Search Results

Search found 4462 results on 179 pages for 'ssh'.

Page 93/179 | < Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100  | Next Page >

  • Cant ping ip on LAN. Port forward works fine though.

    - by Anoop
    I have a Solaris 11 machine running inside the LAN. It is a default install. I can access the machine and ping it if I ssh into my router (if it matters, it is running dd-wrt). I cannot ping the Solaris machine using ip address from any other machine inside the LAN. But if I setup port forwarding everything works perfectly fine. I can also use the port forward from outside the LAN (from my office) - which is good and how I want it to be. I can SSH and ping and do pretty much everything else from outside as well as inside but only as long as I have the port forwarded from my router. Why would I not be able to ping or ssh or even access the Solaris 11 machine from within the LAN - I have checked and couldn't find any firewall running on the Solaris 11 box. I even tried disabling every known firewall on the router (dd-wrt, it had something like SPI firewall running). I even tried setting a static IP for my Solaris box but all in vain! Please help me understand how and why this happens!! Thanks.

    Read the article

  • Switch between network configurations via command line in fedora 17

    - by Mike Fairhurst
    I have two different setups I use on my work laptop; one enables synergy over an ethernet ssh tunnel with my work computer on the local network, and the other opens an HTTP tunnel to my work computer from outside the network. When I have wifi enabled at work, my laptop seems to use it by preference. This makes synergy run incredibly slowly. At home I must use wifi. I have scripts that begin my ssh tunnels, add my ssh keys, and starts up other programs like synergy, and close themselves when I shut my laptop. However, every day I have to start out my routine by opening my gnome-control-center and turning on my ethernet. I have tried route add and ifup, none of it works, so I dove into gnome-control-center's source code and found that it enabled the connection by libnm's method nm_client_activate_connection with some libnm specific structs that I am having trouble tracking down. I'm not much of a c programmer, and I'm not familiar with either GTK or libnm. Does anybody know what fedora 17 does with ethernet connections to fully enable them? Or does anybody know what libnm does to fully enable an ethernet connection? Do I have to write a c script to run libnm for me to fully emulate whatever gnome-control-center is trying to do?

    Read the article

  • Server needs to ping outgoing before allowing connection

    - by QuintenVK
    Okay, first our setup: I'm currently working over VPN to a mac mini OSX 10.6 server. We have a testsetup VM running on that, using ubuntu 12.04. Earlier today, there was an outage because of which our mac mini server was reset. Since then, i was unable to initiate a connection to the VM (which i did boot) -- no ssh, no web, ... . I couldn't ssh or web from the mac mini to the vm either. I could do so from within the VM itself, though. Ping did work on all machines. Lastly, I tried pinging from the VM to my laptop. It took a moment, but then it finally started to ping (no timeouts or so). After that, web and ssh magically worked. I then didn't use the machine for about 5 minutes, after which i had to ping from the server to my laptop again before i could setup a connection. I'm in the dark on what this could be, though I think this is something to do with lookups.

    Read the article

  • No outbound internet connection after restarting CentOS 6.3

    - by wnstnsmth
    After restarting a headless CentOS 6.3 machine, it lost outbound internet connectivity, i.e. I can still connect to the server via SSH (ssh root@**.126.18.56), but stuff such as ping google.com gives google.com: unknown host, and yum list some_package gives a lot of network errors. This is what ifconfig gives: eth0 Link encap:Ethernet HWaddr 00:25:90:78:2D:5D inet addr:**.126.18.56 Bcast:**.126.18.255 Mask:255.255.255.0 inet6 addr: fe80::225:90ff:fe78:2d5d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:75594 errors:0 dropped:0 overruns:0 frame:0 TX packets:787 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7074741 (6.7 MiB) TX bytes:144391 (141.0 KiB) Interrupt:20 Memory:f7a00000-f7a20000 eth1 Link encap:Ethernet HWaddr 00:25:90:78:2D:5C UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Interrupt:16 Memory:f7900000-f7920000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:504 (504.0 b) TX bytes:504 (504.0 b) I have absolutely no clue how to debug this, and I find it very strange since I can still connect via ssh. EDIT: Weirdly, /etc/resolv.conf does not contain any entries, or none that I can make sense of: # Generated by NetworkManager search sui-inter.net # No nameservers found; try putting DNS servers into your # ifcfg files in /etc/sysconfig/network-scripts like so: # # DNS1=xxx.xxx.xxx.xxx # DNS2=xxx.xxx.xxx.xxx # DOMAIN=lab.foo.com bar.foo.com So is it possible that rebooting the server erased that file? It worked before at least! And how do I solve this? By the way, pinging an IP address works.

    Read the article

  • Bypass insane corporate security system

    - by user1665154
    I'm searching for a posibility to bypass the "Firewall" for 3-4 days. I've tried everything I know, so I ask here for a answer. We have no admin rights and the OS is Windows Vista There is an HTTP Proxy with NTML Authentication (only way to access the internet) It requires a username and password We use smart cards, in fact I have only a user number and a pin. Port 80 and 443 are open - I have an SSH server at home which is listening on port 443 The problem is that I need this proxy to connect to anything. Internet access only works in IE, Chrome, Firefox when I set the proxy settings to "use system proxy settings", "proxy-autoconfig (proxy.pac)" or when I enter the proxy inside the proxy.pac file. However I can't understand where they take the username and password which the Proxy requires. What I've tried was using cntlm to connect to the proxy with authentication (altought I have no PW and username) and PuTTY to create the SSH tunnel over port 443 whit the SOCKS Proxy which I've created with cntml. I've never found some SSH client which includes a "use system proxy settings" function.

    Read the article

  • "Synchronizing" files between local and remote server using Git

    - by ConcreteVitamin
    My intended goal: I maintain some files in my local computer, and I also share them with others by putting them on my website. In the past I did this by manually uploading all the files using FTP, every time I did some modifications etc. Now, I am wondering if I can use Git to help me achieve this (by "pushing" the local files to my website server). My server is hosted by Dreamhost. First Attempt: First, I try this tutorial. I first push my local files to my Github repo, and ssh into my Dreamhost server to clone --bare from the Github repo. But I find that git does not transfer my files. So I ignore the tutorial. Second Attempt: I ssh into my Dreamhost server to clone directly from Github. My files are all transfered to the server. Then, on my local computer, I git remote add dreamhost ssh://[email protected]/~/my-project. Then I add some files, and commit, and git push dreamhost master. And a bunch of errors appears: http://geotakucovi.com/gitError.jpg As a newbie Git user, I must have missed something. Please help!

    Read the article

  • I can get in, but I can't get out

    - by robwilkerson
    Like most technical folks, I suppose, I'm my family's primary source of tech support. I'm a developer--not a sysadmin--by trade and tonight I bumped into something I've never seen before. I'm hoping someone here has. In order to better help my Mom, I have her set up on a home network behind a Linksys router (WRT54G). She's got a Mac, so I have her router set up to forward SSH requests to her laptop's internal IP. I also have her router running DDNS through DynDns. Tonight she called to tell me that she can't access the Internet. Assuming it was one of the many simple, stupid problems most of us encounter with parents, I logged into the router admin remotely and took a look around. Everything looked normal. Then I SSH'd into her machine to check out her IP, DNS, etc. settings. Everything still looked fine. Then I noticed something weird. When SSH'd into her machine, I can't ping her router. In other words, I seem to be able to access her computer through her router, but not access her router from her computer. A traceroute dies immediately as well. Any ideas what I might try next? I've bounced her computer and even unplugged her router (it was plugged back in, of course). Thanks.

    Read the article

  • I can get in, but I can't get out

    - by robwilkerson
    Like most technical folks, I suppose, I'm my family's primary source of tech support. I'm a developer--not a sysadmin--by trade and tonight I bumped into something I've never seen before. I'm hoping someone here has. In order to better help my Mom, I have her set up on a home network behind a Linksys router (WRT54G). She's got a Mac, so I have her router set up to forward SSH requests to her laptop's internal IP. I also have her router running DDNS through DynDns. Tonight she called to tell me that she can't access the Internet. Assuming it was one of the many simple, stupid problems most of us encounter with parents, I logged into the router admin remotely and took a look around. Everything looked normal. Then I SSH'd into her machine to check out her IP, DNS, etc. settings. Everything still looked fine. Then I noticed something weird. When SSH'd into her machine, I can't ping her router. In other words, I seem to be able to access her computer through her router, but not access her router from her computer. A traceroute dies immediately as well. Any ideas what I might try next? I've bounced her computer and even unplugged her router (it was plugged back in, of course). Thanks.

    Read the article

  • Slow network interaction between 2 kvm host machines

    - by VirtualNoob
    We have 2 physical machines, Host1 is a CentOS 6.4 kvm host and hosts ~7 kvm VMs all running Ubuntu 12.04 - all of this runs perfectly. Recently we've added a 2nd host system, host2, again a CentOS 6.4 kvm host with a view to running another couple of VMs and providing some failover against host1 should it be required. Both physical machines reside in the same cabinet in our DC, and are on the same subnet - let's say host1: 1.1.1.64 and host2: 1.1.1.81. Both have their gateway set to the DC gateway of 1.1.1.254 with no hardware firewall in between. On each machine, I have 4 NICs that are bonded together to form a single interface, which is then bridged to allow the VMs to access the network. All of the VMs are online, and all of them can successfully ssh into the hosts without any delay. Both systems can access the internet fine, and I can ssh into both systems from home without any issues. However, there is a real delay when attempting to ssh from host1 to host2 (or vice versa) and this obviously means that any action required on host2, that is controlled by host1 either takes forever or results in failure due to timeout. In the interest of keeping this post short, I've put my ifcfg files into a pastie: http://pastie.org/8081648 I've tried both adding a firewall rule in each machine for the other, and also disabling the firewall entirely, so that can't be the issue. I've tried troubleshooting this myself but can't seem to get to the bottom of it. Any help or advice would be appreciated. Thanks in advance.

    Read the article

  • Making mercurial subrepositories behave like subversion externals

    - by Emily Dickinson
    Hi guys, The FAQ, and hginit.com have been really useful for helping me make the transition from svn to hg. However, when it comes to using Hg's subrepository feature in the manner of subversion's externals, I've tried everythign and cannot replicate the nice behavior of svn externals. Here's the simplest example of what I want to do: Init "lib" repository This repository is never to be used as a standalone; it's always included by main repositories, as a sub-repository. Init one or more including repositories To keep the example simple, I'll "init" a repository called "main" Have "main" include "lib" as a subrepository Importantly -- AND HERE'S WHAT I CAN'T GET TO WORK: When I modify a file inside of "main/lib", and I push the modification, then that change gets pushed to the "lib" repository -- NOT to a copy inside of "main". Command lines speak louder than words. I've tried so many variations on this theme, but here's the gist. If someone can reply, in command lines, I'll be forever grateful! 1. Init "lib" repository $ cd /home/moi/hgrepos ## Where I'm storing my hg repositories, on my main server $ hg init lib $ echo "foo" lib/lib.txt $ hg add lib $ hg ci -A -m "Init lib" lib 2. Init "main" repository, and include "lib" as a subrepos $ cd /home/moi/hgrepos $ hg init main $ echo "foo" main/main.txt $ hg add main $ cd main $ hg clone ../lib lib $ echo "lib=lib" .hgsub $ hg ci -A -m "Init main" . This all works fine, but when I make a clone of the "main" repository, and make local modifications to files in "main/lib", and push them, the changes get pushed to "main/lib", NOT to "lib". IN COMMAND-LINE-ESE, THIS IS THE PROBLEM: $ /home/moi/hg-test $ hg clone ssh://[email protected]/hgrepos/lib lib $ hg clone ssh://[email protected]/hgrepos/main main $ cd main $ echo foo lib/lib.txt $ hg st M lib.txt $ hg com -m "Modified lib.txt, from inside the main repos" lib.txt $ hg push pushing to ssh://[email protected]/hgrepos/main/lib That last line of output from hg shows the problem. It shows that I've made a modification to a COPY of a file in lib, NOT to a file in the lib repository. If this were working as I'd like it to work, the push would be to hgrepos/lib, NOT to hgrepos/main/lib. I.e., I would see: $ hg push pushing to ssh://[email protected]/hgrepos/lib IF YOU CAN ANSWER THIS IN TERMS OF COMMAND LINES RATHER THAN IN ENGLISH, I WILL BE ETERNALLY GRATEFUL! Thank you in advance! Emily in Portland

    Read the article

  • Problems cloning a GIT repository (Newbie problems)

    - by Brett Rigby
    Hi there, Trying to set-up GIT Server on my local dev machine and have been following this website so far but am a little stuck when trying to clone a repository. In GIT Bash, here's my output: $ git clone ssh://[email protected]:4837/ssh/home/Administrator/project1.git Initialized empty Git repository in C:/Git/project1/.git/ Permission denied (publickey,keyboard-interactive). fatal: The remote end hung up unexpectedly Any suggestions on why I would be getting a 'Permission denied (publickey,keyboard-interactive)' error? Thanks in advance!

    Read the article

  • Why am i getting these errors from GitHub?

    - by acidzombie24
    I followed these instruction and could not connect to github for the life of me. >plink -ssh github.com FATAL ERROR: Disconnected: No supported authentication methods available plink -ssh [email protected] You've successfully authenticated, but GitHub does not with tortoisegit git.exe push "origin" master ERROR: Permission to name/MyEmptyRepoOnGitHubHere denied to name. fatal: The remote end hung up unexpectedly Whats going on? NOTE: I followed the instructions carefully. It was a lot worse before i followed them.

    Read the article

  • Heroku deployment: connection refused

    - by Toby Hede
    I have suddenly run into an issue deploying to Heroku. I created a new app, went to push and now see: ssh: connect to host heroku.com port 22: Connection refused My other previously working Heroku apps no longer work, receiving the same error. Other Heroku commands work (create, info, db:push). I can SSH to other services, so it doesn't look like it's my machine. Any ideas?

    Read the article

  • creating a .sh file programmatically under windows and running it on a linux system from cygwin

    - by user1296193
    i want to write program, in windows, which will write a .sh file, then connect to a linux machine via cygwin and ssh, and execute that .sh file. I've had to use dos2unix to convert .sh files that I created in windows to run under linux. Obviously if I am executing a script with ssh it will have to be linux formatted to work. so I need to know how to create a linux appropriate .sh file using c or openoffice basic or vBA. thanks!

    Read the article

  • preverification error in netbeans and eclipse while including j2ssh maverick

    - by user568651
    problem-- Preverification errors: Error preverifying class com.maverick.ssh.components.ComponentFactory java/lang/NoClassDefFoundError: java/lang/Cloneable j2ssh Unknown Java Problem this error comes while j2ssh is added as a library in my application. console-- Uncaught exception: java.lang.NoClassDefFoundError: com/maverick/ssh/LicenseManager - mobilessh.MobileSSH.run(), bci=2 - java.lang.Thread.run(), bci=11 this error shows both in eclipse and netbeans ide 6.9.1 jdk 1.6 installed.. wtk 3.0 and 2.5.2.

    Read the article

  • Sending STDERR to logger

    - by Gnutt
    Im writing a bash-script to perform an offsite backup, using rsync over SSH. I'm able to send STDOUT to logger, for logs via rsync --del -az -e 'ssh -i mycrt.crt' /home/gnutt/backup/ me@offisite:backup | logger -i But I want to send STDERR instead, so if there is a problem, such as that offsite is unavailable, that output should be sent to logger and logged.

    Read the article

  • Laravel with Homestead

    - by Ahmed el-Gendy
    I new with virtual box and vagrant , Now I using Homestead image and every thing is run well but when i create my project named laravel on virtual machine it supposed that i see this new folder named laravel on my machine but i didn't get any thing on my machine , The synchronization is not working. NOTE: I'm using ubuntu 14.04 This is my homestead.yaml ip: "192.168.10.10" memory: 2048 cpus: 1 authorize: ~/.ssh/id_rsa.pub keys: - ~/.ssh/id_rsa folders: - map: /var/projects/ to: /home/vagrant/projects/ sites: - map: homestead.app to: /home/vagrant/projects/laravel/public variables: - key: APP_ENV value: local thanks advance

    Read the article

  • error when uploading with Git

    - by user560831
    I am new to Git hub and was able to successfully create an ssh key and upload it to the website however when I type in git push origin master I receive the following error: error: cannot run ssh: no such file or directory fatal: unable to fork I am using Cygwin on a windows Vista machine if that is also useful. Ok.. after installing openssh I now get the error: Permission denied (publickey) fatal: the remote end hung up unexpectedly

    Read the article

  • Why wireless adatper stop to work?

    - by AndreaNobili
    today I correctly installed the driver for the TP-LINK TL-WN725N USB wireless adapter on my RaspBerry Pi (I use RaspBian that is a Debian), then I setted up the wifi using the wpa-supplicant as explained in this tutorial: http://www.maketecheasier.com/setup-wifi-on-raspberry-pi/ This worked fine untill this evening. Then suddenly it stopped to work when I try to connect in SSH and the Raspberry is on the wireless (or rather it should be, as this is not in the list of my router's DHCP connected Client) The strange thing is that the USB wirless adapter blink so I think that this is not a driver problem. If I try to connect it by the ethernet I have no problem. It appear in my router's DHCP connected Client and I can connect to it by SSH. When I connect to it using ethernet if I perform an ifconfig command I obtain: pi@raspberrypi ~ $ ifconfig eth0 Link encap:Ethernet HWaddr b8:27:eb:2a:9f:b0 inet addr:192.168.1.9 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:48 errors:0 dropped:0 overruns:0 frame:0 TX packets:59 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:6006 (5.8 KiB) TX bytes:8268 (8.0 KiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:8 errors:0 dropped:0 overruns:0 frame:0 TX packets:8 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1104 (1.0 KiB) TX bytes:1104 (1.0 KiB) wlan0 Link encap:Ethernet HWaddr e8:94:f6:19:80:4c UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) So it seems that the wlan0 USB wireless adapter driver is correctly loaded. If I remove the USB wireless adapter and put it again into the USB port, the lasts lines of dmesg log is: [ 20.303172] smsc95xx 1-1.1:1.0 eth0: hardware isn't capable of remote wakeup [ 20.306340] RTL871X: set bssid:00:00:00:00:00:00 [ 20.306726] RTL871X: set ssid [g\xffffffc6isQ\xffffffffJ\xffffffec)\xffffffcd\xffffffba\xffffffba\xffffffab\xfffffff2\xfffffffb\xffffffe3F|\xffffffc2T\xfffffff8\x1b\xffffffe8\xffffffe7\xffffff8dvZ.c3\xffffff9f\xffffffc9\xffffff9a\xffffff9aD\xffffffa7\x1a\xffffffa0\x1a\xffffff8b] fw_state=0x00000008 [ 21.614585] RTL871X: indicate disassoc [ 21.908495] smsc95xx 1-1.1:1.0 eth0: link up, 100Mbps, full-duplex, lpa 0x45E1 [ 25.006282] Adding 102396k swap on /var/swap. Priority:-1 extents:1 across:102396k SSFS [ 26.247997] RTL871X: nolinked power save enter As you can see some of these line are related to the RTL871X that is my USB wireless adapter, but I don't know is that these line report an error or if it is all ok. Looking at the adapter status I obtain: pi@raspberrypi ~ $ ip link list dev wlan0 3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DORMANT qlen 1000 link/ether e8:94:f6:19:80:4c brd ff:ff:ff:ff:ff:ff As you can see the mode is DORMANT but I think that this is normal because now I am connected using ethernet. I tryied to set up the adapter but it seems that I obtain no result, infact: pi@raspberrypi ~ $ sudo ip link set dev wlan0 up pi@raspberrypi ~ $ ip link list dev wlan0 3: wlan0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN mode DORMANT qlen 1000 link/ether e8:94:f6:19:80:4c brd ff:ff:ff:ff:ff:ff pi@raspberrypi ~ $ sudo ip link set dev wlan0 up This is my /etc/network/interfaces file content and it is ok: auto lo iface lo inet loopback iface eth0 inet dhcp allow-hotplug wlan0 iface wlan0 inet manual wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf iface default inet dhcp and it is the /etc/wpa_supplicant/wpa_supplicant.conf that I think is ok (I did not change it compared to when it worked): ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev update_config=1 network={ ssid="MY-NETWORK" psk="mypassword" key_mgmt=WPA-PSK } and infact if I execute a network scan I correctly find MY-NETWORK in the network list,infact: pi@raspberrypi ~ $ sudo iwlist wlan0 scan | grep ESSID ESSID:"TeleTu_74888B0060AD" ESSID:"MY-NETWORK" ESSID:"FASTWEB-1-PT6NtjL4TOSe" ESSID:"DC" So I reboot the system and I remove the ethernet cable but when I try to connect again to my raspberry I obatin the following error message: andrea@andrea-virtual-machine:~$ sudo ssh [email protected] ssh: connect to host 192.168.1.9 port 22: No route to host It seems that it can't connect using wireless. What could be the problem? What am I missing? How can I solve this situation? Tnx

    Read the article

  • iptables 1.4 and passive FTP on custom port

    - by Cracky
    after the upgrade from debian squeeze to wheezy I've got a problem with passive FTP connection. I could narrow it to be iptables related, as I could connect via FTP w/o problems after adding my IP to the iptables ACCEPT rule. Before the upgrade I was able just to do modprobe nf_conntract_ftp ports=21332 and adding iptables -A THRU -p tcp --dport 21332 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT now..it doesn't help anymore. The INPUT rule is being triggered as I can see in the counter, but the directory listing is the last thing it does. Setting up a passive-port range is the last thing I want to do, I dislike open ports. I also tried the trick with helper mod by adding following rule before the actual rule for 21332 iptables -A THRU -p tcp -i eth0 --dport 21332 -m state --state NEW -m helper --helper ftp-21332 -j ACCEPT but it doesn't help and is even not being triggered according to counter. The rule in the next line (w/o helper) is being triggered.. here some info: # iptables --version iptables v1.4.14 # lsmod |grep nf_ nf_nat_ftp 12460 0 nf_nat 18242 1 nf_nat_ftp nf_conntrack_ftp 12605 1 nf_nat_ftp nf_conntrack_ipv4 14078 32 nf_nat nf_defrag_ipv4 12483 1 nf_conntrack_ipv4 nf_conntrack 52720 7 xt_state,nf_conntrack_ipv4,xt_conntrack,nf_conntrack_ftp,nf_nat,nf_nat_ftp,xt_helper # uname -a Linux loki 3.2.0-4-amd64 #1 SMP Debian 3.2.46-1 x86_64 GNU/Linux # iptables-save # Generated by iptables-save v1.4.14 on Sun Jun 30 03:54:28 2013 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :BLACKLIST - [0:0] :LOGDROP - [0:0] :SPAM - [0:0] :THRU - [0:0] :WEB - [0:0] :fail2ban-dovecot-pop3imap - [0:0] :fail2ban-pureftpd - [0:0] :fail2ban-ssh - [0:0] -A INPUT -p tcp -m multiport --dports 110,995,143,993 -j fail2ban-dovecot-pop3imap -A INPUT -p tcp -m multiport --dports 21,21332 -j fail2ban-pureftpd -A INPUT -p tcp -m multiport --dports 22 -j fail2ban-ssh -A INPUT -p tcp -m multiport --dports 110,995,143,993 -j fail2ban-dovecot-pop3imap -A INPUT -i lo -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP -A INPUT -i eth0 -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j DROP -A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,ACK FIN -j DROP -A INPUT -i eth0 -p tcp -m tcp --tcp-flags ACK,URG URG -j DROP -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -j BLACKLIST -A INPUT -j THRU -A INPUT -j LOGDROP -A OUTPUT -j ACCEPT -A OUTPUT -s 93.223.38.223/32 -j ACCEPT -A BLACKLIST -s 38.113.165.0/24 -j LOGDROP -A BLACKLIST -s 202.177.216.0/24 -j LOGDROP -A BLACKLIST -s 130.117.190.0/24 -j LOGDROP -A BLACKLIST -s 117.79.92.0/24 -j LOGDROP -A BLACKLIST -s 72.47.228.0/24 -j LOGDROP -A BLACKLIST -s 195.200.70.0/24 -j LOGDROP -A BLACKLIST -s 195.200.71.0/24 -j LOGDROP -A LOGDROP -m limit --limit 5/sec -j LOG --log-prefix drop_packet_ --log-level 7 -A LOGDROP -p tcp -m tcp --dport 25 -m limit --limit 2/sec -j LOG --log-prefix spam_blacklist --log-level 7 -A LOGDROP -p tcp -m tcp --dport 80 -m limit --limit 2/sec -j LOG --log-prefix web_blacklist --log-level 7 -A LOGDROP -p tcp -m tcp --dport 22 -m limit --limit 2/sec -j LOG --log-prefix ssh_blacklist --log-level 7 -A LOGDROP -j REJECT --reject-with icmp-host-prohibited -A THRU -p icmp -m limit --limit 1/sec -m icmp --icmp-type 8 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 25 -j ACCEPT -A THRU -i eth0 -p udp -m udp --dport 53 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 110 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 143 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 465 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 585 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 993 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 995 -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 2008 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 10011 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 21332 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A THRU -i eth0 -p tcp -m tcp --dport 30033 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT -A fail2ban-dovecot-pop3imap -j RETURN -A fail2ban-dovecot-pop3imap -j RETURN -A fail2ban-pureftpd -j RETURN -A fail2ban-pureftpd -j RETURN -A fail2ban-ssh -j RETURN -A fail2ban-ssh -j RETURN COMMIT # Completed on Sun Jun 30 03:54:28 2013 So, as I said, I have no problems with connecting when adding my IP to go through..but that's not a solution as noone except me can connect anymore~ If someone got an idea what the problem is, please help me! Thanks Cracky

    Read the article

  • Why am I unable to telnet to a local port that has a listening service?

    - by Skip Huffman
    I suspect this is either a very simple question, or a very complex one. I have a headless server running ubuntu 10.04 that I can ssh into. I have full root access to the system. I am trying to set up an ssh tunnel to allow me to vnc to the system (but that isn't my question. I have vnc running on port 5903, here is the netstat output for that: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5903 0.0.0.0:* LISTEN 7173/Xtightvnc tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 465/sshd But when I try to telnet to that port, from within the same system and login, I get unable to connect errors # telnet localhost 5903 Trying ::1... Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection timed out I am able to telnet to port 22 (as a verification) ~# telnet localhost 22 Trying ::1... Connected to localhost. Escape character is '^]'. SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu7 I have tried to open up any possible ports using ufw (probably clumsy fashion) # ufw status numbered Status: active To Action From -- ------ ---- [ 1] 5903 ALLOW IN Anywhere [ 2] 22 ALLOW IN Anywhere What else might be blocking this connection locally? Thank you, Edit: The only reference to port 5903 in iptable -L -n is this: Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5903 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5903 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:8080 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:8080 I can post the whole output if that will be useful. hosts.allow and hosts.deny both contain only comments. Re-Edit: Some other questions pointed me to nmap, so I ran a portscan through that utility: # nmap -v -sT localhost -p1-65535 Starting Nmap 5.00 ( http://nmap.org ) at 2011-11-09 09:58 PST NSE: Loaded 0 scripts for scanning. Warning: Hostname localhost resolves to 2 IPs. Using 127.0.0.1. Initiating Connect Scan at 09:58 Scanning localhost (127.0.0.1) [65535 ports] Discovered open port 22/tcp on 127.0.0.1 Connect Scan Timing: About 18.56% done; ETC: 10:01 (0:02:16 remaining) Connect Scan Timing: About 44.35% done; ETC: 10:00 (0:01:17 remaining) Completed Connect Scan at 10:00, 112.36s elapsed (65535 total ports) Host localhost (127.0.0.1) is up (0.00s latency). Interesting ports on localhost (127.0.0.1): Not shown: 65533 filtered ports PORT STATE SERVICE 22/tcp open ssh 80/tcp closed http Read data files from: /usr/share/nmap Nmap done: 1 IP address (1 host up) scanned in 112.43 seconds Raw packets sent: 0 (0B) | Rcvd: 0 (0B) I think this shows that 5903 is blocked somehow. Which I pretty much knew. The question remains what is blocking it and how to modify. Re-re-edit: To check Paul Lathrop's suggested answer, I first verified my ip address with ifconfig: eth0 Link encap:Ethernet HWaddr 02:16:3e:42:28:8f inet addr:10.0.10.3 Bcast:10.0.10.255 Mask:255.255.255.0 Then tried to telnet to 5903 from that address: # telnet 10.0.10.3 5903 Trying 10.0.10.3... telnet: Unable to connect to remote host: Connection timed out No luck. Re-re-re-re-edit: Ok, I think I have isolated it a bit to vncserver, not the firewall, darn it. I shut off vncserver and had netcat listen on port 5903. My vnc client then was able to establish a connnection and sit and wait for a response. Looks like I should be chasing a vnc problem. At least that is progress Thanks for the help

    Read the article

  • Can not open port 3306 on Ubuntu using iptables

    - by user94626
    I am trying to open port 3306 (for remote mysql connections) on my ubuntu 12.04 server machine but for the life of me can't get the damned thing to work! Here is what I did: 1) list current firewall rules: $> sudo iptables -nL -v output: Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 225 16984 fail2ban-ssh tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22 220 69605 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- lo * 0.0.0.0/0 127.0.0.0/8 reject-with icmp-port-unreachable 486 54824 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 19 988 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 4 208 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix "iptables denied: " 4 208 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 735 182K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fail2ban-ssh (1 references) pkts bytes target prot opt in out source destination 225 16984 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 2) try to connect from remote machine: $> mysql -u root -p -h x.x.x.x output: timeout.... failed to connect 3) try to add a new rule to iptables: iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT 4) make sure the new rule is added: $> sudo iptables -nL -v output: Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 359 25972 fail2ban-ssh tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 22 251 78665 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 0 0 REJECT all -- lo * 0.0.0.0/0 127.0.0.0/8 reject-with icmp-port-unreachable 628 64420 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 1 60 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 19 988 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 1 52 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 5 260 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 5/min burst 5 LOG flags 0 level 7 prefix "iptables denied: " 5 260 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 919 213K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain fail2ban-ssh (1 references) pkts bytes target prot opt in out source destination 359 25972 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 which appears to be the case (last line in "Chain INPUT" section). 5) try to connect again from remote machine: $> mysql -u root -p -h x.x.x.x output: timeout.... failed to connect which is failing again. 6) try to flush all rules: $> sudo iptables -F 7) this time I CAN CONNECT. 8) reboot server and try to connect, FAILURE. I suspect since the new rule is being appended at the end it will have no effect as there appears to be a "reject all" sort of rule before it. If this is the case, how to make sure the new rule is added in the right order? Otherwise, what am I missing? Please help.

    Read the article

  • Python CGI on Amazon AWS EC2 micro-instance -- a how-to!

    - by user595585
    How can you make an EC2 micro instance serve CGI scripts from lighthttpd? For instance Python CGI? Well, it took half a day, but I have gotten Python cgi running on a free Amazon AWS EC2 micro-instance, using the lighttpd server. I think it will help my fellow noobs to put all the steps in one place. Armed with the simple steps below, it will take you only 15 minutes to set things up! My question for the more experienced users reading this is: Are there any security flaws in what I've done? (See file and directory permissions.) Step 1: Start your EC2 instance and ssh into it. [Obviously, you'll need to sign up for Amazon EC2 and save your key pairs to a *.pem file. I won't go over this, as Amazon tells you how to do it.] Sign into your AWS account and start your EC2 instance. The web has tutorials on doing this. Notice that default instance-size that Amazon presents to you is "small." This is not "micro" and so it will cost you money. Be sure to manually choose "micro." (Micro instances are free only for the first year...) Find the public DNS code for your running instance. To do this, click on the instance in the top pane of the dashboard and you'll eventually see the "Public DNS" field populated in the bottom pane. (You may need to fiddle a bit.) The Public DNS looks something like: ec2-174-129-110-23.compute-1.amazonaws.com Start your Unix console program. (On Max OS X, it's called Terminal, and lives in the Applications - Utilities folder.) cd to the directory on your desktop system that has your *.pem file containing your AWS keypairs. ssh to your EC2 instance using a command like: ssh -i <<your *.pem filename>> ec2-user@<< Public DNS address >> So, for me, this was: ssh -i amzn_ec2_keypair.pem [email protected] Your EC2 instance should let you in. Step 2: Download lighttpd to your EC2 instance. To install lighttpd, you will need root access on your EC2 instance. The problem is: Amazon will not let you sign in as root. (Not straightforwardly, at least.) But there is a workaround. Type this command: sudo /bin/bash The system prompt-character will change from $ to #. We won't exit from "sudo" until the very last step in this whole process. Install the lighttpd application (version 1.4.28-1.3.amzn1 for me): yum install lighttpd Install the FastCGI libraries for lighttpd (not needed, but why not?): yum install lighttpd-fastcgi Test that your server is working: /etc/init.d/lighttpd start Step 3: Let the outside world see your server. If you now tried to hit your server from the browser on your desktop, it would fail. The reason: By default, Amazon AWS does not open any ports to your EC2 instance. So, you have to open the ports manually. Go to your EC2 dashboard in your desktop's browser. Click on "Security Groups" in the left pane. One or more security groups will appear in the upper right pane. Choose the one that was assigned to your EC2 instance when you launched your instance. A table called "Allowed Connections" will appear in the lower right pane. A pop-up menu will let you choose "HTTP" as the connection method. The other values in that line of the table should be: tcp, 80, 80, 0.0.0.0/0 Now hit your EC2 instance's server from the desktop in your browser. Use the Public DNS address that you used earlier to SSH in. You should see the lighttpd generic web page. If you don't, I can't help you because I am such a noob. :-( Step 4: Configure lighttpd to serve CGI. Back in the console program, cd to the configuration directory for lighttpd: cd /etc/lighttpd To enable CGI, you want to uncomment one line in the < modules.conf file. (I could have enabled Fast CGI, but baby steps are best!) You can do this with the "ed" editor as follows: ed modules.conf /include "conf.d\/cgi.conf"/ s/#// w q Create the directory where CGI programs will live. (The /etc/lighttpd/lighttpd.conf file determines where this will be.) We'll create our directory in the default location, so we don't have to do any editing of configuration files: cd /var/www/lighttpd mkdir cgi-bin chmod 755 cgi-bin Almost there! Of course you need to put a test CGI program into the cgi-bin directory. Here is one: cd cgi-bin ed a #!/usr/bin/python print "Content-type: text/html\n\n" print "<html><body>Hello, pyworld.</body></html>" . w hellopyworld.py q chmod 655 hellopyworld.py Restart your lighttpd server: /etc/init.d/lighttpd restart Test your CGI program. In your desktop's browser, hit this URL, substituting your EC2 instance's public DNS address: http://<<Public DNS>>/cgi-bin/hellopyworld.py For me, this was: http://ec2-174-129-110-23.compute-1.amazonaws.com/cgi-bin/hellopyworld.py Step 5: That's it! Clean up, and give thanks! To exit from the "sudo /bin/bash" command given earlier, type: exit Acknowledgements: Heaps of thanks to: wiki.vpslink.com/Install_and_Configure_lighttpd www.cyberciti.biz/tips/lighttpd-howto-setup-cgi-bin-access-for-perl-programs.html aws.typepad.com/aws/2010/06/building-three-tier-architectures-with-security-groups.html Good luck, amigos! I apologize for the non-traditional nature of this "question" but I have gotten so much help from Stackoverflow that I was eager to give something back.

    Read the article

  • How do I test OpenCL on GPU when logged in remotely on Mac?

    - by Christopher Bruns
    My OpenCL program can find the GPU device when I am logged in at the console, but not when I am logged in remotely with ssh. Further, if I run the program as root in the ssh session, the program can find the GPU. The computer is a Snow Leopard Mac with a GeForce 9400 GPU. If I run the program (see below) from the console or as root, the output is as follows (notice the "GeForce 9400" line): 2 devices found Device #0 name = GeForce 9400 Device #1 name = Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz but if it is just me, over ssh, there is no GeForce 9400 entry: 1 devices found Device #0 name = Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz I would like to test my code on the GPU without having to be root. Is that possible? Simplified GPU finding program below: #include <stdio.h> #include <OpenCL/opencl.h> int main(int argc, char** argv) { char dname[500]; size_t namesize; cl_device_id devices[10]; cl_uint num_devices; int d; clGetDeviceIDs(0, CL_DEVICE_TYPE_ALL, 10, devices, &num_devices); printf("%d devices found\n", num_devices); for (d = 0; d < num_devices; ++d) { clGetDeviceInfo(devices[d], CL_DEVICE_NAME, 500, dname, &namesize); printf("Device #%d name = %s\n", d, dname); } return 0; } EDIT: I found essentially the same question being asked on nvidia's forums. Unfortunately, the only answer was of the form "this is the wrong forum".

    Read the article

  • SVN checkout browser

    - by phazei
    I've been looking all over for a SVN browser. Now I'm not talking about anything like WebSVN or TRAC, I don't want to browse the repository; I want to browse the checkout. I'm looking for a program that lets me browse the checkout (working copy) and shows me the info I'd normally need to SSH for. So I could mark specific files or folders for some commit button, or see the status, or view a diff between the working and a prev version. Basically a web GUI for a svn checkout. A [windows] program that can let you work on a remote checkout as if it were local would also work. Currently I have a checkout on my server running under dev.mysite.com. I log in via ftp and edit and upload the files. I also keep SSH open so I can do a svn st to see what files I've worked on and to commit changes. I want to work on the files on the same environment so I can't simply use a local checkout. But I don't want to need to work via SSH. Are there any apps such as I described? Like a repo browser but for checkouts to do commits. Like WebTortoiseSVN or such. Thanks

    Read the article

< Previous Page | 89 90 91 92 93 94 95 96 97 98 99 100  | Next Page >