Search Results

Search found 12079 results on 484 pages for 'secondary ip'.

Page 30/484 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • Primary/secondary ethernet interfaces via NetworkManager in Ubuntu 9.10

    - by Josh
    I have an Ubuntu 9.10 machine with three ethernet interfaces, eth0, eth1 and eth2. eth2 is connected to a private network. eth0 and eth2 are connected to two different LANs. Either one will provide access to the internet. All three networks have DHCP servers. Using Ubuntu's the default settings (And Gnome), when I boot up all the interfaces are active and my system gets three IP addresses. However any attempt to access the internet results in connection timeouts and other weirdness. I suspect that traffic is going out on one NIC (like eth0) and coming back in on another (like eth1). I'm not sure what's going on. The only way I can access the internet at the moment is to bring two of the devices down with ifdown. How can I configure eth0 as my primary interface so all trafic goes out by default on that interface, while keeping the other two active? Also, I want to make sure Avahi broadcasts properly on all three IPs so that the computers on the LAN of eth1 can still connect to myHostname.local... EDIT: Here's my routing table: Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 172.16.151.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 172.16.30.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.1.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 172.16.30.2 0.0.0.0 UG 0 0 0 eth0 0.0.0.0 10.1.0.1 0.0.0.0 UG 0 0 0 eth1 I want the 172.16.30.2 network to be the primary one and the 10.1.0.0 network to be the secondary one. EDIT2: My nameservers are also incorrect. It seems like Ubuntu is bringing the networks up in order, eth0, then 1, then 2, and the DHCP information from eth1 is overriding eth0, and eth2 is overriding eth1. How can I reverse this so the DHCP information from eth0 is the "master"? EDIT3: This seems to be an issue with Gnome's NetworkManager.

    Read the article

  • how do I find the ip address of a host on a Windows network?

    - by user13743
    There is a machine on our network called owner-pc. I want to learn its ip address. I'm not sure which computer it is, and I don't want to trundle to each station to figure it out. When I ping it from the command line on a windows machine, I get something like this: Reply from: fe80::3039:2a21:3f57:f337%1: time<1ms Reply from: fe80::3039:2a21:3f57:f337%1: time<1ms Reply from: fe80::3039:2a21:3f57:f337%1: time<1ms Reply from: fe80::3039:2a21:3f57:f337%1: time<1ms How can I figure this out?

    Read the article

  • is there such a thing as a ip femtocell, and what does it do?

    - by The Journeyman geek
    My dad mentioned a co-worker suggested using a device, that might use cdma to route calls through IP to save costs on a certain overseas project we're on- since our home base is quite far from there. I've never heard of such a device, so if it does, i'm wondering, if its specific to particular ISPs, or if you can just pick one off the shelf, plug it into an arbitraty internet connection, and make calls using it and a cellphone of some sort? As you can tell, details are sketchy, so... if such a device dosen't exist, saying so might be a right answer ;)

    Read the article

  • Conflicting ip routes with local table on attaching a virtual network interface

    - by user1071840
    I have an EC2 instance with these ip rules: $ sudo ip rule show 0: from all lookup local 32766: from all lookup main 32767: from all lookup default I can attach an elastic network interface to it with a private IP. Say the IP of my machine is 10.1.3.12 and the IP of the interface is 10.1.1.190. As soon as I attach the interface to my machine a new entry is added to the routing policy and local routing table: sudo ip rule show 0: from all lookup local 32765: from 10.1.1.190 lookup 10003 32766: from all lookup main 32767: from all lookup default $ sudo ip route show table local broadcast 10.1.1.0 dev eth3 proto kernel scope link src 10.1.1.190 local 10.1.1.190 dev eth3 proto kernel scope host src 10.1.1.190 broadcast 10.1.1.255 dev eth3 proto kernel scope link src 10.1.1.190 broadcast 10.1.3.0 dev eth0 proto kernel scope link src 10.1.3.12 local 10.1.3.12 dev eth0 proto kernel scope host src 10.1.3.12 broadcast 10.1.3.255 dev eth0 proto kernel scope link src 10.1.3.12 broadcast 127.0.0.0 dev lo proto kernel scope link src 127.0.0.1 local 127.0.0.0/8 dev lo proto kernel scope host src 127.0.0.1 local 127.0.0.1 dev lo proto kernel scope host src 127.0.0.1 broadcast 127.255.255.255 dev lo proto kernel scope link src 127.0.0.1 I can send traffic to this ENI directly from a host that can have the same IP as the host the ENI is attached to. This is where the problem starts. I ran tcpdump on the port in question and saw multiple SYNs going to the ENI with src '10.1.3.12' and destination '10.1.1.190' but didn't see even a single ACK. In my understanding if ACKs were being sent from the ENI they'd have destination as 10.1.3.12 i.e. the same as the local machine's IP and such packets will now be routed as local packets matching local routing policy: local 10.1.3.12 dev eth0 proto kernel scope host src 10.1.3.12 I'd like to send all the packets originating from 10.1.1.190 (my ENI) to go back on the same interface i.e. eth3 in this case. Contents of the nee table 10003 are: $ sudo ip route show table 10003 default via 10.1.1.1 dev eth3 I think I can do the following: I don't know if its possible but probably decrease the priority of local table so the packets match the table 10003. Use iptables to mangle these packets and update the local table route to include the mark information But I'm not sure if these are the right approaches.

    Read the article

  • Static IP configuration causing apt-get errors

    - by JPbuntu
    I am getting errors when running apt-get update or when installing new packages. Although this only happens when the server configured for a static IP address. Changing the configuration back to DHCP and restarting networking fixes the problem, although I want a static IP. Once it is working I can change back to my static IP address and restart networking. Although this only works until I restart the server (restarting the router is ok), and then I start getting the same errors and have to switch back to DHCP. Any ideas on what could be causing this or tips on troubleshooting it? Thanks in advance. here is my static IP configuration: auto eth0 iface eth0 inet static address 192.168.2.2 netmask 255.255.255.0 gateway 192.168.2.1 The apt-get update errors go something like this: A few of these Ign http://us.archive.ubuntu.com precise-backports InRelease then a lot of these Err http://security.ubuntu.com precise-security Release.gpg Something wicked happened resolving 'security.ubuntu.com:http' (-5 - No address associated with hostname) and a lot of these W: Failed to fetch http://us.archive.ubuntu.com/ubuntu/dists/precise-backports/universe/i18n/Translation-en Something wicked happened resolving 'us.archive.ubuntu.com:http' (-5 - No address associated with hostname)

    Read the article

  • Webserver on a rotating server with NAT IP or changing IPs

    - by hpsoftware
    i would have to elaborate my questions so please have patience Explaining the logic. if you are familiar with logmein then it installs a client software on your computer then it kinda keeps tracks where you computer is as long as it's connected to internet. So you can always access your computer no matter where it is whatever it's IP is you just go to logmein.com and then you can just access it. Now what i am asking 1. Let's assume i have a website hosted on my laptop let's call it webserver. so then i move around i have a new IP sometime even on a hotel network is it possible to do something like what logmein does so i can keep moving around my Webserver to new IP but it has some local client or something which keeps updating my IP or something i am sure i would need a gateway server somewhere which is connected to my domain name via DNS so somebody accessing my website www.mywebsite.com goes to my main server then gets routed to my laptop which could be anywhere but my gateway server is able to communicate to my webserver I will keep updating the case description based on comments to make more sense. please have patience with me. Regards

    Read the article

  • Optimising website IP for location

    - by Liam Sorsby
    From my understanding of SEO, websites are optimised for the current location of their IP address. For example if xxx.xxx.xxx.xx resolves to the UK then you are more likely to get higher rankings in the UK then you are in the USA. However, my query is when you use a CDN you are storing a cached version of your website across multiple servers at strategic locations across the globe to reduce load time in locations that your trying to target. Now if you use a CDN and geo-locate the website URL then it only resolves back to the USA (where our IP address resolves too) but it doesn't say it resolves to any other countries. As far as I know you can have multiple IP address resolving to one domain (from different countries). Do CDN's really help to optimise the location of your website or are they soley meant to optimise load time? Is there a better way to optimise for multiple countries with regards to the resolution of the IP address? Are VPN's as per this post here relevant to this? Any advice would be helpful.

    Read the article

  • LDAP not showing secondary groups

    - by Sandy Dolphinaura
    Currently, I have a LDAP server (running ClearOS if that makes any difference) containing a database of users. So, I went and setup LDAP on a couple of my debian VMs, using libpam-ldapd and I discovered this odd problem. My group/user mapping would show up when running getent group but the secondary groups would not show up when running id . Here is my /etc/nslcd.conf # /etc/nslcd.conf # nslcd configuration file. See nslcd.conf(5) # for details. # The user and group nslcd should run as. uid nslcd gid nslcd # The location at which the LDAP server(s) should be reachable. uri ldaps://10.3.0.1 # The search base that will be used for all queries. base dc=pnet,dc=sandyd,dc=me # The LDAP protocol version to use. #ldap_version 3 # The DN to bind with for normal lookups. binddn cn=manager,ou=internal,dc=pnet,dc=sandyd,dc=me bindpw Me29Dakyoz8Wn2zI # The DN used for password modifications by root. #rootpwmoddn cn=admin,dc=example,dc=com # SSL options ssl on tls_reqcert never # The search scope. #scope sub #filter group (&(objectClass=group)(gidNumber=*)) map group uniqueMember member

    Read the article

  • Help setting up a secondary authoritative DNS server.

    - by GLB03
    We have three Authoritative DNS servers and three recursive/caching DNS servers on my campus. Authoritative servers DNS1- Windows 2003 DNS2- Old Red Hat ----- Replacing w/ newer version DNS3- Windows 2008 (I installed) Caching and Recursive resolvers servers Server1- Windows 2003 Server2- CentOS 5.2 (I installed) Server3- CentOS 5.3 (I installed) I am replacing DNS2 with a newer Red Hat version, but have no documentation on how it was implemented. I have setup caching and windows authoritative servers, but not a linux secondary authoritative server. I have a perl script from the original server that pulls data from our DNS1 server. We use DJBDNS and TinyDNS on our linux servers. Our Network Engineer says the DNS2 server I am replacing is an authoritative server that doesn't need to be caching, but the only instructions I see is for an Authoritative server that does caching as well. Can someone point me in the right directions. I thought I was on the right track with using these instructions but when I query my new dns server I get "No response from server", I have temporarily disabled iptables to eliminate it from being an issue. ps -aux | grep dns avahi 3493 0.0 0.2 2600 1272 ? Ss Apr24 0:05 avahi-daemon: running [newdns2.local] root 5254 0.0 0.1 3920 680 pts/0 R+ 09:56 0:00 grep dns root 6451 0.0 0.0 1528 308 ? S Apr29 0:00 supervise tinydns dnslog 6454 0.0 0.0 1540 308 ? S Apr29 0:00 multilog t ./main tinydns 9269 0.0 0.0 1652 308 ? S Apr29 0:00 /usr/local/bin/tinydns

    Read the article

  • Help setting up an secondary authoritative DNS server.

    - by GLB03
    We have three Authoritative DNS servers and three recursive/caching DNS servers on my campus. Authoritative servers DNS1- Windows 2003 DNS2- Old Red Hat ----- Replacing w/ newer version DNS3- Windows 2008 (I installed) Caching and Recursive resolvers servers Server1- Windows 2003 Server2- CentOS 5.2 (I installed) Server3- CentOS 5.3 (I installed) I am replacing DNS2 with a newer Red Hat version, but have no documentation on how it was implemented. I have setup caching and windows authoritative servers, but not a linux secondary authoritative server. I have a perl script from the original server that pulls data from our DNS1 server. We use DJBDNS and TinyDNS on our linux servers. Our Network Engineer says the DNS2 server I am replacing is an authoritative server that doesn't need to be caching, but the only instructions I see is for an Authoritative server that does caching as well. Can someone point me in the right directions. I thought I was on the right track with using these instructions but when I query my new dns server I get "No response from server", I have temporarily disabled iptables to eliminate it from being an issue. ps -aux | grep dns avahi 3493 0.0 0.2 2600 1272 ? Ss Apr24 0:05 avahi-daemon: running [newdns2.local] root 5254 0.0 0.1 3920 680 pts/0 R+ 09:56 0:00 grep dns root 6451 0.0 0.0 1528 308 ? S Apr29 0:00 supervise tinydns dnslog 6454 0.0 0.0 1540 308 ? S Apr29 0:00 multilog t ./main tinydns 9269 0.0 0.0 1652 308 ? S Apr29 0:00 /usr/local/bin/tinydns

    Read the article

  • Display on secondary video card (Nvidia 8400 GS): horrible refresh, bogs system

    - by minameismud
    This is my work computer, but it's a small shop. We do business software development. The most hardcore thing we create is some web animations with html5 and fancy javascript/css. The base machine is a Dell Precision T3500 - Xeon W3550 (3.07GHz quad), 6GB ram, pair of 500GB harddrives, and Win 7 x64 Enterprise SP1. My primary video card is an ATI FirePro V4800 1GB in a PCIe slot of some speed driving a pair of 23s at 1920x1080 through DisplayPort-HDMI adapters. The secondary card is an NVidia GeForce 8400GS in a PCI slot driving a single 17" at 1280x1024 through DVI. On either of the 23" monitors, windows move smoothly, scroll quickly, and are generally very responsive. On the 17", it's slow, chunky, and when I'm trying to scroll a ton of content, Windows will occasionally suggest I drop to the Windows Basic theme. I've updated drivers for both cards, and I've gotten every Windows update relating to video. Specifically: ATI FirePro Provider: Advanced Micro Devices, Inc Date: 6/22/2014 Version: 13.352.1014.0 NVidia 8400 GS Provider: NVIDIA Date: 7/2/2014 Version: 9.18.13.4052 Unfortunately, new hardware isn't really an option. Is there anything I can do software-wise to speed up the NVidia-driven monitor?

    Read the article

  • NSFetchedResultsController on secondary UITableView - how to query data?

    - by Jason
    I am creating a core-data based Navigation iPhone app with multiple screens. Let's say it is a flash-card application. The data model is very simple, with only two entities: Language, and CardSet. There is a one-to-many relationship between the Language entity and the CardSet entities, so each Language may contain multiple CardSets. In other words, Language has a one-to-many relationship Language.cardSets which points to the list of CardSets, and CardSet has a relationship CardSet.language which points to the Language. There are two screens: (1) An initial TableView screen, which displays the list of languages; and (2) a secondary TableView screen, which displays the list of CardSets in the Language. In the initial screen, which lists the languages, I am using NSFetchedResultsController to keep the list of languages up-to-date. The screen passes the Language selected to the secondary screen. On the secondary screen, I am trying to figure out whether I should again use an NSFetchedResultsController to maintain the list of CardSets, or if I should work through Language.cardSets to simply pull the list out of the object model. The latter makes the most sense programatically because I already have the Language - but then it would not automatically be updated on changes. I have looked at the NSFetchedResultsController documentation, and it seems like I can easily create predicates based on attributes - but not relationships. I.e., I can create the following NSFetchedResultsController: NSPredicate *predicate = [NSPredicate predicateWithFormat:@"name LIKE[c] 'Chuck Norris'"]; How can I access my data through the direct relationship - Language.cardSets - and also have the table auto-update using NSFetchedResultsController? Is this possible?

    Read the article

  • How to block/avoid a particular IP when connecting to websites?

    - by Mark
    I'm having trouble connecting to a particular website. I can view it through a proxy, but not from home. So I ran a traceroute: Tracing route to fvringette.com [76.74.225.90] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms <snip> 2 * * * Request timed out. 3 9 ms 7 ms 27 ms rd2bb-ge2-0-0-22.vc.shawcable.net [64.59.146.226] 4 8 ms 7 ms 7 ms rc2bb-tge0-9-2-0.vc.shawcable.net [66.163.69.41] 5 10 ms 9 ms 9 ms rc2wh-tge0-0-1-0.vc.shawcable.net [66.163.69.65] 6 27 ms 23 ms 22 ms ge-gi0-2.pix.van.peer1.net [206.223.127.1] 7 18 ms 18 ms 20 ms 10ge.xe-0-2-0.van-spenc-dis-1.peer1.net [216.187.89.206] 8 9 ms 11 ms 10 ms 64.69.91.245 9 * * * Request timed out. 10 * * * Request timed out. ... Looks like this "64.69.91.245" is somehow blocking me. Can I tell my computer to avoid/bypass that IP when trying to connect?

    Read the article

  • How to use TCP/IP Nagle algorithm at Apple Push Notification

    - by Mahbubur R Aaman
    From Apple's Developer Library The binary interface employs a plain TCP socket for binary content that is streaming in nature. For optimum performance, you should batch multiple notifications in a single transmission over the interface, either explicitly or using a TCP/IP Nagle algorithm. How to use TCP/IP Nagle algorithm in case Apple's Push Notification? How to batch multiple notification in a single transmission over the interface? Additional # In Apple's Push Notification Urban Airship is a familiar name to send large amount of push notification within several minutes. Does they use TCP/IP Nagle algorithm?

    Read the article

  • how to assign web server and domain a public ip adress

    - by kdavis8
    i have installed an ISO image of windows server 2008 r2 onto my VMware workstation, as a virtual server. I am trying to host my own web server for testing purposes.I have Internet service with sprint and i called them to obtain my public ip address. Now that i have my public ip address how to i assign it to my server? I also have a web domain name that i would like to point it at that web server. Do i give it the public ip address or do i give it the name of the server?

    Read the article

  • Siebel 2012-IP Release is now GA

    - by Richard Lefebvre
    The Siebel development team is pleased to announce the general availability of the highly anticipated 2012 Siebel Innovation Pack on 12/12/2012. The journey began last year as a concept at Open World that invigorated the Siebel customer base and partners across the globe, culminating in this 2012-IP release that delivers much valued usability enhancements on an existing release. Open UI and Siebel Mobile are the key innovations that are released as part of the 2012-IP on both 8.1.1.9 and the 8.2.2.2 releases. These innovations are a giant leap forward in facilitating Siebel usability while supporting multiple browsers and devices. Siebel Mobile released as part of the IP provide connected Mobile solutions that support key Horizontal Sales, Field Service, Life Sciences and Consumer Goods flows. See the Siebel Open UI Dada Sheet here.

    Read the article

  • WiFi AdHoc Network: Unable to access peer by ip

    - by Pranav
    I've set up a WiFi AdHoc network in Maverick and selected the IPv4 settings as "Shared to other computers". On the client computer, I joined the network with the same SSID and set IPv4 method to Manual and I gave it an IP 10.42.43.2 (As on the first computer, the auto generated IP was 10.42.43.1). From either of the computers, I'm not able to access the other using the IP (in browser). Any idea why? (If I browse to 10.42.43.1 from the first computer, it works) Thanks!

    Read the article

  • IP/PORT forward requests to another server

    - by DT.DTDG
    I have the following listening PORT:IP set up on my UBuntu server. 12.345.67.890:3636 It receives requests perfectly, however, I would now like to forward any requests to that IP:PORT to another IP:PORT, i.e.: 09.876.54.321:3636 Essentially I want to do a request forward 12.345.67.890:3636 -> 09.876.54.321:3636. How can I go about it in Terminal and if I wanted to change it back how can I go about that too? Is there also a way to test that the data is forwarding and it is setup properly? Thanks! Edit: Can I just do as follows, just wondering how I would go about testing it and how I could disable it? sysctl net.ipv4.ip_forward=1 iptables -t nat -A PREROUTING -p tcp --dport 3636 -j DNAT --to-destination 09.876.54.321:3636 iptables -t nat -A POSTROUTING -j MASQUERADE

    Read the article

  • possible to use an IP derived from Dynamic DNS in htaccess IP allow/deny commands?

    - by user115745
    On a website I manage, I want to use an .htaccess file to allow access to a certain administrative directory only from my home IP address, which is dynamically assigned by my ISP and therefore changes -- not regularly, but it does happen. I also have an account from DynDNS and have one of the auto-update clients making sure it always points to my actual home IP address. I don't actually host anything at home; I just have set up the Dynamic DNS account. Is there any way to combine these features: that is, is it possible write the .htaccess allow/deny commands at my outside webhost in a way that my home IP address is not hard coded into the command, but instead is somehow derived from the Domain Name that the DynDNS has assigned me, by doing a real-time lookup every time the directory's .htaccess file is hit? Thank you.

    Read the article

  • Change OpenVZ route to pass through ip failover

    - by Kevin Campion
    I have one dedicaced server with its own IP and another IP (failover) who refer to the first. I will wish to change the gateway of a Proxmox virtual machine (openvz) who runs on this dedicaced server to go through the failover IP rather than the ip of host main server. Once connected to a virtual machine, when I do a traceroute VE# traceroute www.google.fr traceroute to www.google.fr (209.85.229.104), 30 hops max, 60 byte packets 1 MY_SERVER_NAME.ovh.net (xxx.xxx.xxx.xxx FIRST_IP_MAIN_SERVER) 0.021 ms 0.010 ms 0.009 ms The first line tells me the ip of host main server. I would like that the traceroute display the second IP failover. VE# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.0.2.1 * 255.255.255.255 UH 0 0 0 venet0 default 192.0.2.1 0.0.0.0 UG 0 0 0 venet0 With iptables HOST# iptables -t nat -L Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere MASQUERADE all -- anywhere anywhere SNAT tcp -- anywhere 10.10.101.2 tcp dpt:www state NEW,RELATED,ESTABLISHED,UNTRACKED to:SECOND_IP_FAILOVER SNAT all -- 10.10.101.2 anywhere to:SECOND_IP_FAILOVER 10.10.101.2 is the virtual machine IP (interface venet0) Any ideas ?

    Read the article

  • Having two IP Routes/Gateways of last Resort on an HP Switch

    - by SteadH
    We have an HP Layer 3 Switch that is doing IP routing between vlans. The general set up is that the switch has an IP address on each VLAN and IP routing is enabled. On our servers VLAN, we have a firewall that has a connection to the outside world. To set a IP route on the HP router, we use IOS command ip route 0.0.0.0 0.0.0.0 192.168.2.1 where 192.168.2.1 is the address of our firewall, and the zeros essentially mean to route all traffic that the switch doesn't know what to do with out the firewall as a gateway. We're in the middle of an ISP and firewall change. I set up the new firewall and ran the IOS command ip route 0.0.0.0 0.0.0.0 192.168.2.254 (the address of the new firewall). Things started working nicely. When I reviewed the configuration of the switch though, I noticed that it did not replace the previous ip route command, but just added another route. Now, I know how to remove the old firewall route (no ip route 0.0.0.0 0.0.0.0 192.168.2.1), but what is the effect of having these two 0.0.0.0 routes? Is it switch implosion? Will a server just respond back over the route it receives the request from? I've read elsewhere that having two default gateways is an impossibility by definition, but I'm curious about this situation that our switch allowed. Thanks!

    Read the article

  • Bizarre client IP switch-up on VPN

    - by B. VB.
    Let A.B.C.D be the public IP of my VPN server. Let W.X.Y.Z be the IP of the client before it connects to the VPN. My VPN server's IP address on the LAN in 10.8.0.1, and the client is 10.8.0.6. I also run a webserver on the same machine hosting the VPN. On it is a simple webpage that performs the exact same thing as whatismyip.org (i.e., simply prints the IP of the requester) Let me illustrate the scenario for you. In a Chrome window I have three tabs, what I have in parenthesis is the URL: Tab 1 (http://whatismyip.org): A.B.C.D This is what I expect to see. It's the public IP of the VPN server. Tab 2 (http://10.8.0.1): 10.8.0.6 ok, looks expected. They are behind the same LAN now. Tab 3 (http://A.B.C.D) W.X.Y.Z WTF?? Basically, if I access the webserver while tunneled, in shows the IP address of my machine PRIOR to tunelling! Remember, tab2 and tab3 are the same webpage. Why does Tab3 not show the client IP as it's own IP (i.e., show A.B.C.D)??? I hope this question is clear, thanks in advance!

    Read the article

  • IP address spoofing using Source Routing

    - by iamrohitbanga
    With IP options we can specify the route we want an IP packet to take while connecting to a server. If we know that a particular server provides some extra functionality based on the IP address can we not utilize this by spoofing an IP packet so that the source IP address is the privileged IP address and one of the hosts on the Source Routing is our own. So if the privileged IP address is x1 and server IP address is x2 and my own IP address is x3. I send a packet from x1 to x2 which is supposed to pass through x3. x1 does not actually send the packet. It is just that x2 thinks the packet came from x1 via x3. Now in response if x2 uses the same routing policy (as a matter of courtesy to x1) then all packets would be received by x3. Will the destination typically use the same IP address sequences as specified in the routing header so that packets coming from the server pass through my IP where I can get the required information? Can we not spoof a TCP connection in the above case? Is this attack used in practice?

    Read the article

  • libpam-ldapd not looking for secondary groups

    - by Jorge Suárez de Lis
    I'm migrating from libpam-ldap to libpam-ldapd. I'm having some trouble gathering the secondary groups from LDAP. On libpam-ldap, I had this on the /etc/ldap.conf file: nss_schema rfc2307bis nss_base_passwd ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es nss_base_shadow ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es nss_base_group ou=Groups,ou=CITIUS,dc=inv,dc=usc,dc=es nss_map_attribute uniqueMember member The mapping is there because I'm using groupOfNames instead of groupOfUniqueNames LDAP class for groups, so the attribute naming the members is named member instead of uniqueMember. Now, I want to do the same using libpam-ldapd but I can't get it to work. Here's the relevant part of my /etc/nslcd.conf: base passwd ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es base shadow ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es base group ou=Groups,ou=CITIUS,dc=inv,dc=usc,dc=es map group uniqueMember member And this is the debug output from nslcd, when a user is authenticated: nslcd: [8b4567] DEBUG: connection from pid=12090 uid=0 gid=0 nslcd: [8b4567] DEBUG: nslcd_passwd_byuid(4004) nslcd: [8b4567] DEBUG: myldap_search(base="ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es", filter="(&(objectClass=posixAccount)(uidNumber=4004))") nslcd: [8b4567] DEBUG: ldap_initialize(ldap://172.16.54.31/) nslcd: [8b4567] DEBUG: ldap_set_rebind_proc() nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_DEREF,0) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,10) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,10) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,10) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON) nslcd: [8b4567] DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON) nslcd: [8b4567] DEBUG: ldap_simple_bind_s("uid=ubuntu,ou=Applications,ou=CITIUS,dc=inv,dc=usc,dc=es","*****") (uri="ldap://172.16.54.31/") nslcd: [8b4567] connected to LDAP server ldap://172.16.54.31/ nslcd: [8b4567] DEBUG: ldap_result(): end of results nslcd: [7b23c6] DEBUG: connection from pid=15906 uid=0 gid=2000 nslcd: [7b23c6] DEBUG: nslcd_pam_authc("jorge.suarez","","su","***") nslcd: [7b23c6] DEBUG: myldap_search(base="ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es", filter="(&(objectClass=posixAccount)(uid=jorge.suarez))") nslcd: [7b23c6] DEBUG: ldap_initialize(ldap://172.16.54.31/) nslcd: [7b23c6] DEBUG: ldap_set_rebind_proc() nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_DEREF,0) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,10) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,10) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,10) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON) nslcd: [7b23c6] DEBUG: ldap_simple_bind_s("uid=ubuntu,ou=Applications,ou=CITIUS,dc=inv,dc=usc,dc=es","*****") (uri="ldap://172.16.54.31/") nslcd: [7b23c6] connected to LDAP server ldap://172.16.54.31/ nslcd: [7b23c6] DEBUG: ldap_initialize(ldap://172.16.54.31/) nslcd: [7b23c6] DEBUG: ldap_set_rebind_proc() nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_PROTOCOL_VERSION,3) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_DEREF,0) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_TIMELIMIT,10) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_TIMEOUT,10) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_NETWORK_TIMEOUT,10) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_REFERRALS,LDAP_OPT_ON) nslcd: [7b23c6] DEBUG: ldap_set_option(LDAP_OPT_RESTART,LDAP_OPT_ON) nslcd: [7b23c6] DEBUG: ldap_simple_bind_s("uid=jorge.suarez,ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es","*****") (uri="ldap://172.16.54.31/") nslcd: [7b23c6] connected to LDAP server ldap://172.16.54.31/ nslcd: [7b23c6] DEBUG: myldap_search(base="uid=jorge.suarez,ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es", filter="(objectClass=posixAccount)") nslcd: [7b23c6] DEBUG: ldap_unbind() nslcd: [3c9869] DEBUG: connection from pid=15906 uid=0 gid=2000 nslcd: [3c9869] DEBUG: nslcd_pam_sess_o("jorge.suarez","uid=jorge.suarez,ou=People,ou=CITIUS,dc=inv,dc=usc,dc=es","su","/dev/pts/7","","jorge.suarez") It seems to me that it won't even try to look for groups. What I am doing wrong? I can't see anything relevant to my problem information on the docs. I'm probably not understanding how the map option works.

    Read the article

  • NAT and ISP Subnet when load balancing on pfsense?

    - by dannymcc
    I have a pfsense box that I'm trying to plan the configuration for. I am going to be load balancing two ISP's, each with their own /29 static IP subnet. The question I have is in relation to the way those IP's are associated with workstations on the local network. Currently I have some workstations with local (192.168.1.0/29) IP addresses, and other more complicated workstation setups have their own public IP address. Some of the more complicated systems have a NAT 1:1 configuration where I forward a public IP address to a local IP address. Others however are directly on the ISP subnet and cannot be seen on our local network. Is this configuration possible with pfsense? If so, what terms should I be looking through the documentation for? Here is a simple/brief diagram of what I am trying to achieve.

    Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >