Search Results

Search found 4990 results on 200 pages for 'traffic measurement'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 162/200 | < Previous Page | 158 159 160 161 162 163 164 165 166 167 168 169  | Next Page >

  • Use Expressions with LINQ to Entities

    - by EltonStoneman
    [Source: http://geekswithblogs.net/EltonStoneman] Recently I've been putting together a generic approach for paging the response from a WCF service. Paging changes the service signature, so it's not as simple as adding a behavior to an existing service in config, but the complexity of the paging is isolated in a generic base class. We're using the Entity Framework talking to SQL Server, so when we ask for a page using LINQ's .Take() method we get a nice efficient SQL query for just the rows we want, with minimal impact on SQL Server and network traffic. We use the maximum ID of the record returned as a high-water mark (rather than using .Skip() to go to the next record), so the approach caters for records being deleted between page requests. In the paged response we include a HasMorePages indicator, computed by comparing the max ID in the page of results to the max ID for the whole resultset - if the latter is bigger, then there are more pages. In some quick performance testing, the paged version of the service performed much more slowly than the unpaged version, which was unexpected. We narrowed it down to the code which gets the max ID for the full resultset - instead of building an efficient MAX() SQL query, EF was returning the whole resultset and then computing the max ID in the service layer. It's easy to reproduce - take this AdventureWorks query:             var context = new AdventureWorksEntities();             var query = from od in context.SalesOrderDetail                         where od.ModifiedDate >= modified                          && od.SalesOrderDetailID.CompareTo(id) > 0                         orderby od.SalesOrderDetailID                         select od;   We can find the maximum SalesOrderDetailID like this:             var maxIdEfficiently = query.Max(od => od.SalesOrderDetailID);   which produces our efficient MAX() SQL query. If we're doing this generically and we already have the ID function in a Func:             Func<SalesOrderDetail, int> idFunc = od => od.SalesOrderDetailID;             var maxIdInefficiently = query.Max(idFunc);   This fetches all the results from the query and then runs the Max() function in code. If you look at the difference in Reflector, the first call passes an Expression to the Max(), while the second call passes a Func. So it's an easy fix - wrap the Func in an Expression:             Expression<Func<SalesOrderDetail, int>> idExpression = od => od.SalesOrderDetailID;             var maxIdEfficientlyAgain = query.Max(idExpression);   - and we're back to running an efficient MAX() statement. Evidently the EF provider can dissect an Expression and build its equivalent in SQL, but it can't do that with Funcs.

    Read the article

  • Move Data into the Grid for Scalable, Predictable Response Times

    - by JuergenKress
    CloudTran is pleased to introduce the availability of the CloudTran Transaction and Persistence Manager for creating scalable, reliable data services on the Oracle Coherence In-Memory Data Grid (IMDG). Use of IMDG architectures has been key to handling today’s web-scale loads because it eliminates database latency by storing important and frequently access data in memory instead of on disk. The CloudTran product lets developers easily use an IMDG for full ACID-compliant transactions without having to be concerned about the location or spread of data. The system has its own implementation of fast, scalable distributed transactions that does NOT depend on XA protocols but still guarantees all ACID properties. Plus, CloudTran asynchronously replicates data going into the IMDG to back-end datastores and back-up data centers, again ensuring ACID properties. CloudTran can be accessed through Java Persistence API (JPA via TopLink Grid) and now, through a new Low-Level API, or LLAPI. This is ideal for use in SOA applications that need data reliability, high availability, performance, and scalability. Still in limited beta release, the LLAPI gives developers the ability to use standard put/remove logic available in Coherence and then wrap logic with simple Spring annotations or XML+AspectJ to start transactions. An important feature of LLAPI is the ability to join transactions. This is a common outcome for SOA applications that need to reduce network traffic by aggregating data into single cache entries and then doing SOA service processing in the node holding the data. This results in the need to orchestrate transaction processing across multiple service calls. CloudTran has the capability to handle these “multi-client” transactions at speed with no loss in ACID properties. Developing software around an IMDG like Oracle Coherence is an important choice for today’s web-scale applications and services. But this introduces new architectural considerations to maintain scalability in light of increased network loads and data movement. Without using CloudTran, developers are faced with an incredibly difficult task to ensure data reliability, availability, performance, and scalability when working with an IMDG. Working with highly distributed data that is entirely volatile while stored in memory presents numerous edge cases where failures can result in data loss. The CloudTran product takes care of all of this, leaving developers with the confidence and peace of mind that all data is processed correctly. For those interested in evaluating the CloudTran product and IMDGs, take a look at this link for more information: http://www.CloudTran.com/downloadAPI.php, or, send your questions to [email protected]. WebLogic Partner Community For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center. BlogTwitterLinkedInMixForumWiki Technorati Tags: Coherence,cloudtran,cache,WebLogic Community,Oracle,OPN,Jürgen Kress

    Read the article

  • Setting MTU on Exalogic

    - by csoto
    For many reasons, a system administrator may want to change the MTU settings of a server. But in a system like Exalogic which contains lots of interconnected nodes and other various components, it's important to understand how this applies to the different networks. For example, when bringing up bonding of InfiniBand an error like the following may be thrown: Bringing up interface bond1: SIOCSIFMTU: Invalid argument Both scripts ifcfg-ib0 and ifcfg-ib1 (from the /etc/sysconfig/network-scripts/ direectory) have MTU set to 65500, which is a valid MTU value only if all IPoIB slaves operate in connected mode and are configured with the same value, so the line below must be added to both network scripts and then restart the network: CONNECTED_MODE=yes By the way, an error of the form “SIOCSIFMTU: Invalid argument” indicates that the requested MTU was rejected by the kernel. Typically this would be due to it exceeding the maximum value supported by the interface hardware. In that case you must either reduce the MTU to a value that is supported or obtain more capable hardware. This problem has been seen when trying to modify the MTU using the ifconfig command, like the output of the example below: [root@elxxcnxx ~]# ifconfig ib1 mtu 65520 SIOCSIFMTU: Invalid argument It's important to insist that in most cases the nodes must be rebooted after the MTU size has been changed. Although in some circumstances it may work without a reboot, it is not how it is typically documented. Now, in order to achieve a reduced memory consumption and improve performance for network traffic received on IPoIB related interfaces, it is recommend to reduce the MTU value in interface configuration files for IPoIB related bonds from 65520 to 64000. The change needs to be made to interface configuration files under the /etc/sysconfig/network-scripts directory and applies to the interface configuration files for bonds over IPoIB related slave devices, for example /etc/sysconfig/network-scripts/ifcfg-bond1. However, keep in mind that the numeric portion of the interface filenames that corresponding to IPoIB interfaces is expected to vary across compute nodes and vServers and so cannot be relied upon to identify which interface files are for bonds are over IPoIB rather than EoIB related slave interfaces. To fix these MTU values to the recommended settings, there are very useful instructions and a script on the MOS Note 1624434.1, and it's applicable physical and virtual configurations of Exalogic. Regarding the recommended MTU value for EoIB related interfaces, its maximum appropriate value is 1500. If for some reason a vServer has been created with a higher value (set on the /etc/sysconfig/network-scripts/ifcfg-bond0 file), then it must be fixed. An error like the following could be thrown under this circumstance: [root@vServer ~]# service network restart ... Bringing up interface bond0:  SIOCSIFMTU: Invalid argument Also an error like the one below can be seen on the /var/log/messages file of the vServer: kernel: T5074835532 [mlx4_vnic] eth1:vnic_change_mtu:360: failed: new_mtu 64000 2026 The MOS Note 1611657.1 is very useful for this purpose.

    Read the article

  • Oracle Application in DMZ (Demilitarized Zone)

    - by PRajkumar
     Business Needs Large Organizations want to expose their Oracle Application services outside their private network (HTTP/HTTPS and SSL). Usually these exposures must exist to promote external communication. So they want to separate an external network from directly referencing an internal network   Business Challenges ·         Business does not want to compromise with security information ·         Business cannot expose internal domain or internal URL information   Business Solution DMZ is the solution of this problem. In Oracle application we can achieve this by following way –   ·         Oracle Application consists of fleet nodes (FND_NODES) so first decide which node have to expose to public ·         To expose the node to public use the profile “Node Trust Level” ·         Set node to Public/Private (Normal -> private, External -> public) ·         Set "Responsibility Trust Level" profile to decide whether to expose Application Responsibility to inside or outside firewall         Solution Features   ·         Exposed web services can be accessed by both internal and external users ·         Configurable and can be very easily rolled out ·         Internal network and business data is secured from outside traffic ·         Unauthorized access to internal network from outside is prohibited ·         No need for VPN and Secure FTP server   Benefits  ·       Large Organizations having Oracle Application can expose their web services like (HTTP/HTTPS and SSL) to the internet without compromise with security information and without exposing their internal domain   Possible Week Points  ·         If external firewall is compromised, then external application server is also compromised, exposing an attack on E-Business Suite database ·         There’s nothing to prevent internal users from attacking internal application server, also exposing an attack on E-Business Suite database   Reference Links  ·         https://blogs.oracle.com/manojmadhusoodanan/tags/dmz

    Read the article

  • Java @Contented annotation to help reduce false sharing

    - by Dave
    See this posting by Aleksey Shipilev for details -- @Contended is something we've wanted for a long time. The JVM provides automatic layout and placement of fields. Usually it'll (a) sort fields by descending size to improve footprint, and (b) pack reference fields so the garbage collector can process a contiguous run of reference fields when tracing. @Contended gives the program a way to provide more explicit guidance with respect to concurrency and false sharing. Using this facility we can sequester hot frequently written shared fields away from other mostly read-only or cold fields. The simple rule is that read-sharing is cheap, and write-sharing is very expensive. We can also pack fields together that tend to be written together by the same thread at about the same time. More generally, we're trying to influence relative field placement to minimize coherency misses. Fields that are accessed closely together in time should be placed proximally in space to promote cache locality. That is, temporal locality should condition spatial locality. Fields accessed together in time should be nearby in space. That having been said, we have to be careful to avoid false sharing and excessive invalidation from coherence traffic. As such, we try to cluster or otherwise sequester fields that tend to written at approximately the same time by the same thread onto the same cache line. Note that there's a tension at play: if we try too hard to minimize single-threaded capacity misses then we can end up with excessive coherency misses running in a parallel environment. Theres no single optimal layout for both single-thread and multithreaded environments. And the ideal layout problem itself is NP-hard. Ideally, a JVM would employ hardware monitoring facilities to detect sharing behavior and change the layout on the fly. That's a bit difficult as we don't yet have the right plumbing to provide efficient and expedient information to the JVM. Hint: we need to disintermediate the OS and hypervisor. Another challenge is that raw field offsets are used in the unsafe facility, so we'd need to address that issue, possibly with an extra level of indirection. Finally, I'd like to be able to pack final fields together as well, as those are known to be read-only.

    Read the article

  • What are different ways to reduce latency between a server and a web application? [closed]

    - by jjoensuu
    this is a question about a web application that provides SOAP web services. For the sake of this question, this web app is hosted on a server SERVER B which is located in California. We have an automated, scheduled, process running on a server SERVER A, located in New York. This scheduled process is supposed to send SOAP messages to SERVER B every so often, but this process typically dies soon after starting. We have now been told by the vendor that reason why the process dies is because of the latency between SERVER A and SERVER B. The data traffic is routed through many diffent public networks. There is no dedicated line between SERVER A and SERVER B. As a result I have been asked to look into ways to reduce the latency between SERVER A and SERVER B. So I wanted to ask, what are the different ways to reduce latency in a situation like this? For example, would it help to switch from HTTPS to some other secure protocol? (the thought here is that perhaps some other alternative would require fewer handshakes than HTTPS). Or would a VPN help? If a VPN would reduce the latency, how would it do that? NOTE: I am not looking for an explicit answer that would work in my specific situation. I am more like looking just for a simple list of what technologies could be used for this. I will still have to evaluate the technologies and discuss them internally with others, so the list would just be a starting point. Here I am assuming that there exists very few ways to reduce latency between two servers that communicate across public networks using HTTPS. Feel free to correct me if this assumption is wrong and please ask if there is a need for specific information. NOTE 2: A list of technologies is a specific answer to the question I stated in the title. NOTE 3: Its rather dumb to close this question when it is after all about me looking for information and furthermore this information can clearly be useful for others. Anyway luckily there are other sites where I can ask around. StackExchange seems to attached to their own philosophical principles. Many thanks

    Read the article

  • How to cleanly add after-the-fact commits from the same feature into git tree

    - by Dennis
    I am one of two developers on a system. I make most of the commits at this time period. My current git workflow is as such: there is master branch only (no develop/release) I make a new branch when I want to do a feature, do lots of commits, and then when I'm done, I merge that branch back into master, and usually push it to remote. ...except, I am usually not done. I often come back to alter one thing or another and every time I think it is done, but it can be 3-4 commits before I am really done and move onto something else. Problem The problem I have now is that .. my feature branch tree is merged and pushed into master and remote master, and then I realize that I am not really done with that feature, as in I have finishing touches I want to add, where finishing touches may be cosmetic only, or may be significant, but they still belong to that one feature I just worked on. What I do now Currently, when I have extra after-the-fact commits like this, I solve this problem by rolling back my merge, and re-merging my feature branch into master with my new commits, and I do that so that git tree looks clean. One clean feature branch branched out of master and merged back into it. I then push --force my changes to origin, since my origin doesn't see much traffic at the moment, so I can almost count that things will be safe, or I can even talk to other dev if I have to coordinate. But I know it is not a good way to do this in general, as it rewrites what others may have already pulled, causing potential issues. And it did happen even with my dev, where git had to do an extra weird merge when our trees diverged. Other ways to solve this which I deem to be not so great Next best way is to just make those extra commits to the master branch directly, be it fast-forward merge, or not. It doesn't make the tree look as pretty as in my current way I'm solving this, but then it's not rewriting history. Yet another way is to wait. Maybe wait 24 hours and not push things to origin. That way I can rewrite things as I see fit. The con of this approach is time wasted waiting, when people may be waiting for a fix now. Yet another way is to make a "new" feature branch every time I realize I need to fix something extra. I may end up with things like feature-branch feature-branch-html-fix, feature-branch-checkbox-fix, and so on, kind of polluting the git tree somewhat. Is there a way to manage what I am trying to do without the drawbacks I described? I'm going for clean-looking history here, but maybe I need to drop this goal, if technically it is not a possibility.

    Read the article

  • Why do some user agents have spam urls in them (and why are they always Opera/Presto User-Agents)?

    - by Erx_VB.NExT.Coder
    If you go to (say) the last 100 entries (visits) to the botsvsbrowsers.com website (exact link, feel free to take a look: http://www.botsvsbrowsers.com/recent/listings/index.html ), you'd notice that almost every User Agent that has the keywords "Opera" and "Presto" inside them, will almost certainly have a web link (URL/Web Address) inside it, and it won't just be a normal web address, but a HTML anchor tag/link to that address. Why is this so, I could not even find a single discussion about it on the internet, nowhere, I tried varying my search terms many times. If the user agent contains the words "Opera" and "Presto" it doesnt mean it will have this weblink, but it means there is about an 80% change that it will. A typical anchor tag/link inside a user agent will look like this: Mozilla/4.0 <a href="http://osis-uk.co.uk/disabled-equipment">disability equipment</a> (Windows NT 5.1; U; en) Presto/2.10.229 Version/11.60 If you check it out at the website, http://www.botsvsbrowsers.com/recent/listings/index.html you will notice that the back and forward arrows are in there unescaped format. This isn't just true for botsvsbrowsers, but several other user agent listing sites. I'm really confused and feel line I'm in a room full of 10,000 people and am the only one seeing this ghost :). If I'm doing statistical analysis, should I include or exclude this type of user agent from my listing (ie: are these just normal users who've set their user agents to attempt to drive some traffic to their sites as they browser the web), or is there something else going on? The fact that it is so consistent in terms of its format leads me to believe that it is an automated process (the setting or alteration of the user agent) so I cannot decide or understand the process by which this change is made (I know how to change a user agent), but unsure which program or facility is doing this, especially since it is exclusive to Opera (Presto) user agents that are beyond I think an 8 or 9 point something browser version. I've run some statistical tests, parsing entries from all over the place, writing custom programs, to get a better understanding of this. Keep in mind that I see normal URL's in user agents infrequently, they are just text such as +http://www.someSite.com appended to a user agent normally, especially if its a crawler or bot it provided its service URL, this is normal and isnt done with an embedded link (A HREF=) etc, so I'm not talking about "those".

    Read the article

  • How do I prevent ISPs from killing downloads of files in mid-transfer?

    - by Gorchestopher H
    I run a small website with a few users, low traffic, mostly to share personal mp3 files with a small community. Depending on their ISP, my users can't always download or stream larger files. By larger I mean larger than 1MB. Essentially the host either stops sending, or the client stops receiving. One of the links along the connection chain simply ends its connection before the transfer completes Trace-route shows no connection issues. There are no connection issues with short transfers that don't take more than a few seconds. It's these 10 second transfers that just end up ending. Just doing a straight download with a direct link can yield this error if you have the wrong ISP. Strangely enough, this is most common with users with ISPs who are essentially independent providers that buy service via a fiber link. Unfortunately these providers aren't very knowledgeable, are unable to do any testing, and insist it's a problem with the host. I have gotten my host to transfer my site to different servers of their, to the same effect. Nearly identical sites (affiliate sites actually) experience no such issue. What can I be doing to further troubleshoot this matter? How can I prove that someone is dropping the ball, and identify who that party is? Can I do a 5Mb traceroute? EDIT Maybe I can clear up some misconceptions with my question: The files are not very large. They are simply over 2Mb. The users do not have "slow" connections, they are at least 5mbps. This "time out" happens very quickly, in the realm of 5 seconds, so I don't know if it's a timeout or not. The user often gets 1 or 2Mb in this chunk of time. I have tried streaming with a flash player. I have tried saving the target. Forcing the download. I have tried allowing the browser to stream the file. I have tried different browsers (FF, IE, Chrome). Users are able to download identical files when on different hosts.

    Read the article

  • ???????Java EE??????WebLogic Server 12c??????3???????Oracle WebLogic Server 12c Forum?????|WebLogic Channel|??????

    - by ???02
    ???????2012?2?7??Java EE??????????·???????Oracle WebLogic Server 12c?????????????????????1?25????????????Oracle WebLogic Server 12c Forum - ????????Java??????????? -????Java EE 6?Java SE 7???????Java???????WebLogic Server 12c?????????????????·?????????????????????3??????????????????????(???)?Java EE 6?Java SE 7??????200????????????WebLogic Server 12c ???????????Oracle Corporation?WebLogic Server???????Fusion Middleware?????????·??????????????·???????????·????????????????????·???????????/????????Oracle Fusion Middleware??????WebLogic Server?????????????????????? ?Fusion Middleware?????WebLogic Server?Coherence?Tuxedo??????????·??????????????????????????????????????????????Traffic Director?Virtual Assembly Builder???????Cloud Application Foundation??????????Cloud Application Foundation??Fusion Middleware?Fusion Application??????·???????????·????????????????????(?????) ?????????????1???????????WebLogic Server 12c??Java EE 6?Java SE 7???????Java?????????????????????????????????????200?????????????????? ???????????????????????Java EE 6??????????????????????????????????????????????????????????????????????????5?????? ????????·??????????????????Java EE 6?Java SE 7?????????????????????????????????????Oracle Real Application Clusters(RAC)????????????????????????????????????????????????????????????? ????????????????SPECjEnterprise2010????????????????????????????????????????????·????(Engineered Systems)?????????Oracle Exalogic Elastic Cloud???????????????????????? ???????????????????????????????Oracle Enterprise Manager Cloud Control 12c???????????????????????·?????????????????????????????????????????????????????????? ????WebLogic Server????????GlassFish?????????????????JBoss?WebSphere?????????/???????????·?????WebLogic Server 12c????????????????????????????·???????????? ???????IDC?????????????WebLogic Server????????????????????????????????????????????????????????·???????????????????WebLogic Server 12c??????????????????·??????????????????????WebLogic Server 12c???????????????????????????(?????)¦????????????! ??????????????????WebLogic Server 12c??????WebLogic Server 12c??????3????? ???????????????????????Fusion Middleware???????????????????????????????WebLogic Server 12c??????3???????????????????????WebLogic Server 12c???????????????WebLogic Server 12c???????1――???Java????????????? ????WebLogic Server 12c???????????Java EE 6?Java SE 7????????????????????????????????Java EE??????????????????????????????????????Java EE????????????????????????????Java EE?????????????1??????????????????????????????????????????????????(???????·?????????????????)????????????????????????????????????????? ?Java EE 6????Java EE?????????1???????????Java?????????????????????????????????????????????????????????·??????(OSS)???????????????????????????????????????Java EE 6?Java SE 7??????Java???????????????????????????????????????????????????(???) ???????????????????????Fusion Middleware???????????????????????????????WebLogic Server 12c??????3???????????????????????WebLogic Server 12c???????????????WebLogic Server 12c???????1?????Java????????????? ????WebLogic Server 12c???????????Java EE 6?Java SE 7????????????????????????????????Java EE??????????????????????????????????????Java EE????????????????????????????Java EE?????????????1??????????????????????????????????????????????????(???????·?????????????????)????????????????????????????????????????? ?Java EE 6????Java EE?????????1???????????Java?????????????????????????????????????????????????????????·??????(OSS)???????????????????????????????????????Java EE 6?Java SE 7??????Java???????????????????????????????????????????????????(???)--WebLogic Server 12c???????2:??????????????????(??????????????????) ???WebLogic Server 12c?????2????????????????????????????????????1????????????????OSS??????????????????????????OSS????????????????????????????????????????????????????????????????????????????????????????????OSS?????????????????????????????????????????????????????????????? "???"???????????????? ???WebLogic Server 12c?????Java EE 6???JavaServer Faces 2.1?Java Servlet 3.0?EJB 3.1?Java Persistence API 2.0????????????Java EE??????????????????????????????????????????????OSS?????????????????????????????????????????????????????????????????????????Java EE??????????????????????????????·???·?????????????/??????????????????????????????????????????????????????????????????¦?????WebLogic & Java EE??????????? ?????????????Java EE?????????????WebLogic Server 12c???????3:?????·??????????????? 3?????????????·?????????????????????????????????Oracle RAC????????????Active GridLink for RAC???????WebLogic Server????????1????????? Active GridLink for RAC ??WebLogic Server???????????WebLogic Suite???????1????WebLogic Server 12c???Web?????·???????????????????????????????HTTP?????????????Oracle RAC?1?????????????????????????·?????????????????????????????????????Oracle RAC??????????????????????Web?????·????????????????????3??1?????????????? ???Active GridLink for RAC??????????????????????????????????????????????TCP/IP??????????????????????????·??????????????????????????????????????????????????Oracle RAC????????????????????????????????????????????????????????????·????????????????????????????????????????????????¦????WebLogic?RAC????????????――Active GridLink for RAC????RAC???????????????????????????????????????4???? ????????·??????(GC)?????????????????????????????JRockit Real Time?????????????????????????????????????????????????JRockit Flight Recorder????2??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????·??????·????????????????????WebLogic Server?????????????12c?????????????? ?Oracle Database????????GC????????????????????????????????????????????·????????????????????WebLogic Server????????????????12c?????????????????????????????????????????????????????????????????????????·?????????????????????????????????????????????????WebLogic Server 12c???????????(???)¦??????????????????????????WebLogic Server????????·??????????――?????·??????·???????????WebLogic??????????????????????????TCO?――????????????????WebLogic??????? ???????????????????Cloud Application Foundation???????????WebLogic Server 12c???????????????????????????????????????????????????????????????????????????????????????·??????·????????????????????????????????????????????????????????WebLogic Server 12c??????????????????????????¦WebLogic Server 12c??????·???Oracle Fusion Middleware 11g ??????·??????Oracle OpenWorld Tokyo 2012??????ENGINEERED FOR INNOVATION ??????????????????????????????????????????????????????????????????????????????????WebLogic Server???????????????????????![???????????:4324]??:2012?4?4?(?)~6?(?)??:???? ????? ??????????????49????????????:????Oracle OpenWorld Tokyo 2012???? ~??????~(PDF)Oracle OpenWorld Tokyo 2012????????2?(?????)???

    Read the article

  • AWStats is processing log files but does not display them

    - by Wouter
    I've setup AWStats on my VPS to get some more insight into the traffic coming to my site. As instructed I ran a manual build/update which ran fine: sudo -u www-data ./awstats.pl -config=xxxx.com Create/Update database for config "/etc/awstats/awstats.xxxx.com.conf" by AWStats version 6.9 (build 1.925) From data in log file "/usr/share/doc/awstats/examples/logresolvemerge.pl /var/www/xxxx.com/logs/*-access.log |"... Phase 1 : First bypass old records, searching new record... Searching new records from beginning of log file... Phase 2 : Now process new records (Flush history on disk after 20000 hosts)... Warning: awstats has detected that some hosts names were already resolved in your logfile /usr/share/doc/awstats/examples/logresolvemerge.pl /var/www/xxxx.com/logs/*-access.log |. If DNS lookup was already made by the logger (web server), you should change your setup DNSLookup=1 into DNSLookup=0 to increase awstats speed. Jumped lines in file: 0 Parsed lines in file: 814 Found 0 dropped records, Found 0 corrupted records, Found 0 old records, Found 814 new qualified records. It also produced the file in the DatDir: /var/lib/awstats/awstats052010.xxxx.com.txt which contains what I would expect. BUT when I visit: xxxx.com/awstats/awstats.pl it tells me Last Update: Never updated (See 'Build/Update' on awstats_setup.html page) and the rest of the page is blank. I'm pretty sure I set it up correctly but now I cannot figure out why this is happening. Hopefully someone smarter then me can help me. Thank you in advanced.

    Read the article

  • HAProxy reqrep remove URI on backend request

    - by Jim
    real quick question regarding HAProxy reqrep. I am trying to rewrite/replace the request that gets sent to the backend. I have the following example domain and URIs http://domain/web1 http://domain/web2 I want web1 to go to backend webfarm1, and web2 to go to webfarm2. Currently this does happen. However I want to strip off the web1 or web2 URI when the request is sent to the backend. Here is my haproxy.cfg frontend webVIP_80 mode http bind :80 #acl routing to backend acl web1_path path_beg /web1 acl web2_path path_beg /web2 #which backend use_backend webfarm1 if web1_path use_backend webfarm2 if web2_path default_backend webfarm1 backend webfarm1 mode http reqrep ^([^\ ]*)\ /web1/(.*) \1\ /\2 balance roundrobin option httpchk HEAD /index HTTP/1.1\r\nHost:\ example.com server webtest1 10.0.0.10:80 weight 5 check slowstart 5000ms server webtest2 10.0.0.20:80 weight 5 check slowstart 5000ms backend webfarm2 mode http reqrep ^([^\ ]*)\ /web2/(.*) \1\ /\2 balance roundrobin option httpchk HEAD /index HTTP/1.1\r\nHost:\ example.com server webtest1-farm2 10.0.0.110:80 weight 5 check slowstart 5000ms server webtest2-farm2 10.0.0.120:80 weight 5 check slowstart 5000ms If I go to http://domain/web1 or http://domain/web2 I see it in the error logs that the request on a server in each backend that the requst is for the resource /web1 or /web2 respectively. Therefore I believe there to be something wrong with my regular expression, even though I copied and pasted it from the Documentation. http://code.google.com/p/haproxy-docs/wiki/reqrep Summary: I'm trying to route traffic based on URI, however I want to strip the URI on the backend side. Go to http://domain/web1 -- backend request of / to webfarm1 Thank you! -Jim

    Read the article

  • squid and ftp connections

    - by Kstro21
    i have a squid proxy server for both, http and ftp connections, i'm trying to use filezilla to open a ftp, but it always fail with an error saying: Status: Connection with proxy established, performing handshake... Response: Proxy reply: HTTP/1.0 403 Forbidden Error: Proxy handshake failed: ECONNRESET - Connection reset by peer Error: Connection timed out Error: Failed to retrieve directory listing i sniff the traffic, and, filezilla is trying to connect to a different port and the proxy denied it look, this is a portion of the sniff result CONNECT 201.150.36.227:61179 HTTP/1.1 Host: 201.150.36.227:61179 User-Agent: FileZilla everytime is a different port, so, no way i can allow it in the squid, also, i set the filezilla to use a active connection, same result, passive connection, same result again, so, i'm out of bullets, and i need your help, maybe a setting in the filezilla or in the squid can do the job, so, give a hand here this is the full log of the filezilla Status: Connecting to uhma.mx through proxy Status: Connecting to 172.19.216.13:3128... Status: Connection with proxy established, performing handshake... Response: Proxy reply: HTTP/1.0 200 Connection established Status: Connection established, waiting for welcome message... Response: 220 ProFTPD 1.3.3a Server (a3 FTP CUATRO) [201.150.36.227] Command: USER uhmamx Response: 331 Password required for uhmamx Command: PASS ******* Response: 230 User uhmamx logged in Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is the current directory Command: TYPE I Response: 200 Type set to I Command: PASV Response: 227 Entering Passive Mode (201,150,36,227,238,251). Command: MLSD Status: Connecting to 172.19.216.13:3128... Status: Connection with proxy established, performing handshake... Response: Proxy reply: HTTP/1.0 403 Forbidden Error: Proxy handshake failed: ECONNRESET - Connection reset by peer Error: Connection timed out Error: Failed to retrieve directory listing

    Read the article

  • How can I solve http_port 3129 intercept with squid?

    - by wmoreno3
    My system: uname -a FreeBSD server.local.jmorenov.com.co 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64 pkg info | grep squid squid-3.2.7 HTTP Caching Proxy I have this configuration in squid.conf: http_port 3128 accel vhost allow-direct # OK http_port 3129 intercept # Does not work icp_port 0 When I tried with: http_port 3129 intercept By switch line on ipnat.rules. In access log appears: 2013/01/09 00:46:03 kid1| IPF (IPFilter) NAT open failed: (13) Permission denied 2013/01/09 00:46:03 kid1| BUG #3329: Orphan Comm::Connection: local=127.0.0.1:3129 remote=192.168.1.129:51595 FD 24 flags=33 2013/01/09 00:46:03 kid1| NOTE: 1 Orphans since last started. /var/log/squid/cache.log 2013/02/08 09:02:33 kid1| Squid plugin modules loaded: 0 2013/02/08 09:02:33 kid1| Accepting reverse-proxy HTTP Socket connections at local=127.0.0.1:3128 remote=[::] FD 33 flags=9 2013/02/08 09:02:33 kid1| Accepting NAT intercepted HTTP Socket connections at local=127.0.0.1:3129 remote=[::] FD 34 flags=41 My /etc/ipnat.rules: root@server:/root # cat /etc/ipnat.rules # em0 = External NIC # bge0 = Internal NIC map em0 0/0 -> 0/32 proxy port ftp ftp/tcp map em0 0/0 -> 0/32 portmap tcp/udp auto map em0 0/0 -> 0/32 # Redirect direct web traffic to local web server. rdr em0 192.168.0.3/32 port 80 -> 127.0.0.1 port 80 tcp rdr bge0 192.168.1.3/32 port 80 -> 127.0.0.1 port 80 tcp # Redirect everything else to squid on port 3128 or 3129 intercept rdr em0 0.0.0.0/0 port 80 -> 127.0.0.1 port 3128 tcp rdr bge0 0.0.0.0/0 port 80 -> 127.0.0.1 port 3128 tcp #rdr em0 0.0.0.0/0 port 80 -> 127.0.0.1 port 3129 tcp #rdr bge0 0.0.0.0/0 port 80 -> 127.0.0.1 port 3129 tcp With 3128 is OK, but with 3129, Does not work, when switch in ipnat.rules.

    Read the article

  • TortoiseSVN hangs in Windows Server 2012 Azure VM

    - by ZaijiaN
    Following @shanselman's article on remoting into an Azure VM for development, I spun up my own VS 2013 VM, and that image runs on WS 2012. Once I was able to remote in, I started installing all my dev tools, including Tortoise SVN 1.8.3 64bit. Things went south once I started attempting to check out code from my personal svn server. It would hang and freeze often, although sometimes it would work - I was able to partially check out projects, but I would get frequent connection time out errors. My personal svn server (VisualSVN 2.7.2) runs at home on a windows 7 machine, and I have a dyndns url pointing to it. I have also configured my router to passthrough all 443 traffic to the appropriate port on the server. I self-signed a cert and made sure it was imported into the VM cert store under trusted root authorities. I have no problems connecting to my svn server from 4-5 other computers & locations. From the Azure VM, in both IE and Chrome, I can access the repository web browser with no issues. There are no outbound firewall restrictions. I have installed other SVN add-ons for Visual Studio (AnkhSVN, VisualSVN) and attempted to connect with my svn server, with largely the same results - random and persistent connection issues (hangs/timeouts). I spun up a completely fresh WS 2008 Azure VM, and installed TortoiseSVN, and had the same results. So I'm at a loss as to what the problem is and how to fix it. Web searches on tortoisesvn and windows server issues doesn't yield any current or relevant information. At this point, i'm guessing that maybe some setting or configuration that MS Azure VM images is the culprit - although I should probably attempt to spin up my own local WS VM to rule out that it's a window server issue. Any thoughts? I hope I'm just missing something really obvious!

    Read the article

  • Cacti rrdtool graph with no values, NaN in .rrd file

    - by beicha
    Cacti 0.8.7h, with latest RRDTool. I successfully graphed CPU/Interface traffic, but got blank graphs like when it comes to Memory/Temperature monitoring. The problem/bug is actually archived here, however this post didn't help. I can snmpget the value, e.g SNMPv2-SMI::enterprises.9.9.13.1.3.1.3.1 = Gauge32: 26. However, the problem seems to exist in storing these values to the .rrd file. Output of rrdtool info powerbseipv6testrouter_cisco_memfree_40.rrd AVERAGE cisco_memfree as below: filename = "powerbseipv6testrouter_cisco_memfree_40.rrd" rrd_version = "0003" step = 300 last_update = 1321867894 ds[cisco_memfree].type = "GAUGE" ds[cisco_memfree].minimal_heartbeat = 600 ds[cisco_memfree].min = 0.0000000000e+00 ds[cisco_memfree].max = 1.0000000000e+12 ds[cisco_memfree].last_ds = "UNKN" ds[cisco_memfree].value = 0.0000000000e+00 ds[cisco_memfree].unknown_sec = 94 rra[0].cf = "AVERAGE" rra[0].rows = 600 rra[0].pdp_per_row = 1 rra[0].xff = 5.0000000000e-01 rra[0].cdp_prep[0].value = NaN rra[0].cdp_prep[0].unknown_datapoints = 0 rra[1].cf = "AVERAGE" rra[1].rows = 700 rra[1].pdp_per_row = 6 rra[1].xff = 5.0000000000e-01 rra[1].cdp_prep[0].value = NaN rra[1].cdp_prep[0].unknown_datapoints = 0 rra[2].cf = "AVERAGE" rra[2].rows = 775 rra[2].pdp_per_row = 24 rra[2].xff = 5.0000000000e-01 rra[2].cdp_prep[0].value = NaN rra[2].cdp_prep[0].unknown_datapoints = 18 rra[3].cf = "AVERAGE" rra[3].rows = 797 rra[3].pdp_per_row = 288 rra[3].xff = 5.0000000000e-01 rra[3].cdp_prep[0].value = NaN rra[3].cdp_prep[0].unknown_datapoints = 114 rra[4].cf = "MAX" rra[4].rows = 600 rra[4].pdp_per_row = 1 rra[4].xff = 5.0000000000e-01 rra[4].cdp_prep[0].value = NaN rra[4].cdp_prep[0].unknown_datapoints = 0 rra[5].cf = "MAX" rra[5].rows = 700 rra[5].pdp_per_row = 6 rra[5].xff = 5.0000000000e-01 rra[5].cdp_prep[0].value = NaN rra[5].cdp_prep[0].unknown_datapoints = 0 rra[6].cf = "MAX" rra[6].rows = 775 rra[6].pdp_per_row = 24 rra[6].xff = 5.0000000000e-01 rra[6].cdp_prep[0].value = NaN rra[6].cdp_prep[0].unknown_datapoints = 18 rra[7].cf = "MAX" rra[7].rows = 797 rra[7].pdp_per_row = 288 rra[7].xff = 5.0000000000e-01 rra[7].cdp_prep[0].value = NaN rra[7].cdp_prep[0].unknown_datapoints = 114

    Read the article

  • Helicon ISAPI Rewrite Proxy 500 Internal Server Error

    - by Rob Stevenson-Leggett
    Hi, I have a website running at www.domain.com. The client now wants the website to appear to be running under www.otherdomain.com/whatson/brand/ Since the website is umbraco it won't run under a subfolder. I wanted to use ISAPI rewrite to proxy requests to www.domain.com using the following rule in a .htaccess at www.otherdomain.com/whatson/brand/ RewriteRule ^(.*)$ http://www.domain.com/$1 [P,L] However, when I apply this I get an ugly 500 Internal Server Error. There's nothing in the event log. So I turned on ISAPI logging and can see the following 111.111.111.111 111.111.111.111 Tue, 12-Jan-2010 13:05:24 GMT [www.otherdomain.com/sid#2045305275][rid#26337200/initial] (2) init rewrite engine with requested uri /whatson/brand/home.aspx Then it testing all the other rewrite rules on the server. Then this 111.111.111.111 111.111.111.111 Tue, 12-Jan-2010 13:05:24 GMT [www.otherdomain.com/sid#2045305275][rid#26337200/initial] (1) Htaccess process request w:\websites\otherdomain.com\docs2\whatson\brand\.htaccess 111.111.111.111 111.111.111.111 Tue, 12-Jan-2010 13:05:24 GMT [www.otherdomain.com/sid#2045305275][rid#26337200/initial] (3) applying pattern '^(.*)$' to uri 'home.aspx' 111.111.111.111 111.111.111.111 Tue, 12-Jan-2010 13:05:24 GMT [www.otherdomain.com/sid#2045305275][rid#26337200/initial] (2) forcing proxy-throughput with http://www.domain.com/home.aspx 111.111.111.111 111.111.111.111 Tue, 12-Jan-2010 13:05:24 GMT [www.otherdomain.com/sid#2045305275][rid#26337200/initial] (1) go-ahead with proxy request http://www.domain.com/home.aspx [OK] 111.111.111.111 111.111.111.111 Tue, 12-Jan-2010 13:05:24 GMT [www.otherdomain.com/sid#2045305275][rid#26337200/initial] (2) rewrite 'home.aspx' -> '/whatson/brand/home.aspxx.rwhlp?p=0' 111.111.111.111 111.111.111.111 Tue, 12-Jan-2010 13:05:24 GMT [www.otherdomain.com/sid#2045305275][rid#26337200/initial] (2) internal redirect with /whatson/brand/home.aspxx.rwhlp?p=0 [INTERNAL REDIRECT] So it appears to work according to the logs, but I'm not seeing the page come through.. It's worth noting that www.domain.com and www.otherdomain.com are on the same box. LogLevel is 3 and RewriteLogLevel is 3 (I've tried with 9 and debug but there is too much traffic going through the other sites on the box) Any ideas?

    Read the article

  • Ierrs on Network Interface - Pfsense/Freebsd

    - by JFA
    Hello all, We're using PfSense as an internal router/firewall (no connection to WAN). Using the Web-GUI, under Status --- Interfaces, there's one particular interface where I have some errors: In/out errors 3513/0 I then SSHed to the firewall to validate the info provided by the WebGUI and here's the output: # netstat -ni -I bce2 Name Mtu Network Address Ipkts Ierrs Opkt Oerrs Coll bce2 1500 <Link#3> 00:23:7d:cd:a2:a2 1404522323 3513 749797131 0 0 bce2 1500 10.42.1.0/24 10.42.1.24 6 - 6 - - As you can see, both present the same info (errors on incoming packets). I switched cables, changed network card, changed port on switch and I still see the errors. My 2 questions really are: 1) Is there any way I could get more info on the nature of these errors? or is this all I can get? 2) Should I be worried about this? As you can see, the errors are a VERY LOW percentage of all the total incoming packets. In other words, is this normal on a high-traffic gigabit interface? Thanks! JFA

    Read the article

  • SCVMM 2008 R2 problems migrating VM from VS2005 to Hyper-V host

    - by Scott Ivey
    I have System Center Virtual Machine Manager 2008 R2 installed, and have a Hyper-V R2 host and a Virtual Server 2005 host. I'm trying to migrate my machines from the VS2005 host to the Hyper-V host, and keep getting the following error... VMM is unable to complete the requested file transfer. The connection to the HTTP server myserver.mydomain.local could not be established. (Unknown error (0x80072efd)) Recommended Action Ensure that the HTTP service and/or the agent on the machine myserver.mydomain.local are installed and running and that a firewall is not blocking HTTPS traffic. (Note - migrations between Hyper-V hosts managed by the VMM server work fine - my problem is just going from VS2005-Hyper-V hosts) I have no firewalls turned on on either of the servers, and no firewalls in the middle. I've looked all over for answers to this problem, and am getting nowhere. All the articles I find when searching are talking about either V2V or P2V - and i'm just trying to do a straight migrate VM. I've tried rebooting the boxes, changing the BITS SSL port number, restarting services, triple-checking firewalls, etc. Does anyone have any good suggestions as to how I can resolve this problem?

    Read the article

  • Sticky connection and HTTPS support for HAProxy

    - by Saif
    Hi Mates, We have 2 HTTP Load balancer with HAproxy and heartbeat. There are 4 apache nodes in this cluster. It's doing round robin load balancing. The HTTP cluster working fine. We are having problem with our portal because it uses SSO. We need sticky connection support in our HAproxy. Also we need load balancing for HTTPS traffic. Here's our HAproxy conf file. global # to have these messages end up in /var/log/haproxy.log you will # need to: # # 1) configure syslog to accept network log events. This is done # by adding the '-r' option to the SYSLOGD_OPTIONS in # /etc/sysconfig/syslog # # 2) configure local2 events to go to the /var/log/haproxy.log # file. A line like the following can be added to # /etc/sysconfig/syslog # # local2.* /var/log/haproxy.log # log 127.0.0.1 local0 log 127.0.0.1 local1 notice chroot /var/lib/haproxy pidfile /var/run/haproxy.pid maxconn 4000 user haproxy group haproxy daemon # turn on stats unix socket stats socket /var/lib/haproxy/stats #--------------------------------------------------------------------- # common defaults that all the 'listen' and 'backend' sections will # use if not designated in their block #--------------------------------------------------------------------- defaults mode http log global option httplog option dontlognull option http-server-close option forwardfor except 127.0.0.0/8 option redispatch retries 3 timeout http-request 10s timeout queue 1m timeout connect 10s timeout client 1m timeout server 1m timeout http-keep-alive 10s timeout check 10s maxconn 3000 #--------------------------------------------------------------------- # main frontend which proxys to the backends #--------------------------------------------------------------------- frontend main *:5000 acl url_static path_beg -i /static /images /javascript /stylesheets acl url_static path_end -i .jpg .gif .png .css .js use_backend static if url_static default_backend app #--------------------------------------------------------------------- # static backend for serving up images, stylesheets and such #--------------------------------------------------------------------- backend static balance roundrobin server static 127.0.0.1:4331 check #--------------------------------------------------------------------- # round robin balancing between the various backends #--------------------------------------------------------------------- backend app listen ha-http 10.190.1.28:80 mode http stats enable stats auth admin:xxxxxx balance roundrobin cookie JSESSIONID prefix option httpclose option forwardfor option httpchk HEAD /haproxy.txt HTTP/1.0 server apache1 portal-04:80 cookie A check server apache2 im-01:80 cookie B check server apache3 im-02:80 cookie B check server apache4 im-03:80 cookie B check Please advice. Thanks for your help in advance.

    Read the article

  • Redirect particular hostname from https to httpd in httpd/apache2

    - by webnothing
    I have a webserver that has an ssl certificate applied to a subdomain https://shop.mydomain.com. I also have the hostname http://mydomain.com that has no ssl certificate. When invoking https://mydomain.com, browsers issue a warning that a certificate could not be verified because the webserver is identifying itself as https://shop.mydomain.com. I would like all traffic that hits https://mydomain.com to be redirected to http://mydomain.com, and leave https://shop.mydomain.com as is. My httpd.conf file generally looks like this: < VirtualHost 122.11.11.21:80 > ServerName shop.mydomain.com .. regular old port 80 .. < /VirtualHost > < VirtualHost 122.11.11.21:443 > ServerName shop.mydomain.com .. SSL applies here .. < /VirtualHost > < VirtualHost 122.11.11.21:80 > ServerName mydomain.com .. regular old port 80 .. < /VirtualHost > It does not look as if I have SSL set up for https://mydomain.com yet one can invoke SSL mode and the browser identifies the connection as https://shop.mydomain.com. I need to redirect from https://mydomain.com because for some reason, Google has indexed my website with this url even though it shows a warning. I have tried various methods to get this to redirect and nothing has worked. Any help would be greatly appreciated.

    Read the article

  • Coldfusion on VPS, how much JVM heap memory?

    - by Steven Filipowicz
    Recently I got a VPS server and I'm running Coldfusion, the website was running fine until it got more and more traffic and I started to encounter 'OutOfMemory' exceptions. I thought simply to rise the memory of the VPS server, but this didn't help. After doing some Google searches I found a setting in de CF Admin settings to set the JVM Heap memory. It was on the standard: Max Heap size 512MB and Min Heap size was empty. After playing around a bit I have now set it to Min 50MB and Max 200MB, good things is that I'm not getting the 'OutOfMemory' exceptions anymore. So far so good! But with about 50 active visitors on the website, the website starts to get slow. The CPU usage is only about 8% (Windows Taskmanager), also the taskmanager show only about 30% of the 3GB RAM in use. So I'm thinking that my values could be tweaked to use more of the RAM. Honestly I don't understand these JVM Memory heap settings, so I have no clue what is a good setting for me. I found a CF script that displays the memory usage, the details are: Heap Memory Usage - Committed 194 MB Heap Memory Usage - Initial 50.0 MB Heap Memory Usage - Max 194 MB Heap Memory Usage - Used 163 MB JVM - Free Memory 31.2 MB JVM - Max Memory 194 MB JVM - Total Memory 194 MB JVM - Used Memory 163 MB Memory Pool - Code Cache - Used 13.0 MB Memory Pool - PS Eden Space - Used 6.75 MB Memory Pool - PS Old Gen - Used 155 MB Memory Pool - PS Perm Gen - Used 64.2 MB Memory Pool - PS Survivor Space - Used 1.07 MB Non-Heap Memory Usage - Committed 77.4 MB Non-Heap Memory Usage - Initial 18.3 MB Non-Heap Memory Usage - Max 240 MB Non-Heap Memory Usage - Used 77.2 MB Free Allocated Memory: 30mb Total Memory Allocated: 194mb Max Memory Available to JVM: 194mb % of Free Allocated Memory: 16% % of Available Memory Allocated: 100% My JVM arguments are: -server -Dsun.io.useCanonCaches=false -XX:MaxPermSize=192m -XX:+UseParallelGC - Dcoldfusion.rootDir={application.home}/../ -Dcoldfusion.libPath={application.home}/../lib Can I give the JVM more memory? If so, what settings should I use? Thanks very much!!

    Read the article

  • Group policy waited for the network subsystem

    - by the-wabbit
    In an AD domain with Windows Server 2008 R2 DCs users are complaining about delays in the bootup process of the clients. The group policy log reveals that the client is waiting ~ 20-50 seconds for "the network subsystem": Event 5322, GroupPolicy Group policy waited for 29687 milliseconds for the network subsystem at computer boot. This appears to be domain-specific as machines joining a different domain from the same network do not experience any delays and Event 5322 reports <1000 ms wait times at startup. It happens on virtual and physical machines alike, so it does not look like a hardware- or driver-related issue. Further investigation has shown that the client is taking its time before issuing DHCP requests. In the network traces, I can see IPv6 router solicitations and multicast DNS name registrations as soon as the network driver is loaded and the network connection is reported "up" in the event log (e1cexpress/36). Yet, the DHCPv4 client service seems to take another 15-50 seconds to start (Dhcp-Client/50036), so the IPv4 address remains unconfigured for a while. The DHCP client's messages in the event log are succeeding the service start of the "Sophos Anti-Virus" service (Sophos AV 10.3 package), which I suspect to be the culprit - the DHCP client service dependencies include the TDI Support driver which might be what Sophos is using to intercept network traffic: Network Location Awareness seems to break at startup as a side-effect, I see that off-site DCs are contacted due to what seems like a race condition between the GP client and the DHCP client / NLA service startup. I could set the Group Policy Client service to depend on NLA, yet this still would not eliminate the delay. Also, I am not all that sure that this is a good idea. Is there a known resolution which would eliminate the startup delay?

    Read the article

  • OpenVpn Iptables Error

    - by Mook
    I mean real newbie - linux here.. Please help me configuring my openvpn through iptables. My main goal here is to open port for regular browsing (80, 443), email (110, 25), etc just like isp does but i want to block p2p traffic. So I will need to open only few port. Here are my iptables config # Flush all current rules from iptables # iptables -F iptables -t nat -F iptables -t mangle -F # # Allow SSH connections on tcp port 22 (or whatever port you want to use) # iptables -A INPUT -p tcp --dport 22 -j ACCEPT # # Set default policies for INPUT, FORWARD and OUTPUT chains # iptables -P INPUT DROP #using DROP for INPUT is not always recommended. Change to ACCEPT if you prefer. iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT # # Set access for localhost # iptables -A INPUT -i lo -j ACCEPT # # Accept packets belonging to established and related connections # iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # #Accept connections on 1194 for vpn access from clients #Take note that the rule says "UDP", and ensure that your OpenVPN server.conf says UDP too # iptables -A INPUT -p udp --dport 1194 -j ACCEPT # #Apply forwarding for OpenVPN Tunneling # iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT #10.8.0.0 ? Check your OpenVPN server.conf to be sure iptables -A FORWARD -j REJECT iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to-source 100.200.255.256 #Use your OpenVPN server's real external IP here # #Enable forwarding # echo 1 > /proc/sys/net/ipv4/ip_forward iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 26 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 110 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -L -v But when I connect to my vpn, i can't browsing and also got RTO on pinging yahoo, etc

    Read the article

  • WebDav rename fails on an Apache mod_dav install behind NginX

    - by The Daemons Advocate
    I'm trying to solve a problem with renaming files over WebDav. Our stack consists of a single machine, serving content through Nginx, Varnish and Apache. When you try to rename a file, the operation fails with the stack that we're currently using. To connect to WebDav, a client program must: Connect over https://host:443 to NginX NginX unwraps and forwards the request to a Varnish server on http://localhost:81 Varnish forwards the request to Apache on http://localhost:82, which offers a session via mod_dav Here's an example of a failed rename: $ cadaver https://webdav.domain/ Authentication required for Webdav on server `webdav.domain': Username: user Password: dav:/> cd sandbox dav:/sandbox/> mkdir test Creating `test': succeeded. dav:/sandbox/> ls Listing collection `/sandbox/': succeeded. Coll: test 0 Mar 12 16:00 dav:/sandbox/> move test newtest Moving `/sandbox/test' to `/sandbox/newtest': redirect to http://webdav.domain/sandbox/test/ dav:/sandbox/> ls Listing collection `/sandbox/': succeeded. Coll: test 0 Mar 12 16:00 For more feedback, the WebDrive windows client logged an error 502 (Bad Gateway) and 303 (?) on the rename operation. The extended logs gave this information: Destination URI refers to different scheme or port (https://hostname:443) (want: http://hostname:82). Some other Restrictions: Investigations into NginX's Webdav modules show that it doesn't really fit our needs, and forwarding webdav traffic to Apache isn't an option because we don't want to enable Apache SSL. Are there any ways to trick mod_dav to forward to another host? I'm open to ideas :).

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 158 159 160 161 162 163 164 165 166 167 168 169  | Next Page >