Search Results

Search found 861 results on 35 pages for 'ipv4'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 25/35 | < Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32  | Next Page >

  • Postfix (delivery temporarily suspended: conversation with mydomain.net [private/lmtp] timed out while receiving the initial server greeting)

    - by Paul
    I'm running Debian 7.1, Postfix version 2.9.6, Dovecot Version 2.1.7 To set it up I followed mostly this (without the spamass-clamav-greylist bit) I have also got setup smart host relaying via gmail postconf -n reveals: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix inet_interfaces = all inet_protocols = ipv4 mailbox_size_limit = 0 milter_default_action = accept mydestination = MyDomain, localhost.net, localhost myhostname = MyDomain.net mynetworks = 127.0.0.0/8 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relay_domains = mysql:/etc/postfix/mysql_relay_domains.cf relayhost = [smtp.gmail.com]:587 smtp_connect_timeout = 120s smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/relay_passwd smtp_sasl_security_options = noanonymous smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_invalid_hostname smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:3000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_mailbox_domains.cf virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_transport = lmtp:unix:private/lmtp virtual_uid_maps = static:3000 I am able to send emails to the outside world but all emails sent to me are getting stuck. mailq is showing numerous lines: A69C2414C4 2621 Fri Dec 27 14:57:03 [email protected] (conversation with MyDomain.net[private/lmtp] timed out while receiving the initial server greeting) [email protected] AB78B414BE 3796 Fri Dec 27 14:56:50 [email protected] (delivery temporarily suspended: conversation with MyDomain.net[private/lmtp] timed out while receiving the initial server greeting) [email protected] /var/log/mail.log is showing: Dec 28 09:50:09 hostname postfix/lmtp[10828]: E947C414CD: to=, relay=localhost[private/lmtp], delay=64012, delays=63712/0.25/300/0, dsn=4.4.2, status=deferred (conversation with localhost[private/lmtp] timed out while receiving the initial server greeting) Any help would be greatly appreciated. Thank you

    Read the article

  • Natting trafic from a tunnel to internet

    - by mezgani
    I'm trying to set up a GRE tunnel between a linux box and a router (LAN), and I'm having a few problems which seem to depend to my iptables configuration. Watching with tcpdump on linux box, I can see packets coming with flags GREv0, all i need right know is forwarding this data to internet, found here some trace : iptables -F iptables -X iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -t nat -F iptables -t nat -X iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING ACCEPT iptables -t nat -P OUTPUT ACCEPT iptables -t mangle -F iptables -t mangle -X iptables -t mangle -P PREROUTING ACCEPT iptables -t mangle -P OUTPUT ACCEPT iptables -A INPUT -p 47 -j ACCEPT iptables -A FORWARD -i ppp0 -o cloud -j ACCEPT iptables -A FORWARD -i cloud -o ppp0 -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE echo "1" /proc/sys/net/ipv4/ip_forward cloud Link encap:UNSPEC HWaddr C4-CE-7A-2E-F2-BF-DD-C0-00-00-00-00-00-00-00-00 inet adr:10.3.3.3 P-t-P:10.3.3.3 Masque:255.255.255.255 UP POINTOPOINT RUNNING NOARP MTU:1476 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:124 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:0 (0.0 B) TX bytes:10416 (10.1 KiB) Table de routage IP du noyau Destination Passerelle Genmask Indic MSS Fenêtre irtt Iface 196.206.120.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.3.3.0 0.0.0.0 255.255.255.0 U 0 0 0 cloud 0.0.0.0 196.206.120.1 0.0.0.0 UG 0 0 0 ppp0 root@aldebaran:~# ip route 196.206.120.1 dev ppp0 proto kernel scope link src 196.206.122.46 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.18 10.3.3.0/24 dev cloud scope link default via 196.206.120.1 dev ppp0

    Read the article

  • IPv6 - Public IPs, private IPs, IPs derived from the MAC address? Confused!

    - by sinni800
    I'm pretty much excited for IPv6 because of the large address room and (potential?) owning of more than one IP, or even tens of IPs (/122 subnet?) Though one magazine has now confused me. In a current issue (no. 3) of "CT", a German computer magazine, I read that when using IPv6 your IP address consists of your MAC address and various other things, and that this address will be public on the web, no matter what access point / LAN you connect to. My knowledge of IP(v6) is in contrary of this. I thought you will normally always have a a local network IP and NAT takes care of your Internet access, and your provider gives the NAT router an IP. I've heard of the 6to4 interface, but does this one give you your own ip in the IPv6 net? Personally I hope it still is through a personal IP space (like 192.168, 127.16-31, 10. in IPv4) in private networks with a NAT going to the Internet. And also I hope that providers will offer subnets to private customers so they don't have to use NAT anymore. Yay for converting your LAN into the WAN and using better security (so Computers from the same subnet still get access rights like normal).

    Read the article

  • Can't seem to stop Postfix backscatter

    - by Ian
    I've just migrated to a Postfix system and can't seem to stop the backscatter messages to unknown addresses on the site. I have a file, validrcpt, that lists all the valid emails on the site - about eight of them. Yet when a message is sent to a non-existent address, instead of just dropping it, postfix is replying with a "Recipient address rejected: User unknown in virtual mailbox table" email. Do I have something set wrong? I've read http://www.postfix.org/BACKSCATTER_README.html but unless I'm caffeine deficient, I don't see what's happening and perhaps I'm just to used to my old qmail setup. Here's postconf -n: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 home_mailbox = Maildir/ inet_interfaces = all inet_protocols = ipv4 local_recipient_maps = hash:/etc/postfix/validrcpt mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/dovecot.conf -m "${EXTENSION}" mailbox_size_limit = 0 mydestination = localhost myhostname = localhost mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname policy-spf_time_limit = 3600s readme_directory = no recipient_bcc_maps = hash:/etc/postfix/recipient_bcc recipient_delimiter = + relay_recipient_maps = hash:/etc/postfix/relay_recipients relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,check_policy_service unix:private/policy-spf,reject_rbl_client zen.spamhaus.org,reject_rbl_client bl.spamcop.net,reject_rbl_client cbl.abuseat.org,check_policy_service inet:127.0.0.1:10023 smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_unknown_sender_domain smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/dovecot/dovecot.pem smtpd_tls_key_file = /etc/dovecot/private/dovecot.pem smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes tls_random_source = dev:/dev/urandom virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = digitalhit.com virtual_mailbox_maps = hash:/etc/postfix/vmaps virtual_minimum_uid = 1000 virtual_uid_maps = static:5000

    Read the article

  • Windows 7 remote desktop encryption error every few minutes

    - by rfrankel
    Because of an error in data encryption, this session will now end. This is the error I've been getting more and more frequently over the past few days, to the point that I can't ignore it because it's happening consistently within 5 minutes of connecting - sometimes within a few seconds. Both the remote and local machines are Windows 7 Pro x64. The remote machine is behind a Linksys RV082, and I'm using UPnP to forward a remote port to the correct local port. This setup had been working fine for several months, and I can't think of any recent relevant changes that might have been made. Things I've already tried: Disabling unnecessary components of the network connection on the remote machine, until only IPv4 and Client for Microsoft Networks remain. Disabling TCP large send offload on both the remote and local machines. Confirming that the remote machine is not mentioned anywhere in any DMZ settings on the Linksys router. Confirming that there are no x509-related registry keys screwing things up (this is the suggested fix for a slightly different error anyway). These are the only solutions I've been able to find after about an hour of searching, and most of them apply to XP or Server 2003 in any case. If anyone could suggest something else, it would be much appreciated.

    Read the article

  • TCP Handshake and port numbers

    - by Guido
    (I have a question about the TCP handshake and how port numbers are assigned, if this does not belong here, let me know.) Hi, I'm studying TCP/IP from the book "Internetworking with TCP/IP" by Douglas Comer. In the TCP chapter it mentions that TCP defines an "endpoint" as a pair (IP address, port number), and a connection is defined by two endpoints. This has a few implications, such as, a local TCP port could be in several connections at once, as long as there are no two from the same IP and the same remote port. This also means that the amount of established connections is almost limitless (2^16 for every IPv4 address. 2^48 in total). Now, in class, I was told that when one connects to a listening port, both sides agree on a different port to use, so the communication can happen and the listener socket remains free. This was also my belief before reading the book. Now I feel like I should obviously trust the book (It's Comer!), but is there any truth to the other explanation? Thanks

    Read the article

  • How to make a static route when using two internet connections?

    - by webmasters
    I have asked a question here on how to choose which applications will use a 3G internet connection and which applications will use the LAN. User harrymc gave a very complete and interesting answer, pointing that this is possible using static routes for certain websites. Now, lets say I want to access google.com only through my 3G internet connection. How would that static root look like? google has the IP: 173.194.39.180 here is a print of my route table, the 3G Modem has the IP: 10.81.132.96 +-----------------------------------------------------------------------------+ ¦ IPv4 Route Table ¦ ¦ =========================================================================== ¦ ¦ Active Routes: ¦ ¦ Network Destination Netmask Gateway Interface Metric ¦ ¦ 0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.102 20 ¦ ¦ 0.0.0.0 0.0.0.0 10.81.132.97 10.81.132.111 286 ¦ ¦ 10.81.132.96 255.255.255.224 On-link 10.81.132.111 286 ¦ ¦ 10.81.132.111 255.255.255.255 On-link 10.81.132.111 286 ¦ ¦ 10.81.132.127 255.255.255.255 On-link 10.81.132.111 286 ¦ ¦ 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 ¦ ¦ 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 ¦ ¦ 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 ¦ ¦ 192.168.2.0 255.255.255.0 On-link 192.168.2.102 276 ¦ ¦ 192.168.2.102 255.255.255.255 On-link 192.168.2.102 276 ¦ ¦ 192.168.2.255 255.255.255.255 On-link 192.168.2.102 276 ¦ ¦ 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 ¦ ¦ 224.0.0.0 240.0.0.0 On-link 192.168.2.102 276 ¦ ¦ 224.0.0.0 240.0.0.0 On-link 10.81.132.111 286 ¦ ¦ 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 ¦ ¦ 255.255.255.255 255.255.255.255 On-link 192.168.2.102 276 ¦ ¦ 255.255.255.255 255.255.255.255 On-link 10.81.132.111 286 ¦ +-----------------------------------------------------------------------------+

    Read the article

  • PostgreSQL pg_hba.conf with "password" auth wouldn't work with PHP pg_connect?

    - by tftd
    I've recently experimented with the settings in pg_hba.conf. I read the PostgreSQL documentation and I though that the "password" auth method is what I want. There are many people that have access to the server PostgreSQL is working on so I don't want the "trust" method. So I changed it. But then PHP stopped working with the database. The message I get is "Warning: pg_connect(): Unable to connect to PostgreSQL server: FATAL: password authentication failed for user "myuser" in /my/path/to/connection/class.php on line 35". It is kind of strange because I can connect via phppgadmin without any problems and also I can connect from my home computer with psql - again without any problems. This is my pg_hba.conf: # TYPE DATABASE USER CIDR-ADDRESS METHOD # "local" is for Unix domain socket connections only local all all password # IPv4 local connections: host all all 127.0.0.1/32 password # IPv6 local connections: host all all ::1/128 password The connection string I'm using with pg_conenct is: $connect_string = "host=localhost port=5432 dbname=mydbname user=auser password=apassword"; $dbConnection = pg_connect($connection_string); Does anybody know why is this happening ? Did I misconfigured something ?

    Read the article

  • OpenSWAN KLIPS not working

    - by bonzi
    I am trying to setup IPSec between 2 VM launched by OpenNebula. I'm using OpenSWAN for that. This is the ipsec.conf file config setup oe=off interfaces=%defaultroute protostack=klips conn host-to-host left=10.141.0.135 # Local IP address connaddrfamily=ipv4 leftrsasigkey=key right=10.141.0.132 # Remote IP address rightrsasigkey=key ike=aes128 # IKE algorithms (AES cipher) esp=aes128 # ESP algorithns (AES cipher) auto=add pfs=yes forceencaps=yes type=tunnel I'm able to establish the connection with netkey but klips doesnt work. ipsec barf shows #71: ERROR: asynchronous network error report on eth0 (sport=500) for message to 10.141.0.132 port 500, complainant 10.141.0.135: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)] Tcpdump shows 22:50:20.592685 IP 10.141.0.132.isakmp > 10.141.0.135.isakmp: isakmp: phase 1 I ident 22:50:25.602182 ARP, Request who-has 10.141.0.135 tell 10.141.0.132, length 46 22:50:26.602082 ARP, Request who-has 10.141.0.135 tell 10.141.0.132, length 46 22:50:27.601985 ARP, Request who-has 10.141.0.135 tell 10.141.0.132, length 46 ipsec eroute shows 0 10.141.0.135/32 -> 10.141.0.132/32 => %trap What could be the problem?

    Read the article

  • What kernel modules are required for wi-fi to work?

    - by Leonid Shevtsov
    My custom-built 2.6.32 kernel cannot connect to any WPA-protected network. The kernel includes (probably?) everything that should be needed for wifi, including IPv4 network support (IPv6 is disabled), the ath5k wireless driver (which is used in the generic Ubuntu 2.6.31 kernel) and all crypto APIs. The card is being detected, however, iwlist scan returns wlan0 Failed to read scan data : Network is down and network-manager log says <info> (wlan0): driver supports SSID scans (scan_capa 0x01). <info> (wlan0): new 802.11 WiFi device (driver: 'ath5k') <info> (wlan0): exported as /org/freedesktop/NetworkManager/Devices/1 <info> (wlan0): now managed <info> (wlan0): device state change: 1 -> 2 (reason 2) <info> (wlan0): bringing up device. <info> (wlan0): preparing device. <info> (wlan0): deactivating device (reason: 2). supplicant_interface_acquire: assertion `mgr_state == NM_SUPPLICANT_MANAGER_STATE_IDLE' failed <info> modem-manager is now available <WARN> default_adapter_cb(): bluez error getting default adapter: The name org.bluez was not provided by any .service files <info> Trying to start the supplicant... <info> (wlan0): supplicant manager state: down -> idle <info> (wlan0): device state change: 2 -> 3 (reason 0) <WARN> nm_supplicant_interface_add_cb(): Unexpected supplicant error getting interface: wpa_supplicant couldn't grab this interface. The exact same configuration works with the generic kernel. Is anything except wifi and crypto api needed for wi-fi to work?

    Read the article

  • What kernel modules are required for wi-fi to work?

    - by Leonid Shevtsov
    My custom-built 2.6.32 kernel cannot connect to any WPA-protected network. The kernel includes (probably?) everything that should be needed for wifi, including IPv4 network support (IPv6 is disabled), the ath5k wireless driver (which is used in the generic Ubuntu 2.6.31 kernel) and all crypto APIs. The card is being detected, however, iwlist scan returns wlan0 Failed to read scan data : Network is down and network-manager log says <info> (wlan0): driver supports SSID scans (scan_capa 0x01). <info> (wlan0): new 802.11 WiFi device (driver: 'ath5k') <info> (wlan0): exported as /org/freedesktop/NetworkManager/Devices/1 <info> (wlan0): now managed <info> (wlan0): device state change: 1 -> 2 (reason 2) <info> (wlan0): bringing up device. <info> (wlan0): preparing device. <info> (wlan0): deactivating device (reason: 2). supplicant_interface_acquire: assertion `mgr_state == NM_SUPPLICANT_MANAGER_STATE_IDLE' failed <info> modem-manager is now available <WARN> default_adapter_cb(): bluez error getting default adapter: The name org.bluez was not provided by any .service files <info> Trying to start the supplicant... <info> (wlan0): supplicant manager state: down -> idle <info> (wlan0): device state change: 2 -> 3 (reason 0) <WARN> nm_supplicant_interface_add_cb(): Unexpected supplicant error getting interface: wpa_supplicant couldn't grab this interface. The exact same configuration works with the generic kernel. Is anything except wifi and crypto api needed for wi-fi to work?

    Read the article

  • lsof not showing what port a proc is listening on

    - by ericslaw
    I have many processes on a box listening on several ports. I am trying to map ports to pids. The problem is that lsof is not telling me what ports belong to which process. Given an apache listening on port 80, I can see it listening via netstat: user@host% netstat -an|grep LISTEN|grep 80 *.80 *.* 0 0 49152 0 LISTEN But when I try to map port 80 to a pid I get nothing: user@host% lsof -iTCP:80 -t When I try seeing what sockets that specific pid is using I get: user@host% lsof -lnP -p31 -a -i COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME libhttpd. 31 0 15u IPv4 0x6002d970b80 0t0 TCP *:65535 (LISTEN) Notice the *:65535 in the NAME column. Does anyone know why lsof is not reporting the port in use? I am running as root. I am using a mix of lsof and os versions: lsof v4.77 on Solaris10 sparc lsof v4.72 on Redhat4.2 etc I know that linux solutions can use "netstat -p", so I guess I'm only looking for why solaris isn't working, but I find lsof is frequently silent and not showing me expected data.

    Read the article

  • only root can send out mail by postfix

    - by Arash
    I have postfix installed and running. The problem is only root can send email. other users failed to do. Here is the log for user www-data which is a web server application. (the same error for other users) postfix/smtp[32003]: 513765FEB9: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:11125, delay=2.1, delays=0.07/0/1.7/0.32, dsn=5.0.0, status=bounced (host 127.0.0.1[127.0.0.1] said: 550-Verification failed for <[email protected]> 550-Unrouteable address 550 Sender verify failed (in reply to RCPT TO command)) here is the /etc/postfix/main.cf: smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no append_dot_mydomain = no readme_directory = no smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases mydestination = $myhostname, localhost.$mydomain, localhost relayhost = [127.0.0.1]:11125 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/lizard_password smtp_sasl_security_options = mynetworks = 127.0.0.1/8 [::ffff:127.0.0.1]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = loopback-only myorigin = /etc/mailname mydestination = $myhostname, localhost.$mydomain, localhost inet_protocols = ipv4 smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination and here is the section that I added to the /etc/stunnel/stunnel.conf: [smtp-tls-wrapper] accept = 11125 client = yes connect = smtp.mydomain.com:465 I appreciate any help.

    Read the article

  • Linux VLAN Bridge

    - by raspi
    I have home network with VLANs, one for LAN, one for WLAN and one for internet. I'd like to use bridging so that instead of configuring these same VLANs to every machine, they had own VLAN ID and bridges were LAN, WLAN and internet. I've tried it but for some reason keep-alive/ttl seems to get broken because SSH sessions etc suddenly disconnects. We have this same setup working in workplace for 4+ years with 100+ customers but it's custom firewall/router hardware so accessing it is impossible. I know that it runs Linux. So what is Debian/Ubuntu default network settings doing wrong or is it just NIC driver/hw problem? I've tried to mess araund with ttl etc settings without any luck. The bad stuff is happening in the bridge because current VLAN-only setup works fine. interfaces: auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 allow-hotplug eth1 iface eth0 inet static iface eth1 inet static auto vlan111 auto vlan222 auto vlan333 auto vlan444 auto br0 auto br1 auto br2 # LAN iface vlan111 inet static vlan_raw_device eth0 # WLAN iface vlan222 inet static vlan_raw_device eth0 # ADSL Modem iface vlan333 inet static vlan_raw_device eth1 # Internet iface vlan444 inet static vlan_raw_device eth0 # LAN bridge iface br0 inet static address 192.168.0.1 netmask 255.255.255.0 bridge_ports eth0.111 bridge_stp on # Internet bridge iface br1 inet static address x.x.x.x netmask x.x.x.x gateway x.x.x.x bridge_ports eth1.333 eth0.444 bridge_stp on post-up iptables -t nat -A POSTROUTING -o br1 -j MASQUERADE pre-down iptables -t nat -D POSTROUTING -o br1 -j MASQUERADE # WLAN bridge iface br2 inet static address 192.168.1.1 netmask 255.255.255.0 bridge_ports eth0.222 bridge_stp on Sysctl: net.ipv4.conf.default.forwarding=1

    Read the article

  • Amazon EC2 Nat Instance - goes out but not back in

    - by nocode
    I've followed Amazon's steps and list what I've done. I've created 6 subnets (4 private SN1: 10.50.1.0/24, SN2: 10.50.2.0/24, SN3: 10.50.3.0/24, SN4: 10.50.4.0/24) and 2 public (SN5: 10.50.101.0/24 and SN6: 10.50.102.0/24) -I have a Bastion host and a NAT instance on SN5 and assigned EIP's to both. I created a test instance on SN1. edit: -NAT instance has source/destination check disabled -On the NAT instance, I had enabled the following commands to be bootstrapped: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -s 10.0.0.0/16 -j MASQUERADE -In my VPC, the private subnets have their own route table and configured 0.0.0.0/0 to the NAT instance with 4 subnets being associated with the route table. I have a second route table for my public subnets and 0.0.0.0/16 is pointed towards the IGW (with the other 2 subnets associated with it). -For Security Groups, I have the NAT instance accepting all traffic on each of the 4 subnets and all OUTBOUND traffic is allowed. For my test server, I have allowed all outbound access and have allowed all traffic from the public subnet of the NAT host. I can ping internally with no issues. On my test instance, if I try to ping google.com, DNS resolves however I don't get a reply back. On my NAT instance, I run a tcpdump and can see the request being requested to google.com but it's not sending the reply back. My NAT host can ping and receive a reply from google. From the test host, when I ping the NAT instance, the tcpdump shows a request and receive. Is there something I'm missing? EDIT: I've figured it out - I had to save the iptable config and restart the service.

    Read the article

  • Postfix SMTP-relay server against Gmail on CentOS 6.4

    - by Alex
    I'm currently trying to setup an SMTP-relay server to Gmail with Postfix on a CentOS 6.4 machine, so I can send e-mails from my PHP scripts. I followed this tutorial but I get this error output when trying to do a sendmail [email protected] Output: tail -f /var/log/maillog Apr 16 01:25:54 ext-server-dev01 postfix/cleanup[3646]: 86C2D3C05B0: message-id=<[email protected]> Apr 16 01:25:54 ext-server-dev01 postfix/qmgr[3643]: 86C2D3C05B0: from=<[email protected]>, size=297, nrcpt=1 (queue active) Apr 16 01:25:56 ext-server-dev01 postfix/smtp[3648]: 86C2D3C05B0: to=<[email protected]>, relay=smtp.gmail.com[173.194.79.108]:587, delay=4.8, delays=3.1/0.04/1.5/0.23, dsn=5.5.1, status=bounced (host smtp.gmail.com[173.194.79.108] said: 530-5.5.1 Authentication Required. Learn more at 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 qh4sm3305629pac.8 - gsmtp (in reply to MAIL FROM command)) Here is my main.cf configuration, I tried a number of different options but nothing seems to work: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = localhost inet_protocols = ipv4 mail_owner = postfix mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost myhostname = host.local.domain myorigin = $myhostname newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES relayhost = [smtp.gmail.com]:587 sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_sasl_tls_security_options = noanonymous smtp_sasl_type = cyrus smtp_tls_CAfile = /etc/ssl/certs/ca-bundle.crt smtp_use_tls = yes smtpd_sasl_path = smtpd unknown_local_recipient_reject_code = 550 In the /etc/postfix/sasl_passwd files (sasl_passwd & sasl_passwd.db) I got the following (removed the real password, and replaced it with "password"): [smtp.google.com]:587 [email protected]:password To create the sasl_passwd.db file, I did that by running this command: postmap hash:/etc/postfix/sasl_passwd Do anybody got an idea why I can't seem to send an e-mail from the server? Kind Regards Alex

    Read the article

  • How to enable IPv6 glue records (AAAA) in PowerDNS

    - by aef
    I'm running a PowerDNS 3.1 on a Debian Wheezy Beta 4 system. The zone data is accessed through a PostgreSQL database, the server answers to both IPv4 and IPv6 queries. If the DNS-Server knows the A record for one of the name servers referenced by NS records on a zone, it automatically return these A records as additional information to the response on an NS query for that zone. Now even if it knows the AAAA record for one of the name servers of the NS records, it currently does never return an AAAA record as additional information. How can I enable this? Or is there anything I could be doing wrong? Output of dig @ns.mydomain.tld NS mydomain.tld: ;; QUESTION SECTION: ;mydomain.tld. IN NS ;; ANSWER SECTION: mydomain.tld. 86400 IN NS ns3.nsprovider.de. mydomain.tld. 86400 IN NS ns2.nsprovider.de. mydomain.tld. 86400 IN NS ns.mydomain.tld. mydomain.tld. 86400 IN NS ns.nsprovider.de. ;; ADDITIONAL SECTION: ns2.nsprovider.de. 86400 IN A 1.2.3.1 ns.nsprovider.de. 86400 IN A 1.2.3.2 ns.mydomain.tld. 600 IN A 192.0.2.194 ns3.nsprovider.de. 86400 IN A 1.2.3.3 Output of dig @ns.mydomain.tld A ns.mydomain.tld: ;; QUESTION SECTION: ;ns.mydomain.tld. IN A ;; ANSWER SECTION: ns.mydomain.tld. 600 IN A 192.0.2.194 Output of dig @ns.mydomain.tld AAAA ns.mydomain.tld: ;; QUESTION SECTION: ;ns.mydomain.tld. IN AAAA ;; ANSWER SECTION: ns.mydomain.tld. 86400 IN AAAA 2001:db8:100:3022:1::3

    Read the article

  • Can't route specific subnet thru VPN in ubuntu

    - by Disco
    I'm having issues routing traffic thru VPN. Here's my setup I have 3 hosts, let's call them A, B and Z B and Z have a VPN connection in the 10.10.10.x SUBNET A and B have a direct connection in the 10.10.12.x SUBNET I want to be able to route traffic from A to Z, like : A <= 10.10.12.254 [LAN] 10.10.12.111 => B <= 10.10.10.152 [VPN] 10.10.10.10 => Z On host B, i have set up ip_forwarding : net.ipv4.ip_forward = 1 and routing on host B: [root@hostA: ~]# ip route 10.10.10.10 dev ppp0 proto kernel scope link src 10.10.10.152 10.10.12.0/24 dev eth1 proto kernel scope link src 10.10.12.111 10.10.10.0/24 dev ppp0 scope link 169.254.0.0/16 dev eth1 scope link routing on host A: [root@hostA: ~]# ip route 10.10.10.0 via 10.10.12.111 dev eth1 10.10.12.0/24 dev eth1 proto kernel scope link src 10.10.12.254 169.254.0.0/16 dev eth1 scope link default via 192.168.1.1 dev eth0 But still not able to ping 10.10.10.10 from host A. Any idea ? I'm pulling my hairs out.

    Read the article

  • Virtualbox port forwarding with iptables

    - by jverdeyen
    I'm using a virtualmachine (virtualbox) as mailserver. The host is an Ubuntu 12.04 and the guest is an Ubuntu 10.04 system. At first I forwarded port 25 to 2550 on the host and added a port forward rule in VirtualBox from 2550 to 25 on the guest. This works for all ports needed for the mailserver. The guest has a host only connection and a NAT (with the port-forwarding). My mailserver was receiving and sending mail properly. But all connections are comming from the virtualbox internal ip, so every host connection is allowed, and that's not what I want. So.. I'm trying to skip the VirtualBox forwarding part and just forward port 25 to my host only ip of the guest system. I used these rules: iptables -F iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING ACCEPT iptables -A INPUT --protocol tcp --dport 25 -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -s 192.168.99.0/24 -i vboxnet0 -j ACCEPT echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.host.ip.xxx --dport 25 -j DNAT --to 192.168.99.105:25 iptables -A FORWARD -s 192.168.99.0/24 -i vboxnet0 -p tcp --dport 25 -j ACCEPT iptables -t nat -A POSTROUTING -s 192.168.99.0 -o eth0 -j MASQUERADE iptables -L -n But after these changes I still can't connect with a simple telnet. (Which was possible with my first solution). The guest machine doesn't have any firewall. I only have one network interface on the host (eth0) and a host interface (vboxnet0). Any suggestions? Or should I go back to my old solution (which I don't really like). Edit: bridge mode isn't an option, I have only on IP available for the moment. Thanks!

    Read the article

  • Transfering Files to server IP and port

    - by Mason
    I need to transfer files from my local computer on windows 7 to a server running linux. I access the server with putty through ssh at a specific IPv4 address and port number. I've attempted using the pscp command from my local computer but was denied access by the server. "Fatal: Network error: Connection refused" c:>pscp test.csv userid@**IPv4_Addres***:Port# /path/destination_file_name. Either the server blocks all pscp attempts from unauthorized users (most likely my laptop included) or I used the command incorrectly. If you have experience using this command, where exactly will the file get transfered to, I'm assuming that the path destination starts at my home directory in the server. Also if you have any other alternative methods of transfering the files let me know. Update 1 I have also tried using WinSCP however I got permission denied for that as well, it looks like the server will not let me upload or save files. Solved I had a complete lapse of memory and forgot about sudo (spent too much time with scripts the last 2 months), so I was able to change the permissions to allow external editing. Thanks for all the help guys!

    Read the article

  • ipv6 with KVM on debian

    - by Eliasdx
    I have trouble setting up IPV6 on my Proxmox (KVM) server: My ISP sent me this information(xxx=placeholder): IPs: 2a01:XXX:XXX:301:: /64 Gateway: 2a01:XXX:XXX:300::1 /59 This is the interface setup on the host server: auto vmbr1 iface vmbr1 inet static address 178.XX.XX.4 broadcast 178.XX.XX.63 netmask 255.255.255.192 pointopoint 178.XX.XX.1 gateway 178.XX.XX.1 bridge_ports eth0 bridge_stp off bridge_fd 0 iface vmbr1 inet6 static address 2a01:XXX:XXX:301::2 netmask 64 up ip -6 route add 2a01:XXX:XXX:300::1 dev vmbr1 down ip -6 route del 2a01:XXX:XXX:300::1 dev vmbr1 up ip -6 route add default via 2a01:XXX:XXX:300::1 dev vmbr1 down ip -6 route del default via 2a01:XXX:XXX:300::1 dev vmbr1 On the guest: auto eth0 iface eth0 inet static address 178.xx.xx.47 netmask 255.255.255.255 broadcast 178.xx.xx.63 gateway 178.xx.xx.1 pointopoint 178.xx.xx.1 iface eth0 inet6 static pre-up modprobe ipv6 address 2a01:XXX:XXX:301::2:2 netmask 64 up ip -6 route add 2a01:XXX:XXX:300::1 dev eth0 down ip -6 route del 2a01:XXX:XXX:300::1 dev eth0 up ip -6 route add default via 2a01:XXX:XXX:300::1 dev eth0 down ip -6 route del default via 2a01:XXX:XXX:300::1 dev eth0 Ipv4 works on both host and guest but Ipv6 only works "sometimes". It's up for minutes and then down again until I change something. However I can actually ping the host and the guest from both host and guest. host:~# ip -6 neigh 2a01:XXX:XXX:301::100:2 dev vmbr1 lladdr 00:50:56:00:00:e0 REACHABLE 2a01:XXX:XXX:300::1 dev vmbr1 lladdr 00:26:88:76:18:18 router STALE host:~# ip -6 route 2a01:XXX:XXX:300::1 dev vmbr1 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295 2a01:XXX:XXX:301::/64 dev vmbr1 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev vmbr0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev vmbr1 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev tap101i1d0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 default via 2a01:XXX:XXX:300::1 dev vmbr1 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295 Does someone know why it isn't working? And is there a way to configure multiple v6 IPs from the same subnet so I can dedicate IPs to websites on a server with multiple virtualhosts?

    Read the article

  • Access node.js local server though mobile via same shared wifi

    - by laggingreflex
    EDIT: I was stuck in this situation before but then it was Apache-related But this time I'm using NodeJS, so the old answer doesn't help. I'm running apache a NodeJS webserver (on port 80) on Windows 7. I want to access the webserver through my mobile which shares the wifi router with my pc locally. http://localhost works from PC. But I can't access http://192.168.1.4 from either my phone or even my computer. ipconfig /all on my computer lists my ip address as 192.168.1.4 Wireless LAN adapter Wireless Network Connection: IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred) I can ping my phone's (internal) ip address [192.168.1.5] from PC and vice-versa, I can ping my PC [192.168.1.4] from my phone. So why can't I access http://192.168.1.4 from my phone? (or PC) Firewall is off.

    Read the article

  • Openvpn - stuck on Connecting

    - by user224277
    I've got a problem with openvpn server... every time when I trying to connect to the VPN , I am getting a window with login and password box, so I typed my login and password (login = Common Name (user1) and password is from a challenge password from the client certificate. Logs : Jun 7 17:03:05 test ovpn-openvpn[5618]: Authenticate/Decrypt packet error: packet HMAC authentication failed Jun 7 17:03:05 test ovpn-openvpn[5618]: TLS Error: incoming packet authentication failed from [AF_INET]80.**.**.***:54179 Client.ovpn : client #dev tap dev tun #proto tcp proto udp remote [Server IP] 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert user1.crt key user1.key <tls-auth> -----BEGIN OpenVPN Static key V1----- d1e0... -----END OpenVPN Static key V1----- </tls-auth> ns-cert-type server cipher AES-256-CBC comp-lzo yes verb 0 mute 20 My openvpn.conf : port 1194 #proto tcp proto udp #dev tap dev tun #dev-node MyTap ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/VPN.crt key /etc/openvpn/keys/VPN.key dh /etc/openvpn/keys/dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt #push „route 192.168.5.0 255.255.255.0? #push „route 192.168.10.0 255.255.255.0? keepalive 10 120 tls-auth /etc/openvpn/keys/ta.key 0 #cipher BF-CBC # Blowfish #cipher AES-128-CBC # AES #cipher DES-EDE3-CBC # Triple-DES comp-lzo #max-clients 100 #user nobody #group nogroup persist-key persist-tun status openvpn-status.log #log openvpn.log #log-append openvpn.log verb 3 sysctl : net.ipv4.ip_forward=1

    Read the article

  • Finding default gateway in an openvpn environment in windows

    - by Alexander Trümper
    I need to find the default gateway in a openvpn scenario where the route output looks like that: IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.49.73.1 10.49.73.24 10 0.0.0.0 128.0.0.0 10.8.0.1 10.8.0.2 30 So I googled around a bit and a found this script here: @For /f "tokens=3" %%* in ( 'route.exe print ^|findstr "\<0.0.0.0\>"' ) Do @Set "DefaultGateway=%%*" echo %DefaultGateway% This works, but matches both lines in the route output. But I need to find this line: 0.0.0.0 0.0.0.0 10.49.73.1 10.49.73.24 10 So I tried to modify the findstr parameter like this: findstr "\<0.0.0.0\>.\<0.0.0.0\>" in the expectation that '.' will match for the tab between the columns. But it doesn't. It will still set DefaultGateway to 10.8.0.1 I couldn't find a clue in MS documentation either. Maybe someone knows the right expression? Thanks a lot.

    Read the article

  • ipv6 with KVM on debian

    - by Eliasdx
    I have trouble setting up IPV6 on my Proxmox (KVM) server: My ISP sent me this information(xxx=placeholder): IPs: 2a01:XXX:XXX:301:: /64 Gateway: 2a01:XXX:XXX:300::1 /59 This is the interface setup on the host server: auto vmbr1 iface vmbr1 inet static address 178.XX.XX.4 broadcast 178.XX.XX.63 netmask 255.255.255.192 pointopoint 178.XX.XX.1 gateway 178.XX.XX.1 bridge_ports eth0 bridge_stp off bridge_fd 0 iface vmbr1 inet6 static address 2a01:XXX:XXX:301::2 netmask 64 up ip -6 route add 2a01:XXX:XXX:300::1 dev vmbr1 down ip -6 route del 2a01:XXX:XXX:300::1 dev vmbr1 up ip -6 route add default via 2a01:XXX:XXX:300::1 dev vmbr1 down ip -6 route del default via 2a01:XXX:XXX:300::1 dev vmbr1 On the guest: auto eth0 iface eth0 inet static address 178.xx.xx.47 netmask 255.255.255.255 broadcast 178.xx.xx.63 gateway 178.xx.xx.1 pointopoint 178.xx.xx.1 iface eth0 inet6 static pre-up modprobe ipv6 address 2a01:XXX:XXX:301::2:2 netmask 64 up ip -6 route add 2a01:XXX:XXX:300::1 dev eth0 down ip -6 route del 2a01:XXX:XXX:300::1 dev eth0 up ip -6 route add default via 2a01:XXX:XXX:300::1 dev eth0 down ip -6 route del default via 2a01:XXX:XXX:300::1 dev eth0 Ipv4 works on both host and guest but Ipv6 only works "sometimes". It's up for minutes and then down again until I change something. However I can actually ping the host and the guest from both host and guest. host:~# ip -6 neigh 2a01:XXX:XXX:301::100:2 dev vmbr1 lladdr 00:50:56:00:00:e0 REACHABLE 2a01:XXX:XXX:300::1 dev vmbr1 lladdr 00:26:88:76:18:18 router STALE host:~# ip -6 route 2a01:XXX:XXX:300::1 dev vmbr1 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295 2a01:XXX:XXX:301::/64 dev vmbr1 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev vmbr0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev vmbr1 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev tap101i1d0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 default via 2a01:XXX:XXX:300::1 dev vmbr1 metric 1024 mtu 1500 advmss 1440 hoplimit 4294967295 Does someone know why it isn't working? And is there a way to configure multiple v6 IPs from the same subnet so I can dedicate IPs to websites on a server with multiple virtualhosts?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 21 22 23 24 25 26 27 28 29 30 31 32  | Next Page >