Search Results

Search found 12705 results on 509 pages for 'ip routing'.

Page 372/509 | < Previous Page | 368 369 370 371 372 373 374 375 376 377 378 379 | Next Page >

how to limit upload bandwidth per user in linux?

- by Gihan Lasita

Can anyone provide the tc command to limit upload bandwidth per user in Debian Lenny? I found that to mark packets per user with iptables I can use the following command iptables -t mangle -A OUTPUT -p tcp -m owner --uid-owner testuser -j MARK --set-mark 500 but I have no idea how to use tc update by running following commands, i managed to limit testuser upload bandwidth to 10Mbit iptables -t mangle -N HTB_OUT iptables -t mangle -I POSTROUTING -j HTB_OUT iptables -t mangle -A HTB_OUT -j MARK --set-mark 30 iptables -t mangle -A HTB_OUT -m owner --uid-owner testuser -j MARK --set-mark 10 tc qdisc replace dev eth0 root handle 1: htb default 30 tc class replace dev eth0 parent 1: classid 1:1 htb rate 10Mbit burst 5k tc class replace dev eth0 parent 1:1 classid 1:10 htb rate 10Mbit ceil 10Mbit tc qdisc replace dev eth0 parent 1:10 handle 10: sfq perturb 10 tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10 now the problem is, i do not want to limit testuser's FTP bandwidth but by running above commands FTP speed also limited to 10Mbit. Regards

Read the article
access VPN machine macosx same subnet

- by matheszabi

I would like to access the office machine, which has a fixed IP, and is available only in its local LAN. Let say 192.168.1.100. I have a VPN with username/password connection and I am trying to access the office machine from another location, i.e., another LAN, which has the same subnet: 192.168.1.50. I am using MacOSX 10.8. I have checked the "send all trafic over VPN connection, but I think it looks like it doesn't care and is searching in Local. I do not have admin privileges and can't request to make changes to the network settings in both LANs. Is there any way to connect to the desired remote machine?

Read the article
Loading guest OS's (Windows) localhost through my host's (Mountain Lion) browsers

- by Jonah Goldstein

For work, I have to develop in Visual Studio, which I run via VMware's fusion 5. I really want to test via my mac's native browsers for a multitude of reasons. that is, view the IIs web stuffs that my windows VM should expose, in my mac's own native Firefox, Chrome... etc. if i could expose a pretty url, that would be even better, but i would certainly settle for an ugly IP :) I got a decent number of views but no response when I asked in VMware's own boards. Everyone seems to want to go the other direction (developing in sublimetext/textmate serving up through MAMP and exposing it to windows browsers to test) and there seems to be tried a true solutions for this. unfortunately (or fortunately depending on your preference) my startup is pretty entrenched in the visual studio development tools. I'm really hoping that someone knows the answer to this. Thanks :)

Read the article
Where can I find logs for SFTP?

- by Jake

I'm trying to set up sftp-server but the client is getting an error, Connection closed by server with exitcode 1 /var/log/auth.log (below) doesn't help much, how can I find out what the error is? I'm running Ubuntu 10.04.1 LTS sshd[27236]: Accepted password for theuser from (my ip) port 13547 ssh2 sshd[27236]: pam_unix(sshd:session): session opened for user theuser by (uid=0) sshd[27300]: subsystem request for sftp sshd[27236]: pam_unix(sshd:session): session closed for user theuser Update: I've been prodding this for a while now, I've got the sftp command on another server giving me a more useful error. Request for subsystem 'sftp' failed on channel 0 Couldn't read packet: Connection reset by peer Everything I've found on the net suggests this id a problem with sftp-server but when I remove the chroot from sshd config I can access the system. I assume this means sftp-server is accessible and set up correctly.

Read the article
apxs cannot install mod_cloudflare on centos

- by Adam

[ Linux - CentOS - Apache 2.2 - mod_cloudflare - apxs2 ] I have changed my nameservers to point to CloudFlare. The problem is that all the IP addresses are coming in as CloudFlare's. This is no good, because I have to monitor and block some specific traffic. mod_cloudflare is supposed to resolve this but I have been unable to get this installed. The command in the documentation uses apxs2. I can't figure out how to install this, or if it just means for 'apache 2.4'. I'm running 2.2.3, and I can use 'apxs'. When I run: apxs -aic mod_cloudflare.c I get the error apxs:Error: Command failed with rc=65536 Does this mean I need apxs2 or something else? How do I get mod_cloudflare working on my server? I appreciate any help, the documentation is vague and limited.

Read the article
Security measures for CentOS

- by cappuccinodrinker

I have been tightening up my web server security and wanted to know what else I can do. I am running CentOS 5 with these measures: - All passwords to FTP, MySQL etc are generated from grc.com/passwords.htm and microsoft.com/protect/fraud/passwords/create.aspx (for the ones which cannot be too long). - Running iptables with all ports shut off except for http mail and smtp, the important ports like FTP SSH are blocked to all except my static office IP. There is also no response to pings. - Rootkit Hunter running daily - The server is PCI compliant according to Comodo - Not running any crappy made php apps, we use Zend Framework for our stuff and do have kayako installed and keep them up to date. Can't really think of anything else I can do... I could implement a brute force measure, but I think I already have by simply changing my SSH port to a number above 10000 and blocking it off with iptables.

Read the article
Conditional Directory Index In Htaccess

- by icelizard

This relates to the question in: http://stackoverflow.com/questions/1599717/conditional-directoryindex-in-htaccess The answer states that the following should work: SetEnvIf Remote_Addr ^127\.0\.0\.0$ owner <IfDefine owner> DirectoryIndex index.html </IfDefine> <IfDefine !owner> DirectoryIndex index.php </IfDefine> I am not sure this works, the setting of the Env var deffinately does, but no matter what IP I visit the site from the DirectoryIndex is always index.php Is there something wrong with the conditional or should I be using something else? Thanks in advance

Read the article
nginx howto correct the path from a back-end server redirect response under a virtual directory

- by noname

The following was my deployed servers: client ------ nginx proxy(example.com) ------ back-end server(192.168.1.20) The nginx proxy's external URL was configured under a virtual directory http://example.com/demo/ The back-end server was configure to http://192.168.1.20:8080/ the following was part of the nginx configure file: location /demo { proxy_pass http://192.168.1.20:8080/; proxy_redirect default; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } When the back-end server send a redirect response (HTTP CODE 302) with LOCATION head field "http://192.168.1.20/subdir/", the nginx map this LOCATION header field to "http://example.com/subdir/", not the disired "http://example.com/demo/subdir/"

Read the article
The canonical "blocking BitTorrent" question

- by Aphex5

How can one block, or severely slow down, BitTorrent and similar peer-to-peer (P2P) services on one's small home/office network? In searching Server Fault I wasn't able to find a question that served as a rallying point for the best technical ideas on this. The existing questions are all about specific situations, and the dominant answers are social/legal in nature. Those are valid approaches, but a purely technical discussion would be useful to a lot of people, I suspect. Let's assume that you don't have access to the machines on the network. With encryption use increasing in P2P traffic, it seems like stateful packet inspection is becoming a less workable solution. One idea that seems to make sense to me is simply throttling down heavy users by IP, regardless of what they're sending or receiving -- but it doesn't seem many routers support that functionality at the moment. What's your preferred method to throttle P2P/BitTorrent traffic? My apologies if this is a dupe.

Read the article
How to invalidate nginx reverse proxy cache in front of other nginx servers?

- by Olivier Lance

I'm running a Proxmox server on a single IP address, that will dispatch HTTP requests to containers depending on the requested host. I am using nginx on the Proxmox side to listen to HTTP requests and I am using the proxy_pass directive in my different server blocks to dispatch requests according to the server_name. My containers run on Ubuntu and are also running a nginx instance. I'm having troubles with caching on a particular website that is fully static: nginx keeps on serving me stale content after files updates, until I: Clear /var/cache/nginx/ and restart nginx or set proxy_cache off for this server and reload the config Here's the detail of my configuration: On the server (proxmox): /etc/nginx/nginx.conf: user www-data; worker_processes 8; pid /var/run/nginx.pid; events { worker_connections 768; # multi_accept on; use epoll; } http { ## # Basic Settings ## sendfile on; #tcp_nopush on; tcp_nodelay on; #keepalive_timeout 65; types_hash_max_size 2048; server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; client_body_buffer_size 1k; client_max_body_size 8m; large_client_header_buffers 1 1K; ignore_invalid_headers on; client_body_timeout 5; client_header_timeout 5; keepalive_timeout 5 5; send_timeout 5; server_name_in_redirect off; ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_vary on; gzip_proxied any; gzip_comp_level 6; # gzip_buffers 16 8k; gzip_http_version 1.1; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; limit_conn_zone $binary_remote_addr zone=gulag:1m; limit_conn gulag 50; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } /etc/nginx/conf.d/proxy.conf: proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_hide_header X-Powered-By; proxy_intercept_errors on; proxy_buffering on; proxy_cache_key "$scheme://$host$request_uri"; proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=cache:10m inactive=7d max_size=700m; /etc/nginx/sites-available/my-domain.conf: server { listen 80; server_name .my-domain.com; access_log off; location / { proxy_pass http://my-domain.local:80/; proxy_cache cache; proxy_cache_valid 12h; expires 30d; proxy_cache_use_stale error timeout invalid_header updating; } } On the container (my-domain.local): nginx.conf: (everything is inside the main config file -- it's been done quickly...) user www-data; worker_processes 1; error_log logs/error.log; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfile on; #tcp_nopush on; keepalive_timeout 65; gzip off; server { listen 80; server_name .my-domain.com; root /var/www; access_log logs/host.access.log; } } I've read many blog posts and answers before resolving to posting my own questions... most answers I can see suggest setting sendfile off; but that didn't work for me. I have tried many other things, double checked my settings and all seems fine. So I'm wondering whether I am not expecting nginx's cache to do something it's not meant to...? Basically, I thought that if one of my static files in my container was updated, the cache in my reverse proxy would be invalidated and my browser would get the new version of the file when it requests it... But I now have the sentiment I misunderstood many things. Of all things, I now wonder how nginx on the server can know about a file in the container has changed? I have seen a directive proxy_header_pass (or something alike), should I use this to let the nginx instance from the container somehow inform the one in Proxmox about updated files? Is this expectation just a dream, or can I do it with nginx on my current architecture?

Read the article
Laptop connects to other network but not to my home wireless

- by Nilesh

My home network's wireless SSID is say "XYZ" I also have an ethernet wire from the same router. I have two laptops A and B Earlier both A and B were able to connect to my home internet through the ethernet and wireless. Suddenly, the laptop B can no longer connect to XYZ or through ethernet. When I do plug the wire, i get the connection icon all green but when I try to access any web page it errors out (page not found) But strangely laptop B connects to my neighbours wireless SSID "ABC". I have also tested laptop B with other networks and it connects fine. Laptop A and many other devices still connect fine with my home wireless "XYZ" Strange thing is when my laptop B connects wireless through XYz, it gets the IP address but then none of the browsers (chrome,firefox, IE) can show any web pages. What settings should I be checking on laptop B that is preventing it to connect to my home internet. Thank you

Read the article
On RouterOS, how will transparent proxying (with DNAT) affect reporting of netflows?

- by Tim

I have a box running Mikrotik RouterOS, which is set up to do transparent web proxying, as described here. In short, this means that I have a firewall rule for destination NAT causing any port 80 traffic to get redirected to port 8080 on the router, which is received by the Mikrotik local web proxy. The local web proxy then makes the web request on the client's behalf, in this case to a parent web proxy server (which in turn does the real web request). My question is, how will this two-part process get reported in the logging of traffic flow information (netflows)? Looking at the logged information, what I seem to be seeing is this: One flow recorded from client machine (private IP) to remote proxy (8080) Another flow recorded from router to remote proxy (8080) The original request that the client made to port 80 isn't recorded. I want to write code to analyse traffic usage, so I want to be sure I'm not losing information if I discard the latter of these.

Read the article
Connected to internet but can't browse after trying to remove Covenant Eyes

- by Joanna

I recently got a MacBook Pro. It connects to ethernet\wifi and has internet but when I open Safari or Firefox, nothing happens. I get a timeout for all websites. I had Covenant Eyes on my Mac before and tried to remove it. My friends who work with computers have tried everything (ping, nslookup etc). Network diagnostics show no problems I can see I'm connected through ifconfig because I get an IP. I also get a response pinging www.google.gr. There are no proxies set in my Network preferences. Any ideas?

Read the article
I just got a linode VPS a week ago and I've been flagged for SSH scanning...

- by meder

I got a 32-bit Debian VPS from http://linode.com and I really haven't done any sort of advanced configuration for securing it ( port 22; password enabled ). It seems somehow there is ssh scanning going on from my IP, I'm being flagged as this is against the TOS. I've been SSHing only from my home Comcast ISP which I run Linux on. Is this a common thing when getting a new vps? Are there any standard security configuration tips? I'm quite confused as to how my machine has been accused of this ssh scanning.

Read the article
My site was recently attacked. What do I do?

- by ChrisH

This is a first for me. One of the sites I run was recently attacked. Not at all an intelligent attack - pure brute force - hit every page and every non-page with every extension possible. Posted with garbage data to every form and tried to post to some random urls too. All tod, 16000 requests in one hour. What should I do to prevent/alert this kind of behavior? Is there a way to limit the request/hr for a given ip/client? Is there a place I should be reporting the user to? They appear to be from China and did leave what seems like a valid e-mail.

Read the article
Why can't connect with second computer in same LAN and settings?

- by user930450

I'm trying to connect to WLAN with notebook. The notebook works fine with other WLANs. It can authenticate, signal is "very good" but it says "can't access internet". (On Windows it's small yellow exclamation mark on the signal). With other computer exactly in the same location, with the same settings, it's possible to connect. Both are configurated to get IP dynamically. One difference is that the other computer is using "Ralink wireless" instead normal windows client to connect. But does this make a difference? the settings are the same. What could be the reason?

Read the article
Windows 7 add printer, cancelled, but port still in use. How to remove?

- by Jake

I tried to add a network printer at www.xxx.yyy.zzz, but halfway it when it asked for a driver, I cancelled it because I do not have the driver at hand. Later when I try to add again, it tells me the port (www.xxx.yyy.zzz), which is automatically specified as the same as the IP for the printer, is already in use and then suggest www.xxx.yyy.zzz_1 Now, I cannot find the www.xxx.yyy.zzz printer anywhere such that I can remove it and use back the same port. How should I do it? Any ideas? Thanks.

Read the article
VirtualBox "Bridged Adapter" when host NIC is turned off

- by chris_l

Hi, I'm running Linux (Debian Etch) in a VirtualBox VM on my MacBook. I usually ssh from my Mac terminal to the guest machine. I also want to access the internet from my guest, so I set up my host's WLAN card (en1) as a bridged adapter for eth0 on the client. This works fine, but when I turn off the WLAN card (e.g. to reduce battery consumption), I'd still like to ssh from my host to the guest. This fails of course, because en1 loses its IP address. Is a bridged adapter the best option for what I want to do? How can I make it work? (A simple "ifconfig en1 add 10.0.0.4" didn't do the trick...) Thanks Chris

Read the article
dig and dig -x are answering different

- by erdemkeren

I don't want the name provider to manage my records. I want to handle it myself. So I installed bind9 and made some configurations reading some articles and following some examples. bind didn't show any error after I created/edited the required files but; When I write `dig www.foo.com, I see the IP of the advertisement page of my name provider. But when I write dig -x server_ip_address; I see the name I purchased. What am I doing wrong? Can't a server be the nameserver of it's own? Is it a must to configure the records from the company I bought the name from? By the way, I realised that, my previous question was not clear, I deleted it, and asking the same question in a different way.

Read the article
Bind dns server in Solaris 10 and win xp clients

- by stevecomptech

Hi, Added this in zone db file, i am running solaris 10 _ldap._tcp.mydomain.com. SRV 0 0 389 dc.mydomain.com. _kerberos._tcp.mydomain.com. SRV 0 0 88 dc.mydomain.com. _ldap._tcp.dc._msdcs.mydomain.com. SRV 0 0 389 dc.mydomain.com. _kerberos._tcp.dc._msdcs.mydomain.com. SRV 0 0 88 host.mydomain.com. Now i get this error when i try to join win xp to the domain The query was for the SRV record for _ldap._tcp.dc._msdcs.mydomain.com The following domain controllers were identified by the query: host.mydomain.com Common causes of this error include: Host (A) records that map the name of the domain controller to its IP addresses are missing or contain incorrect addresses. Domain controllers registered in DNS are not connected to the network or are not running. What do i need to change in order my win xp join the domain

Read the article
Port Forwarding on Actiontec GT704-WG Router Issues

- by adamweeks

I am trying to setup a server at customer's location that has the Actiontec GT704-WG DSL router. The port forwarding it not working at all. Here's the details: Server: OpenSuse Linux box with a static IP address of 192.168.1.200 Application running accepting connections on port 8060 Firewall disabled Local connections (within the network) working properly Router: Updated to latest firmware available DHCP range set to 192.168.1.69-192.168.1.199 to not have any conflicts with the server Firewall set to "off" Rule set in the "Applications" setting to forward 8060 TCP and UDP to 192.168.1.200 machine (I've tried using the "TCP,UDP" option as well as both individual options) I've also tried just simply putting the server in the DMZ to see if I could connect to anything, but still nothing. Looking for any clues before I call and waste hours explaining the issue to tech support.

Read the article
Where is debian storing its network settings?

- by user13743

I have a debian machine that is supposed to have a static ip, but insists on getting its address from the DHCP server. Here's this settings file: $> cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet static address 192.168.1.99 gateway 192.168.1.1 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 Yet $> sudo /etc/init.d/networking restart Reconfiguring network interfaces...done. $> sudo ifconfig eth0 Link encap:Ethernet HWaddr 00:e0:03:09:05:2e inet addr:192.168.1.205 Bcast:255.255.255.255 Mask:255.255.255.0 ... Where is it being told to use dhcp?

Read the article
Debugging Connection Issues Between Two Linux Servers

- by clickfault

I have two CentOS 5 servers running iptables and apf. I am having issues connecting with ssh from server 1 to server 2. I can connect from server 1 to a third server and from that third server to both 1 and 2. In all cases I am using the IP address and not a host name. I have stopped iptables and apf on all servers and it doesn't seem to change anything. What is the best way to debug this process?

Read the article
Configuring BIND to use VM's DNS for specific domain

- by Srirangan

I work on a project for which I use an Ubuntu server vm on an Ubuntu host. The VM runs all the services / webapps through haproxy and nginx and serves it on the domain (xyz.com). I manually modify my resolv.conf to use the VMs IP address as the nameserver and I can run my app on the host browser. The problem is I am modifying an auto-generated file (resolv.conf) and I need to do it each time. Is there a smart way to say: -- are you accessing xyz.com? -- if yes use VM's DNS server, else use the hosts

Read the article
Source of Unexplained Requests in Server Logs

- by Synetech inc.

Hi, I am baffled by some entries in my server logs, specifically the web-server logs. Other than normal, expected traffic, I have noticed three types of request errors (eg 404, etc.): Broken links, ie links from old, external pages that point to pages that are no longer here Sequences of probes, ie some jerk trying to hack in by scanning my server for a series of exploitable admin type pages and such What appear to be completely random requests for things that have never existed on the server or even have anything to do with the server, and appear by themselves (ie not a series of requests like the probes) Could it somehow be a mistyped URL or IP? That’s about the only thing that I can think of, but still, how could I get a request on say, foobar.dyndns.org (12.34.56.78) for something like www.wantsfly.com/prx2.php or /MNG/LIVE or http://ant.dsabuse.com/abc.php?auth=45V456b09m&strPassword=X%5BMTR__CBZ%40VA&nLoginId=43. (Those are a few actual requests from my logs.) Can someone please explain scenario three to me? Thanks.

Read the article

< Previous Page | 368 369 370 371 372 373 374 375 376 377 378 379 | Next Page >