Read the article

  • rsyslog - regex trouble

    - by benmccann
    I'm trying to setup the logentries service. If a log entry has a token in it then I would like to send it to api.logentries.com:10000. The token is a guid in the format aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee. Right now I'm doing: # If there's a logentries token then send it directly to logentries :msg, regex, ".*[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}.*" & @@api.logentries.com:10000 I checked the rsyslog debug logs and my regex is not matching, but I can't figure out why or how to fix it: 5245.961161378:7fb79b514700: Filter: check for property 'msg' (value ' fb1c507f-2ede-4d7f-a140-2bd8d56e133 - application - [play-akka.actor.default-dispatcher-1] - Found user: 4fb11ea5e4b00a1aeebe2800') regex '.*[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}.*': FALSE

    Read the article

  • rTorrent, too low memory usage !?

    - by Claudiu
    I want to know from more experienced rTorrent users how to tweak the .rtorrent.rc so that rTorrent will cache disk reading and writing (same as uTorrent does). I have set the max_memory_usage = 1GB but this amount is not used. I run 6 rTorrent instances on a Quad Core, 8 GB Ram machine and total used memory reported by htop is only ~500MB. I need to use memory buffers cause disk IO activity is very high.

    Read the article

  • Postfix connect timing out remotely, working fine locally

    - by Moritz
    Running Postfix on Debian I cannot connect to send mail any more. It worked until approximately a week ago. I do not recall touching the configuration of the server during that time, which makes it difficult for me to find out what the problem is. When connecting from the server to itself it works fine: root@xxxx:~# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'. ehlo localhost 220 mail.xxxx.de ESMTP Postfix (Debian/GNU) 250-mail.xxxx.de 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN quit 221 2.0.0 Bye Connection closed by foreign host. Trying to do the same remotely times out: laptop:~ $ telnet mail.xxxx.de 25 Trying 93.xx.xx.xx... telnet: connect to address 93.xx.xx.xx: Operation timed out telnet: Unable to connect to remote host Configuration is as follows: root@xxxx:~# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all inet_protocols = ipv4 mailbox_command = mailbox_size_limit = 0 mydestination = localhost.localdomain, localhost.localdomain, localhost myhostname = mail.xxxx.de mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_local_domain = smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom virtual_alias_maps = proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf virtual_gid_maps = static:8 virtual_mailbox_base = /var/vmail virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 150 virtual_transport = dovecot Receiving mails is no problem, as is retrieving them remotely. Do you have an idea what I could check next?

    Read the article

  • "TCP Sweep" - What is it? How am I causing it?

    - by Stephen Melrose
    Hi there, I've just had an email from my hosting company telling me I'm in violation of their Acceptable Use Policy. They forwarded me an email from another company complaining about something to do with a "TCP sweep of port 22". They included a snippet from their logs, 20:29:43 <MY_SERVER_IP> 0.0.0.0 [TCP-SWEEP] (total=325,dp=22,min=212.1.191.0,max=212.1.191.255,Mar21-20:26:34,Mar21-20:26:34) (USI-amsxaid01) Now, my server knowledge is limited at best, and I've absolutely no idea what this is or what could be causing it. Any help would be greatly appreciated! Thank you

    Read the article

  • Why doesn't my symbolic link work?

    - by orokusaki
    I'm trying to better understand symbolic links... and not having very much luck. This is my actual shell output with username/host changed: username@host:~$ mkdir actual username@host:~$ mkdir proper username@host:~$ touch actual/file-1.txt username@host:~$ echo "file 1" > actual/file-1.txt username@host:~$ touch actual/file-2.txt username@host:~$ echo "file 2" > actual/file-2.txt username@host:~$ ln -s actual/file-1.txt actual/file-2.txt proper username@host:~$ # Now, try to use the files through their links username@host:~$ cat proper/file-1.txt cat: proper/file-1.txt: No such file or directory username@host:~$ cat proper/file-2.txt cat: proper/file-2.txt: No such file or directory username@host:~$ # Check that actual files do in fact exist username@host:~$ cat actual/file-1.txt file 1 username@host:~$ cat actual/file-2.txt file 2 username@host:~$ # Remove the links and go home :( username@host:~$ rm proper/file-1.txt username@host:~$ rm proper/file-2.txt I thought that a symbolic link was supposed to operate transparently, in the sense that you could operate on the file that it points to as if you were accessing the file directly (except of course in the case of rm where of course the link is simply removed).

    Read the article

  • NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA-v4: cannot bind: Address already in use

    - by Francesco
    I have an issue with sendmail on my server (ubuntu 12.10) with php, mysql,and wordpress installed. Basically I want to create a contact form in my blog to receive emails from visitors directly into my gmail account but it doest work! I created a php file called testmail.php to recall it from the browser: <?php $to = '[email protected]'; $subbject = 'TEST MAIL'; $msg = 'test test test test test test test test test test test test test test test'; $isMailed = mail($to, $subbject, $msg, 'From:me <[email protected]>'); if($isMailed) echo 'mail has been send to: ' . $to; else echo 'mail has NOT been send..'; ?> But I dont receive anything! The /var/log/mail.log says: NOQUEUE: SYSERR(root): opendaemonsocket: daemon MTA-v4: cannot bind: Address already in use What do i do wrong? Where do I need to check? What info do you need more? I checked also into the spam folder, nothing. Thank you!

    Read the article

  • XTerm and a bold text

    - by user610378
    This is my Xterm config: XTerm*saveLines: 512 XTerm*reverseVideo: false XTerm*reverseWrap: true XTerm*fullCursor: true XTerm*scrollTtyOutput: on XTerm*scrollKey: on XTerm*eightBitInput: false XTerm*pointerColor: white XTerm*pointerShape: left_ptr XTerm*charClass: 37:48,45-47:48,58:48,64:48,126:48 XTerm*cursorColor: rgb:aa/aa/aa XTerm*cursorColor2: black XTerm*color0: rgb:71/71/71 XTerm*color1: rgb:cd/00/00 XTerm*color2: rgb:b4/cd/00 XTerm*color3: rgb:cd/cd/00 XTerm*color4: rgb:71/71/71 XTerm*color5: rgb:cd/00/cd XTerm*color6: rgb:00/cd/cd XTerm*color7: rgb:e5/e5/e5 XTerm*color8: rgb:4c/4c/4c XTerm*color9: rgb:ff/00/00 XTerm*color10: rgb:55/ac/55 XTerm*color11: rgb:ff/ff/00 XTerm*color12: rgb:46/82/b4 XTerm*color13: rgb:ff/00/ff XTerm*color14: rgb:00/ff/ff XTerm*color15: rgb:ff/ff/ff XTerm*colorBD: white XTerm*colorUL: SkyBlue XTerm*colorBDMode: on XTerm*colorULMode: on XTerm*underLine: on XTerm*background: rgb:30/0a/24 XTerm*foreground: white XTerm*font: -*-monospace-medium-r-normal-9-140-*-*-m-*-* XTerm*font1: 5x7 XTerm*font2: 6x10 XTerm*font3: fixed XTerm*font4: 9x15 XTerm*ScrollBar.Background: gray XTerm*ScrollBar.thickness: 0 XTerm*ScrollBar.foreground: gray XTerm*ScrollBar: false XTerm*ScrollBar.DrawBorder: false XTerm*loginShell: true XTerm*faceName: Mono XTerm*faceSize: 9 Could anyone say is it possible to make bold some text, wich color is e.g. color1 from my config? I've tried XTerm*color1: rgb:cd/00/00 bold, but this doesn't work.

    Read the article

  • Proper procedure - sftp access to www folder - To be able to upload files

    - by Jay
    My www folder is root:root. What should it be? My site works perfectly but maybe I am doing something wrong. My nginx.conf says user is 'nginx'. Should I be changing the www onwership and group to that or something else? Mainly I want to be able to sftp into the www folder using FileZilla. Preferably only allow access to the www folder. I want to be able to upload the website files but I just don't know the proper procedure. I have tried changing owners and groups but I get worried some part of the stack will not like it. For example does nginx play along, and php? I thought about having a sftp group or even an sftp user. But I don't want to go down a path that should be avoided. What should I be doing with my setup?

    Read the article

  • Running scripts from another directory

    - by Desmond Hume
    Quite often, the script I want to execute is not located in my current working directory and I don't really want to leave it. Is it a good practice to run scripts (BASH, Perl etc.) from another directory? Will they usually find all the stuff they need to run properly? If so, what is the best way to run a "distant" script? Is it . /path/to/script or sh /path/to/script and how to use sudo in such cases? This, for example, doesn't work: sudo . /path/to/script

    Read the article

  • How do I determine the cause of a sustained spike in mysql queries/activity?

    - by mattmcmanus
    So this is more of a "I'm trying to learn about how this works" question rather than "there is a serious problem I can't figure out!" question. I'm setting up a VPS and have been tweaking and changing things here and there. I recently installed munin (like two days ago) and yesterday I noticed a significant increase in mysql activity. So now my curiosity is going crazy. How do I setup/access mysql's query log? I have about 5 databases on the server so I want to see which one is getting all the action. Is there anything else I can do to keep a better eye on what's going on? Here are the graphs. As you can tell, it's not that much activity at all but I'm just curious at the change. The sites that are on the server right now do not get a lot of traffic. It's running a couple drupal sites, only one of which is live. The live one hasn't had a spike in traffic and the last spike was 250 visitors so it's barely a spike at all.

    Read the article

  • SVN Authz - Any Subfolder permission or List contents

    - by Jaspa Jones
    Goal Basically I would like SVN users to be able to browse through a directory containing a lot of subfolders without allowing them to read its subfolders. [/] * = r [/Projects] * = # Allow viewing contents, but not reading. At least to be able to see Project1. [/Projects/Project1] my_group = rw Problem The problem is that there are a lot of projects. I could add every other project and make them disappear for the user, but that would be a lot of work to maintain. It would look like this: [/] * = r [/Projects] * = r [/Projects/Project1] my_group = rw [/Projects/Project2] * = [/Projects/Project3] * = [/Projects/Project4] * = [/Projects/Project5] * = It would be nice if I could use this: [/Projects/*] * = Any ideas? Thanks in advance, Jaspa Jones

    Read the article

  • ls returns nothing only in certain directories

    - by Jakobud
    I have a raid drive mounted here: /data/ And certain directories like this one: /data/somedir/somesubdir/ when I run ls w/ or w/o any flags, terminal doesn't return anything. It does not return an empty directory listing. It simply goes to the next line and sits there blank with no prompt coming up. I cannot CTRL-C out of it. I have to close this terminal instance and start over. At first I thought it was something to do with the ls command, but its pointing to /bin/ls and I can ls other directories just fine. Also, running this find /data/somedir/somesubdir immediately finds all the files just as expected.

    Read the article

  • Limit rate of outgoing UDP packets per second

    - by tim82
    Hi, since Teamspeak version 3 sends lots of packets per user and our provider is getting problems with his infrastructure above 20.000 packets per second we have to limit it that our servers are not going to be shut down. Red a lot about iptables but was not able to find the right rules. Could you give me an advise how to manage that the server is not going to send more than 19k packets per seconds? We are running on debian 4 Thanks in Advance Tim

    Read the article

  • Ubuntu, trouble getting back from lock screen

    - by Navid
    My problem is that after being idle for a while, the screen is locked and after this happened I get a black screen from which I can't get rid of. I mean after black screen comes, typing and moving mouse does not bring any new screen, and even alt+ctrl+F1 to F7 changes nothing. All I can do is to restart the system. Can anybody help me with this?

    Read the article

  • Adding lines to /etc/profile with puppet?

    - by miku
    I use puppet to install a current JDK and tomcat. package { [ "openjdk-6-jdk", "openjdk-6-doc", "openjdk-6-jre", "tomcat6", "tomcat6-admin", "tomcat6-common", "tomcat6-docs", "tomcat6-user" ]: ensure => present, } Now I'd like to add JAVA_HOME="/usr/lib/java" export JAVA_HOME to /etc/profile, just to get this out of the way. I haven't found a straightforward answer in the docs, yet. Is there a recommended way to do this? In general, how do I tell puppet to place this file there or modify that file? I'm using puppet for a single node (in standalone mode) just to try it out and to keep a log of the server setup.

    Read the article

  • Read only bind-mount?

    - by depesz
    I use mount -o bind to mount directories inside chroots, which works really well. The problem is that I'd like some of these bind-mounted directories to be read only in chroot. Is it possible? If not - any other way to achieve it? I was thinking about using NFS for localhost mounts, but it looks like overkill.

    Read the article

  • Ubuntu 10.04 LTS - Dual monitor works only sometimes (ATI multi-desktop)

    - by Beres Botond
    I've been using my laptop with an external LCD monitor attached to it at work (Philips 201E). And at home with a different external monitor (Samsung 2032BW). I have an ATI graphics card (HD3450), with Ati Catalyst drivers enabled and I'm using the Single display desktop (Multi-Desktop) seeting. At work I have the external monitor on the left and laptop on the right, while at home the other way around. So when I switch between the two setups, I just needed to go to Ati Catalyst Control Center, change the order of the displays, change the resolution (Home - 1680x1050, Work - 1440x900), reboot and it was all fine. But since a while it doesn't work properly anymore: At home it still works fine. At work it doesn't work. Sometimes it works for some reason, after a few resolution/setting changes in ACCC and reboots... it's very strange and annoying. With the home monitor I can see the whole bootup process on both monitors (laptop + LCD) and it always just works fine. With the work monitor on the external LCD monitor I just see "No video input" until I get to the login screen, then it shows up there as well. But after login it will either: Flicker a few times, but then work OK. Or (more often) Flicker once and then go back to "No video input" again. I usually end up rebooting a few times until it works. Does anyone have any idea for fixing it? This is my xorg.conf currently: Section "ServerLayout" Identifier "amdcccle Layout" Screen 0 "amdcccle-Screen[6]-0" 0 0 Screen "amdcccle-Screen[6]-1" 1280 0 EndSection Section "Files" EndSection Section "Module" Load "glx" EndSection Section "ServerFlags" Option "Xinerama" "off" EndSection Section "Monitor" Identifier "0-LVDS" Option "VendorName" "ATI Proprietary Driver" Option "ModelName" "Generic Autodetecting Monitor" Option "DPMS" "true" Option "PreferredMode" "1280x768" Option "TargetRefresh" "60" Option "Position" "0 0" Option "Rotate" "normal" Option "Disable" "false" EndSection Section "Monitor" Identifier "0-CRT1" Option "VendorName" "ATI Proprietary Driver" Option "ModelName" "Generic Autodetecting Monitor" Option "DPMS" "true" Option "TargetRefresh" "60" Option "Position" "0 0" Option "Rotate" "normal" Option "Disable" "false" Option "PreferredMode" "1440x900" EndSection Section "Device" Identifier "Default Device" Driver "fglrx" EndSection Section "Device" Identifier "amdcccle-Device[6]-0" Driver "fglrx" Option "Monitor-LVDS" "0-LVDS" BusID "PCI:6:0:0" EndSection Section "Device" Identifier "amdcccle-Device[6]-1" Driver "fglrx" Option "Monitor-CRT1" "0-CRT1" BusID "PCI:6:0:0" Screen 1 EndSection Section "Screen" Identifier "Default Screen" DefaultDepth 24 SubSection "Display" Virtual 2560 1024 EndSubSection EndSection Section "Screen" Identifier "amdcccle-Screen[6]-0" Device "amdcccle-Device[6]-0" DefaultDepth 24 SubSection "Display" Viewport 0 0 Depth 24 EndSubSection EndSection Section "Screen" Identifier "amdcccle-Screen[6]-1" Device "amdcccle-Device[6]-1" DefaultDepth 24 SubSection "Display" Viewport 0 0 Depth 24 EndSubSection EndSection

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 320 321 322 323 324 325 326 327 328 329 330 331  | Next Page >