Search Results

Search found 14544 results on 582 pages for 'ssh config'.

Page 237/582 | < Previous Page | 233 234 235 236 237 238 239 240 241 242 243 244  | Next Page >

• Route specific HTTP requests through pfSense OpenVPN

  - by DennisQ

  Hi, to start, I have very little knowledge on routes, iptables, etc. That said, here's what I'm trying to accomplish and where I think I'm stumped: Problem: We have an external website which we recently firewalled so it only accepts traffic from our office IP addresses. This works well at the office, but doesn't work for remote access through VPN as we don't route all traffic through OpenVPN. I would rather avoid forcing everyone to route all traffic through just to accommodate this one site. Environment: Main router box is running pfSense. Em0 is internal IP, Em1 is external. Internal net is 10.23.x and VPN is 10.0.8.0/24 I believe what I need to do is add a route to the VPN server config to send all traffic to that IP over the VPN tunnel. I think that part's working, but I don't get a response back, so I'm assuming that I need some NAT config on the VPN server to route the response back over the tunnel? What I've found so far is to try the following, but since this is a pfSense box on FreeBSD, I can't run iptables, etc. Make sure ip forwarding is enabled: echo 1 /proc/sys/net/ipv4/ip_forward Setup NAT back out: iptables -t nat -A POSTROUTING -s 10.0.8.0/24 -o em0 -j MASQUERADE Am I on the right path, and if so how do I accomplish this through pfSense UI or FreeBSD CLI? Thanks!

  Read the article

• NSclient++ NRPE issues

  - by Kyle

  I have had NSclient++ working with Nagios for a while now. Recently I started testing Nagwin just to see how it would work, out of pure curiosity. I stopped checking a test server with my main Nagios config, set NSclient++ to NRPE mode, and pointed Nagwin at it. It worked great for a few hours then suddenly I started seeing "UNKNOWN: No Handler for that command." I figured it has to be Nagwin's fault since it's so new, I'll just unload NRPElistner.dll and return my server to being monitored by check_NT. However now check_NT doesn't work my main Nagios server returns timeout errors and is unable to connect at all. My Nagwin server can connect to it, the server just doesn't know how to handle the check_NRPE commands even though it did with no changes a few hours earlier. I have been working on this for a day now and am fairly certain it is NSclient++ who is to blame here. My nagwin box has successfully stayed connected to a similar server throughout the night, without any issues. And my main Nagios config is not having any problems at all. I have been able to successfully switch another server between being monitored by nagios and nagwin without any problems by simply loading and unloading the NRPE.dll. I have tried uninstalling NSclient++ and reinstalling with fresh configuration but still receive the errors. As of now the firewall is off on the server, NSclient++ is setup to accept connection from any server, there is no password, I have also turned ssl off, and the NRPE module is loaded. Any Ideas would be appreciated, I am not an advanced Nagios user but I do know my way around it and can easily break it down and set it up again. I also want to add that while in test mode NSclient++ is unable to handle check_NRPE commands there either.

  Read the article

• mdadm cron job sends email that cron has run

  - by Andrew

  I've got an Ubuntu 8.04 server using mdadm to create several RAID1 arrays. I created /etc/cron.hourly/mdadm as follows: #! /bin/sh set -e mdadm --monitor /dev/md0 /dev/md3 /dev/md4 --oneshot (Yes, the array numbers are not sequential, and I'm not using --scan beacuse I have a degraded array that may or may not have been used as swap and I can't delete, but I think that's a separate issue. If it's the underlying cause of this, I need to fix it.) mdadm sends me email (configured in the /etc/mdadm/mdadm.conf) on DegradedArray etc. events. This is the desired behaviour. What is not desired, and I can't work out, is why cron is sending me (relatively pointless) emails, via an alias in /etc/aliases: From: root@<hostname> (Cron Daemon) To: root@<hostname> Subject: Cron <root@<hostname>> cd / && run-parts --report /etc/cron.hourly Content-Type: text/plain; charset=ANSI_X3.4-1968 X-Cron-Env: <SHELL=/bin/sh> X-Cron-Env: <PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin> X-Cron-Env: <HOME=/root> X-Cron-Env: <LOGNAME=root> Message-Id: <id@hostname> Date: Fri, 7 May 2010 13:17:01 +0930 (CST) /etc/cron.hourly/mdadm: mdadm: Monitor using email address "<root_alias@domain>" from config file I've got a dozen other servers behaving correctly (mdadm sends email, cron doesnt') with identical /etc/crontab files: # /etc/crontab: system-wide crontab # <snip comments> SHELL=/bin/sh PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin # m h dom mon dow user command 17 * * * * root cd / && run-parts --report /etc/cron.hourly <snip anacron jobs> Should I simply remove the --report, or is there something else in my cron config somewhere causing this?

  Read the article

• Re: How can Django/WSGI and PHP share / on Apache?

  - by Bogdan

  in response to: How can Django/WSGI and PHP share / on Apache? Hello, could you please post the complete config file from /sites-available I am having a problem seems like rewrite engine redirects all requests to django, so static and php files are not served and instead i see the django 404 page. If I get rid of rewrite rule then static files and php works. here is my apache config file from /sites-available <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot /home/www/django <Directory /> Options +FollowSymLinks ExecCGI Indexes AllowOverride None DirectoryIndex index.php AddHandler wsgi-script .wsgi </Directory> RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^(.*)$ /mysite.wsgi/$1 [QSA,PT,L] ~ and my .wsgi file: import site site.addsitedir('/home/user/.virtualenvs/url.com/lib/python2.6/site-packages') import os, sys path = '/home/www/django' if path not in sys.path: sys.path.append(path) os.environ['DJANGO_SETTINGS_MODULE'] = 'mysite.settings' sys.path.append(path + '/mysite') import django.core.handlers.wsgi _application = django.core.handlers.wsgi.WSGIHandler() import posixpath def application(environ, start_response): # Wrapper to set SCRIPT_NAME to actual mount point. environ['SCRIPT_NAME'] = posixpath.dirname(environ['SCRIPT_NAME']) if environ['SCRIPT_NAME'] == '/': environ['SCRIPT_NAME'] = '' return _application(environ, start_response) the document root directory on disk (/home/www/django) contains php files, images, and the mysite.wsgi file.. thanks for your help

  Read the article

• Debian Squeeze and exim4: cannot send mail

  - by Fernando Campos

  Hello guys, Got this error after install and config of exim4-daemon-light and mailutils packages on Debian Squeeze. This package is aimed to send automatic messages from websites, like email confirmation and stuff. Configuration after package install: dpkg-reconfigure exim4-config You'll be presented with a welcome screen, followed by a screen asking what type mail delivery you'd like to support. Choose the option for "internet site" and select "Ok" to continue. After many configuration sceens you can test mail with: echo "test message" | mail -s "test message" [email protected] Here is the response: root@server:/etc# echo "test message" | mail -s "test message" [email protected] 2011-03-02 20:34:59 1PuxRT-0001Aj-T9 Cannot open main log file "/var/log/exim4/mainlog": Permission denied: euid=101 egid=103 2011-03-02 20:34:59 1PuxRT-0001Aj-T9 <= root@debian U=root P=local S=331 2011-03-02 20:34:59 1PuxRT-0001Aj-T9 Cannot open main log file "/var/log/exim4/mainlog": Permission denied: euid=101 egid=103 exim: could not open panic log - aborting: see message(s) above Can't send mail: sendmail process failed with error code 1 There is no /var/log/exim4 directory on my server. I tried to create it, but it didn't work. Please, can someone help me? Best regards, Fernando

  Read the article

• wget not working with domain on local machine

  - by user568829

  Basically - I have some PHP scripts that need to be run as cron jobs. Lets say the script needing to be run is: http://admin.somedomain.com/cron_jobs/get_stats If I run the script from the local machine it gives me a 404 Not Found error. So I entered the following into /etc/hosts XX.XX.XX.45 admin.somedomain.com Now wget works fine from the local machine to that domain. However when I restart Apache that domain no longer works. Here is the config for that site in /etc/apache2/sites-available NameVirtualHost XX.XX.XX.45:80 <VirtualHost XX.XX.XX.45:80> ServerName admin.somedomain.com DocumentRoot /var/www/admin.somedomain.com/ <Directory "/var/www/admin.somedomain.com"> allowoverride all Options Indexes order deny,allow allow from all </Directory> ErrorLog /var/log/apache2/admin.somedomain.com-error_log CustomLog /var/log/apache2/admin.somedomain.com-access_log combined </VirtualHost> It just goes to the default site config showing "It Works". If I take out that setting in /etc/hosts and restart apache the website at that domain works fine again. Can anyone point me in the right direction here? Thanks

  Read the article

• RDS, RDWeb, and RemoteApp: How to use public certificate for launching apps on session host?

  - by Bret Fisher

  Question: How do i tell RDWeb to launch apps from remote.domain.com rather then host.internaldomain.local? Environment: Existing org with AD forest. New single Server 2012 running all Remote Desktop Services roles for session host. Used the new 2012 wizard to setup "QuickSessionCollection" with roles: RD Session Host RD Connection Broker RD Gateway RD Web Access RD Licensing Everything works with self-signed cert, but we want to prevent those. The users are potentially non-domain machines so sticking a private root cert for on their machines isn't an option. Every part of the solution needs to use public cert. Added public remote.domain.com cert to all roles using Server Manager GUI: RD Connection Broker - Enable Single Sign On RD Connection Broker - Publishing RD Web Access RD Gateway So now everything works beautifully except the last step: user logs into https://remote.domain.com user clicks a app icon, which in background downloads a .rdp file that is signed by remote.domain.com. .rdp is set to use RD Gateway, which is remote.domain.com .rdp says app is hosted on internal host.internaldomain.local, which doesn't match the RDP-tcp TLS cert of remote.domain.com, and pops a warning. It's this last step that I'd like to fix. Is there a config option in PowerShell, WMI, or .config to tell RDWeb/RemoteApp to use remote.domain.com for all published apps so the TLS cert for RDP matches what the Session Host is using? NOTE: This question talks about this issue, and this answer mentions how you might fix it in 2008, but that GUI doesn't exist in 2012 for RemoteApp, and I can't find a PowerShell setting for it. NOTE: Here's a screenshot of the setting in 2008R2 that I need to change. It tells RemoteApp what to use for the Session Host server name. How can I set that in 2012?

  Read the article

• Getting AWStats to work in Ubuntu 12.04

  - by koogee

  I'm new to apache and i'm trying to set up AWStats on my ubuntu 12.04 server. I've followed the guide at Ubuntu docs https://help.ubuntu.com/community/AWStats I set it up according to the instructions and awstats is able to generate initial stats from apache log successfully. I placed the links to awstats in the default virtual host file. However when I try to run http://server-ip-address:8080/awstats/awstats.pl, I get: Error: SiteDomain parameter not defined in your config/domain file. You must edit it for using this version of AWStats. Setup ('/etc/awstats/awstats.conf' file, web server or permissions) may be wrong. Check config file, permissions and AWStats documentation (in 'docs' directory). Here is my /etc/apache2/sites-available/default file: <VirtualHost *:8080> ServerAdmin webmaster@localhost DocumentRoot /home/saad/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /home/saad/www/> Options Indexes FollowSymLinks MultiViews AllowOverride AuthConfig Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> Alias /awstatsclasses "/usr/share/awstats/lib/" Alias /awstats-icon "/usr/share/awstats/icon/" Alias /awstatscss "/usr/share/doc/awstats/examples/css" ScriptAlias /awstats/ /usr/lib/cgi-bin/ Options ExecCGI -MultiViews +SymLinksIfOwnerMatch ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost> The only three variables I edited in /etc/awstats/awstats.conf are: LogFile="/var/log/apache2/access.log" SiteDomain="server-name.noip.org" HostAliases="localhost 127.0.0.1 server-name.no-ip.org" The apache server works fine and i'm able to access other pages stored on the server. Any guidance would be welcome.

  Read the article

• snort with barnyard2 not working on Fedora 12

  - by aHunter

  Has anyone come across this error with barnyard2 and snort? --== Initializing Barnyard2 ==-- Initializing Input Plugins! Initializing Output Plugins! Parsing config file "/etc/snort/barnyard2.conf" Log directory = /var/log/barnyard2 database: compiled support for (mysql) database: configured to use mysql database: schema version = 107 database: host = localhost database: user = test database: database name = snort database: sensor name = localhost:eth0 database: sensor id = 1 database: data encoding = hex database: detail level = full database: ignore_bpf = no database: using the "log" facility --== Initialization Complete ==-- ______ -*> Barnyard2 <*- / ,,_ \ Version 2.1.8 (Build 251) |o" )~| By the SecurixLive.com Team: http://www.securixlive.com/about.php + '''' + (C) Copyright 2008-2010 SecurixLive. Snort by Martin Roesch & The Snort Team: http://www.snort.org/team.html (C) Copyright 1998-2007 Sourcefire Inc., et al. WARNING: Ignoring corrupt/truncated waldofile '/var/log/snort/barnyard.waldo' Opened spool file '/var/log/snort/snort.log.1282004944' ERROR: Unknown record type read: 104 Fatal Error, Quitting.. Snort seems to be working correctly as I have managed to get logs via syslog but when I try to use the barnyard config via Unified2 it is not working. Presumably because of the above error. Thanks in advance.

  Read the article

• How do I access the web server on my desktop from my laptop?

  - by Steven

  I'm running Apache on my stationary and I would like to access a website through my laptop. This is some of the Apache config: NameVirtualHost 127.0.0.1:80 <VirtualHost 127.0.0.1:80> ServerName mysite.com DocumentRoot I:/wamp/www/mysite/ </VirtualHost> ServerName localhost:80 <Directory /> Options FollowSymLinks AllowOverride all Order deny,allow Deny from all </Directory> On my laptop I've added the following to the HOSTS file: 10.0.0.3 mysite.com But accessing the page through mysite.com is not very successfull. If I enter the IP address directly, I only get a Forbidden message. What do I need to do in order to get this to work? Update I'm runing WAMPSERVER 2.1 (Apache 2.2.17) Apache is up and running I can ping 10.0.0.3 from laptop I'm not able to ping http://mysite.com from laptop IE gives me a 403 Forbidden - The website declined to show this webpage The only log that get's entries when trying to access the website from my laptop, is access.log. access.log 10.0.0.4 - - [13/Jun/2011:10:14:04 +0200] "GET / HTTP/1.1" 403 202 apache_error.log [Mon Jun 13 10:08:16 2011] [error] VirtualHost localhost:0 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results UPDATE 2 My apache config has the following entry: AllowOverride all Order Deny,Allow Deny from all Allow from 127.0.0.1 Could it be that this Allow from is stopping other computers accessing the page?

  Read the article

• FreeBSD Traffic Shaping

  - by alexus

  Hi I'm trying to do traffic shaping with FreeBSD, here are my rules su-3.2# ipfw show | grep pipe 08380 1514852 125523804 pipe 1 tcp from any to any dst-port 80 su-3.2# ipfw pipe 1 show 00001: 2.000 Mbit/s 0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x00000000/0x0000 - 0x00000000/0x0000 BKT Prot ___Source IP/port____ ____Dest. IP/port____ Tot_pkt/bytes Pkt/Byte Drp 0 tcp 64.237.55.83/60598 72.21.81.133/80 6520267 1204533020 0 0 1216 su-3.2# first of all why when I run ipfw pipe 1 show i get same source and destination ip, that doesnt seem like ever change yet total packets/bytes increasing and most important question, after donig all that I'm looking at my MRTG stats and I see i'm very well over 2Mbit/s limit. what am I doing wrong? here is config file flush pipe flush pipe 1 config bw 2Mbit/s add 100 allow ip from any to any via lo0 add 200 deny ip from any to 127.0.0.0/8 add 300 deny ip from 127.0.0.0/8 to any add 8380 pipe 1 tcp from any to any src-port www uid daemon add 8380 pipe 1 tcp from any to any dst-port www uid daemon add 65000 pass all from any to any

  Read the article

• Changing externally visible IP on a multi-IP router?

  - by AlternateZ

  I work at a public library and I'm trying to configure OCLC's EzProxy software. I've run into a problem and I think it's related to our network config. I'm punching above my weight here a little so I need some help. I think I'm trying to configure a 1:1 NAT, but not sure how or if our hardware supports it. The EzProxy machine is on an internet line which supports multiple external IPs. Our router is a Billion BiGuard30. There's another server on this line, let's say its IP is x.x.x.9. The EzProxy machine is x.x.x.11 I've set up port forwarding from x.x.x.11 on the http ports to the EzProxy machine. Trying to browse to x.x.x.11 from an external PC works fine - we get to the EzProxy page we are serving. However, if we go to something like WhatIsMyIP from the EzProxy machine, it says that its IP is x.x.x.9. This causes problems with our user authentication software. How do we make the rest of the internet see that the machine is x.x.x.11? There doesnt seem to be any "outbound port forwarding" on the Billion router, nor is there any "1:1 NAT" options in its config webpage. The EzProxy machine is running Ubuntu 12.04, if that helps.

  Read the article

• NGINX SSI Not working

  - by Mike Kelly

  I'm having trouble getting SSI to work on NGINX. You can see the problem if you hit http://www.bakerycamp.com/test.shtml. Here is the contents of that file: <!--# echo hi --> If you hit this in a browser, you see the SSI directive in the content - so apparently NGINX is not interpreting the SSI directive. My NGINX config file looks like this: server { listen 80; server_name bakerycamp.com www.bakerycamp.com; access_log /var/log/nginx/bakerycamp.access.log; index index.html; root /home/bakerycamp.com; location / { ssi on; } # Deny access to all hidden files and folders location ~ /\. { access_log off; log_not_found off; deny all; } } I did not build NGINX from sources but installed it using apt-get. I assume it has the SSI module (since that is default) but perhaps not? Should I just bite the bullet and rebuild from sources? Is there anyway to tell if the installed NGINX supports SSI and my config is just wrong?

  Read the article

• Apache2, making my site publicly available

  - by Shackler

  Hello, I want to make my apache 2 development server public to the internet, it is a Django based website. Here is my apache2 config: <VirtualHost *:80> Alias /media /home/user/myproject/statics Alias /admin_media /home/myuser/django/Django-1.1.1/django/contrib/admin/media WSGIScriptAlias / /home/myuser/myproject/myproject_wsgi.py WSGIDaemonProcess myproject user=myuser group=myuser threads=25 WSGIProcessGroup myproject </VirtualHost> When I do netstat -lntup I get: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN - tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN - tcp6 0 0 :::80 :::* LISTEN - tcp6 0 0 :::22 :::* LISTEN - tcp6 0 0 ::1:631 :::* LISTEN - udp 0 0 0.0.0.0:5353 0.0.0.0:* - udp 0 0 0.0.0.0:38582 0.0.0.0:* I connect with ADSL thus I am behind a router. For this I have made my computer DMZ enabled to my machine. What can be the problem? When I try to login with my ip, I get my routers config page, when a friend tries to connect to me from internet, he gets "not authorized".

  Read the article

• Blocking requests from specific IPs using IIS Rewrite module

  - by Thomas Levesque

  I'm trying to block a range of IP that is sending tons of spam to my blog. I can't use the solution described here because it's a shared hosting and I can't change anything to the server configuration. I only have access to a few options in Remote IIS. I see that the URL Rewrite module has an option to block requests, so I tried to use it. My rule is as follows in web.config: <rule name="BlockSpam" enabled="true" stopProcessing="true"> <match url=".*" /> <conditions logicalGrouping="MatchAll" trackAllCaptures="false"> <add input="{REMOTE_ADDR}" pattern="10\.0\.146\.23[0-9]" ignoreCase="false" /> </conditions> <action type="CustomResponse" statusCode="403" /> </rule> Unfortunately, if I put it at the end of the rewrite rules, it doesn't seem to block anything... and if I put it at the start of the list, it blocks everything! It looks like the condition isn't taken into account. In the UI, the stopProcessing option is not visible and is true by default. Changing it to false in web.config doesn't seem to have any effect. I'm not sure what to do now... any ideas?

  Read the article

• Ubuntu 12.04 - Pound Reverse Proxy and Adobe Flex/Flash Auth

  - by James

  First time posting, I have a completely fresh install of ubuntu 12.04 Client as a reverse proxy gateway to our internal network. Our setup is we have one external ip but three domains we would like to point to various webservers on our internal network. It's not so much a load balancing issue or cacheing etc. Merely routing some Client browsers to a port 80 webpage (to adhere to some stricter corporate policies regarding placing port numbers after domain names). I have gone with pound and everything seems to be working fine. Static pages load etc. Everything is good with the exception of a Flash/Flex based WebClient for a Digital Asset Management program. The actual static page loads fine, it is just at the moment of entering credentials, be they correct or incorrect, and hitting login, there is no response whatsoever. Either a rejection or confirmation etc. So the request back to the internal server can't be getting through. I have googled extensively and there might be a solution in a crossdomain.xml file? Documentation isn't very clear. And we are not the authors of the DAM app, and have no control over the code on the Flash/Flex side. Questions: Is there a particular config file/solution for pound that allows Flash/Flex auth information to be forwarded? Is there another reverse proxy program (nginx?)that allows this type of config? Am I looking at this the entire wrong way, should Flash/Flex fundamentally not be allowed to have this access?

  Read the article

• Configuring vsftpd with nginx on Ubuntu 12.04 LTS

  - by arby

  I've attempted to configure a nginx / vsftpd server on Ubuntu 12.04 LTS (via amazon ec2) a couple times now, but I seem to keep making a mistake along the way. Currently, when I try to connect to my ftp server it takes a minute or so before it connects. Then when I issue a command, they all timeout with an operation failed error. Aside from these issues, I'm not completely confident with the file ownership & permissions or the configuration / settings. So, I think it's best if I just re-install and re-configure correctly. I believe the nginx installation comes with a default user of www-data:www-data and web root directory ownership by root:root. Vsftpd, however, needs to have a user created with the same group as the nginx user (www-data), and the same home directory as the nginx server (/usr/share/nginx/www), with g+w chmod permissions granted on that directory. The vsftpd.conf file should disable anonymous logins and enable local logins, file writing, and chroot local users. In my previous config, I had /bin/false set for the ftp user's shell and pam_shells.so disabled. I also had local_umask set to 0027. So, starting with a fresh ec2 instance, I've got: sudo apt-get install vsftpd sudo apt-get install nginx For the firewall I issued the command (not sure if necessary): sudo ufw allow ftp Which commands / config is recommended from here? I only need 1 ftp user that I can use to login with my ftp client to modify the single nginx web domain, which will need php & sql for WordPress.

  Read the article

• How to redirect all Internet traffic to OpenVPN Server

  - by JuliaS

  I have seen working solutions around the issue of forcing Internet traffic to go through the OpenVPN server but they are all done in Linux, all I want to know is how to add an entry to the route table in windows to make this happen. connectivity between the client and server is fine, my Windows 7 client can establish a connection to the Windows 2008 Server, but when established Internet traffic is still going from the local Windows 7 machine. Here are the details: Server: Windows 2008 Server with one NIC OpenVPN IP Address: 192.168.0.1 Local NIC IP Address (connects the server to the Internet): 10.242.69.107 Client: Windows 7 with one NIC OpenVPN IP Address: 192.168.0.2 ISP allocated IP Address: 10.0.8.2 (gateway 10.0.8.1) Server OpenVPN Config: dev tun ifconfig 192.168.0.1 192.168.0.2 secret static.key push "redirect-gateway def1" Client OpenVPN Config: remote xxx.xxx.com dev tun ifconfig 192.168.0.2 192.168.0.1 secret static.key I'm not an expert with adding routes...etc. I would be grateful if someone could let me know how to add this entry in my server/client route table. EDIT: Output from the client's netstat -rnv IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.0.8.1 10.0.8.2 20 10.0.8.0 255.255.255.252 On-link 10.0.8.2 276 10.0.8.2 255.255.255.255 On-link 10.0.8.2 276 10.0.8.3 255.255.255.255 On-link 10.0.8.2 276 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.0.0 255.255.255.252 On-link 192.168.0.2 286 192.168.0.2 255.255.255.255 On-link 192.168.0.2 286 192.168.0.3 255.255.255.255 On-link 192.168.0.2 286 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 10.0.8.2 276 224.0.0.0 240.0.0.0 On-link 192.168.0.2 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 10.0.8.2 276 255.255.255.255 255.255.255.255 On-link 192.168.0.2 286 ===========================================================================

  Read the article

• Conditionally changing MIME type in nginx

  - by Peter

  I'm using nginx as a frontend to Rails. All pages are cached as .html files on disk, and nginx serves these files if they exist. I want to send the correct MIME type for feeds (application/rss+xml), but the way I have so far is quite ugly, and I'm wondering if there is a cleaner way. Here is my config: location ~ /feed/$ { types {} default_type application/rss+xml; root /var/www/cache/; if (-f request_filename/index.html) { rewrite (.*) $1/index.html break; } if (-f request_filename.html) { rewrite (.*) $1.html break; } if (-f request_filename) { break; } if (!-f request_filename) { proxy_pass http://mongrel; break; } } location / { root /var/www/cache/; if (-f request_filename/index.html) { rewrite (.*) $1/index.html break; } if (-f request_filename.html) { rewrite (.*) $1.html break; } if (-f request_filename) { break; } if (!-f request_filename) { proxy_pass http://mongrel; break; } } My questions: Is there a better way to change the MIME type? All cached files have .html extensions and I cannot change this. Is there a way to factor out the if conditions in /feed/$ and /? I understand that I can use include, but I'm hoping for a better way. Putting part of the config in a different file is not that readable. Can you spot any bugs in the if conditions? I'm using nginx 0.6.32 (Debian Lenny). I prefer to use the version in APT. Thanks.

  Read the article

• Monit unable to start sidekiq on Opsworks server

  - by webdevtom

  I have used AWS Opsworks to create some servers. I have Sidekiq running as part of my Rails application. When I deploy Sidekiq restarts nicely. I am configuring Monit to watch the pid and start and stop Sidekiq if there are any issues. However when Monit trys to start Sidekiq I see that the wrong Ruby looks to be used. Oct 17 13:52:43 daitengu sidekiq: /usr/local/lib/ruby/gems/1.9.1/gems/bundler-1.3.4/lib/bundler/definition.rb:361:in `validate_ruby!': Your Ruby version is 1.8.7, but your Gemfile specified 1.9.3 (Bundler::RubyVersionMismatch) Oct 17 13:52:43 daitengu sidekiq: from /usr/local/lib/ruby/gems/1.9.1/gems/bundler-1.3.4/lib/bundler.rb:116:in `setup' Oct 17 13:52:43 daitengu sidekiq: from /usr/local/lib/ruby/gems/1.9.1/gems/bundler-1.3.4/lib/bundler/setup.rb:17 When I run the command from the cli Sidekiq launches correctly. $> cd /srv/www/myapp/current && RAILS_ENV=production nohup /usr/local/bin/bundle exec sidekiq -C config/sidekiq.yml >> /srv/www/myapp/shared/log/sidekiq.log 2>&1 & $> ps -aef |grep sidekiq root 1236 1235 8 20:54 pts/0 00:00:50 sidekiq 2.11.0 myapp [0 of 25 busy] My sidekiq.monitrc file check process unicorn with pidfile /srv/www/myapp/shared/pids/unicorn.pid start program = "/bin/bash -c 'cd /srv/www/myapp/current && /usr/local/bin/bundle exec unicorn_rails --env production --daemonize -c /srv/www/myapp/shared/config/unicorn.conf'" stop program = "/bin/bash -c 'kill -QUIT `cat /srv/www/myapp/shared/pids/unicorn.pid`'"

  Read the article

• external postfix forwarding to zimbra server

  - by Marko

  I want to migrate from my current mail server (old_server) for my domain mydomain.com. old_server setup is Postfix+LDAP+Cyrus. Now I want to migrate my domain mail to Zimbra server (zimbra), but I am considering option to leave current mail server working in the first phase, and then to only have subset of email addresses to be forwarded to zimbra server. It seems that zimbra refers this in their documentation as 'edge MTA'. Current config mydomain.com MX: old_server <---------- smtp send ----------> smtp receive New config mydomain.com MX: old_server zimbra <------------------------------------------- smtp send ----------> smtp receive ---- forward ----> smtp receive I need following: old_server to receive mail for my domain as before, but for some of the email addresses I want them to be delivered to zimbra server. I should be able to determine which email addresses will be forwarded. I would like to avoid possible false spam detections for mails from mydomain.com due to this setup. Questions: How should I configure postfix on old_server to support this mail forwarding? To avoid false spam detection, can I have outgoing mail from mydomain.com to be sent by zimbra or should I use old_server? Is there anything extra I would need to do in order to avoid possibility of my outgoing mails being marked as spam on other servers?

  Read the article

• Make dhcp assign same IP and hostname for different interfaces at one machine

  - by Egeshi

  I have a feeling that question itself looks stupid but it is not. Please let me clarify. I have dynamic DNS with BIND and NIS configured at my LAN and have laptop which I am using in both wireless and wired mode. I mean that sometimes I have to use wired interface to achieve higher throughput but most of time I don't need it and using wireless mode. Everything works great. Issue is that I want both interfaces get same IP from DHCP. Just for convenient firewall setup. If I add both hosts to dhcp in this manner # bt wireless host bt { hardware ethernet 00:1f:1f:62:60:28; fixed-address 172.16.77.110; } # bt wired host bt { hardware ethernet 00:14:22:b7:5a:de; fixed-address 172.16.77.110; } DHCP says logs following message dhcpd: Dynamic and static leases present for 172.16.77.110 dhcpd: Remove host declaration bt-wired or remove 172.16.77.110 dhcpd: from the dynamic address pool for 172.16/16 Host records are added outside of any subnet, but it makes no difference if I put them there, effect is still the same. This is not critical but either is not my whim because even if DHCP seems to work fine for that "bt" host, I cannot make connection TO it from remote machine anymore with this definitely incorrect DHCP config. I'd be thankful if one spares a minute for advice about how to configure DHCPD correctly. UPDATE. I realize that there's a soulution to assign different hostname in DHCP config but would like to use benefits of short host names.

  Read the article

• Hyperic HQ- Monitor process statistics for 50+ processes on Linux machine

  - by Chris

  Is there an easy way to get metrics on all processes that start with the letters XYZ? I have about 80 processes that I have to monitor individually that all start with the prefix XYZ. I have created a query using the sigar shell: ps State.Name.sw=XYZ, which will give me a list of the processes that I want. What I need to do is define this list of processes through said query and collect and track statistics from the Process service: http://support.hyperic.com/display/hypcomm/Process+service What I need is 3 or 4 key statistics for each of the XYZ processes defined by my query to show up as graphs in the web front end. Note: Hyperic HQ server is installed on a windows machine and I'm monitoring a Linux box via an agent. Thanks, Chris Edit: Here is my try at a plugin that may give me what I want, but it's not being inventoried/detected by the Hyperic web UI. Simply pointing me to one of Hyperic's tutorials won't do. Thanks. <!DOCTYPE plugin [ <!ENTITY process-metrics SYSTEM "/pdk/plugins/process-metrics.xml">]> <plugin> <server name="ABCStats"> <config> <option name="process.query" description="Process Query" default="State.Name.sw=XYZ"/> </config> <metric name="Availability" alias="Availability" template="sigar:Type=ProcState,Arg=%process.query%:State" category="AVAILABILITY" indicator="true" units="percentage" collectionType="dynamic"/> &process-metrics; <plugin type="autoinventory"/> <plugin type="measurement" class="org.hyperic.hq.product.MeasurementPlugin"/> </server> </plugin>

  Read the article

• iptables configuration to work with apache2 mod_proxy

  - by swdalex

  Hello! I have iptables config like this: iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A OUTPUT -p tcp --sport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 443 -j ACCEPT iptables -A OUTPUT -p tcp --sport 443 -j ACCEPT Also, I have apache virtual host: <VirtualHost *:80> ServerName wiki.myite.com <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://localhost:8901/ ProxyPassReverse / http://localhost:8901/ <Location /> Order allow,deny Allow from all </Location> </VirtualHost> My primary domain www.mysite.com is working well with this configuration (I don't use proxy redirect on it). But my virtual host wiki.mysite.com is not responding. Please, help me to setup iptables config to allow wiki.mysite.com working too. I think, I need to setup iptables FORWARDING options, but I don't know how. update: I have 1 server with 1 IP. On server I have apache2.2 on 80 port. Also I have tomcat6 on 8901 port. In apache I setup to forwarding domain wiki.mysite.com to tomcat (mysite.com:8901). I want to secure my server by disabling all ports, except 80, 22 and 443.

  Read the article

• Apache 2.4 Prefork vs. PHP-FPM Event shows sig decrease in requests per second

  - by Mark

  On my Apache 2.4.2 server with a standard mod_php Prefork setup these are my server-status results Current Time: Wednesday, 24-Oct-2012 19:36:24 CDT Restart Time: Wednesday, 24-Oct-2012 01:27:30 CDT Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 18 hours 8 minutes 54 seconds Total accesses: 14304233 - Total Traffic: 342.3 GB CPU Usage: u12584.6 s721.93 cu.66 cs3.43 - 20.4% CPU load 219 requests/sec - 5.4 MB/second - 25.1 kB/request 507 requests currently being processed, 355 idle workers ______KKKKR_K______W_KKC___CKK_K_K_W__CC_KKK_KK._K_K_KK._KKKK_K_ K_____KK_KKKK_K_KK__K___KK_K___K_____CKKK_WK_K_____KCKK__K___K_K K_CK_K_K_____K__KKKK_K__K___K_KK_K_K_KKKCK____________KK_CK__KKK __C_KKKKKKK___CK___C_KKK_K__C__K_CK____KKK__K__K__K_K__KK_CK_K__ _KKKKK_K_W__KK______K___K__W___C_K__K____KKKKKKKK.KKKKKKKCK_K___ _C_KK_K_WK__K_KK__K__RK_KK___K____K_KK_K_K___RKC_KKKK___KKKC_K_W _C_KK_KK__W____KC__KKK__KKK___K___KKK_KK_K_KKW__K_KR_KK_KK__KKK_ R__KKK__KKKKKK__K_KKKKK_K__K_K___KKW_________KK_K___KKK___KK.K_C KKKKKKW_____K__K_KKC_KCKK_K_KK_K__KK__K___K__KK_KK__________KK__ __K___KK_K__K_C_KK_K___KK__KK__K__KCK_K__KK_________K_K_KK__.K__ K_CKK.CCRW__KKKKKKKKKKKC__W____K___KWK_KK_KKC______.K_K_KK_KKKC_ __KKK_W_KCKKK_K_K____CCCK__KC_KKKK_K____K_CK_K____K__K____KKK_KK KK___K_K_K__KW__KCKKKK____WKWK__K_KKRKK__C_K_KK_KK_K__KKCC_K__C_ KK_K___K_KK______K_____CKK_K_______KK_CKCK__KKKKK____K__K..K____ __KKWK_KW__KKK__K_KKK___K_KK_KKK__KK___KK___KK_KK___KK____KKWKKC KK_KKKK_................................` When I switch to a PHP-FPM setup with the Event MPM with no other variables changes, my requests/sec plummet and overall apache response is garbage. Current Time: Wednesday, 24-Oct-2012 19:51:21 CDT Restart Time: Wednesday, 24-Oct-2012 19:48:03 CDT Parent Server Config. Generation: 1 Parent Server MPM Generation: 0 Server uptime: 3 minutes 18 seconds Total accesses: 18720 - Total Traffic: 307.1 MB CPU Usage: u16.57 s4.74 cu0 cs0 - 10.8% CPU load 94.5 requests/sec - 1.6 MB/second - 16.8 kB/request 15 requests currently being processed, 49 idle workers PID Connections Threads Async connections total accepting busy idle writing keep-alive closing 11701 114 no 10 22 0 66 38 11702 134 no 5 27 0 81 48 Sum 248 15 49 0 147 86 __R_R__W___RRW________RR__R___W_W_______W_____W_____________R_R_ Is there any obvious reason anyone could think of why this would be the case. I can provide any other additional stats or server setup info to help out. Ive tried tweaking everything up and down and nothing really helps get the PHP-FPM setup anywhere near a baseic prefork/mod-php setup. Thanks!

  Read the article

< Previous Page | 233 234 235 236 237 238 239 240 241 242 243 244  | Next Page >