Search Results

Search found 3140 results on 126 pages for 'debian'.

Page 49/126 | < Previous Page | 45 46 47 48 49 50 51 52 53 54 55 56  | Next Page >

  • ldap_modify: Insufficient access (50)

    - by Lynn Owens
    I am running an OpenLDAP 2.4 server that uses the SSL service for communication. It works for lookups. I am trying to add mirror mode replication. So this is the command that I'm executing: ldapmodify -D "cn=myuser,dc=mydomain,dc=com" -H ldaps://myloadbalancer -W -f /etc/ldap/ldif/server_id.ldif Where this is my server_id.ldif: dn: cn=config changetype: modify replace: olcServerID olcServerID: 1 myserver1 olcServerID: 2 myserver2 and this is my cn\=config.ldif in the slapd.d tree of text files: dn: cn=config objectClass: olcGlobal cn: config olcArgsFile: /var/run/slapd/slapd.args olcPidFile: /var/run/slapd/slapd.pid olcToolThreads: 1 structuralObjectClass: olcGlobal entryUUID: ff9689de-c61d-1031-880b-c3eb45d66183 creatorsName: cn=config createTimestamp: 20121118224947Z olcLogLevel: stats olcTLSCertificateFile: /etc/ldap/certs/ldapscert.pem olcTLSCertificateKeyFile: /etc/ldap/certs/ldapskey.pem olcTLSCACertificateFile: /etc/ldap/certs/ldapscert.pem olcTLSVerifyClient: never entryCSN: 20121119022009.770692Z#000000#000#000000 modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth modifyTimestamp: 20121119022009Z But unfortunately I'm getting this: Enter LDAP Password: modifying entry "cn=config" ldap_modify: Insufficient access (50) If I try to specify the config database I get this: ldapmodify -H 'ldaps://myloadbalancer/cn=config' -D "cn=myuser,cn=config" -W -f ./server_id.ldif Enter LDAP Password: ldap_bind: Invalid credentials (49)} Does anyone know how I can add the serverID to the config database so that I can complete the setup of mirror mode?

    Read the article

  • DKIM- Filter No Signature Data

    - by Vineet Sharma
    I have installed DKIM-Filter on Postfix after reading this tutorial http://www.unibia.com/unibianet/systems-networking/how-setup-domainkeys-identified-mail-dkim-postfix-and-ubuntu-server My email now has a DKIM signature but still it is landing in the SPAM folder. Here is the header Received-SPF: neutral (google.com: 69.164.193.167 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=69.164.193.167; Authentication-Results: mx.google.com; spf=neutral (google.com: 69.164.193.167 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]; dkim=hardfail (test mode) [email protected] Received: from promote.a2labs.in (localhost [127.0.0.1]) by promote.a2labs.in (Postfix) with ESMTPA id 34858530E8 for <[email protected]>; Mon, 28 Feb 2011 12:23:07 +0530 (IST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=a2labs.in; s=mail; t=1298875987; bh=bo+H1VYPIHMja2u7i1lnzr4k/j4Pe8iSf79bVw94XpI=; h=To:Subject:Message-ID:Date:From:Reply-To:MIME-Version: Content-Type:Content-Transfer-Encoding; b=nhTdlnUwo0iUJ92ycQzKSRjw 5Pfya0DJcJrAc8Mr2hIv8OLpgzBCzdOMWTGqR5nuUmAzgCGYBhYAM2XZwVxo9JG/iz7 oYKysmNQnskFx0TRyW3UOkDWcfHcPnCL6Y7fGzZWinmsyjsg47k+mKZg/e8jqlwTAMO PYKkt5pBz7SM0= Also my mail.err file shows Feb 28 12:17:03 ivineet dkim-filter[32181]: 1F788530E1: no signature data Feb 28 12:18:02 ivineet dkim-filter[32181]: 432BA530E2: no signature data How to fix it

    Read the article

  • Squid causing websocket issues

    - by Kvad
    I am running squid 2.x. When trying to use websockets in my web application I get the following in my squid logs 13/Jun/2012:10:05:08 +1000 558 192.168.19.76 TCP_MISS/100 199 POST http://api.pusherapp.com/apps/21932/channels/2830b5dd-e75b-4788-ae4a-6da903460d22/events? - DIRECT/107.22.252.43 - TCP_MISS/100 indicates that the service is returning the wrong thing from what I can see. What can I do to fix this?

    Read the article

  • Can't Copy to Clipboard from Vim

    - by maksim
    I'm running Vim 7.3 under Linux Mint 13 (using MATE) and I'm not able to save text to the system clipboard. I run Vim in the terminal and copy text from the terminal with CTRLINSERT. When I select text in Vim (either with the mouse or in visual mode), CTRLINSERT doesn't copy any text. In addition when I right-click, Copy is grayed out. Further, I can't write to the system buffer by yanking to the corresponding register using vim commands. However, I'm able to paste while in insert mode (using SHIFTINSERT or right-click paste). I'm also able to copy text directly from the terminal using the same technique, just not text from Vim. Here is my current ~/.vimrc. The relevant part is most likely set clipboard=autoselect,unnamed,exclude:cons\|linux. If I put finish at the top of my ~/.vimrc, I have the same issue, so I think the line is wrong, but I've tried set clipboard=unnamed and had the same behavior. Could there be another config file affecting Vim's behavior? How can I change my ~/.vimrc to allow me to copy text from Vim?

    Read the article

  • libcrypto.so.0.9.8: could not read symbols: Invalid operation

    - by Doug
    Trying to make PHP 5.4.4 with various extensions (I know you can apt-get this, but I need to do it because I have a new installation of Apache 2.4.2 which isn't available via repos). However, I am stuck and I don't know what this error means. /usr/bin/ld: ext/curl/.libs/interface.o: undefined reference to symbol 'CRYPTO_set_id_callback@@OPENSSL_0.9.8' /usr/bin/ld: note: 'CRYPTO_set_id_callback@@OPENSSL_0.9.8' is defined in DSO /usr/lib/libcrypto.so.0.9.8 so try adding it to the linker command line /usr/lib/libcrypto.so.0.9.8: could not read symbols: Invalid operation collect2: ld returned 1 exit status make: *** [sapi/cli/php] Error 1

    Read the article

  • Samba Server Make Multiple User Permissions Profiles

    - by Scriptonaut
    I have a Samba file server running, and I was wondering how I could make multiple user accounts that have different permissions. For example, at the moment I have a user, smbusr, but when I ssh to the share, I can read, write, execute, and even navigate out of the samba directory and do stuff on the actual computer. This is bad because I want to be able to give out my IP so friends/family can use the server, but I don't want them to be able to do just anything. I want to lock the user in the samba share directory(and all the sub directories). Eventually I would like several profiles such as (smbusr_R, smbusr_RW, smbguest_R, smbguest_RW). I also have a second question related to this, is SSH the best method to connect from other unix machines? What about VPN? Or simply mounting like this: mount -t ext3 -o user=username //ipaddr/share /mnt/mountpoint Is that mounting command above the same thing as a vpn? This is really confusing me. Thanks for the help guys, let me know if you need to see any files, or need anymore information.

    Read the article

  • Samba Server Make Multiple User Permissions Profiles

    - by Scriptonaut
    I have a Samba file server running, and I was wondering how I could make multiple user accounts that have different permissions. For example, at the moment I have a user, smbusr, but when I ssh to the share, I can read, write, execute, and even navigate out of the samba directory and do stuff on the actual computer. This is bad because I want to be able to give out my IP so friends/family can use the server, but I don't want them to be able to do just anything. I want to lock the user in the samba share directory(and all the sub directories). Eventually I would like several profiles such as (smbusr_R, smbusr_RW, smbguest_R, smbguest_RW). I also have a second question related to this, is SSH the best method to connect from other unix machines? What about VPN? Or simply mounting like this: mount -t ext3 -o user=username //ipaddr/share /mnt/mountpoint Is that mounting command above the same thing as a vpn? This is really confusing me. Thanks for the help guys, let me know if you need to see any files, or need anymore information.

    Read the article

  • which package i should choose, if i want to install virtualenv for python?

    - by hugemeow
    pip search just returns so many matches, i am confused about which package i should choose to install .. should i only install virtualenv? or i'd better also install virtualenv-commands and virtualenv-commands, etc, but i really don't know exactly what virtualenv-commands is ... mirror0@lab:~$ pip search virtualenv virtualenvwrapper - Enhancements to virtualenv virtualenv - Virtual Python Environment builder veh - virtualenv for hg pyutilib.virtualenv - PyUtilib utility for building custom virtualenv bootstrap scripts. envbuilder - A package for automatic generation of virtualenvs virtstrap-core - A bootstrapping mechanism for virtualenv+pip and shell scripts tox - virtualenv-based automation of test activities virtualenvwrapper-win - Port of Doug Hellmann's virtualenvwrapper to Windows batch scripts everyapp.bootstrap - Enhanced virtualenv bootstrap script creation. orb - pip/virtualenv shell script wrapper monupco-virtualenv-python - monupco.com registration agent for stand-alone Python virtualenv applications virtualenvwrapper-powershell - Enhancements to virtualenv (for Windows). A clone of Doug Hellmann's virtualenvwrapper RVirtualEnv - relocatable python virtual environment virtualenv-clone - script to clone virtualenvs. virtualenvcontext - switch virtualenvs with a python context manager lessrb - Wrapper for ruby less so that it's in a virtualenv. carton - make self-extracting virtualenvs virtualenv5 - Virtual Python 3 Environment builder clever-alexis - Clever redhead girl that builds and packs Python project with Virtualenv into rpm, deb, etc. kforgeinstall - Virtualenv bootstrap script for KForge pypyenv - Install PyPy in virtualenv virtualenv-distribute - Virtual Python Environment builder virtualenvwrapper.project - virtualenvwrapper plugin to manage a project work directory virtualenv-commands - Additional commands for virtualenv. rjm.recipe.venv - zc.buildout recipe to turn the entire buildout tree into a virtualenv virtualenvwrapper.bitbucket - virtualenvwrapper plugin to manage a project work directory based on a BitBucket repository tg_bootstrap - Bootstrap a TurboGears app in a VirtualEnv django-env - Automaticly manages virtualenv for django project virtual-node - Install node.js into your virtualenv django-environment - A plugin for virtualenvwrapper that makes setting up and creating new Django environments easier. vip - vip is a simple library that makes your python aware of existing virtualenv underneath. virtualenvwrapper.django - virtualenvwrapper plugin to create a Django project work directory terrarium - Package and ship relocatable python virtualenvs venv_dependencies - Easy to install any dependencies in a virtualenviroment(without making symlinks by hand and etc...) virtualenv-sh - Convenient shell interface to virtualenv virtualenvwrapper.github - Plugin for virtualenvwrapper to automatically create projects based on github repositories. virtualenvwrapper.configvar - Plugin for virtualenvwrapper to automatically export config vars found in your project level .env file. virtualenvwrapper-emacs-desktop - virtualenvwrapper plugin to control emacs desktop mode bootstrapper - Bootstrap Python projects with virtualenv and pip. virtualenv3 - Obsolete fork of virtualenv isotoma.depends.zope2_13_8 - Running zope in a virtualenv virtual-less - Install lessc into your virtualenv virtualenvwrapper.tmpenv - Temporary virtualenvs are automatically deleted when deactivated isotoma.plone.heroku - Tooling for running Plone on heroku in a virtualenv gae-virtualenv - Using virtualenv with zipimport on Google App Engine pinvenv - VirtualEnv plugins for pin isotoma.depends.plone4_1 - Running plone in a virtualenv virtualenv-tools - A set of tools for virtualenv virtualenvwrapper.npm - Plugin for virtualenvwrapper to automatically encapsulate inside the virtual environment any npm installed globaly when the venv is activated d51.django.virtualenv.test_runner - Simple package for running isolated Django tests from within virtualenv difio-virtualenv-python - Difio registration agent for stand-alone Python virtualenv applications VirtualEnvManager - A package to manage various virtual environments. virtualenvwrapper.gem - Plugin for virtualenvwrapper to automatically encapsulate inside the virtual environment any gems installed when the venv is activated

    Read the article

  • Config Server Firewall: Spamming my email | lfd on localhost: Suspicious process running under user www-data

    - by Henry Hoggard
    I have just installed and configured CSF and I am getting 100s of spam emails containing this message. lfd on localhost: Suspicious process running under user www-data Time: Wed May 23 01:05:52 2012 +0200 PID: 8503 Account: www-data Uptime: 118 seconds Executable: /usr/lib/apache2/mpm-prefork/apache2 Command Line (often faked in exploits): /usr/sbin/apache2 -k start Network connections by the process (if any): tcp6: 0.0.0.0:80 -> 0.0.0.0:0 Files open by the process (if any): Does anyone know how to fix?

    Read the article

  • How to setup squid only cache specific domains?

    - by ???
    For example, I want squid to cache HTTP contents only for *.archive.ubuntu.com, which is blocked by firewall, and don't cache for other domains. And, only LAN (192.168.0.0/16) users can access the cached contents, but all users are allowed to access non-cached contents. User-IP Dest-Domain acl Expect ---------------- ----------------------- ------ ------------------------- 192.168.0.0/16 *.archive.ubuntu.com allow Cache Proxy, Fast 192.168.0.0/16 *.other allow Pass Proxy, Slow Other * allow Pass Proxy, Slow

    Read the article

  • Potential issues to consider when using debootstrap for different Ubuntu distros

    - by BrainCore
    We currently run Lucid on top of Xen. Using debootstrap, we have created many jailed environments for Lucid (10.04), Maverick (10.10) and Natty (11.04). We're considering creating an Oneiric environment as well. However, we're beginning to wonder what the consequences of doing so are. What incompatibilities should we watch out for? The Lucid base runs on the 2.6.32 Kernel, and happens to be running on Amazon EC2 (Xen). We realize that Oneiric when installed from scratch comes with the 3.0 Kernel. Also, if we were to upgrade the Lucid base to Oneiric (including the Kernel), what would we have to watch out for to ensure that the Lucid, Maverick, and Natty jailed environments still work fine?

    Read the article

  • Does Ubuntu 11.10 include MySQL 5.5?

    - by Jiho Kang
    I was told that Ubuntu 11.10 comes with MySQL 5.5 but it doesn't show up in the cache search. Did it not make it in to the latest release? root@ubuntu:/etc# cat lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=11.10 DISTRIB_CODENAME=oneiric DISTRIB_DESCRIPTION="Ubuntu 11.10" root@ubuntu:/etc# apt-cache search mysql-server mysql-server - MySQL database server (metapackage depending on the latest version) mysql-server-5.1 - MySQL database server binaries and system database setup mysql-server-core-5.1 - MySQL database server binaries auth2db - Powerful and eye-candy IDS logger, log viewer and alert generator cacti - Frontend to rrdtool for monitoring systems and services mysql-cluster-server - MySQL database server (metapackage depending on the latest version) mysql-cluster-server-5.1 - MySQL database server binaries torrentflux - web based, feature-rich BitTorrent download manager

    Read the article

  • Redirect example.com to www.example.com VPS & Apache2

    - by Thomas Buckley
    I have a VPS and a domain name registered with the provider. When I enter www.example.com my site is displayed correctly, but entering example.com does not work. I am able to ping www.example.com. I added the following line to my apache2 default vhosts file: ServerName example.com ServerAlias www.example.com But this did not work. The VPS is a Debian5 OS. Any ideas? Note: There is no option via a provided control panel to add this, it's a basic package I purchased I know this post answers it but there are no extra comments and I'd like to know if it's the best way: way to redirect page to www using virtual host configuration in sites-available for apache2? Thanks

    Read the article

  • How to create a Linux user without a password but being able to set it?

    - by Leonid Shevtsov
    I have a username and an SSH key for a (hypothetical) guy and I need to give him admin access to a Linux (Ubuntu) server. I want him to be able to log in via SSH and then set his password by himself over a secure connection, instead of passing the password around. I know how to make the password expire and force him to reset it on first login. But this doesn't work unless he has some password already, which I then have to tell him. I thought about making the password blank - SSH wouldn't allow login, but then anyone can su into the user. My question is, is there some best practice to creating accounts in such a way? Or setting a default password is unavoidable?

    Read the article

  • Static route in conflict with a default route

    - by Ossan Sokiv
    Hi guys, I have a default route configured. 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.1 I'd like to add a static route to pass traffic destined for 192.168.1.51 via a load balancer's redundant virtual interface at 192.168.1.2. ip route add 192.168.1.51 mask 255.255.255.255 via 192.168.1.2 When I try to add the static route I get this error. Error: either "to" is duplicate or "default" is garbage." It doesn't want to add the static route because it's in conflict with the default route. Is there a way around this? Regards Ossan

    Read the article

  • Can't get Passwordless (SSH provided) SFTP working

    - by Shoaibi
    I have chrooted sftp setup as below. # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin without-password StrictModes yes AllowGroups admins clients RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* #Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes Subsystem sftp internal-sftp Match group clients ChrootDirectory /var/chroot-home X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp a dummy user root:~# tail -n1 /etc/passwd david:x:1000:1001::/david:/bin/sh Now in this case david can sftp using say filezilla client and he is chrooted to /var/chroot-home/david/. But what if i was to setup a passwordless auth? I have tried pasting his key in /var/chroot-home/david/.ssh/authorized_keys but no use, tried ssh'ing as david to the box and it just stops at "debug1: Sending env LC_CTYPE = C" after i supply it password and there is nothing shown in auth.log, may be because it can't find the homedir. If i do "su - david" as root i see "No directory, logging in with HOME=/" which makes sense. Symlink doesn't help either. I have also tried with: Match group clients ChrootDirectory /var/chroot-home/%u X11Forwarding no AllowTcpForwarding no ForceCommand internal-sftp a dummy user root:~# tail -n1 /etc/passwd david:x:1000:1001::/var/chroot-home/david:/bin/sh This way if i don't change /var/chroot-home/david to root:root sshd complains about bad ownership or permission modes, and if i do, david can no longer upload/delete anything directly in his home while using sftp from filezilla.

    Read the article

  • What is the simplest way to build your own .deb package?

    - by Calvin Fisher
    Having used Ubuntu for several years now, I've assembled a short list of scripts and packages that I always install on my computers. I would like to pack them up into a .deb to make it easier to get set up on a fresh OS installation. I'm imagining, for instance, one package that would install all of my custom BASH scripts that I've made for common tasks, and another one that would depend on other packages (like w64codecs) that I always install but forget that I need to until I go to do something and it's not there. It doesn't even have to be by-the-book; I'm not looking to deploy these publicly. I'm just looking to roll up all these tasks into one sudo dpkg --install. To quantify "simple" or "easy," I mean to say that I'm looking for the method with the fewest steps requiring the least technical knowledge and, most importantly, taking the least time.

    Read the article

  • Using DNS in iproute2

    - by Oliver
    In my setup I can redirect the default gateway based on the source address. Let's say a user is connected through tun0 (10.2.0.0/16) is redirect to another vpn. That works fine! ip rule add from 10.2.0.10 lookup vpn1 In a second rule I redirect the default gateway to another gateway if the user access a certain ip adress: ip rule add from 10.2.0.10 to 94.142.154.71 lookup vpn2 If I access the page on 94.142.154.71 (myip.is) the user is correctly routed and I can see the ip of the second vpn. On any other pages the ip address of vpn1 is shown. But how do I tell iproute2 that all request at e. g. google.com should be redirected through vpn2?

    Read the article

  • Generating a record of the full(-ish) package management state

    - by intuited
    I'm about to make some system changes and I'd like to have a record of my current happy system state. Is there a convenient way to create a record of this? I'd like to keep track of info like currently installed packages and their versions which packages are pinned at what version which source (as in /etc/apt/sources.list) they were installed from whether they were installed directly or automatically installed as a dependency of a different package "unknown unknowns": ie stuff that I don't know that I should be keeping track of but which may be important when trying to figure out why something doesn't work In short, I'd like to keep as much of the aptitude database as possible. What's the best way to do this? It would be nice if the resulting records were easily readable, though this is not really essential. It would be extra nice if it were readily versionable through an SCM tool like git. There is a superuser question that partially answers this, but it only provides the list of currently installed packages.

    Read the article

  • Generating a record of the full(-ish) package management state

    - by intuited
    I'm about to make some system changes and I'd like to have a record of my current happy system state. Is there a convenient way to create a record of this? I'd like to keep track of info like currently installed packages and their versions which packages are pinned at what version which source (as in /etc/apt/sources.list) they were installed from whether they were installed directly or automatically installed as a dependency of a different package "unknown unknowns": ie stuff that I don't know that I should be keeping track of but which may be important when trying to figure out why something doesn't work In short, I'd like to keep as much of the aptitude database as possible. What's the best way to do this? It would be nice if the resulting records were easily readable, though this is not really essential. It would be extra nice if it were readily versionable through an SCM tool like git. There is a superuser question that partially answers this, but it only provides the list of currently installed packages.

    Read the article

  • Gateway on a virtual network interface used by LXC guests

    - by linkdd
    I'm currently having some problems with configuring a gateway for a virtual network interface. Here is what I've done : I created a virtual network interface : # brctl addbr lxc0 # brctl setfd lxc0 0 # ifconfig lxc0 192.168.0.1 promisc up # route add -net default gw 192.168.0.1 lxc0 The output of ifconfig gave me what I wanted : lxc0 Link encap:Ethernet HWaddr 22:4f:e4:40:89:bb inet adr:192.168.0.1 Bcast:192.168.0.255 Masque:255.255.255.0 adr inet6: fe80::88cf:d4ff:fe47:3b6b/64 Scope:Lien UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1 RX packets:623 errors:0 dropped:0 overruns:0 frame:0 TX packets:7412 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 lg file transmission:0 RX bytes:50329 (49.1 KiB) TX bytes:335738 (327.8 KiB) I configured dnsmasq to provide a DNS server (using the default : 192.168.1.1) and a DHCP server. Then, my LXC guest is configured like this : lxc.network.type=veth lxc.network.link=lxc0 lxc.network.flags=up Every thing is working perfectly, my containers have an IP (192.168.0.57 and 192.168.0.98). I can ping the host and the containers from the containers and from the host : (host)# ping -c 3 192.168.0.114 PING 192.168.0.114 (192.168.0.114) 56(84) bytes of data. 64 bytes from 192.168.0.114: icmp_req=1 ttl=64 time=0.044 ms 64 bytes from 192.168.0.114: icmp_req=2 ttl=64 time=0.038 ms 64 bytes from 192.168.0.114: icmp_req=3 ttl=64 time=0.043 ms --- 192.168.0.114 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.038/0.041/0.044/0.007 ms (guest)# ping -c 3 192.168.0.1 PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. 64 bytes from 192.168.0.1: icmp_req=1 ttl=64 time=0.048 ms 64 bytes from 192.168.0.1: icmp_req=2 ttl=64 time=0.042 ms 64 bytes from 192.168.0.1: icmp_req=3 ttl=64 time=0.042 ms --- 192.168.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1999ms rtt min/avg/max/mdev = 0.042/0.044/0.048/0.003 ms Now, it's time to configure the host as a gateway for the network 192.168.0.0/24 : #!/bin/sh # Clear rules iptables -F iptables -t nat -F iptables -t mangle -F iptables -X iptables -A FORWARD -i lxc0 -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o lxc0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE echo 1 > /proc/sys/net/ipv4/ip_forward The final test failed completely, ping the outside : (guest)# ping -c 3 google.fr PING google.fr (173.194.67.94) 56(84) bytes of data. From 192.168.0.1: icmp_seq=3 Redirect Host(New nexthop: wi-in-f94.1e100.net (173.194.67.94)) From 192.168.0.1 icmp_seq=1 Destination Host Unreachable From 192.168.0.1 icmp_seq=2 Destination Host Unreachable From 192.168.0.1 icmp_seq=3 Destination Host Unreachable --- google.fr ping statistics --- 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 2017ms Did I missed something ?

    Read the article

  • Iptables -gw parameter

    - by schoen
    I want to copy tcp traffic. i want to use these commands " iptables -A PREROUTING -t mangle -p tcp --dport 7 -j ROUTE --gw 1.2.3.4 --tee iptables -A POSTROUTING -t mangle -p tcp --sport 7 -j ROUTE --gw 1.2.3.4 --tee" like stated here http://stackoverflow.com/questions/7247668/duplicate-tcp-traffic-with-a-proxy but iptables keeps telling me "iptables v1.4.8: unknown option '--gw'" What can I do to fix this? With Kind Regards

    Read the article

< Previous Page | 45 46 47 48 49 50 51 52 53 54 55 56  | Next Page >