Search Results

Search found 324 results on 13 pages for 'rfc 1918'.

Page 8/13 | < Previous Page | 4 5 6 7 8 9 10 11 12 13  | Next Page >

  • Bypass spam check for Auth users in postfix

    - by magiza83
    I would like to know if there is any option to "FILTER" auth users in postfix. Let me explain me better, I have the amavis and dspam services between postfix(25) and postfix(10026) but I would like to avoid this check if the users are authenticated. postfix(25)->policyd(10031)->amavis(10024)->postfix(10025)->dspam(dspam.sock)->postfix(10026)--->cyrus | /|\ |________auth users______________________________________________________________| my conf is: main.cf ... smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_sasl_path = smtpd smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination, check_policy_service inet:127.0.0.1:10040, reject_invalid_hostname, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client combined.rbl.msrbl.net, reject_rbl_client rabl.nuclearelephant.com, check_policy_service inet:127.0.0.1:10031, permit_mynetworks, reject ... I would like something like "FILTER smtp:localhost:10026" in case they are authenticated, because in my actual configuration i'm only avoiding policyd, but not amavis and dspam. Thanks.

    Read the article

  • Why does a browser dialog come up when an xmlhttprequest sends the wrong / no auth?

    - by Kyle
    How come the major browsers all bring up a login dialog when an xmlhttprequest does auth wrong or doesn't send it? I mean isn't this poor UI? Now a days it seems like a lot of people try http auth in jQuery, because theoretically it is quite easy - until the user fails to enter the correct data and is presented with the browsers dialog, which gets in their way, and they might have no idea what to do with it or why it's there? I don't know too much about these low level browser specifications but can someone bring this up with the RFC or webkit/gecko developers? jQuery digest auth could be powerful and user friendly if this was fixed. ** It seems like apache could also fix the problem on their side by not sending the header, but whichever one is the most secure way of doing this would be nice.

    Read the article

  • FreeBSD high load loopback interface

    - by user1740915
    I have a problem with a FreeBSD server. There is a FreeBSD 9.0 amd64, two network cards em1 (internet), em0 (local network) configured firewall ipfw, natd, squid (not transparent), the server acts as a gateway for access to the Internet. Next problem: upload via squid is very low. At this moment I see next: natd, dhcpd load the cpu at that time when uploading through squid and there are a lot of traffic through the loopback interface. ipfw show output 0100 655389684 36707144666 allow ip from any to any via lo0 00200 0 0 deny ip from any to 127.0.0.0/8 00300 0 0 deny ip from 127.0.0.0/8 to any 00400 0 0 deny ip from any to ::1 00500 0 0 deny ip from ::1 to any 00600 4 292 allow ipv6-icmp from :: to ff02::/16 00700 0 0 allow ipv6-icmp from fe80::/10 to fe80::/10 00800 1 76 allow ipv6-icmp from fe80::/10 to ff02::/16 00900 0 0 allow ipv6-icmp from any to any ip6 icmp6types 1 01000 0 0 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136 01100 1615 76160 deny ip from 192.168.1.1 to any in via em1 01200 0 0 deny ip from 199.69.99.11 to any in via em0 01300 46652 3705426 deny ip from any to 172.16.0.0/12 via em1 01400 3936404 345618870 deny ip from any to 192.168.0.0/16 via em1 01500 4 336 deny ip from any to 0.0.0.0/8 via em1 01600 4129 387621 deny ip from any to 169.254.0.0/16 via em1 01700 0 0 deny ip from any to 192.0.2.0/24 via em1 01800 917566 33777571 deny ip from any to 224.0.0.0/4 via em1 01900 147872 22029252 deny ip from any to 240.0.0.0/4 via em1 02000 1132194739 1190981955947 divert 8668 ip4 from any to any via em1 02100 3 248 deny ip from 172.16.0.0/12 to any via em1 02200 35925 2281289 deny ip from 192.168.0.0/16 to any via em1 02300 1808 122494 deny ip from 0.0.0.0/8 to any via em1 02400 3 174 deny ip from 169.254.0.0/16 to any via em1 02500 0 0 deny ip from 192.0.2.0/24 to any via em1 02600 0 0 deny ip from 224.0.0.0/4 to any via em1 02700 0 0 deny ip from 240.0.0.0/4 to any via em1 02800 960156249 1095316736582 allow tcp from any to any established 02900 64236062 8243196577 allow ip from any to any frag 03000 34 1756 allow tcp from any to me dst-port 25 setup 03100 193 11580 allow tcp from any to me dst-port 53 setup 03200 63 4222 allow udp from any to me dst-port 53 03300 64 8350 allow udp from me 53 to any 03400 417 24140 allow tcp from any to me dst-port 80 setup 03500 211 10472 allow ip from any to me dst-port 3389 setup 05300 77 4488 allow ip from any to me dst-port 1723 setup 05400 3 156 allow ip from any to me dst-port 8443 setup 05500 9882 590596 allow tcp from any to me dst-port 22 setup 05600 1 60 allow ip from any to me dst-port 2000 setup 05700 0 0 allow ip from any to me dst-port 2201 setup 07400 4241779 216690096 deny log logamount 1000 ip4 from any to any in via em1 setup proto tcp 07500 21135656 1048824936 allow tcp from any to any setup 07600 474447 35298081 allow udp from me to any dst-port 53 keep-state 07700 532 40612 allow udp from me to any dst-port 123 keep-state 65535 1990638432 1122305322718 allow ip from any to any systat -ifstat when uploading via squid Load Average ||| Interface Traffic Peak Total tun0 in 79.507 KB/s 232.479 KB/s 42.314 GB out 2.022 MB/s 2.424 MB/s 59.662 GB lo0 in 4.450 MB/s 4.450 MB/s 43.723 GB out 4.450 MB/s 4.450 MB/s 43.723 GB em1 in 2.629 MB/s 2.982 MB/s 464.533 GB out 2.493 MB/s 2.875 MB/s 484.673 GB em0 in 240.458 KB/s 296.941 KB/s 442.368 GB out 512.508 KB/s 850.857 KB/s 416.122 GB top output PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND 66885 root 1 92 0 26672K 2784K CPU3 3 528:43 65.48% natd 9160 dhcpd 1 45 0 31032K 9280K CPU1 1 7:40 32.96% dhcpd 66455 root 1 20 0 18344K 2856K select 1 119:27 1.37% openvpn 16043 squid 1 20 0 44404K 17884K kqread 2 0:22 0.29% squid squid.conf cat /usr/local/etc/squid/squid.conf # # Recommended minimum configuration: # acl manager proto cache_object acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 # Example rule allowing access from your local networks. # Adapt to list your (internal) IP networks from where browsing # should be allowed acl localnet src 10.0.0.0/8 # RFC1918 possible internal network acl localnet src 172.16.0.0/12 # RFC1918 possible internal network acl localnet src 192.168.0.0/16 # RFC1918 possible internal network acl localnet src fc00::/7 # RFC 4193 local private network range acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT # # Recommended minimum Access Permission configuration: # # Only allow cachemgr access from localhost http_access allow manager localhost http_access deny manager # Deny requests to certain unsafe ports http_access deny !Safe_ports # Deny CONNECT to other than secure SSL ports http_access deny CONNECT !SSL_ports # We strongly recommend the following be uncommented to protect innocent # web applications running on the proxy server who think the only # one who can access services on "localhost" is a local user http_access deny to_localhost # # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # # Example rule allowing access from your local networks. # Adapt localnet in the ACL section to list your (internal) IP networks # from where browsing should be allowed http_access allow localnet http_access allow localhost # And finally deny all other access to this proxy http_access deny all # Squid normally listens to port 3128 http_port 192.168.1.1:3128 # Uncomment and adjust the following to add a disk cache directory. #cache_dir ufs /var/squid/cache 100 16 256 # Leave coredumps in the first cache dir coredump_dir /var/squid/cache I understand that the traffic passes through the SQUID several times. But can not find why.

    Read the article

  • SPF include: too many IP addresses

    - by sprezzatura
    I've hit a snag with SPF. The SPF record for my domain will contain four or five entries, plus it will contain: include:sgizmo.com The SPF record for sgizmo.com contains eleven entries! This, plus mine, is way over the maximum ten allowed by the RFC (and probably by most servers). I realize that there has to be a limit in order to prevent DoS attacks. However, in the real world, it is probably not unreasonable for large companies to have many server addresses. Furthermore, must I know monitor my 'include:' counterparts for changes and additions? Must I check weekly, daily, to insure that some combination of changes doesn't suddenly put me over the top? It doesn't seem to me that SPF is suitable for prime time. Is there another way to do this?

    Read the article

  • I added some options to stop spam with Postfix, but now won't send email to remote domains

    - by willdanceforfun
    I had a working Postfix server, but added a few lines to my main.cf in a hope to block some common spam. Those lines I added were: smtpd_helo_required = yes smtpd_recipient_restrictions = reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client combined.rbl.msrbl.net, reject_rbl_client rabl.nuclearelephant.com, permit It appears my postfix is now receiving normal emails fine, and blocking spam emails. But when I now try to use this server myself to send to a remote domain (an email not on my server) I get bounced, with maillog saying something like this: Nov 12 06:19:36 srv postfix/smtpd[11756]: NOQUEUE: reject: RCPT from unknown[xx.xx.x.xxx]: 450 4.1.2 <[email protected]>: Recipient address rejected: Domain not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[192.168.1.100]> Is that saying 'domain not found' for gmail.com? Why is that recipient address rejected? An output of my postconf-n is: alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases broken_sasl_auth_clients = yes command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 html_directory = no inet_interfaces = all inet_protocols = all mail_owner = postfix mailbox_size_limit = 0 mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain mydomain = primarydomain.net myhostname = mail.primarydomain.net myorigin = $myhostname newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES relay_domains = $mydestination, primarydomain.net, secondarydomain.org sample_directory = /usr/share/doc/postfix-2.6.6/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtpd_client_restrictions = permit_sasl_authenticated smtpd_helo_required = yes smtpd_recipient_restrictions = reject_invalid_hostname, reject_unknown_recipient_domain, reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client multi.uribl.com, reject_rbl_client dsn.rfc-ignorant.org, reject_rbl_client dul.dnsbl.sorbs.net, reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.sorbs.net, reject_rbl_client cbl.abuseat.org, reject_rbl_client ix.dnsbl.manitu.net, reject_rbl_client combined.rbl.msrbl.net, reject_rbl_client rabl.nuclearelephant.com, permit smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_restrictions = reject_unknown_sender_domain soft_bounce = no unknown_local_recipient_reject_code = 550 virtual_alias_domains = mail.secondarydomain.org virtual_alias_maps = hash:/etc/postfix/virtual Any insight greatly appreciated. Edit: here is the dig mx gmail.com from the server: ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.4 <<>> mx gmail.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31766 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 14 ;; QUESTION SECTION: ;gmail.com. IN MX ;; ANSWER SECTION: gmail.com. 1207 IN MX 5 gmail-smtp-in.l.google.com. gmail.com. 1207 IN MX 30 alt3.gmail-smtp-in.l.google.com. gmail.com. 1207 IN MX 20 alt2.gmail-smtp-in.l.google.com. gmail.com. 1207 IN MX 40 alt4.gmail-smtp-in.l.google.com. gmail.com. 1207 IN MX 10 alt1.gmail-smtp-in.l.google.com. ;; AUTHORITY SECTION: gmail.com. 109168 IN NS ns1.google.com. gmail.com. 109168 IN NS ns4.google.com. gmail.com. 109168 IN NS ns3.google.com. gmail.com. 109168 IN NS ns2.google.com. ;; ADDITIONAL SECTION: alt1.gmail-smtp-in.l.google.com. 207 IN A 173.194.70.27 alt1.gmail-smtp-in.l.google.com. 248 IN AAAA 2a00:1450:4001:c02::1b gmail-smtp-in.l.google.com. 200 IN A 173.194.67.26 gmail-smtp-in.l.google.com. 248 IN AAAA 2a00:1450:400c:c05::1b alt3.gmail-smtp-in.l.google.com. 207 IN A 74.125.143.27 alt3.gmail-smtp-in.l.google.com. 249 IN AAAA 2a00:1450:400c:c05::1b alt2.gmail-smtp-in.l.google.com. 207 IN A 173.194.69.27 alt2.gmail-smtp-in.l.google.com. 248 IN AAAA 2a00:1450:4008:c01::1b alt4.gmail-smtp-in.l.google.com. 207 IN A 173.194.79.27 alt4.gmail-smtp-in.l.google.com. 249 IN AAAA 2607:f8b0:400e:c01::1a ns2.google.com. 281970 IN A 216.239.34.10 ns3.google.com. 281970 IN A 216.239.36.10 ns4.google.com. 281970 IN A 216.239.38.10 ns1.google.com. 281970 IN A 216.239.32.10

    Read the article

  • Meaning of tcp_delack_min

    - by Phi
    Hi, the current Linux Kernel (e.g. 2.6.36) uses Delayed Acknowledgments (delack). In /include/net/tcp.h it says: define TCP_DELACK_MIN ((unsigned)(HZ/25)) So, for a Kernel using a HZ value of 1000, an ACK should be delayed by a minimum of 40 ms. However, RFC 2581 says a TCP implementation should acknowledge every second full sized segment without further delay. Does anybody know whether the Linux Kernel follows that 'should' or whether the TCP_DELACK_MIN value means that even after a full sized segment was received, the ACK continues to be delayed until 40 ms have passed?

    Read the article

  • VPN ipsec tunnel from router to single windows server computer (gateway-to-host)

    - by Chris Miller
    Firstly, is this possible? The situation: 2 different ISP's. One has several servers and a firewall running. The other is limited to only one virtual server with one network card running windows server 2008r2. I need to set up a site-to-site style VPN using IPsec between the firewall of one ISP and the windows host on the other (gateway-to-host). This host has to run a SQL-Server that I can access from the other ISP's servers through the VPN tunnel. It seems looking at the RFC for IPsec that this should be possible using the features of Windows 2008, but I can't get it to work so far... It seems that I can't access any services running on the same computer or IP address used as the tunnel endpoint? Thanks Chris

    Read the article

  • Apache LocationMatch throws 500 and AddOutputFilterByType does nothing

    - by tackleberry
    I need to add below directives to apache. But I get 500 when I add these lines. <LocationMatch "^/assets/.*$"> Header unset ETag FileETag None # RFC says only cache for 1 year ExpiresActive On ExpiresDefault "access plus 1 year" </LocationMatch> Additionally response is not gzipped when I add: AddOutputFilterByType DEFLATE text/html text/css application/javascript application/x-javascript Apache version is: Server version: Apache/2.2.22 (Unix) App: rails 3.2 app When I checked response&request for gzip problem, I see that browser requested gzip: Accept-Encoding gzip, deflate but response not gzipped.

    Read the article

  • Wireless is connected but no internet when PC Turns on

    - by mhesabi
    I have a PC that is connected to ADSL Modem router (linksys WAG54g2) directly via Ethernet cable And a laptop and also other devices such as another laptops and smarth phones. However when I turn On the PC or turn it off, some strange problem happens. My wireless network seems connected on laptop but there is no internet activity and can't open a webpage until I turn router off and on again manually. (other devices including the PC itself can't use the internet either) My router configured this way: Encapsulation: RFC 2516 PPPoE Multiplexing: LLC DHCP Server: Enabled and network sharing center IPv4 configuration is obtain IP address automatically How Can I fix this issue?

    Read the article

  • Unregister SIP UAC message

    - by TacB0sS
    Hi, I've looked so much on the internet, but I could not find a any SIP Unregister example, and when I search RFC 3261,3665 the word does not even appear, perhaps I'm searching for the wrong phrase. I manage to understand the part of setting the expires to zero, but it still does not work and I could not find documentation about how a formal unregister should be. Does anyone knows how to compose an Unregister SIP Request? or what should I search for it? Thanks in advance, Adam Zehavi.

    Read the article

  • SPF records - what are the differences ?

    - by progeny
    I'm trying to set up an SPF record for my domain. I've read the RFC, been to Wikipedia, openspf.org, etc. but I'm still confused. What is the difference between 'a' and 'mx'? When do I use 'mx: rather than 'a:' or 'include:'? What's the point of '?all' (Neutral result) except for debugging? Why do so many people use '~all' (Softfail) instead of '-all' ? I've been to the Wizard (http://old.openspf.org/wizard.html) but I don't understand the questions.

    Read the article

  • DSA private key format

    - by ansur
    So I used puttygen to generate a DSA private key and then exported that to the OpenSSH format and here's what I got when I ran OpenSSL's asn1parse on it: 0:d=0 hl=4 l= 443 cons: SEQUENCE 4:d=1 hl=2 l= 1 prim: INTEGER :00 7:d=1 hl=3 l= 129 prim: INTEGER :B9916796B7A3EFFD5CA36368186D0ED 193BE7FDD61CC6851174F3E9781A0C0CEA7473E528372F559A1DB2A7E049A9BEFAE2CAAC55527049 2A0CD55B59A48A53BCADD32181F519EA9E6A98EF8EF59DE314A2E69606C728F2F8DEE722B4C67BA6 8EB8A619B6006804F83740F9C74C38136522E7E83F22920AA39822FBDA0DF4D0B 139:d=1 hl=2 l= 21 prim: INTEGER :D832F5B01F075FEC0F162B91982F34D B26A0CC29 162:d=1 hl=3 l= 129 prim: INTEGER :9B73F47AEFF8E39584FD10ACF81CCD5 75C96FC5558A5C94B941EF76318D132007ACAE1EA22E95CE0B13FC7875CE4D4ED33BA639CD8C2AC9 C0A0530FB7786F584A62EBAE5985E1C26ED0D0B9FDD5E8DB0142BE182A4E5359307007060C327FEE C2F8D04EABB37D7B74076EB9BDB4885F627DE85708D5BDBF5177A05721E09A367 294:d=1 hl=3 l= 128 prim: INTEGER :6BD9267D2D1E4546EE05F6CD087F311 93C0EEB13B1E139F5072E900AB2EEF68EEC28BF4D7D6CAE4DEE59005F00BAE07343EE520C217FF6E 7880DC788E4555F78CCB5E89A10CDC71A663DA696C5BC34E296CEB3518D65A79BF00B6D592B1399A 9F0D79AE3F3FB445EE1F2B4B72515F036C8E1D5C7FAD336FD3503874645C5C264 425:d=1 hl=2 l= 20 prim: INTEGER :15295A12325E5F1A6F7243B7BB3BE74 6FE7B76E9 My question is... where is this format described? What does the first 0 integer value mean for example? I guess I could look in the puttygen source code but is there an RFC describing this format or something?

    Read the article

  • Java and Sendmail HELO requires domain address

    - by ealgestorm
    I am trying to set up emailing from a java web application hosted on a linux server (Cent OS) in apache. Sendmail is working fine from the command line as root on localhost but when trying to send emails from the java web app (also on the same server from localhost) the following java exception is thrown. 501 5.0.0 HELO requires domain address EDIT: I have read that some people have found this is due to an incorrect hosts entry currently the hosts file contains 127.0.0.1 Centos-VPS localhost.localdomain localhost and i'm not sure what the Centos-VPS bit at the start is for but this is a clients hosted server so don't really want to break stuff EDIT see the RFC is helpful ... 501 Syntax error in parameters or arguments Now I know what the problem is! (note the sarcasm people.)

    Read the article

  • How to setup a fake SMTP server to catch all mails?

    - by Richo
    I'm looking for an smtp service that essentially obeys the RFC, except rather than sending mail it simply logs to a file [date] sent mail to <address> Or whatever. I can bash this together with the bare minimum of functionality I need in python in about half an hour I reckon but if there's an existing project that works better I'd rather use that. The reason for needing it is debugging an app that keeps sending 7* the amount of mail it's supposed to. Slightly offtopic, but if there isn't already such a project, and I write it, is this something other people would use? If I publish the source will it get used? EDIT: And already asked: http://stackoverflow.com/questions/1006650/dummy-smtp-server-for-testing-apps-that-send-email

    Read the article

  • Excluding four IP's from a /32 static route

    - by Justin
    I have a Cisco ASA routing a /32 of public addresses (non RFC-1812) through a private link. When the device sees the destination address it selects the private route instead of going out over the public network. This works great but I am now trying to exclude 4 IP's from the private route. Traffic to these addresses should go over the public internet instead of being routed over the private network. Can I just add anothe route for these four IP's or do I have to modify the existing route for the /32?

    Read the article

  • Best practices for FQDN for standalone domain (is a two part domain.tld okay?)

    - by birchbark
    I've searched quite a bit and can't seem to find a straight, modern answer on this. If I am hosting a domain, say, mydomain.com, on a machine which is going to solely be used for that domain, and there are no subdomains, is there a real, practical reason besides compliance to create an arbitrary hostname (i.e. myhost) just in order to have a three-part FQDN (myhost.mydomain.com) to satisfy some sort of RFC or convention that's expected. This seems to make a lot of undue complexities from my perspective, and I'm not sure if there's an advantage to this or if it's just a hold-over from a time where all web resources came from a subdomains such as www and ftp which may need to scale to separate machines. I don't use www on my domain, either, which is ill-advised for all I know from an administrators perspective (though removing it is the norm from a designer's perspective)...

    Read the article

  • What is the name for a DNS record starting with @? [closed]

    - by dunxd
    Possible Duplicate: What's the meaning of '@' in a DNS zone file? I know that DNS records starting with * are called Wildcard records. What is the name for DNS record starting with @ (the at symbol). This is a record for the root domain (e.g. just example.com, not www.example.com) I want to find out more, but searching for "@ record dns" in Google doesn't return any useful results. What is the correct terminology for this type of record, and where might I find it described in more detail? RFC 1035 describes the use of @ in a DNS record, but doesn't go as far as giving it a name.

    Read the article

  • PHP 5.4 Support: Traits

    - by Ondrej Brejla
    Hi all! Today we would like to intorduce you another new PHP 5.4 feature for NetBeans 7.2 which is called Traits. Note: All PHP 5.4 features are available in your projects after setting Project Properties -> Sources -> PHP Version to PHP 5.4 value, or after choosing the same value during a PHP Project creation (in New Project Wizard). If you don't know, what Traits are, just look at the official documentation, or RFC. So what is that exact Trait support in NetBeans? Syntax is recognized correctly and code completion offers declared, inherited stuff from used traits. Note: Just one thing is not supported yet - resolving name conflicts and aliasing of method names (it means that you will not have these "virtual" names in your code completion). We would like to implement it in some next NetBeans release. Sorry for any inconvenience. That's all for today and as usual, please test it and if you find something strange, don't hesitate to file a new issue (component php, subcomponent Editor). Thanks.

    Read the article

  • snmpd agent sends duplicate traps

    - by jsnmp
    I am on Ubuntu 10.04.4 LTS, and I cannot upgrade to a higher version. I have installed the snmpd agent (NET-SNMP version 5.4.2.1) with an apt-get install snmpd command. When an event occurs which sends a trap, two traps are sent for each such event instead of one. For example, when I shut down the agent with command /etc/init.d/snmpd stop, two shutdown traps are sent to the destination host. If I then start back up the agent with command /etc/init.d/snmpd start, then two cold start traps are sent to the destination host. Is this a known issue? Is there a fix for this, or is there a configuration change that is needed to prevent the sending of the duplicate trap? These are the contents of the /etc/snmp/snmpd.conf file: rocommunity public authtrapenable 1 trap2sink <trap destination hostname> public These are the contents of the /etc/default/snmpd file: # This file controls the activity of snmpd and snmptrapd # MIB directories. /usr/share/snmp/mibs is the default, but # including it here avoids some strange problems. export MIBDIRS=/usr/share/snmp/mibs # snmpd control (yes means start daemon). SNMPDRUN=yes # snmpd options (use syslog, close stdin/out/err). SNMPDOPTS='-Ls3d -Lf /dev/null -u snmp -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf' # snmptrapd control (yes means start daemon). As of net-snmp version # 5.0, master agentx support must be enabled in snmpd before snmptrapd # can be run. See snmpd.conf(5) for how to do this. TRAPDRUN=no # snmptrapd options (use syslog). TRAPDOPTS='-Lsd -p /var/run/snmptrapd.pid' # create symlink on Debian legacy location to official RFC path SNMPDCOMPAT=yes

    Read the article

  • Haskell: Best tools to validate textual input?

    - by Ana
    In Haskell, there are a few different options to "parsing text". I know of Alex & Happy, Parsec and Attoparsec. Probably some others. I'd like to put together a library where the user can input pieces of a URL (scheme e.g. HTTP, hostname, username, port, path, query, etc.) I'd like to validate the pieces according to the ABNF specified in RFC 3986. In other words, I'd like to put together a set of functions such as: validateScheme :: String -> Bool validateUsername :: String -> Bool validatePassword :: String -> Bool validateAuthority :: String -> Bool validatePath :: String -> Bool validateQuery :: String -> Bool What is the most appropriate tool to use to write these functions? Alex's regexps is very concise, but it's a tokenizer and doesn't straightforwardly allow you to parse using specific rules, so it's not quite what I'm looking for, but perhaps it can be wrangled into doing this easily. I've written Parsec code that does some of the above, but it looks very different from the original ABNF and unnecessarily long. So, there must be an easier and/or more appropriate way. Recommendations?

    Read the article

  • Should a link validator report 302 redirects as broken links?

    - by Kevin Vermeer
    A while ago, sparkfun.com changed their URL structure from /commerce/product_info.php?products_id=9266 to /products/9266 This is nice, right? We don't need to know that it is (or was) a PHP page, and commerce, product_info, and products_id all tell us that we're looking at some products. The latter form seems like a great improvement. However, the change would have broken existing links. So, nicely, they stuck in 302 redirects. Visit http://www.sparkfun.com/commerce/product_info.php?products_id=9266 and your browser will issue GET /commerce/product_info.php?products_id=9266 HTTP/1.1 to which Sparkfun's servers reply HTTP/1.1 302 Found Location: http://www.sparkfun.com/products/9266 This 302 redirect is caught by Stack Exchange's link validator as a broken link. It's not broken it works just fine. Here, try it: http://www.sparkfun.com/commerce/product_info.php?products_id=9266 I understand that a 302 redirect is intended to be a temporary redirect, while a 301 should be used for permanent changes per RFC 2616. That said, Wikipedia and common practice use it as a redirect. Who is in error in this situation? Is this an error in Sparkfun's redirect implementation or in Stack Exchange's URL validator?

    Read the article

  • Java stored procedures in Oracle, a good idea?

    - by Scott A
    I'm considering using a Java stored procedure as a very small shim to allow UDP communication from a PL/SQL package. Oracle does not provide a UTL_UDP to match its UTL_TCP. There is a 3rd party XUTL_UDP that uses Java, but it's closed source (meaning I can't see how it's implemented, not that I don't want to use closed source). An important distinction between PL/SQL and Java stored procedures with regards to networking: PL/SQL sockets are closed when dbms_session.reset_package is called, but Java sockets are not. So if you want to keep a socket open to avoid the tear-down/reconnect costs, you can't do it in sessions that are using reset_package (like mod_plsql or mod_owa HTTP requests). I haven't used Java stored procedures in a production capacity in Oracle before. This is a very large, heavily-used database, and this particular shim would be heavily used as well (it serves as a UDP bridge between a PL/SQL RFC 5424 syslog client and the local rsyslog daemon). Am I opening myself up for woe and horror, or are Java stored procedures stable and robust enough for usage in 10g? I'm wondering about issues with the embedded JVM, the jit, garbage collection, or other things that might impact a heavily used database.

    Read the article

  • Be liberal in what you accept... or not?

    - by Matthieu M.
    [Disclaimer: this question is subjective, but I would prefer getting answers backed by facts and/or reflexions] I think everyone knows about the Robustness Principle, usually summed up by Postel's Law: Be conservative in what you send; be liberal in what you accept. I would agree that for the design of a widespread communication protocol this may make sense (with the goal of allowing easy extension), however I have always thought that its application to HTML / CSS was a total failure, each browser implementing its own silent tweak detection / behavior, making it near impossible to obtain a consistent rendering across multiple browsers. I do notice though that there the RFC of the TCP protocol deems "Silent Failure" acceptable unless otherwise specified... which is an interesting behavior, to say the least. There are other examples of the application of this principle throughout the software trade that regularly pop up because they have bitten developpers, from the top off my head: Javascript semi-colon insertion C (silent) builtin conversions (which would not be so bad if it did not truncated...) and there are tools to help implement "smart" behavior: name matching phonetic algorithms (Double Metaphone) string distances algorithms (Levenshtein distance) However I find that this approach, while it may be helpful when dealing with non-technical users or to help users in the process of error recovery, has some drawbacks when applied to the design of library/classes interface: it is somewhat subjective whether the algorithm guesses "right", and thus it may go against the Principle of Least Astonishment it makes the implementation more difficult, thus more chances to introduce bugs (violation of YAGNI ?) it makes the behavior more susceptible to change, as any modification of the "guess" routine may break old programs, nearly excluding refactoring possibilities... from the start! And this is what led me to the following question: When designing an interface (library, class, message), do you lean toward the robustness principle or not ? I myself tend to be quite strict, using extensive input validation on my interfaces, and I was wondering if I was perhaps too strict.

    Read the article

  • Implementing the transport layer for a SIP UAC

    - by Jonathan Henson
    I have a somewhat simple, but specific, question about implementing the transport layer for a SIP UAC. Do I expect the response to a request on the same socket that I sent the request on, or do I let the UDP or TCP listener pick up the response and then route it to the correct transaction from there? The RFC does not seem to say anything on the matter. It seems that especially using UDP, which is connection-less, that I should just let the listeners pick up the response, but that seems sort of counter intuitive. Particularly, I have seen plenty of UAC implementations which do not depend on having a Listener in the transport layer. Also, most implementations I have looked at do not have the UAS receiving loop responding on the socket at all. This would tend to indicate that the client should not be expecting a reply on the socket that it sent the request on. For clarification: Suppose my transport layer consists of the following elements: TCPClient (Sends Requests for a UAC via TCP) UDPClient (Sends Requests for a UAC vid UDP) TCPSever (Loop receiving Requests and dispatching to transaction layer via TCP) UDPServer (Loop receiving Requests and dispatching to transaction layer via UDP) Obviously, the *Client sends my Requests. The question is, what receives the Response? The *Client waiting on a recv or recvfrom call on the socket it used to send the request, or the *Server? Conversely, the *Server receives my requests, What sends the Response? The *Client? doesn't this break the roles of each member a bit?

    Read the article

  • HTG Explains: How Internet Explorer Saves Your Passwords and How to Manage Them

    - by Taylor Gibb
    Privacy is very important when it comes to the digital world, but do you know exactly how your browser saves your passwords ? Read on to find out what goes on behind the scenes. When it comes to web applications, there are many different types of authentication. One of the types is called basic authentication, which is when you navigate to website and a dialog box opens to ask for a username and password. This also happens to be the authentication mechanism defined in the RFC for HTTP. You can see in the screen shot above that there is a check box that you can use to remember your credentials, but what does that do ? You might also ask yourself what happens if you are not using Basic authentication. There is another type of authentication called Form authentication, this is when the authentication is built right into the web application, like the How-To Geek website. This allows the Developer to control the look and feel of the form that we use to log in. How To Delete, Move, or Rename Locked Files in Windows HTG Explains: Why Screen Savers Are No Longer Necessary 6 Ways Windows 8 Is More Secure Than Windows 7

    Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13  | Next Page >