Re: Please Need Help ...... :(
Hi Sorry not going to answer the question you asked but have worked on this type of solution many times. The problem is your redirects if a virus gets on the network it will clobber the server as it tries to get outside. All the client MS updates is over HTTP that will clobber it. You need to limit the number of simultaneous connections per client. That is only allow 5 connections to be redirected to the web app in say 30 seconds. Else no matter what horse power you put behind it will always be effected by DoS attacks. I don't think cisco routers are that clever. You can do this the cheap way and get the HTTP_REQUESTER IP stick em in a hashtable with a datestamp. But this is just a patch not a fix. Because it can still be used to clobber the server. I don't work for zeus and have only played with there VMWare stuff but you may wanna try zeus.co.uk and use that to load balance and do URL filtering. It can do fancy stuff with URLs and DNS. F5 is another one. Regards On Mon, 2008-03-24 at 19:00 +0530, karthikn wrote: Hi Thnx for the initial Reply The Life Cycle for the WIFI custom web application for AAA is as follows. 1) User Types www.xyz.com 2) CISCO ROUTER Intercepts this requests and reroutes to a WEB container as http://IP:PORT or http://IP Only for AAA to be processed. [ Note: CISCO Router API's can only redirect any http requests to specific IP / Port and not a web application hosted on the IP as http://IP:PORT/AAAprocess ] 3) AAA processing is done in the WEB container by the application hosted as ROOT ( Replaced original ROOT with custom web application ) by default. 4) Once the AAA is processed, we redirect the user to a new Window of the browser and allow the user to the pge requested for Originally (www.xyz.com). Problem Load on this single TOMCAT is building up the CPU for 100% ,as the subscribers are increasing. Solution We need to bring in the Load Balancer with Multiple TOMCAT /APACHE2.x server. Hence we need multiple TOMCAT with ROOT being able to configure to a APCHE 2X http server. Is this possible ? with regards Karthik - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
FYI tomcat 100% load SSL
For those of you who ever have this problem Symptoms 1) Cannot connect to tomcat after a period of time 2) Heavy load on startup 3) Various strangeness with SSL certs e.g. WEB browsers reject certs/incomplete TLS handshake Observed case Tomcat version we tried jakarta-tomcat-5.0.12 and jakarta-tomcat-5.5.17 we are using openssl to generate certs. OS is linux 2.6.17 (Newest) on our own distribution. After reboot tomcat works fine modprobe random and we cannot connect to tomcat on SSL ports and the load goes high. We dont know where the problem lies i.e. in kernel/distro/tomcat/java but one check you might think of taking if you see similar difficulties. Is to reboot without random module or rmmod and restart tomcat. We also tried 1.4 to 1.5_02 1.5_06 and still the same problem. Sorry I cant be more specific but I am behind my deadline and its working now. So no more /dev/random for this release. Been at this for a few days. - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: BOOBIES!
Yes I agree 100% please ensure as we live in the age of equality to use Subject WILLIES in your post. On Fri, 2006-07-21 at 14:09 -0400, Mike Wannamaker wrote: I believe the subject was posted under different subject heading with no response and he's trying to get people looking at it, which I'm sure he will now. That said, some proper netiquette is appreciated in forums. I believe that I'm doing something similar, but using a different approach. I too want to have some common resources that all webapps use. To do this I'm installing my own FileDirContext for web apps which I inject what we call aliases. IE: /basefiles = /home/tomcat/basefiles Thus when someone in the webapp makes a request for /basefiles/common.css it looks it up in /home/tomcat/basefiles, which is outside of any web app context. Is this what you want to do? Mike Wannamaker -Original Message- From: Mead, Jennifer L - VSCM [mailto:[EMAIL PROTECTED] Sent: July 21, 2006 2:01 PM To: Tomcat Users List Subject: RE: BOOBIES! Could this person (inject other undesirable word) please consider the fact that women are in the user's group also. Jennifer -Original Message- From: Harris, Thomas [mailto:[EMAIL PROTECTED] Sent: Friday, July 21, 2006 10:59 AM To: users@tomcat.apache.org Subject: BOOBIES! I have been trying to determine how to configure Tomcat 5.5.17 to have a shared appBase on multiple webapps, but have a different set of JSPs for each web app. I've followed the Wiki's CreateVirtualHosts page to configure multiple webapps that use exactly the same WAR file. But, I would like to share the Java, but supply a different docBase for each site. Is this possible? Reference: http://wiki.apache.org/tomcat/CreateVirtualHosts Thanks! Tom Harris This communication is intended solely for the addressee and is confidential and not for third party unauthorized distribution - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] additional commands, e-mail: [EMAIL PROTECTED] - To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat and iptables?
Add in the follow iptables -A INPUT -j LOG iptables -A OUTPUT -j LOG Then do dmesg -c 2 /dev/null; Now do a shutdown then dmesg | grep 127.0.0.1 or just dmesg if you are running a cluster What ever comes out is what you are blocking on the local machine I would suggest you do iptables -I INPUT 1 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT iptables -I OUTPUT 1 -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT This will allow all internal traffic On Fri, 2005-12-16 at 19:05 +0100, Sebastian Funk wrote: Hi, On Dec 16, 2005, at 6:18 PM, Martin Gainty wrote: Sebastian- send us the logs specifically stdout_MMDD.log Martin- Sorry, but I've got nothing named stdout*.log. Where should that be? - Original Message - From: Sebastian Funk [EMAIL PROTECTED] To: Tomcat Users List users@tomcat.apache.org Sent: Friday, December 16, 2005 11:52 AM Subject: Re: Tomcat and iptables? Hi, Thanks to all, now I entered the ports 8082, 8009, 8443 and 8005 (for shutdown) and now Tomcat works, but I can't shutdown. There comes as usual: Using CATALINA_BASE: /home/tomcat/tomcat Using CATALINA_HOME: /home/tomcat/tomcat Using CATALINA_TMPDIR: /home/tomcat/tomcat/temp Using JRE_HOME: /usr/lib/jdk but then nothing happens, and I get no prompt back. Did I miss a port? Best Regards, Sebastian Funk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]