On Thursday 04 December 2008 04:21, Indunil Jayasooriya wrote:
Hi,
I know these are a few iptbales questions. NOT CentOS, anyway, I am
running a firewall on centos 5.x.
If you can response, it would be fine.
I want to add a SNAT rule for one user in LAN to access one particular
On Tuesday 02 December 2008 17:58, Alexander Farber wrote:
why does iptables-save print 2 numbers in square brackets?
Is it used for anything? Is it number of inspected packets
(and what's the other number then)?
It is packetand byte counters.
And what does *filter mean?
Not sure
--
On Thursday 23 October 2008 09:53, Chan Chung Hang Christopher wrote:
Try adding it manually to the iptables config.
# vim /etc/sysconfig/iptables
And then restart iptables.
Not recommended. Do 'service iptables save' as Filipe posted.
You will need to explain why this is 'Not
On Friday 10 October 2008 09:54, Rudi Ahlers wrote:
Hi all,
I'm looking for a good web based script / website that can do a full
ananlysis on DNS namservers.
Can someone please recommend something good to use?
Try this one;
http://www.checkdns.net/quickcheckdomainf.aspx
And if
On Tuesday 30 September 2008 05:32, Jim Wildman wrote:
On Tue, 30 Sep 2008, Marcelo M. Garcia wrote:
I have been using Nagios for monitoring the network and a few servers.
It works fine. It's not the easiest thing to get it working properly.
Regards
M.
Have not tried it,
On Tuesday 30 September 2008 01:15, Rudi Ahlers wrote:
Have you looked at Nagios or Groundwork? There are some howto's on
http://www.howtoforge.net
Was not aware of this site. Big Thnx!
--
Regards
Robert
It is not just an adventure.
It is my job!!
Linux User #296285
On Tuesday 30 September 2008 16:25, John R Pierce wrote:
Robert Spangler wrote:
This looks interesting. Will have to read up on it some.
Just wondering if I can configure it to allow many people to setup
monitoring different way on the same device?
nagios monitors are configured
Hello everyone,
While I know this isn't Centos related, you guys seems to be on top of your
game around here. Sorry for the off-topic.
I'm looking for a tool to monitor my servers and send either an email or page
or both when something breaks. I would like it to monitor all sorts of
On Friday 19 September 2008 23:38, David Petruzzella wrote:
Robert Spangler wrote:
On Tuesday 09 September 2008 18:53, nate wrote:
Robert Spangler wrote:
And yes I have eth0 up and running.
What network driver?
On-board port:
Ethernet controller: Marvell Technology
On Friday 12 September 2008 14:56, Robert Nichols wrote:
Josh Donovan wrote:
Robert Nichols wrote:
When I asked about a similar problem a while back, the
SELinux folks
told me that bind-chroot was not supported under SELinux
because
SELinux already provides better protection.
On Tuesday 09 September 2008 18:18, John R Pierce wrote:
Either way, ethtool should show you detected and current link states
on the connection ;
That is not always the case. I cannot get ethtool to work.
~ $ /sbin/ethtool eth0
Settings for eth0:
No data available
On Tuesday 09 September 2008 18:20, Les Mikesell wrote:
That is not always the case. I cannot get ethtool to work.
~ $ /sbin/ethtool eth0
Settings for eth0:
No data available
And yes I have eth0 up and running.
Does mii-tool work?
Nope. Don't understand why. Maybe a
On Tuesday 09 September 2008 18:53, nate wrote:
Robert Spangler wrote:
And yes I have eth0 up and running.
What network driver?
On-board port:
Ethernet controller: Marvell Technology Group Ltd. 88E8001 Gigabit Ethernet
Controller (rev 13)
Driver:
sk98lin
--
Regards
Robert
On Tuesday 09 September 2008 17:00, Scott Silva wrote:
Either way, ethtool should show you detected and current link states on
the connection ;
That is not always the case. I cannot get ethtool to work.
~ $ /sbin/ethtool eth0
Settings for eth0:
No data available
And yes I have eth0 up and
On Sunday 31 August 2008 22:31, Joseph L. Casale wrote:
We should be talking live. Why don't your join the #centos-social on
freenode so we can chat real time?
Robert,
Just got back from my trip and reading that Tutorial, it went on to state
what I now find to be two distinct
On Friday 29 August 2008 17:26, Joseph L. Casale wrote:
Where is the correct place to control what traffic is masq'ed out?
This is what I have, but I was told the Forward chain isn't the right
place to do this?
iptables -A POSTROUTING -t nat -o $WAN -j MASQUERADE
iptables -A FORWARD -i
On Friday 29 August 2008 17:52, Joseph L. Casale wrote:
Postrouting is the correct one. After everything is routed it is MASQ
before leaving the interface.
That makes sense, but I am stuck at making the transition, should I simply
pull the port specifications from my third line in the
On Friday 29 August 2008 18:38, Joseph L. Casale wrote:
No port or packet types are needed as everything needs to be MASQed.
Sorry, I wasn't clear. I only want ports 80/443 translated for internal
clients so I do need a rule of some sorts.
We should be talking live. Why don't your join
On Wednesday 27 August 2008 19:27, Joseph L. Casale wrote:
http://iptables.rlworkman.net/chunkyhtml/index.html
Nice doc, any ideas on how to print it (or many chapters easily) so I can
haul with me on my plane ride this weekend?
Nope, but I'm open to suggestions. :)
--
Regards
Robert
On Thursday 28 August 2008 05:50, Mark Quitoriano wrote:
hmmm... yeah i think is et everything to 300 which is not good. What
is the recommended TTL settings? some sites recommend 4 days some 1
hour.
On Thu, Aug 28, 2008 at 3:17 PM, Michel van Deventer
[EMAIL PROTECTED] wrote:
Hi,
On Thursday 10 July 2008 22:49, Filipe Brandenburger wrote:
Could you post /etc/sysconfig/iptables?
/etc/sysconfig/iptables doesn't necessarily reflect what is running
right now, and you can't include the counters with it.
I'm not interested in the counters I want to see how the rules
On Thursday 10 July 2008 18:08, MHR wrote:
In following up on the rsh problem I was having earlier, I decided
to try out the suggestion Felipe sent about using
system-config-securitylevel-tui to open up ports 513 and 514, but that
doesn't seem to do the job, either.
# iptables -L
On Saturday 14 June 2008 09:49, Joseph L. Casale wrote:
chkconfig iptables off
That was how I disabled it originally yet it was being started by
something else. jlc
Did you install another firewall front end? Something like Firestarter?
--
Regards
Robert
Smile... it increases your
On Tuesday 27 May 2008 20:19, MHR wrote:
On Tue, May 27, 2008 at 5:02 PM, Robert Spangler
[EMAIL PROTECTED] wrote:
Can I use one out of the Fedora's repos? If so, which repo?
You can just pull down the latest version from mozilla.org - they're
pretty good about compatibility. I'd
Can anyone tell me if there are plans to update Firefox to the new 3.0 for
Centos 4.5? Seems like only the 1.5 version has been placed in the repos and
I think it should be time for an upgrade.
If I'm looking in the wrong place let me know also. Thnx.
--
Regards
Robert
Smile... it
On Tuesday 27 May 2008 19:31, Stephen John Smoogen wrote:
On Tue, May 27, 2008 at 5:22 PM, Robert Spangler
[EMAIL PROTECTED] wrote:
Can anyone tell me if there are plans to update Firefox to the new 3.0
for Centos 4.5? Seems like only the 1.5 version has been placed in the
repos
On Friday 23 May 2008 11:03, Fajar Priyanto wrote:
On Thursday 22 May 2008 22:30:29 Joseph L. Casale wrote:
I have a dual homed server in an install for someone who is very cost
sensitive. This server originally is being setup as an Asterisk server,
but now the simplest thing for me to
On Friday 23 May 2008 21:31, Fajar Priyanto wrote:
Actually I have written a small tutorial on iptables, but I haven't
translated it into english. I'll let you know when it's done. Hopefully it
will be useful for others.
Please have someone, or for that matter a few people, who have a good
On Saturday 17 May 2008 08:12, B.J. McClure wrote:
I had a similar situation on CentOS 4.x and on 5.0, different boxes. In
both cases it was resolved by replacing a bad stick of RAM. If the box
can be off line I would suggest a 24 hour run of memtest. On my systems
it only occurred
On Thursday 15 May 2008 21:51, Karanbir Singh wrote:
Hi Robert,
Robert Spangler wrote:
For some reason at different times Centos will freeze and not allow me
to do anything. This doesn't happen while I'm working on the system but
after I have locked my session and then return
Hello,
For some reason at different times Centos will freeze and not allow me to do
anything. This doesn't happen while I'm working on the system but after I
have locked my session and then return. It could goes days without a lockup
and then the next time I try to log in it'll be frozen.
I
On Monday 28 April 2008 10:47, Philip R. Schaffner wrote:
For relatively simple situations Firestarter may be worth a look as a
GUI front end:
http://www.fs-security.com/
There is an EL4 binary version on the above site, but it builds OK from
SRPM on CentOS-5:
On Saturday 26 April 2008 09:05, Anne Wilson wrote:
Bringing up interface borg2: RTNETLINK answers: File exists
Error adding address 192.168.0.40 for eth0.
but ifconfig shows the correct address for eth0.
Apr 26 11:11:52 borg2 automount[2547]:
On Saturday 26 April 2008 10:19, Anne Wilson wrote:
On Saturday 26 April 2008 14:29, Robert Spangler wrote:
This is a firewall issue. If I turn off the firewall everything
works. NFS and SMB are marked as trusted services, but it seems
that is not enough. Which ports need
Hello,
For some reason KMail is all but coming to a stand still when I open messages
with any kind of signature. So I goto the configuration page of KMail
Security Crypo Back ends and I see nothing is checked off. So I hit rescan
and get the error that is listed in the attachment. Anyone
On Thursday 24 April 2008 14:07, Anne Wilson wrote:
On Thursday 24 April 2008 18:58:24 Anne Wilson wrote:
On Thursday 24 April 2008 18:45:40 Robert Spangler wrote:
Hello,
For some reason KMail is all but coming to a stand still when I open
messages with any kind of signature
On Tuesday 22 April 2008 01:49, gopinath wrote:
if i run ifconfig it displays the eth0 its ip and Hwaddress
if i boot to Centos 5.1 or Redhat 7.3 the pc is able to communicated to
everyone on the networks.
Please help me out.
How about check the configs against one another on all 3
On Friday 18 April 2008 12:23, Masry Alex wrote:
#that's what the mentioned article suggested..I'm not sure it's working!
*raw
-A PREROUTING -p tcp -m tcp --dport 80 -j NOTRACK
Do you have a chain called NOTRACK? What is setup under it?
COMMIT
*filter
-A INPUT -i lo -j ACCEPT
-A
On Wednesday 26 March 2008 07:31, Kai Schaetzl wrote:
The idea of only allowing for strict ip address is good but what if you
are on the move?
If you have a static IP address, this is not a problem. You VPN into your
home LAN and from there to the restricted machine.
If you are going
On Tuesday 25 March 2008 12:55, Rudi Ahlers wrote:
Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I
think the second I opened it every sorry monkey from around the world
has been trying every account name imaginable to get into the system.
On Thursday 20 March 2008 21:24, Akemi Yagi wrote:
I see in the repo there are some printer drivers like foomatic and
hpijs. I'm just wondering if there are plans to also include hplip in
the future?
hplip is included in CentOS-5 but not in CentOS-4.
Any plans to port to CentOS-4?
Hello,
I see in the repo there are some printer drivers like foomatic and hpijs.
I'm just wondering if there are plans to also include hplip in the future?
--
Regards
Robert
Smile... it increases your face value!
Linux User #296285
http://counter.li.org
On Saturday 15 March 2008 01:14, Niki Kovacs wrote:
Check out this site. It's a tutorial fro IPTables.
http://iptables.rlworkman.net/chunkyhtml/index.html
Funny you send me this link. I know Robbie Workman as an ex-fellow
Slackware user.
And I also know some basic iptables (no
On Friday 14 March 2008 12:32, Niki Kovacs wrote:
Right now, on one of my desktops, I've installed AMSN, which requires
opening a series of ports. I've configured the app to use ports 7000 to
7010 (TCP and UDP). When running system-config-securitylevel-tui, the
last line enables to define
Hi,
Anyone have this type of monitor hooked up and running? Any issues that I
should be aware of?
I've hooked this monitor up to my system. I have a Nvidia card FX550 with
256MB Ram. I haven't done anything special with it, still learning the in's
and out's of the monitor. So far so
On Saturday 23 February 2008 17:07, scaglietti amore wrote:
i have CentOS-5.1 with samba-3.0.25b-0.el5.4
and i took this workin well smb.conf from slackware12
What not just use SWAT to configure your samba settings?
--
Regards
Robert
Smile... it increases your face value!
Linux User
On Monday 18 February 2008 08:20, Jerry Geis wrote:
Typically I dont have issues with configuring X. However this time its
an issue.
I have an NVIDIA graphics card trying to do 1920x1080.
If I configure the screen by hand with the nvidia config utility it
works at 1920x1080.
Hi,
I seem to not be able to connect to the folding site and receive new work.
Anyone else having this issue? Port 8080 is open as well as the other web
ports on the firewall. I can ping the host but get nothing when I open a web
browser to it.
Anyone else having the same issues? Where
On Tuesday 05 February 2008 12:00, Ray Van Dolson wrote:
iptables -A OUTPUT -p tcp --dport 80 -j LOG --log-prefix WWW
I was thinking more along these lines for a rule:
iptables -A OUTPUT -p tcp --dport 80 -m state --state NEW -j LOG --log-prefix
[WWW] : --log-tcp-options --log-ip-options
On Sunday 20 January 2008 13:11, Robert Spangler wrote:
I want to use UP2DATE to alert me to updates that are available but still
use yum to make the update. Up2date alerts me and i see what is available
and then update with yum. Up2date icon still shows updates are available.
How can I
On Wednesday 23 January 2008 06:25, Tolun ARDAHANLI wrote:
in our server we dont have iptables command! and i am trying to install
it with that
yum -y install iptables
after this command it says that ...nothings to do. Do you have any
suggestion for installing the iptables?
thanks a
On Wednesday 23 January 2008 17:58, John R Pierce wrote:
It is most likely installed as this is default unless you tell the
install program not to install it.
To start IPTALBES:
service iptables start
To ensure it starts all the time on reboot:
chkconf --level
Hi all,
I want to use UP2DATE to alert me to updates that are available but still use
yum to make the update. Up2date alerts me and i see what is available and
then update with yum. Up2date icon still shows updates are available. How
can I get up2date to know that the system has been
On Wednesday 16 January 2008 09:14, ann kok wrote:
ICMP: 62.x.x.x: Source Route Failed
Literally, it means that you send packet with IP source and record route
option it was routed via router 62.x.x.x and was rejected by it.
ICMP reason subcode 0x5, used with ICMP reason code 0x3 to explain
On Friday 18 January 2008 17:57, Joe Greenseid wrote:
Can anyone explain the following behavior to me?
What does your resolve.conf and hosts look like?
--
Regards
Robert
Smile... it increases your face value!
Linux User #296285
http://counter.li.org
On Mon December 31 2007 07:58, Robert Moskowitz wrote:
Full discloser time. My day job is with ICSAlabs. My area is security
protocols research (like setttin up the initial IPsec certification
criteria), but when I visit the labs there are all those firewall
products up and running
On Fri November 16 2007 06:06, James Pearson wrote:
Might have to walk down this same path Thnx for all your help and time.
The 32 bit kernel support for playback on 64 bit machines for older 2.6
kernels (including the RHEL4/CentOS4 kernel) didn't work properly until
ALSA 1.0.15.
On Thu November 15 2007 06:04, James Pearson wrote:
If you have a 64 bit distro installed, then aplay will be 64 bit -
running:
file `which aplay`
Nope, but rpm -qa | grep alsa-util told me that I have the 64bit installed,
which by the way does work fine.
should confirm this. To run
On Mon November 12 2007 15:54, James Pearson wrote:
On 12/11/2007, Robert Spangler [EMAIL PROTECTED] wrote:
On Mon November 12 2007 13:30, Ross S. W. Walker wrote:
Robert Spangler wrote:
Hello everyone,
I run a 64bit system here and install flash plugins
On Wed November 14 2007 14:41, James A. Peltier wrote:
Completely off topic, but I'm sure someone out there is using scripts
that require a sudo password of some sort, so I'll ask.
What are people doing to automate tasks that required sudo passwords in
order to run? sudo without a
Hello everyone,
I run a 64bit system here and install flash plugins for firefox using
nspluginwrapper. I get the movies but there is no sound.
Flashplayer is: flash-plugin-9.0.48.0-release.i386.rpm
nspluginwrappers are: nspluginwrapper-0.9.91.5-1.x86_64.rpm
On Mon November 12 2007 12:28, Shibu C Varughese wrote:
Robert Spangler wrote:
Hello everyone,
I run a 64bit system here and install flash plugins for firefox using
nspluginwrapper. I get the movies but there is no sound.
Just check if the user is added to the audio
On Mon November 12 2007 13:30, Ross S. W. Walker wrote:
Robert Spangler wrote:
Hello everyone,
I run a 64bit system here and install flash plugins for
firefox using
nspluginwrapper. I get the movies but there is no sound.
Make sure the 32-bit alsa-lib is installed.
alsa
On Sat November 10 2007 09:34, Paul wrote:
Unfortunately, at least here in France there's no ing way to have a
laptop without Microsoft Windows installed. I'm 100% GNU/Linux since
2001 or so, but I must have paid for five or six licenses since.
I thought that I read that someplace
On Mon October 15 2007 13:13, Jim Perrin wrote:
On 10/15/07, Akemi Yagi [EMAIL PROTECTED] wrote:
Well ... that SMP appears in uname -a even on a single-cpu system.
Oops :-P
I've only got multi-cpu systems these days and didn't test it out in a
vm. Glad to see you're keeping me
On Fri September 21 2007 18:50, Craig White wrote:
[EMAIL PROTECTED] etc]# kill 26598
[EMAIL PROTECTED] etc]# service named restart
Stopping named:[FAILED]
Starting named:[ OK ]
After you have
On Thu August 30 2007 00:08, William Warren wrote:
easier waylog in as root and type the word free to get a much
slimmer version of that information. If the numbers look odd(after
posting them here) then the more expansive option below is needed.
You don't need to log in as root to
On Tue August 28 2007 12:27, Dave wrote:
Hello,
I'm setting up a centos5 router for a friend. It will direct traffic
to an internal webserver, already in place, as well as run squid proxy. It
should do nat and have a firewall with iptables. I've set up routers before
for this purpose
On Fri August 17 2007 09:16, Ray Leventhal wrote:
As this remains an issue for me, I'm reposting. Please forgive the
redundancy, but I've been unable to find the answer and am hoping for some
guidance.
OK, are you running named in a chroot env?
On Fri August 3 2007 23:13, [EMAIL PROTECTED] wrote:
I've a new CentOS 5 minimalist install; this will be the name server
from my prior thread. I have configured eth0 during setup with the
static IP the unit will have when in production. During this setup
phase, selinux is set to
On Thu July 5 2007 06:29, Indunil Jayasooriya wrote:
[EMAIL PROTECTED] master]# cat example77.com.zone
$TTL86400
@ IN SOA gateway.example77.com. root.example77.com. (
2006101604 ; Serial
1800 ; Refresh
101 - 171 of 171 matches
Mail list logo