Search Results

Search found 4015 results on 161 pages for 'packet capture'.

Page 92/161 | < Previous Page | 88 89 90 91 92 93 94 95 96 97 98 99  | Next Page >

• Basic networking: Centos Server Router + Ubuntu Client setup.. unable to access outside world from client

  - by ale

  I am trying to set up my Centos Server with two NICs as a router. eth0 is connected to the outside world and eth1 is connected to an Ubuntu client. Here's eth0 on the server: DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes TYPE=Ethernet eth1 on the server: DEVICE=eth1 BOOTPROTO=static IPADDR=192.168.0.10 # a free address on my network ONBOOT=yes TYPE=Ethernet My server has IPv4 packet forwarding turned on and my iptables only contains: # iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE # iptables --append FORWARD --in-interface eth1 -j ACCEPT My Ubuntu client has this in its /etc/network/interfaces auto lo iface lo inet loopback iface eth0 inet dhcp gateway 192.168.0.10 but I can't get an Internet connection from the server for my client. I can't even ping my server from the client: $ ping 192.168.0.10 Destination Host Unreachable

  Read the article

• How much the distance and ms can affect on the download speed ?

  - by Prix

  Let's consider A (client) and B (server) where A makes download from B. How much can a bad routing from A to B affect the download speed ? For example A does a tracert to B and get a response of 10 steps where the avg ms is around 300 with 10% packet loss at the 4 step and when the connection is normal the avg from A to B is 10 ~ 30 ms. Could this sort of impact reduce A download speed drasticaly or as long as both side and routes have enough link for the full speed of A from B and vice-versa it should maintain the same speed ? Besides tracert and the ping analyse of A to B what else is used to identify the problem ? If you need extra information please let me know.

  Read the article

• PostgreSQL 9.1 on Ubuntu Lucid fails to start - how to debug?

  - by Tom Fakes

  I'm using Vagrant with Chef Solo to setup a Lucid 64 box. I'm using a Chef recipe to install PostgreSQL 9.1 from Martin Pitt's backports. The install goes ok until the point where the database is started with /etc/init.d/postgresql start There's a log pause and the command fails. If I run pg_ctl manually, the database starts! The entire contents of my postgresql-9.1-main log file is: 2012-05-07 11:01:18 PDT LOG: database system was shut down at 2012-05-07 11:01:16 PDT 2012-05-07 11:01:18 PDT LOG: database system is ready to accept connections 2012-05-07 11:01:18 PDT LOG: autovacuum launcher started 2012-05-07 11:01:18 PDT LOG: incomplete startup packet 2012-05-07 11:01:26 PDT LOG: received fast shutdown request 2012-05-07 11:01:26 PDT LOG: aborting any active transactions 2012-05-07 11:01:26 PDT LOG: autovacuum launcher shutting down 2012-05-07 11:01:26 PDT LOG: shutting down 2012-05-07 11:01:26 PDT LOG: database system is shut down I've tried to change the postgresql config file to get more info into the logfile, but that hasn't worked at all. How do I debug this to find out what is failing so I can fix it?

  Read the article

• iptables: limiting bytes downloaded per IP per day?

  - by Miles

  On a public-facing web server, I'd like to limit the total bytes downloaded per IP address per day. For example, after a visitor downloaded 100MB, any additional requests would be dropped or rejected for the next 24 hours. Is it possible to accomplish this using iptables alone? The connbytes, connlimit, hashlimit, quota, and recent options all look promising, but the man page plays its cards close to the vest (e.g., "quota - Implements network quotas by decrementing a byte counter with each packet. --quota bytes The quota in bytes."). Would like to avoid using a proxy (like Squid) if possible.

  Read the article

• Machine account authentication on Radius server

  - by O.Shevchenko

  My workstation is under Linux. I have an Active Directory domain controller + Radius server on Windows 2008. I can verify user account 'radius-01' using 'radtest' tool: $ radtest -t pap radius-01 password123 195.234.133.32 1812 password123 Sending Access-Request of id 98 to 195.234.73.2 port 1812 User-Name = "radius-01" User-Password = "password123" NAS-IP-Address = 127.0.1.1 NAS-Port = 1812 rad_recv: Access-Accept packet from host 195.234.133.32 port 1812, id=98, length=84 Framed-MTU = 1344 Framed-Protocol = PPP Service-Type = Framed-User Class = 0x537004f00000013700010200ac1c0... I have joined my Linux PC to Active Directory domain ARB-HRK using Samba: [root@shev-arb]# net ads testjoin Join is OK I can dump machine password: [root@shev-arb]# tdbdump /var/lib/samba/private/secrets.tdb { key(34) = "SECRETS/MACHINE_PASSWORD/ARB-HRK" data(15) = "yGgXJsquRnpT0g\00" } How can i authenticate my machine account on Radius server? Do anybody know any tools for this, like: radtest shev-arb$ yGgXJsquRnpT0g 195.234.133.32 1812 password123 (this command fails)

  Read the article

• Unable to ping remote server Nagios

  - by williamsowen

  We've recently set up Nagios on one of our Amazon EC2 instances to act as a monitoring server to our other instances. nrpe was installed on our staging server stager and appears to be working fine: monitoring_server~: /usr/lib/nagios/plugins/check_nrpe -H xx.xx.xx.xx -p 5666 NRPE v2.12 The issue is - when viewing the remote server stager within the Nagios admin screen - it appears to be 'DOWN'. The check_ping command reveals: monitoring_server~: /usr/lib/nagios/plugins/check_ping -H 'xx.xx.xx.xx' -w 5000,100% -c 5000,100% -p 1 PING CRITICAL - Packet loss = 100%|rta=5000.000000ms;5000.000000;5000.000000;0.000000 pl=100%;100;100;0 Can anyone provide some direction on how to get this working? Not sure what else to do

  Read the article

• "IP May Be Forged" - Sendmail Warning

  - by Mikey B

  CentOS 5.x | SendMail 8 Can I get clarification on what exactly the warning "IP may be forged" means and what conditions cause it? I recently configured SendMail to relay email from my exchange server and it's showing that warning in the logs. The messages get delivered fine but I don't like the warnings. I originally thought that there was an inconsistency between the servername used in the EHLO statement from Exchange and the respective PTR record for the source IP for Exchange. But upon examining a packet capture, I see exchange using "EHLO domain.com" and that the source IP has a PTR of "domain.com". Maybe sendmail doesn't like that the greeting only has the domain? -M

  Read the article

• Is it possible to add tcp autotuning to windows xp?

  - by Caspin

  I have a network application that needs to send messages at 60 times a second. The messages are usually 300-400 bytes, but can be as large as 1500. The default setting for SO_SNDBUF is too small and limits the number of message that can be sent if the network latency is anything greater then 100ms. The naive solution is to just bump the SO_SNDBUF size to to something large. However, depending on the latency and the packet size that could be anywhere from 64K to 8MB. One of Vista's new features is TCP autotuning. Autotuning monitors the tcp connection and dynamically adjust the buffer sizes to allow for optimal communication. I would like to use auto tuning on our windows xp machine so I don't need to guess what my buffers sizes should be. Is there a way to install either a microsoft or 3rd party tcp autotuner on windows xp?

  Read the article

• Is it possible to add tcp autotuning to windows xp?

  - by Caspin

  I have a network application that needs to send messages at 60 times a second. The messages are usually 300-400 bytes, but can be as large as 1500. The default setting for SO_SNDBUF is too small and limits the number of message that can be sent if the network latency is anything greater then 100ms. The naive solution is to just bump the SO_SNDBUF size to to something large. However, depending on the latency and the packet size that could be anywhere from 64K to 8MB. One of Vista's new features is TCP autotuning. Autotuning monitors the tcp connection and dynamically adjust the buffer sizes to allow for optimal communication. I would like to use auto tuning on our windows xp machine so I don't need to guess what my buffers sizes should be. Is there a way to install either a microsoft or 3rd party tcp autotuner on windows xp?

  Read the article

• Why can't European users access my site?

  - by japancheese

  Hello, My site has been running just fine for the past couple of years, but all of a sudden, two days ago, European users have been experiencing serious connection problems to the site. I really want to fix this for them, but what's the best way to figure out what the issue is? I have absolutely no connection problems to the site on my end, nor do Asian or other American users it seems. Using just-ping.com, some European servers come back with some packet losses. I tried doing some traceroutes from European servers to my own, but they all seemed to work just fine. I'd at least like to be able to tell users that if the problem does not lie with my server, then it at least lies somewhere out of my control. I really want to figure out what the choke point is though. Is there another way I might be able to find out why they can't seem to connect to the site? Just looking for any other ideas from people that have had a similar experience.

  Read the article

• Do two portforward rules translate to "and"?

  - by blsub6

  I just set up an Exchange server to replace my DeskNow mail server. I want to start testing my internet mail exchange of my Exchange server. I can only set the MX records on my DNS up to my one external IP address so I was thinking that I could set up a firewall rule on my internet-facing firewall that port forwarded the smtp packets to two different servers. My question is: If I do that, will that mean that the smtp packets will be forwarded to just the first internal IP on the list? Or does it mean that the packet will be cloned and sent to both IPs?

  Read the article

• Windows Server 2008: Limit UDP/TCP packets per IP or ban

  - by WBAR

  How I can limit UDP/TCP packets per IP send to my host (or better PORT) per second or minute ? Would be nice to ban that IP for 12/24 hours or even for ever. I got Windows Server 2008 and I'm very poor in Windows administration but quite good in Linux. EDIT: By basic problem is that They sending a lot of rubbish UPD and TCP packets.. TCP packets without SYNCH, fragmented UDP packets so my servers stop responding.. So I need to cut off users (IPs) sending more than X packets per second. I need solution witch provides me, somehow, configurable: X packets of certain type (UDP, TCP or both - lets say parameter named Z ) are allowed to be received by IP on Y port, otherwise this packet should be DROPPED. My virtual hosts are hosted by VirtualBox and I'm able to forward all incoming packets certain type and certain port to the specific Virtual Host, but I need to DROP them before my VirtualBox receive them.

  Read the article

• iptables: built-in INPUT chain in nat table?

  - by ughmandaem

  I have a Gentoo Linux system running linux 2.6.38-rc8. I also have a machine running Ubuntu with linux 2.6.35-27. I also have a virtual machine running Debian Unstable with linux 2.6.37-2. On the Gentoo and Debian systems I have an INPUT chain built into my nat table in addition to PREROUTING, OUTPUT, and POSTROUTING. On Ubuntu, I only have PREROUTING, OUTPUT, and POSTROUTING. I am able to use this INPUT chain to use SNAT to modify the source of a packet that is destined to the local machine (imagine simulating an incoming spoofed IP to a local application or just to test a virtual host configuration). This is possible with 2 firewall rules on Gentoo and Debian but seemingly not so on Ubuntu. I looked around for documentation on changes to the SNAT target and the INPUT chain of the nat table and I couldn't find anything. Does anyone know if this is a configuration issue or is it something that was just added in more recent versions of linux?

  Read the article

• Dell Multi-Monitor Hub: true DisplayPort splitting?

  - by thepurplepixel

  In my search for a new display, I came across the Dell Multi-Monitor Hub MMH11, which seemed to be an alternative to my search for daisy-chainable DisplayPort displays. However, before I cave and spend $179 on this device, I am wondering if this will be similar to other splitting devices where it appears to the computer as one big monitor and the device does the splitting (which I don't want). Or, does this use the packet-based nature of DisplayPort to present two/three separate displays to the computer? Also, would this device work on my MacBook Pro? (I know the Dell site says it's for Windows, but it also says that no driver installation is required. I'd assume since the MBP supports DP 1.2 it would work, but it's better to ask). Thanks!

  Read the article

• iptables ACCEPT policy

  - by kamae

  In Redhat EL 6, iptables INPUT policy is ACCEPT but INPUT chain has REJECT entry in the end. /etc/syconfig/iptables is as below: *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT Do you know why the policy is ACCEPT not DROP? I think setting DROP policy is safer than ACCEPT in case to make mistake in the chain. Actually the policy is not applied to any packet: # iptables -L -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes)

  Read the article

• Is it possible to limit output bandwidth between eth0 and lo?

  - by mmcbro

  I'm trying to limit the bandwidth between my eth0 output (nginx proxy) to my loopback inteface (apache) by filtering on destination port. Incoming Packet -> Eth0 -> 0.0.0.0:80 Nginx -> tc qdisc class/iptable mangle 2525port -> 127.0.0.1:2525 Apache I don't know if it's even possible I'm just experimenting. My rules are the followings : tc qdisc add dev eth0 root handle 1:0 htb tc class add dev eth0 parent 1:0 classid 1:10 htb rate 2mbps ceil 2mbps prio 0 tc filter add dev eth0 parent 1:0 prio 0 protocol ip handle 10 fw flowid 1:10 iptables -A OUTPUT -t mangle -p tcp --dport 2525 -j MARK --set-mark 10 I also tried to with FORWARD chain but its still the same.

  Read the article

• How do I get around restrictive email policies by ISP?

  - by Peter Turner

  Apparently we've been restricted (though packet filtering) to some arbitrarily small and untenable number of emails a day by some bankrupt ISP (and they say that's how it's always been chortle). We've been using our own mail server for the last 15 years, and only recently they've been giving us guff. Is there a way for a legitimate business to email their clients, who really want to receive these emails, by bypassing the ISP? The way we've been doing it is by breaking up into 20 or 30 emails, but that gets complicated and requires a lot of manual labor by the receptionist, and unless she's really careful we wind up emailing lots of people twice. So what are my options (Hosted Email, Lithuanian Proxy Server, Different ISP, not writing awful PHP that sends out zillions of emails and gets us blacklisted)?

  Read the article

• ASA5500 series logging for management interface in transparent mode

  - by ANervousTwitch

  i have a cisco asa5520 in transparent mode. the interface is on the same subnet as some windows machines, which are generating a lot of broadcast traffic that is filling up the logs. is there any way to have it not log that its blocking those packets? its a bunch of these messages: "through-the-device packet to from management-only network is denied: udp src..." im also seeing some of those zeroconf requests that id like to drop logging for. i tried to just put a rule on the management interface, but apparently thats not allowed.

  Read the article

• How to have 2 windows machines on the same network with the same IP address

  - by Stu

  I have a custom made ADC device that is spitting out data by addressed UDP packets. I have that device plugged into a 4 port switch. I have one windows embedded standard 7 machine which is the normal recipient of that data. To be able to receive the data (Using LabVIEW) the windows network adapter IPv4 settings must have a static IP address that corresponds to the UDP packet destination. I would like to add a second windows machine (This one is just regular Win 7 Pro) to simultaneously catch the data, however with all devices connected to the switch, the Win 7 Pro machine recognizes an IP address conflict and will not take the setting for the required static IP address. (The network adaptor settings show that the correct value has been entered but ipconfig shows that it is not actually set.) Neither windows machine needs to transmit network data, they only need to be able to receive the UDP data from the ADC device. Is there any way to disable this IP address conflict detection 'feature' of windows networking?

  Read the article

• IP issue with Heartbeat & DRBD

  - by adam0345

  I'm in the process of setting up 3-node stacked DRBD, and i'm experiencing a rather bizarre issue. Two nodes are located at the data center, and the 3rd node is located locally. The Primary and Secondary nodes are working as expected, however the 3rd node won't connect to the primary. If I ping the IP provided by heartbeat on the 3rd node it will return 100% packet loss, if I reset networking interfaces, ping will then return a few successful packets, but then stop returning any packets. I can't work out any reason why this would be behaving like this. All nodes are running Debian Squeeze, and the latest version of DRBD.

  Read the article

• Meaning of Bridge-Check in iptables flowchart

  - by networkIT

  In the famous iptables flow-chart what does bridge-check exactly stands for ? I couldn't find any documentation. The only clue I found was while scanning the MikroTik RouterOS documentation ( RouterOS is build upon a Linux 2.6.16 kernel ), I found this : In-interface Bridge = Checks if the input interface is a port for a bridge or is the bridge. Manual:Packet Flow Comparing both flow-charts brings clues that iptables Bridge-check might equal MikroTik In-Interface Bridge. Is this true ? Else, what might be the meaning of iptables Bridge-Check ?

  Read the article

• Have OS X send wake on lan before printing to shared printer

  - by Dean Hill

  I have a MacBook that prints to a shared Windows 7 printer. Sometimes the Windows machine is asleep, and the Mac will just queue up its print requests. I recently created a script to send a wake-on-lan packet to a Windows 7 machine. This wakes up the Windows machine and printing starts. Great, but I think the system can be automated en Is it possible to have the MacBook run the wake-on-lan script everytime something is printed? Stated more generally, can I have the OS X print subsystem execute a script everytime something is printed?

  Read the article

• Windows Filtering Platform not turning off until admin logon. Win2008R2sp1

  - by rjt

  Just installed Windows Server 2008R2 SP1 to see if it would fix this problem, but it didn't. Until an administrator logs onto the domain controller, there are many events that WFP blocked a connection from Server60 to Server60 or Server60 to Server70. Both server60 and server70 are the domain controllers. One the admin logs on, the WFP events stop. The firewall is off by default GPO. Yes, i know that the WFP kicks in during the boot up sequence until the firewall takes over or in my case does not take over (since Vista), but i clearly should not have to autologon to a domain controller and call autolock or something. Example event LEVEL = Information Source = Microsoft Windows Security Auditing EventID = 5152 "Filtering Platform Packet Drop" and its evil twin id = 5157 "Filtering Platform Connection" "The Windows Filtering platform has blocked a connection." Direction %%14593 SourceAddress 192.168.10.60 SourcePort 49677 DestAddress 192.168.10.60 DestPort 389 Protocol 6 FilterRTID 65667 LayerName %%14611 LayerRTID 48 RemoteUserID S-1-0-0 RemoteMachineID S-1-0-0 windows-server-2008-r2 WFP BFE WindowsFilteringPlatform BaseFilteringEngine

  Read the article

• Routing using Linux with 2 NIC cards

  - by Kevin Parker

  Configured Clear OS to be in Gateway mode on a machine with two NIC cards. eth0:192.168.2.0/24 with ip 192.168.2.27 which is connected to a modem and thus have internet connectivity. eth1:192.168.122.0/24 with ip 192.168.122.10 which is connected to other machines in LAN through switch. LAN machines with network 192.168.122.0 is not getting internet.How can they get internet Through Clear OS gateway.I have enabled packet forwarding in clear os using "ip_forward=1" What am i missing?.Can you please help me in this. Following are the static routing i have added: on LAN machine1 with ip address 192.168.122.11 ip route add 192.168.2.0/24 via 192.168.122.10 dev eth0 ip route show 192.168.2.0/24 via 192.168.122.10 dev eth0 192.168.122.0/24 dev eth0 proto kernel scope link src 192.168.122.11 But still 192.168.2.0/24 network is not reachable.Where can be the problem??

  Read the article

• Understanding connection tracking in iptables

  - by Matt

  I'm after some clarification of the state/connection tracking in iptables. What is the difference between these rules? iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT Is connection tracking turned on when a packet is first matched containing -m state --state BLA , or is connection tracking always on? Can/Should connection state be used for fast matching like below? e.g. suppose this is some sort of router/firewall (no nat). # Default DROP policy iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP # Drop invalid iptables -A FORWARD -m state --state INVALID -j DROP # Accept established,related connections iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow ssh through, track connection iptables -A FORWARD -p tcp --syn --dport 22 -m state --state NEW -j ACCEPT

  Read the article

< Previous Page | 88 89 90 91 92 93 94 95 96 97 98 99  | Next Page >