CentOS 5 :: Reject-with Tcp-reset In OUTPUT Chain With Kernel 164.x
Nov 6, 2009
I usually have something like
iptables -A OUTPUT -p tcp --dport 113 -j REJECT --reject-with tcp-reset
in my firewall near the top, as I dont want the servers to generate ident requests and I don't want services (mail and ftp...) stalling when waiting for ident replies on clients with ident port filtered. This worked fine until the 164 kernel series.
Tested both 2.6.18-164.2.1.el5 and 2.6.18-164.6.1.el5. The rule gets matched, but the rst is never returned to the application so it stalls in every case. Booted back to 2.6.18-128.1.10.el5 and it works like a charm. I see no netfilter related patches in the 164 series that weren't present in 128.
View 3 Replies
ADVERTISEMENT
Feb 28, 2011
whats the different between Chain RH-Firewall-1-INPUT (2 references) and Chain INPUT (policy ACCEPT)?
View 1 Replies
View Related
Aug 21, 2010
trying to install the wi-fi drivers for RaLink rt3090. How can I reset the kernel modules to default so I can try again?
View 3 Replies
View Related
Nov 4, 2010
This is just a nit, but I have noticed that whenever the kernel is updated, the background picture that I have set up for the login screen seems to be reset to "default_blue". No other setting seems to be disturbed.
After each update, I have to go into Configure Desktop->Login manager and set my background picture again. Why is this happening? Is there a way to fix this?
I am running Suse 11.3, KDE v4.4.4.
View 4 Replies
View Related
Oct 7, 2010
I have a lost password on an Intel DG33TL motherboard which I guess is only resetable by shorting the right jumpers on the board. I have two questions regarding that:
1- Is there any way I can reset the CMOS password through the CentOS? Or is that a thing of old motherboards where one could reset them through the OS?
2- Currently I have two hard drives installed in Raid1 (mirroring each other) through the motherboard RAID (not the through any RAID card or through CentOS). RAID was made prior to installing CentOS. So, would resetting the jumper mess up the whole RAID? I don't want trouble and I can leave without the password but it's good to know if need arises.
View 1 Replies
View Related
Jul 18, 2011
after the 5.6 update I started loosing the connection to my router. Having had issues with routers before I assumed that the router was on its way out. However I happended to have a laptop handy the other day and thought I would give it a try (after eth0 went down), router was fine(same cable too). I have tried bringing eth0 up/down (gui and ifdown/ifup) and restarted the network(gui and cli) but it will not get an ip(as I recall it does recognize that the cable is connected). If I do a reboot, eth0 comes up immediately. The log just shows repeated dhcp requests. I tried a dhclient -r but it errors out with no link found. It has been doing this since 5.6 came out (roughly once a day) so I THINK that it is not a hardware issue(should have died completely by now if it was). PSU voltages show stable and unchanged. It does use the forcedeath driver. 5.6-64bit fully updated.
View 9 Replies
View Related
Mar 6, 2009
How do I set my centos system to the configuration it had directly after the installation? Because there are so many messed up tings on here right now, firefox will only work with my proxy server if I put its IP directly into firefox but not if I put its IP into the system proxy settings and then point firefox at that. httpd refuses to serve up any kind of documen apart from the test page randomly and even then I sometimes get a 403 error. Seriously is this the normal practice for setting up a LAMP server???
View 7 Replies
View Related
Nov 4, 2009
I have a Centos 5.3 desktop that I have a development board connected via a serial connection to. The permissions on /dev/ttyS0 are currently set
crw--w---- 1 root root 4, 64 Nov 4 13:56 ttyS0
I have changed them so that they read
crw-rw---- 1 root uucp 4, 64 Nov 4 13:56 ttyS0
But every time I initialize the dev board the permissions switch back to the original state. I have found lots about preventing the permissions switching back upon reboot but that doesn't appear to be the problem.
View 5 Replies
View Related
Nov 5, 2009
I have messed around with yum config files & my system is not updating anymore! is there is a way to reset yum configuration to its default?
View 4 Replies
View Related
Jun 2, 2011
I have to recover / reset root password. I do not have the 5.3 cd, can I boot with the CentOS-5.6-i386-LiveCD.iso [URL] and follow the recovery procedure outlined below [URL]
View 3 Replies
View Related
Jun 3, 2011
I'm unable to reset using either the reset option in gnome shell or the command using a terminal. When I select it the shell exits and displays the graphic "exploding" and then it just sits there. Shutdown works fine; just no reset. Any ideas? I've installed from the DVD. I booted the live CD and it resets just fine so I know it's no my hardware
View 1 Replies
View Related
Oct 20, 2009
Can someone assist me with recovering/resetting the password for Root via Single User Mode in CentOS v5? I've modified the kernel line using Single, S, and 1 but it appears that these commands are being totally ignored as the server continues with the boot process and displays the GUI logon screen. The server in question is a VM box running on ESX v3.5 U4. The person that created this VM is no longer employed here and I've exhausted everything I know regarding Single User Mode.
View 12 Replies
View Related
Jan 21, 2011
when I was updating my Ubuntu, the Linux kernel images were also updated (to 2.6.35-x), and the one I was using was removed (2.6.32-x). Since then, none of the 2.6.35-x kernels boot at all. I have upgraded several times, and now have installed 2.6.35-23-generic and 2.6.35-24-generic. Neither boots. I am running 2.6.32-24-generic, but there are no sources or headers for that. I even compiled 2.6.35-7 and 2.6.36, but neither worked either.
After I select the kernel in Grub, the screen goes blank, my hard drive spins a few times, and the screen stays blank, until finally the computer just shuts off. I tried running one of those kernels, and then booting normally after that failed, and looked at /var/log/kern.log. I saw messages from the last time I booted using 2.6.32-24-generic, and messages from when I booted just now (identified by the timestamps), but I could see no messages that took place in between, when the nonfunctional kernel should have been loading.
I really don't know what other information to add. I am running Ubuntu 10.10 on a Toshiba Satellite A215-S7411. The hard drive is an external hard drive connected with a USB Y cable. like VirtualBox, do not run without having the drivers compiled, and to compile them, I need the kernel headers, which I don't have and are not available in the repositories.
View 4 Replies
View Related
Jun 26, 2010
I'm using postfix on Ubuntu 9.10 and all I need is to occasionally send automated emails from perl or php scripts when data processing errors occur. In other words, I want to reject any connection attempts from remote clients and otherwise allow nothing except outgoing emails from one particular account.f I add this line to the default main.cf, will it do the trick or is it more complicated?
Code:
smtpd_sender_restrictions reject
View 3 Replies
View Related
Apr 27, 2010
I've been trying to configure sendmail so that it rejects emails based upon a specific string in the msgid. But after reading through the documentation on sendmail.org and doing an internet search.
View 3 Replies
View Related
Nov 17, 2008
I would like to set my postfix to reject any numeric domains. I am seeing in my mail queue mail from domains like 2212.com, 263.com, 29.com and others. Because there is a variety of these, I don't want to track each of them and block them one by one. What do I need to put in my access file to reject any numeric domain? Is it possible to have a numeric wild-card reject in the access db?
View 1 Replies
View Related
Aug 4, 2009
I encountered a problem when send dbus method call message.Program A which runs as root user provides system-wide dbus service interfaces.When another program B with root permission send method call message to A,It received the error info:Error org.freedesktop.DBus.Error.AccessDenied: Rejected send message, 1 matched rules; type="method_call", sender=":1.41" (uid=0 pid=3397 comm="dbus-send --system --print-reply --type=method_cal") ...But when I run prgram B in generic user permission,localmachine for example,it success to send message.It confused me all the day.
View 2 Replies
View Related
Jun 11, 2011
I configured the server freeradius with mysql and I think I configured well freeradius and mysql but when I m testing my configuration with:
radtest nezar azerty 127.0.0.1 0 azerty1234
I have always:
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=108, length=20
View 1 Replies
View Related
Feb 6, 2011
I was trying to install and configure freeradius server in centos 5.5 .I installed freeradius 2.1.7. I added a sigle line at the top of the users file like this. bob Cleartext-Password := "hello". when I tried to test using radtest command (radtest bob hello 127.0.0.1 0 testing123).but Igot access-reject mesage from radius server. first I was trying on the same pc with defferent terminal. I serched and tried lot of options but all the time I got the same access reject message. I put debug message in debug site. I can see lot of users posted the same error message in many forums. But I cant find any solutions. I installed ntradping in my laptop and tried but same error. Delaying reject of request 0 for 1 seconds. Going to the next request. Waking up in 0.9 seconds. Sending delayed reject for request 0. Sending Access-Reject of id 16 to 10.10.204.73 port 1619. Waking up in 4.9 seconds. Cleaning up request 0 ID 16 with timestamp +3. Ready to process requests.
View 2 Replies
View Related
Jan 13, 2011
When deleting a rule, when is better to use DROP instead of REJECT and vice versa? Also, please provide some basic info. for the use of MASQUERADE??
View 3 Replies
View Related
Mar 22, 2011
I have configured a sendmail MTA for incoming mails in a network and by using IPtables i have redirected the traffic internally to other port where one more SMTP by a application is running.Iptables rule:iptables -A INPUT -i eth0 -p tcp --dport 25 -j ACCEPTiptables -A PREROUTING -t nat -i eth0 -p tcp --dport 25 -j REDIRECT --to-port 25000My sendmail config is as below.
Sendmail.mc
define(`SMART_HOST', `relay:host.subdomain.mydomain.com')dnl
dnl # define(`RELAY_MAILER',`esmtp')dnl
[code]...
View 11 Replies
View Related
Sep 27, 2009
after update to kernel-2.6.18-164.el5 one of the 2 NIC's of my machine are only found at 1 of 4 reboots. Using the old one kernel-2.6.18-128.7.1.el5 all is fine. This are the to NIC's:
00:0a.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ (rev 10)
00:0b.0 Ethernet controller: Intel Corporation 82557/8/9/0/1 Ethernet Pro 100 (rev 0c)
And the Intel one, makes the problems with the new kernel.
View 8 Replies
View Related
Nov 6, 2009
I compiled my kernel, compiled scsi support into kernel, used the new kernel and initrd, the boot failed.Then ,i unzip my initrd, found that sd_mod.ko can't be insert, i added it manual, and reboot OK.so, why! in the kernel configure , the sd_mod.ko is set to <M> , but why it can't be found in initrd?
View 1 Replies
View Related
May 29, 2010
The server runs# uname -r2.6.18-128.4.1.el5However, today I executed yum update kernel*due to security advisory. I was just about to reboot the system when I realized that it runs VMWare Server Instance that will most likely fail to restart after kernel upgrade (I had a hard time fixing it after previous kernel update). Now I want to keep 2.6.18-128.4.1.el5 after reboot.I see that new kernel is scheduled for booting:
# cat /etc/grub.conf
default=0
timeout=20
[code]....
View 10 Replies
View Related
Apr 4, 2010
a good IPTABLES protocol to reject all incoming ssh trafiic except for a single IP or IP range?
View 4 Replies
View Related
Aug 13, 2010
I am trying to get the talked about Unity netbook shell through my Lucid installation. When i add the repository Code: ppa:canonical-dx-team/une i am offered a list of packages for upgrade which system says is also a partial upgrade. I know i should not be accepting a partial upgrade since it runs the risk of breaking my Lucid install itself - so i have not. How do i not reject these partial upgrades due to the repo addition & still install Unity?
View 3 Replies
View Related
Apr 15, 2011
I understand the difference between Reject vs Drop for incoming traffic, but are there any differences between reject and drop for Outbound Traffic? Are there reasons to pick one over the other or are they functionally identical when talking about Outbound traffic?
View 6 Replies
View Related
Sep 23, 2009
I have 4 Dell R200's with Seagate 2x250Gb drives running software raid on CentOS 5.2 kernal 2.6.18-92.1.13.el5. They all get these errors 5-10 times a day and when the errors occure the servers apear to freeze and drop all network connections, very frustrating. I've updated to smartmontools 1:5.38-2.el5 and confirmed with Seagate that I have the latest drive firmware, and am now at a loss as to how to fix this. All of the systems report the problem only on sda not sdb.
[code]...
View 9 Replies
View Related
Oct 31, 2009
I'm running CentOS 5.3 and would like to know what the "best" or "proper" method is to build a custom kernel using the generic kernel sources from kernel.org. Most of the references I've found talk about modifying the current CentOS kernel using the RPM way. I really want to have the latest kernel due to some important security issues that haven't been addressed in the current CentOS 5.3 kernel.
View 6 Replies
View Related
Jul 30, 2010
I have a mail server taking care of mail for my 4 domains; the first is used for virtually all mail, the second rarely used anymore, the third is virtually 100% spam the past year(?), and the fourth isn't in use (and never has been, so no spam). What I'd like to do is to reject all mail to the third domain. Right now this is what I get (I tried to send to a nonexistent address from gmail):
[code]....
Since my username (xyz@) is the same for all domains, I could (or so I hope) change the reject message to give a hint to replace [URL] with [URL] and try again.
View 2 Replies
View Related
