Search Results

Search found 8046 results on 322 pages for 'forward lookup zone'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 7/322 | < Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >

  • BIND: forward 1st level zone

    - by raven
    First of all: sorry for the language, English is not my primary language. I have star-like DNS structure with many filials (more that 2): ^ | v filialNS_1.filial_1.city.local <---- ns.main.city.local <---- filialNS_2.filial_2.city.local ^ | v ns.mail.city.local is slave of all filials zones filialNS_1 is master of filial_1.city.local filialNS_2 is master of filial_2.city.local filialNS_N is master of filial_N.city.local I want to: serve DNS queries for xxx.filial_N.city.local with filialNS_N.filial_N.city.local forward all queries for xxx.xxx.xxx.local from filialNS_N to ns.main.city.local forward other queries to our provider's DNS on filial (or google-public-dns or anything else) FILIAL CONFIG named.conf zone "filial_1.city.local" { type master; file "/etc/namedb/dynamic/filial_1.city.local"; allow-update { key DHCP_UPDATER; }; allow-transfer { <ns.main.city.local IP address> }; }; zone "2.76.10.in-addr.arpa" { type master; file "/etc/namedb/dynamic/2.76.10.in-addr.arpa"; allow-update { key DHCP_UPDATER; }; allow-transfer { <ns.main.city.local IP address> }; }; zone "local." { type forward; forward only; forwarders { <ns.main.city.local IP address> }; }; nslookup server.filial_1.city.local - works fine nslookup server.main.city.local Server: 127.0.0.1 Address: 127.0.0.1#53 ** server can't find server.main.city.local: NXDOMAIN Where am I going wrong?

    Read the article

  • How to port forward https traffic via ssh and/or remote desktop to through several networks and PCs?

    - by donttellya
    I have the following environment: In company X I develop a application on a pc A in network A with ip address 192.168.100.50 which has to do an https request to an http server located in the intranet of company Y In company X is another pc B in network B with ip address 192.168.200.100 pc B (of company X) can access the intranet from company Y via ssh tunnel (putty) pc A (of company X) can ping pc B (of company X) note: pc A can also do a remote desktop connection to pc B) pc B can ping the http sever pc A can not ping the http server How can the https request from pc A of company X get to the http server of company Y? On which pc must be putty configured? And which settings for host, port forwarding etc. has to be done in putty? So finally the https request should go from PC A - PC B - Http Server in company Y.

    Read the article

  • Can't ping a DNS zone on windows server 2008 R2

    - by Roberto Fernandes
    I´ve just configured a windows server 2008 r2, but got a lot of problems on DNS role. Let me talk about the server configuration: name: fdserver IP address: 192.168.0.10 I have a DNS zone called "fd.local". This is my domain and it´s working ok. I´ve created a zone called fdserver, and inside this zone a record (A) with "*" as a host. because this is a webserver, i´ve configured apache so if you enter something like "site.fdserver" it will point you to the "site" folder. This is working ok ONLY inside the server. This server is a DNS server too... and have 3 entries: 192.168.0.10 (his own IP), 8.8.8.8 and 8.8.4.4 (google public DNS). Now start the problems... Most of the computers on my network, CAN join the domain without problems. But just CAN'T ping "something.fdserver". Now comes the strange thing... If I remove the twoo secondary entries on my DNS server (8.8.8.8 and 8.8.4.4), it obvious stop accessing websites (like microsoft.com), but now the computer CAN ping "something.fdserver". I don´t know If I explained correctly... and my English is terrible... but inside the server is all working as it supposed to work. But in the workstation machines, it work only if I remove the secondary DNS!! If you need any details, just ask! thanks!

    Read the article

  • DNS zone file SPF configuration to support sending mail from multiple servers and gmail

    - by Tauren
    I want to configure SPF on a domain to allow mail to be sent from: the x.com website server (x.com and www.x.com - both at same IP) it's MX servers (smtp.x.com, mx.x.com, mail.x.com) another server that isn't listed as an MX server (somehost.x.com) via gmail using an account that has authenticated use of [email protected] Will this zone file work? If not, what are the problems with it? $ttl 38400 @ IN SOA ns1.x.com. hostmaster.x.com. ( 201003092 ; serial 8H ; refresh 15M ; retry 1W ; expire 1H ) ; minimum @ NS ns1.x.com. @ NS ns2.x.com. @ MX 10 mx.x.com. @ MX 20 smtp.x.com. @ MX 30 mailhost.x.com. ; SPF records @ IN TXT "v=spf1 a mx a:somehost.x.com include:_spf.google.com ~all" mx IN TXT "v=spf1 a -all" smtp IN TXT "v=spf1 a -all" mailhost IN TXT "v=spf1 a -all" Questions: Is _spf.google.com the right thing to include for gmail.com, or is it only for Google Hosted Apps? If only for Google Apps, what should I include to send from gmail.com? If mail shouldn't be sent from anywhere else, is it safe to use -all instead of ~all? Does it make sense to add specific SPF records for each of the mail servers? Any other problems with the zone file? I want to confirm these things before making changes to my zone file. The file has SPF configured basically the same now, just without google.com and somehost, but I want to make sure I won't break things when I change it.

    Read the article

  • Time jumping forward on NTP failure

    - by Dan
    I have been having some weird problems with NTP for a while. If I use ntpdate to set the time then it sets fine. ntpd then invariably fails to find a server (I have loads configured) and decides to set the clock forward about 5 hours. It's a Xen server with dom0 set to a different timezone so I'm not sure if that is interfering with it. How can I make sure I ignore the dom0 time and have ntpd not change the time if it fails to reach a time server? EDIT: I now do not think it is ntpd giving me problems, I turned ntpd off and it jumped forward seemingly randomly.

    Read the article

  • Prevent Amazon EC2 Time zone from reverting back on yum update

    - by D.Tate
    I use an Amazon EC2 server instance that runs a distro called Amazon Linux AMI. (I've read that it is based on CentOS/Red Hat). My specific version is the 2012.09 release. Anyway, I was able to change the time zone about a week ago from the default UTC to America/New_York (which is EST/EDT). The command I used to change it was: ln -sf /usr/share/zoneinfo/America/New_York /etc/localtime ...thanks to this other Server Fault question. At that point, I was able to run date from the the command line, and it correctly displayed the EDT time. And even after EDT "fell back" to EST this past Sunday, I was pleased to find that running date still produced the correct local time. So that was great. However, after running a yum update yesterday, it seems that my time zone got reverted back to plain 'ol UTC. I even checked the last modified time of /etc/localtime file, and indeed it confirmed that it had been modified around the same time I had updated. Is there any way to prevent this from happening again, or will I be stuck resetting the time zone every time I do a yum update?

    Read the article

  • Is it illegal to forward copyrighted content? [closed]

    - by Mike
    Ok, this may be a strange question, but let's start: If I illegally download a movie (for example...) from a HTTP Web Server, there are many routers between me and the Web Server which are forwarding the data to my PC. As I understand, the owners of the routers are not legally responsible for the data they forward (please correct if I'm wrong). What if I would install a client of a peer-to-peer network on my PC and this client (peer) would forward copyrighted content received from peers to other peers? Hope someone understand what I mean ;-) Any answer or comment would be highly appreciated. Mike Update 1: I'm asking this question because I want to develop a p2p-application and try to figure out how to prevent illegal content sharing/distribution (if forwarding content is really illegal...) Update 2: What if the data forwarded by my peer is encrypted, so I'm technically not able to read and check it?

    Read the article

  • VirtualBox Port Forward

    - by john.graves(at)oracle.com
    A great new feature in VirtualBox 4.0 is the ability to use NAT networking and forward ports without needing to use ssh -L/-R tricks.  This is great for booting multiple VM domains simultaneously.  It is possible to have several instances which map back to the host machine and different ports on localhost:* automatically forward to the correct VM.  This avoids the hassle of setting up dns entries or static IP addresses.In this example, I'm mapping the host ports 3xxxx to the VM's well known server ports.Note: It is important to setup the Frontend HTTP host/port to avoid incorrect URL rewriting.You may also need to setup an http channel to deal with local traffic which uses the network address 10.0.2.15Happy VMing.

    Read the article

  • IP/PORT forward requests to another server

    - by DT.DTDG
    I have the following listening PORT:IP set up on my UBuntu server. 12.345.67.890:3636 It receives requests perfectly, however, I would now like to forward any requests to that IP:PORT to another IP:PORT, i.e.: 09.876.54.321:3636 Essentially I want to do a request forward 12.345.67.890:3636 -> 09.876.54.321:3636. How can I go about it in Terminal and if I wanted to change it back how can I go about that too? Is there also a way to test that the data is forwarding and it is setup properly? Thanks! Edit: Can I just do as follows, just wondering how I would go about testing it and how I could disable it? sysctl net.ipv4.ip_forward=1 iptables -t nat -A PREROUTING -p tcp --dport 3636 -j DNAT --to-destination 09.876.54.321:3636 iptables -t nat -A POSTROUTING -j MASQUERADE

    Read the article

  • URL rewriting via forward proxy

    - by Biggroover
    I have an app that runs inside my firewall and talks out to multiple end points via HTTP/HTTPS on a non-standard port e.g. http://endpoint1.domain.com:7171, http://endpoint2.domain.com:7171 What I want to do is route these requests through a forward proxy that then rewrites the URL to something like http://allendpoints.domain.com/endpoint1 (port 80 or 443) then on the other end have a reverse proxy that unwinds what I did on the forward proxy to reach the specific endpoints. The result being that I can route existing app requests through to specific endpoints across the internet without having to change my app software. My questions are: is this even possible? is it a good idea, are their better ways to do this? Can this be done with IIS and Apache as the proxies?

    Read the article

  • OpenGL - Cascaded shadow mapping - Texture lookup

    - by Silverlan
    I'm trying to implement cascaded shadow mapping in my engine, but I'm somewhat stuck at the last step. For testing purposes I've made sure all cascades encompass my entire scene. The result is currently this: The different intensity of the cascades is not on purpose, it's actually the problem. This is how I do the texture lookup for the shadow maps inside the fragment shader: layout(std140) uniform CSM { vec4 csmFard; // far distances for each cascade mat4 csmVP[4]; // View-Projection Matrix int numCascades; // Number of cascades to use. In this example it's 4. }; uniform sampler2DArrayShadow csmTextureArray; // The 4 shadow maps in vec4 csmPos[4]; // Vertex position in shadow MVP space float GetShadowCoefficient() { int index = numCascades -1; vec4 shadowCoord; for(int i=0;i<numCascades;i++) { if(gl_FragCoord.z < csmFard[i]) { shadowCoord = csmPos[i]; index = i; break; } } shadowCoord.w = shadowCoord.z; shadowCoord.z = float(index); shadowCoord.x = shadowCoord.x *0.5f +0.5f; shadowCoord.y = shadowCoord.y *0.5f +0.5f; return shadow2DArray(csmTextureArray,shadowCoord).x; } I then use the return value and simply multiply it with the diffuse color. That explains the different intensity of the cascades, since I'm grabbing the depth value directly from the texture. I've tried to do a depth comparison instead, but with limited success: [...] // Same code as above shadowCoord.w = shadowCoord.z; shadowCoord.z = float(index); shadowCoord.x = shadowCoord.x *0.5f +0.5f; shadowCoord.y = shadowCoord.y *0.5f +0.5f; float z = shadow2DArray(csmTextureArray,shadowCoord).x; if(z < shadowCoord.w) return 0.25f; return 1.f; } While this does give me the same shadow value everywhere, it only works for the first cascade, all others are blank: (I colored the cascades because otherwise the transitions wouldn't be visible in this case) What am I missing here?

    Read the article

  • Why do I get "ignoring out-of-zone data" when restarting BIND

    - by 6bytes
    I've been using my own DNS server but then I moved to a third part DNS provider. Yesterday I wanted to go back to using my own DNS's and cancel this third party service. I've lowered TTL in current DNS conf, changed DNS info in GoDaddy for my domain and that's when problems started. My domain seems to be working only for some people but not for others so clearly something is wrong. When restarting bind service named restart everything seems to be OK but later in email from Logwatch I'm getting errors like this: mydomain.com:30: ignoring out-of-zone data (ns1.mydns.com): 3 Time(s) mydomain.info:16: ignoring out-of-zone data (ns1.mydns.com): 5 Time(s) Can anyone point me in the right direction? My BIND configuration for those two domains below: File: /var/named/chroot/etc/zones.external zone "mydomain.com" IN { type master; file "mydomain.com"; allow-transfer { 213.251.188.140; }; allow-update { none; }; notify yes; also-notify { 213.251.188.140; }; }; zone "mydomain.info" IN { type master; file "mydomain.info"; allow-transfer { 213.251.188.140; }; allow-update { none; }; notify yes; also-notify { 213.251.188.140; }; }; File /var/named/chroot/var/named/mydomain.com being my main domain $TTL 3600 $ORIGIN mydomain.com. @ IN SOA ns1.mydns.com. ns2.mydns.com. ( 2010032101 ; Serial 10800 ; Refresh 3600 ; Retry 2419200 ; Expire 3600 ) ; NXDOMAIN TTL IN NS ns1.mydns.com. IN NS ns2.mydns.com. IN MX 10 ASPMX.L.GOOGLE.COM. IN MX 20 ALT1.ASPMX.L.GOOGLE.COM. IN MX 20 ALT2.ASPMX.L.GOOGLE.COM. IN MX 30 ASPMX2.GOOGLEMAIL.COM. IN MX 30 ASPMX3.GOOGLEMAIL.COM. IN MX 30 ASPMX4.GOOGLEMAIL.COM. IN MX 30 ASPMX5.GOOGLEMAIL.COM. IN A 111.111.111.111 * IN A 111.111.111.111 edu IN A 111.111.111.111 googleXXXXXXXXXXXXXXXX IN CNAME google.com. ns1.mydns.com. IN A 111.111.111.111 File /var/named/chroot/var/named/mydomain.info just an alias in apache for mydomain.com $TTL 86400 $ORIGIN mydomain.info. @ IN SOA ns1.mydns.com. ns2.mydns.com. ( 2009042901 ; Serial 10800 ; Refresh 3600 ; Retry 2419200 ; Expire 3600 ) ; NXDOMAIN TTL IN NS ns1.mydns.com. IN NS ns2.mydns.com. IN A 111.111.111.111 * IN A 111.111.111.111 ns1.mydns.com. IN A 111.111.111.111

    Read the article

  • Allowing connections initiated from outside

    - by Mark S. Rasmussen
    I've got an old Juniper SSG5 running ScreenOS 5.4.0r6.0. Once a day, more or less, it'll start randomly dropping packets at a rate of ~5-10%. We currently solve this issue by simply rebooting the unit, after which it resumes working in perfect condition. As this error has started appearing randomly, without any configuration or hardware changes, I'm assuming I've got an aging unit about to fail. As such, I've got a replacement SSG5 running ScreenOS 6.0. I've dumped the config on the 5.4 and imported it into a clean 6.0, and it seems to gladly accept it, and all my configuration seems to be A-OK. However, upon connecting the new unit, all outside-initiated connections seem to be blocked. If I browse our external IP from the inside, everything works perfectly, and it's not just port 80, SSH, Crashplan - all of our policies route correctly. All normal networking, initiated from the inside, work perfectly as well. If on the other hand I browse our external IP from the outside, everything is blocked. Barring differences between ScreenOS 5.4 and 6.0, the config is identical. Is there a setting somewhere that defines whether outside/inside initiated connections are allowed? unset key protection enable set clock timezone 1 set vrouter trust-vr sharable set vrouter "untrust-vr" exit set vrouter "trust-vr" unset auto-route-export exit set service "MyVOIP_UDP4569" protocol udp src-port 0-65535 dst-port 4569-4569 set service "MyVOIP_TCP22" protocol tcp src-port 0-65535 dst-port 22-22 set service "MyRDP" protocol tcp src-port 0-65535 dst-port 3389-3389 set service "MyRsync" protocol tcp src-port 0-65535 dst-port 873-873 set service "NZ_FTP" protocol tcp src-port 0-65535 dst-port 40000-41000 set service "NZ_FTP" + tcp src-port 0-65535 dst-port 21-21 set service "PPTP-VPN" protocol 47 src-port 2048-2048 dst-port 2048-2048 set service "PPTP-VPN" + tcp src-port 1024-65535 dst-port 1723-1723 set service "NZ_FMS_1935" protocol tcp src-port 0-65535 dst-port 1935-1935 set service "NZ_FMS_1935" + udp src-port 0-65535 dst-port 1935-1935 set service "NZ_FMS_8080" protocol tcp src-port 0-65535 dst-port 8080-8080 set service "CrashPlan Server" protocol tcp src-port 0-65535 dst-port 4280-4280 set service "CrashPlan Console" protocol tcp src-port 0-65535 dst-port 4282-4282 unset alg sip enable set alg appleichat enable unset alg appleichat re-assembly enable set alg sctp enable set auth-server "Local" id 0 set auth-server "Local" server-name "Local" set auth default auth server "Local" set auth radius accounting port 1646 set admin name "netscreen" set admin password "XXX" set admin auth web timeout 10 set admin auth dial-in timeout 3 set admin auth server "Local" set admin format dos set vip multi-port set zone "Trust" vrouter "trust-vr" set zone "Untrust" vrouter "trust-vr" set zone "DMZ" vrouter "trust-vr" set zone "VLAN" vrouter "trust-vr" set zone "Untrust-Tun" vrouter "trust-vr" set zone "Trust" tcp-rst set zone "Untrust" block unset zone "Untrust" tcp-rst set zone "MGT" block unset zone "V1-Trust" tcp-rst unset zone "V1-Untrust" tcp-rst set zone "DMZ" tcp-rst unset zone "V1-DMZ" tcp-rst unset zone "VLAN" tcp-rst set zone "Untrust" screen tear-drop set zone "Untrust" screen syn-flood set zone "Untrust" screen ping-death set zone "Untrust" screen ip-filter-src set zone "Untrust" screen land set zone "V1-Untrust" screen tear-drop set zone "V1-Untrust" screen syn-flood set zone "V1-Untrust" screen ping-death set zone "V1-Untrust" screen ip-filter-src set zone "V1-Untrust" screen land set interface ethernet0/0 phy full 100mb set interface ethernet0/3 phy full 100mb set interface ethernet0/4 phy full 100mb set interface ethernet0/5 phy full 100mb set interface ethernet0/6 phy full 100mb set interface "ethernet0/0" zone "Untrust" set interface "ethernet0/1" zone "Null" set interface "bgroup0" zone "Trust" set interface "bgroup1" zone "Trust" set interface "bgroup2" zone "Trust" set interface bgroup2 port ethernet0/2 set interface bgroup0 port ethernet0/3 set interface bgroup0 port ethernet0/4 set interface bgroup1 port ethernet0/5 set interface bgroup1 port ethernet0/6 unset interface vlan1 ip set interface ethernet0/0 ip 215.173.182.18/29 set interface ethernet0/0 route set interface bgroup0 ip 192.168.1.1/24 set interface bgroup0 nat set interface bgroup1 ip 192.168.2.1/24 set interface bgroup1 nat set interface bgroup2 ip 192.168.3.1/24 set interface bgroup2 nat set interface ethernet0/0 gateway 215.173.182.17 unset interface vlan1 bypass-others-ipsec unset interface vlan1 bypass-non-ip set interface ethernet0/0 ip manageable set interface bgroup0 ip manageable set interface bgroup1 ip manageable set interface bgroup2 ip manageable set interface bgroup0 manage mtrace unset interface bgroup1 manage ssh unset interface bgroup1 manage telnet unset interface bgroup1 manage snmp unset interface bgroup1 manage ssl unset interface bgroup1 manage web unset interface bgroup2 manage ssh unset interface bgroup2 manage telnet unset interface bgroup2 manage snmp unset interface bgroup2 manage ssl unset interface bgroup2 manage web set interface ethernet0/0 vip 215.173.182.19 2048 "PPTP-VPN" 192.168.1.131 set interface ethernet0/0 vip 215.173.182.19 + 4280 "CrashPlan Server" 192.168.1.131 set interface ethernet0/0 vip 215.173.182.19 + 4282 "CrashPlan Console" 192.168.1.131 set interface ethernet0/0 vip 215.173.182.22 22 "MyVOIP_TCP22" 192.168.2.127 set interface ethernet0/0 vip 215.173.182.22 + 4569 "MyVOIP_UDP4569" 192.168.2.127 set interface ethernet0/0 vip 215.173.182.22 + 3389 "MyRDP" 192.168.2.202 set interface ethernet0/0 vip 215.173.182.22 + 873 "MyRsync" 192.168.2.201 set interface ethernet0/0 vip 215.173.182.22 + 80 "HTTP" 192.168.2.202 set interface ethernet0/0 vip 215.173.182.22 + 2048 "PPTP-VPN" 192.168.2.201 set interface ethernet0/0 vip 215.173.182.22 + 8080 "NZ_FMS_8080" 192.168.2.216 set interface ethernet0/0 vip 215.173.182.22 + 1935 "NZ_FMS_1935" 192.168.2.216 set interface bgroup0 dhcp server service set interface bgroup1 dhcp server service set interface bgroup2 dhcp server service set interface bgroup0 dhcp server auto set interface bgroup1 dhcp server auto set interface bgroup2 dhcp server auto set interface bgroup0 dhcp server option domainname companyalan set interface bgroup0 dhcp server option dns1 192.168.1.131 set interface bgroup1 dhcp server option domainname companyblan set interface bgroup1 dhcp server option dns1 192.168.2.202 set interface bgroup2 dhcp server option dns1 8.8.8.8 set interface bgroup2 dhcp server option wins1 8.8.4.4 set interface bgroup0 dhcp server ip 192.168.1.2 to 192.168.1.116 set interface bgroup1 dhcp server ip 192.168.2.2 to 192.168.2.116 set interface bgroup2 dhcp server ip 192.168.3.2 to 192.168.3.126 unset interface bgroup0 dhcp server config next-server-ip unset interface bgroup1 dhcp server config next-server-ip unset interface bgroup2 dhcp server config next-server-ip set interface "ethernet0/0" mip 215.173.182.21 host 192.168.2.202 netmask 255.255.255.255 vr "trust-vr" set interface "serial0/0" modem settings "USR" init "AT&F" set interface "serial0/0" modem settings "USR" active set interface "serial0/0" modem speed 115200 set interface "serial0/0" modem retry 3 set interface "serial0/0" modem interval 10 set interface "serial0/0" modem idle-time 10 set flow tcp-mss unset flow tcp-syn-check unset flow tcp-syn-bit-check set flow reverse-route clear-text prefer set flow reverse-route tunnel always set pki authority default scep mode "auto" set pki x509 default cert-path partial set pki x509 dn name "[email protected]" set dns host dns1 0.0.0.0 set dns host dns2 0.0.0.0 set dns host dns3 0.0.0.0 set address "Trust" "192.168.1.0/24" 192.168.1.0 255.255.255.0 set address "Trust" "192.168.2.0/24" 192.168.2.0 255.255.255.0 set address "Trust" "192.168.3.0/24" 192.168.3.0 255.255.255.0 set crypto-policy exit set ike respond-bad-spi 1 set ike ikev2 ike-sa-soft-lifetime 60 unset ike ikeid-enumeration unset ike dos-protection unset ipsec access-session enable set ipsec access-session maximum 5000 set ipsec access-session upper-threshold 0 set ipsec access-session lower-threshold 0 set ipsec access-session dead-p2-sa-timeout 0 unset ipsec access-session log-error unset ipsec access-session info-exch-connected unset ipsec access-session use-error-log set vrouter "untrust-vr" exit set vrouter "trust-vr" exit set l2tp default ppp-auth chap set url protocol websense exit set policy id 1 from "Trust" to "Untrust" "Any" "Any" "ANY" permit set policy id 1 exit set policy id 2 from "Untrust" to "Trust" "Any" "VIP(215.173.182.19)" "PPTP-VPN" permit traffic set policy id 2 exit set policy id 3 from "Untrust" to "Trust" "Any" "VIP(215.173.182.22)" "HTTP" permit log set policy id 3 set service "MyRDP" set service "MyRsync" set service "MyVOIP_TCP22" set service "MyVOIP_UDP4569" exit set policy id 6 from "Trust" to "Trust" "192.168.1.0/24" "192.168.2.0/24" "ANY" deny set policy id 6 exit set policy id 7 from "Trust" to "Trust" "192.168.2.0/24" "192.168.1.0/24" "ANY" deny set policy id 7 exit set policy id 8 from "Trust" to "Trust" "192.168.3.0/24" "192.168.1.0/24" "ANY" deny set policy id 8 exit set policy id 9 from "Trust" to "Trust" "192.168.3.0/24" "192.168.2.0/24" "ANY" deny set policy id 9 exit set policy id 10 from "Untrust" to "Trust" "Any" "MIP(215.173.182.21)" "NZ_FTP" permit set policy id 10 exit set policy id 11 from "Untrust" to "Trust" "Any" "VIP(215.173.182.22)" "PPTP-VPN" permit set policy id 11 exit set policy id 12 from "Untrust" to "Trust" "Any" "VIP(215.173.182.22)" "NZ_FMS_1935" permit set policy id 12 set service "NZ_FMS_8080" exit set policy id 13 from "Untrust" to "Trust" "Any" "VIP(215.173.182.19)" "CrashPlan Console" permit set policy id 13 set service "CrashPlan Server" exit set nsmgmt bulkcli reboot-timeout 60 set ssh version v2 set config lock timeout 5 unset license-key auto-update set telnet client enable set snmp port listen 161 set snmp port trap 162 set vrouter "untrust-vr" exit set vrouter "trust-vr" unset add-default-route exit set vrouter "untrust-vr" exit set vrouter "trust-vr" exit Note that I've previously posted a similar question (pertaining to the same device & replacement, but ultimately caused by a malfunctioning switch, and thus clouding the current issue): Outbound traffic being blocked for MIP/VIPped servers (Juniper SSG5)

    Read the article

  • Cannot make bind9 forward DNS query to subdomain unless recursive enabled

    - by PP.
    I am trying to develop my own dynamic DNS. I'm running my own custom DNS for the subdomain on port 5353. ASCII diagram: INET --->:53 Bind 9 --->:5353 node.js | V zone_files I have example.com. The node.js DNS is for dyn.example.com. In my /etc/bind/named.conf.local I have: zone "example.com" { type master; file "/etc/bind/db.com.example"; allow-transfer { zonetxfrsafe; }; }; zone "dyn.example.com" IN { # DYNAMIC type forward; forwarders { 127.0.0.1 port 5353; }; forward only; }; I've even gone so far as to add a NS in my example.com zone file: $TTL 86400 @ IN SOA ns.example.com. hostmaster.example.com. ( 2013070104 ; Serial 7200 ; Refresh 1200 ; Retry 2419200 ; Expire 86400 ) ; Negative Cache TTL ; NS ns ; inet of our nameserver ns A 1.2.3.4 ; NS record for subdomain dyn NS ns When I attempt to get a record from the subdomain server it doesn't get forwarded: dig @127.0.0.1 test.dyn.example.com However if I turn recursive on in /etc/bind/named.conf.options: options { recursion yes; } .. then I CAN see the request going to the subdomain server. But I don't want recursion yes; in my Bind configuration as it is poor security practice (and allows all-and-sundry requests that are not related to my managed zones). How does one forward (proxy) zone queries for just one zone? Or do I give up on Bind altogether and find a DNS server that can actually forward specific queries?

    Read the article

  • Convert UTC DateTime to another Time Zone

    - by Mark Richman
    I have a UTC DateTime value coming from a database record. I also have a user-specified time zone (an instance of TimeZoneInfo). How do I convert that UTC DateTime to the user's local time zone? Also, how do I determine if the user-specified time zone is currently observing DST? I'm using .NET 3.5. Thanks, Mark

    Read the article

  • Mapping US zip code to time zone

    - by Doug Kavendek
    When users register with our app, we are able to infer their zip code when we validate them against a national database. What would be the best way to determine a good potential guess of their time zone from this zip code? We are trying to minimize the amount of data we explicitly have to ask them for. They will be able to manually set the time zone later if our best guess is wrong. I realize zip codes won't help with figuring out the time zone outside the US, but in that case we'd have to manually ask anyway, and we deal predominantly with the US regardless. I've found a lot of zip code databases, and so far only a few contain time zone information, but those that do are not free, such as this one. If it's absolutely necessary to pay a subscription to a service in order to do this, then it will not be worth it and we will just have to ask users explicitly. Although language isn't particularly relevant as I can probably convert things however needed, we're using PHP and MySQL.

    Read the article

  • Sharepoint 2010 - AAM - SPSite(SPContext.Current.Site.ID) RootWeb.Url is from wrong zone

    - by user2026343
    I have a sharepoint 2010 web application with 2 different zones, default zone with windows login (for search crawl), internet with Claims (FBA) for users to login. I have custom webparts that uses using (SPSite mySite = new SPSite(SPContext.Current.Site.ID)) using (SPWeb web = mySite.RootWeb) { string url = web.Url I use this url to include to emails etc... Problem is: when user connects to FBA (extended zone), and goes to the webpart,string url in my code returns the url of the default zone(windows auth) where user should not be touching. I have different host headers for these zones, any help would be very appreciated. Update: fixed it with using (SPSite newsite =new SPSite(SPContext.Current.Site.ID,SPContext.Current.Site.Zone)) using (SPWeb web = newsite.RootWeb) { //do your implementation here }

    Read the article

  • "date_part('epoch', now() at time zone 'UTC')" not the same time as "now() at time zone 'UTC'" in po

    - by sirlark
    I'm writing a web based front end to a database (PHP/Postgresql) in which I need to store various dates/times. The times are meant to be always be entered on the client side in the local time, and displayed in the local time too. For storage purposes, I store all dates/times as integers (UNIX timestamps) and normalised to UTC. One particular field has a restriction that the timestamp filled in is not allowed to be in the future, so I tried this with a database constraint... CONSTRAINT not_future CHECK (timestamp-300 <= date_part('epoch', now() at time zone 'UTC')) The -300 is to give 5 minutes leeway in case of slightly desynchronised times between browser and server. The problem is, this constraint always fails when submitting the current time. I've done testing, and found the following. In PostgreSQL client: SELECT now() -- returns correct local time SELECT date_part('epoch', now()) -- returns a unix timestamp at UTC (tested by feeding the value into the date function in PHP correcting for its compensation to my time zone) SELECT date_part('epoch', now() at time zone 'UTC') -- returns a unix timestamp at two time zone offsets west, e.g. I am at GMT+2, I get a GMT-2 timestamp. I've figured out obviously that dropping the "at time zone 'UTC'" will solve my problem, but my question is if 'epoch' is meant to return a unix timestamp which AFAIK is always meant to be in UTC, why would the 'epoch' of a time already in UTC be corrected? Is this a bug, or I am I missing something about the defined/normal behaviour here.

    Read the article

  • postfix: Temporary lookup failure for FQDN

    - by Thufir
    I'm using the FQDN of dur.bounceme.net which I want to resolve(?) to localhost. That is, I want mail to [email protected] to get delivered to user@localhost. I've tried following the Ubuntu guide on this and seem to be going in circles a bit. root@dur:~# root@dur:~# postfix stop postfix/postfix-script: stopping the Postfix mail system root@dur:~# postfix start postfix/postfix-script: starting the Postfix mail system root@dur:~# telnet dur.bounceme.net 25 Trying 127.0.1.1... telnet: Unable to connect to remote host: Connection refused root@dur:~# root@dur:~# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 dur.bounceme.net ESMTP Postfix (Ubuntu) ehlo dur 250-dur.bounceme.net 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN mail from:[email protected] 250 2.1.0 Ok rcpt to:[email protected] 451 4.3.0 <[email protected]>: Temporary lookup failure rcpt to:thufir@localhost 451 4.3.0 <thufir@localhost>: Temporary lookup failure quit 221 2.0.0 Bye Connection closed by foreign host. root@dur:~# root@dur:~# grep telnet /var/log/mail.log Aug 28 00:24:45 dur postfix/smtpd[18256]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.0 <thufir@localhost>: Temporary lookup failure; from=<[email protected]> to=<thufir@localhost> proto=ESMTP helo=<dur> Aug 28 00:24:58 dur postfix/smtpd[18256]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.0 <[email protected]>: Temporary lookup failure; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<dur> Aug 28 00:54:55 dur postfix/smtpd[18825]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.0 <[email protected]>: Temporary lookup failure; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<dur> Aug 28 00:55:08 dur postfix/smtpd[18825]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 451 4.3.0 <thufir@localhost>: Temporary lookup failure; from=<[email protected]> to=<thufir@localhost> proto=ESMTP helo=<dur> root@dur:~# root@dur:~# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix default_transport = smtp home_mailbox = Maildir/ inet_interfaces = loopback-only mailbox_command = /usr/lib/dovecot/deliver -c /etc/dovecot/conf.d/01-mail-stack-delivery.conf -m "${EXTENSION}" mailbox_size_limit = 0 mailman_destination_recipient_limit = 1 mydestination = dur, dur.bounceme.net, localhost.bounceme.net, localhost myhostname = dur.bounceme.net mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 readme_directory = no recipient_delimiter = + relay_domains = lists.dur.bounceme.net relay_transport = relay relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_path = private/dovecot-auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/ssl/certs/ssl-mail.pem smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key smtpd_tls_mandatory_ciphers = medium smtpd_tls_mandatory_protocols = SSLv3, TLSv1 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport root@dur:~#

    Read the article

  • How to get Passive FTP Working Through an Iptables Firewall?

    - by user1133248
    I have an iptables firewall running on a Fedora Linux server that is basically being used as a firewall router and OpenVPN server. That's it. We have been using the same iptables firewall code for YEARS. I did make some changes on 21 December to re-route a mySQL port, but given what has happened I've completely backed those changes out. Sometime after those changes were made and backed out passive FTP, served from a vsftpd process, stopped working. We use a passive ftp client to FLING (that's the name of the ftp client running under Windows! :-) ) images from our remote telescopes to our server. I believe it is something in the firewall code because I can drop the firewall and the FTP file transfer (and connecting to the ftp site with Internet Explorer to see the file list) works. When I raise the iptables firewall, it stops working. Again, this is code that we'd been using for years. However, I felt that maybe there was something I missed, so we had a .bak file from 2009 that I used. Same behavior, passive ftp does not work. So, I went and rebuilt the firewall code line by line to see what line was causing the problem. Everything worked until I put the line -A FORWARD -j DROP in very near the end. Of course, if I am correct, this is the line that basically "turns on" the firewall, saying drop everything except for the exceptions I've made above. However, this line has been in the iptables code probably since 2003. So, I'm at the end of my rope, and I still can't figure out why this has stopped working. I guess I need an expert on iptables configuration. Here is the iptables code (from iptables-save) with comments. # Generated by iptables-save v1.3.8 on Thu Jan 5 18:36:25 2012 *nat # One of the things that I remain ignorant about is what these following three lines # do in both the nat tables (which we're not using on this machine) and the following # filter table. I don't know what the numbers are, but I'm ASSUMING they're port # ranges. # :PREROUTING ACCEPT [7435:551429] :POSTROUTING ACCEPT [6097:354458] :OUTPUT ACCEPT [5:451] COMMIT # Completed on Thu Jan 5 18:36:25 2012 # Generated by iptables-save v1.3.8 on Thu Jan 5 18:36:25 2012 *filter :INPUT ACCEPT [10423:1046501] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [15184:16948770] # The following line is for my OpenVPN configuration. -A INPUT -i tun+ -j ACCEPT # In researching this on the Internet I found some iptables code that was supposed to # open the needed ports up. I never needed this before this week, but since passive FTP # was no longer working, I decided to put the code in. The next three lines are part of # that code. -A INPUT -p tcp -m tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --sport 1024:65535 --dport 20 -m state --state ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT # Another line for the OpenVPN configuration. I don't know why the iptables-save mixed # the lines up. -A FORWARD -i tun+ -j ACCEPT # Various forwards for all our services -A FORWARD -s 65.118.148.197 -p tcp -m tcp --dport 3307 -j ACCEPT -A FORWARD -d 65.118.148.197 -p tcp -m tcp --dport 3307 -j ACCEPT -A FORWARD -s 65.118.148.197 -p tcp -m tcp --dport 3306 -j ACCEPT -A FORWARD -d 65.118.148.197 -p tcp -m tcp --dport 3306 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 21 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 21 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 20 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 20 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 7191 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 7191 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 46000:46999 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 46000:46999 -j ACCEPT -A FORWARD -s 65.118.148.0/255.255.255.0 -j ACCEPT -A FORWARD -d 65.118.148.196 -p udp -m udp --dport 53 -j ACCEPT -A FORWARD -s 65.118.148.196 -p udp -m udp --dport 53 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 53 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 53 -j ACCEPT -A FORWARD -d 65.118.148.196 -p udp -m udp --dport 25 -j ACCEPT -A FORWARD -s 65.118.148.196 -p udp -m udp --dport 25 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 42 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 42 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 25 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 25 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 80 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 80 -j ACCEPT -A FORWARD -d 65.118.148.204 -p tcp -m tcp --dport 80 -j ACCEPT -A FORWARD -s 65.118.148.204 -p tcp -m tcp --dport 80 -j ACCEPT -A FORWARD -d 65.118.148.196 -p tcp -m tcp --dport 6667 -j ACCEPT -A FORWARD -s 65.118.148.196 -p tcp -m tcp --dport 6667 -j ACCEPT -A FORWARD -s 65.96.214.242 -p tcp -m tcp --dport 22 -j ACCEPT -A FORWARD -s 192.68.148.66 -p tcp -m tcp --dport 22 -j ACCEPT -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT # "The line" that causes passive ftp to stop working. Insofar as I can tell, everything # else seems to work - ssh, telnet, mysql, httpd. -A FORWARD -j DROP -A FORWARD -p icmp -j ACCEPT # The following code is again part of my attempt to put in code that would cause passive # ftp to work. I don't know why iptables-save scattered it about like this. -A OUTPUT -p tcp -m tcp --sport 21 -m state --state ESTABLISHED -j ACCEPT -A OUTPUT -p tcp -m tcp --sport 20 --dport 1024:65535 -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -p tcp -m tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT COMMIT # Completed on Thu Jan 5 18:36:25 2012 So, with all that prelude, my basic question is: How can I get passive ftp to work behind an iptables firewall? As you can see, I've tried to get it working (again) and tried to do some research on the issue, but have come up...short. Any answers would be appreciated by both me and various variable star astronomers around the world! THANKS! -Richard "Doc" Kinne, American Assoc. of Variable Star Observers, [email protected]

    Read the article

  • SSIS - Range lookups

    - by Repieter
      When developing an ETL solution in SSIS we sometimes need to do range lookups in SSIS. Several solutions for this can be found on the internet, but now we have built another solution which I would like to share, since it's pretty easy to implement and the performance is fast.   You can download the sample package to see how it works. Make sure you have the AdventureWorks2008R2 and AdventureWorksDW2008R2 databases installed. (Apologies for the layout of this blog, I don't do this too often :))   To give a little bit more information about the example, this is basically what is does: we load a facttable and do an SCD type 2 lookup operation of the Product dimension. This is done with a script component.   First we query the Data warehouse to create the lookup dataset. The query that is used for that is:   SELECT     [ProductKey]     ,[ProductAlternateKey]     ,[StartDate]     ,ISNULL([EndDate], '9999-01-01') AS EndDate FROM [DimProduct]     The output of this query is stored in a DataTable:     string lookupQuery = @"                         SELECT                             [ProductKey]                             ,[ProductAlternateKey]                             ,[StartDate]                             ,ISNULL([EndDate], '9999-01-01') AS EndDate                         FROM [DimProduct]";           OleDbCommand oleDbCommand = new OleDbCommand(lookupQuery, _oleDbConnection);         OleDbDataAdapter adapter = new OleDbDataAdapter(oleDbCommand);           _dataTable = new DataTable();         adapter.Fill(_dataTable);     Now that the dimension data is stored in the DataTable we use the following method to do the actual lookup:   public int RangeLookup(string businessKey, DateTime lookupDate)     {         // set default return value (Unknown)         int result = -1;           DataRow[] filteredRows;         filteredRows = _dataTable.Select(string.Format("ProductAlternateKey = '{0}'", businessKey));           for (int i = 0; i < filteredRows.Length; i++)         {             // check if the lookupdate is found between the startdate and enddate of any of the records             if (lookupDate >= (DateTime)filteredRows[i][2] && lookupDate < (DateTime)filteredRows[i][3])             {                 result = (filteredRows[i][0] == null) ? -1 : (int)filteredRows[i][0];                 break;             }         }           filteredRows = null;           return result;     }       This method is executed for every row that passes the script component. This is implemented in the ProcessInputRow method   public override void Input0_ProcessInputRow(Input0Buffer Row)     {         // Perform the lookup operation on the current row and put the value in the Surrogate Key Attribute         Row.ProductKey = RangeLookup(Row.ProductNumber, Row.OrderDate);     }   Now what actually happens?!   1. Every record passes the business key and the orderdate to the RangeLookup method. 2. The DataTable is then filtered on the business key of the current record. The output is stored in a DataRow [] object. 3. We loop over the DataRow[] object to see where the orderdate meets the following expression: (lookupDate >= (DateTime)filteredRows[i][2] && lookupDate < (DateTime)filteredRows[i][3]) 4. When the expression returns true (so where the data is between the Startdate and the EndDate), the surrogate key of the dimension record is returned   We have done some testing with this solution and it works great for us. Hope others can use this example to do their range lookups.

    Read the article

  • Solaris Non global Zone x server

    - by ankimal
    I am not even sure if this is possible but how can I start an X server on a non-global zone? If I run startx from within my zone. I created the xorg.conf by running /usr/X11/bin/xorgconfig root@foo:/usr/X11/bin# startx xauth: creating new authority file /root/.serverauth.20957 X.Org X Server 1.5.3 Release Date: 5 November 2008 X Protocol Version 11, Revision 0 Build Operating System: SunOS 5.11 snv_108 i86pc Current Operating System: SunOS dsol101 5.11 snv_111b i86pc Build Date: 07 May 2009 04:44:56PM Solaris ABI: 64-bit SUNWxorg-server package version: 6.9.0.5.11.11100,REV=0.2009.05.07 SUNWxorg-mesa package version: 6.9.0.5.11.11100,REV=0.2009.04.02 Before reporting problems, check http://sunsolve.sun.com/ to make sure that you have the latest version. Markers: (--) probed, (**) from config file, (==) default setting, (++) from command line, (!!) notice, (II) informational, (WW) warning, (EE) error, (NI) not implemented, (??) unknown. (==) Log file: "/var/log/Xorg.0.log", Time: Tue Nov 10 19:17:53 2009 (==) Using config file: "/etc/X11/xorg.conf" Fatal server error: xf86OpenConsole: Cannot open /dev/fb (No such file or directory)

    Read the article

  • TimeZone Issue during DayLight Saving

    - by user1328293
    I just been bugged by the Day light saving hours I seem that 3rd November 2013 01:00:00 start EST time Now ever Time I set my time to 3rd November 2013 00:58:xx(some seconds) and run date it give me valid Time zone i.e EDT but even after the time pass 01:00:00 and I still query the date library I still see the Time zone as EDT and not EST have a look at this screenshot You can clearly see the Time zone saying as EDT even when it is EST any one has a clue for this Update There is one other finding I found if I restart my machine I see this

    Read the article

  • What is the DNS root zone and domain?

    - by Nimmy Lebby
    This might seem like a silly question but I want to get my terminology correct. Please do not delete. I will be more than happy to delete the question myself once I (with the help of a few people I hope) get to a consensus: This was my understanding: DNS root zone = . DNS root domain = (nameless) However, after reading the Wikipedia article, I'm not so sure: A domain name consists of one or more parts, technically called labels, that are conventionally concatenated, and delimited by dots, such as example.com. So this would lead me to believe: DNS root zone = . DNS root domain = . DNS root label = (nameless) Does this make sense? What is your understanding?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >