Search Results

Search found 3399 results on 136 pages for 'rule'.

Page 109/136 | < Previous Page | 105 106 107 108 109 110 111 112 113 114 115 116  | Next Page >

• iptables rules to allow HTTP traffic to one domain only

  - by Zenet

  I need to configure my machine as to allow HTTP traffic to/from serverfault.com only. All other websites, services ports are not accessible. I came up with these iptables rules: #drop everything iptables -P INPUT DROP iptables -P OUTPUT DROP #Now, allow connection to website serverfault.com on port 80 iptables -A OUTPUT -p tcp -d serverfault.com --dport 80 -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT #allow loopback iptables -I INPUT 1 -i lo -j ACCEPT It doesn't work quite well: After I drop everything, and move on to rule 3: iptables -A OUTPUT -p tcp -d serverfault.com --dport 80 -j ACCEPT I get this error: iptables v1.4.4: host/network `serverfault.com' not found Try `iptables -h' or 'iptables --help' for more information. Do you think it is related to DNS? Should I allow it as well? Or should I just put IP addresses in the rules? Do you think what I'm trying to do could be achieved with simpler rules? How? I would appreciate any help or hints on this. Thanks a lot!

  Read the article

• Timestamp Updating Constantly on /dev/null

  - by motorleague

  I've been working on a problem with a /dev/null file on an AIX system (just for background it looks as though it was inadvertently deleted and recreated as a normal file by somebody), but in trying to determine what caused the problem, I noticed that the timestamp on it seems to update every minute. I've observed this on several AIX servers at my workplace. At present I can't entirely rule out this be something specific to the Application being used at my workplace, so I compared with CentOS and Debian based computers at home last night. The CentOS box, which runs 24 hours, had a mod time on /dev/null of around 4 days ago (during which time it was essentially just being used as a web browser and multimedia player, although it would have had active but essentially unused Apache, MySQL and VMM processes running in the background). The timestamp on /dev/null on the Debian machine, which was a just booted laptop, pretty much reflected the boot time, but I tested redirecting STDIN from, and STDOUT to it, and the modification time was unchanged (I'm not sure 100% sure if directing data to /dev/null constitutes "writing to it" in the way it would a normal file). So my question is essentially, could anybody please offer any advice with regards to what circumstances (permissions changes etc.. aside) might cause the timestamp on /dev/null to update? Thanks very much for any suggestions. Alex.

  Read the article

• How much free memory should I have on my webserver?

  - by neanderslob

  I have a webserver that's currently hosting two Wordpress sites and some java-based collaboration software. The server has 2G of memory and is currently using about 1.8G of the available memory. Right now what's on here is pretty much a pilot project that's getting negligible traffic so I think it's pretty clear that I'll be needing more memory. I was wondering, if I was to release it, how I might anticipate my memory needs based on the traffic it gets. I've poked around on Google and what I've found has been a bit tenuous. Is there a good heuristic that one should use when calculating memory demands as a function of the base (no traffic) load on the server? For reference, the output of free -m can be seen below: total used free shared buffers cached Mem: 2048 1832 215 0 0 0 -/+ buffers/cache: 1832 215 Swap: 0 0 0 To me this looks like actual memory used and isn't an illusion due to caching or anything else. I figure the demands of my collaboration software will have to be experimentally tested so here's free -m without that software running: total used free shared buffers cached Mem: 2048 1109 938 0 0 0 -/+ buffers/cache: 1109 938 Swap: 0 0 0 My plan B to figure this out is to add a bunch of swap space to the server, give it some traffic and adjust according the the amount that swap gets used. I was just wondering if anyone had a good rule of thumb to estimate how much memory I should plan on in advance...or if what I'm thinking is nuts. Many thanks in advance (I'm really quite new to this).

  Read the article

• Follow through - How to setup equivalent USVIDEO.ORG DNS-Proxy on Linux

  - by DNSDC

  I'm quite keen to setup similar service (but FREE) and seems you know how to do this. "you need to run your own private dns with artificial records for example pandora.com you also need a real dns to fall back on. now that all requests for these sites are going to your US located box you can open up port 80 on squid and listen for the traffic. your cache_peer settings should allow you to map each domain to their real ip. The trafic now flows initially from your US located box to the service but then the server responds it responds directly to the host. no magic here. I won't share the fine details as it probably best serves all to not over exploit this." Did you mean we need to 1. Setup Forward-only DNS on a US-based server/ip? 2. Setup cache_peer and cache_peer_domain in Squid, I got this. 3. Any iptables rule, prerouting, postrouting rules needed to accomplish this? Appreciate your expert advice. Cheers, Don

  Read the article

• Sizing Switches for Storage and Production

  - by Untalented

  Couple questions. Should you always completely separate the storage network switches from production switches or are VLANs fine to segment this traffic? Is there a golden rule here? How do you properly size a switch for your environment based on the specifications the manufacturer provide (Throughput, Forwarding Throughput, Stacking Throughput, Max Mac)? If you have two switch options and one has a maximum Mac address of 8,000 vs. another with 16,0000. What does this really mean to me? How do make sure one vs. another is sized properly for me? Besides VLAN and Jumbo Frame support, is there any other "Must" haves for a virtual environments production or storage networks? There is a wealth of knowledge on sizing SANs and such, but this seems equally important and it's quite challenging to find as much information. -- Just to add some tidbits of information for the environment. This setup above is referring to the data centers which supports two different locations which have about 100 users between the two in total. The storage traffic will be iSCSI and will be 3 ESXi Hosts and one SAN housing about 2.7TB of data. Since there is currently no storage network in place (no SAN), I'm having a hard time regarding #2 to really determine what backplane throughput and switch specifications will be sufficient.

  Read the article

• amazon ec2-medium apache requests per second terrible

  - by TheDayIsDone

  EDITED -- test running from localhost now to rule out network... i have a c1.medium using EBS. when i do an apache benchmark and i'm just printing a "hello" for the test from localhost - no database hits, it's very slow. i can repeat this test many times with the same results. any thoughts? thanks in advance. ab -n 1000 -c 100 http://localhost/home/test/ Benchmarking localhost (be patient) Completed 100 requests Completed 200 requests Completed 300 requests Completed 400 requests Completed 500 requests Completed 600 requests Completed 700 requests Completed 800 requests Completed 900 requests Completed 1000 requests Finished 1000 requests Server Software: Apache/2.2.23 Server Hostname: localhost Server Port: 80 Document Path: /home/test/ Document Length: 5 bytes Concurrency Level: 100 Time taken for tests: 25.300 seconds Complete requests: 1000 Failed requests: 0 Write errors: 0 Total transferred: 816000 bytes HTML transferred: 5000 bytes Requests per second: 39.53 [#/sec] (mean) Time per request: 2530.037 [ms] (mean) Time per request: 25.300 [ms] (mean, across all concurrent requests) Transfer rate: 31.50 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 0 7 21.0 0 73 Processing: 81 2489 665.7 2500 4057 Waiting: 80 2443 654.0 2445 4057 Total: 85 2496 653.5 2500 4057 Percentage of the requests served within a certain time (ms) 50% 2500 66% 2651 75% 2842 80% 2932 90% 3301 95% 3506 98% 3762 99% 3838 100% 4057 (longest request)

  Read the article

• DNAT from localhost (127.0.0.1)

  - by pts

  I'd like to set up a TCP DNAT from 127.0.0.1, port 4242 to 11.22.33.44, port 5353 on Linux 3.x (currently 3.2.52, but I can upgrade if needed). It looks like the simple DNAT rule setup doesn't work, telnet 127.0.0.1 4242 hangs for a minute in Trying 127.0.0.1..., and then it times out. Maybe it's because the kernel is discarding the returning packets (e.g. SYN+ACK), because it considers them Martian. I don't need an explanation why the simple solution doesn't work, I need a solution, even if it's complicated (e.g. it involves creating may rules). I could set up a usual DNAT from another local IP address, outside the 127.0.0.0/8 network, but now I need 127.0.0.1 as the destination address. I know that I can set up a user-level port forwarding process, but now I need a solution which can be set up using iptables and doesn't need helper processes. I was googling for this for an hour. It was asked multiple times, but I couldn't find any working solutions. Also there are many questions about DNAT to 127.0.0.1, but I don't need that, I need the opposite.

  Read the article

• One single page showing 3 requests (also printing the headers)

  - by Korcholis

  Someone in my studio designed a webpage some years ago, and now the client decided to change the server (he moved to a Linux Apache server running Gen2 SMP, 64 bits, PHP version 5.3.8, Standard MYSQL version 5). It suddenly started to do weird things. When clicking on a link that requires login, the page redirects you to the login page using header() function in PHP. Curiously, the page shows this: OK The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [no address given] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. HTTP/1.1 200 OK Date: Mon, 15 Oct 2012 17:27:32 GMT Server: Apache/2.2.22 (Unix) FrontPage/5.0.2.2635 X-Powered-By: PHP/5.3.8 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Keep-Alive: timeout=5, max=399 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html 232c Then the page itself, and then, another header: 0 1f4 OK The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [no address given] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. 0 What's most intriguing is that if you refresh the page or hit enter on the url, it loads correctly. I've been checking the logs, and it only blames of an inexisting favicon. I also checked the .htaccess, everything was correct (RewriteBase was / as intended, and the only stuff there is another rule that moves ^en/ requests to request?lang=en. Has anyone faced something like this? Edit: IE doesn't trigger these two headers. This is getting wierder.

  Read the article

• iptables, forward traffic for ip not active on the host itself

  - by gucki

  I have kvm guest which's netword card is conntected to the host using a tap device. The tap device is part of a bridge on the host together with eth0 so it can access the public network. So far everything works, the guest can access the public network and it can be accessed from the public network. Now the kvm process on the host provides a vnc server for the guest which listens on 127.0.0.1:5901 on the host. Is there any way to make this vnc server accessible by the ip address which the guest is using (ex. 192.168.0.249), without interrupting the guest from using the same ip (port 5901 is not used by the guest)? It should also work when the guest is not using any ip address at all. So basically I just want to fake IP xx is on the host and only answer/ forward traffic to port 5901 to the host itself. I tried using this NAT rule on the host, but it doesn't work. Ip forwarding is enabled at the host. iptables -t nat -A PREROUTING -p tcp --dst 192.168.0.249 --dport 5901 -j DNAT --to-destination 127.0.0.1:5901 I assume this is because the IP 192.168.0.249 is not not bound to any interfaces and so no ARP requests for it get answered and so no packets for this IP arrive at the host. How can make it work? :)

  Read the article

• netbook screen stays black

  - by sam113101

  I have an acer aspire one netbook. The screen is black but the computer turns on (LED's are on, fan is spinning, etc.) By black I mean absolutely no backlight. I tried to remove the battery and power it on to "discharge" it (I read that on the Internet, not sure if that ever fixes anything), but no luck. I also tried to replace the RAM stick with another one (which I know for sure is working properly), still no luck. I tried to connect an external monitor and switch to it (fn + f5 on this particular model), still no luck, nothing on the external monitor. I read that flashing the BIOS could fix it (http://community.spiceworks.com/how_to/show/22042-acer-aspire-one-black-screen-of-death), I tried to flash it but basically it doesn't do anything when I power it on with the usb thumb drive. No blinking power button. To me it sounds like it might be a dead motherboard, a dead RAM slot (there's only one), or the BIOS thing. I would like to rule out the BIOS possibility, but I need help. The reason I ruled out the dead screen possibility is that it did not switch to the external display when I pressed fn + f5, am I wrong by assuming so? Thank you for your help.

  Read the article

• Proper Rules For SSL Redirect For Subdomains

  - by Zac Cleaves

  RewriteCond %{HTTP_HOST} ^(.*\.)*subexample.example.com$ [NC] RewriteCond %{SERVER_PORT} !^443$ RewriteRule ^(.*)$ https://subexample.example.com/$1 [R] Is what I have been using. It works as long as I go to a specific page, like subexample.example.com/orders.php. But if you try to go to the root of the subdomain, it adds the extra "/example" at the end. Any suggestion on a set of rules that will work? Thank you so much for your responces! Actually, this is what I am trying to do: http://support.mydomain.net >> https://support.mydomain.net AND(!) http://support.mydomain.net/anypage* >> https://support.mydomain.net/anypage* > RewriteCond %{HTTPS} off RewriteRule (.*) > https://%{HTTP_HOST}%{REQUEST_URI} Works, except I need it to only do it for the support.mydomain.net With the above set up, you get a certificate warning if you try to go just mydomain.net, which I do not have or need an SSL certificate installed on. UPDATE! The other issue with the rule I have written above, is that if you try to go to the root of the subdomain (i.e. support.mydomain.net) it goes to https://support.mydomain.net/support This is driving me crazy, help! =) Any help would be greatly appreciated!

  Read the article

• Cloned Centos 6.4 websrver for test purpose. Virtual host, .htaccess, redirecting url issue

  - by Shogoot

  I see similar questions, but not my exact challenge. What I have done so far I cloned a prod server over to a vmware to use it as a test server for new functionality I'm going to write. I'm not a sysadmin by trade, but I'm new to this company and I have to do some thing that are outside of my comfort zone (thats a good thing :) ) The prod server has 2 sites on it s1.com and s2.com. In /html/s1/, /html/s2/ there's an .htaccess file under each s*/. Looking like this: RewriteEngine ON RewriteBase / RewriteCond %{QUERY_STRING} id=([0-9]+) RewriteRule ^.* %1.htm RewriteCond %{QUERY_STRING} page=modules/checkout RewriteRule ^.* order.php RewriteCond %{QUERY_STRING} page=pages/sidekart RewriteRule ^.* pages/sidekart.htm The issue is that s1 has a lot of pages that really belongs under a third domain s3, the rule in line 4 and 5 redirects them to /html/s1/. An example of such URL is: s3.com/?page=modules/product&id=521614 I'm trying then to get those URLs (without modifying the URL) to redirect to s3's /html/s3/ server structure, which I set up making a new virtualhost s3 in test servers httpd.conf with a test3.com as servername and changing the other sites to tests1.com and tests2.com, and adding .htaccess also to this s3 root directory, and making a html/s3/ directory structure I populated with an index.html, etc. But, when I take the same URL (s3.com/?page=modules/product&id=521614) changing it to tests3.com/?page=modules/product&id=521614, I get s1's index page showing up in my browser. I've poked around about a day now and i cant figure out why this happens.

  Read the article

• Windows Server 2008 Alerting to Low memory

  - by t1nt1n

  I have a file and print server running on Windows 2008 R2 fully patched in a VSphere environment (ESXi 5.1 fully updated). Every evening between 19:20 and 19:30 our monitoring software reported that the available memory is 1% and performance is dire. There is nothing in the event logs to point to an issue. At this point in the evening I am general the only user on the system to check to see why these alerts are going off. Things I have done; Checked to see if any backups are running – None at all. Checked Scheduled tasks – None before or during this time period. Moved the VM to another host. AV is disabled to rule out that as the issue. The server does not have any problems during the day with memory when fully loaded with about 50 users. The server did have 4GB ram provisioned but I have increased this to 5Gb. Running PrefMon at the time (I will save the graphs tonight) There very little CPU usage at the time but RAM usage goes up.

  Read the article

• OpenVPN / iptables restrict some access

  - by RitonLaJoie

  I want to create an openvpn service on a dedicated server I have, for some friends so that they are able to play online games faster. Is there an easy way to restrict which traffic I allow them with iptables ? It seems iptable is not very easy to maintain and we can easily get kicked out of our own server. Rebooting on a rescue mode every time I would get kicked out because of bad iptable rules would just be a pain. As far as I understand, the tun interface would be providing the access. Which kind of rule in iptables would I have to implement to restrict their access to only 1 ip ? Also, I don't want this vpn to be the default gateway for all the traffic. I guess I should go with the option of pushing a route to the clients so that they connect to the IP of the game server through the VPN and use their regular routes through their ISP for all the other traffic ? As a side not, it seems Openvpn AS is not very robust. Is there some other (commercial is ok) product that would give me the same administration options through a web interface ? Is Webmin the only other solution ? Thanks !

  Read the article

• SMTP Server setting on Windows 2008 R2

  - by user223298

  I am very very new to this and just trying to configure SMTP virtual server. I have followed a few threads to get it all running, but the mails are not being delivered. What I have done so far - 1) Install SMTP server. 2) SMTP server Properties General Tab - IP address is set to 'All Unassigned'. Access Tab - Authentication is anonymous access. Everything else is left to Default settings. Delivery Tab - Outbound security is anonymous access. In Advance section, entered the domain name in the FQDN field, and localhost in Smart host field. 3) Created an Inbound Rule for SMTP service to allow connections to Port 25. When I try to telnet, everything works up until the point the mail has to be send. Now, the sender's domain is different to the receiver's domain. Not sure if settings have to be changed to allow that? I had set the Relay restrictions on SMTP server, but because I couldn't send the mails, I thought I might as well make it work without the relay first. The error I see while sending the mail is 451 Timeout waiting for client input. I used to get some other error before when I had Relay restrictions on. Can anyone please point me in the right direction? Please let me know if you need more information. Thanks.

  Read the article

• How to block access to addresses outside network (internet)

  - by devnull

  I have a homeserver, that is now connected to the internet with an own network device (ath0 - 192.168.1.x). It also has one more network interface (eth0 - 192.168.0.x). Soon I will get a second internet line that will be connected the second network. The server then has both networks with different internet lines available, but i only want it to connect to the internet on the old ath0 interface - not the new eth0 (192.168.0.x). Background of that constellation is that the new line has a volume-limit in traffic - the old hasn't and i need the new line for all mobile devices and laptops. The devices should be able to use the new network to connect to the internet and the server. The homeserver is a debian 6 with iptables and some already written rules for it. I need now a rule to block all outgoing internet access on the eth0 interface - i guess it could be something with --target != 192.168.0.0 but i did not succeed in finding the proper solution. Edit: found the solution: iptables -A OUTPUT -o eth0 -d 192.168.0.0/24 -m state --state NEW,ESTABLISHED -j ACCEPT With that setting, all traffic that uses the eth0 interface is only allowed if the destination is inside the network 192.168.0.x - all other traffic is denied .

  Read the article

• Website is not accessible from server which is using proxy

  - by Bhoot

  I hosted a website in a win 2008 R2 server which runs in private domain. I set up bindings for port 80 and 443 for http & https respectively. Created inbound rule for port 80 and 443 also in windows firewall. After doing all this, i am still not able to access my website from remote machine. IE : Internet Explorer cannot display the webpage. Chrome : Oops! Google Chrome could not find xxxxxx Tried accessing website by ip address but no luck. I tried to ping that server but it says TTL expired in Transit. Now i found some more information over internet to check if the server is using any kind of proxy in between. I found my IP address at www.getip.com, but ipconfig/all gives me a different IP address. Is it really a problem if we use proxy ? I am not sure if i have concluded it correctly. But is there any way out to resolve this issue? Update ::: I figured it out. I have to call that website with external IP address. due to the proxy settings i was not able to call that website by the server's IP or name of that machine.

  Read the article

• Using u32 together with extension headers (how to jump over them?)

  - by bortzmeyer

  I'm trying to filter on some parts of the payload, for an IPv6 packet with extension headers (for instance Destination Options). ip6tables works fine with conditions like --proto udp or --dport 109, even when the packet has extension headers. Netfilter clearly knows how to jump over Destination Options to find the UDP header. Now, I would like to use the u32 module to match a byte in the payload (say "I want the third byte of the payload to be 42). If the packet has no extension headers something like --u32 "48&0x0000ff00=0x2800"` (48 = 40 bytes for the IPv6 header + 8 for the UDP header) works fine, If the packet has a Destination Options, it no longer matches. I would like to write a rule that will work whether the packet has Destination Options or not. I do not find a way to tell Netfilter to parse until the UDP header (something that it is able to do, otherwise --dport 109 would not work) then to leave u32 parse the rest. I'm looking for a simple way, otherwise, as BatchyX mentions, I could write a kernel module doing what I want.

  Read the article

• mod_rewrite and Apache questions

  - by John

  We have an interesting situation in relation to some help desk software that we are trying to setup. This is a web based software application that allows customers and staff to log into it and access tickets and supply updates, etc. The challenge we are having deals with the two different domains that we use and the mod_rewrite rules to make it all work with our SSL certificate that is only bound to one of the domains. I will list the use case scenarios below and the challenges that we are having. If you access http://support.domain1.com/support then it redirects fine to https://support.domain2.com/support If you access http://support.domain2.com/support then it redirects fine to https://support.domain2.com/support If you access https://support.domain1.com/support then it throws an error of "server cannot be found" If you access https://support.domain1.com/support/ after having visited https://support.domain2.com/support then you are presented with a "this connection is untrusted" error about the certificate only being valid for the domain2 domain instead of the domain1 domain name I have tried just about every mod_rewrite rule that I can think of to help make this work and I have not been able to locate the correct combination. I was curious if anyone had some ideas on how to make the redirects work correctly. In the end, we are needing all customers and staff to land at https://support.domain2.com/support regardless of the previous URL combinations that they enter, like listed above. Thanks in advance for your help with this.

  Read the article

• How to diagnose computer freezing problem

  - by reinierpost

  I have a laptop (a Medion from Aldi) that tends to hang quite often - so often, in fact, that several attempts to install Windows XP or Ubuntu on it have all failed. However, I am able to boot and run Ubuntu as found on the standard Ubuntu 10.10 installation image. I have done this two times thus far. The first time everything was running smoothly, until at some point the GUI (i.e. X) became unresponsive. The cursor kept moving with the mouse, but menus would no longer show and clicking things no longer produced any response. So I switched to the consoles (Ctrl-F1, Ctrl-F2, etc., which in this setup automatically run shells. The shells were still responsive, and the cd command would still work, but any command that invoked an executable (e.g. /bin/ls or cd /bin; ./find caused the shell to hang up uninterruptibly. My hypothesis was that all attempts at disk access were hanging up, but I didn't actually try a command like echo /proc/$$ or while read line; do echo $line; done < /var/log/syslog to verify this. Another possibility is that an essential system library is cached in memory and somehow failing to function properly. The second time I left the system running overnight and it didn't hang itself spontaneously. I'm not sure I have the patience to just twiddle with the running system until the condition reappears, and I'm, not sure what to do once it does. Clearly we can rule out a software cause. It seems disk access related, but clearly it's not permanent hard disk failure because the system will reboot just fine. What kind of hardware problem might produce these symptoms? Can it be a memory problem?

  Read the article

• Iptables and system-config-firewall

  - by nivde92

  I had a set of netfilter rules set with iptables, but someone else told me to use system-config-firewall to add a rule for sharing files with Windows. (Samba) This rewrote the iptables rules file and I lost my own custom rules. I have a backup copy, but am having trouble restoring them. Edit: The server is Centos, I already tried to restore the rules with iptables-restore < /root/working.iptables.rules but for some reason the rules don't change. What are you trying to do? Trying to restore the iptable rules that I have in a backup file. What have you tried in order to make it happen? I've tried to modify the iptables file with vim, since the command iptables-restore was no help. What results did you expect? To get the old rules back. What actually happened? Nothing, when I run the command or edit the file by hand the file doesn't change at all. Maybe something else it's overwriting.

  Read the article

• Windows Server 2008 (x64): Wont boot past bios page

  - by WebSolProv

  Happy New Year, Since a month or so ago I inherited responsibility for small network administration for my sins. The domain controller (yes there is only one, and yes I know it is best practice to have two even in a small domain setup) went down overnight and I have been trying all day to get it back up and running. Unfortunately this machine also administers our entire ActiveDirectory setup: 1) It goes thru the BIOS without any errors, nothing whatsoever 2) It gets into the “select safe mode, safe mode with networking, normal” etc and if you select either of the safe mode options it loads a few files then reboots. If you select normal it just runs for a bit (doesn’t get to the windows splash screen) and then reboots again. 3) If you select windows repair, it asks for an image to repair too: however it would appear that none was taken that can be used (!!) or one is not being shown. 4) I have tried repairing the boot sector and the boot configuration using Bootrec.exe, both which it says were completed successfully but still it doesn’t work. 5) I have tried swapping the drives into another server to rule out hardware and that didn’t work either so clearly it’s the OS. 6) I have tried running chkdsk which ran fine, and also memory check which was also fine. We do have another machine on the network that was installed as a DC so when we decommission the current infrastructure but when I try and "promote" this to the lead DC then I get “you cannot modify domain or trust information because a PDC emulator cannot be contacted" so I am unable to replicare the ActiveDirectory details. If anyone can think of any direction I should follow it would be greatly appreciated, Thanks, Alex

  Read the article

• Slow network interaction between 2 kvm host machines

  - by VirtualNoob

  We have 2 physical machines, Host1 is a CentOS 6.4 kvm host and hosts ~7 kvm VMs all running Ubuntu 12.04 - all of this runs perfectly. Recently we've added a 2nd host system, host2, again a CentOS 6.4 kvm host with a view to running another couple of VMs and providing some failover against host1 should it be required. Both physical machines reside in the same cabinet in our DC, and are on the same subnet - let's say host1: 1.1.1.64 and host2: 1.1.1.81. Both have their gateway set to the DC gateway of 1.1.1.254 with no hardware firewall in between. On each machine, I have 4 NICs that are bonded together to form a single interface, which is then bridged to allow the VMs to access the network. All of the VMs are online, and all of them can successfully ssh into the hosts without any delay. Both systems can access the internet fine, and I can ssh into both systems from home without any issues. However, there is a real delay when attempting to ssh from host1 to host2 (or vice versa) and this obviously means that any action required on host2, that is controlled by host1 either takes forever or results in failure due to timeout. In the interest of keeping this post short, I've put my ifcfg files into a pastie: http://pastie.org/8081648 I've tried both adding a firewall rule in each machine for the other, and also disabling the firewall entirely, so that can't be the issue. I've tried troubleshooting this myself but can't seem to get to the bottom of it. Any help or advice would be appreciated. Thanks in advance.

  Read the article

• Looking for VCS wrapper that tracks system files changing across the whole *nix OS and sends diffs through email

  - by nextus

  I need some software that looks after custom directories across the whole OS (i.e. /etc) and alerting me if someone edit something file inside. Additionally, this tool must automatically commit and push changes into backup server, so I can easily determine when specific change in specific file was made. I'm using cvsbackup right now but I want to create or found something more modern. I think using git as VCS is a great idea. I could have local repository and easily revert changes in my configuration files. Furthermore, pushing changes to the remote repository would helps me to recover my configuration files when the server is fault. It doesn't seems difficult to write some wrapper around the git but there are a lot of problems. For example, I need to track custom directories: /usr/local/nginx/ and /etc/. So the destination point for my git repository is /. I don't need to track the other directories so I must to write overwhelming .gitignore rule: * !.gitignore !/etc/ !etc/* !/usr /usr/* !/usr/local /usr/local/* !/usr/local/nginx !/usr/local/nginx/* It's very daunting and prone to error. So it's maybe a good idea to create intermediate file that wrapper reads and converts to .gitignore format. Additionally, I don't want to keep my .git folder in / partition so I need to set appropriate GIT_DIR and GIT_WORK_TREE variables for git. Is there any ready to use tools for implementation this task? I don't found any but I don't believe that no one needs this feature.

  Read the article

• Configure Web app for external access (IIS7), allowing only certain users via AD group. All users need internal access

  - by White Island

  We have a Web app running in IIS7 (Server 2008 R2). I now need to allow external access with an SSL certificate, so certain users (e.g. the owner of the company) can use it remotely without VPN. They want to roll out the external access only to those specific users at first (thinking: a Windows credential prompt), BUT everyone will still need access internally (HTTP), without the prompt. I have the SSL cert installed on the server and public DNS configured. I've been trying to figure out how to work the authentication/authorization. I was thinking I need to disable Anonymous authn and set Windows authn, then I keep coming back to 'URL Authorization' in my research for the group setting; however, when I tried URL authz, (removed allow all, added allow rule for the special group), it broke the site internally (403.2 Forbidden, I believe it was). I thought maybe setting up a second site in IIS pointing to the same program would work, but the exact same thing happened (and again with a new app pool, just for kicks). So I guess my question is, how would you do this: allow external access, limited to users in a specific AD group, while still allowing internal access without a credentials prompt? How do I separate the external HTTPS and internal HTTP authorization requirements? Will I need to just copy the entire contents of the app in Windows Explorer to a new folder and create my external site from that? Is Windows authentication the correct option for this? I did come across this, which refers to creating a custom module. While it sounds like a solution, it's not one I'm familiar with, and I just wondered if there is a simpler way to get it to work: http://forums.iis.net/p/1182792/2000775.aspx Thanks!

  Read the article

< Previous Page | 105 106 107 108 109 110 111 112 113 114 115 116  | Next Page >