Search Results

Search found 18781 results on 752 pages for 'ip port'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 74/752 | < Previous Page | 70 71 72 73 74 75 76 77 78 79 80 81  | Next Page >

  • I'm using a shared server, and as such Gmail marks my email as spam (all from headers are different from the same IP)

    - by chipperyman573
    I have a shared server, meaning many people share the same IP. When I send an email, the @website.com is different from someone else that shares the same IP with me, therefore Gmail marks it as spam. For example: My website's IP is 1.2.3.4. My website is mywebsite.com Person 2's website's IP is hosted by the same host, and as such their IP is 1.2.3.4 Person 2's website is person2.com. When they send an email, it gets sent from [email protected] When I send an email, it gets sent from [email protected] According to Gmail's spam thing: "Use the same address in the 'From:' header on every bulk mail you send." Again, the only similarities between our websites is the IP. However, this causes Gmail to mark both our mail as spam. Is there a way to sort this out with Gmail?

    Read the article

  • BizTalk Send Ports, Delivery Notification and ACK / NACK messages

    - by Robert Kokuti
    Recently I worked on an orchestration which sent messages out to a Send Port on a 'fire and forget' basis. The idea was that once the orchestration passed the message to the Messagebox, it was left to BizTalk to manage the sending process. Should the send operation fail, the Send Port got suspended, and the orchestration completed asynchronously, regardless of the Send Port success or failure. However, we still wanted to log the sending success, using the ACK / NACK messages. On normal ports, BizTalk generates ACK / NACK messages back to the Messagebox, if the logical port's Delivery Notification property is set to 'Transmitted'. Unfortunately, this setting also causes the orchestration to wait for the send port's result, and should the Send Port fail, the orchestration will also receive a 'DeliveryFailureException' exception. So we may end up with a suspended port and a suspended orchestration - not the outcome wanted here, there was no value in suspending the orchestration in our case. There are a couple of ways to fix this: 1. Catch the DeliveryFailureException  (full type name Microsoft.XLANGs.BaseTypes.DeliveryFailureException) and do nothing in the orchestration's exception block. Although this works, it still slows down the orchestration as the orchestration still has to wait for the outcome of the send port operation. 2. Use a Direct Port instead, and set the ACK request on the message Context, prior passing to the port: msgToSend(BTS.AckRequired) = true; This has to be done in an expression shape, as a Direct logical port does not have Delivery Notification property - make sure to add a reference to Microsoft.BizTalk.GlobalPropertySchemas. Setting this context value in the message will cause the messaging agent to create an appropriate ACK or NACK message after the port execution. The ACK / NACK messages can be caught and logged by dedicated Send Ports, filtering on BTS.AckType value (which is either ACK or NACK). ACK/NACK messages are treated in a special way by BizTalk, and a useful feature is that the original message's context values are copied to the ACK/NACK message context - these can be used for logging the right information. Other useful context properties of the ACK/NACK messages: -  BTS.AckSendPortName can be used to identify the original send port. - BTS.AckOwnerID, aka http://schemas.microsoft.com/BizTalk/2003/system-properties.AckOwnerID - holds the instance ID of the failed Send Port - can be used to resubmit / terminate the instance Someone may ask, can we just turn off the Delivery Notification on a 'normal' port, and set the AckRequired property on the message as for a Direct port. Unfortunately, this does not work - BizTalk seems to remove this property automatically, if the message goes through a port where Delivery Notification is set to None.

    Read the article

  • How do you initialize networking on a new Xen guest VM?

    - by Marten Veldthuis
    We have a Citrix XenServer setup, and while I personally lean more towards Dev than Ops, I've got an issue that's been bugging me. When you provision a new (Linux/Ubuntu) guest, how do you get it to have the correct IP-address? I'd want my application servers to exist in the range of 10.20.0.0/24, preferably being .1, .2, etc, so I can keep my sanity. I guess that the actual IP-address is something set in Linux itself, and Xen can't touch that, but then what's the best practice for getting it done? If you set up DHCP, don't you just move the problem to getting the adapters the "correct" MAC-addresses? Do you just have to hardcode a large table of MAC-addresses to IP-addresses, and then provision new guests always with the correct MAC-address on the virtual ethernet adapter? What we currently do is have an image of a "app server" that we boot up a new instance of, and then finalize it (with a script) that (among other things) modifies the /etc/networking/interface file to give it the correct IP. But that feels dirty to me, and I feel like surely there must a better way. Please enlighten me?

    Read the article

  • Installing and running two postgresql versions on different ports (or two instances of same server)

    - by Andrius
    I have postgresql 9.1 installed on my machine (Ubuntu). I need another postgresql server that would run next to the old one. Exact version does not matter, but I'm thinking of using 9.2 version. How could I properly install and run another postgresql version without screwing old one (like upgrading). So those versions would run independently on different ports. Old one on 5432 and new one on 5433 for example. The reason I need this is for two OpenERP versions databases. If I run two OpenERP servers (with different versions) on single postgresql port, it crashes because new OpenERP version detects old versions database and tries to run it, but it crashes because it uses another schemes. P.S or maybe I could just run same postgresql server on two ports? Update So far I tried this: /usr/lib/postgresql/9.1/bin/pg_ctl initdb -D main2 It created new cluster. I changed port to 5433 in new clusters directory postgresql.conf file. Then ran this: /usr/lib/postgresql/9.1/bin/pg_ctl -D main2 -l logfile start I got response server starting. But when I tried to enter new cluster's template database with: psql template1 -p 5433 I got this error: psql: could not connect to server: No such file or directory Is the server running locally and accepting connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5433"? Also now when I try to stop server with: /usr/lib/postgresql/9.1/bin/pg_ctl -D main2 -l logfile start I get this error: pg_ctl: PID file "main2/postmaster.pid" does not exist Is server running? So I don't understand if server is running and what I'm missing here? Update Found what was wrong. Stupid me. I didn't notice that when I changed port in .conf file, that line was commented already. So actually I didn't change anything first time, but thought I did and it used default 5432 port.

    Read the article

  • Obtaining the correct Client IP address when a Physical Load Balancer and a Web Server Configured With Proxy Plug-in Are Between The Client And Weblogic

    - by adejuanc
    Some Load Balancers like Big-IP have build in interoperability with Weblogic Cluster, this means they know how Weblogic understand a header named 'WL-Proxy-Client-IP' to identify the original client ip.The problem comes when you have a Web Server configured with weblogic plug-in between the Load Balancer and the back-end weblogic servers - WL-Proxy-Client-IP this is not designed to go to Web server proxy plug-in. The plug-in will not use a WL-Proxy-Client-IP header that came in from the previous hop (which is this case is the Physical Load Balancer but could be anything), in order to prevent IP spoofing, therefore the plug-in won't pass on what Load Balancer has set for it.So unfortunately under this Architecture the header will be useless. To get the client IP from Weblogic you need to configure extended log format and create a custom field that gets the appropriate header containing the IP of the client.On WLS versions prior to 10.3.3 use these instructions:You can also create user-defined fields for inclusion in an HTTP access log file that uses the extended log format. To create a custom field you identify the field in the ELF log file using the Fields directive and then you create a matching Java class that generates the desired output. You can create a separate Java class for each field, or the Java class can output multiple fields. For a sample of the Java source for such a class, seeJava Class for Creating a Custom ELF Field to import weblogic.servlet.logging.CustomELFLogger;import weblogic.servlet.logging.FormatStringBuffer;import weblogic.servlet.logging.HttpAccountingInfo;/* This example outputs the X-Forwarded-For field into a custom field called MyOriginalClientIPField */public class MyOriginalClientIPField implements CustomELFLogger{ public void logField(HttpAccountingInfo metrics,  FormatStringBuffer buff) {   buff.appendValueOrDash(metrics.getHeader("X-Forwarded-For");  }}In this case we are using 'X-Forwarded-For' but it could be changed for the header that contains the data you need to use.Compile the class, jar it, and prepend it to the classpath.In order to compile and package the class: 1. Navigate to <WLS_HOME>/user_projects/domains/<SOME_DOMAIN>/bin2. Set up an environment by executing: $ . ./setDomainEnv.sh This will include weblogic.jar into classpath, in order to use any of the libraries included under package weblogic.*3. Compile the class by copying the content of the code above and naming the file as:MyOriginalClientIPField.java4. Run javac to compile the class.$javac MyOriginalClientIPField.java5. Package the compiled class into a jar file by executing:$jar cvf0 MyOriginalClientIPField.jar MyOriginalClientIPField.classExpected output is:added manifestadding: MyOriginalClientIPField.class(in = 711) (out= 711)(stored 0%)6. This will produce a file called:MyOriginalClientIPField.jar This way you will be able to get the real client IP when the request is passing through a Load Balancer and a Web server before reaching WLS. Since 10.3.3 it is possible to configure a specific header that WLS will check when getRemoteAddr is called. That can be set on the WebServer Mbean. In this case, set that to be X-Forwarded-For header coming from Load Balancer as well.

    Read the article

  • Easiest way to allow direct HTTPS connection in Intercept mode?

    - by Nicolo
    I know the SSL issue has been beaten to death I'm using DNS redirect to force my clients to use my intercept proxy. As we all know, intercepting HTTPS connection is not possible unless I provide a fake certificate. What I want to achieve here is to allow all HTTPS requests connect directly to the source server, thus bypassing Squid: HTTP connection Proxy by Squid HTTPS connection Bypass Squid and connect directly I spent the past few days goolging and trying different methods but none worked so far. I read about SSL tunneling using the CONNECT method but couldn't find any more information on it. I tried a similar method in using RINETD to forward all traffic going through port 443 of my Squid back to the original IP of www.pandora.com. Unfortunately, I did not realize all other HTTPS requests are also forwarded to the IP of www.pandora.com. For example, https://www.gmail.com also takes me to https://www.pandora.com Since I'm running the Intercept mode, the forwarding needs to be dynamic and match each HTTPS domain name with proper original IP. Can this be done in Squid or iptables? Lastly, I'm directing traffic to my Squid server using DNS zone redirect. For example, a client requests www.google.com, my DNS server directs that request to my Squid IP, then my transparent Squid will proxy that request. Will this set up affect what I'm trying to achieve? I tried many methods but couldn't get it to work. Any takes on how to do this?

    Read the article

  • Apache local verses external (domain)

    - by Jessy Houle
    I have an Apache server running on Ubuntu server 10, using Passenger for Ruby on Rails. I have configured my site under the sites-enabled directory of Apache and can hit the server with an internal IP address (192.168.X.X) and the site comes back as expected. However, whenever I try to hit the site externally, either through the domain name or the IP address tied to the domain name, the site will not come back. I have a router in the middle with a static IP address, with Port Forwarding turned on (forwarding 80/443) to the server and I'm quite confident the issue isn't there. In fact, I even DMZed to the Ubuntu Server just to make sure. Also, all router firewall options have been turned off. So here is the question... Is there something else I have to do with Ubuntu server to allow externally requested port 80 traffic? Otherwise, is there some settings that need to be set in Apache to allow domain or external IP address port 80 traffic through? I'm pretty new to Apache, so, please take it a bit easy on me :-) Thank you for your responses. -Jessy Houle

    Read the article

  • Can a website see/know my MAC address even if I use a VPN?

    - by ilhan
    I have searched other results and read many of them but I could not get an enough information. My question is that can a website see my MAC address or can they have an information about that I'm the same person under these conditions: I am using a VPN and I use two IPs: first one is normal one, the second one is the VPN's IP. I use two browsers to hide behind browser fingerprinting. I use both browsers with Incognito Mode. I always use one for normal IP, one for the VPN IP. I do not know that if the website uses cookies or not. But can they collect an enough information to prove that these two identities belong to same person? Is there any other way for them to see that I am the same person? I use different IPs, different browsers and I use both browsers in incognito mode. I even changed one of browsers language to only English. So even if they collect my info from browser, they will see two browsers using different languages. (Addition after edit): So I have changed my IP and browser information and the website can not reach this information anymore to prove that I am the same person using two accounts. Then let's come to the title: Can they see my MAC address? Because I think that it is the last way that they can identify me and my main question is that. I wrote the information above to mention that I changed IPs and I have some precautions to avoid browser fingerprinting (btw my VPN provider already has a service about blocking it). I wrote them because I read similar advices in some related questions but my question is that can they see my MAC address (or anything else that can make me detected) despite all these precautions. And lastly, Is there an extra way to be anonymized that I can do? For example, can my system clock or anything else give an information? Thanks in advance.

    Read the article

  • Static DHCP binding

    - by Alex
    Good time of day, SF people. I have created a manual DHCP binding entry on a Cisco router so that a client would always get leased to it. The clients wants to get the same address on both of his dual-boot linux systems. He tries to get an IP address leased and he succeeds on one of the dual-boot operating systems. When he reboots to another one he gets a lease for a completely different one. I don't get it. The MAC addresses are the same (we checked in ifconfig, so what could be happening here? Why is the router confused? Or is it something else? Also, how can I check DHCP server IP address who I have got an IP address from (on Linux)? Configuration on Cisco: ip dhcp pool MANUAL_BINDING0001 host 192.168.0.64 255.255.255.0 hardware-address dead.beef.1337 dns-server 192.168.8.11 default-router 192.168.0.254 domain-name verynicedomainigothere.cn PS. Is it mandatory to use client-name configuration line?

    Read the article

  • Better urls for this internal web server?

    - by sprugman
    I've got a server that I have admin access to, but don't fully manage. (I think it's a virtual machine, but I'm not 100% sure. It's running Apache on Windows Server 2003.) I share the ip with another user, so my sites all have to use the :8080 port. This is kind of ugly. Also, AFAIK, the only access I have is through an ip address. (I'm inside a corporate firewall and don't think I have access to a DNS server or anything.) I've adjusted my hosts file so I don't have to use the ip address on my local machine, but that's not a very generic solution. Are there any options to 1) get rid of the port requirement 2) be able to use a name (maybe a machine name) instead of the ip address in a generic way? (I'm not really a network admin -- I'm a developer managing this machine. The IT folks who really manage it are a few people away from me and tough to get to do anything, so I'm looking for a light-weight solution if possible.)

    Read the article

  • Reverse NAT Setup for Hyper-V on Win 2008 R2

    - by sukru
    I'm trying to setup a Linux server behind a Windows Hyper-V host that will help supply some of the services (SSH, HTTPS, etc). However getting RRAS configured for reverse NAT (port forwarding) turned out to be a non trivial task. As a staring point, I tried forwarding port 22 (SSH) to the virtual machine. The virtual machine is on a public interface (i.e.: it also has a visible IP on the same network as the host). On RRAS management console I tried to add a rule, by adding "Local Area Connection" to NAT pool (Public Interface - Enable Nat), and an incoming rule for port 22 - :22. I also tried with the same port enabled on Windows Firewall (and not). The NAT management page tells there are "1 mappings" and "30+ Outbound packets transleted". However all other counters (Inbound packets translated, and respective rejected ones) are always zero. (I'm trying to access the server from an external machine). I can directly access the service if I give the VM's public IP, but not the host's one. Is there a way to enable this on RRAS?

    Read the article

  • Is there a limit to how many sites can be hosted on a single IP address when using HTTP Host Headers on Windows 2008?

    - by Kev
    For reasons that are lost in the mists of time, our older Windows (2000, 2003) servers have been configured with a "Administrative" IP address and three further "Hosting" IP addresses. There are also additional IP's for sites with SSL certificates. The "Administrative" IP address is where all our internal provisioning, monitoring and other such apps are bound to. We lock this down and don't permit access to it from the outside world (other than over our VPN). The three "Hosting" IP addresses are used for IIS website hosting (in conjunction with host headers). Historically, new site IP address allocations have been rotated through these three IP addresses. I'm not really sure why. I'm building a new batch of servers and I'm considering just having a single hosting IP address. Our servers can host up to 1200 sites on a single machine. Is there a technical limit to the number of IIS sites that can bind to a single IP address? Our Linux platform seems to do just fine with just a single shared IP + host headers. I initially thought this might be an SEO thing, but given that IPv4 address space conservation is paramount I hardly think Google or other search engines could reasonably penalise site rankings just because hundreds of sites hang off the same IP.

    Read the article

  • Could not start ZK at requested port of 2181, while export HBASE_MANAGES_ZK=false

    - by utrecht
    Problem The first aim was to run HBase standalone. Navigating to ip:60010/master-status is succesfull once HBase has been started. The second aim is to run a distinct ZooKeeper quorum. ZooKeeper has been downloaded and has been started: netstat -nato | grep 2181 tcp 0 0 :::2181 :::* LISTEN off (0.00/0/0) The conf/hbase-env.sh was changed as follows: # Tell HBase whether it should manage it's own instance of Zookeeper or not. export HBASE_MANAGES_ZK=false in order to avoid HBase starts ZooKeeper once HBase has been started. However, the following error occurs once HBase has been started. Could not start ZK at requested port of 2181. ZK was started at port: 2182. Aborting as clients (e.g. shell) will not be able to find this ZK quorum. Question How to disable the startup of ZooKeeper by HBase and run ZooKeeper separately?

    Read the article

  • Logs show failed password for invalid user root from <IP Address> port 2924 ssh2

    - by Chris Hanson
    I'm getting a constant flow of these messages in my logs. The port is variable (seemingly between 1024 and 65535). I can simulate it myself by running sftp root@<my ip> I've commented out the sftp subsystem line in my sshd_config. These ports should be closed by provider's firewall. I don't understand: Why sftp would be selecting a random port like that. It seems to be behaving like FTP in passive mode, but I can't make any sense of why that would be. Why it can even hit my server in the first place if these ports are closed.

    Read the article

  • Domino HTTP Server: Error - Unable to Bind 1.2.3.4, port 80, port in use or Bind To Host configuration specifies a duplicate IP address/host

    - by pdewaard
    We have a Domino 9.0.1 Server hosted on Ubuntu 14.04 Server, which hosts several other http based Tasks, (Nginx, Couchdb, Confluence on Tomcat). The Ubuntu Server has multiple IPs, all bind correctly to the different Tasks. The Domino SMTP task binds correctly and is working well. All http tasks (other than Domino) are proxied behind Nginx version 1.6x and all are working well, netstat shows no 0.0.0.0 bindings, no one is listening on 1.2.3.4:80 . when I try to load http on the (Domino) server console it failes with HTTP Server: Error - Unable to Bind 1.2.3.4, port 80, port in use or Bind To Host configuration specifies a duplicate IP address/host a couple of times, may be 4 or 5 times then it loads without failure! And: when it comes up, I see http is listening on 80 AND 443, but SSL Connections are not working, nor any error log! It must be a kind of bad magic :-( thanks in advance Pitt

    Read the article

  • Encouter error "Linux ip -6 addr add failed" while setting up OpenVPN client

    - by Mickel
    I am trying to set up my router to use OpenVPN and have gotten quite far (I think), but something seems to be missing and I am not sure what. Here is my configuration for the client: client dev tun proto udp remote ovpn.azirevpn.net 1194 remote-random resolv-retry infinite auth-user-pass /tmp/password.txt nobind persist-key persist-tun ca /tmp/AzireVPN.ca.crt remote-cert-tls server reneg-sec 0 verb 3 OpenVPN client log: Nov 8 15:45:13 rc_service: httpd 15776:notify_rc start_vpnclient1 Nov 8 15:45:14 openvpn[27196]: OpenVPN 2.3.2 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Nov 1 2013 Nov 8 15:45:14 openvpn[27196]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Nov 8 15:45:14 openvpn[27196]: Socket Buffers: R=[116736->131072] S=[116736->131072] Nov 8 15:45:14 openvpn[27202]: UDPv4 link local: [undef] Nov 8 15:45:14 openvpn[27202]: UDPv4 link remote: [AF_INET]178.132.75.14:1194 Nov 8 15:45:14 openvpn[27202]: TLS: Initial packet from [AF_INET]178.132.75.14:1194, sid=44d80db5 8b36adf9 Nov 8 15:45:14 openvpn[27202]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Nov 8 15:45:14 openvpn[27202]: VERIFY OK: depth=1, C=RU, ST=Moscow, L=Moscow, O=Azire Networks, OU=VPN, CN=Azire Networks, name=Azire Networks, [email protected] Nov 8 15:45:14 openvpn[27202]: Validating certificate key usage Nov 8 15:45:14 openvpn[27202]: ++ Certificate has key usage 00a0, expects 00a0 Nov 8 15:45:14 openvpn[27202]: VERIFY KU OK Nov 8 15:45:14 openvpn[27202]: Validating certificate extended key usage Nov 8 15:45:14 openvpn[27202]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication Nov 8 15:45:14 openvpn[27202]: VERIFY EKU OK Nov 8 15:45:14 openvpn[27202]: VERIFY OK: depth=0, C=RU, ST=Moscow, L=Moscow, O=AzireVPN, OU=VPN, CN=ovpn, name=ovpn, [email protected] Nov 8 15:45:15 openvpn[27202]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Nov 8 15:45:15 openvpn[27202]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Nov 8 15:45:15 openvpn[27202]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Nov 8 15:45:15 openvpn[27202]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Nov 8 15:45:15 openvpn[27202]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Nov 8 15:45:15 openvpn[27202]: [ovpn] Peer Connection Initiated with [AF_INET]178.132.75.14:1194 Nov 8 15:45:17 openvpn[27202]: SENT CONTROL [ovpn]: 'PUSH_REQUEST' (status=1) Nov 8 15:45:17 openvpn[27202]: PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 2a03:8600:1001:4010::101f/64 2a03:8600:1001:4010::1,route-ipv6 2000::/3 2A03:8600:1001:4010::1,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 194.1.247.30,tun-ipv6,route-gateway 178.132.77.1,topology subnet,ping 3,ping-restart 15,ifconfig 178.132.77.33 255.255.255.192' Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: timers and/or timeouts modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: --ifconfig/up options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: route options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: route-related options modified Nov 8 15:45:17 openvpn[27202]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Nov 8 15:45:17 openvpn[27202]: TUN/TAP device tun0 opened Nov 8 15:45:17 openvpn[27202]: TUN/TAP TX queue length set to 100 Nov 8 15:45:17 openvpn[27202]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=1 Nov 8 15:45:17 openvpn[27202]: /usr/sbin/ip link set dev tun0 up mtu 1500 Nov 8 15:45:18 openvpn[27202]: /usr/sbin/ip addr add dev tun0 178.132.77.33/26 broadcast 178.132.77.63 Nov 8 15:45:18 openvpn[27202]: /usr/sbin/ip -6 addr add 2a03:8600:1001:4010::101f/64 dev tun0 Nov 8 15:45:18 openvpn[27202]: Linux ip -6 addr add failed: external program exited with error status: 254 Nov 8 15:45:18 openvpn[27202]: Exiting due to fatal error Any ideas are most welcome!

    Read the article

  • Can't connect to website after altering IPTables

    - by user2833135
    I attempted to open up a port on my VPS, but I can't connect to my website after opening up that port. Below are the commands I issued to open the port. I didn't get an error or anything after setting this up. I just can't connect to my website after doing this. [root@vps ~]# iptables -F [root@vps ~]# iptables -A INPUT -i lo -j ACCEPT [root@vps ~]# iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT [root@vps ~]# iptables -A INPUT -p tcp --dport 25765 -j ACCEPT [root@vps ~]# iptables -P INPUT DROP [root@vps ~]# iptables -P FORWARD DROP [root@vps ~]# iptables -P OUTPUT ACCEPT [root@vps ~]# iptables -L -v Just a side note, but I am running CentOS 6 (64 bit) Thank you in advance.

    Read the article

  • Specify IPSEC port range using ipsec-tools

    - by Sandman4
    Is it possible to require IPSEC on a port range ? I want to require IPSEC for all incoming connections except a few public ports like 80 and 443, but don't want to restrict outgoing connections. My SPD rules would look like: spdadd 0.0.0.0/0 0.0.0.0/0[80] tcp -P in none; spdadd 0.0.0.0/0 0.0.0.0/0[443] tcp -P in none; spdadd 0.0.0.0/0 0.0.0.0/0[0....32767] tcp -P in esp/require/transport; In setkey manpage I see IP ranges, but no mention of port ranges. (The idea is to use IPSEC as a sort of VPN to protect internal communications between multiple servers. Instead of configuring permissions basing on source IPs, or configuring specific ports, I want to demand IPSEC on anything which is not meant to be public - I feel it's less error-prone this way.)

    Read the article

  • How do I set up a public server on a network?

    - by tyjkenn
    I am trying to set up a personal cloud server with OwnCloud on Ubuntu. LAMP is all set up. I was able to access it using the external IP address when I connected it directly to the modem, but what if I what if I want my server to share a LAN? I still want it accessible over the internet, but then if I go to the IP address from a web browser, it just tries to log into to router admin tools. The internal IP address works across the LAN, but I want to be able to access it from anywhere. This may be simple and I may be over-thinking it, but how do access my server? The router I am using is ASUS WL-520GU.

    Read the article

  • Can't create VM with virt-install on Debian wheezy

    - by chrismacp
    Cant find any answers anywhere so here goes. I am trying to CREATE a new virtual machine using the virt-install command from a console on a Debian wheezy install. I keep getting the following output: Starting install... ERROR internal error process exited while connecting to monitor: char device redirected to /dev/pts/1 inet_listen_opts: bind(ipv4,127.0.0.1,5951): Cannot assign requested address inet_listen_opts: FAILED I assumed that the port (5951 in this case) was being used judging by the error message and other sites I visited for an answer, but the same error occurs whatever number I use for the port. I cant see that port being listened upon in netstat either. Anyone have any ideas what may be wrong?

    Read the article

  • What are Subnet Mask and Gateway exactly

    - by Saif Bechan
    I have a dedicated server with multiple IP adresses. I run them on Plesk but some of the names are confusing me. One ip has a subnet mask of 225.225.225.192, another has 225.225.225.0. What does this mean and what happens if i change that. Another thing i got a gateway. What is that and when will that come in handy. Another thing I see sometimes behind the ip's is /number. For example: 200.20.20.20/24 200.20.20.20/16 200.20.20.20/8 What will these numbers say.

    Read the article

  • possible SYN flooding on port 80. Sending cookies

    - by Sparsh Gupta
    I recently had a server downtime. I looked everywhere and the only thing I found in my log files is: Feb 17 18:58:04 localhost kernel: possible SYN flooding on port 80. Sending cookies. Feb 17 18:59:33 localhost kernel: possible SYN flooding on port 80. Sending cookies. Can someone give me more information about it. WHat is it, How can I debug the cause and how can I fix the same. I also posted ipconntrack suddenly became toooo large which has another data point I found unusual, wondering if the two things is connected as they occured exactly at the same time but at different servers. One at reverse proxy and other at actual backend Varnish server) Thanks

    Read the article

  • Linux IPTables / routing issue

    - by Jon
    Hi all, EDIT 1/3/10 22:00 GMT - rewrote some of it after further investigation It has been a while since I looked at IPtables and I seem to be worse than before as I can not seem to get my webserver online. Below is my firewall rules on the gateway server that is running the dhcp server accessing the net. The webserver is inside my network on a static IP (192.168.0.98, default port). When I use Nmap or GRC.com I see that port 80 is open on the gateway server but when I browse to it, (via public URL. http://www.houseofhawkins.com) it always fails with a connection error, (nmap cannot connect and figure out what the web server is either). I can nmap the webserver and browse to it just fine via same IP inside my network. I believe it is my IPTable rules that are not letting it through. Internally I can route all my requests. Each machine can browse to the website and traffic works just fine. I can MSTSC / ssh to all the webservers internally and they inturn can connect to the web. IPTABLE: *EDIT - Added new firewall rules 2/3/10 * #!/bin/sh iptables="/sbin/iptables" modprobe="/sbin/modprobe" depmod="/sbin/depmod" EXTIF="eth2" INTIF="eth1" load () { $depmod -a $modprobe ip_tables $modprobe ip_conntrack $modprobe ip_conntrack_ftp $modprobe ip_conntrack_irc $modprobe iptable_nat $modprobe ip_nat_ftp echo "enable forwarding.." echo "1" > /proc/sys/net/ipv4/ip_forward echo "enable dynamic addr" echo "1" > /proc/sys/net/ipv4/ip_dynaddr # start firewall # default policies $iptables -P INPUT DROP $iptables -F INPUT $iptables -P OUTPUT DROP $iptables -F OUTPUT $iptables -P FORWARD DROP $iptables -F FORWARD $iptables -t nat -F #echo " Opening loopback interface for socket based services." $iptables -A INPUT -i lo -j ACCEPT $iptables -A OUTPUT -o lo -j ACCEPT #echo " Allow all connections OUT and only existing and related ones IN" $iptables -A INPUT -i $INTIF -j ACCEPT $iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $iptables -A OUTPUT -o $EXTIF -j ACCEPT $iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT $iptables -A FORWARD -i $EXTIF -o $INTIF -m state --state ESTABLISHED,RELATED -j ACCEPT $iptables -A FORWARD -i $INTIF -o $EXTIF -j ACCEPT $iptables -A FORWARD -j LOG --log-level 7 --log-prefix "Dropped by firewall: " $iptables -A INPUT -j LOG --log-level 7 --log-prefix "Dropped by firewall: " $iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "Dropped by firewall: " #echo " Enabling SNAT (MASQUERADE) functionality on $EXTIF" $iptables -t nat -A POSTROUTING -o $EXTIF -j MASQUERADE $iptables -A INPUT -i $INTIF -j ACCEPT $iptables -A OUTPUT -o $INTIF -j ACCEPT #echo " Allowing packets with ICMP data (i.e. ping)." $iptables -A INPUT -p icmp -j ACCEPT $iptables -A OUTPUT -p icmp -j ACCEPT $iptables -A INPUT -p udp -i $INTIF --dport 67 -m state --state NEW -j ACCEPT #echo " Port 137 is for NetBIOS." $iptables -A INPUT -i $INTIF -p udp --dport 137 -j ACCEPT $iptables -A OUTPUT -o $INTIF -p udp --dport 137 -j ACCEPT #echo " Opening port 53 for DNS queries." $iptables -A INPUT -p udp -i $EXTIF --sport 53 -j ACCEPT #echo " opening Apache webserver" $iptables -A PREROUTING -t nat -i $EXTIF -p tcp --dport 80 -j DNAT --to 192.168.0.96:80 $iptables -A FORWARD -p tcp -m state --state NEW -d 192.168.0.96 --dport 80 -j ACCEPT } flush () { echo "flushing rules..." $iptables -P FORWARD ACCEPT $iptables -F INPUT $iptables -P INPUT ACCEPT echo "rules flushed" } case "$1" in start|restart) flush load ;; stop) flush ;; *) echo "usage: start|stop|restart." ;; esac exit 0 route info: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 5e0412a6.bb.sky * 255.255.255.255 UH 0 0 0 eth2 192.168.0.0 * 255.255.255.0 U 0 0 0 eth1 default 5e0412a6.bb.sky 0.0.0.0 UG 100 0 0 eth2 ifconfig: eth1 Link encap:Ethernet HWaddr 00:22:b0:cf:4a:1c inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::222:b0ff:fecf:4a1c/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:79023 errors:0 dropped:0 overruns:0 frame:0 TX packets:57786 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:11580918 (11.5 MB) TX bytes:22872030 (22.8 MB) Interrupt:17 Base address:0x2b00 eth2 Link encap:Ethernet HWaddr 00:0c:f1:7c:45:5b inet addr:94.4.18.166 Bcast:94.4.18.166 Mask:255.255.255.255 inet6 addr: fe80::20c:f1ff:fe7c:455b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:57038 errors:0 dropped:0 overruns:0 frame:0 TX packets:34532 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:21631721 (21.6 MB) TX bytes:7685444 (7.6 MB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:16 errors:0 dropped:0 overruns:0 frame:0 TX packets:16 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1517 (1.5 KB) TX bytes:1517 (1.5 KB) EDIT OK so as requested I will try and expand on my infrastructure: I previously had it setup with a Sky broadband modem router that did the DHCP and I used its web interface to port forward the web across to the web server. The network looked something like this: I have now replaced the sky modem with a dlink modem which gives the IP to the gateway server that now does the DHCP. It looks like: The internet connection is a standard broadband connection with a dynamic IP, (use zoneedit.com to keep it updated). I have tried it on each of the webservers(one Ubuntu Apache server and one WS2008 IIS7). I think there must also be an issue with my IPTable rules as it can route to my win7 box which has the default IIS7 page and that would not display when I forwarded all port 80 to it. I would be really grateful for any and all help with this. Thanks Jon

    Read the article

  • Port scientific software to GPU and publish it

    - by Werner
    Hi, let's say that I am a physicist and that I am the master of the universe when it comes to port salready existing oftware to GPU's with 100x or more speedups. Let's say that I find that some other scientist, which does not know how to program GPU, publishes the Open Source code in his/her website of a physical simulation program, in the field I am expert on. Let's say that I realize "I can port that code to GPU", and I suggest him, but he shows no interest. My interest here is, 1) to port it to GPU, 2) to publish this result in a scientific journal related with physics and/or computer science My question for you is 1- would you proceed here to port the code to GPU (or other new arch) and publish it? 2- how would you do it and which journal do you suggest? Thanks

    Read the article

  • Forwarding MySQL connection with iptables and differents network interfaces

    - by Emilio Nicolás
    I have a PC with Ubuntu as a router. It has a 3G connection with a public IP to the Internet, and there is a private wireless subnet. So it has two active interfaces: ppp0: public IP (WAN) wlan0: private IP (LAN) With iptables I wannt to forward every MySQL connection (port 3306) to a local machine (10.42.43.10) of the subnet. I type these iptables commands: iptables -A PREROUTING -t nat -i ppp0 -p tcp --dport 3306 -j DNAT --to 10.42.43.10:3306 iptables -A FORWARD -p tcp -i ppp0 -o wlan0 -d 10.42.43.10 --dport 3306 -j ACCEPT But it doesn't work. telnet publicip 3306 fails :-( Any help will be appreciated. Thanks!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 70 71 72 73 74 75 76 77 78 79 80 81  | Next Page >