Search Results

Search found 9928 results on 398 pages for 'facebook authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 326/398 | < Previous Page | 322 323 324 325 326 327 328 329 330 331 332 333  | Next Page >

  • SqlAlchemy hangs after adding record in MS SQL

    - by Patrick
    I'm running SQLAlchemy on Jython and trying to connect to a MS SQL database using jTDS with windows authentication. I can query and delete just fine but when I try to insert new values it will hang when I commit. int 'before add' session.add(newVal) print 'after add' session.commit() print 'after commit' I see the first two print statements but not the last. My CPU maxes out and I can't even query the table directly using the MS SQL Management Studio. When I kill the Jython java process I can query again but the new values haven't been added. Strangely enough I can insert values directly using an SQL command: insert_sql = "INSERT INTO my_table (my_value) VALUES ('test_value')" session.execute(insert_sql) session.commit() Any ideas what I'm doing wrong?

    Read the article

  • Can I do this in only one query ?

    - by Paté
    Merry christmas everyone, I Know my way around SQL but I'm having a hard time figuring this one out. First here are my tables (examples) User id name friend from //userid to //userid If user 1 is friend with user 10 then you a row with 1,10. User 1 cannot be friend with user 10 if user 10 is not friend with user 1 so you have 1,10 10,1 It may look weird but I need those two rows per relations. Now I'm trying to make a query to select the users that have the most mutual friend with a given user. For example User 1 is friend with user 10,9 and 7 and user 8 is friend with 10,9 and 7 too ,I want to suggest user 1 to invite him (like facebook). I want to get like the 10 first people with the most mutual friend. The output would be like User,NumOfMutualFriends I dont know if that can be done in a single query ? Thanks in advance for any help.

    Read the article

  • Authenticating model - best practices

    - by zerkms
    I come into ASP.NET from php so the reason why i ask my question is because it's totally different nature of how application works and handles requests. well, i have an exists table with user creditians, such as: id, login, password (sha hashed), email, phone, room i have built custom membership provider so it can handle my own database authentication schema. and now i'm confused, because User.Identity.Name contains only user's login, but not the complete object (i'm using linq2sql to communicate with database and i need in it's User object to work). at php applications i just store user object at some static method at Auth class (or some another), but here at ASP.NET MVC i cannot do this, because static member is shared across all requests and permanent, and not lives within only current request (as it was at php). so my question is: how and where should i retrieve and store linq2sql user object to work with it within current and only current request? (after request processed successfully i expect it will be disposed from memory and on next request will be created again). or i'm following totally wrong way?

    Read the article

  • How to setup a http(s) proxy with record/replay functionality?

    - by superb
    The use case is: I want to do some android app performance tests and I want to fix the data when app got from web. The solution I come up with is to setup a local http proxy, which can first record all http traffic, and later replay then app is running perf tests. I found http://mitmproxy.org/, which has exactly the features I want. but seems with the default settings it cannot be used as a https proxy. I tried using it as proxy and login to facebook but doesn't work. I am not familiar with the https protocol and how cert things work. Any one can provide some help? Thanks a lot.

    Read the article

  • Validate authenticity of website owner

    - by Cyber Junkie
    Hello all! I'm planning to develop a web app where users will list their site/blog. When people submit their sites, how can I confirm that they are the owners of it? So for instance there is a user Mark who wants to submit someone else's website without their approval. I want to restrict Mark from doing so unless he is the actual owner. My idea was to do a comparison between the user's email domain and the website domain she/he wants to submit. If they match allow the user to submit the website. However most people don't register with their website domain address.. or perhaps I'll implement a Facebook connect in the future. What other methods would you suggest?

    Read the article

  • previousFailureCount always stays on 0 (zero)

    - by itai alter
    Hello all, First of all, I'd like to thank the good people who helped me around on this site. Thanks. I'm trying to detect a failed authentication attempt in my app... I'm using the didReceiveAuthenticationChallenge method, and the checking if [challenge previousFailureCount] is equal to 0. The problem is that it's always stays on zero, even if the username and password that I send with the credentials are incorrect. I couldn't find any info about this kind of issue, any help will be much appreciated. Thanks!

    Read the article

  • Web Service Security java

    - by WhoAmI
    My web service was created some time back using IBM JAX-RPC. As a part of enhancement, I need to provide some security to the existing service. One way is to provide a handler, all the request and response will pass through that handler only. In the request I can implement some authentication rules for each and every application/user accessing it. Other than this, What are the possible ways for securing it? I have heard someting called wsse security for web service. Is it possible to implement it for the JAX-RPC? Or it can be implemented only for JAX-WS? Need some helpful inputs on the wsse security so that i can jump learning it. Other than handler and wsse security, any other possible way to make a service secure? Please help.

    Read the article

  • Reading http file on url

    - by Nkunzis
    I am trying to read an xml file on an http url. "Unexpected end of file from server" keeps on coming . the page is password protected, I would like to know if I am properly giving in my url authentication details. I tried with non protected pages and I can read them properly. Here is my code: URL url = new URL("http://username:[email protected]:0000/test.xml"); URLConnection yc = url.openConnection(); BufferedReader in = new BufferedReader(new InputStreamReader(yc.getInputStream())); String inputLine; while ((inputLine = in.readLine()) != null) System.out.println(inputLine); in.close();

    Read the article

  • Knowledge mining using Hadoop.

    - by Anurag
    Hello there, I want to do a project Hadoop and map reduce and present it as my graduation project. To this, I've given some thought,searched over the internet and came up with the idea of implementing some basic knowledge mining algorithms say on a social websites like Facebook or may stckoverflow, Quora etc and draw some statistical graphs, comparisons frequency distributions and other sort of important values.For searching purpose would it be wise to use Apache Solr ? I want know If such thing is feasible using the above mentioned tools, if so how should I build up on this little idea? Where can I learn about knowledge mining algorithms which are easy to implement using java and map reduce techniques? In case this is a wrong idea please suggest what else can otherwise be done on using Hadoop and other related sub-projects? Thank you

    Read the article

  • Javascript is freezing the browser when running this code

    - by user1420493
    I am trying to get the value of a text input and check if there is any links in it and then take those links and make them into tags. But when I run this code, something is going wrong and it completely freezes the page. Basically, I want it to check for "http://" and if that exists, to keep on adding to the substr length until the end of the string/link. Is there a better way to do this? // the id "post" could possibly say: "Hey, check this out! http://facebook.com" // I'd like it to just get that link and that's all I need help with, just to get the // value of that entire string/link. var x = document.getElementById("post"); var m = x.value.indexOf("http://"); var a = 0; var q = m; if (m != -1) { while (x.value.substr(q, 1) != " ") { var h = x.value.substr(m, a); q++; } }

    Read the article

  • How do you use the C language to produce a ruby gem?

    - by DJTripleThreat
    I would like to see some source code or maybe a link to some that gives at least a stub for writing ruby gems in the C languages (C++?? is that possible too?) Also, some of you may know that Facebook compiles some of their code natively as php extensions for better performance. Is anyone doing this in Rails? If so, what has been your experience with it? Have you found it to be useful? Thanks. Edit: I guess I'll answer my own question with some stuff I learned today but I'm going to leave the question open for another answer because I'd like to see what others have to say on this topic

    Read the article

  • How can I use Amazon's API in PHP to search for books?

    - by TerranRich
    I'm working on a Facebook app for book sharing, reviewing, and recommendations. I've scoured the web, searched Google using every search phrase I could think of, but I could not find any tutorials on how to access the Amazon.com API for book information. I signed up for an AWS account, but even the tutorials on their website didn't help me one bit. They're all geared toward using cloud computing for file storage and processing, but that's not what I want. I just want to access their API to search info on books. Kind of like how http://openlibrary.org/ does it, where it's a simple URL call to get information on a book (but their databases aren't nearly as populated as Amazon's). Why is it so hard to find the information I need on Amazon's AWS site? If anybody could help, I would greatly appreciate it.

    Read the article

  • PHP / XHTML. Should I place everything in echo tags?

    - by 110175914651386975417
    A quick question involving PHP development, I seem to be wondering about this more and more as I develop more complex sites. Basically say we have a basic PHP / XHTML inbox (messaging system). I perform checks at the top (check if user is logged in, check if user has correct permissions etc). Then use the 'header('location:www.abc.com)' function if the authentication fails. The question is do I write the rest of the inbox code in a huge 'else' block or just use standard html. I read somewhere about about it being bad to put any code after using the 'header' function.

    Read the article

  • Search box inside a div. Django

    - by Juliette Dupuis
    In my django app I display a list of elements (friends name) thanks to a loop: <div> {% for friend in group %} <p>{{ friend.name }} <p> {% endfor %} </div> I would like to create a search box on the top of my list in order to be able to find only the friends the user wants. I would like the search bar does not need to click to send the request (an example is the Airtime searchbox on top of the facebook friends list). I have absolutely no idea on how to do that, and I'm looking for hints or tips to start. Thank you very much for your help.

    Read the article

  • How to echo an array in PHP?

    - by Kaoukkos
    The following code $results = $facebook->api('/fql', array('q'=>'SELECT page_id, type FROM page_admin WHERE uid = me()')); print_r($results); returned me this array Array ( [data] => Array ( [0] => Array ( [page_id] => 204725966262837 [type] => WEBSITE ) [1] => Array ( [page_id] => 163703342377960 [type] => COMMUNITY ) ) ) My question is how can I just echo the content without this structure? I tried foreach ($results as $result) { echo $result->type; echo "<br>"; }

    Read the article

  • SQL Server 2008. Allow Remote Connections?

    - by George
    I have SQL Server 2000 and 2008 installed on a Windows XP Pro box. I can connect to both db instances locally. From another box, a Windows 7 box, I can connect to the SQL 2000 instance on the first box but I cannot connect to the 2008 instance using the same SQL Server authentication credentials that worked locally. Allow Remote Connections is set to TRUE for both the 2000 and 2008 database instances. What else can I look for to be able to connect to the remote 2008 instance from the Windows 7 box? I am trying to connect using Mgt Studio 2008.

    Read the article

  • Custom Header Menu in Android App (How To)

    - by masterkrang
    I'm trying to implement a custom header menu in my Android application and I'm wondering what the standard or best practice for creating a header menu. I'm thinking something like the facebook app that displays a log and has some action items like triggering a search and possibly return back to the main activity. Tab Layout doesn't seem to be what I'm looking for. I found a tutorial here that might be close to what I'm looking for but not sure. It seems a bit redundant to instantiate a menu in every Activity. Seems like there would be a way to decouple the Activity from the menu, or at least more loosely couple it. Perhaps I need to implement something with Fragments but I'm sort of new, so I'm not sure yet. Looking forward to your suggestions or hearing how you've implemented something like this. Thanks!

    Read the article

  • Restful client on Codeigniter issue

    - by user1852837
    This is weird. I don't know what is problem on my website. My website works on local server but not on live server. Login page works on first signin but after logout then re-login again message says: "invalid username and password" since it works on first attempt. I found out when I debugging that http://xxxxx.com/api/authentication/sign not found. It display 404 page not found. Sometimes you can login and sometimes not. In my local it works. I contact the web server admin and I ask what is the status of the session on the server and How does it execute it's web requests? (Sockets, file_get_contents, curl?). They said that No problems reproduced with Server Sessions and PHP Curl works fine. I know it's weird but can somebody here can figure it out what is the problem behind of it.

    Read the article

  • elinks http autentication

    - by G45
    I'm trying to use linux elinks text browser to go to a website. This site requires http authentication. If I press escape it and hide the login prompt once and then If I try to go the particular website again it doesn't show the login prompt again. I try "flush all caches" But it doesn't work until I close my terminal and get a new one. Is there any other way to get over with this? This should be a simple question. But I googled and couldn't find a answer.

    Read the article

  • Why does Mac OS X Software Update not work when machine uses Active Directory?

    - by Lyndsey Ferguson
    My company's IT department is mostly a Windows run operation and in order to become more secure, they are altering the way that the Macintosh computers login to our internal network so that they use Active Directory like their Windows counterparts. I have been given Administrative permission on my Mac and I am able to do most of what I used to be able to do in terms of authentication of software installations. However, there is a problem: the "Software Update" feature doesn't work. What happens is that when I try to get the Mac to perform its Software Updates from the Apple menu, the normal window appears listing what has to be updated; I am able to select what to update and click the "Update" button, but then nothing happens. It doesn't ask for authentication like it used to, the computer doesn't perform any download or installation (it does sometimes ask me to agree to license agreements for iTunes). I can download the updates individually and install them without any issues, but the auto-update fails. I'd rather use the Software Update menu item like I used to: it is much more convenient. Any suggestions on how I can fix this? EDIT Nov 19th, 2009, 10:09 EST: I have posted this question to the Apple Mac OS X Snow Leopard support forum. EDIT Nov 19th, 2009, 12:39 EST:Yes, the Terminal command "sudo softwareupdate --install --all" does work flawlessly. I want to avoid that as my co-workers are generally not comfortable on the Mac. I also tried Chealion's suggestion to delete "~/Library/Preferences/com.apple.SoftwareUpdate.plist" and "/Library/Preferences/com.apple.SoftwareUpdate.plist", Software Update still fails. However, I did get diagnostic messages in the Console (below). I've deleted the MS Office Package Receipts and examined the suhelperd (Software Update Helper Daemon?); it appears that suhelperd is crashing and that explains why it doesn't work. I've submitted a bug report to Apple (radar://7408619). Here are the Console diagnostic messages: 11/19/09 12:36:44 PM com.apple.suhelperd[66829] terminate called after throwing an instance of 'NSException' 11/19/09 12:36:47 PM com.apple.launchd[1] (com.apple.suhelperd[66829]) Job appears to have crashed: Abort trap 11/19/09 12:36:48 PM com.apple.ReportCrash.Root[66830] 2009-11-19 12:36:48.275 ReportCrash[66830:2703] Saved crash report for suhelperd[66829] version ??? (???) to /Library/Logs/DiagnosticReports/suhelperd_2009-11-19-123648_localhost.crash 11/19/09 12:36:54 PM com.apple.launchd[1] (com.apple.suhelperd) Throttling respawn: Will start in 1 seconds 11/19/09 12:36:55 PM com.apple.suhelperd[66836] terminate called after throwing an instance of 'NSException' 11/19/09 12:36:55 PM com.apple.launchd[1] (com.apple.suhelperd[66836]) Job appears to have crashed: Abort trap 11/19/09 12:36:56 PM com.apple.ReportCrash.Root[66830] 2009-11-19 12:36:56.017 ReportCrash[66830:2f03] Saved crash report for suhelperd[66836] version ??? (???) to /Library/Logs/DiagnosticReports/suhelperd_2009-11-19-123655_localhost.crash 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_automator.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_automator_workflow.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_autoupdate.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_clipart.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_core.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_dock.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_entourage.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_entourage_help_std.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_equationeditor.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_errorreporting.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_excel.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_excel_help_std.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_fonts.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_graph.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_helpviewer.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_launch.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_ooxml.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_orgchart.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_powerpoint.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_powerpoint_help_std.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_brazilian.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_danish.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_dutch.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_english.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_finnish.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_french.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_german.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_italian.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_japanese.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_norwegian.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_portuguese.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_spanish.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_proofing_swedish.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_required.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_silverlight.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_sounds.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_word.pkg 11/19/09 12:36:58 PM Software Update[66826] PackageKit: *** Missing bundle identifier: /Library/Receipts/Office2008_en_word_help_std.pkg 11/19/09 12:37:26 PM com.apple.suhelperd[66839] terminate called after throwing an instance of 'NSException' 11/19/09 12:37:26 PM com.apple.launchd[1] (com.apple.suhelperd[66839]) Job appears to have crashed: Abort trap 11/19/09 12:37:26 PM com.apple.ReportCrash.Root[66830] 2009-11-19 12:37:26.929 ReportCrash[66830:2b07] Saved crash report for suhelperd[66839] version ??? (???) to /Library/Logs/DiagnosticReports/suhelperd_2009-11-19-123726_localhost.crash And here is the suhelperd crash report: Process: suhelperd [66839] Path: /System/Library/PrivateFrameworks/SoftwareUpdate.framework/Versions/A/Resources/suhelperd Identifier: suhelperd Version: ??? (???) Code Type: X86-64 (Native) Parent Process: launchd [1] Date/Time: 2009-11-19 12:37:26.473 -0500 OS Version: Mac OS X 10.6.2 (10C540) Report Version: 6 Exception Type: EXC_CRASH (SIGABRT) Exception Codes: 0x0000000000000000, 0x0000000000000000 Crashed Thread: 0 Dispatch queue: com.apple.main-thread Application Specific Information: abort() called *** Terminating app due to uncaught exception 'NSRangeException', reason: '*** -[NSCFArray objectAtIndex:]: index (0) beyond bounds (0)' *** Call stack at first throw: ( 0 CoreFoundation 0x00007fff859a9444 __exceptionPreprocess + 180 1 libobjc.A.dylib 0x00007fff8787e0f3 objc_exception_throw + 45 2 CoreFoundation 0x00007fff859a9267 +[NSException raise:format:arguments:] + 103 3 CoreFoundation 0x00007fff859a91f4 +[NSException raise:format:] + 148 4 Foundation 0x00007fff855da080 _NSArrayRaiseBoundException + 122 5 Foundation 0x00007fff8553cb81 -[NSCFArray objectAtIndex:] + 75 6 Admin 0x00007fff8107920e +[User(UserPrivate) _userWithInfo:attributes:] + 71 7 Admin 0x00007fff81080d6b +[User findUserByID:searchParent:] + 404 8 suhelperd 0x0000000100001274 0x0 + 4294972020 9 suhelperd 0x0000000100002240 0x0 + 4294976064 10 suhelperd 0x00000001000053b1 0x0 + 4294988721 11 suhelperd 0x00000001000044b3 0x0 + 4294984883 12 suhelperd 0x0000000100004154 0x0 + 4294984020 13 libSystem.B.dylib 0x00007fff83eb60d8 mach_msg_server + 357 14 suhelperd 0x00000001000036eb 0x0 + 4294981355 15 suhelperd 0x0000000100002a1f 0x0 + 4294978079 16 suhelperd 0x0000000100001080 0x0 + 4294971520 ) Thread 0 Crashed: Dispatch queue: com.apple.main-thread 0 libSystem.B.dylib 0x00007fff83e86fe6 __kill + 10 1 libSystem.B.dylib 0x00007fff83f27e32 abort + 83 2 libstdc++.6.dylib 0x00007fff873cf5d2 __tcf_0 + 0 3 libobjc.A.dylib 0x00007fff87881d29 _objc_terminate + 100 4 libstdc++.6.dylib 0x00007fff873cdae1 __cxxabiv1::__terminate(void (*)()) + 11 5 libstdc++.6.dylib 0x00007fff873cdb16 __cxxabiv1::__unexpected(void (*)()) + 0 6 libstdc++.6.dylib 0x00007fff873cdbfc __gxx_exception_cleanup(_Unwind_Reason_Code, _Unwind_Exception*) + 0 7 libobjc.A.dylib 0x00007fff8787e192 object_getIvar + 0 8 com.apple.CoreFoundation 0x00007fff859a9267 +[NSException raise:format:arguments:] + 103 9 com.apple.CoreFoundation 0x00007fff859a91f4 +[NSException raise:format:] + 148 10 com.apple.Foundation 0x00007fff855da080 _NSArrayRaiseBoundException + 122 11 com.apple.Foundation 0x00007fff8553cb81 -[NSCFArray objectAtIndex:] + 75 12 com.apple.framework.Admin 0x00007fff8107920e +[User(UserPrivate) _userWithInfo:attributes:] + 71 13 com.apple.framework.Admin 0x00007fff81080d6b +[User findUserByID:searchParent:] + 404 14 suhelperd 0x0000000100001274 0x100000000 + 4724 15 suhelperd 0x0000000100002240 0x100000000 + 8768 16 suhelperd 0x00000001000053b1 0x100000000 + 21425 17 suhelperd 0x00000001000044b3 0x100000000 + 17587 18 suhelperd 0x0000000100004154 0x100000000 + 16724 19 libSystem.B.dylib 0x00007fff83eb60d8 mach_msg_server + 357 20 suhelperd 0x00000001000036eb 0x100000000 + 14059 21 suhelperd 0x0000000100002a1f 0x100000000 + 10783 22 suhelperd 0x0000000100001080 0x100000000 + 4224 Thread 1: Dispatch queue: com.apple.libdispatch-manager 0 libSystem.B.dylib 0x00007fff83e51bba kevent + 10 1 libSystem.B.dylib 0x00007fff83e53a85 _dispatch_mgr_invoke + 154 2 libSystem.B.dylib 0x00007fff83e5375c _dispatch_queue_invoke + 185 3 libSystem.B.dylib 0x00007fff83e53286 _dispatch_worker_thread2 + 244 4 libSystem.B.dylib 0x00007fff83e52bb8 _pthread_wqthread + 353 5 libSystem.B.dylib 0x00007fff83e52a55 start_wqthread + 13 Thread 2: 0 libSystem.B.dylib 0x00007fff83e529da __workq_kernreturn + 10 1 libSystem.B.dylib 0x00007fff83e52dec _pthread_wqthread + 917 2 libSystem.B.dylib 0x00007fff83e52a55 start_wqthread + 13 Thread 0 crashed with X86 Thread State (64-bit): rax: 0x0000000000000000 rbx: 0x00007fff707d7298 rcx: 0x00007fff5fbff868 rdx: 0x0000000000000000 rdi: 0x0000000000010517 rsi: 0x0000000000000006 rbp: 0x00007fff5fbff880 rsp: 0x00007fff5fbff868 r8: 0x00007fff707da9e0 r9: 0x0000000000000063 r10: 0x00007fff83e83026 r11: 0x0000000000000202 r12: 0x00007fff85a2dca1 r13: 0x0000000000000000 r14: 0x00007fff70bea228 r15: 0x00007fff5fbffb10 rip: 0x00007fff83e86fe6 rfl: 0x0000000000000202 cr2: 0x00007fff70e3afd0

    Read the article

  • Creating static NAT blocks outbound traffic Cisco ASA

    - by natediggs
    Hi Everyone, I have two web servers sitting behind a Cisco ASA 5505, which I don't have much experience with. I'm trying to create two static NATs. One static NAT that goes to xx.xx.xx.150 and another that goes to xx.xx.xx.151. I've created the static NAT for the .150 web server and it works FINE. Incoming and outgoing traffic work great. This is the staging web server. I now need to duplicate the setup for the production web server. So, I connect the webserver to the firewall, change the public IP address on one of the NICs reboot the server and I have outbound internet access. Then I run the command: static (inside,outside) xx.xx.xx.150 192.168.1.x which is successful. I then run the command: access-list acl-outside permit tcp any host xx.xx.xx.150 eq 80 Which is successful. I then try to browse the internet and I get nothing. I try to telnet in through port 80 and I get nothing (though I'm guessing because the response to the telnet request is being blocked). I've tried this with the production web server and then I tried it with another web server that is for internal testing and have the exact same problem. Both work fine until I run the static NAT rule and then no outbound internet access. I have a feeling that it's something simple that I'm missing, but my limited experience with this device is killing me. Below I've pasted the current configuration. I'm currently trying to get this to work on the .153 server which is the internal testing server. Once I can verify that works, I'll try it with production. : Saved : ASA Version 8.2(4) ! hostname QG domain-name XX.com enable password passwd names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address XX.XX.XX.148 255.255.255.0 ! interface Vlan3 shutdown no forward interface Vlan1 nameif dmz security-level 50 ip address dhcp ! boot system disk0:/asa824.bin ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns server-group DefaultDNS domain-name fw.XXgroup.com same-security-traffic permit inter-interface access-list acl-outside extended permit tcp any host XX.XX.XX.150 eq www access-list acl-outside extended permit tcp any host XX.XX.XX.150 eq https access-list acl-outside extended permit tcp any host XX.XX.XX.151 eq www access-list acl-outside extended permit tcp any host XX.XX.XX.151 eq https access-list acl-outside extended permit tcp any host XX.XX.XX.153 eq www access-list inside_access_in extended permit ip 192.168.1.0 255.255.255.0 any access-list inside_nat0_outbound extended permit ip any 192.168.1.32 255.255.255.240 pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1500 mtu dmz 1500 ip local pool VPNIPs 192.168.1.35-192.168.1.44 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-635.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) XX.XX.XX150 192.168.1.100 netmask 255.255.255.255 static (inside,outside) XX.XX.XX153 192.168.1.102 netmask 255.255.255.255 access-group acl-outside in interface outside route outside 0.0.0.0 0.0.0.0 XX.XX.XX129 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy aaa authorization command LOCAL http server enable http 192.168.1.0 255.255.255.0 inside http 0.0.0.0 0.0.0.0 outside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs group1 crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication crack encryption 3des hash sha group 2 lifetime 86400 no crypto isakmp nat-traversal client-update enable telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd auto_config outside ! dhcpd address 192.168.1.2-192.168.1.33 inside dhcpd dns 208.77.88.4 interface inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn enable outside svc image disk0:/sslclient-win-1.1.0.154.pkg 1 svc image disk0:/anyconnect-win-2.5.2019-k9.pkg 2 svc enable group-policy ATSAdmin internal group-policy ATSAdmin attributes dns-server value 208.77.88.4 208.85.174.9 vpn-tunnel-protocol IPSec svc webvpn webvpn url-list none svc keep-installer installed svc rekey method ssl svc ask enable username qgadmin password /oHfeGQ/R.bd3KPR encrypted privilege 15 username benl password 0HNIGQNI0uruJvhW encrypted privilege 0 username benl attributes vpn-group-policy ATSAdmin username kuzma password rH7MM7laoynyvf9U encrypted privilege 0 username kuzma attributes vpn-group-policy ATSAdmin username nate password BXHOURyT37e4O5mt encrypted privilege 0 username nate attributes vpn-group-policy ATSAdmin tunnel-group ATSAdmin type remote-access tunnel-group ATSAdmin general-attributes address-pool VPNIPs default-group-policy ATSAdmin tunnel-group SSLVPN type remote-access tunnel-group SSLVPN general-attributes address-pool VPNIPs default-group-policy ATSAdmin ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global privilege cmd level 3 mode exec command perfmon privilege cmd level 3 mode exec command ping privilege cmd level 3 mode exec command who privilege cmd level 3 mode exec command logging privilege cmd level 3 mode exec command failover privilege show level 5 mode exec command running-config privilege show level 3 mode exec command reload privilege show level 3 mode exec command mode privilege show level 3 mode exec command firewall privilege show level 3 mode exec command interface privilege show level 3 mode exec command clock privilege show level 3 mode exec command dns-hosts privilege show level 3 mode exec command access-list privilege show level 3 mode exec command logging privilege show level 3 mode exec command ip privilege show level 3 mode exec command failover privilege show level 3 mode exec command asdm privilege show level 3 mode exec command arp privilege show level 3 mode exec command route privilege show level 3 mode exec command ospf privilege show level 3 mode exec command aaa-server privilege show level 3 mode exec command aaa privilege show level 3 mode exec command crypto privilege show level 3 mode exec command vpn-sessiondb privilege show level 3 mode exec command ssh privilege show level 3 mode exec command dhcpd privilege show level 3 mode exec command vpn privilege show level 3 mode exec command blocks privilege show level 3 mode exec command uauth privilege show level 3 mode configure command interface privilege show level 3 mode configure command clock privilege show level 3 mode configure command access-list privilege show level 3 mode configure command logging privilege show level 3 mode configure command ip privilege show level 3 mode configure command failover privilege show level 5 mode configure command asdm privilege show level 3 mode configure command arp privilege show level 3 mode configure command route privilege show level 3 mode configure command aaa-server privilege show level 3 mode configure command aaa privilege show level 3 mode configure command crypto privilege show level 3 mode configure command ssh privilege show level 3 mode configure command dhcpd privilege show level 5 mode configure command privilege privilege clear level 3 mode exec command dns-hosts privilege clear level 3 mode exec command logging privilege clear level 3 mode exec command arp privilege clear level 3 mode exec command aaa-server privilege clear level 3 mode exec command crypto privilege cmd level 3 mode configure command failover privilege clear level 3 mode configure command logging privilege clear level 3 mode configure command arp privilege clear level 3 mode configure command crypto privilege clear level 3 mode configure command aaa-server prompt hostname context call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email [email protected] destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily Cryptochecksum:0ed0580e151af288d865f4f3603d792a : end asdm image disk0:/asdm-635.bin no asdm history enable

    Read the article

  • OpenSwan IPsec connection drops after 30 seconds

    - by drcore
    I'm trying to connection from my Linux Mint 16 box to a CloudStack server. Building up the connection works (pings work across the tunnel). However 30 seconds later the IPsec tunnel gets terminated out of the blue. What could cause this consistent behaviour and how to fix it? The tunnel is setup using OpenSwan (U2.6.38/K(no kernel code presently loaded)) with the L2TP IPsec VPN manager from Werner Jaeger 1.0.9. The client is behind a NAT'ed router and the server is on public IP (CloudStack 4.2) Running ipsec verify complains about IPsec support in kernel. Not sure if this is a problem as the connection is being build up: Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.38/K(no kernel code presently loaded) Checking for IPsec support in kernel [FAILED] SAref kernel support [N/A] Checking that pluto is running [FAILED] whack: Pluto is not running (no "/var/run/pluto/pluto.ctl") Checking for 'ip' command [OK] Checking /bin/sh is not /bin/dash [WARNING] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] Tunnel config: version 2.0 # conforms to second version of ipsec.conf specification config setup # plutodebug="parsing emitting control private" plutodebug=none strictcrlpolicy=no nat_traversal=yes interfaces=%defaultroute oe=off # which IPsec stack to use. netkey,klips,mast,auto or none protostack=netkey conn %default keyingtries=3 pfs=no rekey=yes type=transport left=%defaultroute leftprotoport=17/1701 rightprotoport=17/1701 conn Tunnel1 authby=secret right=37.48.75.97 rightid="" auto=add Log file of VPN connection build up: aug. 23 17:12:54.708 ipsec_setup: Starting Openswan IPsec U2.6.38/K3.11.0-12-generic... aug. 23 17:12:55.155 ipsec_setup: multiple ip addresses, using 192.168.178.32 on eth0 aug. 23 17:12:55.165 ipsec__plutorun: Starting Pluto subsystem... aug. 23 17:12:55.174 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d aug. 23 17:12:55.177 recvref[30]: Protocol not available aug. 23 17:12:55.177 xl2tpd[14339]: This binary does not support kernel L2TP. aug. 23 17:12:55.178 Starting xl2tpd: xl2tpd. aug. 23 17:12:55.178 xl2tpd[14345]: xl2tpd version xl2tpd-1.3.1 started on desktopmint PID:14345 aug. 23 17:12:55.178 xl2tpd[14345]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. aug. 23 17:12:55.179 xl2tpd[14345]: Forked by Scott Balmos and David Stipp, (C) 2001 aug. 23 17:12:55.179 xl2tpd[14345]: Inherited by Jeff McAdams, (C) 2002 aug. 23 17:12:55.179 xl2tpd[14345]: Forked again by Xelerance (www.xelerance.com) (C) 2006 aug. 23 17:12:55.180 xl2tpd[14345]: Listening on IP address 0.0.0.0, port 1701 aug. 23 17:12:55.214 ipsec__plutorun: 002 added connection description "Tunnel1" aug. 23 17:13:15.532 104 "Tunnel1" #1: STATE_MAIN_I1: initiate aug. 23 17:13:15.532 003 "Tunnel1" #1: ignoring unknown Vendor ID payload [4f45755c645c6a795c5c6170] aug. 23 17:13:15.532 003 "Tunnel1" #1: received Vendor ID payload [Dead Peer Detection] aug. 23 17:13:15.533 003 "Tunnel1" #1: received Vendor ID payload [RFC 3947] method set to=115 aug. 23 17:13:15.533 106 "Tunnel1" #1: STATE_MAIN_I2: sent MI2, expecting MR2 aug. 23 17:13:15.534 003 "Tunnel1" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): i am NATed aug. 23 17:13:15.534 108 "Tunnel1" #1: STATE_MAIN_I3: sent MI3, expecting MR3 aug. 23 17:13:15.534 010 "Tunnel1" #1: STATE_MAIN_I3: retransmission; will wait 20s for response aug. 23 17:13:15.545 003 "Tunnel1" #1: received Vendor ID payload [CAN-IKEv2] aug. 23 17:13:15.547 004 "Tunnel1" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048} aug. 23 17:13:15.547 117 "Tunnel1" #2: STATE_QUICK_I1: initiate aug. 23 17:13:15.547 010 "Tunnel1" #2: STATE_QUICK_I1: retransmission; will wait 20s for response aug. 23 17:13:15.548 004 "Tunnel1" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0x0ecef28b <0x3e1fbe3b xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none} aug. 23 17:13:16.549 xl2tpd[14345]: Connecting to host <VPN gateway>, port 1701 aug. 23 17:13:18.576 xl2tpd[14345]: Connection established to <VPN gateway>, 1701. Local: 21163, Remote: 12074 (ref=0/0). aug. 23 17:13:18.576 xl2tpd[14345]: Calling on tunnel 21163 aug. 23 17:13:18.577 xl2tpd[14345]: check_control: Received out of order control packet on tunnel 12074 (got 0, expected 1) aug. 23 17:13:18.577 xl2tpd[14345]: handle_packet: bad control packet! aug. 23 17:13:18.577 xl2tpd[14345]: check_control: Received out of order control packet on tunnel 12074 (got 0, expected 1) aug. 23 17:13:18.577 xl2tpd[14345]: handle_packet: bad control packet! aug. 23 17:13:18.599 xl2tpd[14345]: Call established with <VPN gateway>, Local: 39035, Remote: 57266, Serial: 1 (ref=0/0) aug. 23 17:13:18.605 xl2tpd[14345]: start_pppd: I'm running: aug. 23 17:13:18.605 xl2tpd[14345]: "/usr/sbin/pppd" aug. 23 17:13:18.606 xl2tpd[14345]: "passive" aug. 23 17:13:18.606 xl2tpd[14345]: "nodetach" aug. 23 17:13:18.606 xl2tpd[14345]: ":" aug. 23 17:13:18.606 xl2tpd[14345]: "file" aug. 23 17:13:18.606 xl2tpd[14345]: "/etc/ppp/Tunnel1.options.xl2tpd" aug. 23 17:13:18.606 xl2tpd[14345]: "ipparam" aug. 23 17:13:18.607 xl2tpd[14345]: "<VPN gateway>" aug. 23 17:13:18.607 xl2tpd[14345]: "/dev/pts/4" aug. 23 17:13:18.607 pppd[14438]: Plugin passprompt.so loaded. aug. 23 17:13:18.607 pppd[14438]: pppd 2.4.5 started by root, uid 0 aug. 23 17:13:18.608 pppd[14438]: Using interface ppp0 aug. 23 17:13:18.608 pppd[14438]: Connect: ppp0 <--> /dev/pts/4 aug. 23 17:13:21.650 pppd[14438]: CHAP authentication succeeded: Access granted aug. 23 17:13:21.651 pppd[14438]: CHAP authentication succeeded aug. 23 17:13:21.692 pppd[14438]: local IP address 10.1.2.2 aug. 23 17:13:21.693 pppd[14438]: remote IP address 10.1.2.1 aug. 23 17:13:21.693 pppd[14438]: primary DNS address 10.1.2.1 aug. 23 17:13:21.694 pppd[14438]: secondary DNS address 10.1.2.1 aug. 23 17:13:46.528 Stopping xl2tpd: xl2tpd. aug. 23 17:13:46.528 xl2tpd[14345]: death_handler: Fatal signal 15 received aug. 23 17:13:46.529 pppd[14438]: Modem hangup aug. 23 17:13:46.529 pppd[14438]: Connect time 0.5 minutes. aug. 23 17:13:46.529 pppd[14438]: Sent 1866 bytes, received 1241 bytes. aug. 23 17:13:46.529 pppd[14438]: Connection terminated. aug. 23 17:13:46.562 ipsec_setup: Stopping Openswan IPsec... aug. 23 17:13:46.576 pppd[14438]: Exit.

    Read the article

  • Why my VPN doesn't work anymore?

    - by xx77aBs
    I have openvpn server running on debian lenny. There is only one client - and it is running Windows 7 64-bit. This has worked for few months without any problems. And now, let's say for the last 7 days, it doesn't work at all. I connect successfully from client to the server, but I can't access anything through VPN. I have set it up so that all internet traffic is routed through VPN, and now when I connect with the client, the client can't do anything on the net (open any webpage, ping google, anything ...). Can you help me to figure out what's wrong ? I don't know where to start. I've also tried to connect to another openvpn server (I've installed and configured openvpn on another server, and when I try to connect to it result is the same). So I think there's something wrong with client ... Here is my connection log: Wed Apr 04 21:35:59 2012 OpenVPN 2.3-alpha1 Win32-MSVC++ [SSL (OpenSSL)] [LZO2] [PF_INET6] [IPv6 payload 20110522-1 (2.2.0)] built on Feb 21 2012 Enter Management Password: Wed Apr 04 21:35:59 2012 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.10:25340 Wed Apr 04 21:35:59 2012 Need hold release from management interface, waiting... Wed Apr 04 21:36:00 2012 MANAGEMENT: Client connected from [AF_INET]127.0.0.10:25340 Wed Apr 04 21:36:00 2012 MANAGEMENT: CMD 'state on' Wed Apr 04 21:36:00 2012 MANAGEMENT: CMD 'log all on' Wed Apr 04 21:36:00 2012 MANAGEMENT: CMD 'hold off' Wed Apr 04 21:36:00 2012 MANAGEMENT: CMD 'hold release' Wed Apr 04 21:36:00 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Wed Apr 04 21:36:00 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Wed Apr 04 21:36:00 2012 Socket Buffers: R=[8192->8192] S=[8192->8192] Wed Apr 04 21:36:00 2012 MANAGEMENT: >STATE:1333568160,RESOLVE,,, Wed Apr 04 21:36:00 2012 UDPv4 link local: [undef] Wed Apr 04 21:36:00 2012 UDPv4 link remote: [AF_INET]11.22.33.44:1234 Wed Apr 04 21:36:00 2012 MANAGEMENT: >STATE:1333568160,WAIT,,, Wed Apr 04 21:36:00 2012 MANAGEMENT: >STATE:1333568160,AUTH,,, Wed Apr 04 21:36:00 2012 TLS: Initial packet from [AF_INET]11.22.33.44:1234, sid=ee329574 f15e9e04 Wed Apr 04 21:36:00 2012 VERIFY OK: depth=1, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=Fort-Funston CA, [email protected] Wed Apr 04 21:36:00 2012 VERIFY OK: depth=0, C=US, ST=CA, L=SanFrancisco, O=Fort-Funston, CN=server_key, [email protected] Wed Apr 04 21:36:01 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Apr 04 21:36:01 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Apr 04 21:36:01 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Apr 04 21:36:01 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Apr 04 21:36:01 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Wed Apr 04 21:36:01 2012 [server_key] Peer Connection Initiated with [AF_INET]11.22.33.44:1234 Wed Apr 04 21:36:02 2012 MANAGEMENT: >STATE:1333568162,GET_CONFIG,,, Wed Apr 04 21:36:03 2012 SENT CONTROL [server_key]: 'PUSH_REQUEST' (status=1) Wed Apr 04 21:36:03 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 172.16.100.1,topology net30,ping 10,ping-restart 120,ifconfig 172.16.100.6 172.16.100.5' Wed Apr 04 21:36:03 2012 OPTIONS IMPORT: timers and/or timeouts modified Wed Apr 04 21:36:03 2012 OPTIONS IMPORT: --ifconfig/up options modified Wed Apr 04 21:36:03 2012 OPTIONS IMPORT: route options modified Wed Apr 04 21:36:03 2012 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 I=15 HWADDR=00:1f:1f:3f:61:55 Wed Apr 04 21:36:03 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Wed Apr 04 21:36:03 2012 MANAGEMENT: >STATE:1333568163,ASSIGN_IP,,172.16.100.6, Wed Apr 04 21:36:03 2012 open_tun, tt->ipv6=0 Wed Apr 04 21:36:03 2012 TAP-WIN32 device [VPN] opened: \\.\Global\{E28FD52B-F6C3-4094-A36A-30CB02FAC7E8}.tap Wed Apr 04 21:36:03 2012 TAP-Win32 Driver Version 9.9 Wed Apr 04 21:36:03 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.16.100.6/255.255.255.252 on interface {E28FD52B-F6C3-4094-A36A-30CB02FAC7E8} [DHCP-serv: 172.16.100.5, lease-time: 31536000] Wed Apr 04 21:36:03 2012 Successful ARP Flush on interface [31] {E28FD52B-F6C3-4094-A36A-30CB02FAC7E8} Wed Apr 04 21:36:08 2012 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up Wed Apr 04 21:36:08 2012 C:\Windows\system32\route.exe ADD 11.22.33.44 MASK 255.255.255.255 192.168.1.1 Wed Apr 04 21:36:08 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4 Wed Apr 04 21:36:08 2012 Route addition via IPAPI succeeded [adaptive] Wed Apr 04 21:36:08 2012 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 172.16.100.5 Wed Apr 04 21:36:08 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Wed Apr 04 21:36:08 2012 Route addition via IPAPI succeeded [adaptive] Wed Apr 04 21:36:08 2012 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 172.16.100.5 Wed Apr 04 21:36:08 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Wed Apr 04 21:36:08 2012 Route addition via IPAPI succeeded [adaptive] Wed Apr 04 21:36:08 2012 MANAGEMENT: >STATE:1333568168,ADD_ROUTES,,, Wed Apr 04 21:36:08 2012 C:\Windows\system32\route.exe ADD 172.16.100.1 MASK 255.255.255.255 172.16.100.5 Wed Apr 04 21:36:08 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Wed Apr 04 21:36:08 2012 Route addition via IPAPI succeeded [adaptive] Wed Apr 04 21:36:08 2012 Initialization Sequence Completed Wed Apr 04 21:36:08 2012 MANAGEMENT: >STATE:1333568168,CONNECTED,SUCCESS,172.16.100.6,11.22.33.44 Client's route table after connection with OpenVPN: IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.41 281 0.0.0.0 128.0.0.0 172.16.100.1 172.16.100.6 31 94.23.53.45 255.255.255.255 192.168.1.1 192.168.1.41 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 128.0.0.0 128.0.0.0 172.16.100.1 172.16.100.6 31 172.16.100.4 255.255.255.252 On-link 172.16.100.6 286 172.16.100.6 255.255.255.255 On-link 172.16.100.6 286 172.16.100.7 255.255.255.255 On-link 172.16.100.6 286 192.168.1.0 255.255.255.0 On-link 192.168.1.41 281 192.168.1.41 255.255.255.255 On-link 192.168.1.41 281 192.168.1.255 255.255.255.255 On-link 192.168.1.41 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.41 281 224.0.0.0 240.0.0.0 On-link 172.16.100.6 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.41 281 255.255.255.255 255.255.255.255 On-link 172.16.100.6 286 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 0.0.0.0 0.0.0.0 192.168.1.1 Default =========================================================================== IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 13 58 ::/0 On-link 1 306 ::1/128 On-link 13 58 2001::/32 On-link 13 306 2001:0:5ef5:79fd:3cc3:6b9:ac7c:14db/128 On-link 15 281 fe80::/64 On-link 31 286 fe80::/64 On-link 13 306 fe80::/64 On-link 13 306 fe80::3cc3:6b9:ac7c:14db/128 On-link 31 286 fe80::7d72:9515:7213:35e3/128 On-link 15 281 fe80::9cec:ce3f:89de:a123/128 On-link 1 306 ff00::/8 On-link 13 306 ff00::/8 On-link 15 281 ff00::/8 On-link 31 286 ff00::/8 On-link =========================================================================== Persistent Routes: None

    Read the article

  • Sendmail to local domain ignoring MX records (part 2)

    - by FractalizeR
    Hello. I have the exact problem, like in this post: http://serverfault.com/questions/25068/sendmail-to-local-domain-ignoring-mx-records I am also using email provider like GMail For Your Domain (which stores your mail and manages it). I am sending mail from my server directly, but receiving mail is done via Yandex (email provider). Since the server hosts forum, I prefer to send mail directly from it because using another mail provider can slow things. Also, when I send 300.000 emails to my subscribers, email provider will surely block me thinking I send spam. My DNS zone now is: ; ; GSMFORUM.RU ; $TTL 1H gsmforum.ru. SOA ns1.hc.ru. support.hc.ru. ( 2009122268 ; Serial 1H ; Refresh 30M ; Retry 1W ; Expire 1H ) ; Minimum gsmforum.ru. NS ns1.hc.ru. gsmforum.ru. NS ns2.hc.ru. @ A 79.174.68.223 *.gsmforum.ru. CNAME @ ns1 A 79.174.68.223 ns2 A 79.174.68.224 @ MX 10 mx.yandex.ru. mail CNAME domain.mail.yandex.net. yamail-xxxxxxxxx CNAME mail.yandex.ru. Server hostname is server.gsmforum.ru. May be this is the cause? Can someone explain the reason of the matter (the rules that make sendmail consider domain to be local)? Can I easily change *.gsmforum.ru. CNAME @ into *.gsmforum.ru. A 79.174.68.224 to solve this problem? [root@server ~]# cat /etc/mail/local-host-names localhost localhost.localdomain This server hosts gsmforum.ru so I cannot put it into another domain like David Mackintosh suggests. Putting domain in mailertable doesn't solve the problem also. sendmail -bt still shows, that address is local. DontProbeInterfaces is also set to true at sendmail config. M4 file follows: divert(-1)dnl dnl # dnl # This is the sendmail macro config file for m4. If you make changes to dnl # /etc/mail/sendmail.mc, you will need to regenerate the dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is dnl # installed and then performing a dnl # dnl # make -C /etc/mail dnl # include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`setup for linux')dnl OSTYPE(`linux')dnl dnl # dnl # Do not advertize sendmail version. dnl # dnl define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl dnl # dnl # default logging level is 9, you might want to set it higher to dnl # debug the configuration dnl # dnl define(`confLOG_LEVEL', `9')dnl dnl # dnl # Uncomment and edit the following line if your outgoing mail needs to dnl # be sent out through an external mail server: dnl # dnl define(`SMART_HOST', `smtp.your.provider')dnl dnl # define(`confDEF_USER_ID', ``8:12'')dnl dnl define(`confAUTO_REBUILD')dnl define(`confTO_CONNECT', `1m')dnl define(`confTRY_NULL_MX_LIST', `True')dnl define(`confDONT_PROBE_INTERFACES',`True') define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl define(`ALIAS_FILE', `/etc/aliases')dnl define(`STATUS_FILE', `/var/log/mail/statistics')dnl define(`UUCP_MAILER_MAX', `2000000')dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl define(`confAUTH_OPTIONS', `A')dnl dnl # dnl # The following allows relaying if the user authenticates, and disallows dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links dnl # dnl define(`confAUTH_OPTIONS', `A p')dnl dnl # dnl # PLAIN is the preferred plaintext authentication method and used by dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do dnl # use LOGIN. Other mechanisms should be used if the connection is not dnl # guaranteed secure. dnl # Please remember that saslauthd needs to be running for AUTH. dnl # dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl dnl # dnl # Rudimentary information on creating certificates for sendmail TLS: dnl # cd /usr/share/ssl/certs; make sendmail.pem dnl # Complete usage: dnl # make -C /usr/share/ssl/certs usage dnl # dnl define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl dnl define(`confCACERT', `/etc/pki/tls/certs/ca-bundle.crt')dnl dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/sendmail.pem')dnl dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/sendmail.pem')dnl dnl # dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's dnl # slapd, which requires the file to be readble by group ldap dnl # dnl define(`confDONT_BLAME_SENDMAIL', `groupreadablekeyfile')dnl dnl # dnl define(`confTO_QUEUEWARN', `4h')dnl dnl define(`confTO_QUEUERETURN', `5d')dnl dnl define(`confQUEUE_LA', `12')dnl dnl define(`confREFUSE_LA', `18')dnl define(`confTO_IDENT', `0')dnl dnl FEATURE(delay_checks)dnl FEATURE(`no_default_msa', `dnl')dnl FEATURE(`smrsh', `/usr/sbin/smrsh')dnl FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl FEATURE(use_ct_file)dnl dnl # dnl # The following limits the number of processes sendmail can fork to accept dnl # incoming messages or process its message queues to 20.) sendmail refuses dnl # to accept connections once it has reached its quota of child processes. dnl # dnl define(`confMAX_DAEMON_CHILDREN', `20')dnl dnl # dnl # Limits the number of new connections per second. This caps the overhead dnl # incurred due to forking new sendmail processes. May be useful against dnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP address dnl # limit would be useful but is not available as an option at this writing.) dnl # dnl define(`confCONNECTION_RATE_THROTTLE', `3')dnl dnl # dnl # The -t option will retry delivery if e.g. the user runs over his quota. dnl # FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl FEATURE(`blacklist_recipients')dnl EXPOSED_USER(`root')dnl dnl # dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment dnl # the following 2 definitions and activate below in the MAILER section the dnl # cyrusv2 mailer. dnl # dnl define(`confLOCAL_MAILER', `cyrusv2')dnl dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl dnl # dnl # The following causes sendmail to only listen on the IPv4 loopback address dnl # 127.0.0.1 and not on any other network devices. Remove the loopback dnl # address restriction to accept email from the internet or intranet. dnl # DAEMON_OPTIONS(`Name=MTA,Port=smtp') dnl # dnl # The following causes sendmail to additionally listen to port 587 for dnl # mail from MUAs that authenticate. Roaming users who can't reach their dnl # preferred sendmail daemon due to port 25 being blocked or redirected find dnl # this useful. dnl # dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl dnl # dnl # The following causes sendmail to additionally listen to port 465, but dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1. dnl # dnl # For this to work your OpenSSL certificates must be configured. dnl # dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl dnl # dnl # The following causes sendmail to additionally listen on the IPv6 loopback dnl # device. Remove the loopback address restriction listen to the network. dnl # dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl dnl # dnl # enable both ipv6 and ipv4 in sendmail: dnl # dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6') dnl # dnl # We strongly recommend not accepting unresolvable domains if you want to dnl # protect yourself from spam. However, the laptop and users on computers dnl # that do not have 24x7 DNS do need this. dnl # FEATURE(`accept_unresolvable_domains')dnl dnl # dnl FEATURE(`relay_based_on_MX')dnl dnl # dnl # Also accept email sent to "localhost.localdomain" as local email. dnl # LOCAL_DOMAIN(`localhost.localdomain')dnl dnl # dnl # The following example makes mail from this host and any additional dnl # specified domains appear to be sent from mydomain.com dnl # dnl MASQUERADE_AS(`mydomain.com')dnl dnl # dnl # masquerade not just the headers, but the envelope as well dnl # dnl FEATURE(masquerade_envelope)dnl dnl # dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well dnl # dnl FEATURE(masquerade_entire_domain)dnl dnl # dnl MASQUERADE_DOMAIN(localhost)dnl dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl dnl MASQUERADE_DOMAIN(mydomain.lan)dnl MAILER(smtp)dnl MAILER(procmail)dnl dnl MAILER(cyrusv2)dnl FEATURE(`dnsbl',`zen.spamhaus.org',`Rejected - your IP is blacklisted by http://www.spamhaus.org')

    Read the article

  • ProFTPd server on Ubuntu getting access denied message when successfully authenticated?

    - by exxoid
    I have a Ubuntu box with a ProFTPD 1.3.4a Server, when I try to log in via my FTP Client I cannot do anything as it does not allow me to list directories; I have tried logging in as root and as a regular user and tried accessing different paths within the FTP Server. The error I get in my FTP Client is: Status: Retrieving directory listing... Command: CDUP Response: 250 CDUP command successful Command: PWD Response: 257 "/var" is the current directory Command: PASV Response: 227 Entering Passive Mode (172,16,4,22,237,205). Command: MLSD Response: 550 Access is denied. Error: Failed to retrieve directory listing Any idea? Here is the config of my proftpd: # # /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file. # To really apply changes, reload proftpd after modifications, if # it runs in daemon mode. It is not required in inetd/xinetd mode. # # Includes DSO modules Include /etc/proftpd/modules.conf # Set off to disable IPv6 support which is annoying on IPv4 only boxes. UseIPv6 off # If set on you can experience a longer connection delay in many cases. IdentLookups off ServerName "Drupal Intranet" ServerType standalone ServerIdent on "FTP Server ready" DeferWelcome on # Set the user and group that the server runs as User nobody Group nogroup MultilineRFC2228 on DefaultServer on ShowSymlinks on TimeoutNoTransfer 600 TimeoutStalled 600 TimeoutIdle 1200 DisplayLogin welcome.msg DisplayChdir .message true ListOptions "-l" DenyFilter \*.*/ # Use this to jail all users in their homes # DefaultRoot ~ # Users require a valid shell listed in /etc/shells to login. # Use this directive to release that constrain. # RequireValidShell off # Port 21 is the standard FTP port. Port 21 # In some cases you have to specify passive ports range to by-pass # firewall limitations. Ephemeral ports can be used for that, but # feel free to use a more narrow range. # PassivePorts 49152 65534 # If your host was NATted, this option is useful in order to # allow passive tranfers to work. You have to use your public # address and opening the passive ports used on your firewall as well. # MasqueradeAddress 1.2.3.4 # This is useful for masquerading address with dynamic IPs: # refresh any configured MasqueradeAddress directives every 8 hours <IfModule mod_dynmasq.c> # DynMasqRefresh 28800 </IfModule> # To prevent DoS attacks, set the maximum number of child processes # to 30. If you need to allow more than 30 concurrent connections # at once, simply increase this value. Note that this ONLY works # in standalone mode, in inetd mode you should use an inetd server # that allows you to limit maximum number of processes per service # (such as xinetd) MaxInstances 30 # Set the user and group that the server normally runs at. # Umask 022 is a good standard umask to prevent new files and dirs # (second parm) from being group and world writable. Umask 022 022 # Normally, we want files to be overwriteable. AllowOverwrite on # Uncomment this if you are using NIS or LDAP via NSS to retrieve passwords: # PersistentPasswd off # This is required to use both PAM-based authentication and local passwords AuthPAMConfig proftpd AuthOrder mod_auth_pam.c* mod_auth_unix.c # Be warned: use of this directive impacts CPU average load! # Uncomment this if you like to see progress and transfer rate with ftpwho # in downloads. That is not needed for uploads rates. # UseSendFile off TransferLog /var/log/proftpd/xferlog SystemLog /var/log/proftpd/proftpd.log # Logging onto /var/log/lastlog is enabled but set to off by default #UseLastlog on # In order to keep log file dates consistent after chroot, use timezone info # from /etc/localtime. If this is not set, and proftpd is configured to # chroot (e.g. DefaultRoot or <Anonymous>), it will use the non-daylight # savings timezone regardless of whether DST is in effect. #SetEnv TZ :/etc/localtime <IfModule mod_quotatab.c> QuotaEngine off </IfModule> <IfModule mod_ratio.c> Ratios off </IfModule> # Delay engine reduces impact of the so-called Timing Attack described in # http://www.securityfocus.com/bid/11430/discuss # It is on by default. <IfModule mod_delay.c> DelayEngine on </IfModule> <IfModule mod_ctrls.c> ControlsEngine off ControlsMaxClients 2 ControlsLog /var/log/proftpd/controls.log ControlsInterval 5 ControlsSocket /var/run/proftpd/proftpd.sock </IfModule> <IfModule mod_ctrls_admin.c> AdminControlsEngine off </IfModule> # # Alternative authentication frameworks # #Include /etc/proftpd/ldap.conf #Include /etc/proftpd/sql.conf # # This is used for FTPS connections # #Include /etc/proftpd/tls.conf # # Useful to keep VirtualHost/VirtualRoot directives separated # #Include /etc/proftpd/virtuals.con # A basic anonymous configuration, no upload directories. # <Anonymous ~ftp> # User ftp # Group nogroup # # We want clients to be able to login with "anonymous" as well as "ftp" # UserAlias anonymous ftp # # Cosmetic changes, all files belongs to ftp user # DirFakeUser on ftp # DirFakeGroup on ftp # # RequireValidShell off # # # Limit the maximum number of anonymous logins # MaxClients 10 # # # We want 'welcome.msg' displayed at login, and '.message' displayed # # in each newly chdired directory. # DisplayLogin welcome.msg # DisplayChdir .message # # # Limit WRITE everywhere in the anonymous chroot # <Directory *> # <Limit WRITE> # DenyAll # </Limit> # </Directory> # # # Uncomment this if you're brave. # # <Directory incoming> # # # Umask 022 is a good standard umask to prevent new files and dirs # # # (second parm) from being group and world writable. # # Umask 022 022 # # <Limit READ WRITE> # # DenyAll # # </Limit> # # <Limit STOR> # # AllowAll # # </Limit> # # </Directory> # # </Anonymous> # Include other custom configuration files Include /etc/proftpd/conf.d/ UseReverseDNS off <Global> RootLogin on UseFtpUsers on ServerIdent on DefaultChdir /var/www DeleteAbortedStores on LoginPasswordPrompt on AccessGrantMsg "You have been authenticated successfully." </Global> Any idea what could be wrong? Thanks for your help!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 322 323 324 325 326 327 328 329 330 331 332 333  | Next Page >