Search Results

Search found 21268 results on 851 pages for 'null route'.

Page 453/851 | < Previous Page | 449 450 451 452 453 454 455 456 457 458 459 460  | Next Page >

• Apache: Isn't chmod 755 enough to set up symlink or alias on Apache httpd on Mac OS 10.5?

  - by eed3si9n

  On my Mac OS 10.5 machine, I would like to set up a subfolder of ~/Documents like ~/Documents/foo/html to be http://localhost/foo. The first thing I thought of doing is using Alias as follows: Alias /foo /Users/someone/Documents/foo/html <Directory "/Users/someone/Documents/foo/html"> Options Indexes FollowSymLinks MultiViews Order allow,deny Allow from all </Directory> This got me 403 Forbidden. In the error_log I got: [error] [client ::1] (13)Permission denied: access to /foo denied The subfolder in question has chmod 755 access. I've tried specifying likes like http://localhost/foo/test.php, but that didn't work either. Next, I tried the symlink route. Went into /Library/WebServer/Documents and made a symlink to ~/Documents/foo/html. The document root has Options Indexes FollowSymLinks MultiViews This still got me 403 Forbidden: Symbolic link not allowed or link target not accessible: /Library/WebServer/Documents/foo What else do I need to set this up? Solution: $ chmod 755 ~/Documents In general, the folder to be shared and all of its ancestor folder needs to be viewable by the www service user.

  Read the article

• Useful design patterns for working with FragmentManger on Android

  - by antman8969

  When working with fragments, I have been using a class composed of static methods that define actions on fragments. For any given project, I might have a class called FragmentActions, which contains methods similar to the following: public static void showDeviceFragment(FragmentManager man){ String tag = AllDevicesFragment.getFragmentTag(); AllDevicesFragment fragment = (AllDevicesFragment)man.findFragmentByTag(tag); if(fragment == null){ fragment = new AllDevicesFragment(); } FragmentTransaction t = man.beginTransaction(); t.add(R.id.main_frame, fragment, tag); t.commit(); } I'll usually have one method per application screen. I do something like this when I work with small local databases (usually SQLite) so I applied it to fragments, which seem to have a similar workflow; I'm not married to it though. How have you organized your applications to interface with the Fragments API, and what (if any) design patterns do you think apply do this?

  Read the article

• Viewport.Unproject - Checking if a model intersects a large sprite

  - by Fibericon

  Let's say I have a sprite, drawn like this: spriteBatch.Draw(levelCannons[i].texture, levelCannons[i].position, null, alpha, levelCannons[i].rotation, Vector2.Zero, scale, SpriteEffects.None, 0); Picture levelCannon as being a laser beam that goes across the entire screen. I need to see if my 3d model intersects with the screen space inhabited by the sprite. I managed to dig up Viewport.Unproject, but that seems to only be useful when dealing with a single point in 2d space, rather than an area. What can I do in my case?

  Read the article

• Trouble setting up incoming VPN in Microsoft SBS 2008 through a Cisco ASA 5505 appliance

  - by Nils

  I have replaced an aging firewall (custom setup using Linux) with a Cisco ASA 5505 appliance for our network. It's a very simple setup with around 10 workstations and a single Small Business Server 2008. Setting up incoming ports for SMTP, HTTPS, remote desktop etc. to the SBS went fine - they are working like they should. However, I have not succeeded in allowing incoming VPN connections. The clients trying to connect (running Windows 7) are stuck with the "Verifying username and password..." dialog before getting an error message 30 seconds later. We have a single external, static IP, so I cannot set up the VPN connection on another IP address. I have forwarded TCP port 1723 the same way as I did for SMTP and the others, by adding a static NAT route translating traffic from the SBS server on port 1723 to the outside interface. In addition, I set up an access rule allowing all GRE packets (src any, dst any). I have figured that I must somehow forward incoming GRE packets to the SBS server, but this is where I am stuck. I am using ADSM to configure the 5505 (not console). Any help is very much appreciated!

  Read the article

• Using a Higher Precision (than 8-bit unsigned integer) Buffered Image for Heightmaps in Java

  - by pl12

  I am generating a heightmap for every quad in my quadtree in openCL. The way I was creating the image is as follows: DataBufferInt dataBuffer = (DataBufferInt)img.getRaster().getDataBuffer(); int data[] = dataBuffer.getData(); //img is a bufferedimage inputImageMem = CL.clCreateImage2D( context, CL_MEM_READ_WRITE | CL_MEM_USE_HOST_PTR, new cl_image_format[]{imageFormat}, size, size, size * Sizeof.cl_uint, Pointer.to(data), null); This works ok but the major issue is that as the quads get smaller and smaller the 8-bit format of the buffered image starts to cause intolerable "stepping" issues as seen below: I was wondering if there was an alternate way I could go about doing this? Thanks for the time.

  Read the article

• Network topology for both direct and routed traffic between two nodes

  - by IndigoFire

  Despite it's small size, this is the most difficult network design problem I've faced. There are three nodes in this network: PC running Windows XP with an internal WiFi adapter.Base station with both WiFi and a Wireless Modem (WiModem)Mobile device with both WiFi and WiModem The modem is a low-bandwidth but high-reliability connection. We'd like to use WiFi for high-bandwidth stuff like file transfers when the mobile is nearby, and the modem for control information. Here's the tricky part: we'd like the wifi traffic to go directly from the mobile to the PC, as rebroadcasting packets on the same WiFi channel takes up double the bandwidth. We can do that with a manual configuration by giving the both the PC and the base station two IP addresses for their WiFi interfaces: one on a subnet shared with the mobile, and one on their own subnet. The routes on the PC are set up so that any traffic going to the mobile via WiModem goes through the secondary IP address so that return traffic from the mobile also goes through the WiModem. Here's what that looks like: PC WiFi 1: 192.168.2.10/24 WiFi 2: 192.168.3.10/24 Default route: 192.168.2.1 Base Station WiFi 1: 192.168.2.1/24 WiFi 2: 192.168.3.1/24 WiModem: 192.168.4.1/24 Mobile WiFi: 192.168.3.20/24 WiModem: 192.168.4.20/24 We'd like to move to having the base station automatically configure the mobile and PC, as the manual setup is problematic when you start having multiple mobiles and PCs. This means that the PC can only have 1 IP address and needs to be treated as being pretty simple. Is it possible to have a setup driven by DHCP on the base station that is efficient with bandwidth?

  Read the article

• Component based design, but components rely on eatchother

  - by MintyAnt

  I've begun stabbing at a "Component Based" game system. Basically, each entity holds a list of components to update (and render) I inherit the "Component" class and break each game system into it. Examples: RenderComponent - Draws the entity MovementComponent - Moves the entity, deals with velocity and speed checks DamageComponent - Deals with how/if the entity gets damaged... So. My system has this: MovementComponent InputComponent Now maybe my design is off, but the InputComponent should say things like if (w key is down) add y speed to movement if (x key is down) Trigger primary attack This means that the InputComponent sort of relies on these other components. I have to do something alone the lines of: if (w key is down) { MovementComponent* entityMovement = mEntity->GetMovement(); if (entityMovement != NULL) add y speed to movement } which seems kinda crappy every update. Other options? Better design? Is this the best way? Thanks!

  Read the article

• In a 2D tile-based game, how should NPCs and tiles reference each other?

  - by lezebulon

  I'm making a tile engine for 2D games (seen from the top). Basically the world is composed of a grid of tiles. Now I want to put for instance NPCs that can move on the map. What do you think is best: 1) each tile has a pointer to the NPC that is on its tile, or a NULL pointer 2) having a list of NPCs, and they have the coordinates of the tile they are on. 3) something else? 1) is faster for collision detection but it would use much more memory space and it is slower to find all NPCs in a map. 2) is the opposite. thanks

  Read the article

• Securing NTP: which method to use?

  - by Harry

  Can someone good at NTP configuration please share which method is the best/easiest to implement a secure, tamper-proof version of NTP? Here are some difficulties... I don't have the luxury of having my own stratum 0 time source, so must rely on external time servers. Should I read up on the AutoKey method or should I try to go the MD5 route? Based on what I know about symmetric cryptography, it seems that the MD5 method relies on a pre-agreed set of keys (symmetric cryptography) between the client and the server, and, so, is prone to man-in-the-middle attack. AutoKey, on the other hand, does not appear to work behind a NAT or a masquerading host. Is this still true, by the way? (This reference link is dated 2004, so I'm not sure what is the state of art today.) 4.1 Are public AutoKey-talking time servers available? I browsed through the NTP book by David Mills. The book looks excellent in a way (coming from the NTP creator after all), but the information therein is also overwhelming. I just need to first configure a secure version of NTP and then may be later worry about its architectural and engineering underpinnings. Can someone please wade me through these drowning NTP waters? Don't necessarily need a working config from you, just info on which NTP mode/config to try and may be also a public time server that supports that mode/config. Many thanks, /HS

  Read the article

• Links in my site have been hacked

  - by Funky

  In my site I prefix the images and links with the domain of the site for better SEO using the code below: public static string GetHTTPHost() { string host = ""; if (HttpContext.Current.Request["HTTP_HOST"] != null) host = HttpContext.Current.Request["HTTP_HOST"]; if (host == "site.co.uk" || host == "site.com") { return "http://www." + host; } return "http://"+ host; } This works great, but for some reason, lots of links have now changed to http://www.baidu.com/... There is no sign of this in any of the code or project, the files on the server also have a change date when i last did the publish at 11 yesterday, so all the files on there look fine. I am using ASP.net and Umbraco 4.7.2 Does anyone have any ideas? thanks

  Read the article

• C# Image Download

  - by Nouman Zakir

  A C# class that makes it easier to download images from the web. Use the following code in your program to download image files such as JPG, GIF, PNG, etc from the internet using WebClient class. using System;using System.Drawing;using System.Drawing.Imaging;using System.IO;using System.Net;public class DownloadImage { private string imageUrl; private Bitmap bitmap; public DownloadImage(string imageUrl) { this.imageUrl = imageUrl; } public void Download() { try { WebClient client = new WebClient(); Stream stream = client.OpenRead(imageUrl); bitmap = new Bitmap(stream); stream.Flush(); stream.Close(); } catch (Exception e) { Console.WriteLine(e.Message); } } public Bitmap GetImage() { return bitmap; } public void SaveImage(string filename, ImageFormat format) { if (bitmap != null) { bitmap.Save(filename, format); } }}

  Read the article

• query in codeIgniter style

  - by troy

  I have below query: SET @sql = NULL ; SELECT GROUP_CONCAT( DISTINCT CONCAT( 'select latitude,longitude,max(serverTime) as serverTime,', deviceID, ' AS device from d', deviceID, '_gps' ) SEPARATOR ' UNION ALL ' ) INTO @sql FROM devices WHERE accountID =2; PREPARE stmt FROM @sql ; EXECUTE stmt; Can someone help me to write the above query in codeIgniter style.... ANd another thing is :What is the difference between writing the query in 1 and 2 formats 1. $query = $this->db->query('YOUR QUERY HERE'); 2. $this->db->select("..."); $this->db->from(); $this->db->where(); Will it have any effect on performance if we use 2nd style... Thank You

  Read the article

• when to upgrade server to include more cores, versus more processors, versus additional server?

  - by gkdsp

  The server hosting market is separated into single, double, qual, etc., processors, where each processor has several cores, or CPUs. My company will offer a Linux-based web application that relies on an Apache web server and a middle tier for business logic. The middle tier is used to crunch math, and return result to a client. Many clients may access the application simultaneously. The company will start with one processor having 4 cores. I'm trying to understand how the app uses the cores and then how to scale the application as business grows, in terms of servers/processors/cores. For example, I'd assume initially one core would be used for Apache, and the other 3 used to process client's requests for math crunching... Question 1: does that mean, with the 3 cores available, I can handle 3 separate client requests simultaneously (e.g. 1 for each of 3 cores)? I mean, except for the shared RAM, is this effectively like having 3 individual machines (from pt of view or processing client requests simulaneously)? Or, only one client's request may be processed at any one time, but that client's request is divided up into up to 3 cores depending on the type of process running that does the math crunching and whether or not it can take advantage of multi threading (so the # of cores impacts how fast any one client request completes)? I'm confused about what the cores mean to the application here. Question 2: As the business grows and more client requests need to be processed, should the server be upgraded to (A) a new machine with more cores, (B) a new machine with two processors, 4 cores each, or (C) keep the original server and add another server with a single processor? Which route provides the most efficient way to scale the application, in terms of processing more client requests per time interval? Is the choice, for example, limited by RAM (when you need more RAM than box can handle it's time to add another server), or something else? Question 3: Is the total number of client requests processed simultaneously equal to the number of cores times the number of servers (minus the one core for Apache)?

  Read the article

• Not able to connect to port different than 22 - OpenVPN

  - by t8h7gu

  I have OpenVPN network with 5 clients. Computer with Arch Linux which hosts OpenVPN server, It also hosts virtual machine with Computer with CentOS which is also connnected to OpenVPN subnet. Windows 8 which hosts virtual machine with CentOS. Both of them are connected to OpenVPN. Last one machine is virtual machine with CentOS which is hosted by computer with Ubuntu 14( which is not connected to OpenVPN. All machines in OpenVPN subnet are bolded. All phisical computers are in different networks. The problem is that when I use nmap to scan Windows and it's guest virtual machine it's saids that host seems down. When I force namp to scan specific port it shows filtered state: nmap -Pn -p 50010 n3 Starting Nmap 6.46 ( http://nmap.org ) at 2014-06-07 19:49 CEST Nmap scan report for n3 (10.8.0.3) Host is up (0.11s latency). rDNS record for 10.8.0.3: node3.com PORT STATE SERVICE 50010/tcp filtered unknown Telnet also cannot connect to this port telnet n3 50010 Trying 10.8.0.3... telnet: Unable to connect to remote host: No route to host But ss on this host show's proper state of this port ss -anp | grep 50010 LISTEN 0 50 10.8.0.3:50010 *:* users:(("java",12310,271)) What might be possible reason of that and how to fix it? EDIT I've found that I am able to connect via telnet to ssh port: telnet n3 22 Trying 10.8.0.3... Connected to n3. Escape character is '^]'. SSH-2.0-OpenSSH_5.3 So it seems that it's not problem with Windows firewall. But I have no idea what it might be. Also nmap result for first thousand ports: nmap -Pn -p 1-1000 n3 Starting Nmap 6.46 ( http://nmap.org ) at 2014-06-07 20:08 CEST Nmap scan report for n3 (10.8.0.3) Host is up (0.49s latency). rDNS record for 10.8.0.3: node3.com Not shown: 999 filtered ports PORT STATE SERVICE 22/tcp open ssh Nmap done: 1 IP address (1 host up) scanned in 77.87 seconds

  Read the article

• MS Word TOC that references # pages rather than page number

  - by buttonsrtoys

  We frequently need to write specifications in Word which require a TOC that refers to the total number of pages in a section, rather than the page number. E.g., Section No. Pages 01010 Summary of Work..............5 01025 Prices.......................2 01400 Quality Control..............1 01700 Contract Close Out...........2 A wrinkle is that each section is a separate file. To date, we've been writing or TOC by hand, which has introduced every error imaginable. Is there an MS feature that populates a TOC with page totals? If not, I've done a little VB in Office, so wouldn't be opposed to that route as need be, as long as it was usable by our low tech users. Related question - all the section files are in the same folder. It would be nice if the TOC loaded every file in a folder, rather than having to specify each one. Is this a feature of Word or would this require VB? We tried a master document with links to subdocuments, but since the number of section files ebbs and flows with each project, the approach required too much maintenance for our Wordophobes.

  Read the article

• NAT via iptables and virtual interface

  - by Alex

  I'm trying to implement the following scenario: One VM-host, multiple guest VMs, each one gets its own IP-address (and domain). Our server has only one physical interface, so the intended use is to add virtual interfaces on eth0. To complicate our situation the provider uses port-security on their switches, so I can't run the guest interfaces in bridged mode, because then the switch detects a "spoofed" MAC-address and kills the interface (permanently, forcing me to call the support, which I'm sure will get them a little bit angry the third time ;) ). My first guess was to use iptables and NAT to forward all packages from one virtual interface to another one, but iptables doesn't seem to like virtual interfaces (at least I can't get it to work properly). So my second guess is to use the source IP of the packages to the public interface. Let's assume libvirt creates a virbr0-network with 192.168.100.0/24 and the guest uses 192.168.100.2 as IP-address. This is what I tried to use: iptables -t nat -I PREROUTING --src public_ip_on_eth0:0 -p tcp --dport 80 -j DNAT --to-destination 192.168.100.2:80 That doesn't give me the intended results either (accessing the server times out). Is there a way to do what I'm trying to do, or even to route all traffic to a certain IP on a virtual interface to the VM's device?

  Read the article

• Obtaining clear cable signal with Hauppage 1191-950Q TV Tuner

  - by Kyle B.

  I bought a Hauppauge 1191 WinTV-HVR-950Q TV Tuner a while back, and I am attempting to use it to watch TV in Windows Media Center. I do not have cable TV, however I used to have Comcast. Through experimentation, I found that connecting my coax cable into my TV, I was able to view television (i.e. 2-1 = CBS, 5-1 = NBC, etc). This also works on a second TV I use in another room. When I connect the coax cable to my TV Tuner stick and scan TV channels in Windows Media Center, it only picks up 1 station (like 81 or something). My only conclusion on this is somehow the hardware in the television is decrypting a signal that the TV tuner stick is not able to. Is that possible? Should I try a different TV tuner? Any assistance would be appreciated. I also bought a Terk HD Indoor Antenna but my reception has been flakey, so I would rather go this route if possible.

  Read the article

• Client cannot access my IIS7 web server

  - by Soccerwiz

  I have a Windows 2008 web server on running IIS 7 with about 25 websites. One of those sites is an SaaS application that is accessed constantly throughout the day. However, one particular client keeps getting blocked from my server. They will be using the service, and then all of a sudden they cannot access the program, or any other site on the server. The entire office of 4 users is blocked from accessing anything on the web server. A trace route reveals they get all the way to the server before they are blocked. However, they can access a linux server that is a different VM with a different IP on the same physical server. Also, when they are blocked from their office, they can still access the site from their mobile phone or local Starbucks. They can also occasionally reset the router and gain access to the web server again as they are on a dynamic IP address. I checked IIS and allow all IPs to access the server. There is nothing in the logs the says anything about a user being banned. I really have no idea what is causing this? Could it be a virus on their end? I have even moved the SaaS to a completely new server in a different location, and they were working fine for about a month, and then the problem started occurring again. Are there any hidden blacklists in IIS? Or is it a routing issue on their end?

  Read the article

• SSH not working through Double NAT

  - by d_inevitable

  I am trying to setup port forwarding for ssh through 2 NATs The first Router translates my internet IP to my outer network (10.1.7.0). In the outer network there's a second Router that does NAT to my inner network (192.168.1.0). The target server is connected to both, the outer network and the inner network. I cannot change the port forwarding options for outer router. It is currently configured to forward the SSH and HTTP port to the router for the inner network. Internet + | v +-----------------+ +------------------+ | Outer Router | | Inner Router | |-----------------| |------------------| | | SSH HTTP | | +----+ +--------------------->| | | | | | | | | | | | | +-------+---------+ +------+---------+-+ | | | | | | | | | | | | | | +------------------+ | SSH | | | | Server | | | | | |------------------| | | | +-----------> |<-------+ | | | | |HTTP (testing) | +------------------+ | | | +------v------------------+ | | Outer Workstation | +-------------------+ | |-------------------------| | Inner Workstation| | | | |-------------------| | | | | |<----------------+ +-------------------------+ | | +-------------------+ When connecting from a outer workstation to the address of the inner router, then both SSH and HTTP work fine. When connecting from the internet to my public ip with HTTP, the connection works fine as well. However SSH just times out. Most likely because the reply is not routed back properly. I suspect its either because of the SSH itself, or because the server is connected to both, the inner and outer network. Any ideas how I could resolve this issue? The routes on the server are currently: ip route show default via 10.1.7.254 dev eth0 metric 100 10.1.7.0/24 dev eth0 proto kernel scope link src 10.1.7.1 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.2 Do I have to change this? If so how?

  Read the article

• XNA: Retrieve texture file name during runtime

  - by townsean

  I'm trying to retrieve the names of the texture files (or their locations) on a mesh. I realize that the texture file name information is not preserved when the model is loaded. I've been doing tons of searching and some experimenting but I've been met with no luck. I've gathered that I need to extended the content pipeline and store the file location in somewhere like ModelMeshPart.Tag. My problem is, even when I'm trying to make my own custom processor, I still can't figure out where the texture file name is. :( Any thoughts? Thanks! UPDATE: Okay, so I found something kind of promising. NodeContent.Identity.SourceFilename, only that returns the location of my .X model. When I go down the node tree he is always null. Then there's the ContentItem.Name property. It seems to have names of my mesh, but not my actual texture file names. :(

  Read the article

• Shared Object Not saving the level Progress

  - by user3536228

  I am making a flash game in which i have a variable levelState that describes the current level in which user has entered I am using SharedObject to save the progress but it does not do so first i declred a clas level variable private var levelState:Number = 1; private var mySaveData:SharedObject = SharedObject.getLocal("levelSave"); in the Main function i am checking if it is a first run of the game like below if (mySaveData.data.levelsComplete == null) { mySaveData.data.levelsComplete = 1; } and in a function where the winning condition is checked so that levelState could be increased i am usin this sharedobject to hold the value of levelState if (/*winniing condition*/) levelState++; mySaveData.data.levelsComplete = levelState; mySaveData.flush(); setNewLevel(levelState); } but when i play the game clear a level and again run the game it does not start from that level it starts from beginning.

  Read the article

• linux networking: how to redirect incoming connections from old server to new server?

  - by aliz

  hi I'm in the process of moving my old server to a new server, but i will keep the old server running for database replication and load balancing, etc. each server has a separate internet connection with a static ip, and they are connected through a local Ethernet connection. I've got Ubuntu 8.04 32-bit running on old server and Debian 6.0 64-bit on new one. shorewall firewall is installed on both servers. there are some outdoor devices which are periodically sending data to port 43597 for old server IP address. I can run multiple instances of the network service which is responsible for receiving data from devices on a server but on different ports. here's the question: how can I run the service on new server and have connections coming to old server redirected to it, and new devices can still connect to new server's IP address preferably on the same port and same service? until all devices get updated to send to new server. I've tried a shorewall DNAT rule, but seems like new server's default route should be changed to ethernet connection, which breaks other things. I also found about redir utility, but still haven't tried it. is there any best practice or simple solution for such a scenario, i'm not aware of? thanks in advance.

  Read the article

• ActiveMQ Configuration with KahaDB

  - by xeraa

  We are using ActiveMQ 5.6.0 with KahaDB. It has produced quite some log files, which is to be expected with our infrastructure, looking like this: $ ll -h /opt/activemq/data/kahadb/ total 969M drwxr-xr-x 2 root root 4.0K Nov 3 12:47 ./ drwxr-xr-x 3 activemq activemq 4.0K Sep 24 12:12 ../ -rw-r--r-- 1 root root 39M Oct 16 07:57 db-202.log -rw-r--r-- 1 root root 38M Oct 16 07:57 db-203.log -rw-r--r-- 1 root root 33M Oct 17 08:12 db-238.log ... No more messages were processed, when we ran into the 1GB temp usage limit. Or that's what we are assuming, is that correct? The configuration looks like this: <systemUsage> <systemUsage> <memoryUsage> <memoryUsage limit="512mb"/> </memoryUsage> <storeUsage> <storeUsage limit="3 gb"/> </storeUsage> <tempUsage> <tempUsage limit="1 gb"/> </tempUsage> </systemUsage> </systemUsage> After cleaning up the log files and being way below the limits, still no messages were consumed by AMQ. Only when we manually purged a route, messages were starting to be delivered again. So we need to ensure, that the KahaDB log size always stays below the temp usage, right? And that delivery was not picked up after fixing that is a bug or are there any other steps to be taken?

  Read the article

• Monitor attached to motherboard is out of frequency

  - by Neilvert Noval

  I don't know if this is appropriate to ask it here in superuser. Please, just route this to appropriate stackexchange site if found unrelevant. Here's my scenario. I have bought a new motherboard (MSI 785GT-E63). I already have an old CRT monitor connected to it. After I install a linux OS to it, my monitor will display that it is: Out of frequency. Current frequency is 89Hz. The operating output of my monitor is (around) 60-70Hz. I would like to get this thing work. How can I let my CRT display properly? I was thinking of lowering down video frequency output of my motherboard, but I can't find any settings on my BIOS setup. Additional info: My monitor is attached directly to the built-in video adaptor of my motherboard. (No additional video cards) Install of OS is complete without errors. Please help.

  Read the article

• Possible for linux bridge to intercept traffic?

  - by A G

  I have a linux machine setup as a bridge between a client and a server; brctl addbr0 brctl addif br0 eth1 brctl addif br0 eth2 ifconfig eth1 0.0.0.0 ifconfig eth2 0.0.0.0 ip link set br0 up I also have an application listening on port 8080 of this machine. Is it possible to have traffic destined for port 80 to be passed to my application? I have done some research and it looks like it could be done using ebtables and iptables. Here is the rest of my setup: //set the ebtables to pass this traffic up to ip for processing; DROP on the broute table should do this ebtables -t broute -A BROUTING -p ipv4 --ip-proto tcp --ip-dport 80 -j redirect --redirect-target DROP //set iptables to forward this traffic to my app listening on port 8080 iptables -t mangle -A PREROUTING -p tcp --dport 80 -j TPROXY --on-port 8080 --tproxy-mark 1/1 iptables -t mangle -A PREROUTING -p tcp -j MARK --set-mark 1/1 //once the flows are marked, have them delivered locally via loopback interface ip rule add fwmark 1/1 table 1 ip route add local 0.0.0.0/0 dev lo table 1 //enable ip packet forwarding echo 1 > /proc/sys/net/ipv4/ip_forward However nothing is coming into my application. Am I missing anything? My understanding is that the target DROP on the broute BROUTING chain will push it up to be processed by iptables. Secondly, are there any other alternatives I should investigate? Edit: IPtables gets it at nat PREROUTING, but it looks like it drops after that; the INPUT chain (in either mangle or filter) doesn't see the packet.

  Read the article

< Previous Page | 449 450 451 452 453 454 455 456 457 458 459 460  | Next Page >