Search Results

Search found 5262 results on 211 pages for 'commands'.

Page 65/211 | < Previous Page | 61 62 63 64 65 66 67 68 69 70 71 72  | Next Page >

  • Secure openVPN using IPTABLES

    - by bob franklin smith harriet
    Hey, I setup an openVPN server and it works ok. The next step is to secure it, I opted to use IPTABLES to only allow certain connections through but so far it is not working. I want to enable access to the network behind my openVPN server, and allow other services (web access), when iptables is disabaled or set to allow all this works fine, when using my following rules it does not. also note, I already configured openVPN itself to do what i want and it works fine, its only failing when iptables is started. Any help to tell me why this isnt working will appreciated here. These are the lines that I added in accordance with openVPN's recommendations, unfortunately testing these commands shows that they are requiered, they seem incredibly insecure though, any way to get around using them? # Allow TUN interface connections to OpenVPN server -A INPUT -i tun+ -j ACCEPT #allow TUN interface connections to be forwarded through other interfaces -A FORWARD -i tun+ -j ACCEPT # Allow TAP interface connections to OpenVPN server -A INPUT -i tap+ -j ACCEPT # Allow TAP interface connections to be forwarded through other interfaces -A FORWARD -i tap+ -j ACCEPT These are the new chains and commands i added to restrict access as much as possible unfortunately with these enabled, all that happens is the openVPN connection establishes fine, and then there is no access to the rest of the network behind the openVPN server note I am configuring the main iptables file and I am paranoid so all ports and ip addresses are altered, and -N etc appears before this so ignore that they dont appear. and i added some explanations of what i 'intended' these rules to do, so you dont waste time figuring out where i went wrong : 4 #accepts the vpn over port 1192 -A INPUT -p udp -m udp --dport 1192 -j ACCEPT -A INPUT -j INPUT-FIREWALL -A OUTPUT -j ACCEPT #packets that are to be forwarded from 10.10.1.0 network (all open vpn clients) to the internal network (192.168.5.0) jump to [sic]foward-firewall chain -A FORWARD -s 10.10.1.0/24 -d 192.168.5.0/24 -j FOWARD-FIREWALL #same as above, except for a different internal network -A FORWARD -s 10.10.1.0/24 -d 10.100.5.0/24 -j FOWARD-FIREWALL # reject any not from either of those two ranges -A FORWARD -j REJECT -A INPUT-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT-FIREWALL -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT-FIREWALL -j REJECT -A FOWARD-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT #80 443 and 53 are accepted -A FOWARD-FIREWALL -m tcp -p tcp --dport 80 -j ACCEPT -A FOWARD-FIREWALL -m tcp -p tcp --dport 443 -j ACCEPT #192.168.5.150 = openVPN sever -A FOWARD-FIREWALL -m tcp -p tcp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -m udp -p udp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -j REJECT COMMIT now I wait :D

    Read the article

  • retrieving headers / comment blocks

    - by AnC
    I have a number of log files that look like this: /* header arbitrary number of lines */ blah blah blah blah Using simple Bash commands (preferably sed, not awk), how would I retrieve only the header lines (ideally including the comment markers)? I've RTFM and tried googling, also found some hints, but not enough to get me started. Thanks!

    Read the article

  • How to distinguish between virtual disk image formats?

    - by Jakub Žitný
    There is huge number of different formats for virtual storage files for desktop and server purposes (vmdk, qcow2, vdi, vdk, etc.). I'm writing a little script for manipulating them and would like the script to be able to distinguish between them. Of course, it can be done via extension, but I want this to be more reliable. I tried commands file or qemu-img, but the results are not quite clear. Any idea improving my methods?

    Read the article

  • Add Secure notes to Keychain via Applescript

    - by TomA
    I have switched from Windows to Mac and one of the things I need to set up properly is password management. Previously on Windows I was using a small TrueCrypt file containing text files with usernames and passwords. I need to write an Applescript that takes those text files and imports them as Secure notes into Mac's Keychain Access app. I know that there are some Applescript commands related to Keychain, but I haven't found a way to add Secure notes.

    Read the article

  • Proper Imaging Procedures to Restore and Deploy Image with Separate System Reserved Partition

    - by alharaka
    UPDATE: As per my experience here, no one responded. If I do not hear back from TechNet forum members about it, I will post a bounty here, if it makes a difference. I have banged my head against a wall for what seems like all week. I am going to explain my simple procedure, and how none of it, absolutely none, seems to work afterword despite few alternatives and everyone on the internet telling assuming this is how to do it. Diskpart Commands to Create FS Structure REM Select the disk targeted for deployment. REM REM NOTE: Usually disk 0, but drive failure can make it external USB REM media. This will erase the drive regardless! select disk 0 REM Remove previous formatting. clean REM Create System Reserved partition bootloader and files. create partition primary size=100 REM Format the volume format fs=ntfs label="System Reserved" quick override noerr REM Assign the System Reserved partition the D: mount for now assign letter=C REM The main system partition, size not specified to occupy whole drive. create partition primary REM Format the volume format fs=ntfs quick override noerr REM Assign the OS partition the D: mount for now assign letter=D REM Make this the active/bootable partition. sel disk 0 sel partition 1 active REM Close out the diskpart session. exit Now, I thought this was madness, but it turns out the System Reserved partition and standard "System Partition" (C:, commonly both the boot and system volumes where you find the Windows directory AND the bootmgr/ntldr hardware files, this is where Windows 7 diverges) as mounted in the Windows PE session where I run these commands do not matter. See reference here. Since this needs to be BitLocker-ready, enter this crappy System Reserved partition that is separate 100MB of awesome that goes before the regular boot volume. I do this, then I proceed to the next step. Deploy System Reserved and Normal System Images REM C is still the "System Reserved Partition", and the image is just like it sounds. imagex /apply G:\images\systemreserved.wim 1 C: REM D is now what will be the C: system partition on reboot, supposedly. imagex /apply G:\images\testimage.wim 1 D: Reboot the system Now, the images I just captured should look good. This is not even sysprepped, but reapplying the same fscking image I prepared on the same reference workstation hours before. Problem is I get 0xc000000e could not detect the accessible boot device \Windows\system32\winload.exe or different kinds of nonsense revolving around being able to find the boot volume with all the right files. I try different variations of things, now none of them work. I tried repairs with bcdboot, with a fresh System Reserved partition or not, bootrec, and maually editing the damn BCD store with bcdedit. I tried finalizing the above process with and without bootsect /nt60 C: /force. I need to wrap up and automate this procedure. What am I doing wrong that does not make the image happy, but really just miserable.

    Read the article

  • What DBus signals do I send to players to imitate Gnome's multimedia shortcuts?

    - by culebrón
    I have Xubuntu 11.10, XFCE. I want to send DBus signals to the players so that they worked like in Gnome: you press 'play' key, it plays, 'next' - it forwards, and so on. For that, I need to bind to the multimedia keys a set of commands like this: dbus-send --dest=org.gnome.Rhythmbox ... Now, I searched and can't find it: what signals should I send? I need only 3 events: play, forward and rewind.

    Read the article

  • HISTCONTROL=ignoreboth not working debian lenny

    - by Mike
    Can anybody confirm if by setting the the following env variables under debian lenny will make previous history entries not to be saved. GNU bash, version 3.2.39(1)-release export HISTCONTROL=ignoreboth export HISTSIZE=500 I have added them to my /etc/bash.bashrc but I keep getting repeated commands. Thanks

    Read the article

  • *nix shell with IOS style completion?

    - by Kyle Brandt
    Is there a Linux shell that will let you type less than full commands as you can with Cisco IOS, at least for the first command (and not its arguments)? I haven't really thought enough if this is actually a good thing, but might be fun to play with :-)

    Read the article

  • Does TAM == TAPI3 Voice Compliance?

    - by Wayne Hartman
    I am looking to purchase some cheap USB modems that claim to be able to use TAM (Telephone answering machine). I am an unable to see any explicit commands that these devices support. Would it be safe to assume that these devices support the AT instructions for playing/recording audio from the modem?

    Read the article

  • How do I enable TUN/TAP forwarding?

    - by rafal
    I have a program which writes packets (destination address 10.3.0.2) to the TUN/TAP interface. Network: host1|tun0----eth1(10.3.0.1)|-------------------host2|eth1(10.3.0.2)| Wireshark captures these packets from interface tun0 but they are not forwarded to interface eth1. Commands: sysctl -w net.ipv4.ip_forward=1 sysctl -p iptables -A INPUT -i tun+ -j ACCEPT iptables -A FORWARD -i tun+ -j ACCEPT iptables -A INPUT -i tap+ -j ACCEPT iptables -A FORWARD -i tap+ -j ACCEPT /etc/init.d/networking restart /etc/init.d/openvpn restart

    Read the article

  • firefox restarting problem

    - by Arun
    i'm using firefox 3.0.13 in ubuntu 8.10 and i got a problem that it suddenly disables back,forward,refresh,stop options.After updating firefox using following commands sudo apt-get update sudo apt-get install firefox it always ask me restart the browser new version found . how to fix it ? How to reinstall properly?

    Read the article

  • Symbol lookup error while starting pidgin in Arch

    - by Hossein Mobasher
    I have just installed pidgin from the source code that i downloaded from pidgin site, it compile correctly with using below commands : ./configure --disable-gtkspell ; make ; make install but, when i try to start pidgin from terminal, occurres an error :? pidgin: symbol lookup error: /usr/lib/libfarstream-0.1.so.0: undefined symbol: g_key_file_free how can i solve this problem ? Thanks for your attention :)

    Read the article

  • Get caller id and append to url in browser automatically

    - by timbad2021
    I am trying to find a caller id device/program that will automatically open a browser and append the incoming phone number to a url when receiving a call. For example: https://www.myphonesearchapp.com/search?q=5733655593 This would probably be a usb device that you would run a phone line through that will get caller id and allow you to set custom commands like append the number to a url and launching it in a Browser. Thanks!

    Read the article

  • firefox restarting problem in ubuntu

    - by Arun
    i'm using ubuntu 8.10 . now i updated firefox it doesn't result any error. when i open it the back,refresh buttons are not working and always shows "Your browser has been updated and needs to be restarted". Can anyone know the problem . if i need to reinstall what commands to execute because im beginner to ubuntu.

    Read the article

  • Adium last message?

    - by Charles
    I need to quickly send messages with a little variation in IRC (ie, irc commands). On windows/mirc, I can just click up and the chat input will fill with my previous message. I'm currently using Adium, but it doesn't have this basic feature? Does anyone know how I can get this, or perhaps suggest a different client. Thanks.

    Read the article

  • bsdtar : jcf and --use-compress-program-bzip2 produce different files

    - by Valerio Schiavoni
    These two commands produce files that are slightly different in size. In particular: tar --use-compress-program=pbzip2 -cf old_logs.tbz2 1tree_* 4tree_* 8tree_* The file old_logs.tbz2 is 100557548 bytes large. The command: tar jcf old_logs.tbz 1tree_* 4tree_* 8tree_* produce the file old_logs.tbz that is 98783046 bytes large. Where the difference in the two files originate from ? I'm using bsdtar 2.8.3 - libarchive 2.8.3 on mac osx 10.8.5.

    Read the article

  • Generating/managing config files for hosted application

    - by mfinni
    I asked a question about config management, and haven't seen a reply. It's possible my question was too vague, so let's get down to brass tacks. Here's the process we follow when onboarding a new customer instance into our hosted application : how would you manage this? I'm leaning towards a Perl script to populate templates to generate shell scripts, config files, XML config files, etc. Looking briefly at CFengine and Chef, it seems like they're not going to reduce the amount of work, because I'd still have to manually specify all of the changes/edits within the tool. Doesn't seem to be much of a gain over touching the config files directly. We add a stanza to the main config file for the core (3rd-party) application. This stanza has values that defines the instance (customer) name the TCP listener port for this instance (not one currently used) the DB2 database name (serial numeric identifier, already exists, they get prestaged for us by the DBAs) three sub-config files, by name - they need to be created from 3 templates and be named after the instance The sub-config files define: The filepath for the DB2 volumes The filepath for the storage of objects The filepath for just one of the DB2 volumes (yes, redundant to the first item. We run some application commands, start the instance We do some LDAP thingies (make an OU for the instance, etc.) We add a stanza to the config file for our security listener that acts as a passthrough to LDAP instance name LDAP OU TCP port for instance DB2 database name We restart the security listener (off-hours), change the main config file from item 1, stop and restart the instance. It is now authenticating via LDAP. We add the stop and start commands for this instance to the HA failover scripts. We import an XML config file into the instance that defines things for the actual application for the customer - user names, groups, permissions, and business rules. The XML is supplied by the implementation team. Now, we configure the dataloading application We add a stanza to the existing top-level config file that points to a new customer-level config file. The new customer-level config file includes: the instance (customer) name the DB2 database name arbitrary number of sub-config files, by name Each of the sub-config files defines: filepaths to the directories for ingestion, feedback, backup, and failure those filepaths have a common path to a customer-specific folder, and then one folder for each sub-config file Each of those filepaths needs to be created We need to add this customer instance to our monitoring scripts that confirm the proper processes are running and can be logged into. Of course, those monitoring config files include the instance name, the TCP port, the DB2 database name, etc. There's also a reporting application that needs to be configured for the new instance. You get the idea. There's also XML that is loaded into WAS by the middleware team. We give them the values for them to plug into the XML - they could very easily hand us the template and we could give them back completed XML.

    Read the article

  • small mail daemon for windows

    - by abolotnov
    I'm looking for a small mail daemon for windows that could do a few simple things for me: hang on pop3 (preferably) or imap and check e-mails from me run commands I send via e-mail and return their execution status/output save files I attach to a local folder I suspect there must be something that could do this (I guess outlook can but I don't have it on this box) - I'm perhaps using wrong keywords.

    Read the article

  • Is it possible to run vim in remote mode on another machine?

    - by Leonid Shevtsov
    Hi, I run an Ubuntu server virtualbox under a Windows host for web development. At the moment I do all editing in Vim running inside PuTTY. It runs pretty well, but lacks some useful features like native copypasting from the host. I know about the remote mode of Vim, but afaik it can only operate on the same machine. Question is, is it possible to make gVim on the windows host proxy all the commands (and the editing) to a Vim instance running on the Linux guest?

    Read the article

  • Postfix sendmail -bs shows no output - permissions?

    - by Tatu Ulmanen
    When I run the sendmail -bs command as root, I get the expected output: $ sudo sendmail -bs 220 mydomain.com ESMTP Postfix ehlo localhost 250-mydomain.com 250-PIPELINING 250-SIZE 15728640 250-ETRN 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN But when I run the same command without sudo, I get no output at all and sendmail doesn't respond to any commands: $ sendmail -bs ehlo localhost quit wtf ^C $ How can I configure Postfix so that sendmail works for every user (or at least for some specific users)? I need this because SwiftMailer for PHP uses sendmail -bs for sending mails and fails when it can't find any output.

    Read the article

< Previous Page | 61 62 63 64 65 66 67 68 69 70 71 72  | Next Page >