Search Results

Search found 6591 results on 264 pages for 'rules engines'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 125/264 | < Previous Page | 121 122 123 124 125 126 127 128 129 130 131 132  | Next Page >

  • tcpdump output with iptables REJECT policy enabled

    - by Pablo Santa Cruz
    Hi all, Quick question. I have a firewall with these simple rules: iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 6000 -j ACCEPT iptables -A INPUT -p tcp -s 192.168.16.20/32 --dport 6000 -j ACCEPT iptables -A INPUT -p tcp --dport 6000 -j REJECT Now, suppose I am using TCPDUMP like this: tcpdump port 6000 And I have host 192.168.16.21 trying to connect to port 6000. My question is: will/should tcpdump output some packages coming from 192.168.16.21?

    Read the article

  • Configuring gmail for use on mailing lists

    - by reemrevnivek
    This is really two questions in one. First, are nettiquette guidelines still accurate in their restrictions on ASCII vs. HTML, posting style, and line length? (Here's a recent metafilter discussion of the topic.) Second, If they are not, should these guidelines be respected? If they are (or if they should still be respected), how can modern mail programs be configured to work properly with them? Most mailing list etiquette statements appear to have been written by sysadmins who loved their command lines, and refuse to change anything. Many still reference rfc1855, written in 1995. Just reading that paginated TXT should give you an idea of the climate at the time. Here's a short, fairly random list of mailing list etiquette statements with some extracted formatting guidelines: Mozilla - HTML discouraged, interleaved posting. FreeBSD - No HTML, don't top post, line length at 75 characters. Fedora - No HTML, bottom-post. You get the idea. You've all seen etiquette statements before. So, assuming that the rules should be obeyed (Usually a good idea), what can be done to allow me to still use a modern mail program, and exchange mail with friends who use the same programs? We like to format our mail. Bold headings, code snippets (sometimes syntax highlighted, if the copy-paste pulls RTF text as from XCOde and Eclipse), free line breaks determined by your browser width, and the (very) occasional image make the message easier to read. Threaded conversations are a wonderful thing. Broadband connections are, I'm sure, the rule for most of the users of SU and of developer mailing lists, disk space is cheap, and so the overhead of HTML is laughable. However, I don't want to post a question to a mailing list and have the guru who can answer my question automatically delete it, or come off as uncaring. Until I hear otherwise, I'll continue to respect the rules as best I can. For a common example of the problem, Gmail, by default, sends HTML formatted messages with bottom-posted quotes (which are folded in, just read the last message immediately above), and uses the frame width to wrap lines, rather than a character count. ASCII can be selected, and quotes can be moved and reversed, but line wraps of quotes don't work, line breaks are tedious to add (and more tedious to read, if they're super small in comparison to the width of the frame). Is there a forwarding, free mail program which can help with this exercise? Should an "RFC1855 mode" lab be written? Or do I have to go to the command line for my mailing lists, and gmail for my other mail?

    Read the article

  • Internal mail flow between two sites

    - by Eric Hazen
    I have two sites: DATACENTER HQ Exchange Roles: HQ: Mailbox Store, Client Access, Hub Transport DATACENTER: Client Access, Hub Transport Here is the basic mail flow requirements: Outgoing Email: HQ > DATACENTER > INTERNET Incoming Email: INTERNET > DATACENTER > HQ I've been banging my head on this setting up different Hub Transport rules, etc. Any suggestions?

    Read the article

  • Configure a SPF rule on Ubuntu

    - by TiuTalk
    Where I can create/insert the SPF rules to allow a external server to authenticate and send e-mails using the domain name of my server running Ubuntu? I need to insert this rule: v=spf1 ip4:111.111.111.111/29 ip4:111.111.111.111/24 a mx ~all Thanks :)

    Read the article

  • Secure openVPN using IPTABLES

    - by bob franklin smith harriet
    Hey, I setup an openVPN server and it works ok. The next step is to secure it, I opted to use IPTABLES to only allow certain connections through but so far it is not working. I want to enable access to the network behind my openVPN server, and allow other services (web access), when iptables is disabaled or set to allow all this works fine, when using my following rules it does not. also note, I already configured openVPN itself to do what i want and it works fine, its only failing when iptables is started. Any help to tell me why this isnt working will appreciated here. These are the lines that I added in accordance with openVPN's recommendations, unfortunately testing these commands shows that they are requiered, they seem incredibly insecure though, any way to get around using them? # Allow TUN interface connections to OpenVPN server -A INPUT -i tun+ -j ACCEPT #allow TUN interface connections to be forwarded through other interfaces -A FORWARD -i tun+ -j ACCEPT # Allow TAP interface connections to OpenVPN server -A INPUT -i tap+ -j ACCEPT # Allow TAP interface connections to be forwarded through other interfaces -A FORWARD -i tap+ -j ACCEPT These are the new chains and commands i added to restrict access as much as possible unfortunately with these enabled, all that happens is the openVPN connection establishes fine, and then there is no access to the rest of the network behind the openVPN server note I am configuring the main iptables file and I am paranoid so all ports and ip addresses are altered, and -N etc appears before this so ignore that they dont appear. and i added some explanations of what i 'intended' these rules to do, so you dont waste time figuring out where i went wrong : 4 #accepts the vpn over port 1192 -A INPUT -p udp -m udp --dport 1192 -j ACCEPT -A INPUT -j INPUT-FIREWALL -A OUTPUT -j ACCEPT #packets that are to be forwarded from 10.10.1.0 network (all open vpn clients) to the internal network (192.168.5.0) jump to [sic]foward-firewall chain -A FORWARD -s 10.10.1.0/24 -d 192.168.5.0/24 -j FOWARD-FIREWALL #same as above, except for a different internal network -A FORWARD -s 10.10.1.0/24 -d 10.100.5.0/24 -j FOWARD-FIREWALL # reject any not from either of those two ranges -A FORWARD -j REJECT -A INPUT-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT-FIREWALL -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT-FIREWALL -j REJECT -A FOWARD-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT #80 443 and 53 are accepted -A FOWARD-FIREWALL -m tcp -p tcp --dport 80 -j ACCEPT -A FOWARD-FIREWALL -m tcp -p tcp --dport 443 -j ACCEPT #192.168.5.150 = openVPN sever -A FOWARD-FIREWALL -m tcp -p tcp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -m udp -p udp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -j REJECT COMMIT now I wait :D

    Read the article

  • SIP server ("gateway") for joining accounts

    - by Tomas Srna
    Hello, I have a phone supporting 2 accounts, but I need 4 accounts. Is it possible to install some sort of SIP server/gateway/proxy (on a linux server), that would register those 4 accounts and I would be able to connect to it as if it was 1 account? (With dialing rules, etc.) 3 of the accounts have incoming numbers. Thanks. Tomas.

    Read the article

  • How long does a blocked connection from Iptables last? Is there a way to set the timeout?

    - by Josh
    iptables -A INPUT -m state --state NEW -m recent --set # If we receive more than 10 connections in 10 seconds block our friend. iptables -A INPUT -m state --state NEW -m recent --update --seconds 5 --hitcount 15 -j Log-N-Drop I have these two relevant rules from iptables. if more than 15 connections are made in 5 seconds it logs the attempt and blocks it. How long does iptables maintain the counter? Does it refresh if connections are attempted again?

    Read the article

  • Need Varnish configuration advice

    - by Patrick
    Hello fellows, I need some advice here for default.vcl. Here's the rules: Only cache pages with urls that contains '/c/', the rest will pass Set the cache expiry to 3 hours Only cache and serve from cache if cookie 'abc' and cookie 'xyz' is empty Thank you!

    Read the article

  • Open ports in Windows 7, firewall, public network, port 445

    - by chris
    I selected "public network" in Windows 7. Windows is listening on TCP port 445: TCP 0.0.0.0:445 WIN7TEST:0 ABHÖREN The corresponding incoming firewall rule isn't activated (4th column): When I choose "workplace network" the SMB incoming port 445 rule is still disabled in the advanced windows firewall configuration. I thought "public network" / "workplace network" and so on is influencing the windows firewall rules!? Where's the difference between workplace and public network then? http://www.abload.de/image.php?img=winfire2nxku0.png

    Read the article

  • Resolving File Permissions ERROR when moving files from one user to another

    - by Sayan
    I am creating a tarball from a bunch of files in one machine under my $USER - I have set execute permissions to all the files, but when I copy it over to another user in a different machine, there is an 'access permission denied error' when that user tries to access some of the files. I do not have root/sudo privileges. How would I resolve that? What are the rules to create universally distributable tarballs? Thanks.

    Read the article

  • Assignment to LAN queues (qWAN1 & qWAN2) from dual-WAN in pfSense

    - by Kurian
    I need help creating floating rules in pfSense for the following: I have two upper limited download queues qWAN1 and qWAN2 on my LAN interface. Each has its own qACK1, qDefault1 etc. How do I assign all unclassified traffic from WAN1 to LAN->qWAN1->qDefault1 and from WAN2 to LAN->qWAN2->qDefault2. qLink is the one and only default queue on LAN so that I get wire speed to the pfSense host from the LAN.

    Read the article

  • Including existing ISA server into domain

    - by user23419
    Is there any problem or pitfall including ISA server into domain after ISA was installed and configured and worked for a while? All the rules at the moment are based upon IP addresses, All Users. Addendum 1 ISA is an edge firewall, so it is connected to one Internal network (this is where domain is) and to the Internet provider (External Network). Addendum 2 I'm absolutely sure ISA should be a member of the domain.

    Read the article

  • Set HTTP condition for redirect rule

    - by Török Gábor
    A have a redirect rule in my .htaccess that forwards agent from A.html to B.html using the following pattern: Redirect 301 /A.html http://mysite.com/B.html Since the Redirect directive requires to set the target host, is it possible to let this rule prevail only on a specific host? I have both a test and deploy domain, and only want it on the deploy domain. I can set HTTP conditions for Rewrite rules, but how can I for HTTP Redirects?

    Read the article

  • Can't connect to EC2 instance in VPC (Amazon AWS)

    - by Ryan Lynch
    I've taken the following steps: Created a VPC (with a single public subnet) Added an EC2 instance to the VPC Allocated an elastic IP Associated the elastic IP with the instance Created a security group and assigned it to the instance Modified the security rules to allow inbound ICMP echo and TCP on port 22 I've done all this and I still can't ping or ssh into the instance. If I follow the same steps minus the VPC bits I am able to set this up without issue. What step am I missing?

    Read the article

  • Web Farm Framework - Adding servers are offline

    - by Johan Wikström
    My problem is that im trying to setup a server farm but the nodes all come up as offline. I dont get a connection error saying that the servername is wrong, but get "offline" after it "test connection" I have: - Setup firewalls rules to allow Remote and file share on Domain and private network - Installed WWF 2.0 on both servers - Account that im using is a domain account that is Administrator on both machines. www01 is the same server as the controller below, but same results if i try www02 as primary. Any ideas?

    Read the article

  • When does /tmp get cleared?

    - by John Lawrence Aspden
    I'm taking to putting various files in /tmp, and I wondered what the rules on deleting them are? I'm imagining it's different for different distributions, and I'm particularly interested in Ubuntu and Fedora desktop versions. But a nice general way of finding out would be a great thing. Even better would be a nice general way of controlling it! (Something like 'every day at 3 in the morning, delete any /tmp files older than 60 days, but don't clear the directory on reboot')

    Read the article

  • iptables management tools for large scale environment

    - by womble
    The environment I'm operating in is a large-scale web hosting operation (several hundred servers under management, almost-all-public addressing, etc -- so anything that talks about managing ADSL links is unlikely to work well), and we're looking for something that will be comfortable managing both the core ruleset (around 12,000 entries in iptables at current count) plus the host-based rulesets we manage for customers. Our core router ruleset changes a few times a day, and the host-based rulesets would change maybe 50 times a month (across all the servers, so maybe one change per five servers per month). We're currently using filtergen (which is balls in general, and super-balls at our scale of operation), and I've used shorewall in the past at other jobs (which would be preferable to filtergen, but I figure there's got to be something out there that's better than that). The "musts" we've come up with for any replacement system are: Must generate a ruleset fairly quickly (a filtergen run on our ruleset takes 15-20 minutes; this is just insane) -- this is related to the next point: Must generate an iptables-restore style file and load that in one hit, not call iptables for every rule insert Must not take down the firewall for an extended period while the ruleset reloads (again, this is a consequence of the above point) Must support IPv6 (we aren't deploying anything new that isn't IPv6 compatible) Must be DFSG-free Must use plain-text configuration files (as we run everything through revision control, and using standard Unix text-manipulation tools are our SOP) Must support both RedHat and Debian (packaged preferred, but at the very least mustn't be overtly hostile to either distro's standards) Must support the ability to run arbitrary iptables commands to support features that aren't part of the system's "native language" Anything that doesn't meet all these criteria will not be considered. The following are our "nice to haves": Should support config file "fragments" (that is, you can drop a pile of files in a directory and say to the firewall "include everything in this directory in the ruleset"; we use configuration management extensively and would like to use this feature to provide service-specific rules automatically) Should support raw tables Should allow you to specify particular ICMP in both incoming packets and REJECT rules Should gracefully support hostnames that resolve to more than one IP address (we've been caught by this one a few times with filtergen; it's a rather royal pain in the butt) The more optional/weird iptables features that the tool supports (either natively or via existing or easily-writable plugins) the better. We use strange features of iptables now and then, and the more of those that "just work", the better for everyone.

    Read the article

  • Getting Outlook notification on more than just Inbox messages

    - by blackwing
    Outlook can notify the user every time a new email is received in the Inbox folder. (On Mac it also shows the # of unread messages in the Inbox). I have some server rules setup which makes certain emails go straight to a custom folder. I was wondering if there is an easy way to make Outlook do this before new messages in All folders or better yet, some customizable set of folders. I am using Outlook 2011 on Mac.

    Read the article

  • How can I password prompt certain IPs and allow all others free access using Apache?

    - by Moak
    SOLVED: The idea is that if the visitor comes from China they have to pass a basic authentication. If you have any other IP address you can visit the site without being hassled (including proxies) //1400 rules.... SetEnvIf Remote_Addr 222.249.128.0/19 china SetEnvIf Remote_Addr 222.249.160.0/20 china SetEnvIf Remote_Addr 222.249.176.0/20 china AuthType Basic AuthName "Restricted" AuthUserFile /www/passwd/users Require valid-user Order allow,deny Allow from All Deny from env=china Satisfy any

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 121 122 123 124 125 126 127 128 129 130 131 132  | Next Page >