Search Results

Search found 10798 results on 432 pages for 'port scanning'.

Page 28/432 | < Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >

  • Testing UDP port connectivity

    - by Lock
    I am trying to test whether I can get to a particular port on a remote server (both of which I have access to) through UDP. Both servers are internet facing. I am using netcat to have a certain port listening. I then use nmap to check for that port to see if it is open, but it doesn't appear to be. Iptables is turned off. Any suggestions why this could be? I am eventually going to setup a VPN tunnel, but because I'm very new to tunnels, I want to make sure I have connectivity on port UDP 1194 before advancing.

    Read the article

  • Proxying fake domain to a localhost port

    - by Trevor Burnham
    I'd like to do much the same thing described at Redirect Domain Name to Localhost for web app development purposes, but with the twist that I'd like requests to fakedomain.com:80 to be routed to localhost:8080, say, so that I don't have to actually use my development machine's port 80. I'd welcome answers that take the form of: Small changes to configuration files like /etc/hosts, and/or An easy-to-configure proxy server I could run Note: Pow takes the approach of setting a firewall rule to forward all incoming traffic on port 80 to port 20559. That may be an acceptable solution, but ideally, I'd like to forward only a specific domain + port combination.

    Read the article

  • NAT Error Message - Usage limit exceeded

    - by Kato
    Trying to configure a port to use for Vuze. Using the NAT/server port test, I was getting a message saying the connection timed out, the port was probably closed. I went back and made sure to open the specific port on my router, firewall, etc, but now I'm getting "NAT Error - Usage limit exceeded (173.32.41.24:0). I'm on a mac pro running leopard, trial versions of intego netbarrier and virusbarrier. Network utilities and netbarrier both claim the port is open. I've tested a bunch of other ports, but all give the same message.

    Read the article

  • JBoss https on port other than 8080 not working

    - by MilindaD
    We have a server with two JBoss instances where one runs on 8080, the other on 8081. We need to have HTTPS enabled for the 8081 server, firstly we tried enabling https on the 8080 port instance by generating the keystore and editing the server.xml and it successfully worked. However when we tried the same thing for 8081 it did not, note that we removed https for the 8080 server first before enabling it for 8081. This is what was used for both server.xml for 8080 and 8081. The only difference was that the port was changed from 8080 to 8081 when trying to enable https for 8081 port instance. What am I doing wrong and what needs to be changed? NOTE : When I meant enabled for 8080 I meant when you visit https:// URL:8484 you will actually be visiting the 8080 port instance. However when ssl is enabled for 8081 and I visit https:// URL:8484 I get that the web page is unavailable. COMMENTLESS VERSION <Server> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <Listener className="org.apache.catalina.core.JasperListener" /> <Service name="jboss.web"> <!-- https --> <Connector port="8080" address="${jboss.bind.address}" maxThreads="350" maxHttpHeaderSize="8192" emptySessionPath="true" protocol="HTTP/1.1" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" compression="on" ompressableMimeType="text/html,text/css,text/javascript,application/json,text/xml,text/plain,application/x-javascript,application/javascript"/> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" address="${jboss.bind.address}" keystoreFile="${jboss.server.home.dir}/conf/supun1.keystore" keystorePass="aaaaaa" truststoreFile="${jboss.server.home.dir}/conf/supun1.keystore" truststorePass="aaaaaa" /> <!-- https1 --> <Connector port="8009" address="${jboss.bind.address}" protocol="AJP/1.3" emptySessionPath="true" enableLookups="false" redirectPort="8443" /> <Engine name="jboss.web" defaultHost="localhost" jvmRoute="khms1"> <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm" certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping" allRolesMode="authOnly" /> <Host name="localhost" autoDeploy="false" deployOnStartup="false" deployXML="false" configClass="org.jboss.web.tomcat.security.config.JBossContextConfig" > <Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" /> <Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve" cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager" transactionManagerObjectName="jboss:service=TransactionManager" /> </Host> </Engine> </Service> </Server> WITH COMMENTS VERSION <Server> <!--APR library loader. Documentation at /docs/apr.html --> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html --> <Listener className="org.apache.catalina.core.JasperListener" /> <!-- Use a custom version of StandardService that allows the connectors to be started independent of the normal lifecycle start to allow web apps to be deployed before starting the connectors. --> <Service name="jboss.web"> <!-- A "Connector" represents an endpoint by which requests are received and responses are returned. Documentation at : Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) Java AJP Connector: /docs/config/ajp.html APR (HTTP/AJP) Connector: /docs/apr.html Define a non-SSL HTTP/1.1 Connector on port 8080 --> <Connector port="8080" address="${jboss.bind.address}" maxThreads="350" maxHttpHeaderSize="8192" emptySessionPath="true" protocol="HTTP/1.1" enableLookups="false" redirectPort="8443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" compression="on" ompressableMimeType="text/html,text/css,text/javascript,application/json,text/xml,text/plain,application/x-javascript,application/javascript"/> <!-- Define a SSL HTTP/1.1 Connector on port 8443 This connector uses the JSSE configuration, when using APR, the connector should be using the OpenSSL style configuration described in the APR documentation --> <!-- <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" keystoreFile="${jboss.server.home.dir}/conf/zara.keystore" keystorePass="zara2010" clientAuth="false" sslProtocol="TLS" compression="on" /> --> <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" address="${jboss.bind.address}" keystoreFile="${jboss.server.home.dir}/conf/supun1.keystore" keystorePass="aaaaaa" truststoreFile="${jboss.server.home.dir}/conf/supun1.keystore" truststorePass="aaaaaa" /> <!-- Define an AJP 1.3 Connector on port 8009 --> <Connector port="8009" address="${jboss.bind.address}" protocol="AJP/1.3" emptySessionPath="true" enableLookups="false" redirectPort="8443" /> <Engine name="jboss.web" defaultHost="localhost" jvmRoute="khms1"> <!-- The JAAS based authentication and authorization realm implementation that is compatible with the jboss 3.2.x realm implementation. - certificatePrincipal : the class name of the org.jboss.security.auth.certs.CertificatePrincipal impl used for mapping X509[] cert chains to a Princpal. - allRolesMode : how to handle an auth-constraint with a role-name=*, one of strict, authOnly, strictAuthOnly + strict = Use the strict servlet spec interpretation which requires that the user have one of the web-app/security-role/role-name + authOnly = Allow any authenticated user + strictAuthOnly = Allow any authenticated user only if there are no web-app/security-roles --> <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm" certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping" allRolesMode="authOnly" /> <!-- A subclass of JBossSecurityMgrRealm that uses the authentication behavior of JBossSecurityMgrRealm, but overrides the authorization checks to use JACC permissions with the current java.security.Policy to determine authorized access. - allRolesMode : how to handle an auth-constraint with a role-name=*, one of strict, authOnly, strictAuthOnly + strict = Use the strict servlet spec interpretation which requires that the user have one of the web-app/security-role/role-name + authOnly = Allow any authenticated user + strictAuthOnly = Allow any authenticated user only if there are no web-app/security-roles <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm" certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping" allRolesMode="authOnly" /> --> <Host name="localhost" autoDeploy="false" deployOnStartup="false" deployXML="false" configClass="org.jboss.web.tomcat.security.config.JBossContextConfig" > <!-- Uncomment to enable request dumper. This Valve "logs interesting contents from the specified Request (before processing) and the corresponding Response (after processing). It is especially useful in debugging problems related to headers and cookies." --> <!-- <Valve className="org.apache.catalina.valves.RequestDumperValve" /> --> <!-- Access logger --> <!-- <Valve className="org.apache.catalina.valves.AccessLogValve" prefix="localhost_access_log." suffix=".log" pattern="common" directory="${jboss.server.log.dir}" resolveHosts="false" /> --> <!-- Uncomment to enable single sign-on across web apps deployed to this host. Does not provide SSO across a cluster. If this valve is used, do not use the JBoss ClusteredSingleSignOn valve shown below. A new configuration attribute is available beginning with release 4.0.4: cookieDomain configures the domain to which the SSO cookie will be scoped (i.e. the set of hosts to which the cookie will be presented). By default the cookie is scoped to "/", meaning the host that presented it. Set cookieDomain to a wider domain (e.g. "xyz.com") to allow an SSO to span more than one hostname. --> <!-- <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> --> <!-- Uncomment to enable single sign-on across web apps deployed to this host AND to all other hosts in the cluster. If this valve is used, do not use the standard Tomcat SingleSignOn valve shown above. Valve uses a JBossCache instance to support SSO credential caching and replication across the cluster. The JBossCache instance must be configured separately. By default, the valve shares a JBossCache with the service that supports HttpSession replication. See the "jboss-web-cluster-service.xml" file in the server/all/deploy directory for cache configuration details. Besides the attributes supported by the standard Tomcat SingleSignOn valve (see the Tomcat docs), this version also supports the following attributes: cookieDomain see above treeCacheName JMX ObjectName of the JBossCache MBean used to support credential caching and replication across the cluster. If not set, the default value is "jboss.cache:service=TomcatClusteringCache", the standard ObjectName of the JBossCache MBean used to support session replication. --> <Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" /> <!-- Check for unclosed connections and transaction terminated checks in servlets/jsps. Important: The dependency on the CachedConnectionManager in META-INF/jboss-service.xml must be uncommented, too --> <Valve className="org.jboss.web.tomcat.service.jca.CachedConnectionValve" cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager" transactionManagerObjectName="jboss:service=TransactionManager" /> </Host> </Engine> </Service> </Server>

    Read the article

  • Forward requests to IIS Application/Folder to Apache server on another port

    - by TheGwa
    I have found many questions and answers for ways of doing this using asapi filters or ARR and URL Rewrite, but none are clear and concise and I am sure many people have this issue. I am looking for a best practice step by step solution to the following scenario: I have a development server accessible externally via a specific port for testing. Eg. rnd.domain.com:8888. So there is one port in and out of this machine accessible to the world. On this server I have a number of Apache or other servers using specific ports such as 8080. IIS is bound to port 80 locally as well as 8888 to get external requests and works perfectly. I would like to use an application (folder) in IIS such as rnd.domain.com:8888/mapserver to map to the local apache server in both directions. The same solution must apply in production where the domain is mapped to port 80. eg. production.domain.com/mapserver maps to 8080 on production server

    Read the article

  • USB 3 port fails to enable my keyboard during boot

    - by Jay
    My laptop has both USB 2.0 and 3.0 ports. I've connected: mouse -- USB 2.0 port keyboard -- USB 3.0 port On starting the system, the mouse is active however the keyboard does not function. Everytime i have to disconnect the keyboard and plug it back in and only then it becomes active. Is there any fix to this problem or is the USB port itself faulty? specs: Dell XPS, 64-bit i7 processor with 8G of RAM

    Read the article

  • Adding a new USB port inside a Macbook Pro

    - by MikeC8
    I have a USB Dongle that I'd like to put inside my Macbook Pro. I have already found a spot that will fit the dongle. The next question is splicing one of the USB ports and connecting it to the dongle. Here's a photograph of the inside of my Macbook Pro, showing the USB ports and a little gray plastic divider with four holes in it above each port. http://min.us/mvoQEem My question: Does anyone know what is inside these holes? Presumably each one is a pin for the USB port, right? Can I just stick a wire in there, giving me 4 pins, plus the fifth attached to the metal outside the port? More generally, any one have any ideas for what might be the easiest way to get a USB port inside my MBP? :) Thanks!

    Read the article

  • Hp Procurve Switch : port filtered

    - by user117140
    My HP Procurve switch is blocking port 22 and I dont know how to unblock it.Please let me know From the server, see port 22 is blocked [root@server ~]#nmap -p22,80,443 10.247.172.70 Starting Nmap 4.11 ( http://www.insecure.org/nmap/ ) at 2012-04-16 14:12 IST mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns_servers Interesting ports on 10.247.172.70: PORT STATE SERVICE 22/tcp filtered ssh ------------------> see 80/tcp filtered http 443/tcp filtered https This is blocked on cisco switch but I dont have any clue how this is done. I know that vlan is configured on switch. vlan 54 ip ospf 10.247.172.65 area 0.0.0.10 vrrp vrid 54 owner virtual-ip-address 10.247.172.65 255.255.255.192 priority 255 enable exit exit Please let me know how to unblock ssh port 22 access on this switch?

    Read the article

  • iis not listening on port 80

    - by Holian
    Hello, We have server 2003 and ISA 2004 with IIS 6 on same machnie. Everything worked well till yesterday, when we try to make some new rule in ISA..but this is a long story... Unfortunatelly something happend with our intranet site. Our site is on the port 80, but if we try to open on this client machines then we got and error page (which error page is our provider): 403-forbidden; Remote host not listening, the remote host is not prepared to acceppt the connection request. On the server i can open the site with port 80. If i change the port number in the iis and try to open the site with the port, then works well. I try to shut down IIS and start apache with a simple page. On the server works well but in clients the problem is the same, so i think this is not an IIS related problem. In the ISA we have a web pub rule, with port 80, no auth. Im pulling out my hair, please help.

    Read the article

  • Determine process using a port, without sudo

    - by pat
    I'd like to find out which process (in particular, the process id) is using a given port. The one catch is, I don't want to use sudo, nor am I logged in as root. The processes I want this to work for are run by the same user that I want to find the process id - so I would have thought this was simple. Both lsof and netstat won't tell me the process id unless I run them using sudo - they will tell me that the port is being used though. As some extra context - I have various apps all connecting via SSH to a server I manage, and creating reverse port forwards. Once those are set up, my server does some processing using the forwarded port, and then the connection can be killed. If I can map specific ports (each app has their own) to processes, this is a simple script. Any suggestions? This is on an Ubuntu box, by the way - but I'm guessing any solution will be standard across most Linux distros.

    Read the article

  • Blocked port 25 on Windows 7 64 bit

    - by Michal Gow
    Strange problem. I have 2 computers connected to Wifi router. One with Windows Vista & second with 2 operating systems: SUSe Linux and Windows 7 64bit on it. Computer with Vista can connect to SMTP server of my email provider (and any other) using port 25, and can connect to a mail server using telnet mail.server.com 25 if this port is open. Computer with dual operating system can (using Linux) do the same. The same computer, with the same hardware (Wifi card etc.), and using the same WiFi router, cannot however use Port 25 and cannot Telnet into any smtp server. So the problem is in Windows 7. I did uninstall all antivirus software and disabled the firewall. The problem is still here. Is there way how find out which software is blocking this port?

    Read the article

  • Setting up a DNS port redirect?

    - by Svetlana
    I have a domain using CloudFlare's DNS, I want to make it redirect to my server's IP (dynamic IP, port 21 blocked by ISP) which at the moment uses a No-IP DNS. The current setup is that I have a subdomain as a CNAME targetting the No-IP domain, but that only works for things like the Minecraft server (which looks for a set port that isn't blocked by my ISP), and I'd like a solution that lets me redirect port 21 from the CloudFlare domain to port 2121 on the No-IP domain, or something else that points to my dynamic IP, where an FTP server is already set up and running. I've had SRV records mentioned to me but without any further help, and it only made me more confused. Thanks in advance for the help.

    Read the article

  • ftp server over internet using different port

    - by ???? ????
    I want to make my ftp server over the internet i made it on Debian linux computer and i changed the port of it to 201 my local ip is 192.168.1.3 so i can access it from any computer on my network through ftp :// mylocalip:201 it appear to me the login page i login with my linux user and can see the files on my ftp server to make it public i make port mapping on my router for port 201 when i try ftp :// mypublicip:201 it give me the login page and when i entered the login data it is loading infinity without open my ftp server files when i made it over default port 21 it works fine. can any one tell me what is the problem here?

    Read the article

  • Utility to listen on port (Windows 2003 Server)

    - by Gero
    Hi, I need to validate some network connectivity from machine X to a Windows 2003 Server machine. To be able to do so I'm looking for a simple utility that I can run on the Windows 2003 server that will listen on a specified port. It does not have to do anything else. When it listens on the specified port I can do a telnet to that port from machine X and check if all firewalls are open. The Windows 2003 Server machine is already a production machine so I cannot install all kinds of stuff. At this stage we want to ensure that all network connectivity is in place before we do the installation of the 'real' application that will listen that port (don't want to wast time debugging network connectivity issues when we do the actual deployment of the new application. The utility should be a simple command line utility that does not require any installation. What utilities do you recommend? Thanks, Gero

    Read the article

  • Log with iptalbes which user is delivering email to port 25

    - by Maus
    Because we got blacklisted on CBL I set up the following firewall rules with iptables: #!/bin/bash iptables -A OUTPUT -d 127.0.0.1 -p tcp -m tcp --dport 25 -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --gid-owner mail -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --uid-owner root -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --uid-owner Debian-exim -j ACCEPT iptables -A OUTPUT -p tcp -m limit --limit 15/minute -m tcp --dport 25 -j LOG --log-prefix "LOCAL_DROPPED_SPAM" iptables -A OUTPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable I'm not able to connect to port 25 from localhost with another user than root or a mail group member - So it seems to work. Still some questions remain: How effective do you rate this rule-set to prevent spam coming from bad PHP-Scripts hosted on the server? Is there a way to block port 25 and 587 within the same statement? Is the usage of /usr/sbin/sendmail also limited or blocked by this rule-set? Is there a way to log the username of all other attempts which try to deliver stuff to port 25?

    Read the article

  • Add SATA Port to Motherboard?

    - by YAS
    I recently took off the bottom covers to my laptop, an Aspire 6930, and one of the covers was hiding an empty space large enough for a second hard drive. The bit of motherboard that was showing had the solder joints for a SATA port, but no port. What I'm wondering is; If I get a spare SATA port and solder it in would it mess up my motherboard and kill my laptop? I'm not concerned about a clean solder job, I can do that. But if the port is soldered in cleanly if there would be any danger to doing it. It'd be pretty darn awesome to get a second hard drive in my laptop.

    Read the article

  • Kill UDP port that has no process?

    - by Chocohound
    I can't bind to UDP port 500 from my code (yes I'm running w/ sudo). The port is reported as "already in use" (Mac os X), but doesn't have an associated process: $ sudo netstat -na | grep "udp.*\.500\>" udp4 0 0 192.168.50.181.500 *.* udp4 0 0 192.168.29.166.500 *.* But sudo lsof doesn't show a process on port 500 (ie sudo lsof -i:500 -P reports nothing). How can I unbind port 500 so I can use it again? I believe I have a bad VPN client that isn't cleaning up after itself, but I can't get rid of this without rebooting the machine.

    Read the article

  • How to specify multiple HostName/Port combinations in .ssh/config

    - by leoluk
    I have multiple notebooks and workstations which pull and push from multiple Mercurial repositories on a central server. I usually use .ssh/config to set an alias: Host repo-server HostName server.somedomain User user143 IdentityOnly yes IdentityFile ~/hgkey Port 156 ... and some more options, you get the idea. I can then simply do a hg push ssh://repo-server//hgroot/someproject on every local repository, and I can change the server address and port in one place. For workstations, this works fine, but the notebooks can access the server either from inside the network or from outside, using a different address and a different port. Is there any way I can specify multiple HostName/Port combinations so that SSH automatically tries them in order? This way, the users could push and pull without having to care about the correct address. (of course, using a VPN would be the most correct solution)

    Read the article

  • Windows VPN client connect on different port

    - by John Gardeniers
    Scenario: Two Windows Server 2003 machines running RRAS VPNs. The firewall port forwards 1723 to one of those machines for normal remote access. I'd like to find a way to connect to the second machine as well. Not because I need to but just because it's the sort of thing I reckon should be possible but can't figure out how to do. Is it possible to have the Windows PPTP VPN client (on XP in this instance) connect on a port other than 1723? If so, I can simply port forward another port to the second server. I've done a fair bit of Googling over the last few days and have only found others asking the same question but no answers. I have of course tried to add a port number in the host name or IP connection box, in various formats, but to no avail. While this might be possible with a third part client I'm really only interested in whether or not it can be done with the Windows built-in client and if so how?. Perhaps there's a registry hack I'm not aware of?

    Read the article

  • Portforwarding Combine Several Ports

    - by kiraitachi
    Hi I got a Raspberry Pi at A.A.A.B in my local network and I have set up a DMZ on my router so that any incoming traffic that comes to my router gets redirected to my raspberry pi wich I can connect via NO-IP adress. The problem is that I want to set up portforwarding since i got several services running on my Pi like SSH, torrent webgui, webalbum, etc. I had this already done before long time ago, but I forgot a bit the syntax and cant get to set it up. Router Help says: The Application allows you to do port forwarding, but only have the ports open when data flowing out of the trigger ports. When a program sends data out on outgoing ports called trigger ports, the device then allows incoming data on the open ports specified in your port triggering configuration. 1.Trigger Port Start Trigger Port Start Specify the start port on the device that would trigger the device to open ports for incoming data. 2.Trigger Port End Specify the end port on the device that would trigger the device to open ports for incoming data. You can enter a port number the same as the trigger port start or enter a larger port number to specify a port range. 3.Trigger Traffic Protocol Type Select the trigger traffic type. Open Port Specify all the ports to be opened. It's content could be: A single port only. A port range only. Start open port number and end port number should be separated by "-" . Combined several single port and several port ranges. Each single port or port range should be separated by "," . Open Traffic Protocol Type Select the open traffic type. This are the fields: http://es.tinypic.com/view.php?pic=n5lv1k&s=8 I think this is the syntax 1-7999,8001-9090,9092-65535. But each time I want to add it gives me an error. Any ideas?

    Read the article

  • Trunking at Router Port

    - by singh
    After reading a bit about interVLAN routing got a doubt regarding how trunking takes place at router and at switch.In case of switch we configure a port interface as trunk port and say all vlan's are allowed here but in case of router we configure sub interface as trunk saying particular vlan belongs to particular subinterface .Can't we configure only a single port interface on router just like Switch and say all vlan's are allowed here on this interface ,why to go for sub interfaces? Hope I'm able to put my question in right way.

    Read the article

  • SMTP redirecting to other port than 25

    - by Roalt
    How can you redirect your smtp traffic to another port than 25? My ISP blocks incoming traffic to port 25. I've been using ZoneEdit.com for this purpose for years (incoming mail traffic goes to another port and I redirect it via my firewall internally to port 25), but with the new system I cannot do it anymore. I'm not sure if I can do this by configuring MX and A records in the right way or if I need a SMTP redirecting service (such as rollernet.us)? I'm not an expert in Zone records but generally I know my way around for website traffic.

    Read the article

  • Iptables - Open Port Only for one Server IP (allow connections from a specific range)

    - by user1015314
    My server has multiple IPs, 1.1.1.1 1.1.1.2 and i have a service which listens to a port e.g. 88 Now i want, when somebody from outside, wants to connect to the port, that he can only connect, to that port, if he connects to the ip 1.1.1.2:88 but if he tries to connect to 1.1.1.1:88 it should not react and it should look like that it dont exists and drops all connections. Ok, than i need for 1.1.1.2:88 that only allows a specific ip range outside connecters. for example only 9.*.*.* can connect to that port and ip. I'm using Centos. Thank you for your help.

    Read the article

  • identify a router that cuts certain port

    - by Sergiks
    Is there a way to identify which particular router between me and some server blocks connections on certain port? I am in a hotel in Thailand, where they have recently changed some settings in their equipment, and now I cannot reach any of my servers in Europe and USA by SSH / port 22. More traditional ports like 80 or 21 are open. traceroute command shows each particular router in the middle. But is there a way to identify one that filters out port 22?

    Read the article

  • Can not open port 3306 on Ubuntu using iptables

    - by user94626
    I am trying to open port 3306 (for remote mysql connections) on my ubuntu 12.04 server machine but for the life of me can't get the damned thing to work! Here is what I did: 1) list current firewall rules: $> sudo iptables -nL -v output: Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 225 16984 fail2ban-ssh tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22 220 69605 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- lo * 0.0.0.0/0 127.0.0.0/8 reject-with icmp-port-unreachable 486 54824 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 19 988 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 4 208 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix "iptables denied: " 4 208 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 735 182K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fail2ban-ssh (1 references) pkts bytes target prot opt in out source destination 225 16984 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 2) try to connect from remote machine: $> mysql -u root -p -h x.x.x.x output: timeout.... failed to connect 3) try to add a new rule to iptables: iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT 4) make sure the new rule is added: $> sudo iptables -nL -v output: Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 359 25972 fail2ban-ssh tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22 251 78665 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- lo * 0.0.0.0/0 127.0.0.0/8 reject-with icmp-port-unreachable 628 64420 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 19 988 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 5 260 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix "iptables denied: " 5 260 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 919 213K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fail2ban-ssh (1 references) pkts bytes target prot opt in out source destination 359 25972 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 which appears to be the case (last line in "Chain INPUT" section). 5) try to connect again from remote machine: $> mysql -u root -p -h x.x.x.x output: timeout.... failed to connect which is failing again. 6) try to flush all rules: $> sudo iptables -F 7) this time I CAN CONNECT. 8) reboot server and try to connect, FAILURE. I suspect since the new rule is being appended at the end it will have no effect as there appears to be a "reject all" sort of rule before it. If this is the case, how to make sure the new rule is added in the right order? Otherwise, what am I missing? Please help.

    Read the article

< Previous Page | 24 25 26 27 28 29 30 31 32 33 34 35  | Next Page >