Search Results

Search found 4275 results on 171 pages for 'accept'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 75/171 | < Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82  | Next Page >

  • Varnish 3.0.2 to Apache2 sometimes return error 503

    - by Ronnie Jespersen
    Hey guys I hope you can help me out here. I have an Ngingx parsing http and https to a varnish cache(3.0.2). From the varnish it is sent to apache2. Now I have for some time been tracking some strange 503 errors. But I cant seem to find the silver bullet. Currently I am logging the 503 errors through varnish this way: sudo varnishlog -c -m TxStatus:503 >> /home/rj/varnishlog503.log and then referring to the apache access log to see if any 503 requests have been handled. Today I had a health check from the firewall that failed: 20 SessionOpen c 127.0.0.1 34319 :8081 20 ReqStart c 127.0.0.1 34319 607335635 20 RxRequest c HEAD 20 RxURL c /health-check 20 RxProtocol c HTTP/1.0 20 RxHeader c X-Real-IP: 192.168.3.254 20 RxHeader c Host: 192.168.3.189 20 RxHeader c X-Forwarded-For: 192.168.3.254 20 RxHeader c Connection: close 20 RxHeader c User-Agent: Astaro Service Monitor 0.9 20 RxHeader c Accept: */* 20 VCL_call c recv lookup 20 VCL_call c hash 20 Hash c /health-check 20 VCL_return c hash 20 VCL_call c miss fetch 20 Backend c 33 aurum aurum 20 FetchError c http first read error: -1 11 (No error recorded) 20 VCL_call c error deliver 20 VCL_call c deliver deliver 20 TxProtocol c HTTP/1.1 20 TxStatus c 503 20 TxResponse c Service Unavailable 20 TxHeader c Server: Varnish 20 TxHeader c Content-Type: text/html; charset=utf-8 20 TxHeader c Retry-After: 5 20 TxHeader c Content-Length: 879 20 TxHeader c Accept-Ranges: bytes 20 TxHeader c Date: Wed, 06 Jun 2012 12:35:12 GMT 20 TxHeader c X-Varnish: 607335635 20 TxHeader c Age: 60 20 TxHeader c Via: 1.1 varnish 20 TxHeader c Connection: close 20 Length c 879 20 ReqEnd c 607335635 1338986052.649786949 1338986112.648169994 0.000160217 59.997980356 0.000402689 Now the backend server (apache) does not have any 503 error in the access log at this point. So I am confused. Is this varnish throwing a 503 because it thinks apache is to slow? There is a lot traffic coming through at this point so I know the server is up and running. I do have other 503 error codes with posts and gets so there is really no pattern. It seems to be at random times and random requests. Even in the morning when the server dosen't seem to be doing anything. I do see another pattern in the log: 4 VCL_call c recv pass 4 VCL_call c hash 4 Hash c /?id=412 4 VCL_return c hash 4 VCL_call c pass pass 4 FetchError c no backend connection 4 VCL_call c error deliver 4 VCL_call c deliver deliver Here fetcherror says "no backend connection". A summery of the FetchErrors in todays log: 16 FetchError c http first read error: -1 11 (No error recorded) 5 FetchError c http first read error: -1 11 (No error recorded) 4 FetchError c http first read error: -1 11 (No error recorded) 19 FetchError c http first read error: -1 11 (No error recorded) 5 FetchError c http first read error: -1 11 (No error recorded) 23 FetchError c http first read error: -1 11 (No error recorded) 24 FetchError c http first read error: -1 11 (No error recorded) 16 FetchError c http first read error: -1 11 (No error recorded) 6 FetchError c http first read error: -1 11 (No error recorded) 4 FetchError c http first read error: -1 11 (No error recorded) 5 FetchError c http first read error: -1 11 (No error recorded) 4 FetchError c http first read error: -1 11 (No error recorded) 4 FetchError c http first read error: -1 11 (No error recorded) 22 FetchError c http first read error: -1 11 (No error recorded) 6 FetchError c http first read error: -1 11 (No error recorded) 21 FetchError c http first read error: -1 11 (No error recorded) 26 FetchError c no backend connection 4 FetchError c no backend connection 20 FetchError c http first read error: -1 11 (No error recorded) 39 FetchError c http first read error: -1 11 (No error recorded) I haven't changed the default timeout values for varnish. This is my configuration for one of the backend servers. backend xenon { .host = "192.168.3.187"; .port = "80"; .probe = { .url = "/health-check/"; .interval = 3s; .window = 5; .threshold = 2; } } I'm running prefork module on apache2 with this configuration <IfModule mpm_prefork_module> StartServers 1 MinSpareServers 2 MaxSpareServers 5 MaxClients 200 MaxRequestsPerChild 75 </IfModule> and only PHP files is sent to the server. Every other static file is handled by Nginx. Any ideas? ------- EDIT -------------- Some more debuging information I have run a varnishadm debug.health Backend radon is Healthy Current states good: 5 threshold: 2 window: 5 Average responsetime of good probes: 0.002560 Oldest Newest ================================================================ 4444444444444444444444444444444444444444444444444444444444444444 Good IPv4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Good Xmit RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR Good Recv HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH Happy Backend xenon is Healthy Current states good: 5 threshold: 2 window: 5 Average responsetime of good probes: 0.002760 Oldest Newest ================================================================ 4444444444444444444444444444444444444444444444444444444444444444 Good IPv4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Good Xmit RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR Good Recv HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH Happy Backend iridium is Healthy Current states good: 5 threshold: 2 window: 5 Average responsetime of good probes: 0.000849 Oldest Newest ================================================================ 4444444444444444444444444444444444444444444444444444444444444444 Good IPv4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Good Xmit RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR Good Recv HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH Happy Backend aurum is Healthy Current states good: 5 threshold: 2 window: 5 Average responsetime of good probes: 0.002100 Oldest Newest ================================================================ 4444444444444444444444444444444444444444444444444444444444444444 Good IPv4 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Good Xmit RRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR Good Recv HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHH Happy And I have been monitoring varnishstat from the two load balancers 3224774 3.99 2.61 backend_conn - Backend conn. success 27 0.00 0.00 backend_unhealthy - Backend conn. not attempted 63 0.00 0.00 backend_fail - Backend conn. failures 358798 0.00 0.29 backend_reuse - Backend conn. reuses 21035 0.00 0.02 backend_toolate - Backend conn. was closed 379834 0.00 0.31 backend_recycle - Backend conn. recycles 26 0.00 0.00 backend_retry - Backend conn. retry 3217751 5.99 2.61 backend_conn - Backend conn. success 32 0.00 0.00 backend_fail - Backend conn. failures 364185 0.00 0.30 backend_reuse - Backend conn. reuses 27077 0.00 0.02 backend_toolate - Backend conn. was closed 391263 0.00 0.32 backend_recycle - Backend conn. recycles 36 0.00 0.00 backend_retry - Backend conn. retry Notice that none of them have reported backend_fail. /Ronnie

    Read the article

  • Set-up SSHD to handle multiple key pairs.

    - by Warlax
    Hey guys, I am trying to set up my sshd to accept users that do not have a system user account. My approach is to use DSA public/private key pairs. I generated a key pair: $ ssh-keygen -t dsa I copied id_dsa.pub to the server machine where sshd runs. I appended the line from id_dsa.pub to ~/.ssh/authorized_keys of the single existing system user account I will use for every 'external' user. I tried to ssh as the 'external' user into the machine where I set-up the authorized_keys and failed miserably. What am I missing here? Thanks.

    Read the article

  • How to test if SYN and FIN are both dropped at the same time in hping3?

    - by snow
    One of the rules to prevent unexpected attack is to prevent SYN & FIN being used together. SYN and FIN are both set $IPT -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP How do I use hping to test if this iptable rule works? hping3 192.168.7.0 --keep -S -F??? Is this complete? When just type iptables -L, it shows: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN WHY do I need to put the "SYN,FIN" twice before drop? Is it because one for source and one for destination?

    Read the article

  • Relay thru external SMTP server on Exchange 2010

    - by MadBoy
    My client has dynamic IP on which he hosts Exchange 2010 with POP3 Connector running and gathering emails from his current hosting. Until he gets static IP he wants to send emails out. This will work most of the time but some servers won't accept such email sent by Exchange (from dynamic ip due to multiple reasons) so I would like to make a relay thru external SMTP server which hosts current mailboxes. Normally SMTP server could be set up to allow relay thru it but this would require static IP to be allowed on that server so it would know which IP is allowed to relay thru it. Or is there a way to setup relay in Exchange 2010 so it can use dynamic IP and kinda authenticates with user/password itself on the hosted server?

    Read the article

  • path problem with mod_rewrite, XDebug, PDT, XAMPP and Windows XP

    - by Delirium tremens
    My mod_rewrite turns accounts/create into index.php?folder=accounts&action=create, but pdt ignores it, so when I try to start a PHP Script debug session, I have to type a folder location in the file field and pdt doesn't accept. When PDT auto generates the URL for the PHP Web Page debug session, I go to http://localhost/myframe/index.php?XDEBUG%5FSESSION%5FSTART=ECLIPSE%5FDBGP&KEY=12569067976875, but myframe is in the frameworks folder, so I get a 404 error. When I check a breakpoint, uncheck Auto Generate, add frameworks before myframe in URL, set Start Debug from http://localhost/frameworks/myframe/accounts/create in Advanced and click Debug, the debugger doesn't stop at the breakpoint.

    Read the article

  • SSL and mod_rewrite error

    - by wnoveno
    Hi, I have https on my site. Pages with rewritten URL in my site are inaccessible while direct urls (folders). here's the htaccess ## 2009-12-17 16:52 JGC [START] ## Enable http compression for this site <IfModule mod_deflate.c> SetOutputFilter DEFLATE ## Directive "DeflateCompressionLevel" not allowed in .htaccess, only valid in server config and virtual hosts # DeflateCompressionLevel 9 # file-types indicated will not be compressed SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary SetEnvIfNoCase Request_URI \.(?:swf|flv|pdf)$ no-gzip dont-vary SetEnvIfNoCase Request_URI \.(?:exe|t?gz|zip|gz2|sit|rar)$ no-gzip dont-vary <IfModule mod_headers.c> Header append Vary User-Agent </IfModule> </IfModule> ## 2009-12-17 16:52 JGC [END] ## 2010-03-05 16:05 JGC [START] #<IfModule mod_alias.c> #RedirectMatch 301 ^(/)$ /online-casino-poker-register.html #RedirectMatch 301 ^(/en)$ /en/online-casino-poker-register.html #RedirectMatch 301 ^(/en/)$ /en/online-casino-poker-register.html #RedirectMatch 301 ^(/en\.html)$ /en/online-casino-poker-register.html #RedirectMatch 301 ^(/sc)$ /sc/online-casino-poker-register.html #RedirectMatch 301 ^(/sc/)$ /sc/online-casino-poker-register.html #RedirectMatch 301 ^(/sc\.html)$ /sc/online-casino-poker-register.html #RedirectMatch 301 ^(/ch)$ /ch/online-casino-poker-register.html #RedirectMatch 301 ^(/ch/)$ /ch/online-casino-poker-register.html #RedirectMatch 301 ^(/ch\.html)$ /ch/online-casino-poker-register.html #</IfModule> ## 2010-03-05 16:05 JGC [END] ## # @version $Id: htaccess.txt 10492 2008-07-02 06:38:28Z ircmaxell $ # @package Joomla # @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved. # @license http://www.gnu.org/copyleft/gpl.html GNU/GPL # Joomla! is Free Software ## ##################################################### # READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE # # The line just below this section: 'Options +FollowSymLinks' may cause problems # with some server configurations. It is required for use of mod_rewrite, but may already # be set by your server administrator in a way that dissallows changing it in # your .htaccess file. If using it causes your server to error out, comment it out (add # to # beginning of line), reload your site in your browser and test your sef url's. If they work, # it has been set by your server administrator and you do not need it set here. # ##################################################### ## Can be commented out if causes errors, see notes above. Options +FollowSymLinks # # mod_rewrite in use RewriteEngine On #RewriteLog "/var/www/html/dafa888/rewrite.log" #RewriteLogLevel 3 RewriteCond %{HTTP_COOKIE} !jfcookie\[lang\] [NC] RewriteCond %{HTTP:Accept-Language} ^zh-cn [NC] RewriteRule ^$ /sc/ [L,R=301] RewriteCond %{HTTP_COOKIE} !jfcookie\[lang\] [NC] RewriteCond %{HTTP:Accept-Language} ^zh-tw [NC] RewriteRule ^$ /ch/ [L,R=301] #RewriteCond %{HTTP_COOKIE} !jfcookie[lang] [NC] #RewriteCond %{HTTP_COOKIE} jfcookie\[lang\] [NC] #RewriteCond %{HTTP_COOKIE} jfcookie\[lang\]=([^;]+) [NC] #RewriteRule ^(.*)$ /%1/$1 [NC,QSA] ########## Begin - Rewrite rules to block out some common exploits ## If you experience problems on your site block out the operations listed below ## This attempts to block the most common type of exploit `attempts` to Joomla! # # Block out any script trying to set a mosConfig value through the URL RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR] # Block out any script trying to base64_encode crap to send via URL RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR] # Block out any script that includes a <script> tag in URL RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR] # Block out any script trying to set a PHP GLOBALS variable via URL RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR] # Block out any script trying to modify a _REQUEST variable via URL RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2}) # Send all blocked request to homepage with 403 Forbidden error! RewriteRule ^(.*)$ index.php [F,L] # ########## End - Rewrite rules to block out some common exploits # Uncomment following line if your webserver's URL # is not directly related to physical file paths. # Update Your Joomla! Directory (just / for root) RewriteBase / #RewriteCond %{HTTP_HOST} ^(.*)$ [NC] #RewriteRule ^(.*)$ http://www.%1/$1 [R=301] ########## Begin - Joomla! core SEF Section # RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_URI} !^/index.php RewriteCond %{REQUEST_URI} (/|\.php|\.html|\.htm|\.feed|\.pdf|\.raw|/[^.]*)$ [NC] RewriteRule (.*) index.php RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization},L] # ########## End - Joomla! core SEF Section

    Read the article

  • PLesk Error: pmm-ras error (Error code = -6): during restore.. /tmp folder to increase?

    - by eric
    I had to re-install plesk on a centos 6 system after a crash. The full backup file is 11 gb. but at the beginning of the backup reinstall I get the error Error: pmm-ras error (Error code = -6): argh ! my disk organization is like this Filesystem Size Used Avail Use% Mounted on /dev/xvda1 3.7G 801M 2.9G 22% / /dev/mapper/vg00-usr 14G 1.5G 12G 12% /usr /dev/mapper/vg00-var 155G 14G 134G 10% /var /dev/mapper/vg00-home 3.9G 136M 3.6G 4% /home none 1000M 7.5M 993M 1% /tmp I suppose I have to increase my /tmp folder to accept the backup size,but I don't know how-to. I'm on 1&1 cloud server Thanks for your help. You can imagine the emergency of this situation...

    Read the article

  • securing server to server http post

    - by ad-inf
    Website is developed on JSF, Servlet, using apache web server. In my website, I accept data submission from few restricted websites using HTTP POST method. We exchange some secure key to ensure that correct source is sending data. But is there any way to ensure that the data is submitted from specific domain / IP address only? In application level I can check request.header('Referer') , but some proxy or firewall might hide the referer. Can this configuration done on firewall or webserver level to authenticate server to server communication? Eg. Say my website is a payment gateway website, integrated with www.abc.com. I want only abc.com to submit data. So a user using abc.com should be able to submit data to my website only through abc.com, and not any other website.

    Read the article

  • Need IP port forwarding to access an internel service running on an internal machine

    - by appleluo
    I am trying to configure iptables to do port forwarding for certain request. The scenario is like this: Login node A can be accessed from outside Compute node B that running the service can be accessed from A but not from outside. I want to set up iptables so that a request for the service on B from outside can be accessed through A. A has two ethernet ports: Internal eth0, with ip internal_A and External eth1, with ip external_A. B has 1 ethernet port, internal eth0. let's say its ip is internal_B The service listens to internal_B:5900. We open external_A:10000 for user access. I configure my iptables with the following commands: echo 1> /proc/sys/net/ipv4/ip_forward /sbin/iptables -P FORWARD ACCEPT /sbin/iptables -t nat -A POSTROUTING -j MASQUERADE /sbin/iptables -A PREROUTING -p tcp -t nat --dport 10000 -j DNAT --to-destination interal_B:5900 /sbin/iptables -A OUTPUT -p tcp -t nat -d external_A --dport 10000 -j DNAT --to-destination internal_B:5900 But it didn't work. Can anybody help me?

    Read the article

  • Prevent redirect loop in mod_rewrite

    - by user280381
    I'm writing a rule in my htaccess that basically says this: If the request is for the homepage And a cookie has not been set Rewrite the page with /addCookie.php Then in addCookie.php, we set the cookie and redirect back to the homepage. This is all fine, but if the user doesn't accept cookies, we get an infinite loop of redirects. I'm new to mod_rewrite, I've done a lot of searching, but can't break the loop. I have this so far: RewriteCond %{ENV:REDIRECT_STATUS} 200 RewriteRule .* - [S=1] RewriteCond %{REQUEST_URI} "^/$" RewriteCond %{HTTP_COOKIE} !device_detected RewriteRule ^ addCookie.php [L] Is what I'm trying to do possible? I could add a query string on the redirect from addCookie.php, but I'd much rather keep the requests identical. Any suggestions kindly welcome.

    Read the article

  • Using Ctrl-Tab to switch between tabs in Mac Terminal.app

    - by dkee
    How can I make Ctrl-Tab and Ctrl-Shift-Tab switch between tabs in Terminal.app on a Mac (OS 10.4 and 10.5 specifically)? This is how I switch tabs in Firefox and Aquamacs, and Command-Shift-[ and Command-Shift-] is too awkward to me. I am aware of this related question: .../unable-to-switch-a-tab-efficiently-in-macs-terminal* And hence the Keyboard Shortcuts section of the System Preferences, but the dialog box for Keyboard Shortcuts doesn't seem to accept Ctrl-Tab in the Keyboard Shortcut field. Is there a special keyboard sequence for inputting tabs (with modifiers) into a dialog box field on a Mac? Is there any other method that would allow me to customize Terminal.app in the way I desire? Not really a programming question, but I think the answer would be useful to other folks that program on Macs and would like to have some consistency between interfaces of different applications. Thanks! * Couldn't add the hyperlink as a new user

    Read the article

  • php file downloads instead of being processed with ajax on apache

    - by eagleon
    I have a small website where some content is displayed within a HTML tag using AJAX. The content is simply taken from another page on the same web site. However, sometimes instead of loading the parsed PHP file, the browser displays a download box instead. I downloaded the file and this is what it looks like a text file mixed with binary or gzipped data. I can't paste the binary stuff here, but here are some of the headers: Jul 2012 18:52:16 GMT Server: Apache/2 X-Powered-By: PHP/5.3.10 Content-Encoding: gzip Vary: Accept-Encoding,User-Agent Keep-Alive: timeout=1, max=95 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html HTTP/1.1 304 Not Modified Date: Sun, 01 Jul 2012 18:52:16 GMT Server: Apache/2 Connection: Keep-Alive Keep-Alive: timeout=1, max=93 ETag: "2fc857-409-4c39691c59b40" HTTP/1.1 304 Not Modified Date: Sun, 01 Jul 2012 18:52:16 GMT Server: Apache/2 Connection: Keep-Alive Keep-Alive: timeout=1, max=92 ETag: "2fc854-3e5-4c39691b65900" HTTP/1.1 304 Not Modified Date: Sun, 01 Jul 2012 18:52:16 GMT Server: Apache/2 Connection: Keep-Alive Keep-Alive: timeout=1, max=91 ETag: "2fc847-3e3-4c3969197d480" and large blocks of stuff like this: µàl]&BaËÜk#ìÏ

    Read the article

  • Is there any SMS/MMS server for LAN environment

    - by Chau Chee Yang
    I am looking for a solution to send SMS/MMS message to mobile device from desktop or browser in LAN environment. As such, it is most probably using TCP/IP protocol to transmit request/response. The server may attach to a GSM device with SIM card attached. An server application would then start accept the request from any LAN client and convey the SMS/MMS to one or more recipients. The server may log all requests for further traffic analysis in later stage. Is there any solution that able to perform what I describe here. Please advice.

    Read the article

  • How do I configure OpenVPN for accessing the internet with one NIC?

    - by Lekensteyn
    I've been trying to get OpenVPN to work for three days. After reading many questions, the HOWTO, the FAQ and even parts of a guide to Linux networking, I cannot get my an Internet connection to the Internet. I'm trying to set up a OpenVPN server on a VPS, which will be used for: secure access to the Internet bypassing port restrictions (directadmin/2222 for example) an IPv6 connection (my client does only have IPv4 connectivity, while the VPS has both IPv4 and native IPv6 connectivity) (if possible) I can connect to my server and access the machine (HTTP), but Internet connectivity fails completely. I'm using ping 8.8.8.8 for testing whether my connection works or not. Using tcpdump and iptables -t nat -A POSTROUTING -j LOG, I can confirm that the packets reach my server. If I ping to 8.8.8.8 on the VPS, I get an echo-reply from 8.8.8.8 as expected. When pinging from the client, I do not get an echo-reply. The VPS has only one NIC: etho. It runs on Xen. Summary: I want to have a secure connection between my laptop and the Internet using OpenVPN. If that works, I want to have IPv6 connectivity as well. Network setup and software: Home laptop (eth0: 192.168.2.10) (tap0: 10.8.0.2) | | (running Kubuntu 10.10; OpenVPN 2.1.0-3ubuntu1) | wifi | router/gateway (gateway 192.168.2.1) | INTERNET | VPS (eth0:1.2.3.4) (gateway, tap0: 10.8.0.1) (running Debian 6; OpenVPN 2.1.3-2) wifi and my home router should not cause problems since all traffic goes encrypted over UDP port 1194. I've turned IP forwarding on: # echo 1 > /proc/sys/net/ipv4/ip_forward iptables has been configured to allow forwarding traffic as well: iptables -F FORWARD iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -A FORWARD -j DROP I've tried each of these rules separately without luck (flushing the chains before executing): iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to 1.2.3.4 iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE route -n before (server): 1.2.3.4 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 1.2.3.4 0.0.0.0 UG 0 0 0 eth0 route -n after (server): 1.2.3.4 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 0.0.0.0 1.2.3.4 0.0.0.0 UG 0 0 0 eth0 route -n before (client): 192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 route -n after (client): 1.2.3.4 192.168.2.1 255.255.255.255 UGH 0 0 0 wlan0 10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 192.168.2.0 0.0.0.0 255.255.255.0 U 2 0 0 wlan0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 0.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tap0 128.0.0.0 10.8.0.1 128.0.0.0 UG 0 0 0 tap0 0.0.0.0 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0 SERVER config proto udp dev tap ca ca.crt cert server.crt key server.key dh dh1024.pem server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" ifconfig-pool-persist ipp.txt keepalive 10 120 tls-auth ta.key 0 comp-lzo user nobody group nobody persist-key persist-tun log-append openvpn-log verb 3 mute 10 CLIENT config dev tap proto udp remote 1.2.3.4 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server tls-auth ta.key 1 comp-lzo verb 3 mute 20 traceroute 8.8.8.8 works as expected (similar output without OpenVPN activated): 1 10.8.0.1 (10.8.0.1) 24.276 ms 26.891 ms 29.454 ms 2 gw03.sbp.directvps.nl (178.21.112.1) 31.161 ms 31.890 ms 34.458 ms 3 ge0-v0652.cr0.nik-ams.nl.as8312.net (195.210.57.105) 35.353 ms 36.874 ms 38.403 ms 4 ge0-v3900.cr0.nik-ams.nl.as8312.net (195.210.57.53) 41.311 ms 41.561 ms 43.006 ms 5 * * * 6 209.85.248.88 (209.85.248.88) 147.061 ms 36.931 ms 28.063 ms 7 216.239.49.36 (216.239.49.36) 31.109 ms 33.292 ms 216.239.49.28 (216.239.49.28) 64.723 ms 8 209.85.255.130 (209.85.255.130) 49.350 ms 209.85.255.126 (209.85.255.126) 49.619 ms 209.85.255.122 (209.85.255.122) 52.416 ms 9 google-public-dns-a.google.com (8.8.8.8) 41.266 ms 44.054 ms 44.730 ms If you have any suggestions, please comment or answer. Thanks in advance.

    Read the article

  • SSH login to Cisco switch using Rancid times out

    - by Lars
    I have a 3560 switch that I have configured to accept SSH logins, and this works fine. However I cannot get Rancid to complete the login process to any of my switches using SSH. I get a timeout error after a minute or so. Telnet logins work fine with the same username and password. Here is my rancid setup in .cloginrc: add user * {myuser} add password * {strongAccessPassword} {strongEnablePassword} add method * ssh telnet Then, when I run bin/clogin 10.10.1.10 I get: # bin/clogin 10.10.1.10 10.10.1.10 spawn ssh -c 3des -x -l myuser 10.10.1.10 ############################################### Please authenticate. ############################################### Password: Error: TIMEOUT reached Again, when I do this using telnet as my preferred mothod in .cloginrc, it works without issue.

    Read the article

  • How do I make an exe into a service on Windows?

    - by user3677994
    I recently made an application that has multiple parts. One of the parts is a networking tool - it always starts with the OS, and it never displays any sort of message. It does, however, start an incredibly irritating console, which is impossible to get rid of without closing the program itself (please just accept this one as given). I have decided to work around this problem by starting the program (it's a *.exe) as a service, thus stopping it from showing up at all. As the application will be distributed to various computers (hence the need for a networking tool in the first place). I need a way to make this program install as a service (so, I don't really want answers that tell me to go through a series of menus on the Control Panel or download a 3rd-party application that has to stay on whichever computer the service will run on). How can I do this?

    Read the article

  • Is there a security risk for allowing people to set their DNS so their own subdomains can be route to my server?

    - by DantheMan
    Lets say that I have a web application, built in Django and deployed with Nginx. Is it a good idea to offer a service that allows customers to request that a subdomain can be pointed at it. I figured this: If I dont allow this, then some companies wont want to access the service from http://mydjangoappmadeupname.com/bigcorporation/ They would rather access it through http://service.bigcorporation.com That would effectively mask that they are using an outside resource. Is there a significant risk that I am overlooking? Also do you think it would be easier to just set things up in Django to handle it, allowing Nginx to accept all domains and then pushing them to Django which would filter out if they are allowed or not, or would it be better to just update my Nginx log each time a client wanted this changed?

    Read the article

  • Help about NAT with virtual server

    - by Thanh Tran
    I have a dedicated server running Linux CentOS 5.3 with 2 IP addresses. I've installed a virtual machine using VMware Server. The host and the guest have a host-only network. Now I want to map the 2nd IP address to the virtual machine so that it can run as a second dedicated server for me. Here is what I do: modprobe iptable_nat echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t filter -A FORWARD -s 192.168.78.128 -d 64.85.164.184 -j ACCEPT iptables -t nat -A PREROUTING -d 64.85.164.184 -i eth0 -j DNAT --to-destination 192.168.78.128 iptables -t nat -A POSTROUTING -s 192.168.78.128 -o eth0 -j SNAT --to-source 64.85.164.184</p> But it not working as intended. What is the matter?

    Read the article

  • Hostname Problem On WHM / cPanel Installation

    - by Eray
    My CentOS 5.6 server's hostname was "centos" . And then i change it to my domain : hostname domain.com And i started to installing WHM / cPanel as explained in here : http://etwiki.cpanel.net/twiki/bin/view/AllDocumentation/InstallationGuide/InstallingCpanel It's installed very well. And the i reboot my server. After rebooting, i was execute this command for open WHM's 2087 port : iptables -I RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2087 -j ACCEPT Now i'm trying to browse domain.com:2087 i'm getting Server (centos) not found .I noticed it's forwarding to my old hostname (centos) . And then execute this command to verify me hostname hostname it's returned "centos" again. I'm not sure, why it's returned to old hostname. (I think it returned to old hostname after rebooting) . I'm changed it one more time : hostname domain.com Finally, now my hostname is domain.com . BUt still i'm getting centos server not found error. This is result of iptables -L command. P.S. : domain.com/cpanel is working

    Read the article

  • Installing XP through USB-to-IDE/SATA connector?

    - by overtherainbow
    Hello To help someone reinstall a corrupt XP install on his IDE or SATA drive in a older desktop box (hence no Vista/W7), I was thinking of asking him to bring his harddrive and meet at Starbucks, and I would install a brand new XP by connecting it to my laptop, and booting it up with the XP install CD. If someone's already used a USB-to-IDE/SATA connector such as this one by Sabrent: Does the XP CD accept installing Windows to an external IDE/SATA through USB? Does USB 2.0 provide enough power to run an external IDE/SATA drive, or do I need to provide the drive with its own power (in which case, how?)? Thank you.

    Read the article

  • How to add a 'second elbow' to an 'elbow arrow connector' in Powerpoint 2007?

    - by ricebowl
    I'm trying to put together a relatively complex flow-chart thing -as part of a University assignment (health-related, and gosh, does my university love all things Microsoft Office...). Because of the way the chart progresses I have to connect two objects with a 'double elbow' version of the 'elbow arrow connector.' I accept that perhaps this complexity means I should redesign the chart, but I've tried and failed to simplify things already. If you'll pardon my ASCII art, this is what I have: +----------------+ | 1 | | | +-------+--------+ | | +-------+--------+ /\ |2 +--------|-----/ 3\ +----------------+ \ / \/ Shape 1 should connect to shape 3, currently the line doing so passes behind shape 2. The diagram below shows what I'd prefer, and, frankly, what I need to happen. +----------------+ | 1 | | | +-------+--------+ | +-----------+ +----------------+ | /\ |2 | +--/ 3\ +----------------+ \ / \/ Having explored the various right-click options I'm either being blind and not seeing it, or...well, I'm hoping it's just me being blind and/or stupid, frankly. If anyone has any suggestions they'd be gratefully received. I'm working with WinXP and Office 2007 (at the university, I run on Ubuntu at home, which possibly explains why I'm missing something potentially simple)...

    Read the article

  • Mail server hammering

    - by Rodrigo
    I've noticed a quick increase on smtp connections coming to my server, investigating it further i figured out that there's a botnet hammering my smtp server. I've tried to stop it by adding a rule at iptables: -N SMTP-BLOCK -A SMTP-BLOCK -m limit --limit 1/m --limit-burst 3 -j LOG --log-level notice --log-prefix "iptables SMTP-BLOCK " -A SMTP-BLOCK -m recent --name SMTPBLOCK --set -j DROP -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTPBLOCK --rcheck --seconds 360 -j SMTP-BLOCK -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTP --set -A INPUT -p tcp --dport 25 -m state --state NEW -m recent --name SMTP --rcheck --seconds 60 --hitcount 3 -j SMTP-BLOCK -A INPUT -p tcp --dport 25 -m state --state NEW -j ACCEPT That would avoid them from hammering "too fast", however the problem still, there's like 5 tries per second, it's going insane, i had to incrase the maximum number of childs of sendmail/dovecot. There's too many ips to filter out manually and simply changing the smtp to another port is not practical since i got many other clients on that server. I'm using sendmail with dovecot, any ideas to have this filtered out more efficiently?

    Read the article

  • iptables forward rule not working in openwrt

    - by Udit Gupta
    I am trying to apply some iptables forwarding rules in openwrt. Here is my scenario - My server has two cards ath0 and br-lan. br-lan is connected to internet and ath0 to private network. The other m/c in n/w also has ath0 that connects with this server's ath0 and they are able to ping each other. Now, I want other m/c in network to use internet using br-lan of server so I thought of using iptables forwarding rule- Here is what I tried - Server : $ ping 1.1.1.6 // <ath0-ip of client> works fine $ iptables -A FORWARD -i ath0 -o br-lan -j ACCEPT $ /etc/init.d/firewall restart Client : $ ping 1.1.1.5 // <ath0-ip of server> works fine $ ping 132.245.244.60 // <br-lan ip of server> (not working) I am new to iptables stuff and openwrt. What I am doing wrong here ?? Any other help if anyone could suggest for my scenario Edit- m/c - machine n/w - network

    Read the article

  • Lan, vpn on Amazon EC2, how to?

    The problem is as follows: I have 2 windows2003 server instances running on the cloud. 1) How can I create a local area network from these 2 instances? 2) Assuming that I want to create a VPN network from these 2 instances, how do I do that? (I'm not very good in networking, therefor the above problem description might be incomplete or not very clear.) A detailed answer or clarification would be praised and appreciated! What I tried: 1) Setting up OpenVPN, but I got lost in the process. 2) Creating a VPN from windows2003 server in the following manner: on instance a): set up a dhcp server; set up an "accept income vpn" connection; with the followin tcp ip settings: obtain an ip from the dhcp server; on instance b): created a new vpn connection, tried to connect to intance A, using the instance A static IP but error 806 was thrown, something relate to a GRE protocol.

    Read the article

  • I/O ports vs case holes

    - by David Oneill
    I'm in the midst of building a new desktop (first time building my own). I bought MSI NF750-G55 AM3 NVIDIA nForce 750a SLI HDMI ATX motherboard, and HEC 6C28BS Black / Silver Steel ATX Mid Tower case. When they both arrived, I realized that the I/O panel on the case doesn't have the same holes that the motherboard needs. So my two questions are: 1) What should I have done? Both claim to be ATX. Do I just need to look more carefully at the pictures? 2) What should I do now? Can I just remove the whole panel (leaving empty spaces between and around the different ports? Specifically, will it cause problems to do this? (I'm looking for advice about question 1, but will accept based on question 2)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 71 72 73 74 75 76 77 78 79 80 81 82  | Next Page >