Search Results

Search found 16978 results on 680 pages for '80 column'.

Page 135/680 | < Previous Page | 131 132 133 134 135 136 137 138 139 140 141 142  | Next Page >

• Debian apache2 restart fault after some updates

  - by Ripeed

  can anyone give me an advice with this please: I run update on my debian server by Webmin. After updating some apache2 and etc. It shows update fail. After that I cant start apache2. I must run netstat -ltnp | grep ':80' Then kill pid kill -9 1047 and now i can start apache2 When I started it first time after update some websites on fastCGI wont work I must change them in ISPconfig3 to mod-PHP and now works NOW - I cant restart apache without kill pid. In log of ISP I see Unable to open logs (98)Address already in use: make_sock: could not bind to address [::]:80 (98)Address already in use: make_sock: could not bind to address 0.0.0.0:80 no listening sockets available, shutting down In log of some website I see [emerg] (13)Permission denied: mod_fcgid: can´t lock process table in pid 19264 Do you thing it will be solution update everithing by: apt-get update and apt-get upgrade to complete all updates? I have little scare if I do that then next errors will occur. If I look at apache log i see error: Debian Python version mismatch, expected '2.6.5+', found '2.6.6' But that was there before that problem before. Thanks A LOT for help.

  Read the article

• is it really necessary to run Apache as a front-end to Glassfish/JBoss/Tomcat?

  - by Caffeine Coma

  I'm primarily a Java developer, and I come to you with a question that straddles the divide between developers and sysadmins. Years ago, when it was a novel thing to run Tomcat as an app server, it was customary to front it with Apache. As I understand it, this was done because: Java was considered "slow", and it was helpful to have Apache serve static content directly. Tomcat couldn't listen to ports 80/443 unless run as root, which was dangerous. Java is no longer considered slow, and I doubt adding Apache to the mix will actually help speed things up. As for the ports issue, there are probably simpler ways to connect app servers to ports 80/443 these days. So my question is- is there really any benefit to fronting Java Webapps with Apache these days? If so, is Apache still the way to go? Should I look at Nginx? Instead of Tomcat I'm using Glassfish, if that matters.

  Read the article

• Double Filter in Excel

  - by Joe

  I'm trying to "stack" filters in excel, so to speak. I want to filter column A to show anything greater than 30 and then I want to filter column B to show the top ten items. When I do this, however, it shows me all rows that fit both criteria (only five records). I want to first fit the criteria for column A and then filter these results to show the top ten items in column B (10 records total). I know that I could just copy the rows from my first filter to a new sheet and then filter the new worksheet, but is there any way to apply both filters so that I don't physically have to delete records this way? Thanks for your help!

  Read the article

• reiserfsck --rebuild-tree failed: Not enough allocable blocks

  - by mojo

  I have a reiserfs volume that required a --rebuild-tree, but is currently failing to complete when I pass it --rebuild-tree. Here is the output that I receive when running it: reiserfsck 3.6.19 (2003 www.namesys.com) # reiserfsck --rebuild-tree started at Mon Oct 26 13:22:16 2009 # Pass 0: # Pass 0 The whole partition (7864320 blocks) is to be scanned Skipping 8450 blocks (super block, journal, bitmaps) 7855870 blocks will be read 0%....20%....40%....60%....80%....100% left 0, 9408 /sec 287884 directory entries were hashed with "r5" hash. "r5" hash is selected Flushing..finished Read blocks (but not data blocks) 7855870 Leaves among those 6105606 Objectids found 287892 Pass 1 (will try to insert 6105606 leaves): # Pass 1 Looking for allocable blocks .. finished 0%....20%....40%....60%....80%....Not enough allocable blocks, checking bitmap...there are 1 allocable blocks, btw out of disk space Aborted I can't mount it, and I can't fsck it. I've tried extending the volume, but that hasn't helped either.

  Read the article

• "Catch-All" access log with Apache Virtual Hosts?

  - by pix0r

  I have many virtual hosts set up on a web server, each one having its own error and access log. The relevant lines of httpd.conf are something like this: ErrorLog /var/log/httpd-error.log LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined CustomLog /var/log/httpd-access.log combined NameVirtualHost *:80 <VirtualHost *:80> ServerName myhost.com ServerAlias www.myhost.com DocumentRoot /var/www/myhost.com/htdocs ErrorLog /var/www/myhost.com/log/error.log CustomLog /var/www/myhost.com/log/access.log combined </VirtualHost> # ... many more VirtualHosts Currently, I'm getting some random errors in /var/log/httpd-error.log, but I'm getting nothing in /var/log/httpd-access.log. Is it possible to have ALL accesses and errors duplicated to a shared logfile? Is it possible to do this without adding new entries to every single VirtualHost?

  Read the article

• firehol (firewall) with bridge: how to filter

  - by Leon

  I have two interfaces: eth0 (public address) and lxcbr0 with 10.0.3.1. I have a LXC guest running with ip 10.0.3.10 This is my firehol config: version 5 trusted_ips=`/usr/local/bin/strip_comments /etc/firehol/trusted_ips` trusted_servers=`/usr/local/bin/strip_comments /etc/firehol/trusted_servers` blacklist full `/usr/local/bin/strip_comments /etc/firehol/blacklist` interface lxcbr0 virtual policy return server "dhcp dns" accept router virtual2internet inface lxcbr0 outface eth0 masquerade route all accept interface any world protection strong #Outgoing these protocols are allowed to everywhere client "smtp pop3 dns ntp mysql icmp" accept #These (incoming) services are available to everyone server "http https smtp ftp imap imaps pop3 pop3s passiveftp" accept #Outgoing, these protocols are only allowed to known servers client "http https webcache ftp ssh pyzor razor" accept dst "${trusted_servers}" On my host I can connect only to "trusted servers" on port 80. In my guest I can connect to port 80 on every host. I assumed that firehol would block that. Is there something I can add/change so that my guest(s) inherit the rules of the eth0 interface?

  Read the article

• how to mod rewrite unicode byte sequence for the multibyte hyphen character

  - by ChickenFur

  We have case where some adobe pdf files format the hyphen character as %E2%80%90. See http://forums.adobe.com/message/2807241 this is caused by the Calibri font I guess. So these pdf files have been released and the links don't work So I thought mod rewrite would come to the rescue. I followed this post here mod_ReWrite to remove part of a URL but I can't seem to search for the % characters according to this question. Is there anything else I can do? Here is the rewrite rule I want to use: RewriteRule ^foo%(.+)bar /foo-bar [L,R=301] I also tried this and it doesn't work RewriteRule ^foo%E2%80%90bar /foo-bar [L,R=301] Any Ideas?

  Read the article

• LibreOffice Calc SEARCH and FIND functions

  - by TTT

  I am trying to process some data in Calc. One of the steps involve finding if a certain string is part of one of the column. I tried using FIND and SEARCH functions. Both behave in the same way and I am not getting correct results. E.g. Say I have following strings in Column A NY SF LON CAN US and am trying to put following formula in column C =SEARCH("NY",A2) The result is - cell C2 will have 1 (which is correct) but if the same formula is copied to other cells in column C - it gives me "#VALUE!" error and I am unable to find out why ? Any one has any ideas ? Thanks in advance TT

  Read the article

• Nginx: Rewriting entire URI to query string

  - by Doug

  Still pretty new to nginx here, trying to get a simple rewrite to work, but the server just responds '404 not found' My server block server { listen 80; listen [::]:80; server_name pics.example.com; root /home/pics; rewrite ^(.*)$ index.php?tag=$1; location / { try_files $uri $uri/ $uri.php /index.html $uri =404; #try_files $uri =404; fastcgi_split_path_info ^([a-z]+)(/.+)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_pass unix:/tmp/php5-fpm.sock; fastcgi_index index.php; } location /doc/ { alias /usr/share/doc/; autoindex on; allow 127.0.0.1; deny all; } } pics.example.com/foobear should rewrite to pics.example.com/index.php?tag=foobear

  Read the article

• Unknown protocol when trying to connect to remote host with stunnel

  - by RaYell

  I'm trying to set up a stunnel for WebDav on Windows. I want to connect 80 port on my local interface to 443 on another machine in my network. I can ping the machine remote machine. However when I use the tunnel, I'm getting this error all the time SSL state (accept): before/accept initialization SSL_accept: 140760FC: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol There is nothing in the logs on the other machine and here's my stunnel connection config [https] accept = 127.0.0.2:80 connect = 10.0.0.60:443 verify = 0 I've set it up to accept all certificates so this shouldn't be a problem with a self-signed certificate remote host uses. Does anyone knows what might be the problem that this connection cannot be eastablished?

  Read the article

• Replacing hyperlinks in Apache2 ProxyPass

  - by Jeroen

  I am using Apache2 with mod proxy on Ubuntu 12.04 as a reverse proxy to some back-end server: <VirtualHost *:80> ProxyPass / http://somewhere.com/mysite ProxyPassReverse / http://somewhere.com/mysite ServerName www.mysite.nl ServerAlias mysite.nl *.mysite.nl </VirtualHost> However, unfortunately the back-end server has some internal links hardcoded; e.g. a link to somewhere else in the site has <a href="http://somewhere.com/mysite/something"> instead of just <a href="something.png">. Is there a way I can use Apache to replace strings in the body as served by the backend before passing it back to the client? E.g replace all instances of "http://somewhere.com/site/" with "http://mysite.nl/" ? I know nginx or so is better as a reverse proxy, but the server is hosting other stuff so port 80 needs to be Apache2.

  Read the article

• Default virtual server does not work

  - by Luc

  Hello, I have 4 Name Virtual Hosts on my apache configuration, each one using proxy_http to forward request to the correct server. They work fine. <VirtualHost *:80> ServerName application_name.domain.tld ProxyRequests Off ProxyPreserveHost On ProxyPass / http://server_ip/ ProxyPassReverse / http://server_ip/ </VirtualHost> I then tried to add a default NameVirtualHost to take care of the requests for which the server name does not match one of the four others. Otherwise a request like some_weird_styff.domain.tld would be forwarded to one of the 4 VH. I then added this one: <VirtualHost *:80> ServerAlias "*" DocumentRoot /var/www/ </VirtualHost> At the beginning it seemed to work fine, but at some point it appears that the requests that should be handed by one of the 4 regular hosts is "eaten" by the default one !!! If I a2dissite this default host, everything is back to normal... I do not really understand this. If you have any clue... thanks a lot, Luc

  Read the article

• Varnish, hide port number

  - by George Reith

  My set up is as follows: OS: CentOS 6.2 running on an OpenVZ virtual machine. Web server: Nginx listening on port 8080 Reverse proxy: Varnish listening on port 80 The problem is that Varnish redirects my requests to port 8080 and this appears in the address bar like so http://mysite.com:8080/directory/, causing relative links on the site to include the port number (8080) in the request and thus bypassing Varnish. The site is powered by WordPress. How do I allow Varnish to use Nginx as the backend on port 8080 without appending the port number to the address? Edit: Varnish is set up like so: I have told the Varnish daemon to listen to port 80 by default. VARNISH_VCL_CONF=/etc/varnish/default.vcl # # # Default address and port to bind to # # Blank address means all IPv4 and IPv6 interfaces, otherwise specify # # a host name, an IPv4 dotted quad, or an IPv6 address in brackets. # VARNISH_LISTEN_ADDRESS= VARNISH_LISTEN_PORT=80 # # # Telnet admin interface listen address and port VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1 VARNISH_ADMIN_LISTEN_PORT=6082 # # # Shared secret file for admin interface VARNISH_SECRET_FILE=/etc/varnish/secret # # # The minimum number of worker threads to start VARNISH_MIN_THREADS=1 # # # The Maximum number of worker threads to start VARNISH_MAX_THREADS=1000 # # # Idle timeout for worker threads VARNISH_THREAD_TIMEOUT=120 # # # Cache file location VARNISH_STORAGE_FILE=/var/lib/varnish/varnish_storage.bin # # # Cache file size: in bytes, optionally using k / M / G / T suffix, # # or in percentage of available disk space using the % suffix. VARNISH_STORAGE_SIZE=1G # # # Backend storage specification VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}" # # # Default TTL used when the backend does not specify one VARNISH_TTL=120 The VCL file that Varnish calls (through an include in default.vcl) consists of: backend playwithbits { .host = "127.0.0.1"; .port = "8080"; } acl purge { "127.0.0.1"; } sub vcl_recv { if (req.http.Host ~ "^(.*\.)?playwithbits\.com$") { set req.backend = playwithbits; set req.http.Host = regsub(req.http.Host, ":[0-9]+", ""); if (req.request == "PURGE") { if (!client.ip ~ purge) { error 405 "Not allowed."; } return(lookup); } if (req.url ~ "^/$") { unset req.http.cookie; } } } sub vcl_hit { if (req.http.Host ~ "^(.*\.)?playwithbits\.com$") { if (req.request == "PURGE") { set obj.ttl = 0s; error 200 "Purged."; } } } sub vcl_miss { if (req.http.Host ~ "^(.*\.)?playwithbits\.com$") { if (req.request == "PURGE") { error 404 "Not in cache."; } if (!(req.url ~ "wp-(login|admin)")) { unset req.http.cookie; } if (req.url ~ "^/[^?]+.(jpeg|jpg|png|gif|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)(\?.|)$") { unset req.http.cookie; set req.url = regsub(req.url, "\?.$", ""); } if (req.url ~ "^/$") { unset req.http.cookie; } } } sub vcl_fetch { if (req.http.Host ~ "^(.*\.)?playwithbits\.com$") { if (req.url ~ "^/$") { unset beresp.http.set-cookie; } if (!(req.url ~ "wp-(login|admin)")) { unset beresp.http.set-cookie; } } }

  Read the article

• Weird problem, special characters coming after formatting the hard drive, computer isn't starting 0_

  - by m3taspl0it

  Hya friends , Last night my computer was working fine. But today when i came back from college and started it , it was starting fine but after sometime it's getting restarted , again and again getting restarted at different points , so i tried to boot it in safe mode but same problem. Now after all this , i finally decided to format the drive C (it is in 80 GB) and load new OS windows XP3. After formatting (quick format) and loading xp3 sufficient files , when it was getting rebooted for copying the actual os files , it hung and a weird screen came. I've also attached the pic of error : http://www.postimage.org/image.php?v=gxz1vKS My specs : P4 3.0 Ghz 2 GB RAM (2x 512 mb and 1 GB) 3 hard drives { 80 GB (5 years old around) 320 GB ( 2 years old around) 500 GB ( recently bought) 256 MB graphics card any help is very appreciated , thanks

  Read the article

• Second DocumentRoot for certain URLS

  - by scrr

  Hello, I have the following setup in my apache-config: <VirtualHost 1.2.3.4:80> ServerName example.com:80 ServerAlias www.example.com DocumentRoot /var/www/page <Location "/blog"> DocumentRoot /var/www/blog </Location> RailsBaseURI / RailsEnv development </VirtualHost> However, Apache tells me, I am not allowed to have a second DocumentRoot. How can I make "www.example.com/blog" point to "/var/www/blog"? I'm sure this is basic, but I just can't find the proper documentation online.

  Read the article

• simple apache2 reverse proxy setup not working

  - by Nick

  I know what proxy is (very high level), it's just I have never set up one, and it feels like I might be missing some big fat point here. My setup: client server (static IP), runs apache on port 80 proxy (has 2 network cards, one is on the clients network, the other one with a static IP on the server network), runs apache on port 80 I am trying to configure these three machines so that when client requests: http://proxy/machine1 It gets served server's pages at server root URL, i.e. http://server/ I can access client pages just fine. However, when I try accessing a page from the client machine, it simply gets redirected to server's IP address, which it clearly can't access since they are not on the same network: ... <meta http-equiv="REFRESH" content="0;url=http://server/machine1"></meta> <title>Redirect</title> ... My apache2 config is: LoadModule proxy_module /modules/mod_proxy.so LoadModule proxy_http_module /modules/mod_proxy_http.so ProxyRequests off <Proxy *> Order Allow,Deny Allow from all </Proxy> ProxyPass /machine1 http://server:80 <Location /machine1> ProxyPassReverse / </Location> What gives? Thanks!

  Read the article

• Creating stereo file from two mono files with sox

  - by haimg

  I'm using sox 14.2.0 on Centos 6.0. I have two mono wav files, left.wav and right.wav. I need to combine them into one stereo.ogg file, with left.wav pan 80% to the left, and right.wav pan 80% to the right. I was unable to come up with the sox options needed for this. How do I do this? This is going to be executed repeatably for many files, so I'd prefer an efficient solution. From what I understand there should be a way to do it in one pass (one invocation of sox).

  Read the article

• Trouble with Debian Lenny and Sphinx

  - by Ando

  I've very basic understanding of linux systems, but I've a server which was setup a while ago to host some web apps. Recently I decided to test out and implement Sphinx but unfortunately I cant get the install to work. I'm running a Debian Lenny distro and when I try to install sphinx it says - checking MySQL include files... configure: error: missing include files. ****************************************************************************** ERROR: cannot find MySQL include files. Check that you do have MySQL include files installed. The package name is typically 'mysql-devel'. If include files are installed on your system, but you are still getting this message, you should do one of the following: 1) either specify includes location explicitly, using --with-mysql-includes; 2) or specify MySQL installation root location explicitly, using --with-mysql; 3) or make sure that the path to 'mysql_config' program is listed in your PATH environment variable. To disable MySQL support, use --without-mysql option. ****************************************************************************** I do have mysql 5.1 installed but I can't find the include files, AND one more thing.. I read around the net that I probably need libmysqlclient15-dev but when I try to install that using apt-get i receive the following error. The following packages were automatically installed and are no longer required: libxcb-aux0 libts-0.0-0 libxcb-atom1 ttf-dejavu-extra hunspell-en-us g++-4.3 libmysql++3 libnspr4-0d libdirectfb-1.0-0 libxcb-event1 libasound2 libstdc++6-4.3-dev libhunspell-1.2-0 ttf-dejavu libmozjs2d conkeror-spawn-process-helper libnss3-1d Use 'apt-get autoremove' to remove them. The following NEW packages will be installed: libmysqlclient15-dev 0 upgraded, 1 newly installed, 0 to remove and 276 not upgraded. Need to get 7590 kB of archives. After this operation, 26.3 MB of additional disk space will be used. WARNING: The following packages cannot be authenticated! libmysqlclient15-dev Install these packages without verification [y/N]? Y Err http://ftp.us.debian.org/debian/ lenny/main libmysqlclient15-dev amd64 5.0.51a-24+lenny5 404 Not Found [IP: 35.9.37.225 80] Err http://security.debian.org/ lenny/updates/main libmysqlclient15-dev amd64 5.0.51a-24+lenny5 404 Not Found [IP: 149.20.20.6 80] Failed to fetch http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny5_amd64.deb 404 Not Found [IP: 149.20.20.6 80] E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing? Can you help me out by suggesting how to install the required packages and run the Sphinx.

  Read the article

• Does Apache2 Configured as ReverseProxy Hide Cookies Set by Backend Servers?

  - by Ianthe

  I use Apache 2.2.16 as Reverse Proxy. For a static website, I don't have any issues. However, when began to use cookies, I've noticed that cookies are not being sent to the client. Here's a snippet of my config: <VirtualHost *:80> ServerName app.somewhere.com:80 ServerAlias app ProxyRequests Off ProxyPreserveHost On <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass /app http://10.x.x.x/app ProxyPassReverse /app http://10.x.x.x/app <Location /> Order allow,deny Allow from all </Location> </VirtualHost> But when I try to access the app server directly, I receive the cookies ok. Is this an expected behaviour for Apache2? I'm using HAProxy for another application that sends cookies to the client and I get all of them.

  Read the article

• Excel concatenate strings from cells listed in third cell

  - by Puddingfox

  I have an excel 2007 workbook that has five columns: A. A list of machines B. A list of service numbers for each machine C. A list of service names for each machine ...(nothing here) I. A list of Service Numbers J. A list of Service Names Each machine listed in column A has one or more services running on it from the list in column J. I would like to be able to add services to a machine (i.e. updating the cell in Column C) by simply adding another comma-separated number to Column B. For Example, The first row would look like this assuming Machine1 has the first three services: | A | B | C | Machine1 | 1,2,3 | HTTP,HTTPS,DNS Right now I have to manually update the formula in column c for each change I make. The current formula is: =CONCATENATE(J1,",",J2,",",J3) I would like to use something like this (please forgive my syntax; I'm a coder and I'm treating cell B1 as if it is an indexed array): =CONCATENATE(CELL("J"+B1[0] , "," , "J"+B1[1] , "," "J"+B1[2]) Although having variable numbers of services makes this even more difficult. Is there any way of doing this. For reference, this is columns I and J: | I | J | 1 |HTTP | 2 |HTTPS | 3 |DNS ..... | 16 |Service16 I don't know very much about Excel so any help is greatly appreciated.

  Read the article

• Apache ProxyPass Missing Images

  - by EpicOfChaos

  I have a apache server that sits in front of my glassfish server. mydomain.com goes directly to my static files on apache, than if you hit the subdomain forum.mydomain.com it goes to the glassfish webapp forum/ at 127.0.0.1:8080/forum/. This proxy seems to work it takes me to the web app but all of the images are missing! Here is how I go my virtual host setup. NameVirtualHost *:80 <VirtualHost *:80> ServerName www.mydomain.com ServerAlias subdomain.mydomain.com mydomain.com DocumentRoot "/usr/local/apache/htdocs" </VirtualHost> <VirtualHost *:80> ServerName forum.mydomain.com # any logging config, etc, that you need ProxyPass / http://127.0.0.1:8080/forum/ ProxyPassReverse / http://127.0.0.1:8080/forum/ </VirtualHost> And in the access log this is what I am seeing. [15/Jan/2012:03:28:02 +0000] "GET /forums/list.page HTTP/1.1" 200 12861 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/logo.jpg HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/styles/style.css?1326582403934 HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/icon_mini_recentTopics.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/icon_mini_search.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/icon_mini_members.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/styles/en_US.css?1326582403934 HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/icon_mini_groups.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/folder_big.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/icon_mini_login.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/whosonline.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/icon_mini_register.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/ping_session.jsp HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/folder_lock.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/folder.gif HTTP/1.1" 404 1075 [15/Jan/2012:03:28:02 +0000] "GET /forum/templates/default/images/folder_new.gif HTTP/1.1" 404 1075 Any Ideas why the images are not working?

  Read the article

• SSH not working over IPSec tunnel (Strongswan)

  - by PattPatel

  I configured a small network on a cloud virtual machine. This virtual machine has a static IP address assigned to eth0 interface that I'll call $EXTIP. mydomain.com points to $EXTIP. Inside, I have some linux containers, that get their ip through DHCP in the Subnet 10.0.0.0/24 (i called the virtual interface nat ). They run some services that can be reached through DNAT. Then I wanted to connect to these containers through an IPSec tunnel, so I configured StrongSwan. ipsec.conf: conn %default dpdaction=none rekey=no conn remote keyexchange=ikev2 ike=######## left=[$EXTIP] leftsubnet=10.0.1.0/24,10.0.0.0/24 leftauth=pubkey lefthostaccess=yes leftcert=########.pem leftfirewall=yes leftid="#########" right=%any rightsourceip=10.0.1.0/24 rightauth=######## rightid=%any rightsendcert=never eap_identity=%any auto=add type=tunnel Everything works fine, IPSec clients get IPs of the 10.0.1.0/24 subnet and can reach the containers subnet. My problem is that I'm not able to get SSH connections over the tunnel. It simply does not work, ssh client does not produce any output. Sniffing with tcpdump gives: tcpdump: 09:50:29.648206 ARP, Request who-has 10.0.0.1 tell mydomain.com, length 28 09:50:29.648246 ARP, Reply 10.0.0.1 is-at 00:ff:aa:00:00:01 (oui Unknown), length 28 09:50:29.648253 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [S], seq 4007849772, win 29200, options [mss 1460,sackOK,TS val 1151153 ecr 0,nop,wscale 7], length 0 09:50:29.648296 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [S.], seq 2809522632, ack 4007849773, win 14480, options [mss 1460,sackOK,TS val 11482992 ecr 1151153,nop,wscale 6], length 0 09:50:29.677225 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [.], ack 2809522633, win 229, options [nop,nop,TS val 1151162 ecr 11482992], length 0 09:50:29.679370 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [P.], seq 0:23, ack 1, win 229, options [nop,nop,TS val 1151162 ecr 11482992], length 23 09:50:29.679403 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], ack 24, win 227, options [nop,nop,TS val 11483002 ecr 1151162], length 0 09:50:29.684337 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [P.], seq 1:32, ack 24, win 227, options [nop,nop,TS val 11483003 ecr 1151162], length 31 09:50:29.685471 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], seq 32:1480, ack 24, win 227, options [nop,nop,TS val 11483003 ecr 1151162], length 1448 09:50:29.685519 IP mydomain.com > 10.0.0.1: ICMP mydomain.com unreachable - need to frag (mtu 1422), length 556 09:50:29.685567 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], seq 32:1402, ack 24, win 227, options [nop,nop,TS val 11483003 ecr 1151162], length 1370 09:50:29.685572 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], seq 1402:1480, ack 24, win 227, options [nop,nop,TS val 11483003 ecr 1151162], length 78 09:50:29.714601 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [.], ack 32, win 229, options [nop,nop,TS val 1151173 ecr 11483003], length 0 09:50:29.714642 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [P.], seq 1480:1600, ack 24, win 227, options [nop,nop,TS val 11483012 ecr 1151173], length 120 09:50:29.723649 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [P.], seq 1393:1959, ack 32, win 229, options [nop,nop,TS val 1151174 ecr 11483003], length 566 09:50:29.723677 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [.], ack 24, win 227, options [nop,nop,TS val 11483015 ecr 1151173,nop,nop,sack 1 {1394:1960}], length 0 09:50:29.725688 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [.], ack 1480, win 251, options [nop,nop,TS val 1151177 ecr 11483003], length 0 09:50:29.952394 IP 10.0.0.1.ssh > 10.0.1.2.54869: Flags [P.], seq 1480:1600, ack 24, win 227, options [nop,nop,TS val 11483084 ecr 1151173,nop,nop,sack 1 {1394:1960}], length 120 09:50:29.981056 IP mydomain.com.54869 > 10.0.0.1.ssh: Flags [.], ack 1600, win 251, options [nop,nop,TS val 1151253 ecr 11483084,nop,nop,sack 1 {1480:1600}], length 0 If you need it this is my iptables configuration file: iptables: *filter :INPUT ACCEPT [144:9669] :FORWARD DROP [0:0] :OUTPUT ACCEPT [97:15649] :interfacce-trusted - [0:0] :porte-trusted - [0:0] -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -j interfacce-trusted -A FORWARD -j porte-trusted -A FORWARD -j REJECT --reject-with icmp-host-unreachable -A FORWARD -d 10.0.0.1/32 -p tcp -m tcp --dport 80 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A FORWARD -d 10.0.0.1/32 -p tcp -m tcp --dport 443 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A FORWARD -d 10.0.0.3/32 -p tcp -m tcp --dport 1234 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A interfacce-trusted -i nat -j ACCEPT -A porte-trusted -d 10.0.0.1/32 -p tcp -m tcp --dport 80 -j ACCEPT -A porte-trusted -d 10.0.0.1/32 -p tcp -m tcp --dport 443 -j ACCEPT -A porte-trusted -d 10.0.0.3/32 -p tcp -m tcp --dport 1234 -j ACCEPT COMMIT *nat :PREROUTING ACCEPT [10:600] :INPUT ACCEPT [10:600] :OUTPUT ACCEPT [4:268] :POSTROUTING ACCEPT [18:1108] -A PREROUTING -d [$EXTIP] -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.1:80 -A PREROUTING -d [$EXTIP] -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.0.0.1:443 -A PREROUTING -d [$EXTIP] -p tcp -m tcp --dport 8069 -j DNAT --to-destination 10.0.0.3:1234 -A POSTROUTING -s 10.0.0.0/24 -o eth0 -m policy --dir out --pol ipsec -j ACCEPT -A POSTROUTING -s 10.0.1.0/24 -o nat -j MASQUERADE -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE COMMIT Probably I'm missing something stupid... Thanks in advance for helping :))

  Read the article

• HTTP 400 error for all websites

  - by Jason Sherman

  A couple of days ago, I started getting HTTP 400 responses from all websites. Nothing will go across port 80. However, everything works if I connect to VPN. The weird thing is, without VPN, other things still work; such as IM and anything else that doesn’t use port 80. Pinging also works. I haven’t noticed this behavior on any other computer on my network. The kicker is, if I log on as a local admin, everything works fine!!! I haven’t installed anything in the last couple weeks and I don’t remember changing any configuration. I ran Forefront and HouseCall and neither found any problems.

  Read the article

• How does Router know where to forward packet

  - by kornelijepetak

  If several computers with local addresses (192.168.0.#) are connected to a router and each computer opens a web browser and requests a page over HTTP, when these TCP:80 packets are sent out, the router switches the local address with the static IP of the router (i.e. Provider given IP) so the server can reply to the appropriate address. But how does the router know to which computer to forward the HTTP reply, since the TCP header does not contain the local IP address (does it?), and all computers are using port 80? Does this have anything to do with the MAC addresses? How exactly does this work?

  Read the article

• Why can I view my site over a 3G connection but not through my wifi?

  - by Jonathan

  So, I am sitting in my office with four computers on the same network and internet connection. Two of the computers can visit this particular website. Two of the computer get a message "Google Chrome could not find". I have tried FF and IE also with the same problem. I can view the site 90% of the time on two of the working computers although the site seems slow and sometimes I also get the same errors as the other two computers. I have flushed the DNS, reset the router, tested the site on other peoples computers with success. Is this likely to be a site issue, an ISP issue, a hosting issue? Any advice is greatly appreciated. Here is the ping from the working machine: C:\Users\Jon>ping www.balihaicruises.com Pinging www.balihaicruises.com [208.113.173.102] with 32 bytes of data: Reply from 208.113.173.102: bytes=32 time=331ms TTL=47 Reply from 208.113.173.102: bytes=32 time=327ms TTL=47 Reply from 208.113.173.102: bytes=32 time=326ms TTL=47 Reply from 208.113.173.102: bytes=32 time=329ms TTL=47 Ping statistics for 208.113.173.102: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 326ms, Maximum = 331ms, Average = 328ms Traceroute: Tracing route to www.balihaicruises.com [208.113.173.102] over a maximum of 30 hops: 1 1 ms 17 ms 3 ms 192.168.1.1 2 42 ms 37 ms 36 ms 180.254.224.1 3 39 ms 47 ms 40 ms 180.252.1.69 4 36 ms 616 ms 57 ms 61.94.115.221 5 84 ms 76 ms 80 ms 180.240.191.98 6 73 ms 80 ms 72 ms 180.240.191.97 7 157 ms 143 ms 116 ms 180.240.190.82 8 115 ms 113 ms 120 ms ae1-123.hkg11.ip4.tinet.net [183.182.80.93] 9 331 ms 332 ms 335 ms xe-3-2-1.was14.ip4.tinet.net [89.149.184.30] 10 327 ms 330 ms 331 ms internap-gw.ip4.tinet.net [77.67.69.254] 11 437 ms 415 ms 350 ms border10.pc2-bbnet2.wdc002.pnap.net [216.52.127.73] 12 322 ms 823 ms 398 ms dreamhost-2.border10.wdc002.pnap.net [216.52.125.74] 13 328 ms 336 ms 326 ms ip-208-113-156-4.dreamhost.com [208.113.156.4] 14 326 ms 328 ms 336 ms ip-208-113-156-14.dreamhost.com [208.113.156.14] 15 327 ms 331 ms 333 ms apache2-udder.crisp.dreamhost.com [208.113.173.102] And then for the machine that doesn't work: C:\Users\Microsoft>ping www.balihaicruises.com Ping request could not find host www.balihaicruises.com. Please check the name and try again. C:\Users\Microsoft>tracert www.balihaicruises.com Unable to resolve target system name www.balihaicruises.com.

  Read the article

< Previous Page | 131 132 133 134 135 136 137 138 139 140 141 142  | Next Page >