Search Results

Search found 7159 results on 287 pages for 'forward compatibility'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 49/287 | < Previous Page | 45 46 47 48 49 50 51 52 53 54 55 56  | Next Page >

  • Repelling a rigidbody in the direction an object is rotating

    - by ndg
    Working in Unity, I have a game object which I rotate each frame, like so: void Update() { transform.Rotate(new Vector3(0, 1, 0) * speed * Time.deltaTime); } However, I'm running into problems when it comes to applying a force to rigidbodies that collide with this game objects sphere collider. The effect I'm hoping to achieve is that objects which touch the collider are thrown in roughly the same direction as the object is rotating. To do this, I've tried the following: Vector3 force = ((transform.localRotation * Vector3.forward) * 2000) * Time.deltaTime; collision.gameObject.rigidbody.AddForce(force, ForceMode.Impulse); Unfortunately this doesn't always match the rotation of the object. To debug the issue, I wrote a simple OnDrawGizmos script, which (strangely) appears to draw the line correctly oriented to the rotation. void OnDrawGizmos() { Vector3 pos = transform.position + ((transform.localRotation * Vector3.forward) * 2); Debug.DrawLine(transform.position, pos, Color.red); } You can see the result of the OnDrawGizmos function below: What am I doing wrong?

    Read the article

  • How to implement time traveling into a game?

    - by Billy
    I was wondering how to implement time travel into a game. Nothing super complex, just time-reversal like what's in Braid, where the user can rewind/fast forward time by 30 seconds or whatever. I searched around the web a lot, but my results usually referred to using time as in like "it's 3:00" or a timer and such. The only thing I could think of was using 2 arrays, one for the player's x position and the other for the player's y position, and then iterating through those arrays and placing the character at that position as they rewind/fast forward time. Could that work? If it would work, how large would the array have to be and how often should I store the player's x and y? If it doesn't work, what else could I try? Thanks in advance!

    Read the article

  • Play Framework Plugin for NetBeans IDE (Part 2)

    - by Geertjan
    After I published part 1 of this series, the first external contribution (i.e., not by me) to the NetBeans plugin for Play Framework 2 was committed today. Yann D'Isanto added support for creating new Play projects: That completely solves a problem I was working on, in a different way altogether. I was working on creating a new wizard that would call "play new" on the command line and pass into the command line the entered name and application type (1 for Java and 2 for Scala). However, Yann's solution is better, at least in the sense in that it works, as opposed to mine which didn't, because of problems I continually had with the command line, since one needs to press Enter multiple times on the Play command line when creating new projects, which I wasn't able to simulate in my new wizard. Yann's approach is simply to follow the approach taken in the Project Type Module Tutorial, which explains how to register a project sample in the IDE. I was inspired by Yann's contribution, especially when he mentioned that one needs to build Play projects on the command line. So, I added a new menu item on the right-click of a project for building Play projects, which simply passes "play compile" to the command line for the current project: Via the IDE's main menu bar, you can also Build and Run the application, though the code for the Clean function needs to be added still, which would be a cool thing for anyone out there to add, by using all the existing code and then passing "play clean compile" to the command line. Something else that Yann added is an Options Window extension, thanks to the Options Window Module Tutorial, for registering the Play installation, which is a step forward from my hard coded solution. I changed things slightly so that, when Build or Run are selected, without a Play installation being defined, the Options window opens, displaying the tab that Yann created, shown below. Notice that there's no Browse button, which would be a simple next step for anyone else to contribute. A small tip is to use the FileChooserBuilder from the NetBeans IDE APIs when working on the Browse button: Looking forward to more contributions to the Play Framework 2 plugin for NetBeans IDE. Just leave a message here with your ideas, with your java.net name, and then I'll add you to the project on java.net, where I very much look forward to your contributions: http://java.net/projects/nbplay/sources/nbplay

    Read the article

  • Crash/Instance Recovery?Media Recovery?????

    - by Liu Maclean(???)
    Crash/Instance Recovery?Media Recovery???????: Crash/Instance Recovery???????????????(incremental checkpoint)??apply redo??????????????????????????logfile switch checkpoint,?????????????????????,????crash/instance recovery???????????????????????(online redo logfile)? ????Media Recovery????????????apply redo??????,???????????????? ?????????????????,??RMAN?DBA(???????)?????????????????? Crash/Instance Recovery??????????????????????????? ?Oracle??????????????????????,??????????????? ??,??????????(incomplete recovery)?????(partial recovery)???,????????(db)??????????? Crash/Instance Recovery?Media Recovery??????: Crash/Instance Recovery?Media Recovery???????????(rolling forward),????????redo log?????? ???Crash/Instance Recovery??Media Recovery???,????????????????????,???????????????????????,????????????????????????? ????: ????????SMON??(?):Recover Dead transaction????Oracle????rolling forward(?)????????SMON??(?):Instance Recovery

    Read the article

  • Rotate Rigged and Animated Scene?

    - by Nick
    I have a rigged and animated mesh that I need to import into Unity. We several characters that all use the same script, and access their bones to do procedural animations as well. The problem is that the new model I was given is facing the wrong way. Instead of facing forward, the model is facing the right.. Is there any way to rotate the model with it's animations without screwing it up, so that it will import properly in unity facing forward? Because of the way it was done, selecting everything in the scene and just rotating it by 90 degrees ruins some of the animations, so I need a program that can fix this.

    Read the article

  • Operation times out trying to SSH outside LAN i.e. from internet to LAN no connection is established

    - by Pelle L
    I run Ubuntu 12.04 and have no success connecting with SSH from "Internet". The router is a TL-MR3420 which is set up to forward requests to one of the NIC's on ubuntu machine (which has in total 3 NICs). I can SSH from a client on the "local" network/LAN. The forward mechanism in the router seems to work. If I stop SSH service on the Ubuntu machine and instead start one on the windows machine - it works like a charm. I do not use the Std port 22 but that shouldn't be an issue as far as I understand - sine it works on the same port on the win machine. Since my public IS isn't static I use a dynDNS service but as said earlier the same setup works from the win machine. The router is located on 192.168.0.1 The Ubuntu NICs has the following IP: eth2 192.168.0.100 , eth1 192.168.0.101 , eth0 192.168.0.102 and I have forwarded the "outside" request to 192.168.0.100 In regards for firewall settings on the Ubuntu machine I have disabled the ufw and the command ufw status give status: inactive. I don't now it this is relevant information but teh command iptables --list give: Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination I have tried to catch traffic with help of wireshark (a tool I'm not too used to use) and it seems as a few (3?) "requests" actually reaches the NIC but ... nothing happens. The syslog does not show any entries during these attempts. Perhaps it could be some routing issues but I have reached my level of competence and are stuck ... all help and support to get this sorted out is much appreciated. I'm new to Linux so please do not assume I have a configuration that is correct - but as I wrote earlier - if the client that initiate SSH is on the LAN it all works. PS:I have also tried to get VPN (PPP) working from Internet with no success - once again VPN works on the windows machine ... so my best guess is that this is related to how the ubuntu machine handles (IP) traffic and not the TL-MR3420 router or other network issues.

    Read the article

  • Trouble setting up openVPN/VPN

    - by kkiller23
    I'm having trouble setting up a VPN on my VPS that's running Ubuntu 11.04. I'm been following this guide http://tipupdate.com/how-to-install-openvpn-on-ubuntu-vps/ I'm able to start the VPN, but the command it tell's me to do after I start the VPN doesn't work for me. I've tried it about 5 different way's and i'll show you what i get now. :~# iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables: No chain/target/match by that name. :~# iptables -A FORWARD state --state RELATED,ESTABLISHED -j ACCEPT Bad argument `state' Try `iptables -h' or 'iptables --help' for more information. I just can't get that to work and the VPN doesn't seem to be workign with out it. Can someone help me fix this?

    Read the article

  • Creating an OpenGL FPS camera: I have the position and orientation vectors, now what?

    - by Synthetix
    I have been struggling to create a first person camera in OpenGL ES 2.0 without using gluLookAt(). I grab the camera's orientation vectors (the way it's looking) from the current modelview matrix, and use that to calculate the new forward/backward (Z) translation value. I then calculate the strafe (X) value from the dot product of Z and Y (which is always 1.0). So, I have all the information I need to create a view matrix, but how do I do that without using gluLookAt? Almost all the examples I've seen use gluLookAt, but no such function exists in OpenGL ES 2.0. Besides, one of the moderators on cprogramming.com mentioned that gluLookAt is not appropriate for FPS cameras: http://cboard.cprogramming.com/game-programming/135390-how-properly-move-strafe-yaw-pitch-camera-opengl-glut-using-glulookat.html I am really confused by all the conflicting information I'm getting. I just want to create a first person camera that goes forward (W,S keys), side-to-side (A,D keys) and rotates around its center (Y axis only), Wolfenstein style. Any help on this would be much appreciated!

    Read the article

  • Code for Controlling the Bike in a bike game

    - by user1489257
    I'm new(ish) to Actionscript 3 and I was wondering what the code what would be like for controlling the bike in a game. I have a two main questions: Is Box2D the best physics engine to go with for this type of game? How would the animation of the bike work. Would I have to create a bike animation of the wheels moving and make it start and stop when the key to go forward is pressed. How would I go about it slowly stopping when the key to go forward is released? Thanks.

    Read the article

  • Creating my first F# program in my new &ldquo;Expert F# Book&rdquo;

    - by MarkPearl
    So I have a brief hour or so that I can dedicate today to reading my F# book. It’s a public holiday and my wife’s birthday and I have a ton of assignments for UNISA that I need to complete – but I just had to try something in F#. So I read chapter 1 – pretty much an introduction to the rest of the book – it looks good so far. Then I get to chapter 2, called “Getting Started with F# and .NET”. Great, there is a code sample on the first page of the chapter. So I open up VS2010 and create a new F# console project and type in the code which was meant to analyze a string for duplicate words… #light let wordCount text = let words = Split [' '] text let wordset = Set.ofList words let nWords = words.Length let nDups = words.Length - wordSet.Count (nWords, nDups) let showWordCount text = let nWords,nDups = wordCount text printfn "--> %d words in text" nWords printfn "--> %d duplicate words" nDups   So… bad start - VS does not like the “Split” method. It gives me an error message “The value constructor ‘Split’ is not defined”. It also doesn’t like wordSet.Count telling me that the “namespace or module ‘wordSet’ is not defined”. ??? So a bit of googling and it turns out that there was a bit of shuffling of libraries between the CTP of F# and the Beta 2 of F#. To have access to the Split function you need to download the F# PowerPack and hen reference it in your code… I download and install the powerpack and then add the reference to FSharp.Core and FSharp.PowerPack in my project. Still no luck! Some more googling and I get the suggestions I got were something like this…#r "FSharp.PowerPack.dll";; #r "FSharp.PowerPack.Compatibility.dll";; So I add the code above to the top of my Program.fs file and still no joy… I now get an error message saying… Error    1    #r directives may only occur in F# script files (extensions .fsx or .fsscript). Either move this code to a script file, add a '-r' compiler option for this reference or delimit the directive with '#if INTERACTIVE'/'#endif'. So what does that mean? If I put the code straight into the F# interactive it works – but I want to be able to use it in a project. The C# equivalent I would think would be the “Using” keyword. The #r doesn’t seem like it should be in the FSharp code. So I try what the compiler suggests by doing the following…#if INTERACTIVE #r "FSharp.PowerPack.dll";; #r "FSharp.PowerPack.Compatibility.dll";; #endif No luck, the Split method is still not recognized. So wait a second, it mentioned something about FSharp.PowerPack.Compatibility.dll – I haven’t added this as a reference to my project so I add it and remove the two lines of #r code. Partial success – the Split method is now recognized and not underlined, but wordSet.Count is still not working. I look at my code again and it was a case error – the original wordset was mistyped comapred to the wordSet. Some case correction and the compiler is no longer complaining. So the code now seems to work… listed below…#light let wordCount text = let words = String.split [' '] text let wordSet = Set.ofList words let nWords = words.Length let nDups = words.Length - wordSet.Count (nWords, nDups) let showWordCount text = let nWords,nDups = wordCount text printfn "--> %d words in text" nWords printfn "--> %d duplicate words" nDups  So recap – if I wanted to use the interactive compiler then I need to put the #r code. In my mind this is the equivalent of me adding the the references to my project. If however I want to use the powerpack in a project – I just need to make sure that the correct references are there. I feel like a noob once again!

    Read the article

  • Multiple authoritative DNS server on same IPv4 address

    - by Adrien Clerc
    I'd like to maintain a DNS tunnel on my self-hosted server at example.com. I also have a DNS server on it, which serves everything for example.com. I'm currently using dns2tcp for DNS tunneling, on the domain tunnel.example.com. NSD3 is used for serving authoritative zones, because it is both simple and secure. However, I have only one public IPv4 address, which means that NSD and dns2tcp can't listen on the same IP/port. So I'm currently using PowerDNS Recursor using the forward-zones parameter like this: forward-zones-recurse=tunnel.example.com=1.2.3.4:5354 forward-zones=example.com=1.2.3.4:5353 This enables request for authoritative zone to be asked to the correct server, as well as for tunnel requests. NSD is listening on port 5353 and dns2tcp on port 5354. However, this is bad, because the recursor needs to be open. And it actually answers to any recursive query. Do you have any solution for that? I really prefer a solution that doesn't involve setting up BIND, but if you are in the mood to convince me, don't hesitate to do so ;) EDIT: I change the title to be clearer.

    Read the article

  • How to setup equivalent USVIDEO.ORG DNS-Proxy on Linux

    - by Gary
    I have a VPS in the USA running Ubuntu. I want to setup something similar to http://www.usvideo.org Basically, USVIDEO is a DNS service that allows Canadians to access American content like Hulu, Netflix, NBC, and etc (restricted by geographical IP). Here is how I think USVideo does it: Clients (PS3, XBOX, PC) specifies the DNS server(s) as specified on USVIDEO.org's website. If the DNS request is a video/audio site such as Netflix or Pandora, forward the request to a proxy. Otherwise, for all other requests, forward it to a different DNS server. If the specific video/audio URL is requested, return the address of the proxy server, which in turn relays traffic to the destination video/audio domain via the U.S. gateway so that it appears that the access is coming from a U.S. IP address. Once the DNS request has passed the U.S. IP address check, their proxy server steps out of the loop and lets the video streaming site contact you directly to start the video stream. This trick relies on the way that the video streaming sites check the country of your IP address once up front, but don't actually check the country of the destination IP address while the video is streaming. What is elegant about this solution is that a VPN Tunnel is not required to bypass geographical IP checks from certain websites. All that is required on the client side is to specify the DNS server (the VPS). If a certain site is geographically locked, just forward the traffic to a proxy, and that's it. These sites can be specified in the DNS entries, or perhaps in the proxy service to redirect the DNS request to its own proxy. I believe what I need to setup something similar is Squid Proxy, IPTables, and DNS. What I need help is how to exactly approach this? Would Squid Proxy be setup as a transparent proxy?

    Read the article

  • Opening port 80 in router has no results

    - by Ricardo Pieper
    A friend of mine has a ADSL modem and I need to forward some ports. I have already forwarded the 1521 port (Oracle) and it's working fine. Now I need to forward the port 80. I already set up his IIS bindings to this port, and also forwarded the port like this video shows: https://www.youtube.com/watch?v=DLKD-fyexoo So I think I did everything correctly. The local IP address is also the same as the machine where the IIS server is running. I'm sorry, but I can't post images since i don't have 10 points :( Somehow I can't forward this port, yougetsignal.com keeps saying that the door is closed. When I try to open the port, the Control Panel says me that I have to access the control panel in the 8080 port, because the 80 port will be open. Ok, that's fine. But I'm still able to access it in the 80 port, and when I try to access it in the 8080 port, it doesn't work. I'm trying it with the TPLINK 8816, but I also tried to open it in the Opticom DsLink 279, and it didn't worked (using another machine), I got the exact same results. He has a dynamic IP address, but he is also using No-ip, so I can always access his Oracle database in a certain static address. The 1521 port is open. I also tried to disable the firewall in Windows, but that makes no sense to me, since the router doesn't really open the port 80. Clearly I'm missing something. I have never done it in my life, so I dont know how to proceed. Restarting the router was the first I did, no results. I'm accessing his laptop through TeamViewer, so I'm testing the port outside his local network. Edit: My ISP says that they allow to open ports, and the 1521 port is opened. What could I do to open the 80 port?

    Read the article

  • Permission / owner issue with pushing to git when editing directly from repo?

    - by Susan
    I have a web interface for deploying scripts from our repo at Github to our live server. The web interface just triggers a bash script with some git commands. If I make changes locally, push to repo, then run the bash script to pull from repo to live it works fine. However, if I make changes directly in the repo (via Github's web interface), I'm running into fast-forward / lock issues. These are the steps I'm taking: Make a change on a file at Github repo Run a bash script (as apache) via web from live server that attempts a git push / pull. Get these problems: PUSH To [email protected]:name/name.git ! [rejected] master - master (non-fast-forward) error: failed to push some refs to '[email protected]:name/name.git' To prevent you from losing history, non-fast-forward updates were rejected Merge the remote changes before pushing again. See the 'Note about fast-forwards' section of 'git push --help' for details. PULL From github.com:name/name branch master - FETCH_HEAD error: unable to unlink old 'includes/footer.inc' (Permission denied) Updating 8f6d922..d1eba9d Updating 8f6d922..d1eba9d SSH in as root, attempt a push / pull and it works fine. Ideas on why would this method not work from apache?

    Read the article

  • Simple options for port forwarding to a different port?

    - by Nick
    I have three network printers at our local office, all of which listen on port 9100. Non of them offer the option of changing the listening port. We have a single public static IP address, and access to our main network is through a Linksys WRT-54G. We need to be able to print to these printers from outside the office. The problem is, with the 54G, I can only forward a port to the SAME port on a particular IP address. What I really need though is a way to forward to an ip address and a DIFFERENT port. I need to do this: In port Destination 9100 192.168.1.1 : 9100 9101 192.168.1.2 : 9100 9102 192.168.1.3 : 9100 So I'm looking for options. I could setup an old computer with two network cards and IPtables I suppose, but that seems like a lot of overhead for something relatively simple. Is there a way a virtual machine (read: one network card) could do the advanced port forwarding? Where I forward all traffic to it, and it forwards it on to the right printer? Or what about those mini Linux distros that replace the WRT-54G's firmware? Do any of those support what I need "out of the box"? I have a spare WRT- could I make it an IP tables router? Recommendations for mini distros? Or is there an off-the-shelf product that does this (cheap/local preferred)? Any advice / options appreciated. Thanks!

    Read the article

  • How to route to a secondary interface on the same physical ethernet?

    - by sjose3612611
    INTERNET<->(wan)BRIDGED_DEVICE(lan)<->ETH_ROUTER<->LAN Problem: Need to access web server on BRIDGED_DEVICE's LAN from INTERNET via ROUTER (BRIDGED_DEVICE's web server cannot be accessed form INTERNET since it has no Public management IP). Cannot configure bridged device. It has a static IP on its LAN to which its web server binds. Attempt: Create a secondary/alias WAN Interface on ETH_ROUTER (e.g Primary: eth0.1 (for internet access) and Secondary: eth0.2 (for accessing web server on BRIDGED_DEVICE), (No VLANs). eth0.1 has a public IP; eth0.2 has a static private IP in the BRIDGED_DEVICE's subnet (e.g 10.0.X.Y). Iptables on ETH_ROUTER: Added a port forward (DNAT) from eth0.1 to eth0.2: iptables -t nat -I PREROUTING -i eth0.1 -p tcp --dport 80 -j DNAT --to-destination 10.0.X.Y iptables -t nat -I POSTROUTING -o eth0.2 -s 10.0.X.0/24 -j MASQUERADE Stateful firewall w/ overall drop policy on FORWARD chain, hence: iptables -I FORWARD -i eth0.1 -d 10.0.X.Y -p tcp --dport 80 -j ACCEPT Can ping from ETH_ROUTER to BRIDGED_DEVICE but unable to reach the web server from Internet. I see packet cont increasing for the DNAT rule but not sure where it disappears in the ETH_ROUTER after that. ETH_ROUTER is the only device that can be configured to achieve this. If familiar with this scenario, please suggest what I may be missing or doing wrong here or suggest techniques to debug?

    Read the article

  • Postfix unable to find local server

    - by Andrew
    I'm working with postfix on fedora 9 and I'm attempting to make some changes to a system setup by my predecessor. Currently the postfix server on [mail.ourdomain.com] is setup to forward mail sent to two addresses to another server for processing. The other server [www01.ourdomain.com] receives the email and sends it to a PHP script to be processed. Then that PHP script generates and sends a response to the user who sent the original email. We're adding more web servers to the system and as a result we've decided to move these processing scripts to our admin [admin.ourdomain.com] server to make them easier to keep track of. I've already setup and tested the processing scripts on [admin.ourdomain.com], and on the mail server doing the forwarding [mail.ourdomain.com] I added [admin.ourdomain.com] to /etc/hosts and also added another, aside from the one for [www01.ourdomain.com], entry to /etc/postfix/transport for [admin.ourdomain.com]. I also restarted postfix as well. I've tested the communication from [mail.ourdomain.com] to [admin.ourdomain.com] using telnet and the [admin.ourdomain.com] domain and everything runs correctly. But as soon as I change the forward address and attempt to send an email to the mail server I get a bounce message stating "Host or domain name not found. Name service error for name=admin.ourdomain.com type=A: Host not found". If I change the forward settings back to [www01.ourdomain.com] then everything works fine. Is there some setting I'm missing in Postfix? The server itself and telnet work fine it just seems to be postfix that's not able to discover the location of [admin.ourdomain.com].

    Read the article

  • IP-dependent local port-forwarding on Linux

    - by chronos
    I have configured my server's sshd to listen on a non-standard port 42. However, at work I am behind a firewall/proxy, which only allow outgoing connections to ports 21, 22, 80 and 443. Consequently, I cannot ssh to my server from work, which is bad. I do not want to return sshd to port 22. The idea is this: on my server, locally forward port 22 to port 42 if source IP is matching the external IP of my work's network. For clarity, let us assume that my server's IP is 169.1.1.1 (on eth1), and my work external IP is 169.250.250.250. For all IPs different from 169.250.250.250, my server should respond with an expected 'connection refused', as it does for a non-listening port. I'm very new to iptables. I have briefly looked through the long iptables manual and these related / relevant questions: http://serverfault.com/questions/57872/iptables-question-forwarding-port-x-to-an-ssh-port-of-different-machine-on-the-n http://serverfault.com/questions/140622/how-can-i-port-forward-with-iptables However, those questions deal with more complicated several-host scenarios, and it is not clear to me which tables and chains I should use for local port-forwarding, and if I should have 2 rules (for "question" and "answer" packets), or only 1 rule for "question" packets. So far I have only enabled forwarding via sysctl. I will start testing solutions tomorrow, and will appreciate pointers or maybe case-specific examples for implementing my simple scenario. Is the draft solution below correct? iptables -A INPUT [-m state] [-i eth1] --source 169.250.250.250 -p tcp --destination 169.1.1.1:42 --dport 22 --state NEW,ESTABLISHED,RELATED -j ACCEPT Should I use the mangle table instead of filter? And/or FORWARD chain instead of INPUT?

    Read the article

  • fail2ban block ports rules iptable

    - by J Spen
    I just installed Ubuntu Server 14.04 and don't have much experience with IPtables. I am trying to get a basic setup going where I only accept SSH connections on port 22 and 2222. I actually have that working with no problem using fail2ban ssh. Then I wanted to block all other ports except 423 and 4242 but either method of DROPing all connections that are not listed seems not to work and it blocks me out of everything. Below is the setup that works: -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N fail2ban-ssh -A INPUT -p tcp -m multiport --dports 22,2222 -j fail2ban-ssh -A fail2ban-ssh -j RETURN I tried to change it either to: -P INPUT DROP -P FORWARD ACCEPT -P OUTPUT ACCEPT -N fail2ban-ssh -A INPUT -p tcp -m multiport --dports 22,2222 -j fail2ban-ssh -A fail2ban-ssh -j RETURN or: -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N fail2ban-ssh -A INPUT -p tcp -m multiport --dports 22,2222 -j fail2ban-ssh -A INPUT -j DROP -A fail2ban-ssh -j RETURN I have noticed that the rules for fail2ban-ssh are automatically added to my iptables on boot because if I save them with iptables-persistant they are entered twice. How do I go about blocking everything accept those 2 ports using fail2ban? Is it a bad fail2ban configuration or do I need to add the fail2ban-ssh -j Return somewhere else in my code.

    Read the article

  • Routing table on Linux not respected

    - by MRHaarmann
    I have a very specific problem, building a Linux VPN endpoint (with external VPN Gateway), which should route certain networks over the tunnel, others via default gateway. The Linux VPN should do a NAT on the outgoing connections for the VPN peers. Setup is as following: Internet gateway LAN 192.168.25.1/24 VPN Gateway LAN 10.45.99.2/24 (VPN tunnel 10.45.99.1 to net 87.115.17.40/29, separate connection to Internet) Linux VPN Router eth0 192.168.25.71/24 eth0:503 10.45.99.1/24 Default 192.168.25.1 route to 87.115.17.40/29 via 10.45.99.2 (send_redirects disabled, ip_forward enabled) Linux clients (multiple): eth0 192.168.25.x/24 Default 192.168.25.1 route to 87.115.17.40/29 via 192.168.25.71 Ping to the machines via tunnel from the VPN Router is working. Now I want to establish a routing from my clients over the VPN gateway and the client packet gets routed to 192.168.25.1 ! traceroute output shows the packets get routed to 192.168.25.71, but then to 192.168.25.1. So the route is not respected in forward ! IPTables and Routing: ip route show 87.115.17.40/29 via 10.45.99.2 dev eth0 10.45.99.0/24 dev eth0 proto kernel scope link src 10.45.99.1 192.168.25.0/24 dev eth0 proto kernel scope link src 192.168.25.71 default via 192.168.25.1 dev eth0 iptables -A INPUT -i eth0:503 -j REJECT iptables -t nat -A POSTROUTING -o eth0:503 -j MASQUERADE iptables -A FORWARD -i eth0:503 -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 192.168.25.0/24 -o eth0:503 -j ACCEPT So what is wrong with my setup ? The route is chosen correctly from localhost, but all the clients get forwarded to the Internet GW. thanks for helping, Marcus

    Read the article

  • iptables -- OK, **now** am I doing it right?

    - by Agvorth
    This is a follow up to a previous question where I asked whether my iptables config is correct. CentOS 5.3 system. Intended result: block everything except ping, ssh, Apache, and SSL. Based on xenoterracide's advice and the other responses to the question (thanks guys), I created this script: # Establish a clean slate iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F # Flush all rules iptables -X # Delete all chains # Disable routing. Drop packets if they reach the end of the chain. iptables -P FORWARD DROP # Drop all packets with a bad state iptables -A INPUT -m state --state INVALID -j DROP # Accept any packets that have something to do with ones we've sent on outbound iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Accept any packets coming or going on localhost (this can be very important) iptables -A INPUT -i lo -j ACCEPT # Accept ICMP iptables -A INPUT -p icmp -j ACCEPT # Allow ssh iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Allow httpd iptables -A INPUT -p tcp --dport 80 -j ACCEPT # Allow SSL iptables -A INPUT -p tcp --dport 443 -j ACCEPT # Block all other traffic iptables -A INPUT -j DROP Now when I list the rules I get... # iptables -L -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DROP all -- any any anywhere anywhere state INVALID 9 612 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT all -- lo any anywhere anywhere 0 0 ACCEPT icmp -- any any anywhere anywhere 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:ssh 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:http 0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:https 0 0 DROP all -- any any anywhere anywhere Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 5 packets, 644 bytes) pkts bytes target prot opt in out source destination I ran it and I can still log in, so that's good. Anyone notice anything major out of wack?

    Read the article

  • Network structure --> Server 2k8r2 <--> Livebox <--> Router <--> Other PCs

    - by Yusuf
    I have a Livebox connection to the Internet and I have set up my network as follows: - Livebox <--> Win2k8R2 Server - Livebox <--> Netgear N150 Router - Router <--> Other PCs Therefore, in my LAN, - the Livebox has IP address 192.168.1.1, - the Router 192.168.1.12 (when accessed from the Livebox or the server), - the Router 10.0.0.1 (when accessed from the PCs connected to the Router), - the server 192.168.1.2, - the PCs 10.0.0.x I was using a previous configuration, which was as follows: - Livebox <--> Netgear N150 Router - Router <--> Win2k8R2 Server - Router <--> Other PCs Everything was simple, and I just had to forward all ports for incoming connection on the Livebox to the Router, and then forward the specific ports to the Server as needed (it must be however noted that any server I use is found on the Win2k8R2 server itself). In this previous configuration, the IP addresses were as follows: - Livebox 192.168.1.1 - Router 192.168.1.12 (when seen from Livebox) - Router 10.0.0.1 (when seen from server & PCs connected to it) - Server 10.0.0.2 - PCs 10.0.0.x So now of course, my port-forwarding does not work anymore since the server is not connected (directly) to the Router. What I would like to know is how do I configure the Livebox and Router to still have the features like before? From what I understand of networks (which is very limited, btw), I see these options: Make the router assign IPs like 192.168.1.x (but then I want the forwarding to be done from the router itself, is it possible?) The forwarding on the router to the server uses IP address 10.0.0.2. I could change it to 192.168.1.2 (Is that even possible, does it work?) Forward all ports from the Livebox itself to the server, and then manage them there (Is software-based port-forwarding as secure as hardware-based?)

    Read the article

  • Problems forwarding port 3306 on iptables with CentOS

    - by BoDiE2003
    Im trying to add a forward to the mysql server at 200.58.126.52 to allow the access from 200.58.125.39, and Im using the following rules (its my whole iptables of the VPS of my hosting). I can connect locally at the server that holds the mysql service as localhost, but not from outside. Can someone check if the following rules are fine? Thank you # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 200.58.125.39 --dport 3306 -j ACCEPT -A INPUT -p tcp -s 200.58.125.39 --sport 1024:65535 -d localhost --dport 3306 -m state --state NEW,ESTABLISHED -j ACCEPT -A OUTPUT -p tcp -s localhost --sport 3306 -d 200.58.125.39 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT COMMIT And this is the output of the connection trial. [root@qwhosti /home/qwhosti/public_html/admin/config] # mysql -u user_db -p -h 200.58.126.52 Enter password: ERROR 2003 (HY000): Can't connect to MySQL server on '200.58.126.52' (113)

    Read the article

  • Duplicate forwarded messages in Blackberry when using BIS

    - by Avery Payne
    Our Setup External email arrives at a Postfix server, is scanned, and then forwarded via settings in transport (using the RELAY:[{ip-address}] for a given address) to an Exchange 2007 server. Some users are on Exchange, but a few are still on the Postfix server (they will be moved in the near future). IMAPS is provided for external connections via Dovecot; in-house, IMAP is provided for the Gateway and native MAPI is used for Exchange/Outlook. Blackberries are connected via BIS, which uses Dovecot as a reverse-proxy IMAPS service to connect to Exchange (when the mailbox exists on Exchange, otherwise it connects to the mailbox on the gateway). The Issue We have a user that, when they forward an email on their Outlook client, they get a duplicate of the original message on their Blackberry. When I say duplicate, I mean that they have a copy of the forwarded version of the message (i.e. their version of the message that they obtained hitting the forward button), and a copy of the original message that shows up at the same time. The expected behavior is to just see the forwarded message, not the forwarded message and a 2nd copy of the original message. We've only seen this with Outlook users that also have a Blackberry. Other IMAP clients, such as OS X Mail or Thunderbird, do not exhibit this behavior when connecting to the Exchange server; forwarded messages work as expected. The Questions what is causing this to happen? why does it only affect Outlook/Blackberry setups, and not TBird/Blackberry or OSX-Mail/Blackberry? how do we get it to stop, before people go insane and never forward messages again?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 45 46 47 48 49 50 51 52 53 54 55 56  | Next Page >