Search Results

Search found 5578 results on 224 pages for 'transport rules'.

Page 120/224 | < Previous Page | 116 117 118 119 120 121 122 123 124 125 126 127  | Next Page >

• How to configure remote access to multiple subnets behind a SonicWALL NSA 2400

  - by Kyle Noland

  I have a client that uses a SonicWALL NSA 2400 as their firewall. I need to setup a second LAN subnet for a handful of PC. Management has decided that there should be a second subnet even though intend to allow access across the two subnets - I know... I'm having trouble getting communication across the 2 subnets. I can ping each gateway, but I cannot ping or seem to route traffic fron subnet A to subnet B. Here is my current setup: X0 Interface: LAN zone with IP addres 192.168.1.1 X1 Interface: WAN zone with WAN IP address X2 Interface: LAN zone with IP address 192.168.75.1 I have configured ARP and routes for the secondar subnet (X2) according to this SonicWALL KB article: http://www.sonicwall.com/downloads/supporting_multiple_firewalled_subnets_on_sonicos_enhanced.pdf using "Example 1". At this point I don't minding if I have to throw the SonicWALL GVC software VPN client into the mix to make it work. It feel like I have an Access Rule issue, but for testing I made LAN LAN, WAN LAN and VPN LAN rules wide open with the same results.

  Read the article

• Block P2P traffic on a Linksys router WRT54G with Tomato firmware

  - by Kami

  I'm running a small wireless network (6 to 10 users) on a Linksys WRT54G with Tomato firmware sharing an Internet connection. I don't want the users to download files with BitTorrent (mainly used) and other P2P apps. I've also found some solutions about lowering P2P traffic priority using QoS. I really need to ban P2P traffic. Does anyone know how to setup some rules to deny that kind of traffic? I've tried to setup an Access Restriction Rule: However it's not working at all.

  Read the article

• "OR" clause in Outlook 2007 Search Folders - Folder Composition

  - by Thomas L Holaday

  Is it possible to specify a Search Folder in Outlook 2007 that will use an OR rule ("any") instead of an AND rule ("and")? In particular, I have a search folder named A and another named B; I want a search folder named AB that will have all the messages that are in either A or B, or both. When I specify AB with the rules "In Folder is A exactly" and "In Folder is B exactly", I get an empty folder, possibly because at the moment no messages are in both. Is the workaround to rename "A" to "A workaround" and "B" to "B workaround" and then specify "AB" with the rule "In Folder contains workaround"? Urggh.

  Read the article

• Can connect to shared folder on Windows Server 2012, but access denied when accessing

  - by Cylindric

  I have a Windows Server 2012 (non-domain) with a folder that's shared out as TestShare. The share permissions are Everyone has full access, and there is a local user TestUser that has full access to the actual folder. On GuestServer I can connect and/or map a drive to \HostServer\TestShare, specifying the username and password for TestUser. NTFS permissions: Share permissions Effective Access Report The problem is that when I try to access the folder, I get an "access denied" message. On the host server I can see the user connected to the share in the Sessions manager, so the password is correct and being recognised. If I use an incorrect password I don't get the "completed successfully" message, nor the 'open session'. What else can be blocking access to the shared files, when the share seems to be set, and the folder permissions seem to be set, and the connection seems to be okay? The network is recognised as "public", and the relevant firewall rules seem to be enabled - even disabling the firewall doesn't help.

  Read the article

• Blocking a country (mass iP Ranges), best practice for the actual block

  - by kwiksand

  Hi all, This question has obviously been asked many times in many different forms, but I can't find an actual answer to the specific plan I've got. We run a popular European Commercial deals site, and are getting a large amount of incoming registrations/traffic from countries who cannot even take part in the deals we offer (and many of the retailers aren't even known outside Western Europe). I've identified the problem area to block a lot of this traffic, but (as expected) there are thousands of ip ranges required. My question now (finally!). On a test server, I created a script to block each range within iptables, but the amount of time it took to add the rules was large, and then iptables was unresponsive after this (especially when attempting a iptables -L). What is the most efficient way of blocking large numbers of ip ranges: iptables? Or a plugin where I can preload them efficiantly? hosts.deny? .htaccess (nasty as I'd be running it in apache on every load balanced web server)? Cheers

  Read the article

• UFW: force traffic thru OpenVPN tunnel / do not leak any traffic

  - by hotzen

  I have VPN access using OpenVPN and try to create a safe machine that does not leak traffic over non-VPN interfaces. Using the firewall UFW I try to achieve the following: Allow Access from LAN to the machine's web-interface Otherwise only allow Traffic on tun0 (OpenVPN-Tunnel interface when established) Reject (or forward?) any traffic over other interfaces Currently I am using the following rules (sudo ufw status): To Action From -- ------ ---- 192.168.42.11 9999/tcp ALLOW Anywhere # allow web-interface Anywhere on tun0 ALLOW Anywhere # out only thru tun0 Anywhere ALLOW OUT Anywhere on tun0 # in only thru tun0 My problem is that the machine is initially not able to establish the OpenVPN-connection since only tun0 is allowed, which is not yet established (chicken-egg-problem) How do I allow creating the OpenVPN connection and from this point onward force every single packet to go thru the VPN-tunnel?

  Read the article

• Can I use wildcards is puppet package ensure to cover multiple releaseversion

  - by Rob van den Eijnde

  Using puppet I want to update packages on my (CentOS 5 & 6 servers) in a controlled way. Therefore I don't want to use ensure=>latest but rather ensure=>3.0.1-1. Example: class puppet::installation inherits puppet { package { "puppet": ensure => "3.0.1-1", } } The update works alright but puppet agent keeps complaining that there is a difference: /Stage[main]/Puppet::Installation/Package[puppet]/ensure: current_value 3.0.1-1.el6, should be 3.0.1-1 (noop) I can solve this by changing the ensure rule to 3.0.1-1.el6 but than that won't work on CentOS 5. Is there a short/clean way to solve this or do I have to write to seperate, os-releaseversion dependant rules. I have been googling for a solution but didn't find anything pertaining to this particular question. Any suggestion or reference to a relevant example would be appreciated.

  Read the article

• XSLT: How to exclude empty elements from my result?

  - by Fedor Steeman

  I have a rather complicated xslt sheet transforming one xml format to another using templates. However, in the resulting xml, I need to have all the empty elements excluded. How is that done? This is how the base xslt looks like: <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:far="http://www.itella.com/fargo/fargogate/" xmlns:a="http://tempuri.org/XMLSchema.xsd" xmlns:p="http://tempuri.org/XMLSchema.xsd"> <xsl:import href="TransportCDMtoFDM_V0.6.xsl"/> <xsl:import href="ConsignmentCDMtoFDM_V0.6.xsl"/> <xsl:template match="/"> <InboundFargoMessage> <EdiSender> <xsl:value-of select="TransportInformationMessage/SenderId"/> </EdiSender> <EdiReceiver> <xsl:value-of select="TransportInformationMessage/RecipientId"/> </EdiReceiver> <EdiSource> <xsl:value-of select="TransportInformationMessage/Waybill/Parties/Consignor/Id"/> </EdiSource> <EdiDestination>FARGO</EdiDestination> <Transportations> <xsl:for-each select="TransportInformationMessage/TransportUnits/TransportUnit"> <xsl:call-template name="transport"/> </xsl:for-each> <xsl:for-each select="TransportInformationMessage/Waybill/TransportUnits/TransportUnit"> <xsl:call-template name="transport"/> </xsl:for-each> <xsl:for-each select="TransportInformationMessage/Waybill"> <EdiImportTransportationDTO> <Consignments> <xsl:for-each select="Shipments/Shipment"> <xsl:call-template name="consignment"/> </xsl:for-each> </Consignments> <EdiTerminalDepartureTime> <xsl:value-of select="DatesAndTimes/EstimatedDepartureDateTime"/> <xsl:value-of select="DatesAndTimes/DepartureDateTime"/> </EdiTerminalDepartureTime> <EdiAgentTerminalArrivalDate> <xsl:value-of select="DatesAndTimes/EstimatedArrivalDateTime"/> <xsl:value-of select="DatesAndTimes/ArrivalDateTime"/> </EdiAgentTerminalArrivalDate> <EdiActivevehicle> <xsl:value-of select="Vehicle/TransportShiftNumber"/> </EdiActivevehicle> <EdiConveyerZipCodeTown><xsl:text> </xsl:text></EdiConveyerZipCodeTown> </EdiImportTransportationDTO> </xsl:for-each> </Transportations> </InboundFargoMessage> </xsl:template> </xsl:stylesheet> What needs to be added, so that empty elements are left out? For example, a snippet from the resulting xml: <?xml version="1.0" encoding="UTF-8"?> <InboundFargoMessage xmlns:p="http://tempuri.org/XMLSchema.xsd" xmlns:far="http://www.itella.com/fargo/fargogate/" xmlns:a="http://tempuri.org/XMLSchema.xsd"> <EdiSender>XXXX</EdiSender> <EdiReceiver>YYYY</EdiReceiver> <EdiSource>TR/BAL/IST</EdiSource> <EdiDestination>FARGO</EdiDestination> <Transportations> <EdiImportTransportationDTO> <Consignments> <EdiImportConsignmentDTO> <ConsignmentLines> <EdiImportConsignmentLineDTO> <DangerousGoodsItems> <EdiImportDangerGoodsItemDTO> <EdiKolliTypeOuter/> <EdiKolliTypeInner/> <EdiTechnicalDescription/> <EdiUNno/> <EdiClass/> <EdiDangerFactor/> <EdiEmergencyTemperature/> </EdiImportDangerGoodsItemDTO> </DangerousGoodsItems> <BarCodes> <EdiImportConsignmentLineBarcodeDTO/> </BarCodes> <EdiNumberOfPieces>00000002</EdiNumberOfPieces> <EdiGrossWeight>0.000</EdiGrossWeight> <EdiHeight/> <EdiWidth/> <EdiLength/> <EdiGoodsDescription/> <EdiMarkingAndNumber/> <EdiKolliType>road</EdiKolliType> <EdiCbm/> <EdiLdm/> </EdiImportConsignmentLineDTO> That really needs to be: <?xml version="1.0" encoding="UTF-8"?> <InboundFargoMessage xmlns:p="http://tempuri.org/XMLSchema.xsd" xmlns:far="http://www.itella.com/fargo/fargogate/" xmlns:a="http://tempuri.org/XMLSchema.xsd"> <EdiSender>XXXX</EdiSender> <EdiReceiver>YYYY</EdiReceiver> <EdiSource>TR/BAL/IST</EdiSource> <EdiDestination>FARGO</EdiDestination> <Transportations> <EdiImportTransportationDTO> <Consignments> <EdiImportConsignmentDTO> <ConsignmentLines> <EdiImportConsignmentLineDTO> <DangerousGoodsItems/> <BarCodes/> <EdiNumberOfPieces>00000002</EdiNumberOfPieces> <EdiGrossWeight>0.000</EdiGrossWeight> <EdiKolliType>road</EdiKolliType> </EdiImportConsignmentLineDTO> In other words: Empty elements should be left out.

  Read the article

• Is zip's encryption really bad?

  - by Nifle

  The standard advice for many years regarding compression and encryption has been that the encryption strength of zip is bad. Is this really the case in this day and age? I read this article about WinZip (it has had the same bad reputation). According to that article the problem is removed provided you follow a few rules when choosing your password. At least 12 characters in length Be random not contain any dictionary, common words or names At least one Upper Case Character Have at least one Lower Case Character Have at least one Numeric Character Have at least one Special Character e.g. $,£,*,%,&,! This would result in roughly 475,920,314,814,253,000,000,000 possible combinations to brute force Please provide recent (say past five years) links to back up your information.

  Read the article

• Ctrl key is broken on HP Envy is broken, where can I find a replacement

  - by NewProger

  I work as a developer so I have to use key combinations a lot. And I have HP Envy laptop. And the Ctrl key is broken for the second time. First time I just took one from my friend. But I don't have any more friends who are willing to sacrifice their Ctrl key Anyone know where I can find one? (or rather a bunch because they are so weak and low quality) I tried to contact HP support but they did everything to prevent people from doing it. And it is impossible to reach HP support. And in my case where warranty is expired it is not possible at all according to their rules. Also I tried Googling but found nothing

  Read the article

• Exchange Connector Won't Send to External Domains

  - by sisdog

  I'm a developer trying to get my .Net application to send emails out through our Exchange server. I'm not an Exchange expert so I'll qualify that up front!! We've set up a receive Connector in Exchange that has the following properties: Network: allows all IP addresses via port 25. Authentication: Transport Layer Security and Externally Secured checkboxes are checked. Permission Groups: Anonymous Users and Exchange Servers checkboxes are checked. But, when I run this Powershell statement right on our Exchange server it works when I send to a local domain address but when I try to send to a remote domain it fails. WORKS: C:\Windows\system32Send-Mailmessage -To [email protected] -From [email protected] -Subject testing -Body testing -SmtpServer OURSERVER (BTW: my value for OURSERVER=boxname.domainname.local. This is the same fully-qualified name that shows up in our Exchange Management Shell when I launch it). FAILS: C:\Windows\system32Send-Mailmessage -To [email protected] -From [email protected] -Subject testing -Body testing -SmtpServer OURSERVER Send-MailMessage : Mailbox unavailable. The server response was: 5.7.1 Unable to relay At line:1 char:17 + Send-Mailmessage <<<< -To [email protected] -From [email protected] -Subject testing -Body himom -SmtpServer FTI-EX + CategoryInfo : InvalidOperation: (System.Net.Mail.SmtpClient:SmtpClient) [Send-MailMessage], SmtpFailed RecipientException + FullyQualifiedErrorId : SmtpException,Microsoft.PowerShell.Commands.SendMailMessage EDIT: From @TheCleaner 's advice, I ran the Add-ADPermission to the relay and it didn't help; [PS] C:\Windows\system32Get-ReceiveConnector "Allowed Relay" | Add-ADPermission -User "NT AUTHORITY\ANONYMOUS LOGON" -E xtendedRights "Ms-Exch-SMTP-Accept-Any-Recipient" Identity User Deny Inherited -------- ---- ---- --------- FTI-EX\Allowed Relay NT AUTHORITY\ANON... False False Thanks for the help. Mark

  Read the article

• wsdl interoperability problems

  - by manu1001

  I wrote a .asmx web service which I'm trying to consume from a java client. I'm using axis2's wsdl2java to generate code. But it says that the wsdl is invalid. What exactly is the problem here? It is .net which generated the wsdl automatically after all. Are there problems with wsdl standards, rather the lack of them? What can I do now? I'm putting the wsdl here for reference. <?xml version="1.0" encoding="utf-8"?> <wsdl:definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tm="http://microsoft.com/wsdl/mime/textMatching/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:tns="http://localhost:4148/" xmlns:s="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" targetNamespace="http://localhost:4148/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"> <wsdl:types> <s:schema elementFormDefault="qualified" targetNamespace="http://localhost:4148/"> <s:element name="GetUser"> <s:complexType> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="uid" type="s:string" /> </s:sequence> </s:complexType> </s:element> <s:element name="GetUserResponse"> <s:complexType> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="GetUserResult" type="tns:User" /> </s:sequence> </s:complexType> </s:element> <s:complexType name="User"> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="HA" type="tns:ComplexT" /> <s:element minOccurs="0" maxOccurs="1" name="AP" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="AL" type="tns:ArrayOfString" /> <s:element minOccurs="0" maxOccurs="1" name="CO" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="EP" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="ND" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="AE" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="IE" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="IN" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="HM" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="AN" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="MI" type="tns:ArrayOfString" /> <s:element minOccurs="0" maxOccurs="1" name="NO" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="TL" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="UI" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="DT" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="PT" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="PO" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="AE" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="ME" type="tns:ArrayOfString" /> </s:sequence> </s:complexType> <s:complexType name="ComplexT"> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="SR" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="CI" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="TA" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="SC" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="RU" type="s:string" /> <s:element minOccurs="0" maxOccurs="1" name="HN" type="s:string" /> </s:sequence> </s:complexType> <s:complexType name="ArrayOfString"> <s:sequence> <s:element minOccurs="0" maxOccurs="unbounded" name="string" nillable="true" type="s:string" /> </s:sequence> </s:complexType> </s:schema> </wsdl:types> <wsdl:message name="GetUserSoapIn"> <wsdl:part name="parameters" element="tns:GetUser" /> </wsdl:message> <wsdl:message name="GetUserSoapOut"> <wsdl:part name="parameters" element="tns:GetUserResponse" /> </wsdl:message> <wsdl:portType name="UserServiceSoap"> <wsdl:operation name="GetUser"> <wsdl:input message="tns:GetUserSoapIn" /> <wsdl:output message="tns:GetUserSoapOut" /> </wsdl:operation> </wsdl:portType> <wsdl:binding name="UserServiceSoap" type="tns:UserServiceSoap"> <soap:binding transport="http://schemas.xmlsoap.org/soap/http" /> <wsdl:operation name="GetUser"> <soap:operation soapAction="http://localhost:4148/GetUser" style="document" /> <wsdl:input> <soap:body use="literal" /> </wsdl:input> <wsdl:output> <soap:body use="literal" /> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:binding name="UserServiceSoap12" type="tns:UserServiceSoap"> <soap12:binding transport="http://schemas.xmlsoap.org/soap/http" /> <wsdl:operation name="GetUser"> <soap12:operation soapAction="http://localhost:4148/GetUser" style="document" /> <wsdl:input> <soap12:body use="literal" /> </wsdl:input> <wsdl:output> <soap12:body use="literal" /> </wsdl:output> </wsdl:operation> </wsdl:binding> <wsdl:service name="UserService"> <wsdl:port name="UserServiceSoap" binding="tns:UserServiceSoap"> <soap:address location="http://localhost:4148/Service/UserService.asmx" /> </wsdl:port> <wsdl:port name="UserServiceSoap12" binding="tns:UserServiceSoap12"> <soap12:address location="http://localhost:4148/Service/UserService.asmx" /> </wsdl:port> </wsdl:service> </wsdl:definitions>

  Read the article

• Set up SSL/HTTPS in zend application via .htaccess

  - by davykiash

  I have been battling with .htaccess rules to get my SSL setup working right for the past few days.I get a requested URL not found error whenever I try access any requests that does not do through the index controller. For example this URL would work fine if I enter the it manually https://www.example.com/index.php/auth/register However my application has been built in such a way that the url should be this https://www.example.com/auth/register and that gives the requested URL not found error My other URLs such as https://www.example.com/index/faq https://www.example.com/index/blog https://www.example.com/index/terms work just fine. What rule do I need to write in my htaccess to get the URL https://www.example.com/auth/register working? My htaccess file looks like this RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L] RewriteCond %{REQUEST_FILENAME} -s [OR] RewriteCond %{REQUEST_FILENAME} -l [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^.*$ - [NC,L] RewriteRule ^.*$ index.php [NC,L] I posted an almost similar question in stackoverflow

  Read the article

• How to know currently open ports on the Windows Firewall?

  - by QIU Quan

  On Windows XP and Windows Server 2003, I can know currently open ports on the Windows Firewall using the following command: netsh firewall show state However, on Windows 7 and Hyper-V Server 2008 R2, when I give that command, it says: No ports are currently open on all network interfaces. IMPORTANT: Command executed successfully. However, "netsh firewall" is deprecated; use "netsh advfirewall firewall" instead. Apparently there are ports open because services such as NetBIOS NS, Remote Desktop, and Hyper-V remote administration are functioning. I tried a few 'netsh advfirewall' show commands, but didn't get a way to find out which ports are permit by Windows Firewall. Knowing the currently open ports, I can be sure that I'm permitting necessary and sufficient traffic to pass in, no more, no less. Going through the whole set of advanced firewall rules is so tedious and error-prone. Is there a command on Windows 7 and Windows Server 2008 to do this efficiently?

  Read the article

• PTR record not valid for all domains

  - by charnley

  We have an issue sending emails to certain domains, namely Time Warner and Cox. Last week, we decommissioned our Exchange 2003 server and now our Exchange 2010 server is doing all of the transport for our domain. We run our own authoritative name servers, so we are in charge of the DNS and have modified our PTR record to reflect the new server. All mailflow is working except for these 2 domains. When I telnet on port 25 to the mail servers for Cox and Time Warner I am receiving errors. For Cox the error is: 554... rejected - no rDNS And when I telnet to port 25 to the Time Warner mail server we get this: 554 5.7.1 - Connection refused. IP name lookup failed for x.x.x.x I have run through the outbound SMTP test on Microsoft Remote Connectivity Analyzer and get 100% completely successful results. MXToolbox comes up with all successful tests on SMTP as well, showing correct reverse banner check, and no blacklisting. DNSQueries.com shows a valid reverse DNS entry as well for us. Outbound emails to these 2 domains continue to sit in the queue. Any ideas or advice would be greatly appreciated. Thanks!

  Read the article

• HALEVT troubleshooting: VFAT usb storage device gets mounted with root:root user:group

  - by Nova deViator

  Hi, i'm banging my head for number of days around this problem. using Halevt for automounting, everything mostly works, but the only thing is that Halevt mounts external USB storage devices as root. So, as user i cannot write to files on them. Halevt gets run as halevt user on boot through /etc/init.d script. This is Ubuntu Lucid with Awesome WM. No GDM. Running halevt as user seem to not work (halevt runs but doesn't respond on Insert) I know HAL is deprecated and removed and i should probably write my own UDEV rules, but until then it seems there must a be simple hack that enables mounting VFAT/NTFS devices with specific uid/gid. this question/answer helps a lot, but not specifically to the above.

  Read the article

• Blocking ports on the public IP assigned to lo interface in GNU/Linux

  - by nixnotwin

  I have setup my Ubuntu server as a router and webserver by following the answer given here. My ISP facing interface eth0 has a private 172.16.x.x/30 ip and my lo interface has a public IP as mentioned in the answer to the question linked above. The setup is working well. The only snag I have experienced is that I could not find a way to block the ports exposed by the public IP on the lo interface. I tried doing iptables -A INPUT -i eth0 -j DROP, and my server lost connectivity to the public network (internet). I could not ping any public ips. What I want is a way to block ports that are exposed by the public ip on the lo interface. And also I require iptables rules that can expose ports like 80 or openvpn port to the public network.

  Read the article

• Which iptables rule do you think is a 'must have'

  - by Saif Bechan

  I have some basic iptable rules set up now for my vps. Just block everything except some default ports, 80,21,22,443. I do get brute forced a lot. I have heard that iptables is very powerful but I have not seen many use cases. Can you give me an example of a(some) rule(s) you always use and give a small example why. I can not find a general best practice post here on SF, if there is any I would like the link. If this is a duplicate I am sorry and it can be closed.

  Read the article

• Puppet apache module causing 'Error 400 on SERVER: Invalid parameter identifier'

  - by Andy Shinn

  I am receiving the following error when trying to use the latest puppetlabs-apache module from github (https://github.com/puppetlabs/puppetlabs-apache): Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid parameter identifier at /etc/puppet/environments/apache_update/modules/apache/manifests/mod.pp:40 on node zordon.mydomain.com Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run My node config looks like: node 'zordon.mydomain.com' { include template::common include template::puppetagent include template::lamp User::Create sudo::conf { 'joe': priority = 60, content = 'joe ALL=(ALL) NOPASSWD: ALL', require = User::Create['joe'], } } The template::lamp class is what uses apache module: class template::lamp { include myfirewall Firewall Firewall class { 'apache': } class { 'apache::mod::php': } class { 'apache::mod::ssl': } class { 'mysql::server': } } It looks like serverfault markup is getting garbled on Puppet realize statements. The User::Create and Firewall lines are just realizing a user and 2 firewall rules. I have verified that the /var/lib/puppet/lib/puppet/type/a2mod.rb type has the identifier parameter and it is the same MD5 as the server. I am using Puppet 3.0.1 on both agent and master. Any idea what may cause this?

  Read the article

• Domino 8.5.3: Modify Subject of Incoming Email

  - by Void

  I am a newbie in managing and development for Domino. Recently, I have request from other teams at work to set up a filter or agent for incoming mail. This is the requirement for the request: Look for Incoming Mail addressed to #CRITICAL (mutlipurpose, internal group containing a list of engineers) For mail matching Point 1, append "For Immediate Action: " to the front of the Subject Some restrictions I have: Only the Domino server is under my charge, not to touch on network-side or other servers No 3rd party software to be installed I have gone through the configurations in the Domino server and the closest thing I have to filtering Email is the Router/SMTP Restrictions... Rules. But this is not able to fulfill Point 2 in any way. Is this even possible using just Domino server settings, or through agents?

  Read the article

• conditional formatting in excel 2010

  - by bigMir

  I have some strange problem, after I've made switch from excel 2007 to excel 2010 I've started to receive duplicates of conditional formatting rules in excel. For example: I have conditional formatting which colors the cell when it detects that cell contains a word "hello". When I copy this cell to other cells (which also contains the same rule) sometimes I receive duplicates. Those duplicates really slows down excel. So my question is: is there any possiblity to disable copy/paste of conditional formatting (I want to copy/paste all content excep conditional formatting, all formulas values and other stuff). P.S. Just to make it clear, I don't know how to reporduce that problem, it occurs sometimes and I work with excel a lot

  Read the article

• Iptables based router inside KVM virtual machine

  - by Anton

  I have KVM virtual machine (CentOS 6.2 x64), it has 2 NIC: eth0 - real external IP 1.2.3.4 (simplified example instead of real one) eth1 - local internal IP 172.16.0.1 Now I'm trying to make port mapping 1.2.3.4:80 = 172.16.0.2:80 Current iptables rules: # Generated by iptables-save v1.4.7 on Fri Jun 29 17:53:36 2012 *nat :OUTPUT ACCEPT [0:0] :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A POSTROUTING -o eth0 -j MASQUERADE -A PREROUTING -p tcp -m tcp -d 1.2.3.4 --dport 80 -j DNAT --to-destination 172.16.0.2:80 COMMIT # Completed on Fri Jun 29 17:53:36 2012 # Generated by iptables-save v1.4.7 on Fri Jun 29 17:53:36 2012 *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT # Completed on Fri Jun 29 17:53:36 2012 # Generated by iptables-save v1.4.7 on Fri Jun 29 17:53:36 2012 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] COMMIT # Completed on Fri Jun 29 17:53:36 2012 But there is nothing works, I mean it does not forwards that port. Similar configuration without virtualization seems to be working. What am I missing? Thanks!

  Read the article

• Forwarding ports with ssh on Linux

  - by Patrick Klingemann

  I have a database server, let's call it: dbserver I have a web server with access to my dbserver, let's call it: webserver I have a development machine that I'd like to use to access a database on dbserver, let's call it: dev dbserver has a firewall rule set to allow TCP requests from webserver to dbserver:1433 I'd like to set up a tunnel from dev:1433 to dbserver:1433, so all requests to 1433 on dev are passed along to dbserver:1433 My sshd_config on webserver has the following rules set: AllowTcpForwarding yes GatewayPorts yes This is what I've tried: ssh -v -L localhost:1433:dbserver:1433 webserver In another terminal: telnet localhost 1433 Results in: Trying ::1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. Any idea what I'm doing wrong here? Thanks in advance!

  Read the article

• Nginx rewrite with Simple Machines Forum

  - by Kevin Worthington

  I am running Nginx 1.5.6 and I use the Simple Machines Forum software. Most rewrite rules seem to work properly, with the exception of the RSS feeds. In my Nginx configuration, I have the following line which is supposed to handle URLs which contain ".xml": rewrite ^/forum/(\.xml|xmlhttp)/?$ "/forum/index.php?pretty;action=$1" last; The above rule produces the following URL for the main forum, which returns a 403 Error: http://www.mydomain.com/forum/.xml/?type=rss I would like the rewrite rule to produce this type of URL, which returns code 200 (a real page): http://www.mydomain.com/forum/?type=rss;action=.xml Here is the entire block pertaining to the forum rewrites: http://pastebin.com/raw.php?i=tZkAibW3 I would really appreciate some help to create a rewrite rule to do that. Thanks.

  Read the article

• NetBeans 7.2 MinGW installing for OpenCV

  - by Gligorijevic

  i have installed minGW on my PC according to http://netbeans.org/community/releases/72/cpp-setup-instructions.html, and i have "restored defaults" using NetBeans 7.2 who has found all necessary files. But when I made test sample C++ app i got following error: c:/mingw/bin/../lib/gcc/mingw32/4.6.2/../../../../mingw32/bin/ld.exe: cannot find -ladvapi32 c:/mingw/bin/../lib/gcc/mingw32/4.6.2/../../../../mingw32/bin/ld.exe: cannot find -lshell32 c:/mingw/bin/../lib/gcc/mingw32/4.6.2/../../../../mingw32/bin/ld.exe: cannot find -luser32 c:/mingw/bin/../lib/gcc/mingw32/4.6.2/../../../../mingw32/bin/ld.exe: cannot find -lkernel32 collect2: ld returned 1 exit status make[2]: *** [dist/Debug/MinGW-Windows/welcome_1.exe] Error 1 make[1]: *** [.build-conf] Error 2 make: *** [.build-impl] Error 2 Can anyone give me a hand with installing openCV and minGW for NetBeans? generated Makefiles file goes like this: > # CMAKE generated file: DO NOT EDIT! > # Generated by "MinGW Makefiles" Generator, CMake Version 2.8 > > # Default target executed when no arguments are given to make. default_target: all .PHONY : default_target > > #============================================================================= > # Special targets provided by cmake. > > # Disable implicit rules so canonical targets will work. .SUFFIXES: > > # Remove some rules from gmake that .SUFFIXES does not remove. SUFFIXES = > > .SUFFIXES: .hpux_make_needs_suffix_list > > # Suppress display of executed commands. $(VERBOSE).SILENT: > > # A target that is always out of date. cmake_force: .PHONY : cmake_force > > #============================================================================= > # Set environment variables for the build. > > SHELL = cmd.exe > > # The CMake executable. CMAKE_COMMAND = "C:\Program Files (x86)\cmake-2.8.9-win32-x86\bin\cmake.exe" > > # The command to remove a file. RM = "C:\Program Files (x86)\cmake-2.8.9-win32-x86\bin\cmake.exe" -E remove -f > > # Escaping for special characters. EQUALS = = > > # The program to use to edit the cache. CMAKE_EDIT_COMMAND = "C:\Program Files (x86)\cmake-2.8.9-win32-x86\bin\cmake-gui.exe" > > # The top-level source directory on which CMake was run. CMAKE_SOURCE_DIR = C:\msys\1.0\src\opencv > > # The top-level build directory on which CMake was run. CMAKE_BINARY_DIR = C:\msys\1.0\src\opencv\build\mingw > > #============================================================================= > # Targets provided globally by CMake. > > # Special rule for the target edit_cache edit_cache: @$(CMAKE_COMMAND) -E cmake_echo_color --switch=$(COLOR) --cyan > "Running CMake cache editor..." "C:\Program Files > (x86)\cmake-2.8.9-win32-x86\bin\cmake-gui.exe" -H$(CMAKE_SOURCE_DIR) > -B$(CMAKE_BINARY_DIR) .PHONY : edit_cache > > # Special rule for the target edit_cache edit_cache/fast: edit_cache .PHONY : edit_cache/fast

  Read the article

< Previous Page | 116 117 118 119 120 121 122 123 124 125 126 127  | Next Page >