Search Results

Search found 17958 results on 719 pages for 'local delivery'.

Page 206/719 | < Previous Page | 202 203 204 205 206 207 208 209 210 211 212 213  | Next Page >

• Deprioritize BitTorrent traffic

  - by Steven Xu

  I'm sure the question has been asked before, but I can't seem to find it for myself; my Google-fu eludes me. My router, the Linksys E2000, does a decent job at being reasonable about prioritizing some sorts of traffic above BitTorrent traffic (there isn't too much interruption to port 80, 443, or 22 traffic, the ones I use most often). But other ports get pummeled. For instance, 3000 (which I use for local Rails testing) becomes almost entirely non-functioning. Xbox Live traffic (not sure about the ports, but they are in the 1000 range) doesn't do well either. So I'm wondering how to ensure that XBL and local Rails testing maintain strong service while BitTorrent is going. Is it enough that I turn up the QoS on their associated ports to high? It doesn't seem to be as effective as when BitTorrent isn't running at all (I don't know if there's a way to deprioritize BitTorrent traffic).

  Read the article

• Cisco ASA 5505 (8.05): asymmetrical group-policy filter on an L2L IPSec tunnel

  - by gravyface

  I'm trying to find a way to setup a bi-directional L2L IPSec tunnel, but with differing group-policy filter ACLs for both sides. I have the following filter ACL setup, applied, and working on my tunnel-group: access-list ACME_FILTER extended permit tcp host 10.0.0.254 host 192.168.0.20 eq 22 access-list ACME_FILTER extended permit icmp host 10.0.0.254 host 192.168.0.20 According to the docs, VPN filters are bi-directional, you always specify the remote host first (10.0.0.254), followed by the local host and (optionally) port number, as per the documentation. However, I do not want the remote host to be able to access my local host's TCP port 22 (SSH) because there's no requirement to do so -- there's only a requirement for my host to access the remote host's SFTP server, not vice-versa. But since these filter ACLs are bidirectional, line 1 is also permitting the remote host to access my host's SSH Server. The documentation I'm reading doesn't seem to clear to me if this is possible; help/clarification much appreciated.

  Read the article

• Sharepoint site settings add on ssl port number?

  - by Mike

  WSS 3.0 IIS6/WinSever2003 CAG We have several WSS sites on a SharePoint WSS box that talk to the outside, all of which are SSL enabled. So you get a CAG(Citrix Access Gateway) to translate the 443 port to the local ssl port on the server. Everything is set up and works fine until you get into the Site Settings and start rooting around, it seems like a very unstable link library. Links will try to use the local ssl port number instead of the 443 standard; it will try to skip the step. Is that the site? Any ideas on how to fix it?

  Read the article

• How to associate all file types within Wine with its corresponding native application?

  - by MestreLion

  This is easily done for a single file type, as answered in How to associate a file type within Wine with a native application?, by creating a .reg for the desired filetype. But this is for AVI only. I use some wine apps (uTorrent, Soulseek, Eudora, to name a few) that can launch a wide range of files. Email attachments, for example, can be JPG, DOC, PDF, PPS... its impossible (and not desirable) to track down all possible file types that one may receive in an email or download in a torrent. So I neeed a solution to be more generic and broad. I need the file association to honor whatever native app is currently configured. And I want this to be done for all file types configured in my system. I've already figured out how to make the solution generic. Simply replacing the launched app in .reg for winebrowser, like this: [HKEY_CLASSES_ROOT\.pdf] @="PDFfile" "Content Type"="application/pdf" [HKEY_CLASSES_ROOT\PDFfile\Shell\Open\command] @="C:\\windows\\system32\\winebrowser.exe \"%1\"" Ive tested this and it works correctly. Since winebrowser uses xdg-open as a backend, and converts my windows path to a Unix one, the correct (Linux) app is launched. So I need a "batch" updater to wine's registry, sort of a wine-update-associations script that I can run whenever a new app is installed. Maybe a tool that can: List all Mime Types types in my system that have a default, installed app associated Extract all the needed info (glob, mime type, etc) Generate the .REG file in the above format The tricky part is: i've searched a LOT to find info about how association is done in Ubuntu 10.10 onwards, and documentation is scarce and confusing, to say the least. Freedesktop.org has no complete spec, and even Gnome docs are obsolete. So far I've gathered 4 files that contain association info, but im clueless on which (or why) to use, or how to use them to generate the .reg file: ~/.local/share/applications/mimeapps.list ~/.local/share/applications/miminfo.cache /usr/share/applications/miminfo.cache /etc/gnome/defaults.list Any help, script or explanation would be greatly appreciated! Thanks!

  Read the article

• How to troubleshoot a remote wmi query/access failure?

  - by Roman

  I'm using Powershell to query a remote computer in a domain for a wmi object, eg: "gwmi -computer test -class win32_bios". I get this error message: Value does not fall within the expected range Executing the query local under the same user works fine. It seems to happen on both windows 2003 and also 2008 systems. The user that runs the shell has admin rights on the local and remote server. I checked wmi and dcom permissions as far as I know how to do this, they seem to be the same on a server where it works, and another where it does not. I think it is not a network issue, all ports are open that are needed, and it also happens within the same subnet. When sniffing the traffic we see the following errors: RPC: c/o Alter Cont Resp: Call=0x2 Assoc Grp=0x4E4E Xmit=0x16D0 Recv=0x16D0 Warning: GssAPIMechanism is not found, either caused by not reassembled, conversation off or filtering. And an errormessage from Kerberos: Kerberos: KRB_ERROR - KDC_ERR_BADOPTION (13) The option code in the packet is 0x40830000 Any idea what I should look into?

  Read the article

• Why my AD domain doesn't work on my laptop

  - by Frederick Marcoux

  I have installed Windows Server 2008 R2 on a virtual machine with a bridged network card and installed Active Directory. I configured it and when I try to connect my laptop to the domain name, in this case, creationsmicroweb.ca (doesn't exist, don't try, for local only), I can't get connected. My laptop just doesn't see it. I don't know why! There's a resume of my config: Domain Name: creationsmicroweb.ca Forest: new, principal domain controller IP: Fixed (192.168.1.100) DNS Name: none (just for local, I ignored them) NETBIOS name: MICROWEB If someone as found why, please help me! This is for my business that I'm starting and I can't find why it doesn't work!

  Read the article

• How is DNS used by individual processes?

  - by atroon

  When resolving FQDNs or machine names to IP addresses on my local network (mycompany.internal) I can use dig on the command line (linux/mac) or nslookup (windows) to query the configured server and get a response. But trying to enter the FQDN or even just the machine name in a ping command or in a web browser results in 'Unknown Host' or DNS errors. Here's a sample, this one from the Mac: mac:~ atroon$ dig server.mycompany.internal ; <<>> DiG 9.6.0-APPLE-P2 <<>> server.mycompany.internal ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5219 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;server.mycompany.internal. IN A ;; ANSWER SECTION: server.mycompany.internal. 1200 IN A 172.16.254.36 ;; Query time: 0 msec ;; SERVER: 172.16.254.8#53(172.16.254.8) ;; WHEN: Wed Dec 16 11:39:15 2009 ;; MSG SIZE rcvd: 55 mac:~ atroon$ ping server.mycompany.internal<br> ping: cannot resolve server.mycompany.internal: Unknown host I cannot for the life of me figure this one out. The DNS server is a SBS 2003 box which handles AD, some file/print, etc for a small company network. This issue happens to me about three times a week, and when I'm connected to the local network directly, the same switch as the server even. I can make any connection I want with IP addresses, I just can't make DNS work. Additionally, at the same time I'm experiencing this, other users are fine, which makes me think it's a problem on my Mac. But what sort of problem? How can dig send a query and get a reply, and ping say 'unknown host'? I'm posting here vs. serverfault because I think this is a local problem not a server problem...but if anyone can point me at the server, I guess we'll head down the street a domain or two.

  Read the article

• access VPN machine macosx same subnet

  - by matheszabi

  I would like to access the office machine, which has a fixed IP, and is available only in its local LAN. Let say 192.168.1.100. I have a VPN with username/password connection and I am trying to access the office machine from another location, i.e., another LAN, which has the same subnet: 192.168.1.50. I am using MacOSX 10.8. I have checked the "send all trafic over VPN connection, but I think it looks like it doesn't care and is searching in Local. I do not have admin privileges and can't request to make changes to the network settings in both LANs. Is there any way to connect to the desired remote machine?

  Read the article

• Set up Windows SBS dns server and vpn clients from brench office

  - by mn

  I have got some clients from bench office which connects vpn to main office. The Router from bench office assigned addresses from DHCP 192.168.1.0/255.255.255.0 and remote gateway assigned vpn ip addresses 10.10.20.0/255.255.255.0. There is a DNS server (Active Directory Win SBS 2000) and vpn client are registered with vpn address (10.10.20.0/255.255.255.0 and domain company.com.pl). I would like to register also primary bench subnet 192.168.1.0/255.255.255.0 with domain for example company.vpn.local I want to access vpn hosts for example: dev3.copmany.pkb.local and dev3.company.com using my Win SBS 2000 DNS server.

  Read the article

• How do I get an application to appear as a choice in update-alternatives?

  - by Jay

  I separately installed the Firefox Beta and Alpha channels, and have desktop configuration files pointing to them in ~/.local/share/applications. However, stable Firefox is being used as my default browser by the system. (Firefox Beta used to be used until I messed with the "Default Applications" in System Settings, where it is not listed.) I tried running sudo update-alternatives --config x-www-browser to manually change it, but it's only recognizing Chromium and Firefox (stable) and showing them as a choice. What can I do to get custom desktop configuration files in ~/.local/share/applications to be seen as default alternatives? I think I may have to fiddle with the desktop config files, or with mimeinfo.cache or mimeapps.list? Running Oneiric. Here is the content of the firefox-beta.desktop file I created: [Desktop Entry] Name=Firefox Beta Exec=firefox-beta -P Beta -no-remote Icon=firefox Terminal=false X-MultipleArgs=false Type=Application StartupNotify=true StartupWMClass=Firefox Categories=GNOME;GTK;Network;WebBrowser; Comment[en_US]=Firefox Beta Channel MimeType=text/html;text/xml;application/xhtml+xml;application/xml;application/vnd.mozilla.xul+xml;application/rss+xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/ftp;x-scheme-handler/chrome;video/webm; Name[en_US]=Firefox Beta [NewWindow Shortcut Group] Name=Open a New Window Exec=firefox-beta -new-window about:blank TargetEnvironment=Unity

  Read the article

• Tab Completion In Emacs shell-mode SSH Sessions

  - by Sean M

  My current use pattern of emacs results in my having several shell-mode buffers open, each running an ssh session. I am running into an issue with this, though - when I try to tab-complete file names and other things in my remote session, the shell attempts to use completions available on the local machine instead of on the remote machine. For example, if the file ~/foobar exists on the local machine and ~/frob exists on the remote machine, typing in ~/f and pressing tab results in ~/foobar instead of completing correctly. If I use ssh outside of emacs and try the same thing, I get the correct completion of ~/frob instead. How can I get tab-completion to complete the way it does in normal ssh sessions ?

  Read the article

• MySQL - Configuration

  - by Stuart Brierley

  Having previously detailed how to install MySQL Server, the next step is configuring MySQL. The MySQL configuration wizard can either be run immediately following installation from the MySQL installation wizard or manually from the Start Menu. Following the splash screen you can then choose whether to run a detailed or standard configuration. The detailed configuration allows you to create the optimal configuration for your specific machine, whereas the standard configuration creates a general configuration that can then be manually tuned. I chose detailed.   You are then asked to choose the type of server instance that is being configured. In this case it is a developer machine. Following this you are asked to choose the type of database usage that you expect on the server. I opted for multifunctional. You must then specify the location of the InnoDB tablespace.   Next specify the number of concurent connections to the server.   Now you must configure the networking options. I left the Strict mode enabled as this is the recommended option, but I disabled TCP/IP networking as I wanted to restrict this MySQL installation to the local machine only.   Set the character set that is best suited to your use - for me this was the default standard character set. Next up is the option to run MySQL as a service and whether or not to include the mysql dircetories in the windows PATH. I kept the install as a windows service option enabled, but unchecked the Launch MySQL server automatically option. This is because I only wanted MySQL running when I specifically want to use it. I also enabled the include in windows PATH option.   You can then change the security settings for the mysql installation. I opted to change the root password, disable root from local machines and disable annoymous access.   You are now ready to execute the configuration.   Once completed you should hopefully see the completed screen with lots of nice ticks against the various configuration tasks.

  Read the article

• Can you link an NTFS junction point to a directory on a Network Attached Storage?

  - by Zachary Burt

  I'm using Windows, and I want to use Dropbox to back up a folder outside my Dropbox directory. So I want to create a junction point from my target directory to my Dropbox folder. Accoding to the Wikipedia article on NTFS junction points, which the Dropbox answer links to: "Junction points can only link to directories on a local volume; junction points to remote shares are unsupported." I am looking to link to a directory on networked attached storage, which would not be a local volume, I believe. What should I do?

  Read the article

• Active DFS node did not restore after failure

  - by Mark Henderson

  On Tuesday we had a Server 2008 R2 DFS-R node go offline unexpectedly. DFS did the right thing and started routing requests to a different node, which was in a remote site. This is by design, because even though it's slow, at least it's still working. We had the local DFS-R node back online within an hour, and it had synced all its changes 10 minutes after that. 3 of the 5 terminal servers reset themselves to the local DFS node, but the other two stayed pointing at the remote DFS node for three days, until someone finally piped up about how slow requests were. What reasons could there be why some, but not all, of the server reverted? Is the currently active DFS node for a namespace exposed anywhere in the OS (WMI, or even scripts) so that we can monitor the active nodes?

  Read the article

• Target to browse in order to insert a file

  - by Abid

  I have created an application using PHP and HTML. I insert it in my Linux server. I open it from my windows machine using the browser. I should in this application insert a file. When i click "insert file", instead of i have a window that browse the Linux server , i get a window that browse my local machine. And when i click insert , nothing is copied to the server. The code to insert file is: Filename: <input type="file" name="file" id="file"> So what should i do to force this application to browse the Linux machine when i open it from my local machine?

  Read the article

• How to keep group-writeable shares on Samba with OSX clients?

  - by Oliver Salzburg

  I have a FreeNAS server on a network with OSX and Windows clients. When the OSX clients interact with SMB/CIFS shares on the server, they are causing permission problems for all other clients. Update: I can no longer verify any answers because we abandoned the project, but feel free to post any help for future visitors. The details of this behavior seem to also be dependent on the version of OSX the client is running. For this question, let's assume a client running 10.8.2. When I mount the CIFS share on an OSX client and create a new directory on it, the directory will be created with drwxr-x-rx permissions. This is undesirable because it will not allow anyone but me to write to the directory. There are other users in my group which should have write permissions as well. This behavior happens even though the following settings are present in smb.conf on the server: [global] create mask= 0666 directory mask= 0777 [share] force directory mode= 0775 force create mode= 0660 I was under the impression that these settings should make sure that directories are at least created with rwxrwxr-x permissions. But, I guess, that doesn't stop the client from changing the permissions after creating the directory. When I create a folder on the same share from a Windows client, the new folder will have the desired access permissions (rwxrwxrwx), so I'm currently assuming that the problem lies with the OSX client. I guess this wouldn't be such an issue if you could easily change the permissions of the directories you've created, but you can't. When opening the directory info in Finder, I get the old "You have custom access" notice with no ability to make any changes. I'm assuming that this is caused because we're using Windows ACLs on the share, but that's just a wild guess. Changing the write permissions for the group through the terminal works fine, but this is unpractical for the deployment and unreasonable to expect from anyone to do. This is the complete smb.conf: [global] encrypt passwords = yes dns proxy = no strict locking = no read raw = yes write raw = yes oplocks = yes max xmit = 65535 deadtime = 15 display charset = LOCALE max log size = 10 syslog only = yes syslog = 1 load printers = no printing = bsd printcap name = /dev/null disable spoolss = yes smb passwd file = /var/etc/private/smbpasswd private dir = /var/etc/private getwd cache = yes guest account = nobody map to guest = Bad Password obey pam restrictions = Yes # NOTE: read smb.conf. directory name cache size = 0 max protocol = SMB2 netbios name = freenas workgroup = COMPANY server string = FreeNAS Server store dos attributes = yes hostname lookups = yes security = user passdb backend = ldapsam:ldap://ldap.company.local ldap admin dn = cn=admin,dc=company,dc=local ldap suffix = dc=company,dc=local ldap user suffix = ou=Users ldap group suffix = ou=Groups ldap machine suffix = ou=Computers ldap ssl = off ldap replication sleep = 1000 ldap passwd sync = yes #ldap debug level = 1 #ldap debug threshold = 1 ldapsam:trusted = yes idmap uid = 10000-39999 idmap gid = 10000-39999 create mask = 0666 directory mask = 0777 client ntlmv2 auth = yes dos charset = CP437 unix charset = UTF-8 log level = 1 [share] path = /mnt/zfs0 printable = no veto files = /.snap/.windows/.zfs/ writeable = yes browseable = yes inherit owner = no inherit permissions = no vfs objects = zfsacl guest ok = no inherit acls = Yes map archive = No map readonly = no nfs4:mode = special nfs4:acedup = merge nfs4:chown = yes hide dot files force directory mode = 0775 force create mode = 0660

  Read the article

• On RouterOS, how will transparent proxying (with DNAT) affect reporting of netflows?

  - by Tim

  I have a box running Mikrotik RouterOS, which is set up to do transparent web proxying, as described here. In short, this means that I have a firewall rule for destination NAT causing any port 80 traffic to get redirected to port 8080 on the router, which is received by the Mikrotik local web proxy. The local web proxy then makes the web request on the client's behalf, in this case to a parent web proxy server (which in turn does the real web request). My question is, how will this two-part process get reported in the logging of traffic flow information (netflows)? Looking at the logged information, what I seem to be seeing is this: One flow recorded from client machine (private IP) to remote proxy (8080) Another flow recorded from router to remote proxy (8080) The original request that the client made to port 80 isn't recorded. I want to write code to analyse traffic usage, so I want to be sure I'm not losing information if I discard the latter of these.

  Read the article

• Sharing folder in a Virtual Private Windows Server 2008 R2 ?

  - by Triztian

  See Edit 2: Hello all, seems my involvement with computers has grown and I've found my self in the need to access a shared folder on a server. I've read some documentation and managed to set up the folder as a share, for this I created a local group and for now just one local user that has access to the share, the folder is in the public user folder and it's permissions should be (and I believe they are) read/write. The problem is that I can't connect from a remote machine I mean I don't know how the way it should be accessed, the server has a public IP and we use it also as a host to our website I don't know if that affects it though, the folder will be used as the "keeper" for the QuickBooks company files and has the database server manager installed. I've tried setting up a VPN Connection to the but no success. The server has a domain name a "http://www.example.com" that redirects to our website, I am unsure if it could be accessed that way, also the share has a location displayed when I right-click properties Heres what I've tried Setting up a VPN Connection (Windows Vista and 7) Got to the point where I got asked for credential and entered the user I created (which is not an admin) but I got a "Connection fail error 800" I suppose this is because in the domain field I entered the servers workgroup. right-click add network connection (Windows 7) Went through the wizard until I reached the point of entering the location, tried many things, the name in the share's properties(\\SOMETHING\Share), the http://www.example.com , the IP address I'm quite unfamiliar with this, so I have my guesses: Since the group and user are local they do not have access to the folder. The firewall in the server is blocking my connection. Anyways, any help and guidence is truly appreciated. EDIT 1: As @tony roth pointed out it may be a security fail, an I commented it out to management and said that that is not an issue, so please bare with me. EDIT 2: I've found out that the real question could be streamlined to "Sharing folder in a Virtual Private Server?", as thats what we have, a virtual private windows server 2008 R2, and I would like to know how to make it show like a normal folder in the client computer. Thanks again for all of your support.

  Read the article

• Compiling GCC or Clang for thumb drive on OSX

  - by user105524

  I have a mac book that I don't have admin rights to which I would like to be able to use either GCC or clang. Since I lack admin right I can't install binutils or a compiler to /usr directory. My plan is to install both of these (using an old macbook that I do have admin rights for) to a flash drive and then run the compiler off of there. How would one go building gcc or clang so that it could run just off of a thumb drive? I've tried both but haven't had any success. I've tried doing it defining as many of the directories as possible through configure, but haven't been able to successfully build. My current configure script for gcc-4.8.1 is (where USB20D is the thumb drive): ../gcc-4.8.1/configure --prefix=/Volumes/USB20FD/usr \ --with-local-prefix=/Volumes/USB20FD/usr/local \ --with-native-system-header-dir=/Volumes/USB20FD/usr/include \ --with-as=/Volumes/USB20FD/usr/bin/as \ --enable-languages=c,c++,fortran\ --with-ld=/Volumes/USB20FD/usr/bin/ld \ --with-build-time-tools=/Volumes/USB20FD/usr/bin \ AR=/Volumes/USB20FD/usr/bin/ar \ AS=/Volumes/USB20FD/usr/bin/as \ RANLIB=/Volumes/USB20FD/usr/bin/ranlib \ LD=/Volumes/USB20FD/usr/bin/ld \ NM=/Volumes/USB20FD/usr/bin/nm \ LIPO=/Volumes/USB20FD/usr/bin/lipo \ AR_FOR_TARGET=/Volumes/USB20FD/usr/bin/ar \ AS_FOR_TARGET=/Volumes/USB20FD/usr/bin/as \ RANLIB_FOR_TARGET=/Volumes/USB20FD/usr/bin/ranlib \ LD_FOR_TARGET=/Volumes/USB20FD/usr/bin/ld \ NM_FOR_TARGET=/Volumes/USB20FD/usr/bin/nm \ LIPO_FOR_TARGET=/Volumes/USB20FD/usr/bin/lipo CFLAGS=" -nodefaultlibs -nostdlib -B/Volumes/USB20FD/bin -isystem/Volumes/USB20FD/usr/include -static-libgcc -v -L/Volumes/USB20FD/usr/lib " \ LDFLAGS=" -Z -lc -nodefaultlibs -nostdlib -L/Volumes/USB20FD/usr/lib -lgcc -syslibroot /Volumes/USB20FD/usr/lib/crt1.10.6.o " Any obvious ideas of which of these options need to be turned on to install the appropriate files on the thumb drive during installation? What other magic occurs during xcode installation which isn't occurring here? Thanks for any suggestions

  Read the article

• How to Pre-Configure Shared Laptops' Microsoft Outlook 2010 Accounts to Connect to Exchange Server 2007 SP3?

  - by schultkl

  Our IT environment provides 10 shared, Microsoft Windows 7 laptops for an office staff of several hundred people. After checking-out and logging into a laptop with an Active Directory domain account, office staff frequently run Microsoft Outlook 2010. However, the first time office staff do this, Microsoft Outlook 2010 prompts the user to create and configure their local account. This takes just several clicks, as Microsoft Outlook 2010 auto-detects the office staff member's Microsoft Exchange Server 2007 (SP3) account. The problem is: all office staff have to do this on each new laptop they use. Until they do so, some functionality does not work (for example, Microsoft Word 2010 Save & Send fails with error "There was a problem creating the message"). How might our IT department "pre-configure" the shared laptops so office staff can simply log-in and use Microsoft Outlook 2010 functionality without the need to configure a local account?

  Read the article

• How do I troubleshoot an IPsec tunnel (from a cellular router to a public server)?

  - by Hanno Fietz

  I'm new to IPsec and struggling with a setup that might soon be widely used in our operations (provided I do understand it, eventually...). A cellular router (blackbox by netModule, from its log messages it seems to be running Linux and OpenSwan) connects a sensor network on customers' sites with our public server. We need to be able to connect into the local network, so I had the cell provider give me a public IP (a dynamic one). The way their setup works, the public IPs only allow IPsec traffic. I set up OpenSwan on our Ubuntu server (running Jaunty). This is my connection config from /etc/ipsec.conf: conn gprs-field-devices left=my.pub.lic.ip [email protected] #leftsubnet=192.168.1.129/25 right=%any [email protected] #rightsubnet=192.168.1.1/25 #rightnexthop=%defaultroute auto=add On the router, all I have is the Web UI, in which I made the following settings: "Remote endpoint": public IP of server, same as "left" above "Local Network Address": 192.168.1.1 "Local Network Mask": 255.255.255.128 "Remote Network Address": 192.168.1.129 "Remote Network Mask": 255.255.255.128 The pluto process on the server is listening for connections on port 500. It can't open a tunnel, obviously, because it doesn't know at which IP the client is. I set up a passphrase as PSK for @field.econemon.com in /etc/ipsec.secrets and also configured it in the router (which doesn't seem to support certificates). My problem is, nothing happens. The router just says, IPsec is "down". When I copy-paste the IP into ipsec.conf (for "right="), and ask the server to ipsec auto --up gprs-field-devices, it just hangs until I press Ctrl-C. Is there anything wrong with my setup? How can I debug this further? My router gives the following loglines that seem related, but don't tell me anything: Feb 21 23:08:20 Netbox authpriv.warn pluto[2497]: loading secrets from "/etc/ipsec.secrets" Feb 21 23:08:20 Netbox authpriv.warn pluto[2497]: loading secrets from "/etc/ipsec.d/hostkey.secrets" Feb 21 23:08:20 Netbox authpriv.warn pluto[2497]: loading secrets from "/etc/ipsec.d/netbox0.secrets" Feb 21 23:08:20 Netbox authpriv.warn pluto[2497]: "netbox00" #1: initiating Main Mode Feb 21 23:08:20 Netbox daemon.err ipsec__plutorun: 104 "netbox00" #1: STATE_MAIN_I1: initiate Feb 21 23:08:20 Netbox daemon.err ipsec__plutorun: ...could not start conn "netbox00" Feb 21 23:08:22 Netbox authpriv.warn pluto[2497]: packet from 188.40.57.4:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN Feb 21 23:08:22 Netbox authpriv.warn pluto[2497]: packet from 188.40.57.4:500: received and ignored informational message Feb 21 23:08:28 Netbox user.warn parrot.system_controller[762]: IPSECCTRLR: Tunnel 0 is down for 0 seconds Feb 21 23:08:40 Netbox user.warn parrot.system_controller[762]: IPSECCTRLR: Tunnel 0 is down for 10 seconds Feb 21 23:08:52 Netbox authpriv.warn pluto[2497]: packet from 188.40.57.4:500: ignoring informational payload, type NO_PROPOSAL_CHOSEN

  Read the article

• Music Art Food Drink: Oracle Social Plaza - Tues 10/2

  - by Bob Rhubart

  Join Oracle's social media mavens plus hundreds of your closest friends at this all-social social… What: Oracle Social Plaza When: Tuesday, October 2, 2012Noon to 8:00 pm Where: Mint Plaza Fifth Street between Mission and Market San Francisco It's a full-on treat for all your senses, featuring music, art, food, and fashion. Music will be provided by indy favs Golden State and dance-rageous local DJ Brandon Arnovick. Watch as artists, including Melanie Alveres, create works of art live, then bid on their creations. Want to do a little creating on your own? Try mugging in the Social PhotoBooth. If you're into fashion, 20 local fashion designers will be on hand with their latest creations. And if you like t-shirts, there'll be live screen printing, with free t-shirts for the first 300 guests. Food and drink? Starting at 4:30 pm there will be two bars, along with munchies from one of those outrageous San Francisco food trucks. And don't worry about missing Larry Ellison's keynote. You can watch if from here.

  Read the article

• setting up Ubuntu 10.10 as paravirtualized guest in Xen on RHEL5 host - what kernel?

  - by kostmo

  I've discovered the tool ubuntu-vm-builder, which I've installed and then invoked on an Ubuntu workstation as: sudo vmbuilder xen ubuntu --suite maverick --flavour virtual --arch amd64 --mem=512 --rootsize 8192 This workstation is not the intended target host of the virtual machine, however; I would like to host the guest on a Red Hat Enterprise Linux 5 machine that is running Xen 3.0.3. The output of this command appears to be a folder named ubuntu-xen containing three files: tmpXXXXXX, a very large file which I assume is the root partition image tmpYYYYYY, a somewhat large file which I assume is the swap partition image xen.conf, a text file I have copied the xen.conf file to the RHEL server's /etc/xen directory under the new name newvm, adjusting the paths of tempXXXXXX and tempYYYYYYin the file after also copying them from my local workstation to the RHEL server. When I launch the Virtual Machine Manager virt-manager, I can see the newvm virtual machine listed underneath the Dom0 machine. When I try to start newvm, I get the error: Error starting domain: virDomainCreate() failed POST operation failed: (xend.err 'Error creating domain: Kernel image does not exist: None') Indeed, there exists an entry kernel = 'None' in the xen.conf file. How do I find out what the path of the kernel should be? Is this path supposed to be to a kernel stored on the local filesystem of the RHEL5 host, or is it supposed to be a path inside the guest image? I see that the vmbuilder command provides for a --xen-kernel option, along with a --xen-ramdisk option, but I'm not sure what to use for either. I think I should be able to get this to work, since Ubuntu is said to be supported as a Xen guest, even though the Xen 4.0.1 docs state support for only a limited set of distributions, Ubuntu excluded. Update 1 When running vmbuilder on my local workstation, I did observe an output line saying: Calling hook: install_kernel and later, output lines saying: update-initramfs: Generating /boot/initrd.img-2.6.35-23-virtual [...] run-parts: executing /etc/kernel/postinst.d/initramfs-tools 2.6.35-23-virtual /boot/vmlinuz-2.6.35-23-virtual So in the xen.conf file, I tried setting the lines: kernel = '/boot/vmlinuz-2.6.35-23-virtual' ramdisk = '/boot/initrd.img-2.6.35-23-virtual' When trying to start the VM, I got an error similar to last time: Error starting domain: virDomainCreate() failed POST operation failed: (xend.err 'Error creating domain: Kernel image does not exist: /boot/vmlinuz-2.6.35-23-virtual') This makes me think that the RHEL5 machine is looking for local files, rather than a file within the binary guest disk image. After running sudo updatedb on my workstation, neither of those files were found. If the vmbuilder tool had tried to install them, it must have failed. Update 2 I was able to extract the kernel and initrd images from the guest disk binary by mounting it: mkdir mnt_tmp sudo mount ubuntu-xen/tmpXXXXXX mnt_tmp/ -o loop cp mnt_tmp/boot/vmlinuz-2.6.35-23-virtual virtual_kernel_ubuntu cp mnt_tmp/boot/initrd.img-2.6.35-23-virtual virtual_initrd_ubuntu These two files I copied to the RHEL5 server, and edited the xen.conf file to point to them as kernel and ramdisk. With this done, I could "run" the newvm virtual machine from within virt-manager, but was met with the message Console Not Configured For Guest when I double clicked the entry to open the Virtual Machine Console. As suggested by a forum, I then added the line vfb = [ 'type=vnc' ] to the configuration file, recreated the virtual machine (a ~10 min process), and this time got the message: Connecting to console for guest This remained indefinitely; after selecting View - Serial Console, I found a kernel panic: [5442621.272173] Kernel panic - not syncing: Attempted to kill the idle task! [5442621.272179] Pid: 0, comm: swapper Tainted: G D 2.6.35-23-virtual #41-Ubuntu [5442621.272184] Call Trace: [5442621.272191] [<ffffffff815a1b81>] panic+0x90/0x111 [5442621.272199] [<ffffffff810652ee>] do_exit+0x3be/0x3f0 [5442621.272204] [<ffffffff815a5e20>] oops_end+0xb0/0xf0 [5442621.272211] [<ffffffff8100ddeb>] die+0x5b/0x90 [5442621.272216] [<ffffffff815a56c4>] do_trap+0xc4/0x170 [5442621.272221] [<ffffffff8100ba35>] do_invalid_op+0x95/0xb0 [5442621.272227] [<ffffffff8130851c>] ? intel_idle+0xac/0x180 [5442621.272232] [<ffffffff810072bf>] ? xen_restore_fl_direct_end+0x0/0x1 [5442621.272239] [<ffffffff815a48fe>] ? _raw_spin_unlock_irqrestore+0x1e/0x30 [5442621.272247] [<ffffffff8108dfb7>] ? tick_broadcast_oneshot_control+0xc7/0x120 [5442621.272253] [<ffffffff8100ad5b>] invalid_op+0x1b/0x20 [5442621.272259] [<ffffffff8130851c>] ? intel_idle+0xac/0x180 [5442621.272264] [<ffffffff813084e0>] ? intel_idle+0x70/0x180 [5442621.272269] [<ffffffff810072bf>] ? xen_restore_fl_direct_end+0x0/0x1 [5442621.272275] [<ffffffff8148a147>] cpuidle_idle_call+0xa7/0x140 [5442621.272281] [<ffffffff81008d93>] cpu_idle+0xb3/0x110 [5442621.272286] [<ffffffff815873aa>] rest_init+0x8a/0x90 [5442621.272291] [<ffffffff81b04c9d>] start_kernel+0x387/0x390 [5442621.272297] [<ffffffff81b04341>] x86_64_start_reservations+0x12c/0x130 [5442621.272303] [<ffffffff81b08002>] xen_start_kernel+0x55d/0x561 Update 3 I tried an i386 architecture instead of amd64, but got the same kernel panic. Also, it seems the Virtual Machine Manager pays attention to the format of the filename of the kernel; for the same kernel binary, I tried simply naming it vmlinuz-virtual, which threw out an error box about an invalid kernel. When I named it vmlinuz-2.6.35-23-virtual, it did not throw the error, but it did still result in the kernel panic shortly thereafter.

  Read the article

• Grant permission for specific other AD users to unlock/log out user from PC

  - by Simon Needham

  What I'm looking to do is permission a Windows PC (ideally XP but if a later OS version is required so be it) so that a select group of users can unlock the machine, logging the current user out. This something that a Local Admin for the machine would be able to do from a locked screen, however, I'd like to avoid granting Local Admin rights to this group of users if I can. The background here is that this machine is 80% used by one person but is treated as a 'shared machine' on days that the primary user is not around. It's usefull that everybody using the machine can carry on using their own accounts with all the personalisations they are used to. I'd also like to void logging the primary user out every night. No one else in the firm has to put up with that and she does use the machine herself most of the time.

  Read the article

• Implicit OAuth2 endpoint vs. cookies

  - by Jamie

  I currently have an app which basically runs two halves of an API - a restful API for the web app, and a synchronisation API for the native clients (all over SSL). The web app is completely javascript based and is quite similar to the native clients anyway - except it currently does not work offline. What I'm hoping to do is merge the fragmented APIs into a single restful API. The web app currently authenticates by issuing a cookie to the client whereas the native clients work using a custom HMAC access token implementation. Obviously a public/private key scenario for a javascript app is a little pointless. I think the best solution would be to create an OAuth2 endpoint on the API (like Instagram, for example http://instagram.com/developer/authentication/) which is used by both the native apps and the web app. My question is, in terms of security how does an implicit OAuth2 flow compare (storing the access token in local storage) to "secure" cookies? Presumably although SSL solves man in the middle attacks, the user could theoretically grab the access token from local storage and copy it to another machine?

  Read the article

< Previous Page | 202 203 204 205 206 207 208 209 210 211 212 213  | Next Page >