Search Results

Search found 5756 results on 231 pages for 'drop'.

Page 119/231 | < Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >

• IP-restricted port forwarding with iptables

  - by Tom

  For an example, I have two authorized client computers, 1.1.1.1 and 2.1.1.1. My server running iptables is 3.1.1.1 and my firewalled web server is 4.1.1.1. When one of the authorized client IPs connects to 3.1.1.1 on port 80, I would like the connection to be forwarded to 4.1.1.1 on port 8888. If any other IP attempts to connect I would like it to refuse/drop the connection. What iptables config would accomplish this? Is there something more specific out there that would be better suited for this job?

  Read the article

• Copy-paste stops working on Windows 7

  - by earlyadopter

  Copy-paste functionality stops working after about an hour after each reboot on a Windows 7 64-bit system. Running Google Chrome (with gmail and few other tabs open like Calendar, Reader), MS Outlook (which I don't think has anything to do with the problem — I saw it when outlook was off as well), iTunes (9.1.1.12 if it matters). Would appreciate hints where and what for to look in a registry, and ideas for possible fix. That is not an Internet Explorer problem (I don't even run it) — it happens in all applications. Neither Ctrl-C/Ctrl-V nor context menu right-click Copy-Paste (actually, nothing happens on Copy, so there is nothing in a clipboard to Paste) are working. Drag-and-Drop (where supported) continues working though.

  Read the article

• Certain sites not working in Firefox, working in IE

  - by PSU_Kardi

  Totally weird thing happening on my PC after I came back from the Holiday shutdown. My homepage by default is google.com/ig but when it opens (in Firefox) the G-Mail panel does not display and eventually times out. I then try to navigate to https://www.gmail.com but that also times out. Thinking maybe work decided to drop the ban-hammer on g-mail I decided to try it in Internet Explorer. Oddly enough it works in IE Any idea on why it works fine in one browser but not the other?

  Read the article

• How to Detect that Current (Bash) Shell is a (Vi/Vim) Subshell?

  - by Jeet

  From inside Vi/Vim, I can type: :shell to drop into a shell. Is there any way to detect that I am in a Vi-spawned subshell? The environmental variable SHLVL is 2, but that does not tell me explicitly that I am in a Vi/Vim-spawned subshell. On OS X, the following variables are also set: MYVIMRC, VIMRUNTIME, VIM. How universal are these? Can I count on these being set in any system, if and only if I am in a Vi/Vim subshell? If not, is there any portable, robust and hopefully efficient way to tell that I am in a Vi/Vim subshell? Thanks.

  Read the article

• Block ip for long time

  - by Tiziano Dan

  This question is about a iptables, I wanna to know how can I block these ip for 1hour and not only a little time.. because they make to many sql requests, I'm using it for block but it's not enough because there's anyway 100k ip who attack then too much requests for sql server. iptables -N SYN-LIMIT iptables -A SYN-LIMIT -m hashlimit --hashlimit 8/second --hashlimit-mode srcip --hashlimit-name SYN-LIMIT -j RETURN iptables -A SYN-LIMIT -j DROP iptables -I INPUT -p tcp --dport 80 --syn -j SYN-LIMIT iptables -I INPUT -p tcp --dport 80 -m connlimit --connlimit-above 6 -j REJECT --reject-with tcp-reset How can I make the same but block IP for long time ? (Not manually !)

  Read the article

• Syncronization inside the same PC

  - by FGO

  Hi, I work in a company without a server and operating in diferent countries. Because of this we work on a virtual office basis and share files through a virtual server called Drop Box. I'm the controller of this virtual server and find it to be incomplete. We work on levels of permission so I invite access to users for 3 possible levels and find sometimes that I need to have a specific folder inside one mother folder to be inside 2 levels. The only way I can find to make my life easier is to automatically syncronize specific folders between diferent mother folders, but I don't know how to do this in windows 7. Can anyone give me a hint? Thanks

  Read the article

• Outlook keeps dropping 'Other Calendars'

  - by David Gard

  We run Exchnage 2010 with Outlook 2007, and we have public calendars that users are able to 'Add to favorites...' - these are then shown under 'Other Calendars' when a user clicks their 'Calendar' tab. The issue we are having is that these calendars drop off every now and again. Looking under 'Public Folders - Favorites', I can see that the calendars are there, but Outlook doesn't seem to know that they are calendars any more. Simply clicking on one of them to open it changes the icon to that of a 'Folder containing calendar items' for each of the favorite items, and closing and reopening Outlook gets them back under 'Other Calendars' My question is this - how can I make Outlook stop forgetting that these public folders are calendars? Thanks.

  Read the article

• Existing tables with binaries to use filestream

  - by user1098487

  I've got a few tables for which I want to use filestream storage. These tables already contain binary data and have rowguids. However at the time they were were created, the tables were not added to a filestream enabled filegroup. What is the best way to have these tables use filestream at this point? Do I need to drop + recreate the tables and migrate the data? Is there an easier way? The database already has filestream enabled and there are other tables which are using them.

  Read the article

• How to open a server port outside of an OpenVPN tunnel with a pf firewall on OSX (BSD)

  - by Timbo

  I have a Mac mini that I use as a media server running XBMC and serves media from my NAS to my stereo and TV (which has been color calibrated with a Spyder3Express, happy). The Mac runs OSX 10.8.2 and the internet connection is tunneled for general privacy over OpenVPN through Tunnelblick. I believe my anonymous VPN provider pushes "redirect_gateway" to OpenVPN/Tunnelblick because when on it effectively tunnels all non-LAN traffic in- and outbound. As an unwanted side effect that also opens the boxes server ports unprotected to the outside world and bypasses my firewall-router (Netgear SRX5308). I have run nmap from outside the LAN on the VPN IP and the server ports on the mini are clearly visible and connectable. The mini has the following ports open: ssh/22, ARD/5900 and 8080+9090 for the XBMC iOS client Constellation. I also have Synology NAS which apart from LAN file serving over AFP and WebDAV only serves up an OpenVPN/1194 and a PPTP/1732 server. When outside of the LAN I connect to this from my laptop over OpenVPN and over PPTP from my iPhone. I only want to connect through AFP/548 from the mini to the NAS. The border firewall (SRX5308) just works excellently, stable and with a very high throughput when streaming from various VOD services. My connection is a 100/10 with a close to theoretical max throughput. The ruleset is as follows Inbound: PPTP/1723 Allow always to 10.0.0.40 (NAS/VPN server) from a restricted IP range >corresponding to possible cell provider range OpenVPN/1194 Allow always to 10.0.0.40 (NAS/VPN server) from any Outbound: Default outbound policy: Allow Always OpenVPN/1194 TCP Allow always from 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) OpenVPN/1194 UDP Allow always to 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) Block always from NAS to any On the Mini I have disabled the OSX Application Level Firewall because it throws popups which don't remember my choices from one time to another and that's annoying on a media server. Instead I run Little Snitch which controls outgoing connections nicely on an application level. I have configured the excellent OSX builtin firewall pf (from BSD) as follows pf.conf (Apple App firewall tie-ins removed) (# replaced with % to avoid formatting errors) ### macro name for external interface. eth_if = "en0" vpn_if = "tap0" ### wifi_if = "en1" ### %usb_if = "en3" ext_if = $eth_if LAN="{10.0.0.0/24}" ### General housekeeping rules ### ### Drop all blocked packets silently set block-policy drop ### all incoming traffic on external interface is normalized and fragmented ### packets are reassembled. scrub in on $ext_if all fragment reassemble scrub in on $vpn_if all fragment reassemble scrub out all ### exercise antispoofing on the external interface, but add the local ### loopback interface as an exception, to prevent services utilizing the ### local loop from being blocked accidentally. ### set skip on lo0 antispoof for $ext_if inet antispoof for $vpn_if inet ### spoofing protection for all interfaces block in quick from urpf-failed ############################# block all ### Access to the mini server over ssh/22 and remote desktop/5900 from LAN/en0 only pass in on $eth_if proto tcp from $LAN to any port {22, 5900, 8080, 9090} ### Allow all udp and icmp also, necessary for Constellation. Could be tightened. pass on $eth_if proto {udp, icmp} from $LAN to any ### Allow AFP to 10.0.0.40 (NAS) pass out on $eth_if proto tcp from any to 10.0.0.40 port 548 ### Allow OpenVPN tunnel setup over unprotected link (en0) only to VPN provider IPs ### and port ranges pass on $eth_if proto tcp from any to a.b.8.0/24 port 1194:1201 ### OpenVPN Tunnel rules. All traffic allowed out, only in to ports 4100-4110 ### Outgoing pings ok pass in on $vpn_if proto {tcp, udp} from any to any port 4100:4110 pass out on $vpn_if proto {tcp, udp, icmp} from any to any So what are my goals and what does the above setup achieve? (until you tell me otherwise :) 1) Full LAN access to the above ports on the mini/media server (including through my own VPN server) 2) All internet traffic from the mini/media server is anonymized and tunneled over VPN 3) If OpenVPN/Tunnelblick on the mini drops the connection, nothing is leaked both because of pf and the router outgoing ruleset. It can't even do a DNS lookup through the router. So what do I have to hide with all this? Nothing much really, I just got carried away trying to stop port scans through the VPN tunnel :) In any case this setup works perfectly and it is very stable. The Problem at last! I want to run a minecraft server and I installed that on a separate user account on the mini server (user=mc) to keep things partitioned. I don't want this server accessible through the anonymized VPN tunnel because there are lots more port scans and hacking attempts through that than over my regular IP and I don't trust java in general. So I added the following pf rule on the mini: ### Allow Minecraft public through user mc pass in on $eth_if proto {tcp,udp} from any to any port 24983 user mc pass out on $eth_if proto {tcp, udp} from any to any user mc And these additions on the border firewall: Inbound: Allow always TCP/UDP from any to 10.0.0.40 (NAS) Outbound: Allow always TCP port 80 from 10.0.0.40 to any (needed for online account checkups) This works fine but only when the OpenVPN/Tunnelblick tunnel is down. When up no connection is possbile to the minecraft server from outside of LAN. inside LAN is always OK. Everything else functions as intended. I believe the redirect_gateway push is close to the root of the problem, but I want to keep that specific VPN provider because of the fantastic throughput, price and service. The Solution? How can I open up the minecraft server port outside of the tunnel so it's only available over en0 not the VPN tunnel? Should I a static route? But I don't know which IPs will be connecting...stumbles How secure would to estimate this setup to be and do you have other improvements to share? I've searched extensively in the last few days to no avail...If you've read this far I bet you know the answer :)

  Read the article

• Lost Linux root password - Recovery mode and init=/bin/bash fail

  - by Albeit

  I lost/forgot the root password to a server sitting beside me and am trying to reset it. I would rather not have to wipe and re-install or use a Live CD (server is running Ubuntu Server 12.04). What I've tried so far... 1) Boot into "Recovery mode" from Grub2 boot menu then drop into root shell prompt. I am prompted to "Give root password for maintenance". No-go. 2) Change the boot parameters for the main boot option to include "rw" and "init=/bin/bash". When I then boot with Ctrl-X, the screen goes black, and nothing happens (I've waited five minutes). init=/bin/sh and init=/bin/static-sh both do the same thing, while init=/sbin/init boots as normal. Is there anything else I can try to reset the root password? Thank you!

  Read the article

• What is a proper MySql replication configuration for frequent db updates and rare selects?

  - by serg555

  We currently have 1 master db on its own server and slave db on app server. App executes very frequent but light updates (like increasing counters), and occasional (once in a few minutes) heavy selects (which is the most important part of the app). When app was connected only to master db there were no performance issues. With slave db introduction CPU load avg on app server increased to about 6-10 during that heavy select period (from 3-4 as before). When server doesn't run those frequent updates it seems like performance for selects stays within the limits. So I have a feeling that those updates is what is causing the performance drop (also these frequent updates are not critical so if slave db doesn't have them in sync with master for some time it would be ok). What would be a good db replication setup for such kind of app? What are the replication parameters we could tweak? Thanks.

  Read the article

• Where is the list of available Windows locales?

  - by Richard Cotton

  If you open the Regional and Language Options (via Control Panel), and click on the Regional Options tab, then there is a drop down list of all the available locales. Where is this list populated from? (I want to compare the settings for each locale; I'm fine with how to do that, but I need a list of locale names to loop over.) EDIT: After browsing through my windows directory (should probably mention I'm using XP), the file C:\WINDOWS\system32\locale.nls looks like a plausible candidate, but it's a binary file. Is this what I should be looking at, and if so, how do I read it?

  Read the article

• Is it possible to spoof the From: field in Outlook?

  - by tsvallender

  I am wondering if it is possible to change the From: field (not just the reply-to) in Outlook (specifically in the 2010 beta, but also interested in other versions). I am just moving over from Linux and am used to being able to do this quite simply in some clients. At first I thought it was the option of "Other E-Mail address" on the From drop down menu in a compose window, but that seems to do... nothing! I want to be able to do this so I can have email look like it comes from a domain I own but do not wish to run an SMTP server on.

  Read the article

• grub2 error: out of disk

  - by Carl Smotricz

  I'm trying to make a 250G USB hard disk Ubuntu-bootable on a Compaq nc6220 laptop. I've removed all other disks, so /dev/sda (the USB disk) is the only disk other than CDROM. I installed Ubuntu 9.10 to this disk from the live CD, putting the bootloader on /dev/sda . The default system couldn't be booted, and nothing I did in the Grub menu/cmdline helped. So I chrooted onto the disk and did grub-install /dev/sda. That seemed to work fine, but Grub (1.97 beta 4) keeps coming up with error: out of disk Even when I drop to the command line to do something simple like ls or help, it's always the same error message. Any hints for resolving this, please?

  Read the article

• How to move mail among Google Apps for Domains users

  - by Paul Roub

  Considering moving the domain used by my extended family for email to Google Apps. One less server for me to manage, better spam filtering, etc. One thing that's been nice about running my own has been the way I manage my kids' incoming email - it comes to me first, and I drop good mail in a symlinked IMAP folder that we share. A little procmail is all it takes, and straight-through exceptions are easy to implement. (FYI, no I'm not advocating censorship, but manually filtering spam and viruses from my 8-year-old's inbox seems like the right thing to do. YMMV) Anyway. I'm wondering if there's an easy way to do something similar in Google Apps - setting up filters to auto-redirect to me looks easy enough (any gotchas there?), but moving things back is not obvious. Yes, I could access both accounts via IMAP and drag mails across, but does anyone have an easier way?

  Read the article

• Automate opening HTML and printing to PDF

  - by craigpatik

  I need a way to automate the following process in Windows 7: Open an .html file in Internet Explorer Print to PDF Save the PDF with a patterned file name (i.e., original_name_YYYY-MM-DD.pdf) Ideally, I could drag and drop several files or open a whole folder of files at once and a PDF would be created for each one. A command line solution is also acceptable. The files have to be opened in the browser because parts of the page are rendered with JavaScript on page load. In other words, if you simply right-click on the file in Explorer and choose "print", the resulting file is not the same because the JS didn't run. If it helps, Internet Explorer can be set as the default browser, and a PDF printer can be set as the default printer.

  Read the article

• How can I make my browser(s) finish AJAX requests instead of stopping them when I switch to another page?

  - by Tom Wijsman

  I usually need to deal with things on a page right before switching to yet another page, this ranges from "liking / upvoting a comment or post" up to "an important action" and doesn't always come with feedback on whether the action actually proceeded. This is a huge problem! I assume the action to proceed once I start the particular AJAX request, but because I switch to another page it didn't actually happen because the AJAX request got aborted. This has left me several times with coming back to the page and seeing my action didn't take place at all; to give you an idea how bad this is, this even happened once when commenting on Super User! Is there a way to tell my browser to not drop these AJAX connections but simply let them finish?

  Read the article

• Cisco 2900 series router - 3x 3g HWIC - Can you use the same subnet for each HWIC?

  - by Lance

  We host a site with a 2900 series router with 3x 3G-HWIC cards installed. It is hosted with telstra and plugs into our corporate WAN. The card authenticates against radius and advertises a route into the WAN for which subnet it routes for. We have always used the same advertised subnet on each. Telstra have advised us that this could be the cause of some drop out issues whereby some services will work for some people and not for others and are saying effectively that their system will only use one of these at a time even though we can see the interface is online and assigned a WAN IP address. Has anyone out there configured a multi HWIC setup before and if so are they using different subnets for each or the same?

  Read the article

• iptables: How to create a rule for a single website that does not apply to other websites?

  - by Kris

  Virtual Dedicated Server hosts 10 websites. 1 firewall made with iptables If one of those 10 websites gets hit by too many ping requests coming from one IP address, how do I limit or drop it without dropping it for the other 9 websites? Do I create a firewall for every website ? If so, how? Or is it better to change my rules? If so, how? Thank you. Original question was posted here iptables: what's best practice when there're several websites but you want to use a rule for a single website? but it was too vague. Let me know if more info is needed.

  Read the article

• controlling the bandwidth using tc

  - by Supratik

  Hi I have two NIC etho is connected to the internet and eth1 is connected to the LAN. I want to restrict the download limit using iptables and linux tc. So I wrote a test script to verify if it is working. My iptables configuration is as below. iptables -t mangle -N INBOUND iptables -t mangle -I PREROUTING -i eth0 -j INBOUND iptables -t mangle -A INBOUND -j MARK --set-mark 60 My ingress configuration is as below. tc qdisc add dev eth0 handle 1: ingress tc filter add dev eth0 parent 1: protocol ip prio 1 handle 60 fw police rate 100kbit burst 20kbit drop flowid :1 Can you please tell me what I am missing here ?

  Read the article

• Why does Mac OS X sometimes complain that a copy failed because a file is in use?

  - by orj

  Recently I've been copying files from DVDs to network storage on my Mac running Leopard 10.5.7. I'm just dragging and dropping in Finder to perform the copy. Occasionally the copy will fail with a dialog complaining that a file is in use. If I repeat the copy generally it completes successfully. I could understand this being a problem if one was trying to move a file and it was open by another app. But none of these files are open in other apps. I just pop the DVD in, drag and drop the files to my NAS's network share and sometimes it fails with the "file in use" error. This is very annoying. Anyone have any ideas?

  Read the article

• Why one loop is performing better than other memory wise as well as performance wise?

  - by Mohit

  I have following two loops in C#, and I am running these loops for a collection with 10,000 records being downloaded with paging using "yield return" First foreach(var k in collection) { repo.Save(k); } Second var collectionEnum = collection.GetEnumerator(); while (collectionEnum.MoveNext()) { var k = collectionEnum.Current; repo.Save(k); k = null; } Seems like that the second loop consumes less memory and it faster than the first loop. Memory I understand may be because of k being set to null(Even though I am not sure). But how come it is faster than for each. Following is the actual code [Test] public void BechmarkForEach_Test() { bool isFirstTimeSync = true; Func<Contact, bool> afterProcessing = contactItem => { return true; }; var contactService = CreateSerivce("/administrator/components/com_civicrm"); var contactRepo = new ContactRepository(new Mock<ILogger>().Object); contactRepo.Drop(); contactRepo = new ContactRepository(new Mock<ILogger>().Object); Profile("For Each Profiling",1,()=>{ var localenumertaor=contactService.Download(); foreach (var item in localenumertaor) { if (isFirstTimeSync) item.StateFlag = 1; item.ClientTimeStamp = DateTime.UtcNow; if (item.StateFlag == 1) contactRepo.Insert(item); else contactRepo.Update(item); afterProcessing(item); } contactRepo.DeleteAll(); }); } [Test] public void BechmarkWhile_Test() { bool isFirstTimeSync = true; Func<Contact, bool> afterProcessing = contactItem => { return true; }; var contactService = CreateSerivce("/administrator/components/com_civicrm"); var contactRepo = new ContactRepository(new Mock<ILogger>().Object); contactRepo.Drop(); contactRepo = new ContactRepository(new Mock<ILogger>().Object); var itemsCollection = contactService.Download().GetEnumerator(); Profile("While Profiling", 1, () => { while (itemsCollection.MoveNext()) { var item = itemsCollection.Current; //if First time sync then ignore and overwrite the stateflag if (isFirstTimeSync) item.StateFlag = 1; item.ClientTimeStamp = DateTime.UtcNow; if (item.StateFlag == 1) contactRepo.Insert(item); else contactRepo.Update(item); afterProcessing(item); item = null; } contactRepo.DeleteAll(); }); } static void Profile(string description, int iterations, Action func) { // clean up GC.Collect(); GC.WaitForPendingFinalizers(); GC.Collect(); // warm up func(); var watch = Stopwatch.StartNew(); for (int i = 0; i < iterations; i++) { func(); } watch.Stop(); Console.Write(description); Console.WriteLine(" Time Elapsed {0} ms", watch.ElapsedMilliseconds); } I m using the micro bench marking, from a stackoverflow question itself benchmarking-small-code The time taken is For Each Profiling Time Elapsed 5249 ms While Profiling Time Elapsed 116 ms

  Read the article

• Restricting output to only allow localhost using iptables

  - by Dave Forgac

  I would like to restrict outbound traffic to only localhost using iptables. I already have a default DROP policy on OUTPUT and a rule REJECTing all traffic. I need to add a rule above that in the OUTPUT chain. I have seen a couple different examples for this type of rule, the most common being: -A OUTPUT -o lo -j ACCEPT and -A OUTPUT -o lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT Is there any reason to use the latter rather than the former? Can packets on lo have an address other than 127.0.0.1?

  Read the article

• Why would Linux VM in vSphere ESXi 5.5 show dramatically increased disk i/o latency?

  - by mhucka

  I'm stumped and I hope someone else will recognize the symptoms of this problem. Hardware: new Dell T110 II, dual-core Pentium G860 2.9 GHz, onboard SATA controller, one new 500 GB 7200 RPM cabled hard drive inside the box, other drives inside but not mounted yet. No RAID. Software: fresh CentOS 6.5 virtual machine under VMware ESXi 5.5.0 (build 174 + vSphere Client). 2.5 GB RAM allocated. The disk is how CentOS offered to set it up, namely as a volume inside an LVM Volume Group, except that I skipped having a separate /home and simply have / and /boot. CentOS is patched up, ESXi patched up, latest VMware tools installed in the VM. No users on the system, no services running, no files on the disk but the OS installation. I'm interacting with the VM via the VM virtual console in vSphere Client. Before going further, I wanted to check that I configured things more or less reasonably. I ran the following command as root in a shell on the VM: for i in 1 2 3 4 5 6 7 8 9 10; do dd if=/dev/zero of=/test.img bs=8k count=256k conv=fdatasync done I.e., just repeat the dd command 10 times, which results in printing the transfer rate each time. The results are disturbing. It starts off well: 262144+0 records in 262144+0 records out 2147483648 bytes (2.1 GB) copied, 20.451 s, 105 MB/s 262144+0 records in 262144+0 records out 2147483648 bytes (2.1 GB) copied, 20.4202 s, 105 MB/s ... but after 7-8 of these, it then prints 262144+0 records in 262144+0 records out 2147483648 bytes (2.1 GG) copied, 82.9779 s, 25.9 MB/s 262144+0 records in 262144+0 records out 2147483648 bytes (2.1 GB) copied, 84.0396 s, 25.6 MB/s 262144+0 records in 262144+0 records out 2147483648 bytes (2.1 GB) copied, 103.42 s, 20.8 MB/s If I wait a significant amount of time, say 30-45 minutes, and run it again, it again goes back to 105 MB/s, and after several rounds (sometimes a few, sometimes 10+), it drops to ~20-25 MB/s again. Plotting the disk latency in vSphere's interface, it shows periods of high disk latency hitting 1.2-1.5 seconds during the times that dd reports the low throughput. (And yes, things get pretty unresponsive while that's happening.) What could be causing this? I'm comfortable that it is not due to the disk failing, because I also had configured two other disks as an additional volume in the same system. At first I thought I did something wrong with that volume, but after commenting the volume out from /etc/fstab and rebooting, and trying the tests on / as shown above, it became clear that the problem is elsewhere. It is probably an ESXi configuration problem, but I'm not very experienced with ESXi. It's probably something stupid, but after trying to figure this out for many hours over multiple days, I can't find the problem, so I hope someone can point me in the right direction. (P.S.: yes, I know this hardware combo won't win any speed awards as a server, and I have reasons for using this low-end hardware and running a single VM, but I think that's besides the point for this question [unless it's actually a hardware problem].) ADDENDUM #1: Reading other answers such as this one made me try adding oflag=direct to dd. However, it makes no difference in the pattern of results: initially the numbers are higher for many rounds, then they drop to 20-25 MB/s. (The initial absolute numbers are in the 50 MB/s range.) ADDENDUM #2: Adding sync ; echo 3 > /proc/sys/vm/drop_caches into the loop does not make a difference at all. ADDENDUM #3: To take out further variables, I now run dd such that the file it creates is larger than the amount of RAM on the system. The new command is dd if=/dev/zero of=/test.img bs=16k count=256k conv=fdatasync oflag=direct. Initial throughput numbers with this version of the command are ~50 MB/s. They drop to 20-25 MB/s when things go south. ADDENDUM #4: Here is the output of iostat -d -m -x 1 running in another terminal window while performance is "good" and then again when it's "bad". (While this is going on, I'm running dd if=/dev/zero of=/test.img bs=16k count=256k conv=fdatasync oflag=direct.) First, when things are "good", it shows this: When things go "bad", iostat -d -m -x 1 shows this:

  Read the article

• outlook iptables configuration [update]

  - by mediaexpert

  I've a Debian mail server, but only the outlook users can't be able to download the emails. I've seen a lot of post about some kind of forwarding port configuration, I've tried some commands, but I don't be able to solve this problem, please help me. [LAST UPDATE] I find a lot of TIME WAIT on ipv6 netstat tcp6 0 0 my.mailserver.it:imap2 200-62-245-188.ip2:17060 TIME_WAIT - below some config files: pop3d I think the problem was here ##NAME: POP3AUTH:1 # # To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH # variable: # # POP3AUTH="LOGIN" # # If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH # to something like this: # # POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" POP3AUTH="" ##NAME: POP3AUTH_ORIG:1 # # For use by webadmin POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" ##NAME: POP3AUTH_TLS:1 # # To also advertise SASL PLAIN if SSL is enabled, uncomment the # POP3AUTH_TLS environment variable: # # POP3AUTH_TLS="LOGIN PLAIN" POP3_TLS_REQUIRED = 0 POP3AUTH_TLS="" ##NAME: POP3AUTH_TLS_ORIG:0 # # For use by webadmin POP3AUTH_TLS_ORIG="LOGIN PLAIN" ##NAME: POP3_PROXY:0 # # Enable proxying. See README.proxy # # For use by webadmin POP3AUTH_TLS_ORIG="LOGIN PLAIN" ##NAME: POP3_PROXY:0 # # Enable proxying. See README.proxy POP3_PROXY=0 ##NAME: PROXY_HOSTNAME:0 # # Override value from gethostname() when checking if a proxy connection is # required. # PROXY_HOSTNAME= ##NAME: PORT:1 ##NAME: PROXY_HOSTNAME:0 # # Override value from gethostname() when checking if a proxy connection is # required. # PROXY_HOSTNAME= ##NAME: PORT:1 # # Port to listen on for connections. The default is port 110. # # Multiple port numbers can be separated by commas. When multiple port # numbers are used it is possibly to select a specific IP address for a # given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" # accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 # The ADDRESS setting is a default for ports that do not have a specified # IP address. # Port to listen on for connections. The default is port 110. # # Multiple port numbers can be separated by commas. When multiple port # numbers are used it is possibly to select a specific IP address for a # given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" # accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 # The ADDRESS setting is a default for ports that do not have a specified # IP address. PORT=110 ##NAME: ADDRESS:0 # # IP address to listen on. 0 means all IP addresses. ADDRESS=0 ##NAME: TCPDOPTS:0 # ##NAME: ADDRESS:0 # # IP address to listen on. 0 means all IP addresses. ADDRESS=0 ##NAME: TCPDOPTS:0 # # Other couriertcpd(1) options. The following defaults should be fine. # TCPDOPTS="-nodnslookup -noidentlookup" ##NAME: LOGGEROPTS:0 # # courierlogger(1) options. # LOGGEROPTS="-name=pop3d" ##NAME: DEFDOMAIN:0 # # Optional default domain. If the username does not contain the # first character of DEFDOMAIN, then it is appended to the username. # If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended # only if the username does not contain any character from DOMAINSEP. # You can set different default domains based on the the interface IP # address using the -access and -accesslocal options of couriertcpd(1). DEFDOMAIN="@interzone.it" ##NAME: POP3DSTART:0 # # POP3DSTART is not referenced anywhere in the standard Courier programs # or scripts. Rather, this is a convenient flag to be read by your system # startup script in /etc/rc.d, like this: # # . /etc/courier/pop3d DEFDOMAIN="@mydomain.com" ##NAME: POP3DSTART:0 # # POP3DSTART is not referenced anywhere in the standard Courier programs # or scripts. Rather, this is a convenient flag to be read by your system # startup script in /etc/rc.d, like this: # # . /etc/courier/pop3d # case x$POP3DSTART in # x[yY]*) # /usr/lib/courier/pop3d.rc start # ;; # esac # # The default setting is going to be NO, until Courier is shipped by default # with enough platforms so that people get annoyed with having to flip it to # YES every time. # x[yY]*) # /usr/lib/courier/pop3d.rc start # ;; # esac # # The default setting is going to be NO, until Courier is shipped by default # with enough platforms so that people get annoyed with having to flip it to # YES every time. POP3DSTART=YES ##NAME: MAILDIRPATH:0 # # MAILDIRPATH - directory name of the maildir directory. # MAILDIRPATH=.maildir iptables Chain INPUT (policy DROP 20 packets, 1016 bytes) pkts bytes target prot opt in out source destination 60833 16M ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 state NEW,ESTABLISHED 18970 971K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW,ESTABLISHED Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- * * 192.168.0.0/24 0.0.0.0/0 tcp dpt:110 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.0/24 0.0.0.0/0 tcp dpt:110 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110 pop3d.cnf RANDFILE = /usr/lib...pop3d.rand [req] default_bits = 1024 encrypt_key = yes distinguidhed_name = req_dn x509_extensions = cert_type prompt = no [req_dn] C=US ST=NY L= New York O=Courier Mail Server OU=Automatically-generated POP3 SSL key CN=localhost [email protected] [cert_type] nsCertType = server

  Read the article

< Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >