Search Results

Search found 16455 results on 659 pages for 'hosts allow'.

Page 15/659 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Issue with multiple bridging for KVM hosts

    - by Henry-Nicolas Tourneur
    I'm using KVM and libvirt on my host (Debian lenny) + 2 bridges per guest (one for mgmt, one for public traffic). That setup isn't stable at all, sometimes I can do pings to a management ip, sometimes not. I don't know if my bridging paramateres are correct, could you check ? or if there is anything wrong ... Please also note that interface on guest doesn't flap and that I got not logs on my host. Of course forwarding is enabled. iface eth3 inet manual auto bond0 iface bond0 inet manual slaves eth1 eth2 pre-up ip link set bond0 up down ip link set bond0 down auto br0 iface br0 inet static address 10.160.0.7 netmask 255.255.255.128 bridge_ports eth3 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off auto br0:1 iface br0:1 inet static address 10.160.0.9 netmask 255.255.255.128 auto br0:2 iface br0:2 inet static address 10.160.0.10 netmask 255.255.255.128 auto br1 iface br1 inet static address 217.4.40.242 netmask 255.255.255.240 gateway 217.4.40.241 pre-up /etc/network/firewall start bridge_ports bond0 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off auto br1:1 iface br1:1 inet static address 217.4.40.252 netmask 255.255.255.240 auto br1:2 iface br1:2 inet static address 217.4.40.253 netmask 255.255.255.240

    Read the article

  • Postfix configuration: different outgoing hosts based on sender

    - by Joe
    I've seen a few answers to this on the web, but nothing definitive nor any good examples. I relay all my mail out through Postfix, currently everything sent to my ISP's mail server. However, there are a few users with gmail accounts or gmail-hosted accounts; I'd like to route their outgoing mail through Google's servers (since it will then appear in their Gmail sent folder). All email NOT from one of these senders should go out through the default relayhost. I believe I need to use the "sender_dependent_default_transport_maps" configuration within Postfix, but can't find a good example on what this setup looks like. Can anyone point me at a specific setup?

    Read the article

  • Apache Name-based Virtual Hosts - configuring httpd.conf file

    - by Dave
    Hi there. I am running a web app on Tomcat at the following location on my server. /var/tomcat/webapps/SoccerApp I am looking to update the Tomcat httpd.conf file with the following virtual host... <VirtualHost *:80> DocumentRoot /var/tomcat/webapps/SoccerApp/MyTeam ServerName www.mysoccerapp.com </VirtualHost> This gives me a 404 error as the directory MyTeam does not exist. However my application behaves in a way that it uses this URL directory as the name of the soccer team for which to display data, so it will never be a physical folder on the server. None the less, I would like www.mysoccerapp.com to resolve to webapps/SoccerApp/MyTeam, even though the directory isnt there. does this make any sense? Any ideas on how to get this working. At the end of the day, i want to do the following... www.teamone.com -> runs /webapps/SoccerApp/TeamOne www.teamone.com -> runs /webapps/SoccerApp/TeamTwo ...where TeamOne and TeamTwo are not physical directories, but merely processed by my SoccerApp application as the current soccer team to display data for. Many many thanks! Dave.

    Read the article

  • Secure data from a server to a workstation using jumper hosts

    - by apalsson
    Hello. I have a WWW-server, my problem is that the content is sensitive and should not be accessible for people without proper credentials. How can I improve the ease of use but still maintain security following scenario; The Server is accessed through a "jumper host", i.e. the client connects to the jumper using VPN-connection and uses RemoteDesktop to access the jumper. From the jumper he uses RemoteDesktop again to access the Server. Finally on the Server the user can access content using a WWW-browser. All the way from the VPN-client to the WWW-browser requires authentication using a SmartCard-token. This seems quite secure to me. Content only gets mirrored on the RemoteDesktop between Server and jumper, no cached files to worry about. Connection between jumper and client is protected using VPN(ssl), so no eavesdropping. But it is quite cumbersome for the clients with many steps and connections to open. :( So, how can I improve the user experience accessing my server without compromising security? Thanks.

    Read the article

  • Two hosts on same subnet can't see each other

    - by Joey Hewitt
    I've got two routers with two separate public IP addresses on the same subnet, but I can't get them to talk to each other. Both are connected to the internet (ISP-provided gateway) via Ethernet ports provided by the landlord, but I don't have access to or knowledge of how those are physically connected or the protocols used to get back to the ISP. I can ping either from the outside, but they can't ping each other. Traceroutes in and out look the same, and they receive the same gateway over DHCP. I can ping other IPs on the subnet, so I assume this is not any sort of intentional isolation for security/privacy. Since I'm in a setup where my landlord provides internet and we don't have contact with the ISP, I can't really ask the ISP for help (doubt the landlord would know much either.) The situation is similar to the diagram at this question, but instead of the two servers, there's another router coming off the (presumed) switch, and I don't have access to the switch. I've tried giving them static routes to each other with the ISP internet gateway as the gateway, but that's not working. One is a Linksys WRT54GL running DD-WRT, the other is a Netgear WGR614v7, although I could get something more capable if necessary. I'd like to keep them each connected directly to the ISP on their WAN ports, but I can have an ethernet cable between them if necessary - I'm wondering if there's a way without that, and if there isn't, I'd appreciate advice on how to get that working. Sorry this is so nitpicky; there are reasons for all the constraints, but they don't apply to the real question, so I left them out. ;) Thank you!

    Read the article

  • How can transfer zabbix item from different hosts and save item statistic

    - by Stepchik
    There are two server's (srv1 and srv2). Mysql server has been installed on which of them. Srv1 mysql contains database (db1). Zabbix-server get statistic throw configured agent user parameter (https://www.zabbix.com/documentation/2.0/manual/config/items/userparameters). Yesterday i has been copyed database db1 from mysql srv1 to mysql srv2. I can clone zabbix server item (https://www.zabbix.com/documentation/2.0/manual/config/items) to srv2, but lost all srv1 db1 statistic. Can you advice how keep them?

    Read the article

  • All invalid hosts gets resolved to "com.org"

    - by Vi
    vi@vi-server:~$ nslookup nonexistent.itransition.com Server: 8.8.8.8 Address: 8.8.8.8#53 ** server can't find nonexistent.itransition.com: NXDOMAIN vi@vi-server:~$ cat /etc/resolv.conf nameserver 8.8.8.8 It does not exist. The same result from dig nonexistent.itransition.com. vi@vi-server:~$ ping nonexistent.itransition.com PING nonexistent.itransition.com.org (216.234.246.153) 56(84) bytes of data. 64 bytes from 99.f6.ead8.static.theplanet.com (216.234.246.153): icmp_seq=1 ttl=46 time=128 ms 64 bytes from 99.f6.ead8.static.theplanet.com (216.234.246.153): icmp_seq=2 ttl=46 time=128 ms It catches all invalid hostnames? Why? How to prevent?

    Read the article

  • central apache log analysis of many hosts

    - by Jason Antman
    We have 30+ apache httpd servers, and are looking to perform analysis on the logs both for historical trending and near "real time" monitoring/alerting. I'm mainly interested in things like error rates (4xx/5xx), response time, overall request rate, etc. but it would also be very useful to pull out more compute-intensive statistics like unique client IPs and user agents per unit of time. I'm leaning towards building this as a centralized collector/server/storage, and am also considering the possibility of storing non-apache logs (i.e. general syslog, firewall logs, etc.) in the same system. Obviously a large part of this will probably have to be custom (at least the connection between pieces and the parsing/analysis we do), but I haven't been able to find much information on people who have done stuff like this, at least at shops smaller than Google/Facebook/etc. who can throw their log data into a hundred-node compute cluster and run Map/Reduce on it. The main things I'm looking for are: - All open source - Some way of collecting logs from apache machines that isn't too resource-intensive, and transports them relatively quickly over the network - Some way of storing them (NoSQL? key-value store?) on the backend, for a given amount of time (and then rolling them up into historical averages) - In the middle of this, a way of graphing in near-real-time (probably also with some statistical analysis on it) and hopefully alerting off of those graphs. Any suggestions/pointers/ideas, to either "products"/projects or descriptions of how other people do this would be greatly helpful. Unfortunately, we're not exactly a new-age-y devops shop, lots of old stuff, homogeneous infrastructure, and strained boxes.

    Read the article

  • Xen P2V for large physical hosts with much free space

    - by Sirex
    I need to P2V a rhel5 machine to xen under rhel5. I know I can use dd if=/dev/sda then using virt-install --import on the host, but the downside of this is the original machine has 80% free space on its drive. Does anyone know of (or can document) a quick and easy method which works reliably, to produce a bootable xen image which can run under a hvm in such cases ? I tried clonezilla to make the image, to avoid the free space problem, but it failed to do the clone with "something went wrong" (useless info, i know). At the moment im looking at doing a dd of each partition, and a file level copy of the partition which is mostly empty, then creating a new virtual disk, copying the partitions over to it by mounting both the new image and the virtual drive on a second vm, then copying the boot sectors over, then copying the file level backup..... there must be an easier way ? Oh, and budget is $0. :)

    Read the article

  • scp -q isn't quiet between different hosts

    - by pythonic metaphor
    So scp -q file host:file and scp -q host:file file are both quiet, i.e. don't give the progress meter. But when I run scp -q host1:file host2:file, I still get the progress meter as well as a Connection to host1 closed. message. The progress meter can be gotten rid of by redirected stdout to /dev/null (although I'd rather not have to), but the connection closed messages comes on stderr, which I definitely want to keep in case there's a real error. How can I make scp quiet? Do I have to run ssh host1 "scp -q file host2:file"?

    Read the article

  • nginx virtual hosts are not working, all vhosts goes to the default one

    - by Adirael
    Hello, I just did a clean install of nginx + php-fpm on a VPS running Ubuntu 10.10, nginx is serving and PHP is working fine, but I'm not able to add vhosts to it. Well, I can add them, but only one works, the rest go to this first one. This is my first vhost, for host1: server { listen 80; server_name host1; access_log /var/log/nginx/host1.log; error_log /var/log/nginx/host1.error.log; location / { root /var/www/vhosts/host1/; index index.html index.htm index.php; } location ~ \.php$ { include /etc/nginx/fastcgi_params; #fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_param SCRIPT_FILENAME /var/www/vhosts/host1/$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_index index.php; } } And the second one, for host2: server { listen 80; server_name host2; access_log /var/log/nginx/host2.log; error_log /var/log/nginx/host2.error.log; location / { root /var/www/vhosts/host2/; index index.html index.htm index.php; } location ~ \.php$ { include /etc/nginx/fastcgi_params; #fastcgi_pass 127.0.0.1:9000; fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_param SCRIPT_FILENAME /var/www/vhosts/host2/$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_script_name; fastcgi_index index.php; } } The problem is, when I go to http://host1 everything is fine, but on http://host2, it just shows host1! I don't have Apache installed and everything comes from repos. Any pointers?

    Read the article

  • ssh freezes when trying to connect to some hosts

    - by NS Gopikrishnan
    When I try to ssh to particular machine/s in a list, The SSH command happens to be freezing. I tried out setting ssh timeout. But then also it's freezes even after the timeout. In verbose mode : OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to x358.x.server.com [10.x.x.x] port 22. debug1: fd 3 clearing O_NONBLOCK debug1: Connection established. debug1: identity file /export/home/sqlrpt/.ssh/identity type -1 debug1: identity file /export/home/sqlrpt/.ssh/id_rsa type -1 debug1: identity file /export/home/sqlrpt/.ssh/id_dsa type 2 At this point it freezes. A work around I thought was to create a child process for each ssh calls and if the process doesn't respond after a timeout - Kill it. But are there any less complex ways, so that I can accommodate it in a shell script itself rather than going for a C/C++ program ?

    Read the article

  • Reverse Proxy to filter out js files from multiple hosts in nginx

    - by stwissel
    I have a website http://someplace.acme.com that I want my users to access via http://myplace.mycorp.com - pretty standard reverse proxy setup. The special requirement: any js file - either identified by the .js extension and/or the mime-type (if that is possible) text/javascript needs to be served from a different location, a local tool that inspects the js for potential threats. So I have location / { proxy_pass http://someplace.acme.com; proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location ~* \.(js)$ { proxy_pass http://127.0.0.1:8188/filter?source=$1; proxy_redirect off; proxy_buffering off; } The JS still is served from remote and I have no idea how to check for the mime type. What do I miss?

    Read the article

  • virtual hosts on lighttpd can't load

    - by Jake
    Thats what I did: Added following code to lighttpd.conf $HTTP["host"] =~ "(^|\.)test\.com$" { server.document-root = "/home/test" } created /home/test Restarted Lighttpd but it doesn't load anything Google chrome Error: No data received Unable to load the webpage because the server sent no data. Here are some suggestions: Reload this webpage later. Error 324 (net::ERR_EMPTY_RESPONSE): The server closed the connection without sending any data. Firefox: The connection was reset The connection to the server was reset while the page was loading. The site could be temporarily unavailable or too busy. Try again in a few moments. If you are unable to load any pages, check your computer's network connection. If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web. can you please explain How can I fix this? Really Thanks

    Read the article

  • Mixed IP and Name Based Virtual Hosts with nginx

    - by nerkn
    I set up many domains but I dont know how to configure if only ip address is given. say foo.com I have a setup to go web/foo.com/htdocs, I want to 88.99.66.55 ip address like a domain to web/fook.com/htdocs server { listen 80; server_name 85.99.66.55; location / { root /home/web/fook.com/htdocs; } location ~ \.(php|php3|php4|php5)$ { root /home/web/fook.com/htdocs; include fastcgi_params; fastcgi_pass 127.0.0.1:9000; } } resulted [warn]: conflicting server name "85.105.65.219" on 0.0.0.0:80, ignored

    Read the article

  • Allow outgoing connections for DNS

    - by Jimmy
    I'm new to IPtables, but I am trying to setup a secure server to host a website and allow SSH. This is what I have so far: #!/bin/sh i=/sbin/iptables # Flush all rules $i -F $i -X # Setup default filter policy $i -P INPUT DROP $i -P OUTPUT DROP $i -P FORWARD DROP # Respond to ping requests $i -A INPUT -p icmp --icmp-type any -j ACCEPT # Force SYN checks $i -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # Drop all fragments $i -A INPUT -f -j DROP # Drop XMAS packets $i -A INPUT -p tcp --tcp-flags ALL ALL -j DROP # Drop NULL packets $i -A INPUT -p tcp --tcp-flags ALL NONE -j DROP # Stateful inspection $i -A INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT # Allow established connections $i -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow unlimited traffic on loopback $i -A INPUT -i lo -j ACCEPT $i -A OUTPUT -o lo -j ACCEPT # Open nginx $i -A INPUT -p tcp --dport 443 -j ACCEPT $i -A INPUT -p tcp --dport 80 -j ACCEPT # Open SSH $i -A INPUT -p tcp --dport 22 -j ACCEPT However I've locked down my outgoing connections and it means I can't resolve any DNS. How do I allow that? Also, any other feedback is appreciated. James

    Read the article

  • Outbound ports to allow through firewall - core requirements

    - by dunxd
    This question was asked before, but in a rather general way. I'm asking more specifically based on my current requirements. We have a number of remote offices made up of a bunch of PCs and an ASA 5505 which is used as firewall and VPN termination point. In the offices we share the internet connection with one or more other organisations over whom we have very little control, asides from the config on the ASAs. For a bunch of reasons I'd like to lock down these ASA 5505s to only allow outbound traffic to ports used by applications we know we need. I'm putting a standard config to roll out to all the ASAs, and if we need to open up ports for the other orgs we can do it on request. But I want to leave open the most commonly required ports so we can get up and running without waiting on other folks technical staff to get back. I plan to allow the following TCP ports to support email and web access, which I know everyone will need: POP3 (110 and 995) HTTP (80 and 443) IMAP4 (143 and 993) SMTP (25 and and 465) The question really is, what other ports do I need to leave open to allow for "normal" working? I've seen UDP port 53 for DNS as one. Are there any others that would be worth opening up? Just to note - I'll also be setting up monitoring systems to keep an eye on the ports we do allow. Any of the above could be misused of course. We'll also back all this up with signed agreements. But I'm aiming for a technical solutions where I don't have to start out with the full requirements of everyone we share connections with. See also: outbound ports that are always open

    Read the article

  • Outbound ports to allow through firewall

    - by dunxd
    This question was asked before, but in a rather general way. I'm asking more specifically based on my current requirements. We have a number of remote offices made up of a bunch of PCs and an ASA 5505 which is used as firewall and VPN termination point. In the offices we share the internet connection with one or more other organisations over whom we have very little control, asides from the config on the ASAs. For a bunch of reasons I'd like to lock down these ASA 5505s to only allow outbound traffic to ports used by applications we know we need. I'm putting a standard config to roll out to all the ASAs, and if we need to open up ports for the other orgs we can do it on request. But I want to leave open the most commonly required ports so we can get up and running without waiting on other folks technical staff to get back. I plan to allow the following TCP ports to support commonly required resources: POP3 (110 and 995) HTTP (80 and 443) IMAP4 (143 and 993) SMTP (25 and and 465) The question really is, what other ports do I need to leave open to allow for "normal" working. I've seen UDP port 53 for DNS as one. Are there any others that would be worth opening up? Just to note - I'll also be setting up monitoring systems to keep an eye on the ports we do allow. Any of the above could be misused of course. We'll also back all this up with signed agreements. But I'm aiming for a technical solutions where I don't have to start out with the full requirements of everyone we share connections with. See also: outbound ports that are always open

    Read the article

  • iptables rules to allow HTTP traffic to one domain only

    - by Zenet
    I need to configure my machine as to allow HTTP traffic to/from serverfault.com only. All other websites, services ports are not accessible. I came up with these iptables rules: #drop everything iptables -P INPUT DROP iptables -P OUTPUT DROP #Now, allow connection to website serverfault.com on port 80 iptables -A OUTPUT -p tcp -d serverfault.com --dport 80 -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT #allow loopback iptables -I INPUT 1 -i lo -j ACCEPT It doesn't work quite well: After I drop everything, and move on to rule 3: iptables -A OUTPUT -p tcp -d serverfault.com --dport 80 -j ACCEPT I get this error: iptables v1.4.4: host/network `serverfault.com' not found Try `iptables -h' or 'iptables --help' for more information. Do you think it is related to DNS? Should I allow it as well? Or should I just put IP addresses in the rules? Do you think what I'm trying to do could be achieved with simpler rules? How? I would appreciate any help or hints on this. Thanks a lot!

    Read the article

  • Naming PCs on a mixed hosts home network.

    - by Chris Becke
    I have a home network comprising an Apple iMacs and a Windows 7 PCs - using the internet connection sharing feature on the Windows 7 PC to share the internet connection with the iMac. I have configured the hostnames on each pc so, running hostname on the Windows 7 box says "windows7" and on the iMac says "apple", but, if I try and "ping apple" from Windows 7 or "ping Windows7" from the iMac they can't resolve. what do I need to do to get this 'simple' level on connectivity working?

    Read the article

  • Any free Exchange hosts out there?

    - by Pure.Krome
    Hi folks, Are there any free Microsoft Exchange hosted solutions? I understand that Microsoft Exchange is a paid/licensed product, but I was curious if there might be a host that has a free hosting model (e.g. for <= 3 mailboxes per domain)? Larger mail boxes per domain == cost. ?? Finally, please refrain from suggesting other mail services (eg. sendmail, etc).

    Read the article

  • Nagios: turn off service checks/display on down hosts

    - by Alien Life Form
    I want to to tweak nagios in such a way that all checking stops (with services not displayed, or displayed as unknown) for any down node. Said differently I only want to see one alert for a down host instead of 1 (down) + n (1 for every service). Note that I am interested in service display/status, not only in turning off notifications. Rationale: we use the nagios firefox/chrome plugin to monitor status and nagios' behavior is too noisy giving readings like these (because every node has 20 services): 3 down, 1 unreachable, 4 warnings, 87 critical This means that the 7 critical services on up node (the problem is on the service) are swamped in a slab of red services which are critical only because they sit on a node that's down/unreachable. What I'd rather like to see is: 3 down, 1 unreachable, 80 unknown, 4 warnings, 7 critical Or even 3 down, 1 unreachable, 4 warnings, 7 critical I have looked in service dependencies but I did not fine a way to describe: "make all services on a alive-host dependen on the status of the host check". I found the problem discussed here, where one of the participants thought it was a nagios bug, and here where one of the participants thought it was "as designed". As things are, I am just interested in the effect, much less in the design philosophy. Note that this nagios is checking hundreds of nodes, so the maintainablilty of the solution is also important. TIA and cheers.

    Read the article

  • Varnish with multiple hosts/subdomains

    - by jerhinesmith
    I'm new to Varnish, and I'm hoping it already does this "out of the box", but I'd like to clarify before I consider using it in production: Here's my setup: I have multiple sites running off of the same machine that vary by subdomain (i.e. user1.example.com, user2.example.com, etc.) Each "site" has a profile picture that has the same name (i.e. user1.example.com/profile.png, user2.example.com/profile.png) Will Varnish recognize these as separate resources and cache them accordingly? Or will I need to change something in the VCL to tell it include the full host url when looking up cache hits?

    Read the article

  • Dynamic Virtual Hosts In Apache with www and non-www subdomains

    - by haukish
    I don't know apache very well and I've got a problem with configure mod_vhost_alias This is my httpd.conf file: UseCanonicalName Off LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon <Directory /var/www/sites/> Options FollowSymLinks AllowOverride All </Directory> <VirtualHost *:80> CustomLog logs/access_log.sites vcommon ServerAlias *.domain.com UseCanonicalName Off VirtualDocumentRoot /var/www/sites/%1/ </VirtualHost> Subdomains work fine without www. but I need to make them work with www too. Here's an example: something.domain.com - site is loading www.something.domain.com - Not Found What should I do?

    Read the article

  • How to enable a Web portal-based enterprise platform on different domains and hosts without customization

    - by S.Jalali
    I work at Coscend, a cloud and communications software product company. We have built a Web portal-based collaboration platform that we would like to host on five different Windows- and Linux-based servers in different hosting environments that run Web servers. Each of these Windows and Linux servers have a different host name and domain name (and IP address). Out team would appreciate your guidance on: (1) Is there a way to implement this Web portal-based platform on these Linux servers without customizing the host name, domain name and IP address for each individual instance? (2) Is there a way to create some variables using JavaScript for host name and domain name and call them from the different implementations? (3) Can these JavaScript modules be made portable and re-usable object modules for different environments and instances? The portal is written in JavaScript that is embedded in HTML5 and padded with CSS3. Other technologies include Flash, Flex. Databases used are PostgreSQL and MySQL.

    Read the article

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >