Search Results

Search found 1370 results on 55 pages for 'nat gr'.

Page 43/55 | < Previous Page | 39 40 41 42 43 44 45 46 47 48 49 50  | Next Page >

  • use local ip and maintain ssl warning free [duplicate]

    - by Timothy Clemans
    This question already has an answer here: Loopback to forwarded Public IP address from local network - Hairpin NAT 6 answers I have a public facing website for a doctor's office for accessing the medical record. I'm using SSL. The server is at the doctor's office. When I access the website on the same network as the server I want the DNS to point to the local IP address. I don't want to do a HTTP redirect to the local ip because of the scary SSL warning. What's the recommended way of doing this?

    Read the article

  • Appropriate programming design questions.

    - by Edward
    I have a few questions on good programming design. I'm going to first describe the project I'm building so you are better equipped to help me out. I am coding a Remote Assistance Tool similar to TeamViewer, Microsoft Remote Desktop, CrossLoop. It will incorporate concepts like UDP networking (using Lidgren networking library), NAT traversal (since many computers are invisible behind routers nowadays), Mirror Drivers (using DFMirage's Mirror Driver (http://www.demoforge.com/dfmirage.htm) for realtime screen grabbing on the remote computer). That being said, this program has a concept of being a client-server architecture, but I made only one program with both the functionality of client and server. That way, when the user runs my program, they can switch between giving assistance and receiving assistance without having to download a separate client or server module. I have a Windows Form that allows the user to choose between giving assistance and receiving assistance. I have another Windows Form for a file explorer module. I have another Windows Form for a chat module. I have another Windows Form form for a registry editor module. I have another Windows Form for the live control module. So I've got a Form for each module, which raises the first question: 1. Should I process module-specific commands inside the code of the respective Windows Form? Meaning, let's say I get a command with some data that enumerates the remote user's files for a specific directory. Obviously, I would have to update this on the File Explorer Windows Form and add the entries to the ListView. Should I be processing this code inside the Windows Form though? Or should I be handling this in another class (although I have to eventually pass the data to the Form to draw, of course). Or is it like a hybrid in which I process most of the data in another class and pass the final result to the Form to draw? So I've got like 5-6 forms, one for each module. The user starts up my program, enters the remote machine's ID (not IP, ID, because we are registering with an intermediary server to enable NAT traversal), their password, and connects. Now let's suppose the connection is successful. Then the user is presented with a form with all the different modules. So he can open up a File Explorer, or he can mess with the Registry Editor, or he can choose to Chat with his buddy. So now the program is sort of idle, just waiting for the user to do something. If the user opens up Live Control, then the program will be spending most of it's time receiving packets from the remote machine and drawing them to the form to provide a 'live' view. 2. Second design question. A spin off question #1. How would I pass module-specific commands to their respective Windows Forms? What I mean is, I have a class like "NetworkHandler.cs" that checks for messages from the remote machine. NetworkHandler.cs is a static class globally accessible. So let's say I get a command that enumerates the remote user's files for a specific directory. How would I "give" that command to the File Explorer Form. I was thinking of making an OnCommandReceivedEvent inside NetworkHandler, and having each form register to that event. When the NetworkHandler received a command, it would raise the event, all forms would check it to see if it was relevant, and the appropriate form would take action. Is this an appropriate/the best solution available? 3. The networking library I'm using, Lidgren, provides two options for checking networking messages. One can either poll ReadMessage() to return null or a message, or one can use an AutoResetEvent OnMessageReceived (I'm guessing this is like an event). Which one is more appropriate?

    Read the article

  • [C#][Design] Appropriate programming design questions.

    - by Edward
    I have a few questions on good programming design. I'm going to first describe the project I'm building so you are better equipped to help me out. I am coding a Remote Assistance Tool similar to TeamViewer, Microsoft Remote Desktop, CrossLoop. It will incorporate concepts like UDP networking (using Lidgren networking library), NAT traversal (since many computers are invisible behind routers nowadays), Mirror Drivers (using DFMirage's Mirror Driver (http://www.demoforge.com/dfmirage.htm) for realtime screen grabbing on the remote computer). That being said, this program has a concept of being a client-server architecture, but I made only one program with both the functionality of client and server. That way, when the user runs my program, they can switch between giving assistance and receiving assistance without having to download a separate client or server module. I have a Windows Form that allows the user to choose between giving assistance and receiving assistance. I have another Windows Form for a file explorer module. I have another Windows Form for a chat module. I have another Windows Form form for a registry editor module. I have another Windows Form for the live control module. So I've got a Form for each module, which raises the first question: 1. Should I process module-specific commands inside the code of the respective Windows Form? Meaning, let's say I get a command with some data that enumerates the remote user's files for a specific directory. Obviously, I would have to update this on the File Explorer Windows Form and add the entries to the ListView. Should I be processing this code inside the Windows Form though? Or should I be handling this in another class (although I have to eventually pass the data to the Form to draw, of course). Or is it like a hybrid in which I process most of the data in another class and pass the final result to the Form to draw? So I've got like 5-6 forms, one for each module. The user starts up my program, enters the remote machine's ID (not IP, ID, because we are registering with an intermediary server to enable NAT traversal), their password, and connects. Now let's suppose the connection is successful. Then the user is presented with a form with all the different modules. So he can open up a File Explorer, or he can mess with the Registry Editor, or he can choose to Chat with his buddy. So now the program is sort of idle, just waiting for the user to do something. If the user opens up Live Control, then the program will be spending most of it's time receiving packets from the remote machine and drawing them to the form to provide a 'live' view. 2. Second design question. A spin off question #1. How would I pass module-specific commands to their respective Windows Forms? What I mean is, I have a class like "NetworkHandler.cs" that checks for messages from the remote machine. NetworkHandler.cs is a static class globally accessible. So let's say I get a command that enumerates the remote user's files for a specific directory. How would I "give" that command to the File Explorer Form. I was thinking of making an OnCommandReceivedEvent inside NetworkHandler, and having each form register to that event. When the NetworkHandler received a command, it would raise the event, all forms would check it to see if it was relevant, and the appropriate form would take action. Is this an appropriate/the best solution available? 3. The networking library I'm using, Lidgren, provides two options for checking networking messages. One can either poll ReadMessage() to return null or a message, or one can use an AutoResetEvent OnMessageReceived (I'm guessing this is like an event). Which one is more appropriate?

    Read the article

  • virtualbox, MAAS: help needed

    - by Roberto Attias
    Ok, I made some progress wrt the original question (still below). I found /etc/maas/dhcpd.conf contained option domain-name-servers 10.0.3.15, and changed it to 192.168.0.11. After restarting the daemon, I now see "node" getting the right DNS, unfortunately this doesn't fix the main problem, which I believe is the reference to 169.254.169.254. It does introduce a new question: while the remaining information from /etc/maas/dhcp.conf is present in the maas GUI, there is no field to enter the dns address. Why? Anyway, my original problem still stands... Any idea? Original question follows. In VirtualBox, I have: master VM: ubuntu 12.04.3 server eth0: Internal Network, IP= 192.168.0.11 eth1: NAT, IP= 10.0.3.15 eth2: Host-only, IP= 192.168.56.102 running MAAS region and cluster controlller, with DHCP and DNS enabled node VM: eth0: Internal Network node VM boots in PXEboot. DHCP succeeds, and the boot process starts, but during boot I see some issues. One of them is "disk drive not ready yet or not present" for / and /tmp. I've googled this issue, and some people say it happens when the fisical disk is a SSD, which is my case. Anywaythe system seems to recover from this eventually. Immediately after it starts printing a lot of messages of the form: 2013-10-01 16:52:37,142 - url_helper.py[WARNING]: Calling 'http://169.254.168.254/2009-04-04/meta-data/instance-id failed [x/y]: url error [[Errno 113] No route to host] That IP address is clearly bogous, not sure where it came from. Before that point, I had seen the following network configuration: address: 192.168.0.100 broadcast: 192.168.0.255 netmask: 255.255.255.0 gateway: 192.168.0.1 dns0 : 10.0.3.15 dns1 : 0.0.0.0 Not sure if related, but the dns doesn't seem right, as node doesn't have an interface to reach 10.0.3.15. If that's the problem, what should I change to have the DNS point to 192.168.0.11? Thanks, Roberto

    Read the article

  • Set up a GUI managed stateful filtering firewall?

    - by Azendale
    What ways are there of setting up a stateful filtering* firewall whose rules can be managed by a GUI? Can GUFW do it? FireStarter? (or should that be avoided because it is supposedly no longer updated?) *By filtering, I'm mean the traffic I am setting rules up for is not destined for this computer. It is either from or to other computers on my LAN. Say, for (a simplified, hypothetical) example: I have an ethernet connection at my dorm that I have plugged into eth0. It gets an address of 192.168.1.185 and I also have 192.168.185.0/24 routed to me, so I don't have to do any NAT. I have a hub attached to my second ethernet port (eth1) with a few Windows computers and I give addresses out of my 192.168.185.0/24 block with DHCP. How can I use my Ubuntu box to block incoming connections from eth0 that are being routed to my Windows computers and let through just a few specific ports (so fellow students can't see what files my Windows boxes are sharing via SMB)?

    Read the article

  • Trying to Host Server for External Access - Apache, VirtualBox & Portforwarding

    - by Tspoon
    Banging my head on the wall at this stage.... trying to host my Apache site on Ubuntu 12.10 with VirtualBox. Running Windows 8 host. Things I've done: Ensured Apache is listening on ports 80, 443 and 8080 (for thoroughness) tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 3355/httpd tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 3355/httpd tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 3355/httpd tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 681/sshd VM is using bridged network connection Assigned a static IP to my Ubuntu VM, which can be accessed fine from within network. Forwarded TCP ports 80, 8080, 443 on the static IP of VM on my router Given my VM a static NAT Address Turned off Ubuntu firewall and router firewall Read on forums that my ISP (Eircom) allow port 80 to be used And I still can't access my site using the WAN/External IP (checked internally and using CanYouSeeMe.org). It says all the ports I mentioned are closed. I'm really at a loss of what to try next... Am I missing something silly here? Note: I haven't assigned a static IP address within the router, on within the VM. And DHCP server is enabled. Is that bad?

    Read the article

  • links for 2010-12-15

    - by Bob Rhubart
    Pravin Janardanam: Security in OBIEE 11g, Part 1 Guest blogger Pravin Janardanam kicks off a two-part series in which he tackles the differences in security between OBIEE 11g and 10g, and provides some hints on security migration from a 10g environment. (tags: oracle otn businessintelligence obiee) HttpClusterServlet Configuration (Weblogic Server Acting as a Proxy) Quick tips from Divay Dureja. (tags: oracle weblogic servlet configuration) Accelerating Deployment of Virtualized Infrastructures with the Oracle VM Blade Cluster Reference Configuration "The Oracle VM blade cluster reference configuration is a single-vendor solution that addresses every layer of the virtualization stack with Oracle hardware and software components." - from the white paper. (tags: oracle otn oraclevm virtualization) A SOA Safari (Antony Reynolds' Blog) SOA author Antony Reynolds shares links to some of his favorite SOA titles available for reading on Safari. (tags: oracle otn soa) Using Crossbow and Solaris 11 Express Zones for a single machine proof of concept environment with Puppet "My last blog entry was about my debugging experience with Puppet and promise to share the setup that I used. I now follow up that previous entry with this one which describes my Crossbow + NAT + S11 Zones proof of concept." - Michael Tin (tags: oracle solaris crossbow) @myfear: One thing you did not know about Java EE class loading in GlassFish 2.x "Be careful migrating apps from one app server to the other. And don't expect to have a strong hierarchical class loader in place. That is especially true for GF 2.x class loading." Oracle ACE Director Markus Eisele (tags: oracle otn oracleace java glassfish weblogic)

    Read the article

  • Setting up shared connection

    - by Calvin Froedge
    I have a network that is connected to the internet via a switch connected to a router. I have it setup like this so I can work on the new network without causing problems on the old. Anyway, I'm trying to enable internet connection sharing. Internet comes to server like this: Modem - Router - Switch - Ubuntu 11.10 (Eth0) I want to share the connection through Eth1 (Eth1 - Managed Switch - Clients). Here is my config for /etc/network/interfaces: I have a DHCP server running on Eth1. Here is my config: ddns-update-style none; option domain-name "myserver.local"; option domain-name-servers 192.168.1.2, 8.8.8.8; default-lease-time 600; max-lease-time 7200; authoritative; subnet 192.168.1.0 netmask 255.255.255.0 { interface eth1; range 192.168.1.3 192.168.1.254; option routers 192.168.1.1; option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; } Here is /etc/network/interfaces: # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet dhcp #Used for internal network auto eth1 iface eth1 inet static address 192.168.1.2 netmask 255.255.255.0 broadcast 192.168.1.255 network 192.168.1.0 Here is /etc/hosts: 127.0.0.1 localhost 127.0.1.1 myserver.isp.com server 192.168.1.2 server.myserver.local server myserver.local In /etc/sysctl.conf, I've set the following: net.ipv4.ip_forward=1 Finally, in /etc/rc.local, I've set the following: /sbin/iptables -P FORWARD ACCEPT /sbin/iptables --table nat -A POSTROUTING -o eth1 -j MASQUERADE When I ping 8.8.8.8 (google's DNS) from a client that is authenticated with my DHCP server (they have been assigned a local ip, like 192.168.1.10), I get a timeout. How can I debug this further to figure out where my problem is?

    Read the article

  • Playing Age of Empires II multiplayer in VirtualBox Over wi fi network

    - by Gaurav_Java
    I installed Age of Empires II (Expansion) in VirtualBox (hosting Windows XP). It works great in single player mode. Unfortunately, I tried playing multiplayer via WI-FI which I created on my Ubuntu machine and can't seem to join games. But when I connected to my WI-FI router other able to connect to my system and we can play multiplayer mode This is what I've done so far to try to resolve the issue: I noticed that the IP address of my virtual machine was 10.0.x.x, While the local IP on Ubuntu is 192.168.x.x, which I figured was a Problem. So I changed from NAT networking to bridged networking in VirtualBox . I turned off the Windows firewall in the virtual machine and don't have any ports blocked by Ubuntu, so no software firewall should be at fault. However I'm still unable to play multiplayer games, and suspect that some kind of networking issue lies at the heart of the problem. I'm not sure what else I would need to change, however. So essentially I was wondering if anyone else here has managed to play AOE2, or any similar game, inside VirtualBox from Ubuntu, and if so what you needed to do to make it possible. Or if anyone has suggestions on where else to look to figure out the problem, I'd appreciate that as well. Unfortunately AOE2 itself doesn't provide any debugging information to troubleshoot the inability to connect to network games. Here MY IP result both for Ubuntu and Virtualbox XP I want to play game on multiplayer mode in virtualbox on my system(Own Created on Ubuntu ) wi-fi on which other can connect and play hope someone will answer this

    Read the article

  • Seeking an C/C++ OBJ geometry read/write that does not modify the representation

    - by Blake Senftner
    I am seeking a means to read and write OBJ geometry files with logic that does not modify the geometry representation. i.e. read geometry, immediately write it, and a diff of the source OBJ and the one just written will be identical. Every OBJ writing utility I've been able to find online fails this test. I am writing small command line tools to modify my OBJ geometries, and I need to write my results, not just read the geometry for rendering purposes. Simply needing to write the geometry knocks out 95% of the OBJ libraries on the web. Also, many of the popular libraries modify the geometry representation. For example, Nat Robbin's GLUT library includes the GLM library, which both converts quads to triangles, as well as reverses the topology (face ordering) of the geometry. It's still the same geometry, but if your tool chain expects a given topology, such as for rigging or morph targets, then GLM is useless. I'm not rendering in these tools, so dependencies like OpenGL or GLUT make no sense. And god forbid, do not "optimize" the geometry! Redundant vertices are on purpose for maintaining oneself on cache with our weird little low memory mobile devices.

    Read the article

  • Oracle Traffic Director – download and check out new cool features in 11.1.1.7.0 by Frances Zhao

    - by JuergenKress
    As Oracle's strategic layer-7 software load balancer product, Oracle Traffic Direct is fast, reliable, secure, easy-to-use and scalable; that you can deploy as the reliable entry point for all TCP, HTTP and HTTPS traffic to application servers and web servers in your network. The latest release Oracle Traffic Director 11.1.1.7.0 is available for ExaLogic and Database Appliance! For download and details please visit the Traffic Director OTN website. It this release, we have introduced some major new functionality and improvements. Web application firewall. Oracle Traffic Director supports web application firewalls. A web application firewall (WAF) is a filter or server plugin that applies a set of rules, called rule sets, to an HTTP request. Using a web application firewall, users can inspect traffic and deny requests to protect back-end applications from CSRF vulnerabilities and common attacks such as cross-site scripting. WebSocket Connections. Oracle Traffic Director handles WebSocket connections by default. WebSocket connections are long-lived and allow support for live content, games in real-time, video chatting, and so on. Support for LDAP/T3 Load Balancing. Oracle Traffic Director now supports basic LDAP/T3 load balancing at layer 7, where requests are handled as generic TCP connections for traffic tunneling. It works in full-NAT mode. Please download and try it out. For more information, check out the data sheet and the documentation. For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center. Blog Twitter LinkedIn Mix Forum Wiki Technorati Tags: traffic director,WebLogic Community,Oracle,OPN,Jürgen Kress

    Read the article

  • Keeping files that are often changed in sync between desktop and laptop

    - by N.N.
    I'm looking for a way to keep a desktop and a laptop in sync. What I want to keep in sync are some folders, mainly ~/Documents, that are changed often when working on them. If it matters I can connect to my desktop from anywhere via an URL but my laptop is harder to access since it might be behind NAT and such. I have been looking at Ubuntu One but it seems to not go well with working on documents written in LaTeX. If I work on a .tex file in the Ubuntu One directory and compile it (with pdflatex) every now and then (as often as every 10 sec when working) it will create several new files including a pdf which are uploaded to Ubuntu One and this seems stupid since it will create continuous upload when working on .tex files. I also usually keep .tex documents version controlled by git and then every commit (which also can happen frequently) will cause upload (by changes in ./.git) so that it happens continuously when working. Another example is editing images that are saved often. What I think would be best is for sync to happen every tenth minute or at the end of every working session (but there might be some other way to handle this?).

    Read the article

  • 12.10 Wireless hotspot configuration and internet browsing - question

    - by Indian
    In our campus we have a leased line connection from a service provider, which has an external IP W.X.Y.Z. This connection is distributed from the server several sub-networks / subnets as follows: Faculty: 172.33....../ 255.255.0.0 Administration: 172.34......./255.255.255.0 Students: 172.35...../255.255.216.0 A student has a laptop with a fixed IP address 172.35.23.123 / 255.255.216.0 where the IP address is on the ethernet port. The gateways for internet access are 172.31.1.1 and 172.31.1.2. Further the student has a wireless port which is inaccessible in the hostel area. The OS of the student is Ubuntu 12.10. The student in the possession of an android phone on which he wishes to install specific software and therefore wishes to activate the internet therein. The student has already attempted the Wireless hotspot solution which works for 12.04 but has not been successful. Various instructions on the internet have helped the student to do the following Installation of dhcp server and hostapd: sudo apt-get install isc-dhcp-server sudo apt-get install hostapd File: /etc/network/interfaces auto lo iface lo inet loopback auto wlan0 iface wlan0 inet static address 10.10.0.1 netmask 255.255.255.0 dns-nameservers 172.31.1.1 172.31.1.2 File: /etc/dhcp/dhcpd.conf subnet 10.10.0.0 netmask 255.255.255.0 { range 10.10.0.2 10.10.0.4; option routers 10.10.0.1; option domain-name-servers 172.31.1.1 172.31.1.2; default-lease-time 6000; max-lease-time 72000; } File: /etc/hostapd/hostapd.conf interface=wlan0 driver=nl80211 ssid=my_hotspot channel=1 hw_mode=g auth_algs=1 wpa=3 wpa_passphrase=1234567890 wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP CCMP rsn_pairwise=CCMP File: /etc/default/hostapd RUN_DAEMON=”yes” DAEMON_CONF=”/etc/hostapd/hostapd.conf” DAEMON_OPTS=”-dd” File: /etc/default/isc-dhcp-server INTERFACES=”wlan0” File: /etc/rc.local iptables -t nat -A POSTROUTING -s 10.10.0.0/16 -o eth0 -j MASQUERADE exit 0 After all the configuration, the computer is restarted. The student can see that the hotspot named “my_hotspot” is available. The hotspot also awards an address to the android phone. The student will now be able to browse the internet.

    Read the article

  • Set up a GUI managed firewall for other machines?

    - by Azendale
    What ways are there of setting up a firewall for traffic routed for other machines whose rules can be managed by a GUI? Can GUFW do it? FireStarter? (or should that be avoided because it is supposedly no longer updated?) *By filtering, I'm mean the traffic I am setting rules up for is not destined for this computer. It is either from or to other computers on my LAN. Say, for (a simplified, hypothetical) example: I have an ethernet connection at my dorm that I have plugged into eth0. It gets an address of 192.168.1.185 and I also have 192.168.185.0/24 routed to me, so I don't have to do any NAT. I have a hub attached to my second ethernet port (eth1) with a few Windows computers and I give addresses out of my 192.168.185.0/24 block with DHCP. How can I use my Ubuntu box to block incoming connections from eth0 that are being routed to my Windows computers and let through just a few specific ports (so fellow students can't see what files my Windows boxes are sharing via SMB)?

    Read the article

  • What You Said: How Do You Browse Securely Away From Home?

    - by Jason Fitzpatrick
    Responses to this week’s Ask the Reader question show that just because you’re away from home doesn’t mean you have to give up the security and privacy that your home network provides. Earlier this week we asked you to share you browsing away from home security tips and tricks and obliged. JC offered one of the more entertaining tales of away-from-home browsing: Recently a bunch of us stayed at a high end resort down in Mexico. Internet was offered as a pay per device service at about $80/week/device. Considering we had about 12 wifi devices there among us(a few geeks), I decided to plan ahead. I setup a WRT54G as a WiFi client with a vpn back to my house and NAT. Setup a second one as a basic wireless access point with password and plugged it into the first. Onsite we setup the devices and connected to the wireless with one paid account(tied to the MAC address). Everyone connected to the other device for wireless access and it was all tunnelled through my home network with encryption. HTG Explains: Learn How Websites Are Tracking You Online Here’s How to Download Windows 8 Release Preview Right Now HTG Explains: Why Linux Doesn’t Need Defragmenting

    Read the article

  • Iptables working strangely

    - by user109985
    I have Ubuntu 12.04 x64 installed in my laptop. I'm quite new to linux, and I wanted to specify certain rules for the iptables firewall. This is the saved config of my iptables: *mangle :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT *nat :PREROUTING ACCEPT [0:0] :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -A PREROUTING -p tcp -m tcp --dport 3306 -j DNAT --to-destination 192.168.1.100:3306 -A PREROUTING -p tcp -m tcp --dport 11002 -j DNAT --to-destination 192.168.1.100:11002 -A PREROUTING -p tcp -m tcp --dport 13000 -j DNAT --to-destination 192.168.1.100:13000 -A PREROUTING -p tcp -m tcp --dport 13001 -j DNAT --to-destination 192.168.1.100:13001 -A PREROUTING -p tcp -m tcp --dport 13002 -j DNAT --to-destination 192.168.1.100:13002 -A PREROUTING -p tcp -m tcp --dport 13003 -j DNAT --to-destination 192.168.1.100:13003 -A PREROUTING -p tcp -m tcp --dport 13004 -j DNAT --to-destination 192.168.1.100:13004 -A PREROUTING -p tcp -m tcp --dport 13061 -j DNAT --to-destination 192.168.1.100:13061 -A PREROUTING -p tcp -m tcp --dport 13099 -j DNAT --to-destination 192.168.1.100:13099 -A POSTROUTING -j MASQUERADE COMMIT *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT COMMIT In theory, what it does is to drop all connections in all ports except for http, mysql and few other ports. Moreover, it redirects all mysql and 13000-13004..etc port connections to a specific local ip in the same port, which is 192.168.1.100. But what I find strange is that when my firewall is active, it blocks absolutely all the input connections, even those which must not block (http, mysql). In fact, I'm literally blocked and I can't establish any external connection. What am I doing wrong? PS: I tested the firewall without those redirections, and it still block all inputs, so I suppose it's not the problem.

    Read the article

  • Compiler optimization causing the performance to slow down

    - by aJ
    I have one strange problem. I have following piece of code: template<clss index, class policy> inline int CBase<index,policy>::func(const A& test_in, int* srcPtr ,int* dstPtr) { int width = test_in.width(); int height = test_in.height(); double d = 0.0; //here is the problem for(int y = 0; y < height; y++) { //Pointer initializations //multiplication involving y //ex: int z = someBigNumber*y + someOtherBigNumber; for(int x = 0; x < width; x++) { //multiplication involving x //ex: int z = someBigNumber*x + someOtherBigNumber; if(soemCondition) { // floating point calculations } *dstPtr++ = array[*srcPtr++]; } } } The inner loop gets executed nearly 200,000 times and the entire function takes 100 ms for completion. ( profiled using AQTimer) I found an unused variable double d = 0.0; outside the outer loop and removed the same. After this change, suddenly the method is taking 500ms for the same number of executions. ( 5 times slower). This behavior is reproducible in different machines with different processor types. (Core2, dualcore processors). I am using VC6 compiler with optimization level O2. Follwing are the other compiler options used : -MD -O2 -Z7 -GR -GX -G5 -X -GF -EHa I suspected compiler optimizations and removed the compiler optimization /O2. After that function became normal and it is taking 100ms as old code. Could anyone throw some light on this strange behavior? Why compiler optimization should slow down performance when I remove unused variable ? Note: The assembly code (before and after the change) looked same.

    Read the article

  • Multiple Configuration Sources for Enterprise Library 4.1?

    - by Martijn B
    Hi All, We use the caching and logging application blocks from entlib 4.1. We want to keep the configuration of those two in seperate files. How can we achieve this? It looks like entlib is always using the selectedSource as it configuration. I tried the following: <?xml version="1.0" encoding="utf-8" ?> <configuration> <configSections> <section name="enterpriseLibrary.ConfigurationSource" type="Microsoft.Practices.EnterpriseLibrary.Common.Configuration.ConfigurationSourceSection, Microsoft.Practices.EnterpriseLibrary.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=9057346a2b2dcfc8" /> </configSections> <enterpriseLibrary.ConfigurationSource selectedSource="messagesCache"> <sources> <add name="messagesCache" filePath="Configuration\\messagesCache.config" type="Microsoft.Practices.EnterpriseLibrary.Common.Configuration.FileConfigurationSource, Microsoft.Practices.EnterpriseLibrary.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=9057346a2b2dcfc8" /> <add name="logging" filePath="Configuration\\logging.config" type="Microsoft.Practices.EnterpriseLibrary.Common.Configuration.FileConfigurationSource, Microsoft.Practices.EnterpriseLibrary.Common, Version=4.1.0.0, Culture=neutral, PublicKeyToken=9057346a2b2dcfc8" /> </sources> </enterpriseLibrary.ConfigurationSource> </configuration> But this doesn't work because the application blocks always use the selectedSource attribute value. Any suggestions woulde be welcome! Gr Martijn

    Read the article

  • Images in Applet not showing in web page

    - by Leanne C
    I am trying to display a JPEG image and a moving dot on a Java applet which I am using on a web based application. However, when I run the applet it works fine, but when I display the applet from the JSP page, I get the moving dot but not the JPEG image. Is there a specific folder where the JPEG needs to be? These are the 2 methods i use for drawing the picture and the moving dot on the screen. public class mapplet extends Applet implements Runnable { int x_pos = 10; int y_pos = 100; int radius = 20; Image img, img2; Graphics gr; URL base; MediaTracker m; @Override public void init() { mt = new MediaTracker(this); try { //getDocumentbase gets the applet path. base = getCodeBase(); img = getImage(base, "picture.jpg"); m.addImage(img, 1); m.waitForAll(); } catch (InterruptedException ex) { Logger.getLogger(movement.class.getName()).log(Level.SEVERE, null, ex); } public void paint (Graphics g) { g.drawImage(img, 0, 0, this); // set color g.setColor (Color.red); // paint a filled colored circle g.fillOval (x_pos - radius, y_pos - radius, 2 * radius, 2 * radius); } The code one below is the call from the jsp page <applet archive="mapplet.jar" code="myapplets/mapplet.class" width=350 height=200> </applet> The jar file and the picture are in the same folder as the jsp page, and there is also a folder containing the contents of the class and image of the applet in the web section of the application. The applet loads fine however the picture doesn't display. I think it's not the code but the location of the picture that is causing a problem. Thanks

    Read the article

  • HTML entity encoding (convert '<' to '&lt;') on iPhone in objective-c

    - by Markus
    I'm developing an application for the iPhone that has inApp-mail sending capabilities. So far so good, but now I want to avoid html-injections as some parts of the mail are user-generated texts. Basically I search for something like this: // inits NSString *sourceString = [NSString stringWithString:@"Hello world! Grüße dich Welt <-- This is in German."]; // ----- THAT'S WHAT I'M LOOKING FOR // pseudo-code | // V NSString *htmlEncodedString = [sourceString htmlEncode]; // log NSLog(@"source string: %@", sourceString); NSLog(@"encoded string: %@", htmlEncodedString); Expected output source string: Hello world! Grüße dich Welt <-- This is in German. encoded string: Hello world! Gr&#252;&#223;e dich Welt &lt;-- This is in German. I already googled and looked through several of SO's questions and answers, but all of them seem to be related to URL-encoding and that's not what I really need (I tried stringByAddingPercentEscapesUsingEncoding with no luck - it creates %C3%BC out of an 'ü' that should be an ü). A code sample would be really great (correcting mine?)... -- Thanks in advance, Markus

    Read the article

  • How to read properties file in Greek using Java

    - by Subhendu Mahanta
    I am trying to read from a properties file which have keys in English & values in greek.My code is like this: public class I18NSample { static public void main(String[] args) { String language; String country; if (args.length != 2) { language = new String("el"); country = new String("GR"); } else { language = new String(args[0]); country = new String(args[1]); } Locale currentLocale; ResourceBundle messages; currentLocale = new Locale(language, country); messages = ResourceBundle.getBundle("MessagesBundle",currentLocale, new CustomClassLoader("E:\\properties")); System.out.println(messages.getString("greetings")); System.out.println(messages.getString("inquiry")); System.out.println(messages.getString("farewell")); } } import java.io.File; import java.net.MalformedURLException; import java.net.URL; public class CustomClassLoader extends ClassLoader { private String path; public CustomClassLoader(String path) { super(); this.path = path; } @Override protected URL findResource(String name) { File f = new File(path + File.separator + name); try { return f.toURL(); } catch (MalformedURLException e) { e.printStackTrace(); } return super.findResource(name); } } MessagesBundle_el_GR.properties greetings=??µ. ?a??et? farewell=ep?f. a?t?? inquiry=t? ???e?s, t? ???ete I am compiling like this javac -encoding UTF8 CustomClassLoader.java javac -encoding UTF8 I18Sample.java When I run this I get garbled output.If the properies file is in English,French or German it works fine. Please help. Regards, Subhendu

    Read the article

  • Error in Android's clearCheck() for RadioGroup?

    - by Manuel R. Ciosici
    I'm having an issue with RadioGroup's clearChecked(). I'm displaying a multiple choice question to the user and after the user selects an answer I check the answer, give him some feedback and then move to the next question. In the process of moving to the next question I clearCheck on the RadioGroup. Can anyone explain to me why the onCheckedChanged method is called 3 times? Once when the change actually occurs (with the user changes), once when I clearCheck(with -1 as the selected id) and once in between (with the user changes again)? As far as I could tell the second trigger is provoked by clearCheck. Code below: private void checkAnswer(RadioGroup group, int checkedId){ // this makes sure it doesn't blow up when the check is cleared // also we don't check the answer when there is no answer if (checkedId == -1) return; if (group.getCheckedRadioButtonId() == -1) return; // check if correct answer if (checkedId == validAnswerId){ score++; this.giveFeedBack(feedBackType.GOOD); } else { this.giveFeedBack(feedBackType.BAD); } // allow for user to see feedback and move to next question h.postDelayed(this, 800); } private void changeToQuestion(int questionNumber){ if (questionNumber >= this.questionSet.size()){ // means we are past the question set // we're going to the score activity this.goToScoreActivity(); return; } //clearing the check gr.clearCheck(); // give change the feedback back to question imgFeedback.setImageResource(R.drawable.question_mark); //OTHER CODE HERE } and the run method looks like this public void run() { questionNumber++; changeToQuestion(questionNumber); }

    Read the article

  • CodePlex Daily Summary for Wednesday, June 08, 2011

    CodePlex Daily Summary for Wednesday, June 08, 2011Popular ReleasesHTML-IDEx: HTML-IDEx .15 ALPHA: This release fixes line counting a little bit and adds the masshighlight() sub, which highlights pasted and inserted code.AutoLoL: AutoLoL v2.0.3: - Improved summoner spells are now displayed - Fixed some of the startup errors people got - Double clicking an item selects it - Some usability changes that make using AutoLoL just a little easier - Bug fixesVidCoder: 0.9.2: Updated to HandBrake 4024svn. This fixes problems with mpeg2 sources: corrupted previews, incorrect progress indicators and encodes that incorrectly report as failed. Fixed a problem that prevented target sizes above 2048 MB.SharePoint Search XSL Samples: SharePoint 2010 Samples: I have updated some of the samples from the 2007 release. These all work in SharePoint 2010. I removed the Pivot on File Extension because SharePoint 2010 search has refiners that perform the same function.SCCM Client Actions Tool: SCCM Client Actions Tool v0.5: SCCM Client Actions Tool v0.5 is currently the most stable version and includes all of the functionality requested so far. It comes as a ZIP file that contains three files: ClientActionsTool.hta – The tool itself. Cmdkey.exe – command line tool for managing cached credentials. This is needed for alternate credentials feature when running the HTA on Windows XP. Cmdkey.exe is natively available starting from Windows Vista. Config.ini – A configuration file for default settings. This file is...AcDown????? - Anime&Comic Downloader: AcDown????? v3.0 Beta5: ??AcDown?????????????,??????????????,????、????。?????Acfun????? ????32??64? Windows XP/Vista/7 ????????????? ??:????????Windows XP???,?????????.NET Framework 2.0???(x86)?.NET Framework 2.0???(x64),?????"?????????"??? ??v3.0 Beta5 ?????????? ???? ?? ???????? ???"????????"?? ????????????? ????????/???? ?? ???"????"??? ?? ??????????? ?? ?? ??????????? ?? ?????????????????? ??????????????????? ???????????????? ????????????Discussions???????? ????AcDown??????????????Media Companion: MC 3.405-3 latest patch: -1 Added ability to choose to rename invalid nfos to info -2 Fix for multipart episodes not showing / Fix to skip invalid nfo's during rebuild -3 If movie plot empty use outline This file is just the mediacompanion.exe It has the cutting edge bug fixes as they are fixed during the week. The patch file number will be referred to in the relevant issue tracker comment. For the latest full program, you need to download the relevant weekly plus the patch.WatchersNET.TagCloud: WatchersNET.TagCloud 02.00.01: changes Module Packages are now generated with MSBuild Added Cancel Edit Button to Cancel an Custom Tag Edit Fixed Issue #14 editing of custom tags Fixed Issue with Flash File and Google BotVFPX: GoFish 4 Beta 1: Current beta is Build 144 (released 2011-06-07 ) See the GoFish4 info page for details and video link: http://vfpx.codeplex.com/wikipage?title=GoFishOnTopReplica: Release 3.3.2: Incremental update over 3.3 and 3.3.1. Added Polish language translation (thanks to Jan Romanczyk). Added German language translation (thanks to Eric Hoffmann). Fixed some localization issues.SQL Compact Query Analyzer: Build 0.3.0.0: Beta build of SQL Compact Query Analyzer Features: - Execute SQL Queries against a SQL Server Compact Edition database - Easily edit the contents of the database - Supports SQLCE 3.1, 3.5 and 4.0 Prerequisites: - .NET Framework 4.0ShowUI: Write-UI -in PowerShell: ShowUI: ShowUI is a PowerShell module to help you write rich user interfaces in script.Babylon Toolkit: Babylon.Toolkit v1.0.4: Note about samples: In order to run samples, you need to configure visual studio to run them as an "Out-of-browser application". in order to do that, go to the property page of a sample project, go to the Debug tab, and check the "Out-of-browser application" radio. New features : New Effects BasicEffect3Lights (3 dir lights instead of 1 position light) CartoonEffect (work in progress) SkinnedEffect (with normal and specular map support) SplattingEffect (for multi-texturing with smooth ...SizeOnDisk: 1.0.8.2: With installerTerrariViewer: TerrariViewer v2.5: Added new items associated with Terraria v1.0.3 to the character editor. Fixed multiple bugs with Piggy Bank EditorySterling NoSQL OODB for .NET 4.0, Silverlight 4 and 5, and Windows Phone 7: Sterling OODB v1.5: Welcome to the Sterling 1.5 RTM. This version is backwards compatible without modification to the 1.4 beta. For the 1.0, you will need to upgrade your database. Please see this discussion for details. You must modify your 1.0 code for persistence. The 1.5 version defaults to an in-memory driver. To save to isolated storage or use one of the new mechanisms, see the available drivers and pass an instance of the appropriate one to your database (different databases may use different drivers). ...Grammar and Spell Checking Plugin for Windows Live Writer: Grammar Checker Plugin v1.0: First version of the grammar checker plugin for Windows Live Writer. You can show your appreciation for this plugin and support further development by donating via PayPal. Any amount will be appreciated. Thank you. Donatepatterns & practices: Project Silk: Project Silk Community Drop 10 - June 3, 2011: Changes from previous drop: Many code changes: please see the readme.mht for details. New "Application Notifications" chapter. Updated "Server-Side Implementation" chapter. Guidance Chapters Ready for Review The Word documents for the chapters are included with the source code in addition to the CHM to help you provide feedback. The PDF is provided as a separate download for your convenience. Installation Overview To install and run the reference implementation, you must perform the fol...Claims Based Identity & Access Control Guide: Release Candidate: Highlights of this release This is the release candidate drop of the new "Claims Identity Guide" edition. In this release you will find: All code samples, including all ACS v2: ACS as a Federation Provider - Showing authentication with LiveID, Google, etc. ACS as a FP with Multiple Business Partners. ACS and REST endpoints. Using a WP7 client with REST endpoints. All ACS specific chapters. Two new chapters on SharePoint (SSO and Federation) All revised v1 chapters We are now ...Terraria Map Generator: TerrariaMapTool 1.0.0.4 Beta: 1) Fixed the generated map.html file so that the file:/// is included in the base path. 2) Added the ability to use parallelization during generation. This will cause the program to use as many threads as there are physical cores. 3) Fixed some background overdraw.New ProjectsAmur: Amur is a programming language project that allows the team members to explore functional programming language design. The compiler will target .NET and, for now, be developed in C#.Arche: Arche makes it easier for devlopers to architecture base with code generators. It's developed in C#. Avignon: A WPF version of the board game Carcassonne.Code Exercises in C#: A few c# files to demonstrate coding abilityCows And Bulls Project: Per tutti gli sviluppatori dotNET Che vogliono ritrovarsi per parlare di qualsiasi metodologia di sviluppo Agile Il Cows And Bulls Project È un progetto CodePlex Che si pone l'obiettivo di promuovere la discussione e lo scambio di esperienze sullo sviluppo Agile del software A differenza di altri progetti open source Il nostro progetto non utilizza la comunità per migliorare il codice sorgente ma usa il codice sorgente per migliorare una comunità Grazie molte a Stefania Menocci che h...CRM 2011 Workflow Utilities: This project includes custom workflow activities for CRM 2011 which provide additional workflow steps for actions such as "delete" and "share" within the CRM Process designer. These activities can be used in both workflows and dialogs but are not supported in CRM Online. Dot Net Reflector: OPEN SOURCE AND FREE Reflector. Let it be said right now. Dot Net Reflector forever will be free and here on codeplex.Exemplo de TFS do Papo: Projeto para testar conexao do TFS com Windows Phone 7Extended WCF Discovery: Extend the WCF discovery to support: 1. Service publish its real service address - such as external IP when service is behind NAT 2. Client discovery over any network topology (behind NAT) Also (in the roadmap): Binding discovery-clients will receive the binding from the server.FileProtector: This will make it easy for any user to protect their personal files. It's developed completely using C#Fingertip detection via OpenNI: "Fingertip Detection" prject is intended to give usual PC user availability to control PC unsing only hand and finger gestures. Project is built on .NET framework. Used technologies : 1. OpenNI 2. NITE 3. EmguCVHomeData: Stores and displays data from the household.Informicus LibraryHub: 4VasiliyLifeHelper: lifehelperMaxZhang.EasyEntities: EasyEntitiesMedianamik: MedianamikMethodWorx CMS: Open Source .NET CMS for fully hosted solutions, or integration into ASP.NET and ASP.NET MVC projects. Microsoft Tag API for BlackBerry: Microsoft Tag is a compact, yet, data rich and user friendly tag system. This API allows for accessing and using Tags.MVVM Demo: A MVVM demoMyReportSL: My Report SiverlightNSS College Website: An effort to develop an open source website for NSS College, Rajakumari with the contributions from its current students and alumni...Oldies: Deletes or moves old files from current folderPhaLinks a Modern Native Lisp: PhaLinks is a modern lips with a custom VM that runs on PyPy. ProdUI: ProdUI is designed to be used when a GUI needs to be manipulated automatically (Prodded), either for testing, or to perform human UI interactions for data entry on systems that don't allow back-end access. The ProdUI toolset is developed in C#, using the UI Automation API and failing back on Win32 calls if that fails. Every attempt is made to verify that the action was actually performed, and proper notification if not.The system is designed to allow for single "off the cuff" prods, as well ...ResourceManager: A tool to allow relationships between various resources to be established and to show the effects of altering one resource on others. This is initially intended for use of keeping track of servers and licenses used by applications, but I'm hoping to leave it open to expansion.seriesCounter: SeriesCounter makes it easier for people that watch series to keep track at what episode of a series they are. You'll no longer have to remember it yourself. It's developed in C#.Shai Chi Android: Shai Chi AndroidSistemaControleMultas_LPUNICAP: Nada a declararSmarx Role: Smarx Role is a Windows Azure role that supports publishing web applications written in Node.js, Ruby, and Python. Apps are published/synchronized via Git or blob storage, allowing nearly instantaneous changes to published applications. It automatically pulls in dependent modules using each language's package manager (npm, Gem, or pip).Tetris3D: try to complete a 3D tetris cloneTrackMania WebServices SDK .NET: TrackMania WebServices SDK .NET is a .NET 4 library which provide every tools to get statistics from TrackMania ForeverTV Program Analyst: A TV program analyzing software, based on specific program log from tv stations. VB.net Roguelike: This is an attempt to make a Roguelike in VB.net. This is in it's very early stages, and any help would be appreciated! Definition of Roguelike: (from Wikipedia) The roguelike is a sub-genre of role-playing video games, characterized by randomization for replayability, permanent death, and turn-based movement. Most roguelikes feature ASCII graphics, with newer ones increasingly offering tile-based graphics. Games are typically dungeon crawls, with many monsters, items, and environmental f...Wbfs Engine: Provides a simple and easy to use library for accessing games and wbfs partitions with .NET

    Read the article

  • OpenSwan IPsec connection drops after 30 seconds

    - by drcore
    I'm trying to connection from my Linux Mint 16 box to a CloudStack server. Building up the connection works (pings work across the tunnel). However 30 seconds later the IPsec tunnel gets terminated out of the blue. What could cause this consistent behaviour and how to fix it? The tunnel is setup using OpenSwan (U2.6.38/K(no kernel code presently loaded)) with the L2TP IPsec VPN manager from Werner Jaeger 1.0.9. The client is behind a NAT'ed router and the server is on public IP (CloudStack 4.2) Running ipsec verify complains about IPsec support in kernel. Not sure if this is a problem as the connection is being build up: Checking your system to see if IPsec got installed and started correctly: Version check and ipsec on-path [OK] Linux Openswan U2.6.38/K(no kernel code presently loaded) Checking for IPsec support in kernel [FAILED] SAref kernel support [N/A] Checking that pluto is running [FAILED] whack: Pluto is not running (no "/var/run/pluto/pluto.ctl") Checking for 'ip' command [OK] Checking /bin/sh is not /bin/dash [WARNING] Checking for 'iptables' command [OK] Opportunistic Encryption Support [DISABLED] Tunnel config: version 2.0 # conforms to second version of ipsec.conf specification config setup # plutodebug="parsing emitting control private" plutodebug=none strictcrlpolicy=no nat_traversal=yes interfaces=%defaultroute oe=off # which IPsec stack to use. netkey,klips,mast,auto or none protostack=netkey conn %default keyingtries=3 pfs=no rekey=yes type=transport left=%defaultroute leftprotoport=17/1701 rightprotoport=17/1701 conn Tunnel1 authby=secret right=37.48.75.97 rightid="" auto=add Log file of VPN connection build up: aug. 23 17:12:54.708 ipsec_setup: Starting Openswan IPsec U2.6.38/K3.11.0-12-generic... aug. 23 17:12:55.155 ipsec_setup: multiple ip addresses, using 192.168.178.32 on eth0 aug. 23 17:12:55.165 ipsec__plutorun: Starting Pluto subsystem... aug. 23 17:12:55.174 ipsec__plutorun: adjusting ipsec.d to /etc/ipsec.d aug. 23 17:12:55.177 recvref[30]: Protocol not available aug. 23 17:12:55.177 xl2tpd[14339]: This binary does not support kernel L2TP. aug. 23 17:12:55.178 Starting xl2tpd: xl2tpd. aug. 23 17:12:55.178 xl2tpd[14345]: xl2tpd version xl2tpd-1.3.1 started on desktopmint PID:14345 aug. 23 17:12:55.178 xl2tpd[14345]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc. aug. 23 17:12:55.179 xl2tpd[14345]: Forked by Scott Balmos and David Stipp, (C) 2001 aug. 23 17:12:55.179 xl2tpd[14345]: Inherited by Jeff McAdams, (C) 2002 aug. 23 17:12:55.179 xl2tpd[14345]: Forked again by Xelerance (www.xelerance.com) (C) 2006 aug. 23 17:12:55.180 xl2tpd[14345]: Listening on IP address 0.0.0.0, port 1701 aug. 23 17:12:55.214 ipsec__plutorun: 002 added connection description "Tunnel1" aug. 23 17:13:15.532 104 "Tunnel1" #1: STATE_MAIN_I1: initiate aug. 23 17:13:15.532 003 "Tunnel1" #1: ignoring unknown Vendor ID payload [4f45755c645c6a795c5c6170] aug. 23 17:13:15.532 003 "Tunnel1" #1: received Vendor ID payload [Dead Peer Detection] aug. 23 17:13:15.533 003 "Tunnel1" #1: received Vendor ID payload [RFC 3947] method set to=115 aug. 23 17:13:15.533 106 "Tunnel1" #1: STATE_MAIN_I2: sent MI2, expecting MR2 aug. 23 17:13:15.534 003 "Tunnel1" #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike (MacOS X): i am NATed aug. 23 17:13:15.534 108 "Tunnel1" #1: STATE_MAIN_I3: sent MI3, expecting MR3 aug. 23 17:13:15.534 010 "Tunnel1" #1: STATE_MAIN_I3: retransmission; will wait 20s for response aug. 23 17:13:15.545 003 "Tunnel1" #1: received Vendor ID payload [CAN-IKEv2] aug. 23 17:13:15.547 004 "Tunnel1" #1: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha group=modp2048} aug. 23 17:13:15.547 117 "Tunnel1" #2: STATE_QUICK_I1: initiate aug. 23 17:13:15.547 010 "Tunnel1" #2: STATE_QUICK_I1: retransmission; will wait 20s for response aug. 23 17:13:15.548 004 "Tunnel1" #2: STATE_QUICK_I2: sent QI2, IPsec SA established transport mode {ESP=>0x0ecef28b <0x3e1fbe3b xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none} aug. 23 17:13:16.549 xl2tpd[14345]: Connecting to host <VPN gateway>, port 1701 aug. 23 17:13:18.576 xl2tpd[14345]: Connection established to <VPN gateway>, 1701. Local: 21163, Remote: 12074 (ref=0/0). aug. 23 17:13:18.576 xl2tpd[14345]: Calling on tunnel 21163 aug. 23 17:13:18.577 xl2tpd[14345]: check_control: Received out of order control packet on tunnel 12074 (got 0, expected 1) aug. 23 17:13:18.577 xl2tpd[14345]: handle_packet: bad control packet! aug. 23 17:13:18.577 xl2tpd[14345]: check_control: Received out of order control packet on tunnel 12074 (got 0, expected 1) aug. 23 17:13:18.577 xl2tpd[14345]: handle_packet: bad control packet! aug. 23 17:13:18.599 xl2tpd[14345]: Call established with <VPN gateway>, Local: 39035, Remote: 57266, Serial: 1 (ref=0/0) aug. 23 17:13:18.605 xl2tpd[14345]: start_pppd: I'm running: aug. 23 17:13:18.605 xl2tpd[14345]: "/usr/sbin/pppd" aug. 23 17:13:18.606 xl2tpd[14345]: "passive" aug. 23 17:13:18.606 xl2tpd[14345]: "nodetach" aug. 23 17:13:18.606 xl2tpd[14345]: ":" aug. 23 17:13:18.606 xl2tpd[14345]: "file" aug. 23 17:13:18.606 xl2tpd[14345]: "/etc/ppp/Tunnel1.options.xl2tpd" aug. 23 17:13:18.606 xl2tpd[14345]: "ipparam" aug. 23 17:13:18.607 xl2tpd[14345]: "<VPN gateway>" aug. 23 17:13:18.607 xl2tpd[14345]: "/dev/pts/4" aug. 23 17:13:18.607 pppd[14438]: Plugin passprompt.so loaded. aug. 23 17:13:18.607 pppd[14438]: pppd 2.4.5 started by root, uid 0 aug. 23 17:13:18.608 pppd[14438]: Using interface ppp0 aug. 23 17:13:18.608 pppd[14438]: Connect: ppp0 <--> /dev/pts/4 aug. 23 17:13:21.650 pppd[14438]: CHAP authentication succeeded: Access granted aug. 23 17:13:21.651 pppd[14438]: CHAP authentication succeeded aug. 23 17:13:21.692 pppd[14438]: local IP address 10.1.2.2 aug. 23 17:13:21.693 pppd[14438]: remote IP address 10.1.2.1 aug. 23 17:13:21.693 pppd[14438]: primary DNS address 10.1.2.1 aug. 23 17:13:21.694 pppd[14438]: secondary DNS address 10.1.2.1 aug. 23 17:13:46.528 Stopping xl2tpd: xl2tpd. aug. 23 17:13:46.528 xl2tpd[14345]: death_handler: Fatal signal 15 received aug. 23 17:13:46.529 pppd[14438]: Modem hangup aug. 23 17:13:46.529 pppd[14438]: Connect time 0.5 minutes. aug. 23 17:13:46.529 pppd[14438]: Sent 1866 bytes, received 1241 bytes. aug. 23 17:13:46.529 pppd[14438]: Connection terminated. aug. 23 17:13:46.562 ipsec_setup: Stopping Openswan IPsec... aug. 23 17:13:46.576 pppd[14438]: Exit.

    Read the article

  • Load balancing with multiple gateways

    - by ttouch
    I have to different ISPs, each on each own network. The main connects via ethernet and the secondary via wifi. The two networks have no relation at all. I just connect to them simultaneously. The reason I want to load balance between them is to achieve higher Internet speeds. Note: I have no advanced network hardware. Just my pc and the two routers that I have no access... main network: if: eth0 gw: 192.168.178.1 my ip: 192.168.178.95 speed: 400 kbit/s secondary network: if: wlan0 gw: 192.168.1.1 my ip: 192.168.1.95 speed: 300 kbit/s A diagram to explain the situation: http://i.imgur.com/NZdsv.jpg I'm on Arch Linux x64. I use netcfg to configure the interfaces Configs: # /etc/network.d/main CONNECTION='ethernet' DESCRIPTION='A basic static ethernet connection using iproute' INTERFACE='eth0' IP='static' ADDR='192.168.178.95' # /etc/network.d/second CONNECTION='wireless' DESCRIPTION='A simple WEP encrypted wireless connection' INTERFACE='wlan0' SECURITY='wep' ESSID='wifi_essid' KEY='the_password' IP="static" ADDR='192.168.1.95' And I use iptables to load balance, rules: #!/bin/bash /usr/sbin/ip route flush table ISP1 2>/dev/null /usr/sbin/ip rule del fwmark 101 table ISP1 2>/dev/null /usr/sbin/ip route add table ISP1 192.168.178.0/24 dev eth0 proto kernel scope link src 192.168.178.95 metric 202 /usr/sbin/ip route add table ISP1 default via 192.168.178.1 dev eth0 /usr/sbin/ip rule add fwmark 101 table ISP1 /usr/sbin/ip route flush table ISP2 2>/dev/null /usr/sbin/ip rule del fwmark 102 table ISP2 2>/dev/null /usr/sbin/ip route add table ISP2 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.95 metric 202 /usr/sbin/ip route add table ISP2 default via 192.168.1.1 dev wlan0 /usr/sbin/ip rule add fwmark 102 table ISP2 /usr/sbin/iptables -t mangle -F /usr/sbin/iptables -t mangle -X /usr/sbin/iptables -t mangle -N MARK-gw1 /usr/sbin/iptables -t mangle -A MARK-gw1 -m comment --comment 'send via 192.168.178.1' -j MARK --set-mark 101 /usr/sbin/iptables -t mangle -A MARK-gw1 -j CONNMARK --save-mark /usr/sbin/iptables -t mangle -A MARK-gw1 -j RETURN /usr/sbin/iptables -t mangle -N MARK-gw2 /usr/sbin/iptables -t mangle -A MARK-gw2 -m comment --comment 'send via 192.168.1.1' -j MARK --set-mark 102 /usr/sbin/iptables -t mangle -A MARK-gw2 -j CONNMARK --save-mark /usr/sbin/iptables -t mangle -A MARK-gw2 -j RETURN /usr/sbin/iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark /usr/sbin/iptables -t mangle -A PREROUTING -m comment --comment "this stream is already marked; escape early" -m mark ! --mark 0 -j ACCEPT /usr/sbin/iptables -t mangle -A PREROUTING -m comment --comment 'prevent asynchronous routing' -i eth0 -m conntrack --ctstate NEW -j MARK-gw1 /usr/sbin/iptables -t mangle -A PREROUTING -m comment --comment 'prevent asynchronous routing' -i wlan0 -m conntrack --ctstate NEW -j MARK-gw2 /usr/sbin/iptables -t mangle -N DEF_POL /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'default balancing' -p tcp -m conntrack --ctstate ESTABLISHED,RELATED -j CONNMARK --restore-mark /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'default balancing' -p udp -m conntrack --ctstate ESTABLISHED,RELATED -j CONNMARK --restore-mark /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'balance gw1 tcp' -p tcp -m conntrack --ctstate NEW -m statistic --mode nth --every 2 --packet 0 -j MARK-gw1 /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'balance gw1 tcp' -p tcp -m conntrack --ctstate NEW -m statistic --mode nth --every 2 --packet 0 -j ACCEPT /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'balance gw2 tcp' -p tcp -m conntrack --ctstate NEW -m statistic --mode nth --every 2 --packet 1 -j MARK-gw2 /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'balance gw2 tcp' -p tcp -m conntrack --ctstate NEW -m statistic --mode nth --every 2 --packet 1 -j ACCEPT /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'balance gw1 udp' -p udp -m conntrack --ctstate NEW -m statistic --mode nth --every 2 --packet 0 -j MARK-gw1 /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'balance gw1 udp' -p udp -m conntrack --ctstate NEW -m statistic --mode nth --every 2 --packet 0 -j ACCEPT /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'balance gw2 udp' -p udp -m conntrack --ctstate NEW -m statistic --mode nth --every 2 --packet 1 -j MARK-gw2 /usr/sbin/iptables -t mangle -A DEF_POL -m comment --comment 'balance gw2 udp' -p udp -m conntrack --ctstate NEW -m statistic --mode nth --every 2 --packet 1 -j ACCEPT /usr/sbin/iptables -t mangle -A PREROUTING -j DEF_POL /usr/sbin/iptables -t nat -A POSTROUTING -m comment --comment 'snat outbound eth0' -o eth0 -s 192.168.0.0/16 -m mark --mark 101 -j SNAT --to-source 192.168.178.95 /usr/sbin/iptables -t nat -A POSTROUTING -m comment --comment 'snat outbound wlan0' -o wlan0 -s 192.168.0.0/16 -m mark --mark 102 -j SNAT --to-source 192.168.1.95 /usr/sbin/ip route flush cache (this script was made by fukawi2, I don't know how to use iptables) but I have no Internet connection... output of iptables -t mangle -nvL Chain PREROUTING (policy ACCEPT 1254K packets, 1519M bytes) pkts bytes target prot opt in out source destination 1278K 1535M CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK restore 21532 15M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 /* this stream is already marked; escape early */ mark match ! 0x0 582 72579 MARK-gw1 all -- eth0 * 0.0.0.0/0 0.0.0.0/0 /* prevent asynchronous routing */ ctstate NEW 2376 696K MARK-gw2 all -- wlan0 * 0.0.0.0/0 0.0.0.0/0 /* prevent asynchronous routing */ ctstate NEW 1257K 1520M DEF_POL all -- * * 0.0.0.0/0 0.0.0.0/0 Chain INPUT (policy ACCEPT 1276K packets, 1535M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 870K packets, 97M bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 870K packets, 97M bytes) pkts bytes target prot opt in out source destination Chain DEF_POL (1 references) pkts bytes target prot opt in out source destination 1236K 1517M CONNMARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default balancing */ ctstate RELATED,ESTABLISHED CONNMARK restore 15163 2041K CONNMARK udp -- * * 0.0.0.0/0 0.0.0.0/0 /* default balancing */ ctstate RELATED,ESTABLISHED CONNMARK restore 555 33176 MARK-gw1 tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* balance gw1 tcp */ ctstate NEW statistic mode nth every 2 555 33176 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* balance gw1 tcp */ ctstate NEW statistic mode nth every 2 277 16516 MARK-gw2 tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* balance gw2 tcp */ ctstate NEW statistic mode nth every 2 packet 1 277 16516 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* balance gw2 tcp */ ctstate NEW statistic mode nth every 2 packet 1 1442 384K MARK-gw1 udp -- * * 0.0.0.0/0 0.0.0.0/0 /* balance gw1 udp */ ctstate NEW statistic mode nth every 2 1442 384K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 /* balance gw1 udp */ ctstate NEW statistic mode nth every 2 720 189K MARK-gw2 udp -- * * 0.0.0.0/0 0.0.0.0/0 /* balance gw2 udp */ ctstate NEW statistic mode nth every 2 packet 1 720 189K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 /* balance gw2 udp */ ctstate NEW statistic mode nth every 2 packet 1 Chain MARK-gw1 (3 references) pkts bytes target prot opt in out source destination 2579 490K MARK all -- * * 0.0.0.0/0 0.0.0.0/0 /* send via 192.168.178.1 */ MARK set 0x65 2579 490K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save 2579 490K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 Chain MARK-gw2 (3 references) pkts bytes target prot opt in out source destination 3373 901K MARK all -- * * 0.0.0.0/0 0.0.0.0/0 /* send via 192.168.1.1 */ MARK set 0x66 3373 901K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK save 3373 901K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0

    Read the article

< Previous Page | 39 40 41 42 43 44 45 46 47 48 49 50  | Next Page >