Search Results

Search found 1102 results on 45 pages for 'udp'.

Page 30/45 | < Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >

  • How can I expire non-active sessions on my Netscreen SSG140?

    - by David Mackintosh
    I have a Juniper Netscreen SSG-140. While experimenting with a VoIP service, I defined a custom policy that was to be used to permit the possible ports in use to be sent back to the VoIP server from systems connecting across the internet. Because I'd had problems in the past with VoIP systems getting broken when their UDP sessions were expired out faster than their keep-alives were generated, I set the timeout on this custom service to be 'never'. After much experimentation, I happened to notice that my session count on the firewall has grown from a couple thousand to over 36000. After discussion with the VoIP "expert", I set the timeout to be 30 minutes; however, all the sessions set up during the experimentation process are still there, more than 3 days later. Is there a way I can force these old sessions to get expired and removed from the session table, or am I looking at resetting my firewall? (Both firewalls, actually -- they are in a cluster.)

    Read the article

  • OpenVPN performance: how many concurrent clients are possible?

    - by Steffen Müller
    I am evaluating a system for a client where many OpenVPN clients connect to a OpenVPN server. "Many" means 50000 - 1000000. Why do I do that? The clients are distributed embedded systems, each sitting behind the system owners dsl router. The server needs to be able to send commands to the clients. My first naive approach is to make the clients connect to the server via an openvpn network. This way, the secure communication tunnel can be used in both directions. This means that all clients are always connected to the server. There are many clients summing up over the years. The question is: does the OpenVPN server explode when reaching a certain number of clients? I am already aware of a maximum TCP connection number limit, therefore (and for other reasons) the VPN would have to use UDP transport. OpenVPN gurus, what is your opinion?

    Read the article

  • Running a small IPTV station

    - by nixterrimus
    I'm looking to run an iptv station for my dorm. I know I can serve multicast so that's not a problem. The station will serve out podcasts and other cc licensed content. The target endpoint is xbmc- a media center. So far I know that I need to serve an rtp stream over udp that's streaming an mpeg-4 avc main or high profile with aac ( or ac3 ?) audio. I've had some luck using vlc with vlm to stream but it seems limited. What are my other options?  Everything has to run on Linux- hopefully open source. How can I use playlists and not live streams? What are my software options?

    Read the article

  • SNMP based network discovery (switches), device (ports on switches) power management

    - by SaM
    In a enterprise network, what would be the right way to generate a list of switches (SNMP managed) Is it reasonable to ask the organization to supply a list such as this: Switch name IP Address of switch Location SNMP community strings Or are there standard ways to run discovery scans - UDP broadcasts? After having generated a repository such as the above; given a single switch, how to query it for the list of all devices attached to it? Finally, how to selectively power down/power up ports? (remotely - using SNMP) Platform is going to be .NET based (C#) and the library being used is SharpSNMP

    Read the article

  • How do you enable syslogd to accept incoming connections on Snow Leopard from remote loggers?

    - by Emmel
    How do I get syslogd to accept incoming connections from remote hosts on Snow Leopard? I'd like to centralize logging such that various devices and systems send logs to Snow Leopard's syslogd, which normally hangs out on UDP 514. However, I'm unable to get them to successfully be accepted by good ole syslogd. I tcpdumped on the Snow Leopard box to verify that packets are being spouted to port 514 -- they are. I checked that syslogd is listening on 514 -- it's not. Googling around told me that, on older versions of OSX (don't you love the way things change so rapidly on OSX), one just had to add a flag to the syslogd daemon to allow remote; one did this in com.apple.syslogd.plist. However the syslogd daemon has no flags (at least in its man page) that suggests any remote anything. What's the solution to this? Secondary, less import but relevant question: What's 'newsyslog'? I see a plist file but it's not running (apparently). Thanks

    Read the article

  • DHCP Client Can't Find DHCP Server

    - by leeman24
    I currently have 3 machines: CentOS (router) eth1 - 18.0.168.1 eth2 - 145.165.34.1 Windows Server 2008 (server) 18.0.168.2 DHCP scope - 145.165.34.10 - 145.165.34.20 Windows 7 (client) Supposed to use DHCP I can't get my Windows 7 client to get an address from the Windows Server 2008 DHCP server. Every network interface can ping each other (ex. 18.0.168.2 can ping 18.0.168.1 & 145.165.34.1 and the other way around). My Linux machine acting as the router has default IP tables. Other than this command which may or may not be right: iptables -I INPUT -p udp -d 18.0.168.2 --dport 67:68 -j ACCEPT I have also tried it after I flushed the IP tables. I was looking at the dhcrelay command but it seems CentOS doesn't have it and I am not even sure how to use it.

    Read the article

  • AT&T U-verse 2Wire Router - Increase session table limit?

    - by caleban
    AT&T U-verse VDSL "fiber to the node" 24Mbit down / 3Mbit up 2Wire Router Model 3800HGV-B Software Version 6.1.9.24-enh.tm The 2Wire router appears to have a limit of 1024 TCP and UDP sessions. This limit appears to apply to all sessions regardless of any static IP, firewall off, DMZ plus, secondary router configurations. I've tried using the 2Wire router alone and also configuring the 2Wire static IP addressing, firewall off, DMZ plus, etc. setup along with my own pfSense router/firewall. Either way it appears I exceed the 1024 session limit and sessions start being reset. Running out of sessions isn't being caused by torrents or p2p etc. We're a business and our legitimate uses are exceeding this session limit. AT&T tells me it's not possible to bridge the router or increase or avoid the session table limit. I'm curious if anyone has found a way around either of these issues.

    Read the article

  • PXE boot very slow when PXE server is virtualbox

    - by sqrtsben
    As I read in questions here and on the Internet, PXE and Virtualbox don't seem to like each other too much. My problem is the following: I have a virtualized machine which hosts the DHCP and PXE server for 10 native clients. They are rebooted roughly every 10 mins and on each reboot, they need to boot a small linux (the initrd is ~4MB). Before, I had a native machine running and booting via PXE was very fast. Now, looking at the output of nload, I only get 500kbit/s whenever one machine is booting. The machines are connected via a GBit switch, so that can't be it. Also, when testing the connection speed to the outside, I have the full bandwidth available. Is VBox just unable to deal with large amounts of UDP packets? Can anyone point me in the right direction here?

    Read the article

  • not find 127.0.0.1 or vhost with localhost apache in mac

    - by Charly Palencia
    i was working with localhost:81 during a long time with vhost and all was rigth. BUT, right now i need to work over the 80 port and i change the http.conf and http-vhost for used the 80 port but right now into the browser localhost works ok, 127.0.0.1 and the vhost not find the server. my configurations are: * My local machine is lion osx * mamp * HTTP.conf: ServerName localhost:80 * http-vhost NameVirtualHost localhost <VirtualHost localhost> DocumentRoot "/Users/chalien/projects/ownProjects/PHP" ServerName example.dev </VirtualHost> * /private/etc/hosts 127.0.0.1 localhost 255.255.255.255 broadcasthost ::1 localhost fe80::1%lo0 localhost 127.0.0.1 example.dev * /private/etc/services http 80/udp www www-http # World Wide Web HTTP http 80/tcp www www-http # World Wide Web HTTP

    Read the article

  • Socksify TCP connections reaching a gateway IP -- preferably without iptables

    - by Alexandra Neagu
    I have Virtualbox installed on Debian with a few virtual machines. I can't install anything in the guests, and I use host only networking, vboxnet0. The host IP in the host network is 192.168.56.1, and the guests have static IPs in 192.168.56.0/24. I access Internet with a SOCKS proxy (without authentication) and I would like the Virtualbox guests TCP connections to be sent through the SOCKS proxy. This would also be useful for socksifying external TCP reaching a gateway network card or wireless access point. I looked at transocks, tun2socks, with dante-client, etc., but I don't know how can I achieve this without enabling IP forwarding in the host and using iptables. Maybe to attach somehow the Virtualbox vboxnet0 network to the tunnel tun0 used by tun2socks? Or maybe there is a way to do NAT to tun0 in Virtualbox? I only need TCP traffic and I don't need UDP, not even for DNS.

    Read the article

  • Amazon EC2 Creating Tunnel with OpenVPN

    - by nocode
    I have followed these instructions: http://aws.amazon.com/articles/0639686206802544 I can ping the VPN endpoints and I have the corresponding VPC CIDR pointing to the EC2 instance in the route table. Here is my config: port 1194 proto udp dev tun # Remote peer and network remote Elastic_IP route 10.0.0.0/16 # Configure local and remote VPN endpoints ifconfig 169.254.255.1 169.254.255.2 # The pre-shared static key secret /etc/openvpn/ovpn.key keepalive 10 120 persist-key persist-tun log /var/log/openvpn.log verb 3 When I look at my logs, I get this error: RESOLVE: Cannot resolve host address: 10.0.0.0/16: Name or service not known OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.0.0.0/16 in VPC1, the CIDR is 172.31.0.0/16 which is targeting the EC2 instance also running OpenVPN. I'm getting the same error from the Instance in VPC2 with the corresponding CIDR. Just for testing, i stopped the IPTABLES service I am running the Amazon linux AMI image (x64) as specified in the article I linked.

    Read the article

  • Log centralization, display, transport and aggregation at scale v2

    - by Eric DANNIELOU
    This is a duplicate question of Log transport and aggregation at scale and http://stackoverflow.com/questions/1737693/whats-the-best-practice-for-centralised-logging, but the answers might differ now : The softwares described in 2009 may have changed since (for example Octopussy evolved from version 0.9 to 1.0.5). Rsyslog has become the default on most linux distro. Requirements have changed (security, software configuration management, ...). I'd like to ask the following questions : How do you centralize, display and archive system logs? How would you like to do it now if you had to? Most linux distro use rsyslog nowadays, which can provide reliable log transport. But some older unices, network devices and maybe windows box still use old udp rfc-style transport. How did you manage to get reliable transport? Storing logs for a few months can represent a huge amount of disk space. How do you store them? rdbms? Compressed and encrypted text files?

    Read the article

  • Using QoS to prioritize IP addresses

    - by Tristan
    I have a Western Digital N900 router. I was hoping I'd be able to throttle users based on their MAC address with it, which isn't possible sadly. Seems simple in principle though, duh. The battle against bandwidth hogging roomates rages on. Could I just set the local IP range to their IP, and then set the Local port range to every single port in existence. Then prioritize their IP to lower than mine? Will this work? What are all the ports? And what's the difference between Local and Remote IPs or Ports? Name: Roomate, Priority: Low, Protocol: TCP or UDP ??, Local IP Range: .101 to .101, Local Port Range: 0 to infinity, Remote IP Range: ? to ?, Remote Port Range: ? to ?

    Read the article

  • pfSense + DDoS Protection

    - by Jeremy
    I run a gaming community on a colo with a 100Mbps port. I want to buy a very cheap 35 dollar server with the same 100Mbps port, and run pfSense to use as a hardware firewall. I'm dealing with a bunch of 14 year old kids that have access to botnets, so it can become a bit necessary to get something like this. My overall question, is using pfSense on a cheap identical datacenter/port speed server worth it to actually block DDoS attacks? A bit more into detail since I assume you will ask this, the attacks we receive are normally around 1Gbps. We currently run CentOS using CSF Firewall, and even when using a software firewall, we block 500Mbps UDP floods, or just generic attacks pretty easily. Thanks, - Necro

    Read the article

  • NFS failover WITHOUT DRBD?

    - by user439407
    So I am trying to set up a redundant NFS share in a cloud environment(all links internal, half gig links), and I am looking into using heartbeat for failover, but all the guides seem to be about combining DRBD and heartbeat to create a robust environment. If need be I can do that, but since my content is almost completely static, I would like to avoid the extra overhead and complexity of DRBD if possible, but still be able to fail over if one of the NFS servers fails. Is it possible to use heartbeat with NFS to achieve high-availability without using DRBD to copy the blocks? I am not married to NFSv4, so if NFSv3 over UDP is necessary, that won't be a problem(only a very small number of clients will be connecting to the share) Any comments are appreciated.

    Read the article

  • Socat and rich terminals (with Ctrl+C/Ctrl+Z/Ctrl+D propagation)

    - by Vi
    socat - exec:'bash -li',pty,stderr,ctty - bash: no job control in this shell What options should I use to get fully fledged shell as I get with ssh/sshd? I want to be able to connect the shell to everything socat can handle (SOCKS 5, UDP, OpenSSL), but also to have a nice shell which correctly interprets all keys, various Ctrl+C/Ctrl+Z, tab completion, up/down keys (with remote history). Update: Found "setsid" socat option. It fixes "no job control". Now trying to fix Ctrl+D. Update 2: socat file:`tty`,raw,echo=0 exec:'bash -li',pty,stderr,setsid,sigint,sane. Not it handles Ctrl+D/Ctrl+Z/Ctrl+C well, I can start Vim inside it, remote history is OK.

    Read the article

  • How to connect my Android to my Laptop wirelessly , to stream data between the two?

    - by Deepun
    I want to stream data from my Laptop PC to my Android phone using TCP or UDP by creating sockets in both the phone and the laptop, but it has to be done wirelessly. How do I connect them to stream the data ? I thought creating an ad-hoc wireless network from my laptop and connecting to it using my Android would work. But my Android is not detecting the ad-hoc network. Is there any other way how I can connect the two ? I downloaded this software called 'connectify' and created a wifi hotspot on my laptop, and successfully connected the two. But will I be able to stream data to my device using this connection ? Can simple direct Bluetooth connection help me in creating sockets in both phone and laptop and stream the data ?

    Read the article

  • Raw socket sendto() failure in OS X

    - by user37278
    When I open a raw socket is OS X, construct my own udp packet (headers and data), and call sendto(), I get the error "Invalid Argument". Here is a sample program "rawudp.c" from the web site http://www.tenouk.com/Module43a.html that demonstrates this problem. The program (after adding string and stdlib #includes) runs under Fedora 10 but fails with "Invalid Argument" under OS X. Can anyone suggest why this fails in OS X? I have looked and looked and looked at the sendto() call, but all the parameters look good. I'm running the code as root, etc. Is there perhaps a kernel setting that prevents even uid 0 executables from sending packets through raw sockets in OS X Snow Leopard? Thanks.

    Read the article

  • Tomato QoS: Why is some traffic unclassified when there are classifications for it?

    - by Armitage
    Ok, I am trying to tweak my router to give priority to some traffic. My classifications seem to cover just about everything but I still see ~60 to ~80% of the traffic as unclassified: TCP 192.168.1.100 64137 192.168.1.1 80 Unclassified TCP 192.168.1.100 64175 192.168.1.1 80 Unclassified TCP 192.168.1.100 64144 192.168.1.1 443 Unclassified I assume that the 64### ports are just what my WAP uses to send packets inside my home network. But my classifications seems to cover any traffic for destination ports 80 and 443: (partial list) TCP Dst Port: 80,443 High WWW TCP/UDP Dst Port: 1024-65535 Lowest Bulk Traffic Why do I have so much unclassified traffic if I have a classification that should cover it?

    Read the article

  • CentOS listen to everything on the wire

    - by Poni
    I know there's a native command on linux that will output (to stdout) every "event" related to a certain network interface (be it eth0 etc'). Like there's tail -f <file> to listen on file changes.. I just can't find it. I want to see all events, incoming packets, even dropped ones. At lowest level possible. In every protocol (TCP, UDP etc'). I think WireShark is a bit too big for this as I need something very simple just to see the events, it's for testing. What's the command?

    Read the article

  • ffserver - streaming problem transcodation for input

    - by zozo
    Good day to all. I have a little problem. I'm trying to stream something from a cam to a server and then forward to... somewhere (it will be a site or something). On the computer that I have the cam connected to I use vlc to stream it to the server and there I try to get the stream as an input for a ffserver. The problem is that ffserver doesn't detect the input (regardless of the protocol I use (udp, rtp, etc.)). I suspect a transcoding problem or something like that but I can't find any documentation about that so... Does any1 know what transcodation I should use? Thank you for help and have a great day.

    Read the article

  • Two network interfaces and two IP addresses on the same subnet in Linux

    - by Scott Duckworth
    I recently ran into a situation where I needed two IP addresses on the same subnet assigned to one Linux host so that we could run two SSL/TLS sites. My first approach was to use IP aliasing, e.g. using eth0:0, eth0:1, etc, but our network admins have some fairly strict settings in place for security that squashed this idea: They use DHCP snooping and normally don't allow static IP addresses. Static addressing is accomplished by using static DHCP entries, so the same MAC address always gets the same IP assignment. This feature can be disabled per switchport if you ask and you have a reason for it (thankfully I have a good relationship with the network guys and this isn't hard to do). With the DHCP snooping disabled on the switchport, they had to put in a rule on the switch that said MAC address X is allowed to have IP address Y. Unfortunately this had the side effect of also saying that MAC address X is ONLY allowed to have IP address Y. IP aliasing required that MAC address X was assigned two IP addresses, so this didn't work. There may have been a way around these issues on the switch configuration, but in an attempt to preserve good relations with the network admins I tried to find another way. Having two network interfaces seemed like the next logical step. Thankfully this Linux system is a virtual machine, so I was able to easily add a second network interface (without rebooting, I might add - pretty cool). A few keystrokes later I had two network interfaces up and running and both pulled IP addresses from DHCP. But then the problem came in: the network admins could see (on the switch) the ARP entry for both interfaces, but only the first network interface that I brought up would respond to pings or any sort of TCP or UDP traffic. After lots of digging and poking, here's what I came up with. It seems to work, but it also seems to be a lot of work for something that seems like it should be simple. Any alternate ideas out there? Step 1: Enable ARP filtering on all interfaces: # sysctl -w net.ipv4.conf.all.arp_filter=1 # echo "net.ipv4.conf.all.arp_filter = 1" >> /etc/sysctl.conf From the file networking/ip-sysctl.txt in the Linux kernel docs: arp_filter - BOOLEAN 1 - Allows you to have multiple network interfaces on the same subnet, and have the ARPs for each interface be answered based on whether or not the kernel would route a packet from the ARP'd IP out that interface (therefore you must use source based routing for this to work). In other words it allows control of which cards (usually 1) will respond to an arp request. 0 - (default) The kernel can respond to arp requests with addresses from other interfaces. This may seem wrong but it usually makes sense, because it increases the chance of successful communication. IP addresses are owned by the complete host on Linux, not by particular interfaces. Only for more complex setups like load- balancing, does this behaviour cause problems. arp_filter for the interface will be enabled if at least one of conf/{all,interface}/arp_filter is set to TRUE, it will be disabled otherwise Step 2: Implement source-based routing I basically just followed directions from http://lartc.org/howto/lartc.rpdb.multiple-links.html, although that page was written with a different goal in mind (dealing with two ISPs). Assume that the subnet is 10.0.0.0/24, the gateway is 10.0.0.1, the IP address for eth0 is 10.0.0.100, and the IP address for eth1 is 10.0.0.101. Define two new routing tables named eth0 and eth1 in /etc/iproute2/rt_tables: ... top of file omitted ... 1 eth0 2 eth1 Define the routes for these two tables: # ip route add default via 10.0.0.1 table eth0 # ip route add default via 10.0.0.1 table eth1 # ip route add 10.0.0.0/24 dev eth0 src 10.0.0.100 table eth0 # ip route add 10.0.0.0/24 dev eth1 src 10.0.0.101 table eth1 Define the rules for when to use the new routing tables: # ip rule add from 10.0.0.100 table eth0 # ip rule add from 10.0.0.101 table eth1 The main routing table was already taken care of by DHCP (and it's not even clear that its strictly necessary in this case), but it basically equates to this: # ip route add default via 10.0.0.1 dev eth0 # ip route add 130.127.48.0/23 dev eth0 src 10.0.0.100 # ip route add 130.127.48.0/23 dev eth1 src 10.0.0.101 And voila! Everything seems to work just fine. Sending pings to both IP addresses works fine. Sending pings from this system to other systems and forcing the ping to use a specific interface works fine (ping -I eth0 10.0.0.1, ping -I eth1 10.0.0.1). And most importantly, all TCP and UDP traffic to/from either IP address works as expected. So again, my question is: is there a better way to do this? This seems like a lot of work for a seemingly simple problem.

    Read the article

  • Configure VPN to access remote LAN network on Windows7

    - by PiotrK
    Situation: I have two Windows7 machines (PC and laptop). I've set PC as VPN server and laptop as VPN client using default built-in W7 network tools. I've disabled use default gateway in remote network on client machine, so client don't try to route all communication through VPN. I've routed port 1723 (TCP/UDP) on NAT to my server and enabled IPSec/PPTP/L2TP passthrough I've put my laptop in indepedent network (basically I've connected it via 3G network), connected to VPN server and checked ipconfig /all I've get: IP Address: 192.168.1.101 Mask: 255.255.255.255 Gateway: (none) LAN mask in server LAN network is 255.255.255.0 - I am surely missing something obvious, but Google doesn't give me any good advices; How can I access local LAN network from remote VPN client? How can I access local shared documents?

    Read the article

  • Trixbox: external SIP with no sound

    - by Leandro Vidal
    I have a trixbox server and every works find except the external SIPs. Inside net all sound goes fine, but if I use a SIP phone outside the net, I can connect, I can receive calls but I there is no sound. I have this text in the sip_nat.conf: nat=yes externhost=xxxxx.dyndns.org localnet=192.168.1.0/255.255.255.0 localhost=192.168.1.210 externrefresh=10 qualify=yes And I have the ports from 5036 to 5082, 4569 and from 10000 to 20000 redirected to 192.168.1.210 on TCP and UDP. What's wrong? Thank you very much in advance

    Read the article

  • Firewall software that can block access to certain applications on certain internet connections

    - by webmasters
    I have two internet connections, a LAN and a 3G modem on a Windows 7 machine. The LAN is connected to a Edimax router which is conneted to the ISP (with their own modem). Now, the Edimax router is set to auto assign IP adresses in the range: 168.192.2.100 and 192.168.2.200 I wanted to block internet explorer to access the LAN. I entered my AVG firewall, selected iexplorer and added a "block" rule which blocked all ports, TCP and UDP protocols for the above IP range. The problem is it did not work, not matter what rules I have tried. Can you recommend a firewall that can easily accomplish this? Ty

    Read the article

< Previous Page | 26 27 28 29 30 31 32 33 34 35 36 37  | Next Page >