Search Results

Search found 576 results on 24 pages for 'symlink traversal'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 13/24 | < Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >

  • Mysql my.cnf as simbolic link in Ubuntu 12.04

    - by Juan Cruz
    I am not able to use symlink for my.cnf file (Ubuntu 12.04 server). I added the alias to /etc/apparmor.d/tunables/alias file (as I did for 10.04 and worked) but I get: May 30 16:00:01 ip-10-242-209-203 kernel: [176926.213403] type=1400 audit(1338393601.350:244): apparmor="DENIED" operation="open" parent=1 profile="/usr/sbin/mysqld" name="/opt/data/my.cnf" pid=18128 comm="mysqld" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 May 30 16:00:01 ip-10-242-209-203 kernel: [176926.222016] init: mysql main process (18128) terminated with status 1 May 30 16:00:01 ip-10-242-209-203 kernel: [176926.222084] init: mysql respawning too fast, stopped As a workaround I added the following line /etc/mysql/my.cnf r, to the /etc/apparmor.d/local/usr.sbin.mysqld file. The default configuration is /etc/mysql/*.cnf r, Is this a bug? is an apparmor bug or a mysql bug? It seems that that configuration has changed since MySql 5.1 (https://bugs.launchpad.net/ubuntu/+source/mysql-5.1/+bug/619172) but now worked for me. Thanks!

    Read the article

  • Not able to see databases in symlinked folder

    - by Josh Smith
    I created a folder on my Dropbox and then symlinked it to both of my computers that I use for development. The folder is working correctly and I can see all the files in it from both computers. The problem arises when I try and access the databases from my MacBook Air. When I open up MAMP Pro and start the web service I can't connect to my development sites, at least from one of my computers. My questions are: Is this even a good idea to symlink the db folder for MAMP? If it is not then is the a smart way to develop locally on two machines? Can I prompt phpMyAdmin to reindex the db folder so it can start accessing the databases? I have tried shutting down both versions of the server software. I have restarted both machines. I am at a loss right now. -Josh

    Read the article

  • Wine can't find gnome-keyring-pkcs11.so

    - by Jackie
    I am trying to start a program using wine on ubuntu lts 12.04 64 bit When I do this I get the following error message... /usr/lib/i386-linux-gnu/pkcs11/gnome-keyring-pkcs11.so: /usr/lib/i386-linux-gnu/pkcs11/gnome-keyring-pkcs11.so: cannot open shared object file: No such file or directory When I try to symlink the 64 bit libraries, of course I get the following... jackie@jackie-Latitude-E6410:~/tmp/AC$ wine TTG.exe p11-kit: couldn't load module: /usr/lib/i386-linux-gnu/pkcs11/gnome-keyring-pkcs11.so: /usr/lib/i386-linux-gnu/pkcs11/gnome-keyring-pkcs11.so: wrong ELF class: ELFCLASS64 wine: Unhandled page fault on read access to 0x00000000 at address (nil) (thread 0009), starting debugger... err:seh:raise_exception Unhandled exception code c0000005 flags 0 addr 0x7bc47aac Is there a package that installs the 32-bit as well as the 64bit? UPDATE: Appears to be a bug in Ubuntu w/ 1.4 https://launchpad.net/~ubuntu-wine/+archive/ppa I used these steps and my application worked http://www.noobslab.com/2012/04/install-wine-152-on-ubuntu.html Not sure exactly why but it appears to ignore the error if you use the 1.5.

    Read the article

  • Chainload boot of Ubuntu installed on 32GB SD card from legacy Grub boot on USB

    - by Gary Darsey
    I have Ubuntu installed on a 32 GB SD card (in the Storage Expansion slot on an Acer Aspire One) with Grub2 installed in the same partition. I boot into legacy Grub on a USB drive and would like to boot by chainloading Grub2 from Grub (kernel/initrd or symlink booting would also be fine), but I haven't figured out how to do this from legacy Grub CLI. Output from blkid for this partition is /dev/mmcblk0p1: LABEL="Ubuntu" UUID="7ceb9fa7-238c-4c5d-bb8e-2c655652ddec" TYPE='ext4" / fdisk -lu information Boot indicator ID 83. Related entries in grub.cfg: search --no-floppy --fs-uuid --set-root 7ceb9fa7-238c-4c5d-bb8e-2c655652ddec linux /boot/vmlinuz-3.5.0-17-generic root=UUID=7ceb9fa7-238c-4c5d-bb8e-2c655652ddec... initrd /boot/initrd.img-3.5.0-17-generic I can't seem to replicate this in legacy Grub. Is there any way get Grub2 to chainload? How do I set root with UUID in legacy Grub? I prefer to boot from USB. Would Grub2 on USB (copying the grub.cfg generated during installation) be an option?

    Read the article

  • PHPPgAdmin not working in Ubuntu 14.04

    - by Adam
    After a fresh install of Ubuntu 14.04, I've installed postgresql and phppgadmin from the Ubuntu repos. I am using the Apache2 webserver. PHP is working fine in the webserver, as is PHPMyAdmin, but PHPPgAdmin is not working. When I try to access it at localhost/phppgadmin, I get a 404 message. I've tried creating a symlink in /var/www to the phppgadmin content, but that doesn't seem to work. How do I fix this? EDIT: note that I am using a local proxy server (squid) through which I funnel all my online traffic. While this may be part of the problem, I would be surprised if it was, because I am still on the same machine as phppgadmin and the requests logged in the apache access log indicate that incoming requests for the page are coming from the local machine (which is allowed in the policies for phppgadmin, if I understand things correctly).

    Read the article

  • Add autorandr before kdm starts

    - by Serge Tarkovski
    I want to add autorandr before kdm starts. Autorandr works well within KDE, however, in kdm I still have ugly 1024x768 resolution when my external monitor is connected. I tried adding autorandr --change to /etc/kde4/kdm/Xsetup: #! /bin/sh # Xsetup - run as root before the login dialog appears #xconsole -geometry 480x130-0-0 -notify -verbose -fn fixed -exitOnFail -file /dev/xconsole & /sbin/initctl -q emit login-session-start DISPLAY_MANAGER=kdm /usr/local/bin/autorandr --change >> /tmp/autorandr echo "Xsetup finished" >> /tmp/xsetup-finished A debug message in /tmp/xsetup-finished appears correctly. /tmp/autorandr is empty (so it seems autorandr runs without errors). I also tried to move autorandr --change line before /sbin/initctl -q emit login-session-start DISPLAY_MANAGER=kdm with no effect. P.S. Of course, autorandr profiles I created under KDE session, are in my home folder, but Xsetup script runs under root, so I created a symlink from my ~/.autorandr to /root/.autorandr.

    Read the article

  • bash profile works for user but not sudo

    - by user564448
    I've modified my .profile to include a folder if a flash drive is plugged in. When running the command as the user it works fine but tells me the scrip must be run by sudo (this is what i want). However, when i try to run it with sudo i get "command not found" I have a symlink (flash) in my /var/www folder pointing to my /media/flash drive. (nevermind this setup since is just for dev) this is my user's .profile : # set PATH so it includes flash scripts if [ -d "/var/www/flash/scripts" ] ; then PATH="/var/www/flash/scripts:$PATH" fi when trying to run as sudo i get: sudo: script: command not found any ideas?

    Read the article

  • Installing Solaris Studio 12.2 on Ubuntu 10.04

    - by KronoS
    I'm having a dickens of a time installing Solaris Studio 12.2 on Ubuntu 10.04. I found this guide, however using the alien option isn't finding the correct files. I'm not exactly sure on the syntax of alien, its kinda alien to me. (sorry for the bad pun) Also, when I download the tar file, and extract it, there are errors everytime saying things like: "operation not permitted" cannot creat symlink to '../prod/bin/cc': Operation not permitted I've extracted with super user access, but to no avail. Any success from anyone else?

    Read the article

  • Java Plugin - Firefox

    - by Tomassino
    Having trouble getting Java to work with Firefox (22), I have followed the advice in this question and on the official Java site, but nothing seems to work. I have the latest Java (1.7.0_25) in /opt/java and have set a symlink in /usr/libs/mozilla/plugins for the libnpjp2.so file. I can see the file in the terminal and Java runs fine. However Firefox shows nothing in about:plugins. I have also run export JAVA_HOME="/opt/java/jre1.7.0_05/bin/java" to be on the safe side. I know there are multiple plugin directories such as /usr/lib/firefox/plugins and /usr/lib/firefox-addons/plugins, but all my current plugins show they are located in /usr/lib/mozilla/plugins when viewing the about:plugins page. A bit stuck on where to go next?

    Read the article

  • Making file in user's homedir accessible from web/webserver

    - by evident
    Hi everybody, I have a txt-file one of my user's homedir which is regularly updated there by a script. I now want to be able to access (read) this file from the web. /home/user/folder/file.txt So what I tried now is to log in as root, go into my webservers httpdocs folder /var/www/path/to/domain/httpdocs and there I tried to create a symbolic link with ln -s /home/user/foler/file.txt /var/www/path/to/domain/httpdocs/file.txt But this didn't work... I already tried changing the chmod of the symlink (which changes the ones from the original file of course) and also a chown to the user from webserver, but no matter what I tried I cannot open the file from the web or from a php-script (which is what I want to do) Can anybody help me and tell me what I need to do? What rights do I need to give? Or is there another way of achieving this?

    Read the article

  • Offline apt-get update to age of cache

    - by James Haigh
    I have a script to quickly upgrade a Live or fresh system from cached files on a flash drive. In essence, it looks like this: # *Code to remove and symlink /var/cache/apt/ if currently empty of packages.* sudo apt-get dist-upgrade # Quick offline cached upgrade; not limited by slow WANs. echo $'\nMake sure Internet is reachable and press enter for complete online upgrade.'; read sudo apt-get update sudo apt-get dist-upgrade # Complete online upgrade. The problem is that the ‘cached upgrade’ seems to ignore the cached pkgcache.bin and srcpkgcache.bin which is where I assume apt-get update stores its changes, so the upgrade completes as if the system is up-to-date. Useless. So in that case, I need some code to apt-get update to the age of the package cache on my flash drive. This code would be placed between the 1st and 2nd lines of the code above.

    Read the article

  • udev rule group ownership not working

    - by Tirithen
    I have added a udev rule for my Arduino, but the symlink gets the ownership "root root" instead of "root dialout". $ cat /etc/udev/rules.d/47-Arduino.rules SUBSYSTEM=="usb", ATTR{idVendor}=="2341", ATTR{idProduct}=="0001", MODE="0666", SYMLINK+="arduino", GROUP="dialout" $ ls -la /dev/ar* lrwxrwxrwx 1 root root 15 sep 8 11:02 /dev/arduino -> bus/usb/003/007 $ ls -la /dev/bus/usb/003/007 crw-rw-r-- 1 root dialout 189, 262 sep 8 11:12 /dev/bus/usb/003/007 My user is a member of the group "dialout" but I still get permission denied error when I'm trying to communicate with the device. There are no problems when I'm using the "default" device "/etc/ttyACM3". $ ls -la /dev/ttyACM3 crw-rw---- 1 root dialout 166, 3 sep 8 11:12 /dev/ttyACM3 I have tried to restart both the udev service and reboot my computer. How can I fix this?

    Read the article

  • udev rule gives wrong group ownership

    - by Tirithen
    I have added a udev rule for my Arduino, but the symlink gets the ownership "root root" instead of "root dialout". $ cat /etc/udev/rules.d/47-Arduino.rules SUBSYSTEM=="usb", ATTR{idVendor}=="2341", ATTR{idProduct}=="0001", MODE="0666", SYMLINK+="arduino", GROUP="dialout" $ ls -la /dev/ar* lrwxrwxrwx 1 root root 15 sep 8 11:02 /dev/arduino -> bus/usb/003/007 $ ls -la /dev/bus/usb/003/007 crw-rw-r-- 1 root dialout 189, 262 sep 8 11:12 /dev/bus/usb/003/007 My user is a member of the group "dialout" but I still get "Permission Denied" error when I'm trying to communicate with the device. There are also no problems when I'm using the "default" device "/etc/ttyACM3". $ ls -la /dev/ttyACM3 crw-rw---- 1 root dialout 166, 3 sep 8 11:12 /dev/ttyACM3 I have tried to restart both the udev service and reboot my computer. How can I fix this?

    Read the article

  • HIB Games (Aquaria & Penumbra) cannot find libGL.so.1 even though it exists

    - by aberration
    I'm try to play some Humble Indie Bundle (HIB) games, but I'm getting errors with Aquaria and Penumbra: Overture that are related to the libGL.so.1 file. Aquaria gives this error on launch: Message: SDL_GL_LoadLibrary Error: Failed loading libGL.so.1 And Penumbra: Overture gives this error on launch: ./penumbra.bin: error while loading shared libraries: libGL.so.1: cannot open shared object file: No such file or directory I know that the file libGL.so.1 does exist (in /usr/lib/x86_64-linux-gnu/mesa/libGL.so.1). From past errors like this, I'm guessing that you need to symlink the library to another directory, but I can't figure out which one.

    Read the article

  • Installing Solaris Studio 12.2?

    - by KronoS
    I'm having a dickens of a time installing Solaris Studio 12.2 on Ubuntu 10.04. I found this guide, however using the alien option isn't finding the correct files. I'm not exactly sure on the syntax of alien, its kinda alien to me. (sorry for the bad pun) Also, when I download the tar file, and extract it, there are errors everytime saying things like: "operation not permitted" cannot creat symlink to '../prod/bin/cc': Operation not permitted I've extracted with super user access, but to no avail. Any success from anyone else?

    Read the article

  • Site-to-site VPN using MD5 instead of SHA and getting regular disconnection

    - by Steven
    We are experiencing some strange behavior with a site-to-site IPsec VPN that goes down about every week for 30 minutes (Iam told 30 minutes exactly). I don't have access to the logs, so it's difficult to troubleshoot. What is also strange is that the two VPN devices are set to use SHA hash algorithm but apparently end up agreeing to use MD5. Does anybody have a clue? or is this just insufficient information? Edit: Here is an extract of the log of one of the two VPN devices, which is a Cisco 3000 series VPN concentrator. 27981 03/08/2010 10:02:16.290 SEV=4 IKE/41 RPT=16120 xxxxxxxx IKE Initiator: New Phase 1, Intf 2, IKE Peer xxxxxxxx local Proxy Address xxxxxxxx, remote Proxy Address xxxxxxxx, SA (L2L: 1A) 27983 03/08/2010 10:02:56.930 SEV=4 IKE/41 RPT=16121 xxxxxxxx IKE Initiator: New Phase 1, Intf 2, IKE Peer xxxxxxxx local Proxy Address xxxxxxxx, remote Proxy Address xxxxxxxx, SA (L2L: 1A) 27986 03/08/2010 10:03:35.370 SEV=4 IKE/41 RPT=16122 xxxxxxxx IKE Initiator: New Phase 1, Intf 2, IKE Peer xxxxxxxx local Proxy Address xxxxxxxx, remote Proxy Address xxxxxxxx, SA (L2L: 1A) [… same continues for another 15 minutes …] 28093 03/08/2010 10:19:46.710 SEV=4 IKE/41 RPT=16140 xxxxxxxx IKE Initiator: New Phase 1, Intf 2, IKE Peer xxxxxxxx local Proxy Address xxxxxxxx, remote Proxy Address xxxxxxxx, SA (L2L: 1A) 28096 03/08/2010 10:20:17.720 SEV=5 IKE/172 RPT=1291 xxxxxxxx Group [xxxxxxxx] Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end IS behind a NAT device 28100 03/08/2010 10:20:17.820 SEV=3 IKE/134 RPT=79 xxxxxxxx Group [xxxxxxxx] Mismatch: Configured LAN-to-LAN proposal differs from negotiated proposal. Verify local and remote LAN-to-LAN connection lists. 28103 03/08/2010 10:20:17.820 SEV=4 IKE/119 RPT=1197 xxxxxxxx Group [xxxxxxxx] PHASE 1 COMPLETED 28104 03/08/2010 10:20:17.820 SEV=4 AUTH/22 RPT=1031 xxxxxxxx User [xxxxxxxx] Group [xxxxxxxx] connected, Session Type: IPSec/LAN- to-LAN 28106 03/08/2010 10:20:17.820 SEV=4 AUTH/84 RPT=39 LAN-to-LAN tunnel to headend device xxxxxxxx connected 28110 03/08/2010 10:20:17.920 SEV=5 IKE/25 RPT=1291 xxxxxxxx Group [xxxxxxxx] Received remote Proxy Host data in ID Payload: Address xxxxxxxx, Protocol 0, Port 0 28113 03/08/2010 10:20:17.920 SEV=5 IKE/24 RPT=88 xxxxxxxx Group [xxxxxxxx] Received local Proxy Host data in ID Payload: Address xxxxxxxx, Protocol 0, Port 0 28116 03/08/2010 10:20:17.920 SEV=5 IKE/66 RPT=1290 xxxxxxxx Group [xxxxxxxx] IKE Remote Peer configured for SA: L2L: 1A 28117 03/08/2010 10:20:17.930 SEV=5 IKE/25 RPT=1292 xxxxxxxx Group [xxxxxxxx] Received remote Proxy Host data in ID Payload: Address xxxxxxxx, Protocol 0, Port 0 28120 03/08/2010 10:20:17.930 SEV=5 IKE/24 RPT=89 xxxxxxxx Group [xxxxxxxx] Received local Proxy Host data in ID Payload: Address xxxxxxxx, Protocol 0, Port 0 28123 03/08/2010 10:20:17.930 SEV=5 IKE/66 RPT=1291 xxxxxxxx Group [xxxxxxxx] IKE Remote Peer configured for SA: L2L: 1A 28124 03/08/2010 10:20:18.070 SEV=4 IKE/173 RPT=17330 xxxxxxxx Group [xxxxxxxx] NAT-Traversal successfully negotiated! IPSec traffic will be encapsulated to pass through NAT devices. 28127 03/08/2010 10:20:18.070 SEV=4 IKE/49 RPT=17332 xxxxxxxx Group [xxxxxxxx] Security negotiation complete for LAN-to-LAN Group (xxxxxxxx) Responder, Inbound SPI = 0x56a4fe5c, Outbound SPI = 0xcdfc3892 28130 03/08/2010 10:20:18.070 SEV=4 IKE/120 RPT=17332 xxxxxxxx Group [xxxxxxxx] PHASE 2 COMPLETED (msgid=37b3b298) 28131 03/08/2010 10:20:18.750 SEV=4 IKE/41 RPT=16141 xxxxxxxx Group [xxxxxxxx] IKE Initiator: New Phase 2, Intf 2, IKE Peer xxxxxxxx local Proxy Address xxxxxxxx, remote Proxy Address xxxxxxxx, SA (L2L: 1A) 28135 03/08/2010 10:20:18.870 SEV=4 IKE/173 RPT=17331 xxxxxxxx Group [xxxxxxxx] NAT-Traversal successfully negotiated! IPSec traffic will be encapsulated to pass through NAT devices.

    Read the article

  • how to make python load dylib on osx

    - by navicore
    Hi, Trying to load a shared lib out of the current '.' dir in a unit test on osx. What works on Linux and Netbsd there is a symlink _mymodule.so --> ../.libs/libmymodule.so but on osx, python's import mymodule won't find _mymodule.dylib --> ../.libs/libmymodule.dylib I've tried adding export DYLD_LIBRARY_PATH=.:$DYLD_LIBRARY_PATH to the script env, nogo. Any help appreciated. -Ed

    Read the article

  • Unable to compile output of lex

    - by dbarker
    When I attempt to compile the output of this trivial lex program: # lex.l integer printf("found keyword INT"); using: $ gcc lex.yy.c I get: Undefined symbols: "_yywrap", referenced from: _yylex in ccMsRtp7.o _input in ccMsRtp7.o "_main", referenced from: start in crt1.10.6.o ld: symbol(s) not found collect2: ld returned 1 exit status lex --version tells me I'm actually using 'flex 2.5.35' although ls -fla `which lex` isn't a symlink. Any ideas why the output won't compile?

    Read the article

  • PIL's Image.show() brings up *two* different viewers

    - by DarenW
    When toying with images in the python shell, I use image.show(), where image is an instance of Image. Long ago nothing happened, but after defining a symlink to mirage named "xv", I was happy. The last few days, show() will bring up both ImageMagick's display and also Mirage. It's not clear where show() gets information on what to run. Documentation wasn't helpful. How to make it behave and bring up only what it thinks is xv?

    Read the article

  • How to connect Nitrogen with Couchdb using Ecouch

    - by maryjanne
    I don't understand how to make a connection with nitrogen and couchdb using ecouch, because I have a error on this connection CAUGHT ERROR: error-undef [{ecouch,db_info,["test_suite_db"]} I put ecouch in my erlang library path and I create a symlink to support/include.mk (even I don't know if it has necessary). Or if anyone know a database how can connect with nitrogen and who to make this connection.

    Read the article

  • Makefiles, symlinked folder & relative paths

    - by l.thee.a
    Let say I have the following folders: /A/C /D/B/E /D/B/C (this is a symlink to /A/C created by ln -s) When one of the makefiles tries to use the path /D/B/C/../E it gets a "no file or directory" error. I understand why this happens; /A/E does not exist. However I have to use symlinks to populate the B folder and create the build tree (very long story). Any ideas?

    Read the article

  • Security question pertaining web application deployment

    - by orokusaki
    I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

    Read the article

  • Change Directory Browsing Page in IIS 7.5

    - by Gabriel Ryan Nahmias
    NOTE: This post is tagged ASP Classic but really that's just one of the languages in which I could write it. I really need assistance with configuring IIS (7.5). I have found many scripts and ideas to effect this but I require that it's not be a "drop-in" replacement, as in it must work globally for any possibly directory from one codebase. Here are several links related to this goal: http://mvolo.com/get-nice-looking-directory-listings-for-your-iis-website-with-directorylistingmodule: Best example of what I want and the one with which I can't seem to follow through. http://www.daleanderson.ca/edb/: This is an example of a "drop-in" replacement (at least it's oriented for that purpose). It still has viable code that could be useful to serve as the main file that processes directory traversal.

    Read the article

  • gcc sandboxing tool - AppArmor / CHROOT jail on Ubuntu 12.04

    - by StuR
    We have a Node application as the front end to a C++ sandboxing tool, which compiles code using gcc and outputs the result to the browser. e.g. exec("gcc -o /tmp/test /tmp/test.cpp", function (error, stdout, stderr) { if(!stderr) { execFile('/tmp/test', function(error, stdout, stderr) {}); } }); This works fine. However, as you can imagine this is a security nightmare if it were to be made public - so I was thinking of two options to protect my stack: 1) A CHROOT jail - but this in itself wouldn't be enough to prevent directory traversal / file access. 2) AppArmor ? So my question is really, how could I protect my stack from any nasties that could come from: A) Compiling unknown code using gcc B) Executing the compiled code

    Read the article

  • Problem with setup VPN in Ubuntu Server 12.04

    - by Yozone W.
    I have a problem with setup VPN server on my Ubuntu VPS, here is my server environments: Ubuntu Server 12.04 x86_64 xl2tpd 1.3.1+dfsg-1 pppd 2.4.5-5ubuntu1 openswan 1:2.6.38-1~precise1 After install software and configuration: ipsec verify Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.38/K3.2.0-24-virtual (netkey) Checking for IPsec support in kernel [OK] SAref kernel support [N/A] NETKEY: Testing XFRM related proc values [OK] [OK] [OK] Checking that pluto is running [OK] Pluto listening for IKE on udp 500 [OK] Pluto listening for NAT-T on udp 4500 [OK] Checking for 'ip' command [OK] Checking /bin/sh is not /bin/dash [WARNING] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] /var/log/auth.log message: Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [RFC 3947] method set to=115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike] meth=114, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-08] meth=113, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-07] meth=112, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-06] meth=111, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-05] meth=110, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-04] meth=109, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-03] meth=108, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 115 Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: ignoring Vendor ID payload [FRAGMENTATION 80000000] Oct 16 06:50:54 vpn pluto[3963]: packet from [My IP Address]:2251: received Vendor ID payload [Dead Peer Detection] Oct 16 06:50:54 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: responding to Main Mode from unknown peer [My IP Address] Oct 16 06:50:54 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: transition from state STATE_MAIN_R0 to state STATE_MAIN_R1 Oct 16 06:50:54 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: STATE_MAIN_R1: sent MR1, expecting MI2 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): peer is NATed Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: transition from state STATE_MAIN_R1 to state STATE_MAIN_R2 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: STATE_MAIN_R2: sent MR2, expecting MI3 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: ignoring informational payload, type IPSEC_INITIAL_CONTACT msgid=00000000 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: Main mode peer ID is ID_IPV4_ADDR: '192.168.12.52' Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[5] [My IP Address] #5: switched from "L2TP-PSK-NAT" to "L2TP-PSK-NAT" Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: deleting connection "L2TP-PSK-NAT" instance with peer [My IP Address] {isakmp=#0/ipsec=#0} Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: new NAT mapping for #5, was [My IP Address]:2251, now [My IP Address]:2847 Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_256 prf=oakley_sha group=modp1024} Oct 16 06:50:55 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: Dead Peer Detection (RFC 3706): enabled Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: the peer proposed: [My Server IP Address]/32:17/1701 -> 192.168.12.52/32:17/0 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: NAT-Traversal: received 2 NAT-OA. using first, ignoring others Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: responding to Quick Mode proposal {msgid:8579b1fb} Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: us: [My Server IP Address]<[My Server IP Address]>:17/1701 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: them: [My IP Address][192.168.12.52]:17/65280===192.168.12.52/32 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: Dead Peer Detection (RFC 3706): enabled Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 Oct 16 06:50:56 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #6: STATE_QUICK_R2: IPsec SA established transport mode {ESP=>0x08bda158 <0x4920a374 xfrm=AES_256-HMAC_SHA1 NATOA=192.168.12.52 NATD=[My IP Address]:2847 DPD=enabled} Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: received Delete SA(0x08bda158) payload: deleting IPSEC State #6 Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: ERROR: netlink XFRM_MSG_DELPOLICY response for flow eroute_connection delete included errno 2: No such file or directory Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: received and ignored informational message Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address] #5: received Delete SA payload: deleting ISAKMP State #5 Oct 16 06:51:16 vpn pluto[3963]: "L2TP-PSK-NAT"[6] [My IP Address]: deleting connection "L2TP-PSK-NAT" instance with peer [My IP Address] {isakmp=#0/ipsec=#0} Oct 16 06:51:16 vpn pluto[3963]: packet from [My IP Address]:2847: received and ignored informational message xl2tpd -D message: xl2tpd[4289]: Enabling IPsec SAref processing for L2TP transport mode SAs xl2tpd[4289]: IPsec SAref does not work with L2TP kernel mode yet, enabling forceuserspace=yes xl2tpd[4289]: setsockopt recvref[30]: Protocol not available xl2tpd[4289]: This binary does not support kernel L2TP. xl2tpd[4289]: xl2tpd version xl2tpd-1.3.1 started on vpn.netools.me PID:4289 xl2tpd[4289]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. xl2tpd[4289]: Forked by Scott Balmos and David Stipp, (C) 2001 xl2tpd[4289]: Inherited by Jeff McAdams, (C) 2002 xl2tpd[4289]: Forked again by Xelerance (www.xelerance.com) (C) 2006 xl2tpd[4289]: Listening on IP address [My Server IP Address], port 1701 Then it just stopped here, and have no any response. I can't connect VPN on my mac client, the /var/log/system.log message: Oct 16 15:17:36 azone-iMac.local configd[17]: SCNC: start, triggered by SystemUIServer, type L2TP, status 0 Oct 16 15:17:36 azone-iMac.local pppd[3799]: pppd 2.4.2 (Apple version 596.13) started by azone, uid 501 Oct 16 15:17:38 azone-iMac.local pppd[3799]: L2TP connecting to server 'vpn.netools.me' ([My Server IP Address])... Oct 16 15:17:38 azone-iMac.local pppd[3799]: IPSec connection started Oct 16 15:17:38 azone-iMac.local racoon[359]: Connecting. Oct 16 15:17:38 azone-iMac.local racoon[359]: IPSec Phase1 started (Initiated by me). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Main-Mode message 1). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: receive success. (Initiator, Main-Mode message 2). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Main-Mode message 3). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: receive success. (Initiator, Main-Mode message 4). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Main-Mode message 5). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKEv1 Phase1 AUTH: success. (Initiator, Main-Mode Message 6). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKE Packet: receive success. (Initiator, Main-Mode message 6). Oct 16 15:17:38 azone-iMac.local racoon[359]: IKEv1 Phase1 Initiator: success. (Initiator, Main-Mode). Oct 16 15:17:38 azone-iMac.local racoon[359]: IPSec Phase1 established (Initiated by me). Oct 16 15:17:39 azone-iMac.local racoon[359]: IPSec Phase2 started (Initiated by me). Oct 16 15:17:39 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1). Oct 16 15:17:39 azone-iMac.local racoon[359]: IKE Packet: receive success. (Initiator, Quick-Mode message 2). Oct 16 15:17:39 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3). Oct 16 15:17:39 azone-iMac.local racoon[359]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode). Oct 16 15:17:39 azone-iMac.local racoon[359]: IPSec Phase2 established (Initiated by me). Oct 16 15:17:39 azone-iMac.local pppd[3799]: IPSec connection established Oct 16 15:17:59 azone-iMac.local pppd[3799]: L2TP cannot connect to the server Oct 16 15:17:59 azone-iMac.local racoon[359]: IPSec disconnecting from server [My Server IP Address] Oct 16 15:17:59 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Information message). Oct 16 15:17:59 azone-iMac.local racoon[359]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA). Oct 16 15:17:59 azone-iMac.local racoon[359]: IKE Packet: transmit success. (Information message). Oct 16 15:17:59 azone-iMac.local racoon[359]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA). Anyone help? Thanks a million!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 9 10 11 12 13 14 15 16 17 18 19 20  | Next Page >