Search Results

Search found 452 results on 19 pages for 'inbound'.

Page 4/19 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >

IPSEC tunnel Fortinet Transparent Mode to inside Fortinet firewall in NAT Mode does not respond to i

- by TrevJen

I have 2 fortinet firewalls (fully patched); fw1 is providing an IPSEC tunnel in transparent mode. beneath this firewall is a fw2, a NAT firewall with a VIP address that has been confirmed to work. This configuration is required for my customers who want to connect to a public address space inside of the tunnel, in order to prevent cross over in IP space. This configuration works great for traffic going outbound to the remote side of the tunnel, but not inbound. While sniffing the traffic, I can see the inbound traffic going out of the fw1, but it is never seen at the fw2. Cust Net > 10.1.1.100 | | | FW1 >TRANSPARENT IPSEC | | | FW2 EXT >99.1.1.1.100-VIP | FW2 NAT >192.1.1.100-NAT

Read the article
How can I create (or do I even need to create) an alias of a DNS MX record?

- by AKWF

I am in the process of moving my DNS records from Network Solutions to the Amazon Route 53 service. While I know and understand a little about the basic kinds of records, I am stumped on how to create the record that will point to the MX record on Network Solutions (if I'm even saying that right). On Network Solutions I have this: Mail Servers (MX Records) Note: Mail Servers are listed in rank order myapp.net Add Sub-Domain MXMailServer(Preference) TTL inbound.myapp.net.netsolmail.net.(10) 7200 Network Solutions E-mail I have read that the payload for an MX record state that it must point to an existing A record in the DNS. Yet in the example above, that inbound.myapp... record only has the words "Network Solutions E-mail" next to it. Our email is hosted at Network Solutions. I have already created the CNAME records that look like this: mail.myapp.net 7200 mail.mycarparts.net.netsolmail.net. smtp.myapp.net 7100 smtp.mycarparts.net.netsolmail.net. Since I am only using Amazon as the DNS, do I even need to do anything with that MX record? I appreciate your help, I googled and researched this before I posted, this is my first post on webmasters although I've been on SO for a few years.

Read the article
Disabling weak ciphers on Windows 2003

- by Kev

For PCI-DSS compliance you have to disable weak ciphers. PCI-DSS permits a minimum cipher size of 128 bits. However for the highest score (0 I believe) you should only accept 168 bit ciphers but you can still be compliant if you permit 128 bit ciphers. The trouble is that when we disable all but 168 bit encryption it seems to disable both inbound and out bound secure channels. For example we'd like to lock down inbound IIS HTTPS to 168 bit ciphers but permit outbound 128 bit SSL connections to payment gateways/services from service applications running on the server (not all payment gateways support 168 bit only we just found out today). Is it possible to have cipher asymmetry on Windows 2003? I am told it is all or nothing.

Read the article
Asterisk Outgoing CDR Logging To Mysql

- by user3295551

Trying to utilize the cdr logging (to mysql) using custom fields. The problem I am facing is only when an outbound call is placed, during inbound calls the custom field I am able to log no problem. The reason I am having an issue is because the custom cdr field I need is a unique value for each user on the system. sip.conf ... ... [sales_department](!) type=friend host=dynamic context=SalesAgents disallow=all allow=ulaw allow=alaw qualify=yes qualifyfreq=30 ;; company sales agents: [11](sales_agent) secret=xxxxxx callerid="<...>" [12](sales_agent) secret=xxxxxx callerid="<...>" [13](sales_agent) secret=xxxxxx callerid="<...>" [14](sales_agent) secret=xxxxxx callerid="<...>" extensions.conf [SalesAgents] include => Services ; Outbound calls exten=>_1NXXNXXXXXX,1,Dial(SIP/${EXTEN}@myprovider) ; Inbound calls exten=>100,1,NoOp() same => n,Set(CDR(agent_id)=11) same => n,CELGenUserEvent(Custom Event) same => n,Dial(${11_1},25) same => n,GotoIf($["${DIALSTATUS}" = "BUSY"]?busy:unavail) same => n(unavail),VoiceMail(11@asterisk) same => n,Hangup() same => n(busy),VoiceMail(11@asterisk) same => n,Hangup() exten=>101,1,NoOp() same => n,Set(CDR(agent_id)=12) same => n,CELGenUserEvent(Custom Event) same => n,Dial(${12_1},25) same => n,GotoIf($["${DIALSTATUS}" = "BUSY"]?busy:unavail) same => n(unavail),VoiceMail(12@asterisk) same => n,Hangup() same => n(busy),VoiceMail(12@asterisk) same => n,Hangup() ... ... For the inbound section of the dialplan in the above example I am able to insert the custom cdr field (agent_id). But above it you can see for the Oubound section of the dialplan I have been stumped on how I would be able to tell the dialplan which agent_id is making the outbound call. My Question: how to take the agent_id=[11] & agent_id=[12] and agent_id=[13] and agent_id=[14] etc and use that as a custom field for cdr on outbound calls?

Read the article
Windows Server - Dual NIC Bandwidth Pooling

- by tsilb

I have a Windows Server 2008 machine with dual NICs. Both are plugged into the same switch in a typical one-switch, one-gateway home network. This server is used almost exclusively for inbound connections. It hosts a web server (IIS 6), SQL server, and file server (via LAN UNC paths and mapped drives). How do I make best use of inbound bandwidth across both NICs? For example, if I connect to it by hostname and one of the interfaces has high traffic, I'd like the new connection to use the other interface.

Read the article
Retrieve the full ASP.NET Form Buffer as a String

- by Rick Strahl

Did it again today: For logging purposes I needed to capture the full Request.Form data as a string and while it’s pretty easy to retrieve the buffer it always takes me a few minutes to remember how to do it. So I finally wrote a small helper function to accomplish this since this comes up rather frequently especially in debugging scenarios or in the immediate window. Here’s the quick function to get the form buffer as string: /// <summary> /// Returns the content of the POST buffer as string /// </summary> /// <returns></returns> public static string FormBufferToString() { HttpRequest Request = HttpContext.Current.Request; if (Request.TotalBytes > 0) return Encoding.Default.GetString(Request.BinaryRead(Request.TotalBytes)); return string.Empty; } Clearly a simple task, but handy to have in your library for reuse. You probably don’t want to call this if you have a massive inbound form buffer, or if the data you’re retrieving is binary. It’s probably a good idea to check the inbound content type before calling this function with something like this: var formBuffer = string.Empty; if (Request.ContentType.StartsWith("text/") || Request.ContentType == "application/x-www-form-urlencoded") ) { formBuffer = FormBufferToString(); } to ensure you’re working only on content types you can actually view as text. Now if I can only remember the name of this function in my library – it’s part of the static WebUtils class in the West Wind Web Toolkit if you want to check out a number of other useful Web helper functions.© Rick Strahl, West Wind Technologies, 2005-2011Posted in ASP.NET

Read the article
B2B communication using IBM MQ

- by Dheeraj Kumar M

Oracle B2B 11g, provides the out-of-the box ability to connect to IBM MQ to exchange the message. This is support is provided via JMS offering of Oracle B2B. This is an addition to the stack of existing communication capabilities of B2B with trading partners. There are 2 ways of connecting to IBM MQ using B2B 1. Credential based connectivity 2. .bindings based connectivity As a pre-requisite to connect to IBM MQ, it is required to provide the following libraries in classpath: a. com.ibm.mqjms.jar b. dhbcore.jar c. com.ibm.mq.jar d. com.ibm.mq.jmqi.jar e. mqcontext.jar f. com.ibm.mq.pcf.jar g. com.ibm.mq.commonservices.jar h. com.ibm.mq.headers.jar i. fscontext.jar j. jms.jar Add the above jars into domain library directory and the directory usually located at $DOMAIN_DIR/lib. The jars located in this($DOMAIN_DIR/lib) directory will be picked up and added dynamically to the end of the server classpath at server startup. For eg. /user_projects/domains//lib/ Alternatively the above jar’s can also be added as part of the setDomainEnv.sh Credential based connectivity : Outbound: : Configure the trading partner delivery channel for using "Generic JMS" protocol Inbound: : Configure the internal delivery channel for using "Generic JMS" protocol with the following details: Parameter NameDescription Destination NameMQ Queue Name Connection FactoryMQ Queue Manager Name Destination Providerjava.naming.factory.initial=com.ibm.mq.jms.context.WMQInitialContextFactory;java.naming.provider.url=<host>:<QM Listen port>/<MQ Channel Name>; User NameMQ User Name passwordMQ password .bindings based connectivity As a pre-requisite, get/generate the .bindings file in MQServer. This can be done by MQ Administrator Set the following values in the respective delivery channel for outbound / inbound Parameter NameDescription Destination NameMQ Queue Name Connection FactoryMQ Queue Manager Name Destination Providerjava.naming.factory.initial=com.ibm.mq.jms.context.WMQInitialContextFactory;java.naming.provider.url=file:///<location of .bindings file>;

Read the article
Understanding packet flows over RVI

- by choco-loo

I'm trying to get a full grasp of firewall filters and how to apply them on a Juniper EX4200 switch - to be able to block ports, police traffic and shape traffic. The network architecture is as follows internet >-< vlan4000 >-< vlan43 vlan4000 is a public "routed" block (where all the IPs are routed to and the internet gw is) vlan43 is a vlan with public IPs with devices (servers) attached There are static routes and RVI's on the EX4200 to send all traffic via vlan4000's gateway to reach the internet. I've set up filters on both input and output of the respective RVI's and VLAN's - with simple counters, to measure traffic flow from a server inside of vlan43 and a server on the internet. Using a combination of iperf for UDP and TCP tests and fping for ICMP tests - I observed the following, icmp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 100 100 unit43-counter-out 0 0 vlan4000-counter-in 6 4 vlan4000-counter-out 107 104 vlan43-counter-in 101 100 vlan43-counter-out 100 100 tcp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 73535 38480 unit43-counter-out 0 0 vlan4000-counter-in 7 8 vlan4000-counter-out 73543 38489 vlan43-counter-in 73535 38481 vlan43-counter-out 38938 75880 udp vlan43>internet internet>vlan43 unit4000-counter-in 0 0 unit4000-counter-out 0 0 unit43-counter-in 81410 1 unit43-counter-out 0 0 vlan4000-counter-in 18 7 vlan4000-counter-out 81429 8 vlan43-counter-in 81411 1 vlan43-counter-out 1 85472 My key goals are to set up a few filters and policers, as there will be many more VLANs - that all need protecting from each other and the internet. Then globally limit/police all outbound traffic to the internet Block inbound ports to vlan43 (eg. 22) Limit outbound traffic from vlan43 (to the internet) Limit outbound traffic from vlan43 (to other vlans) Limit outbound traffic from vlan4000 (to the internet from all vlans) Route traffic from vlans via specific routing instances (FBF) The question What I want to understand is why there isn't ever any activity on unit4000 or vlan4000 inbound or outbound counter - is this because there isn't a device on this VLAN - and that the traffic is only traversing it? And with regards to the TCP test - why is there twice as many packets on unit43-counter-in, vlan4000-counter-out and vlan43-counter-in - is this counting both the inbound and outbound traffic?

Read the article
Windows Azure Interop

- by kaleidoscope

How Windows Azure Platform is an open cloud platform. What makes it interoperable? The Windows Azure platform supports popular standards and protocols including SOAP, REST, and XML. Developers can use their preferred programming frameworks including .NET, and PHP, now. Tools such as Eclipse have been created for PHP developers for building Windows Azure applications. Now external endpoints (inbound traffic) have been enabled to worker a role, which enables applications that receive internet traffic that aren’t running under IIS. Windows Azure interoperable with Java At PDC 09, solution accelerator for Tomcat is delivered. Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies. The Windows Azure solution accelerator leverages a PDC09 feature that enable arbitrary processes to bind to inbound service endpoints. Windows Azure interoperable with PHP The Windows Azure tools for Eclipse extension builds upon the PHP Development Toolkit (PDT) and integrates Web Tools Platform (WTP) to provide a complete toolkit for Windows Azure web application development. For more details please refer to the link: http://www.microsoft.com/windowsazure/faq/ Rituraj

Read the article
Windows 2008 Routing and Remote access server - access to the internet

- by Ian

I have a windows 2008 r2 remote access server set up and running. The remote access works fine. My problem is that the remote access server itself doesn't have access to the internet. The box has two interfaces, an internal and an external. Inbound connections come in on the external interface and RRAS responds. All wall and nice. I want to be able to use windows update, browse, etc from this box but can't as the outbound traffic just gets blocked. I've tried going into the RRAS mmc tool and opening the interface properties, under which there are two buttons for inbound and outbound filters. There I tried adding ports 80 and 443, but this doesn't work completely. I can see the connection initiating (Syn goes out) but the session never establishes itself. Anyone done this or got any suggestions?

Read the article
RDP failing due to Audit Failure on the IPSec driver

- by paulwhit

I am trying to RDP into a Windows 7 Hyper-V image connected to a corporate network that publishes IPSec policies via Active Directory. I am seeing this error in the log: IPsec dropped an inbound clear text packet that should have been secured. If the remote computer is configured with a Request Outbound IPsec policy, this might be benign and expected. This can also be caused by the remote computer changing its IPsec policy without informing this computer. This could also be a spoofing attack attempt. Remote Network Address: XXX.XXX.XXX.XXX Inbound SA SPI: 0 How do I change my settings on the computer using RDP to something suitable for the domain-joined Hyper-V image?

Read the article
How can I debug Cisco Firewall ASA "Dispatch Unit" very high CPU utilisation from ASDM?

- by Andy

I have recently had my first firewall installed so I am very new to this whole situation. I am finding that Dispatch unit is becoming overloaded and it would appear to be the reason I get serious bouts of lag on my server. The firewall has had little configuration apart from me blocking all the ports in "Access Rules" and allowing only the ones the server needs and from where it needs them. I guess what I am after is assistance with locating the issues causing "Dispatch Unit" to take up all the CPU Regards --Edit-- With ASDM statistics I found that packets inbound (peak of 70-100k/sec from <1k/sec normal), traffic inbound (peak of 40-50kbits/sec from <1kbits/sec normal) and CPU all peak at the same time so I am pretty sure it is an attack of some sort but as a beginner with ASA I am not sure how to resolve

Read the article
Test-service on Internet for testing incoming INVITE

- by leiflundgren

I am trying to set up Asterisk at home. I think I'm having trouble configuring my firewall, so that inbound traffic is accepted, but I am not sure. I got the idea that, perhaps, there is a service out on the Internet, where I can, though a web-browser, initiate an incoming call, an INVITE. And then see the SIP-trace that the remote-part experience. Anyone know of such a service? Note. I have a SIP-PSTN provider so I can generate inbound calls. But I cannot see the SIP-logs from my provider...

Read the article
What firewall ports do I need to open when using FTPS?

- by anoopm

I need to access an ftps server (vsftpd) on a vendor's site. The vendor has a firewall in front of the ftps server and I have a firewall in front of my ftps client. I understand that ports 990, 991 and maybe 989 need to be opened up for control traffic. When looking at it from the vendor's firewall perspective, should these ports be opened up for both inbound and outbound traffic? What about ports for the DATA channel? Do I have to open all ports above 1000? And should I do it for both inbound and outbound traffic? TIA for your help.

Read the article
Allowing outbound traffic with APF/iptables for OpenVZ container

- by David

I have apf installed on a OpenVZ container (proxmox 2.1). The config is pretty much vanilla and things are working. My external services like ssh and http are working. My problem is that all outbound traffic on http/https is blocked. How do I allow all outbound traffic for http/https. If I change EGF to 1 like this, all inbound and outbound traffic gets blocked EGF="1" EG_TCP_CPORTS="21,25,80,443,43,53" EG_UDP_CPORTS="20,21,53" EG_ICMP_TYPES="all" I opened a single outbound rule with the following # /usr/local/sbin/apf -a downloads.wordpress.org How do I allow all outbound traffic on http/https without blocking all traffic? Why would I allow all inbound ssh/http traffic and block all outbound traffic?

Read the article
How do I stop someone from saturating my line & wasting CPU cycles

- by JoshRibs

My web host shows inbound & outbound traffic with mrtg. I have a steady 3.5mbps inbound traffic from Nigeria. Even assuming the source IPs & destination ports are blocked with Iptables & verifying nothing is listening on those ports, will the traffic still always pass through the switch & "get" to my server (where my server wastes CPU cycles "dropping" the packets)? Assuming I was setup with a hardware firewall, the traffic would still show in mrtg assuming the firewall is behind the switch? So is there any way to stop someone from saturating your 100mbps line, if they also have a 100mbps line? Other than filing an abuse complaint with the kind folks in Nigeria?

Read the article
Load testing nginx inside AWS

- by andy

I'm trying to load test nginx running on AWS. I need to try to optimise it to handle 1Gbps of inbound traffic. Currently I've got it to peak at 85Mbit/s by running nginx on an m1.large with 4 other machines hitting it by using ab with -i (for head requests) -k (keepalives) -r (ignore failed requests) -n 500000 -c 20000. I'm struggling to generate more than 85 Mbit/s traffic from 4 machines, yet when I do scp a large file I get nearly 0.25Gbit/s of traffic going over the network. Are there any tools or approaches that I could use to load test nginx that might generate more load? I'm only interested in inbound traffic, so perhaps a DoS tool could help if it chucks away responses? I'm hitting a very small (40 byte) static asset, and have peaked at handling 50K concurrent connections and getting 25k reqs/s when just using a single load generator machine.

Read the article
AS11 Oracle B2B Sync Support - Series 2

- by sinkarbabu.kirubanithi

In the earlier series, we discussed about how to model "Sync Support" in Oracle B2B. And, we haven't discussed how the response can be consumed synchronously by the back-end application or initiator of sync request. In this sequel, we will see how we can extend it to the SOA composite applications to model the end-to-end usecase, this would help the initiator of sync request to receive the response synchronously. Series 2 - is little lengthier for blog standards so be prepared before you continue further :). Let's start our discussion with a high-level scenario where one need to initiate a synchronous request and get response synchronously. There are various approaches available, we will see one simplest approach here. Components Involved: 1. Oracle B2B 2. Oracle JCA JMS Adapter 3. Oracle BPEL 4. All of the above are wrapped up in a single SOA composite application. Oracle B2B: Skipping the "Sync Support" setup part in B2B, as we have already discussed that in the earlier series 1. Here we have provided "Sync Support" samples that can be imported to B2B directly and users can start testing the same in few minutes. Initiator Sample: This requires two JMS queues to be created, one for B2B to receive initial outbound sync request and the other is for B2B to deliver the incoming sync response to the back-end. Please enable "Use JMS Id" option in both internal listening and delivery channels. This would enable JCA JMS Adapter to correlate the initial B2B request and response and in turn it would be returned as synchronous response of BPEL. Internal Listening Channel Image: Internal Delivery Channel Image: To get going without much challenges, just create queues in Weblogic with the JNDI mentioned in the above two screenshots. If you want to use different names, then you may have to change the queue jndi names in sample after importing it into B2B. Here are the Queue related JNDI names used in the sample, 1. Internal Listening Channel Queue details, Name: JNDI Name: jms/b2b/syncreplyqueue 2. Internal Delivery Channel Queue details, Name: JNDI Name: jms/b2b/syncrequestqueue Here is the Initiator Sample Acme.zip Note: You may have to adjust the ip address of GlobalChips endpoint in the Delivery Channel. Responder Sample: Contains B2B meta-data and the Callout. Just import the sample and place the callout binary under "/tmp/callout" directory. If you choose to use a different location for callout, then you may have to change the same in B2B Configuration after importing the sample. Here are the artifacts, 1. Callout Source SampleCallout.java 2. Callout Binary sample-callout.jar 3. Responder Sample GlobalChips.zip Callout Details: Just gives the static response XML that needs to be sent back as response for the inbound sync request. For a sample purpose, we have given static response but in production you may have to invoke a web service or something similar to get the response. IMPORTANT NOTE: For Sync Support use case, responder is not expected to deliver the inbound sync request to backend as the process of delivering and getting the response from backend are expected from the Callout. This default behavior can be overridden by enabling the config property "b2b.SyncAppDelivery=true" in B2B config mbean (b2b-config.xml). This makes B2B to deliver the inbound sync request to be delivered to backend queue but the response to be sent to remote caller still has to come from Callout. 2. Oracle JCA JMS Adapter: On the initiator side, we have used JCA JMS Request/Reply pattern to send/receive the synchronous message from B2B. 3. Oracle BPEL: Exposes WS-SOAP Endpoint that takes payload as input and passes the same to B2B and returns the synchronous response of B2B as SOAP response. For outside world, it looks as if it is the synchronous web service endpoint but under the cover it uses JMS to trigger/initiate B2B to send and receive the synchronous response. 4. Composite application: All the components discussed above are wired in SOA composite application that helps to model a end-to-end synchronous use case. Here's the composite application sca_B2BSyncSample_rev1.0.jar, you may just deploy this to your AS11 SOA to make use of it. For any editing, you can just import the project in your JDEV under any SOA Application. Here are the composite application screenshots, Composite Application: BPEL With JCA JMS Adapter (Request/Reply):

Read the article
BizTalk Server Threading in Receive Pipelines

- by ToxicAvenger

I am building custom pipeline components for receive pipelines in BizTalk Server (2006 and 2009). I am building the components in a streaming fashion. My question: for any single inbound message, if I have a disassembling component, when I create n messages from a single inbound message, will the message agent always use a single thread when reading the (body) streams and persisting the messages to the message box? I would think so, but confirmation would be helpful. Say if I create five messages in the disassembler, will any of these messages be persisted sequentially from the same thread? Or could these messages be processed in parallel?

Read the article
iptables not allowing mysql connections to aliased ips?

- by Curtis

I have a fairly simple iptables firewall on a server that provides MySQL services, but iptables seems to be giving me very inconsistent results. The default policy on the script is as follows: iptables -P INPUT DROP I can then make MySQL public with the following rule: iptables -A INPUT -p tcp --dport 3306 -j ACCEPT With this rule in place, I can connect to MySQL from any source IP to any destination IP on the server without a problem. However, when I try to restrict access to just three IPs by replacing the above line with the following, I run into trouble (xxx=masked octect): iptables -A INPUT -p tcp --dport 3306 -m state --state NEW -s 208.XXX.XXX.184 -j ACCEPT iptables -A INPUT -p tcp --dport 3306 -m state --state NEW -s 208.XXX.XXX.196 -j ACCEPT iptables -A INPUT -p tcp --dport 3306 -m state --state NEW -s 208.XXX.XXX.251 -j ACCEPT Once the above rules are in place, the following happens: I can connect to the MySQL server from the .184, .196 and .251 hosts just fine as long as am connecting to the MySQL server using it's default IP address or an IP alias in the same subnet as the default IP address. I am unable to connect to MySQL using IP aliases that are assigned to the server from a different subnet than the server's default IP when I'm coming from the .184 or .196 hosts, but .251 works just fine. From the .184 or .196 hosts, a telnet attempt just hangs... # telnet 209.xxx.xxx.22 3306 Trying 209.xxx.xxx.22... If I remove the .251 line (making .196 the last rule added), the .196 host still can not connect to MySQL using IP aliases (so it's not the order of the rules that is causing the inconsistent behavior). I know, this particular test was silly as it shouldn't matter what order these three rules are added in, but I figured someone might ask. If I switch back to the "public" rule, all hosts can connect to the MySQL server using either the default or aliased IPs (in either subnet): iptables -A INPUT -p tcp --dport 3306 -j ACCEPT The server is running in a CentOS 5.4 OpenVZ/Proxmox container (2.6.32-4-pve). And, just in case you prefer to see the problem rules in the context of the iptables script, here it is (xxx=masked octect): # Flush old rules, old custom tables /sbin/iptables --flush /sbin/iptables --delete-chain # Set default policies for all three default chains /sbin/iptables -P INPUT DROP /sbin/iptables -P FORWARD DROP /sbin/iptables -P OUTPUT ACCEPT # Enable free use of loopback interfaces /sbin/iptables -A INPUT -i lo -j ACCEPT /sbin/iptables -A OUTPUT -o lo -j ACCEPT # All TCP sessions should begin with SYN /sbin/iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP # Accept inbound TCP packets (Do this *before* adding the 'blocked' chain) /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow the server's own IP to connect to itself /sbin/iptables -A INPUT -i eth0 -s 208.xxx.xxx.178 -j ACCEPT # Add the 'blocked' chain *after* we've accepted established/related connections # so we remain efficient and only evaluate new/inbound connections /sbin/iptables -N BLOCKED /sbin/iptables -A INPUT -j BLOCKED # Accept inbound ICMP messages /sbin/iptables -A INPUT -p ICMP --icmp-type 8 -j ACCEPT /sbin/iptables -A INPUT -p ICMP --icmp-type 11 -j ACCEPT # ssh (private) /sbin/iptables -A INPUT -p tcp --dport 22 -m state --state NEW -s xxx.xxx.xxx.xxx -j ACCEPT # ftp (private) /sbin/iptables -A INPUT -p tcp --dport 21 -m state --state NEW -s xxx.xxx.xxx.xxx -j ACCEPT # www (public) /sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT /sbin/iptables -A INPUT -p tcp --dport 443 -j ACCEPT # smtp (public) /sbin/iptables -A INPUT -p tcp --dport 25 -j ACCEPT /sbin/iptables -A INPUT -p tcp --dport 2525 -j ACCEPT # pop (public) /sbin/iptables -A INPUT -p tcp --dport 110 -j ACCEPT # mysql (private) /sbin/iptables -A INPUT -p tcp --dport 3306 -m state --state NEW -s 208.xxx.xxx.184 -j ACCEPT /sbin/iptables -A INPUT -p tcp --dport 3306 -m state --state NEW -s 208.xxx.xxx.196 -j ACCEPT /sbin/iptables -A INPUT -p tcp --dport 3306 -m state --state NEW -s 208.xxx.xxx.251 -j ACCEPT Any ideas? Thanks in advance. :-)

Read the article
SEO made easy with IIS URL Rewrite 2.0 SEO templates

- by The Official Microsoft IIS Site

A few weeks ago my team released the version 2.0 of the URL Rewrite for IIS . URL Rewrite is probably the most powerful Rewrite engine for Web Applications. It gives you many features including Inbound Rewriting (ie. Rewrite the URL, Redirect to another URL, Abort Requests, use of Maps, and more), and in Version 2.0 it also includes Outbound Rewriting so that you can rewrite URLs or any markup as the content is being sent back even if its generated using PHP, ASP.NET or any other technology. It also...(read more)

Read the article
Easy SEO For Beginners

This may sound surprising but SEO experts find that getting links from other websites is just as important (if not more) as on page factors such as actual content. Imagine that, inbound links more powerful or meaningful than actual content.

Read the article
NoFollow and DoFollow Blog - Comment Links Affect Search Engine Optimization

Many sellers of information products leave comments on blogs, especially popular ones with high Google PageRank, thinking that they are getting those good inbound links to their sites. But there's a problem. Most blogs put a "No Follow" tag in the link to your website. Sure, readers can click on it and check you out, and that's a good thing. But you get no SEO benefit.

Read the article
OSB 11g & SAP – Single Channel/Program ID for Multiple IDOCs

- by Shub Lahiri, A-Team

Background This note is a supplement to the blog entry, SOA 11g & SAP – Single Channel/Program ID for Multiple IDOCs by Greg Mally. Greg has shown how a single SOA Suite composite can be used with iWay Adapters to receive multiple IDOC types via a single channel in the adapter, corresponding to a single programID on the SAP system. We will try to address the same requirements within the OSB framework here. Project Built - Design Time The basic build of an OSB project with iWay SAP Adapter, as seen in another entry in this blog, consists of working in OSB Design console and Application Explorer. OSB Design Time - Part 1 We will create a placeholder project first in OSB with a proper directory structure, so that we can export the WSDL, XSD and the JCA binding information from Application Explorer directly into this project. Application Explorer - iWay Design Time Tool Receiving IDOCs is classified as an inbound event within Application Explorer. For setting up events, a channel is first defined (e.g. iDoc_Channel) using the same PROGRAMID (RFC destination), as defined within SAP for the OSB server. Next, the same channel is used to export the JCA Inbound Event artifacts for the candidate IDOC, e.g. DEBMAS06 directly to the pre-created OSB project. Note that the validation for schema has been turned off. As a result, this will allow the adapter, at runtime, to use a single channel to receive multiple IDOC types from SAP and pass them on to the OSB runtime engine without any validation. In other words, we do not have to repeat the above step for each IDOC type. OSB Design Time - Part 2 Create 2 simple XML based Business Services to write to a file, e.g. SAP_DEBMAS_File and SAP_MATMAS_File. Next, generate a Proxy Service using the JCA binding file exported from Application Explorer in the previous section. In the generated proxy service, edit the message flow and add a route node. Add a routing table in the route node with the following routing function. fn:local-name-from-QName(fn:node-name($body/*[1])) This function takes advantage of the fact that the XML payload at runtime, after translation by adapter, has the IDOC type as the top element. With the routing function in place, build the routing table to add 2 branches to route the IDOCs to the appropriate Business Service for writing the XML payload to files in separate directories. This completes the build of the OSB project. Testing - Run-Time After deployment and activation, the SAP adapter will wait to receive multiple types of IDOCs sent from the SAP system using a single channel. Upon receipt of the IDOCs, the OSB project will route them appropriately to save the corresponding XML payloads for different IDOC types in different directories.

Read the article
Essence of Anchor Text

It is significant to utilize anchor text in order to improve search engine ranking. Anchor text is directly correlated with inbound links. If you are leaving comments to blogs or submit articles with link, make use of anchor text and not the URL only.

Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >