Search Results

Search found 7606 results on 305 pages for 'raam dev'.

Page 116/305 | < Previous Page | 112 113 114 115 116 117 118 119 120 121 122 123  | Next Page >

• How to load tun module in linux?

  - by rabipelais

  I cannot manage to load the tun module in my archlinux box. I'm trying to connect with openvpn, but the log says nm-openvpn[6662]: Note: Cannot open TUN/TAP dev /dev/net/tun: No such device (errno=19) lsmod | grep tun returns nothing. If I run sudo modprobe tun it returns failure, but no error message, and lsmod still has no tun. The module seems to exist, as there is a tun.ko.gz in /lib/modules/....... I really dont know what else to try. Thanks in advance

  Read the article

• Postfix TLS issue

  - by HTF

  I'm trying to enable TLS on Postfix but the daemon is crashing: Sep 16 16:00:38 core postfix/master[1689]: warning: process /usr/libexec/postfix/smtpd pid 1694 killed by signal 11 Sep 16 16:00:38 core postfix/master[1689]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling CentOS 6.3 x86_64 # postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 disable_vrfy_command = yes home_mailbox = Maildir/ html_directory = no inet_interfaces = all inet_protocols = all local_recipient_maps = mail_owner = postfix mailbox_command = mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost mydomain = domain.com myhostname = mail.domain.com mynetworks = 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES relay_domains = sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_note_starttls_offer = yes smtp_tls_session_cache_database = btree:/var/lib/postfix/smtpd_tls_cache.db smtp_use_tls = yes smtpd_delay_reject = yes smtpd_error_sleep_time = 1s smtpd_hard_error_limit = 20 smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_destination reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_soft_error_limit = 10 smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550

  Read the article

• Apache AliasMatch and DirectoryMatch not working?

  - by Alex

  I have the following config - please notice the Alias and Directory equivalent -- uncommented they work as expected but the dynamic/regex based versions don't - any ideas??? <VirtualHost *:80> ServerName temp.dev.local ServerAlias temp.dev.local DocumentRoot "C:\wamp\www\temp\public" <Directory "C:\wamp\www\temp\public"> AllowOverride all Order Allow,Deny Allow from all </Directory> # Alias /private/application/core/page/assets/images/ "C:/wamp/www/temp/private/application/core/page/assets/images/" # <Directory "C:/wamp/www/temp/private/application/core/page/assets/images/"> AliasMatch ^/private/application/(.*)/(.*)/assets/images/ /private/application/$1/$2/assets/images/ <DirectoryMatch "^/private/application/(.*)/(.*)/assets/images/"> Options Indexes FollowSymlinks MultiViews Includes AllowOverride None Order allow,deny Allow from all </DirectoryMatch> </VirtualHost>

  Read the article

• Decreasing Root Disk Size of an "EBS Boot" AMI on EC2

  - by darkAsPitch

  So I have followed Eric's wonderful article here: http://alestic.com/2009/12/ec2-ebs-boot-resize This was the code basically that helped me increase the default size of the AMI: ec2-run-sintances ami-ID -n 1 --key keypair.pem --block-device-mapping "/dev/sda1=:250" Running Ubuntu 11.10 I didn't even have to re-size the disk afterwards, it was immediately a 250GB drive. How do I go about decreasing the default size of the AMI??? I tried: ec2-run-sintances ami-ID -n 1 --key keypair.pem --block-device-mapping "/dev/sda1=:100" Obviously... but I was told: Client.InvalidBlockDeviceMapping: Volume of size 100GB is smaller than snapshot ####### <250

  Read the article

• fedora liveUSB fails, drops to debug shell

  - by evan

  Trying to install Fedora 15 via a live USB made with unetbootin. I get to the unetbootin boot menu, select Fedora-15-x86_64-Live-Desktop.is, I get to this screen, then it drops into a debug shell with the message sh: can't access tty: job control turned off. The last message is dmseg is dracut Warning: No root device "live:/dev/disk/by-label/Fedora-15-Beta-x86_64-Live-Desktop.is" found. Seems to be the same problem detailed here. Tried to try nk1eto's solution but there is no by-label directory in /dev/disk. There's by-id, by-path and by-uuid.

  Read the article

• how to portforward port 7300 from server A to server B

  - by Patrick van Hout

  hi, We are using Stunnel. But want to replace it is with an iptables entry if possible. 192.168.123.122:7300 need to be forwarded to 192.168.123.188:7300. So in iptables I set these two entries: [root@dev ~]# iptables -t nat -A PREROUTING -p tcp --dport 7300 -j DNAT --to-destination 192.168.123.188:7300 [root@dev ~]# iptables -A FORWARD -m state -p tcp -d 192.168.123.188 --dport 7300 --state NEW,ESTABLISHED,RELATED -j ACCEPT But it isn't working. I did check that /proc/sys/net/ipv4/conf/eth0/forwarding has the value "1" inside. Any tips or hints? thanks, Patrick

  Read the article

• Can't get Ubuntu 11.10 working on my VirtualBox running on Mac OsX 10.6.8

  - by stack-o-frankie

  I installed the Guest Additions, installed the isight-firmware-tools by using the AppleUSBVideoSupport file but I still can't get access to the iSight webcam. When I launch vlc v4l2:///dev/video0 I get the following errors: Blocked: call to unsetenv("DBUS_ACTIVATION_ADDRESS") Blocked: call to unsetenv("DBUS_ACTIVATION_BUS_TYPE") [0x92d492c] main libvlc: Running vlc with the default interface. Use 'cvlc' to use vlc without interface. Blocked: call to setlocale(6, "") Blocked: call to setlocale(6, "") (process:2922): Gtk-WARNING **: Locale not supported by C library. Using the fallback 'C' locale. (vlc:2922): Gtk-WARNING **: Unable to locate theme engine in module_path: "pixmap", (vlc:2922): Gtk-WARNING **: Unable to locate theme engine in module_path: "pixmap", (vlc:2922): Gtk-WARNING **: Unable to locate theme engine in module_path: "pixmap", (vlc:2922): Gtk-WARNING **: Unable to locate theme engine in module_path: "pixmap", [0x963287c] v4l2 demux error: VIDIOC_STREAMON failed [0x963287c] v4l2 demux error: cannot set input (Device or resource busy) [0x96430a4] v4l2 access error: VIDIOC_STREAMON failed [0x96430a4] v4l2 access error: cannot set input (Device or resource busy) [0x9371104] main input error: open of `v4l2:///dev/video0' failed: (null) Any clue?

  Read the article

• Recover backup copy of a ubuntu linux installation on a usb stick using dd

  - by user10826

  Hi, I installed Ubuntu 10.04 on a usb stick in persistent install mode. So I could boot the laptop or my desktop computer with the stick, at boot time. Once I needed the 8GB stick for another purposes so I thought about coyping it to my desktop doing from mac os x: dd if=/dev/disks3s of=/Users/jack/Desktop/usb_copy Now I am trying to do the opposite, after having used the stick, which was formatted to NTFS, just doing dd if=/Users/jack/Desktop/usb_copy of=/dev/disks3s but although I can see that almost of the files are there, I can not boot again. IT is also strange the the file permissions are kind of strange, something like _user What can I do ? Thanks

  Read the article

• Recover backup copy of a ubuntu linux installation on a usb stick using dd

  - by user10826

  Hi, I installed Ubuntu 10.04 on a usb stick in persistent install mode. So I could boot the laptop or my desktop computer with the stick, at boot time. Once I needed the 8GB stick for another purposes so I thought about coyping it to my desktop doing from mac os x: dd if=/dev/disks3s of=/Users/jack/Desktop/usb_copy Now I am trying to do the opposite, after having used the stick, which was formatted to NTFS, just doing dd if=/Users/jack/Desktop/usb_copy of=/dev/disks3s but although I can see that almost of the files are there, I can not boot again. IT is also strange the the file permissions are kind of strange, something like _user What can I do ? Thanks

  Read the article

• How can I diff two Redhat Linux servers?

  - by Stuart Woodward

  I have two servers that have should have the same setup except for known differences. By running: find / \( -path /proc -o -path /sys -o -path /dev \) -prune -o -print | sort > allfiles.txt I can find a list of all the files on one server and compare it against the list of files on the the other server. This will show me the differences in the names of the files that reside on the servers. What I really want to do is run a checksum on all the files on both of the servers and compare them to also find where the contents are different. e.g find / \( -path /proc -o -path /sys -o -path /dev \) -prune -o -print | xargs /usr/bin/sha1sum Is this a sensible way to do this? I was thinking that rysnc already has most of this functionality but can it be used to provide the list of differences?

  Read the article

• Restore default ownership in CentOS after terrible chown

  - by tgm

  Is there any way to restore the default ownership of a CentOS filesystem after an accidental chown -R user:group /* ? Before I go and reinstall, I thought I'd ask and perhaps save some time. I'm in the process of setting up a new dev machine (thankfully not prod) and typed too fast or missed the . key or something. I tried to cancel as soon as I caught it but all my /bin /boot /dev etc had already been changed. Is there hope, or just reinstall and be happy it wasn't a production machine?

  Read the article

• Why can't windows see mmcblk0p3? [closed]

  - by jacknad

  The partition is created on the embedded linux target like this # n - new # p - partition # 3 - partition 3 # 66 - starting cylinder # <blank> - maximum size for the ending cylinder # t - set file system type # 3 - partition 3 # c - set to windows vfat # w - write partition table and exit echo -e "n\np\n3\n66\n\nt\n3\nc\nw" | fdisk /dev/mmcblk0 The file system is then formatted on the embedded linux target as MS-DOS like this # -n volume-name # -F FAT-size mkfs.vfat -n DB -F 32 /dev/mmcblk0p3 A linux host can mount and access files in mmcblk0p3 without issue. Why can't windows? Edit: Although the default number of FATS is 2 I tried adding -f 2 [number-of-FATs] since this is actually being done by busybox on an embedded platform but this didn't help. I understand the Linux MS-DOS file system does not support more than 2 FATs but there are only 2 on this target (the boot is also FAT which is visible), along with and EXT3 (on p2) for the root file system.

  Read the article

• Simulating a low-bandwidth, high-latency network connection on Linux

  - by Justin L.

  I'd like to simulate a high-latency, low-bandwidth network connection on my Linux machine. Limiting bandwidth has been discussed before, e.g. here, but I can't find any posts which address limiting both bandwidth and latency. I can get either high latency or low bandwidth using tc. But I haven't been able to combine these into a single connection. In particular, the example rate control script here doesn't work for me: # tc qdisc add dev lo root handle 1:0 netem delay 100ms # tc qdisc add dev lo parent 1:1 handle 10: tbf rate 256kbit buffer 1600 limit 3000 RTNETLINK answers: Operation not supported How can I create a low-bandwidth, high-latency connection, using tc or any other readily-available tool?

  Read the article

• ffmpeg video4linux2 at specified resolution

  - by wim

  When I'm trying to record a clip from my webcam, using: ffmpeg -f video4linux2 -s 640x480 -i /dev/video0 /tmp/spam.avi I get annoying problem with very low resolution video, and there is a message from ffmpeg saying: [video4linux2,v4l2 @ 0x2bff3e0] The V4L2 driver changed the video from 800x600 to 176x144 I have tried not specifying -s, or trying other sizes like 800x600, and always it forces me back to 176x144. Why is this and how can I prevent it? My webcam is one of those Logitech 9000 Pro, I know it supports better resolutions than this and I can see with v4l2-ctl --list-formats-ext that it goes up to at least 800x600. edit: complete console output follows wim@wim-desktop:~$ ffmpeg -f video4linux2 -s 640x480 -i /dev/video0 /tmp/spam.avi ffmpeg version git-2012-11-20-70c0f13 Copyright (c) 2000-2012 the FFmpeg developers built on Nov 21 2012 00:09:36 with gcc 4.6 (Ubuntu/Linaro 4.6.3-1ubuntu5) configuration: --enable-gpl --enable-libfaac --enable-libfdk-aac --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-librtmp --enable-libtheora --enable-libvorbis --enable-libvpx --enable-x11grab --enable-libx264 --enable-nonfree --enable-version3 libavutil 52. 8.100 / 52. 8.100 libavcodec 54. 73.100 / 54. 73.100 libavformat 54. 37.100 / 54. 37.100 libavdevice 54. 3.100 / 54. 3.100 libavfilter 3. 23.101 / 3. 23.101 libswscale 2. 1.102 / 2. 1.102 libswresample 0. 17.100 / 0. 17.100 libpostproc 52. 2.100 / 52. 2.100 [video4linux2,v4l2 @ 0x37a33e0] The V4L2 driver changed the video from 640x480 to 176x144 [video4linux2,v4l2 @ 0x37a33e0] Estimating duration from bitrate, this may be inaccurate Input #0, video4linux2,v4l2, from '/dev/video0': Duration: N/A, start: 37066.740548, bitrate: 6082 kb/s Stream #0:0: Video: rawvideo (YUY2 / 0x32595559), yuyv422, 176x144, 6082 kb/s, 15 tbr, 1000k tbn, 15 tbc File '/tmp/spam.avi' already exists. Overwrite ? [y/N] y Output #0, avi, to '/tmp/spam.avi': Metadata: ISFT : Lavf54.37.100 Stream #0:0: Video: mpeg4 (FMP4 / 0x34504D46), yuv420p, 176x144, q=2-31, 200 kb/s, 15 tbn, 15 tbc Stream mapping: Stream #0:0 -> #0:0 (rawvideo -> mpeg4) Press [q] to stop, [?] for help frame= 95 fps= 22 q=2.0 Lsize= 88kB time=00:00:13.86 bitrate= 51.8kbits/s video:77kB audio:0kB subtitle:0 global headers:0kB muxing overhead 13.553706%

  Read the article

• how to make a php crontab silent

  - by BandonRandon

  I set up a crontab in Cpanel to run every min. It's working great but I don't want an e-mail every min. I have a second cron tab that runs every day. I would like the responce of this tab. Is there a way to tell the crontab to be silent or only e-mail on error? I have: * * * * * php /home/public_html/folder/file.php 2>&1 The last bit 2>&1 I added because i thought it would make it silent. From the Cpanel Docs: You can have cron send an email everytime it runs a command. If you do not want an email to be sent for an individual cron job you can redirect the command's output to /dev/null like this: mycommand /dev/null 2&1

  Read the article

• Constantly diminishing free space on fedora 17

  - by Varun Madiath

  I don't know how to explain this other than to say that my computer seems to magically run out of free when it runs for a while. The output of df -h . oh my home direction is below /dev/mapper/vg_vmadiath--dev-lv_home 50G 47G 0 100% /home When I run sudo du -cks * | sort -rn | head -11 on /home I get the following output. I got this from decreasing free space on fedora 12 32744344 total 32744328 vmadiath 16 lost+found If I restart my system things seem to fix themselves and I'm left with about 20 or 25GB of free space. I'm running XFCE with XMonad as my window manager under fedora 17. Programs I'm running include the XFCE terminal, grep, find, firefox, eclipse, libre-office writer, zsh, emacs. Any help will be greatly appreciated. I'll gladly give you any other output you might need.

  Read the article

• Clonezilla multiple disks restore to single disk

  - by Farseeker

  I have a clonezilla image from a machine that had 3 seperate disks (one partition per disk). I want to know if I can restore that image to another computer that has a hard drive that's much larger than the original, but only has one drive. Clonezilla is stating that it can't do this automatically, and perhaps I should try cnvt-ocs-dev but I've no idea what that means (Google is less than forthcoming with information about it too). Ok so I found out what cnvt-ocs-dev is, and that allows me to move source/destination targets between physical disks, but it doesn't seem to be able to move the partition as well.

  Read the article

• Solaris syslog.conf. What are root and operator?

  - by cjavapro

  In /etc/syslog.conf #ident "@(#)syslog.conf 1.5 98/12/14 SMI" /* SunOS 5.0 */ # # Copyright (c) 1991-1998 by Sun Microsystems, Inc. # All rights reserved. # # syslog configuration file. # # This file is processed by m4 so be careful to quote (`') names # that match m4 reserved words. Also, within ifdef's, arguments # containing commas must be quoted. # *.err;kern.notice;auth.notice /dev/sysmsg *.err;kern.debug;daemon.notice;mail.crit /var/adm/messages *.alert;kern.err;daemon.err operator *.alert root *.emerg * # if a non-loghost machine chooses to have authentication messages # sent to the loghost machine, un-comment out the following line: #auth.notice ifdef(`LOGHOST', /var/log/authlog, @loghost) mail.debug ifdef(`LOGHOST', /var/log/syslog, @loghost) # # non-loghost machines will use the following lines to cause "user" # log messages to be logged locally. # ifdef(`LOGHOST', , user.err /dev/sysmsg user.err /var/adm/messages user.alert `root, operator' user.emerg * ) I googled some and it seems that root and operator mean email to root and to operator. Is this correct?

  Read the article

• Finding the file that is on a bad block on a HFS+ volume (debugfs for HFS+)

  - by Blair Zajac

  I have a drive in our iMac that has bad blocks, as booting from an Ubuntu 11.10 live CD and using ddrescue -f /dev/sda /dev/null finds them. I'd like to get the drive to remap them by writing to the blocks, say using hdparm --write-sector, but I don't want to do this without knowing what's in those blocks and finding the file that owns them, so I can restore the file from another source. I found fileXray but don't feel like spending $79 to map a block to a file and hfsdebug has been taken offline. Are there suggestions on a tool or technique to use? I looked at all the Ubuntu HFS+ packages to see if they could provide this info but nothing jumped out at me. BTW, I used Disk Utility to erase the empty space, but it didn't get any of the bad blocks to be remapped, according to smartctl -A.

  Read the article

• Write permission when mounting Windows shares from Ubuntu

  - by Ola Tuvesson

  I think I'm close to having my dev environment set up exactly the way I want, but one final snag remains. I'm running VirtualBox on a Windows 7 64bit host, with my dev enviroment inside a Ubuntu 12.04 guest. I want to keep the files for my projects on the host filesystem - partly so I can access them when the Ubuntu guest is not running, but also so I can use Tortoise and other Windows based tools (cough Photoshop), and it also eases my backup scheme somewhat. So I've got a folder "Rails" on my NTFS drive, which I've shared from the host with a user specifically created for the Ubuntu guest. The mount point has been set up and an entry added to fstab (cifs), using a credentials file and the options iocharset=utf8,file_mode=0777,dir_mode=07??77 This mounts fine and my Ubuntu user has both read and write permissions to the contents, but when I try to start my Rails app I get permission errors on any files the app needs to write to (e.g. the log file). What gives?

  Read the article

• Cannot copy files from external USB HDD to computer

  - by Thomas Versteeg

  Hello I have a HDD disk connected with a USB converter to my computer. It consists of two partitions, the first one is mounted automatically and I can grab all the files from it, but the second one I have to mount manually as a root in the command line, if I try to open it with nautilus it gives an error. The drive where the problem is is drive sdb1, sdb2 has the same settings but works fine. I am using Debian Wheezy. This is the fstab: /dev/sdb1 /media/usb0 auto defaults,gid=disk,umask=0777 0 0 /dev/sdb2 /media/usb1 auto defaults,gid=disk,umask=0777 0 0 And when I try to copy the files with this command (as root) cp -vr /media/usb0/* /home/user/Videos/ I get these types of errors: cp: reading `/media/usb0/.lang/file.ext': Permission denied cp: failed to extend `/home/user/Videos/.lang/file.ext': Permission denied How can I at least copy the files to my main HDD? I don't need to adjust them I only need to copy them!

  Read the article

• Why does DBAN crash on my HDDs?

  - by John Watson

  I am using DBAN to erase HDD. DBAN is loaded from a CD and BIOS Boot order has been set to favour CD drive. On starting laptop, system boots from CD and DBAN interface can be seen. DBAN detects two storage devices, HDD and the SD Card. My HDD IS 320GB but DBAN says 298GB. It erases the SD card but when i try to erase HDD, it gives following error. DBAN finished with non-fatal errors. *ERROR /dev/sdb (process crash) *ERROR /dev/sda (process crash)

  Read the article

• Debian no lib32asound2-plugins=1.0.25

  - by erai

  I compiled git wine 1.5.6 and the sound is not working correctly. winecfg gives a message: ALSA lib ../../pulse/pcm_pulse.c:995:(_snd_pcm_pulse_open) Unknown field handle_underrun err:winediag:AUDDRV_GetAudioEndpoint PulseAudio "default" -22 without handle_underrun. Audio may hang. Please upgrade to alsa_plugins >= 1.0.24 err:ole:CoInitializeEx Attempt to change threading model of this apartment from multi-threaded to apartment threaded But on wheezy there is no package lib32asound2-plugins 1.0.25 So, how do I build and package alsa-plugins to install to lib32? Or how do I use automake's configure to compile a 32bit lib on a 64 bit system. All I Need now is the libavcodec-dev for 32bit, but I don't understand. What is the 32bit libavcodec-dev package for amd64 debian?

  Read the article

• Packets marked by iptables only sent to the correct routing table sometimes

  - by cookiecaper

  I am trying to route packets generated by a specific user out over a VPN. I have this configuration: $ sudo iptables -S -t nat -P PREROUTING ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT -A POSTROUTING -o tun0 -j MASQUERADE $ sudo iptables -S -t mangle -P PREROUTING ACCEPT -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT -A OUTPUT -m owner --uid-owner guy -j MARK --set-xmark 0xb/0xffffffff $ sudo ip rule show 0: from all lookup local 32765: from all fwmark 0xb lookup 11 32766: from all lookup main 32767: from all lookup default $ sudo ip route show table 11 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 10.8.0.6 dev tun0 scope link 10.8.0.1 via 10.8.0.5 dev tun0 0.0.0.0/1 via 10.8.0.5 dev tun0 $ sudo iptables -S -t raw -P PREROUTING ACCEPT -P OUTPUT ACCEPT -A OUTPUT -m owner --uid-owner guy -j TRACE -A OUTPUT -p tcp -m tcp --dport 80 -j TRACE It seems that some sites work fine and use the VPN, but others don't and fall back to the normal interface. This is bad. This is a packet trace that used VPN: Oct 27 00:24:28 agent kernel: [612979.976052] TRACE: raw:OUTPUT:rule:2 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 Oct 27 00:24:28 agent kernel: [612979.976105] TRACE: raw:OUTPUT:policy:3 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 Oct 27 00:24:28 agent kernel: [612979.976164] TRACE: mangle:OUTPUT:rule:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 Oct 27 00:24:28 agent kernel: [612979.976210] TRACE: mangle:OUTPUT:policy:2 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:24:28 agent kernel: [612979.976269] TRACE: nat:OUTPUT:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:24:28 agent kernel: [612979.976320] TRACE: filter:OUTPUT:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:24:28 agent kernel: [612979.976367] TRACE: mangle:POSTROUTING:policy:1 IN= OUT=tun0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:24:28 agent kernel: [612979.976414] TRACE: nat:POSTROUTING:rule:1 IN= OUT=tun0 SRC=XXX.YYY.ZZZ.AAA DST=23.1.17.194 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=14494 DF PROTO=TCP SPT=57502 DPT=80 SEQ=2294732931 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6E01D0000000001030307) UID=999 GID=999 MARK=0xb and this is one that didn't: Oct 27 00:22:41 agent kernel: [612873.662559] TRACE: raw:OUTPUT:rule:2 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 Oct 27 00:22:41 agent kernel: [612873.662609] TRACE: raw:OUTPUT:policy:3 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 Oct 27 00:22:41 agent kernel: [612873.662664] TRACE: mangle:OUTPUT:rule:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 Oct 27 00:22:41 agent kernel: [612873.662709] TRACE: mangle:OUTPUT:policy:2 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:22:41 agent kernel: [612873.662761] TRACE: nat:OUTPUT:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:22:41 agent kernel: [612873.662808] TRACE: filter:OUTPUT:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 MARK=0xb Oct 27 00:22:41 agent kernel: [612873.662855] TRACE: mangle:POSTROUTING:policy:1 IN= OUT=eth0 SRC=XXX.YYY.ZZZ.AAA DST=209.68.27.16 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=40425 DF PROTO=TCP SPT=45305 DPT=80 SEQ=604973951 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A03A6B6960000000001030307) UID=999 GID=999 MARK=0xb I have already tried "ip route flush cache", to no avail. I do not know why the first packet goes through the correct routing table, and the second doesn't. Both are marked. Once again, I do not want ALL packets system-wide to go through the VPN, I only want packets from a specific user (UID=999) to go through the VPN. I am testing ipchicken.com and walmart.com via links, from the same user, same shell. walmart.com appears to use the VPN; ipchicken.com does not. Any help appreciated. Will send 0.5 bitcoins to answerer who makes this fixed.

  Read the article

• Bridging LXC containers to host eth0 so they can have a public IP

  - by Vianney Stroebel

  UPDATE: I found the solution there: http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge#No_traffic_gets_trough_.28except_ARP_and_STP.29 # cd /proc/sys/net/bridge # ls bridge-nf-call-arptables bridge-nf-call-iptables bridge-nf-call-ip6tables bridge-nf-filter-vlan-tagged # for f in bridge-nf-*; do echo 0 $f; done But I'd like to have expert opinions on this: is it safe to disable all bridge-nf-*? What are they here for? END OF UPDATE I need to bridge LXC containers to the physical interface (eth0) of my host, reading numerous tutorials, documents and blog posts on the subject. I need the containers to have their own public IP (which I've previously done KVM/libvirt). After two days of searching and trying, I still can't make it work with LXC containers. The host runs a freshly installed Ubuntu Server Quantal (12.10) with only libvirt (which I'm not using here) and lxc installed. I created the containers with : lxc-create -t ubuntu -n mycontainer So they also run Ubuntu 12.10. Content of /var/lib/lxc/mycontainer/config is: lxc.utsname = mycontainer lxc.mount = /var/lib/lxc/test/fstab lxc.rootfs = /var/lib/lxc/test/rootfs lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.name = eth0 lxc.network.veth.pair = vethmycontainer lxc.network.ipv4 = 179.43.46.233 lxc.network.hwaddr= 02:00:00:86:5b:11 lxc.devttydir = lxc lxc.tty = 4 lxc.pts = 1024 lxc.arch = amd64 lxc.cap.drop = sys_module mac_admin mac_override lxc.pivotdir = lxc_putold # uncomment the next line to run the container unconfined: #lxc.aa_profile = unconfined lxc.cgroup.devices.deny = a # Allow any mknod (but not using the node) lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m # /dev/null and zero lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:5 rwm # consoles lxc.cgroup.devices.allow = c 5:1 rwm lxc.cgroup.devices.allow = c 5:0 rwm #lxc.cgroup.devices.allow = c 4:0 rwm #lxc.cgroup.devices.allow = c 4:1 rwm # /dev/{,u}random lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 5:2 rwm # rtc lxc.cgroup.devices.allow = c 254:0 rwm #fuse lxc.cgroup.devices.allow = c 10:229 rwm #tun lxc.cgroup.devices.allow = c 10:200 rwm #full lxc.cgroup.devices.allow = c 1:7 rwm #hpet lxc.cgroup.devices.allow = c 10:228 rwm #kvm lxc.cgroup.devices.allow = c 10:232 rwm Then I changed my host /etc/network/interfaces to: auto lo iface lo inet loopback auto br0 iface br0 inet static bridge_ports eth0 bridge_fd 0 address 92.281.86.226 netmask 255.255.255.0 network 92.281.86.0 broadcast 92.281.86.255 gateway 92.281.86.254 dns-nameservers 213.186.33.99 dns-search ovh.net When I try command line configuration ("brctl addif", "ifconfig eth0", etc.) my remote host becomes inaccessible and I have to hard reboot it. I changed the content of /var/lib/lxc/mycontainer/rootfs/etc/network/interfaces to: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 179.43.46.233 netmask 255.255.255.255 broadcast 178.33.40.233 gateway 92.281.86.254 It takes several minutes for mycontainer to start (lxc-start -n mycontainer). I tried replacing gateway 92.281.86.254 by : post-up route add 92.281.86.254 dev eth0 post-up route add default gw 92.281.86.254 post-down route del 92.281.86.254 dev eth0 post-down route del default gw 92.281.86.254 My container then starts instantly. But whatever configuration I set in /var/lib/lxc/mycontainer/rootfs/etc/network/interfaces, I cannot ping from mycontainer to any IP (including the host's) : ubuntu@mycontainer:~$ ping 92.281.86.226 PING 92.281.86.226 (92.281.86.226) 56(84) bytes of data. ^C --- 92.281.86.226 ping statistics --- 6 packets transmitted, 0 received, 100% packet loss, time 5031ms And my host cannot ping the container: root@host:~# ping 179.43.46.233 PING 179.43.46.233 (179.43.46.233) 56(84) bytes of data. ^C --- 179.43.46.233 ping statistics --- 5 packets transmitted, 0 received, 100% packet loss, time 4000ms My container's ifconfig: ubuntu@mycontainer:~$ ifconfig eth0 Link encap:Ethernet HWaddr 02:00:00:86:5b:11 inet addr:179.43.46.233 Bcast:255.255.255.255 Mask:0.0.0.0 inet6 addr: fe80::ff:fe79:5a31/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:64 errors:0 dropped:6 overruns:0 frame:0 TX packets:54 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4070 (4.0 KB) TX bytes:4168 (4.1 KB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:32 errors:0 dropped:0 overruns:0 frame:0 TX packets:32 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2496 (2.4 KB) TX bytes:2496 (2.4 KB) My host's ifconfig: root@host:~# ifconfig br0 Link encap:Ethernet HWaddr 4c:72:b9:43:65:2b inet addr:92.281.86.226 Bcast:91.121.67.255 Mask:255.255.255.0 inet6 addr: fe80::4e72:b9ff:fe43:652b/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1453 errors:0 dropped:18 overruns:0 frame:0 TX packets:1630 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:145125 (145.1 KB) TX bytes:299943 (299.9 KB) eth0 Link encap:Ethernet HWaddr 4c:72:b9:43:65:2b UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3178 errors:0 dropped:0 overruns:0 frame:0 TX packets:1637 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:298263 (298.2 KB) TX bytes:309167 (309.1 KB) Interrupt:20 Memory:fe500000-fe520000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:300 (300.0 B) TX bytes:300 (300.0 B) vethtest Link encap:Ethernet HWaddr fe:0d:7f:3e:70:88 inet6 addr: fe80::fc0d:7fff:fe3e:7088/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:54 errors:0 dropped:0 overruns:0 frame:0 TX packets:67 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4168 (4.1 KB) TX bytes:4250 (4.2 KB) virbr0 Link encap:Ethernet HWaddr de:49:c5:66:cf:84 inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) I have disabled lxcbr0 (USE_LXC_BRIDGE="false" in /etc/default/lxc). root@host:~# brctl show bridge name bridge id STP enabled interfaces br0 8000.4c72b943652b no eth0 vethtest I have configured the IP 179.43.46.233 to point to 02:00:00:86:5b:11 in my hosting provider (OVH) config panel. (The IPs in this post are not the real ones.) Thanks for reading this long question! :-) Vianney

  Read the article

< Previous Page | 112 113 114 115 116 117 118 119 120 121 122 123  | Next Page >