Search Results

Search found 15595 results on 624 pages for 'ip forward'.

Page 22/624 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • Windows Server 2003 seems to pick the 'outgoing' IP address at random from all the ones configured in IIS, how can I make it just use one?

    - by Ryan
    We have multiple sites in IIS with different IP addresses. This is cool, want different IPs to all go to this server and use the proper site. However I discovered an issue that when the server makes an outgoing connection, I cannot predict which IP it will use. I had to have one client add ALL the IPs to their firewall so that a certain service could communicate with their server. Well now the time has come to add another IP/site to IIS but I had told them they would not need to add any more IPs. So the question is, how can I make Windows Server 2003 use only ONE specific IP for outgoing calls instead of it being unpredictable? If this is not a good enough description, when I was RDPed into the server and I opened IE and went to 'what is my IP' it was sometimes different which is how I discovered why the one client's firewall was suddenly refusing the connections. How can I just make outgoing calls originate from a static IP yet still allow multiple IPs pointing to different sites in IIS?

    Read the article

  • Windows Server 2003 seems to pick the 'outgoing' IP address at random from all the ones configured in IIS, how can I make it just use one?

    - by ioSamurai
    We have multiple sites in IIS with different IP addresses. This is cool, want different IPs to all go to this server and use the proper site. However I discovered an issue that when the server makes an outgoing connection, I cannot predict which IP it will use. I had to have one client add ALL the IPs to their firewall so that a certain service could communicate with their server. Well now the time has come to add another IP/site to IIS but I had told them they would not need to add any more IPs. So the question is, how can I make Windows Server 2003 use only ONE specific IP for outgoing calls instead of it being unpredictable? If this is not a good enough description, when I was RDPed into the server and I opened IE and went to 'what is my IP' it was sometimes different which is how I discovered why the one client's firewall was suddenly refusing the connections. How can I just make outgoing calls originate from a static IP yet still allow multiple IPs pointing to different sites in IIS?

    Read the article

  • IP/PORT forward requests to another server

    - by DT.DTDG
    I have the following listening PORT:IP set up on my UBuntu server. 12.345.67.890:3636 It receives requests perfectly, however, I would now like to forward any requests to that IP:PORT to another IP:PORT, i.e.: 09.876.54.321:3636 Essentially I want to do a request forward 12.345.67.890:3636 -> 09.876.54.321:3636. How can I go about it in Terminal and if I wanted to change it back how can I go about that too? Is there also a way to test that the data is forwarding and it is setup properly? Thanks! Edit: Can I just do as follows, just wondering how I would go about testing it and how I could disable it? sysctl net.ipv4.ip_forward=1 iptables -t nat -A PREROUTING -p tcp --dport 3636 -j DNAT --to-destination 09.876.54.321:3636 iptables -t nat -A POSTROUTING -j MASQUERADE

    Read the article

  • Disadvantages of a fake phpMyAdmin honeypot that causes ip blacklisting and robots.txt disallow/exclusion of the honeypot?

    - by Tchalvak
    I'm trying to figure out whether I should set up a honeypot system with a fake phpMyAdmin (site gets hits all the time with people spidering for insecurities with that app). My thought was to create a honeypot php script that would mimic a phpMyAdmin login, and then blacklist ips that hit that url (and aren't already whitelisted). I would then add the appropriate urls to the robots.txt so that spiders that actually respect my robots.txt wouldn't be caught by the blacklist. Are there disadvantages to this approach, do legit robots sometimes not respect robots.txt in certain circumstances, are there any problems with this that I should consider in advance?

    Read the article

  • Why Is the Localhost IP 127.0.0.1?

    - by Jason Fitzpatrick
    Geeks the world over know their local host as 127.0.0.1, but why is that specific address, of all available addresses, reserved for the local host? Read on to delve into the history of local hosts. Image by GMPhoenix; available as wallpaper here. Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-drive grouping of Q&A web sites. 7 Ways To Free Up Hard Disk Space On Windows HTG Explains: How System Restore Works in Windows HTG Explains: How Antivirus Software Works

    Read the article

  • http request via iptables --to-destination ip redirect results in no response

    - by Wouter Vegter
    I have two Ubuntu servers with each having their own ip addresses. Let's call them server1 and server2, having respectively ip 1.1.1.1 and 2.2.2.2 I have a nginx running on server2. The sole purpose I want server1 to have is to redirect all incoming http (so port 80) requests to server2 without clients noticing that their request is being redirected. I tried the following command on server1: iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 2.2.2.2 But when I enter 1.1.1.1 in my browser I get no respond: the page keeps trying to load without giving any message or error message (I get a time-out after 2-3 mins). But when I do remove the above iptables rule I immediately do get a "page not found error" when I enter 1.1.1.1 in my browser; so something is working but not as it should: when I enter 1.1.1.1 I want the html page to load that is hosted on 2.2.2.2 Because when i enter 2.2.2.2 in my browser I do see the webpage loaded. Could anyone please help me with this? I am searching quite some time (on severfault & Google) on this now so that's why I ask. Many thanks for reading my question! Update: Thank you all for you information. Unfortunately I still get no response I have the following iptables configuration: root@ip-10-48-238-216:/home/ubuntu# sudo iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination root@ip-10-48-238-216:/home/ubuntu# sudo iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere anywhere tcp dpt:www to:2.2.2.2 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination When i run tcpdump and do request via chrome to 1.1.1.1 i get the following root@ip-10-48-238-216:/home/ubuntu# sudo tcpdump -i eth0 port 80 -vv tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 13:56:18.346625 IP (tos 0x0, ttl 52, id 12055, offset 0, flags [DF], proto TCP (6), length 60) 212-123-161-112.ip.telfort.nl.16386 ip-10-48-238-216.eu-west-1.compute.internal.www: Flags [S], cksum 0xb398 (correct), seq 2639758575, win 5840, options [mss 1460,sackOK,TS val 1223672 ecr 0,nop,wscale 6], length 0 13:56:18.346662 IP (tos 0x0, ttl 51, id 12055, offset 0, flags [DF], proto TCP (6), length 60) 212-123-161-112.ip.telfort.nl.16386 ww1dc1.shopreme.com.www: Flags [S], cksum 0x9ee0 (correct), seq 2639758575, win 5840, options [mss 1460,sackOK,TS val 1223672 ecr 0,nop,wscale 6], length 0 13:56:18.598747 IP (tos 0x0, ttl 52, id 10138, offset 0, flags [DF], proto TCP (6), length 60) 212-123-161-112.ip.telfort.nl.16387 ip-10-48-238-216.eu-west-1.compute.internal.www: Flags [S], cksum 0xac40 (correct), seq 2645658541, win 5840, options [mss 1460,sackOK,TS val 1223735 ecr 0,nop,wscale 6], length 0 13:56:18.598777 IP (tos 0x0, ttl 51, id 10138, offset 0, flags [DF], proto TCP (6), length 60) 212-123-161-112.ip.telfort.nl.16387 ww1dc1.shopreme.com.www: Flags [S], cksum 0x9788 (correct), seq 2645658541, win 5840, options [mss 1460,sackOK,TS val 1223735 ecr 0,nop,wscale 6], length 0 ^C 4 packets captured 4 packets received by filter 0 packets dropped by kernel the mentioned address relate to the following 212-123-161-112.ip.telfort.nl.16386 : my personal computer ww1dc1.shopreme.com.www : dns of server2 (2.2.2.2) ip-10-48-238-216.eu-west-1.compute.internal.www : amazon web services ec2 internal address of server1 (1.1.1.1) However, the tcpdump log on server2 (2.2.2.2) stays empty and I get no response back in my browser. I am able to ping from server1 to server2. And net.ipv4.ip_forward is set to 1 and so is /proc/sys/net/ipv4/ip_forward Could there be anything else that is missing?

    Read the article

  • PHP/mysqli: Inserting IP address with mysqli_stmt_bind_param()

    - by invarbrass
    Hello! I have a database table which contains an unsigned integer field to store the visitor's IP address: `user_ip` INT(10) UNSIGNED DEFAULT NULL, Here's the snippet of PHP code which tries to store the IP address: $ipaddr = $_SERVER['REMOTE_ADDR']; if ($stmt = mysqli_prepare($dbconn, 'INSERT INTO visitors(user_email, user_ip) VALUES (?,?)')) { $remote_ip = "INET_ATON('$ipaddr')"; mysqli_stmt_bind_param($stmt, 'ss', $email, $remote_ip); if (mysqli_stmt_execute($stmt) === FALSE) return FALSE; $rows_affected = mysqli_stmt_affected_rows($stmt); mysqli_stmt_close($stmt); } The INSERT operation succeeds, however the user_ip field contains a null value. I have also tried changing the parameter type in mysqli_stmt_bind_param() (which was set to string in the above example) to integer, i.e. mysqli_bind_param(... 'si',...) - but to no avail. I've also tried using the following bit of code instead of mysql's INET_ATON() SQL function: function IP_ATON($ipaddr) { $trio = intval(substr($ipaddr,0,3)); return ($trio>127) ? ((ip2long($ipaddr) & 0x7FFFFFFF) + 0x80000000) : ip2long($ipaddr); } It still doesn't work - the 'user_ip' field is still set to null. I've tried passing the $ip_addr variable as both integer & string in mysqli_bind_param() - to no avail. It seems the problem lies with the parameterized insert. The following "old-style" code works without any problem: mysqli_query(..., "INSERT INTO visitors(user_email, user_ip) VALUES ('$email',INET_ATON('$ipaddr'))"); What am I doing wrong here? Thanks in advance!

    Read the article

  • TCP/IP Implementation General Questions

    - by user2971023
    I've implemented the concepts shown here; http://wiki.unity3d.com/index.php/Simple_TCP/IP_Client_-_Server outside of unity and it works. (though i had to create the TCPIPServerApp from scratch as i could not find the base project anywhere). I have some general questions on how to use tcp/ip properly however. I've done some research on tcp/ip itself but I'm still a little confused. It seems like using the method above doesn't guarantee that I'll see the message (res). It just checks on every update to see if there is a different message in res. What if multiple messages are sent and the program lags or something, will i miss the earlier packet(s)? Should i instead do an array so it stores the last X messages? How do i know the data was received? Do I need to add a message id and build in my own ack into the data? Should i check to see if the port is in use before setting up a connection? Sorry for all the questions. This is all new to me but I enjoy this very much! ... Below already answered By Anton, Thanks It sounds like tcp uses its own packet numbering to ensure the packets end up in the right order on the other side. What if a packet is missed, are the subsequent packets thrown away? Or is this numbering and packet ordering, only for handling data that is broken out into multiple packets? TCP will automatically break the data into multiple packets if necessary right?

    Read the article

  • How to go to a website on a shared server by its ip address?

    - by user1502776
    I have a few questions, please help: Fist, I can access google search just by typing http://74.125.224.211 because this is the ip address returned by nslookup. However, I could not do so with ip addresses returned from www.yahoo.com. How do I go to yahoo search page by its ip ? Another example, http://www.allaboutcircuits.com will resolve to 68.233.243.63 by DNS server, but if I go to http://68.233.243.63 I got "Hello world!" , lol ! Second, for some reason, there is something wrong with DNS resolvers with my web hosting service (it will not be fixed !!). So command like, get_file_contents("http://www.allaboutcircuits.com"); will return php_network_getaddresses: getaddrinfo failed: Name or service not known How do I get around this with IP address , 68.233.243.63 I mean somehow attach the HTTP hostname parameter to get_file_contents() ? I would like to solve this on my own side (in my code), no troubleshooting/adjustment will be done by server admin.

    Read the article

  • Finding all domain names that resolve to the same ip?

    - by Janak
    Lately I've been tracking a spammer on craigslist. I recently discovered that he's added a new technique to his arsenal, he registered a whole bunch of domain names but they all resolve to the same ip address. Is there any way to take an ip address and get a list of all the domain names that resolve to that ip?

    Read the article

  • What keeps you from changing your public IP address and wreak havok?

    - by Whitemage
    An interesting question was asked to me and I did not know what to answer.. So I'll ask here. Let's say I subscribed to an ISP and I'm using cable internet access. ISP gives me a public IP address of 60.61.62.63. What keeps me from changing this IP address to, let's say, 60.61.62.75 and mess with another consumer's internet access? For the sake of this argument, let's say that this other IP address is also owned by the same ISP. Also, let's assume that it's possible for me to go into the cable modem settings and manually change the IP address. Under a business contract where you are allocated static addresses, you are also assigned a default gaetway, a network address and a broadcast address. So that's 3 addresses the ISP "loses" to you. That seems very wastefull for dynamically assigned IP addresses where the majority of customers are.. Could they simply be using static arps? ACLs? Other simple mechanisms? Anyone who worked at an ISP would be willing to explain this a bit?

    Read the article

  • Does ip blocking occur anywhere other than at the endpoints?

    - by John O
    My localhost's IP address/port is being blocked from accessing a certain site. The blocking is occurring, but I don't know where. The question is : does IP blocking possibly occur not only at the endpoint, but also at any intermediate server along the way? Take a tracert, for example. Could the IP blocking be possibly occuring at any server whatsoever along the tracert path, or can the blocking only be done at the endpoints?

    Read the article

  • DNS and IPs - Does DNS send the IP back to the client?

    - by Josh
    I ran across a site that talked about routing all cients requesting by IP to a "dead end." The clients accessing the site via ip it claimed were typically automated exploit tools and bots. Legitimate users type in the web address by it's domain question. With this context in mind, I don't really understand how DNS really works. I thought it worked by sending an IP back to a client for the requested DNS (like a phone book.) The client then uses the IP to access the site. The information above seems to indicate I misunderstand this. Can someone clarify this? (http://technet.microsoft.com/en-us/magazine/2005.01.hackerbasher.aspx)

    Read the article

  • Finding out if an IP address is static or dynamic?

    - by Joshua
    I run a large bulletin board and I get spammers every now and again. My moderation team does a good job filtering them out but every time I IP ban them they seem to come back (I'm pretty sure it's the same person on some occasions, as the post patterns are exactly the same as are the usernames) but I'm afraid to ban them by IP address every time. If they are on a dynamic IP address, I could be banning innocent users later down the line when they try to get to my forum through SERPs, but if I ban only via static IPs I know that I'm only banning that one person. So, is there a way to properly determine if an IP address is static or dynamic? Thanks.

    Read the article

  • 13 IP addresses, how to add them to domain SPF?

    - by Willy
    Hi All, Let say I have these IP addresses on my server: 170.120.210.209 gateway 170.120.210.210 server IP 170.120.210.211 170.120.210.212 170.120.210.213 170.120.210.214 170.120.210.215 170.120.210.216 170.120.210.217 170.120.210.218 170.120.210.219 170.120.210.220 170.120.210.221 170.120.210.222 I am now willing to setup SPF record for my domain but don't want to write each IP one by one. Could you please tell me the short way of this? How can I convert these IP addresses into CIDR notation? Is this correct? 170.120.210.210/28 Thanks for your help.

    Read the article

  • Can IP address transfer from person to another after he disconnects from ISP or any other way?

    - by learner
    I have been checking this website that sells a product (health related) and trying to find out if it is a scam site. The site is something.blogspot.in (and not something.blogspot.com, which happens to be a different site altogether). So is it an Indian site? It has a CBox chat box where the owner communicates with customers (or potential ones) for information. The owner shows that his product has worked for people by providing links from a forum (created by him at network54.com) where people have posted positively. One doesn't have to be registered to post on there, but the IP address of the poster gets shown along with the post. According to the owner, IP address is basis of authenticity. I found that many people had different IP addresses on their different posts. The owner has declared the nationalities of the people who posted. When I traced the IP addresses of them with this site, I found that the nationalities provided by the owner were wrong. Is it possible that when a person disconnects himself from an ISP, another person from another country gets his old IP address?

    Read the article

  • How to get the IP Address for your Local Area Connection on Windows Server?

    - by Geo
    I want to create a batch or vbs file that will put together a url and executed. Part of that url needs to be the actual ip address of the machine. How I am able to get that IP address in a variable to include it on the script? EDIT 1: I found out that the command below will give me the IP Address, but still don't know how to get that value into a variable to use it in a script. c:\> wmic NICCONFIG WHERE IPEnabled=true GET IPAddress /format:csv Node,IPAddress IP-0AFB,{10.25.5.2}

    Read the article

  • Can I determine a machine's outward facing IP with PHP without relying on external services?

    - by editor
    I'm working with an API that requires the machine's external IP. As far as I know, the PHP environment I'm using can only get our internal IP. The option on the table is using an external service such as whatismyip.com to tell us: wget -q -O - http://whatismyip.com/automation/n09230945.asp My concern is what happens if that fails. Is there a bulletproof way of determining a machine's IP without relying on external services?

    Read the article

  • Why configuring manual IP do not work for me in DHCP?

    - by user58859
    I have broadband connection in my laptop. It's getting the IP by protocol. configuration is : ip : 192.168.1.2 subnet : 255.255.255.0 gateway : 192.168.1.1 Now I am curious, In IPV4 properties when instead of choosing "Obtain an IP address automatically", I choose "Use the following IP address" and configure everything same, why it do not work? Do DHCP do not work when we configure the IP manually? (operating system : windows-7) EDIT : After configuring the ip manually, when I used ipconfig/all , it's showing dhcp enabled : NO. I am not doing it. Why it got disabled automatically? and how to enable it? DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 NetBIOS over Tcpip. . . . . . . . : Enabled

    Read the article

  • Maximum Length Of IP Address: 15 (IPv4) & 39(IPv6)

    - by Gopinath
    Problem You are designing a database table for a web application that requires to store IP address of users who visits the site. The IP address is required to be stored a character data in the table. To define size of the character column you need to know maximum length of IP address. So, what is the maximum length of an IP address? Solution The IPv4 version of IP address is in the following format 255.255.255.255 To store IPv4 address we require 15 characters. The IPv6 version of IP address is grouped into sets of 4 hex digits separated by colons, like the below 2001:0db8:85a3:0000:0000:8a2e:0370:7334 To store IPv6 address you require a 39 characters long column. Conclusion As IPv4 and IPv6 are the commonly use protocols, you better define a column with 39 characters length so that both the format address are saved in to the table without any issues. This article titled,Maximum Length Of IP Address: 15 (IPv4) & 39(IPv6), was originally published at Tech Dreams. Grab our rss feed or fan us on Facebook to get updates from us.

    Read the article

  • Redirect a specific IP address to a special page of my homepage with .htaccess

    - by Jim Knopf
    How can I use .htaccess to forward a visitor of a specific IP address to a webpage on my server? This example causes an infinite loop: RewriteCond %{REMOTE_ADDR} ^123\.\123\.123\.123$ RewriteRule ^(.*)$ /specialpage.php [R,L] I found this on the web but it just does not work: SetEnvIf REMOTE_ADDR 123.123.123.123 REDIR="redir" RewriteCond %{REDIR} redir RewriteRule ^(.*)$ /specialpage.php Note: My website consists of .htm, html and .php pages. Your help would be very much appreciated.

    Read the article

  • capturing video from ip camera

    - by Ruby
    I am trying to capture video from ip camera into my application , its giving exception com.sun.image.codec.jpeg.ImageFormatException: Not a JPEG file: starts with 0x0d 0x0a at sun.awt.image.codec.JPEGImageDecoderImpl.readJPEGStream(Native Method) at sun.awt.image.codec.JPEGImageDecoderImpl.decodeAsBufferedImage(Unknown Source) at test.AxisCamera1.readJPG(AxisCamera1.java:130) at test.AxisCamera1.readMJPGStream(AxisCamera1.java:121) at test.AxisCamera1.readStream(AxisCamera1.java:100) at test.AxisCamera1.run(AxisCamera1.java:171) at java.lang.Thread.run(Unknown Source) its giving exception at image = decoder.decodeAsBufferedImage(); Here is the code i am trying private static final long serialVersionUID = 1L; public boolean useMJPGStream = true; public String jpgURL = "http://ip here/video.cgi/jpg/image.cgi?resolution=640×480"; public String mjpgURL = "http://ip here /video.cgi/mjpg/video.cgi?resolution=640×480"; DataInputStream dis; private BufferedImage image = null; public Dimension imageSize = null; public boolean connected = false; private boolean initCompleted = false; HttpURLConnection huc = null; Component parent; /** Creates a new instance of AxisCamera */ public AxisCamera1(Component parent_) { parent = parent_; } public void connect() { try { URL u = new URL(useMJPGStream ? mjpgURL : jpgURL); huc = (HttpURLConnection) u.openConnection(); // System.out.println(huc.getContentType()); InputStream is = huc.getInputStream(); connected = true; BufferedInputStream bis = new BufferedInputStream(is); dis = new DataInputStream(bis); if (!initCompleted) initDisplay(); } catch (IOException e) { // incase no connection exists wait and try // again, instead of printing the error try { huc.disconnect(); Thread.sleep(60); } catch (InterruptedException ie) { huc.disconnect(); connect(); } connect(); } catch (Exception e) { ; } } public void initDisplay() { // setup the display if (useMJPGStream) readMJPGStream(); else { readJPG(); disconnect(); } imageSize = new Dimension(image.getWidth(this), image.getHeight(this)); setPreferredSize(imageSize); parent.setSize(imageSize); parent.validate(); initCompleted = true; } public void disconnect() { try { if (connected) { dis.close(); connected = false; } } catch (Exception e) { ; } } public void paint(Graphics g) { // used to set the image on the panel if (image != null) g.drawImage(image, 0, 0, this); } public void readStream() { // the basic method to continuously read the // stream try { if (useMJPGStream) { while (true) { readMJPGStream(); parent.repaint(); } } else { while (true) { connect(); readJPG(); parent.repaint(); disconnect(); } } } catch (Exception e) { ; } } public void readMJPGStream() { // preprocess the mjpg stream to remove the // mjpg encapsulation readLine(3, dis); // discard the first 3 lines readJPG(); readLine(2, dis); // discard the last two lines } public void readJPG() { // read the embedded jpeg image try { JPEGImageDecoder decoder = JPEGCodec.createJPEGDecoder(dis); image = decoder.decodeAsBufferedImage(); } catch (Exception e) { e.printStackTrace(); disconnect(); } } public void readLine(int n, DataInputStream dis) { // used to strip out the // header lines for (int i = 0; i < n; i++) { readLine(dis); } } public void readLine(DataInputStream dis) { try { boolean end = false; String lineEnd = "\n"; // assumes that the end of the line is marked // with this byte[] lineEndBytes = lineEnd.getBytes(); byte[] byteBuf = new byte[lineEndBytes.length]; while (!end) { dis.read(byteBuf, 0, lineEndBytes.length); String t = new String(byteBuf); System.out.print(t); // uncomment if you want to see what the // lines actually look like if (t.equals(lineEnd)) end = true; } } catch (Exception e) { e.printStackTrace(); } } public void run() { System.out.println("in Run..................."); connect(); readStream(); } @SuppressWarnings("deprecation") public static void main(String[] args) { JFrame jframe = new JFrame(); jframe.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); AxisCamera1 axPanel = new AxisCamera1(jframe); new Thread(axPanel).start(); jframe.getContentPane().add(axPanel); jframe.pack(); jframe.show(); } } Any suggestions what I am doing wrong here??

    Read the article

  • Allied Telesis router: IP filtering for the LOCAL interface

    - by syneticon-dj
    Given an Allied Telesis router with an AlliedWare OS (2.9.1) I would like to disable access to all management services of the router except for a number of subnets (or alternatively have what is a "management VLAN" with other manufacturers' switch and router models). What I have tried so far: creating a new VLAN and an appropriate IP interface, setting the LOCAL IP into this subnet, creating an IP filter for the IP interface and specifying my exclusion subnets: it simply does not work as intended as I can access the LOCAL IP set from any of the other VLAN interfaces - the traffic is apparently not going through my defined filter set at all creating a new IP filter set and binding it to the LOCAL IP interface: this seems not to affect any kind of traffic at all, the counters for the filter set remain at zero packets setting the Remote Security Officer Level IP address range: this only restricts the ability for a user with the Security Officer privilege level to log in from any but the specified address ranges / subnets. Unfortunately, it does not prevent service availability (and thus DoS capacity) or the ability to log in as a less privileged user (e.g. a "manager") calling technical support: unfortunately no solution so far What I have not tried: creating a filter set for each and every IP interface defined on the router and excluding access to the router's management IP: I would like to reduce the overhead induced by IP filters as the router already is CPU-constrained at times. Setting up filters for every IP interface would mean that each and every traffic packet would have to pass the filters, thus consuming CPU cycles. If by any means possible, I would like to find a different solution.

    Read the article

  • How to use iptables to forward all data from an IP to a Virtual Machine

    - by jro
    OK, in an attempt to get some response, a TL;DR version. I know that the following command: iptables -A PREROUTING -t nat -i eth0 --dport 80 --source 1.1.1.1 -j REDIRECT --to-port 8080 ... will redirect all traffic from port 80 to port 8080. The problem is that I have to do this for every port that is to be redirected. To be future-proof, I want all ports for an IP to be redirected to a different (internal) IP, so that if one might decide to enable SSH, they can directly connect without worrying about iptables. What is needed to reliable forward all traffic from an external IP, to an internal IP, and vice versa? Extended version I've scoured the internet for this, but I never got a solid answer. What I have is one physical server (HOST), with several virtual machines (VM) that need traffic redirected to them. Just getting it to work with a single machine is enough for now. The VM's run under VirtualBox, and are set to use a host-only adapter (vboxnet0). Everything seems to work, but it is greatly lagging. Both the host (CentOS 5.6) and the guest (Ubuntu 10.04) machine are running Linux. What I did was the following: Configure the VM to have a static IP in the network of the vboxnet0 adapter. Add an IP alias to the host, registering to the dedicated (outside) IP. Setup iptables to allow traffic to come through (via sysctl). Configure iptables to DNAT and SNAT data from a given IP address to the internal address. iptables commands: sudo iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT sudo iptables -A POSTROUTING -t nat -j MASQUERADE iptables -t nat -I PREROUTING -d $OUT_IP -I eth0 -j DNAT --to-destination $IN_IP iptables -t nat -I POSTROUTING -s $IN_IP -o eth0 -j SNAT --to-source $OUT_IP Now the site works, but is really, really slow. I'm hoping I missed something simple, but I'm out of ideas for now. Some background info: before this, the site was working with basic port forwarding. E.g. port 80 was mapped to port 8080 using iptables. In VirtualBox (having the network adapter configured as NAT), a port forwarding the other way around made things work beautifully. The problem was twofold: first, multiple ports needed to be forwarded (for admin interfaces, https, ssh, etc). Second, it only allowed one IP address to use port 80. To resolve things, multiple external IP addresses are used for different (sub)domains. Likewise, the "VirtualBox" network will contain the virtual machines: DNS Ext. IP Adapter VM "VirtalBox" IP ------------------------------------------------------------------ a.example.com 1.1.1.1 eth0:1 vm_guest_1 192.168.56.1 b.example.com 2.2.2.2 eth0:2 vm_guest_2 192.168.56.2 c.example.com 3.3.3.3 eth0:3 vm_guest_3 192.168.56.3 And so on. Put simply, the goal is to channel all traffic from a.example.com to vm_guest_1 (of put differently, from 1.1.1.1 to 192.168.56.1). And achieve this with an acceptable speed :).

    Read the article

  • Learn to Take a Punch, Learn to Counter, Keep Moving Forward

    - by D'Arcy Lussier
    Originally posted on: http://geekswithblogs.net/dlussier/archive/2013/10/28/154483.aspxDuring a boxing workout a few months ago our trainer had us do something called “breadbaskets”. That’s where you hold your arms up and a partner punches you in your midsection – your breadbasket. I put my arms up, and braced for impact. The trainer came over, saw I was a bit nervous, and coached me through. I can see the fear in your eyes. Don’t be afraid to take the punch. Tighten your core, breathe through the hit. Don’t panic. Over the summer we’d do counter drills as well. This is where a partner throws a punch, you defend but also throw one back – a counter punch. You never just sit back and take a beating, you deflect the blow and come back with one more powerful. These lessons on fighting can apply to all aspects of our lives and any attempts at success that we have. I saw this image recently and agree with it 100%: Success is never a straight forward line. It’s messy, its wrought with failures, its learning over time and applying those life lessons. It’s learning how to take punches and lose your fear, its seeing a punch coming and countering it, but most of all its not giving up and continually moving forward. We do stairs at boxing, which is running up and down three flights of stairs. I’m not anywhere near incredible shape and after doing multiple stairs in a single workout you can feel gassed, tired, even discouraged after hitting the second floor and seeing everyone else running by you. I read a quote from Martin Luther King Jr. that I cling to throughout my day: You want to be successful? Take the punches, but learn how to take them. Counter them. and no matter what, always move forward.

    Read the article

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >