Search Results

Search found 24814 results on 993 pages for 'linux distro'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 432/993 | < Previous Page | 428 429 430 431 432 433 434 435 436 437 438 439  | Next Page >

  • IPTables configuration help

    - by Sam
    I'm after some help with setting up IPTables. Mostly the configuration is working, but regardless of what I try I cannot allow localhost to access the local Apache only (i.e. localhost to access localhost:80 only). Here is my script: !/bin/bash Allow root to access external web and ftp iptables -t filter -A OUTPUT -p tcp --dport 21 --match owner --uid-owner 0 -j ACCEPT iptables -t filter -A OUTPUT -p tcp --dport 80 --match owner --uid-owner 0 -j ACCEPT Allow DNS queries iptables -A OUTPUT -p udp --dport 53 -j ACCEPT iptables -A OUTPUT -p tcp --dport 53 -j ACCEPT Allow in and outbound SSH to/from any server iptables -A INPUT -p tcp -s 0/0 --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp -d 0/0 --sport 22 -j ACCEPT Accept ICMP requests iptables -A INPUT -p icmp -s 0/0 -j ACCEPT iptables -A OUTPUT -p icmp -d 0/0 -j ACCEPT Accept connections from any local machines but disallow localhost access to networked machines iptables -A INPUT -s 10.0.1.0/24 -j ACCEPT iptables -A OUTPUT -d 10.0.1.0/24 -j DROP Drop ALL other traffic iptables -A OUTPUT -p tcp -d 0/0 -j DROP iptables -A OUTPUT -p udp -d 0/0 -j DROP Now I have tried many permutations and I'm obviously missing everything. I place them above the in/out bound SSH to/from, so it's not the precedence order. If someone could give me the heads up on allowing only the local machine to access the local web server, that'd be great. Cheers guys.

    Read the article

  • Securing debain with fail2ban or iptables

    - by Jimmy
    I'm looking to secure my server. Initially my first thought was to use iptables but then I also learnt about Fail2ban. I understand that Fail2ban is based on iptables, but it has the advantages of being able to ban IP's after a number of attempts. Let's say I want to block FTP completely: Should I write a separate IPtable rule to block FTP, and use Fail2ban just for SSH Or instead simply put all rules, even the FTP blocking rule within the Fail2Ban config Any help on this would be appreciated. James

    Read the article

  • What I should know about memory management?

    - by bua
    first of all: I don't use stackadmin or similar so please don't vote for moving there, I'm reading man top and paper "what every programmer should know about memory ..." I need really simple explanation like for retard ;) Having following top dump: top - 11:21:19 up 37 days, 21:16, 4 users, load average: 0.41, 0.75, 1.09 Tasks: 313 total, 5 running, 308 sleeping, 0 stopped, 0 zombie Cpu(s): 0.4%us, 0.6%sy, 0.9%ni, 96.2%id, 0.1%wa, 0.0%hi, 1.9%si, 0.0%st Mem: 132103848k total, 131916948k used, 186900k free, 54000k buffers Swap: 73400944k total, 73070884k used, 330060k free, 13931192k cached PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 3305 tudb 25 10 144m 52m 940 R 6.0 0.0 1306:09 app 3011 tudb 15 0 71528 19m 604 S 3.3 0.0 171:57.83 app 3373 tudb 25 10 209m 93m 940 S 3.0 0.1 1074:53 app 3338 tudb 25 10 144m 47m 940 R 2.7 0.0 780:48.48 app 4227 tudb 25 10 208m 99m 904 S 1.3 0.1 198:56.01 app 8506 tudb 25 10 80.7g 49g 932 S 2.0 39.6 458:31.22 app I'm wondering what is: RES (my expl. physical memory consumption ? see 49GB) VIRT (memory mapped disk to cache? see 80GB) SHR (shared pages?) Swap: (is this cached label - for memory mapped disk into swap cache?) Should sum of RES give MEM: X used? or maybe sum of VIRT?

    Read the article

  • Ubuntu 64-bit vs 32-bit

    - by tukushan
    Is it worth installing the Ubuntu 9.10 64-bit version over the 32-bit x86 version? I will get the ability to address more than 4 GB of memory, but other than that, how does the 64-bit version fare in terms of performance and stability?

    Read the article

  • Can't unlock locked screen, in Ubuntu 12

    - by Camille Goudeseune
    After locking the screen (with a keystroke bound to xlock -nice 8 -mode blank), I can unlock the screen as expected, but only within a few minutes. After being locked overnight, when I hit a key (even Ctrl+Alt combos), the screen stays black with just a brief white flash across the middle of both monitors. The workaround is to ssh in from another host and restart X. Some months ago, this happened every few weeks. By now it happens almost every morning. How do I even start to diagnose this? What might I look for in log files? (The intermittency is particularly troubling.) Failing that, is there an alternative to xlock aka xlockmore? Hardware: 3-year-old HP minitower, GEForce 9800 GT, two Asus LCD monitors. Software: Ubuntu 12.04.2 LTS. Window manager awesome-wm. NVidia driver 304.88. XLock version xlockmore-5.31.

    Read the article

  • Running two Magentos installations, one of which has 3 stores set up as multi-store. Which server?

    - by Pedro Peixoto
    I want to run 4 Magento stores in 2 different installations. 1 is a standalonne installation with 3 languages. The other is a multi-store with 3 different online stores in different domains. At the moment we have a VPS with 1GB memory, would that be enough? I ask because I've finished the standalone store and already put it online, and the server is already running on 62% memory. The ideal would be that this is enough as my company wouldn't like to move to a Dedicated Server (as it involves costs). I'm sure I can try to optimize Magento to run on lower memory (I'm expecting visits averaging 2000/day on all sites), if I could have some tips on the best way to do that Id appreciate it too.

    Read the article

  • crontab still sending emails even with > /dev/null

    - by user2344668
    I have a crontab (root) that runs a script and output is set to /dev/null but I always get the emails whenever it runs. I only want to receive error emails. # Rackspace driveclient update (12pm MST) 0 12 * * * /root/scripts/driveclient-update > /dev/null The only way I can get it to turn off is to use /dev/null 2&1 but then I won't get error emails. This is happening on three different CentOS servers, two are 6.3 and one is 6.4. NOTE: I have read over and over that /dev/null is supposed to send stdout there and prevent the email if there is nothing but stdout from the script, so at works for at least some people; I cannot figure out why it is not working on these servers. Here's an example of where /dev/null is supposed to work: http://www.alphadevx.com/a/384-Suppressing-Cron-Job-Email-Notifications

    Read the article

  • Cant get squid proxy to work

    - by danielgratz
    i need squid proxy on my centos server. But i just can't get it to work. I did yum install squid. Here is my squid.conf file (i removed all comments): acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 acl Safe_ports port 21 acl Safe_ports port 443 acl Safe_ports port 70 acl Safe_ports port 210 acl Safe_ports port 1025-65535 acl Safe_ports port 280 acl Safe_ports port 488 acl Safe_ports port 591 acl Safe_ports port 777 acl CONNECT method CONNECT acl our_networks src 192.168.1.0/24 192.168.2.0/24 http_access allow our_networks http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all icp_access allow all http_port 3128 hierarchy_stoplist cgi-bin ? access_log /var/log/squid/access.log squid acl QUERY urlpath_regex cgi-bin \? cache deny QUERY refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl apache rep_header Server ^Apache broken_vary_encoding allow apache coredump_dir /var/spool/squid Then i just put my server's public ip and port 3128 into my web browsers proxy settings... but it isn't working i can't visit any website. Please help. Thanks.

    Read the article

  • disable specific PCI device at boot

    - by Rhymoid
    I've just reinstalled Debian on my Sony VAIO laptop, and my dmesg and virtual consoles all get spammed with the same messages over and over again. [ 59.662381] hub 1-1:1.0: unable to enumerate USB device on port 2 [ 59.901732] usb 1-1.2: new high-speed USB device number 91 using ehci_hcd [ 59.917940] hub 1-1:1.0: unable to enumerate USB device on port 2 [ 60.157256] usb 1-1.2: new high-speed USB device number 92 using ehci_hcd I believe these messages are coming from an internally connected USB device, most likely the webcam (since that's the only thing that doesn't work). The only way I can seem to have it shut up (without killing my actually useful USB ports) is to disable one of the USB host controllers: # echo "0000:00:1a.0" > /sys/bus/pci/drivers/ehci_hcd/unbind This also takes down my Bluetooth interface, but I'm fine with that. I would like this setting to persist, so that I can painlessly use my virtual console again in case I need it. I want my operating system (Debian amd64) to never wake it up, but I don't know how to do this. I've tried to blacklist the module alias for the PCI device, but it seems to be ignored: $ cat /sys/bus/pci/devices/0000\:00\:1a.0/modalias pci:v00008086d00003B3Csv0000104Dsd00009071bc0Csc03i20 $ cat /etc/modprobe.d/blacklist blacklist pci:v00008086d00003B3Csv0000104Dsd00009071bc0Csc03i20 How do I ensure that this specific PCI device is never automatically activated, without disabling its driver altogether? -edit- The module was renamed recently, now the following works from userland: echo "0000:00:1a.0" > /sys/bus/pci/drivers/ehci-pci/unbind Still, I'm looking for a way to stop the kernel from binding that device in the first place.

    Read the article

  • Explanation of command to uppercase the first letter of a file

    - by hazielquake
    Hi I'm trying to learn to rename files with the command line, and after browsing around a lot of pages I finally found a command that uppercases the first letter of a file, but the problem is that I want to understand the meaning of each command. The command is: for i in *; do new=echo "$i" | sed -e 's/^./\U&/'; mv "$i" "$new";done I understand the 'for' kinda... but not the 'echo' or '`' and especially the sed command. if someone has a little patience to explain the meaning of each thing that'd be awesome! Thanks!

    Read the article

  • Encoding with FFmpeg using a FIFO

    - by Ashot Martirosyan
    Hello everyone. I'm trying to convert Flac audio file to AAC file using command line. So I wrote this ffmpeg -i input.flac temp.wav faac -q 120 -o output.m4a temp.wav It's working fine. Now I want to do the same using fifo, so I'm writing this mkfifo temp.wav ffmpeg -i input.flac temp.wav & faac -q 120 -o output.m4a temp.wav And it's freezing. So could you tall me what I'm doing wrong. Thanks a lot, and sorry for my English.

    Read the article

  • iptables logging not working?

    - by vps_newcomer
    OS: Ubuntu 10.04 Logging daemon: rsyslog For some reason i'm not getting any iptables logs, even thought i don't look through them very often i'd still like to get it working for the sake of it working XD Here is my /etc/ryslog.d/iptables.conf :msg, contains, "[IPTABLES]" -/var/log/iptables.log & ~ My iptables logging prefix is "[IPTABLES]" followed by whatever else (example [IPTABLES] Denied xyz) the /var/log/iptables.log file is being created, however its not getting any entries. I can see the logging entries in dmesg but not in syslog or messages. Whats going on? EDIT: My iptables logging rules: # logging limit LoggingLimit=5/min LoggingPrefix=IPTABLES # Logging chain iptables -N LOG_REJECT iptables -A LOG_REJECT -j LOG # join INPUT to LOG_REJECT iptables -A INPUT -j LOG_REJECT # logging iptables -A LOG_REJECT -p tcp -m limit --limit $LoggingLimit -j LOG --log-prefix "$LoggingPrefix Denied TCP: " #--log-level 7 iptables -A LOG_REJECT -p udp -m limit --limit $LoggingLimit -j LOG --log-prefix "$LoggingPrefix Denied UDP: " #--log-level 7 iptables -A LOG_REJECT -p icmp -m limit --limit $LoggingLimit -j LOG --log-prefix "$LoggingPrefix Denied ICMP: " #--log-level 7 Update: I found a thread that has the same symptoms as i do, apparently is a kernel bug. I am using a VPS so could anyone point me on how to upgrade my kernel or apply a workaround? I couldn't find a 2.6.34 kernel listed in apt-cache. Thread: http://www.linode.com/forums/viewtopic.php?t=5533

    Read the article

  • NSD reply from unexpected source

    - by Ximik
    I have server with NSD. There are MAIN_IP and ADD_IP. When I try to get IP of my site from server I have right output dig @localhost my_site.com But when I try to make this from my PC, I have dig @my_ns_server.com my_site.com ;; reply from unexpected source: MAIN_IP#53, expected ADD_IP#53 (ADD_IP is IP of my_ns_server.com) What should I do? UPD: My interfaces conf auto eth2 allow-hotplug eth2 iface eth2 inet static address xxx.xxx.xxx.234 netmask 255.255.255.252 network xxx.xxx.xxx.232 broadcast xxx.xxx.xxx.235 gateway xxx.xxx.xxx.233 dns-nameservers MY_ISP_IP dns-search MY_ISP_DOMAIN auto eth2:0 iface eth2:0 inet static address xxx.xxx.xxx.124 netmask 255.255.255.0 xxx.xxx.xxx is the same for all IPs

    Read the article

  • How to configure three IP address into single server

    - by user1363308
    I have Cisco device for call forwarding and three different system,I want to configure 15 and 16 server IP into 192.168.53.197 means eth0 --> 192.168.53.197 eth1 --> 192.168.16.15 eth2 --> 192.168.16.16 which work i have done with 15 and 16 individual , I will do some work on 197 after configuration eth1 and eth2. Means one system have three IP address but base IP address is 192.168.53.197

    Read the article

  • What kind of issues would occur if resolve.conf had no dns servers set?

    - by Stuart Woodward
    I want to create a server for a customer and have that customer finish the configuration for themselves. It was been decided that rather than setting default DNS servers (i.e. something like Google's) that the customer should enter the information by themselves. I assume that the customer is technically competent enough to do this. If however they forget or neglect to set this up they might spend some time trying to figure out what is wrong and eventually contact support. (In this case, I think that setting a default might have been better.) Apart from the obvious inability to resolve hosts, what other issues might they face until they have set valid dns servers in resolve.conf?

    Read the article

  • GRUB2 not detecting OS on raid partitions

    - by sleeves
    I have recently added a drive to a system and have successfully raid'ed (RAID-1) the paritions, with the exception of the boot partition. I have it ready and mirrored, but can't get GRUB2 (update-grub) to find it. System: Ubuntu 11.04 Raid Metadata: 1.2 If I run update-grub, it finds the kernel images on the /dev/sda2 partition (present root) but not the images on /dev/md127. /dev/md127 is composed of "missing" and "/dev/sdb2". fdisk on /dev/sdb confirms that sdb2 is of type fd (raid autodetect) and is also flagged bootable. I have two things I want to do. Make the boot.cfg on /dev/sdb2 have a menu option to have the root be /dev/md127 Install grub onto /dev/md127 so the actual boot.cfg from there is being used. Thanks!

    Read the article

  • DHCP server inside a virtual machine can't see other machines

    - by William
    Hi, I setup a private network from virtual machines and one of the machines is the DHCP server for the group. I want to specify a next-server for the DHCP server but I'm having trouble connecting to any of the machines that I lease IPs to. I'm just trying to do a simple ping/ssh to 10.0.0.252 (a machine with a lease) but it doesn't seem to respond. Any advice? I'm assuming I need to be able to connect to my next-server but maybe I'm wrong. Thanks.

    Read the article

  • After my laptop wakes up from sleeping/hibernating, the LCD/brightness is very low. How can I set it to default?

    - by meder
    In Power Management Preferences, On AC Power tab, I have brightness to 100%. "Dim display when idle" is not checked. I know for sure my LCD brightness is capable of going higher, because if I hit Fn and F7 then it resets the monitor brightness and settings for a few seconds, but the resolution breaks and then the brightness goes back. PS: OS is Debian Lenny ( I set the tags but for clarification ) and laptop is a Thinkpad.

    Read the article

  • File permissions on web server

    - by plua
    I have just read this useful article on files permissions, and I am about to implement a as-strict-as-possible file permissions policy on our webserver. Our situation: we have a web server accessed through sftp by different users from within our company, and we have the general public accessing Apache - sometimes uploading files through PHP. I distinguish folders and files by their use. So based on this reading, here is my plan: All people who need to upload files will have separate users. But all of those users will belong to two groups: uploaders, and webserver. Apache will belong to the group webserver. Directories Permission: 771 Owner: user:uploaders Explanation: to access files in the folder, everybody needs to have execute permission. Only uploaders will be adding/removing files, so they also get r+w permission. Files within the web-root Permission: 664 Owner: user:uploaders Explanation: they will be uploaded and changed by different users, so both owner and group need to have w+r permissions. Webserver needs to only read files, so r permission only. Upload-directories Permission: 771 Owner: user:webserver Explanation: when files need to be uploaded, Apache needs to be able to write to this directory. But I figure it is safer to change the owner to webroot, thus giving Apache sufficient privileges (and all uploaders also belong to this group and will have the same permissions), while safeguarding from "others" writing to this folder. Uploaded files Permission: 664 Owner: user:webserver Explanation: after uploading Apache might need to delete files, but this is no problem because they have w+r permission of the folder. So no need to make this file any more accessible than r access for group. Being not an expert on file permissions, my question is whether or not this is the best possible policy for our situation? Any suggestions welcome.

    Read the article

  • How to know that my IP is invalid

    - by PeterMmm
    I have a script running that will start up an interface with a new IP. If the script comes up with an IP that is already in use i am in trouble. Is it possible that the script set up the new Ip, detects that this IP is already in use and then check the next one, until it finds an ip that works ? B=192.168.1. I=1 while [ "$I" != "256" ] do ifconfig eth0:1 $B.$I # check here that IP is Ok ! let "I=I+1" done

    Read the article

  • Allow outgoing connections for DNS

    - by Jimmy
    I'm new to IPtables, but I am trying to setup a secure server to host a website and allow SSH. This is what I have so far: #!/bin/sh i=/sbin/iptables # Flush all rules $i -F $i -X # Setup default filter policy $i -P INPUT DROP $i -P OUTPUT DROP $i -P FORWARD DROP # Respond to ping requests $i -A INPUT -p icmp --icmp-type any -j ACCEPT # Force SYN checks $i -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # Drop all fragments $i -A INPUT -f -j DROP # Drop XMAS packets $i -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # Drop NULL packets $i -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # Stateful inspection $i -A INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT # Allow established connections $i -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow unlimited traffic on loopback $i -A INPUT -i lo -j ACCEPT $i -A OUTPUT -o lo -j ACCEPT # Open nginx $i -A INPUT -p tcp --dport 443 -j ACCEPT $i -A INPUT -p tcp --dport 80 -j ACCEPT # Open SSH $i -A INPUT -p tcp --dport 22 -j ACCEPT However I've locked down my outgoing connections and it means I can't resolve any DNS. How do I allow that? Also, any other feedback is appreciated. James

    Read the article

  • Traffic shaping L2TP/IPsec VPN (via accounts not connection)

    - by Cromulent
    I need to be able to control the amount of bandwidth a specific user account can use on a VPN connection. One account I want to be able to use the VPN with no restrictions and another account I want to limit to a reasonable amount of bandwidth (say 10GB or so a month). I'm aware that you can traffic shape individual connections but that does not quite solve the problem as the limited account can just disconnect and reconnect to get a new connection. I need to be able to limit bandwidth on a login basis for a given period of time (monthly limit). I'm really not that familiar with traffic shaping in general so any advice would be appreciated. Thank you.

    Read the article

  • Ubuntu reset network configuration

    - by user1103294
    When I boot up my ubuntu server, it cannot connect to my wireless network anymore. It says "waiting for network configuration" for 60 seconds, boots up, but no wireless. I suspect it's because of the following reasons. I used to connect to a wireless connection named 2WIRE555, password: 123abc But then I upgraded my connection and my new wireless connection was named 2WIRE444, password:111111 Being lazy, I simply renamed 2WIRE555 to 2WIRE444 and changed the password accordingly. I was hoping this would work but ever since then my network configurations is messed up. So back to the issue, how do I reset my network configurations for my Ubuntu 11.10 server?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 428 429 430 431 432 433 434 435 436 437 438 439  | Next Page >