Search Results

Search found 9990 results on 400 pages for 'sampler state'.

Page 77/400 | < Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >

  • L2TP iptables port forward

    - by The_cobra666
    Hi all, I'm setting up port forwarding for an L2TP VPN connection to the local Windows 2003 VPN server. The router is a simpel Debian machine with iptables. The VPN server works perfect. But I cannot log in from the WAN. I'm missing something. The VPN server is using a pre-shared key (L2TP) and give's out an IP in the range: 192.168.3.0. Local network range is 192.168.2.0/24 I added the route: with route add -net 192.168.3.0 netmask 255.255.255.240 gw 192.168.2.13 (the vpn server) iptables -t nat -A PREROUTING -p udp --dport 1701 -i eth0 -j DNAT --to 192.168.2.13 iptables -A FORWARD -p udp --dport 1701 -j ACCEPT iptables -t nat -A PREROUTING -p udp --dport 500 -i eth0 -j DNAT --to 192.168.2.13 iptables -A FORWARD -p udp --dport 500 -j ACCEPT iptables -t nat -A PREROUTING -p udp --dport 4500 -i eth0 -j DNAT --to 192.168.2.13 iptables -A FORWARD -p udp --dport 4500 -j ACCEPT iptables -t nat -A PREROUTING -p 50 -j DNAT --to 192.168.2.13 iptables -A FORWARD -p 50 -j ACCEPT iptables -t nat -A PREROUTING -p 51 -j DNAT --to 192.168.2.13 iptables -A FORWARD -p 51 -j ACCEPT The whole iptables script is (without the line's from above): echo 1 > /proc/sys/net/ipv4/ip_forward echo 1 > /proc/sys/net/ipv4/tcp_syncookies #Flush table's iptables -F INPUT iptables -F OUTPUT iptables -F FORWARD iptables -t nat -F #Drop traffic iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT #verkeer naar buiten toe laten en nat aanzetten iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE #RDP forward voor windows servers iptables -t nat -A PREROUTING -p tcp --dport 3389 -i eth0 -j DNAT --to 192.168.2.10:3389 iptables -A FORWARD -p tcp --dport 3389 -j ACCEPT iptables -t nat -A PREROUTING -p tcp --dport 3340 -i eth0 -j DNAT --to 192.168.2.12:3340 iptables -A FORWARD -p tcp --dport 3340 -j ACCEPT #toestaan SSH verkeer iptables -t nat -A PREROUTING -p tcp --dport 22 -i eth0 -j DNAT --to-destination 192.168.2.1 iptables -A INPUT -p tcp --dport 22 -j ACCEPT #toestaan verkeer loopback iptables -A INPUT -i lo -j ACCEPT #toestaan lokaal netwerk iptables -A INPUT -i eth1 -j ACCEPT #accepteren established traffic iptables -A INPUT -i eth0 --match state --state RELATED,ESTABLISHED -j ACCEPT #droppen ICMP boodschappen iptables -A INPUT -p icmp -i eth0 -m limit --limit 10/minute -j ACCEPT iptables -A INPUT -p icmp -i eth0 -j REJECT ifconfig eth1 192.168.2.1/24 ifconfig eth0 XXXXXXXXXXXXX/30 ifconfig eth0 up ifconfig eth1 up route add default gw XXXXXXXXXXXXXXXXXXX route add -net 192.168.3.0 netmask 255.255.255.240 gw 192.168.2.13

    Read the article

  • iptables syn flood countermeasure

    - by Penegal
    I'm trying to adjust my iptables firewall to increase the security of my server, and I found something a bit problematic here : I have to set INPUT policy to ACCEPT and, in addition, to have a rule saying iptables -I INPUT -i eth0 -j ACCEPT. Here comes my script (launched manually for tests) : #!/bin/sh IPT=/sbin/iptables echo "Clearing firewall rules" $IPT -F $IPT -Z $IPT -t nat -F $IPT -t nat -Z $IPT -t mangle -F $IPT -t mangle -Z $IPT -X echo "Defining logging policy for dropped packets" $IPT -N LOGDROP $IPT -A LOGDROP -j LOG -m limit --limit 5/min --log-level debug --log-prefix "iptables rejected: " $IPT -A LOGDROP -j DROP echo "Setting firewall policy" $IPT -P INPUT DROP # Deny all incoming connections $IPT -P OUTPUT ACCEPT # Allow all outgoing connections $IPT -P FORWARD DROP # Deny all forwaring echo "Allowing connections from/to lo and incoming connections from eth0" $IPT -I INPUT -i lo -j ACCEPT $IPT -I OUTPUT -o lo -j ACCEPT #$IPT -I INPUT -i eth0 -j ACCEPT echo "Setting SYN flood countermeasures" $IPT -A INPUT -p tcp -i eth0 --syn -m limit --limit 100/second --limit-burst 200 -j LOGDROP echo "Allowing outgoing traffic corresponding to already initiated connections" $IPT -A OUTPUT -p ALL -m state --state ESTABLISHED,RELATED -j ACCEPT echo "Allowing incoming SSH" $IPT -A INPUT -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH -j ACCEPT echo "Setting SSH bruteforce attacks countermeasures (deny more than 10 connections every 10 minutes)" $IPT -A INPUT -p tcp --dport 22 -m recent --update --seconds 600 --hitcount 10 --rttl --name SSH -j LOGDROP echo "Allowing incoming traffic for HTTP, SMTP, NTP, PgSQL and SolR" $IPT -A INPUT -p tcp --dport 25 -i eth0 -j ACCEPT $IPT -A INPUT -p tcp --dport 80 -i eth0 -j ACCEPT $IPT -A INPUT -p udp --dport 123 -i eth0 -j ACCEPT $IPT -A INPUT -p tcp --dport 5433 -i eth0.2654 -s 172.16.0.2 -j ACCEPT $IPT -A INPUT -p udp --dport 5433 -i eth0.2654 -s 172.16.0.2 -j ACCEPT $IPT -A INPUT -p tcp --dport 8983 -i eth0.2654 -s 172.16.0.2 -j ACCEPT $IPT -A INPUT -p udp --dport 8983 -i eth0.2654 -s 172.16.0.2 -j ACCEPT echo "Allowing outgoing traffic for ICMP, SSH, whois, SMTP, DNS, HTTP, PgSQL and SolR" $IPT -A OUTPUT -p tcp --dport 22 -j ACCEPT $IPT -A OUTPUT -p tcp --dport 25 -o eth0 -j ACCEPT $IPT -A OUTPUT -p tcp --dport 43 -o eth0 -j ACCEPT $IPT -A OUTPUT -p tcp --dport 53 -o eth0 -j ACCEPT $IPT -A OUTPUT -p udp --dport 53 -o eth0 -j ACCEPT $IPT -A OUTPUT -p tcp --dport 80 -o eth0 -j ACCEPT $IPT -A OUTPUT -p udp --dport 80 -o eth0 -j ACCEPT #$IPT -A OUTPUT -p tcp --dport 5433 -o eth0 -d 176.31.236.101 -j ACCEPT #$IPT -A OUTPUT -p udp --dport 5433 -o eth0 -d 176.31.236.101 -j ACCEPT #$IPT -A OUTPUT -p tcp --dport 8983 -o eth0 -d 176.31.236.101 -j ACCEPT #$IPT -A OUTPUT -p udp --dport 8983 -o eth0 -d 176.31.236.101 -j ACCEPT $IPT -A OUTPUT -p tcp --sport 5433 -o eth0.2654 -j ACCEPT $IPT -A OUTPUT -p udp --sport 5433 -o eth0.2654 -j ACCEPT $IPT -A OUTPUT -p tcp --sport 8983 -o eth0.2654 -j ACCEPT $IPT -A OUTPUT -p udp --sport 8983 -o eth0.2654 -j ACCEPT $IPT -A OUTPUT -p icmp -j ACCEPT echo "Allowing outgoing FTP backup" $IPT -A OUTPUT -p tcp --dport 20:21 -o eth0 -d 91.121.190.78 -j ACCEPT echo "Dropping and logging everything else" $IPT -A INPUT -s 0/0 -j LOGDROP $IPT -A OUTPUT -j LOGDROP $IPT -A FORWARD -j LOGDROP echo "Firewall loaded." echo "Maintaining new rules for 3 minutes for tests" sleep 180 $IPT -nvL echo "Clearing firewall rules" $IPT -F $IPT -Z $IPT -t nat -F $IPT -t nat -Z $IPT -t mangle -F $IPT -t mangle -Z $IPT -X $IPT -P INPUT ACCEPT $IPT -P OUTPUT ACCEPT $IPT -P FORWARD ACCEPT When I launch this script (I only have a SSH access), the shell displays every message up to Maintaining new rules for 3 minutes for tests, the server is unresponsive during the 3 minutes delay and then resume normal operations. The only solution I found until now was to set $IPT -P INPUT ACCEPT and $IPT -I INPUT -i eth0 -j ACCEPT, but this configuration does not protect me of any attack, which is a great shame for a firewall. I suspect that the error comes from my script and not from iptables, but I don't understand what's wrong with my script. Could some do-gooder explain me my error, please? EDIT: here comes the result of iptables -nvL with the "accept all input" ($IPT -P INPUT ACCEPT and $IPT -I INPUT -i eth0 -j ACCEPT) solution : Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 1 52 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 LOGDROP tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 100/sec burst 200 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW recent: SET name: SSH side: source 0 0 LOGDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 recent: UPDATE seconds: 600 hit_count: 10 TTL-Match name: SSH side: source 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 0 0 ACCEPT tcp -- eth0.2654 * 172.16.0.2 0.0.0.0/0 tcp dpt:5433 0 0 ACCEPT udp -- eth0.2654 * 172.16.0.2 0.0.0.0/0 udp dpt:5433 0 0 ACCEPT tcp -- eth0.2654 * 172.16.0.2 0.0.0.0/0 tcp dpt:8983 0 0 ACCEPT udp -- eth0.2654 * 172.16.0.2 0.0.0.0/0 udp dpt:8983 0 0 LOGDROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 LOGDROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 2 728 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:43 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 0 0 ACCEPT udp -- * eth0 0.0.0.0/0 0.0.0.0/0 udp dpt:53 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT udp -- * eth0 0.0.0.0/0 0.0.0.0/0 udp dpt:80 0 0 ACCEPT tcp -- * eth0.2654 0.0.0.0/0 0.0.0.0/0 tcp spt:5433 0 0 ACCEPT udp -- * eth0.2654 0.0.0.0/0 0.0.0.0/0 udp spt:5433 0 0 ACCEPT tcp -- * eth0.2654 0.0.0.0/0 0.0.0.0/0 tcp spt:8983 0 0 ACCEPT udp -- * eth0.2654 0.0.0.0/0 0.0.0.0/0 udp spt:8983 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 91.121.190.78 tcp dpts:20:21 0 0 LOGDROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain LOGDROP (5 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix `iptables rejected: ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 EDIT #2 : I modified my script (policy ACCEPT, defining authorized incoming packets then logging and dropping everything else) to write iptables -nvL results to a file and to allow only 10 ICMP requests per second, logging and dropping everything else. The result proved unexpected : while the server was unavailable to SSH connections, even already established, I ping-flooded it from another server, and the ping rate was restricted to 10 requests per second. During this test, I also tried to open new SSH connections, which remained unanswered until the script flushed rules. Here comes the iptables stats written after these tests : Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 600 35520 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 6 360 LOGDROP tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 100/sec burst 200 0 0 LOGDROP tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 STRING match "w00tw00t.at.ISC.SANS." ALGO name bm TO 65535 0 0 LOGDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 STRING match "Host: anoticiapb.com.br" ALGO name bm TO 65535 0 0 LOGDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 STRING match "Host: www.anoticiapb.com.br" ALGO name bm TO 65535 105 8820 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 830 69720 LOGDROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW recent: SET name: SSH side: source 0 0 LOGDROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 recent: UPDATE seconds: 600 hit_count: 10 TTL-Match name: SSH side: source 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:80 0 0 ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 0 0 ACCEPT tcp -- eth0.2654 * 172.16.0.1 0.0.0.0/0 tcp spt:5433 0 0 ACCEPT udp -- eth0.2654 * 172.16.0.1 0.0.0.0/0 udp spt:5433 0 0 ACCEPT tcp -- eth0.2654 * 172.16.0.1 0.0.0.0/0 tcp spt:8983 0 0 ACCEPT udp -- eth0.2654 * 172.16.0.1 0.0.0.0/0 udp spt:8983 16 1684 LOGDROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 LOGDROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 600 35520 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 0 0 LOGDROP tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 owner UID match 33 0 0 LOGDROP udp -- * eth0 0.0.0.0/0 0.0.0.0/0 udp dpt:80 owner UID match 33 116 11136 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 0 0 ACCEPT udp -- * eth0 0.0.0.0/0 0.0.0.0/0 udp dpt:53 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 0 0 ACCEPT udp -- * eth0 0.0.0.0/0 0.0.0.0/0 udp dpt:80 0 0 ACCEPT tcp -- * eth0.2654 0.0.0.0/0 0.0.0.0/0 tcp dpt:5433 0 0 ACCEPT udp -- * eth0.2654 0.0.0.0/0 0.0.0.0/0 udp dpt:5433 0 0 ACCEPT tcp -- * eth0.2654 0.0.0.0/0 0.0.0.0/0 tcp dpt:8983 0 0 ACCEPT udp -- * eth0.2654 0.0.0.0/0 0.0.0.0/0 udp dpt:8983 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 0.0.0.0/0 tcp dpt:43 0 0 ACCEPT tcp -- * eth0 0.0.0.0/0 91.121.190.18 tcp dpts:20:21 7 1249 LOGDROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain LOGDROP (11 references) pkts bytes target prot opt in out source destination 35 3156 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/sec burst 5 LOG flags 0 level 7 prefix `iptables rejected: ' 859 73013 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Here comes the log content added during this test : Mar 28 09:52:51 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=55666 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK URGP=0 Mar 28 09:52:51 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=55667 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK URGP=0 Mar 28 09:52:51 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=64 TOS=0x00 PREC=0x00 TTL=51 ID=55668 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK URGP=0 Mar 28 09:52:51 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=64 TOS=0x00 PREC=0x00 TTL=51 ID=55669 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK URGP=0 Mar 28 09:52:52 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=64 TOS=0x00 PREC=0x00 TTL=51 ID=55670 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK URGP=0 Mar 28 09:52:54 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=64 TOS=0x00 PREC=0x00 TTL=51 ID=55671 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK URGP=0 Mar 28 09:52:58 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=64 TOS=0x00 PREC=0x00 TTL=51 ID=55672 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK URGP=0 Mar 28 09:52:59 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=6 Mar 28 09:52:59 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=7 Mar 28 09:52:59 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=8 Mar 28 09:52:59 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=9 Mar 28 09:52:59 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=59 Mar 28 09:53:00 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=152 Mar 28 09:53:01 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=246 Mar 28 09:53:02 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=339 Mar 28 09:53:03 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=432 Mar 28 09:53:04 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=524 Mar 28 09:53:05 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=617 Mar 28 09:53:06 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=711 Mar 28 09:53:07 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=804 Mar 28 09:53:08 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=176.31.236.101 DST=176.31.238.3 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=ICMP TYPE=8 CODE=0 ID=7430 SEQ=897 Mar 28 09:53:16 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:c0:62:6b:e3:5c:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=61402 DF PROTO=TCP SPT=57637 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 Mar 28 09:53:19 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:c0:62:6b:e3:5c:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=61403 DF PROTO=TCP SPT=57637 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 Mar 28 09:53:21 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=64 TOS=0x00 PREC=0x00 TTL=51 ID=55674 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK URGP=0 Mar 28 09:53:25 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:c0:62:6b:e3:5c:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=61404 DF PROTO=TCP SPT=57637 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 Mar 28 09:53:37 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=116 TOS=0x00 PREC=0x00 TTL=51 ID=55675 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK PSH URGP=0 Mar 28 09:53:37 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=116 TOS=0x00 PREC=0x00 TTL=51 ID=55676 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK PSH URGP=0 Mar 28 09:53:37 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=180 TOS=0x00 PREC=0x00 TTL=51 ID=55677 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK PSH URGP=0 Mar 28 09:53:38 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=180 TOS=0x00 PREC=0x00 TTL=51 ID=55678 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK PSH URGP=0 Mar 28 09:53:39 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=180 TOS=0x00 PREC=0x00 TTL=51 ID=55679 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK PSH URGP=0 Mar 28 09:53:39 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:c0:62:6b:e3:5c:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=5055 DF PROTO=TCP SPT=57638 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 Mar 28 09:53:41 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=180 TOS=0x00 PREC=0x00 TTL=51 ID=55680 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK PSH URGP=0 Mar 28 09:53:42 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:c0:62:6b:e3:5c:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=5056 DF PROTO=TCP SPT=57638 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 Mar 28 09:53:45 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:10:8c:cf:28:39:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=180 TOS=0x00 PREC=0x00 TTL=51 ID=55681 DF PROTO=TCP SPT=57504 DPT=22 WINDOW=501 RES=0x00 ACK PSH URGP=0 Mar 28 09:53:48 localhost kernel: iptables rejected: IN=eth0 OUT= MAC=00:25:90:54:d7:88:c0:62:6b:e3:5c:80:08:00 SRC=194.51.74.245 DST=176.31.238.3 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=5057 DF PROTO=TCP SPT=57638 DPT=22 WINDOW=5840 RES=0x00 SYN URGP=0 If I correctly interpreted these results, they say that ICMP rules were correctly interpreted by iptables, but SSH rules were not. This does not make any sense... Does somebody understand where my error comes from? EDIT #3 : After some more tests, I found out that commenting the SYN flood countermeasure removes the problem. I continue researches in this way but, meanwhile, if somebody sees my anti SYN flood rule error...

    Read the article

  • Auditing events 4656 and 4658 on Windows folder on Server 2008

    - by PCurd
    During an overnight system state backup we are seeing thousands of success audit events (4656, 4658) on the folder c:\windows\servicing, system32 and others in the windows folder. We use file success auditing on some files so I can't disable it but this deluge is filling up the logs and making reporting tricky. What is the harm of changing the auditing settings on the windows folder? What are the recommended settings to put on the files for those people doing system state backups? Thanks,

    Read the article

  • centos iptables, restrict tcp port to specific ips

    - by user788171
    I would like to modify the iptables on my CentOS 5.8 server so that only specific ips can connect to the machine on a specific port. Currently, I have the following in my iptables file: -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5000 -j ACCEPT How would I modify that line if I wanted to allow access for only ips 1.1.1.1 and 1.1.1.2 for instance? (they might not necessarily be sequential ips when I do this for reals).

    Read the article

  • OpenBSD pf 'match in all scrub (no-df)' causes HTTPS to be unreachable on mobile network

    - by Frank ter V.
    First of all: excuse me for my poor usage of the English language. For several years I'm experiencing problems with the 'match in all scrub (no-df)' rule in pf. I can't find out what's happening here. I'll try to be clear and simple. The pf.conf has been extremely shortened for this forum posting. Here is my pf.conf: set skip on lo0 match in all scrub (no-df) block all block in quick from urpf-failed pass in on em0 proto tcp from any to 213.125.xxx.xxx port 80 synproxy state pass in on em0 proto tcp from any to 213.125.xxx.xxx port 443 synproxy state pass out on em0 from 213.125.xxx.xxx to any modulate state HTTP and HTTPS are working fine. Until the moment a customer in France (Wanadoo DSL) couldn't view HTTPS pages! I blamed his provider and did no investigation on that problem. But then... I bought an Android Samsung Galaxy SII (Vodafone) to monitor my servers. Hours after I walked out of the telephone store: no HTTPS-connections on my server! I thought my servers were down, drove back to the office very fast. But they were up. I discovered that disabling the rule match in all scrub (no-df) solves the problem. Android phone (Vodafone NL) and Wanadoo DSL FR are now OK on HTTPS. But now I don't have any scrubbing anymore. This is not what I want. Does anyone here understand what is going on? I don't. Enabling scrubbing causes HTTPS webpages not to be loaded on SOME ISP's, but not all. In systat, I strangely DO see a state created and packets received from those ISP's... Still confused. I'm using OpenBSD 5.1/amd64 and OpenBSD 5.0/i386. I have two ISP's at my office (one DSL and one cable). Affects both. This can be reproduced quite easily. I hope someone has experience with this problem. Greetings, Frank

    Read the article

  • Secure openVPN using IPTABLES

    - by bob franklin smith harriet
    Hey, I setup an openVPN server and it works ok. The next step is to secure it, I opted to use IPTABLES to only allow certain connections through but so far it is not working. I want to enable access to the network behind my openVPN server, and allow other services (web access), when iptables is disabaled or set to allow all this works fine, when using my following rules it does not. also note, I already configured openVPN itself to do what i want and it works fine, its only failing when iptables is started. Any help to tell me why this isnt working will appreciated here. These are the lines that I added in accordance with openVPN's recommendations, unfortunately testing these commands shows that they are requiered, they seem incredibly insecure though, any way to get around using them? # Allow TUN interface connections to OpenVPN server -A INPUT -i tun+ -j ACCEPT #allow TUN interface connections to be forwarded through other interfaces -A FORWARD -i tun+ -j ACCEPT # Allow TAP interface connections to OpenVPN server -A INPUT -i tap+ -j ACCEPT # Allow TAP interface connections to be forwarded through other interfaces -A FORWARD -i tap+ -j ACCEPT These are the new chains and commands i added to restrict access as much as possible unfortunately with these enabled, all that happens is the openVPN connection establishes fine, and then there is no access to the rest of the network behind the openVPN server note I am configuring the main iptables file and I am paranoid so all ports and ip addresses are altered, and -N etc appears before this so ignore that they dont appear. and i added some explanations of what i 'intended' these rules to do, so you dont waste time figuring out where i went wrong : 4 #accepts the vpn over port 1192 -A INPUT -p udp -m udp --dport 1192 -j ACCEPT -A INPUT -j INPUT-FIREWALL -A OUTPUT -j ACCEPT #packets that are to be forwarded from 10.10.1.0 network (all open vpn clients) to the internal network (192.168.5.0) jump to [sic]foward-firewall chain -A FORWARD -s 10.10.1.0/24 -d 192.168.5.0/24 -j FOWARD-FIREWALL #same as above, except for a different internal network -A FORWARD -s 10.10.1.0/24 -d 10.100.5.0/24 -j FOWARD-FIREWALL # reject any not from either of those two ranges -A FORWARD -j REJECT -A INPUT-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT-FIREWALL -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT-FIREWALL -j REJECT -A FOWARD-FIREWALL -m state --state RELATED,ESTABLISHED -j ACCEPT #80 443 and 53 are accepted -A FOWARD-FIREWALL -m tcp -p tcp --dport 80 -j ACCEPT -A FOWARD-FIREWALL -m tcp -p tcp --dport 443 -j ACCEPT #192.168.5.150 = openVPN sever -A FOWARD-FIREWALL -m tcp -p tcp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -m udp -p udp -d 192.168.5.150 --dport 53 -j ACCEPT -A FOWARD-FIREWALL -j REJECT COMMIT now I wait :D

    Read the article

  • Looking for a NTP Server Software for Windows

    - by Simon
    I'm looking for a, preferably free, NTP Server for Windows Server 2003/2008. We have already tried the built in Windows Time Server, but our tests did show that it is not very accurate, we see time differences up to 500ms. The max time difference we can allow for our application is ~100ms. Now we have already used the Meinberg NTPd for Windows. It works great except we have one big issue with it: If there is a network connection problem between the client and server, the ntp server is in a panic state It won't give the client a new time until we restart the ntp service. This is a big issue which has caused us some trouble. It was working fine for months until there was a network problem we didn't notice, we only noticed it after a week when the time difference was already 30 sec. on the clients. So please suggest some alternative NTP Server for windows. I did Google but I get a lot of unrelated search results. Edit: So far the ntpd windows version was very accurate and I'd like to stick with it. The only problem is the "panic state" after a network disconnect. Maybe some knows here what the cause of this is and how to fix it. Also, I forgot to mention that we have a server/client setup like this: Server1 -- Server2 -- Server3 -- Client1 -- Client2 -- Client3 So Server2 gets its time from Server1, Server3 gets its time from Server2, and the Clients get their time from Server3. Also, there are clients connected directly to Server2. It is important that all Servers and Clients have the exact same time (within ~100ms) Now there was a network problem with Server3 and its clients. The servers run the ntpd port for Windows, which acts as NTP server and client. The clients have Dimension4 as NTP client. After the network problem, the error message in D4 was something like this (out the top of my head, don't have the exact error message): Server response: The server is in a panic state (could not sync clock) I read through the ntpd docs, and the only mention of "panic" is when the time difference is 10000 seconds which will cause to exit the ntpd server but this was not the case. Also there is a "-g" command line switch to disable the panic exit, but it is already set by default. Any ideas what could cause the panic state and how to get rid of it next time?

    Read the article

  • FreeBSD jail with IPFW with loopback - unable to connect loopback interface

    - by khinester
    I am trying to configure a one IP jail with loopback interface, but I am unsure how to configure the IPFW rules to allow traffic to pass between the jail and the network card on the server. I have followed http://blog.burghardt.pl/2009/01/multiple-freebsd-jails-sharing-one-ip-address/ and https://forums.freebsd.org/viewtopic.php?&t=30063 but without success, here is what i have in my ipfw.rules # vim /usr/local/etc/ipfw.rules ext_if="igb0" jail_if="lo666" IP_PUB="192.168.0.2" IP_JAIL_WWW="10.6.6.6" NET_JAIL="10.6.6.0/24" IPF="ipfw -q add" ipfw -q -f flush #loopback $IPF 10 allow all from any to any via lo0 $IPF 20 deny all from any to 127.0.0.0/8 $IPF 30 deny all from 127.0.0.0/8 to any $IPF 40 deny tcp from any to any frag # statefull $IPF 50 check-state $IPF 60 allow tcp from any to any established $IPF 70 allow all from any to any out keep-state $IPF 80 allow icmp from any to any # open port ftp (20,21), ssh (22), mail (25) # ssh (22), , dns (53) etc $IPF 120 allow tcp from any to any 21 out $IPF 130 allow tcp from any to any 22 in $IPF 140 allow tcp from any to any 22 out $IPF 150 allow tcp from any to any 25 in $IPF 160 allow tcp from any to any 25 out $IPF 170 allow udp from any to any 53 in $IPF 175 allow tcp from any to any 53 in $IPF 180 allow udp from any to any 53 out $IPF 185 allow tcp from any to any 53 out # HTTP $IPF 300 skipto 63000 tcp from any to me http,https setup keep-state $IPF 300 skipto 63000 tcp from any to me http,https setup keep-state # deny and log everything $IPF 500 deny log all from any to any # NAT $IPF 63000 divert natd ip from any to any via $jail_if out $IPF 63000 divert natd ip from any to any via $jail_if in but when i create a jail as: # ezjail-admin create -f continental -c zfs node 10.6.6.7 /usr/jails/node/. /usr/jails/node/./etc /usr/jails/node/./etc/resolv.conf /usr/jails/node/./etc/ezjail.flavour.continental /usr/jails/node/./etc/rc.d /usr/jails/node/./etc/rc.conf 4 blocks find: /usr/jails/node/pkg/: No such file or directory Warning: IP 10.6.6.7 not configured on a local interface. Warning: Some services already seem to be listening on all IP, (including 10.6.6.7) This may cause some confusion, here they are: root syslogd 1203 6 udp6 *:514 *:* root syslogd 1203 7 udp4 *:514 *:* i get these warning and then when i go into the jail environment, i am unable to install any ports. any advice much appreciated.

    Read the article

  • Solaris: Is it OK to disable font services?

    - by cjavapro
    Is it OK to disable these services? # svcs -l '*font*' fmri svc:/application/font/stfsloader:default name Standard Type Services Framework (STSF) Font Server loader enabled true state online next_state none state_time Sun May 30 17:58:14 2010 restarter svc:/network/inetd:default fmri svc:/application/font/fc-cache:default name FontConfig Cache Builder enabled true state online next_state none state_time Sun May 30 17:58:15 2010 logfile /var/svc/log/application-font-fc-cache:default.log restarter svc:/system/svc/restarter:default dependency require_all/none svc:/system/filesystem/local (online) dependency require_all/refresh file://localhost/etc/fonts/fonts.conf (online) dependency require_all/none file://localhost/usr/bin/fc-cache (online) #

    Read the article

  • How to port VirtualBox machines with the recent snapshot?

    - by Liran Orevi
    I've ported a 'hard disk' using the 'clonehd' advice given on How to easily port VirtualBox machines? But it's not at the latest state, it's probably before any 'snapshot' was taken. I have only copied the 'hard disk', I haven't copied any 'snapshot' mainly because there are so many. I'm interested to transfer the 'hard disk' at it's latest state. How can this be done? (easily and not by coping the entire snapshots, machine etc...)

    Read the article

  • How can I port forward with iptables?

    - by stu
    I want connections coming in on ppp0 on port 8001 to route to 192.168.1.200 on eth0 on port 8080 I've got these two rules -A PREROUTING -p tcp -m tcp --dport 8001 -j DNAT --to-destination 192.168.1.200:8080 -A FORWARD -m state -p tcp -d 192.168.1.200 --dport 8080 --state NEW,ESTABLISHED,RELATED -j ACCEPT and it doesn't work, what am I missing?

    Read the article

  • allow infiniband for non root users

    - by user1219721
    I got Infiniband running on RHEL 6.3 [root@master ~]# ibv_devinfo hca_id: mthca0 transport: InfiniBand (0) fw_ver: 4.7.927 node_guid: 0017:08ff:ffd0:6f1c sys_image_guid: 0017:08ff:ffd0:6f1f vendor_id: 0x08f1 vendor_part_id: 25208 hw_ver: 0xA0 board_id: VLT0060010001 phys_port_cnt: 2 port: 1 state: PORT_ACTIVE (4) max_mtu: 2048 (4) active_mtu: 2048 (4) sm_lid: 2 port_lid: 3 port_lmc: 0x00 link_layer: InfiniBand port: 2 state: PORT_DOWN (1) max_mtu: 2048 (4) active_mtu: 512 (2) sm_lid: 0 port_lid: 0 port_lmc: 0x00 link_layer: InfiniBand but it's only working as root. when trying from a non-super user, I got nothing : [nicolas@master ~]$ ibv_devices device node GUID ------ ---------------- mthca0 001708ffffd06f1c So, how to allow regular users to use infiniband ?

    Read the article

  • Keep source IP after NAT

    - by John Miller
    Until today I used a cheapy router so I can share my internet connection and keep a webserver online too, while using NAT. Users IP ($_SERVER['REMOTE_ADDR']) was fine, I was seeing class A IPs of users. But as traffic grown up everyday, I had to install a Linux Server (Debian) to share my Internet Connection, because my old router couldn't keep the traffic anymore. I shared the internet via IPTABLES using NAT, but now, after forwarding port 80 to my webserver, now instead of seeing real users IP, I see my Gateway IP (Linux Internal IP) as any user IP Address. How to solve this issue? I edited my post, so I can paste the rules I'm currently using. #!/bin/sh #I made a script to set the rules #I flush everything here. iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain iptables -F iptables -X # I drop everything as a general rule, but this is disabled under testing # iptables -P INPUT DROP # iptables -P OUTPUT DROP # these are the loopback rules iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT # here I set the SSH port rules, so I can connect to my server iptables -A INPUT -p tcp --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp --sport 22 --dport 513:65535 -m state --state ESTABLISHED -j ACCEPT # These are the forwards for 80 port iptables -t nat -A PREROUTING -p tcp -s 0/0 -d xx.xx.xx.xx --dport 80 -j DNAT --to 192.168.42.3:80 iptables -t nat -A POSTROUTING -o eth0 -d xx.xx.xx.xx -j SNAT --to-source 192.168.42.3 iptables -A FORWARD -p tcp -s 192.168.42.3 --sport 80 -j ACCEPT # These are the forwards for bind/dns iptables -t nat -A PREROUTING -p udp -s 0/0 -d xx.xx.xx.xx --dport 53 -j DNAT --to 192.168.42.3:53 iptables -t nat -A POSTROUTING -o eth0 -d xx.xx.xx.xx -j SNAT --to-source 192.168.42.3 iptables -A FORWARD -p udp -s 192.168.42.3 --sport 53 -j ACCEPT # And these are the rules so I can share my internet connection iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A FORWARD -i eth0:1 -j ACCEPT If I delete the MASQUERADE part, I see my real IP while echoing it with PHP, but I don't have internet. How to do, to have internet and see my real IP while ports are forwarded too? ** xx.xx.xx.xx - is my public IP. I hid it for security reasons.

    Read the article

  • SQL Server database filled the hard drive and freeing up space isn't possible

    - by Jon
    I have a database in SQL Server 2008 on a 1Tb hard drive and it filled the drive, there is only 4Kb free. The MDF file is 323Gb and the LDF is 653Gb. The hard disk this DB is on has no other files on it other than the MDF and LDF so it's impossible to free up any space on the drive. The main hard disk is smaller but there is enough room to transfer the MDF to that drive, in case that helps. This server is overseas at a customer site and it's not possible at the moment to add more disk space to the server. It's also not possible to delete any records because the DB is in a failed mode (due to no disk space) and it doesn't respond to most commands. The Db is currently in full recovery mode which is why the LDF file is so large. This DB really doesn't need to be in full recovery so going forward we plan on switching it to simple mode which will save us a lot of space. I also don't care about losing the LDF file, but I need all of the data. I've spent a lot of time looking for a way out of this problem but everything I've found first involves either freeing up disk space or adding more disk space, neither of which is an option at this time. I'm stuck and any help would be greatly appreciated. I get the following log when trying to switch the DB to online mode. Msg 945, Level 14, State 2, Line 3 Database 'DBNAME' cannot be opened due to inaccessible files or insufficient memory or disk space. See the SQL Server errorlog for details. Msg 5069, Level 16, State 1, Line 3 ALTER DATABASE statement failed. Msg 1101, Level 17, State 12, Line 3 Could not allocate a new page for database 'DBNAME' because of insufficient disk space in filegroup 'DEFAULT'. Create the necessary space by dropping objects in the filegroup, adding additional files to the filegroup, or setting autogrowth on for existing files in the filegroup. I've found the following solutions but none work due to having no disk space on that drive, and since the DB is in a failed state I can't run most commmands. - DBCC SHRINKFILE - can't be run because doing a 'use DBNAME' fails - Detaching the DB and then changing the location of the MDF/LDF files, this fails because the DB is in an offline mode so you can't run detach. I'm at a loss about what else to try. Thanks.

    Read the article

  • can I consolidate a multi-disk zfs zpool to a single (larger) disk?

    - by rmeden
    I have this zpool: bash-3.2# zpool status dpool pool: dpool state: ONLINE scan: none requested config: NAME STATE READ WRITE CKSUM dpool ONLINE 0 0 0 c3t600601604F021A009E1F867A3E24E211d0 ONLINE 0 0 0 c3t600601604F021A00141D843A3F24E211d0 ONLINE 0 0 0 I would like to replace both of these disks with a single (larger disk). Can it be done? zpool attach allows me to replace one physical disk, but it won't allow me to replace both at once.

    Read the article

  • Configure server on network to analyze traffic

    - by Strajan Sebastian
    I have the following network: http://i.stack.imgur.com/rapkH.jpg I want to send all the traffic from the devices that connect to the 192.168.0.1 router to the 192.168.10.1 router(and eventually to the Internet), by passing through the server and an additional router. Almost 2 days have passed and I can't figure what is wrong. While searching on the Internet for some similar configuration I found some articles that are somehow related to my needs, but the proposed solutions don't seem to work for me. This is a similar article: iptables forwarding between two interface I done the following steps for the configuration process: Set static IP address 192.168.1.90 for the eth0 on the server from the 192.168.1.1 router Set static IP address 192.168.0.90 for the eth1 on the server from the 192.168.0.1 router Forwarded all the traffic from 192.168.0.1 router to the server on eth1 interface witch seems to be working. The router firmware has some option to redirect all the traffic from all the ports to a specified address. Added the following rules on the server(Only the following, there aren't any additional rules): iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -A FORWARD -i eth1 -o eth0 -m state -–state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT I also tried changing iptables -A FORWARD -i eth1 -o eth0 -m state -–state RELATED,ESTABLISHED -j ACCEPT into iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT but still is not working. After adding the following to enable the packet forwarding for the server that is running CentOS: echo 1 /proc/sys/net/ipv4/ip_forward sysctl -w net.ipv4.ip_forward = 1 After a server restart and extra an extra check to see that all the configuration from above are still available I tried to see again if I can ping from a computer connected to 192.168.0.1/24 LAN the router from 192.168.1.1 but it didn't worked. The server has tshark(console wireshark) installed and I found that while sending a ping from a computer connected to 192.168.0.1 router to 192.168.1.1 the 192.168.0.90(eth1) receives the ping but it doesn't forward it to the eth0 interface as the rule tells: iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT and don't now why this is happening. Questions: The iptables seem that don't work as I am expecting. Is there a need to add in the NAT table from iptables rules to redirect the traffic to the proper location, or is something else wrong with what I've done? I want to use tshark to view the traffic on the server because I think that is the best at doing this. Do you know something better that tshark to capture the traffic and maybe analyze it?

    Read the article

  • Asterisk server firewall script allows 2-way audio from incoming calls, but not on outgoing?

    - by cappie
    I'm running an Asterisk PBX on a virtual machine directly connected to the Internet and I really want to prevent script kiddies, l33t h4x0rz and actual hackers access to my server. The basic way I protect my calling-bill now is by using 32 character passwords, but I would much rather have a way to protect The firewall script I'm currently using is stated below, however, without the established connection firewall rule (mentioned rule #1), I cannot receive incoming audio from the target during outgoing calls: #!/bin/bash # first, clean up! iptables -F iptables -X iptables -t nat -F iptables -t nat -X iptables -t mangle -F iptables -t mangle -X iptables -P INPUT ACCEPT iptables -P FORWARD DROP # we're not a router iptables -P OUTPUT ACCEPT # don't allow invalid connections iptables -A INPUT -m state --state INVALID -j DROP # always allow connections that are already set up (MENTIONED RULE #1) iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # always accept ICMP iptables -A INPUT -p icmp -j ACCEPT # always accept traffic on these ports #iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT # always allow DNS traffic iptables -A INPUT -p udp --sport 53 -j ACCEPT iptables -A OUTPUT -p udp --dport 53 -j ACCEPT # allow return traffic to the PBX iptables -A INPUT -p udp -m udp --dport 50000:65536 -j ACCEPT iptables -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT iptables -A INPUT -p udp --destination-port 5060:5061 -j ACCEPT iptables -A INPUT -p tcp --destination-port 5060:5061 -j ACCEPT iptables -A INPUT -m multiport -p udp --dports 10000:20000 iptables -A INPUT -m multiport -p tcp --dports 10000:20000 # IP addresses of the office iptables -A INPUT -s 95.XXX.XXX.XXX/32 -j ACCEPT # accept everything from the trunk IP's iptables -A INPUT -s 195.XXX.XXX.XXX/32 -j ACCEPT iptables -A INPUT -s 195.XXX.XXX.XXX/32 -j ACCEPT # accept everything on localhost iptables -A INPUT -i lo -j ACCEPT # accept all outgoing traffic iptables -A OUTPUT -j ACCEPT # DROP everything else #iptables -A INPUT -j DROP I would like to know what firewall rule I'm missing for this all to work.. There is so little documentation on which ports (incoming and outgoing) asterisk actually needs.. (return ports included). Are there any firewall/iptables specialists here that see major problems with this firewall script? It's so frustrating not being able to find a simple firewall solution that enabled me to have a PBX running somewhere on the Internet which is firewalled in such a way that it can ONLY allows connections from and to the office, the DNS servers and the trunk(s) (and only support SSH (port 22) and ICMP traffic for the outside world). Hopefully, using this question, we can solve this problem once and for all.

    Read the article

  • Message from Nagios Server

    - by user12213
    Nagios Server is monitoring my Server which hosts Windows Sharepoint. I am getting the following 2 alerts in my inbox from Nagios Server 1. Service: C:\ Drive Space State: CRITICAL Additional Info: CRITICAL - Socket timeout after 10 seconds 2. Service: CPU Load State: CRITICAL Additional Info: CRITICAL - Socket timeout after 10 seconds What do I infer from these?

    Read the article

  • Boot log from remotely managed/hacked iPhone for analysis

    - by user1319903
    in reference to my other post. syslog captured immediately after a hard reset for analysis of foul play. Apr 8, 2012 10:08:36 PM - dataaccessd [53] (Notice): 137860|CoreDAV|Warn |Account "iCloud" couldn't reach the server at p03-contacts.icloud.com: Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." UserInfo=0xde63920 {NSErrorFailingURLStringKey=https://%[email protected]/159665024/principal/, NSErrorFailingURLKey=https://%[email protected]/ /principal/, NSLocalizedDescription=The Internet connection appears to be offline., NSUnderlyingError=0xde7dc00 "The Internet connection appears to be offline."} Apr 8, 2012 10:08:36 PM - UserEventAgent [12] (Warning): TRACE: connection interrupted Apr 8, 2012 10:08:36 PM - UserEventAgent [12] (Warning): DEBUG: disconnected Apr 8, 2012 10:08:36 PM - UserEventAgent [12] (Warning): TRACE: Canceling Apr 8, 2012 10:08:36 PM - UserEventAgent [12] (Warning): TRACE: connection invalid Apr 8, 2012 10:08:35 PM - kernel [0] (Debug): launchd[82] Builtin profile: container (sandbox) Apr 8, 2012 10:08:35 PM - kernel [0] (Debug): launchd[82] Container: /private/var/mobile/Applications/048D35CA-6427-4EC8-8B76-A194697A7CE9 [69] (sandbox) Apr 8, 2012 10:08:35 PM - wifid [29] (Error): WiFi:[355640915.904103]: Client dataaccessd set type to background application Apr 8, 2012 10:08:35 PM - dataaccessd [53] (Notice): 137860|DA|Warn |Delegate 5ADDBE3B-D5FD-43E1-87D4-C1153733EFAB finished a refresh but it is not registered with the refresh manager Apr 8, 2012 10:08:34 PM - timed [31] (Notice): (Note ) CoreTime: Not setting system time to 04/09/2012 05:08:34 from GPS because time is unchanged Apr 8, 2012 10:08:34 PM - timed [31] (Notice): (Note ) CoreTime: Not setting time zone to America/Los_Angeles from NITZ Apr 8, 2012 10:08:33 PM - kernel [0] (Debug): AppleKeyStore:cp_key_store_action(1) Apr 8, 2012 10:08:33 PM - kernel [0] (Debug): AppleKeyStore:Sending lock change Apr 8, 2012 10:08:32 PM - profiled [20] (Notice): (Note ) profiled: Device unlock notification received Apr 8, 2012 10:08:31 PM - softwareupdated [37] (Notice): 3e828d98 : Cleaning up unused prepared updates Apr 8, 2012 10:08:27 PM - mstreamd [43] (Warning): PSDLog: Can't return photoStreamsPublishStreamID because no Apple Account has Photo Streams enabled Apr 8, 2012 10:08:27 PM - mstreamd [43] (Notice): (Note ) mstreamd: Not listening to push notifications. Apr 8, 2012 10:08:27 PM - mstreamd [43] (Warning): PSDLog: Can't return photoStreamsPublishStreamID because no Apple Account has Photo Streams enabled Apr 8, 2012 10:08:27 PM - mstreamd [43] (Notice): (Note ) mstreamd: Not listening to push notifications. Apr 8, 2012 10:08:27 PM - mstreamd [43] (Notice): (Note ) mstreamd: Retrieved push tokens. Dev: 0, Prod: 0 Apr 8, 2012 10:08:27 PM - mstreamd [43] (Notice): (Note ) mstreamd: Media stream daemon starting... Apr 8, 2012 10:08:26 PM - SpringBoard [15] (Notice): SMSCTServer is available and ready to rock. Apr 8, 2012 10:08:26 PM - SpringBoard [15] (Error): mms: * isMmsConfigured = 1 Apr 8, 2012 10:08:26 PM - MobilePhone [79] (Warning): Connection lost, retrying with key exchange. Apr 8, 2012 10:08:26 PM - MobilePhone [79] (Warning): Connection lost, retrying with key exchange. Apr 8, 2012 10:08:26 PM - MobilePhone [79] (Warning): Connection lost, retrying with key exchange. Apr 8, 2012 10:08:26 PM - MobilePhone [79] (Warning): Connection lost, retrying with key exchange. Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Warning): BT: failed to get connectable state with error 111 Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Error): WiFi: Consulting "no-sdio-devices" property. Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Error): WiFi: "no-sdio-devices" property not found. Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Warning): SMS Plugin initialized. Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Warning): Telephony plugin initialized Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Warning): SIMToolkit plugin for SpringBoard initialized. Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Error): WiFi: Consulting "no-sdio-devices" property. Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Error): WiFi: "no-sdio-devices" property not found. Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Warning): WiFi picker plugin initialized Apr 8, 2012 10:08:25 PM - SpringBoard [15] (Warning): EKAlarmEngine: Region monitoring not available or enabled. Trigger ignored! Apr 8, 2012 10:08:24 PM - kernel [0] (Debug): AppleH4CamIn::setPowerStateGated: 0 Apr 8, 2012 10:08:24 PM - kernel [0] (Debug): AppleH4CamIn::power_off_hardware Apr 8, 2012 10:08:24 PM - SpringBoard [15] (Notice): IOMobileFrameBufferGetMirroringCapability returning -536870201 via kIOMFBConnectMethod_GetMirroringCapability  Apr 8, 2012 10:08:24 PM - aggregated [61] (Warning): PLAggregateState Error: Leaving state unplugged_screen_off even though we are not in it, doing nothing Apr 8, 2012 10:08:24 PM - aggregated [61] (Warning): PLAggregateState Error: Entering state unplugged_screen_on even though we are already in it, doing nothing Apr 8, 2012 10:08:24 PM - wifid [29] (Error): WiFi:[355640904.616440]: Disable WoW requested by "spd" Apr 8, 2012 10:08:24 PM - SpringBoard [15] (Warning): Application windows are expected to have a root view controller at the end of application launch Apr 8, 2012 10:08:23 PM - SpringBoard [15] (Warning): BTM: attaching to BTServer Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::ISP_LoadFirmware_gated: fw len=1232920 Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::ISP_LoadFirmware_gated - firmware checksum: 0x05935019 Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::power_on_hardware Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::ISP_Init - No set-file loaded for camera channel 0 Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::ISP_Init - No set-file loaded for camera channel 1 Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::ISP_InitialSensorDetection - found sensor on chan 0: 0x0145 Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::ISP_InitialSensorDetection - found sensor on chan 1: 0x7736 Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::power_off_hardware Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::ISP_LoadSetfile_gated (camChan=0) Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::ISP_LoadSetfile_gated (camChan=1) Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::setPowerStateGated: 1 Apr 8, 2012 10:08:23 PM - kernel [0] (Debug): AppleH4CamIn::power_on_hardware Apr 8, 2012 10:08:23 PM - profiled [20] (Notice): (Note ) profiled: Locking device Apr 8, 2012 10:08:22 PM - kernel [0] (Debug): HighlandParkResourceMgr::AddFirmware() {'cdma', '    '} added to resources Apr 8, 2012 10:08:22 PM - kernel [0] (Debug): AppleSynopsysOTGDevice::gated_registerFunction Register function PTP Apr 8, 2012 10:08:22 PM - kernel [0] (Debug): AppleSynopsysOTGDevice::gated_registerFunction all functions registered- we are ready to start usb stack Apr 8, 2012 10:08:22 PM - kernel [0] (Debug): AppleSynopsysOTGDevice::handleUSBCableDisconnect Apr 8, 2012 10:08:22 PM - kernel [0] (Debug): HighlandParkResourceMgr::AddFirmware() {'gsm ', 'nb  '} added to resources Apr 8, 2012 10:08:22 PM - kernel [0] (Debug): HighlandParkResourceMgr::AddFirmware() {'gsm ', 'wb  '} added to resources Apr 8, 2012 10:08:22 PM - MRMLowDiskUEA [12] (Notice): MobileDelete: LowDisk Plugin: start Apr 8, 2012 10:08:22 PM - MRMLowDiskUEA [12] (Notice): kqueue registration successful Apr 8, 2012 10:08:22 PM - mediaserverd [44] (Error): 22:08:22.522867 com.apple.AVConference: /SourceCache/GameKitServices/GameKitServices-344.21/AVConference.subproj/Sources/AVConferenceServer.m:1867: AVConferenceServerStart Apr 8, 2012 10:08:22 PM - CommCenter [18] (Notice): Carrier bundle value for recipient address: 28818773 Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice - Configuration: PTP Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: PTP Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice - Configuration: iPod USB Interface Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: USBAudioControl Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: USBAudioStreaming Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: IapOverUsbHid Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice - Configuration: PTP + Apple Mobile Device Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: PTP Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: AppleUSBMux Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice - Configuration: PTP + Apple Mobile Device + Apple USB Ethernet Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: PTP Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: AppleUSBMux Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice          Interface: AppleUSBEthernet Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): IOAccessoryPortUSB::start Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice::gated_registerFunction Register function USBAudioControl Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): virtual bool AppleUSBDeviceMux::start(IOService*) build: Feb  1 2012 23:16:46 Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): init_waste Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice::gated_registerFunction Register function AppleUSBMux Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice::gated_registerFunction Register function IapOverUsbHid Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice::gated_registerFunction Register function USBAudioStreaming Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleSynopsysOTGDevice::gated_registerFunction Register function AppleUSBEthernet Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleUSBEthernetDevice::start: Host MAC address = 02:(this Mac address does not physically exist) -edit Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): AppleUSBEthernetDevice: Ethernet address  Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): BTServer[66] Builtin profile: BlueTool (sandbox) Apr 8, 2012 10:08:21 PM - kernel [0] (Debug): BTServer[66] Builtin profile: BlueTool (sandbox) Apr 8, 2012 10:08:21 PM - hpfd [50] (Notice): firmware resource loaded { 'cdma' '    ' } Apr 8, 2012 10:08:21 PM - wifid [29] (Error): WiFi:[355640901.282776]: Could not read APPLE80211_IOC_SUPPORTED_CHANNELS err=82 Apr 8, 2012 10:08:21 PM - wifid [29] (Error): WiFi:[355640901.312786]: Client itunesstored is background application Apr 8, 2012 10:08:21 PM - timed [31] (Notice): (Note ) CoreTime: Want active time in 38.24hrs. Need active time in 121.57hrs. Apr 8, 2012 10:08:21 PM - SpringBoard [15] (Notice): MultitouchHID: detection mode: 255-0 (deferring until bootloaded) Apr 8, 2012 10:08:21 PM - CLTM [12] (Error): CLTM: resetting temps: now = 1333948101, last update = -2147483648 Apr 8, 2012 10:08:21 PM - locationd [28] (Error): WiFi:[355640901.852993]: WiFiManager now available Apr 8, 2012 10:08:21 PM - OTACrashCopier [62] (Notice): (Warn ) Failed to read attributes from '/var/mobile/Library/OTALogging/.last_successful_submission_marker' Apr 8, 2012 10:08:21 PM - hpfd [50] (Notice): firmware resource loaded { 'gsm ' 'nb  ' } Apr 8, 2012 10:08:21 PM - hpfd [50] (Notice): firmware resource loaded { 'gsm ' 'wb  ' } Apr 8, 2012 10:08:20 PM - kernel [0] (Debug): AppleBCMWLANCore::initFirmware(): successful initialization Apr 8, 2012 10:08:20 PM - kernel [0] (Debug): AppleBCMWLANCore:initFirmware(): 2496 PropTxStatus feature is not enabled for this platform  Apr 8, 2012 10:08:20 PM - kernel [0] (Debug): AppleBCMWLANCore::initDongle():: creating virtual interface with prefix = ap Apr 8, 2012 10:08:20 PM - kernel [0] (Debug): AppleBCMWLANCore::initDongle(): Core Driver Initialization Time 19.38798583 Apr 8, 2012 10:08:20 PM - kernel [0] (Debug): 000019.281423 hsic-baseband::safetyNet: port is not connected Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 _create_cesm_vault: try to create blob Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 load_activation_records: This is the default record Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 _create_cesm_vault: blob written Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 ping_configd: Not setting host name, it already has one: Pete's iPod  Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 lookup_baseband_info_new: radio not ready: kCTPostponementStatusNotReady Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 load_activation_records: This is the default record Apr 8, 2012 10:08:20 PM - SpringBoard [15] (Error): WiFi: Consulting "no-sdio-devices" property. Apr 8, 2012 10:08:20 PM - SpringBoard [15] (Error): WiFi: "no-sdio-devices" property not found. Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 determine_activation_state_new: Original act. state: Activated Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 determine_activation_state_new: radio not ready, don't change activation status, wait for notification, status: kCTPostponementStatusNotReady Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 determine_activation_state_new: Activation state now is Activated Apr 8, 2012 10:08:20 PM - SpringBoard [15] (Warning): lockdown says the device is: [Activated], state is 3 Apr 8, 2012 10:08:20 PM - SpringBoard [15] (Warning): lockdown says we've previously registered: [1], state is 1 Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 notification_worker: now listening for CT notifications Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 notification_worker: we've registered for notifications, now make sure we didn't miss one... Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 load_activation_records: This is the default record Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 determine_activation_state_new: Original act. state: Activated Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 determine_activation_state_new: radio not ready, don't change activation status, wait for notification, status: kCTPostponementStatusNotReady Apr 8, 2012 10:08:20 PM - lockdownd [23] (Notice): 3e828d98 determine_activation_state_new: Activation state now is Activated Apr 8, 2012 10:08:20 PM - SpringBoard [15] (Notice): Posting 'com.apple.iokit.hid.displayStatus' notifyState=1 Apr 8, 2012 10:08:20 PM - SpringBoard [15] (Notice): __IOHIDLoadBundles: Loaded 1 HID plugin Apr 8, 2012 10:08:19 PM - wifiFirmwareLoader [30] (Warning): [    18.778 sec] Downloaded firmware, 192512 bytes Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleKeyStore:cp_key_store_action(0) Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleMultitouchN1SPI: downloaded 128 bytes of prox calibration data ("built-in") Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleMultitouchN1SPI: downloaded 1024 bytes of calibration data ("built-in") Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::attachBusGated(): Bus Driver Initialization Time 18.266927958 Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore:attachBusGated(): Starting with MAC Address: 00:f4:b9:2f:d9:8d Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANFirmwareManager::setNVRAMData(): received 778 bytes Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore: Ethernet address 00:f4:b9:2f:d9:8d Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): Loading syscfg. Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleMultitouchN1SPI: downloaded 56264 bytes of firmware data ("0x0084.bin") in 152ms. Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::apple80211_ioctl() Driver not yet initialized, cannot process ioctl Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::apple80211_ioctl() Driver not yet initialized, cannot process ioctl Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AirPort: Enabled AppleBCMWLANCore (link 0, sys 0, user 0) Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::apple80211_ioctl() Driver not yet initialized, cannot process ioctl Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::apple80211_ioctl() Driver not yet initialized, cannot process ioctl Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANBusInterfaceHSIC::loadFirmware(): DL Ver: chip 0x4330, chiprev 0x4 Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): BTServer[66] Builtin profile: BlueTool (sandbox) Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): BCMWLAN Firmware Version: wl0: Dec 22 2011 19:03:58 version 5.95.45 Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::initFirmware(): Firmware supports ap mode; enabling apsta feature (currently enabled) Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::initFirmware(): country code set to XX Apr 8, 2012 10:08:19 PM - configd [14] (Notice): network configuration changed. Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCmdManager::processResponse(): Firmware Error "BCOM Unsupported" on command "WLC_SET_VAR: bus:txglom" (263). Transaction ID 3, length 0 Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::initFirmware(): Glomming not supported on this device: BCOM Unsupported Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::initFirmware: apsta set to 1 Apr 8, 2012 10:08:19 PM - kernel [0] (Debug): AppleBCMWLANCore::handleEventPacket(): WLC_E_FIFO_CREDIT_MAP,length 6 [9 2 5 3 2] Apr 8, 2012 10:08:19 PM - iapd [49] (Error): Timed out trying to acquire capabilities data. Apr 8, 2012 10:08:19 PM - softwareupdated [37] (Notice): 3e828d98 : Cleaning up unused prepared updates Apr 8, 2012 10:08:19 PM - com.apple.misd [63] (Notice): allowing special port forwarding for test fixtures Apr 8, 2012 10:08:19 PM - hpfd [50] (Notice): resource request { 'N94 ', '    ' } Apr 8, 2012 10:08:19 PM - mstreamd [43] (Notice): (Note ) mstreamd: mstreamd starting up. Apr 8, 2012 10:08:18 PM - kernel [0] (Debug): launchd[44] Builtin profile: mediaserverd (sandbox) Apr 8, 2012 10:08:18 PM - kernel [0] (Debug): launchd[49] Builtin profile: iapd (sandbox) Apr 8, 2012 10:08:18 PM - kernel [0] (Debug): launchd[53] Builtin profile: dataaccessd (sandbox) Apr 8, 2012 10:08:18 PM - kernel [0] (Debug): launchd[60] Builtin profile: apsd (sandbox) Apr 8, 2012 10:08:18 PM - kernel [0] (Debug): launchd[66] Builtin profile: BTServer (sandbox) Apr 8, 2012 10:08:18 PM - mDNSResponder [46] (Error): mDNSResponder mDNSResponder-329.10 (Jan 15 2012 19:07:41) starting iOSVers 9 Apr 8, 2012 10:08:18 PM - mDNSResponder [46] (Error): Note: SetDomainSecrets: no keychain support Apr 8, 2012 10:08:18 PM - mDNSResponder [46] (Error): Note: Compiled without SnowLeopard Fine-Grained Power Management support Apr 8, 2012 10:08:18 PM - fseventsd [51] (Critical): event logs in /private/var/.fseventsd out of sync with volume.  destroying old logs. (10083 7 10090) Apr 8, 2012 10:08:18 PM - fseventsd [51] (Critical): log dir: /private/var/.fseventsd getting new uuid: 8778E61A-0283-4067-B7DF-F75D109983D1 Apr 8, 2012 10:08:18 PM - fseventsd [51] (Error): failed to make the directory /.fseventsd (30/Read-only file system) Apr 8, 2012 10:08:18 PM - fseventsd [51] (Critical): could not open < (No such file or directory) Apr 8, 2012 10:08:18 PM - fseventsd [51] (Critical): log dir: /tmp getting new uuid: 3919EB54-A54F-4289-864A-5158A25EF9DA Apr 8, 2012 10:08:18 PM - wifid [29] (Error): WiFi:[355640898.328610]: WiFi Preferences is up to date Apr 8, 2012 10:08:18 PM - mDNSResponder [46] (Error): D2DInitialize succeeded Apr 8, 2012 10:08:18 PM - fairplayd.N94 [52] (Notice): Vroum Apr 8, 2012 10:08:18 PM - wifid [29] (Error): WiFi:[355640898.537219]: WiFiManager starting, version: WiFiManager-260.9 Feb  4 2012 13:25:16 Apr 8, 2012 10:08:18 PM - configd [14] (Error): WiFi:[355640898.539342]: WiFiManager now available Apr 8, 2012 10:08:18 PM - keybagd [39] (Error): 3e828d98 main: System Keybag loaded Apr 8, 2012 10:08:18 PM - wifiFirmwareLoader [30] (Warning): [    18.268 sec] Found AppleBCMWLANBusInterface; downloading FW.. Apr 8, 2012 10:08:18 PM - wifiFirmwareLoader [30] (Warning): Loading "/usr/share/firmware/wifi/4330b2/bcm94330OlympicUNO3.txt", file size = 778 bytes Apr 8, 2012 10:08:18 PM - wifiFirmwareLoader [30] (Warning): [    18.276 sec] Sending NVRAM, 778 bytes Apr 8, 2012 10:08:18 PM - wifiFirmwareLoader [30] (Warning): Loading "/usr/share/firmware/wifi/4330b2/n94.trx", file size = 192512 bytes Apr 8, 2012 10:08:18 PM - wifiFirmwareLoader [30] (Warning): [    18.300 sec] Sending firmware, 192512 bytes Apr 8, 2012 10:08:18 PM - lockdownd [23] (Error): libMobileGestalt copyEthernetMacAddress: got 00:f4:b9:2f:d9:8f from syscfg Apr 8, 2012 10:08:18 PM - mediaserverd [44] (Notice): 2012-04-08 10:08:18.817015 PM [AirTunes] HAL plugin started Apr 8, 2012 10:08:18 PM - lockdownd [23] (Error): libMobileGestalt createCFStringWithCFData: Cannot convert NULL data to string Apr 8, 2012 10:08:18 PM - lockdownd [23] (Error): libMobileGestalt copyBasebandBoardSnum: Could not convert baseband board snum data to string Apr 8, 2012 10:08:18 PM - lockdownd [23] (Error): libMobileGestalt createCFStringWithCFData: Cannot convert NULL data to string Apr 8, 2012 10:08:18 PM - lockdownd [23] (Error): libMobileGestalt copyWirelessBoardSnum: Could not convert wireless board snum data to string Apr 8, 2012 10:08:18 PM - lockdownd [23] (Notice): 3e828d98 lockstart_local: Build= 9B179 Apr 8, 2012 10:08:18 PM - lockdownd [23] (Notice): 3e828d98 _load_product_type: using Raptor Certs Apr 8, 2012 10:08:17 PM - wifiFirmwareLoader [30] (Warning): [    17.590 sec] wlan AppleUSBHSICDevice found Apr 8, 2012 10:08:17 PM - wifiFirmwareLoader [30] (Warning): [    17.590 sec] WLAN Enumeration attempt 0 / 6: Apr 8, 2012 10:08:17 PM - wifiFirmwareLoader [30] (Warning): [    17.591 sec] Waiting for AppleBCMWLANBusInterface to enumerate... Apr 8, 2012 10:08:16 PM - CommCenter [18] (Notice): MMS thread running Apr 8, 2012 10:08:16 PM - CommCenter [18] (Notice): Communications Center Started. Apr 8, 2012 10:08:16 PM - CommCenter [18] (Notice): STOP LOCATION UPDATE Apr 8, 2012 10:08:16 PM - locationd [28] (Error): WiFi:[355640896.704327]: bootstrap_look_up of WiFiManager server failed Apr 8, 2012 10:08:16 PM - locationd [28] (Error): WiFi:[355640896.705542]: bootstrap_look_up of WiFiManager server failed Apr 8, 2012 10:08:16 PM - locationd [28] (Error): WiFi:[355640896.706648]: bootstrap_look_up of WiFiManager server failed Apr 8, 2012 10:08:16 PM - locationd [28] (Error): WiFi:[355640896.707418]: bootstrap_look_up of WiFiManager server failed Apr 8, 2012 10:08:15 PM - kernel [0] (Debug): bool AppleRGBOUT::power_down_hardware(), RGB_CTRL (0x00000000) clk_down_ready is not set after 60 msecs Apr 8, 2012 10:08:14 PM - lockdownd [23] (Notice): 3e828d98 main: Starting Up Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): IOReturn AppleRGBOUT::set_display_device_gated(uint32_t), 1 Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): virtual void AppleRGBOUT::do_power_state_change(): fSoft: 1 fHard: 1 swapBusy: 1  fController: 0 - 1 Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): bool AppleRGBOUT::power_up_hardware() Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): set_crc_notification_state 0 Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): virtual void AppleRGBOUT::do_power_state_change(): fSoft: 0 fHard: 1 swapBusy: 0  fController: 1 - 0 Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): bool AppleRGBOUT::power_down_hardware() Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): IOReturn IOMobileFramebufferUserClient::set_hotplug_notify(void *, void *) 0x314b3f0d 0xe215600 Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): IOReturn IOMobileFramebufferUserClient::set_hotplug_notify(void *, void *) 0x849d5000 0x876e8828 0x314b3f0d 0xe215600 Apr 8, 2012 10:08:14 PM - kernel [0] (Debug): bool AppleRGBOUT::power_down_hardware(), clock down RGBOUT Apr 8, 2012 10:08:14 PM - SpringBoard [15] (Notice): IOMobileFrameBufferGetMirroringCapability returning -536870201 via kIOMFBConnectMethod_GetMirroringCapability  Apr 8, 2012 10:08:14 PM - backupd [21] (Warning): INFO: Account changed (enabled=0, accountID=159665024) Apr 8, 2012 10:08:13 PM - kernel [0] (Debug): launchd[17] Builtin profile: ptpd (sandbox) Apr 8, 2012 10:08:13 PM - UserEventAgent [12] (Warning): Factory called Apr 8, 2012 10:08:13 PM - configd [14] (Error): WiFi:[355640893.157493]: bootstrap_look_up of WiFiManager server failed Apr 8, 2012 10:08:13 PM - configd [14] (Error): WiFi:[355640893.158197]: bootstrap_look_up of WiFiManager server failed Apr 8, 2012 10:08:13 PM - configd [14] (Error): WiFi:[355640893.158878]: bootstrap_look_up of WiFiManager server failed Apr 8, 2012 10:08:13 PM - UserEventAgent [12] (Notice): (Note ) PIH: MCUEAPlugin initialized. Apr 8, 2012 10:08:13 PM - UserEventAgent [12] (Error): Querying interface Apr 8, 2012 10:08:13 PM - configd [14] (Error): ioctl(SIOCGIFCAP) failed: Device not configured Apr 8, 2012 10:08:13 PM - configd [14] (Error): ioctl(SIOCGIFCAP) failed: Device not configured Apr 8, 2012 10:08:13 PM - configd [14] (Notice): setting hostname to "Petes-iPod" Apr 8, 2012 10:08:13 PM - configd [14] (Notice): network configuration changed. Apr 8, 2012 10:08:13 PM - UserEventAgent [12] (Warning): TRACE: sending {    command = kMBMessageAccountChanged; } Apr 8, 2012 10:08:13 PM - profiled [20] (Notice): (Note ) profiled: Service starting... Apr 8, 2012 10:08:13 PM - profiled [20] (Notice): (Note ) profiled: Performing boot time checks. Apr 8, 2012 10:08:13 PM - profiled [20] (Notice): (Note ) MC: Checking for MDM installation... Apr 8, 2012 10:08:13 PM - profiled [20] (Notice): (Note ) MC: ...finished checking for MDM installation. Apr 8, 2012 10:08:13 PM - profiled [20] (Notice): (Note ) profiled: Checking for new carrier profile... Apr 8, 2012 10:08:13 PM - profiled [20] (Notice): (Note ) profiled: Installing new carrier profile. Apr 8, 2012 10:08:13 PM - profiled [20] (Notice): (Note ) profiled: Carrier profile has already been installed. Apr 8, 2012 10:08:12 PM - com.apple.launchd [1] (Warning): (com.apple.ptpd) The exception server is already claimed! Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: mitigation behavior enabled Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: camera equations enabled Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: thermal monitoring enabled Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: registered for wake notification Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 0 to 16384 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 1 to 546 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 2 to 5461 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 3 to 6553 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 4 to 5461 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 5 to 5461 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 6 to 16384 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 9 to 5461 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set decay on sensor 10 to 5461 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: Set AppleARMPerformanceControllerDVDFactor1 dithering level to 101% Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: Set AppleARMPerformanceControllerDVDFactor0 dithering level to 100% Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: Set charge rate index to 0 Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: HID not ready cannot set BL Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: setting thermal status level to 0 (0) [-32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768] Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: set allowable transmit power limit to 24.000 dBm [-32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768, -32768] Apr 8, 2012 10:08:12 PM - CLTM [12] (Error): CLTM: Could not close relay file Apr 8, 2012 10:08:12 PM - CLTM [12] (Notice): CLTM: thermtgraphrelay is not present

    Read the article

  • Unable to attach "AdventureWorks2008" Sample Database to a named Instance in SQL Server 2008

    - by uzorick
    First of all "Northwind" and "AdventureWorksDW2008" databases attached without problem, but "AdventureWorks2008" fails with the following error. // Msg 5120, Level 16, State 105, Line 1 Unable to open the physical file "C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\DATA\Documents". Operating system error 2: "2(The system cannot find the file specified.)". Msg 5105, Level 16, State 14, Line 1 A file activation error occurred. The physical file name 'C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\DATA\Documents' may be incorrect. Diagnose and correct additional errors, and retry the operation. Msg 1813, Level 16, State 2, Line 1 Could not open new database 'AdventureWorks2008'. CREATE DATABASE is aborted. // PS: I did not use the default database instance "MSSQLSERVER" during install, so Where is it finding this path "C:...\MSSQL10.MSSQLSERVER...\Documents"?

    Read the article

  • Refresh DOM with jquery after AJAX call

    - by Pim
    I'm working on a new project http://www.hotwirerevealed.com which reveals / identifies hotels on hotwire.com. After inputting a state and a destination I have a javascript functions that uses jquery's .post method to post. The post request goes to an php page which outputs html, I se jquery's html method to place the content on the page. like so function post(){ $.post("lookup.php", {action: "find", area: area, stars: stars, amenities: amenities, state: $('#state').val()}, function(data){ $("#details").html(data); }); } I have hyperlinks to hotels which I like to use in a light box <a class="hotel" href="http://google.com/search?btnI=1&amp;q=Amerisuites+Northeast+Orlando+(Airport+MCO)">Amerisuites Northeast</a> im trying to use jquery's fancy box but fancy box $(document).ready(function(){ $(".hotel").fancybox({ 'width' : '75%', 'height' : '75%', 'type' : 'iframe' }); }); but it doesn't seem to work, im guessing because jquery doesn't know the element it there? I've tried to use jquery live() method with little success, any help would be appreciated, thanks ahead of time

    Read the article

  • Validating ModelChoiceField in Django forms

    - by Andrey
    I'm trying to validate a form containing a ModelChoiceField: state = forms.ModelChoiceField(queryset=State.objects.all(), empty_label=None) When it is used in normal circumstances, everything goes just fine. But I'd like to protect the form from the invalid input. It's pretty obvious that I must get forms.ValidationError when I put invalid value in this field, isn't it? But if I try to submit a form with a value 'invalid' in 'state' field, I get ValueError: invalid literal for int() with base 10: 'invalid' and not the expected forms.ValidationError. What should I do? I tried to place a def clean_state(self) to check this field but that didn't work plus I don't think this is a good solution, there must be something more simple but I just missed that.

    Read the article

  • Resque Runtime Error at /workers: wrong number of arguments for 'exists' command

    - by Superflux
    I'm having a runtime errror when i'm looking at the "workers" tab on resque-web (localhost). Everything else works. Edit: when this error occurs, i also have some (3 or 4) unknown workers 'not working'. I think they are responsible for the error but i don't understand how they got here Can you help me on this ? Did i do something wrong ? Config: Resque 1.8.5 as a gem in a rails 2.3.8 app on Snow Leopard redis 1.0.7 / rack 1.1 / sinatra 1.0 / vegas 0.1.7 file: client.rb location: format_error_reply line: 558 BACKTRACE: * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in format_error_reply * 551. when DOLLAR then format_bulk_reply(line) 552. when ASTERISK then format_multi_bulk_reply(line) 553. else raise ProtocolError.new(reply_type) 554. end 555. end 556. 557. def format_error_reply(line) 558. raise "-" + line.strip 559. end 560. 561. def format_status_reply(line) 562. line.strip 563. end 564. 565. def format_integer_reply(line) * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in format_reply * 541. 542. def reconnect 543. disconnect && connect_to_server 544. end 545. 546. def format_reply(reply_type, line) 547. case reply_type 548. when MINUS then format_error_reply(line) 549. when PLUS then format_status_reply(line) 550. when COLON then format_integer_reply(line) 551. when DOLLAR then format_bulk_reply(line) 552. when ASTERISK then format_multi_bulk_reply(line) 553. else raise ProtocolError.new(reply_type) 554. end 555. end * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in read_reply * 478. disconnect 479. 480. raise Errno::EAGAIN, "Timeout reading from the socket" 481. end 482. 483. raise Errno::ECONNRESET, "Connection lost" unless reply_type 484. 485. format_reply(reply_type, @sock.gets) 486. end 487. 488. 489. if "".respond_to?(:bytesize) 490. def get_size(string) 491. string.bytesize 492. end * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in process_command * 448. return pipeline ? results : results[0] 449. end 450. 451. def process_command(command, argvv) 452. @sock.write(command) 453. argvv.map do |argv| 454. processor = REPLY_PROCESSOR[argv[0].to_s] 455. processor ? processor.call(read_reply) : read_reply 456. end 457. end 458. 459. def maybe_lock(&block) 460. if @thread_safe 461. @mutex.synchronize(&block) 462. else * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in map * 446. end 447. 448. return pipeline ? results : results[0] 449. end 450. 451. def process_command(command, argvv) 452. @sock.write(command) 453. argvv.map do |argv| 454. processor = REPLY_PROCESSOR[argv[0].to_s] 455. processor ? processor.call(read_reply) : read_reply 456. end 457. end 458. 459. def maybe_lock(&block) 460. if @thread_safe * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in process_command * 446. end 447. 448. return pipeline ? results : results[0] 449. end 450. 451. def process_command(command, argvv) 452. @sock.write(command) 453. argvv.map do |argv| 454. processor = REPLY_PROCESSOR[argv[0].to_s] 455. processor ? processor.call(read_reply) : read_reply 456. end 457. end 458. 459. def maybe_lock(&block) 460. if @thread_safe * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in raw_call_command * 435. @sock.write(command) 436. return true 437. end 438. # The normal command execution is reading and processing the reply. 439. results = maybe_lock do 440. begin 441. set_socket_timeout!(0) if requires_timeout_reset?(argvv[0][0].to_s) 442. process_command(command, argvv) 443. ensure 444. set_socket_timeout!(@timeout) if requires_timeout_reset?(argvv[0][0].to_s) 445. end 446. end 447. 448. return pipeline ? results : results[0] 449. end * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in synchronize * 454. processor = REPLY_PROCESSOR[argv[0].to_s] 455. processor ? processor.call(read_reply) : read_reply 456. end 457. end 458. 459. def maybe_lock(&block) 460. if @thread_safe 461. @mutex.synchronize(&block) 462. else 463. block.call 464. end 465. end 466. 467. def read_reply 468. * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in maybe_lock * 454. processor = REPLY_PROCESSOR[argv[0].to_s] 455. processor ? processor.call(read_reply) : read_reply 456. end 457. end 458. 459. def maybe_lock(&block) 460. if @thread_safe 461. @mutex.synchronize(&block) 462. else 463. block.call 464. end 465. end 466. 467. def read_reply 468. * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in raw_call_command * 432. end 433. # When in Pub/Sub mode we don't read replies synchronously. 434. if @pubsub 435. @sock.write(command) 436. return true 437. end 438. # The normal command execution is reading and processing the reply. 439. results = maybe_lock do 440. begin 441. set_socket_timeout!(0) if requires_timeout_reset?(argvv[0][0].to_s) 442. process_command(command, argvv) 443. ensure 444. set_socket_timeout!(@timeout) if requires_timeout_reset?(argvv[0][0].to_s) 445. end 446. end * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in call_command * 336. # try to reconnect just one time, otherwise let the error araise. 337. def call_command(argv) 338. log(argv.inspect, :debug) 339. 340. connect_to_server unless connected? 341. 342. begin 343. raw_call_command(argv.dup) 344. rescue Errno::ECONNRESET, Errno::EPIPE, Errno::ECONNABORTED 345. if reconnect 346. raw_call_command(argv.dup) 347. else 348. raise Errno::ECONNRESET 349. end 350. end * /Library/Ruby/Gems/1.8/gems/redis-1.0.7/lib/redis/client.rb in method_missing * 385. connect_to(@host, @port) 386. call_command([:auth, @password]) if @password 387. call_command([:select, @db]) if @db != 0 388. @sock 389. end 390. 391. def method_missing(*argv) 392. call_command(argv) 393. end 394. 395. def raw_call_command(argvp) 396. if argvp[0].is_a?(Array) 397. argvv = argvp 398. pipeline = true 399. else * /Library/Ruby/Gems/1.8/gems/redis-namespace-0.4.4/lib/redis/namespace.rb in send * 159. args = add_namespace(args) 160. args.push(last) if last 161. when :alternate 162. args = [ add_namespace(Hash[*args]) ] 163. end 164. 165. # Dispatch the command to Redis and store the result. 166. result = @redis.send(command, *args, &block) 167. 168. # Remove the namespace from results that are keys. 169. result = rem_namespace(result) if after == :all 170. 171. result 172. end 173. * /Library/Ruby/Gems/1.8/gems/redis-namespace-0.4.4/lib/redis/namespace.rb in method_missing * 159. args = add_namespace(args) 160. args.push(last) if last 161. when :alternate 162. args = [ add_namespace(Hash[*args]) ] 163. end 164. 165. # Dispatch the command to Redis and store the result. 166. result = @redis.send(command, *args, &block) 167. 168. # Remove the namespace from results that are keys. 169. result = rem_namespace(result) if after == :all 170. 171. result 172. end 173. * /Library/Ruby/Gems/1.8/gems/resque-1.8.5/lib/resque/worker.rb in state * 416. def idle? 417. state == :idle 418. end 419. 420. # Returns a symbol representing the current worker state, 421. # which can be either :working or :idle 422. def state 423. redis.exists("worker:#{self}") ? :working : :idle 424. end 425. 426. # Is this worker the same as another worker? 427. def ==(other) 428. to_s == other.to_s 429. end 430. * /Library/Ruby/Gems/1.8/gems/resque-1.8.5/lib/resque/server/views/workers.erb in __tilt_a2112543c5200dbe0635da5124b47311 * 46. <tr> 47. <th>&nbsp;</th> 48. <th>Where</th> 49. <th>Queues</th> 50. <th>Processing</th> 51. </tr> 52. <% for worker in (workers = resque.workers.sort_by { |w| w.to_s }) %> 53. <tr class="<%=state = worker.state%>"> 54. <td class='icon'><img src="<%=u state %>.png" alt="<%= state %>" title="<%= state %>"></td> 55. 56. <% host, pid, queues = worker.to_s.split(':') %> 57. <td class='where'><a href="<%=u "workers/#{worker}"%>"><%= host %>:<%= pid %></a></td> 58. <td class='queues'><%= queues.split(',').map { |q| '<a class="queue-tag" href="' + u("/queues/#{q}") + '">' + q + '</a>'}.join('') %></td> 59. 60. <td class='process'> * /Library/Ruby/Gems/1.8/gems/resque-1.8.5/lib/resque/server/views/workers.erb in each * /Library/Ruby/Gems/1.8/gems/resque-1.8.5/lib/resque/server/views/workers.erb in __tilt_a2112543c5200dbe0635da5124b47311 * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/tilt.rb in send * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/tilt.rb in evaluate * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/tilt.rb in render * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in render * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in erb * /Library/Ruby/Gems/1.8/gems/resque-1.8.5/lib/resque/server.rb in show * /Library/Ruby/Gems/1.8/gems/resque-1.8.5/lib/resque/server.rb in GET /workers * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in call * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in route * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in instance_eval * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in route_eval * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in route! * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in catch * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in route! * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in each * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in route! * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in dispatch! * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in call! * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in instance_eval * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in invoke * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in catch * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in invoke * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in call! * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in call * /Volumes/Donnees/Users/**/.gem/ruby/1.8/gems/rack-1.1.0/lib/rack/showexceptions.rb in call * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in call * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in synchronize * /Library/Ruby/Gems/1.8/gems/sinatra-1.0/lib/sinatra/base.rb in call * /Volumes/Donnees/Users/**/.gem/ruby/1.8/gems/rack-1.1.0/lib/rack/content_length.rb in call * /Volumes/Donnees/Users/**/.gem/ruby/1.8/gems/rack-1.1.0/lib/rack/chunked.rb in call * /Volumes/Donnees/Users/**/.gem/ruby/1.8/gems/rack-1.1.0/lib/rack/handler/mongrel.rb in process * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in process_client * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in each * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in process_client * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in run * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in initialize * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in new * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in run * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in initialize * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in new * /System/Library/Frameworks/Ruby.framework/Versions/1.8/usr/lib/ruby/gems/1.8/gems/mongrel-1.1.5/lib/mongrel.rb in run * /Volumes/Donnees/Users/**/.gem/ruby/1.8/gems/rack-1.1.0/lib/rack/handler/mongrel.rb in run * /Library/Ruby/Gems/1.8/gems/vegas-0.1.7/lib/vegas/runner.rb in run! * /Library/Ruby/Gems/1.8/gems/vegas-0.1.7/lib/vegas/runner.rb in start * /Library/Ruby/Gems/1.8/gems/resque-1.8.5/bin/resque-web in new * /Library/Ruby/Gems/1.8/gems/resque-1.8.5/bin/resque-web in nil * /usr/bin/resque-web in load

    Read the article

  • How can I resolve gstreamer dependencies in Ubuntu

    - by michael
    Hi, Can you please tell me how can I resolve these dependencies on ubuntu: checking for GSTREAMER... configure: error: Package requirements (gstreamer-0.10 >= 0.10 gstreamer-app-0.10 gstreamer-base-0.10 gstreamer-pbutils-0.10 gstreamer-plugins-base-0.10 >= 0.10.25 gstreamer-video-0.10) were not met: No package 'gstreamer-app-0.10' found No package 'gstreamer-pbutils-0.10' found No package 'gstreamer-plugins-base-0.10' found No package 'gstreamer-video-0.10' found I have tried: $ sudo apt-get install *gstreamer-video* Reading package lists... Done Building dependency tree Reading state information... Done E: Regex compilation error - Invalid preceding regular expression $ sudo apt-get install *gstreamer-app* Reading package lists... Done Building dependency tree Reading state information... Done E: Regex compilation error - Invalid preceding regular expression $ sudo apt-get install *gstreamer-base* Reading package lists... Done Building dependency tree Reading state information... Done E: Regex compilation error - Invalid preceding regular expression

    Read the article

< Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >