Search Results

Search found 5262 results on 211 pages for 'commands'.

Page 164/211 | < Previous Page | 160 161 162 163 164 165 166 167 168 169 170 171  | Next Page >

• How to set up multiple SSIDs with bandwidth limiting on a single wireless router?

  - by Rahul Narain

  I have an Asus WL-520GU wireless router connected to a cable modem that I use for wireless internet access in my apartment. I would like to set it up so that it provides two SSIDs: one secured and password-protected for my regular use, and a "guest" SSID that's unsecured but throttled to, say, 10% of the available bandwidth. What is the most straightforward way to do this? I've been looking into DD-WRT and Tomato, both of which support my router. DD-WRT supports setting up multiple SSIDs using the GUI, but I don't know if it's possible to limit the bandwidth of each SSID independently; point #12 in this FAQ thread says it's not possible to limit by day or by MAC address, which is discouraging but not conclusive. Tomato allows bandwidth limits in its QoS settings, going by the screenshot here, but multiple SSID support is still experimental and it doesn't look like it will work with the encryption settings or bandwidth limits in the GUI. I'd like to know a good way to do this which gives me the fewest opportunities for screwing up. I'm no stranger to the command line, if that turns out to be what's necessary, but if so, please explain what the commands are doing because I don't have a good mental model of what needs to happen to set this up.

  Read the article

• Server Clustering (Django, Apache, Nginx, Postgres)

  - by system-matrix

  I have a project deployed with django, Apache, Nginx and Postgres. The project has requirement of live data viewable to customers. The projects main points are: 1. Devices in field send data to server(devices are also like website users) after login. 2. There is background import process which imports the uploaded data in postgres. 3. The webusers of the system use this data and can send commands to the devices, which devices read when they login. 4. There are also background analysis routines running on the data. All the above mentioned setup and system is deployed on one amazon EC2 cloud machine. The project currently supports over 600 devices and 400 users. But as the number of devices are increasing with time the performance of the server is going down. We want to extend this project so that it can support more and more devices. My initial thinking is, We will create one more server like current one and divide the devices amongst these to servers. But Again We need a central user and device managment point though django admin. Any Ideas? What are the best possible ways to create a scalable architecture? How can I create a Postgres Cluster and Use it with Django, if possible?

  Read the article

• conflicting info about the running kernel version in FreeBSD

  - by John

  I asked a related question about uname before, now want to ask from another angle because the following simple yet obvious conflicting outputs may mean there is something many people did not think of (me included). I'm running FreeBSD 9 RELEASE, please see the following commands: # sysctl kern.bootfile kern.bootfile: /boot/kernel/kernel # strings /boot/kernel/kernel |grep RELEASE|grep 9 @(#)FreeBSD 9.2-RELEASE-p7 #0: Tue Jun 3 11:05:13 UTC 2014 FreeBSD 9.2-RELEASE-p7 #0: Tue Jun 3 11:05:13 UTC 2014 9.2-RELEASE-p7 The above kernel file suggests the running kernel is 9.2-RELEASE-p7. But... # dmesg Copyright (c) 1992-2012 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 ... # uname -a FreeBSD localhost.localdomain 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243825: Tue Dec 4 09:23:10 UTC 2012 [email protected]:/usr/obj/usr/src/sys/GENERIC amd64 So dmesg and uname says it's 9.1-RELEASE. I also did an extensive find / -type f -exec grep -l "9.1-RELEASE" {} \; but found no possible kernel file that contains 9.1-RELEASE. What could lead to the above conflict, and what kernel I am actually running? Please note I run RELEASE and ran freebsd-update to do binary update, so no compiled kernel is involved. And I have rebooted multiple times after freebsd-update. And the system is not in jail etc, just the only system on that computer.

  Read the article

• How can I switch from a custom linux network namespace back to the default one?

  - by Martin

  With ip netns exec you can execute a command in a custom network namespace - but is there also a way to execute a command in the default namespace? For example, after executing these two commands: sudo ip netns add test_ns sudo ip netns exec test_ns bash How can the newly created bash execute programs in the default network namespace? There is no ip netns exec default or anything similar as far as I've found. My scenario is: I want to run a SSH server in a separate network namespace (to keep the rest of the system unaware of the network connection, as the system is used for network testing), but want to be able to execute programs in the default network namespace via the SSH connection. What I've found out so far: Created network namespaces are listed as files under /var/run/netns (but there is no file for the default namespace) The ip netns exec code can be found here: http://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/tree/ip/ipnetns.c#n132 - I haven't grasped everything that it is doing yet, but it doesn't look very promising. ip netns identify $$ as suggested by Howto query and change network namespace on linux? returns nothing when in the default network namespace

  Read the article

• TC hashing filters - single rule deletion

  - by exa

  For traffic shaping I'm currently using a setup that looks exactly like the setup from LARTC, on this page: http://lartc.org/howto/lartc.adv-filter.hashing.html I have a simple problem with that - everytime I want to modify something in the hash table (like assign a IP to different flowid), I need to delete the whole filter table and add it again filter by filter. (I actually don't do it by hand, I have a nice program that does it for me... but still...) There is a problem - I got roughly 10k filters allocated this way and deleting and refilling the whole filtertable can get pretty lengthy, which is not exactly good for traffic shaping. My program could easily manage to delete only the rules that need to be deleted (thus reducing the whole problem to several commands and miliseconds), but I simply don't know the command that deletes only the one hashing rule. My tc filter show: filter parent 1: protocol ip pref 1 u32 filter parent 1: protocol ip pref 1 u32 fh 2: ht divisor 256 filter parent 1: protocol ip pref 1 u32 fh 2:a:800 order 2048 key ht 2 bkt a flowid 1:101 match 0a0a0a0a/ffffffff at 16 filter parent 1: protocol ip pref 1 u32 fh 2:c:800 order 2048 key ht 2 bkt c flowid 1:102 match 0a0a0a0c/ffffffff at 16 filter parent 1: protocol ip pref 1 u32 fh 800: ht divisor 1 filter parent 1: protocol ip pref 1 u32 fh 800::800 order 2048 key ht 800 bkt 0 link 2: match 00000000/00000000 at 16 hash mask 000000ff at 16 The wish: 'tc filter del ...' command that removes only one specific filter (for example the 0a0a0a0a IP match (IP address 10.10.10.10)). Removal of some small subgroup would also be good - for example I could still recreate a bucket (bkt a) pretty fast. My attempts: I tried to number all the filters using prio, but with no help -- they just create something unusuable (but deletable) below, but the bucketed filters remain there after that gets deleted. Any ideas? edit - I'm adding a simplified tl;dr description of the problem: I created hash filter on some interfce just like in this http://lartc.org/howto/lartc.adv-filter.hashing.html I want to find a command that deletes one rule (e.g. 1.2.1.123) from the table, leaving the rest untouched and working.

  Read the article

• SSH Interactive mode not working

  - by Ekin Koc

  I have a Debian based linux server running for a year or so, without any problems. A couple of days ago, ssh interactive mode stopped working for no reason. I mean, I can open an ssh connection just fine, the server greets me with shell but I just can't type anything. However, if I send commands like this: ssh [email protected] cat /var/log/messages, I get the response. I dug through several logs and found one message, which feels remotely relevant to the problem; sh kernel: [10222733.062511] ------------[ cut here ]------------ sh kernel: [10222733.062522] WARNING: at /build/buildd-linux-2.6_2.6.32-39-amd64-7yVIH2/linux-2.6-2.6.32/debian/build/source_amd64_none/drivers/char/tty_ldisc.c:738 tty_ldisc_reinit+0x46/0x7b() sh kernel: [10222733.062526] Hardware name: PowerEdge R210 II sh kernel: [10222733.062528] Modules linked in: ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 ip_tables x_tables sha1_generic arc4 ecb ppp_mppe ppp_async crc_ccitt ppp_generic slhc loop snd_pcm snd_timer snd soundcore snd_page_alloc i2c_i801 i2c_core pcspkr evdev joydev dcdbas container button processor ext3 jbd mbcache sg sd_mod sr_mod crc_t10dif cdrom usb_storage usbhid hid mpt2sas ahci ehci_hcd libata scsi_transport_sas usbcore bnx2 nls_base scsi_mod fan thermal thermal_sys [last unloaded: scsi_wait_scan] sh kernel: [10222733.062568] Pid: 8662, comm: sshd Not tainted 2.6.32-5-amd64 #1 sh kernel: [10222733.062569] Call Trace: sh kernel: [10222733.062572] [<ffffffff811ff056>] ? tty_ldisc_reinit+0x46/0x7b sh kernel: [10222733.062574] [<ffffffff811ff056>] ? tty_ldisc_reinit+0x46/0x7b Is there any way to get back the sshd working in interactive mode? I tried restarting sshd but that is no help. And somehow, I can not reboot the server. Tried sending shutdown -r now and reboot but it refuses to go down. Should I go ahead and request a physical reboot?

  Read the article

• How to create a init.d script for openssh-server which was compiled and installed from source using configure + make + make install?

  - by Patrick L

  I have installed openssh-server in my Ubuntu PC using apt-get install openssh-server. The version is 5.9. Now, I would like to compile and install openssh-server version 6.2 from source codes. I have successfully downloaded the source codes, and run the following commands: ./configure make make install I found that the new version of openssh-server was installed into /usr/local/sbin/. The old version of openssh-server is in /usr/sbin/. I found that the service script in /etc/init.d/ssh is still pointing to /usr/sbin/. And the old openssh-server (v5.9) is still running. How can I replace the old openssh-server with the new openssh-server that I have just compiled and installed? How can I create a init.d script to start and stop the new openssh-server that I've compiled from source manually? How to start the new openssh-server on boot? When I install openssh-server using apt-get install, the config files will be installed into /etc/ssh/. If I compile and install it from source, where is the config file? If I compiled openssh-server from source, but I install openssh-client package using apt-get install, will there be any config files conflict? Thanks.

  Read the article

• git : The remote end hung up unexpectedly - too many simultaneous users?

  - by Pritam Barhate

  I asked this first on StackOverflow and I was suggested that I should ask it here: We have a self hosted git server (Gitolite) on a VPS account (CPU:2.68GHz RAM:1824MB). This same VPS is also used to publish our underdevelopment web apps for client demos. (Very little traffic). so the main use of the server is as a Git Server Only. This git server is accessed by a team of 30-40 people for various projects. Our problem is that during the day when 6-7 people are trying to access the server (sometimes same repo) we get frequent error message: ssh: connect to host xxx.xxx.xx.xx port 22: Bad file number fatal: The remote end hung up unexpectedly After trying for 10-15 minutes it generally succeeds. During early mornings and late nights when there are only 1-2 people, git commands work with 100% success rate. Also I would like to note that if I access the other file hosted on the server through HTTP it works fine. I found a couple of questions on StackOverflow and on other sites regarding this. But most of the people point towards SSH key set up or conflicts between Msysgit and Cygns SSH. However I don't think this is the problem in our case as we get this behavior on Windows (using msysgit only) as well as Mac Machines. Also if it was SSH configuration issue then it shouldn't work at all. But in our case it works after 10-15 minutes. I think in our case it might be too many simultaneous connections to same server (or same repo) or something like that. Does there exists a setting or a conf file that needs to modified to solve this problem? Please help me solve this problem or point me in the right direction. Thanks in advance. Pritam.

  Read the article

• Win7 - Opening "Programs and Features" as Admin from command line (logged in as regular user)

  - by user1741264

  We have Win7 machines on a domain that we'd like to open the "Programs and Features" control applet via the command line while a regular user is logged in. Heres the catch: I know how to do this using runas from command line BUT after "Programs and Features" opens, I dont truly have the ability to remove a program. I am told that I need to be an Admin to do so. Here are the commands I have tried: runas /user:%computername%\administrator cmd.exe then in the new cmd window running: control appwiz.cpl runas /user:%companydomain%\%domainadminacct% cmd.exe then in the new cmd window running: control appwiz.cpl runas /user:%computername%\administrator cmd.exe then in the new cmd window running: rundll32.exe shell32.dll,Control_RunDLL appwiz.cpl runas /user:%companydomain%\%domainadminacct% cmd.exe then in the new cmd window running: rundll32.exe shell32.dll,Control_RunDLL appwiz.cpl I have also tried all of the above as one long line of code instead of launching a cmd.exe as Admin As you can see, I have tried running the command using both a local admin account (Administrator) AND a domain admin account. I have alos tried launching the runas command as one long command (opening the "programs and features") AND 1st launching a cmd.exe with admin rights and THEN launching the "Prgrams and Features" window. The result is the same: The "Programs and Features" windows opens but when I try to perform an uninstall, I am told I need Admin rights. Thus I am lead to believe that this instance of "Programs and Features" is not truly being run as an admin I am trying to avoid logging the regular user out. I am also aware that every program has its own uninstaller, I do not want to uninstall that way. I want to use the uninstaller in "Programs and Features". Any help is appreciated.

  Read the article

• How to test a HTTPS URL with a given IP address

  - by GreatFire

  Let's say a website is load-balanced between several servers. I want to run a command to test whether it's working, such as curl DOMAIN.TLD. So, to isolate each IP address, I specify the IP manually. But many websites may be hosted on the server, so I still provide a host header, like this: curl IP_ADDRESS -H 'Host: DOMAIN.TLD'. In my understanding, these two commands create the exact same HTTP request. The only difference is that in the latter one I take out the DNS lookup part from cURL and do this manually (please correct me if I'm wrong). All well so far. But now I want to do the same for an HTTPS url. Again, I could test it like this curl https://DOMAIN.TLD. But I want to specify the IP manually, so I run curl https://IP_ADDRESS -H 'Host: DOMAIN.TLD'. Now I get a cURL error: curl: (51) SSL: certificate subject name 'DOMAIN.TLD' does not match target host name 'IP_ADDRESS'. I can of course get around this by telling cURL not to care about the certificate (the "-k" option) but it's not ideal. Is there a way to isolate the IP address being connected to from the host being certified by SSL?

  Read the article

• Default IPv6 route on debian squeeze does not come up after boot

  - by Georg Bretschneider

  I have a problem with my default IPv6 route not coming up after boot on a Debian Squeeze system. This is my config (/etc/network/interfaces): # Loopback device: auto lo iface lo inet loopback iface lo inet6 loopback # device: br0 auto br0 iface br0 inet static bridge_ports eth0 bridge_fd 0 address 88.198.62.xx broadcast 88.198.62.63 netmask 255.255.255.224 gateway 88.198.62.33 up route add -net 88.198.62.32 netmask 255.255.255.224 gw 88.198.62.33 br0 iface br0 inet6 static address 2a01:4f8:131:10x::2 netmask 64 gateway 2a01:4f8:131:100::1 up route -A inet6 add 2a01:4f8:131:100::1/59 dev br0 My inet comes up alright, but I have to exec the route command manually after boot to make IPv6 work. Otherwise I can't even reach my gateway. This is the output of ip -6 route show after boot: 2a01:4f8:131:10x::/64 dev br0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 unreachable fe80::/64 dev lo proto kernel metric 256 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 fe80::/64 dev br0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 fe80::/64 dev eth0 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 I already tried it with: up ip -6 route add 2a01:4f8:131:100::1 dev br0 up ip -6 route add default via 2a01:4f8:131:100::1 dev br0 in /etc/network/interfaces, but with the same results. If I execute those commands manually on my shell, everything starts working nicely. And yes, I tried with post-up instead of up, too. Only other changes I made was to activate ip forwarding for IPv6, because I want to run some LXC containers on that system.

  Read the article

• Using VMware Guest OS to enable Host OS to ssh to remote network

  - by Reuben L.

  Basically I have an issue because my host OS is 64-bit Linux Mint (Ubuntu derived) and it doesn't seem to be compatible with the Juniper Network Connect that is used by the network at my workplace. Thus, I am unable to ssh from terminal to the network. I can't make changes to the workplace network either so that leaves me with looking for solutions on my end. The main reason for me to access the network from home is to check on my running processes or to issue more commands to a few workstations. Putty is the desperate choice I usually make but it means I have to reboot to Windows and also have limited control. I've tried several other methods and they have all failed. Recently, I setup a VM with Windows 7 as the guest OS. Now half my problems are fixed as I don't have to physically reboot the system - I just have to engage Juniper Network Connect on the VM. However, I would still like to use my Linux terminal to ssh to the network. It sounds plausible that I could somehow manipulate ports to connect to the remote network from the host OS tunneled through the guest OS, but I really have no clue how to do so... Can anyone help?

  Read the article

• Sudden problems with iptables not running

  - by Fourjays

  I've got a sudden issue with iptables not running on my CentOS 5.8/DirectAdmin XenVPS. All I have done today is install PHP APC and run an update (although I admittedly didn't pay much attention today - I usually do). Iptables has been running fairly smoothly since I installed it over 6 months ago. Basically when I try to run iptables -L it tells me: iptables v1.3.5: can't initialize iptables table `filter': iptables who? (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. I've looked around and tried a few things and it appears that maybe my kernel doesn't have the modules loaded? I've been reading this and tried the two commands they suggest to no avail. Except there does appear to be a mismatch on one bit of output: -bash-3.2# cd /lib/modules -bash-3.2# ls 2.6.18-194.32.1.el5xen 2.6.18-238.5.1.el5xen 2.6.18-274.7.1.el5xen 2.6.39.1-cs-domU 2.6.18-238.12.1.el5xen 2.6.18-238.9.1.el5xen 2.6.37.2-cs-domU 3.0.1-cs-domU -bash-3.2# depmod -a WARNING: Couldn't open directory /lib/modules/2.6.18-274.18.1.el5xen: No such file or directory FATAL: Could not open /lib/modules/2.6.18-274.18.1.el5xen/modules.dep.temp for writing: No such file or directory Does this mean the versions are out of sync? If so, what are my next steps to getting this fixed? As you can probably tell I am still learning how to manage my server so please be very clear in all advice. Many thanks :)

  Read the article

• Ubuntu Natty 11.04, Turning the wireless switch off; switches it off permanently!

  - by ZiGi

  i'm using an hp pavilion dv2000 i turned the wifi switch off by mistake, the LED turned orange and the wifi got disconnected. and now when i turn the switch on, it remains orange and the wifi still isn't functional. this happened before; i found a fix that worked searching google. it was done via terminal commands and i didn't have to download anything but i can't find the solution anymore! wlan0 shows up when i use: :~$iwconfig #BLA BLA BLA #... wlan0 IEEE 802.11abg ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=off Retry long limit:7 RTS thr:off Fragment thr:off Power Management:off more results: :~$ sudo ifconfig wlan0 up SIOCSIFFLAGS: Operation not possible due to RF-kill :~$ rfkill list all 1: phy0: WirelessLAN Soft blocked: yes Hard blocked: yes :~$ sudo rfkill unblock all :~$ rfkill list all 1: phy0: WirelessLAN Soft blocked: no Hard blocked: yes :~$ sudo ifconfig wlan0 up SIOCSIFFLAGS: Operation not possible due to RF-kill it's still hard blocked! even though the switch is turned on; gives the same result eitherways a direction to a page with a working solution is a much appreciated answer!

  Read the article

• HTC Diamond Touch sync problem

  - by Anders

  I have a HTC Diamond Touch with all my contacts etc. on it. Did however not use it for 6mo while being abroad. When I start the phone now I realize that the touch screen has stopped working. I have tried restarting, soft resetting, shutting it off etc but the touch just wont follow commands. However, I can manage the phone by buttons so it's not frozen. Hence I can get into the phone and watch contacts but not use it to call etc. The problem is, how do I get my 300 contacts out of the thing!? When I'm plugging in the phone, it lets me choose between "Sync with Outlook" and "Use as storage device". It automatically selects "Use as storage device". Now, I cannot choose to sync it with the buttons. I can not change this option afterwards either. In short, I have a phone with all of my contact data and am completely unable to get that out of it. Any tips/help/suggestions? If possible, preferably one that does not including sending the phone to a hardware workshop for three weeks in order to get it fixed:)

  Read the article

• Changing PATH Environment Variable for all Users. (Ubuntu)

  - by Wally Glutton

  I recently compiled Ruby Enterprise Edition (REE) on an Ubuntu 8.04 server. I would like to update my PATH to ensure this new version of Ruby (found in /opt/ruby_ee/bin) supersedes the older version in /usr/local/bin. (I still want the old version around, though.) I would like these PATH changes to affect all users and crontabs. Attempted Solution #1: The REE documentation recommends placing the REE bin folder at the beginning of the global PATH in /etc/environment. I altered the PATH in this file to read: PATH="/opt/ruby_ee/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games" This did not affect my PATH at all. Attempted Solution #2: Next I followed these instructions and updated the PATH setting in /etc/login.defs and /etc/crontab. (I did not change /etc/sudoers.) This didn't affect my PATH either, even after logging out and rebooting the server. Other information: I seem to be having the same problem described here. I'm testing using the commands "echo $PATH" and "ruby -v". My shell is bash. My .bashrc doesn't override my PATH. Yes, I have heard of the Ruby Version Manager project. ;)

  Read the article

• How to migrate Fedora DS (389 DS) to a new machine?

  - by zengr

  Hello, I am trying to migrate a Fedora DS (1.2.2) to a new server (1.2.7.5). The process has been painful to say the least. The old server (1.2.2) was also an upgrade from an old fedora DS setup, so it does not contain migrate-ds-admin.pl. I found this question, but the URL does not open. I am aware that I need to use migrate-ds-admin.pl, but I am clueless. How do I use it? I assume this works like this: 1. Copy migrate-ds-admin.pl from server which has 1.2.7 to 1.2.2 2. Run migrate-ds-admin.pl to export the schema+ldif from 1.2.2 3. Import the schema+ldif to 1.2.7 using migrate-ds-admin.pl. If the above is true, then what parameters are need for export and import? Note: ./ldif2db -n NetscapeRoot -i /root/NetscapeRoot.ldif ./ldif2db -n userRoot -i /root/userRoot.ldif The above two commands work like a charm, but since the schema (custom schema) is not migrated, I see alot of errors during import.

  Read the article

• Mac Mavericks, ngircd localhost works, private IP doesn't

  - by user221945

  I have configured ngircd to listen on my private ip address. It doesn't. Localhost works fine. Configuration test: ngIRCd 21-IDENT+IPv6+IRCPLUS+SSL+SYSLOG+TCPWRAP+ZLIB-x86_64/apple/darwin13.2.0 Copyright (c)2001-2013 Alexander Barton () and Contributors. Homepage: http://ngircd.barton.de/ This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Reading configuration from "/opt/local/etc/ngircd.conf" ... OK, press enter to see a dump of your server configuration ... [GLOBAL] Name = irc.bellbookandpistol.com AdminInfo1 = Jaedreth AdminInfo2 = San Diego County CA, US AdminEMail = [email protected] HelpFile = /opt/local/share/doc/ngircd/Commands.txt Info = Server Info Text Listen = 10.0.1.5,127.0.0.1 MotdFile = MotdPhrase = "Welcome to irc.bellbookandpistol.com" Password = PidFile = Ports = 6667 ServerGID = wheel ServerUID = root [LIMITS] ConnectRetry = 60 IdleTimeout = 0 MaxConnections = 0 MaxConnectionsIP = 6 MaxJoins = -1 MaxNickLength = 9 MaxListSize = 0 PingTimeout = 120 PongTimeout = 20 [OPTIONS] AllowedChannelTypes = #&+ AllowRemoteOper = no ChrootDir = CloakHost = CloakHostModeX = CloakHostSalt = kBih5mu\kVI!DC6eifT(hd4m/0'zb/=: CloakUserToNick = no ConnectIPv4 = yes ConnectIPv6 = no DefaultUserModes = DNS = yes IncludeDir = /opt/local/etc/ngircd.conf.d MorePrivacy = no NoticeAuth = no OperCanUseMode = no OperChanPAutoOp = yes OperServerMode = no RequireAuthPing = no ScrubCTCP = no SyslogFacility = local5 WebircPassword = [SSL] CertFile = CipherList = HIGH:!aNULL:@STRENGTH DHFile = KeyFile = KeyFilePassword = Ports = [OPERATOR] Name = [REDACTED] Password = [REDACTED] Mask = [CHANNEL] Name = #BBP Modes = tnk Key = MaxUsers = 0 Topic = Welcome to the Bell, Book and Pistol IRC Server! KeyFile = As you can see, it should be listening on 10.0.1.5, but it isn't. After turning on Apache manually, port 80 works on 10.0.1.5, but port 6667 doesn't. It only works on localhost. Is there some terminal command I could use or some config file I could edit to get this to work?

  Read the article

• Packets being dropped by iptables

  - by Shadyabhi

  I am trying to create a Software Access Point in linux. I followed the blog here. Steps I performed: Started dhcp server on wlan0. Properly configured hostapd.conf Enabled packet forwarding & masquerading. Two commands executed regarding iptables: iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE iptables --append FORWARD --in-interface wlan0 -j ACCEPT I enabled logging on iptables & I get this in everything.log Jun 29 19:42:03 MBP-archlinux kernel: [10480.180356] IN=eth0 OUT=wlan0 MAC=c8:bc:c8:9b:c4:3c:00:13:80:40:cd:80:08:00 SRC=195.143.92.150 DST=10.0.0.3 LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=38025 PROTO=TCP SPT=80 DPT=53570 WINDOW=46185 RES=0x00 ACK URGP=0 Jun 29 19:42:03 MBP-archlinux kernel: [10480.389102] IN=eth0 OUT=wlan0 MAC=c8:bc:c8:9b:c4:3c:00:13:80:40:cd:80:08:00 SRC=195.143.92.150 DST=10.0.0.3 LEN=308 TOS=0x00 PREC=0x00 TTL=52 ID=14732 PROTO=TCP SPT=80 DPT=53570 WINDOW=46185 RES=0x00 ACK PSH URGP=0 Jun 29 19:42:03 MBP-archlinux kernel: [10480.389710] IN=eth0 OUT=wlan0 MAC=c8:bc:c8:9b:c4:3c:00:13:80:40:cd:80:08:00 SRC=195.143.92.150 DST=10.0.0.3 LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=14988 PROTO=TCP SPT=80 DPT=53570 WINDOW=46185 RES=0x00 ACK FIN URGP=0 Jun 29 19:42:03 MBP-archlinux kernel: [10480.621118] IN=eth0 OUT=wlan0 MAC=c8:bc:c8:9b:c4:3c:00:13:80:40:cd:80:08:00 SRC=195.143.92.150 DST=10.0.0.3 LEN=44 TOS=0x00 PREC=0x00 TTL=52 ID=63378 PROTO=TCP SPT=80 DPT=53570 WINDOW=46185 RES=0x00 ACK FIN URGP=0 I have almost no knowledge of iptables, all I did was through googling. So, can anyone help me in making me understand what wrong is happening here? I have tried running tcpdump on wlan0 & http packets are being sent from wlan0.

  Read the article

• Laptop authentication/logon via accelometer tilt, flip, and twist

  - by wonsungi

  Looking for another application/technology: A number of years ago, I read about a novel way to authenticate and log on to a laptop. The user simply had to hold the laptop in the air and execute a simple series of tilts and flips to the laptop. By logging accelerometer data, this creates a unique signature for the user. Even if an attacker watched and repeated the exact same motions, the attacker could not replicate the user's movements closely enough. I am looking for information about this technology again, but I can't find anything. It may have been an actual feature on a laptop, or it may have just been a research project. I think I read about it in a magazine like Wired. Does anyone have more information about authentication via unique accelerometer signatures? Here are the closest articles I have been able to find: Knock-based commands for your Linux laptop Shake Well Before Use: Authentication Based on Accelerometer Data[PDF] Inferring Identity using Accelerometers in Television Remote Controls User Evaluation of Lightweight User Authentication with a Single Tri-Axis Accelerometer Identifying Users of Portable Devices from Gait Pattern with Accelerometers[PDF] 3D Signature Biometrics Using Curvature Moments[PDF] MoViSign: A novel authentication mechanism using mobile virtual signatures

  Read the article

• iptables to block VPN-traffic if not through tun0

  - by dacrow

  I have a dedicated Webserver running Debian 6 and some Apache, Tomcat, Asterisk and Mail-stuff. Now we needed to add VPN support for a special program. We installed OpenVPN and registered with a VPN provider. The connection works well and we have a virtual tun0 interface for tunneling. To archive the goal for only tunneling a single program through VPN, we start the program with sudo -u username -g groupname command and added a iptables rule to mark all traffic coming from groupname iptables -t mangle -A OUTPUT -m owner --gid-owner groupname -j MARK --set-mark 42 Afterwards we tell iptables to to some SNAT and tell ip route to use special routing table for marked traffic packets. Problem: if the VPN failes, there is a chance that the special to-be-tunneled program communicates over the normal eth0 interface. Desired solution: All marked traffic should not be allowed to go directly through eth0, it has to go through tun0 first. I tried the following commands which didn't work: iptables -A OUTPUT -m owner --gid-owner groupname ! -o tun0 -j REJECT iptables -A OUTPUT -m owner --gid-owner groupname -o eth0 -j REJECT It might be the problem, that the above iptable-rules didn't work due to the fact, that the packets are first marked, then put into tun0 and then transmitted by eth0 while they are still marked.. I don't know how to de-mark them after in tun0 or to tell iptables, that all marked packet may pass eth0, if they where in tun0 before or if they going to the gateway of my VPN provider. Does someone has any idea to a solution? Some config infos: iptables -nL -v --line-numbers -t mangle Chain OUTPUT (policy ACCEPT 11M packets, 9798M bytes) num pkts bytes target prot opt in out source destination 1 591K 50M MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 MARK set 0x2a 2 82812 6938K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 CONNMARK save iptables -nL -v --line-numbers -t nat Chain POSTROUTING (policy ACCEPT 393 packets, 23908 bytes) num pkts bytes target prot opt in out source destination 1 15 1052 SNAT all -- * tun0 0.0.0.0/0 0.0.0.0/0 mark match 0x2a to:VPN_IP ip rule add from all fwmark 42 lookup 42 ip route show table 42 default via VPN_IP dev tun0

  Read the article

• TLS_REQCERT and PHP with LDAPS

  - by John

  Problem: Secure LDAP queries via command-line and PHP to an AD domain controller with a self-signed certificate. Background: I am working on a project where I need to enable LDAP look-ups from a PHP web application to a MS AD domain controller that is using a self-signed certificate. This self-signed certificate is also using a domain name that is not a FQDN - think of something like people.campus as the domain name. The web application would take the user's credentials and pass them on to the AD domain controller to verify if the credntials are a match or not. This seems simple, but I am having problems trying to get PHP and the self-signed certificate to work. Some people have suggested that I changed the TLS_REQCERT variable from "request" to "never" within the OpenLDAP configuration. I am concerned that this might have larger implications such as a man-in-the-middle attack and I am not comfortable changing this setting to never. I have also read some places online where one can take a certificate and place it as a trusted source within the openldap configuration file. I am curious if that is something that I could do for the situation that I have? Can I, from the command line, obtain the self-signed certificate that the AD domain controller is using, save it to a file, and then have openldap use that file for the trust that it needs so that I do not need to adjust the variable from request to never? I do not have access to the AD domain controller and as a result cannot export the certificate. If there is a way to obtain the certificate from the command line, what commands do I need to use? Is there an alternate method of handling this issue that would be better in the long run? I have some CentOS servers and some Ubuntu servers that I am working with to try and get this going on. Thanks in advance for your help and ideas.

  Read the article

• Broken Python installation on CentOS 5.8

  - by Beckett

  I already searched for solution to my problem via Google and stackoverflow's search facility, but haven't found anything related specifically to it. Here's the problem: I needed python 2.7.3 on CentOS 5.8 machine which has only python 2.4.3 preinstalled. Also neither there's the suitable version in it's repositories nor I can upgrade installed version. That's why I decided to build python from source code. But I've made a mistake: instead of make altinstall I did make install thus changing default version of the current installation. It was before I found this article - How to install Python 2.7.3 on CentOS 6.2 . I guess 5.8 and 6.2 versions aren't different to the extent this article is inapplicable. After installation of new python version I installed pip, but once I tried to invoke it, I got "No module named pkg_resources" error. In order to solve this issue I installed setuptools from repository. But it had only led to another error: "Distribution Not Found". My final step was to follow the guide I posted the link to, but I was unable to perform last step: easy_install-2.7 virtualenv command threw "-bash: /usr/local/bin/easy_install-2.7: .: bad interpreter: Permission denied" error. Now when I try to invoke pip or pip-2.7 both commands raise the same error with different names of binaries after "-bash:". Is there any way to fix this problem, so I could install new python version (2.7.3) alongside with the preinstalled one (2.4.3) according to the guide? Any help will be appreciated. P.S.: yum is working fine, although it needs python to function, so I hope the damage I unknowingly caused isn't very severe. Also I'm not a native English speaker, so I apologize for possible occasional grammatical and/or spelling errors.

  Read the article

• Help, my CentOS servers keep going down , No route to host after a random uptime

  - by user249071

  Hello , I have a couple of Centos linux servers, that have a very simple task, they run nginx + fastcgi for php , and some NFS mounts between them, readonly They have some RPC commands to start some downloading processes with wget, nothing fancy , from a main server, but their behavior is very unstable, they simply go down, we tried to monitor ram , processor usage, even network connections, they don't load up so much, max network connections up to... 250 max, 15% processor usage and memory , well, doesn't even fill up, 2.5GB from 8GB max , I have no ideea why can a linux server go down like that, they aren't even public servers, no domain names installed no public serving, for sites. The only thing that I've discovered was that if i didn't restart the network service every couple of hours or so... the servers were becoming very slow, starting apps very slow, but not repoting a high usage of resources...Maybe Centos doesn't free the timeout connections, or something like that...It's based on Red Hat right? I'm not a linux expert , but I'm sure that there are a few guys out there that can easily have an answer to this , or even have some leads to what i can do ... I haven't installed snort, or other things to view if we have some DOS attacks, still the scheduled script that restarts the network each hour should put the system back online, and it doesn't.... Thank you in advance

  Read the article

• Rebuilding LVM after RAID recovery

  - by Xiong Chiamiov

  I have 4 disks RAID-5ed to create md0, and another 4 disks RAID-5ed to create md1. These are then combined via LVM to create one partition. There was a power outage while I was gone, and when I got back, it looked like one of the disks in md1 was out of sync - mdadm kept claiming that it only could find 3 of the 4 drives. The only thing I could do to get anything to happen was to use mdadm --create on those four disks, then let it rebuild the array. This seemed like a bad idea to me, but none of the stuff I had was critical (although it'd take a while to get it all back), and a thread somewhere claimed that this would fix things. If this trashed all of my data, then I suppose you can stop reading and just tell me that. After waiting four hours for the array to rebuild, md1 looked fine (I guess), but the lvm was complaining about not being able to find a device with the correct UUID, presumably because md1 changed UUIDs. I used the pvcreate and vgcfgrestore commands as documented here. Attempting to run an lvchange -a y on it, however, gives me a resume ioctl failed message. Is there any hope for me to recover my data, or have I completely mucked it up?

  Read the article

< Previous Page | 160 161 162 163 164 165 166 167 168 169 170 171  | Next Page >