Search Results

Search found 12281 results on 492 pages for 'ip blocking'.

Page 251/492 | < Previous Page | 247 248 249 250 251 252 253 254 255 256 257 258  | Next Page >

  • PHP Causing Segmentation Fault & Apache Blank Response

    - by Joe
    I recently updated a Debian Lenny server to php 5.3,5 using the dotdeb source. Soon after doing so certain (but not all) sites on the server stopped responding to requests. A blank response would be returned - no headers, no content, nothing. I found this related question on stackoverflow which seems to describe something similar and used the same code the user had in their answer to see if I could replicate the issue: <?php class A { public function __construct() { new B; } } class B { public function __construct() { new A; } } new A; print 'Loaded Class A'; ?> This triggered the problem - the page returned absolutely nothing despite the original question stating this was fixed in PHP 5.5.0. No CPU block as you'd expect, no wait, just an almost instant zero response. I then ran this same code from the cli (php -f test.php) and the only output I got was 'Segmentation fault'. Tailing the kernel log I've spotted: Feb 16 07:04:06 creature kernel: [192203.269037] php[17710] general protection ip:76ef37 sp:7fff155e9bb0 error:0 in php5[400000+870000] Feb 16 08:57:31 creature kernel: [199639.699854] apache2[31136]: segfault at 7fff13a84fe0 ip 7f730514ea40 sp 7fff13a85008 error 6 in libphp5.so[7f7304ce8000+915000] All extremely odd and I'm not sure what it's pointing to/what I should do to debug this further. As I said some sites work but code such as the above definitely trigger it. Not that the sites I want to server have code like that - it's just an example. Any help is much appreciated!

    Read the article

  • Home-made HTTP proxy server [closed]

    - by Martin Dimitrov
    I wanted to help a friend who has some restrictions at work to visit certain sites. Locally, on a Windows 7 machine, I run Apache server and decided to make it a proxy just for the IP of my friend. So I added the following to the configuration file: ProxyRequests On ProxyVia On <Proxy *> Order deny,allow Deny from all Allow from <his.ip> </Proxy> It worked fine. But shortly the proxy started to receive many requests of the form: 66.249.66.242 - - [22/Sep/2012:11:01:12 +0300] "GET /search?hl=en&lr=lang_en&as_qdr=all&ie=UTF-8&q=related:www.aarp.org/aarp-foundation/+allinurl:+foundation&tbo=1&sa=X&ei=BSy2T9L_L8PitQapwtHtBw&ved=0COQBEB8wPw HTTP/1.1" 403 208 66.249.71.36 - - [22/Sep/2012:11:01:49 +0300] "GET /search?hl=en&lr=lang_en&as_qdr=all&ie=UTF-8&q=related:www.aarp.org/aarp-foundation/+allinurl:+foundation&tbo=1&sa=X&ei=BOCzT-_WK8_0sgbki5XCDA&ved=0COABEB8wPg HTTP/1.1" 403 208 These are Google IPs. The requests are every 30 seconds or so. My friend is not at work today. In apache_error.log I see: [Sat Sep 22 11:09:20 2012] [error] [client 66.249.66.242] client denied by server configuration: C:/wamp/www/aclk [Sat Sep 22 11:09:47 2012] [error] [client 66.249.71.36] client denied by server configuration: C:/wamp/www/search What the hell is going on? Please, help.

    Read the article

  • Unable to ping gateway via bridge nic

    - by Ara
    I'm trying to install KVM on Ubuntu 12.04 server. We have multiple nic on this server of which we primarily use eth0. The server network runs fine(i'm able to ping gateway, ping dns server and ping servers on internet) with eth0 /etc/network/interfaces auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 192.168.22.194 netmask 255.255.255.0 network 192.168.22.0 broadcast 192.168.22.255 gateway 192.168.22.1 dns-nameservers 10.71.130.58 10.71.130.60 dns-search test.local I installed bridge-utils and configured br0 as below /etc/network/interfaces auto lo iface lo inet loopback auto eth0 iface eth0 inet manual auto br0 iface br0 inet static address 192.168.22.194 netmask 255.255.255.0 network 192.168.22.0 broadcast 192.168.22.255 gateway 192.168.22.1 dns-nameservers 10.71.130.58 10.71.130.60 dns-search test.local bridge_ports eth0 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off Post which i'm able to ping servers on the same ip range 192.168.22.2-254 except for 192.168.22.1 (which is the gateway) also i'm not able to ping any other servers. I'm not able to ping this machine from network. The output for route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.22.1 0.0.0.0 UG 100 0 0 br0 192.168.22.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 I've been struggling with this issue for past 5 days, would be of help if anyone can point me in the right direction to fix this issue. Thanks in advance

    Read the article

  • cannot connect to vpn server (error 721)

    - by callmeblessed
    Hi I got 2 internet connections in my computer. One is using 3.5G HSDPA modem (vodafone huawei e220) and the other using mobile phone (cdma zte c261). Both are using different ISP and i have both. at the moment, i can connect to my office vpn using the HSDPA modem one. But when i tried to use cdma modem (dial up - mobile phone modem), i am just able to get "verifying username and password" and then after a few minutes it display error : Error 721 The Remote Computer didn't respond. I tried to ping into my office ip address, it got good result but still cannot connect to the vpn. I tried to turn off all my firewall (i'm using commodo) and has no response as well. In my cdma mobile phone modem Network connections I tried to allow iNternet connection sharing as well ... and turn on all Internet Protocol TCP/IP, File & Printer Sharing & Client for microsoft networks. But all of my effort has no effect. How to fix this problem ? note: my office using windows vpn as well. thank you .

    Read the article

  • Node js server not responding outside localhost centos

    - by David Martinez
    I'm running a basic express server from CentOS but for some reason it is not responding outside of localhost, I have tried everything I have found on google but nothing works so far. This is my express server: app.listen(3000,"0.0.0.0"); If I do curl http://localhost:3000/ in the server it works fine. If I curl to the ip of the server it doesn't work. I already changed my iptables num target prot opt source destination 1 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 2 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:3000 There is currently a apache server running on port 80 with no problems. I also tried setting a VirtualHost on apache but it didn't work either: <VirtualHost *:80> ServerName SubDOmain.MyDomain.com ProxyRequests off <Proxy *> Order allow,deny Allow from all </Proxy> ProxyPass / http://localhost:3000/ ProxyPassReverse / http://localhost:3000/ ProxyPreserveHost on </VirtualHost> There is another virtual host working fine that redirects to another DocumentRoot. I'm running Node on root for testing purpose, but the node application owner is another user. All folders have 705 and files 664 Edit: I stopped apache and run my node app on port 80 and it working fine, I could access node app from my ip and domain.

    Read the article

  • How can I get Haproxy to not log local requests?

    - by coneybeare
    I am trying to clean out some of the log clutter from my machines and am starting by removing requests that are generated from the server themselves. I have cache warmers running around the clock and I don't want these polluting the logs. I was able to get apache to stop logging local requests by adding a dontlog for the local IP: SetEnvIf Remote_Addr "RE\.DA\.CT\.ED" dontlog CustomLog "|logger -p local3.info -t http" combined env=!dontlog and now I am looking for something similar to put in a configuration for the Haproxy log. How can I prevent 127.0.0.1 requests from writing to the Haproxy log? UPDATE: 2/15/11 I use the excellent loggly service to pull out logs in the cloud, but I am seeing tons of logs like this: 2011 Feb 15 06:09:42.000 ip-10-251-194-96 http: RE.DA.CT.ED - - [15/Feb/2011:06:09:42 -0500] "HEAD /search/Nevad/predictive/txt HTTP/1.0" 200 - "-" "Wget/1.10.2 (Red Hat modified)" 2011 Feb 15 06:09:42.000 127.0.0.1 haproxy[10390]: 127.0.0.1:58408 [15/Feb/2011:06:09:42] www i-5dd7a331.0 0/0/0/8/8 200 210 - - --NI 0/0/0 0/0 "HEAD /search/Nevad/predictive/txt HTTP/1.1" and I want them gone. This question focuses on how to remove that haproxy log line from writing to the server side log in the first place.

    Read the article

  • What are the requirements for Windows Remote Assistance over Teredo?

    - by Jens
    I try to get the Windows 7 (or Vista) remote assistance feature to work, without using UPnP on the novices computer. After enabling Teredo on the expert's computer (that is in a corporate network, and therefore has teredo disabled by default), I tried to connect to the novice both using Easy Connect and the invitation file with no success. My triubleshooting included the following (so far). A connection to the novice from my home pc was successful, hinting at a misconfiguration on the experts side. Both computers have a "qualified" connection to the Teredo Server. Both computers have a valid Teredo IP, access to the Global_ PNRP cloud and can resolve names registered with PNRP on the other computer. The expert can resolve the PNRP Id automatically generated with an Easy Connect help request Both computers can ping the other's PNRP name. Both computers can ping the other's Teredo IP Address using ping -6 Now, I am a little stumped. I expected Remote Assistance to work at this point, since my corporate firewall has no Teredo filtering. What could RA cause not to work in this setting? Thanks in advance!

    Read the article

  • How to access a port via OpenVpn only

    - by Andy M
    I've set up an openvpn server alongside an apache website that can only be accessed on port 8100 on the same machine. My /etc/openvpn/server.conf file looks like this: port 1194 proto tcp dev tun ca ./easy-rsa2/keys/ca.crt cert ./easy-rsa2/keys/server.crt key ./easy-rsa2/keys/server.key # This file should be kept secret dh ./easy-rsa2/keys/dh1024.pem # Diffie-Hellman parameter server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt # make sure clients can still connect to the internet push "redirect-gateway def1 bypass-dhcp" keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 Now I tried to let only clients connected to the vpn network access the website on apache via port 8100. So I defined a few iptables rules: #!/bin/sh # My system IP/set ip address of server SERVER_IP="192.168.0.2" # Flushing all rules iptables -F iptables -X # Setting default filter policy iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP # Allow incoming access to port 8100 from OpenVPN 10.8.0.1 iptables -A INPUT -i tun0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o tun0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT # outgoing http iptables -A OUTPUT -o tun0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i tun0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT Now when I connect to the server from my client computer and try to access the website on 192.168.0.2:8100, my browser can't open it. Will I have to forward traffic from tun0 to eth0? Or is there anything else I'm missing?

    Read the article

  • Any program to help me check whether an ethernet channel can support full-length VLAN packet?

    - by Jimm Chen
    Sometimes, I have to face such a situation that I need to quickly and explicitly know whether a full length VLAN packet can traverse between two RJ45 ports. Yes, I mean 802.1Q ethernet frame with Etype=81 00 (diagram below). What I can do now is: Get two Windows PCs, for each PC, intall Intel Gigabit NIC and Intel specific driver to create a virtual NIC, with VLAN ID=3 assigned. Then connect the two PCs to each of the two RJ45 port. Finally execute ping to generate a full-length ethernet packet. ping -f -l 1472 <dest-IP> This way, I can be sure that the sent packet has the maximum "IP data payload" of 1500 bytes(8 bytes of ICMP header and 1472 bytes of ICMP data). If the ping gets reply, I know that the ethernet channel support full-length VLAN packet. From my experiment, some home switch or broad band routers(e.g. Linksys WRT54G) does not support full-length VLAN packet switching, so only ping -f -l 1468 succeeds. You see, I have to use an expensive Intel NIC to carry on that test, quite inconvenient. You know, for most laptop today, they do not equip an Intel NIC, and, even it is an Intel NIC, Intel VLAN driver, Intel has limitations on the models on which VLAN driver can be installed. So, my question is: Is there a small program that can let me send a full-length VLAN packet without installing a dedicated VLAN driver? Or better, the program has a stock feature that does the very job for my situation. Windows programs preferred, Linux solution welcome. Simpler the program, the better. Thank you.

    Read the article

  • Virtualizing an Inline network appliance with VirtualBox (or VMWare)

    - by Tzury Bar Yochay
    My device, which is a Linux based IP in-liner is transparent to the network peripherals, that is, no IP address assigned to any of its interfaces. For the sake of the conversation, let's use ADSL connection as an example, while the device is inspecting the bi-directional traffic, the network is behaving same as if device was not there, attached to the wire (see Physical setup at the attached diagram). I wonder if I can enclosed that "device" within a Windows machine and have it operated virtually so it still seats inline between the ADSL router and the Windows netwroking interface by using virtual NICs, (or whatever their name is in windows), and inspecting the traffic, same as if it was on a separate physical device, the drawing under "Virtual Setup" in the attached diagram show what I am trying to achieve. Reading a bit on the VirtualBox docs, seems like binding the right side is relatively simple, perhaps I should have one network adapter set as Bridge Networking and VirtualBox will connect it to the physical NIC on the host machine, and network packets are exchanged directly, circumventing the host operating system's network stack (WinXP in my case). However, I have no idea how to achieve the left side of my diagram, which requires adding virtual NICs to windows and configure them correctly in a way to make that pipeline possible. I would appreciate any help. by the way, if that is not possible with VirtualBox but with other virtualization solution (e.g. VMWare), I would accept the other as well.

    Read the article

  • nginx with ssl: I get a 403 and log "directory index of '...dir...' is forbidden" log message. works fine with unencrypted connection

    - by user72464
    As mentioned in the title, I had nginx working fine with my rails app, until I tried to add the ssl server. The unencrypted connection still works but the ssl always returns me a 403 page with the following line in the error log: directory index of "/home/user/rails/" is forbidden, client: [my ip], server: _, request: "GET / HTTP/1.1", host: "[server ip]" Below my nginx.conf server block: server { listen 80; listen 443 ssl; ssl_certificate /etc/ssl/server.crt; ssl_certificate_key /etc/ssl/server.key; client_max_body_size 4G; keepalive_timeout 5; root /home/user/rails; try_files $uri/index.html $uri.html $uri @app; location @app { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://0.0.0.0:8080; } error_page 500 502 503 504 /500.html; location = /500.html { root /home/user/rails; } } the /home/user/rails directory and it's parent have all read to all rights. and they belong to the user nginx. the certificate and key file have the following rights: -rw-r--r-- 1 nginx root 830 Nov 8 09:09 server.crt -rw--w---- 1 nginx root 887 Nov 8 09:09 server.key any clue?

    Read the article

  • MacBook Pro with OSX 10.6.3 (Snow Leopard) Wi-Fi network connection breaks after few minutes

    - by Yanick Landry
    I have a MacBook Pro with OSX 10.6.3 (Snow Leopard). After connecting on a Wi-Fi network, the connection "breaks" after a few minutes. What I mean by "breaking" is that all requests, whether it is loading a web page, connecting to a share folder, connecting to my local router at 192.168.0.1, or pinging anything doesn't get through (time out). When in a "break" situation, I can see in the Network Settings panel that I still have an active IP, which I can successfully ping. I have this problem at home with a router D-Link DI-624 and at work with a D-Link WBR-2310, all with updated firmwares. I thought DHCP was the issue. So I tried assigning a fixed IP address (192.168.0.166). It successfully connects, but after a few minutes, the connection still breaks. The solution I'm currently using is that I disable the AirPort (on the Network icon menu in the top bar), wait a few seconds then re-enable it. It then quickly works, but the connection still breaks after a few minutes. I tried Googling my problem but I think I can't find any good keywords ! It's my first question here, so sorry if I don't respect some rules.

    Read the article

  • Subdomain not hitting new site?

    - by Abe Miessler
    I have an existing site at my.site.com and I would like to setup a staging subdomain (staging.my.site.com). I have my DNS setup and directing staging.my.site.com to my server, but for some reason the Web Site I created in IIS for it is not being hit. Instead when I go to staging.my.site.com it takes me to the original site. The site I created in IIS has a home directory that is totally different from the regular sites home directory. I have added one host header with the following information: IP Address: (All Unassigned) TCP port: 80 Host Header Value: staging.my.site.com I was under the impression that with the setup I described above hitting staging.my.site.com through a web browser would bring up the staging site, but it does not. Can anyone see what I am doing wrong? UPDATE: One thing I noticed is that in my A record I am mapping to the IP Address ( lets say 1.1.1.1 for this example). In the host headers for the main site (my.site.com) it has 1.1.1.1 as an entry. Is this normal? Could it cause the problem I am talking about?

    Read the article

  • Procurve Primary VLAN

    - by fukawi2
    I'm trying to depreciate usage of VLAN 1 on my ProCurve switches; 1 is unused. I understand that VLAN 1 must exist, but I want to remove it from all ports, especially trunks between switches. The problem I have is that stacking does not seem to work without VLAN 1. I have changed the primary VLAN and management VLAN on all the switches: (config)# primary-vlan 42 (config)# management-vlan 42 (config)# no vlan 1 untagged 25 Port 25 is the link between the 2 switches I'm testing with; the stack master and a member switch; I only want tagged traffic between the switches, no untagged frames. show stacking on the master shows all members as "UP" but I can not telnet any of them: Telnet failed: Connection timed out. All switches have manually assigned (static) IP addresses on VLAN 42, and all exist in the same /25 subnet, as does my desktop. I can telnet the switches directly from my desktop to the individual switch IP addresses, just not from the master switch. Do I need to reboot the switches to have the primary-vlan change take effect? Or is there something else I'm missing?

    Read the article

  • Isolating a computer in the network

    - by Karma Soone
    I've got a small network and want to isolate one of the computers from the whole network. My Network: <----> Trusted PC 1 ADSL Router --> Netgear dg834g <----> Trusted PC 2 <----> Untrusted PC I want to isolate this untrusted PC in the network. That means the network should be secure against : * ARP Poisoning * Sniffing * Untrusted PC should not see / reach any other computers within the network but can go out the internet. Static DHCP and switch usage solves the problem of sniffing/ARP poisoning. I can enable IPSec between computers but the real problem is sniffing the traffic between the router and one of the trusted computers. Against getting a new IP address (second IP address from the same computer) I need a firewall with port security (I think) or I don't think my ADSL router supports that. To summarise I'm looking for a hardware firewall/router which can isolate one port from the rest of the network. Could you recommend such a hardware or can I easily accomplish that with my current network?

    Read the article

  • SSL Connection Error

    - by toffee.beanns
    I have purchased a comodo ssl cert and have submitted the Certificate Signing Request (CSR) generated by my server to the ssl management site. With the 3 files it returned me with, - AddTrustExternalCARoot.crt - PositiveSSLCA2.crt - www_mydomainname_com.crt I have uploaded them to my /etc/ssl/ssl-certs folder and have updated my virtual host in my sites-available and restarted accordingly. NameVirtualHost 107.167.120.195:80 #sample ip address NameVirtualHost 107.167.120.195:443 #sample ip address ......... #normal http virtual host (working well) <VirtualHost 107.167.120.195:443> ServerAdmin [email protected] ServerName mydomainname.com ServerAlias www.mydomainname.com DocumentRoot /var/www/mydomainname SSLEngine on SSLCertificateFile /etc/ssl/ssl-certs/www_mydomainname.com.crt SSLCertificateKeyFile /etc/ssl/ssl-certs/server.key SSLCertificateChainFile /etc/ssl/ssl-certs/PositiveSSLCA2.crt </VirtualHost> I have also enabled ran 'a2enmod ssl' and it's enabled. This is the error I get when I access the webpage https in chrome: SSL connection error Error code: ERR_SSL_PROTOCOL_ERROR Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have. I have also checked out my apache log files and there seems to be an error saying that the Common Name (CN) is not the same as the server. RSA server certificate CommonName (CN) `www.mydomainname.com' does NOT match server name!? and Invalid method in request \x16\x03\x01 What should I do?

    Read the article

  • How does Tunlr work?

    - by gravyface
    For those of you not in the US, Tunlr uses DNS witchcraft to allow you to access US-only (and UK-only stuff like BBC radio online) services and Websites like Hulu.com, etc. without using traditional methods like a VPN or Web proxy. From their FAQ: Tunlr does not provide a virtual private network (VPN). Tunlr is a DNS (domain name system) unblocking service. We’re using sophisticated technologies (a.k.a. the Tunlr Secret Sauce ©) to re-adress certain data envelopes, tricking the receiver into thinking the envelope originated from within the U.S. For these data envelopes, Tunlr is transparently creating a network tunnel from your location to our U.S.-based servers. Any data that’s not directly related to the video or music content providers which Tunlr supports is not only left untouched, it’s also not even routed through Tunlr. In order to use Tunlr, you will have to change the DNS address. See Get started for more information. I can't really wrap my head around how this works; I have always assumed that these services performed a geolocation lookup via your client IP. Just really curious as to how this works. EDIT 2 I believe they're only proxying the initial geo check and then modifying the data stream request to include your real IP address so that the streaming is direct, not proxied.

    Read the article

  • Courier-imap login problem after upgrading / enabling verbose logging

    - by halka
    I've updated my mail server last night, from Debian etch to lenny. So far I've encountered a problem with my postfix installation, mainly that I managed to broke the IMAP access somehow. When trying to connect to the IMAP server with Thunderbird, all I get in mail.log is: Feb 12 11:57:16 mail imapd-ssl: Connection, ip=[::ffff:10.100.200.65] Feb 12 11:57:16 mail imapd-ssl: LOGIN: ip=[::ffff:10.100.200.65], command=AUTHENTICATE Feb 12 11:57:16 mail authdaemond: received auth request, service=imap, authtype=login Feb 12 11:57:16 mail authdaemond: authmysql: trying this module Feb 12 11:57:16 mail authdaemond: SQL query: SELECT username, password, "", '105', '105', '/var/virtual', maildir, "", name, "" FROM mailbox WHERE username = '[email protected]' AND (active=1) Feb 12 11:57:16 mail authdaemond: password matches successfully Feb 12 11:57:16 mail authdaemond: authmysql: sysusername=<null>, sysuserid=105, sysgroupid=105, homedir=/var/virtual, [email protected], fullname=<null>, maildir=xoxo.sk/[email protected]/, quota=<null>, options=<null> Feb 12 11:57:16 mail authdaemond: Authenticated: sysusername=<null>, sysuserid=105, sysgroupid=105, homedir=/var/virtual, [email protected], fullname=<null>, maildir=xoxo.sk/[email protected]/, quota=<null>, options=<null> ...and then Thunderbird proceeds to complain that it cant' login / lost connection. Thunderbird is definitely not configured to connect through SSL/TLS. POP3 (also provided by Courier) is working fine. I've been mainly looking for a way to make the courier-imap logging more verbose, like can be seen for example here. Edit: Sorry about the mess, I've found that I've been funneling the log through grep imap, which naturally didn't display entries for authdaemond. The verbose logging configuration entry is found in /etc/courier/imapd under DEBUG_LOGIN=1 (set to 1 to enable verbose logging, set to 2 to enable dumping plaintext passwords to logfile. Careful.)

    Read the article

  • Host multiple domains with Apache on a VPS

    - by Kunal
    Hi I have recently bought a windows VPS and installed apache, mysql using xampp. All services are running fine. I can access the hosted site using the IP of VPS but what I need to do is host multiple domains on that server. Actually my requirement was to use htaccess on a php based site but the site had to access data from ms sql server as well. So needed to enable php_mssql.dll in the php.ini which no shared hosting was supporting. Had to go for this VPS. Plesk was installed by default but as htaccess wont work with IIS, I had to stop IIS service and install apache there. Now all is well, but I need to find a way to host multiple domains there. When I bought the VPS they hosting people sent me the dedicated IP of the server and also I have the 2 name servers required to host domains. What is the next step? Exactly which file I need to modify to get things done? Please help! Any kind of help is much appreciated. Thanks in advance for all of your kind help and time.

    Read the article

  • Apache httpd workers retry

    - by David Newcomb
    I have an Apache httpd web server running mod_proxy and mod_proxy_balancer. The whole of /somedir is sent to 2 worker machines which service the requests using the round robin scheduler. Each worker machine is running IIS but I don't think that is important. I can demonstrate the load balancer working by repeatedly requesting a single page which contains the IP address of the machine and can see that it switches from one to the other in a predictable round robin fashion. If I switch off one of the IIS servers and start requesting the same page then each page only contains the IP address of the machine that is up. However, if I start IIS and don't run my IIS application then /somedir returns 500 (as it should). I've added 500 to the failonstatus (Apache 2.4) so when it hits the error Apache places the worker machine into error state. Apache still returns the proxy error to the client though. How can I make Apache catch the proxy failure and retry using a different worker in the same way that a connection failure does. Update There is almost the same question asked in StackOverflow so joining them together. http://stackoverflow.com/questions/11083707/httpd-mod-proxy-balancer-failover-failonstatus-transperant-switching

    Read the article

  • TCPDump and IPTables DROP by string

    - by Tiffany Walker
    by using tcpdump -nlASX -s 0 -vvv port 80 I get something like: 14:58:55.121160 IP (tos 0x0, ttl 64, id 49764, offset 0, flags [DF], proto TCP (6), length 1480) 206.72.206.58.http > 2.187.196.7.4624: Flags [.], cksum 0x6900 (incorrect -> 0xcd18), seq 1672149449:1672150889, ack 4202197968, win 15340, length 1440 0x0000: 4500 05c8 c264 4000 4006 0f86 ce48 ce3a E....d@[email protected].: 0x0010: 02bb c407 0050 1210 63aa f9c9 fa78 73d0 .....P..c....xs. 0x0020: 5010 3bec 6900 0000 0f29 95cc fac4 2854 P.;.i....)....(T 0x0030: c0e7 3384 e89a 74fa 8d8c a069 f93f fc40 ..3...t....i.?.@ 0x0040: 1561 af61 1cf3 0d9c 3460 aa23 0b54 aac0 .a.a....4`.#.T.. 0x0050: 5090 ced1 b7bf 8857 c476 e1c0 8814 81ed P......W.v...... 0x0060: 9e85 87e8 d693 b637 bd3a 56ef c5fa 77e8 .......7.:V...w. 0x0070: 3035 743a 283e 89c7 ced8 c7c1 cff9 6ca3 05t:(>........l. 0x0080: 5f3f 0162 ebf1 419e c410 7180 7cd0 29e1 _?.b..A...q.|.). 0x0090: fec9 c708 0f01 9b2f a96b 20fe b95a 31cf ......./.k...Z1. 0x00a0: 8166 3612 bac9 4e8d 7087 4974 0063 1270 .f6...N.p.It.c.p What do I pull to use IPTables to block via string. Or is there a better way to block attacks that have something in common? Question is: Can I pick any piece from that IP packet and call it a string? iptables -A INPUT -m string --alog bm --string attack_string -j DROP In other words: In some cases I can ban with TTL=xxx and use that should an attack have the same TTL. Sure it will block some legit packets but if it means keeping the box up it works till the attack goes away but I would like to LEARN how to FIND other common things in a packet to block with IPTables

    Read the article

  • No LAN and SMB access, and Explorer not responsive, when using a second connection

    - by Lorenzo
    I apologize if this is a duplicate question, I know that there are several questions about multiple connection (LAN + LAN and LAN + dialup) but I haven't been able to find one that fits my scenario. I'm still using Windows XP on my corporate laptop, and I'm connected to the corporate LAN via Ethernet. The LAN NIC has a public IP address, although not accessible externally, obtained via the corporate DNS server. This connection is firewalled and requires a proxy to access Internet. To access Internet sites blocked by the corporate firewall, I use my smartphone via USB tethering. It is seen as a new LAN interface, and I get a private IP address (class 192.168..). There are two problems: The LAN is not accessible, as the default gateway goes to the tethering NIC. I'd like to solve this, but I can live with it. My PC becomes unresponsive if I use Windows Explorer to view local files, or even when I open the start menu. I guess that this is caused by attemps to connect to a mapped network drive. But I disabled the "Client for Microsoft Networks" in the tethering NIC. Why the system still hangs? Of course if I disable the Ethernet NIC, Explorer stops hanging. If you need further details, add a comment. Thanks!

    Read the article

  • 802.11g -> wired ethernet bridging not working

    - by Malachi
    Usually people want to go the other direction, but I want to take our relatively fast and stable house 802.11g signal and bridge it to ethernet. I have tried using an Airport Express (the b/g flavor) and my i7 MacBook pro, both to no avail. Word is that the b/g flavor of This flavor of Airport Express maxes at firmware 6.3 which doesn't support this kind of bridging properly. However, I expected my MacBook pro to do the job with its "Internet Sharing" feature. Alas, although my wired PC does sort of see it, it doesn't work out. Strangely, using DHCP the PC receives the same IP address as my MBP uses on the network. Less strangely, but still surprisingly, the wired ethernet port on my mac registers as the IP address of the gateway when queried with IFCONFIG. It sort of makes sense that the mac would "pretend" to be the gateway, but the whole thing just isn't working and seems configured wrong - but all the docs I see say basically "OS X Internet Sharing: click it and go". What do I do? Do i really have to buy more hardware, even though I have plenty of would-be candidates for bridging? Incidentally, the host router originating the 802.11g signal is a belkin 802.11g router, and is documented to support WDS.

    Read the article

  • Privacy, VPN and routers

    - by user123189
    Ever since this ACTA push-up the things are starting to heat up around torrents and privacy. I am using Tribler now, but this is not secure enough for me. Not enough privacy. I've been using in the past a swedish VPN PPTP connection. What I observed is that, when the VPN connection was down, Internet traffic wasn't cut off, rather the downloads were continuing, this time with my real IP, wearing off my protection. 1st : How to enforce a VPN connection that will cut all traffic when down? That is, the moment the connection is down, all internet traffic should cease as if I'd pull the network plug out. 2nd: Is PPTP good enough or should I ask for SSTP or IKEV2 ? 3rd: Should I disable IPv6 ? Is VPN no longer private if I keep IPv6 active? I 'heard some stuff' about dual vpn routers to be able to improve privacy; but nothing more about how to configure one for such a task. 4th: Is there any kind of "black box" hardware equipment that can be used in hiding IP, encrypting traffic and so on ?

    Read the article

  • Can't route specific subnet thru VPN in ubuntu

    - by Disco
    I'm having issues routing traffic thru VPN. Here's my setup I have 3 hosts, let's call them A, B and Z B and Z have a VPN connection in the 10.10.10.x SUBNET A and B have a direct connection in the 10.10.12.x SUBNET I want to be able to route traffic from A to Z, like : A <= 10.10.12.254 [LAN] 10.10.12.111 => B <= 10.10.10.152 [VPN] 10.10.10.10 => Z On host B, i have set up ip_forwarding : net.ipv4.ip_forward = 1 and routing on host B: [root@hostA: ~]# ip route 10.10.10.10 dev ppp0 proto kernel scope link src 10.10.10.152 10.10.12.0/24 dev eth1 proto kernel scope link src 10.10.12.111 10.10.10.0/24 dev ppp0 scope link 169.254.0.0/16 dev eth1 scope link routing on host A: [root@hostA: ~]# ip route 10.10.10.0 via 10.10.12.111 dev eth1 10.10.12.0/24 dev eth1 proto kernel scope link src 10.10.12.254 169.254.0.0/16 dev eth1 scope link default via 192.168.1.1 dev eth0 But still not able to ping 10.10.10.10 from host A. Any idea ? I'm pulling my hairs out.

    Read the article

< Previous Page | 247 248 249 250 251 252 253 254 255 256 257 258  | Next Page >