Search Results

Search found 26263 results on 1051 pages for 'linux guest'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 372/1051 | < Previous Page | 368 369 370 371 372 373 374 375 376 377 378 379  | Next Page >

  • Secure openVPN using IPTABLES

    - by bob franklin smith harriet
    Hey, I setup an openVPN server and it works ok. The next step is to secure it, I opted to use IPTABLES to only allow certain connections through but so far it is not working. I want to enable access to the network behind my openVPN server, and allow other services (web access), when iptables is disabaled or set to allow all this works fine, when using my following rules it does not. also note, I already configured openVPN itself to do what i want and it works fine, its only failing when iptables is started. Any help to tell me why this isnt working will appreciated here. These are the lines that I added in accordance with openVPN's recommendations, unfortunately testing these commands shows that they are requiered, they seem incredibly insecure though, any way to get around using them? # Allow TUN interface connections to OpenVPN server -A INPUT -i tun+ -j ACCEPT #allow TUN interface connections to be forwarded through other interfaces -A FORWARD -i tun+ -j ACCEPT # Allow TAP interface connections to OpenVPN server -A INPUT -i tap+ -j ACCEPT # Allow TAP interface connections to be forwarded through other interfaces -A FORWARD -i tap+ -j ACCEPT These are the new chains and commands i added to restrict access as much as possible unfortunately with these enabled, all that happens is the openVPN connection establishes fine, and then there is no access to the rest of the network behind the openVPN server note I am configuring the main iptables file and I am paranoid so all ports and ip addresses are altered, and -N etc appears before this so ignore that they dont appear. and i added some explanations of what i 'intended' these rules to do, so you dont waste time figuring out where i went wrong : 4 #accepts the vpn over port 1192 -A INPUT -p udp -m udp --dport 1192 -j ACCEPT -A INPUT -j INPUT-FIREWALL -A OUTPUT -j ACCEPT #packets that are to be forwarded from 10.10.1.0 network (all open vpn clients) to the internal network (192.168.5.0) jump to [sic]foward-firewall chain -A FORWARD -s 10.10.1.0/24 -d 192.168.5.0/24 -j FOWARD-FIREWALL #same as above, except for a different internal network -A FORWARD -s 10.10.1.0/24 -d 10.100.5.0/24 -j FOWARD-FIREWALL # reject any not from either of those two ranges -A FORWARD -j REJECT -A INPUT-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT-FIREWALL -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT-FIREWALL -j REJECT -A FOWARD-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT #80 443 and 53 are accepted -A FOWARD-FIREWALL -m tcp -p tcp --dport 80 -j ACCEPT -A FOWARD-FIREWALL -m tcp -p tcp --dport 443 -j ACCEPT #192.168.5.150 = openVPN sever -A FOWARD-FIREWALL -m tcp -p tcp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -m udp -p udp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -j REJECT COMMIT now I wait :D

    Read the article

  • why dstat failed with --tcp option?

    - by hugemeow
    why --tcp option failed? should i install some package? if yes, which package i should install? this question is not the same as http://stackoverflow.com/questions/10475991/tcp-sockets-double-messages dstat --tcp Module tcp has problems. (Cannot open file /proc/net/tcp6.) None of the stats you selected are available. what is the problem with module tcp, how to find the problem? what i should do in order to fix this issue?

    Read the article

  • rsync general question

    - by CaptnLenz
    I'm trying to use rsync. At first, everything looks very good: rsync -Pniahv -e ssh /home/xxx/Videos/ [email protected]:"/shares/Public/Shared\ Videos/" --stats ... <f+++++++++ Serien/blah.avi <f+++++++++ Serien/blah S01E01 <f+++++++++ Serien/blah - S01E02 <f+++++++++ Serien/blah - S01E03 <f+++++++++ Serien/blah - S01E04 <f+++++++++ Serien/blah - S01E05 <f+++++++++ Serien/blah - S01E06 <f+++++++++ Serien/blah - S01E07 ... Number of files: 232 Number of files transferred: 223 Total file size: 118.24G bytes Total transferred file size: 117.51G bytes Literal data: 0 bytes Matched data: 0 bytes File list size: 9.46K File list generation time: 0.001 seconds File list transfer time: 0.000 seconds Total bytes sent: 10.18K Total bytes received: 712 After that, i copied some of the files manually and runned rsync again in dry mode: rsync -Pniahv -e ssh /home/xxx/Videos/ [email protected]:"/shares/Public/Shared\ Videos/" --stats ... <f..tpo.... Serien/blah.avi <f..tpo.... Serien/blah S01E01 <f..tpo.... Serien/blah - S01E02 <f..tpo.... Serien/blah - S01E03 <f..tpo.... Serien/blah - S01E04 <f..tpo.... Serien/blah - S01E05 <f..tpo.... Serien/blah - S01E06 <f..tpo.... Serien/blah - S01E07 ... Number of files: 232 Number of files transferred: 223 Total file size: 118.24G bytes Total transferred file size: 117.51G bytes Literal data: 0 bytes Matched data: 0 bytes File list size: 9.46K File list generation time: 0.001 seconds File list transfer time: 0.000 seconds Total bytes sent: 10.18K Total bytes received: 712 Why hasn't changed something in the --stats, although only the permissions and the timestamp have to be updated and not the full files need to be copied?

    Read the article

  • Stop Search param in directories by grep immediately after param match

    - by yael
    hi friends I use the following command to find under /var some param in my script grep -R "param" /var/* 2/dev/null |grep -wq "param" my problem is that: after grep find the param in file grep continue to search until all searches under /var/* will completed How to perform stop immediately after grep match the param word For example when I run the: grep -R "param" /var/* 2/dev/null |grep -wq "param" grep find the param after one second. But grep continue to Search other same param on other files and its take almost 30 seconds How to stop the grep immediately after param match? THX

    Read the article

  • Starting my own server - basic recommendations and questions [closed]

    - by Ilia Rostovtsev
    Possible Duplicate: Can you help me with my capacity planning? I'm planning to start my own high-performance server and then use collocation services for keeping it up and running. I'm planning to USE it for processing videos and keeping big video site up! (using FFMpeg, MENcoder and etc.) I just need recommendations on whether listed hardware is good enough and will work together well and fast enough. Do I need anything else (missed something). I remember about CPU coolers though! ;) I'm planning to use SSD drives so please tell me if it's going to work just as regular HDDs (but much faster)? Are they going to be used as RAID (is this possible for SSDs)? Here is what I would like to get: Intel ® Server System SR1600URHSR (Urbanna) or Intel® Server System SR1695WBAC 2 x Intel Xeon X5650 4 x 16Gb DDR-III 1333MHz Kingston ECC Reg (KVR13R9D4/16) 3 x (or maybe 4x) 480Gb SSD Intel 520 Series (SSDSC2CW480A3K5) Which server system would be better? Is listed hardware new/good enough and worth buying it at the moment? Should I probably take a look at something slightly more expensive but more up to date and powerful, may be? After all as software I would like to use CentOS 6 64 bit + WHM/CPanel? Any other suggestions on maybe cheaper and same/more powerful server management system but WHM? What most important points to keep in mind when starting/maintaining your own server?

    Read the article

  • Accidentally moved FUSE mounted mount point, not cannot unmount. Any option besides reboot?

    - by Catskul
    I mounted a disk image using a few different FUSE modules and then subsequently renamed the parent directory. The mounts have disappeared from the mtab and now the OS refuses to unmount them. fusermount -u mnt returns: fusermount: entry for /home/catskul/foo/mnt not found in /etc/mtab sudo fusermount -u mnt returns: fusermount: failed to unmount /home/catskul/foo/mnt: Device or resource busy sudo fuser -a mnt returns: Cannot stat file /proc/986/fd/55: Permission denied mnt:

    Read the article

  • Monitor open files limits, etc

    - by marcog
    We've been hitting the max open files limit on a few services recently. There are also a bunch of other limits in place. Is there a way to monitor how close processes are to these limits so we can be alerted when it's time to either up the limits or fix the root cause? On the same note, is it possible to view a log of these events so we know when a crash occurs it's because of hitting one of these limits?

    Read the article

  • Long connection times from PHP to MySQL on EC2

    - by Erik Giberti
    I'm having an intermittent issue connecting to a database slave with InnoDB. Intermittently I get connections taking longer than 2 seconds. These servers are hosted on Amazon's EC2. The app server is PHP 5.2/Apache running on Ubuntu. The DB slave is running Percona's XtraDB 5.1 on Ubuntu 9.10. It's using an EBS Raid array for the data storage. We already use skip name resolve and bind to address 0.0.0.0. This is a stub of the PHP code that's failing $tmp = mysqli_init(); $start_time = microtime(true); $tmp-options(MYSQLI_OPT_CONNECT_TIMEOUT, 2); $tmp-real_connect($DB_SERVERS[$server]['server'], $DB_SERVERS[$server]['username'], $DB_SERVERS[$server]['password'], $DB_SERVERS[$server]['schema'], $DB_SERVERS[$server]['port']); if(mysqli_connect_errno()){ $timer = microtime(true) - $start_time; mail($errors_to,'DB connection error',$timer); } There's more than 300Mb available on the DB server for new connections and the server is nowhere near the max allowed (60 of 1,200). Loading on both servers is < 2 on 4 core m1.xlarge instances. Some highlights from the mysql config max_connections = 1200 thread_stack = 512K thread_cache_size = 1024 thread_concurrency = 16 innodb-file-per-table innodb_additional_mem_pool_size = 16M innodb_buffer_pool_size = 13G Any help on tracing the source of the slowdown is appreciated. [EDIT] I have been updating the sysctl values for the network but they don't seem to be fixing the problem. I made the following adjustments on both the database and application servers. net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 0 net.ipv4.tcp_timestamps = 0 net.ipv4.tcp_fin_timeout = 20 net.ipv4.tcp_keepalive_time = 180 net.ipv4.tcp_max_syn_backlog = 1280 net.ipv4.tcp_synack_retries = 1 net.core.rmem_max = 16777216 net.core.wmem_max = 16777216 net.ipv4.tcp_rmem = 4096 87380 16777216 net.ipv4.tcp_wmem = 4096 87380 16777216 [EDIT] Per jaimieb's suggestion, I added some tracing and captured the following data using time. This server handles about 51 queries/second at this the time of day. The connection error was raised once (at 13:06:36) during the 3 minute window outlined below. Since there was 1 failure and roughly 9,200 successful connections, I think this isn't going to produce anything meaningful in terms of reporting. Script: date /root/database_server.txt (time mysql -h database_Server -D schema_name -u appuser -p apppassword -e '') /dev/null 2 /root/database_server.txt Results: === Application Server 1 === Mon Feb 22 13:05:01 EST 2010 real 0m0.008s user 0m0.001s sys 0m0.000s Mon Feb 22 13:06:01 EST 2010 real 0m0.007s user 0m0.002s sys 0m0.000s Mon Feb 22 13:07:01 EST 2010 real 0m0.008s user 0m0.000s sys 0m0.001s === Application Server 2 === Mon Feb 22 13:05:01 EST 2010 real 0m0.009s user 0m0.000s sys 0m0.002s Mon Feb 22 13:06:01 EST 2010 real 0m0.009s user 0m0.001s sys 0m0.003s Mon Feb 22 13:07:01 EST 2010 real 0m0.008s user 0m0.000s sys 0m0.001s === Database Server === Mon Feb 22 13:05:01 EST 2010 real 0m0.016s user 0m0.000s sys 0m0.010s Mon Feb 22 13:06:01 EST 2010 real 0m0.006s user 0m0.010s sys 0m0.000s Mon Feb 22 13:07:01 EST 2010 real 0m0.016s user 0m0.000s sys 0m0.010s [EDIT] Per a suggestion received on a LinkedIn question, I tried setting the back_log value higher. We had been running the default value (50) and increased it to 150. We also raised the kernel value /proc/sys/net/core/somaxconn (maximum socket connections) to 256 on both the application and database server from the default 128. We did see some elevation in processor utilization as a result but still received connection timeouts.

    Read the article

  • What's wrong with my custom .desktop xsession?

    - by Noam Gagliardi
    I want to create a custom Xmonad session that loads an .xsession script in my home folder. This is the original file I copied. This one works: [Desktop Entry] Encoding=UTF-8 Name=XMonad Comment=Lightweight tiling window manager Exec=xmonad Icon=xmonad.png Type=XSession This is my modified file, xmonad-custom.desktop. When I logout, then login choosing this "xmonad-custom", the screen just flashes and sends me back to the ubuntu login screen (as if it briefly logs in and out of the session): [Desktop Entry] Encoding=UTF-8 Name=XMonad Custom Comment=Lightweight tiling window manager Exec=/home/{username}/.xsession Icon=xmonad.png Type=XSession X-Ubuntu-Gettext-Domain=gdm I also tried without the last line. This is my ~/.xsession file, in case there's an error with this script: #!/bin/env bash xrdb -merge .Xresources trayer --edge top --align right --SetDockType true --SetPartialStrut \ true --expand true --width 15 --height 12 --transparent true --tint 0x000000 & dropbox start & exec xmonad

    Read the article

  • Bad font anti-aliasing in Ubuntu

    - by Juliano
    I'm switching from Fedora 8 to Ubuntu 9.04, and I can't seem to get it to get a good font anti-aliasing to work. It seems that Ubuntu's fontconfig tries to keep characters in integral pixel widths. This makes text more difficult to read, when 1 pixel is too thin and 2 pixels is too thick. Check the image below. In Fedora, when fontconfig anti-aliasing is enabled, fonts have their thickness proportional to the font size. Below, the thickness is different for 8, 9 and 10pt sizes. In Ubuntu, on the other hand, even when anti-aliasing is enabled, all 8, 9 and 10pt sizes have 1 pixel thickness. This makes reading larges amount of text difficult. I'm using the very same home directory, and I already checked that X resources are the same in both systems: ~% xrdb -query | grep Xft Xft.antialias: 1 Xft.dpi: 96 Xft.hinting: 1 Xft.hintstyle: hintfull Xft.rgba: none GNOME settings: ~% gconftool-2 -a /desktop/gnome/font_rendering antialiasing = grayscale hinting = full dpi = 96 rgba_order = rgb So, the question is: What should I change in the new box (Ubuntu) in order to get anti-aliasing like in the old box (Fedora)?

    Read the article

  • adress-chunk: separate data stored in one collumn - into three (street, postal-code, town)

    - by zero
    hello dear community. Hello dear friends form all over the planet first of all - this is a great great forum. I like this place to share the ideas. It is so great to see such a supportive place - featuring the knowledge exchange! today i have the following thing to discuss: i want to separate the following data that are stored in one column of a calc-spreadsheet: See the following data: You see that there are the following categories:_ steet, postal-code, town All the data are stored in only one Colum; Well to be honest: i want to separate them into three colums steet, postal-code, town see the data: what can i do? note - you see that there are commas inbetween the enties: and besides this we see that we have a postal-code with four digits: that is a good thing. Perhaps we can use this as a marker that helps us to separate the data?! Perhaps See a data-sample! Here you can see some exceptions: eg. the town that has two words combinde with a "-" ... or somethims without any signs and characters... see the following... as an example: Max-Bader-Platz 1, 5620 Schwarzach im Pongau Pestalozzistraße 4, 9990 Nussdorf-Debant Schulstraße 4, 5162 Obertrum am See But i guess that this means no problem... What do you think about this? I am very very interested to get your opinion! i look forward to hear from you! regards see a snipped of the dataset - that is stored in one column -[b]Goal: [/b]i want to separate the datas into three collumns... : Schulweg 6, 9871 Seeboden Khevenhüllerstraße 45, 4861 Schörfling Franz Xaver Rennstr.18, 6460 Imst Schulstraße 4, 5162 Obertrum am See Schulweg 6, 7432 Oberschützen Pestalozzistraße 4, 9990 Nussdorf-Debant Niederndorf bei Kufstein 53c, 6342 Niederndorf bei Kufstein Hauptschulstraße 18, 2183 Neusiedl an der Zaya Seeweg 14, 5202 Neumarkt am Wallersee Europaplatz 1, 8820 Neumarkt in Steiermark Schulstraße 7, 4212 Neumarkt im Mühlkreis Schulstraße 20, 4720 Neumarkt im Hausruckkreis Bahnhofstr. 10, 4872 Neukirchen an der Vöckla Schulstraße 5b, 4780 Schärding Reitbergstraße 2, 4311 Schwertberg Europaplatz 1, 2320 Schwechat Am Schulberg 5, 3931 Schweiggers Waidach 8, 6130 Schwaz Waidach 8, 6130 Schwaz Max-Bader-Platz 1, 5620 Schwarzach im Pongau Markt 29, 2662 Schwarzau im Gebirge Hofsteigstraße 68, 6858 Schwarzach Gmundner Straße 7, 4690 Schwanenstadt Mühlfeldstraße 1, 4690 Schwanenstadt Mainsdorferstraße 18, 8541 Schwanberg Jakob Stemer-Weg 3, 6780 Schruns Obere Umfahrungsstraße 16, 2432 Schwadorf bei Wien Battloggstraße 54, 6780 Schruns Schloss-Straße 19, 5020 Salzburg Schillerplatz 2, 8280 Fürstenfeld Erzherzog-Johann-Str. 400, 8970 Schladming Schulgasse 261, 8811 Scheifling i look forward to hear from you!! regards

    Read the article

  • Problem with testsaslauthd and kerberos5 ("saslauthd internal error")

    - by danorton
    The error message “saslauthd internal error” seems like a catch-all for saslauthd, so I’m not sure if it’s a red herring, but here’s the brief description of my problem: This Kerberos command works fine: $ echo getprivs | kadmin -p username -w password Authenticating as principal username with password. kadmin: getprivs current privileges: GET ADD MODIFY DELETE But this SASL test command fails: $ testsaslauthd -u username -p password 0: NO "authentication failed" saslauthd works fine with "-a sasldb", but the above is with "-a kerberos5" This is the most detail I seem to be able to get from saslauthd: saslauthd[]: auth_krb5: krb5_get_init_creds_password: -1765328353 saslauthd[]: do_auth : auth failure: [user=username] [service=imap] [realm=] [mech=kerberos5] [reason=saslauthd internal error] Kerberos seems happy: krb5kdc[](info): AS_REQ (4 etypes {18 17 16 23}) 127.0.0.1: ISSUE: authtime 1298779891, etypes {rep=18 tkt=18 ses=18}, username at REALM for krbtgt/DOMAIN at REALM I’m running Ubuntu 10.04 (lucid) with the latest updates, namely: Kerberos 5 release 1.8.1 saslauthd 2.1.23 Thanks for any clues.

    Read the article

  • Is there a way to find what values comes from what file in HAL under Ubuntu?

    - by vava
    I've been playing with multitouch on my Thinkpad and read a few tutorials on how to setup it. One of them mentioned /usr/hal/fdi/policy/20thirdparty/11-x11-synaptics.fdi, I edited it and enabled SHMConfig through it. Later I found out about /etc/hal/policy/ directory and put some customization for my touchpad there as well in separate fdi file. But now it looks like touchpad doesn't care about my customizations. I have gsynaptec installed and can configure it though GUI, I can configure it with synclient but I can't set any values through fdi files. I even turned off SHMConfig, reverting 11-x11-synaptics,fdi file to it's original state but it seems like SHMConfig still enabled, otherwise I wouldn't be able to configure properties in runtime. So, I was thinking, maybe there's additional hal files I don't know about. How can I find them, particularly ones responsible for turning SHMConfig on?

    Read the article

  • Vim: tab-align multiple lines?

    - by Andrew Bolster
    In GUI style editors, you can generally select multiple lines, press tab a few times to move all the lines across (or shift-tab to go back). I have no idea how to do this in VIM. I googled around and couldn't find any straight answer to I came here.

    Read the article

  • Disable MOUSE wakeup when doing suspend on UBUNTU

    - by Shadyabhi
    When I do SUSPEND on ubuntu, in order to wake up, i can just move the mouse and the computer will wake up. But, I dont want that the computer is waked up when I move my mouse. How can I do that? My /proc/acpi/wakeup file:- shadyabhi@shadyabhi-desktop:~$ cat /proc/acpi/wakeup Device S-state Status Sysfs node SLPB S4 *enabled P32 S4 disabled pci:0000:00:1e.0 UAR1 S4 disabled pnp:00:09 ILAN S4 disabled pci:0000:00:19.0 PEGP S4 disabled PEX0 S4 disabled pci:0000:00:1c.0 PEX1 S4 disabled pci:0000:00:1c.1 PEX2 S4 disabled pci:0000:00:1c.2 PEX3 S4 disabled pci:0000:00:1c.3 PEX4 S4 disabled pci:0000:00:1c.4 PEX5 S4 disabled UHC1 S3 disabled pci:0000:00:1d.0 UHC2 S3 disabled pci:0000:00:1d.1 UHC3 S3 disabled pci:0000:00:1d.2 UHC4 S3 disabled EHCI S3 disabled pci:0000:00:1d.7 EHC2 S3 disabled pci:0000:00:1a.7 UH42 S3 disabled pci:0000:00:1a.0 UHC5 S3 disabled pci:0000:00:1a.1 UHC6 S3 disabled pci:0000:00:1a.2 AZAL S3 disabled pci:0000:00:1b.0 shadyabhi@shadyabhi-desktop:~$

    Read the article

  • GNOME Screensaver Widgets

    - by darkfalcon
    Is there a way to add widgets to a Gnome screensaver? I think this can be done with KDE 4, but I've never liked KDE very much. I'm a programmer and comfortable with writing code if needed. I'd like to be able to: See the weather and forecast Control Rhythmbox Use a flash card widget for reviewing musical concepts The reason I want these on the screensaver is that I have login restrictions. I would like to be able to do a very limited subset of activities without having to log in.

    Read the article

  • SELinux Contexts

    - by Josh
    I am configuring Apache\PHP and noticed Apache complaining about permissions with the php shared object. Starting httpd: httpd: Syntax error on line 206 of /etc/httpd/conf/httpd.conf: Cannot load /usr/lib/httpd/modules/libphp5.so into server: /usr/lib/httpd/modules/libphp5.so: cannot restore segment prot after reloc: Permission denied I looked at the context (started fine with enforcement off) and found: [root@HDSSERVER conf]# ls --lcontext /usr/lib/httpd/modules/libphp5.so -rwxr-xr-x 1 root:object_r:httpd_modules_t root root 15565418 May 10 08:39 /usr/lib/httpd/modules/libphp5.so Shouldn't httpd (apache) be able to access files with a context of httpd_modules_t? I got it fixed by applying chcon -t textrel_shlib_t '/usr/lib/httpd/modules/libphp5.so' But I would think the httpd version would work before this one. Can someone explain this to me?

    Read the article

  • Sendmail SMART_HOST not working

    - by daniel
    Hello, I've defined SMART_HOST to be a specific server, lets call it foo.bar.com. However, when I send a test mail using 'sendmail -t', sendmail tries to use mx.bar.com, which subsequently rejects my mail. I've verified that foo.bar.com works and that mx.bar.com does not work (yay telnet). I've recompiled sendmail.mc vi make, make -C and m4. I've verified the DS entry in sendmail.cf. I've restarted sendmail correctly. I'm not sure how to proceed at this point. Any ideas? Here is my SMART_HOST line: define(SMART_HOST',foo.bar.com')dnl ...and here is the result of a test mail. It never tries to use foo.bar.com, instead it uses mx.bar.com. $ echo subject: test; echo | sendmail -Am -v -flocaluser -- [email protected] subject: test [email protected]... Connecting to mx.bar.com via relay... 220 mx.bar.com ESMTP >>> EHLO myhost.bar.com 250-mx.bar.com 250-8BITMIME 250 SIZE 52428800 >>> MAIL From:<[email protected]> SIZE=1 250 sender <[email protected]> ok >>> RCPT To:<[email protected]> 550 #5.1.0 Address rejected. >>> RSET 250 reset localuser... Connecting to local... localuser... Sent Closing connection to mx.bar.com. >>> QUIT 221 mx.bar.com And last, here is a test mail sent using foo.bar.com: $ hostname myhost.bar.com $ telnet foo.bar.com 25 Trying ***.***.***.***... Connected to foo.bar.com (***.***.***.***). Escape character is '^]'. 220 foo.bar.com ESMTP Sendmail 8.14.1/8.14.1/ITS-7.0/ldap2-1+tls; Tue, 21 Dec 2010 13:27:44 -0700 (MST) helo foo 250 foo.bar.com Hello myhost.bar.com [***.***.***.***], pleased to meet you mail from: [email protected] 250 2.1.0 [email protected]... Sender ok rcpt to: [email protected] 250 2.1.5 [email protected]... Recipient ok data 354 Enter mail, end with "." on a line by itself testing . 250 2.0.0 oBLKRikZ003758 Message accepted for delivery quit 221 2.0.0 foo.bar.com closing connection Connection closed by foreign host. Any ideas? Thanks

    Read the article

  • Ubuntu: Multiple NICs, one used only for Wake-On-LAN

    - by jcwx86
    This is similar to some other questions, but I have a specific need which is not covered in the other questions. I have an Ubuntu server (11.10) with two NICs. One is built into the motherboard and the other is a PCI express card. I want to have my server connected to the internet via my NAT router and also have it able to wake from suspend using a Magic Packet (henceforth referred to as Wake-On-LAN, WOL). I can't do this with just one of the NICs because each has an issue - the built-in NIC will crash the system if it is placed under heavy load (typically downloading data), whilst the PCI express NIC will crash the system if it is used for WOL. I have spent some time investigating these individual problems, to no avail. My plan is thus: use the built-in NIC solely for WOL, and use the PCI express card for all other network communication except WOL. Since I send the WOL Magic Packet to a specific MAC address, there is no danger of hitting the wrong NIC, but there is a danger of using the built-in NIC for general network access, overloading it and crashing the system. Both NICs are wired to the same LAN with address space 192.168.0.0/24. The built-in ethernet card is set to have interface name eth1 and the PCI express card is eth0 in Ubuntu's udev persistent rules (so they stay the same upon reboot). I have been trying to set this up with the /etc/network/interfaces file. Here is where I am currently: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.0.3 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1 auto eth1 iface eth1 inet static address 192.168.0.254 netmask 255.255.255.0 I think by not specifying a gateway for eth1, I prevent it being used for outgoing requests. I don't mind if it can be reached on 192.168.0.254 on the LAN, i.e. via SSH -- it's IP is irrelevant to WOL, which is based on MAC addresses -- I just don't want it to be used to access internet resources. My kernel routing table (from route -n) is Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.0.1 0.0.0.0 UG 100 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 My question is this: Is this sufficient for what I want to achieve? My research has thrown up the idea of using static routing to specify that eth1 should only be used for WOL on the local network, but I'm not sure this is necessary. I have been monitoring the activity of the interfaces using iptraf and it seems like eth0 takes the vast majority of the packets, though I am not sure that this will be consistent based on my configuration. Given that if I mess up the configuration, my system will likely crash, it is important to me to have this set up correctly!

    Read the article

  • Configure Iptables to allow a PHP-app accessing a port-nr

    - by Camran
    I have a php-application which connects to another app called Solr (database search engine). I can via this php app add/remove documents (records) from the Solr index. However, the Solr security is low, and anybody with the right port nr can access Solr and remove documents (records). I wonder, is it possible to ONLY allow my own php-app to have access to Solr somehow? Prefferably via Iptables. I am thinking I can only allow my own servers IP to that port, and it would solve my problem, because PHP is a server-side code. But I am not sure. About the Php-app: The website is a classifieds website, and when users wants to add or remove classifieds, they do so through a php app, which is this one. The app has a function which connects to solr and updates the database (index). I appreciate detailed answers... Thanks

    Read the article

  • Exploratory Question for Security Admins (/etc/passwd + PHP)

    - by JPerkSter
    Hi everyone, I've been seeing a few issues lately on a few of my servers where an account gets hacked via outdated scripts, and the hacker uploads a cPanel / FTP Brute forcing PHP script inside the account. The PHP File reads /etc/passwd to get the usernames, and than uses a passwd.txt file to try and brute force it's way in to 127.0.0.1:2082. I'm trying to think of a way to block this. It doesn't POST anything except "GET /path/phpfile.php", so I can't use mod_security to block this. I've been thinking of maybe changing permissions on /etc/passwd to 600, however I'm unsure how this will result in regards to my users. I was also thinking of rate-limiting localhost connections to :2082, however I'm worried about mod_proxy being affected. Any suggestions?

    Read the article

  • How do I setup unison to sync a folder one way

    - by Rob
    I have a 1tb NAS that has a 1tb usb external hard attached I have prepared the file system on the usb disk and mounted it I want to 100% sync my data from my nas to the usb disk - but I want it to be incremental and only have the NAS as the 'master' - eg if a file changes on the usb external hard drive I want it to ignore this change as its not the live version (not that I think the files will change on the usb disk but im paranoid the live could get overwritten) Also if a file gets deleted on live I want to retain the deleted file on the usb disk Can unison sync one-way and achive the above for me? if so with simply unison sorce/ target/ Work? Thanks Rob

    Read the article

  • How do I hook into Tar with BASH?

    - by orb
    Long Story Short I am working with Tar archives that contain PNG images in base64 encoding. I would like to use BASH (or whatever else works) to hook into the extraction function of Tar to decode PNG images from base64 encoding to standard PNG encoding after the files are unpacked. A simple cat $input-file | base64 -d >$output-file will successfully decode the images. Is there a way I can hook into tar -xf so that users do not have to do any (or minimal) extra work to decode the images? In the GNU Tar documentation (http://www.gnu.org/software/tar/manual/html_chapter/Backups.html#SEC97) I found that there are in fact variables reserved to hold the names of functions I desire to be hooked into various moments in Tar program execution. However, the documentation explains that these variables, along with other variables that can be set to configure Tar, are located in a file named backup-specs. Unfortunately, the path to this file is not given. Further, running sudo find / -name backup-specs tells me that this file is not present on my Ubuntu version 13.04 system. Background Information not included in the Long Story Short I have been working on a browser-based (WebGL) particle effect creation application (http://www.particleeffect.org), (https://github.com/cgrabowski/webgl-particle-effect-editor), (https://github.com/cgrabowski/webgl-particle-effect). I have began to write a client-side-only solution for saving and loading effect data as a tar archive. However, since client-side JavaScript has limited capability to process binary data, the images used as textures in the effect are saved with base64 encoding. I have been able to implement saving effect data as a Tar archive (haven't pushed that to Github yet). However, the images present in said Tar archive cannot be manipulated unless they are decoded from base64 encoding.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 368 369 370 371 372 373 374 375 376 377 378 379  | Next Page >