Search Results

Search found 21926 results on 878 pages for 'drop down'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 83/878 | < Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >

  • How to test if SYN and FIN are both dropped at the same time in hping3?

    - by snow
    One of the rules to prevent unexpected attack is to prevent SYN & FIN being used together. SYN and FIN are both set $IPT -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP How do I use hping to test if this iptable rule works? hping3 192.168.7.0 --keep -S -F??? Is this complete? When just type iptables -L, it shows: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere DROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN WHY do I need to put the "SYN,FIN" twice before drop? Is it because one for source and one for destination?

    Read the article

  • Iptables Forwarding problem

    - by ankit
    Hi all, I had initally asked question about sertting up my linux box for natting for my home network and was given suggestions in the thread here. Did not want to clutter the old question so starting a new one here. based on the earlier suggestions, i have come up with the following rules ... :PREROUTING ACCEPT [1:48] :OUTPUT ACCEPT [12:860] :POSTROUTING ACCEPT [3:228] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT *filter :INPUT DROP [3:228] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -i lo -j ACCEPT -A INPUT -i eth0 -p icmp -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 22 -j ACCEPT -A FORWARD -i eth1 -p icmp -j ACCEPT -A FORWARD -i eth1 -p tcp -m tcp --dport 80 -j ACCEPT -A FORWARD -i eth1 -p tcp -m tcp --dport 443 -j ACCEPT -A OUTPUT -p icmp -j ACCEPT -A OUTPUT -j ACCEPT COMMIT If you notice, i do have the proper MASQURADING rule and the proper FORWARD filter rule as well. However i am facing 2 problems On the linux box itself DNS resolving is not working the lan clients connected to the linux box, are still not able to get to internet. when i ping something from them, i see the DROP count in iptables INPUT rule increasing. now my question is, when i am pinging something from the lan client, how come it is being matched by the input chain ?! should it be in the forward chain ? Chain INPUT (policy DROP 20 packets, 2314 bytes) pkts bytes target prot opt in out source destination 99 9891 ACCEPT all -- lo any anywhere anywhere 0 0 ACCEPT icmp -- eth0 any anywhere anywhere 0 0 ACCEPT tcp -- eth0 any anywhere anywhere tcp dpt:http 0 0 ACCEPT tcp -- eth0 any anywhere anywhere tcp dpt:https 122 9092 ACCEPT tcp -- eth0 any anywhere anywhere tcp dpt:ssh Thanks ankit

    Read the article

  • tcp flags in iptables: What's the difference between RST SYN and RST and SYN RST ? When to use ALL?

    - by Kris
    I'm working on a firewall for a virtual dedicated server and one of the things I'm looking into is port scanners. TCP flags are used for protection. I have 2 questions. The rule: -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP First argument says check packets with flag SYN Second argument says make sure the flags ACK,FIN,RST SYN are set And when that's the case (there's a match), drop the tcp packet First question: I understand the meaning of RST and RST/ACK but in the second argument RST SYN is being used. What's the difference between RST SYN and RST and SYN RST ? Is there a "SYN RST" flag in a 3 way handshake ? Second question is about the difference between -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP and -p tcp --tcp-flags ALL SYN,ACK,FIN,RST SYN -j DROP When should ALL be used ? When I use ALL, does that mean if the tcp packet with the syn flag doesn't have the ACK "and" the FIN "and" the RST SYN flags set, there will be no match ?

    Read the article

  • Apache 2.2.21 installation on Linux 6 but got error while accessing in browser

    - by JRanjan
    I am very new to linux. I have install apache 2.2.21 on linux 6 platform. While i am using ./apachectl start or ./apachectl -k start command it shows that apache is started. But while i am trying to to access apache default page in any browser using " http://:8080 " it shows page cannot be displayed. Can any one help me on this issue ??????? Plz its urgent.. I am also enclosing the error_log file as below: error_log file [Thu Nov 24 08:57:23 2011] [notice] Apache/2.2.21 (Unix) DAV/2 configured -- resuming normal operations [Fri Nov 25 01:45:58 2011] [notice] caught SIGTERM, shutting down [Fri Nov 25 01:46:12 2011] [notice] Digest: generating secret for digest authentication ... [Fri Nov 25 01:46:12 2011] [notice] Digest: done [Fri Nov 25 01:46:13 2011] [notice] Apache/2.2.21 (Unix) DAV/2 configured -- resuming normal operations [Fri Nov 25 01:54:58 2011] [notice] caught SIGTERM, shutting down [Fri Nov 25 01:55:10 2011] [notice] Digest: generating secret for digest authentication ... [Fri Nov 25 01:55:10 2011] [notice] Digest: done [Fri Nov 25 01:55:11 2011] [notice] Apache/2.2.21 (Unix) DAV/2 configured -- resuming normal operations [Fri Nov 25 01:58:10 2011] [notice] caught SIGTERM, shutting down [Fri Nov 25 01:59:41 2011] [notice] Digest: generating secret for digest authentication ... [Fri Nov 25 01:59:41 2011] [notice] Digest: done [Fri Nov 25 01:59:42 2011] [notice] Apache/2.2.21 (Unix) DAV/2 configured -- resuming normal operations [Fri Nov 25 03:23:14 2011] [notice] caught SIGTERM, shutting down [Fri Nov 25 03:27:36 2011] [notice] Digest: generating secret for digest authentication ... [Fri Nov 25 03:27:36 2011] [notice] Digest: done [Fri Nov 25 03:27:37 2011] [notice] Apache/2.2.21 (Unix) DAV/2 configured -- resuming normal operations [Fri Nov 25 08:52:27 2011] [notice] caught SIGTERM, shutting down [Fri Nov 25 08:52:43 2011] [notice] Digest: generating secret for digest authentication ... [Fri Nov 25 08:52:43 2011] [notice] Digest: done [Fri Nov 25 08:52:44 2011] [notice] Apache/2.2.21 (Unix) DAV/2 configured -- resuming normal operations [Fri Nov 25 09:21:39 2011] [notice] caught SIGTERM, shutting down [Fri Nov 25 09:21:57 2011] [notice] Digest: generating secret for digest authentication ... [Fri Nov 25 09:21:57 2011] [notice] Digest: done [Fri Nov 25 09:21:58 2011] [notice] Apache/2.2.21 (Unix) DAV/2 configured -- resuming normal operations [Mon Nov 28 01:06:58 2011] [notice] caught SIGTERM, shutting down [Mon Nov 28 01:07:58 2011] [notice] Digest: generating secret for digest authentication ... [Mon Nov 28 01:07:58 2011] [notice] Digest: done [Mon Nov 28 01:07:59 2011] [notice] Apache/2.2.21 (Unix) DAV/2 configured -- resuming normal operations

    Read the article

  • Does the order of readonly variable declarations guarantee the order in which the values are set?

    - by Jason Down
    Say I were to have a few readonly variables for filepaths, would I be able to guarantee the order in which the values are assigned based on the order of declaration? e.g. readonly string basepath = @"my\base\directory\location"; readonly string subpath1 = basepath + @"\abc\def"; readonly string subpath2 = basepath + @"\ghi\klm"; Is this a safe approach or is it possible that basepath may still be the default value for a string at the time subpath1 and subpath2 make a reference to the string? I realize I could probably guarantee the order by assigning the values in a constructor instead of at the time of declaration. However, I believe this approach wouldn't be possible if I needed to declare the variables inside of a static class (e.g. Program.cs for a console application, which has a static void Main() procedure instead of a constructor).

    Read the article

  • VMWare steals IP addresses

    - by Ishan Amin
    I'm having a peculiar problem, that I think I have narrowed down to VMware. For the past one year, every once in a while we lose internet connection and not all users (about 10 users) go down at the same time, its usually one-by-one. First someone will call me and say "Internet is down" and then we would go reset the router and modem and switch and it would be working again for a while, then go down again without any pattern or replicatable sequence. We'd go repeat the steps again to get everyone in the office running again. We called our Internet Service Provider and they constantly say, We see your modem and we see your router and from thier end everything is OK. we replaced our router and switch and modem, twice! Last friday, it dawned upon me, that everytime we turn on a VMware machine, this sequence of taking everyone down starts, which also explains the message that my users get for "IP Conflict Found" So we do alot of VMware testing and lo and behold, it takes my Internet down. My Yahoo and Gtalk would continue working but www is down when the VMware machines are started. I do use bridged networking to all the VMware machines, but I dont know what else to set it at. now, sorry for this long rambling but anyone have any clue on how to stop this? thanks IA

    Read the article

  • Router 2wire, Slackware desktop in DMZ mode, iptables policy aginst ping, but still pingable

    - by user135501
    I'm in DMZ mode, so I'm firewalling myself, stealthy all ok, but I get faulty test results from Shields Up that there are pings. Yesterday I couldn't make a connection to game servers work, because ping block was enabled (on the router). I disabled it, but this persists even due to my firewall. What is the connection between me and my router in DMZ mode (for my machine, there is bunch of others too behind router firewall)? When it allows router affecting if I'm pingable or not and if router has setting not blocking ping, rules in my iptables for this scenario do not work. Please ignore commented rules, I do uncomment them as I want. These two should do the job right? iptables -A INPUT -p icmp --icmp-type echo-request -j DROP echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all Here are my iptables: #!/bin/sh # Begin /bin/firewall-start # Insert connection-tracking modules (not needed if built into the kernel). #modprobe ip_tables #modprobe iptable_filter #modprobe ip_conntrack #modprobe ip_conntrack_ftp #modprobe ipt_state #modprobe ipt_LOG # allow local-only connections iptables -A INPUT -i lo -j ACCEPT # free output on any interface to any ip for any service # (equal to -P ACCEPT) iptables -A OUTPUT -j ACCEPT # permit answers on already established connections # and permit new connections related to established ones (eg active-ftp) iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT #Gamespy&NWN #iptables -A INPUT -p tcp -m tcp -m multiport --ports 5120:5129 -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 6667 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 28910 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29900 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29901 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p tcp -m tcp --dport 29920 --tcp-flags SYN,RST,ACK SYN -j ACCEPT #iptables -A INPUT -p udp -m udp -m multiport --ports 5120:5129 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 6500 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 27900 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 27901 -j ACCEPT #iptables -A INPUT -p udp -m udp --dport 29910 -j ACCEPT # Log everything else: What's Windows' latest exploitable vulnerability? iptables -A INPUT -j LOG --log-prefix "FIREWALL:INPUT" # set a sane policy: everything not accepted > /dev/null iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP iptables -A INPUT -p icmp --icmp-type echo-request -j DROP # be verbose on dynamic ip-addresses (not needed in case of static IP) echo 2 > /proc/sys/net/ipv4/ip_dynaddr # disable ExplicitCongestionNotification - too many routers are still # ignorant echo 0 > /proc/sys/net/ipv4/tcp_ecn #ping death echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all # If you are frequently accessing ftp-servers or enjoy chatting you might # notice certain delays because some implementations of these daemons have # the feature of querying an identd on your box for your username for # logging. Although there's really no harm in this, having an identd # running is not recommended because some implementations are known to be # vulnerable. # To avoid these delays you could reject the requests with a 'tcp-reset': #iptables -A INPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset #iptables -A OUTPUT -p tcp --sport 113 -m state --state RELATED -j ACCEPT # To log and drop invalid packets, mostly harmless packets that came in # after netfilter's timeout, sometimes scans: #iptables -I INPUT 1 -p tcp -m state --state INVALID -j LOG --log-prefix \ "FIREWALL:INVALID" #iptables -I INPUT 2 -p tcp -m state --state INVALID -j DROP # End /bin/firewall-start

    Read the article

  • Iptables rules, forward between two interfaces

    - by Marco
    i have a some difficulties in configuring my ubuntu server firewall ... my situation is this: eth0 - internet eth1 - lan1 eth2 - lan2 I want that clients from lan1 can't communicate with clients from lan2, except for some specific services. E.g. i want that clients in lan1 can ssh into client in lan2, but only that. Any other comunication is forbidden. So, i add this rules to iptables: #Block all traffic between lan, but permit traffic to internet iptables -I FORWARD -i eth1 -o ! eth0 -j DROP iptables -I FORWARD -i eth2 -o ! eth0 -j DROP # Accept ssh traffic from lan1 to client 192.168.20.2 in lan2 iptables -A FORWARD -i eth1 -o eth2 -p tcp --dport 22 -d 192.168.20.2 -j ACCEPT This didn't works. Doing iptables -L FORWARD -v i see: Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 33 144 DROP all -- eth1 !eth0 anywhere anywhere 0 0 DROP all -- eth2 !eth0 anywhere anywhere 23630 20M ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED 0 0 ACCEPT all -- eth1 any anywhere anywhere 175 9957 ACCEPT all -- eth1 any anywhere anywhere 107 6420 ACCEPT all -- eth2 any anywhere anywhere 0 0 ACCEPT all -- pptp+ any anywhere anywhere 0 0 ACCEPT all -- tun+ any anywhere anywhere 0 0 ACCEPT tcp -- eth1 eth2 anywhere server2.lan tcp dpt:ssh All packets are dropped, and the count of packets for the last rule is 0 ... How i have to modify my configuration? Thank you. Regards Marco

    Read the article

  • Why not block ICMP?

    - by Agvorth
    I think I almost have my iptables setup complete on my CentOS 5.3 system. Here is my script... # Establish a clean slate iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT iptables -F # Flush all rules iptables -X # Delete all chains # Disable routing. Drop packets if they reach the end of the chain. iptables -P FORWARD DROP # Drop all packets with a bad state iptables -A INPUT -m state --state INVALID -j DROP # Accept any packets that have something to do with ones we've sent on outbound iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Accept any packets coming or going on localhost (this can be very important) iptables -A INPUT -i lo -j ACCEPT # Accept ICMP iptables -A INPUT -p icmp -j ACCEPT # Allow ssh iptables -A INPUT -p tcp --dport 22 -j ACCEPT # Allow httpd iptables -A INPUT -p tcp --dport 80 -j ACCEPT # Allow SSL iptables -A INPUT -p tcp --dport 443 -j ACCEPT # Block all other traffic iptables -A INPUT -j DROP For context, this machine is a Virtual Private Server Web app host. In a previous question, Lee B said that I should "lock down ICMP a bit more." Why not just block it altogether? What would happen if I did that (what bad thing would happen)? If I need to not block ICMP, how could I go about locking it down more?

    Read the article

  • PHP application failed to connect after a network plugged back in

    - by tntu
    My data-center appears to have had some issues with their network and thus my server has suffered from on an off network connectivity for about an hour. After the connection has been completely re-established my code still kept reporting the same issue over and over until I have restarted the service. The code is a simple PHP code that loops forever checking the Apple feed-back server and then sleeps for a few minutes and then it begins all over again. Now I understand the error being generated if the network is down but once it got back up why did it continue until I have restarted the code? Does PHP have something that needs to be re-initialized or something?? Messges log: Dec 20 08:57:22 server kernel: r8169: eth0: link down Dec 20 08:57:28 server kernel: r8169 0000:06:00.0: eth0: link up Dec 20 08:57:29 server kernel: r8169: eth0: link down Dec 20 08:57:33 server kernel: r8169 0000:06:00.0: eth0: link up Dec 20 08:57:33 server kernel: r8169: eth0: link down Dec 20 08:57:37 server kernel: r8169 0000:06:00.0: eth0: link up Dec 20 08:57:38 server kernel: r8169: eth0: link down Dec 20 08:57:44 server kernel: r8169 0000:06:00.0: eth0: link up Dec 20 08:57:44 server kernel: r8169: eth0: link down Dec 20 08:57:52 server kernel: r8169 0000:06:00.0: eth0: link up Dec 20 08:57:52 server kernel: r8169: eth0: link down Dec 20 09:10:58 server kernel: r8169 0000:06:00.0: eth0: link up PHP Error: PHP Warning: stream_socket_client(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/push/feedback.php on line 36 Code Line 36: $apns = stream_socket_client('ssl://feedback.sandbox.push.apple.com:2196', $errcode, $errstr, 60, STREAM_CLIENT_CONNECT, $stream_context);

    Read the article

  • iptables: Allow only HTTP access for web browsing

    - by user1448260
    Have a linux box, want it locked down but just be able to surf internet on it. Why is this script blocking http too? #!/bin/sh # # iptables -F # #Set default policies for INPUT, FORWARD and OUTPUT chains # iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP # # Allow TCP connections on tcp port 80 # iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT # # Set access for localhost # iptables -A INPUT -i lo -j ACCEPT # # List rules # iptables -L -v

    Read the article

  • Accessing mySQL from two ports: Problems with iptables

    - by marekventur
    Hi! I'm trying to make my mySQL-server (running on Ubuntu) listen on port 3306 and 110, because I would like to access it from a network with very few open ports. So far I've found this answer telling me to do iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 110 -j REDIRECT --to-port 3306 but all I got is: # mysql -h mydomain.com -P 3306 -u username --password=xyz Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 68863 Server version: 5.0.75-0ubuntu10.5 (Ubuntu) Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> exit Bye # mysql -h mydomain.com -P 110 -u username --password=xyz ERROR 2003 (HY000): Can't connect to MySQL server on 'mydomain.com' (111) I'm not an expert with iptables, so I not sure where to look for the problem. I'm googling around for quite some time, but haven't found anything to help me yet. This is what iptable tells me: # iptables -t nat -L -n -v Chain PREROUTING (policy ACCEPT 32M packets, 1674M bytes) pkts bytes target prot opt in out source destination 0 0 REDIRECT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110 redir ports 3306 Chain POSTROUTING (policy ACCEPT 855K packets, 55M bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 837K packets, 54M bytes) pkts bytes target prot opt in out source destination # iptables -L -n -v Chain INPUT (policy DROP 7 packets, 340 bytes) pkts bytes target prot opt in out source destination 107K 5390K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `INPUT INVALID ' 131K 6614K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 0 0 MY_DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 0 0 MY_DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 0 0 MY_DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 0 0 MY_DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05 0 0 MY_DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01 0 0 MY_DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08 0 0 MY_DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20 6948K 12G ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 151M 34G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 32M 1666M ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 1833 106K ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 603 29392 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 1 60 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:465 24 1180 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110 1 60 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:995 7919 400K ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:143 1 60 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993 0 0 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:119 1 60 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:53 7 517 ACCEPT udp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:53 1110 65364 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:21 139K 8313K ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 10176 499K ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:3306 2 80 ACCEPT udp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpt:123 0 0 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6060 4 176 ACCEPT tcp -- venet0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:6667 20987 1179K MY_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 2159 284K LOG all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `OUTPUT INVALID ' 2630 304K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID 6948K 12G ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 181M 34G ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED 0 0 MY_REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain MY_DROP (7 references) pkts bytes target prot opt in out source destination 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `PORTSCAN DROP ' 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain MY_REJECT (2 references) pkts bytes target prot opt in out source destination 13806 652K LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `REJECT TCP ' 18171 830K REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset 912 242K LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `REJECT UDP ' 912 242K REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 1904 107K LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `DROP ICMP ' 1904 107K DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 5 LOG flags 0 level 4 prefix `REJECT OTHER ' 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-proto-unreachable Is there anyone who can give ma a hint where to look for the problem? Thank you!

    Read the article

  • Packets marked INVALID in FORWARD rule

    - by Raphink
    I have a firewall that has 3 IP aliases on 1 physical interface. Packets get dropped between these 3 interfaces (either ICMP, HTTP, or anything else). We tracked it down to these packets being marked INVALID in the FORWARD rule and dropped due to the this rule: chain FORWARD { policy DROP; # connection tracking mod state state INVALID LOG log-prefix 'INVALID FORWARD DROP: '; mod state state INVALID DROP; mod state state (ESTABLISHED RELATED) ACCEPT; } (That is, we see the INVALID FORWARD DROP logs in dmesg) What could be causing this?

    Read the article

  • How would I create a VIM or Vi command to delete all text after a certain character for every line i

    - by Jason Down
    Scenario: I have a text file that has pipe (as in the "|" character) delimited data. Each field of data in the pipe delimited fields can be of variable length, so counting characters won't work (or using some sort of substring function... if that even exists in VIM). Is it possible, using VIM / Vi to delete all data from the second pipe to the end of the line for the entire file? There are approx 150,000 lines, so doing this manually would only be appealing to a masochist... e.g. Change the following lines from: 1111|random sized text 12345|more random data la la la|1111|abcde 2222|random sized text abcdefghijk|la la la la|2222|defgh 3333|random sized text|more random data|33333|ijklmnop to: 1111|random sized text 12345 2222|random sized text abcdefghijk 3333|random sized text I'm sure this can be done somehow... I hope. TIA UPDATE: I should have mentioned that I'm running this on Windows XP, so I don't have access to some of the mentioned *nix commands (CUT is not recognized on Windows).

    Read the article

  • u32 filter udp lenght 0 to 29

    - by Mark Ocok
    Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21668 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8 Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21669 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8 Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21670 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8 Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21671 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8 It's Spoofing attack dos, how to block Spoofing UDP lenght 0 to 29 using u32 Flooder target udp length udp 0 to 29

    Read the article

  • Oracle pl\sql question for my homework in oracle 11G class [migrated]

    - by Bjolds
    I am new to oracle 11G programming and i have run into a tough situation with pl\sql funtions and automation. I ame unsure how to create the function for the automation of Registration system for a College registration system. Here is what i want to do. I want to automate the registrations system so that it automaticly registers students. Then I want a procedure to automate the grading system. I have included the code that i am written to make most of this assignment work which it does but unsure how to incorporate Pl\SQL automated fuctions for the registrations system, and the grading system. So Any help or Ideas I would greatly appreciate please. set Linesize 250 set pagesize 150 drop table student; drop table faculty; drop table Course; drop table Section; drop table location; DROP TABLE courseInstructor; DROP TABLE Registration; DROP TABLE grade; create table student( studentid number(10), Lastname varchar2(20), Firstname Varchar2(20), MI Char(1), address Varchar2(20), city Varchar2(20), state Char(2), zip Varchar2(10), HomePhone Varchar2(10), Workphone Varchar2(10), DOB Date, Pin VARCHAR2(10), Status Char(1)); ALTER TABLE Student Add Constraint Student_StudentID_pk Primary Key (studentID); Insert into student values (1,'xxxxxxxx','xxxxxxxxxx','x','xxxxxxxxxxxxxxx','Columbus','oh','44159','xxx-xxx-xxxx','xxx-xxx-xxxx','06-Mar-1957','1211','c'); create table faculty( FacultyID Number(10), FirstName Varchar2(20), Lastname Varchar2(20), MI Char(1), workphone Varchar2(10), CellPhone Varchar2(10), Rank Varchar2(20), Experience Varchar2(10), Status Char(1)); ALTER TABLE Faculty ADD Constraint Faculty_facultyId_PK PRIMARY KEY (FacultyID); insert into faculty values (1,'xxx','xxxxxxxxxxxx',xxx-xxx-xxxx','xxx-xxx-xxxx','professor','20','f'); create table Course( CourseId number(10), CourseNumber Varchar2(20), CourseName Varchar(20), Description Varchar(20), CreditHours Number(4), Status Char(1)); ALTER TABLE Course ADD Constraint Course_CourseID_pk PRIMARY KEY(CourseID); insert into course values (1,'cit 100','computer concepts','introduction to PCs','3.0','o'); insert into course values (2,'cit 101','Database Program','Database Programming','4.0','o'); insert into course values (3,'Math 101','Algebra I','Algebra I Concepts','5.0','o'); insert into course values (4,'cit 102a','Pc applications','Aplications 1','3.0','o'); insert into course values (5,'cit 102b','pc applications','applications 2','3.0','o'); insert into course values (6,'cit 102c','pc applications','applications 3','3.0','o'); insert into course values (7,'cit 103','computer concepts','introduction systems','3.0','c'); insert into course values (8,'cit 110','Unified language','UML design','3.0','o'); insert into course values (9,'cit 165','cobol','cobol programming','3.0','o'); insert into course values (10,'cit 167','C++ Programming 1','c++ programming','4.0','o'); insert into course values (11,'cit 231','Expert Excel','spreadsheet apps','3.0','o'); insert into course values (12,'cit 233','expert Access','database devel.','3.0','o'); insert into course values (13,'cit 169','Java Programming I','Java Programming I','3.0','o'); insert into course values (14,'cit 263','Visual Basic','Visual Basic Prog','3.0','o'); insert into course values (15,'cit 275','system analysis 2','System Analysis 2','3.0','o'); create table Section( SectionID Number(10), CourseId Number(10), SectionNumber VarChar2(10), Days Varchar2(10), StartTime Date, EndTime Date, LocationID Number(10), SeatAvailable Number(3), Status Char(1)); ALTER TABLE Section ADD Constraint Section_SectionID_PK PRIMARY KEY(SectionID); insert into section values (1,1,'18977','r','21-Sep-2011','10-Dec-2011','1','89','o'); create table Location( LocationId Number(10), Building Varchar2(20), Room Varchar2(5), Capacity Number(5), Satus Char(1)); ALTER TABLE Location ADD Constraint Location_LocationID_pk PRIMARY KEY (LocationID); insert into Location values (1,'Clevleand Hall','cl209','35','o'); insert into Location values (2,'Toledo Circle','tc211','45','o'); insert into Location values (3,'Akron Square','as154','65','o'); insert into Location values (4,'Cincy Hall','ch100','45','o'); insert into Location values (5,'Springfield Dome','SD','35','o'); insert into Location values (6,'Dayton Dorm','dd225','25','o'); insert into Location values (7,'Columbus Hall','CB354','15','o'); insert into Location values (8,'Cleveland Hall','cl204','85','o'); insert into Location values (9,'Toledo Circle','tc103','75','o'); insert into Location values (10,'Akron Square','as201','46','o'); insert into Location values (11,'Cincy Hall','ch301','73','o'); insert into Location values (12,'Dayton Dorm','dd245','57','o'); insert into Location values (13,'Springfield Dome','SD','65','o'); insert into Location values (14,'Cleveland Hall','cl241','10','o'); insert into Location values (15,'Toledo Circle','tc211','27','o'); insert into Location values (16,'Akron Square','as311','28','o'); insert into Location values (17,'Cincy Hall','ch415','73','o'); insert into Location values (18,'Toledo Circle','tc111','67','o'); insert into Location values (19,'Springfield Dome','SD','69','o'); insert into Location values (20,'Dayton Dorm','dd211','45','o'); Alter Table Student Add Constraint student_Zip_CK Check(Rtrim (Zip,'1234567890-') is null); Alter Table Student ADD Constraint Student_Status_CK Check(Status In('c','t')); Alter Table Student ADD Constraint Student_MI_CK2 Check(RTRIM(MI,'abcdefghijklmnopqrstuvwxyz')is Null); Alter Table Student Modify pin not Null; Alter table Faculty Add Constraint Faculty_Status_CK Check(Status In('f','a','i')); Alter table Faculty ADD Constraint Faculty_Rank_CK Check(Rank In ('professor','doctor','instructor','assistant','tenure')); Alter table Faculty ADD Constraint Faculty_MI_CK2 Check(RTRIM(MI,'abcdefghijklmnopqrstuvwxyz')is Null); Update Section Set Starttime = To_date('09-21-2011 6:00 PM', 'mm-dd-yyyy hh:mi pm'); Update Section Set Endtime = To_date('12-10-2011 9:50 PM', 'mm-dd-yyyy hh:mi pm'); alter table Section Add Constraint StartTime_Status_CK Check (starttime < Endtime); Alter Table Section Add Constraint Section_StartTime_ck check (StartTime < EndTime); Alter Table Section ADD Constraint Section_CourseId_FK FOREIGN KEY (CourseID) References Course(CourseId); Alter Table Section ADD Constraint Section_LocationID_FK FOREIGN KEY (LocationID) References Location (LocationId); Alter Table Section ADD Constraint Section_Days_CK Check(RTRIM(Days,'mtwrfsu')IS Null); update section set seatavailable = '99'; Alter Table Section ADD Constraint Section_SeatsAvailable_CK Check (SeatAvailable < 100); Alter Table Course Add Constraint Course_CreditHours_ck check(CreditHours < = 6.0); update location set capacity = '99'; Alter Table Location Add Constraint Location_Capacity_CK Check(Capacity < 100); Create Table Registration ( StudentID Number(10), SectionID Number(10), Constraint Registration_pk Primary key (studentId, Sectionid)); Insert into registration values (1, 2); Insert into Registration values (2, 3); Insert into registration values (3, 4); Insert into registration values (4, 5); Insert into registration values (5, 6); Insert into registration values (6, 7); Insert into registration values (7, 8); Insert into registration values (8, 9); insert into registration values (9, 10); insert into registration values (10, 11); insert into registration values (9, 12); insert into registration values (8, 13); insert into registration values (7, 14); insert into registration values (6, 15); insert into registration values (5, 17); insert into registration values (4, 18); insert into registration values (3, 19); insert into registration values (2, 20); insert into registration values (1, 21); insert into registration values (2, 22); insert into registration values (3, 23); insert into registration values (4, 24); insert into registration values (5, 25); Insert into registration values (6, 24); insert into registration values (7, 23); insert into registration values (8, 22); insert into registration values (9, 21); insert into registration values (10, 20); insert into registration values (9, 19); insert into registration values (8, 17); Create Table courseInstructor( FacultyID Number(10), SectionID Number(10), Constraint CourseInstructor_pk Primary key (FacultyId, SectionID)); insert into courseInstructor values (1, 1); insert into courseInstructor values (2, 2); insert into courseInstructor values (3, 3); insert into courseInstructor values (4, 4); insert into courseInstructor values (5, 5); insert into courseInstructor values (5, 6); insert into courseInstructor values (4, 7); insert into courseInstructor values (3, 8); insert into courseInstructor values (2, 9); insert into courseInstructor values (1, 10); insert into courseInstructor values (5, 11); insert into courseInstructor values (4, 12); insert into courseInstructor values (3, 13); insert into courseInstructor values (2, 14); insert into courseInstructor values (1, 15); Create table grade( StudentID Number(10), SectionID Number(10), Grade Varchar2(1), Constraint grade_pk Primary key (StudentID, SectionID)); CREATE OR REPLACE TRIGGER TR_CreateGrade AFTER INSERT ON Registration FOR EACH ROW BEGIN INSERT INTO grade (SectionID,StudentID,Grade) VALUES(:New.SectionID,:New.StudentID,NULL); END TR_createGrade; / CREATE OR REPLACE FORCE VIEW V_reg_student_course AS SELECT Registration.StudentID, student.LastName, student.FirstName, course.CourseName, Registration.SectionID, course.CreditHours, section.Days, TO_CHAR(StartTime, 'MM/DD/YYYY') AS StartDate, TO_CHAR(StartTime, 'HH:MI PM') AS StartTime, TO_CHAR(EndTime, 'MM/DD/YYYY') AS EndDate, TO_CHAR(EndTime, 'HH:MI PM') AS EndTime, location.Building, location.Room FROM registration, student, section, course, location WHERE registration.StudentID = student.StudentID AND registration.SectionID = section.SectionID AND section.LocationID = location.LocationID AND section.CourseID = course.CourseID; CREATE OR REPLACE FORCE VIEW V_teacher_to_course AS SELECT courseInstructor.FacultyID, faculty.FirstName, faculty.LastName, courseInstructor.SectionID, section.Days, TO_CHAR(StartTime, 'MM/DD/YYYY') AS StartDate, TO_CHAR(StartTime, 'HH:MI PM') AS StartTime, TO_CHAR(EndTime, 'MM/DD/YYYY') AS EndDate, TO_CHAR(EndTime, 'HH:MI PM') AS EndTime, location.Building, location.Room FROM courseInstructor, faculty, section, course, location WHERE courseInstructor.FacultyID = faculty.FacultyID AND courseInstructor.SectionID = section.SectionID AND section.LocationID = location.LocationID AND section.CourseID = course.CourseID; SELECT * FROM V_reg_student_course; SELECT * FROM V_teacher_to_course;

    Read the article

  • Using Umbraco&rsquo;s Dropdown Datatype

    - by MightyZot
    In Umbraco, you could consider document types like models and data types as property types for those modes. For example, you may create a document type called “Prices” to represent a page that displays a list of prices. And, then, you might create a document type called “Price Item” to represent the price list items. A property called “Price” could then represent the price of an item. When you create the Price property, you specify the data type, which in this case might be “Number”, indicating that this particular field accepts only numerical values. Consequently, you could also create a drop down list property called “Category”, allowing you to categorize the items in your price list. To add items to the drop down list, you modify the data type definition in the Developer module of the Umbraco administrative utility. Instead of modifying the drop down data type itself, you should first make a copy by right-clicking on the Data Types node and choosing Create. Give your new data type a name in the Create dialog and click the Create button. In the Edit datatype dialog, change “Render control” to “Dropdown list”.  To add your list items, simply enter that value into the textbox next to “Add prevalue” and click Save or press the Enter key. Now that you have a new drop down list data type created, along with assigned list items, you can use it in your document type definitions just like you would the other data types.

    Read the article

  • Dynamically changing DVT Graph at Runtime

    - by mona.rakibe(at)oracle.com
    I recently came across this requirement where the customer wanted to change the graph type at run-time based on some selection. After some internal discussions we realized this can be best achieved by using af:switcher to toggle between multiple graphs. In this blog I will be sharing the sample that I build to demonstrate this.[Note] : In the below sample, every-time user changes graph type there is a server trip, so please use this approach with performance implications in mind.This sample can be downloaded  from DynamicGraph.zipSet-up: Create a BAM data control using employees DO (sample)(Refer this entry)Steps:Create the View Create a new JSF page .From component palette drag and drop "Select One Radio" into this page Enter some Label and click "Finish"In Property Editor set the "AutoSubmit" property to trueNow drag and drop "Switcher" from components into this page.In the Structure pane select the af:switcher right click and surround with "PanelGroupLayout"In Property Editor set the "PartialTriggers"  property of PanelGroupLayout to the id of af:selectOneRadioAgain in the Structure pane select the af:switcher right click and select "Insert inside af:switcher->facet"Enter Facet name (ex: pie)Again in the Structure pane select the af:switcher right click and select "Insert inside af:switcher->facet" Enter  another Facet name (ex: bar)From "Data Controls" drag and drop "Employees->Query"  into the pie facet as "Graph->Pie" (Pie: Sales_Number and Slices: Salesperson)From "Data Controls" drag and drop "Employees->Query"  into the bar facet as "Graph->Bar" (Bars :Sales_Number and X-axis : Salesperson).Now wire the switcher to the af:selectOneRadio using their "facetName" and "value" property respectively.Now run the page, notice that graph renders as per the selection by user.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 79 80 81 82 83 84 85 86 87 88 89 90  | Next Page >