Search Results

Search found 3399 results on 136 pages for 'rule'.

Page 69/136 | < Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76  | Next Page >

  • How to block access to websites on a linux box [closed]

    - by user364952
    I'm just curious how many ways people can come up with to block access to a website. I simply intended to block (my own) access to news.ycombinator.com to stop my productivity drain. The first two methods I thought of were editing the hosts file to resolve news.ycombinator.com to 0.0.0.0 or adding a rule to iptables. iptables -A OUTPUT -d news.ycombinator.com -j REJECT Disclaimer: I do realise that the above two methods are easily by-passable. Doesn't help this is my own machine. What other ways does the internet know?

    Read the article

  • How can I express this nginx config as apache2 rewrite rules?

    - by codecowboy
    if (!-e $request_filename){ rewrite /iOS/(.*jpg)$ /$1 last; rewrite /iOS/(.*jpeg)$ /$1 last; rewrite /iOS/(.*png)$ /$1 last; rewrite /iOS/(.*css)$ /$1 last; rewrite /iOS/(.*js)$ /$1 last; rewrite /Android/(.*jpg)$ /$1 last; rewrite /Android/(.*jpeg)$ /$1 last; rewrite /Android/(.*png)$ /$1 last; rewrite /Android/(.*css)$ /$1 last; rewrite /Android/(.*js)$ /$1 last; rewrite ^/(.*)$ /?route=$1 last; } There are some vanity URLs e.g. mysite.com/yourdetails which are handled internally by a router class (its a PHP app with index.php as the entry point) and they seem to work fine on nginx but not Apache :-/ I tried this but the vanity URLs are not working RewriteEngine On RewriteBase / RewriteCond %{REQUEST_URI} !=/favicon.ico RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?route=$1 [L] I'd like to rule out Apache config first before I get too deep into the code.

    Read the article

  • ibm 8305-29u Sound comes from internal speaker instead of green port - Ubuntu 10.04 LTS

    - by TecBrat
    The title pretty much says it all. My experience w/ubuntu is VERY limited. I did find the system test feature and ran an audio test. It found my device as Intel 82801DB-ICH4. I wasn't getting anything. I tried a couple of things and don't really even remember what I tried, but I started getting audio (not just beeps) from the system's internal speaker. Any ideas? (I can't rule out a hardware problem. This box sat under my bed for a couple of years and it's first life was in an environment FULL of cement dust.)H

    Read the article

  • ISA Server Route Add Question

    - by Kip
    Hi All, I have a situation where I have and ISA 2006 server (on Win2k3) that has an internal and an externaly facing NIC's. All works fine but I need to add a couple of routes for the following reason: Our monitoring software is on a different network. Our Terminal server is on a different network. Currently, access to the internet, through this proxy server, from the terminal server fails. Also, monitoring of the ISA server via a remote monitor or the installed agent talking to the remote monitor (BMC) also fails. The default enterprise rule on ISA blocks the traffic as I beleive it doesn't trust / know about those networks. Here is my routing table: I need to add a couple of address, but this one being the main one: 192.168.245.137 / mask 255.255.255.192 / gateway 192.168.245.129 But I can't get it to work. Routing is not my strong point but at the moment have no one else available to help. Can you offer any assistance? Please ask if you need more info

    Read the article

  • Server Core remote management from Windows 7 machine

    - by Robert Koritnik
    I've installed Remote Server Administration Tools for Windows 7 because I would like to administer my Windows Server 2008 R2 Server Core machine. The problem that I'm getting when I try to run Server Manager is: Connecting to remote server failed with the following error message: Access is denied. For more information, see the about_Remote_Troubleshooting Help topic. This is what I've done so far: I'm running WinRM service on both machines (Server and Window 7) I've added my server to trusted hosts on my Windows 7 machine: winrm set winrm/config/client @{TrustedHosts="WINSRV2"} I've added registry entry on Windows 7 machine: reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v LocalAccountTokenFilterPolicy /t REG_DWORD /d 1 /f I've enabled Remote Management inbound rule on server firewall using CoreConfigurator 2.0 both machines are in the same subnet and when I search for network machines on Windows 7 I see my server. Question What else should I do to make it work? I would like to run several different remote management tools against my server machine.

    Read the article

  • How to run a shell script before restarting a service in Monit in case of a crash

    - by Supratik
    I am using Monit 5.3.2 in my Linux box. I am monitoring some services using Monit. I want to run a script before the running the restart command. I have used the below conditions for the same. if does not exist for 2 times within 3 cycles then exec "/bin/bash -c 'touch /tmp/somefile'" as uid someuser and gid someuser if does not exist for 10 cycles then restart Unfortunately only the restart action is getting executed. Can anyone please help me to identify why the first rule is not executed ? Is there are any other way to solve the problem ?

    Read the article

  • How to test if SYN and FIN are both dropped at the same time in hping3?

    - by snow
    One of the rules to prevent unexpected attack is to prevent SYN & FIN being used together. SYN and FIN are both set $IPT -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP How do I use hping to test if this iptable rule works? hping3 192.168.7.0 --keep -S -F??? Is this complete? When just type iptables -L, it shows: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN WHY do I need to put the "SYN,FIN" twice before drop? Is it because one for source and one for destination?

    Read the article

  • What advantages does mod_evasive have over mod_security2 in terms of DDOS protection?

    - by Martynas Sušinskas
    Good day, I'm running an Apache2 server in front of a Tomcat and I need to implement a DDOS protection mechanism on the Apache2 layer. I have two candidates: mod_evasive and mod_security2 with the OWASP core rule set. Mod_security is already installed for overall protection, but the question is: is it worth adding mod_evasive besides mod_security just for the DDOS (does it have any major advantages) or the OWASP crs rules in the /experimental_rules/ directory (modsecurity_crs_11_dos_protection.conf) provide the same protection? Or it's just a matter of preference? The sites are not very high traffic normally. Thank you for your answers, Martynas

    Read the article

  • MikroTik ipv6 Tunnel

    - by MikeSmitty
    I've got a MikroTik router set up with the latest stable OS on it, and I just set up an ipv6 tunnel with Hurricane Electric, but I'm having an odd issue with it. I can't ping anything until I first ping the tunnel endpoint on HE's side. After that I can ping any ipv6 address fine, but give it a little time (say, maybe 30 sec) and I can't ping any ipv6 addresses again. Whenever it stops allowing ping to go through I notice the counter on my firewall rule that drops invalid connections goes up. this is my ipv6 firewall config: add action=accept chain=input comment="" connection-state=established \ disabled=no in-interface=sit1 add action=accept chain=input comment="" connection-state=related disabled=no \ in-interface=sit1 add action=accept chain=input comment="" disabled=no in-interface=bridge \ src-address=ipv6_address_here/64 add action=drop chain=input comment="" connection-state=invalid disabled=no \ in-interface=sit1 add action=drop chain=input comment="" disabled=no in-interface=sit1 Any ideas on what it could be?

    Read the article

  • Windows server 2008 rejecting packets from client

    - by l46kok
    We deployed a server application in .NET 4.0 that is going to run on Windows Server 2008 R2. Strangely, the clients cannot connect to the server given an external IP and the server port. I've ran wireshark diagnostics on the server computer and verified that the packets are arriving to the NIC without any issue so it seems Windows Server 2008 is the culprit here. I've tried to temporarily disable the firewall and add the server port into inbound/outbound rule but it still doesn't solve the issue. How can I solve this issue?

    Read the article

  • iptables: How to read this OPT string?

    - by alex
    I have a simple INPUT rule for iptables that logs any new connections to a logfile. --log-tcp-options and --log-ip-options flags are both set and I get the appropriate OPT output. One line of my log looks something like this: Nov 29 17:00:00 IN=venet0 OUT= MAC= SRC=x.x.x.x DST=x.x.x.x LEN=64 TOS=0x00 PREC=0x00 TTL=53 ID=37898 DF PROTO=TCP SPT=57755 DPT=8888 WINDOW=65535 RES=0x00 SYN URGP=0 OPT (0204057D010303010101080A3E521D4D0000000004020000) I would like to understand how to interpret the OPT string (bold). Is there some documentation available on what it actually means? How could I make it human-readable?

    Read the article

  • Ubuntu to Ubuntu VNC over SSH tunnel

    - by rxt
    I have a Linux Ubuntu desktop at home, ssh enabled, vnc server installed, router rule configured. It all works, and at home I can connect via the local network from my Mac. From the outside I can login via ssh. I've configured putty as follows: session: host name and port number connection ssh tunnel: forwarded ports: L5900|192.168.0.23 the local address is: 192.168.1.45 When I make the connection I can login to the remote machine. Then I open Remote Desktop Viewer. I click connect protocol: vnc host: ? use host as ssh tunnel: ? I don't know what to use for the last two options. Which ip-addresses should I use?

    Read the article

  • Prevent redirect loop in mod_rewrite

    - by user280381
    I'm writing a rule in my htaccess that basically says this: If the request is for the homepage And a cookie has not been set Rewrite the page with /addCookie.php Then in addCookie.php, we set the cookie and redirect back to the homepage. This is all fine, but if the user doesn't accept cookies, we get an infinite loop of redirects. I'm new to mod_rewrite, I've done a lot of searching, but can't break the loop. I have this so far: RewriteCond %{ENV:REDIRECT_STATUS} 200 RewriteRule .* - [S=1] RewriteCond %{REQUEST_URI} "^/$" RewriteCond %{HTTP_COOKIE} !device_detected RewriteRule ^ addCookie.php [L] Is what I'm trying to do possible? I could add a query string on the redirect from addCookie.php, but I'd much rather keep the requests identical. Any suggestions kindly welcome.

    Read the article

  • Exchange 2007: Auto reply message to senders (server side)

    - by Mestika
    I’ve a need to create an auto-reply for some of the users in my organization where, when a person sends an E-mail to e.g. [email protected] is faced with an automatically auto-reply with some message “closed during the holidays. We are back at… etc. etc. etc.”. I’ve tried to create a Transport Rule on our Exchange server but the only option I can find in the actions-window is to reply with a “Bounce message to sender with enhanced status code” but I guess that is not the precise action I’m looking for. How can I set up a server-side auto-reply, apply it to only a fixed number of users in my organization and create a message to the senders (which is outside the organization)?

    Read the article

  • Cannot access Application configured on local IIS 7 using IP/machine name

    - by SilverHorse
    I have a windows 7 machine 64 bit and IIS 7 I have a default website on the IIS.Its binding is {IP: All Unassigned , Port:80 , Host Name : blank} I have added a new asp.net application to that website,mapped physical path, have set the virtual path as "MyWebApp". Application pool for "MyWebApp" is "DefaultAppPool" {.Net Framework: 4.0 ; Managed Pipeline Mode: Classic} The problem I am facing is I can access the website using http://localhost, http://IP.IP.IP.IP and http://MyMachineName But I can not access the Application other than using http://localhost/MyWebApp What should I do if I want to access the webapp using http://MyMachineName/MyWebApp OR http://IP.IP.IP.IP/MyWebApp Please note : I have already created an inbound rule to allow all HTTP traffic for port 80 in firewall settings.

    Read the article

  • Firewall software that can block access to certain applications on certain internet connections

    - by webmasters
    I have two internet connections, a LAN and a 3G modem on a Windows 7 machine. The LAN is connected to a Edimax router which is conneted to the ISP (with their own modem). Now, the Edimax router is set to auto assign IP adresses in the range: 168.192.2.100 and 192.168.2.200 I wanted to block internet explorer to access the LAN. I entered my AVG firewall, selected iexplorer and added a "block" rule which blocked all ports, TCP and UDP protocols for the above IP range. The problem is it did not work, not matter what rules I have tried. Can you recommend a firewall that can easily accomplish this? Ty

    Read the article

  • Linux policy routing - packets not coming back

    - by Bugsik
    i am trying to set up policy routing on my home server. My network looks like this: Host routed VPN gateway Internet link through VPN 192.168.0.35/24 ---> 192.168.0.5/24 ---> 192.168.0.1 DSL router 10.200.2.235/22 .... .... 10.200.0.1 VPN server The traffic from 192.168.0.32/27 should be and is routed through VPN. I wanted to define some routing policies to route some traffic from 192.168.0.5 through VPN as well - for start - from user with uid 2000. Policy routing is done using iptables mark target and ip rule fwmark. The problem: When connecting using user 2000 from 192.168.0.5 tcpdump shows outgoing packets, but nothing comes back. Traffic from 192.168.0.35 works fine (here I am not using fwmark but src policy). Here is my VPN gateway setup: # uname -a Linux placebo 3.2.0-34-generic #53-Ubuntu SMP Thu Nov 15 10:49:02 UTC 2012 i686 i686 i386 GNU/Linux # iptables -V iptables v1.4.12 # ip -V ip utility, iproute2-ss111117 IPtables rules (all policies in table filter are ACCEPT) # iptables -t mangle -nvL Chain PREROUTING (policy ACCEPT 770K packets, 314M bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 767K packets, 312M bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 5520 packets, 1920K bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 782K packets, 901M bytes) pkts bytes target prot opt in out source destination 74 4707 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 2000 MARK set 0x3 Chain POSTROUTING (policy ACCEPT 788K packets, 903M bytes) pkts bytes target prot opt in out source destination # iptables -t nat -nvL Chain PREROUTING (policy ACCEPT 996 packets, 51172 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 7 packets, 432 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 1364 packets, 112K bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 2302 packets, 160K bytes) pkts bytes target prot opt in out source destination 119 7588 MASQUERADE all -- * vpn 0.0.0.0/0 0.0.0.0/0 Routing: # ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master lan state UNKNOWN qlen 1000 link/ether 00:40:63:f9:c3:8f brd ff:ff:ff:ff:ff:ff valid_lft forever preferred_lft forever 3: lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP link/ether 00:40:63:f9:c3:8f brd ff:ff:ff:ff:ff:ff inet 192.168.0.5/24 brd 192.168.0.255 scope global lan inet6 fe80::240:63ff:fef9:c38f/64 scope link valid_lft forever preferred_lft forever 4: vpn: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100 link/none inet 10.200.2.235/22 brd 10.200.3.255 scope global vpn # ip rule show 0: from all lookup local 32764: from all fwmark 0x3 lookup VPN 32765: from 192.168.0.32/27 lookup VPN 32766: from all lookup main 32767: from all lookup default # ip route show table VPN default via 10.200.0.1 dev vpn 10.200.0.0/22 dev vpn proto kernel scope link src 10.200.2.235 192.168.0.0/24 dev lan proto kernel scope link src 192.168.0.5 # ip route show default via 192.168.0.1 dev lan metric 100 10.200.0.0/22 dev vpn proto kernel scope link src 10.200.2.235 192.168.0.0/24 dev lan proto kernel scope link src 192.168.0.5 TCP dump showing no traffic coming back when connection is made from 192.168.0.5 user 2000 # tcpdump -i vpn tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on vpn, link-type RAW (Raw IP), capture size 65535 bytes ### Traffic from user 2000 on 192.168.0.5 ### 10:19:05.629985 IP 10.200.2.235.37291 > 10.100-78-194.akamai.com.http: Flags [S], seq 2868799562, win 14600, options [mss 1460,sackOK,TS val 6887764 ecr 0,nop,wscale 4], length 0 10:19:21.678001 IP 10.200.2.235.37291 > 10.100-78-194.akamai.com.http: Flags [S], seq 2868799562, win 14600, options [mss 1460,sackOK,TS val 6891776 ecr 0,nop,wscale 4], length 0 ### Traffic from 192.168.0.35 ### 10:23:12.066174 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [S], seq 2294159276, win 65535, options [mss 1460,nop,wscale 4,nop,nop,TS val 557451322 ecr 0,sackOK,eol], length 0 10:23:12.265640 IP 10.100-78-194.akamai.com.http > 10.200.2.235.49247: Flags [S.], seq 2521908813, ack 2294159277, win 14480, options [mss 1367,sackOK,TS val 388565772 ecr 557451322,nop,wscale 1], length 0 10:23:12.276573 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [.], ack 1, win 8214, options [nop,nop,TS val 557451534 ecr 388565772], length 0 10:23:12.293030 IP 10.200.2.235.49247 > 10.100-78-194.akamai.com.http: Flags [P.], seq 1:480, ack 1, win 8214, options [nop,nop,TS val 557451552 ecr 388565772], length 479 10:23:12.574773 IP 10.100-78-194.akamai.com.http > 10.200.2.235.49247: Flags [.], ack 480, win 7776, options [nop,nop,TS val 388566081 ecr 557451552], length 0

    Read the article

  • Adding many IP addresses to Windows Firewall using CLI fails partially

    - by Thomas
    I have a PowerShell script which adds IP addresses to Windows Firewall using the "netsh advfirewall" command. (As described in this question: How to append netsh firewall rules, not just replace). The problem is that when adding a lot of IP addresses (currently over 700) the string of IP addresses seems to be 'cut off' at some point. Only an X amount of the total amount of IP addresses are actually added to the firewall, the rest... not. The script is very simple, and looks something like this: $ip = "123.123.123.123,124.124.124.124,125.125.125.125 and so on" netsh advfirewall firewall set rule name="*" new remoteip="$ip" I tried to echo the string to see if it's cut off; echo $ip But the complete string is correctly echo'ed. Is there some kind of string length limit for the netsh command? Or anything else that could be causing this issue?

    Read the article

  • Microsoft ISA 2004 - Failed Connection Attempt

    - by Arief
    I have an issue where users with Android tablet cannot download apps through ISA 2004. This is what I get from the ISA 2004 logging: I did try to add the source ip address and the destination ip address in All for All Modified rule. However, it does not fix that problem. I also use GFI Web Monitoring. I did add the 151.101.13.80 ip address into the Whitelist, and no luck. What Failed Connection Attempt exactly is? How to overcome this. The Android tablet is throwing an error 495, could not be downloaded. Thanks everyone.

    Read the article

  • Full speed internal switch bandwidth but per-port set external bandwidth?

    - by garg
    I am in an environment where all the machines are behind a switch that I don't have access to. Each ethernet wall port has limited bandwidth depending on how much has been paid for each port. The problem is that some people have 10Mbps connections and some have 100Mbps connections and this causes problems with local intranet file transfers and operating system/software deployments. Operating systems can take hours to be deployed if the machine is on 10mbps. Do you know if it is possible with most switches to set a rule that would limit bandwidth coming in/going out to an extranet, but keep full bandwidth if the packets are destined to go to a local machine? For example, the internet might be limited to 10Mbps, but internal servers would get gigabit speeds? Thanks

    Read the article

  • On a router, how do I block wan access for a particular machine without blocking its access to the local network?

    - by HappyEngineer
    On my tp-link TL-WR1043ND router I want to prevent a particular machine from having access to the WAN while still allowing that machine to access other machines on the LAN. My assumption is that I need to do something in the "Access Control" section, however the problem is that it wants an ip range or domain name for the target of the rule. The router uses DHCP to get an address from the WAN, so I don't have any guarantee what the ip address of the wan will be. If the answer is that it's not possible with this router, could someone describe how to do it using OpenWRT instead?

    Read the article

  • Can iptables allow Squid to process a request, then redirect the response packets to another port?

    - by Dan H
    I'm trying to test a fancy traffic analyzer app, which I have running on port 8890. My current plan is to let any HTTP request come into Squid, on port 3128, and let it process the request, and then just before it sends the response back, use iptables to redirect the response packets (leaving port 3128) to port 8890. I've researched this all night, and tried many iptables commands, but I'm missing something and my hair is falling out. I thought something like this would work: iptables -t nat -A OUTPUT -p tcp --sport 3128 -j REDIRECT --to-ports 8990 This rule gets created ok, but it never redirects anything. Is this even possible? If so, what iptables incantation could do it? If not, any idea what might work on a single host, given multiple remote browser clients?

    Read the article

  • Open Port on Windows Server 2008

    - by user1827348
    I have an external server and I installed a new Service on it. The service is running and I can access it locally. When I tried to get access to it locally, all worked just fine. but when I try to reach it from my laptop over the internet, I get the message, that the port is blocked. I added a rule to the windows firewall that all connections to that port are allowed but it still doesnt work. there is so many things in google that didnt help me, thats why I am asking specifically. I do acutally not know how to google for that right because i am not that into server configs and so on. Can anybody help me, what I have to do, to be able to access that port? From outside.

    Read the article

  • Mail server hammering

    - by Rodrigo
    I've noticed a quick increase on smtp connections coming to my server, investigating it further i figured out that there's a botnet hammering my smtp server. I've tried to stop it by adding a rule at iptables: -N SMTP-BLOCK -A SMTP-BLOCK -m limit --limit 1/m --limit-burst 3 -j LOG --log-level notice --log-prefix "iptables SMTP-BLOCK " -A SMTP-BLOCK -m recent --name SMTPBLOCK --set -j DROP -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTPBLOCK --rcheck --seconds 360 -j SMTP-BLOCK -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTP --set -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTP --rcheck --seconds 60 --hitcount 3 -j SMTP-BLOCK -A INPUT -p tcp --dport 25 -m state --state NEW -j ACCEPT That would avoid them from hammering "too fast", however the problem still, there's like 5 tries per second, it's going insane, i had to incrase the maximum number of childs of sendmail/dovecot. There's too many ips to filter out manually and simply changing the smtp to another port is not practical since i got many other clients on that server. I'm using sendmail with dovecot, any ideas to have this filtered out more efficiently?

    Read the article

  • .htaccess RewriteRule Problem

    - by Kunal Gautam
    Before asking question let me tell you some assumptions here there are 5 files on my webserver index.php config.php read.php write.php .htaccess I've wrote following URL rewriting rule in .htaccess RewriteEngine on RewriteRule ^(\w+)$ read.php?id=$1 Now when I type domain.com/xyz it fetch data from read.php?id=xyz thats nice :) But when I type domain.com/index it fetch data from index.php or when i type domain.com/write or domain.com/config or domain.com/read it fetch data from write.php , config.php and read.php respectively I want data to be fectched from read.php?id=index or read.php?id=config or read.php?id=read or read.php?id=write Any one can help me regarding this ? Sorry for my poor english

    Read the article

< Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76  | Next Page >