Search Results

Search found 10369 results on 415 pages for 'png 24'.

Page 59/415 | < Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66  | Next Page >

  • Authenticate by libpam-mysql and libnss-mysql (CentOS)

    - by Chris
    I'm trying to get MySQL to function as a backend for authenticating users on CentOS 6.3. So far I have successfully installed and configured libnss-mysql. I can test this by doing: # groups testuser testuser : sftp Testuser is a member of the sftp group in fact, all MySQL based useraccounts will be hardcoded to it. The sftp group is chrooted and forced to use internal-sftp so they cannot do anything but access their home directory. Then I configured pam-mysql and PAM to allow mysql logins. This also works.. When SELinux is not enforcing. When I do setenforce 1 users can no longer login. Error: Permission denied, please try again. This is my pam_mysql.conf file: users.host=localhost users.db_user=nss-pam-user users.db_passwd=*********** users.database=sftpusers users.table=users users.user_column=username users.password_column=password users.password_crypt=6 verbose=1 My /etc/pam.d/sshd: #%PAM-1.0 auth sufficient pam_sepermit.so auth include password-auth auth required pam_mysql.so config_file=/etc/pam_mysql.conf account sufficient pam_nologin.so account include password-auth account required pam_mysql.so config_file=/etc/pam_mysql.conf password include password-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session required pam_loginuid.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open env_params session optional pam_keyinit.so force revoke session include password-auth And to be complete the contents of some log files.. /var/logs/secure Nov 20 14:52:20 hostname unix_chkpwd[4891]: check pass; user unknown Nov 20 14:52:20 hostname unix_chkpwd[4891]: password check failed for user (testuser) Nov 20 14:52:20 hostname sshd[4880]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.10.107 user=testuser Nov 20 14:52:22 sftpusers sshd[4880]: Failed password for testuser from 192.168.10.107 port 51849 ssh2 /var/logs/audit/audit.log type=USER_AUTH msg=audit(1353420107.070:812): user pid=5285 uid=0 auid=500 ses=24 subj=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=pubkey acct="testuser" exe="/usr/sbin/sshd" hostname=? addr=192.168.10.107 terminal=ssh res=failed' type=USER_AUTH msg=audit(1353420112.312:813): user pid=5285 uid=0 auid=500 ses=24 subj=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=PAM:authentication acct="testuser" exe="/usr/sbin/sshd" hostname=192.168.10.107 addr=192.168.10.107 terminal=ssh res=failed' type=USER_AUTH msg=audit(1353420112.456:814): user pid=5285 uid=0 auid=500 ses=24 subj=unconfined_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=password acct="testuser" exe="/usr/sbin/sshd" hostname=? addr=192.168.10.107 terminal=ssh res=failed' I tried to let audit2why explain the problem but it remains silent even though there are some errors. Does anyone see the problem? Thanks! EDIT: Turns out it's almost working with setenforce 0 I can mkdir foobar but if I do a single ls I get an error: Received message too long 16777216

    Read the article

  • FAVICON: Favicon now showing up

    - by Russ
    I'm using a .png favicon file and it is not showing up on my site. Doing a grep, I see the following in home.htm which looks right for me(I have also confirmed it's in the HEAD section within home.htm): home.htm: <link rel="shortcut icon" type="image/png" href="favicon.png"> The favicon.png file is in the same directory as the home.html file. Any suggestions are welcome! Thanks all. In case the file info is revealing for anyone, I'll attach it here:

    Read the article

  • Monitors - inches vs resolution

    - by Vnuk
    I'm currently moving away from living five years only on laptop to a desktop setup. I'm currently browsing for monitors and I've noticed something strange. On my laptop I have 1920x1200 on 17". To get the same resolution on a monitor I have to get Dell U2410 24" or Samsung SM2443NW 24". I do not need (or want) 7" more inches of screen, I just want the 1920x1200 resolution. Why is this setup (big resolution on less inches of screen) available on a laptop but not on a regular monitor? I'm setting this as a community wiki beacuse I think that there is no right answer here...

    Read the article

  • Netboot Debian (wheezy) from NFS v4

    - by bara
    Is it possible to boot Debian Wheezy from NFS v4? Bootwing with NFS v3 works just fine. NFS v4 not. This is in my /etc/exports: /nfs 192.168.100.0/24(ro,sync,insecure,no_root_squash,no_subtree_check,fsid=0) /nfs/root 192.168.100.0/24(ro,nohide,sync,insecure,no_root_squash,no_subtree_check) /nfs/root/www contains the root of the webserver. The commandline is: rootfstype=nfs4 root=/dev/nfs4 nfsroot=192.168.100.1:/root/www fails with mount call failed - server replied: Permission denied. Mounting from the busybox in the initrd fails: mount -t nfs4 192.168.100.1:/nfs/root/www /root mounting .. failed: Invalid argument Do I need to modify the initrd?

    Read the article

  • LameUser trying - apache2 webserver authentication - IP range to access without pass prompt others with it

    - by Mikee
    I have (maybe silly) question regarding the apache2 webserver and security - I am trying to archieve this: Users connecting from 192.168.1.24 not to be prompted for password and allowed Others asked for username and password if correct then connect. I am trying to do this for the whole directory /var/www No matter whether I put the code into .htaccess file or in httpd.conf it doesn't work for me. Order deny,allow Deny from all AuthName "PassRequest" AuthType Basic AuthUserFile /var/.htpasswd Require valid-user Allow from 192.168.1.24 Satisfy Any If I try to connect to the page I am allowed from both the allowed IP or any other, If I remove the satisfy any line then I am prompted for password, if I remove the password too and try to connect from different IP I am NOT REFUSED ... is there some module that needs to be activated or why is the IP directive skipped ? It needs to be put in every folder or /var/www/.htaccess is enough ? can I just put it in httpd.conf instead or not ?? I spend last 4 hours trying to google up why it is acting like that, Any help will be highly appreciated :-))

    Read the article

  • Recurring events repeatedly saves a draft every minute

    - by Henrik Rasmussen
    Using Outlook 2010, some of my recurring (planned, not drafts) events is saving a draft to my Drafts folder every single minute as long as it's active. An example taken from real life is that I have a calendar entry (Appointment) occuring every day from 24-09-2012 until 28-09-2012 from 08:00 to 16:00 (GMT+1) with a blue category, only one participant (me) with subject but without a place. So every minute from 24-09-2012 until 28-09-2012 from 08:00 to 16:00, but not from 16:00 to 08:00, a new draft is automatically saved in my Drafts folder. How do I get rid of that behaviour? Addition here: Removing the offending event just allows a new one to take its place. There doesn't seem to be much on the sites - Microsoft calls it a "personal" issue, but there are more and more instances.

    Read the article

  • Where is all the memory being consumed?

    - by Mark L
    Hello, I have a Dell R300 Ubuntu 9.10 box with 4GB of memory. All I'm running on there is haproxy, nagios and postfix yet there is ~2.7GB of memory being consumed. I've run ps and I can't get the sums to add up. Could anyone shed any light on where all the memory is being used? Cheers, Mark $ sudo free -m total used free shared buffers cached Mem: 3957 2746 1211 0 169 2320 -/+ buffers/cache: 256 3701 Swap: 6212 0 6212 Sorry for pasting all of ps' output but I'm keen to get to the bottom of this. $ sudo ps aux [sudo] password for mark: USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 1 0.0 0.0 19320 1656 ? Ss May20 0:05 /sbin/init root 2 0.0 0.0 0 0 ? S< May20 0:00 [kthreadd] root 3 0.0 0.0 0 0 ? S< May20 0:00 [migration/0] root 4 0.0 0.0 0 0 ? S< May20 0:16 [ksoftirqd/0] root 5 0.0 0.0 0 0 ? S< May20 0:00 [watchdog/0] root 6 0.0 0.0 0 0 ? S< May20 0:03 [migration/1] root 7 0.0 0.0 0 0 ? S< May20 3:10 [ksoftirqd/1] root 8 0.0 0.0 0 0 ? S< May20 0:00 [watchdog/1] root 9 0.0 0.0 0 0 ? S< May20 0:00 [migration/2] root 10 0.0 0.0 0 0 ? S< May20 0:19 [ksoftirqd/2] root 11 0.0 0.0 0 0 ? S< May20 0:00 [watchdog/2] root 12 0.0 0.0 0 0 ? S< May20 0:01 [migration/3] root 13 0.0 0.0 0 0 ? S< May20 0:41 [ksoftirqd/3] root 14 0.0 0.0 0 0 ? S< May20 0:00 [watchdog/3] root 15 0.0 0.0 0 0 ? S< May20 0:03 [events/0] root 16 0.0 0.0 0 0 ? S< May20 0:10 [events/1] root 17 0.0 0.0 0 0 ? S< May20 0:08 [events/2] root 18 0.0 0.0 0 0 ? S< May20 0:08 [events/3] root 19 0.0 0.0 0 0 ? S< May20 0:00 [cpuset] root 20 0.0 0.0 0 0 ? S< May20 0:00 [khelper] root 21 0.0 0.0 0 0 ? S< May20 0:00 [netns] root 22 0.0 0.0 0 0 ? S< May20 0:00 [async/mgr] root 23 0.0 0.0 0 0 ? S< May20 0:00 [kintegrityd/0] root 24 0.0 0.0 0 0 ? S< May20 0:00 [kintegrityd/1] root 25 0.0 0.0 0 0 ? S< May20 0:00 [kintegrityd/2] root 26 0.0 0.0 0 0 ? S< May20 0:00 [kintegrityd/3] root 27 0.0 0.0 0 0 ? S< May20 0:00 [kblockd/0] root 28 0.0 0.0 0 0 ? S< May20 0:01 [kblockd/1] root 29 0.0 0.0 0 0 ? S< May20 0:04 [kblockd/2] root 30 0.0 0.0 0 0 ? S< May20 0:02 [kblockd/3] root 31 0.0 0.0 0 0 ? S< May20 0:00 [kacpid] root 32 0.0 0.0 0 0 ? S< May20 0:00 [kacpi_notify] root 33 0.0 0.0 0 0 ? S< May20 0:00 [kacpi_hotplug] root 34 0.0 0.0 0 0 ? S< May20 0:00 [ata/0] root 35 0.0 0.0 0 0 ? S< May20 0:00 [ata/1] root 36 0.0 0.0 0 0 ? S< May20 0:00 [ata/2] root 37 0.0 0.0 0 0 ? S< May20 0:00 [ata/3] root 38 0.0 0.0 0 0 ? S< May20 0:00 [ata_aux] root 39 0.0 0.0 0 0 ? S< May20 0:00 [ksuspend_usbd] root 40 0.0 0.0 0 0 ? S< May20 0:00 [khubd] root 41 0.0 0.0 0 0 ? S< May20 0:00 [kseriod] root 42 0.0 0.0 0 0 ? S< May20 0:00 [kmmcd] root 43 0.0 0.0 0 0 ? S< May20 0:00 [bluetooth] root 44 0.0 0.0 0 0 ? S May20 0:00 [khungtaskd] root 45 0.0 0.0 0 0 ? S May20 0:00 [pdflush] root 46 0.0 0.0 0 0 ? S May20 0:09 [pdflush] root 47 0.0 0.0 0 0 ? S< May20 0:00 [kswapd0] root 48 0.0 0.0 0 0 ? S< May20 0:00 [aio/0] root 49 0.0 0.0 0 0 ? S< May20 0:00 [aio/1] root 50 0.0 0.0 0 0 ? S< May20 0:00 [aio/2] root 51 0.0 0.0 0 0 ? S< May20 0:00 [aio/3] root 52 0.0 0.0 0 0 ? S< May20 0:00 [ecryptfs-kthrea] root 53 0.0 0.0 0 0 ? S< May20 0:00 [crypto/0] root 54 0.0 0.0 0 0 ? S< May20 0:00 [crypto/1] root 55 0.0 0.0 0 0 ? S< May20 0:00 [crypto/2] root 56 0.0 0.0 0 0 ? S< May20 0:00 [crypto/3] root 70 0.0 0.0 0 0 ? S< May20 0:00 [scsi_eh_0] root 71 0.0 0.0 0 0 ? S< May20 0:00 [scsi_eh_1] root 74 0.0 0.0 0 0 ? S< May20 0:00 [scsi_eh_2] root 75 0.0 0.0 0 0 ? S< May20 0:00 [scsi_eh_3] root 82 0.0 0.0 0 0 ? S< May20 0:00 [kstriped] root 83 0.0 0.0 0 0 ? S< May20 0:00 [kmpathd/0] root 84 0.0 0.0 0 0 ? S< May20 0:00 [kmpathd/1] root 85 0.0 0.0 0 0 ? S< May20 0:00 [kmpathd/2] root 86 0.0 0.0 0 0 ? S< May20 0:00 [kmpathd/3] root 87 0.0 0.0 0 0 ? S< May20 0:00 [kmpath_handlerd] root 88 0.0 0.0 0 0 ? S< May20 0:00 [ksnapd] root 89 0.0 0.0 0 0 ? S< May20 0:00 [kondemand/0] root 90 0.0 0.0 0 0 ? S< May20 0:00 [kondemand/1] root 91 0.0 0.0 0 0 ? S< May20 0:00 [kondemand/2] root 92 0.0 0.0 0 0 ? S< May20 0:00 [kondemand/3] root 93 0.0 0.0 0 0 ? S< May20 0:00 [kconservative/0] root 94 0.0 0.0 0 0 ? S< May20 0:00 [kconservative/1] root 95 0.0 0.0 0 0 ? S< May20 0:00 [kconservative/2] root 96 0.0 0.0 0 0 ? S< May20 0:00 [kconservative/3] root 97 0.0 0.0 0 0 ? S< May20 0:00 [krfcommd] root 315 0.0 0.0 0 0 ? S< May20 0:09 [mpt_poll_0] root 317 0.0 0.0 0 0 ? S< May20 0:00 [mpt/0] root 547 0.0 0.0 0 0 ? S< May20 0:00 [scsi_eh_4] root 587 0.0 0.0 0 0 ? S< May20 0:11 [kjournald2] root 636 0.0 0.0 12748 860 ? S May20 0:00 upstart-udev-bridge --daemon root 657 0.0 0.0 17064 924 ? S<s May20 0:00 udevd --daemon root 666 0.0 0.0 8192 612 ? Ss May20 0:00 dd bs=1 if=/proc/kmsg of=/var/run/rsyslog/kmsg root 774 0.0 0.0 17060 888 ? S< May20 0:00 udevd --daemon root 775 0.0 0.0 17060 888 ? S< May20 0:00 udevd --daemon syslog 825 0.0 0.0 191696 1988 ? Sl May20 0:31 rsyslogd -c4 root 839 0.0 0.0 0 0 ? S< May20 0:00 [edac-poller] root 870 0.0 0.0 0 0 ? S< May20 0:00 [kpsmoused] root 1006 0.0 0.0 5988 604 tty4 Ss+ May20 0:00 /sbin/getty -8 38400 tty4 root 1008 0.0 0.0 5988 604 tty5 Ss+ May20 0:00 /sbin/getty -8 38400 tty5 root 1015 0.0 0.0 5988 604 tty2 Ss+ May20 0:00 /sbin/getty -8 38400 tty2 root 1016 0.0 0.0 5988 608 tty3 Ss+ May20 0:00 /sbin/getty -8 38400 tty3 root 1018 0.0 0.0 5988 604 tty6 Ss+ May20 0:00 /sbin/getty -8 38400 tty6 daemon 1025 0.0 0.0 16512 472 ? Ss May20 0:00 atd root 1026 0.0 0.0 18708 1000 ? Ss May20 0:03 cron root 1052 0.0 0.0 49072 1252 ? Ss May20 0:25 /usr/sbin/sshd root 1084 0.0 0.0 5988 604 tty1 Ss+ May20 0:00 /sbin/getty -8 38400 tty1 root 6320 0.0 0.0 19440 956 ? Ss May21 0:00 /usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive -inetd_compat -inetd_ipv6 nagios 8197 0.0 0.0 27452 1696 ? SNs May21 2:57 /usr/sbin/nagios3 -d /etc/nagios3/nagios.cfg root 10882 0.1 0.0 70280 3104 ? Ss 10:30 0:00 sshd: mark [priv] mark 10934 0.0 0.0 70432 1776 ? S 10:30 0:00 sshd: mark@pts/0 mark 10935 1.4 0.1 21572 4336 pts/0 Ss 10:30 0:00 -bash root 10953 1.0 0.0 15164 1136 pts/0 R+ 10:30 0:00 ps aux haproxy 12738 0.0 0.0 17208 992 ? Ss Jun08 0:49 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg root 23953 0.0 0.0 37012 2192 ? Ss Jun04 0:03 /usr/lib/postfix/master postfix 23955 0.0 0.0 39232 2356 ? S Jun04 0:00 qmgr -l -t fifo -u postfix 32603 0.0 0.0 39072 2132 ? S 09:05 0:00 pickup -l -t fifo -u -c Here's meminfo: $ cat /proc/meminfo MemTotal: 4052852 kB MemFree: 1240488 kB Buffers: 173172 kB Cached: 2376420 kB SwapCached: 0 kB Active: 1479288 kB Inactive: 1081876 kB Active(anon): 11792 kB Inactive(anon): 0 kB Active(file): 1467496 kB Inactive(file): 1081876 kB Unevictable: 0 kB Mlocked: 0 kB SwapTotal: 6361700 kB SwapFree: 6361700 kB Dirty: 44 kB Writeback: 0 kB AnonPages: 11568 kB Mapped: 5844 kB Slab: 155032 kB SReclaimable: 145804 kB SUnreclaim: 9228 kB PageTables: 1592 kB NFS_Unstable: 0 kB Bounce: 0 kB WritebackTmp: 0 kB CommitLimit: 8388124 kB Committed_AS: 51732 kB VmallocTotal: 34359738367 kB VmallocUsed: 282604 kB VmallocChunk: 34359453499 kB HugePages_Total: 0 HugePages_Free: 0 HugePages_Rsvd: 0 HugePages_Surp: 0 Hugepagesize: 2048 kB DirectMap4k: 6784 kB DirectMap2M: 4182016 kB Here's slabinfo: $ cat /proc/slabinfo slabinfo - version: 2.1 # name <active_objs> <num_objs> <objsize> <objperslab> <pagesperslab> : tunables <limit> <batchcount> <sharedfactor> : slabdata <active_slabs> <num_slabs> <sharedavail> ip6_dst_cache 50 50 320 25 2 : tunables 0 0 0 : slabdata 2 2 0 UDPLITEv6 0 0 960 17 4 : tunables 0 0 0 : slabdata 0 0 0 UDPv6 68 68 960 17 4 : tunables 0 0 0 : slabdata 4 4 0 tw_sock_TCPv6 0 0 320 25 2 : tunables 0 0 0 : slabdata 0 0 0 TCPv6 72 72 1792 18 8 : tunables 0 0 0 : slabdata 4 4 0 dm_raid1_read_record 0 0 1064 30 8 : tunables 0 0 0 : slabdata 0 0 0 kcopyd_job 0 0 368 22 2 : tunables 0 0 0 : slabdata 0 0 0 dm_uevent 0 0 2608 12 8 : tunables 0 0 0 : slabdata 0 0 0 dm_rq_target_io 0 0 376 21 2 : tunables 0 0 0 : slabdata 0 0 0 uhci_urb_priv 0 0 56 73 1 : tunables 0 0 0 : slabdata 0 0 0 cfq_queue 0 0 168 24 1 : tunables 0 0 0 : slabdata 0 0 0 mqueue_inode_cache 18 18 896 18 4 : tunables 0 0 0 : slabdata 1 1 0 fuse_request 0 0 632 25 4 : tunables 0 0 0 : slabdata 0 0 0 fuse_inode 0 0 768 21 4 : tunables 0 0 0 : slabdata 0 0 0 ecryptfs_inode_cache 0 0 1024 16 4 : tunables 0 0 0 : slabdata 0 0 0 hugetlbfs_inode_cache 26 26 608 26 4 : tunables 0 0 0 : slabdata 1 1 0 journal_handle 680 680 24 170 1 : tunables 0 0 0 : slabdata 4 4 0 journal_head 144 144 112 36 1 : tunables 0 0 0 : slabdata 4 4 0 revoke_table 256 256 16 256 1 : tunables 0 0 0 : slabdata 1 1 0 revoke_record 512 512 32 128 1 : tunables 0 0 0 : slabdata 4 4 0 ext4_inode_cache 53306 53424 888 18 4 : tunables 0 0 0 : slabdata 2968 2968 0 ext4_free_block_extents 292 292 56 73 1 : tunables 0 0 0 : slabdata 4 4 0 ext4_alloc_context 112 112 144 28 1 : tunables 0 0 0 : slabdata 4 4 0 ext4_prealloc_space 156 156 104 39 1 : tunables 0 0 0 : slabdata 4 4 0 ext4_system_zone 0 0 40 102 1 : tunables 0 0 0 : slabdata 0 0 0 ext2_inode_cache 0 0 776 21 4 : tunables 0 0 0 : slabdata 0 0 0 ext3_inode_cache 0 0 784 20 4 : tunables 0 0 0 : slabdata 0 0 0 ext3_xattr 0 0 88 46 1 : tunables 0 0 0 : slabdata 0 0 0 dquot 0 0 256 16 1 : tunables 0 0 0 : slabdata 0 0 0 shmem_inode_cache 606 620 800 20 4 : tunables 0 0 0 : slabdata 31 31 0 pid_namespace 0 0 2112 15 8 : tunables 0 0 0 : slabdata 0 0 0 UDP-Lite 0 0 832 19 4 : tunables 0 0 0 : slabdata 0 0 0 RAW 183 210 768 21 4 : tunables 0 0 0 : slabdata 10 10 0 UDP 76 76 832 19 4 : tunables 0 0 0 : slabdata 4 4 0 tw_sock_TCP 80 80 256 16 1 : tunables 0 0 0 : slabdata 5 5 0 TCP 81 114 1664 19 8 : tunables 0 0 0 : slabdata 6 6 0 blkdev_integrity 144 144 112 36 1 : tunables 0 0 0 : slabdata 4 4 0 blkdev_queue 64 64 2024 16 8 : tunables 0 0 0 : slabdata 4 4 0 blkdev_requests 120 120 336 24 2 : tunables 0 0 0 : slabdata 5 5 0 fsnotify_event 156 156 104 39 1 : tunables 0 0 0 : slabdata 4 4 0 bip-256 7 7 4224 7 8 : tunables 0 0 0 : slabdata 1 1 0 bip-128 0 0 2176 15 8 : tunables 0 0 0 : slabdata 0 0 0 bip-64 0 0 1152 28 8 : tunables 0 0 0 : slabdata 0 0 0 bip-16 84 84 384 21 2 : tunables 0 0 0 : slabdata 4 4 0 sock_inode_cache 224 276 704 23 4 : tunables 0 0 0 : slabdata 12 12 0 file_lock_cache 88 88 184 22 1 : tunables 0 0 0 : slabdata 4 4 0 net_namespace 0 0 1920 17 8 : tunables 0 0 0 : slabdata 0 0 0 Acpi-ParseExt 640 672 72 56 1 : tunables 0 0 0 : slabdata 12 12 0 taskstats 48 48 328 24 2 : tunables 0 0 0 : slabdata 2 2 0 proc_inode_cache 1613 1750 640 25 4 : tunables 0 0 0 : slabdata 70 70 0 sigqueue 100 100 160 25 1 : tunables 0 0 0 : slabdata 4 4 0 radix_tree_node 22443 22475 560 29 4 : tunables 0 0 0 : slabdata 775 775 0 bdev_cache 72 72 896 18 4 : tunables 0 0 0 : slabdata 4 4 0 sysfs_dir_cache 9866 9894 80 51 1 : tunables 0 0 0 : slabdata 194 194 0 inode_cache 2268 2268 592 27 4 : tunables 0 0 0 : slabdata 84 84 0 dentry 285907 286062 192 21 1 : tunables 0 0 0 : slabdata 13622 13622 0 buffer_head 256447 257472 112 36 1 : tunables 0 0 0 : slabdata 7152 7152 0 vm_area_struct 1469 1541 176 23 1 : tunables 0 0 0 : slabdata 67 67 0 mm_struct 82 95 832 19 4 : tunables 0 0 0 : slabdata 5 5 0 files_cache 104 161 704 23 4 : tunables 0 0 0 : slabdata 7 7 0 signal_cache 163 187 960 17 4 : tunables 0 0 0 : slabdata 11 11 0 sighand_cache 145 165 2112 15 8 : tunables 0 0 0 : slabdata 11 11 0 task_xstate 118 140 576 28 4 : tunables 0 0 0 : slabdata 5 5 0 task_struct 128 165 5808 5 8 : tunables 0 0 0 : slabdata 33 33 0 anon_vma 731 896 32 128 1 : tunables 0 0 0 : slabdata 7 7 0 shared_policy_node 85 85 48 85 1 : tunables 0 0 0 : slabdata 1 1 0 numa_policy 170 170 24 170 1 : tunables 0 0 0 : slabdata 1 1 0 idr_layer_cache 240 240 544 30 4 : tunables 0 0 0 : slabdata 8 8 0 kmalloc-8192 27 32 8192 4 8 : tunables 0 0 0 : slabdata 8 8 0 kmalloc-4096 291 344 4096 8 8 : tunables 0 0 0 : slabdata 43 43 0 kmalloc-2048 225 240 2048 16 8 : tunables 0 0 0 : slabdata 15 15 0 kmalloc-1024 366 432 1024 16 4 : tunables 0 0 0 : slabdata 27 27 0 kmalloc-512 536 544 512 16 2 : tunables 0 0 0 : slabdata 34 34 0 kmalloc-256 406 528 256 16 1 : tunables 0 0 0 : slabdata 33 33 0 kmalloc-128 503 576 128 32 1 : tunables 0 0 0 : slabdata 18 18 0 kmalloc-64 3467 3712 64 64 1 : tunables 0 0 0 : slabdata 58 58 0 kmalloc-32 1520 1920 32 128 1 : tunables 0 0 0 : slabdata 15 15 0 kmalloc-16 3547 3840 16 256 1 : tunables 0 0 0 : slabdata 15 15 0 kmalloc-8 4607 4608 8 512 1 : tunables 0 0 0 : slabdata 9 9 0 kmalloc-192 4620 5313 192 21 1 : tunables 0 0 0 : slabdata 253 253 0 kmalloc-96 1780 1848 96 42 1 : tunables 0 0 0 : slabdata 44 44 0 kmem_cache_node 0 0 64 64 1 : tunables 0 0 0 : slabdata 0 0 0

    Read the article

  • Forwarding RDP via a Linux machine using iptables: Not working

    - by Nimmy Lebby
    I have a Linux machine and a Windows machine behind a router that implements NAT (the diagram might be overkill, but was fun to make): I am forwarding RDP port (3389) on the router to the Linux machine because I want to audit RDP connections. For the Linux machine to forward RDP traffic, I wrote these iptables rules: iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination win-box iptables -A FORWARD -p tcp --dport 3389 -j ACCEPT The port is listening on the Windows machine: C:\Users\nimmy>netstat -a Active Connections Proto Local Address Foreign Address State (..snip..) TCP 0.0.0.0:3389 WIN-BOX:0 LISTENING (..snip..) And the port is forwarding on the Linux machine: # tcpdump port 3389 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 01:33:11.451663 IP shieldsup.grc.com.56387 > linux-box.myapt.lan.ms-wbt-server: Flags [S], seq 94663035, win 8192, options [mss 1460], length 0 01:33:11.451846 IP shieldsup.grc.com.56387 > win-box.myapt.lan.ms-wbt-server: Flags [S], seq 94663035, win 8192, options [mss 1460], length 0 However, I am not getting any successful RDP connections from the outside. The port is not even responding: C:\Users\outside-nimmy>telnet example.com 3389 Connecting To example.com...Could not open connection to the host, on port 3389: Connect failed Any ideas? Update Per @Zhiqiang Ma, I looked at nf_conntrack proc file during a connection attempt and this is what I see (192.168.3.1 = linux-box, 192.168.3.5 = win-box): # cat /proc/net/nf_conntrack | grep 3389 ipv4 2 tcp 6 118 SYN_SENT src=4.79.142.206 dst=192.168.3.1 sport=43142 dport=3389 packets=6 bytes=264 [UNREPLIED] src=192.168.3.5 dst=4.79.142.206 sport=3389 dport=43142 packets=0 bytes=0 mark=0 secmark=0 zone=0 use=2 2nd update Got tcpdump on the router and it seems that win-box is sending an RST packet: 21:20:24.767792 IP shieldsup.grc.com.45349 > linux-box.myapt.lan.3389: S 19088743:19088743(0) win 8192 <mss 1460> 21:20:24.768038 IP shieldsup.grc.com.45349 > win-box.myapt.lan.3389: S 19088743:19088743(0) win 8192 <mss 1460> 21:20:24.770674 IP win-box.myapt.lan.3389 > shieldsup.grc.com.45349: R 721745706:721745706(0) ack 755785049 win 0 Why would Windows be doing this?

    Read the article

  • How can I configure apache to cache the images that it is serving? Right now it is giving headers t

    - by Tchalvak
    Serving up images that don't seem to cache There's a LAPP (postgresql instead of mysql) running over on http://ninjawars.net. I just recently noticed that images don't seem to be caching with any kind of good frequency as I was reloading a page with a few images on it here: http://www.ninjawars.net/attack_player.php Here is an example image (they're probably all being served exactly the same): http://www.ninjawars.net/images/characters/fighter.png Checking the header, it seems that the caching is set to: Cache-Control:max-age=0 (the full header for this image-like-all-the-others is... Request URL:http://www.ninjawars.net/images/characters/fighter.png Request Method:GET Status Code:200 OK Request Headers Accept:application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,/;q=0.5 Cache-Control:max-age=0 Referer:http://www.ninjawars.net/images/characters/fighter.png User-Agent:Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.3 Safari/533.4 Response Headers Accept-Ranges:bytes Content-Length:938 Content-Type:image/png Date:Thu, 13 May 2010 21:24:07 GMT ETag:"ffd4d-3aa-4837efc120540" Last-Modified:Mon, 05 Apr 2010 15:28:45 GMT Server:Apache ) So what modules or config or htaccess or whatever do I change to have it cache images, e.g. for 24 hours?

    Read the article

  • Segfault with rtorrent on Debian Lenny

    - by digital
    Hi, My debian lenny server keeps segfaulting with rtorrent, it happens once every 24 hours. Libcurl has been recompiled to the latest version and it still seems to happen. I'm not the best when it comes to linux server admin but if you require more info about the system I'll try and get it for you. lib/rtorrent are 0.8.5/0.12.5 Any help would be appreciated as I'd like rtorrent up 24/7 Caught Segmentation fault, dumping stack: 0 rtorrent [0x439686] 1 rtorrent [0x43e06a] 2 /lib/libc.so.6 [0x7f73ce780f60] 3 /usr/lib/libcurl.so.4 [0x7f73d04f4431] 4 /usr/lib/libcurl.so.4 [0x7f73d04f47da] 5 /usr/lib/libcurl.so.4(curl_multi_remove_handle+0x341) [0x7f73d050acb1] 6 rtorrent [0x480221] 7 rtorrent [0x482915] 8 /usr/local/lib/libtorrent.so.11 [0x7f73d02b1f95] 9 /usr/local/lib/libtorrent.so.11 [0x7f73d02b1fea] 10 /usr/local/lib/libtorrent.so.11 [0x7f73d02b4cfc] 11 rtorrent [0x48058a] 12 rtorrent [0x439f49] 13 /lib/libc.so.6(__libc_start_main+0xe6) [0x7f73ce76d1a6] 14 rtorrent(_ZNSt8ios_base4InitD1Ev+0x71) [0x40ea99]

    Read the article

  • Unable to find valid certification path to requested target while CAS authentication

    - by Dmitriy Sukharev
    I'm trying to configure CAS authentication. It requires both CAS and client application to use HTTPS protocol. Unfortunately we should use self-signed certificate (with CN that doesn't have anything in common with our server). Also the server is behind firewall and we have only two ports (ssh and https) visible. As far as there're several application that should be visible externally, we use Apache for ajp reverse proxying requests to these applications. Secure connections are managed by Apache, and all Tomcat are not configured to work with SSL. But I obtained exception while authentication, therefore desided to set keystore in CATALINA_OPTS: export CATALINA_OPTS="-Djavax.net.ssl.keyStore=/path/to/tomcat/ssl/cert.pfx -Djavax.net.ssl.keyStoreType=PKCS12 -Djavax.net.ssl.keyStorePassword=password -Djavax.net.ssl.keyAlias=alias -Djavax.net.debug=ssl" cert.pfx was obtained from certificate and key that are used by Apache HTTP Server: $ openssl pkcs12 -export -out /path/to/tomcat/ssl/cert.pfx -inkey /path/to/apache2/ssl/server-key.pem -in /path/to/apache2/ssl/server-cert.pem When I try to authenticate a user I obtain the following exception: Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:174) ~[na:1.6.0_32] at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) ~[na:1.6.0_32] at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) ~[na:1.6.0_32] Meanwhile I can see in catalina.out that Tomcat see certificate in cert.pfx and it's the same as the one that is used while authentication: 09:11:38.886 [http-bio-8080-exec-2] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Constructing validation url: https://external-ip/cas/proxyValidate?pgtUrl=https%3A%2F%2Fexternal-ip%2Fclient%2Fj_spring_cas_security_proxyreceptor&ticket=ST-17-PN26WtdsZqNmpUBS59RC-cas&service=https%3A%2F%2Fexternal-ip%2Fclient%2Fj_spring_cas_security_check 09:11:38.886 [http-bio-8080-exec-2] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Retrieving response from server. keyStore is : /path/to/tomcat/ssl/cert.pfx keyStore type is : PKCS12 keyStore provider is : init keystore init keymanager of type SunX509 *** found key for : 1 chain [0] = [ [ Version: V1 Subject: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 1024 bits modulus: 13??a lot of digits here??19 public exponent: ????7 Validity: [From: Tue Apr 24 16:32:18 CEST 2012, To: Wed Apr 24 16:32:18 CEST 2013] Issuer: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country SerialNumber: [ d??????? ????????] ] Algorithm: [SHA1withRSA] Signature: 0000: 65 Signature is here 0070: 96 . ] *** trustStore is: /jdk-home-folder/jre/lib/security/cacerts Here is a lot of trusted CAs. Here is nothing related to our certicate or our (not trusted) CA. ... 09:11:39.731 [http-bio-8080-exec-4] DEBUG o.j.c.c.v.Cas20ProxyTicketValidator - Retrieving response from server. Allow unsafe renegotiation: false Allow legacy hello messages: true Is initial handshake: true Is secure renegotiation: false %% No cached client session *** ClientHello, TLSv1 RandomCookie: GMT: 1347433643 bytes = { 63, 239, 180, 32, 103, 140, 83, 7, 109, 149, 177, 80, 223, 79, 243, 244, 60, 191, 124, 139, 108, 5, 122, 238, 146, 1, 54, 218 } Session ID: {} Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CBC_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] Compression Methods: { 0 } *** http-bio-8080-exec-4, WRITE: TLSv1 Handshake, length = 75 http-bio-8080-exec-4, WRITE: SSLv2 client hello message, length = 101 http-bio-8080-exec-4, READ: TLSv1 Handshake, length = 81 *** ServerHello, TLSv1 RandomCookie: GMT: 1347433643 bytes = { 145, 237, 232, 63, 240, 104, 234, 201, 148, 235, 12, 222, 60, 75, 174, 0, 103, 38, 196, 181, 27, 226, 243, 61, 34, 7, 107, 72 } Session ID: {79, 202, 117, 79, 130, 216, 168, 38, 68, 29, 182, 82, 16, 25, 251, 66, 93, 108, 49, 133, 92, 108, 198, 23, 120, 120, 135, 151, 15, 13, 199, 87} Cipher Suite: SSL_RSA_WITH_RC4_128_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: <empty> *** %% Created: [Session-2, SSL_RSA_WITH_RC4_128_SHA] ** SSL_RSA_WITH_RC4_128_SHA http-bio-8080-exec-4, READ: TLSv1 Handshake, length = 609 *** Certificate chain chain [0] = [ [ Version: V1 Subject: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country Signature Algorithm: SHA1withRSA, OID = 1.2.840.113549.1.1.5 Key: Sun RSA public key, 1024 bits modulus: 13??a lot of digits here??19 public exponent: ????7 Validity: [From: Tue Apr 24 16:32:18 CEST 2012, To: Wed Apr 24 16:32:18 CEST 2013] Issuer: CN=wrong.domain.name, O=Our organization, L=Location, ST=State, C=Country SerialNumber: [ d??????? ????????] ] Algorithm: [SHA1withRSA] Signature: 0000: 65 Signature is here 0070: 96 . ] *** http-bio-8080-exec-4, SEND TLSv1 ALERT: fatal, description = certificate_unknown http-bio-8080-exec-4, WRITE: TLSv1 Alert, length = 2 http-bio-8080-exec-4, called closeSocket() http-bio-8080-exec-4, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target I tried to convert our pem certificate to der format and imported it to trustedKeyStore (cacerts) (without private key), but it didn't change anything. But I'm not confident that I did it rigth. Also I must inform you that I don't know passphrase for our servier-key.pem file, and probably it differs from password for keystore created by me. OS: CentOS 6.2 Architecture: x64 Tomcat version: 7 Apache HTTP Server version: 2.4 Is there any way to make Tomcat accepts our certificate?

    Read the article

  • Trouble with Debian Lenny and Sphinx

    - by Ando
    I've very basic understanding of linux systems, but I've a server which was setup a while ago to host some web apps. Recently I decided to test out and implement Sphinx but unfortunately I cant get the install to work. I'm running a Debian Lenny distro and when I try to install sphinx it says - checking MySQL include files... configure: error: missing include files. ****************************************************************************** ERROR: cannot find MySQL include files. Check that you do have MySQL include files installed. The package name is typically 'mysql-devel'. If include files are installed on your system, but you are still getting this message, you should do one of the following: 1) either specify includes location explicitly, using --with-mysql-includes; 2) or specify MySQL installation root location explicitly, using --with-mysql; 3) or make sure that the path to 'mysql_config' program is listed in your PATH environment variable. To disable MySQL support, use --without-mysql option. ****************************************************************************** I do have mysql 5.1 installed but I can't find the include files, AND one more thing.. I read around the net that I probably need libmysqlclient15-dev but when I try to install that using apt-get i receive the following error. The following packages were automatically installed and are no longer required: libxcb-aux0 libts-0.0-0 libxcb-atom1 ttf-dejavu-extra hunspell-en-us g++-4.3 libmysql++3 libnspr4-0d libdirectfb-1.0-0 libxcb-event1 libasound2 libstdc++6-4.3-dev libhunspell-1.2-0 ttf-dejavu libmozjs2d conkeror-spawn-process-helper libnss3-1d Use 'apt-get autoremove' to remove them. The following NEW packages will be installed: libmysqlclient15-dev 0 upgraded, 1 newly installed, 0 to remove and 276 not upgraded. Need to get 7590 kB of archives. After this operation, 26.3 MB of additional disk space will be used. WARNING: The following packages cannot be authenticated! libmysqlclient15-dev Install these packages without verification [y/N]? Y Err http://ftp.us.debian.org/debian/ lenny/main libmysqlclient15-dev amd64 5.0.51a-24+lenny5 404 Not Found [IP: 35.9.37.225 80] Err http://security.debian.org/ lenny/updates/main libmysqlclient15-dev amd64 5.0.51a-24+lenny5 404 Not Found [IP: 149.20.20.6 80] Failed to fetch http://security.debian.org/pool/updates/main/m/mysql-dfsg-5.0/libmysqlclient15-dev_5.0.51a-24+lenny5_amd64.deb 404 Not Found [IP: 149.20.20.6 80] E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing? Can you help me out by suggesting how to install the required packages and run the Sphinx.

    Read the article

  • Input not supported message when monitor is powered off then back on

    - by Jason Down
    I've been getting a message on my monitor where "Input not supported" is floating around. This only happens when I manually turn the monitor off and then later turn it back on. Leaving the monitor on and allowing it to go to the screen saver doesn't seem to cause the issue (but I prefer to turn the monitor off if I'm going to be away from the computer for any length of time). Any ideas what might cause this, only when the monitor is turned off manually? Specs: Acer X203w mointor Radeon 9600 Pro Video card Linux Mint 8 Resolution 1680 x 1050 (16:10 - Preferred native resolution for the monitor) Refresh Rate 60hz Here is what is in my xorg.conf file: Section "Device" Identifier "Radeon 9600" Driver "ati" BusID "PCI:1:0:0" Option "XAANoOffscreenPixmaps" Option "AccelMethod" "XAA" EndSection Section "Screen" Identifier "Default Screen" Device "Radeon 9600" DefaultDepth 24 SubSection "Display" Depth 24 Modes "1680x1050" "1440x900" "1024x768" EndSubSection EndSection Section "DRI" Mode 0666 EndSection Section "Extensions" Option "Composite" "Enable" EndSection

    Read the article

  • uploading zip files in codeigniter won't work

    - by krike
    I have created a helper that requires some parameters and should upload a file, the function works for images however not for zip files. I searched on google and even added a MY_upload.php - http://codeigniter.com/bug_tracker/bug/6780/ however I still have the problem so I used print_r to display the array of the uploaded files, the image is fine however the zip array is empty: Array ( [file_name] => [file_type] => [file_path] => [full_path] => [raw_name] => [orig_name] => [file_ext] => [file_size] => [is_image] => [image_width] => [image_height] => [image_type] => [image_size_str] => ) Array ( [file_name] => 2385b959279b5e3cd451fee54273512c.png [file_type] => image/png [file_path] => I:/wamp/www/e-commerce/sources/images/ [full_path] => I:/wamp/www/e-commerce/sources/images/2385b959279b5e3cd451fee54273512c.png [raw_name] => 2385b959279b5e3cd451fee54273512c [orig_name] => 1269770869_Art_Artdesigner.lv_.png [file_ext] => .png [file_size] => 15.43 [is_image] => 1 [image_width] => 113 [image_height] => 128 [image_type] => png [image_size_str] => width="113" height="128" ) this is the function helper function multiple_upload($name = 'userfile', $upload_dir = 'sources/images/', $allowed_types = 'gif|jpg|jpeg|jpe|png', $size) { $CI =& get_instance(); $config['upload_path'] = realpath($upload_dir); $config['allowed_types'] = $allowed_types; $config['max_size'] = $size; $config['overwrite'] = FALSE; $config['encrypt_name'] = TRUE; $ffiles = $CI->upload->data(); echo "<pre>"; print_r($ffiles); echo "</pre>"; $CI->upload->initialize($config); $errors = FALSE; if(!$CI->upload->do_upload($name))://I believe this is causing the problem but I'm new to codeigniter so no idea where to look for errors $errors = TRUE; else: // Build a file array from all uploaded files $files = $CI->upload->data(); endif; // There was errors, we have to delete the uploaded files if($errors): @unlink($files['full_path']); return false; else: return $files; endif; }//end of multiple_upload() and this is the code in my controller if(!$s_thumb = multiple_upload('small_thumb', 'sources/images/', 'gif|jpg|jpeg|jpe|png', 1024)): //http://www.matisse.net/bitcalc/ $data['feedback'] = '<div class="error">Could not upload the small thumbnail!</div>'; $error = TRUE; endif; if(!$main_file = multiple_upload('main_file', 'sources/items/', 'zip', 307200)): $data['feedback'] = '<div class="error">Could not upload the main file!</div>'; $error = TRUE; endif;

    Read the article

  • Setup routing and iptables for new VPN connection to redirect **only** ports 80 and 443

    - by Steve
    I have a new VPN connection (using openvpn) to allow me to route around some ISP restrictions. Whilst it is working fine, it is taking all the traffic over the vpn. This is causing me issues for downloading (my internet connection is a lot faster than the vpn allows), and for remote access. I run an ssh server, and have a daemon running that allows me to schdule downloads via my phone. I have my existing ethernet connection on eth0, and the new VPN connection on tun0. I believe I need to setup the default route to use my existing eth0 connection on the 192.168.0.0/24 network, and set the default gateway to 192.168.0.1 (my knowledge is shaky as I haven't done this for a number of years). If that is correct, then I'm not exactly sure how to do it!. My current routing table is: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface MSS Window irtt 0.0.0.0 10.51.0.169 0.0.0.0 UG 0 0 0 tun0 0 0 0 10.51.0.1 10.51.0.169 255.255.255.255 UGH 0 0 0 tun0 0 0 0 10.51.0.169 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 0 0 0 85.25.147.49 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 0 0 0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0 0 0 0 192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 0 0 0 After fixing the routing, I believe I need to use iptables to configure prerouting or masquerading to force everything for destination port 80 or 443 over tun0. Again, I'm not exactly sure how to do this! Everything I've found on the internet is trying to do something far more complicated, and trying to sort the wood from the trees is proving difficult. Any help would be much appreciated. UPDATE So far, from the various sources, I've cobbled together the following: #!/bin/sh DEV1=eth0 IP1=`ifconfig|perl -nE'/dr:(\S+)/&&say$1'|grep 192.` GW1=192.168.0.1 TABLE1=internet TABLE2=vpn DEV2=tun0 IP2=`ifconfig|perl -nE'/dr:(\S+)/&&say$1'|grep 10.` GW2=`route -n | grep 'UG[ \t]' | awk '{print $2}'` ip route flush table $TABLE1 ip route flush table $TABLE2 ip route show table main | grep -Ev ^default | while read ROUTE ; do ip route add table $TABLE1 $ROUTE ip route add table $TABLE2 $ROUTE done ip route add table $TABLE1 $GW1 dev $DEV1 src $IP1 ip route add table $TABLE2 $GW2 dev $DEV2 src $IP2 ip route add table $TABLE1 default via $GW1 ip route add table $TABLE2 default via $GW2 echo "1" > /proc/sys/net/ipv4/ip_forward echo "1" > /proc/sys/net/ipv4/ip_dynaddr ip rule add from $IP1 lookup $TABLE1 ip rule add from $IP2 lookup $TABLE2 ip rule add fwmark 1 lookup $TABLE1 ip rule add fwmark 2 lookup $TABLE2 iptables -t nat -A POSTROUTING -o $DEV1 -j SNAT --to-source $IP1 iptables -t nat -A POSTROUTING -o $DEV2 -j SNAT --to-source $IP2 iptables -t nat -A PREROUTING -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark iptables -t nat -A PREROUTING -i $DEV1 -m state --state NEW -j CONNMARK --set-mark 1 iptables -t nat -A PREROUTING -i $DEV2 -m state --state NEW -j CONNMARK --set-mark 2 iptables -t nat -A PREROUTING -m connmark --mark 1 -j MARK --set-mark 1 iptables -t nat -A PREROUTING -m connmark --mark 2 -j MARK --set-mark 2 iptables -t nat -A PREROUTING -m state --state NEW -m connmark ! --mark 0 -j CONNMARK --save-mark iptables -t mangle -A PREROUTING -i $DEV2 -m state --state NEW -p tcp --dport 80 -j CONNMARK --set-mark 2 iptables -t mangle -A PREROUTING -i $DEV2 -m state --state NEW -p tcp --dport 443 -j CONNMARK --set-mark 2 route del default route add default gw 192.168.0.1 eth0 Now this seems to be working. Except it isn't! Connections to the blocked websites are going through, connections not on ports 80 and 443 are using the non-VPN connection. However port 80 and 443 connections that aren't to the blocked websites are using the non-VPN connection too! As the general goal has been reached, I'm relatively happy, but it would be nice to know why it isn't working exactly right. Any ideas? For reference, I now have 3 routing tables, main, internet, and vpn. The listing of them is as follows... Main: default via 192.168.0.1 dev eth0 10.38.0.1 via 10.38.0.205 dev tun0 10.38.0.205 dev tun0 proto kernel scope link src 10.38.0.206 85.removed via 192.168.0.1 dev eth0 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.73 metric 1 Internet: default via 192.168.0.1 dev eth0 10.38.0.1 via 10.38.0.205 dev tun0 10.38.0.205 dev tun0 proto kernel scope link src 10.38.0.206 85.removed via 192.168.0.1 dev eth0 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.73 metric 1 192.168.0.1 dev eth0 scope link src 192.168.0.73 VPN: default via 10.38.0.205 dev tun0 10.38.0.1 via 10.38.0.205 dev tun0 10.38.0.205 dev tun0 proto kernel scope link src 10.38.0.206 85.removed via 192.168.0.1 dev eth0 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.73 metric 1

    Read the article

  • Setting up NFS server on Gentoo

    - by StackedCrooked
    I'm trying to set up an NFS server on a Gentoo VM. I've installed nfs-utils-1.2.2 and added the following line to the /etc/exports file: /root/svn 10.0.0.0/255.0.0.0(rw,sync,no_subtree_check) However, when I try to start the nfs service I get the following errors: gentoo-amd64-francis orig # /etc/init.d/nfs start FATAL: Could not load /lib/modules/2.6.24-9-pve/modules.dep: No such file or directory * Exporting NFS directories ... [ ok ] * Starting NFS mountd ... [ !! ] * Starting NFS daemon ... [ !! ] * Starting NFS smnotify ... [ ok ] It complains about not finding the /lib/modules/2.6.24-9-pve/modules.dep file, but the /lib/modules directory doesn't even exist on this machine. Can anyone help me getting it to work?

    Read the article

  • Static Route Qestion

    - by mrlayance
    I have a Wan simulator between 2 networks. I can ping both networks from the wan simulator, but I can not ping from one network to the other. testr01 Fa0/0 10.0.0.1/24 FA0/1 192.168.0.1/30 | | Wan Sim 2 nics Eth0 192.168.0.2/30 | Eth1 192.168.1.2/30 | | testr02 Fa0/1 192.168.1.1/30 Fa0/0 10.1.0.2/24 I can not figure out what type of routes I need. On the route? On the Server? I guess all 10. traffic to the Fa0/0 ports? Thanks

    Read the article

  • How to keep time on resumed KVM guest with libvirt?

    - by Hristo Hristov
    On my host I am using libvirt and a KVM guest. When the host is shutting down, libvirt suspends the guest. When the host is starting up, libvirt resumes the guest. The problem is, if the guest is suspended and resumed after 24 hours for example, then the guest time is 24 hours in the past. I thought that maybe the problem is with the clocksource, but it is set to "kvm-clock" already. $ cat /sys/devices/system/clocksource/clocksource0/available_clocksource kvm-clock tsc hpet acpi_pm $ cat /sys/devices/system/clocksource/clocksource0/current_clocksource kvm-clock

    Read the article

  • How to fetch a cpu status thought net-snmp

    - by Steve.DC.Tang
    I want to fetch a device's cpu and memory status thought net-snmp. I get my device's info with this command: snmpwalk -v 2c -c public 210.38.xxx.xxx system And I got this info: SNMPv2-MIB::sysDescr.0 = STRING: Ruijie High-density IPv6 10G Core Routing Switch(S8606) By Ruijie Network SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.4881.1.1.10.1.43 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1978814424) 229 days, 0:42:24.24 SNMPv2-MIB::sysContact.0 = STRING: SNMPv2-MIB::sysName.0 = STRING: S8606 SNMPv2-MIB::sysLocation.0 = STRING: SNMPv2-MIB::sysServices.0 = INTEGER: 7 Now I want to fetch the cpu status, and I search my question on Google, somebody offer a oid for query the cpu status: snmpwalk -v 2c -c public 210.38.xxx.xxx usageOfCPU But it doesn't worked : No log handling enabled - using stderr logging usageOfCPU: Unknown Object Identifier (Sub-id not found: (top) - usageOfCPU) Somebody told me some switch has its private MIB, and you can use it to see its CPU status, is that right? I hope someone can solve me question......

    Read the article

  • Command line raw image processing tools in Linux?

    - by ???
    I'm wondering if there is any command to process raw images, for example, cat raw1.img | raw2jpg -w 640 -h 480 -pitch 1024 -pixelformat R8G8B8 and more examples: cat raw1.img raw2.img >y-merge.img tr='transpose -pitch 1024 -depth 24' cat <(cat raw1.img | $tr) <(cat raw2.img | $tr) | transpose -pitch 480 >x-merge.img and something like this: cat gamebitmap.dat | ( w=`readint32` h=`readint32` raw2png -w $w -h $h -depth 24 -pixelformat R8G8B8 ) | png2svg -extractoutline -fuzzy -error 8 -smooth Seems a little tricky, but is it possible? does ImageMagick support such raw formats?

    Read the article

  • How to do complex port forwarding (sort of)

    - by adnan kamili
    I have a very different situation. My laptop named A, another machine B(ip-172.16.28.3) with ssh server installed and i have an account on that machine, the third machine C(ip-172.16.24.3) is a proxy server. All the machines are within a LAN, but 1- Machine B can connect to A as well as C 2- Machine A i.e.my pc, it can only connect to B and not C Now to use internet, i do the following: ssh -X [email protected] Then i type firefox and i use the firefox of machine B with proxy setings as 172.16.24.3:3128 Instead of using firefox of B, i want to use my local firefox. Is there a way through which i can connect to C via B and use my local firefox for browsing

    Read the article

  • Is there no such thing as a Gigabit switch?

    - by Torben Gundtofte-Bruun
    According to the manufacturer specification, even my rather plain desktop computer has "Gigabit Ethernet". So when I want to copy large files over the LAN (not Internet) it would make sense to have a gigabit switch. I'm searching eBay for a gigabit switch for a planned home network upgrade. The products I find are all labeled "gigabit" but they all have 24 x 10/100Mbit autosensing ports and sometimes 2 x 10/100/1000Mbit autosensing ports. It was my understanding that 10/100 is ancient and that modern computers have network interfaces that work with 1000Mbit, so it would make sense to get a switch that has 24 x 1000Mbit ports. Did I misunderstand, or are sellers (deliberately?) mislabeling older hardware? (Let's not dive into wired vs. wireless networks and how "N" wireless is fast. You'd be right, but not answering the question.)

    Read the article

  • Why do I have no TTY on a basic Ubuntu 9.10 server install?

    - by pr1001
    I have reinstalled Ubuntu 9.10 Server several times on a bog standard 1RU server and each time I finish the install and reboot I see GRUB run and am then presented with a black screen. The machine is running just fine, as I am able to SSH in, but I can't see anything on the attached monitor. I have a simple LCD screen connected via VGA and a signal is apparently being output to it, as it doesn't go asleep. Looking at /var/log/syslog I see: Mar 24 14:57:44 bridge5 rsyslogd-2039: Could no open output file '/dev/xconsole' [try http://www.rsyslog.com/e/2039 ] However, I later see: Mar 24 14:57:44 bridge5 kernel: [ 0.001368] console [tty0] enabled Any thoughts? Thanks!

    Read the article

  • Windows7 access to Printer shared with XP ?

    - by chmike
    I have, at home, an eeebox running with XP 24/24 with an attached printer (Canon IP5300) installed as shared. We have a few other laptops and PC, all with vista, that can access and print on the shared printer without problem. We just received a new Dell computer with Windows7-64 on it, but it fails to connect the shared printer. I tried connecting the printer with its USB cord directly to the Windows7 PC and the required driver was automatically downloaded and installed. I could then access the printer specific properties, etc. But if I connect it back to the XP computer, the windows7 PC still refused to connect to the remote printer although it now have the drivers. The windows7 is a family pack. By the way, I also have an old canon scanner still perfectly working with XP, but for which I can't find compatible drivers for windows 7. Do I have to buy a new one ? Any help would be welcome.

    Read the article

  • Troubleshooting an NFS server hanging after authenticated mount request

    - by Christoph
    I need some advice on troubleshooting an NFS server problem on Scientific Linux (RHEL) 6.1. The log on the server shows that an authenticated mount request was made: Jan 13 16:30:02 ??? rpc.mountd[3996]: authenticated mount request from ????:784 for /shared-storage/cm/shared (/shared-storage/cm/shared) But after that, it does not continue. On the client, it is also hanging. The interesting thing now is that I have two NFS servers, which should be identical, and the one is working perfectly, but the other exhibits the above mentioned behaviour. The problem is also not completely persistent, i. e. sometimes the mount request succeeds. I assume that the problem must be related to the server rather than to the client, because it is working perfectly on the other server. My question is where I should search the problem. I have already re-created the exports using exportfs -r, I have restarted the NFS server, I have compared the rpcinfo outputs of both server - no success. The problem even survives a reboot. Any other ideas are appreciated. As answer to Tim's question: I have sporadically the following in dmesg, but do not know whether it is related e1000e 0000:0c:00.0: eth4: Detected Hardware Unit Hang: TDH <24> TDT <25> next_to_use <25> next_to_clean <24> buffer_info[next_to_clean]: time_stamp <1c3d12940> next_to_watch <24> jiffies <1c3d12940> next_to_watch.status <0> MAC Status <80383> PHY Status <792d> PHY 1000BASE-T Status <7800> PHY Extended Status <3000> PCI Status <10> Further edit: The problem above does not occur on the machine that is working, so it probably is related. Again an edit: The error is not on the (software) device that is used for NFS, but on another one. The NFS mount also does not trigger the message.

    Read the article

< Previous Page | 55 56 57 58 59 60 61 62 63 64 65 66  | Next Page >