Search Results

Search found 5203 results on 209 pages for 'rules of thumb'.

Page 50/209 | < Previous Page | 46 47 48 49 50 51 52 53 54 55 56 57  | Next Page >

• How to drop all subnets outside of the US using iptables

  - by Jim

  I want to block all subnets outside the US. I've made a script that has all of the US subnets in it. I want to disallow or DROP all but my list. Can someone give me an example of how I can start by denying everything? This is the output from -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ftp state NEW DROP icmp -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination And these are the rules iptables --F iptables --policy INPUT DROP iptables --policy FORWARD DROP iptables --policy OUTPUT ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp -i eth0 --dport 21 -m state --state NEW -j ACCEPT iptables -A INPUT -p icmp -j DROP Just for clarity, with these rules, I can still connect to port 21 without my subnet list. I want to block ALL subnets and just open those inside the US.

  Read the article

• linux audit - exclude a process that updates the time

  - by user185704

  I have set my auditd rules to log when the system time is changed However, our servers are VMs and thus have problems with the time drifting out. We needed to solve this issue so we used a VMware tool to regularly synchronize the time. My problem now is that my audit logs are overwhelmed with time change entries like this: Jun 1 15:08:39 ***** audispd: node=****** type=SYSCALL msg=audit(1338559719.053:344291): arch=c000003e syscall=159 success=yes exit=5 a0=7ffff2084050 a1=0 a2=144b a3=485449575f4c4c55 items=0 ppid=1 pid=1348 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="vmtoolsd" exe="/usr/lib/vmware-tools/bin64/appLoader" key="time_change" How can I exclude this vmware tool from the audit, but still capture a user changing the time? Here are my current audit rules to capture time changes: -a always,exit -F arch=b32 -S adjtimex -S settimeofday -k time_change -a always,exit -F arch=b32 -S clock_settime -k time_change

  Read the article

• Getting hardware floating point with android NDK

  - by Goz

  Hi All, I've begun playing with the android NDK. One of the things I've just learnt is about creating an application.mk file to specify the armv7 abi. I'm building the san-angeles example with the following parameters. APP_MODULES := sanangeles APP_PROJECT_PATH := $(call my-dir)/../ APP_OPTIM := release APP_ABI := armeabi-v7a However this seems to run at exactly the same speed as it did before (ie badly). Am I just GL limited and not CPU limited or is something wrong here? I have noticed when I compile that I get the following command line options emitted: -march=armv7-a -mfloat-abi=softfp -mfpu=vfp -mthumb The thing that worries me there is the "softfp". There IS mention of the v7 abi, the VFP fpu stuff and I'm guessing the "thumb" refers to the "thumb-2" instructions (Though I don't know what exactly these are). However that "softfp" does concern me. Shouldn't it be "hardfp"? Anyone got any ideas on these questions? I think I'm probably about ready to start implementing some GL ES 2.0 code for my HTC Desire but I'd like to make sure I'm getting the best possible speed out of it :) Cheers in advance!

  Read the article

• Rate-Limit affects All clients or single IP?

  - by Asad Moeen

  Well up-til now I've considered iptables rate-limit commands with the "recent" module to work for each IP Address. For example rate-limit rule of 20k/s will trigger only if a single IP exceeds 20k/s rate and not if 4 different IPs exceed 5k/s rate. Please correct me if I considered this wrong as I've only used these rules for TCP/ UDP. But today I tried similar rules for ICMP and applied 4/s Input/Output. But then on trying to ping-test from just-ping.com I could see packet loss on almost all IP Addresses. How could that happen because if it worked for each IP Address then it wouldn't be triggering the rule because I believe each IP from just-ping has a rate of probably 1/s. I still think the first one is true because if it wasn't then my GameServer would block everyone if the combined rate ( in case of more connected players ) increased the threshold. This hasn't happened up til now so the ICMP thing really confused me. Thank you.

  Read the article

• sorl-thumbnail unit tests fail by 1 pixel (!)

  - by stevejalim

  Hi I'm using sorl-thumbnail in a Django 1.2 (currently 1.2 RC) project and getting a surprising failure of four of sorl's built-in unit tests. Essentially, the resized images are all 1px shorter than the unit tests expect them to be. See below for details I'm developing on OSX 10.5.8 (not Snow Leopard) with Python 2.5.1 (r251:54863, Feb 6 2009, 19:02:12) and PIL 1.1.6. Any thoughts what might be up? Cheers Steve ====================================================================== FAIL: test_extension (sorl.thumbnail.tests.fields.FieldTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/local/django/myprojectnamehere/lib/sorl/thumbnail/tests/fields.py", line 66, in test_extension self.verify_thumbnail((50, 37), thumb, expected_filename) File "/usr/local/django/myprojectnamehere/lib/sorl/thumbnail/tests/base.py", line 92, in verify_thumbnail self.assertEqual(image.size, expected_size) AssertionError: (50, 38) != (50, 37) ====================================================================== FAIL: test_thumbnail (sorl.thumbnail.tests.fields.ImageWithThumbnailsFieldTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/local/django/myprojectnamehere/lib/sorl/thumbnail/tests/fields.py", line 111, in test_thumbnail self.verify_thumbnail((50, 37), thumb, expected_filename) File "/usr/local/django/myprojectnamehere/lib/sorl/thumbnail/tests/base.py", line 92, in verify_thumbnail self.assertEqual(image.size, expected_size) AssertionError: (50, 38) != (50, 37) ====================================================================== FAIL: testTag (sorl.thumbnail.tests.templatetags.ThumbnailTagTest) ---------------------------------------------------------------------- Traceback (most recent call last): File "/usr/local/django/myprojectnamehere/lib/sorl/thumbnail/tests/templatetags.py", line 118, in testTag self.verify_thumbnail((90, 67), expected_filename=expected_fn) File "/usr/local/django/myprojectnamehere/lib/sorl/thumbnail/tests/base.py", line 92, in verify_thumbnail self.assertEqual(image.size, expected_size) AssertionError: (90, 68) != (90, 67)

  Read the article

• How Do I make an Acer T230H Touchcreen work on Ubuntu 9.10?

  - by N Rahl

  I've done this so far: sudo nano /etc/udev/rules.d/99-touchscreen.rules And added: SUBSYSTEM=="usb", ATTRS{idVendor}=="0408", ATTRS{idProduct}=="3000", SYMLINK+="usb/quanta_touch" SUBSYSTEM=="input", KERNEL=="event*", ATTRS{idVendor}=="0408", ATTRS{idProduct}=="3000", SYMLINK+="input/quanta_touch" sudo service udev restart then the instructions here: http://ubuntuforums.org/showpost.php?p=8932808&postcount=36 And then added to my xorg conf: Section "InputDevice" Identifier "Acer T230H" Driver "hidtouch" Option "SendCoreEvents" "true" Option "ReportingMode" "Raw" Option "Device" "/dev/usb/quanta_touch" Option "PacketCount" "13" Option "OpcodePressure" "852034" Option "OpcodeX" "65584" Option "OpcodeY" "65585" Option "CalibrationModel" "1" Option "CornerTopLeftX" "0" Option "CornerTopLeftY" "0" Option "CornerTopRightX" "1920" # 1920 for 23" Option "CornerTopRightY" "0" Option "CornerBottomLeftX" "0" Option "CornerBottomLeftY" "1080" # 1080 for 23" Option "CornerBottomRightX" "1920" # 1920 for 23" Option "CornerBottomRightY" "1080" # 1080 for 23" Option "CornerScreenWidth" "1920" # 1920 for 23" Option "CornerScreenHeight" "1080" # 1080 for 23" EndSection Section "ServerLayout" Identifier "Touchscreen" InputDevice "Acer T230H" "SendCoreEvents" EndSection And restarted. And the touchscreen does nothing. Any ideas?

  Read the article

• Unexpected end of file while searching for ']' to end attribute selector.

  - by zurna

  I dont understand what would be the problem with the following code. It needs to copy image's id value to another textbox but instead I get an error. Unexpected end of file while searching for ']' to end attribute selector. <script> $(function() { $(".floatLeft").click(function() { var id = $(this).attr("id").replace(/\D/g, ""); $("input[name='photo[" + id + "]'").val(Math.abs($("input[name='photo[" + id + "]'").val() - 1)); }); }); </script> <ul class="thumbs"> <li> <img src="/FLPM/media/news/images/2M9Y1I2K_sm.jpg" alt="Garden" id="28" class="floatLeft" /> <input type="text" name="photo28" value="0" /> <br /> <a href="?Process=&IMAGEID=28" class="thumb"><span class="floatLeft">DELETE</span></a> </li> <li> <img src="/FLPM/media/news/images/2A9L1V2X_sm.jpg" alt="Frangipani Flowers" id="27" class="floatLeft" /> <input type="text" name="photo27" value="0" /> <br /> <a href="?Process=&IMAGEID=27" class="thumb"><span class="floatLeft">DELETE</span></a> </li> </ul>

  Read the article

• What other protocols must not be fire-walled for FTP to work?

  - by Chris

  my Netgear router randomly reset itself the other day loosing all of my config settings: DSL details, Firewall rules, the lot! So I set about restoring all of the details manually, but when it came to configuring the firewall I wanted improve the security by explicitly setting 'deny' rules for everything that I figured is 'non-essential', and (although not necessary) whilst I was at it I set explicit 'allow' for the 'essential' protocols. I'll admit now I didn't really know what I was doing and everything was just 'my best guess', but I enabled only DNS, HTTP, HTTPS, FTP, SFTP, TFTP with everything else blocked. This did not work for me as I could not access 99% of web sites (although strangely Google worked!), so I played around a bit more and found that (oddly) if I disabled just the explicit 'allow' rules then everything worked fine, for browsing anyway. Today I came to work on some web-sites via FTP and just could not get a consistent connection, it kept dropping out after a few files or being blocked by the server or simply not connecting. It would authenticate okay but then stop when retrieving the initial directory listing! e.g.: Status: Delaying connection for 1 second due to previously failed connection attempt... Status: Resolving address of ftp.domain.co.uk Status: Resolving address of ftp.domain.co.uk Status: Connecting to 123.123.123.123:21... Status: Connecting to 123.123.123.123:21... Status: Connection established, waiting for welcome message... Status: Connection established, waiting for welcome message... Response: 421 Too many connections (8) from this IP Error: Could not connect to server Status: Delaying connection for 5 seconds due to previously failed connection attempt... Response: 421 Too many connections (8) from this IP Error: Could not connect to server Status: Delaying connection for 5 seconds due to previously failed connection attempt... I've checked and re-checked the FTP settings (they worked before anyway), I have Googled the I.T. out of the various protocols that I have blocked in the fire-wall but none seem essential to FTP (other than FTP/SFTP etc. which I have passively enabled). I'm (clearly) no server engineer, or protocols / fire-wall expert so I was hoping that some one could maybe shed some light on why my FTP is failing. I've been wondering if I ought to be allowing BGP, BOOTP and/or IDENT (or any others)? What other protocols are required for FTP? Thanks in advance!

  Read the article

• CSS style to create an HTML with an image on left and input text boxes on right that fills all space

  - by dafi

  I need to create an HTML page (a JqueryUI dialog but this isn't the problem) containing an image on left (size is fixed to 75x75) and on right some input text boxes, input boxes must resize to all remaining space. You can see an example at http://img683.imageshack.us/img683/5412/19483174.jpg The problem is that when I resize the dialog controls move under image as shown at http://img510.imageshack.us/img510/4817/44749696.jpg How can I resolve this problem in all browser and if possible using only CSS? Below I show my HTML code and the CSS I'm using HTML code <div id="dialog-form" title="Modify Post"> <form action=""> <fieldset> <img id="dialog-modify-thumb" src="http://dummyimage.com/75x75/000/fff" alt="" width="75" height="75"/> <div id="dialog-modify-controls"> <label for="dialog-modify-caption">Caption</label> <input type="text" name="dialog-modify-caption" id="dialog-modify-caption"/> <br/> <label for="dialog-modify-tags">Tags</label> <input type="text" name="dialog-modify-tags" id="dialog-modify-tags"/> <br/> <label for="dialog-modify-publish-date">Publish Date</label> <input type="text" name="dialog-modify-publish-date" id="dialog-modify-publish-date"/> </div> </fieldset> </form> </div> The CSS #dialog-modify-thumb { margin-right: 3px; border: 1px solid; display: block; float:left; } #dialog-form input[type='text'] { width: 100%; } #dialog-modify-controls { float: right; width:100%; }

  Read the article

• jQuery event handling with .live() problem with setInterval and clearInterval

  - by Kyle Lafkoff

  jQuery 1.4.2: I have an image. When the mouseover event is triggered, a function is executed that runs a loop to load several images. On the contrary, the mouseout event needs to set the image back to a predetermined image and no longer have the loop executing. These are only for the images with class "thumb": $("img.thumb").live("mouseover mouseout", function(event) { var foo = $(this).attr('id'); var wait; var i=0; var image = document.getElementById(foo); if (event.type == 'mouseover') { function incrementimage() { i++; image.src = 'http://example.com/images/file_'+i+'.jpg'; if(i==30) {i=0;} } wait = setInterval(incrementimage,500); } else if (event.type == 'mouseout') { clearInterval (wait); image.src = 'http://example.com/images/default.jpg'; } return false; }); When I mouseout, the image is set to the default.jpg but the browser continues to loop though the images. It will never stop. Can someone hit me with some knowledge? Thanks.

  Read the article

• Non-Registry Fix for Secondary Mailboxes Sent Items

  - by Jai Kang

  There is a known issue with Outlook and Exchange where "secondary" mailboxes which are mounted in the same profile, e.g. "John Doe" + CorpMailbox1, CorpMailbox2, CorpMailbox3 will place "sent items" from the secondary mailboxes (e.g. CorpMailbox1) in the user's (e.g. "John Doe") Sent Items folder. There is a registry value (something like DelegateSentItems) to semi-fix this, but I'm looking for an Exchange-side solution. It seems like, at some point, an admin made CC rules to fix this, and for the mailboxes where I see a BCC rule: any item sent to [address] BCC to [address]. The behavior "fixes" the issue, but when I duplicate this work-around for new shared mailboxes, the email ends up in the Inbox and not the Sent Items for the shared mailbox. I don't believe there is any outlook/client-side shenanigans going on, as the intended behavior for the older mailboxes works for new PCs/Users (new imagse) without any Outlook Mailbox Rules.

  Read the article

• How do I load an XML document, add and remove nodes, then apply it to a ASP DataGrid control?

  - by JFOX

  I have a pretty simple operation but am struggling with how to implement it. I am loading XML from an external data source using a DataSet.ReadXml(), the creating a new XMLDataDocument from that data set, then syncing the Dataset back to the XMLDataDocument like so: doc = new XmlDataDocument(dsDataSet); dsDataSet.EnforceConstraints = false; dsDataSet= doc.DataSet; Once loaded I do two things to the XmlDataDocument: Loop through and check if a purely meta node, count, exists right beneath the root node and if so remove it. a thumb node exists in a second level nodelist and if not, create and append it. This is all going a expected because the result of doc.save() looks correct. Where I'm having an issue is updating the Dataset, which is being applied as the data source for an ASP DataGrid. Once all the above XMLDoc manipaulation is done I do this: dsDataSet.Merge(doc.DataSet); dsDataSet.AcceptChanges(); I then apply the data set to the grid control: dgList.DataSource = dsDataSet; dgList.DataBind(); But, when I do this I get this error on the site: System.Web.HttpException: DataBinding: 'System.Data.DataRowView' does not contain a property with the name 'thumb'. What did I miss?

  Read the article

• mod_rewite Rule: root/? root/app/views/home/home.php

  - by Jonathon David Oates

  I am shocking at mod_rewite, here's the scenario: I need a rule that rewrites mydomain.com to mydomain.com/app/views/home/home.php. The rule, or set of rules rather, must also rewite mydomain.com/signin to mydomain.com/app/views/signin/signin.php, and work in a similar fashion for any subdirectory, for example: mydomain.com/subdir must redirect to mydomain.com/app/views/subdir/subdir.php. The rules must also work with or without the trailing slash, for example: ….com or ….com/. Thank you all, your help is much appreciated! If you could outline how and why your solution works or direct me to a good resource that explains it, I'd be exceptionally grateful! Edit: I have got a simple .htaccess file with this: Options +FollowSymLinks RewriteEngine On RewriteRule ^$ http://mydomain.local/~Jay/some_awesome_app/app/views/home/home.php This does the redirect but changes the URL in the address bar too! I've not got a trailing [R] flag so why would this be?

  Read the article

• NIC bonding with two uplinks

  - by Karolis T.

  Is bonding the preferred way of implementing ISP redundancy? In the texts I've seen, bond device has a netmask, gateway of it's own. How can this be obtained if there are two different gateways from two uplinks, which one to choose? Do I need any special routing rules to go with it or does simply configuring separate interfaces (using Debian, /etc/network/interfaces), i.e eth1, eth2 for their corresponding uplinks and bonding them to bond0 handle routing automatically? If I want to NAT client machines, do they use bond device's IP as a gateway? Does the bond0 device is the device that goes into iptables nat rules? Thanks

  Read the article

• AS3 URLRequest in for Loop problem

  - by Adrian

  Hi guys, I read some data from a xml file, everything works great besides urls. I can't figure what's the problem with the "navigateURL" function or with the eventListener... on which square I click it opens the last url from the xml file for(var i:Number = 0; i <= gamesInput.game.length() -1; i++) { var square:square_mc = new square_mc(); //xml values var tGame_name:String = gamesInput.game.name.text()[i];//game name var tGame_id:Number = gamesInput.children()[i].attributes()[2].toXMLString();//game id var tGame_thumbnail:String = thumbPath + gamesInput.game.thumbnail.text()[i];//thumb path var tGame_url:String = gamesInput.game.url.text()[i];//game url addChild(square); square.tgname_txt.text = tGame_name; square.tgurl_txt.text = tGame_url; //load & attach game thumb var getThumb:URLRequest = new URLRequest(tGame_thumbnail); var loadThumb:Loader = new Loader(); loadThumb.load(getThumb); square.addChild(loadThumb); // square.y = squareY; square.x = squareX; squareX += square.width + 10; square.buttonMode = true; this.addEventListener(MouseEvent.CLICK, navigateURL); } function navigateURL(event:MouseEvent):void { var url:URLRequest = new URLRequest(tGame_url); navigateToURL(url, "_blank"); trace(tGame_url); } Many thanks!

  Read the article

• Windows 2003 GPO Software Restrictions

  - by joeqwerty

  We're running a Terminal Server farm in a Windows 2003 Domain, and I found a problem with the Software Restrictions GPO settings that are being applied to our TS servers. Here are the details of our configuration and the problem: All of our servers (Domain Controllers and Terminal Servers) are running Windows Server 2003 SP2 and both the domain and forest are at Windows 2003 level. Our TS servers are in an OU where we have specific GPO's linked and have inheritance blocked, so only the TS specific GPO's are applied to these TS servers. Our users are all remote and do not have workstations joined to our domain, so we don't use loopback policy processing. We take a "whitelist" approach to allowing users to run applications, so only applications that we approve and add as path or hash rules are able to run. We have the Security Level in Software Restrictions set to Disallowed and Enforcement is set to "All software files except libraries". What I've found is that if I give a user a shortcut to an application, they're able to launch the application even if it's not in the Additional Rules list of "whitelisted" applications. If I give a user a copy of the main executable for the application and they attempt to launch it, they get the expected "this program has been restricted..." message. It appears that the Software Restrictions are indeed working, except for when the user launches an application using a shortcut as opposed to launching the application from the main executable itself, which seems to contradict the purpose of using Software Restrictions. My questions are: Has anyone else seen this behavior? Can anyone else reproduce this behavior? Am I missing something in my understanding of Software Restrictions? Is it likely that I have something misconfigured in Software Restrictions? EDIT To clarify the problem a little bit: No higher level GPO's are being enforced. Running gpresults shows that in fact, only the TS level GPO's are being applied and I can indeed see my Software Restictions being applied. No path wildcards are in use. I'm testing with an application that is at "C:\Program Files\Application\executable.exe" and the application executable is not in any path or hash rule. If the user launches the main application executable directly from the application's folder, the Software Restrictions are enforced. If I give the user a shortcut that points to the application executable at "C:\Program Files\Application\executable.exe" then they are able to launch the program. EDIT Also, LNK files are listed in the Designated File Types, so they should be treated as executable, which should mean that they are bound by the same Software Restrictions settings and rules.

  Read the article

• How do I identify which rewrite rule is being trigger on IIS 7.5?

  - by Jordan Reiter

  I have a set of rewrite rules (offhand, I would say around 40-50) for a given server. It's basically to handle and reroute mangled URLs so that bad links still go to where they're supposed to go. I've come across an URL that is redirecting and I can't figure out which rewrite rule it is applying. My background is Apache and in that case I'd simply enable a rewrite log and look at the logged output to figure out what was happening. Is there an equivalent way to do this in IIS? bonus round Any way for me to view & edit the rewrite rules in a text file rather than the GUI interface?

  Read the article

• debian gateway using iptables

  - by meijuh

  I am having problems setting up a debian gateway server. My goal: Having eth1 the WAN interface. Having eth0 the LAN interface. Allow both ports 22 (SSH) and 80 (HTTP) accessed from the outside world on the gateway (SSH and HTTP run on this server). What I did was the following: Create a file /etc/iptables.rules with contents: /etc/iptables.rules: *nat -A POSTROUTING -o eth1 -j MASQUERADE COMMIT *filter -A INPUT -i lo -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -i eth1 -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -i eth1 -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -i eth1 -j DROP COMMIT edit /etc/network/interfaces as follows: /etc/network/interfaces: # The loopback network interface auto lo iface lo inet loopback pre-up iptables-restore < /etc/iptables.rules auto eth0 allow-hotplug eth0 iface eth0 inet dhcp #auto eth1 #allow-hotplug eth1 #iface eth1 inet dhcp allow-hotplug eth1 iface eth1 inet static address 217.119.224.51 netmask 255.255.255.248 gateway 217.119.224.49 dns-nameservers 217.119.226.67 217.119.226.68 Uncomment the rule net.ipv4.ip_forward=1 in /etc/sysctl.conf to allow packet forwarding. The static settings for eth1 such as the ip address I got from my router (which I want to replace); I simply copied these. I have a (windows) DNS + DHCP server on ip address 10.180.1.10, which assigns ip address 10.180.1.44 to eth0. What this server does is not really interesting it only maps domain names on our local network and assigns one static ip to the gateway. What works: on the gateway itself I can ping 8.8.8.8 and google.nl. So that is okey. What does not work: (1) Every machine connected to eth0 (indirectly via a switch) can not ping an ip or a domain. So I guess the gateway can not be found. (2) Also when I configure my linux machine (a laptop) to use a static ip 10.180.1.41, a mask and a gateway (10.180.1.44) I can not ping an ip or domain either. This means that maybe my iptables is incorrect of not loaded correctly. Or I maybe have to configure my DNS/DHCP on my windows machine. I have not reset the windows machine net, restart the DNS/DHCP services, should I do this? I did not install dnsmasq as desribed here: http://blog.noviantech.com/2010/12/22/debian-router-gateway-in-15-minutes/. I don't think this is necessary?

  Read the article

• What kind of router do I need to handle multiple external I.P addresses?

  - by user1308743

  I have 3 dedicated I.P addresses going to a location with a few servers, and 1 RVS4000 router. Right now, only one I.P is being used. I would like a router that can use all 3 I.P addresses and I can make rules like this: IP1:80 goes to ServerA IP2:80 goes to ServerB What kind of router/device with what features do I need to handle this? I will need to set 30-40 rules to forward certain ports to certain servers. Only a couple ports will need to go to IP2 or IP3. Thanks

  Read the article

• FreeBSD jail with IPFW with loopback - unable to connect loopback interface

  - by khinester

  I am trying to configure a one IP jail with loopback interface, but I am unsure how to configure the IPFW rules to allow traffic to pass between the jail and the network card on the server. I have followed http://blog.burghardt.pl/2009/01/multiple-freebsd-jails-sharing-one-ip-address/ and https://forums.freebsd.org/viewtopic.php?&t=30063 but without success, here is what i have in my ipfw.rules # vim /usr/local/etc/ipfw.rules ext_if="igb0" jail_if="lo666" IP_PUB="192.168.0.2" IP_JAIL_WWW="10.6.6.6" NET_JAIL="10.6.6.0/24" IPF="ipfw -q add" ipfw -q -f flush #loopback $IPF 10 allow all from any to any via lo0 $IPF 20 deny all from any to 127.0.0.0/8 $IPF 30 deny all from 127.0.0.0/8 to any $IPF 40 deny tcp from any to any frag # statefull $IPF 50 check-state $IPF 60 allow tcp from any to any established $IPF 70 allow all from any to any out keep-state $IPF 80 allow icmp from any to any # open port ftp (20,21), ssh (22), mail (25) # ssh (22), , dns (53) etc $IPF 120 allow tcp from any to any 21 out $IPF 130 allow tcp from any to any 22 in $IPF 140 allow tcp from any to any 22 out $IPF 150 allow tcp from any to any 25 in $IPF 160 allow tcp from any to any 25 out $IPF 170 allow udp from any to any 53 in $IPF 175 allow tcp from any to any 53 in $IPF 180 allow udp from any to any 53 out $IPF 185 allow tcp from any to any 53 out # HTTP $IPF 300 skipto 63000 tcp from any to me http,https setup keep-state $IPF 300 skipto 63000 tcp from any to me http,https setup keep-state # deny and log everything $IPF 500 deny log all from any to any # NAT $IPF 63000 divert natd ip from any to any via $jail_if out $IPF 63000 divert natd ip from any to any via $jail_if in but when i create a jail as: # ezjail-admin create -f continental -c zfs node 10.6.6.7 /usr/jails/node/. /usr/jails/node/./etc /usr/jails/node/./etc/resolv.conf /usr/jails/node/./etc/ezjail.flavour.continental /usr/jails/node/./etc/rc.d /usr/jails/node/./etc/rc.conf 4 blocks find: /usr/jails/node/pkg/: No such file or directory Warning: IP 10.6.6.7 not configured on a local interface. Warning: Some services already seem to be listening on all IP, (including 10.6.6.7) This may cause some confusion, here they are: root syslogd 1203 6 udp6 *:514 *:* root syslogd 1203 7 udp4 *:514 *:* i get these warning and then when i go into the jail environment, i am unable to install any ports. any advice much appreciated.

  Read the article

• Outlook 2007 - Fwd all mail from one mailbox to another email

  - by Simon

  I have two separate mailboxes setup in Outlook. My main everyday one (call this A), and another one which is where clients questions go direct to (call this B) I have a few rules setup on my main inbox. I need to setup a new rule to fwd all incoming email to B, to another colleague. If this was for mailbox A, it would not seem to hard and I would basically follow the instructions here. However, I cant see a way of applying rules to separate MailBoxes. - Does anyone know how to do this?

  Read the article

• Apache 410 Gone instructions not working with mod_alias nor mod_rewrite

  - by Peter Boughton

  Apache 2.2 seems to be ignoring instructions to return a 410 status. This happens for both mod_alias's Redirect (using 410 or gone) and mod_rewrite's RewriteRule (using [G]), being used inside a .htaccess file. This works: Redirect 302 /somewhere /gone But this doesn't: Redirect 410 /somewhere That line is ignored (as if it had been commented) and the request falls through to other rules (which direct it to an unrelated generic error handling script). Similarly, trying to use a RewriteRule with a [G] flag doesn't work, but the same rule rewriting to a script that generates a 410 does - so the rules aren't the problem and it seems instead to be something about 410/gone that isn't behaving. I can workaround it by having a script sending the 410, but that's annoying and I don't get why it's not working. Any ideas?

  Read the article

• Desktop notifcations for IMAP subfolders in Outlook 2013

  - by hplieninger

  I use Outlook 2013 and an IMAP account for my mails. I have configured several filters (rules) directly in the webmail application of my provider in order to deliver certain mails, e.g., from my boss, into certain folders other then the "inbox". Note that I did not define any rules in Outlook itself and I also do not want to do so (because I want these mails being delivered into the folders not only in Outlook but also on other devices). The problem is that that I receive desktop notifications only for incoming mails in the main folder ("Inbox") but not for mails in any of the other folders.

  Read the article

• Does Exchange support plussed users (e.g. [email protected]) or a similar mechanism?

  - by Jens Bannmann

  Sendmail supports a feature called 'plussed users'. Once enabled, emails sent to [email protected], [email protected] and [email protected] are automatically delivered just like mails to [email protected]. There is no need to register or set up these 'plus suffixes'. The user can just use them and set up client-side filtering rules on his own. Does Exchange support a similar mechanism? If so, how to enable it? Note that I don't want answers about other means of filtering, e.g. spam/junk filtering, server-side or client-side rules, email aliases/addresses that are configured explicitly and so on.

  Read the article

• Can I join two tables whereby the joined table is sorted by a certain column?

  - by Ferdy

  I'm not much of a database guru so I need some help on a query I'm working on. In my photo community project I want to richly visualize tags by not only showing the tag name and counter (# of images inside them), I also want to show a thumb of the most popular image inside the tag (most karma). The table setup is as follow: Image table holds basic image metadata, important is the karma field Imagefile table holds multiple entries per image, one for each format Tag table holds tag definitions Tag_map table maps tags to images In my usual trial and error query authoring I have come this far: SELECT * FROM (SELECT tag.name, tag.id, COUNT(tag_map.tag_id) as cnt FROM tag INNER JOIN tag_map ON (tag.id = tag_map.tag_id) INNER JOIN image ON tag_map.image_id = image.id INNER JOIN imagefile on image.id = imagefile.image_id WHERE imagefile.type = 'smallthumb' GROUP BY tag.name ORDER BY cnt DESC) as T1 WHERE cnt > 0 ORDER BY cnt DESC [column clause of inner query snipped for the sake of simplicity] This query gives me somewhat what I need. The outer query makes sure that only tags are returned for which there is at least 1 image. The inner query returns the tag details, such as its name, count (# of images) and the thumb. In addition, I can sort the inner query as I want (by most images, alphabetically, most recent, etc) So far so good. The problem however is that this query does not match the most popular image (most karma) of the tag, it seems to always take the most recent one in the tag. How can I make sure that the most popular image is matched with the tag?

  Read the article

< Previous Page | 46 47 48 49 50 51 52 53 54 55 56 57  | Next Page >