ip protocol - Page 132 - Developer IT

How to use Bonjour?

- by Roman

First, what exactly Bonjour does (pleas read my guesses written bellow)? Here I found out that Bonjour enables automatic discovery of computers, devices, and services on IP networks. But I thought that it not only "discovers devices on IP network" it also creates an IP network by assigning IP addresses to devices where Bonjour is running. Am I right? And I still miss the essence. Does it work in the following way? First I connect devices (for example laptops) physically so that they potentially can communicate with each other. Then, let say, on some laptops I have Bonjour running and then, as a consequence, these laptops assign IP addresses to them self in automatic way. So, laptops (where Bonjour is running) build an IP network. Does it work in this way? Or may be a computer running Bonjour is not considered as a service and it does not broadcast itself just because Bonjour is running on this computer. I mean that the applications running on the computers need to use Bonjour to broadcast themself. So, it is applications that broadcast themself (not computers) and it is not done automatically (application needs to broadcast themself explicitly). Is it right? How exactly my application can broadcast itself? Can I use command line to register an service (so that all applications using Bonjour knows that a new service appeared)? Further, I would like to have an application which use the IP network created by Bonjour. For that my application needs to know which devices/services are present in the network. In more details, my application needs to have a list of services. Each service in the list should have a name, the IP address where it is running and the port which is used by the application. Can Bonjour provide this information in some way? If it is the case, how exactly it works. How my program can get this information from Bonjour? Can my program read some file created by Bonjour and containing the above mentioned information? Can I use some commands in command line to retrieve this information? I have a special interest in accessing the information about services from files, environment variables or commands in command line. These options seems to me to be the simplest! Since in these case I do not need to use any additional libraries to communicate with Bonjour from a particular programming language. P.S. Pleas ask questions if something is not clear in my question. I will try to formulate my question in a more clear way. P.P.S. I use Windows 7. ADDED: I plan to write my applications in PHP. Every computer should run a Apache web server. And I want to use Bonjour to help computer discover each other (computers are working in a local network).

Read the article

Linux pptp client stops working after several hours

- by Aron Rotteveel

Here's the situation: Setup: 1 Windows Server 2008 machine acting as a Domain Controller and RRAS server 1 CentOS machine in a datacentre located elsewhere PPTP client running on CentOS machine, connected to the DC via When I connect to the DC, everything is working fine. I have set up a static IP for the dialup connection in my RRAS server so that the CentOS machine is automatically assigned the IP 192.168.1.240. Inside the VPN, it is not possible to access this machine on the local IP-address. Perfect. However, after several hours, it simply seems to stop working (IE: I cannot ping to or from this machine on the local network). The strange thing is, however: The DC shows the VPN client as still being connected The CentOS machine shows the network interface as being up There are no entries in my /var/log/messages that indicate a problem Output from ifconfig: ppp0 Link encap:Point-to-Point Protocol inet addr:192.168.1.240 P-t-P:192.168.1.160 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1396 Metric:1 RX packets:43 errors:0 dropped:0 overruns:0 frame:0 TX packets:58 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:4511 (4.4 KiB) TX bytes:15071 (14.7 KiB) Output from route -n: 192.168.1.160 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ppp0 I have the following in my ip-up.local: route add -net 192.168.1.0 netmask 255.255.255.0 dev ppp0 The situation can be easily fixed by issueing a killall pppd and re-connecting. However, I obviously do not want to do this every X-hours or so. I have tried running pppd with both the debug as the kdebug flag but cannot find the cause of this problem. Currently, my ppp0 network interface seems to be running and the last log lines mentioning it are: Feb 19 14:10:40 graviton pppd[10934]: local IP address 192.168.1.240 Feb 19 14:10:40 graviton pppd[10934]: remote IP address 192.168.1.160 Feb 19 14:10:40 graviton pppd[10934]: Script /etc/ppp/ip-up started (pid 10952) Feb 19 14:10:40 graviton pppd[10934]: Script /etc/ppp/ip-up finished (pid 10952), status = 0x0 Feb 19 14:11:27 graviton pptp[10935]: anon log[decaps_gre:pptp_gre.c:414]: buffering packet 190 (expecting 189, lost or reordered) Feb 19 14:11:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:677]: Echo Request received. Feb 19 14:11:37 graviton pptp[10942]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 6 'Echo-Reply' Feb 19 14:12:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:677]: Echo Request received. Feb 19 14:12:37 graviton pptp[10942]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 6 'Echo-Reply' Feb 19 14:12:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received. Feb 19 14:13:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received. Feb 19 14:14:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received. Feb 19 14:15:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received. Feb 19 14:16:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received. Feb 19 14:19:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:677]: Echo Reply received. Feb 19 14:19:37 graviton pptp[10942]: anon log[logecho:pptp_ctrl.c:679]: no more Echo Reply/Request packets will be reported. I have enabled the persist option. The network interface is still running, but it is still impossible to send data through the VPN. Any help is appreciated.

Read the article

Initial Cisco ASA 5510 Config

- by Brendan ODonnell

Fair warning, I'm a but of a noob so please bear with me. I'm trying to set up a new ASA 5510. I have a pretty simple set up with one /24 on the inside NATed to a DHCP address on the outside. Everything on the inside works and I can ping the outside interface from external devices. No matter what I do I can't get anything internal to route across the border to the outside and back. To try and eliminate ACL issues as a possibility I added permit any any rules to the incoming access lists on the inside and outside interfaces. I'd appreciate any help I can get. Here's the sh run. : Saved : ASA Version 8.4(3) ! hostname gateway domain-name xxx.local enable password xxx encrypted passwd xxx encrypted names ! interface Ethernet0/0 nameif outside security-level 0 ip address dhcp setroute ! interface Ethernet0/1 nameif inside security-level 100 ip address 10.x.x.x 255.255.255.0 ! interface Ethernet0/2 shutdown no nameif no security-level no ip address ! interface Ethernet0/3 shutdown no nameif no security-level no ip address ! interface Management0/0 nameif management security-level 100 ip address 192.168.1.1 255.255.255.0 management-only ! ftp mode passive dns domain-lookup inside dns server-group DefaultDNS name-server 10.x.x.x domain-name xxx.local same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network inside-network subnet 10.x.x.x 255.255.255.0 object-group protocol TCPUDP protocol-object udp protocol-object tcp access-list outside_access_in extended permit ip any any access-list inside_access_in extended permit ip any any pager lines 24 logging enable logging buffered informational logging asdm informational mtu management 1500 mtu inside 1500 mtu outside 1500 no failover icmp unreachable rate-limit 1 burst-size 1 icmp permit any inside icmp permit any outside no asdm history enable arp timeout 14400 ! object network inside-network nat (any,outside) dynamic interface access-group inside_access_in in interface inside access-group outside_access_in in interface outside timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL aaa authentication ssh console LOCAL aaa authentication http console LOCAL http server enable http 192.168.1.0 255.255.255.0 management http 10.x.x.x 255.255.255.0 inside http authentication-certificate management http authentication-certificate inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart telnet timeout 5 ssh 192.168.1.0 255.255.255.0 management ssh 10.x.x.x 255.255.255.0 inside ssh timeout 5 ssh version 2 console timeout 0 dhcp-client client-id interface outside dhcpd address 192.168.1.2-192.168.1.254 management dhcpd enable management ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn username xxx password xxx encrypted ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options inspect icmp ! service-policy global_policy global prompt hostname context no call-home reporting anonymous Cryptochecksum:fe19874e18fe7107948eb0ada6240bc2 : end no asdm history enable

Read the article

mod_mono 'Service Temporarily Unavailable' issue

- by Charlie Somerville

I've deployed an ASP.NET web application on a Linux (Debian) server running Apache 2.2 and mod_mono 1.9 It's working well, however Mono occasionally segfaults and uses the entire CPU which causes the website to stop working and display 'Service Temporarily Unavailable' Killing mono fixes it, but obviously this isn't a good solution. I tailed the system log after this happened and I saw the following error messages from the kernel: Apr 20 01:49:37 charliesomerville kernel: [1596436.204158] mono[17909]: segfault at b645f671 ip b645f671 sp b4ffb604 error 4<6>mono[19047]: segfault at b645f66e ip b645f66e sp b4bf7604 error 4<6>mono[18017]: segfault at b645f66e ip b645f66e sp b52fe604 error 4<6>mono[19668]: segfault at b645f5e6 ip b645f5e6 sp b48f4604 error 4<6>mono[22565]: segfault at b645f674 ip b645f674 sp b45f1604 error 4<6>mono[17700]: segfault at b645f661 ip b645f661 sp b51fd604 error 4<6>mono[19596]: segfault at b645f5e6 ip b645f5e6 sp b49f5604 error 4 Apr 20 01:49:37 charliesomerville kernel: [1596436.208172] mono[23219]: segfault at b645f66e ip b645f66e sp b44f0604 error 4 At the end of Apache's error.log are the following errors: [Tue Apr 20 03:10:23 2010] [error] (70014)End of file found: read_data failed [Tue Apr 20 03:10:23 2010] [error] Command stream corrupted, last command was 1 [Tue Apr 20 03:10:23 2010] [error] Command stream corrupted, last command was 1 [Tue Apr 20 03:10:23 2010] [error] Command stream corrupted, last command was 1 System.ArgumentNullException: null key Parameter name: key at System.Collections.Hashtable.get_Item (System.Object key) [0x00000] at System.Runtime.Serialization.SerializationCallbacks.GetSerializationCallbacks (System.Type t) [0x00000] at System.Runtime.Serialization.ObjectManager.RaiseOnDeserializingEvent (System.Object obj) [0x00000] at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ReadObjectContent (System.IO.BinaryReader reader, System.Runtime.Serialization.Formatters.Binary.TypeMetadata metadata, Int64 objectId, System.Object& objectInstance, System.Runtime.Serialization.SerializationInfo& info) [0x00000] at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ReadObjectInstance (System.IO.BinaryReader reader, Boolean isRuntimeObject, Boolean hasTypeInfo, System.Int64& objectId, System.Object& value, System.Runtime.Serialization.SerializationInfo& info) [0x00000] at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ReadObject (BinaryElement element, System.IO.BinaryReader reader, System.Int64& objectId, System.Object& value, System.Runtime.Serialization.SerializationInfo& info) [0x00000] at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ReadNextObject (System.IO.BinaryReader reader) [0x00000] at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ReadObjectGraph (System.IO.BinaryReader reader, Boolean readHeaders, System.Object& result, System.Runtime.Remoting.Messaging.Header[]& headers) [0x00000] at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.NoCheckDeserialize (System.IO.Stream serializationStream, System.Runtime.Remoting.Messaging.HeaderHandler handler) [0x00000] at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize (System.IO.Stream serializationStream) [0x00000] at System.Runtime.Remoting.Channels.CADSerializer.DeserializeObject (System.IO.MemoryStream mem) [0x00000] at System.Runtime.Remoting.RemotingServices.GetDomainProxy (System.AppDomain domain) [0x00000] at System.AppDomain.CreateDomain (System.String friendlyName, System.Security.Policy.Evidence securityInfo, System.AppDomainSetup info) [0x00000] at System.Web.Hosting.ApplicationHost.CreateApplicationHost (System.Type hostType, System.String virtualDir, System.String physicalDir) [0x00000] at Mono.WebServer.VPathToHost.CreateHost (Mono.WebServer.ApplicationServer server, Mono.WebServer.WebSource webSource) [0x00000] at Mono.WebServer.ApplicationServer.GetApplicationForPath (System.String vhost, Int32 port, System.String path, Boolean defaultToRoot) [0x00000] at (wrapper remoting-invoke-with-check) Mono.WebServer.ApplicationServer:GetApplicationForPath (string,int,string,bool) at Mono.WebServer.ModMonoWorker.GetOrCreateApplication (System.String vhost, Int32 port, System.String filepath, System.String virt) [0x00000] at Mono.WebServer.ModMonoWorker.InnerRun (System.Object state) [0x00000] at Mono.WebServer.ModMonoWorker.Run (System.Object state) [0x00000] [Tue Apr 20 03:10:26 2010] [error] (70014)End of file found: read_data failed [Tue Apr 20 03:10:26 2010] [error] Command stream corrupted, last command was -1 Along with the above errors, Apache's error.log is packed with hundreds (if not thousands) of the following error: Maximum number (20) of concurrent mod_mono requests to /tmp/mod_mono_dashboard_default_2.lock reached. Droping request. At the moment, I'm thinking there might be something wrong with configuration here (it's basically running on out-of-the-box config)

Read the article

COPSSH RSA only authentication connection problem

- by Siriss

Hello all- I am trying to setup an RSA Authentication only SSH/SFTP server. The SSH will be used primarily for RDC. Everything works just fine if I use password authentication. I am using Putty Key Generator to create he keys and I have pasted the key into authorized_keys file and restarted the OpenSSH server. I am using FileZilla to test the SFTP connection as that is the most important. For my tests I have created the keys without password correction. It will not work with a standard SSH connection either. It says "Server refused our key". I have recreated the key twice double checking with a guide on google, and I am pretty sure I did it correctly. I load the key file into FileZilla under settings/SFTP and try to connect and I get the following error: Disconnected: No supported authentication methods available. I have been playing with the different settings all night and I cannot figure it out. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # Disable legacy (protocol version 1) support in the server for new # installations. In future the default will change to require explicit # activation of protocol 1 Protocol 2 # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 1024 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH #LogLevel INFO # Authentication: #LoginGraceTime 2m PermitRootLogin no #StrictModes yes #MaxAuthTries 6 #MaxSessions 10 RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM no #AllowAgentForwarding yes #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner none # override default of no subsystems Subsystem sftp /bin/sftp-server # Example of overriding settings on a per-user basis #Match User anoncvs # X11Forwarding no # AllowTcpForwarding no # ForceCommand cvs server Thank you so much for your help!

Read the article

Inconsistent file downloads of (what should be) the same file

- by Austin A.

I'm working on a system that archives large collections of timetstamped images. Part of the system deals with saving an image to a growing .zip file. This morning I noticed that the log system said that an image was successfully downloaded and placed in the zip file, but when I downloaded the .zip (from an apache alias running on our server), the images didn't match the log. For example, although the log said that camera 3484 captured on January 17, 2011, when I download from the apache alias, the downloaded zip file only contains images up to January 14. So, I sshed onto the server, and unzipped the file in its own directory, and that zip file has images from January 14 to today (January 17). What strikes me as odd is that this should be the exact same file as the one I downloaded from the apache alias. Other experiments: I scp-ed the file from the server to my local machine, and the zip file has the newer images. But when I use an SCP client (in this case, Fugu for OSX), I get the zip file for the older images. In short: unzipping a file on the server or after downloading through scp or after downloading through wget gives one zip file, but unzipping a file from Chrome, Firefox, or SCP client gives a different zip file, when they should be exactly the same. Unzipping on the server... [user@server ~]$ cd /export1/amos/images/2011/84/3484/00003484/ [user@server 00003484]$ ls -la total 6180 drwxr-sr-x 2 user groupname 24 Jan 17 11:20 . drwxr-sr-x 4 user groupname 36 Jan 11 19:58 .. -rw-r--r-- 1 user groupname 6309980 Jan 17 12:05 2011.01.zip [user@server 00003484]$ unzip 2011.01.zip Archive: 2011.01.zip extracting: 20110114_140547.jpg extracting: 20110114_143554.jpg replace 20110114_143554.jpg? [y]es, [n]o, [A]ll, [N]one, [r]ename: y extracting: 20110114_143554.jpg extracting: 20110114_153458.jpg (...bunch of files...) extracting: 20110117_170459.jpg extracting: 20110117_173458.jpg extracting: 20110117_180501.jpg Using the wget through apache alias. local:~ user$ wget http://example.com/zipfiles/2011/84/3484/00003484/2011.01.zip --12:38:13-- http://example.com/zipfiles/2011/84/3484/00003484/2011.01.zip => `2011.01.zip' Resolving example.com... ip.ip.ip.ip Connecting to example.com|ip.ip.ip.ip|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 6,327,747 (6.0M) [application/zip] 100% [=====================================================================================================>] 6,327,747 1.03M/s ETA 00:00 12:38:56 (143.23 KB/s) - `2011.01.zip' saved [6327747/6327747] local:~ user$ unzip 2011.01.zip Archive: 2011.01.zip extracting: 20110114_140547.jpg (... same as before...) extracting: 20110117_183459.jpg Using scp to grab the zip local:~ user$ scp user@server:/export1/amos/images/2011/84/3484/00003484/2011.01.zip . 2011.01.zip 100% 6179KB 475.3KB/s 00:13 local:~ user$ unzip 2011.01.zip Archive: 2011.01.zip extracting: 20110114_140547.jpg (...same as before...) extracting: 20110117_183459.jpg Using Fugu to download 2011.01.zip from /export1/amos/images/2011/84/3484/00003484/ gives images 20110113_090457.jpg through 201100114_010554.jpg Using Firefox to download 2011.01.zip from http://example.com/zipfiles/2011/84/3484/00003484/2011.01.zip gives images 20110113_090457.jpg through 201100114_010554.jpg Using Chrome gives same results as Firefox. Relevant section from apache httpd.conf: # ScriptAlias: This controls which directories contain server scripts. # ScriptAliases are essentially the same as Aliases, except that # documents in the realname directory are treated as applications and # run by the server when requested rather than as documents sent to the client. # The same rules about trailing "/" apply to ScriptAlias directives as to # Alias. # ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" Alias /zipfiles/ /export1/amos/images/

Read the article

Cisco 678 Will Not Work using PPPoE - Possibly Because I Configured it Incorrectly..?

- by Brian Stinar

I am attempting to configure a Cisco 678 because I am totally sick on my Actiontec. However, I am running into some problems. It seems as though the Cisco is able to train the line, but I am unable to ping out. I am all right at programming, but still learning a lot when it comes to being a system administrator. I apologize in advance if I did something ridiculous, or am attempting to configure this device to do something it was not designed to do. It is almost like I am not correctly configuring the device to grab it's IP using PPPoA (like my Actiontec.) The output from "show running" (below) makes me think this too. Below are the commands I ran in order to configure this: # en # set nvram erase # write # reboot # en # set nat enable # set dhcp server enable # set PPP wan0-0 ipcp 0.0.0.0 # set ppp wan0-0 dns 0.0.0.0 # set PPP wan0-0 login xxxxx // My actual login # set PPP wan0-0 password yyyyy // My actual password # set PPP restart enabled # set int wan0-0 close # set int wan0-0 vpi 0 # set int wan0-0 vci 32 # set int wan0-0 open # write # reboot Here is the output from a few commands I thought could provide some useful information: cbos#ping 74.125.224.113 Sending 1 8 byte ping(s) to 74.125.224.113 every 2 second(s) Request timed out cbos#show version Cisco Broadband Operating System CBOS (tm) 678 Software (C678-I-M), Version v2.4.9 - Release Software Copyright (c) 1986-2001 by cisco Systems, Inc. Compiled Nov 17 2004 15:26:29 DMT FULL firmware version G96 NVRAM image at 0x1030f000 cbos#show errors - Current Error Messages - ## Ticks Module Level Message 0 000:00:00:00 PPP Info IPCP Open Event on wan0-0 1 000:00:00:14 ATM Info Wan0 Up 2 000:00:00:14 PPP Info PPP Up Event on wan0-0 3 000:00:01:54 PPP Info PPP Down Event on wan0-0 Total Number of Error Messages: 4 cbos#show interface wan0 wan0 ADSL Physical Port Line Trained Actual Configuration: Overhead Framing: 3 Trellis Coding: Enabled Standard Compliance: T1.413 Downstream Data Rate: 1184 Kbps Upstream Data Rate: 928 Kbps Interleave S Downstream: 4 Interleave D Downstream: 16 Interleave R Downstream: 16 Interleave S Upstream: 4 Interleave D Upstream: 8 Interleave R Upstream: 16 Modem Microcode: G96 DSP version: 0 Operating State: Showtime/Data Mode Configured: Echo Cancellation: Disabled Overhead Framing: 3 Coding Gain: Auto TX Power Attenuation: 0dB Trellis Coding: Enabled Bit Swapping: Disabled Standard Compliance: T1.413 Remote Standard Compliance: T1.413 Tx Start Bin: 0x6 Tx End Bin: 0x1f Data Interface: Utopia L1 Status: Local SNR Margin: 19.0dB Local Coding Gain: 7.5dB Local Transmit Power: 12.5dB Local Attenuation: 46.0dB Remote Attenuation: 31.0dB Local Counters: Interleaved RS Corrected Bytes: 0 Interleaved Symbols with CRC Errors: 2 No Cell Delineation Interleaved: 0 Out of Cell Delineation Interleaved: 0 Header Error Check Counter Interleaved: 0 Count of Severely Errored Frames: 0 Count of Loss of Signal Frames: 0 Remote Counters: Interleaved RS Corrected Bytes: 0 Interleaved Symbols with CRC Errors: 1 No Cell Delineation Interleaved: 0 Header Error Check Counter Interleaved: 0 Count of Severely Errored Frames: 0 Count of Loss of Signal Frames: 0 cbos#show int wan0-0 WAN0-0 ATM Logical Port PVC (VPI 0, VCI 32) is configured. ScalaRate set to Auto AAL 5 UBR Traffic IP Port Enabled cbos#show running Warning: traffic may pause while NVRAM is being accessed [[ CBOS = Section Start ]] NSOS MD5 Enable Password = XXXX NSOS MD5 Root Password = XXXX NSOS MD5 Commander Password = XXXX [[ PPP Device Driver = Section Start ]] PPP Port User Name = 00, "XXXX" PPP Port User Password = 00, XXXX PPP Port Option = 00, IPCP,IP Address,3,Auto,Negotiation Not Required,Negotiable ,IP,0.0.0.0 PPP Port Option = 00, IPCP,Primary DNS Server,129,Auto,Negotiation Not Required, Negotiable,IP,0.0.0.0 PPP Port Option = 00, IPCP,Secondary DNS Server,131,Auto,Negotiation Not Require d,Negotiable,IP,0.0.0.0 [[ ATM WAN Device Driver = Section Start ]] ATM WAN Virtual Connection Parms = 00, 0, 32, 0 [[ DHCP = Section Start ]] DHCP Server = enabled [[ IP Routing = Section Start ]] IP NAT = enabled [[ WEB = Section Start ]] WEB = enabled cbos# wtf...? Thank you all very much for taking the time to read this, and the help.

Read the article

Exchange 2003 mail non-delivery (NDR), spam activity? events 7002 & 7004

- by HighTechGeek

Windows Server 2003 Small Business Server SP2 Exchange Version 6.5 (Build 7638.2: Service Pack 2) This network has been neglected and has been having email problems for years and was on many blacklists. I was called in after the server eventually crashed... I got the server back up and running, but email problems persist. Outgoing mail delivery is sporadic. Sometimes the mail goes through, sometimes a delayed delivery report is generated after a day or more, and sometimes it seems to go through, but the recipient never receives it. Not sure if spammers are successfully using the server as a relay (see event entries below after turning on maximum SMTP logging)... User PCs infected with viruses and server was blacklisted on many sites (I used mxtoolbox.com) I have cleaned all the PCs and changed all passwords (including administrator) I have requested removal from all of the blacklists - most have removed the listing, some take more time. I have setup rDNS pointer records with the ISP (Comcast) - that was one reason for some of the blacklistings. I have tested that it's not an open relay using telnet as described here: www.amset.info/exchange/smtp-openrelay.asp I followed the advise of a Spamhaus & Microsoft article to enable maximum SMTP logging. http://www.spamhaus.org/faq/answers.lasso?section=isp%20spam%20issues#320 which directed me to Microsoft KB article 895853, specifically, the part 2/3 down titled: "If mail relay occurs from an account on an Exchange computer that is not configured as an open relay" . The Application Event Log is filling with this type of activity (Event ID 7002, 7002 & 3018 errors): Event Type: Error Event Source: MSExchangeTransport Event Category: SMTP Protocol Event ID: 7004 Date: 1/18/2011 Time: 7:33:29 AM User: N/A Computer: SERVER Description: This is an SMTP protocol error log for virtual server ID 1, connection #621. The remote host "212.52.84.180", responded to the SMTP command "rcpt" with "550 #5.1.0 Address rejected [email protected] ". The full command sent was "RCPT TO: ". This will probably cause the connection to fail. and this: Event Type: Warning Event Source: MSExchangeTransport Event Category: SMTP Protocol Event ID: 7002 Date: 1/18/2011 Time: 7:33:29 AM User: N/A Computer: SERVER Description: This is an SMTP protocol warning log for virtual server ID 1, connection #620. The remote host "212.52.84.170", responded to the SMTP command "rcpt" with "452 Too many recipients received this hour ". The full command sent was "RCPT TO: ". This may cause the connection to fail. or a variant of: Event Type: Warning Event Source: MSExchangeTransport Event Category: SMTP Protocol Event ID: 7002 Date: 1/18/2011 Time: 8:39:21 AM User: N/A Computer: SERVER Description: This is an SMTP protocol warning log for virtual server ID 1, connection #661. The remote host "82.57.200.133", responded to the SMTP command "rcpt" with "421 Service not available - too busy ". The full command sent was "RCPT TO: ". This may cause the connection to fail. also Event Type: Error Event Source: MSExchangeTransport Event Category: NDR Event ID: 3018 Date: 1/18/2011 Time: 9:49:37 AM User: N/A Computer: SERVER Description: A non-delivery report with a status code of 5.4.0 was generated for recipient rfc822;[email protected] (Message-ID ). Causes: This message indicates a DNS problem or an IP address configuration problem Solution: Check the DNS using nslookup or dnsq. Verify the IP address is in IPv4 literal format. Data: 0000: ef 02 04 c0 ï..À Any guidance and/or suggestions and/or tests to perform would be greatly appreciated.

Read the article

Can't configure frame relay T1 on Cisco 1760

- by sonar

For the past few days I've been trying to configure a data T1 via a Frame Relay. Now I've been pretty unsuccessful at it, and it's been a while, since I've done this so please bare with me. The ISP provided me the following information: 1. IP address 2. Gateway address 3. Encapsulation Frame Relay 4. DLCI 100 5. BZ8 ESF (I think the bz8 was supposed to be b8zs) 6. Time Slot (1 al 24). And what I have configured up until now is the following: interface Serial0/0 ip address <ip address> 255.255.255.252 encapsulation frame-relay service-module t1 timeslots 1-24 frame-relay interface-dlci 100 sh service-module s0/0 (outputs): Module type is T1/fractional Hardware revision is 0.128, Software revision is 0.2, Image checksum is 0x73D70058, Protocol revision is 0.1 Receiver has no alarms. Framing is **ESF**, Line Code is **B8ZS**, Current clock source is line, Fraction has **24 timeslots** (64 Kbits/sec each), Net bandwidth is 1536 Kbits/sec. Last module self-test (done at startup): Passed Last clearing of alarm counters 00:17:17 loss of signal : 0, loss of frame : 0, AIS alarm : 0, Remote alarm : 2, last occurred 00:10:10 Module access errors : 0, Total Data (last 1 15 minute intervals): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs Data in current interval (138 seconds elapsed): 0 Line Code Violations, 0 Path Code Violations 0 Slip Secs, 0 Fr Loss Secs, 0 Line Err Secs, 0 Degraded Mins 0 Errored Secs, 0 Bursty Err Secs, 0 Severely Err Secs, 0 Unavail Secs sh int: FastEthernet0/0 is up, line protocol is up Hardware is PQUICC_FEC, address is 000d.6516.e5aa (bia 000d.6516.e5aa) Internet address is 10.0.0.1/24 MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s, 100BaseTX/FX ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:20:00, output 00:00:00, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog 0 input packets with dribble condition detected 191 packets output, 20676 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier 0 output buffer failures, 0 output buffers swapped out Serial0/0 is up, line protocol is down Hardware is PQUICC with Fractional T1 CSU/DSU MTU 1500 bytes, BW 1536 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY, loopback not set Keepalive set (10 sec) LMI enq sent 157, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down LMI enq recvd 23, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE FR SVC disabled, LAPF state down Broadcast queue 0/64, broadcasts sent/dropped 2/0, interface broadcasts 0 Last input 00:24:51, output 00:00:05, output hang never Last clearing of "show interface" counters 00:27:20 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) Available Bandwidth 1152 kilobits/sec 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 23 packets input, 302 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 1725 input errors, 595 CRC, 1099 frame, 0 overrun, 0 ignored, 30 abort 246 packets output, 3974 bytes, 0 underruns 0 output errors, 0 collisions, 48 interface resets 0 output buffer failures, 0 output buffers swapped out 4 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up Serial0/0.1 is down, line protocol is down Hardware is PQUICC with Fractional T1 CSU/DSU MTU 1500 bytes, BW 1536 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY Last clearing of "show interface" counters never Serial0/0.100 is down, line protocol is down Hardware is PQUICC with Fractional T1 CSU/DSU Internet address is <ip address>/30 MTU 1500 bytes, BW 1536 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation FRAME-RELAY Last clearing of "show interface" counters never And everything seems to be accounted for to me, but apparently I'm missing something. My issue is that I'm stuck on interface up, line protocol down, so the T1 doesn't go up. Any ideas? Thank you,

Read the article

Apt-Get Update: failure to fetch; can't connect to any sources

- by weberc2

I realize there are dozens of "apt-get update: failure to fetch" questions (I read through all I could find), but my present circumstance is unique to 12.04 and it affects all sources; not just launchpad. Additionally, I've tried several different servers in Europe and the U.S. as well as the "main server" (wherever that is) and they all yield the same result: I can't connect to any software sources. Additionally, I'm fairly certain the problem stems from the upgrade from 11.10-12.04 I performed this morning, as updates worked immediately before. Updates from the Update Manager worked fine and I could download some things (mutter) from the Software Center without incident, which makes me think I can connect to some subset of the Ubuntu servers (however, several other Ubuntu servers--like extras--and some canonical servers are listed as 'unable to connect'). Here is the output from sudo apt-get update: sudo apt-get update Ign http://ftp.u-picardie.fr precise InRelease Ign http://archive.canonical.com precise InRelease Ign http://ftp.u-picardie.fr precise-updates InRelease Ign http://ftp.u-picardie.fr precise-backports InRelease Err http://ftp.u-picardie.fr precise-security InRelease Err http://ftp.u-picardie.fr precise Release.gpg Unable to connect to ftp.u-picardie.fr:http: Err http://ftp.u-picardie.fr precise-updates Release.gpg Unable to connect to ftp.u-picardie.fr:http: Err http://ftp.u-picardie.fr precise-backports Release.gpg Unable to connect to ftp.u-picardie.fr:http: Err http://ftp.u-picardie.fr precise-security Release.gpg Unable to connect to ftp.u-picardie.fr:http: Hit http://archive.canonical.com precise Release.gpg Hit http://archive.canonical.com precise Release Hit http://archive.canonical.com precise/partner i386 Packages Ign http://archive.canonical.com precise/partner TranslationIndex Ign http://dl.google.com stable InRelease Ign http://dl.google.com stable InRelease Err http://archive.canonical.com precise/partner Translation-en_US Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] Err http://archive.canonical.com precise/partner Translation-en Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] Ign http://extras.ubuntu.com precise InRelease Get:1 http://dl.google.com stable Release.gpg [198 B] Err http://extras.ubuntu.com precise Release.gpg Could not connect to extras.ubuntu.com:80 (91.189.88.33). - connect (111: Connection refused) Ign http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Get:2 http://dl.google.com stable Release.gpg [198 B] Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Get:3 http://dl.google.com stable Release [1,347 B] Get:4 http://dl.google.com stable Release [1,347 B] Get:5 http://dl.google.com stable/main i386 Packages [1,268 B] Ign http://dl.google.com stable/main TranslationIndex Get:6 http://dl.google.com stable/main i386 Packages [769 B] Ign http://dl.google.com stable/main TranslationIndex Ign http://dl.google.com stable/main Translation-en_US Ign http://dl.google.com stable/main Translation-en Ign http://dl.google.com stable/main Translation-en_US Ign http://dl.google.com stable/main Translation-en Fetched 5,127 B in 7s (673 B/s) Reading package lists... Done W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise-security/InRelease W: Failed to fetch http://ppa.launchpad.net/elementary-os/stable/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/elementaryart/elementary-dev/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/midori/ppa/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/nemequ/sqlheavy/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/ricotz/docky/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/sgringwe/beatbox/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/webupd8team/y-ppa-manager/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/yorba/ppa/ubuntu/dists/precise/InRelease W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise/Release.gpg Unable to connect to ftp.u-picardie.fr:http: W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise-updates/Release.gpg Unable to connect to ftp.u-picardie.fr:http: W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise-backports/Release.gpg Unable to connect to ftp.u-picardie.fr:http: W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise-security/Release.gpg Unable to connect to ftp.u-picardie.fr:http: W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/partner/i18n/Translation-en_US Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/partner/i18n/Translation-en Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/precise/Release.gpg Could not connect to extras.ubuntu.com:80 (91.189.88.33). - connect (111: Connection refused) W: Failed to fetch http://ppa.launchpad.net/caffeine-developers/ppa/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/elementary-os/stable/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/elementaryart/elementary-dev/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/midori/ppa/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/nemequ/sqlheavy/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/ricotz/docky/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/sgringwe/beatbox/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/webupd8team/y-ppa-manager/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/yorba/ppa/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Some index files failed to download. They have been ignored, or old ones used instead. W: Duplicate sources.list entry http://ppa.launchpad.net/nemequ/sqlheavy/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/ppa.launchpad.net_nemequ_sqlheavy_ubuntu_dists_precise_main_binary-i386_Packages) W: Duplicate sources.list entry http://ppa.launchpad.net/sgringwe/beatbox/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/ppa.launchpad.net_sgringwe_beatbox_ubuntu_dists_precise_main_binary-i386_Packages) Contents of /etc/apt/sources.list: # deb cdrom:[Ubuntu 11.10 _Oneiric Ocelot_ - Release i386 (20111012)]/ oneiric main restricted deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise main restricted #Added by software-properties # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise main restricted deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise multiverse universe #Added by software-properties ## Major bug fix updates produced after the final release of the ## distribution. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-updates main restricted deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-updates restricted main multiverse universe #Added by software-properties ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise universe deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise multiverse deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-backports main restricted universe multiverse deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-backports main restricted universe multiverse #Added by software-properties deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-security main restricted deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-security restricted main multiverse universe #Added by software-properties deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-security universe deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-security multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu oneiric partner # deb-src http://archive.canonical.com/ubuntu oneiric partner ## This software is not part of Ubuntu, but is offered by third-party ## developers who want to ship their latest software. deb http://extras.ubuntu.com/ubuntu precise main deb-src http://extras.ubuntu.com/ubuntu precise main Testing Alternate sources.list file These are the steps I followed to produce the following output: Please backup your sources.list: sudo cp /etc/apt/sources.list /etc/apt/sources.list.backup and then replace the contents of /etc/apt/sources.list with the below lines and run apt-get update: deb http://archive.ubuntu.com/ubuntu/ precise main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu/ precise-updates main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse deb http://security.ubuntu.com/ubuntu precise-security main restricted universe multiverse deb http://archive.canonical.com/ubuntu precise partner deb http://extras.ubuntu.com/ubuntu precise main Output: someone@someone-UBook:~$ sudo apt-get update Ign http://archive.canonical.com precise InRelease Hit http://archive.canonical.com precise Release.gpg Hit http://archive.canonical.com precise Release Ign http://archive.ubuntu.com precise InRelease Ign http://extras.ubuntu.com precise InRelease Ign http://archive.ubuntu.com precise-updates InRelease Hit http://archive.canonical.com precise/partner i386 Packages Hit http://extras.ubuntu.com precise Release.gpg Ign http://archive.ubuntu.com precise-backports InRelease Ign http://archive.canonical.com precise/partner TranslationIndex Err http://archive.canonical.com precise/partner Translation-en_US Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] Err http://archive.canonical.com precise/partner Translation-en Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] Hit http://extras.ubuntu.com precise Release Get:1 http://archive.ubuntu.com precise Release.gpg [198 B] Ign http://dl.google.com stable InRelease Err http://dl.google.com stable InRelease Err http://dl.google.com stable Release.gpg Unable to connect to dl.google.com:http: [IP: 173.194.34.38 80] Err http://dl.google.com stable Release.gpg Unable to connect to dl.google.com:http: [IP: 173.194.34.38 80] Get:2 http://archive.ubuntu.com precise-updates Release.gpg [198 B] Hit http://extras.ubuntu.com precise/main i386 Packages Get:3 http://archive.ubuntu.com precise-backports Release.gpg [198 B] Ign http://security.ubuntu.com precise-security InRelease Ign http://extras.ubuntu.com precise/main TranslationIndex Err http://extras.ubuntu.com precise/main Translation-en_US Unable to connect to extras.ubuntu.com:http: Err http://extras.ubuntu.com precise/main Translation-en Unable to connect to extras.ubuntu.com:http: Get:4 http://security.ubuntu.com precise-security Release.gpg [198 B] Get:5 http://archive.ubuntu.com precise Release [49.6 kB] Get:6 http://security.ubuntu.com precise-security Release [49.6 kB] Get:7 http://archive.ubuntu.com precise-updates Release [49.6 kB] Get:8 http://archive.ubuntu.com precise-backports Release [49.6 kB] Get:9 http://security.ubuntu.com precise-security/main i386 Packages [32.9 kB] Get:10 http://archive.ubuntu.com precise/main i386 Packages [1,274 kB] Get:11 http://security.ubuntu.com precise-security/restricted i386 Packages [14 B] Get:12 http://security.ubuntu.com precise-security/universe i386 Packages [8,594 B] Get:13 http://security.ubuntu.com precise-security/multiverse i386 Packages [1,393 B] Get:14 http://security.ubuntu.com precise-security/main TranslationIndex [73 B] Get:15 http://security.ubuntu.com precise-security/multiverse TranslationIndex [71 B] Get:16 http://security.ubuntu.com precise-security/restricted TranslationIndex [70 B] Get:17 http://security.ubuntu.com precise-security/universe TranslationIndex [72 B] Get:18 http://security.ubuntu.com precise-security/main Translation-en [13.6 kB] Get:19 http://security.ubuntu.com precise-security/multiverse Translation-en [587 B] Get:20 http://security.ubuntu.com precise-security/restricted Translation-en [14 B] Get:21 http://security.ubuntu.com precise-security/universe Translation-en [6,261 B] Get:22 http://archive.ubuntu.com precise/restricted i386 Packages [8,431 B] Get:23 http://archive.ubuntu.com precise/universe i386 Packages [4,796 kB] Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Get:24 http://ppa.launchpad.net precise Release.gpg [316 B] Get:25 http://ppa.launchpad.net precise Release.gpg [316 B] Get:26 http://ppa.launchpad.net precise Release.gpg [316 B] Ign http://ppa.launchpad.net precise Release.gpg Get:27 http://ppa.launchpad.net precise Release.gpg [316 B] Hit http://ppa.launchpad.net precise Release.gpg Get:28 http://ppa.launchpad.net precise Release.gpg [316 B] Get:29 http://ppa.launchpad.net precise Release.gpg [316 B] Hit http://ppa.launchpad.net precise Release.gpg Get:30 http://ppa.launchpad.net precise Release.gpg [316 B] Hit http://ppa.launchpad.net precise Release.gpg Get:31 http://ppa.launchpad.net precise Release [11.9 kB] Get:32 http://ppa.launchpad.net precise Release [11.9 kB] Get:33 http://archive.ubuntu.com precise/multiverse i386 Packages [121 kB] Get:34 http://ppa.launchpad.net precise Release [11.9 kB] Ign http://ppa.launchpad.net precise Release Get:35 http://ppa.launchpad.net precise Release [11.9 kB] Hit http://archive.ubuntu.com precise/main TranslationIndex Hit http://archive.ubuntu.com precise/multiverse TranslationIndex Hit http://ppa.launchpad.net precise Release Hit http://archive.ubuntu.com precise/restricted TranslationIndex Get:36 http://ppa.launchpad.net precise Release [11.9 kB] Hit http://archive.ubuntu.com precise/universe TranslationIndex Get:37 http://ppa.launchpad.net precise Release [11.9 kB] Get:38 http://archive.ubuntu.com precise-updates/main i386 Packages [96.5 kB] Hit http://ppa.launchpad.net precise Release Get:39 http://ppa.launchpad.net precise Release [11.9 kB] Get:40 http://archive.ubuntu.com precise-updates/restricted i386 Packages [770 B] Hit http://ppa.launchpad.net precise Release Get:41 http://archive.ubuntu.com precise-updates/universe i386 Packages [27.7 kB] Get:42 http://ppa.launchpad.net precise/main Sources [524 B] Get:43 http://archive.ubuntu.com precise-updates/multiverse i386 Packages [1,393 B] Get:44 http://ppa.launchpad.net precise/main i386 Packages [507 B] Hit http://archive.ubuntu.com precise-updates/main TranslationIndex Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-updates/multiverse TranslationIndex Hit http://archive.ubuntu.com precise-updates/restricted TranslationIndex Get:45 http://ppa.launchpad.net precise/main Sources [932 B] Hit http://archive.ubuntu.com precise-updates/universe TranslationIndex Get:46 http://ppa.launchpad.net precise/main i386 Packages [1,017 B] Get:47 http://archive.ubuntu.com precise-backports/main i386 Packages [559 B] Ign http://ppa.launchpad.net precise/main TranslationIndex Get:48 http://archive.ubuntu.com precise-backports/restricted i386 Packages [14 B] Get:49 http://archive.ubuntu.com precise-backports/universe i386 Packages [1,391 B] Get:50 http://ppa.launchpad.net precise/main Sources [1,402 B] Get:51 http://archive.ubuntu.com precise-backports/multiverse i386 Packages [14 B] Hit http://archive.ubuntu.com precise-backports/main TranslationIndex Get:52 http://ppa.launchpad.net precise/main i386 Packages [1,605 B] Hit http://archive.ubuntu.com precise-backports/multiverse TranslationIndex Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-backports/restricted TranslationIndex Hit http://archive.ubuntu.com precise-backports/universe TranslationIndex Hit http://archive.ubuntu.com precise/main Translation-en Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise/multiverse Translation-en Get:53 http://ppa.launchpad.net precise/main Sources [931 B] Hit http://archive.ubuntu.com precise/restricted Translation-en Get:54 http://ppa.launchpad.net precise/main i386 Packages [1,079 B] Hit http://archive.ubuntu.com precise/universe Translation-en Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-updates/main Translation-en Hit http://ppa.launchpad.net precise/main Sources Hit http://archive.ubuntu.com precise-updates/multiverse Translation-en Hit http://ppa.launchpad.net precise/main i386 Packages Hit http://archive.ubuntu.com precise-updates/restricted Translation-en Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-updates/universe Translation-en Get:55 http://ppa.launchpad.net precise/main Sources [3,611 B] Hit http://archive.ubuntu.com precise-backports/main Translation-en Get:56 http://ppa.launchpad.net precise/main i386 Packages [2,468 B] Hit http://archive.ubuntu.com precise-backports/multiverse Translation-en Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-backports/restricted Translation-en Hit http://archive.ubuntu.com precise-backports/universe Translation-en Get:57 http://ppa.launchpad.net precise/main Sources [1,524 B] Get:58 http://ppa.launchpad.net precise/main i386 Packages [2,719 B] Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://ppa.launchpad.net precise/main Sources Hit http://ppa.launchpad.net precise/main i386 Packages Ign http://ppa.launchpad.net precise/main TranslationIndex Get:59 http://ppa.launchpad.net precise/main Sources [1,052 B] Get:60 http://ppa.launchpad.net precise/main i386 Packages [1,388 B] Ign http://ppa.launchpad.net precise/main TranslationIndex Get:61 http://ppa.launchpad.net precise/main Sources [1,185 B] Get:62 http://ppa.launchpad.net precise/main i386 Packages [1,698 B] Ign http://ppa.launchpad.net precise/main TranslationIndex Err http://ppa.launchpad.net precise/main Sources 404 Not Found Err http://ppa.launchpad.net precise/main i386 Packages 404 Not Found Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Fetched 6,699 kB in 15s (445 kB/s) Reading package lists... Done W: Failed to fetch http://dl.google.com/linux/talkplugin/deb/dists/stable/InRelease W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/partner/i18n/Translation-en_US Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/partner/i18n/Translation-en Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] W: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/sta

Read the article

12.04: Apt-Get Update: failure to fetch; can't connect to any sources

- by weberc2

I realize there are dozens of "apt-get update: failure to fetch" questions (I read through all I could find), but my present circumstance is unique to 12.04 and it affects all sources; not just launchpad. Additionally, I've tried several different servers in Europe and the U.S. as well as the "main server" (wherever that is) and they all yield the same result: I can't connect to any software sources. Additionally, I'm fairly certain the problem stems from the upgrade from 11.10-12.04 I performed this morning, as updates worked immediately before. Updates from the Update Manager worked fine and I could download some things (mutter) from the Software Center without incident, which makes me think I can connect to some subset of the Ubuntu servers (however, several other Ubuntu servers--like extras--and some canonical servers are listed as 'unable to connect'). Here is the output from sudo apt-get update: sudo apt-get update Ign http://ftp.u-picardie.fr precise InRelease Ign http://archive.canonical.com precise InRelease Ign http://ftp.u-picardie.fr precise-updates InRelease Ign http://ftp.u-picardie.fr precise-backports InRelease Err http://ftp.u-picardie.fr precise-security InRelease Err http://ftp.u-picardie.fr precise Release.gpg Unable to connect to ftp.u-picardie.fr:http: Err http://ftp.u-picardie.fr precise-updates Release.gpg Unable to connect to ftp.u-picardie.fr:http: Err http://ftp.u-picardie.fr precise-backports Release.gpg Unable to connect to ftp.u-picardie.fr:http: Err http://ftp.u-picardie.fr precise-security Release.gpg Unable to connect to ftp.u-picardie.fr:http: Hit http://archive.canonical.com precise Release.gpg Hit http://archive.canonical.com precise Release Hit http://archive.canonical.com precise/partner i386 Packages Ign http://archive.canonical.com precise/partner TranslationIndex Ign http://dl.google.com stable InRelease Ign http://dl.google.com stable InRelease Err http://archive.canonical.com precise/partner Translation-en_US Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] Err http://archive.canonical.com precise/partner Translation-en Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] Ign http://extras.ubuntu.com precise InRelease Get:1 http://dl.google.com stable Release.gpg [198 B] Err http://extras.ubuntu.com precise Release.gpg Could not connect to extras.ubuntu.com:80 (91.189.88.33). - connect (111: Connection refused) Ign http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Err http://ppa.launchpad.net precise InRelease Get:2 http://dl.google.com stable Release.gpg [198 B] Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Err http://ppa.launchpad.net precise Release.gpg Unable to connect to ppa.launchpad.net:http: Get:3 http://dl.google.com stable Release [1,347 B] Get:4 http://dl.google.com stable Release [1,347 B] Get:5 http://dl.google.com stable/main i386 Packages [1,268 B] Ign http://dl.google.com stable/main TranslationIndex Get:6 http://dl.google.com stable/main i386 Packages [769 B] Ign http://dl.google.com stable/main TranslationIndex Ign http://dl.google.com stable/main Translation-en_US Ign http://dl.google.com stable/main Translation-en Ign http://dl.google.com stable/main Translation-en_US Ign http://dl.google.com stable/main Translation-en Fetched 5,127 B in 7s (673 B/s) Reading package lists... Done W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise-security/InRelease W: Failed to fetch http://ppa.launchpad.net/elementary-os/stable/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/elementaryart/elementary-dev/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/midori/ppa/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/nemequ/sqlheavy/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/ricotz/docky/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/sgringwe/beatbox/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/webupd8team/y-ppa-manager/ubuntu/dists/precise/InRelease W: Failed to fetch http://ppa.launchpad.net/yorba/ppa/ubuntu/dists/precise/InRelease W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise/Release.gpg Unable to connect to ftp.u-picardie.fr:http: W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise-updates/Release.gpg Unable to connect to ftp.u-picardie.fr:http: W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise-backports/Release.gpg Unable to connect to ftp.u-picardie.fr:http: W: Failed to fetch http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/dists/precise-security/Release.gpg Unable to connect to ftp.u-picardie.fr:http: W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/partner/i18n/Translation-en_US Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/partner/i18n/Translation-en Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/precise/Release.gpg Could not connect to extras.ubuntu.com:80 (91.189.88.33). - connect (111: Connection refused) W: Failed to fetch http://ppa.launchpad.net/caffeine-developers/ppa/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/elementary-os/stable/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/elementaryart/elementary-dev/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/midori/ppa/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/nemequ/sqlheavy/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/ricotz/docky/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/sgringwe/beatbox/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/webupd8team/y-ppa-manager/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Failed to fetch http://ppa.launchpad.net/yorba/ppa/ubuntu/dists/precise/Release.gpg Unable to connect to ppa.launchpad.net:http: W: Some index files failed to download. They have been ignored, or old ones used instead. W: Duplicate sources.list entry http://ppa.launchpad.net/nemequ/sqlheavy/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/ppa.launchpad.net_nemequ_sqlheavy_ubuntu_dists_precise_main_binary-i386_Packages) W: Duplicate sources.list entry http://ppa.launchpad.net/sgringwe/beatbox/ubuntu/ precise/main i386 Packages (/var/lib/apt/lists/ppa.launchpad.net_sgringwe_beatbox_ubuntu_dists_precise_main_binary-i386_Packages) Contents of /etc/apt/sources.list: # deb cdrom:[Ubuntu 11.10 _Oneiric Ocelot_ - Release i386 (20111012)]/ oneiric main restricted deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise main restricted #Added by software-properties # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise main restricted deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise multiverse universe #Added by software-properties ## Major bug fix updates produced after the final release of the ## distribution. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-updates main restricted deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-updates restricted main multiverse universe #Added by software-properties ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise universe deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise multiverse deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-backports main restricted universe multiverse deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-backports main restricted universe multiverse #Added by software-properties deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-security main restricted deb-src http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-security restricted main multiverse universe #Added by software-properties deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-security universe deb http://ftp.u-picardie.fr/mirror/ubuntu/ubuntu/ precise-security multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu oneiric partner # deb-src http://archive.canonical.com/ubuntu oneiric partner ## This software is not part of Ubuntu, but is offered by third-party ## developers who want to ship their latest software. deb http://extras.ubuntu.com/ubuntu precise main deb-src http://extras.ubuntu.com/ubuntu precise main Testing Alternate sources.list file These are the steps I followed to produce the following output: Please backup your sources.list: sudo cp /etc/apt/sources.list /etc/apt/sources.list.backup and then replace the contents of /etc/apt/sources.list with the below lines and run apt-get update: deb http://archive.ubuntu.com/ubuntu/ precise main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu/ precise-updates main restricted universe multiverse deb http://archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse deb http://security.ubuntu.com/ubuntu precise-security main restricted universe multiverse deb http://archive.canonical.com/ubuntu precise partner deb http://extras.ubuntu.com/ubuntu precise main Output: someone@someone-UBook:~$ sudo apt-get update Ign http://archive.canonical.com precise InRelease Hit http://archive.canonical.com precise Release.gpg Hit http://archive.canonical.com precise Release Ign http://archive.ubuntu.com precise InRelease Ign http://extras.ubuntu.com precise InRelease Ign http://archive.ubuntu.com precise-updates InRelease Hit http://archive.canonical.com precise/partner i386 Packages Hit http://extras.ubuntu.com precise Release.gpg Ign http://archive.ubuntu.com precise-backports InRelease Ign http://archive.canonical.com precise/partner TranslationIndex Err http://archive.canonical.com precise/partner Translation-en_US Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] Err http://archive.canonical.com precise/partner Translation-en Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] Hit http://extras.ubuntu.com precise Release Get:1 http://archive.ubuntu.com precise Release.gpg [198 B] Ign http://dl.google.com stable InRelease Err http://dl.google.com stable InRelease Err http://dl.google.com stable Release.gpg Unable to connect to dl.google.com:http: [IP: 173.194.34.38 80] Err http://dl.google.com stable Release.gpg Unable to connect to dl.google.com:http: [IP: 173.194.34.38 80] Get:2 http://archive.ubuntu.com precise-updates Release.gpg [198 B] Hit http://extras.ubuntu.com precise/main i386 Packages Get:3 http://archive.ubuntu.com precise-backports Release.gpg [198 B] Ign http://security.ubuntu.com precise-security InRelease Ign http://extras.ubuntu.com precise/main TranslationIndex Err http://extras.ubuntu.com precise/main Translation-en_US Unable to connect to extras.ubuntu.com:http: Err http://extras.ubuntu.com precise/main Translation-en Unable to connect to extras.ubuntu.com:http: Get:4 http://security.ubuntu.com precise-security Release.gpg [198 B] Get:5 http://archive.ubuntu.com precise Release [49.6 kB] Get:6 http://security.ubuntu.com precise-security Release [49.6 kB] Get:7 http://archive.ubuntu.com precise-updates Release [49.6 kB] Get:8 http://archive.ubuntu.com precise-backports Release [49.6 kB] Get:9 http://security.ubuntu.com precise-security/main i386 Packages [32.9 kB] Get:10 http://archive.ubuntu.com precise/main i386 Packages [1,274 kB] Get:11 http://security.ubuntu.com precise-security/restricted i386 Packages [14 B] Get:12 http://security.ubuntu.com precise-security/universe i386 Packages [8,594 B] Get:13 http://security.ubuntu.com precise-security/multiverse i386 Packages [1,393 B] Get:14 http://security.ubuntu.com precise-security/main TranslationIndex [73 B] Get:15 http://security.ubuntu.com precise-security/multiverse TranslationIndex [71 B] Get:16 http://security.ubuntu.com precise-security/restricted TranslationIndex [70 B] Get:17 http://security.ubuntu.com precise-security/universe TranslationIndex [72 B] Get:18 http://security.ubuntu.com precise-security/main Translation-en [13.6 kB] Get:19 http://security.ubuntu.com precise-security/multiverse Translation-en [587 B] Get:20 http://security.ubuntu.com precise-security/restricted Translation-en [14 B] Get:21 http://security.ubuntu.com precise-security/universe Translation-en [6,261 B] Get:22 http://archive.ubuntu.com precise/restricted i386 Packages [8,431 B] Get:23 http://archive.ubuntu.com precise/universe i386 Packages [4,796 kB] Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Ign http://ppa.launchpad.net precise InRelease Get:24 http://ppa.launchpad.net precise Release.gpg [316 B] Get:25 http://ppa.launchpad.net precise Release.gpg [316 B] Get:26 http://ppa.launchpad.net precise Release.gpg [316 B] Ign http://ppa.launchpad.net precise Release.gpg Get:27 http://ppa.launchpad.net precise Release.gpg [316 B] Hit http://ppa.launchpad.net precise Release.gpg Get:28 http://ppa.launchpad.net precise Release.gpg [316 B] Get:29 http://ppa.launchpad.net precise Release.gpg [316 B] Hit http://ppa.launchpad.net precise Release.gpg Get:30 http://ppa.launchpad.net precise Release.gpg [316 B] Hit http://ppa.launchpad.net precise Release.gpg Get:31 http://ppa.launchpad.net precise Release [11.9 kB] Get:32 http://ppa.launchpad.net precise Release [11.9 kB] Get:33 http://archive.ubuntu.com precise/multiverse i386 Packages [121 kB] Get:34 http://ppa.launchpad.net precise Release [11.9 kB] Ign http://ppa.launchpad.net precise Release Get:35 http://ppa.launchpad.net precise Release [11.9 kB] Hit http://archive.ubuntu.com precise/main TranslationIndex Hit http://archive.ubuntu.com precise/multiverse TranslationIndex Hit http://ppa.launchpad.net precise Release Hit http://archive.ubuntu.com precise/restricted TranslationIndex Get:36 http://ppa.launchpad.net precise Release [11.9 kB] Hit http://archive.ubuntu.com precise/universe TranslationIndex Get:37 http://ppa.launchpad.net precise Release [11.9 kB] Get:38 http://archive.ubuntu.com precise-updates/main i386 Packages [96.5 kB] Hit http://ppa.launchpad.net precise Release Get:39 http://ppa.launchpad.net precise Release [11.9 kB] Get:40 http://archive.ubuntu.com precise-updates/restricted i386 Packages [770 B] Hit http://ppa.launchpad.net precise Release Get:41 http://archive.ubuntu.com precise-updates/universe i386 Packages [27.7 kB] Get:42 http://ppa.launchpad.net precise/main Sources [524 B] Get:43 http://archive.ubuntu.com precise-updates/multiverse i386 Packages [1,393 B] Get:44 http://ppa.launchpad.net precise/main i386 Packages [507 B] Hit http://archive.ubuntu.com precise-updates/main TranslationIndex Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-updates/multiverse TranslationIndex Hit http://archive.ubuntu.com precise-updates/restricted TranslationIndex Get:45 http://ppa.launchpad.net precise/main Sources [932 B] Hit http://archive.ubuntu.com precise-updates/universe TranslationIndex Get:46 http://ppa.launchpad.net precise/main i386 Packages [1,017 B] Get:47 http://archive.ubuntu.com precise-backports/main i386 Packages [559 B] Ign http://ppa.launchpad.net precise/main TranslationIndex Get:48 http://archive.ubuntu.com precise-backports/restricted i386 Packages [14 B] Get:49 http://archive.ubuntu.com precise-backports/universe i386 Packages [1,391 B] Get:50 http://ppa.launchpad.net precise/main Sources [1,402 B] Get:51 http://archive.ubuntu.com precise-backports/multiverse i386 Packages [14 B] Hit http://archive.ubuntu.com precise-backports/main TranslationIndex Get:52 http://ppa.launchpad.net precise/main i386 Packages [1,605 B] Hit http://archive.ubuntu.com precise-backports/multiverse TranslationIndex Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-backports/restricted TranslationIndex Hit http://archive.ubuntu.com precise-backports/universe TranslationIndex Hit http://archive.ubuntu.com precise/main Translation-en Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise/multiverse Translation-en Get:53 http://ppa.launchpad.net precise/main Sources [931 B] Hit http://archive.ubuntu.com precise/restricted Translation-en Get:54 http://ppa.launchpad.net precise/main i386 Packages [1,079 B] Hit http://archive.ubuntu.com precise/universe Translation-en Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-updates/main Translation-en Hit http://ppa.launchpad.net precise/main Sources Hit http://archive.ubuntu.com precise-updates/multiverse Translation-en Hit http://ppa.launchpad.net precise/main i386 Packages Hit http://archive.ubuntu.com precise-updates/restricted Translation-en Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-updates/universe Translation-en Get:55 http://ppa.launchpad.net precise/main Sources [3,611 B] Hit http://archive.ubuntu.com precise-backports/main Translation-en Get:56 http://ppa.launchpad.net precise/main i386 Packages [2,468 B] Hit http://archive.ubuntu.com precise-backports/multiverse Translation-en Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://archive.ubuntu.com precise-backports/restricted Translation-en Hit http://archive.ubuntu.com precise-backports/universe Translation-en Get:57 http://ppa.launchpad.net precise/main Sources [1,524 B] Get:58 http://ppa.launchpad.net precise/main i386 Packages [2,719 B] Ign http://ppa.launchpad.net precise/main TranslationIndex Hit http://ppa.launchpad.net precise/main Sources Hit http://ppa.launchpad.net precise/main i386 Packages Ign http://ppa.launchpad.net precise/main TranslationIndex Get:59 http://ppa.launchpad.net precise/main Sources [1,052 B] Get:60 http://ppa.launchpad.net precise/main i386 Packages [1,388 B] Ign http://ppa.launchpad.net precise/main TranslationIndex Get:61 http://ppa.launchpad.net precise/main Sources [1,185 B] Get:62 http://ppa.launchpad.net precise/main i386 Packages [1,698 B] Ign http://ppa.launchpad.net precise/main TranslationIndex Err http://ppa.launchpad.net precise/main Sources 404 Not Found Err http://ppa.launchpad.net precise/main i386 Packages 404 Not Found Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Ign http://ppa.launchpad.net precise/main Translation-en_US Ign http://ppa.launchpad.net precise/main Translation-en Fetched 6,699 kB in 15s (445 kB/s) Reading package lists... Done W: Failed to fetch http://dl.google.com/linux/talkplugin/deb/dists/stable/InRelease W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/partner/i18n/Translation-en_US Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] W: Failed to fetch http://archive.canonical.com/ubuntu/dists/precise/partner/i18n/Translation-en Unable to connect to archive.canonical.com:http: [IP: 91.189.92.150 80] W: Failed to fetch http://dl.google.com/linux/chrome/deb/dists/sta

Read the article

Ports do not open after rules appended in iptables

- by user2699451

I have a server that I am trying to setup for OpenVPN. I have followed all the steps, but I see that when I try to connect to it in Windows, it doesn't allow me, it just hangs on connecting, so I did a nmap scan and I see that port 1194 is not open so naturally I append the rule to open 1194 with: iptables -A INPUT -i eth0 -p tcp --dport 1194 -j ACCEPT followed by service iptables save and service iptables restart which all executed successfully. Then I try again, but it doesn't work and another nmap scan says that port 1194 is closed. Here is the iptables configuration: # Generated by iptables-save v1.4.7 on Thu Oct 31 09:47:38 2013 *nat :PREROUTING ACCEPT [27410:3091993] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [5042:376160] -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE -A POSTROUTING -o eth0 -j MASQUERADE -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE -A POSTROUTING -j SNAT --to-source 41.185.26.238 -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE COMMIT # Completed on Thu Oct 31 09:47:38 2013 # Generated by iptables-save v1.4.7 on Thu Oct 31 09:47:38 2013 *filter :INPUT ACCEPT [23571:2869068] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [27558:3656524] :vl - [0:0] -A INPUT -p tcp -m tcp --dport 5252 -m comment --comment "SSH Secure" -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -m state --state NEW,RELATED,ESTABLISHED -$ -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -m comment --comment "SSH" -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -m comment --comment "HTTP" -j ACCEPT -A INPUT -p tcp -m tcp --dport 8080 -m comment --comment "HTTPS" -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -m comment --comment "HTTP Encrypted" -j ACCEP$ -A INPUT -i eth0 -p tcp -m tcp --dport 1723 -j ACCEPT -A INPUT -i eth0 -p gre -j ACCEPT -A INPUT -p udp -m udp --dport 1194 -j ACCEPT -A FORWARD -i ppp+ -o eth0 -j ACCEPT -A FORWARD -i eth0 -o ppp+ -j ACCEPT -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -s 10.8.0.0/24 -j ACCEPT -A FORWARD -j REJECT --reject-with icmp-port-unreachable -A OUTPUT -p icmp -m icmp --icmp-type 0 -m state --state RELATED,ESTABLISHED -j A$ COMMIT # Completed on Thu Oct 31 09:47:38 2013 and my nmap scan from: localhost: nmap localhost Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-31 09:53 SAST Nmap scan report for localhost (127.0.0.1) Host is up (0.000011s latency). Other addresses for localhost (not scanned): 127.0.0.1 Not shown: 996 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 443/tcp open https 1723/tcp open pptp Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds remote pc: nmap [server ip] Starting Nmap 6.00 ( http://nmap.org ) at 2013-10-31 09:53 SAST Nmap scan report for rla04-nix1.wadns.net (41.185.26.238) Host is up (0.025s latency). Not shown: 858 filtered ports, 139 closed ports PORT STATE SERVICE 22/tcp open ssh 443/tcp open https 8008/tcp open http Nmap done: 1 IP address (1 host up) scanned in 15.70 seconds So, I do not know what is causing this, any assistance will be appreciated! UPDATE AFTER FIRST ANSWER::: [root@RLA04-NIX1 ~]# iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT [root@RLA04-NIX1 ~]# iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT [root@RLA04-NIX1 ~]# iptables -A FORWARD -j REJECT [root@RLA04-NIX1 ~]# iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE [root@RLA04-NIX1 ~]# service iptables save iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ] [root@RLA04-NIX1 ~]# service iptables restart iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter nat [ OK ] iptables: Unloading modules: [ OK ] iptables: Applying firewall rules: [ OK ] [root@RLA04-NIX1 ~]# lsof -i :1194 -bash: lsof: command not found iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5252 /* SSH Secure */ ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 state NEW,RELATED,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 /* SSH */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 /* HTTP */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 /* HTTPS */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 /* HTTP Encrypted */ ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723 ACCEPT 47 -- 0.0.0.0/0 0.0.0.0/0 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1194 Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT all -- 10.8.0.0/24 0.0.0.0/0 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT all -- 10.8.0.0/24 0.0.0.0/0 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 state RELATED,ESTABLISHED Chain vl (0 references) target prot opt source destination [root@RLA04-NIX1 ~]# nmap localhostt Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-31 11:13 SAST remote pc nmap [server ip] Starting Nmap 6.00 ( http://nmap.org ) at 2013-10-31 11:11 SAST Nmap scan report for rla04-nix1.wadns.net (41.185.26.238) Host is up (0.020s latency). Not shown: 858 filtered ports, 139 closed ports PORT STATE SERVICE 22/tcp open ssh 443/tcp open https 8008/tcp open http Nmap done: 1 IP address (1 host up) scanned in 4.18 seconds localhost nmap localhost Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-31 11:13 SAST Nmap scan report for localhost (127.0.0.1) Host is up (0.000011s latency). Other addresses for localhost (not scanned): 127.0.0.1 Not shown: 996 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 443/tcp open https 1723/tcp open pptp Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds UPDATE AFTER SCANNING UDP PORTS Sorry, I am noob, I am still learning, but here is the output for: nmap -sU [server ip] Starting Nmap 6.00 ( http://nmap.org ) at 2013-10-31 11:33 SAST Nmap scan report for [server address] ([server ip]) Host is up (0.021s latency). Not shown: 997 open|filtered ports PORT STATE SERVICE 53/udp closed domain 123/udp closed ntp 33459/udp closed unknown Nmap done: 1 IP address (1 host up) scanned in 8.57 seconds btw, no changes have been made since post started (except for iptables changes)

Read the article

ASA 5505 Vlan question

- by Wayne

I am setting up a cisco asa 5505 with the base license. I can communicate from inside-outside, outside-inside, inside-home, which is my desired traffic security. I can get http, ssh, and other access from inside-home, but I can't ping from inside-home (192.168.110.0 host to 192.168.7.1 or 192.168.7.0 host). Can someone explain. My config is listed below interface Vlan1 nameif inside security-level 100 ip address 192.168.110.254 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 pppoe client vpdn group birdie ip address removedIP 255.255.255.255 pppoe ! interface Vlan3 no forward interface Vlan1 nameif home security-level 50 ip address 192.168.7.1 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 switchport access vlan 3 ! interface Ethernet0/5 shutdown ! interface Ethernet0/6 shutdown ! interface Ethernet0/7 shutdown ! ftp mode passive clock timezone EST -5 clock summer-time EDT recurring access-list Outside-In extended permit icmp any any access-list Outside-In extended permit tcp any any eq www access-list Outside-In extended permit tcp any any eq https access-list Outside-In extended permit tcp any any eq 5969 access-list inside_nat0_outbound extended permit ip any 192.168.111.0 255.255.255.224 access-list standardUser_splitTunnelAcl1 extended permit ip 192.168.111.0 255.255.255.0 any access-list standardUser_splitTunnelAcl1 extended permit ip 192.168.110.0 255.255.255.0 any access-list inside_in extended permit icmp any any access-list inside_in extended permit ip any any access-list home_in extended permit icmp any any access-list home_in extended permit ip any any pager lines 24 logging enable logging asdm informational mtu inside 1492 mtu outside 1492 mtu home 1500 ip local pool vpnuser 192.168.111.5-192.168.111.20 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-524.bin no asdm history enable arp timeout 14400 nat-control global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 nat (home) 1 192.168.7.0 255.255.255.0 static (inside,outside) tcp interface https 192.168.110.6 https netmask 255.255.255.255 static (inside,outside) tcp interface www 192.168.110.6 www netmask 255.255.255.255 static (inside,outside) tcp interface 5969 192.168.110.12 5969 netmask 255.255.255.255 static (inside,home) 192.168.110.0 192.168.110.0 netmask 255.255.255.0 access-group inside_in in interface inside access-group Outside-In in interface outside access-group home_in in interface home route outside 0.0.0.0 0.0.0.0 RemovedIP 1

Read the article

Should the hostname of my VPS point to the dedi IP of my Domain or to to a shared one used for new account creation?

- by thomas

I leased a VPS which I want to use to sell shared hosting. 3 IPs - I call them A, B and C here for simplicity. Actual setup is: A=NS1.mydomain.com; host.mydomain.com and is used to set-up new accounts in shared environment B=NS2.mydomain.com C=dedicated IP for mydomain.com (SSL secured) The more I read about DNS, the more I get confused; thus my question: Is this configuration "Good Practice", especially the hostname pointing to A rather than to C? And what would be a better alternative?

Read the article

Infinite sharing system (PHP/MySQLi)

- by Toine Lille

I'm working on a discount system for whichever customer shares a product and brings in new customers. Each unique visit = $0.05 off, each new customer = $0.50 off (it's a cheap product so yeah, no big numbers). When a new customer shares the site, the customer initially responsible for the new customer (if any) will get half of the new customer's discount as well. The initial customer would get a fourth for the next level and the new customer half of that, etc, creating a tree or pyramid that way that could be infinite. Initial customer ($1.35 discount: 2 new+3 visits + half of 1 new+2 visits) Visitor ($0) Visitor ($0) New customer ($0.60) Visitor ($0) Visitor ($0) Newer customer ($0) New customer ($0) Visitor ($0) The customers are saved along with their IP addresses (bin2hex(inet_pton)) in a database table (customers) with info like a unique id, e-mail address and first date/time the purchased a product (= time of registration). The shares are saved in a separate table within the same database (sharing). Each unique IP addresses that visits the site creates a new row featuring the IP address (also saved as bin2hex(inet_pton)), the id of the customer who shared it and the date/time of the visit. Sharing goes via URL, featuring a GET element containing the customer's id. Visits and new customers overlap, as visits will always occur before the new customer does. That's fine. The date/times are used just to make it a little more secure (I also use the IP along with cookies to see if people cheat the system). If an IP is already in the sharing or customer tables, it does not count and will not create a new entry. Now the problem is, how to make the infinity happen and apply the different values to it? That's all I'd need to know. It needs to calculate the discount for each customer separately, but also allow for monitoring altogether (though that's just a matter of passing all ID's through it). I figured I'd start (after the database connection) with $stmt = $con->prepare('SELECT ip,datetime FROM sharing WHERE sender=?'); $stmt->bind_param('i',$customerid); $stmt->execute(); $stmt->store_result(); $discount = $discount + ($stmt->num_rows * 0.05); $stmt->bind_result($ip,$timeofsharing); to translate all the visits to $0.05 of discount each. To check for the new customers that came from these visits, I wrote the following: while ($sql->fetch()) { $stmt2 = $con->prepare("SELECT datetime FROM users WHERE ip=?"); $stmt2->bind_param('s',$ip); $stmt2->execute(); $stmt2->store_result(); $stmt2->bind_result($timeofpurchase); Followed by a little more security comparing the datetimes: while ($stmt2->fetch()) { if (strtotime($timeofpurchase) < strtotime($timeofsharing)) { $discount = $discount + $0.50; } But this is just for the initial customer's direct results. If I'd want to check for the next level, I'd basically have to put the exact same check and loop in itself, checking each new customer the initial customer they brought to the site, and then for the next level again to check all of the newer customers, etc, etc. What to do? / Where to go? / What would be the correct practice for this? Thanks!

Read the article

Communication Between Your PC and Azure VM via Windows Azure Connect

- by Shaun

With the new release of the Windows Azure platform there are a lot of new features available. In my previous post I introduced a little bit about one of them, the remote desktop access to azure virtual machine. Now I would like to talk about another cool stuff – Windows Azure Connect. What’s Windows Azure Connect I would like to quote the definition of the Windows Azure Connect in MSDN With Windows Azure Connect, you can use a simple user interface to configure IP-sec protected connections between computers or virtual machines (VMs) in your organization’s network, and roles running in Windows Azure. IP-sec protects communications over Internet Protocol (IP) networks through the use of cryptographic security services. There’s an image available at the MSDN as well that I would like to forward here As we can see, using the Windows Azure Connect the Worker Role 1 and Web Role 1 are connected with the development machines and database servers which some of them are inside the organization some are not. With the Windows Azure Connect, the roles deployed on the cloud could consume the resource which located inside our Intranet or anywhere in the world. That means the roles can connect to the local database, access the local shared resource such as share files, folders and printers, etc. Difference between Windows Azure Connect and AppFabric It seems that the Windows Azure Connect are duplicated with the Windows Azure AppFabric. Both of them are aiming to solve the problem on how to communication between the resource in the cloud and inside the local network. The table below lists the differences in my understanding. Category Windows Azure Connect Windows Azure AppFabric Purpose An IP-sec connection between the local machines and azure roles. An application service running on the cloud. Connectivity IP-sec, Domain-joint Net Tcp, Http, Https Components Windows Azure Connect Driver Service Bus, Access Control, Caching Usage Azure roles connect to local database server Azure roles use local shared files, folders and printers, etc. Azure roles join the local AD. Expose the local service to Internet. Move the authorization process to the cloud. Integrate with existing identities such as Live ID, Google ID, etc. with existing local services. Utilize the distributed cache. And also some scenarios on which of them should be used. Scenario Connect AppFabric I have a service deployed in the Intranet and I want the people can use it from the Internet. Y I have a website deployed on Azure and need to use a database which deployed inside the company. And I don’t want to expose the database to the Internet. Y I have a service deployed in the Intranet and is using AD authorization. I have a website deployed on Azure which needs to use this service. Y I have a service deployed in the Intranet and some people on the Internet can use it but need to be authorized and authenticated. Y I have a service in Intranet, and a website deployed on Azure. This service can be used from Internet and that website should be able to use it as well by AD authorization for more functionalities. Y Y How to Enable Windows Azure Connect OK we talked a lot information about the Windows Azure Connect and differences with the Windows Azure AppFabric. Now let’s see how to enable and use the Windows Azure Connect. First of all, since this feature is in CTP stage we should apply before use it. On the Windows Azure Portal we can see our CTP features status under Home, Beta Program page. You can send the apply to join the Beta Programs to Microsoft in this page. After a few days the Microsoft will send an email to you (the email of your Live ID) when it’s available. In my case we can see that the Windows Azure Connect had been activated by Microsoft and then we can click the Connect button on top, or we can click the Virtual Network item from the left navigation bar. The first thing we need, if it’s our first time to enter the Connect page, is to enable the Windows Azure Connect. After that we can see our Windows Azure Connect information in this page. Add a Local Machine to Azure Connect As we explained below the Windows Azure Connect can make an IP-sec connection between the local machines and azure role instances. So that we firstly add a local machine into our Azure Connect. To do this we will click the Install Local Endpoint button on top and then the portal will give us an URL. Copy this URL to the machine we want to add and it will download the software to us. This software will be installed in the local machines which we want to join the Connect. After installed there will be a tray-icon appeared to indicate this machine had been joint our Connect. The local application will be refreshed to the Windows Azure Platform every 5 minutes but we can click the Refresh button to let it retrieve the latest status at once. Currently my local machine is ready for connect and we can see my machine in the Windows Azure Portal if we switched back to the portal and selected back Activated Endpoints node. Add a Windows Azure Role to Azure Connect Let’s create a very simple azure project with a basic ASP.NET web role inside. To make it available on Windows Azure Connect we will open the azure project property of this role from the solution explorer in the Visual Studio, and select the Virtual Network tab, check the Activate Windows Azure Connect. The next step is to get the activation token from the Windows Azure Portal. In the same page there is a button named Get Activation Token. Click this button then the portal will display the token to me. We copied this token and pasted to the box in the Visual Studio tab. Then we deployed this application to azure. After completed the deployment we can see the role instance was listed in the Windows Azure Portal - Virtual Connect section. Establish the Connect Group The final task is to create a connect group which contains the machines and role instances need to be connected each other. This can be done in the portal very easy. The machines and instances will NOT be connected until we created the group for them. The machines and instances can be used in one or more groups. In the Virtual Connect section click the Groups and Roles node from the left side navigation bar and clicked the Create Group button on top. This will bring up a dialog to us. What we need to do is to specify a group name, description; and then we need to select the local computers and azure role instances into this group. After the Azure Fabric updated the group setting we can see the groups and the endpoints in the page. And if we switch back to the local machine we can see that the tray-icon have been changed and the status turned connected. The Windows Azure Connect will update the group information every 5 minutes. If you find the status was still in Disconnected please right-click the tray-icon and select the Refresh menu to retrieve the latest group policy to make it connected. Test the Azure Connect between the Local Machine and the Azure Role Instance Now our local machine and azure role instance had been connected. This means each of them can communication to others in IP level. For example we can open the SQL Server port so that our azure role can connect to it by using the machine name or the IP address. The Windows Azure Connect uses IPv6 to connect between the local machines and role instances. You can get the IP address from the Windows Azure Portal Virtual Network section when select an endpoint. I don’t want to take a full example for how to use the Connect but would like to have two very simple tests. The first one would be PING. When a local machine and role instance are connected through the Windows Azure Connect we can PING any of them if we opened the ICMP protocol in the Filewall setting. To do this we need to run a command line before test. Open the command window on the local machine and the role instance, execute the command as following netsh advfirewall firewall add rule name="ICMPv6" dir=in action=allow enable=yes protocol=icmpv6 Thanks to Jason Chen, Patriek van Dorp, Anton Staykov and Steve Marx, they helped me to enable the ICMPv6 setting. For the full discussion we made please visit here. You can use the Remote Desktop Access feature to logon the azure role instance. Please refer my previous blog post to get to know how to use the Remote Desktop Access in Windows Azure. Then we can PING the machine or the role instance by specifying its name. Below is the screen I PING my local machine from my azure instance. We can use the IPv6 address to PING each other as well. Like the image following I PING to my role instance from my local machine thought the IPv6 address. Another example I would like to demonstrate here is folder sharing. I shared a folder in my local machine and then if we logged on the role instance we can see the folder content from the file explorer window. Summary In this blog post I introduced about another new feature – Windows Azure Connect. With this feature our local resources and role instances (virtual machines) can be connected to each other. In this way we can make our azure application using our local stuff such as database servers, printers, etc. without expose them to Internet. Hope this helps, Shaun All documents and related graphics, codes are provided "AS IS" without warranty of any kind. Copyright © Shaun Ziyan Xu. This work is licensed under the Creative Commons License.

Read the article

Oracle Solaris Zones Physical to virtual (P2V)

- by user939057

IntroductionThis document describes the process of creating and installing a Solaris 10 image build from physical system and migrate it into a virtualized operating system environment using the Oracle Solaris 10 Zones Physical-to-Virtual (P2V) capability.Using an example and various scenarios, this paper describes how to take advantage of theOracle Solaris 10 Zones Physical-to-Virtual (P2V) capability with other Oracle Solaris features to optimize performance using the Solaris 10 resource management advanced storage management using Solaris ZFS plus improving operating system visibility with Solaris DTrace. The most common use for this tool is when performing consolidation of existing systems onto virtualization enabled platforms, in addition to that we can use the Physical-to-Virtual (P2V) capability for other tasks for example backup your physical system and move them into virtualized operating system environment hosted on the Disaster Recovery (DR) site another option can be building an Oracle Solaris 10 image repository with various configuration and a different software packages in order to reduce provisioning time.Oracle Solaris ZonesOracle Solaris Zones is a virtualization and partitioning technology supported on Oracle Sun servers powered by SPARC and Intel processors.This technology provides an isolated and secure environment for running applications. A zone is a virtualized operating system environment created within a single instance of the Solaris 10 Operating System.Each virtual system is called a zone and runs a unique and distinct copy of the Solaris 10 operating system.Oracle Solaris Zones Physical-to-Virtual (P2V)A new feature for Solaris 10 9/10.This feature provides the ability to build a Solaris 10 images from physical system and migrate it into a virtualized operating system environmentThere are three main steps using this tool1. Image creation on the source system, this image includes the operating system and optionally the software in which we want to include within the image. 2. Preparing the target system by configuring a new zone that will host the new image.3. Image installation on the target system using the image we created on step 1. The host, where the image is built, is referred to as the source system and the host, where theimage is installed, is referred to as the target system. Benefits of Oracle Solaris Zones Physical-to-Virtual (P2V)Here are some benefits of this new feature: Simple- easy build process using Oracle Solaris 10 built-in commands. Robust- based on Oracle Solaris Zones a robust and well known virtualization technology. Flexible- support migration between V series servers into T or -M-series systems.For the latest server information, refer to the Sun Servers web page. PrerequisitesThe target Oracle Solaris system should be running the latest version of the patching patch cluster. and the minimum Solaris version on the target system should be Solaris 10 9/10.Refer to the latest Administration Guide for Oracle Solaris for a complete procedure on how todownload and install Oracle Solaris. NOTE: If the source system that used to build the image is an older version then the targetsystem, then during the process, the operating system will be upgraded to Solaris 10 9/10(update on attach).Creating the Image Used to distribute the software.We will create an image on the source machine. We can create the image on the local file system and then transfer it to the target machine, or build it into a NFS shared storage andmount the NFS file system from the target machine.Optional before creating the image we need to complete the software installation that we want to include with the Solaris 10 image.An image is created by using the flarcreate command:Source # flarcreate -S -n s10-system -L cpio /var/tmp/solaris_10_up9.flarThe command does the following: -S specifies that we skip the disk space check and do not write archive size data to the archive (faster). -n specifies the image name. -L specifies the archive format (i.e cpio). Optionally, we can add descriptions to the archive identification section, which can help to identify the archive later.Source # flarcreate -S -n s10-system -e "Oracle Solaris with Oracle DB10.2.0.4" -a "oracle" -L cpio /var/tmp/solaris_10_up9.flarYou can see example of the archive identification section in Appendix A: archive identification section.We can compress the flar image using the gzip command or adding the -c option to the flarcreate commandSource # gzip /var/tmp/solaris_10_up9.flarAn md5 checksum can be created for the image in order to ensure no data tamperingSource # digest -v -a md5 /var/tmp/solaris_10_up9.flar Moving the image into the target system.If we created the image on the local file system, we need to transfer the flar archive from the source machine to the target machine.Source # scp /var/tmp/solaris_10_up9.flar target:/var/tmpConfiguring the Zone on the target systemAfter copying the software to the target machine, we need to configure a new zone in order to host the new image on that zone.To install the new zone on the target machine, first we need to configure the zone (for the full zone creation options see the following link: http://docs.oracle.com/cd/E18752_01/html/817-1592/index.html )ZFS integrationA flash archive can be created on a system that is running a UFS or a ZFS root file system.NOTE: If you create a Solaris Flash archive of a Solaris 10 system that has a ZFS root, then bydefault, the flar will actually be a ZFS send stream, which can be used to recreate the root pool.This image cannot be used to install a zone. You must create the flar with an explicit cpio or paxarchive when the system has a ZFS root.Use the flarcreate command with the -L archiver option, specifying cpio or pax as themethod to archive the files. (For example, see Step 1 in the previous section).Optionally, on the target system you can create the zone root folder on a ZFS file system inorder to benefit from the ZFS features (clones, snapshots, etc...).Target # zpool create zones c2t2d0 Create the zone root folder:Target # chmod 700 /zones Target # zonecfg -z solaris10-up9-zonesolaris10-up9-zone: No such zone configuredUse 'create' to begin configuring a new zone.zonecfg:solaris10-up9-zone> createzonecfg:solaris10-up9-zone> set zonepath=/zoneszonecfg:solaris10-up9-zone> set autoboot=truezonecfg:solaris10-up9-zone> add netzonecfg:solaris10-up9-zone:net> set address=192.168.0.1zonecfg:solaris10-up9-zone:net> set physical=nxge0zonecfg:solaris10-up9-zone:net> endzonecfg:solaris10-up9-zone> verifyzonecfg:solaris10-up9-zone> commitzonecfg:solaris10-up9-zone> exit Installing the Zone on the target system using the imageInstall the configured zone solaris10-up9-zone by using the zoneadm command with the install -a option and the path to the archive.The following example shows how to create an Image and sys-unconfig the zone.Target # zoneadm -z solaris10-up9-zone install -u -a/var/tmp/solaris_10_up9.flarLog File: /var/tmp/solaris10-up9-zone.install_log.AJaGveInstalling: This may take several minutes...The following example shows how we can preserve system identity.Target # zoneadm -z solaris10-up9-zone install -p -a /var/tmp/solaris_10_up9.flar Resource management Some applications are sensitive to the number of CPUs on the target Zone. You need tomatch the number of CPUs on the Zone using the zonecfg command:zonecfg:solaris10-up9-zone>add dedicated-cpuzonecfg:solaris10-up9-zone> set ncpus=16DTrace integrationSome applications might need to be analyzing using DTrace on the target zone, you canadd DTrace support on the zone using the zonecfg command:zonecfg:solaris10-up9-zone>setlimitpriv="default,dtrace_proc,dtrace_user" Exclusive IP stack An Oracle Solaris Container running in Oracle Solaris 10 can have a shared IP stack with the global zone, or it can have an exclusive IP stack (which was released in Oracle Solaris 10 8/07). An exclusive IP stack provides a complete, tunable, manageable and independent networking stack to each zone. A zone with an exclusive IP stack can configure Scalable TCP (STCP), IP routing, IP multipathing, or IPsec. For an example of how to configure an Oracle Solaris zone with an exclusive IP stack, see the following example zonecfg:solaris10-up9-zone set ip-type=exclusivezonecfg:solaris10-up9-zone> add netzonecfg:solaris10-up9-zone> set physical=nxge0 When the installation completes, use the zoneadm list -i -v options to list the installedzones and verify the status.Target # zoneadm list -i -vSee that the new Zone status is installedID NAME STATUS PATH BRAND IP0 global running / native shared- solaris10-up9-zone installed /zones native sharedNow boot the ZoneTarget # zoneadm -z solaris10-up9-zone bootWe need to login into the Zone order to complete the zone set up or insert a sysidcfg file beforebooting the zone for the first time see example for sysidcfg file in Appendix B: sysidcfg filesectionTarget # zlogin -C solaris10-up9-zoneTroubleshootingIf an installation fails, review the log file. On success, the log file is in /var/log inside the zone. Onfailure, the log file is in /var/tmp in the global zone.If a zone installation is interrupted or fails, the zone is left in the incomplete state. Use uninstall -F to reset the zone to the configured state.Target # zoneadm -z solaris10-up9-zone uninstall -FTarget # zonecfg -z solaris10-up9-zone delete -FConclusionOracle Solaris Zones P2V tool provides the flexibility to build pre-configuredimages with different software configuration for faster deployment and server consolidation.In this document, I demonstrated how to build and install images and to integrate the images with other Oracle Solaris features like ZFS and DTrace.Appendix A: archive identification sectionWe can use the head -n 20 /var/tmp/solaris_10_up9.flar command in order to access theidentification section that contains the detailed description.Target # head -n 20 /var/tmp/solaris_10_up9.flarFlAsH-aRcHiVe-2.0section_begin=identificationarchive_id=e4469ee97c3f30699d608b20a36011befiles_archived_method=cpiocreation_date=20100901160827creation_master=mdet5140-1content_name=s10-systemcreation_node=mdet5140-1creation_hardware_class=sun4vcreation_platform=SUNW,T5140creation_processor=sparccreation_release=5.10creation_os_name=SunOScreation_os_version=Generic_142909-16files_compressed_method=nonecontent_architectures=sun4vtype=FULLsection_end=identificationsection_begin=predeploymentbegin 755 predeployment.cpio.ZAppendix B: sysidcfg file sectionTarget # cat sysidcfgsystem_locale=Ctimezone=US/Pacificterminal=xtermssecurity_policy=NONEroot_password=HsABA7Dt/0sXXtimeserver=localhostname_service=NONEnetwork_interface=primary {hostname= solaris10-up9-zonenetmask=255.255.255.0protocol_ipv6=nodefault_route=192.168.0.1}name_service=NONEnfs4_domain=dynamicWe need to copy this file before booting the zoneTarget # cp sysidcfg /zones/solaris10-up9-zone/root/etc/

Read the article

ARM TechCon 2013: Oracle, ARM expand collaboration on servers, Internet of Things

- by Henrik Stahl

If you have been following Java news, you are already aware of the fact that there has been a lot of investment in Java for ARM-based devices and servers over the last couple of years (news, more news, even more, and lots more). We have released Java ME Embedded binaries for ARM Cortex-M micro controllers, Java SE Embedded for ARM application processors, and a port of the Oracle JDK for ARM-based servers. We have been making Java available to the Beagleboard, Raspberry Pi and Lego Mindstorms/LeJOS communities and worked with them and the Java User Groups to evangelize Java as a great development environment for IoT devices. We have announced commercial relationships with Freescale, Qualcomm, Gemalto M2M, SIMCom to name a few. ARM and Freescale on their side have joined the JCP, recently been voted in as members of the Executive Committee, and have worked with Oracle to evangelize Java in their ecosystem. It is with this background, Nandini Ramani, Vice President, Java Platform at Oracle, announced a expanded collaboration with ARM in a TechCon 2013 keynote titled "Enabling Compelling Services for IoT". To summarize the announcement: ARM and Oracle will work together on interoperability between the ARM Sensinode communications stack (based on CoAP, DTLS and 6LoWPAN) and Oracle's Java ME, Java SE and middleware products. ARM will donate the Sensinode CoAP protocol engine to OpenJDK to stimulate broad adoption of the CoAP protocol, and work with Oracle to extend the relevant Java specifications with CoAP support. CoAP (Constrained Application Protocol) is an IETF specification that provides a low-bandwidth request/response protocol suitable for IoT applications. ARM will work with Oracle and Freescale to enable the mbed Hardware Abstraction Layer (HAL) to act as a portability layer for Java ME Embedded. Oracle will enable mbed as a tier one platform for Java ME Embedded. Over time, this effort will allow any mbed-enabled platforms (mostly based on Cortex-M microcontrollers) to work with off the shelf Java ME Embedded binaries, extending the reach of Java ME into IoT edge nodes. In Nandini's keynote, Oracle showed a roadmap to port the Oracle JDK for Linux on 64-bit ARMv8 servers in the 2015 time frame, preceded by an extended early access program. We expect this binary to have full feature parity with Oracle JDK on other platforms, and be available under the same royalty-free license. This effort has been going on for some time, but is now accelerated due to availability of hardware from Applied Micro. Oracle will be working with Applied Micro on the ARMv8 port, and on optimizing Java for their X-Gene products. Oracle and ARM will work closely on IoT architecture, and on evangelizing Java on ARM for both servers and IoT devices. These announcements reinforce Java's position as a first-class citizen in the ARM ecosystem, and signal a commitment from us to collaborate on driving standards and open ecosystem for the Internet of Things. If you are active in this area and not already in touch with us, or interested in learning more - please reach out to us!

Read the article

Introducción a ENUM (E.164 Number Mapping)

- by raul.goycoolea

E.164 Number Mapping (ENUM o Enum) se diseñó para resolver la cuestión de como se pueden encontrar servicios de internet mediante un número telefónico, es decir cómo se pueden usar los los teléfonos, que solamente tienen 12 teclas, para acceder a servicios de Internet. La parte más básica de ENUM es por tanto la convergencia de las redes del STDP y la IP; ENUM hace que pueda haber una correspondencia entre un número telefónico y un identificador de Internet. En síntesis, Enum es un conjunto de protocolos para convertir números E.164 en URIs, y viceversa, de modo que el sistema de numeración E.164 tenga una función de correspondencia con las direcciones URI en Internet. Esta función es necesaria porque un número telefónico no tiene sentido en el mundo IP, ni una dirección IP tiene sentido en las redes telefónicas. Así, mediante esta técnica, las comunicaciones cuyo destino se marque con un número E.164, puedan terminar en el identificador correcto (número E.164 si termina en el STDP, o URI si termina en redes IP). La solución técnica de mirar en una base de datos cual es el identificador de destino tiene consecuencias muy interesantes, como que la llamada se pueda terminar donde desee el abonado llamado. Esta es una de las características que ofrece ENUM : el destino concreto, el terminal o terminales de terminación, no lo decide quien inicia la llamada o envía el mensaje sino la persona que es llamada o recibe el mensaje, que ha escrito sus preferencias en una base de datos. En otras palabras, el destinatario de la llamada decide cómo quiere ser contactado, tanto si lo que se le comunica es un email, o un sms, o telefax, o una llamada de voz. Cuando alguien quiera llamarle a usted, lo que tiene que hacer el llamante es seleccionar su nombre (el del llamado) en la libreta de direcciones del terminal o marcar su número ENUM. Una aplicación informática obtendrá de una base de datos los datos de contacto y disponibilidad que usted decidió. Y el mensaje le será remitido tal como usted especificó en dicha base de datos. Esto es algo nuevo que permite que usted, como persona llamada, defina sus preferencias de terminación para cualquier tipo de contenido. Por ejemplo, usted puede querer que todos los emails le sean enviados como sms o que los mensajes de voz se le remitan como emails; las comunicaciones ya no dependen de donde esté usted o deque tipo de terminal utiliza (teléfono, pda, internet). Además, con ENUM usted puede gestionar la portabilidad de sus números fijos y móviles. ENUM emplea una técnica de búsqueda indirecta en una base de datos que tiene los registros NAPTR ("Naming Authority Pointer Resource Records" tal como lo define el RFC 2915), y que utiliza el número telefónico Enum como clave de búsqueda, para obtener qué URIs corresponden a cada número telefónico. La base de datos que almacena estos registros es del tipo DNS.Si bien en uno de sus diversos usos sirve para facilitar las llamadas de usuarios de VoIP entre redes tradicionales del STDP y redes IP, debe tenerse en cuenta que ENUM no es una función de VoIP sino que es un mecanismo de conversión entre números/identificadores. Por tanto no debe ser confundido con el uso normal de enrutar las llamadas de VoIP mediante los protocolos SIP y H.323. ENUM puede ser muy útil para aquellas organizaciones que quieran tener normalizada la manera en que las aplicaciones acceden a los datos de comunicación de cada usuario. FundamentosPara que la convergencia entre el Sistema Telefónico Disponible al Público (STDP) y la Telefonía por Internet o Voz sobre IP (VoIP) y que el desarrollo de nuevos servicios multimedia tengan menos obstáculos, es fundamental que los usuarios puedan realizar sus llamadas tal como están acostumbrados a hacerlo, marcando números. Para eso, es preciso que haya un sistema universal de correspondencia de número a direcciones IP (y viceversa) y que las diferentes redes se puedan interconectar. Hay varias fórmulas que permiten que un número telefónico sirva para establecer comunicación con múltiples servicios. Una de estas fórmulas es el Electronic Number Mapping System ENUM, normalizado por el grupo de tareas especiales de ingeniería en Internet (IETF, Internet engineering task force), del que trata este artículo, que emplea la numeración E.164, los protocolos y la infraestructura telefónica para acceder indirectamente a diferentes servicios. Por tanto, se accede a un servicio mediante un identificador numérico universal: un número telefónico tradicional. ENUM permite comunicar las direcciones del mundo IP con las del mundo telefónico, y viceversa, sin problemas. Antes de entrar en mayores profundidades, conviene dar una breve pincelada para aclarar cómo se organiza la correspondencia entre números o URI. Para ello imaginemos una llamada que se inicia desde el servicio telefónico tradicional con destino a un número Enum. En ENUM Público, el abonado o usuario Enum a quien va destinada lallamada, habrá decidido incluir en la base de datos Enum uno o varios URI o números E.164, que forman una lista con sus preferencias para terminar la llamada. Y el sistema como se explica más adelante, elegirá cual es el número o URI adecuado para dicha terminación. Por tanto como resultado de la consulta a la base dedatos Enum siempre se da una relación unívoca entre el número Enum marcado y el de terminación, conforme a los deseos de la persona llamada.Variedades de ENUMUna posible fuente de confusión cuando se trata sobre ENUM es la variedad de soluciones o sistemas que emplean este calificativo. Lo habitual es que cuando se haga una referencia a ENUM se trate de uno de los siguientes casos: ENUM Público: Es la visión original de ENUM, como base de datos pública, parecida a un directorio, donde el abonado "opta" a ser incluido en la base de datos, que está gestionada en el dominio e164.arpa, delegando a cada país la gestión de la base de datos y la numeración. También se conoce como ENUM de usuario. Carrier ENUM, o ENUM Infraestructura, o de Operador: Cuando grupos de operadores proveedores de servicios de comunicaciones electrónicas acuerdan compartir la información de los abonados por medio de ENUM mediante acuerdos privados. En este caso son los operadores quienes controlan la información del abonado en vez de hacerlo (optar) los propios abonados. Carrier ENUM o ENUM de Operador también se conoce como Infrastructure ENUM o ENUM Infraestructura, y está siendo normalizado por IETF para la interconexión de VoIP (mediante acuerdos de peering). Como se explicará en la correspondiente sección, también se puede utilizar para la portabilidad o conservación de número. ENUM Privado: Un operador de telefonía o de VoIP, o un ISP, o un gran usuario, puede utilizar las técnicas de ENUM en sus redes y en las de sus clientes sin emplear DNS públicos, con DNS privados o internos. Resulta fácil imaginar como puede utilizarse esta técnica para que compañías multinacionales, o bancos, o agencias de viajes, tengan planes de numeración muy coherentes y eficaces. Cómo funciona ENUMPara conocer cómo funciona Enum, le remitimos a la página correspondiente a ENUM Público, puesto que esa variedad de Enum es la típica, la que dió lugar a todos los procedimientos y normas de IETF .Más detalles sobre: @page { margin: 0.79in } P { margin-bottom: 0.08in } H4 { margin-bottom: 0.08in } H4.ctl { font-family: "Lohit Hindi" } A:link { so-language: zxx } -- ENUM Público. En esta página se explica con cierto detalle como funciona Enum Carrier ENUM o ENUM de Operador ENUM Privado Normas técnicas: RFC 2915: NAPTR RR. The Naming Authority Pointer (NAPTR) DNS Resource Record RFC 3761: ENUM Protocol. The E.164 to Uniform Resource Identifiers (URI) Dynamic Delegation Discovery System (DDDS) Application (ENUM). (obsoletes RFC 2916). RFC 3762: Usage of H323 addresses in ENUM Protocol RFC 3764: Usage of SIP addresses in ENUM Protocol RFC 3824: Using E.164 numbers with SIP RFC 4769: IANA Registration for an Enumservice Containing Public Switched Telephone Network (PSTN) Signaling Information RFC 3026: Berlin Liaison Statement RFC 3953: Telephone Number Mapping (ENUM) Service Registration for Presence Services RFC 2870: Root Name Server Operational Requirements RFC 3482: Number Portability in the Global Switched Telephone Network (GSTN): An Overview RFC 2168: Resolution of Uniform Resource Identifiers using the Domain Name System Organizaciones relacionadas con ENUM RIPE - Adimistrador del nivel 0 de ENUM e164.arpa. ITU-T TSB - Unión Internacional de Telecomunicaciones ETSI - European Telecommunications Standards Institute VisionNG - Administrador del rango ENUM 878-10 IETF ENUM Chapter

Read the article

Live Mail folder and Thunderbird

- by Umair Mustafa

Me Friends Hello, Guys I'm facing a small issue and that is, I created a New account(MS live Email account) on Thunderbird and set the incoming protocol to IMAP and "pop3.live.com" Port No 995 , SSL to SSL/TLS and Outgoing protocol to SMTP and "smtp.live.com" Port No 25 , SSL to STARTTLS Now What I want is that there are sub folders in my Web based Live Email account which are not appearing when I create the account in Thunderbird. Please tell me how to get this thing done

Read the article

Payments - Chase Paymentech PTK Decomissioning FTP After July 2014

- by LuciaC

Customers who have integrated Oracle Payments with Chase Paymentech payment system are being contacted by Paymentech informing them about the impending desupport of standard File Transfer Protocol (FTP). Customers are being advised to look for alternate protocol to connect to Paymentech for credit card and direct debit payment processing. Oracle Payments product management and development is aware of Paymentech PTK decomissioning FTP after July 2014. They are currently evaluating using SFTP as an alternative. Please monitor Doc ID 1586425.1 for the latest updates.

Read the article

Welcome to ubiquitous file sharing (December 08, 2009)

- by user12612012

The core of any file server is its file system and ZFS provides the foundation on which we have built our ubiquitous file sharing and single access control model. ZFS has a rich, Windows and NFSv4 compatible, ACL implementation (ZFS only uses ACLs), it understands both UNIX IDs and Windows SIDs and it is integrated with the identity mapping service; it knows when a UNIX/NIS user and a Windows user are equivalent, and similarly for groups. We have a single access control architecture, regardless of whether you are accessing the system via NFS or SMB/CIFS.The NFS and SMB protocol services are also integrated with the identity mapping service and shares are not restricted to UNIX permissions or Windows permissions. All access control is performed by ZFS, the system can always share file systems simultaneously over both protocols and our model is native access to any share from either protocol.Modal architectures have unnecessary restrictions, confusing rules, administrative overhead and weird deployments to try to make them work; they exist as a compromise not because they offer a benefit. Having some shares that only support UNIX permissions, others that only support ACLs and some that support both in a quirky way really doesn't seem like the sort of thing you'd want in a multi-protocol file server. Perhaps because the server has been built on a file system that was designed for UNIX permissions, possibly with ACL support bolted on as an add-on afterthought, or because the protocol services are not truly integrated with the operating system, it may not be capable of supporting a single integrated model.With a single, integrated sharing and access control model: If you connect from Windows or another SMB/CIFS client: The system creates a credential containing both your Windows identity and your UNIX/NIS identity. The credential includes UNIX/NIS IDs and SIDs, and UNIX/NIS groups and Windows groups. If your Windows identity is mapped to an ephemeral ID, files created by you will be owned by your Windows identity (ZFS understands both UNIX IDs and Windows SIDs). If your Windows identity is mapped to a real UNIX/NIS UID, files created by you will be owned by your UNIX/NIS identity. If you access a file that you previously created from UNIX, the system will map your UNIX identity to your Windows identity and recognize that you are the owner. Identity mapping also supports access checking if you are being assessed for access via the ACL. If you connect via NFS (typically from a UNIX client): The system creates a credential containing your UNIX/NIS identity (including groups). Files you create will be owned by your UNIX/NIS identity. If you access a file that you previously created from Windows and the file is owned by your UID, no mapping is required. Otherwise the system will map your Windows identity to your UNIX/NIS identity and recognize that you are the owner. Again, mapping is fully supported during ACL processing. The NFS, SMB/CIFS and ZFS services all work cooperatively to ensure that your UNIX identity and your Windows identity are equivalent when you access the system. This, along with the single ACL-based access control implementation, results in a system that provides that elusive ubiquitous file sharing experience.

Read the article

TLS/SSL and .NET Framework 4.0

The Secure Socket Layer is now essential for the secure exchange of digital data, and is most generally used within the HTTPS protocol. .NET now provides the Windows Communication Foundation (WCF) to implement secure communications directly. Matteo explains the TLS/SSL protocol, and takes a hands-on approach to investigate the SslStream class to show how to implement a secure communication channel

Read the article

RIA Services - exposing OData service

Open Data Protocol (OData) is a web protocol which is used for querying and updating data. In this article we will see how to enable OData service in our RIA services.

Read the article

Unable to start Tomcat6 with HTTPS enabled

- by ram

I have the following server.xml settings for my tomcat6 server   <Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" SSLCertificateFile="%SSL_CERT%" SSLCertificateKeyFile="%SSL_KEY%" SSLCipherSuite="ALL:!ADH:!kEDH:!SSLv2:!EXPORT40:!EXP:!LOW" compression="on" compressableMimeType="text/html,text/xml,text/plain,application/javascript,application/json,text/javascript"/> Complete server.xml is here but when I try to start the application I get the following error in catalina.*.log file INFO: Initializing Coyote HTTP/1.1 on http-80 Apr 7, 2013 8:38:38 PM org.apache.coyote.http11.Http11AprProtocol init SEVERE: Error initializing endpoint java.lang.Exception: Invalid Server SSL Protocol (error:00000000:lib(0):func(0):reason(0)) at org.apache.tomcat.jni.SSLContext.make(Native Method) at org.apache.tomcat.util.net.AprEndpoint.init(AprEndpoint.java:729) at org.apache.coyote.http11.Http11AprProtocol.init(Http11AprProtocol.java:107) at org.apache.catalina.connector.Connector.initialize(Connector.java:1049) at org.apache.catalina.core.StandardService.initialize(StandardService.java:703) at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838) at org.apache.catalina.startup.Catalina.load(Catalina.java:538) at org.apache.catalina.startup.Catalina.load(Catalina.java:562) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413) Apr 7, 2013 8:38:38 PM org.apache.catalina.core.StandardService initialize SEVERE: Failed to initialize connector [Connector[HTTP/1.1-443]] LifecycleException: Protocol handler initialization failed: java.lang.Exception: Invalid Server SSL Protocol (error:00000000:lib(0):func(0):reason(0)) at org.apache.catalina.connector.Connector.initialize(Connector.java:1051) at org.apache.catalina.core.StandardService.initialize(StandardService.java:703) at org.apache.catalina.core.StandardServer.initialize(StandardServer.java:838) at org.apache.catalina.startup.Catalina.load(Catalina.java:538) at org.apache.catalina.startup.Catalina.load(Catalina.java:562) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:261) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413) I've checked the following things already I have given read permissions for everyone for .crt and .key files I copied server.xml to a different working tomcat6 server and it works there, server.xml from the mentioned working tomcat5 webserver doesn't work here and it fails with the same error Works well with just HTTP enabled explicitly mentioning protocol in the Connector i.e. protocol="org.apache.coyote.http11.Http11AprProtocol" results in the same exception Please help me if I am missing something. Thanks in advance

Search Results

Search found 13752 results on 551 pages for 'ip protocol'.

Page 132/551 | < Previous Page | 128 129 130 131 132 133 134 135 136 137 138 139 | Next Page >

- by Roman

- by Aron Rotteveel

- by Brendan ODonnell

- by Charlie Somerville

- by Siriss

- by Austin A.

- by Brian Stinar

- by HighTechGeek

- by sonar

- by weberc2

- by weberc2

- by user2699451

- by Wayne

- by thomas

- by Toine Lille

- by Shaun

- by user939057

- by Henrik Stahl

- by raul.goycoolea

- by Umair Mustafa

- by LuciaC

- by user12612012

- by ram

< Previous Page | 128 129 130 131 132 133 134 135 136 137 138 139 | Next Page >