Search Results

Search found 1547 results on 62 pages for 'peter kelley'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 7/62 | < Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >

  • How to set Atomikos to not write to console logs?

    - by peter
    Atomikos is quite verbose when used. There seems to be lots of INFO messages (mostly irrelevant for me) that the transaction manager writes out to the console. The setting in the transaction.properties that is suppose to control the level of messaging com.atomikos.icatch.console_log_level does not seem to have any effect, since even when set to WARN (or ERROR) the INFO messages are still logged. Also the log4j settings for com.atomikos and atomikos seem to be ignored. Does anyone manage to turn off the INFO logs on the console with Atomikos?. How? Thanks Peter

    Read the article

  • what's the story with the android XML namespace?

    - by Peter vdL
    When you first use a name from the android XML namespace, you have to say where to find it, with an attribute in XML like this: <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" However, that URL is a 404 - nothing found there. The android: namespace is actually included under the locally-installed SDK. So what's going on here? Why do I need to include a dead URL? Why doesn't the build system pick it up from the SDK like all the other libraries? Thanks, just looking for the back story on this. Peter

    Read the article

  • How to post Arabic characters in PHP

    - by Peter Stuart
    Okay, So I am writing an OpenCart extension that must allow Arabic characters when posting data. Whenever I post ????? the print_r($_POST) returns with this: u0645u0631u062du0628u0627 I check the HTML header and it has this: <meta charset="UTF-8" /> I checked the PHP file that triggers all SQL queries and it has this code: mysql_query("SET NAMES 'utf8'", $this->link); mysql_query("SET CHARACTER SET utf8", $this->link); mysql_query("SET CHARACTER_SET_CONNECTION=utf8", $this->link); This is in my form tag: <form action="<?php echo $action; ?>" method="post" enctype="multipart/form-data" id="form" accept-charset="utf-8"> I can't think of what else I am doing wrong. The rest of the OpenCart framework supports UTF8 and arabic characters. It is just in this instance where I can't post anything arabic? Could someone please help me? Many Thanks Peter

    Read the article

  • how to find the last instance of a setting in a config file

    - by Glenn Kelley
    I am trying to figure out how to find the last entry of a string in multiple config files across a server. Each of the strings will be in the /home/***usernamewouldbehere/public_html/typo3conf/localconf.php file In short - the last entry in the config files will point to the database server the application is utilizing - and we need to know which accounts point to which db server. While I can run something like this - grep "$_db_host" /home/*/public_html/conf/localconf.php It does not really help much because it gives us way to much information ... and not what we really need. What i really need to know is the last entry of this string $_db_host = 'xx'; and to sort them out in an export file Since the config files may have multiple entries (example below) $_db_host = 'localhost'; $_db_host = '10.0.1.234'; It would be great to list in a file all of those that have the entry for 'localhost' and then list all of those that have the entry for '10.0.1.234' (or whichever server there may be there) but even if I need to do that manually that would be great. I am not sure how to get to it using Awk - ... and really stuck What I am hoping for is something that would be piped as follows db_host = localhost /home/username1/www/conf/localconf.php db_host = localhost / home/username2/public_html/conf/localconf.php db_host= '10.1.2.23' /home/username55/public_html/conf/localconf.php hoping that helps you help me :-)

    Read the article

  • Testing perceived performance

    - by Josh Kelley
    I recently got a shiny new development workstation. The only disadvantage of this is that the desktop apps I'm developing now run very, very fast, and so I fear that parts of the code that would be annoyingly slow on end users' machines will go unnoticed during my testing. Is there a good way to slow down an application for testing? I've tried searching around, but all of the results I've been able to find seem pretty fiddly to set up (e.g., manually setting up a high-priority CPU-bound task on the same CPU core as the target app, or running a background process that rapidly interrupts and resumes the target app), and I don't know if the end result is actually a good representation of running on a slower computer (with its slower CPU, slower RAM, slower disk I/O...). I don't think that this is a job for a profiler; I'm interested in the user's perception of end-to-end performance rather than in where the time goes for particular operations.

    Read the article

  • C#: How to Make it Harder for Hacker/Cracker to Get Around or Bypass the Licensing Check?

    - by Peter Lee
    Hi all, Suppose that the user has saved the License file under the Application.StartupPath, where all users can read. And then, every time when the app starts, it will check if it can find and verify the license file. If the app can find and verify, we let the user to continue with full functinalities. If not, we prompt a MessageBox showing "Unlicencsed, continue to use with trial version, functionalities limited." My question is, if I'm a hacker/cracker, I would try to get around or bypass the licensing check instead of cracking the license file, because, if we use RSA signature, it's very difficult to crack a license file. So where should we put the license check? thanks. Merry Christmas and Happy New Year! Peter P.S.: and also, is it safe if I put a global variable IsLicensed (true / false) to limit the functionalities? Is it easy for a hacker to change IsLicensed = true?

    Read the article

  • WPF Validation of clipboard Data

    - by Peter
    Hello normal validation is always related to some control, but in my case there is no control to fire validation when its content changes and to show errortemplate to the user. because the data to be validated is in the cipboard. when the user presses "PASTE" button viewmodel processes the data and finds it to be invalid. but what is the best way to invoke WPF validation in this case? as far as i understand using IDataErrorInfo is the way to go, but what is the best way to start validation. and whst is the best way of displaying the error? errortemplate of the button element? Thanks a lot for help. Peter

    Read the article

  • Ubuntu Eye-Infinity across 3 displays

    - by Peter G Mac.
    So I purchased a computer recently and have been trying to customise the display. Radeon 6800 series Ubuntu 10.10 I have three 22inch 1080P lcd monitors that are mounted together. Everything is working smooth. How do I get the 'big-desktop' display where I have one enormous display across all monitors? Linux - ATI Catalyst Control Center 11.2 does not give me an option to 'group' my profiles like the pictures on their site show with Windows. I have been searching all over for help. Much Obliged, -Peter

    Read the article

  • quick check on use of map api (android)

    - by Peter vdL
    When you use the Google map api, it is not part of the Android SDK, and you have to mention it in your manifest xml file. Do you have to do anything to access the jar file containing the map api code? Or is that automatically present on the device or emulator, the way the SDK code is? Do you need put the map api jar file in your class path, either when compiling or when executing? Or is it kept somewhere where it is already visible, and the requirement of an XML mention is merely to remind you of the licensing issue? Thanks, Peter

    Read the article

  • What is the best way to scale images in Java?

    - by Peter Kelley
    I have a web application written in Java (Spring, Hibernate/JPA, Struts2) where users can upload images and store them in the file system. I would like to scale those images so that they are of a consistent size for display on the site. What libraries or built in functions will offer the best results? I will consider the following criteria in making my decision (in this order): Free/Open Source (essential) Easy to implement Quality of results Performance Size of executable

    Read the article

  • How do I get python to load .NET .dlls referenced by mixed mode .dlls?

    - by Michael Kelley
    I have a python .pyd that is a mixed mode C++ DLL. The DLL loads fine and loads unmanaged C++ dlls without a problem, but when it tries to load the .NET dlls referenced by the managed C++ dlls it fails with this error message: Unhandled Exception: System.IO.FileNotFoundException: Could not load file or assembly '...' Copying these .NET dlls to the directory that pythod_d.exe is contained in allows the .NET libraries to load successfully, but this is not a good long term solution. Is there an environment variable I have to set or some command line option to python_d.exe that will solve my problem? Note that using IronPython or Python .NET is NOT acceptable.

    Read the article

  • Is There a Good Pattern for Creating a Unique Id based on a Type?

    - by Michael Kelley
    I have a template that creates a unique identifier for each type it is instanced. Here's a streamlined version of the template: template <typename T> class arType { static const arType Id; // this will be unique for every instantiation of arType<>. } // Address of Id is used for identification. #define PA_TYPE_TAG(T) (&arType<T >::Id) This works when you have an executable made purely of static libraries. Unfortunately we're moving to an executable made up of dlls. Each dlls could potentially have its own copy of Id for a type. One obvious solution is to explicitly instantiate all instances of arType. Unfortunately this is cumbersome, and I'd like to ask if anyone can propose a better solution?

    Read the article

  • New to php and need to format a php page from html statement

    - by Peter D
    My problem is the page shows a vertical line of options. I want to put them into a 4 column table to display instead of just down lhs of page. The code I want to change is as follows: </tr> <tr> <td>{LOOP: JOBTYPE} IF("{JOBTYPE.parent_id}"!="0"){&nbsp; {:IF} IF("{JOBTYPE.catcount}"=="0"){<input type="checkbox" name="jobtype[{JOBTYPE.id}]" value="{JOBTYPE.id}" {JOBTYPE.selected}>{JOBTYPE.title}<br>{:IF} IF("{JOBTYPE.catcount}"!="0"){<strong>{JOBTYPE.title}</strong><br>{:IF} {/LOOP: JOBTYPE}</td> </tr> <tr> <td>&nbsp;</td> </tr> As you can see I have another column there and can split cell further but i would like the job list to be displayed accross the page not vertically. Thank you in advance, Peter

    Read the article

  • What broke in this Javascript 1.2 snippet?

    - by Rob Kelley
    A friend has pointed me to his old website and says "the submit form just stopped working a while ago. I'm sure it's something simple." The form asks a child for a certain word from a book, and based on the answer, it should redirect the child to a success page or a failure page. It's using Javascript 1.2, circa 2001. You can see this form in in-action at: http://www.secrethidingplaces.com/login1.html Any idea why it's failing? The HTML does this: <script src="password.js" type="text/javascript" language="JavaScript1.2"> </script> <script type="text/javascript" language="JavaScript1.2"> <!-- function showRightPage () { return window.location.href = "extra.html" ; } function showWrongPage () { return window.location.href = "sorry2.html" ; } //--> </script> and then this: document.write ( '<form name="questionForm" action="javascript:checkAnswer()" method="post">' ) ; ... document.write ( '<input type="text" name="userAnswer" value="" size="90">' ) ; document.write ( '<INPUT TYPE="image" NAME="submit" SRC="stock/btn_send.gif" width="121" height="41" BORDER="0" ALT="submit">' ) ; document.write ( '\</p>' ) ; document.write ( '\</form>' ) ; I'm assuming there's something ugly in CheckAnswer from ./password.js . I can hack the form to bypass that javascript and go straight to the success page: document.write ( '<form name="questionForm" action="extra.html" method="post">' ) ; but I'd like to help my friend get his kids site working again. The CheckAnswer function is below. Is something going wrong in here? function checkAnswer () { currentAnswer = answersArray [ choiceNumber ] ; if (agt.indexOf("msie") != -1) { rawAnswer = document.questionForm.userAnswer.value ; } else { rawAnswer = document.callThis.document.questionForm.userAnswer.value ; } lcAnswer = rawAnswer.toLowerCase ( ) ; includedAnswer = lcAnswer.indexOf ( "currentAnswer" ) ; zadaAnswer = lcAnswer.indexOf ( "zada" ) ; brendanAnswer = lcAnswer.indexOf ( "brendan" ) ; nineAnswer = lcAnswer.indexOf ( "nine" ) ; thirtyAnswer = lcAnswer.indexOf ( "thirty" ) ; if ( choiceNumber == 0 ) { if ( includedAnswer == -1 && zadaAnswer == -1 && brendanAnswer == -1 ) { checked = "wrong" ; } } if ( choiceNumber == 8 ) { if ( includedAnswer == -1 && zadaAnswer == -1 && nineAnswer == -1 ) { checked = "wrong" ; } } if ( choiceNumber == 16 ) { if ( includedAnswer == -1 && zadaAnswer == -1 && thirtyAnswer == -1 ) { checked = "wrong" ; } } if ( choiceNumber != 0 && choiceNumber != 8 && choiceNumber != 16 ) { if ( includedAnswer == -1 && zadaAnswer == -1 ) { checked = "wrong" ; } } if ( checked == "wrong" ) { showWrongPage () ; } else { showRightPage () ; } } Thanks!

    Read the article

  • Run exe on computer in network through batch file

    - by Peter Kottas
    I have few computers connected to the network and I want to create batch files to automatize the process of working with them. I have already created one used to shutdown computers at once. It is very simple I ll just post it for the sake of argument. @echo off shutdown -s -m \\Slave1-PC shutdown -s -m \\Slave2-PC shutdown -s -m \\Slave3-PC Now I want to execute programs on these machines. So lets say there is "example.exe" file located "\Slave1-PC\d\example.exe" using call \\Slave1-PC\\d\\example.exe runs it on my computer through network and i didn't come up with anything else. I dont want to use any psexec if possible. Help would be much appreciated. Peter

    Read the article

  • Is there a way to preserve HTML Formatting in LiveDocX?

    - by Peter Schultheiss
    I have a large amount of content stored in a database as XHTML. I need to be able to pull this formatted content into a simple LiveDocX template with the formatting (bold, italic, bulleted lists, etc) preserved. Is this possible? If so, can anybody post a working example or link to an article? If not, are there other applications that I could look into? The client needs to be able to export content in the .doc/.docx file format. Thanks, Peter

    Read the article

  • Learning to write organized and modular programs (C++)

    - by Peter
    Hi All, I'm a computer science student, and I'm just starting to write relatively larger programs for my coursework (between 750 - 1500 lines). Up until now, it's been possible to get by with any reasonable level of modularization and object oriented design. However, now that I'm writing more complex code for my assignments I'd like to learn to write better code. Can anyone point me in the direction of some resources for learning about what sort of things to look for when designing your program's architecture so that you can make it as modularized as possible? Thank you for any help. Best, Peter

    Read the article

  • JRI Fatal Error on Ubuntu

    - by Peter Jackson
    I have successfully installed JRI and rJava on Windows 7. I am now trying to get it to work on Ubuntu with 64bit OS. I can make rJava calls from within R but getting JRI to work is more difficult. I am running NetBeans 7.1.2 and I have followed various tricks in setting R_HOME and java.library.path to enable all the classes to be loaded. That is, I am past the error messages such as "jri library not found" and "R_HOME not set". From my java code,I can see that R_HOME = /usr/lib64/R. The error message I get now is Fatal error: you must specify '--save', '--no-save' or '--vanilla' This happens when Rengine is first called: Rengine r = new Rengine(args,false,null); This appears to be an error message from R; it seems to be expecting a command line argument. I haven't seen any posting with this error message. Any ideas? Thanks, Peter

    Read the article

  • Ubuntu Cannot change permissions on files I own and have RW to.

    - by madmaze
    Hello there, I have a harddrive full of backups which for me is mounted at /media/chronus_ I have been trying to give another user rw permission to this drive. The problem is that I cannot change any permissions on this drive, even if i make a new file it puts sets everything to -rw------- here is an excerpt of what i have tried: madmaze@the-gibson:~$ touch testfile madmaze@the-gibson:~$ ls -l testfile -rw-r--r-- 1 madmaze madmaze 0 2011-01-16 20:11 testfile madmaze@the-gibson:~$ chmod 777 testfile madmaze@the-gibson:~$ ls -l testfile -rwxrwxrwx 1 madmaze madmaze 0 2011-01-16 20:11 testfile madmaze@the-gibson:~$ cd /media/chronos_/Pix/ madmaze@the-gibson:/media/chronos_/Pix$ ls -l total 4100 -rw------- 1 madmaze madmaze 28226 2011-01-16 20:18 avp.jpg -rw------- 1 madmaze madmaze 5764 2011-01-16 20:18 avpsmall.jpg -rw------- 1 madmaze madmaze 98414 2011-01-16 20:18 john.jpg -rw------- 1 madmaze madmaze 98785 2011-01-16 20:18 lisa.jpg -rw------- 1 madmaze madmaze 3954281 2011-01-16 20:18 peter.jpg madmaze@the-gibson:/media/chronos_/Pix$ chmod 777 *.jpg madmaze@the-gibson:/media/chronos_/Pix$ ls -l total 4100 -rw------- 1 madmaze madmaze 28226 2011-01-16 20:18 avp.jpg -rw------- 1 madmaze madmaze 5764 2011-01-16 20:18 avpsmall.jpg -rw------- 1 madmaze madmaze 98414 2011-01-16 20:18 john.jpg -rw------- 1 madmaze madmaze 98785 2011-01-16 20:18 lisa.jpg -rw------- 1 madmaze madmaze 3954281 2011-01-16 20:18 peter.jpg madmaze@the-gibson:/media/chronos_/Pix$ sudo chmod 777 *.jpg madmaze@the-gibson:/media/chronos_/Pix$ ls -l total 4100 -rw------- 1 madmaze madmaze 28226 2011-01-16 20:18 avp.jpg -rw------- 1 madmaze madmaze 5764 2011-01-16 20:18 avpsmall.jpg -rw------- 1 madmaze madmaze 98414 2011-01-16 20:18 john.jpg -rw------- 1 madmaze madmaze 98785 2011-01-16 20:18 lisa.jpg -rw------- 1 madmaze madmaze 3954281 2011-01-16 20:18 peter.jpg madmaze@the-gibson:/media/chronos_/Pix$ touch testfile madmaze@the-gibson:/media/chronos_/Pix$ ls -l testfile -rw------- 1 madmaze madmaze 0 2011-01-16 20:25 testfile madmaze@the-gibson:/media/chronos_/Pix$ chmod 777 testfile madmaze@the-gibson:/media/chronos_/Pix$ ls -l testfile -rw------- 1 madmaze madmaze 0 2011-01-16 20:25 testfile madmaze@the-gibson:/media/chronos_/Pix$ Any Ideas what I could be doing wrongly?

    Read the article

  • How to troubleshoot problem with OpenVpn Appliance Server not able to connect

    - by Peter
    1) I have a Windows Server 2008 Standard SP2 2) I am running Hyper-V and have the OpenSvn Appliance Server virtual running 3) I have configured it as it said, only issue was that the legacy network adapter does not have a setting the instructions mention "Enable spoofing of MAC Addresses". My understand is that before R2, this was on by default. 4) Server is running, web interfaces look good 5) I am trying to connect from a Vista 64 box and cannot 5a) If I set to UPD I am stuck at Authorizing and client log looks like: 10/11/09 15:00:42: INFO: OvpnConfig: connect... 10/11/09 15:00:42: INFO: Gui listen socket at 34567 10/11/09 15:00:42: INFO: sending start command to instantiator... 10/11/09 15:00:42: INFO: start 34567 ?C:\Users\Peter\AppData\Roaming\OpenVPNTech\config?02369512D0C82A04B88093022DA0226202218022A902264022AE022B? 10/11/09 15:00:42: INFO: Got line from MI->>INFO:OpenVPN Management Interface Version 1 -- type 'help' for more info 10/11/09 15:00:42: INFO: Got line from MI->>HOLD:Waiting for hold release 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: real-time state notification set to ON 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: bytecount interval changed 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold flag set to OFF 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold release succeeded 10/11/09 15:00:43: INFO: Got line from MI->>PASSWORD:Need 'Auth' username/password 10/11/09 15:00:43: INFO: Processing PASSWORD. 10/11/09 15:00:43: INFO: OvpnClient: setting need auth to true. 10/11/09 15:00:43: INFO: OvpnConfig: Setting need auth to true. 10/11/09 15:00:43: INFO: Got auth request from active_config from 0 10/11/09 15:00:47: INFO: Sending Credentials.... 10/11/09 15:00:47: INFO: Sending 25 bytes for username. 10/11/09 15:00:47: INFO: Sent 25 bytes for username. 10/11/09 15:00:47: INFO: Sending 30 bytes for password. 10/11/09 15:00:47: INFO: Sent 30 bytes for password. 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' username entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' password entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287647,WAIT,,, 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:0,42 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:54,42 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287648,AUTH,,, 10/11/09 15:00:50: INFO: Got line from MI->>BYTECOUNT:2560,2868 10/11/09 15:00:52: INFO: Got line from MI->>BYTECOUNT:2560,3378 5b) I setup server for tcp and try to connect, I get a loop of authorizing and reconnecting. Log looks like: 10/11/09 15:00:42: INFO: Got line from MI->>HOLD:Waiting for hold release 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: real-time state notification set to ON 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: bytecount interval changed 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold flag set to OFF 10/11/09 15:00:43: INFO: Got line from MI->SUCCESS: hold release succeeded 10/11/09 15:00:43: INFO: Got line from MI->>PASSWORD:Need 'Auth' username/password 10/11/09 15:00:43: INFO: Processing PASSWORD. 10/11/09 15:00:43: INFO: OvpnClient: setting need auth to true. 10/11/09 15:00:43: INFO: OvpnConfig: Setting need auth to true. 10/11/09 15:00:43: INFO: Got auth request from active_config from 0 10/11/09 15:00:47: INFO: Sending Credentials.... 10/11/09 15:00:47: INFO: Sending 25 bytes for username. 10/11/09 15:00:47: INFO: Sent 25 bytes for username. 10/11/09 15:00:47: INFO: Sending 30 bytes for password. 10/11/09 15:00:47: INFO: Sent 30 bytes for password. 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' username entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->SUCCESS: 'Auth' password entered, but not yet verified 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287647,WAIT,,, 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:0,42 10/11/09 15:00:48: INFO: Got line from MI->>BYTECOUNT:54,42 10/11/09 15:00:48: INFO: Got line from MI->>STATE:1255287648,AUTH,,, 10/11/09 15:00:50: INFO: Got line from MI->>BYTECOUNT:2560,2868 10/11/09 15:00:52: INFO: Got line from MI->>BYTECOUNT:2560,3378 10/11/09 15:00:54: INFO: Got line from MI->>BYTECOUNT:2560,3888 ... Is there anyway to turn on robust logging on the server to understand what is happening? Any ideas on how to hunt this down?

    Read the article

  • iptables - quick safety eval & limit max conns over time

    - by Peter Hanneman
    Working on locking down a *nix server box with some fancy iptable(v1.4.4) rules. I'm approaching the matter with a "paranoid, everyone's out to get me" style, not necessarily because I expect the box to be a hacker magnet but rather just for the sake of learning iptables and *nix security more throughly. Everything is well commented - so if anyone sees something I missed please let me know! The *nat table's "--to-ports" point to the only ports with actively listening services. (aside from pings) Layer 2 apps listen exclusively on chmod'ed sockets bridged by one of the layer 1 daemons. Layers 3+ inherit from layer 2 in a similar fashion. The two lines giving me grief are commented out at the very bottom of the *filter rules. The first line runs fine but it's all or nothing. :) Many thanks, Peter H. *nat #Flush previous rules, chains and counters for the 'nat' table -F -X -Z #Redirect traffic to alternate internal ports -I PREROUTING --src 0/0 -p tcp --dport 80 -j REDIRECT --to-ports 8080 -I PREROUTING --src 0/0 -p tcp --dport 443 -j REDIRECT --to-ports 8443 -I PREROUTING --src 0/0 -p udp --dport 53 -j REDIRECT --to-ports 8053 -I PREROUTING --src 0/0 -p tcp --dport 9022 -j REDIRECT --to-ports 8022 COMMIT *filter #Flush previous settings, chains and counters for the 'filter' table -F -X -Z #Set default behavior for all connections and protocols -P INPUT DROP -P OUTPUT DROP -A FORWARD -j DROP #Only accept loopback traffic originating from the local NIC -A INPUT -i lo -j ACCEPT -A INPUT ! -i lo -d 127.0.0.0/8 -j DROP #Accept all outgoing non-fragmented traffic having a valid state -A OUTPUT ! -f -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT #Drop fragmented incoming packets (Not always malicious - acceptable for use now) -A INPUT -f -j DROP #Allow ping requests rate limited to one per second (burst ensures reliable results for high latency connections) -A INPUT -p icmp --icmp-type 8 -m limit --limit 1/sec --limit-burst 2 -j ACCEPT #Declaration of custom chains -N INSPECT_TCP_FLAGS -N INSPECT_STATE -N INSPECT #Drop incoming tcp connections with invalid tcp-flags -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL ALL -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL NONE -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ACK,FIN FIN -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ACK,PSH PSH -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ACK,URG URG -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL FIN,PSH,URG -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags FIN,RST FIN,RST -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags SYN,RST SYN,RST -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL SYN,FIN,PSH,URG -j DROP -A INSPECT_TCP_FLAGS -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j DROP #Accept incoming traffic having either an established or related state -A INSPECT_STATE -m state --state ESTABLISHED,RELATED -j ACCEPT #Drop new incoming tcp connections if they aren't SYN packets -A INSPECT_STATE -m state --state NEW -p tcp ! --syn -j DROP #Drop incoming traffic with invalid states -A INSPECT_STATE -m state --state INVALID -j DROP #INSPECT chain definition -A INSPECT -p tcp -j INSPECT_TCP_FLAGS -A INSPECT -j INSPECT_STATE #Route incoming traffic through the INSPECT chain -A INPUT -j INSPECT #Accept redirected HTTP traffic via HA reverse proxy -A INPUT -p tcp --dport 8080 -j ACCEPT #Accept redirected HTTPS traffic via STUNNEL SSH gateway (As well as tunneled HTTPS traffic destine for other services) -A INPUT -p tcp --dport 8443 -j ACCEPT #Accept redirected DNS traffic for NSD authoritative nameserver -A INPUT -p udp --dport 8053 -j ACCEPT #Accept redirected SSH traffic for OpenSSH server #Temp solution: -A INPUT -p tcp --dport 8022 -j ACCEPT #Ideal solution: #Limit new ssh connections to max 10 per 10 minutes while allowing an "unlimited" (or better reasonably limited?) number of established connections. #-A INPUT -p tcp --dport 8022 --state NEW,ESTABLISHED -m recent --set -j ACCEPT #-A INPUT -p tcp --dport 8022 --state NEW -m recent --update --seconds 600 --hitcount 11 -j DROP COMMIT *mangle #Flush previous rules, chains and counters in the 'mangle' table -F -X -Z COMMIT

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 3 4 5 6 7 8 9 10 11 12 13 14  | Next Page >