Search Results

Search found 5084 results on 204 pages for 'policy routing'.

Page 76/204 | < Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >

  • Amazon EC2 Socket connection not being accepted

    - by Joseph
    I am trying to run a java application on my EC2 instance. The application accepts socket connections on port 54321. If I try and connect to it, it times out. My Security Group is set as: TCP Port (Service) Source Action 21 0.0.0.0/0 Delete 22 (SSH) 0.0.0.0/0 Delete 80 (HTTP) 0.0.0.0/0 Delete 20393 0.0.0.0/0 Delete 54321 0.0.0.0/0 Delete Is there anything else I need to do? # iptables -nvL Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination # iptables -nvL -t nat Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination #

    Read the article

  • How do I specify a crossdomain policy file to allow Flash to grab a bitmap from an RTMP (Wowza) vide

    - by Ken Smith
    I'm trying to get a bitmap/snapshot of a Wowza video stream playing on my client, like so: var bitmapData:BitmapData = new BitmapData(view.videoPlayerComponent.width, view.videoPlayerComponent.height); bitmapData.draw(view.videoPlayerComponent); When I do this, I get this error message: SecurityError: Error #2123: Security sandbox violation: BitmapData.draw: http://localhost:51150/Resources/WRemoteWebCam.swf cannot access rtmp://localhost/videochat/smithkl42._default/. No policy files granted access. I presume the error comes from not being able to locate the appropriate crossdomain.xml file. I'm not quite sure where it's looking for it, and a wireshark sniff was inconclusive, so I've tried placing one in each of the following places: http://localhost/crossdomain.xml http://localhost:1935/crossdomain.xml http://localhost:51150/crossdomain.xml I can retrieve the file successfully from each of those three locations. (I'm pretty sure that the last one wouldn't have any effect, since it's just the location of the web site which hosts the page that hosts the .swf file, but on the off chance...) These are the contents of the file that it's grabbing in each instance: <cross-domain-policy> <allow-access-from domain="*" to-ports="*" /> </cross-domain-policy> And it's still throwing that same error message. I've also followed the instructions on the Wowza forums, to turn on StreamVideoSampleAccess in the [install]\conf[appname]\Application.xml, with no joy: <Client> <IdleFrequency>-1</IdleFrequency> <Access> <StreamReadAccess>*</StreamReadAccess> <StreamWriteAccess>*</StreamWriteAccess> <StreamAudioSampleAccess>*</StreamAudioSampleAccess> <StreamVideoSampleAccess>*</StreamVideoSampleAccess> <SharedObjectReadAccess>*</SharedObjectReadAccess> <SharedObjectWriteAccess>*</SharedObjectWriteAccess> </Access> </Client> Any thoughts?

    Read the article

  • How do I remove implementing types from GWT’s Serialization Policy?

    - by Bluu
    The opposite of this question: http://stackoverflow.com/questions/138099/how-do-i-add-a-type-to-gwts-serialization-policy-whitelist GWT is adding undesired types to the serialization policy and bloating my JS. How do I trim my GWT whitelist by hand? Or should I at all? For example, if I put the interface List on a GWT RPC service class, GWT has to generate Javascript that handles ArrayList, LinkedList, Stack, Vector, ... even though my team knows we're only ever going to return an ArrayList. I could just make the method's return type ArrayList, but I like relying on an interface rather than a specific implementation. After all, maybe one day we will switch it up and return e.g. a LinkedList. In that case, I'd like to force the GWT serialization policy to compile for only ArrayList and LinkedList. No Stacks or Vectors. These implicit restrictions have one huge downside I can think of: a new member of the team starts returning Vectors, which will be a runtime error. So besides the question in the title, what is your experience designing around this?

    Read the article

  • Disable Password Complexity/Expiration etc. Policy on Windows Server 2008

    Ad:: SharePoint 2007 Training in .NET 3.5 technologies (more information). This feed URL has been discontinued. Please update your reader's URL to : http://feeds.feedburner.com/winsmarts Read full article .... ...Did you know that DotNetSlackers also publishes .net articles written by top known .net Authors? We already have over 80 articles in several categories including Silverlight. Take a look: here.

    Read the article

  • What is the best policy for allowing clients to change email?

    - by Steve Konves
    We are developing a web application with a fairly standard registration process which requires a client/user to verify their email address before they are allowed to use the site. The site also allows users to change their email address after verification (with a re-type email field, as well). What are the pros and cons of having the user re-verify their email. Is this even needed? EDIT: Summary of answers and comments below: "Over-verification annoys people, so don't use it unless critical Use a "re-type email" field to prevent typos Beware of overwriting known good data with potentially good data Send email to old for notification; to new for verification Don't assume that the user still has access to the old email Identify impact of incorrect email if account is compromised

    Read the article

  • Block Skype on Cisco IOS

    - by ensnare
    I'm trying to block skype via policy routing but it's not working ... here's my configuration: class-map match-any block match protocol skype policy-map QoS-Priority-Input class block police 1000000 31250 31250 conform-action drop exceed-action drop violate-action drop policy-map QoS-Priority-Output class block police 1000000 31250 31250 conform-action drop exceed-action drop violate-action drop interface FastEthernet4 description WAN service-policy input QoS-Priority-Input service-policy output QoS-Priority-Output

    Read the article

  • errorCode=003001; statusCode=403; source=Throttling Policy

    - by ihoka
    Lately, in our app using IPP data services, we have encountered these errors from time to time. <RestResponse xmlns="http://www.intuit.com/sb/cdm/v2"> <Error RequestId="49f7926a9aa84cfc8289534801dee72d"> <RequestName>ErrorRequest</RequestName> <ProcessedTime>2012-12-07T10:10:59+00:00</ProcessedTime> <ErrorCode>3001</ErrorCode> <ErrorDesc>message=This client has made too many consecutive requests over too short a period of time. Please wait a short amount of time before attempting to submit again; errorCode=003001; statusCode=403; source=Throttling Policy</ErrorDesc> </Error> </RestResponse> Can't find any reference to a "Throttling Policy" or error code "3001" anywhere in the IPP documentation. Any help is appreciated.

    Read the article

  • Exposing the AnyConnect HTTPS service to outside network

    - by Maciej Swic
    We have a Cisco ASA 5505 with firmware ASA9.0(1) and ASDM 7.0(2). It is configured with a public ip address, and when trying to reach it from the outside by HTTPS for AnyConnect VPN, we get the following log output: 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Built inbound TCP connection 2889 for outside:<client-ip>/51000 (<client-ip>/51000) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Built inbound TCP connection 2890 for outside:<client-ip>/50999 (<client-ip>/50999) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Teardown TCP connection 2889 for outside:<client-ip>/51000 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Teardown TCP connection 2890 for outside:<client-ip>/50999 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency We finished the startup wizard and the anyconnect vpn wizard and here is the resulting configuration: Cryptochecksum: 12262d68 23b0d136 bb55644a 9c08f86b : Saved : Written by enable_15 at 07:08:30.519 UTC Mon Nov 12 2012 ! ASA Version 9.0(1) ! hostname vpn domain-name office.<redacted>.com enable password <redacted> encrypted passwd <redacted> encrypted names ip local pool vpn-pool 192.168.67.2-192.168.67.253 mask 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.68.250 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address <redacted> 255.255.255.248 ! ftp mode passive dns server-group DefaultDNS domain-name office.<redacted>.com object network obj_any subnet 0.0.0.0 0.0.0.0 pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu inside 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected ! object network obj_any nat (inside,outside) dynamic interface timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL http server enable http 192.168.68.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto ipsec security-association pmtu-aging infinite crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map inside_map interface inside crypto ca trustpoint _SmartCallHome_ServerCA crl configure crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=vpn proxy-ldc-issuer crl configure crypto ca trustpool policy crypto ca certificate chain _SmartCallHome_ServerCA certificate ca 6ecc7aa5a7032009b8cebcf4e952d491 <redacted> quit crypto ca certificate chain ASDM_TrustPoint0 certificate f678a050 <redacted> quit crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_TrustPoint0 telnet timeout 5 ssh 192.168.68.0 255.255.255.0 inside ssh timeout 5 console timeout 0 vpn-addr-assign local reuse-delay 60 dhcpd auto_config outside ! dhcpd address 192.168.68.254-192.168.68.254 inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ssl trust-point ASDM_TrustPoint0 inside ssl trust-point ASDM_TrustPoint0 outside webvpn enable outside enable inside anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 1 anyconnect image disk0:/anyconnect-linux-3.1.01065-k9.pkg 2 anyconnect image disk0:/anyconnect-macosx-i386-3.1.01065-k9.pkg 3 anyconnect profiles GM-AnyConnect_client_profile disk0:/GM-AnyConnect_client_profile.xml anyconnect enable tunnel-group-list enable group-policy GroupPolicy_GM-AnyConnect internal group-policy GroupPolicy_GM-AnyConnect attributes wins-server none dns-server value 192.168.68.254 vpn-tunnel-protocol ikev2 ssl-client default-domain value office.<redacted>.com webvpn anyconnect profiles value GM-AnyConnect_client_profile type user username <redacted> password <redacted> encrypted tunnel-group GM-AnyConnect type remote-access tunnel-group GM-AnyConnect general-attributes address-pool vpn-pool default-group-policy GroupPolicy_GM-AnyConnect tunnel-group GM-AnyConnect webvpn-attributes group-alias GM-AnyConnect enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global prompt hostname context call-home reporting anonymous Cryptochecksum:12262d6823b0d136bb55644a9c08f86b : end Clearly we are missing something, but the question is, what?

    Read the article

  • How to set the network profile of Windows 7 via group policy?

    - by Ricket
    We are deploying client computers and in testing noticed that the first time the user logs into the computer, it asks them if the location is a home, work, or public location. We are worried that some users in our workplace might misread it (or not read it at all) and click Public, thus likely denying our access to the computer and messing up security settings and such. Can we set our network to be a "Work Network" location via group policy or some other mechanism of our Windows Domain so that the user is not prompted when connected to our network? Also these are laptops, so we don't want every network they connect to be set as work network, and we have several access points (wired and three wireless) which our users often switch between so I'm not yet sure if it reprompts with each access point but I have the feeling it will, and I would like all of these to be set to the Work profile type.

    Read the article

  • Windows 7: How to enable firewall disabled by global policy on a computer joined to a domain?

    - by kzen
    On a Windows 7 Enterprise 64-bit laptop joined to a corporate domain, the Windows Firewall is disabled by a global policy. Is there any way to enable the Windows Firewall in this scenario? The gpedit.msc setting Windows Firewall: Protect all network connections is inaccessible. EDIT: It appears that changing HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\gpsvc\Start value to 4 will disable the GPO and allow you to start the firewall and stop the bots from pushing cr*p to your computer... will check on Monday and if it works I'll confirm here in case someone else in my situation wonders upon this question... EDIT: It's probably better if I write a mock windows service not doing anything and name it according to what is expected to be on my box and than crete mock McCrappy executable and mock McCrappy folder structure and remove all the actual stuff... That would take a little time but would most certainly make my box completely stealthy...

    Read the article

  • Cisco ASA dropping IPsec VPN between istself and CentOS server

    - by sebelk
    Currently we're trying to set up an IPsec VPN between a Cisco ASA Version 8.0(4) and a CentOS Linux server. The tunnel comes up successfully, but for some reason that we can't figure out, the firewall is dropping packets from the VPN. The IPsec settings in the ASA sre as follows: crypto ipsec transform-set up-transform-set esp-3des esp-md5-hmac crypto ipsec transform-set up-transform-set2 esp-3des esp-sha-hmac crypto ipsec transform-set up-transform-set3 esp-aes esp-md5-hmac crypto ipsec transform-set up-transform-set4 esp-aes esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map linuxserver 10 match address filtro-encrypt-linuxserver crypto map linuxserver 10 set peer linuxserver crypto map linuxserver 10 set transform-set up-transform-set2 up-transform-set3 up-transform-set4 crypto map linuxserver 10 set security-association lifetime seconds 28800 crypto map linuxserver 10 set security-association lifetime kilobytes 4608000 crypto map linuxserver interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption aes hash sha group 2 lifetime 28800 crypto isakmp policy 2 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 crypto isakmp policy 3 authentication pre-share encryption aes-256 hash md5 group 2 lifetime 86400 crypto isakmp policy 4 authentication pre-share encryption aes-192 hash sha group 2 lifetime 86400 crypto isakmp policy 5 authentication pre-share encryption aes-192 hash md5 group 2 group-policy linuxserverip internal group-policy linuxserverip attributes vpn-filter value filtro-linuxserverip tunnel-group linuxserverip type ipsec-l2l tunnel-group linuxserverip general-attributes default-group-policy linuxserverip tunnel-group linuxserverip ipsec-attributes pre-shared-key * Does anyone know where the problem is and how to fix it?

    Read the article

  • Is there an IE8 setting or policy to make it work like IE7 with respect to persistent connections?

    - by Stephen Pace
    I am working with a commercial application running on XP using IIS 5.1. Periodically the application is returning an IIS error "There are too many people accessing the Web site at this time." This is caused by Microsoft artificially limiting the number of connections (10) under IIS 5.1 under Windows XP, but in this case, there is really only one user (albeit a few tabs open at a time). Microsoft suggests you can reduce the problem by turning off HTTP Keep-Alives for that particular web site: http://support.microsoft.com/kb/262635 If you use IIS 5.0 on Windows 2000 Professional or IIS 5.1 on Microsoft Windows XP Professional, disable HTTP keep-alives in the properties of the Web site. When you do this, a limit of 10 concurrent connections still exists, but IIS does not maintain connections for inactive users. I may do that; however, I'm worried about performance degradation. However, I also notice that IE8 appears to handle this differently than IE7. By default, IE6 and IE7 use 2 persistent connections while IE8 uses 6. Perhaps in this case IE8 itself is generating multiple connections in an attempt to be faster, but those additional connections are overwhelming the artificially limited IIS 5.1 on XP? Assuming that is the case, is there an Internet Explorer option, registry setting, or policy I can set to force IE8 to behave like IE7 with respect to persistent connections? I would not set this for all users, but for the small number of users that used this application, it might solve their intermittent problem until the application can be rehosted on Windows Server 2008. Thanks.

    Read the article

  • Huawei E3276 LTE uplink slow in the routing Ubuntu, but not with other devices in the LAN

    - by Mytomi
    I have a Huawei E3276 LTE dongle (12d1:14fe - 12d1:1506) and a problem with the upstream speed. The problem is not only present with Ubuntu 14.04 LTS (64 bit workstation, kernel 3.16), but also with Raspbian Jessie for Raspberry PI (kernel 3.14). Upstream seems to be always limited to 5 Mbit/s whenever I check the speed from the Linux computer that I use as a LTE router. The other computers in the LAN always get about 10-15 Mbit/s upstream, even though the traffic is routed through the same Linux computer suffering from seemingly capped uplink. Downstream speed is always fine, 25 Mbit/s. I even installed Windows 7 in the same computer as Ubuntu and the speeds are 25 Mbit/s down, 15 Mbit/s up. So the problem is not with E3276 device itself or in the mobile subscription, but in the Huawei E3276 Linux compatibility. Maybe something in the kernel? I have made sure that the matter is not with iptables rules: the speed does not noticeably increase when iptables is disabled. Turning off IPv4 forwarding does not improve speed either. I'm not sure what settings and logs do help in debugging the situation. Please ask for more details, if you have a clue what might be wrong. Thanks, Mytomi

    Read the article

  • Mac OS X 10.8 VPN Server: Bypass VPN for LAN traffic (routing LAN traffic to secondary connection)

    - by Dan Robson
    I have somewhat of an odd setup for a VPN server with OS X Mountain Lion. It's essentially being used as a bridge to bypass my company's firewall to our extranet connection - certain things our team needs to do require unfettered access to the outside, and changing IT policies to allow traffic through the main firewall is just not an option. The extranet connection is provided through a Wireless-N router (let's call it Wi-Fi X). My Mac Mini server is configured with the connection to this router as the primary connection, thus unfettered access to the internet via the router. Connections to this device on the immediate subnet are possible through the LAN port, but outside the subnet things are less reliable. I was able to configure the VPN server to provide IP addresses to clients in the 192.168.11.150-192.168.11.200 range using both PPTP and L2TP, and I'm able to connect to the extranet through the VPN using the standard Mac OS X VPN client in System Preferences, however unsurprisingly, a local address (let's call it internal.company.com) returns nothing. I tried to bypass the limitation of the VPN Server by setting up Routes in the VPN settings. Our company uses 13.x.x.x for all internal traffic, instead of 10.x.x.x, so the routing table looked something like this: IP Address ---------- Subnet Mask ---------- Configuration 0.0.0.0 248.0.0.0 Private 8.0.0.0 252.0.0.0 Private 12.0.0.0 255.0.0.0 Private 13.0.0.0 255.0.0.0 Public 14.0.0.0 254.0.0.0 Private 16.0.0.0 240.0.0.0 Private 32.0.0.0 224.0.0.0 Private 64.0.0.0 192.0.0.0 Private 128.0.0.0 128.0.0.0 Private I was under the impression that if nothing was entered here, all traffic was routed through the VPN. With something entered, only traffic specifically marked to go through the VPN would go through the VPN, and all other traffic would be up to the client to access using its own default connection. This is why I had to specifically mark every subnet except 13.x.x.x as Private. My suspicion is that since I can't reach the VPN server from outside the local subnet, it's not making a connection to the main DNS server and thus can't be reached on the larger network. I'm thinking that entering hostnames like internal.company.com aren't kicked back to the client to resolve, because the server has no idea that the IP address falls in the public range, since I suspect (probably should ping test it but don't have access to it right now) that it can't reach the DNS server to find out anything about that hostname. It seems to me that all my options for resolving this all boil down to the same type of solution: Figure out how to reach the DNS with the secondary connection on the server. I'm thinking that if I'm able to do [something] to get my server to recognize that it should also check my local gateway (let's say Server IP == 13.100.100.50 and Gateway IP == 13.100.100.1). From there Gateway IP can tell me to go find DNS Server at 13.1.1.1 and give me information about my internal network. I'm very confused about this path -- really not sure if I'm even making sense. I thought about trying to do this client side, but that doesn't make sense either, since that would add time to each and every client side setup. Plus, it just seems more logical to solve it on the server - I could either get rid of my routing table altogether or keep it - I think the only difference would be that internal traffic would also go through the server - probably an unnecessary burden on it. Any help out there? Or am I in over my head? Forward proxy or transparent proxy is also an option for me, although I have no idea how to set either of those up. (I know, Google is my friend.)

    Read the article

  • Can't get results from a IQueryable.

    - by StackPointer
    Hi! I have the following code in Linq to Entity: var policy= from pol in conn.Policy where pol.Product.DESCRIPTION=="someProduct" SELECT pol; Then, the table Policy, has some dependencies for a table called Entity. If I do this: foreach(Policy p in policy){ if(!p.Entity.IsLoaded) p.Entity.Load(); IEnumerable<Entity> entities= from ent in p.Entity Where ent.EntityType.DESCRIPTION=="SomeEntityType" select ent; Console.Writeline(entities.ElementAt(0).NAME); } It says, "Object not set to an instance", but if I do: foreach(Policy p in policy){ if(!p.Entity.IsLoaded) p.Entity.Load(); foreach(Entity et in p.Entity)Console.Write(et.NAME); } It works! Can anyone tell me why? Thank you, Best regards.

    Read the article

  • How to drop all subnets outside of the US using iptables

    - by Jim
    I want to block all subnets outside the US. I've made a script that has all of the US subnets in it. I want to disallow or DROP all but my list. Can someone give me an example of how I can start by denying everything? This is the output from -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp dpt:ftp state NEW DROP icmp -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination And these are the rules iptables --F iptables --policy INPUT DROP iptables --policy FORWARD DROP iptables --policy OUTPUT ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p tcp -i eth0 --dport 21 -m state --state NEW -j ACCEPT iptables -A INPUT -p icmp -j DROP Just for clarity, with these rules, I can still connect to port 21 without my subnet list. I want to block ALL subnets and just open those inside the US.

    Read the article

  • Cisco 877 as PPPoA/PPPoE bridge (no routing) - how to make it listen to IP for management?

    - by Ingmar Hupp
    I have a Cisco 877 configured to bridge ADSL with PPPoA to PPPoE on Vlan1. This works fine, but in this mode the only way I can configure the Cisco is via the serial console. I'd like to have the Cisco also listen on an IP address so I can telnet/ssh into it. I think the right way to go about this would be via bridge irb, but I'm not sure exactly how (or if that's even the right direction). IOS is 12.4T and my current config (cut down to essentials) is: no ip routing no ip cef ! ! interface ATM0 no ip address no ip route-cache no atm ilmi-keepalive pvc 0/38 encapsulation aal5snap ! dsl operating-mode auto bridge-group 1 ! ! interface Vlan1 no ip address no ip route-cache bridge-group 1 Just setting an IP address on Vlan1 didn't have the desired effect, but surely this must be possible somehow (the Draytek Vigor 120 even does it by default).

    Read the article

  • How to configure ARR - Application Request Routing - to run both as web server and as as a gateway or proxy?

    - by Different111222
    I have this IIS7.5 with ARR installed and configured to reverse proxy to another server which is running IIS7. On that IIS7.5 I have applications and simple websites installed. Since configuring a farm, the local application doesn't run with this error message: 502 - Web server received an invalid response while acting as a gateway or proxy server. There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server. Is it even possible to run both application and routing (reverse proxy) at the same time?

    Read the article

  • Can I use static routing to allow me to use my public IP from my LAN?

    - by jnm2
    I would like to be able to use the same hostname to connect to my computer from my phone whether I'm at home or away. Currently I have to maintain duplicate entries for remote desktop, for instance. My router doesn't seem to have a NAT loopback option. I have two routers in fact, a cable modem which goes straight to my main router which does wireless. I can add to the static routing tables on each. Can I use this to loopback the public IP or do I need different routers?

    Read the article

  • How failover should work in IIS cluster with Application Request Routing?

    - by username
    I have set up several servers with IIS and connected them to the load balancer - server with installed IIS Application Request Routing. I have created a server farm and added two servers. Then I stopped IIS on the first server and tried to open my web site. It returned me an error: 502 - Web server received an invalid response while acting as a gateway or proxy server. But if instead of stopping IIS I shut down the first server, I'm getting a response from the next server which is online. The question is, what the expected behaviour should be for failover with ARR, should it switch me to the next server if IIS is stopped and server is online?

    Read the article

  • How iptables behaves on timezone change?

    - by pradipta
    I have doubt how iptables keep changing the info in iptables when timezone is change. I am using iptables s v 1.4.8 I have blocked one IP with following details # date Thu Jun 6 12:46:42 IST 2013 #iptables -A INPUT -s 10.0.3.128 -m time --datestart 2013-6-6T12:0:00 --datestop 2013-6-6T13:0:00 -j DROP # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- 10.0.3.128 anywhere TIME starting from 2013-06-06 12:00:00 until date 2013-06-06 13:00:00 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination But after I change the timezone following things happened automatically . AFTER TIME ZONE CHANGE +++++++++++++++++++++++ #date Thu Jun 6 15:17:48 HKT 2013 # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination DROP all -- 10.0.3.128 anywhere TIME starting from 2013-06-06 14:30:00 until date 2013-06-06 15:30:00 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # The time value is changed in the rule . It is changing with the timezone how. Where iptables keeps track of timezone. Kindly explain me.

    Read the article

  • How to start/stop iptables in Ubuntu 12.04?

    - by imwrng
    I am using Ubuntu 12.04 . while learning some new things about iptables i cant through this . see at the image . while i am trying to start ,its saying as root@badfox:~# iptables -L -n -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination root@badfox:~# service iptables stop iptables: unrecognized service root@badfox:~# service iptables start iptables: unrecognized service Source: http://www.cyberciti.biz/tips/linux-iptables-examples.html Why i am getting like this ? EDIT: So my firewall already started but why i am not getting the output as i mentioned in the link at source link in first workout. . Here is my output root@badfox:~# sudo start ufw start: Job is already running: ufw root@badfox:~# iptables -L -n -v Chain INPUT (policy ACCEPT 4882 packets, 2486K bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 5500 packets, 873K bytes) pkts bytes target prot opt in out source destination root@badfox:~#

    Read the article

  • How to know strong name of GWT serialization policy at the time of host page generation?

    - by Alexander Vasiljev
    There is an excellent article describing a way to embed GWT RPC payload into the host page. A key element is missing there is how to know Strong Name of RPC serialization policy at run time. Strong Name is computed at the compile time, put into the client and obfurscated. Strong name is sent to the server with RPC request as described here. What would you suggest to make this parameter available at the time of host page generation?

    Read the article

< Previous Page | 72 73 74 75 76 77 78 79 80 81 82 83  | Next Page >