Search Results

Search found 16455 results on 659 pages for 'hosts allow'.

Page 23/659 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

• iptables to allow 80 and 443 on chillispot running ddwrt

  - by user76682

  I am having problems setting this up. this is what I am trying to do. I have Chillispot (hotpsot) running on dd-wrt. Everything is setup, but the client wants only 80 and 443 to go through through the hotspot. I found this tutorial for dd-wrt but that doesnt seem to work. http://www.dd-wrt.com/wiki/index.php/Iptables#Allow_HTTP_traffic_only_to_specific_domain.28s.29 Initially I tried to place the options at the top but didnt work. then i flushed the iptables and set only these three. I can see the pkts number grow but for some reason I can browse. root@DD-WRT:~# iptables -nvL FORWARD Chain FORWARD (policy ACCEPT 3105 packets, 2442K bytes) pkts bytes target prot opt in out source destination 1629 230K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,80,443 2346 2792K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 328 46420 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 Heres some info from the router, chillispot is the tun0 interface. root@DD-WRT:~# iptables -vnL FORWARD --line-numbers Chain FORWARD (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 ACCEPT 47 -- * vlan1 192.168.8.0/24 0.0.0.0/0 2 0 0 ACCEPT tcp -- * vlan1 192.168.8.0/24 0.0.0.0/0 tcp dpt:1723 3 32 1851 ACCEPT 0 -- tun0 * 0.0.0.0/0 0.0.0.0/0 state NEW 4 0 0 ACCEPT 0 -- br0 br0 0.0.0.0/0 0.0.0.0/0 5 48 2408 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU 6 756 452K lan2wan 0 -- * * 0.0.0.0/0 0.0.0.0/0 7 756 452K ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 8 0 0 TRIGGER 0 -- vlan1 br0 0.0.0.0/0 0.0.0.0/0 TRIGGER type:in match:0 relate:0 9 0 0 trigger_out 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 10 0 0 ACCEPT 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 state NEW 11 0 0 DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 12 0 0 DROP 0 -- br0 * 0.0.0.0/0 0.0.0.0/0 13 0 0 DROP 0 -- * br0 0.0.0.0/0 0.0.0.0/0 The interfaces: root@DD-WRT:~# ifconfig -a br0 Link encap:Ethernet HWaddr 00:12:17:CF:80:5F inet addr:192.168.8.1 Bcast:192.168.8.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2371 errors:0 dropped:0 overruns:0 frame:0 TX packets:1862 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:259721 (253.6 KiB) TX bytes:254862 (248.8 KiB) br0:0 Link encap:Ethernet HWaddr 00:12:17:CF:80:5F inet addr:169.254.255.1 Bcast:169.254.255.255 Mask:255.255.0.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0 Link encap:Ethernet HWaddr 00:12:17:CF:80:5F UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5050 errors:0 dropped:0 overruns:0 frame:0 TX packets:2508 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1066410 (1.0 MiB) TX bytes:376001 (367.1 KiB) Interrupt:5 eth1 Link encap:Ethernet HWaddr 00:12:17:CF:80:61 UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1 RX packets:729 errors:0 dropped:0 overruns:0 frame:114693 TX packets:697 errors:2 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:107869 (105.3 KiB) TX bytes:473134 (462.0 KiB) Interrupt:4 Base address:0x1000 etherip0 Link encap:Ethernet HWaddr 1E:13:B7:09:CC:8C BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1 RX packets:18 errors:0 dropped:0 overruns:0 frame:0 TX packets:18 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1210 (1.1 KiB) TX bytes:1210 (1.1 KiB) teql0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 NOARP MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.182.1 P-t-P:192.168.182.1 Mask:255.255.255.0 UP POINTOPOINT RUNNING MTU:1500 Metric:1 RX packets:662 errors:0 dropped:0 overruns:0 frame:0 TX packets:587 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:10 RX bytes:92167 (90.0 KiB) TX bytes:427657 (417.6 KiB) vlan0 Link encap:Ethernet HWaddr 00:12:17:CF:80:5F UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2371 errors:0 dropped:0 overruns:0 frame:0 TX packets:1864 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:269558 (263.2 KiB) TX bytes:262680 (256.5 KiB) vlan1 Link encap:Ethernet HWaddr 00:12:17:CF:80:60 inet addr:10.3.2.47 Bcast:10.255.255.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2675 errors:0 dropped:0 overruns:0 frame:0 TX packets:645 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:705429 (688.8 KiB) TX bytes:102197 (99.8 KiB) The routing table: root@DD-WRT:~# netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 192.168.182.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0 10.3.2.0 0.0.0.0 255.255.255.0 U 0 0 0 vlan1 192.168.8.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 br0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 10.3.2.1 0.0.0.0 UG 0 0 0 vlan1 Highly appreciate your help. TIA, Arun

  Read the article

• Xforwarding doesn't allow for switching users

  - by Dan

  I'm ssh'd into a remote computer and xforwarding is working fine... but as soon as I "sudo su -" or "sudo su user2" it no longer Xforwards anything giving me the error: X11 connection rejected because of wrong authentication. xterm Xt error: Can't open display: localhost:10.0 Any Ideas? Thanks

  Read the article

• allow SSH to bypass VPN on OSX mavericks, openvpn, pf

  - by zycho42

  My home computer connects to the internet through an OpenVPN connection. However, I would like to be able to connect to my home computer from outside over ssh. Ssh is set up and working, but when I connect to the vpn ssh is only accessible from inside my home network. I figure what's going wrong is my router forwards incoming ssh connections to my mac, but then my mac replies over the vpn, so the connection from outside times out. I've got pf set up for a couple of other things, but I can't figure out how to let the ssh replies bypass the vpn using pf. I've come across other solutions that use ip tables, routing tables and rules, but I can't figure out how to set that up on mavericks. I've been searching for this for a while now but I haven't found a working solution. Any help would be greatly appreciated!

  Read the article

• Window 7 image in vmware will allow network connection out but not http

  - by Ormis

  I am currently trying to create a set of images to deploy on my network, but I've run in to a snag. When I create my own Windows 7 image I can successfully use NAT for connecting to the network but whenever I try to access a webpage I get nothing. To be more specific, All firewalls/iptables are disabled on my host machine, my virtual machine, and my network. I can do lookups and all addresses respond correctly (i'm even using Google's DNS). On the host OS i have full connectivity. On the virtual machine I can ping any device I want and all addresses resolve correctly. Within a browser I cannot reach any page via hostname or IP. I feel almost like port 80 is being blocked but i can't find any reason this would be the case. If anyone has had this occur before, I would love some insight to the problem. I understand this question is a bit out of the norm for stackoverflow, but I've run out of ideas. Thank you for any help you can provide.

  Read the article

• AD GIT SELinux RHEL 6 : Can not get SELinux to allow connetion to git

  - by Johan Sörell

  I have a problem with SELinux! I have installed git on Red Hat Enterprise 6 with AD group control and SSL Cert . Everything works fine if I do setenforce 0 ( set SELinux in detection only mode ) or if I do semanage permissive -a httpd_t (Set httpd_t in detection only mode) I do not want to use this on my git production server. Is there anyone out there who can help we with SELinux? Below is some info that you might need to be able to help me: All help I can get would be apriciated: This is the output of ls -lZa /preproduction/git/repositories/ ls -lZa /preproduction/git/repositories/ drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 . drwxr-xr-x. apache apache unconfined_u:object_r:file_t:s0 .. drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 playground drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 shamrock.git drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 test Here is the out put of getsebool -a |grep -i httpd getsebool -a |grep -i httpd allow_httpd_anon_write --> off allow_httpd_mod_auth_ntlm_winbind --> off allow_httpd_mod_auth_pam --> off allow_httpd_sys_script_anon_write --> off httpd_builtin_scripting --> on httpd_can_check_spam --> off httpd_can_network_connect --> off httpd_can_network_connect_cobbler --> off httpd_can_network_connect_db --> off httpd_can_network_memcache --> off httpd_can_network_relay --> off httpd_can_sendmail --> off httpd_dbus_avahi --> on httpd_enable_cgi --> on httpd_enable_ftp_server --> off httpd_enable_homedirs --> off httpd_execmem --> off httpd_read_user_content --> off httpd_setrlimit --> off httpd_ssi_exec --> off httpd_tmp_exec --> off httpd_tty_comm --> on httpd_unified --> on httpd_use_cifs --> off httpd_use_gpg --> off httpd_use_nfs --> off Tis is the status of : sestatus sestatus SELinux status: enabled SELinuxfs mount: /selinux Current mode: enforcing Mode from config file: enforcing Policy version: 24 Policy from config file: targeted

  Read the article

• Postfix allow relay with username and password

  - by Daniil Harik

  Hello, I have almost default configuration of Postfix How can I configure Postfix to ask for username/password before relaying mail from other than "mynetworks" IP's? Thank You very much

  Read the article

• Only allow ssh connections to a specific domain

  - by Jared

  Hi, I have a server setup with several domains and subdomains. I'd like to limit ssh and sftp access so a user can only connect to xxx.domain1.com but I'm not sure where this is configured. Connecting via ay other domain/subdomain on the server should be refused. Thanks, J

  Read the article

• Halt Netbackup from doing any Backups, but still allow Restore

  - by Kyle Brandt

  My backup system is currently shut down do the library being broken. I am going to attempt to repair the library, but want to make sure none of the current data that is past the retention period gets over written. Is there a simple way that I can start netbackup, but put a halt on any back processes before they start?

  Read the article

• MySQL: stopping just one DB to allow it to be moved

  - by DrStalker

  I want to do some work on the files that make up a few MySQL DBs (moving the files to a different partition and symlinking the original location to this) and if possible I'd like to shutdown just the database being moved, rather than shutting MySQL down altogether. Is there anyway in MySQL to do this, or will I need to do a full MySQL shutdown to be able to move the files?

  Read the article

• How can Hosting Providers allow .NET Full Trust?

  - by Alex

  I wondered how certain .NET hosting providers can safely grant full trust to their customers? Doesn't this open up everybody who is hosting with that company to potential safety issues? Or is there a way to safely restrict each customer, despite giving full trust, to "their" space without giving them the abiliy to bring down the system or spy on other customers?

  Read the article

• Proftpd: only allow one address

  - by tomkeim

  Hello, I am searching for it on Google, but i didn't find anything. Is there a way tho set up proftpd that it will only accept a connection on ftp.website.ext and not on website.ext or test.website.ext I am running proftpd on Debian 5 Tom

  Read the article

• Allow access to my server.

  - by Zachary Brown

  I have a server, did some of the programming myself. It ison my home network, but I need to be able to access it from anywhere over the internet. I have done the port forwarding like I am supposed to, but I still cant get to it from an outside computer. It just displays Internet Explorer cannot display the webpage. I don't know what else to do. I am on a Linksys WRT54G v8 router running ddWRT v24 micro firmware.

  Read the article

• Allow Single IP to access ASP.NET Web Service (ASMX) using Firewall

  - by Suresh Agrawal

  I have one asp.net web service (asmx) in separate project that is hosted on windows server having other asp.net web applications running on it. How can I restrict asp.net web service to be accessed by single IP address? I want that my web service must be accessed by one IP configured by me. If requests comes from any other IP, it must not reach to my web service and discarded by windows firewall itself. I know that this is something to do with windows firewall. I did it for SQL Server previously, but I don't know how to configure single asp.net web service project to do so.

  Read the article

• Windows 7 - Group Policy - Allow RDP Credentials to be Saved

  - by barfoon

  Hey everyone, Im trying to use RDP and save my credentials in a file so I dont have to entire it each time I connect. I remember doing it before and it involved changing a group policy setting. What exactly do I need to change in Group Policy within Windows 7 in the host & client machines to accomplish this? Thanks,

  Read the article

• Windows 7 - Group Policy - Allow RDP Credentials to be Saved

  - by barfoon

  Hey everyone, Im trying to use RDP and save my credentials in a file so I dont have to entire it each time I connect. I remember doing it before and it involved changing a group policy setting. What exactly do I need to change in Group Policy within Windows 7 in the host & client machines to accomplish this? Thanks,

  Read the article

• httpd.conf to allow specific connections for one site but any connection for another

  - by smotchkkiss

  I want to setup my apache2 to do the following. Listen for connections on example.com:80 and answer to any host Listen to connections on foo.example.com:80 and only answer to localhost Is this possible?

  Read the article

• How to allow IAM users to setup their own virtual MFA devices

  - by Ali

  I want to let my IAM users to setup their own MFA devices, through the console, is there a single policy that I can use to achieve this? So far I can achieve this through a number of IAM policies, letting them list all mfa devices and list users (so that they can find themselves in the IAM console and ... I am basically looking for a more straight forward way of controlling this. I should add that my IAM users are trusted users, so I don't have to (although it will be quite nice) lock them down to the minimum possible, so if they can see a list of all users that is ok.

  Read the article

• IMAP/POP won't send allow emails to outside- New Dell PowerEdge T310 running SBS 2011

  - by user779887

  I have a brand new out of the box Dell PowerEdge T310 running SBS 2011. Our employees at our remote offices can't send emails to recipients outside of our own domain. The workstations at the same location as the server aren't having any problem. I would at this time like to say "Thanks a lot" to the super-minds at Microsoft for protecting our email server from rogue computers attempting to send fake emails. (Silly me I thought proper login and password conventions would handle that.) I know this is something dealing with relaying but thus far nothing from any posts I've read have changed anything. Honestly, if someone is crafty enough to guess one of our login/password combos, let them send emails through our server I don't care!

  Read the article

• TeamViewer - only allow domain logins

  - by BloodyIron

  I recently started a Systems Admin job where teamviewer is used pretty frequently here. Another admin recently left, and the concern is they still have access to all our systems due to how teamviewer works. I want to migrate the entire environment to domain authentication. The documentation shows that setting up windows auth (domain) is easy, but I want to be sure that it is the only way to be authenticated with a teamviewer session here. I cannot yet find anything which explicitly says this. We have licensing for teamviewer 5 and 6, I think. Right now we have 7 in the environment, but I think most are in a trial version, so I am likely to revert to 5 or 6.

  Read the article

• Allow VMWare client to connect only via VPN

  - by Frank Meulenaar

  I have a VMWare (currently using Workstation on Vista, but thinking about switching to ESX) client with Windows XP. I've installed OpenVPN in the client and it connects to the corporate VPN server. I want to make sure that all traffic from the Windows XP machine goes trough this VPN tunnel, but I can't change any settings on the corporate VPN server. Is it possible to restrict the internet connectivity of the Windows XP client in such a way that it can only send packets to the IP of the corporate VPN server? In that way it'd be impossible for packets to bypass the tunnel. I've looked at NAT configurations but couldn't see how I could make this setup.

  Read the article

• Allow shell access from one ip only

  - by Master

  Is it possible to have root shell access from one particular ip only I am using centOS. i want that only one user can log in via shell from one ip only

  Read the article

• Allow opening a new tab with Ctrl+T on all websites in Firefox

  - by Martin J.H.

  In Firefox, certain websites and plugins (Adobe PDF Plugin) appear to "capture" the Control key, so that when I try to open a new tab using "Ctrl+t", nothing happens - or worse, something unexpected happens. Examples: On the Codecademy site, while editing code, Ctrl+T either does nothing, or (when Flash is disabled) switches the position of the two characters next to the cursor. When viewing PDF's with the Adobe PDF Plugin, Ctrl+T does nothing. Is there a way to disable this "feature"? I would like "Ctrl+t" to always "talk" to Firefox! Edit: After searching superuser deeper, this question is very similar to the questions: "How to prevent keystroke grabbing/hijacking by websites in Firefox?" "How do I prevent pages I visit from overriding selected Firefox shortcut keys?". The answers to these questions are interesting and relevant, but do not give a method on how to disable combinatinos such as "Ctrl+t". Maybe a modified Greasemonkey script is the easiest solultion. Edit 2 - Attempt at a solution The following UserScript (Use GreaseMonkey to install it) successfully captures Ctrl+t on some sites (Google Search site, for instance - PopUp "Gotcha" appears), but not on the Codecademy site. I found another question pertaining to this subject here: "How to forbid keyboard shortcut stealing by websites in Firefox". It was raised in 2010, and the consensus was: It can't be done. // ==UserScript== // @name Disable Ctrl T interceptions // @description Stop websites from highjacking keyboard shortcuts // // @run-at document-start // @include * // @grant none // ==/UserScript== // Keycode for 't'. Add more to disable other ctrl+X interceptions keycodes = [84]; var lastPressedButton = [0]; document.addEventListener('keydown', function(e) { //uncomment to find out the keycode for any given key // alert(e.keyCode ); if (keycodes.indexOf(e.keyCode) != -1 && e.ctrlKey) { e.cancelBubble = true; e.stopImmediatePropagation(); alert("Gotcha!"); } return false; });

  Read the article

• Allow incoming connections on Windows Server 2008 R2

  - by Richard-MX

  Good day people. First, im new to Windows Server. I've always used Linux/Apache combo, but, my client has and AWS EC2 Windows Server 2008 R2 instance and he wants everything in there. Im working with IIS and PHP enabled as Fast-CGI and everything is working, but, i cant see the websites stored in it from internet. The public DNS that AWS gave us for that instance is: http://ec2-XX-XXX-XXX-121.us-west-2.compute.amazonaws.com/ But, if i copy paste that address, i get nothing, no IIS logo or something like that. My common sense tells me that maybe the firewall could be blocking the access. Can anyone help me and tell where to enable some rules to get this thing working? I don't wanna start enabling rules at random and make the system insecure. If you need any additional info, you can ask me and i will provide it. Thanks in advance. UPDATE: Amazon EC2 display this: Public DNS: ec2-XX-XXX-XXX-121.us-west-2.compute.amazonaws.com Private DNS: ip-XX-XXX-XX-252.us-west-2.compute.internal Private IPs: XX.XXX.XX.25 In my test microinstance, i just to use the Public DNS address (the one that starts with "ec2") and it works like a charm (of course, the micro instance have its own Public DNS im not assuming same address for both instances...) However, for the large instance, i tried to do the same. Set up everything as in the micro instance but if i use the Public DNS, it doesnt load anything. Im suspicious about the Windows Firewall, but, the HTTP related stuff is enabled. What should i do to get access to the large instance? I don't want to set up the domain yet, i want access from an amazon url. 2ND EDIT: all fixed. Charles pointed that maybe Security Groups was not properly set up for the instance. He was right. Just added HTTP service to the rules and all works good.

  Read the article

• Easy shorewall question : allow ips to DNAT

  - by llazzaro

  Hello, At my home network I had a transparent proxy. This is the rule that forward all 80 traffic to my squid3.1 server at DMZ DNAT loc:!10.0.0.126 dmz:172.16.0.198:3128 tcp 80 - !172.16.0.198 Ok, I need to add more ips to avoid transparent proxy. I tried loc:!10.0.0.134,!10.0.0.126...but didnt work (also similars like [ip0,ip1]. I tried to google the answer cant find it (sorry no matches, not searching the right keywords) also I tried to read the docs, but they are really long (and indexes dont help me). Thanks!

  Read the article

• SendMail: allow authenticated users to bypass dnsbl checks

  - by FractalizeR

  Hello. How do I setup sendmail so that it does not apply dnsbl to authenticated SMTP users? One of our offices is using wireless internet and of course it's widely used by spammers. So, all of it's dynamic Ips already blacklisted by SpamHaus.

  Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >