Search Results

Search found 5578 results on 224 pages for 'transport rules'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 53/224 | < Previous Page | 49 50 51 52 53 54 55 56 57 58 59 60  | Next Page >

  • Host name or Domain not found

    - by hitesh-4259
    Hi I have installed amavis + postfix + spamassassin on centOS 5.4. The "/etc/hosts" file contains: 127.0.0.1 localhost.localdomain localhost ::1 localhost6.localdomain6 localhost6 67.215.65.132 mail.sufalamtech.local mail When I am sending mail then, the following error is occured: Apr 8 06:20:53 mail sendmail[3229]: o380oqu7003229: from=root, size=62, class=0, nrcpts=1, msgid=<[email protected], relay=root@localhost Apr 8 06:20:53 mail postfix/smtpd[3230]: connect from mail.sufalamtech.local[127.0.0.1] Apr 8 06:20:53 mail sendmail[3229]: STARTTLS=client, relay=[127.0.0.1], version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 Apr 8 06:20:54 mail postfix/smtpd[3230]: 5A53C1A5989: client=mail.sufalamtech.local[127.0.0.1], [email protected] Apr 8 06:20:54 mail postfix/cleanup[3238]: 5A53C1A5989: message-id=<[email protected] Apr 8 06:20:54 mail sendmail[3229]: o380oqu7003229: [email protected], ctladdr=root (0/0), delay=00:00:02, xdelay=00:00:01, mailer=relay, pri=30062, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as 5A53C1A5989) Apr 8 06:20:54 mail postfix/qmgr[3107]: 5A53C1A5989: from=, size=587, nrcpt=1 (queue active) Apr 8 06:20:54 mail postfix/smtpd[3230]: disconnect from mail.sufalamtech.local[127.0.0.1] Apr 8 06:20:54 mail postfix/smtp[3240]: 5A53C1A5989: to=, relay=none, delay=0.63, delays=0.17/0.1/0.36/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=mail.sufalamtech.local type=A: Host not found) Apr 8 06:20:54 mail postfix/cleanup[3238]: E73C51A5987: message-id=<[email protected] Apr 8 06:20:54 mail postfix/qmgr[3107]: E73C51A5987: from=<, size=2594, nrcpt=1 (queue active) Apr 8 06:20:54 mail postfix/bounce[3241]: 5A53C1A5989: sender non-delivery notification: E73C51A5987 Apr 8 06:20:54 mail postfix/qmgr[3107]: 5A53C1A5989: removed Apr 8 06:20:55 mail postfix/local[3242]: E73C51A5987: to=, relay=local, delay=0.15, delays=0.02/0.1/0/0.03, dsn=2.0.0, status=sent (delivered to mailbox) Apr 8 06:20:55 mail postfix/local[3242]: warning: host not found: localhost Apr 8 06:20:55 mail postfix/qmgr[3107]: E73C51A5987: removed Apr 8 06:21:04 mail postfix/qmgr[3107]: warning: connect to transport amavis: No such file or directory Apr 8 06:22:04 mail postfix/qmgr[3107]: warning: connect to transport amavis: No such file or directory

    Read the article

  • IPSec for LAN traffic: Basic considerations?

    - by chris_l
    This is a follow-up to my Encrypting absolutely everything... question. Important: This is not about the more usual IPSec setup, where you want to encrypt traffic between two LANs. My basic goal is to encrypt all traffic within a small company's LAN. One solution could be IPSec. I have just started to learn about IPSec, and before I decide on using it and dive in more deeply, I'd like to get an overview of how this could look like. Is there good cross-platform support? It must work on Linux, MacOS X and Windows clients, Linux servers, and it shouldn't require expensive network hardware. Can I enable IPSec for an entire machine (so there can be no other traffic incoming/outgoing), or for a network interface, or is it determined by firewall settings for individual ports/...? Can I easily ban non-IPSec IP packets? And also "Mallory's evil" IPSec traffic that is signed by some key, but not ours? My ideal conception is to make it impossible to have any such IP traffic on the LAN. For LAN-internal traffic: I would choose "ESP with authentication (no AH)", AES-256, in "Transport mode". Is this a reasonable decision? For LAN-Internet traffic: How would it work with the internet gateway? Would I use "Tunnel mode" to create an IPSec tunnel from each machine to the gateway? Or could I also use "Transport mode" to the gateway? The reason I ask is, that the gateway would have to be able to decrypt packages coming from the LAN, so it will need the keys to do that. Is that possible, if the destination address isn't the gateway's address? Or would I have to use a proxy in this case? Is there anything else I should consider? I really just need a quick overview of these things, not very detailed instructions.

    Read the article

  • Exchange 2010 Hub cannot deliver to Exchange 2007 Hub - "451 5.7.3 Cannot achieve Exchange Server authentication"

    - by Graeme Donaldson
    We have an existing Exchange 2007 server in Site A (exch07). I've installed an Exchange 2010 server in Site B (exch10). Both servers have the CAS, Mailbox and Hub roles. Messages sent via SMTP on exch10 which are destined for mailboxes on exch07 are queued with the "Last Error" reported in Queue Viewer as '451 4.4.0 Primary target IP address responded with: "451 5.7.3 Cannot achieve Exchange Server authentication." Attempted failover to alternate host, but that did not succeed. Either there are no alternate hosts, or delivery failed to all alternate hosts.' I've found that some people have resolved this by creating new Receive Connectors which are scoped specifically to apply to connections from the remote hub/s, but I have had no luck doing this. Specifically I created new receive connectors on both servers with the following settings: Remote IP = IP/s of remote server Authentication = "Transport Layer Security (TLS)" and "Exchange Server authentication" Permission Groups = "Exchange servers" and "Legacy Exchange Servers" This made no difference, I see the same error message. What am I missing? Update: We noticed that the Application log had this error message from MSExchangeTransportService: Microsoft Exchange could not find a certificate that contains the domain name exch07.domain.local in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector exch10 with a FQDN parameter of exch07.domain.local. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key. It turns out that the default self-signed certificate was no longer enabled for the SMTP service for some reason. After enabling the self-signed certificate for SMTP, we no longer get the error in the event logs, but delivery is still failing with the same error message. Update 2: I put a mailbox on exch10 and attempted to deliver a message via SMTP on exch07 and I get the same error.

    Read the article

  • Proxy settings in Java mail API

    - by coder
    I've written a piece of java code where user1 sends email to user2. I'm behind a proxy and hence I'm getting a javax.mail.MessagingException. How do I solve this problem? Here is the code- import java.util.Properties; import javax.mail.Message; import javax.mail.MessagingException; import javax.mail.PasswordAuthentication; import javax.mail.Session; import javax.mail.Transport; import javax.mail.internet.InternetAddress; import javax.mail.internet.MimeMessage; public class Mail { public static void main(String[] args) { final String username = "[email protected]"; final String password = "abc"; Properties props = new Properties(); props = System.getProperties(); props.put("mail.smtp.auth", "true"); props.put("mail.smtp.starttls.enable", "true"); props.put("mail.smtp.host", "smtp.gmail.com"); props.put("mail.smtp.port", "587"); Session session = Session.getInstance(props, new javax.mail.Authenticator() { protected PasswordAuthentication getPasswordAuthentication() { return new PasswordAuthentication(username, password); } }); try { Message message = new MimeMessage(session); message.setFrom(new InternetAddress("[email protected]")); message.setRecipients(Message.RecipientType.TO, InternetAddress.parse("[email protected]")); message.setSubject("Testing Subject"); message.setText("Dear Mail Crawler," + "\n\n No spam to my email, please!"); Transport.send(message); System.out.println("Done"); } catch (MessagingException e) { throw new RuntimeException(e); } } }

    Read the article

  • Conditionally Rewrite Email Headers (From & Reply-To) Exchange 2010

    - by NorthVandea
    I have a client who maintains Company A (with email addresses %username%@companyA.com) and they own the domain companyB.com however there is no "infrastructure" (no Exchange server) set up specifically for companyB.com. My client needs to be able to have the end users within it's company (companyA.com) add a specific word or phrase to the Subject (or Body) line of the Outgoing email (they are only concerned with outgoing, incoming is a non-issue in this case) that triggers the Exchange 2010 servers to rewrite the header From and Reply-To [email protected] with [email protected] but this re-write should ONLY occur if the user places the key word/phrase in the Subject (or Body). I have attempted using Transport Rules and the New-AddressRewriteEntry cmdlet however each seems to have a limitation. From what I can tell Transport Rules cannot re-write the From/Reply-To fields and New-AddressRewriteEntry cannot be conditionally triggered based on message content. So to recap: User sends email outside the organization: From and Reply-To remain [email protected] User sends email outside the organization WITH "KeyWord" in the Subject or Body: From and Reply-To change to [email protected] automatically. Anyone know how this could be done WITHOUT coding a new Mail Agent? I don't have the programming knowledge to code a custom Agent... I can use any function of Exchange Management Shell or Console. Alternatively if anyone knows of a simple add-on program that could do this that would be good too. Any help would be greatly appreciated! Thank you!!!

    Read the article

  • Would an invalid certificate cause an 0x8004010F sync error?

    - by hydroparadise
    We just migrated from Exchange 2003 to 2007 which was a combo primary AD/DNS server and it has not gone smoothly. We are now down to getting a new certificate (a bureaucratic process thats out of my hands) and users getting the 0x8004010F sync issue. We are only using Outlook 2007 as our email client and the sync error appears exactly as so: 9:21:44 Synchronizer Version 12.0.6562 9:21:44 Synchronizing Mailbox '<User>' 9:21:44 Done 9:21:44 Microsoft Exchange offline address book 9:21:44 0X8004010F Now, I have read a number of technet articles on this issue anywhere from adding an A record in the DNS for autodiscover.domain.com to syncing the old OAD to the new OAD. In otherwords, theres lots of thing to try, but trial and error at this point might be hazardous to ther server's health and I am trying to narrow down the list of things to try. What has me thinking that the sync error could be related to the certificate is an event error message that says the following: Microsoft Exchange could not find a certificate that contains the domain name mail.ccufl.org in the personal store on the local computer. Therefore, it is unable to support the STARTTLS SMTP verb for the connector Internet Mail with a FQDN parameter of mail.ccufl.org. If the connector's FQDN is not specified, the computer's FQDN is used. Verify the connector configuration and the installed certificates to make sure that there is a certificate with a domain name for that FQDN. If this certificate exists, run Enable-ExchangeCertificate -Services SMTP to make sure that the Microsoft Exchange Transport service has access to the certificate key. I am not fully clear on how the Exchange Transport Service is related to Syncronization, but my hunch is that it probably not related to there not being a valid certificate. So to recap, would an invalid certificate cause an 0x8004010F sync error?

    Read the article

  • Sending email to google apps mailbox via exim4

    - by Andrey
    I have a hosting server with several users. One of the customers decided to move his email account to google apps and added the corresponding MX records so he can receive email now. But when it comes to sending email from my server to those email addresses, they don't make it. I guess it's because exim still thinks these domains are local. That's what i see in logs (example.com is my domain, example.net is the customer's domain): 2010-06-02 14:55:37 1OJmXp-0006yh-UG <= [email protected] U=root P=local S=342 T="lsdjf" from <[email protected]> for [email protected] 2010-06-02 14:55:38 1OJmXp-0006yh-UG ** [email protected] F=<[email protected]> R=virtual_aliases: 2010-06-02 14:55:38 1OJmXq-0006yl-2A <= <> R=1OJmXp-0006yh-UG U=mail P=local S=1113 T="Mail delivery failed: returning message to sender" from <> for [email protected] 2010-06-02 14:55:38 1OJmXp-0006yh-UG Completed 2010-06-02 14:55:38 1OJmXq-0006yl-2A User 0 set for local_delivery transport is on the never_users list 2010-06-02 14:55:38 1OJmXq-0006yl-2A == [email protected] R=localuser T=local_delivery defer (-29): User 0 set for local_delivery transport is on the never_users list 2010-06-02 14:55:38 1OJmXq-0006yl-2A ** [email protected]: retry timeout exceeded 2010-06-02 14:55:38 1OJmXq-0006yl-2A [email protected]: error ignored 2010-06-02 14:55:38 1OJmXq-0006yl-2A Completed What should i do to fix that?

    Read the article

  • Using my own Postfix, filtering spam and getting all the mail into my ISP's inbox

    - by djechelon
    Hello, I currently own a domain bought via GoDaddy.com, which provides me a basic email setup for the most common needs. I configured it to forward all mail to [email protected] to [email protected]. I also own a virtual server with a running Postfix that I use for a specific website (all mail to somedomain.com gets forwarded via LMTP to a program written by me). Since I'm recently experiencing some harassing by spammers, since GoDaddy doesn't seem to filter spam, and since my Windows Phone's Pocket Outlook cannot filter spam, I would like to use SpamAssassin to filter inbound spam by changing my domain's MX records to my server My ideal setup is the following: All mail delivered to somedomain.com gets redirected via LMTP as usual via virtual transport without any spam check All mail to [email protected] gets redirected to [email protected] after a severe spam check I don't care about [email protected] since I use just one address for now I would like to train SpamAssassin with customized spam rules, possibly based on the presence of certain keywords (links to certain unsubscribe pages I found recurring) I currently configured Postfix with transport somedomain.com lmtp:[127.0.0.1]:8025 .somedomain.com error: Cannot accept mail for this domain relay somedomain.com OK (I guess I should add mydomain.com OK too) virtual @mydomain.com [email protected] (looks like a catch-all rule, it's OK as requirement 3) I installed SpamAssassin, I can do rcspamd start and set it to boot with the server, but I don't know if there is anything else to do for use in Postfix, and how to apply requirement 1 (only mail to mydomain.com gets filtered) I also tried to send an email via Telnet to make sure my settings are ready for MX change. I received the message into my account but I found that it gone through secureserver.net, like Postfix didn't rewrite the destination but simply relayed the message. Thank you in advance. I'm no expert in SpamAssassin, and I have little experience in Postfix (enough to avoid making my server an open relay)

    Read the article

  • glusterfs mounts get unmounted when 1 of the 2 bricks goes offline

    - by Shiquemano
    I have an odd case where 1 of the 2 replicated glusterfs bricks will go offline and take all of the client mounts down with it. As I understand it, this should not be happening. It should fail over to the brick that is still online, but this hasn't been the case. I suspect that this is due to configuration issue. Here is a description of the system: 2 gluster servers on dedicated hardware (gfs0, gfs1) 8 client servers on vms (client1, client2, client3, ... , client8) Half of the client servers are mounted with gfs0 as the primary, and the other half are pointed at gfs1. Each of the clients are mounted with the following entry in /etc/fstab: /etc/glusterfs/datavol.vol /data glusterfs defaults 0 0 Here is the content of /etc/glusterfs/datavol.vol: volume datavol-client-0 type protocol/client option transport-type tcp option remote-subvolume /data/datavol option remote-host gfs0 end-volume volume datavol-client-1 type protocol/client option transport-type tcp option remote-subvolume /data/datavol option remote-host gfs1 end-volume volume datavol-replicate-0 type cluster/replicate subvolumes datavol-client-0 datavol-client-1 end-volume volume datavol-dht type cluster/distribute subvolumes datavol-replicate-0 end-volume volume datavol-write-behind type performance/write-behind subvolumes datavol-dht end-volume volume datavol-read-ahead type performance/read-ahead subvolumes datavol-write-behind end-volume volume datavol-io-cache type performance/io-cache subvolumes datavol-read-ahead end-volume volume datavol-quick-read type performance/quick-read subvolumes datavol-io-cache end-volume volume datavol-md-cache type performance/md-cache subvolumes datavol-quick-read end-volume volume datavol type debug/io-stats option count-fop-hits on option latency-measurement on subvolumes datavol-md-cache end-volume The config above is the latest attempt at making this behave properly. I have also tried the following entry in /etc/fstab: gfs0:/datavol /data glusterfs defaults,backupvolfile-server=gfs1 0 0 This was the entry for half of the clients, while the other half had: gfs1:/datavol /data glusterfs defaults,backupvolfile-server=gfs0 0 0 The results were exactly the same as the above configuration. Both configs connect everything just fine, they just don't fail over. Any help would be appreciated.

    Read the article

  • empty file from tomcat https redirect?

    - by amertune
    I am using tomcat 6.0.20, with jdk 1.6.0_18 on 64 bit linux (tomcat downloaded from tomcat.apache.org, not installed from repositories). I have iptables redirects from port 80 - 8080 and 443 - 8443. In server.xml, the connector for port 8080 redirects to 443, and the 8443 connector has proxyPort="443". In conf/web.xml, I have added this bit at the end of the file (but still inside the <web-app</webapp tags). <security-constraint> <web-resource-collection> <web-resource-name>Protected Context</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> I also have two contexts, ROOT and mywebapp. If I go to http://myurl.com, then I get redirected to https://myurl.com. If I go to http://myurl.com/mywebapp/, then I get redirected to https://myurl.com/mywebapp/. The problem I'm having is when I go to http://myurl.com/mywebapp (no trailing slash). When I do this I get a prompt to download an empty file that has an empty name. Going to https://myurl.com/mywebapp works. I would think that a user typing myurl.com/mywebapp is far from rare. Is there something I'm missing?

    Read the article

  • FreeBSD jail IMAP/MTA config recommendations

    - by kobame
    I've got access to my "own" FreeBSD jail. The jail has only basic, unconfigured system, but I have full access to FreeBSD ports, and (jail)root too. Now I need to setup my jail as IMAP/MTA. The question: What packages are EASIEST for config and later administration, (the simplest possible setup, with the minimum needed configuration) when: i haven't any preferences (don't know any yet) my (one) domain is managed by ISP, so don't need DNS need only IMAP for few users (up to 20 mailboxes) need secure transport layer (IMAPS/993) password auth, no LDAP, no kerberos, nor databases, nothing like fancy things... need easy-setup easy-admin MTA, with simplest possible password SMTP auth, (again no LDAP, nor DB), secure transport layer but would be nice have virus-scan and some anti-spam protection So, what ports I should install for MTA and IMAP? MTA (Sendmail, Postfix, Exim)? antivirus (ClamAV) antispam??? IMAP(S), (Dovecot, Courier) when the main criteria are: easy setup, and easy administration. When I googled I found only complicated setups for thousands of users with LDAP, databases and so on - too big-caliber for my small (easy?) needs. Any pointer to an easy howto is very welcomed.

    Read the article

  • Exim, hot to route local mail to other adress

    - by kheraud
    I have setuped an Exim4 server on my debian wheezy server. This mail server only sends mail coming from localhost. The purpose is sending mail for my website. I have cron tasks and other services generating mails for root user. These mails are not stored in /var/mail as before, but sent by exim to [email protected]. I try to make exim send mails for root to [email protected] rather than [email protected]. I tried adding a .forward in /root with [email protected] as content. I tried also changing /etc/aliases with root: [email protected]. The fact is that routing works for root@localhost but not for root which is resolved as [email protected] I tested how routing is resolved with exim -bt : root@srv02:~# exim -bt root@localhost R: system_aliases for root@localhost R: dnslookup for [email protected] [email protected] <-- root@localhost router = dnslookup, transport = remote_smtp host gmail-smtp-in.l.google.com [173.194.67.27] MX=5 host alt1.gmail-smtp-in.l.google.com [74.125.143.27] MX=10 host alt2.gmail-smtp-in.l.google.com [74.125.25.27] MX=20 host alt3.gmail-smtp-in.l.google.com [173.194.64.27] MX=30 host alt4.gmail-smtp-in.l.google.com [74.125.142.27] MX=40 root@srv02:~# exim -bt root R: dnslookup for [email protected] [email protected] router = dnslookup, transport = remote_smtp host aspmx.l.google.com [173.194.78.27] MX=1 host alt1.aspmx.l.google.com [74.125.143.27] MX=5 host alt2.aspmx.l.google.com [74.125.25.27] MX=5 host alt4.aspmx.l.google.com [74.125.142.27] MX=10 host alt3.aspmx.l.google.com [173.194.64.27] MX=10 I bet this is a matter of how my server is configured (rather than how exim is configured). But to understand well I would like to have a solution for both : how to have root resolved as root@localhost ? how to have [email protected] routed to [email protected] ?

    Read the article

  • Prevent RDP logon brute force in mikrotik router via winbox

    - by holian
    Masters, I need help, how to config our router to block RDP brute force attacks I would like to set our router to only allow RDP connection from a specified country (our specified IP ranges), plus i need to set up router to block (take ips to black list) and drop brute force attepmst to specified port numbers. I try to set this with changeing the ftp port to rdp port. http://wiki.mikrotik.com/wiki/Bruteforce_login_prevention_%28FTP_%26_SSH Any suggestion tnx. H Current configuration: I try to configure the router via Winbox. I set some NAT rules (from dyndns to local address, rdp port) In the filter rules tab: I'm not sure this configuration should do the trick?! Is the content text "530 login incorrect" is fit for RDP connection to? Because in the tutorial used for filtering FTP connection. How to set router to allow RDP attempts from specified IP ranges? Thank you // New config

    Read the article

  • iptables is not allowing me to contact my dns nameservers

    - by user1272737
    I have the follwing iptables rules: Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere tcp dpt:http ACCEPT tcp -- anywhere anywhere tcp dpt:https ACCEPT tcp -- localhost.localdomain anywhere tcp dpt:mysql ACCEPT tcp -- anywhere anywhere tcp dpt:14443 ACCEPT tcp -- anywhere anywhere tcp dpt:ftp ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data ACCEPT tcp -- anywhere anywhere tcp dpt:xxxxxxx Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination When I turn off iptables I am able to use wget and all other commands. When these rules are enabled I cannot connect to any address. Any idea why this would be?

    Read the article

  • Why isn't ICMP routing with iptables nat routing

    - by Scott Forsyth - MVP
    I'm using iptables on Ubuntu server to route a public IP to a private IP. I want to nat all traffic, including 80, 443 and ICMP. However, it appears that ICMP isn't routing. I have a steady ping going to the public IP and it never stops, even with NAT pointing to a bogus IP. Here are the rules that I'm using: iptables -t nat -I PREROUTING -d 206.72.119.76 -j DNAT --to-destination 10.240.5.5 iptables -t nat -I POSTROUTING -s 10.240.5.5 -j SNAT --to-source 206.72.119.76 I tried with rules for ICMP specifically, but no such luck: iptables -t nat -I PREROUTING -d 206.72.119.76 - icmp --icmp-type echo-request -j DNAT --to-destination 10.240.5.5 Any ideas?

    Read the article

  • Apache2 - mod_expire and mod_rewrite not working in httpd.conf - serving content from tomcat

    - by Ankit Agrawal
    Hi, I am using apache2 server running on debian which forwards all the http request to tomcat installed on same machine. I have two files under my /etc/apache2/ folder apache2.conf and httpd.conf I modified httpd.conf file to look like following. # forward all http request on port 80 to tomcat ProxyPass / ajp://127.0.0.1:8009/ ProxyPassReverse / ajp://127.0.0.1:8009/ # gzip text content AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript DeflateCompressionLevel 9 BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html # Turn on Expires and mark all static content to expire in a week # unset last modified and ETag ExpiresActive On ExpiresDefault A0 <FilesMatch "\.(jpg|jpeg|png|gif|js|css|ico)$" ExpiresDefault A604800 Header unset Last-Modified Header unset ETag FileETag None Header append Cache-Control "max-age=604800, public" </FilesMatch RewriteEngine On # rewrite all www.example.com/content/XXX-01.js and YYY-01.css files to XXX.js and YYY.css RewriteRule ^content/(js|css)/([a-z]+)-([0-9]+)\.(js|css)$ /content/$1/$2.$4 # remove all query parameters from URL after we are done with it RewriteCond %{THE_REQUEST} ^GET\ /.*\;.*\ HTTP/ RewriteCond %{QUERY_STRING} !^$ RewriteRule .* http://example.com%{REQUEST_URI}? [R=301,L] # rewrite all www.example.com to example.com RewriteCond %{HTTP_HOST} ^www\.example\.com$ [NC] RewriteRule ^(.*)$ http://example.com/$1 [R=301,L] I want to achieve following. forward all traffic to tomcat GZIP all the text content. Put 1 week expiry header to all static files and unset ETag/last modified header. rewrite all js and css file to certain format. remove all the query parameters from URL forward all www.example.com to example.com The problem is only 1 and 2 are working. I tried a lot with many combinations but the expire and rewrite rule (3-6) do not work at all. I also tried moving these rules to apache2.conf and .htaccess files but it didn't work either. It does not give any error but these rules are simple ignored. expires and rewrite modules are ENABLED. Please let me know what should I do to fix this. 1. Do I need to add something else in httpd.conf file (like Options +FollowSymLink) or something else? 2. Do I need to add something in apache2.conf file? 3. Do I need to move these rules to .htaccess file? If yes, what should I write in that file and where should I keep that file? in /etc/apache2/ folder or /var/www/ folder? 4. Any other info to make this work? Thanks, Ankit

    Read the article

  • proxy pass for activeMQ

    - by user1172482
    I have a apache server that I'm trying to use for proxy access my activeMQ admin page. I am able to load the inital landing page properly, but I can't seem to load any of the sub-pages (Queues, Connections, etc.). My proxypass rules on the apache server are the following: ProxyPass /foo http://10.5.124.108:8161/admin ProxyPassReverse /foo http://10.5.124.108:8161/admin The activeMQ installation included a activemq-httpd.conf file in /etc/httpd/conf.d/. Proxy connections there are enabled: ProxyRequests On ProxyVia On <Proxy *> Allow from all Order allow,deny </Proxy> ProxyPass /admin http://localhost:8161/admin ProxyPassReverse /admin http://localhost:8161/admin ProxyPass /message http://localhost:8161/admin/send ProxyPassReverse /message http://localhost:8161/admin/send From what I've read the proxypass rules should be recursive (the rule for /foo should also work for /foo/bar). Is there something else that I'm missing here that's preventing me from accessing pages beyond the initial admin landing page?

    Read the article

  • Linux networking "jail" for a single process

    - by halp
    I need to tune up a networking app for network specific things like: make it use a DNS server different than the default one from /etc/resolv.conf make sure it does not try to connect to certain hosts/ports using tcp/udp connections I know I can get away with just modifying /etc/resolv.conf and writing some iptables rules, but going for a default DENY firewall policy for outgoing IP packets can trigger malfunctions in other services running on the server. I know I can set up a virtual machine with a whole OS and run my app there, but it seems a bit overkill. Is it possible to have a networking "jail" for a single app (think single Linux process) that could accept iptables-like rules for network traffic (think in terms of IP packets and above) allowed to and from this particular app? Maybe this is achievable through some dynamically loaded library that can deal with the networking layer, the same manner tsocks does, but more fine-grained?

    Read the article

  • Correct way to treat iptables init failure?

    - by chris_l
    Hi, I'm initializing my iptables rules via /etc/network/if-pre-up.d/iptables, using iptables-restore. This works fine, but I'm a bit worried about what would happen, if that script failed for some reason (maybe the saved iptables file is corrupt or whatever). In case the script failed, I'd like to: Start up my network interfaces without any iptables rules Start up OpenSSH server But not any other services like web server, ... (and maybe stop running instances) Is there a good canonical way to do that? Going into a lower init stage? - I haven't done that in a long time, and I think a lot about init has changed in recent years (?) - which stage should I drop to, and would the OpenSSH server and my network interfaces still run? Thanks Chris (On Debian Lenny)

    Read the article

  • Can't access Linux machine from the network, network from the machine is fine

    - by Matt
    I'm having issues with a machine that stopped replicating with mysql. It's managed by a guy on another continent but recently I've had to get involved. The server is running Ubuntu server 9.10 I can't log in with SSH, there is no response. On the server itself I can ssh to localhost fine. I thought maybe it's the firewall rules. I'm no expert on IP Tables, but I believe that's not the issue as I removed all the rules. But it still won't let me in. Any ideas? it's acting from other machines as though the service isn't listening, but I know that it is. It's like this for all services.

    Read the article

  • Iptables config breaks Java + Elastic Search communication

    - by Agustin Lopez
    I am trying to set up a firewall for a server hosting a java app and ES. Both are on the same server and communicate to each other. The problem I am having is that my firewall configuration prevents java from connecting to ES. Not sure why really.... I have tried lot of stuff like opening the port range 9200:9400 to the server ip without any luck but from what I know all communication inside the server should be allowed with this configuration. The idea is that ES should not be accessible from outside but it should be accessible from this java app and ES uses the port range 9200:9400. This is my iptables script: echo -e Deleting rules for INPUT chain iptables -F INPUT echo -e Deleting rules for OUTPUT chain iptables -F OUTPUT echo -e Deleting rules for FORWARD chain iptables -F FORWARD echo -e Setting by default the drop policy on each chain iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP echo -e Open all ports from/to localhost iptables -A INPUT -i lo -j ACCEPT echo -e Open SSH port 22 with brute force security iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m recent --set --name SSH --rsource iptables -A INPUT -p tcp -m tcp --dport 22 -m recent --rcheck --seconds 30 --hitcount 4 --rttl --name SSH --rsource -j REJECT --reject-with tcp-reset iptables -A INPUT -p tcp -m tcp --dport 22 -m recent --rcheck --seconds 30 --hitcount 3 --rttl --name SSH --rsource -j LOG --log-prefix "SSH brute force " iptables -A INPUT -p tcp -m tcp --dport 22 -m recent --update --seconds 30 --hitcount 3 --rttl --name SSH --rsource -j REJECT --reject-with tcp-reset iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT echo -e Open NGINX port 80 iptables -A INPUT -p tcp --dport 80 -j ACCEPT echo -e Open NGINX SSL port 443 iptables -A INPUT -p tcp --dport 443 -j ACCEPT echo -e Enable DNS iptables -A INPUT -p tcp -m tcp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT iptables -A INPUT -p udp -m udp --sport 53 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT And I get this in the java app when this config is in place: org.elasticsearch.cluster.block.ClusterBlockException: blocked by: [SERVICE_UNAVAILABLE/1/state not recovered / initialized];[SERVICE_UNAVAILABLE/2/no master]; at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:292) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1185) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:537) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:475) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:304) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:228) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:300) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:195) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:700) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:760) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:482) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:403) Do any of you see any problem with this configuration and ES? Thanks in advance

    Read the article

  • iptables prerouting to redirect source ip address on ethernet

    - by Kevin Campion
    I have 2 ip adresses on the Internet who redirect on the same machine. On this machine, one Debian runs on OpenVZ. I can set iptables rules to redirect all http request to the Debian. iptables prerouting -d ip_address_2 DNAT --to ip_address_local_1 +--------------+ | | | V | ip_address_local_1 I| +------+ +----------+ N|ip_address_1 | |-----|Debian1 VE|-- Apache's log T|-----------------|OpenVZ| +----------+ [client ip_address_1] E| | | | R|ip_address_2 | | | N|--------------+ | | E| +------+ T| Iptables' rules : iptables -t nat -A PREROUTING -p tcp -i eth0 -d ip_address_2 --dport 80 -j DNAT --to ip_address_local_1:80 iptables -A FORWARD -p tcp -i eth0 -o venet0 -d ip_address_local_1 --dport 80 -j ACCEPT iptables -A FORWARD -p tcp -i venet0 -o eth0 -s ip_address_local_1 --sport 80 -j ACCEPT When I go to webpage with "http://ip_address_2", I can see the good content but the ip address on access log file is ip_address_1, I would like to see my ISP's ip address. Any ideas?

    Read the article

  • Error when installing SQL Server 2008 R2 Express

    - by dretzlaff17
    When installing SQL Server 2008 R2 from the command line prompt, I am getting the following error that is recorded in the Summary file. Scenario specific rules: Rules report file: C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Log\20101217_131444\SystemConfigurationCheck_Report.htm Exception summary: The following is an exception stack listing the exceptions in outermost to innermost order Inner exceptions are being indented Exception type: System.ArgumentNullException Message: Value cannot be null. Parameter name: path2 Data: DisableWatson = true Stack: at System.IO.Path.Combine(String path1, String path2) at Microsoft.SqlServer.Configuration.SqlEngine.SqlEngineSetupPublic.RecomputeDirectoryPaths() at Microsoft.SqlServer.Configuration.SqlEngine.SqlEngineSetupPublic.Calculate() at Microsoft.SqlServer.Configuration.SetupExtension.FinalCalculateSettingsAction.ExecuteAction(String actionId) at Microsoft.SqlServer.Chainer.Infrastructure.Action.Execute(String actionId, TextWriter errorStream) at Microsoft.SqlServer.Setup.Chainer.Workflow.ActionInvocation.ExecuteActionHelper(TextWriter statusStream, ISequencedAction actionToRun) Has anyone seen this. Here is what I am sending for the command line parameters. /q /ACTION=Install /FEATURES=SQLEngine /SECURITYMODE=SQL /SAPWD="myPassword" /BROWSERSVCSTARTUPTYPE=Automatic /SQLSVCSTARTUPTYPE=Automatic /SQLSVCACCOUNT="NT AUTHORITY\Network Service" /SQLSYSADMINACCOUNTS="BUILTIN\ADMINISTRATORS" /AGTSVCACCOUNT="NT AUTHORITY\Network Service" /IACCEPTSQLSERVERLICENSETERMS

    Read the article

  • mdadm email notification - change the default subject

    - by Shirker
    I have entry in my crontab 00 */1 * * * /sbin/mdadm --monitor --scan -1 [email protected] It works more than perfect, but I need to change the default email template. So instead of subject "mdadm monitoring" it wished to be "mdadm monitoring from «IP ADDRESS»" or like that. [root@mail ~]# rpm -ql mdadm-3.2.5-4.el6_4.2.x86_64 | grep -v -E '(man|doc)' /etc/cron.d/raid-check /etc/rc.d/init.d/mdmonitor /etc/sysconfig/raid-check /lib/udev/rules.d/65-md-incremental.rules /sbin/mdadm /sbin/mdmon /usr/sbin/raid-check /var/run/mdadm Is it hardcoded or its possible to change?

    Read the article

  • IIS7 URL Rewrite - Rewrite CSS files

    - by user1231958
    I'm trying to rewrite certain CSS files with some rules, so it replaces every single instance of links in the CSS (as in background: url("/myuri.jpg")) with a prefix (as in background: url("/zeus/myuri.jpg")) These are the rules. <rule name="ReverseProxyOutboundRule2" preCondition="IsCSS" enabled="true" stopProcessing="false"> <match filterByTags="None" pattern="url\(&quot;(.*)&quot;\)" /> <action type="Rewrite" value="url(&quot;/zeus{R:1}&quot;)" /> <conditions> <add input="{URL}" pattern="/zeus" /> </conditions> </rule> <preCondition name="IsCSS"> <add input="{RESPONSE_CONTENT_TYPE}" pattern="^text/css" /> </preCondition> However, only one url is being replaced this way and somehow the rest is being ignored. Thank you beforehand.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 49 50 51 52 53 54 55 56 57 58 59 60  | Next Page >