Search Results

Search found 11903 results on 477 pages for 'ip forwarding'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 345/477 | < Previous Page | 341 342 343 344 345 346 347 348 349 350 351 352  | Next Page >

  • Grant relay to servers based on AD security group membership

    - by john
    We're moving our relay from an Exchange 2003 server to an Exchange 2010 server. I was hoping the "Grant or deny relay permissions to specific users or groups" option would still be available in some form, but I can't find out how to do it. I've read up on recieve connectors and so far I can't get it to work. I have edited the security on the Recieve Connector to allow the following extended rights to the group and added computer accounts to that group: Accept Routing Headers Bypass Anti-spam Submit to Server Accept any Sender Accept any Recipient Then I suddenly realised while testing... How would the receive connector resolve the permission to a particular AD object, maybe a reverse DNS lookup? What I'd like to know is if what I'm trying to achieve is possible, and how it would be possible. I would rather not revert to an IP-based list as this is not as manageable, and I'm trying to avoid creating static IPs/reservations for a number of workstations that would otherwise not need them.

    Read the article

  • how to limit upload bandwidth per user in linux?

    - by Gihan Lasita
    Can anyone provide the tc command to limit upload bandwidth per user in Debian Lenny? I found that to mark packets per user with iptables I can use the following command iptables -t mangle -A OUTPUT -p tcp -m owner --uid-owner testuser -j MARK --set-mark 500 but I have no idea how to use tc update by running following commands, i managed to limit testuser upload bandwidth to 10Mbit iptables -t mangle -N HTB_OUT iptables -t mangle -I POSTROUTING -j HTB_OUT iptables -t mangle -A HTB_OUT -j MARK --set-mark 30 iptables -t mangle -A HTB_OUT -m owner --uid-owner testuser -j MARK --set-mark 10 tc qdisc replace dev eth0 root handle 1: htb default 30 tc class replace dev eth0 parent 1: classid 1:1 htb rate 10Mbit burst 5k tc class replace dev eth0 parent 1:1 classid 1:10 htb rate 10Mbit ceil 10Mbit tc qdisc replace dev eth0 parent 1:10 handle 10: sfq perturb 10 tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10 now the problem is, i do not want to limit testuser's FTP bandwidth but by running above commands FTP speed also limited to 10Mbit. Regards

    Read the article

  • Loading guest OS's (Windows) localhost through my host's (Mountain Lion) browsers

    - by Jonah Goldstein
    For work, I have to develop in Visual Studio, which I run via VMware's fusion 5. I really want to test via my mac's native browsers for a multitude of reasons. that is, view the IIs web stuffs that my windows VM should expose, in my mac's own native Firefox, Chrome... etc. if i could expose a pretty url, that would be even better, but i would certainly settle for an ugly IP :) I got a decent number of views but no response when I asked in VMware's own boards. Everyone seems to want to go the other direction (developing in sublimetext/textmate serving up through MAMP and exposing it to windows browsers to test) and there seems to be tried a true solutions for this. unfortunately (or fortunately depending on your preference) my startup is pretty entrenched in the visual studio development tools. I'm really hoping that someone knows the answer to this. Thanks :)

    Read the article

  • Where can I find logs for SFTP?

    - by Jake
    I'm trying to set up sftp-server but the client is getting an error, Connection closed by server with exitcode 1 /var/log/auth.log (below) doesn't help much, how can I find out what the error is? I'm running Ubuntu 10.04.1 LTS sshd[27236]: Accepted password for theuser from (my ip) port 13547 ssh2 sshd[27236]: pam_unix(sshd:session): session opened for user theuser by (uid=0) sshd[27300]: subsystem request for sftp sshd[27236]: pam_unix(sshd:session): session closed for user theuser Update: I've been prodding this for a while now, I've got the sftp command on another server giving me a more useful error. Request for subsystem 'sftp' failed on channel 0 Couldn't read packet: Connection reset by peer Everything I've found on the net suggests this id a problem with sftp-server but when I remove the chroot from sshd config I can access the system. I assume this means sftp-server is accessible and set up correctly.

    Read the article

  • nginx howto correct the path from a back-end server redirect response under a virtual directory

    - by noname
    The following was my deployed servers: client ------ nginx proxy(example.com) ------ back-end server(192.168.1.20) The nginx proxy's external URL was configured under a virtual directory http://example.com/demo/ The back-end server was configure to http://192.168.1.20:8080/ the following was part of the nginx configure file: location /demo { proxy_pass http://192.168.1.20:8080/; proxy_redirect default; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } When the back-end server send a redirect response (HTTP CODE 302) with LOCATION head field "http://192.168.1.20/subdir/", the nginx map this LOCATION header field to "http://example.com/subdir/", not the disired "http://example.com/demo/subdir/"

    Read the article

  • apxs cannot install mod_cloudflare on centos

    - by Adam
    [ Linux - CentOS - Apache 2.2 - mod_cloudflare - apxs2 ] I have changed my nameservers to point to CloudFlare. The problem is that all the IP addresses are coming in as CloudFlare's. This is no good, because I have to monitor and block some specific traffic. mod_cloudflare is supposed to resolve this but I have been unable to get this installed. The command in the documentation uses apxs2. I can't figure out how to install this, or if it just means for 'apache 2.4'. I'm running 2.2.3, and I can use 'apxs'. When I run: apxs -aic mod_cloudflare.c I get the error apxs:Error: Command failed with rc=65536 Does this mean I need apxs2 or something else? How do I get mod_cloudflare working on my server? I appreciate any help, the documentation is vague and limited.

    Read the article

  • Conditional Directory Index In Htaccess

    - by icelizard
    This relates to the question in: http://stackoverflow.com/questions/1599717/conditional-directoryindex-in-htaccess The answer states that the following should work: SetEnvIf Remote_Addr ^127\.0\.0\.0$ owner <IfDefine owner> DirectoryIndex index.html </IfDefine> <IfDefine !owner> DirectoryIndex index.php </IfDefine> I am not sure this works, the setting of the Env var deffinately does, but no matter what IP I visit the site from the DirectoryIndex is always index.php Is there something wrong with the conditional or should I be using something else? Thanks in advance

    Read the article

  • Security measures for CentOS

    - by cappuccinodrinker
    I have been tightening up my web server security and wanted to know what else I can do. I am running CentOS 5 with these measures: - All passwords to FTP, MySQL etc are generated from grc.com/passwords.htm and microsoft.com/protect/fraud/passwords/create.aspx (for the ones which cannot be too long). - Running iptables with all ports shut off except for http mail and smtp, the important ports like FTP SSH are blocked to all except my static office IP. There is also no response to pings. - Rootkit Hunter running daily - The server is PCI compliant according to Comodo - Not running any crappy made php apps, we use Zend Framework for our stuff and do have kayako installed and keep them up to date. Can't really think of anything else I can do... I could implement a brute force measure, but I think I already have by simply changing my SSH port to a number above 10000 and blocking it off with iptables.

    Read the article

  • FTP not listing files behind firewall (setsockopt (ignored): Permission denied)

    - by KennyDs
    We are developing a Magento application that has a module that works with FTP. Today we deployed this on the testing environment which is setup in the following way: Gateway server which has the following iptables rules: # iptables -L -n -v Chain INPUT (policy ACCEPT 2 packets, 130 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 165 13720 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED Chain FORWARD (policy ACCEPT 7 packets, 606 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- eth1 eth0 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 15 965 ACCEPT all -- eth0 eth1 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- eth1 eth1 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 126 packets, 31690 bytes) pkts bytes target prot opt in out source destination These are set at runtime via the following bash script: #!/bin/sh PATH=/usr/sbin:/sbin:/bin:/usr/bin # # delete all existing rules. # iptables -F iptables -t nat -F iptables -t mangle -F iptables -X # Always accept loopback traffic iptables -A INPUT -i lo -j ACCEPT # Allow established connections, and those not coming from the outside iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow outgoing connections from the LAN side. iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT # Masquerade. iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE # Don't forward from the outside to the inside. iptables -A FORWARD -i eth1 -o eth1 -j REJECT # Enable routing. echo 1 > /proc/sys/net/ipv4/ip_forward The gateway server is connected to the WAN via eth1 and is connected to the internal network via eth0. One of the servers from eth1 has the following problem when trying to list files over ftp: $ ftp -vd myftpserver.com Connected to myftpserver.com 220 Welcome to MY FTP Server ftp: setsockopt: Bad file descriptor Name (myftpserver.com:magento): XXXXXXXX ---> USER XXXXXXXX 331 User XXXXXXXX, password please Password: ---> PASS XXXX 230 Password Ok, User logged in ---> SYST 215 UNIX Type: L8 Remote system type is UNIX. Using binary mode to transfer files. ftp> ls ftp: setsockopt (ignored): Permission denied ---> PORT 192,168,19,15,135,75 421 Service not available, remote server has closed connection When I try listing the files in passive mode, same result. When I run the same command on the gateway server, everything works fine so I believe that the issue is happening because of the iptables rules not forwarding properly. Does anyone have an idea which rule I need to add to make this work?

    Read the article

  • The canonical "blocking BitTorrent" question

    - by Aphex5
    How can one block, or severely slow down, BitTorrent and similar peer-to-peer (P2P) services on one's small home/office network? In searching Server Fault I wasn't able to find a question that served as a rallying point for the best technical ideas on this. The existing questions are all about specific situations, and the dominant answers are social/legal in nature. Those are valid approaches, but a purely technical discussion would be useful to a lot of people, I suspect. Let's assume that you don't have access to the machines on the network. With encryption use increasing in P2P traffic, it seems like stateful packet inspection is becoming a less workable solution. One idea that seems to make sense to me is simply throttling down heavy users by IP, regardless of what they're sending or receiving -- but it doesn't seem many routers support that functionality at the moment. What's your preferred method to throttle P2P/BitTorrent traffic? My apologies if this is a dupe.

    Read the article

  • On RouterOS, how will transparent proxying (with DNAT) affect reporting of netflows?

    - by Tim
    I have a box running Mikrotik RouterOS, which is set up to do transparent web proxying, as described here. In short, this means that I have a firewall rule for destination NAT causing any port 80 traffic to get redirected to port 8080 on the router, which is received by the Mikrotik local web proxy. The local web proxy then makes the web request on the client's behalf, in this case to a parent web proxy server (which in turn does the real web request). My question is, how will this two-part process get reported in the logging of traffic flow information (netflows)? Looking at the logged information, what I seem to be seeing is this: One flow recorded from client machine (private IP) to remote proxy (8080) Another flow recorded from router to remote proxy (8080) The original request that the client made to port 80 isn't recorded. I want to write code to analyse traffic usage, so I want to be sure I'm not losing information if I discard the latter of these.

    Read the article

  • How to invalidate nginx reverse proxy cache in front of other nginx servers?

    - by Olivier Lance
    I'm running a Proxmox server on a single IP address, that will dispatch HTTP requests to containers depending on the requested host. I am using nginx on the Proxmox side to listen to HTTP requests and I am using the proxy_pass directive in my different server blocks to dispatch requests according to the server_name. My containers run on Ubuntu and are also running a nginx instance. I'm having troubles with caching on a particular website that is fully static: nginx keeps on serving me stale content after files updates, until I: Clear /var/cache/nginx/ and restart nginx or set proxy_cache off for this server and reload the config Here's the detail of my configuration: On the server (proxmox): /etc/nginx/nginx.conf: user www-data; worker_processes 8; pid /var/run/nginx.pid; events { worker_connections 768; # multi_accept on; use epoll; } http { ## # Basic Settings ## sendfile on; #tcp_nopush on; tcp_nodelay on; #keepalive_timeout 65; types_hash_max_size 2048; server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; client_body_buffer_size 1k; client_max_body_size 8m; large_client_header_buffers 1 1K; ignore_invalid_headers on; client_body_timeout 5; client_header_timeout 5; keepalive_timeout 5 5; send_timeout 5; server_name_in_redirect off; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; # gzip_buffers 16 8k; gzip_http_version 1.1; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; limit_conn_zone $binary_remote_addr zone=gulag:1m; limit_conn gulag 50; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } /etc/nginx/conf.d/proxy.conf: proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_hide_header X-Powered-By; proxy_intercept_errors on; proxy_buffering on; proxy_cache_key "$scheme://$host$request_uri"; proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=cache:10m inactive=7d max_size=700m; /etc/nginx/sites-available/my-domain.conf: server { listen 80; server_name .my-domain.com; access_log off; location / { proxy_pass http://my-domain.local:80/; proxy_cache cache; proxy_cache_valid 12h; expires 30d; proxy_cache_use_stale error timeout invalid_header updating; } } On the container (my-domain.local): nginx.conf: (everything is inside the main config file -- it's been done quickly...) user www-data; worker_processes 1; error_log logs/error.log; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; #tcp_nopush on; keepalive_timeout 65; gzip off; server { listen 80; server_name .my-domain.com; root /var/www; access_log logs/host.access.log; } } I've read many blog posts and answers before resolving to posting my own questions... most answers I can see suggest setting sendfile off; but that didn't work for me. I have tried many other things, double checked my settings and all seems fine. So I'm wondering whether I am not expecting nginx's cache to do something it's not meant to...? Basically, I thought that if one of my static files in my container was updated, the cache in my reverse proxy would be invalidated and my browser would get the new version of the file when it requests it... But I now have the sentiment I misunderstood many things. Of all things, I now wonder how nginx on the server can know about a file in the container has changed? I have seen a directive proxy_header_pass (or something alike), should I use this to let the nginx instance from the container somehow inform the one in Proxmox about updated files? Is this expectation just a dream, or can I do it with nginx on my current architecture?

    Read the article

  • Laptop connects to other network but not to my home wireless

    - by Nilesh
    My home network's wireless SSID is say "XYZ" I also have an ethernet wire from the same router. I have two laptops A and B Earlier both A and B were able to connect to my home internet through the ethernet and wireless. Suddenly, the laptop B can no longer connect to XYZ or through ethernet. When I do plug the wire, i get the connection icon all green but when I try to access any web page it errors out (page not found) But strangely laptop B connects to my neighbours wireless SSID "ABC". I have also tested laptop B with other networks and it connects fine. Laptop A and many other devices still connect fine with my home wireless "XYZ" Strange thing is when my laptop B connects wireless through XYz, it gets the IP address but then none of the browsers (chrome,firefox, IE) can show any web pages. What settings should I be checking on laptop B that is preventing it to connect to my home internet. Thank you

    Read the article

  • Connected to internet but can't browse after trying to remove Covenant Eyes

    - by Joanna
    I recently got a MacBook Pro. It connects to ethernet\wifi and has internet but when I open Safari or Firefox, nothing happens. I get a timeout for all websites. I had Covenant Eyes on my Mac before and tried to remove it. My friends who work with computers have tried everything (ping, nslookup etc). Network diagnostics show no problems I can see I'm connected through ifconfig because I get an IP. I also get a response pinging www.google.gr. There are no proxies set in my Network preferences. Any ideas?

    Read the article

  • Bind dns server in Solaris 10 and win xp clients

    - by stevecomptech
    Hi, Added this in zone db file, i am running solaris 10 _ldap._tcp.mydomain.com. SRV 0 0 389 dc.mydomain.com. _kerberos._tcp.mydomain.com. SRV 0 0 88 dc.mydomain.com. _ldap._tcp.dc._msdcs.mydomain.com. SRV 0 0 389 dc.mydomain.com. _kerberos._tcp.dc._msdcs.mydomain.com. SRV 0 0 88 host.mydomain.com. Now i get this error when i try to join win xp to the domain The query was for the SRV record for _ldap._tcp.dc._msdcs.mydomain.com The following domain controllers were identified by the query: host.mydomain.com Common causes of this error include: Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses. Domain controllers registered in DNS are not connected to the network or are not running. What do i need to change in order my win xp join the domain

    Read the article

  • dig and dig -x are answering different

    - by erdemkeren
    I don't want the name provider to manage my records. I want to handle it myself. So I installed bind9 and made some configurations reading some articles and following some examples. bind didn't show any error after I created/edited the required files but; When I write `dig www.foo.com, I see the IP of the advertisement page of my name provider. But when I write dig -x server_ip_address; I see the name I purchased. What am I doing wrong? Can't a server be the nameserver of it's own? Is it a must to configure the records from the company I bought the name from? By the way, I realised that, my previous question was not clear, I deleted it, and asking the same question in a different way.

    Read the article

  • My site was recently attacked. What do I do?

    - by ChrisH
    This is a first for me. One of the sites I run was recently attacked. Not at all an intelligent attack - pure brute force - hit every page and every non-page with every extension possible. Posted with garbage data to every form and tried to post to some random urls too. All tod, 16000 requests in one hour. What should I do to prevent/alert this kind of behavior? Is there a way to limit the request/hr for a given ip/client? Is there a place I should be reporting the user to? They appear to be from China and did leave what seems like a valid e-mail.

    Read the article

  • I just got a linode VPS a week ago and I've been flagged for SSH scanning...

    - by meder
    I got a 32-bit Debian VPS from http://linode.com and I really haven't done any sort of advanced configuration for securing it ( port 22; password enabled ). It seems somehow there is ssh scanning going on from my IP, I'm being flagged as this is against the TOS. I've been SSHing only from my home Comcast ISP which I run Linux on. Is this a common thing when getting a new vps? Are there any standard security configuration tips? I'm quite confused as to how my machine has been accused of this ssh scanning.

    Read the article

  • Source of Unexplained Requests in Server Logs

    - by Synetech inc.
    Hi, I am baffled by some entries in my server logs, specifically the web-server logs. Other than normal, expected traffic, I have noticed three types of request errors (eg 404, etc.): Broken links, ie links from old, external pages that point to pages that are no longer here Sequences of probes, ie some jerk trying to hack in by scanning my server for a series of exploitable admin type pages and such What appear to be completely random requests for things that have never existed on the server or even have anything to do with the server, and appear by themselves (ie not a series of requests like the probes) Could it somehow be a mistyped URL or IP? That’s about the only thing that I can think of, but still, how could I get a request on say, foobar.dyndns.org (12.34.56.78) for something like www.wantsfly.com/prx2.php or /MNG/LIVE or http://ant.dsabuse.com/abc.php?auth=45V456b09m&strPassword=X%5BMTR__CBZ%40VA&nLoginId=43. (Those are a few actual requests from my logs.) Can someone please explain scenario three to me? Thanks.

    Read the article

  • VirtualBox "Bridged Adapter" when host NIC is turned off

    - by chris_l
    Hi, I'm running Linux (Debian Etch) in a VirtualBox VM on my MacBook. I usually ssh from my Mac terminal to the guest machine. I also want to access the internet from my guest, so I set up my host's WLAN card (en1) as a bridged adapter for eth0 on the client. This works fine, but when I turn off the WLAN card (e.g. to reduce battery consumption), I'd still like to ssh from my host to the guest. This fails of course, because en1 loses its IP address. Is a bridged adapter the best option for what I want to do? How can I make it work? (A simple "ifconfig en1 add 10.0.0.4" didn't do the trick...) Thanks Chris

    Read the article

  • Self-hosted browser-based remote desktop script?

    - by rlsaj
    I need a self-hosted browser based remote desktop script that will connect me from any PC to my work PC. I need to either host this script within my own dedicated hosting or on my work PC. The PC that I need to remote into is always the one PC (Win7) and the IP never changes, and I have access to the Router/Firewall within. I have tried many remote desktop services and applications - LogMeIn, Team Viewer, (Ultra/Tight) VNC, GoToMyPC and iTeleport Connect and even Windows Remote Desktop - and the web services (or ports) are blocked at whatever free wi-fi/hotel/coffee shop I am at. Note that I will need to be able to access this from any PC, so I won't be able to install any applications (or use any portable software) - hence my thinking that it will need to be browser based on a standard (not blocked) port. If I can set up a web based remote desktop application - really a homebrew LogMeIn - then I should solve my problem. What is the best option here?

    Read the article

  • Windows 7 add printer, cancelled, but port still in use. How to remove?

    - by Jake
    I tried to add a network printer at www.xxx.yyy.zzz, but halfway it when it asked for a driver, I cancelled it because I do not have the driver at hand. Later when I try to add again, it tells me the port (www.xxx.yyy.zzz), which is automatically specified as the same as the IP for the printer, is already in use and then suggest www.xxx.yyy.zzz_1 Now, I cannot find the www.xxx.yyy.zzz printer anywhere such that I can remove it and use back the same port. How should I do it? Any ideas? Thanks.

    Read the article

  • Hosting several domains on one server using IIS 7

    - by Øyvind Knobloch-Bråthen
    I have created several web sites inside IIS7 on my server. All of them use the same ip and port, but different host names. Currently I have set the host name to www.mydomain.com. Now my question is, how do I get my actual domains to target the different sites on my server. Second question. Can I set my host name to only mydomain.com to make sure that all requests to that domain is handeled by the same application? Primarily, I want both www.mydomain.com and mydomain.com to work when the user types the address in their browser.

    Read the article

  • Configuring BIND to use VM's DNS for specific domain

    - by Srirangan
    I work on a project for which I use an Ubuntu server vm on an Ubuntu host. The VM runs all the services / webapps through haproxy and nginx and serves it on the domain (xyz.com). I manually modify my resolv.conf to use the VMs IP address as the nameserver and I can run my app on the host browser. The problem is I am modifying an auto-generated file (resolv.conf) and I need to do it each time. Is there a smart way to say: -- are you accessing xyz.com? -- if yes use VM's DNS server, else use the hosts

    Read the article

  • Is there a way to submit a batch of commands to a Cisco router and have them execute from the router?

    - by atroon
    I need to change the configuration of a remote (6 hours' drive) client's Cisco 871 (IOS 12.4.15T) from my location because of some new internet service at his location. To be more precise, I need to change the default route, ip address of the outside interface (Fa4) and disable the PPPoE setup there. Unfortunately, doing any of this will (obviously) break the connection to the router. I do not have an out-of-band management modem set up (I know, I know). Is there any way to enter the commands I need to have run and have them execute one after the other, from a file on flash:? I have never tried anything like that before. Essentially a DOS-style batch file is exactly what I need. Nothing like it seems to be out there except using kron to execute CLI commands, but that is specified here as only taking EXEC commands, not configuration ones. Is there hope, or do I travel?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 341 342 343 344 345 346 347 348 349 350 351 352  | Next Page >