Search Results

Search found 2503 results on 101 pages for 'destination'.

Page 73/101 | < Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >

• IPTables: NAT multiple IPs to one public IP

  - by Kaemmelot

  I'm looking for a way how to nat 2 or more inner IPs (in my case xen doms) to one outer IP. I tried to use iptables -t nat -A PREROUTING -d 123.123.123.123 -j DNAT --to 1.2.3.4 --to 1.2.3.7 iptables -t nat -A POSTROUTING -s 1.2.3.4 -j SNAT --to 123.123.123.123 iptables -t nat -A POSTROUTING -s 1.2.3.7 -j SNAT --to 123.123.123.123 And got an error: iptables v1.4.14: DNAT: Multiple --to-destination not supported Try `iptables -h' or 'iptables --help' for more information. I found this in the manpage: Later Kernels (= 2.6.11-rc1) don't have the ability to NAT to multiple ranges anymore. So my question is: Why is it not possible anymore and is there a workaround? Maybe I should use an other method I don't know yet? EDIT: The idea is to use the system like a router, so I have one address but multiple users behind. The problem is I don't know which connection reffers to a user (for example 1.2.3.4). But I know, they all have different ports open for incomming traffic. So my solution (for DNAT) would be to nat all incoming connections to all users and filter all unused ports, so the connection goes to one single user. For outgoing traffic I would use iptables -A FORWARD -i eth0 -d 1.2.3.4 -m state --state ESTABLISHED,RELATED -j ACCEPT

  Read the article

• Linux Experts Riddle: Network output of 10MB/s on 10GB/s NIC

  - by user150324

  I have two CentOS 6 servers. I am trying to transfer files between them. Source server has 10GB/s NIC nd destination server has 1GB/s NIC. Regardless to the command used nor the protocol, the transfer speed is ~1 Mega byte per second. The goal is at least couple dozens MB per second. I have tried: rsync (also with various encryptions), scp, wget, aftp, nc. Here's some testing results with iperf: [root@serv ~]# iperf -c XXX.XXX.XXX.XXX -i 1 ------------------------------------------------------------ Client connecting to XXX.XXX.XXX.XXX, TCP port 5001 TCP window size: 64.0 KByte (default) ------------------------------------------------------------ [ 3] local XXX.XXX.XXX.XXX port 33180 connected with XXX.XXX.XXX.XXX port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0- 1.0 sec 1.30 MBytes 10.9 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 1.0- 2.0 sec 1.28 MBytes 10.7 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 2.0- 3.0 sec 1.34 MBytes 11.3 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 3.0- 4.0 sec 1.53 MBytes 12.8 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 4.0- 5.0 sec 1.65 MBytes 13.8 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 5.0- 6.0 sec 1.79 MBytes 15.0 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 6.0- 7.0 sec 1.95 MBytes 16.3 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 7.0- 8.0 sec 1.98 MBytes 16.6 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 8.0- 9.0 sec 1.91 MBytes 16.0 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 9.0-10.0 sec 2.05 MBytes 17.2 Mbits/sec [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.0 sec 1.68 MBytes 14.0 Mbits/sec I guess HD is not the bottleneck here.

  Read the article

• Problems installing Adobe Premiere Elements 8 Content features

  - by Walt Maken

  I recently purchased Adobe Photoshop & Premiere Elements 8. Photoshop Elements 8 installed fine, along with the additional material available via internet download. Premiere Elements 8 installed ok from the DVD. During the Premiere Elements 8 startup process the following message appears: A reduced set of content (Instant Movie Themes, Title and Menu Templates,etc) has been installed. To install the full content set, please insert your Content DVD and run Setup.exe. If you do not have a Content DVD please visit http://www.adobe.com/go/pre_additional_downloads to download the content installer. Since I didn't have the Content DVD, I did the download, which took nearly 12 hours. The extract appeared to complete at 100%, but then immediately gave the error message "A problem occurred while extracting some files. Check available space on your computer and the write privileges on the destination folder." Why would it show this error message if it had completed the extract process 100%? What step(s) do I take now to have Content installed? Do I need to go thru the 12 hour download again or, hopefully, is there something I can do that will make it unnecessary to download again?

  Read the article

• Karmic iptables missing kernel moduyles on OpenVZ container

  - by luison

  After an unsuccessful p2v migration of my Ubuntu server to an OpenVZ container which I am stack with I thought I would give a try to a reinstall based on a clean OpenVZ template for Ubuntu 9.10 (from the OpenVZ wiki) When I try to load my iptables rules on the VM machine I've been getting errors which I believe are related to kernel modules not being loaded on the VM from the /vz/XXX.conf template model. I've been testing with a few post I've found but I was stack with the error: WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. FATAL: Could not load /lib/modules/2.6.24-10-pve/modules.dep: No such file or directory iptables-restore v1.4.4: iptables-restore: unable to initialize table 'raw' Error occurred at line: 2 Try `iptables-restore -h' or 'iptables-restore --help' for more information. I read about the template not loading all iptables modules so I added modules to the XXX.conf of the VZ virtual machine like this: IPTABLES="ip_tables iptable_filter iptable_mangle ipt_limit ipt_multiport ipt_tos ipt_TOS ipt_REJECT ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_LOG ipt_length ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_conntrack ipt_state ipt_helper iptable_nat ip_nat_ftp ip_nat_irc" As the error remained I read that I should build dependencies again on the virtual machine: depmod -a but this returned an error: WARNING: Couldn't open directory /lib/modules/2.6.24-10-pve: No such file or directory FATAL: Could not open /lib/modules/2.6.24-10-pve/modules.dep.temp for writing: No such file or directory So I read again about creating the directory empty and redoing "depmod -a" it. I now don't get the dependancies error but get this and I don't have a clue how to proceed: WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. FATAL: Module ip_tables not found. iptables-restore v1.4.4: iptables-restore: unable to initialize table 'raw' Error occurred at line: 2 Try `iptables-restore -h' or 'iptables-restore --help' for more information. I understand that iptables rules have to be different on the VM machine and perhaps some of the rules we are trying to apply (from our physical server) are not compatible but these are just source IP and destination port checks that I would like to be able to have available . I've heard that on the CentOS template there are no issues with this, so I understand is to do with VM config. Any help would be greatly appreciated.

  Read the article

• Difference between "traceroute" and "traceroute -U"

  - by AndiDog

  The manpage of traceroute says that the "-U" parameter (UDP probing) is the default, but I'm getting different results every time. With "-U": traceroute -U www.univ-paris1.fr traceroute to www.univ-paris1.fr (193.55.96.121), 30 hops max, 60 byte packets [...] 13 rap-vl165-te3-2-jussieu-rtr-021.noc.renater.fr (193.51.181.101) 59.445 ms 56.924 ms 56.651 ms [...] 18 * paris1web.univ-paris1.fr (193.55.96.121) 23.797 ms 23.603 ms but the normal traceroute gives me another result (never reaches the final node) - it's either "!X" or just exits after the maximum of 30 hops: traceroute www.univ-paris1.fr traceroute to www.univ-paris1.fr (193.55.96.121), 30 hops max, 60 byte packets [...] 11 te1-1-paris1-rtr-021.noc.renater.fr (193.51.189.38) 28.147 ms 28.250 ms 28.538 ms [... non-responding nodes ...] 28 site-1.03-jussieu.rap.prd.fr (195.221.126.58) 85.941 ms !X * * Note: I tried this very often and always get the same results. The path in my local network is always the same. So what does the "-U" parameter actually change here? I'm especially interested what the reason for "!X" could be (communication administratively prohibited). EDIT: If that helps, paris-traceroute gives me the following for the last hop: 14 P(1, 6) site-1.03-jussieu.rap.prd.fr (195.221.126.58) 34.938 ms !5 !T2 which means that node discards the packet with TTL=2 and returns an unknown message (not "destination unreachable" or the like).

  Read the article

• How can I use two Internet connections in Ubuntu?

  - by Martin

  My goal is to be able to do something like this: curl google.com --interface ppp0 curl google.com --interface p2p2 ppp0 is a DSL connection, and p2p2 is a separate direct Internet connection. Currently I can only get one of these to work at a time. When I enable one, the other one stops working. /etc/network/interfaces: # The loopback network interface auto lo iface lo inet loopback # DSL auto p2p1 iface p2p1 inet manual auto dsl-provider iface dsl-provider inet ppp pre-up /sbin/ifconfig p2p1 up # line maintained by pppoeconf provider dsl-provider # DIRECT auto p2p2 iface p2p2 inet dhcp ifconfig: lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 p2p1 Link encap:Ethernet inet6 addr: fe80::20a:ebff:fe21:99c6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 p2p2 Link encap:Ethernet inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::20a:ebff:fe17:1249/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 ppp0 Link encap:Point-to-Point Protocol inet addr:53.193.231.167 P-t-P:53.193.224.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1 route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 10.0.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth2 53.193.224.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 p2p2 By default, only ppp0 works. If I run "route add default gw 192.168.1.1 p2p2" then I can use p2p2 but ppp0 stops working. If I then run "route add default gw 53.193.224.1 ppp0" then I can use ppp0 again but p2p2 stops working. What can I do to be able to use both interfaces selectively?

  Read the article

• Pinging an external server through OpenVPN tunnel doesn’t work

  - by qdii

  I have an OpenVPN server and a client, and I want to use this tunnel to access not only 10.0.8.0/24 but the whole internet. So far, pinging the server from the client through the tun0 interface works, and vice versa. However, pinging www.google.com from the client through tun0 doesn’t work (all packets are lost). I figured that I should configure the server so that any packet coming from tun0 in destination of the internet be forwarded, so I came up with this iptables config line: interface_connecting_to_the_internet='eth0' interface_openvpn='tun0' internet_ip_address=`ifconfig "$interface_connecting_to_the_internet" | sed -n s'/.*inet \([0-9.]*\).*/\1/p'` iptables -t nat -A POSTROUTING -o "${interface_connecting_to_the_internet}" -j SNAT --to-source "${internet_ip_address}" echo '1' > /proc/sys/net/ipv4/ip_forward Yet, this doesn’t work, the packets are still lost and I am wondering what could possibly be wrong with my setup. Some details: ip route gives on the server: default via 176.31.127.254 dev eth0 metric 3 10.8.0.0/24 via 10.8.0.2 dev tun0 10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1 127.0.0.0/8 via 127.0.0.1 dev lo 176.31.127.0/24 dev eth0 proto kernel scope link src 176.31.127.109 ip route gives on the client: default via 192.168.1.1 dev wlan0 proto static 10.8.0.1 via 10.8.0.5 dev tun0 10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6 127.0.0.0/8 via 127.0.0.1 dev lo scope link 192.168.1.0/24 dev wlan0 proto kernel scope link src 192.168.1.109 client uses wifi adapter wlan0 and TUN adapter tun0. server uses ethernet adapter eth0 and TUN adapter tun0. the VPN spans on 10.0.8.0/24 both client and linux are using Linux 3.6.1.

  Read the article

• How to create VHD disk image from a Linux live system?

  - by Federico

  Once more, I have to resort at the experts here at SuperUser, as my other sources (mainly Google ;-)) didn't prove very helpful... So basically, I would like to create a VHD image of a physical disk to be archived/accessed/maybe even mounted in a virtual machine. Now, there are dozens of articles and tutorials on how to do that on the web, but none that meets exactly the conditions I would like to achieve: I would like the destination file to be a VHD image, as Windows 7 can mount it natively, even over the network and many other programs can use it (VirtualBox, ...) The disk I'm trying to image contains a Windows XP install, so in theory, I could use the disk2vhd utility, but I would like to find a solution that doesn't require booting that Windows XP install (ie keep the disk read-only) Thus I was searching for a solution involving some sort of live system (running from a USB stic or the network) However, all the solutions that I've came across either make use of disk2vhd or use the dd command under linux, which does a complete copy of the disk (ie even empty blocks) and does not output a VHD file. Is there a tool/program under Linux that can directly create a VHD file? Or is is possible to convert a raw disk image created using dd to a VHD file, without allocating space for the empty blocks? How would you proceed? As always, any advice or comment is highly appreciated!!

  Read the article

• Something very strange with network

  - by Rodnower

  Hello, I have Windows 7 and I have very strange thing with my network. Some time I was connected through wireless router and my IP was 192.168.2.103, router's IP was 192.168.2.1 and some other IP was 192.168.2.100. The last I get from page "active DHCP clients" of web interface of the router and from "wireless clients" I may to see that 192.168.2.100 not (!) belong to my MAC address. Router build by EDimax. So after that I disabled wireless function of the router and restarted it. In this time I had not ping to 192.168.2.1. Also I had not any other connection, not wireless nor cable, but (!) I still had ping to 192.168.2.100 and I not understand what this voodoo is... C:\Users\Andrey>ping 192.168.2.100 Pinging 192.168.2.100 with 32 bytes of data: Reply from 192.168.2.100: bytes=32 time<1ms TTL=128 Reply from 192.168.2.100: bytes=32 time<1ms TTL=128 Reply from 192.168.2.100: bytes=32 time<1ms TTL=128 Reply from 192.168.2.100: bytes=32 time<1ms TTL=128 Ping statistics for 192.168.2.100: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms This is what I had: C:\Users\Andrey>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . . : Andrey-PC Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No Wireless LAN adapter Wireless Network Connection 3: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2 Physical Address. . . . . . . . . : 06-1D-7D-40-61-EB DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Wireless LAN adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Gigabyte GN-WS50G (mini) PCI-E WLAN Card Physical Address. . . . . . . . . : 00-1D-7D-40-61-EB DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller Physical Address. . . . . . . . . : 00-1B-24-B6-09-91 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes C:\Users\Andrey>arp -a -v Interface: 127.0.0.1 --- 0x1 Internet Address Physical Address Type 224.0.0.22 static 239.255.255.250 static Interface: 0.0.0.0 --- 0xffffffff Internet Address Physical Address Type 192.168.2.1 00-0e-2e-d2-8c-af invalid 192.168.2.255 ff-ff-ff-ff-ff-ff static 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.252 01-00-5e-00-00-fc static 239.255.255.250 01-00-5e-7f-ff-fa static 255.255.255.255 ff-ff-ff-ff-ff-ff static Interface: 0.0.0.0 --- 0xffffffff Internet Address Physical Address Type 192.168.2.1 00-0e-2e-ff-f1-f6 dynamic 192.168.2.101 00-27-19-bc-8b-9c dynamic 192.168.2.102 00-16-e6-6c-ae-d4 dynamic 192.168.2.255 ff-ff-ff-ff-ff-ff static 224.0.0.22 01-00-5e-00-00-16 static 224.0.0.252 01-00-5e-00-00-fc static 239.255.255.250 01-00-5e-7f-ff-fa static 255.255.255.255 ff-ff-ff-ff-ff-ff static Interface: 0.0.0.0 --- 0xffffffff Internet Address Physical Address Type 224.0.0.22 01-00-5e-00-00-16 static 255.255.255.255 ff-ff-ff-ff-ff-ff static C:\Users\Andrey>route print =========================================================================== Interface List 14...06 1d 7d 40 61 eb ......Microsoft Virtual WiFi Miniport Adapter #2 13...00 1d 7d 40 61 eb ......Gigabyte GN-WS50G (mini) PCI-E WLAN Card 11...00 1b 24 b6 09 91 ......Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller 1...........................Software Loopback Interface 1 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 1 306 ff00::/8 On-link =========================================================================== Persistent Routes: None Only after reboot I lost ping to there: C:\Users\Andrey>ping 192.168.2.100 Pinging 192.168.2.100 with 32 bytes of data: PING: transmit failed. General failure. PING: transmit failed. General failure. PING: transmit failed. General failure. PING: transmit failed. General failure. Ping statistics for 192.168.2.100: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), So what this mysterious cache is? Thank you for ahead.

  Read the article

• Debian/OVH: How to configure multiple Failover IP on the same Xen (Debian) Virtual Machine?

  - by D.S.

  I have a problem on a Xen virtual machine (running latest Debian), when I try to configure a second failover IP address. OVH reports that my IP is misconfigured and they complaint they receive a massive quantity of ARP packets from this IPs, so they are going to block my IP unless I fix this issue. I suspect there's a routing issue, but I don't know (and can't find any useful info on the provider's website, and their support doesn't provide me a valid solution, just bounce me to their online - useless - guides). My /etc/network/interfaces look like this: # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address AAA.AAA.AAA.AAA netmask 255.255.255.255 broadcast AAA.AAA.AAA.AAA post-up route add 000.000.000.254 dev eth0 post-up route add default default gw 000.000.000.254 dev eth0 # Secondary NIC auto eth0:0 iface eth0:0 inet static address BBB.BBB.BBB.BBB netmask 255.255.255.255 broadcast BBB.BBB.BBB.BBB And the routing table is: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 000.000.000.254 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 0.0.0.0 000.000.000.254 0.0.0.0 UG 0 0 0 eth0 In these examples (true IP addresses are replaced by fake ones, guess why :)), 000.000.000.000 is my main server's IP address (dom0), 000.000.000.254 is the default gateway OVH recommends, AAA.AAA.AAA.AAA is the first IP Failover and BBB.BBB.BBB.BBB is the second one. I need both AAA.AAA.AAA.AAA and BBB.BBB.BBB.BBB to be publicly reachable from Internet and point to my domU, and to be able to access Internet from inside the virtual machine (domU). I am using eth0 and eth0:0 because due to OVH support, I have to assign both IPs to the same MAC address and then create a virtual eth0:0 interface for the second IP. Any suggestion? What am I doing wrong? How can I stop OVH complaining about ARP flood? Many thanks in advance, DS

  Read the article

• make local only daemon listening on different interface (using iptables port forwarding)?

  - by UniIsland

  i have a daemon program which listens on 127.0.0.1:8000. i need to access it when i connect to my box with vpn. so i want it to listen on the ppp0 interface too. i've tried the "ssh -L" method. it works, but i don't think it's the right way to do that, having an extra ssh process running in the background. i tried the "netcat" method. it exits when the connection is closed. so not a valid way for "listening". i also tried several iptables rules. none of them worked. i'm not listing here all the rules i've used. iptables -A FORWARD -j ACCEPT iptables -t nat -A PREROUTING -i ppp+ -p tcp --dport 8000 -j DNAT --to-destination 127.0.0.1:8000 the above ruleset doesn't work. i have net.ipv4.ip_forward set to 1. anyone knows how to redirect traffic from ppp interface to lo? say, listen on "192.168.45.1:8000 (ppp0)" as well as "127.0.0.1:8000 (lo)" there's no need to alter the port. thanx

  Read the article

• windows 2003 under Hyper-V - can't send/receive ping

  - by glaucon

  I've installed Windows 2003 x64 R2 SP2 under Hyper-V (the Windows Pro 8 edition). I have a NIC configured but I can't move any traffic on it. In particular I can't send or receive Pings. Scoreboard There is a second VM running Ubuntu under the Windows 8 host which is able to send and receive pings from the host O/S . When I try to ping from Windows 2003 guest to Windows 8 host I get 'Request Timed Out'. When I try to ping from Windows 8 host to Windows 2003 guest I get 'Reply from 192.168.10.107 Destination Host Unreachable'. There's no problem pinging from the Ubuntu guest to the Windows 8 host and no problem pinging from the Windows 8 host to the Unbuntu guest. Environment Integration services are installed on Windows 2003. The windows 2003 needs a static IP address of 192.168.10.15. The Windows 2003 ipconfig output looks like this : While the host o/s ipconfig output looks like this : Event Logs The only things I can see in the event logs which is (a) looks signifcant and (b) is not related to the lack of networking is this : I'm not sure if that's significant or not. Hyper-V and NICs When the Windows 2003 guest was first booted it had no NIC; I subsequently added a 'Legacy Network Connector' which I couldn't get Windows 2003 to recognise; I subsequently removed that and added a 'Standard Network Connector' and at least on the surface this works ... only it doesn't. 'Virtual Network Type' is external. Although I've only mentioned ping there's no other evidence of network activity. 'Allow incoming echo request' is enabled on the Windows 2003 guest. HELP ? What else should I look at or do to resolve this problem ? EDIT 1: I should have said that I turned off the firewall on the W2003 server for a while and retested the pings; same result.

  Read the article

• Mysql server won't start - no logs

  - by Owen

  After a restart, mysql won't start. sudo service mysql start gives start: Job failed to start and the logs are empty, so I have no idea where to start. I'm pretty sure permissions problems are taken care of. Edit: All disks have at least 1G of space and sh -x /etc/init.d/mysql start gives me: + set -e + basename /etc/init.d/mysql + INITSCRIPT=mysql + JOB=mysql + [ mysql = upstart-job ] + [ -z start ] + COMMAND=start + shift + [ -z ] + ECHO=echo + echo Rather than invoking init scripts through /etc/init.d, use the service(8) Rather than invoking init scripts through /etc/init.d, use the service(8) + echo utility, e.g. service mysql start utility, e.g. service mysql start + echo + echo Since the script you are attempting to invoke has been converted to an Since the script you are attempting to invoke has been converted to an + echo Upstart job, you may also use the start(8) utility, e.g. start mysql Upstart job, you may also use the start(8) utility, e.g. start mysql + grep -q start/ + status mysql + [ -z ] + [ start = stop ] + [ -n ] + start mysql start: Rejected send message, 1 matched rules; type="method_call", sender=":1.105" (uid=1000 pid=3208 comm="start mysql ") interface="com.ubuntu.Upstart0_6.Job" member="Start" error name="(unset)" requested_reply="0" destination="com.ubuntu.Upstart" (uid=0 pid=1 comm="/sbin/init")

  Read the article

• scp No such file or directory

  - by Joe

  I've a confusing question for which superuser doesn't seem to have a good answer, and neither google. I'm trying to scp a file from a remote server to my local machine. The command is this scp user@server:/path/to/source/file.gz /path/to/destination The error I get is: scp: /path/to/source/file.gz: No such file or directory user is my username on the server. The command syntax appears fine to me. ssh works fine and I can cd to the file and it doesn't seem to be an access control issue? Thanks; Edit: Thank you John. I spotted the issue. ls returned this: -r--r--r-- 1 nobody users 168967171 Mar 10 2009 /path/to/source/file.gz So, the file was on a read-only file system and user is able to read it but not scp. I just copied the file to a different directory and chown it and worked fine. It would be good if someone can explain why this is the case though.

  Read the article

• Regarding traffic shaping on juniper SRX550

  - by peilin

  We have implemented the Juniper SRX550 in our company. Now we have one issue that how to restrict the internal user download speed from internet. Take one example that i want to restrict the end user with IP:192.168.1.20/32 downloading speed up to 1M via my external port ge-0/0/6.0. Below is my setting: [edit firewall policer p1M] root@SRX550# show if-exceeding { bandwidth-limit 1m; burst-size-limit 15k; } then discard; [edit firewall family inet] root@SRX550# show filter limit-user term 10 { from { destination-address { 192.168.1.20/32; } } then policer p1M; } term else { then accept; } [edit interfaces ge-0/0/6] root@SRX550# show per-unit-scheduler; unit 0 { family inet { filter { input limit-user; } address Hidden Here; } } As per the setting, the end user downloading speed should not exceed the 1m (125KB in windows), but the result is the downloading speed for this end users still can up to 400KB via HTTP/HTTPS. Please advise. Thanks.

  Read the article

• Is there a way to determine which service (in svchost.exe) does an outgoing connection?

  - by fluxtendu

  I'm redoing my firewall configuration with more restrictive policies and I would like to determine the provenance (and/or destination) of some outgoing connections. I have an issue because they come from svchost.exe and go to web content/application delivery providers - or similar: 5 IP in range: 82.96.58.0 - 82.96.58.255 --> Akamai Technologies akamaitechnologies.com 3 IP in range: 93.150.110.0 - 93.158.111.255 --> Akamai Technologies akamaitechnologies.com 2 IP in range: 87.248.194.0 - 87.248.223.255 --> LLNW Europe 2 llnw.net 205.234.175.175 --> CacheNetworks, Inc. cachefly.net 188.121.36.239 --> Go Daddy Netherlands B.V. secureserver.net So is it possible to know which service does a particular connection? Or what's your recommendation about the rules applied to these ones? (Comodo Firewall & Windows 7) Update: netstat -ano & tasklist /svc help me a little but they are many services in one svchost.exe so it's still an issue. moreover the service names returned by "tasklist /svc" are not easy readable. (All the connections are HTTP (port 80) but I don't think it's relevant)

  Read the article

• Internet doesn't work when enable local network

  - by rakesh yadav

  We have the following network setup: A) Router IP 192.168.51.49 B) Windows Server 2008 R2 with dual NIC: Lan A) WAN interface (192.168.51.50) ( Used for internet) Lan B) LAN interface (192.168.30.228) ( used for local connectivity ) When I keep both LAN Enabled than my internet doesn't work, but if I disable my local LAN then internet works fine. How can I resolve this issue? Do I need to do routing on my server Please find the below attached route print result C:\Users\Administrator>route print =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.51.49 192.168.51.50 276 0.0.0.0 0.0.0.0 192.168.30.227 192.168.30.228 266 192.168.30.224 255.255.255.240 On-link 192.168.30.228 266 192.168.30.228 255.255.255.255 On-link 192.168.30.228 266 192.168.30.239 255.255.255.255 On-link 192.168.30.228 266 192.168.51.48 255.255.255.240 On-link 192.168.51.50 276 192.168.51.50 255.255.255.255 On-link 192.168.51.50 276 192.168.51.63 255.255.255.255 On-link 192.168.51.50 276 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 202.56.230.5 255.255.255.255 192.168.51.49 192.168.51.50 21 202.56.230.6 255.255.255.255 192.168.51.49 192.168.51.50 21 192.168.26.124 255.255.255.255 192.168.51.49 192.168.51.50 21 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.51.50 276 224.0.0.0 240.0.0.0 On-link 192.168.30.228 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.51.50 276 255.255.255.255 255.255.255.255 On-link 192.168.30.228 266 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 0.0.0.0 0.0.0.0 192.168.30.227 Default 0.0.0.0 0.0.0.0 192.168.51.49 Default ===========================================================================

  Read the article

• Public-to-Public IPSec tunnel: NAT confusion

  - by WuckaChucka

  I know this is possible -- and apparently fairly common with larger companies that don't/can't route private addresses for overlap reasons -- but I can't wrap my head around how to get this to work. I'm playing around with pfSense, Vyatta and a Cisco 5505 right now, hardware-wise. So here's my setup: WEST: Vyatta outside: 10.0.0.254/24 inside: 172.16.0.1/24 machine a: 172.16.0.200/24 EAST: Cisco 5505 outside: 10.0.0.210/24 inside: 192.168.10.1 machine b (webserver): 192.168.10.2 So what we're trying to do is this: route traffic across the tunnel from machine A to machine B without using private addresses. i.e. 172.16.0.200 makes a TCP request to 10.0.0.210:80, and as far as EAST is concerned, it sees a src IP of 10.0.0.254. On WEST, I have your typical many-to-one Source NAT to translate 172.16.0.0/24 to 10.0.0.254 and that's confirmed to be working. Also on WEST, I have the following IPSec config: Local IP: 10.0.0.254 Peer IP: 10.0.0.210 local subnet: 10.0.0.254/32 remote subnet: 10.0.0.210/32 I have the reversed configuration on EAST. What happens when I make a request from machine A to 10.0.0.210:80 is that the SNAT translates the private address of machine A to 10.0.0.254 and it's routed out (and discarded at the other end) without establishing the tunnel. What I'm assuming is happening is that the inside interface on WEST receives a packet from 172.16.0.200 and since this doesn't match the local subnet defined in the tunnel configuration, it's not processed by the IPSec engine and the tunnel is not established. How do you make this work? Seems like a chicken and egg thing with the NAT and IPSec and I just can't wrap my head around how this can be done: can I say, "if a packet is received on the inside interface with a destination of 10.0.0.210, translate it to 10.0.0.254 before the IPSec engine inspects it"?

  Read the article

• Robocopy launches and then hangs/just sits there

  - by NateO

  I'm setting up an archive process to store old files on an external hard drive. The computer in question is running Windows 7 Pro 32bit. We have a server folder with 150,000+ files in it, most of which are pretty small (below 200k). I'm trying to use robocopy in a batch file to do this. It was working fine the other day, now all it does upon launch is sit there. It shows me all the options and whatnot, and also lists the number of files in the directory and the directory itself, but it never gets past that line. If I switch the destination to the local C drive, it eventually starts copying files. Is there something in my batch file that needs to change? Or could there be a problem with the external Western Digital drive that I'm using? The WD drive currently is holding about 175,000 files. Here is the one line batch file I have: robocopy "\\cgifp01\Prepress\Public\ImportedPDF" "E:\OldFiles" *.* /R:2 /W:10 /MINAGE:15 /MOV /B /XJ /XF "blank_test.pdf" Thanks for any tips or ideas. Nate

  Read the article

• Default Gateway solution on NAT'd network (best options)

  - by kwiksand

  I've recently changed a network from a bunch of machines exposed to the net on a network to a more security conscious Firewall-fronted network with a DMZ for public services. Everything's mostly working perfectly now, but I've got the old problem of NAT Loopback where a machine within the LAN wants to access a public service via the public/external IP. I've solved this problem previously in a small/SOHO environment simply using NAT loopback features of the router in use or a simple iptables rule to do the same, but I want to make sure I make the most resilient choice with the least concern. It seems I can: Use iptables as I've said to DNAT and MASQUERADE the change source/destination so the connection works correctly i.e iptables -A PREROUTING -t nat -d ip.of.eth0.here -p tcp --dport 8080 -j DNAT --to 192.168.0.201:8080 iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -p tcp --dport 8080 -d 192.168.0.201 -j MASQUERADE Use split DNS, with internal mappings for public IP's Potentially do some route nastyness by setting the Default Gateway to use a different externally exposed IP to then come back in the public route (messy) Someone mentioned putting the Default Gateway within the DMZ as well (on serverfault), but I can't find the post again. I'm sure this is a common issue for many with NAT'd networks, but I've not really seen the perfect solve all when it comes to fixing this problem. What is your opinion?

  Read the article

• Why am I seeing MailSlot Browse messages on unrouted ports of my Linux box?

  - by nmichaels

  I have a Linux box (Debian squeeze) with several NICs. The ones of interest are: eth3 - my main link to the network (dhcp on 10.20.30.0/24) eth0 - the first connection to my test network (static: 192.168.1.2) eth4 - the second connection to my test network (static: 192.168.1.1) My routing table looks like this: $ sudo route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.20.30.0 * 255.255.255.0 U 0 0 0 eth3 default 10.20.30.254 0.0.0.0 UG 0 0 0 eth3 I have the 2 test net ports connected to each other with a crossover cable and an instance of wireshark running on each port. Every once in a while, I'll see a packet like the following show up. Who could be doing this, and how do I convince them to stop? I do have Samba running on the machine (for a cifs mount) but don't see why it would be sending packets out to unrouted ports. I had a Windows VM running in VMWare Client and thought that might be causing it, but it still happens without it. What I want is totally silent interfaces so I can run some tests with Scapy over them.

  Read the article

• openvpn& iptables -- portforwarding and gateway

  - by Smith.Lai

  The problem is similar to this scenario: iptables rule still take effect after deleted Scenario: There are several clients(C1~C10) providing some services, such as SSH,HTTP..... The clients are actually a personal computer behind NAT. Their IP might be 192.168.0.x For easily access these machines through internet, I built a OpenVPN server(S1). All the C1~C10 connect to S1 with VPN address 10.8.0.x If A user(U1) wanna access C1 SSH through internet, he can connect to S1 with port "55555", and S1 port forward 55555 to 10.8.0.6:22 echo 1 /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 55555 -j DNAT --to-destination 10.8.0.6:22 It works well until I mark the following in the openvpn server.conf: I marked this because I think this will make all connection go through S1 ;push "redirect-gateway" |-------(NAT)--------| (C1)--| (INTERNET)----(U1) |-----(VPN)----(S1)--| The C1~C10 have their own path to access internet resource through NAT . The server loading would be heavy if all C1~C10 connection go through S1 (for example, C1 is sending data to C2, or C1 is downloading data from a FTP site). Is there a way to solve this quandary?

  Read the article

• How to enable Ipv6 on my ubunutu 11.04 virtual machine

  - by liv2hak

  I have installed 3 VM's on my PC.(Ubuntu 11.04).I want to setup an IPV6 network to review and test some of the IPV6 tools like NDPMonitor.(monitors ICMP messages of Neighbour Discovery Protocol.) IP v6 addresses are as follows. linux_router - fe80::a00:27ff:fed5:f7e9/64 labhack1 - fe80::a00:27ff:fed2:8bd1/64 labhack2 - fe80::a00:27ff:fed7:2f2d/64 The below commands have been run on both linux_router and labhack1. sudo ip r a 2001:468:181:f100::/64 dev eth0 sudo vim /etc/radvd.conf /file looks like below./ interface eth0 { AdvSendAdvert on; /*means that we are sending out advertisments.*/ MinRtrAdvInterval 5; /*these options control how often advertisments are sent*/ MaxRtrAdvInterval 15; /*these are not mandatory but valueable settings.*/ prefix fe80::a00:27ff::/64 { AdvOnLink on; /*Says to the host everyone sharing this prefix is on the sam local link as you.*/ AdvAutonomous on; /*Says to a host: "Use this prefix to autoconfigure your address"*/ }; }; sudo sysctl -w net.ipv6.conf.all.forwarding=1 I try to do a ping6 -I eth0 fe80::a00:27ff:fed5:f7e9 I get Destination unreachable: Address unreachable.I am not sure what I am doing wrong here.I am a beginner at linux administration.Basically I think I am missing whatever is analogous to physically connecting VM's.Any help that would point me in the right direction would be greatly appreciated.

  Read the article

• What are the attack vectors for passwords sent over http?

  - by KevinM

  I am trying to convince a customer to pay for SSL for a web site that requires login. I want to make sure I correctly understand the major scenarios in which someone can see the passwords that are being sent. My understanding is that at any of the hops along the way can use a packet analyzer to view what is being sent. This seems to require that any hacker (or their malware/botnet) be on the same subnet as any of the hops the packet takes to arrive at its destination. Is that right? Assuming some flavor of this subnet requirement holds true, do I need to worry about all the hops or just the first one? The first one I can obviously worry about if they're on a public Wifi network since anyone could be listening in. Should I be worried about what's going on in subnets that packets will travel across outside this? I don't know a ton about network traffic, but I would assume it's flowing through data centers of major carriers and there's not a lot of juicy attack vectors there, but please correct me if I am wrong. Are there other vectors to be worried about outside of someone listening with a packet analyzer? I am a networking and security noob, so please feel free to set me straight if I am using the wrong terminology in any of this.

  Read the article

• IPSec for LAN traffic: Basic considerations?

  - by chris_l

  This is a follow-up to my Encrypting absolutely everything... question. Important: This is not about the more usual IPSec setup, where you want to encrypt traffic between two LANs. My basic goal is to encrypt all traffic within a small company's LAN. One solution could be IPSec. I have just started to learn about IPSec, and before I decide on using it and dive in more deeply, I'd like to get an overview of how this could look like. Is there good cross-platform support? It must work on Linux, MacOS X and Windows clients, Linux servers, and it shouldn't require expensive network hardware. Can I enable IPSec for an entire machine (so there can be no other traffic incoming/outgoing), or for a network interface, or is it determined by firewall settings for individual ports/...? Can I easily ban non-IPSec IP packets? And also "Mallory's evil" IPSec traffic that is signed by some key, but not ours? My ideal conception is to make it impossible to have any such IP traffic on the LAN. For LAN-internal traffic: I would choose "ESP with authentication (no AH)", AES-256, in "Transport mode". Is this a reasonable decision? For LAN-Internet traffic: How would it work with the internet gateway? Would I use "Tunnel mode" to create an IPSec tunnel from each machine to the gateway? Or could I also use "Transport mode" to the gateway? The reason I ask is, that the gateway would have to be able to decrypt packages coming from the LAN, so it will need the keys to do that. Is that possible, if the destination address isn't the gateway's address? Or would I have to use a proxy in this case? Is there anything else I should consider? I really just need a quick overview of these things, not very detailed instructions.

  Read the article

< Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >