Search Results

Search found 1815 results on 73 pages for 'steve bennett'.

Page 23/73 | < Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >

  • Setup routing and iptables for new VPN connection to redirect **only** ports 80 and 443

    - by Steve
    I have a new VPN connection (using openvpn) to allow me to route around some ISP restrictions. Whilst it is working fine, it is taking all the traffic over the vpn. This is causing me issues for downloading (my internet connection is a lot faster than the vpn allows), and for remote access. I run an ssh server, and have a daemon running that allows me to schdule downloads via my phone. I have my existing ethernet connection on eth0, and the new VPN connection on tun0. I believe I need to setup the default route to use my existing eth0 connection on the 192.168.0.0/24 network, and set the default gateway to 192.168.0.1 (my knowledge is shaky as I haven't done this for a number of years). If that is correct, then I'm not exactly sure how to do it!. My current routing table is: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface MSS Window irtt 0.0.0.0 10.51.0.169 0.0.0.0 UG 0 0 0 tun0 0 0 0 10.51.0.1 10.51.0.169 255.255.255.255 UGH 0 0 0 tun0 0 0 0 10.51.0.169 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 0 0 0 85.25.147.49 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 0 0 0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0 0 0 0 192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 0 0 0 After fixing the routing, I believe I need to use iptables to configure prerouting or masquerading to force everything for destination port 80 or 443 over tun0. Again, I'm not exactly sure how to do this! Everything I've found on the internet is trying to do something far more complicated, and trying to sort the wood from the trees is proving difficult. Any help would be much appreciated. UPDATE So far, from the various sources, I've cobbled together the following: #!/bin/sh DEV1=eth0 IP1=`ifconfig|perl -nE'/dr:(\S+)/&&say$1'|grep 192.` GW1=192.168.0.1 TABLE1=internet TABLE2=vpn DEV2=tun0 IP2=`ifconfig|perl -nE'/dr:(\S+)/&&say$1'|grep 10.` GW2=`route -n | grep 'UG[ \t]' | awk '{print $2}'` ip route flush table $TABLE1 ip route flush table $TABLE2 ip route show table main | grep -Ev ^default | while read ROUTE ; do ip route add table $TABLE1 $ROUTE ip route add table $TABLE2 $ROUTE done ip route add table $TABLE1 $GW1 dev $DEV1 src $IP1 ip route add table $TABLE2 $GW2 dev $DEV2 src $IP2 ip route add table $TABLE1 default via $GW1 ip route add table $TABLE2 default via $GW2 echo "1" > /proc/sys/net/ipv4/ip_forward echo "1" > /proc/sys/net/ipv4/ip_dynaddr ip rule add from $IP1 lookup $TABLE1 ip rule add from $IP2 lookup $TABLE2 ip rule add fwmark 1 lookup $TABLE1 ip rule add fwmark 2 lookup $TABLE2 iptables -t nat -A POSTROUTING -o $DEV1 -j SNAT --to-source $IP1 iptables -t nat -A POSTROUTING -o $DEV2 -j SNAT --to-source $IP2 iptables -t nat -A PREROUTING -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark iptables -t nat -A PREROUTING -i $DEV1 -m state --state NEW -j CONNMARK --set-mark 1 iptables -t nat -A PREROUTING -i $DEV2 -m state --state NEW -j CONNMARK --set-mark 2 iptables -t nat -A PREROUTING -m connmark --mark 1 -j MARK --set-mark 1 iptables -t nat -A PREROUTING -m connmark --mark 2 -j MARK --set-mark 2 iptables -t nat -A PREROUTING -m state --state NEW -m connmark ! --mark 0 -j CONNMARK --save-mark iptables -t mangle -A PREROUTING -i $DEV2 -m state --state NEW -p tcp --dport 80 -j CONNMARK --set-mark 2 iptables -t mangle -A PREROUTING -i $DEV2 -m state --state NEW -p tcp --dport 443 -j CONNMARK --set-mark 2 route del default route add default gw 192.168.0.1 eth0 Now this seems to be working. Except it isn't! Connections to the blocked websites are going through, connections not on ports 80 and 443 are using the non-VPN connection. However port 80 and 443 connections that aren't to the blocked websites are using the non-VPN connection too! As the general goal has been reached, I'm relatively happy, but it would be nice to know why it isn't working exactly right. Any ideas? For reference, I now have 3 routing tables, main, internet, and vpn. The listing of them is as follows... Main: default via 192.168.0.1 dev eth0 10.38.0.1 via 10.38.0.205 dev tun0 10.38.0.205 dev tun0 proto kernel scope link src 10.38.0.206 85.removed via 192.168.0.1 dev eth0 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.73 metric 1 Internet: default via 192.168.0.1 dev eth0 10.38.0.1 via 10.38.0.205 dev tun0 10.38.0.205 dev tun0 proto kernel scope link src 10.38.0.206 85.removed via 192.168.0.1 dev eth0 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.73 metric 1 192.168.0.1 dev eth0 scope link src 192.168.0.73 VPN: default via 10.38.0.205 dev tun0 10.38.0.1 via 10.38.0.205 dev tun0 10.38.0.205 dev tun0 proto kernel scope link src 10.38.0.206 85.removed via 192.168.0.1 dev eth0 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.73 metric 1

    Read the article

  • "Sent on behalf" not appearing when delegates sending mails

    - by New Steve
    Ringo is a delegate of Paul's mailbox in Exchange, but when Ringo sends mail from Paul's mailbox, the recipient sees "Paul" in the sender field, rather than "Paul Sent On Behalf Of Ringo" Paul has set "Editor" permissions for Ringo to his mailbox, and Ringo has been granted "Send on behalf of" permissions in Exchange. Ringo did at one time have "Send As" permissions for Paul's mailbox in Exchange, but this has since been removed. This is also the case for all other delegates to Paul's mailbox. How do I make it so that emails sent by Paul's delegates show the "Sent On Behalf Of" information in the Sender field? Using Exchange Server 2007 and Microsoft Office Outlook 2007

    Read the article

  • O'Reilly Safari Books Online and Sony Reader

    - by Steve
    I've accumulated a good collection of book snippets in pdf format from Safari Online and I was thinking about getting an ebook reader, specifically the Sony-PRS300, to hold them all for portable reference. If anyone has done this, two questions. Are there any DRM restrictions when the pdfs are put on the reader? I can't see any restrictions flat out in the pdfs on my notebook. There's a watermark that says the pdf is licensed to me. How good is the reader at rendering complex pdfs, with code snippets and illustrations? I read a previous post where it works fine in landscape mode. I can deal with that. Thanks in advance.

    Read the article

  • OS X Terminal lines don't go into scrollback

    - by Steve Madsen
    I have a problem that crops up when using Mac OS X's Terminal (TERM=xterm): sometimes it gets itself into a state where lines that scroll off the top are not added to the scrollback buffer. I'm not using screen or similar; this is a plain bash shell inside a Terminal tab. It doesn't do this immediately after opening a new tab. I believe it is a side-effect of something I've run in the problem tab. My guess is that it has something to do with the xterm emulation, possibly the scroll region. What hasn't worked: Soft and hard reset via the Shell menu Running reset in the tab Is there a reliable way to reset Terminal and/or the xterm state? Can anyone provide a explanation for what's happening, even if the only fix is to close the tab and open a new one?

    Read the article

  • Managing per-user rc.d init scripts

    - by Steve Schnepp
    I want to delegate SysV init scripts to each user. Like the SysV init, each item in ${HOME}/rc.d starting with S will be launched on server start-up with the start argument. The same for the server shut-down with the one starting with K and with the stop argument. I thought about scripting it myself, but maybe there is already some kind of implementation out there1. In summary it would be a script in /etc/init.d/ that iterates through all the users and launches runparts as the user on the relevant scripts. The platform here is a Linux (Debian flavour), but I think the solution would be quite portable among various Unix-like platforms. Update: The point here is for users to be able to create their own init scripts that should be launch on their behalf when the system boots up. As Dan Carley pointed out, the services won't be able to access any system asset (priviledged ports, system logs, ...). 1. This way I don't have to think that much about all the subtle security implications such as script timeouts for example...

    Read the article

  • Terminology: Bounce versus restart

    - by Steve Kuo
    I've always heard and used the term "reboot" or "restart" to indicate restarting a server, service or software module. "reboot the server" "restart Tomcat" "restart the XYZ service" Does "bounce" mean something different or is it just a duplicate term for restart? How is "bounce" any different than restart or reboot?

    Read the article

  • PHP at the root directory using Ngnix on Linode and Ubuntu 12.04

    - by Steve Kinney
    I originally set up my Linode to use it with the Sinatra applications using Phusion Passenger that I was developing and I have it working great for that. However, as time goes on, I find myself needing just a wee bit of PHP to do a server-side thing here or there. My basic set up was based off of this Linode recipe (I copied and pasted the parts that I needed—I did not install Redis and Node). If I go to http://scholarsnyc.com/index.php everything works great. If I just go the base URL however, I get a 403 Forbidden error (I have a vanilla HTML page there for now). I've played with file permissions and the same file will work if I call it directly. I've done my homework and nothing I try seems to work. I'm sure there is an obvious error. I'm also sure that there are some rookie mistakes in my Nginx configuration (some of those mistakes are the artifacts of trying different fixes from my research. user www-data www-data; worker_processes 1; events { worker_connections 1024; } upstream php { server 127.0.0.1:9001; } http { passenger_root /usr/local/lib/ruby/gems/1.9.1/gems/passenger-3.0.12; passenger_ruby /usr/local/bin/ruby; include mime.types; default_type application/octet-stream; index index.php index.html index.htm; sendfile on; keepalive_timeout 65; server { server_name localhost scholarsnyc.com www.scholarsnyc.com; root /srv/www/scholarsnyc.com/public; location / { index index.php; } location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } server { server_name data.scholarsnyc.com; root /srv/www/data.scholarsnyc.com/public; passenger_enabled on; } server { server_name tech.scholarsnyc.com; root /srv/www/tech.scholarsnyc.com/public; location / { root /srv/www/tech.scholarsnyc.com/public; index index.php index.html index.htm; } } } Any other optimizations are also appreciated. I literally don't know what to do at this point.

    Read the article

  • Sensitive data in init scripts

    - by Steve Jorgensen
    I'm adapting some examples I've found by Googling to build an init script to run a VirtualBox OSE virtual machine as a daemon. I would like to specify a password for VNC access to the VM, and this must be given as an argument to the VBoxHeadless command. Conventionally, init scripts are readable by standard users, and this seems like a useful convention, but I also don't want the VNC password for this VM to be stored in easily accessible plain text. What's the most appropriate/conventional way to handle this kind of situation? Maybe put a root-readable supporting data file someplace, and have the init script load the value from there?

    Read the article

  • Intermittent 5.7.1 email bounce to Exchange 2007

    - by Steve Kennaird
    My knowledge of Exchange isn't particularly great, so excuse me if some of the terminology I use isn't quite right. I'm primarily a web developer who's now responsible for a small business's network. We have a server running SBS 2008 and Exchange 2007. Generally, everything works well, emails are able to be sent to both internal and external domains without issue. We've only got ~20 users, Exchange is sitting on a single server. I use SendGrid to send emails generated by our externally hosted website to users in the office. Primarily, order notifications are sent to [email protected]. Without any pattern and less than once per week on average, an email to [email protected] will bounce back, and the logs on SendGrid detail the following error: 550 5.7.1 Unable to relay for [email protected] Either side of that failed delivery attempt, I'm able to send and receive emails to/from [email protected]. Having done some research, incorrect reverse DNS seems like it could be a cause of intermittent bounces like this. Having used nslookup, I have found that the reverse DNS doesn't map like it should, e.g. Office IP: 135.325.351.123 (made up IP, for example only) Domain: office.somedomain.com (made up, for example only) Reverse DNS: somedomain.gotadsl.co.uk (half made up) Could this be a cause? I'm sure that the IP address and the domain should map to each other. Also, it has been suggested to me that as the Exchange server is on a network with an ADSL connection, that could be a potential cause as the connection "goes up and down all day long". I don't have an opinion on this, as I don't have enough knowledge of Exchange/ADSL to form a reliable opinion. Can anyone offer any insight as to whether one or both are actually potential causes, or if there is another possible cause?

    Read the article

  • How to fetch a cpu status thought net-snmp

    - by Steve.DC.Tang
    I want to fetch a device's cpu and memory status thought net-snmp. I get my device's info with this command: snmpwalk -v 2c -c public 210.38.xxx.xxx system And I got this info: SNMPv2-MIB::sysDescr.0 = STRING: Ruijie High-density IPv6 10G Core Routing Switch(S8606) By Ruijie Network SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.4881.1.1.10.1.43 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1978814424) 229 days, 0:42:24.24 SNMPv2-MIB::sysContact.0 = STRING: SNMPv2-MIB::sysName.0 = STRING: S8606 SNMPv2-MIB::sysLocation.0 = STRING: SNMPv2-MIB::sysServices.0 = INTEGER: 7 Now I want to fetch the cpu status, and I search my question on Google, somebody offer a oid for query the cpu status: snmpwalk -v 2c -c public 210.38.xxx.xxx usageOfCPU But it doesn't worked : No log handling enabled - using stderr logging usageOfCPU: Unknown Object Identifier (Sub-id not found: (top) - usageOfCPU) Somebody told me some switch has its private MIB, and you can use it to see its CPU status, is that right? I hope someone can solve me question......

    Read the article

  • IMCEMAILTO and exghost

    - by Steve
    One of my associates sent an email to me that was also sent to a client. The client's email address appears to be mangled, however. He says he sent it twice---the first one bounced and the second did not. The email address he sent it to was: [email protected] My searches on Google indicate that the MAILTO could be a bad protocol but I didn't know how the email address would be interpreted by exchange server. What email address was the email sent to, how did IMCEMAILTO get there, and does it have any change of getting delivered?

    Read the article

  • What causes XP to lose the clipboard?

    - by Steve
    A few times lately I've been getting the error "Cannot open clipboard" when trying to paste. Can I get it back without re-booting? I've been using Arsclip for years as a clipboard enhancement. I'm not convinced that causes the problem as it persists even when I close it.

    Read the article

  • How to recover a USB flash drive

    - by Steve Rowe
    I have a USB flash drive that claims it needs to be formatted every time I put it into my computer (Windows). Yesterday the drive was healthy and had data on it. The data is probalby still there. Are there any free tools to restore the drive? If not free, what tools are known to work in this situation?

    Read the article

  • iSCSI Disconnects every 30 minutes

    - by Steve Evans
    Every 30 minutes, almost by clockwork, a get the following error on my Windows 2008 R2 servers: Log Name: System Source: MSiSCSI Event ID: 113 Level: Warning Description: iSCSI discovery via SendTargets failed with error code 0xefff0003 to target portal *10.2.62.3 0003260 B06BDRV\L4SC&PCI_163A14E4&SUBSYS_045F1028&REV_20\5&cabe3b7&0&30050200_0 I have 12 identically built servers connected to this iSCSI network and they are all seeing this issue. I've updated drivers and firmware levels without any change. Any other obvious things I should try before engaging my network team and the vendors.

    Read the article

  • Where to find a list of bad passwords?

    - by Steve Morgan
    I need to implement a 'stop list' to prevent users selecting common passwords in a new online service. Can anyone point me to such a list online anywhere? Edited: Note that I'm only trying to eliminate the most common passwords, not an exhaustive dictionary. And, of course, this complements a reasonably strong password policy (length, use of non-alpha characters, etc.) Thanks.

    Read the article

  • CentOS Vs Windows Server 2008

    - by Steve
    Hi, Apologies if the question appears ambiguous, I have little experience in this area and was after some informed opinions. I am deploying a test scenario of a server/client network and need to make some choices for Server. The client will be a Windows system as it meets the requirements for the client, the server choice has more room for selection. From my experience with Linux in general and the appealing nature of open source for low cost, security etc and the availability and performance of database and web server programs I have been considering CentOS as a server choice. I have the ability to make most of the choices of what software / server packages I wish to install. This includes Active Directory (something I have no experience with). How well does this operate with Windows clients? Am I being too selective and creating unnecessary complication by setting out not to use a Windows Server OS?

    Read the article

  • Mini keyboard has no home/end keys; how to type them?

    - by Steve Crane
    Some months ago I needed a small keyboard and bought an Okion KM229 without noticing that it has no Home or End key. This makes it tricky to type as I'm so used to using these keys. I haven't yet figured out if there is a key combination that issues Home and End keystrokes. Does anyone have experience of these keyboards and know how to issue those keystrokes? The keyboard is used on a PC running Windows XP. I have used the contact form on the Okion USA web site to ask this question but received no response. Wikipedia suggests that Home and End keystrokes are issued with Fn-Left and Fn-Right on some limited size keyboards. I may have tried those but don't remember for sure. I will try them again though when I am on site again in a week or so. Any other thoughts would be welcomed in the meantime.

    Read the article

  • Why can't I physically access my machine after a remote session?

    - by Steve Crane
    I have a Dell Optiplex 960 desktop running Windows 7 64-bit at work. I typically leave it locked rather than logged off when I go home, so that I'm able to remote in from home and continue working if I wish. This is where the problem comes in. If I don't remote in there is no problem and I can simply unlock the next morning. It's when I do remote in that I have a problem. Remote sessions work as expected but when I get to work the next morning the machine appears to have gone into a sleep or hibernate state, from which no amount of mouse moving or keyboard pounding will wake it. The machine is not hanging as remote sessions to it are still possible; it seems that physical access from it's own mouse and keyboard are lost. The only way to gain access is to press and hold the power switch for several seconds until the machine shuts down. Of course this means Windows does not gracefully shut down and after powering up it takes several minutes for the machine to boot and reach the login prompt; presumably while it checks the disk. Has anyone else seen something like this?

    Read the article

  • Apache Virtual host (SSL) Doc Root issue

    - by Steve Hamber
    I am having issues with the SSL document root of my vhosts configuration. Http sees to work fine and navigates to the root directory and publishes the page fine - DocumentRoot /var/www/html/websites/ssl.domain.co.uk/ (as specified in my vhost config) However, https seems to be looking for files in the main apache document root found further up the httpd.conf file, and is not being overwritten by the vhost config. (I assume that vhost config does overwrite the default doc root?). DocumentRoot: The directory out of which you will serve your documents. By default, all requests are taken from this directory, but symbolic links and aliases may be used to point to other locations. DocumentRoot "/var/www/html/websites/" Here is my config, I am quite a new Linux guy so any advise is appreciated on why this is happening!? NameVirtualHost *:80 NameVirtualHost *:443 <VirtualHost *:443> ServerAdmin root@localhost DocumentRoot /var/www/html/websites/https_domain.co.uk/ ServerName ssl.domain.co.uk ErrorLog /etc/httpd/logs/ssl.domain.co.uk/ssl.domain.co.uk-error_log CustomLog /etc/httpd/logs/ssl.domain.co.uk/ssl.domain.o.uk-access_log common SSLEngine on SSLOptions +StrictRequire SSLCertificateFile /var/www/ssl/ssl_domain_co_uk.crt SSLCertificateKeyFile /var/www/ssl/domain.co.uk.key SSLCACertificateFile /var/www/ssl/ssl_domain_co_uk.ca-bundle </VirtualHost> <VirtualHost *:80> ServerAdmin root@localhost DocumentRoot /var/www/html/websites/ssl.domain.co.uk/ ServerName ssl.domain.co.uk ErrorLog /etc/httpd/logs/ssl.domain.co.uk/ssl.domain.xo.uk-error_log CustomLog /etc/httpd/logs/ssl.domain.co.uk/ssl.domain.xo.uk-access_log common </VirtualHost>

    Read the article

  • Connecting a DVI splitter

    - by Steve Carter
    Hi I am trying to use a DVI splitter so I can use either my pc monitor or my TV which is close to the pc, Both monitors work fine if the splitter is connected after the pc has booted up, But if the pc is re booted both the monitors show a blank screen after saying there is no signal. I have been told it could be because the monitors are working on different resolutions is this the case, If so how can I cure the problem without having to keep changing the res on TV monitor

    Read the article

  • IE 8 doesn't appear to clear cache on demand. Is anyone else seeing this?

    - by Steve
    I have a client that uploads updated pdf files to her Concrete5 CMS, through the file manager, replacing the old file with the same name. She then does a cms "clear cache" and exits as she should. Then, in testing, she finds that the old file still comes up when clicking on the link. On further review, the cms file manager version tracking shows that the file has been updated, and, for me, the new file comes up, as it should, when clicking the link. My client hase also refreshed her browser cache and still, she only gets the old file when clicking on the link. She says that, while she can't seem to force an immediate cache update, overnight it appears to update. My client is also part of a large company-wide lan and intranet. Is it possible that there is a cache function placed outside of her local browser and cms cache that is not updating?

    Read the article

  • Lagging digital tv over ethernet

    - by Steve
    I have a HD Home Run TV over ethernet device, which connects the aerial to my router, and from there the router connects to my PC over about 15m of 100Mbps ethernet cable. The TV output lags every second. It does not do so for a computer much closer to the router. It is odd to me that the network rate is around 7Mbps on a 100Mbps cable. I am not downloading or streaming anything else on the affected computer. Is this lag caused by the speed of the cable, the length of the cable, or interference on the cable? I am considering swapping the ethernet cable with shielded ethernet cable.

    Read the article

  • VMM 2012 Adding Hosts in Trusted Forest

    - by Steve Evans
    I have two forests with a two way trust between them. VMM 2012 sits in ForestA and I can discover hosts in ForestA with no issue. When I try to discover hosts in ForestB I hit one of two issues: If I go through the GUI or use Powershell just like I normally do I get the following error on the job: Error (10407) Virtual Machine Manager could not query Active Directory Domain Services. Recommended Action Verify that the domain name and the credentials, if provided, are correct and then try the operation again. It doesn't matter which account I use. I've tried accounts from both forests, with Admin/Domain Admin permissions all over the place, etc Going through the GUI (can't find the switch in Powershell to duplicate this), I check the box "Skip AD Verification" and it causes the GUI to crash during discovery. I found an article (http://technet.microsoft.com/en-us/library/gg610641.aspx) that describes how to add a host in a disjoint namespace (even though that doesn't apply to me) and it says that VMM creates an SPN if one does not exist. So I verified that the correct SPN's exist in ForestB, that did not help the issue. I have a case open with PSS but they are stuck. I have VMM traces if anyone would like to see them. Any suggestions or ideas?

    Read the article

< Previous Page | 19 20 21 22 23 24 25 26 27 28 29 30  | Next Page >