Networking :: Whitelisting Specific Domain For RDNS?
Feb 21, 2010
I use the DynDNS service to keep track of my home server IP. The problem here is that when I try to access my web server via my domain name, the connection is refused. If I first obtain the ip adress (via nslookup), I can get access. I checked the reverse dns lookup and the results dont match. Perhaps this can be a problem browsing. Does the browser or the OS perform the rdns check? Is there a way to whitelist some specific domain in order to skip that check, so I dont have to find out the IP address every time i want to access my home server.
View 1 Replies
ADVERTISEMENT
Jul 6, 2011
I'm having some issues settings up a transparent proxy server, which should allow only regular web browsing (port 80), any other port (including HTTPS (443)) has to be blocked, as well as any other port. Right now, I'm using Debian 6 and Squid3. The server only has one NIC. The topology is like this:
Clients <-> Proxy Server + DHCP Server <-> Internet
With this setup, the network does have internet access and the websites I whitelisted are the only ones accesible via browser, however port block is not working, every port is open, hence why trying to access blacklisted websites through HTTPS is possible. Seems to me Squid3 is doing it's job fine, however IPTABLES for some reason seems to be redirecting all the trafic to port 3128 (Squid3 port). I could be wrong, but I've been unable to do anything related to ports with squid3 (either whitelisting or blacklisting).
For Iptables I used:
Code:
iptables -A PREROUTING -t nat -i eth0 -p tcp -j REDIRECT --dport 80 --to-port 3128
iptables -A INPUT -i eth0 -m tcp -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -m tcp -p tcp --dport 3128 -j ACCEPT
iptables -A INPUT -i eth0 -m tcp -p tcp --dport 443 -j DROP
Squid3 config:
Code:
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
acl Safe_ports port 80 # http
acl whitelist dstdomain "/etc/squid3/whitelist"
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny !whitelist
http_access allow localhost
http_access allow all
http_port 3128 intercept
hierarchy_stoplist cgi-bin
View 2 Replies
View Related
Aug 24, 2009
I'm having an issue with an e-mail server (with an IP of 10.10.0.1) which is behind NAT (Cisco ASA) which in turn of course has it's own external IP (let's say - IP 10.10.0.100). Both IPs are public.Now, if i wanted to set up a correct RDNS configuration for my domain, what should be the IP address entry for the PTR record in this case?
I know this is strictly network configuration related question (not Linux, or CentOS for that matter), but I wouldn't be asking if I didn't get a few bouncing e-mails every once in a while (i.e. NDRs) with messages like: You do not have permission to send to this recipient. For assistance, contact your system administrator.
[Code]...
View 1 Replies
View Related
Mar 5, 2010
Is there a way to force a domain to resolve to a specific IP using .htaccess?
View 1 Replies
View Related
Jul 16, 2010
I m using sendmail-8.13.8-2.el5 along with MailScanner-4.79.11-1
i want to set a rule so that user1@mydomain.com can send only to anotherdomain.com domain. sending mail to any other domain will be rejected. can it be done by sendmail or MailScanner ??
View 1 Replies
View Related
Jun 7, 2009
I am trying to figure this out and it seems I can't So, I have a server which hosts various domains, each domain with multiple subdomains. All websites are set up with "VirtualHost" and they all work properly.The problem I'm having is that if I enter any subdomain of the main domain, I can still reach the webpage.Is there some way of telling apache to DROP / display a forbidden message for all subdomains which are not listed in the VirtualHosts?
View 14 Replies
View Related
Jul 23, 2010
How to configure iptables to allow only 22,80,3306 ports for only a dynamic public ip/dyn dns domain name on a ubuntu server?
View 9 Replies
View Related
Jan 3, 2011
company has asked to block some pages on google.co.in. i can not block the entire domain.is there any way to block specific webpage like
View 2 Replies
View Related
Aug 21, 2009
I've got a home server running Ubuntu Server 9.04 and several machines running Ubuntu Desktop (9.04 and 8.04) and Windows (XP, Vista and 7). Now what I want to do is to create a domain and directory server similar in function to Windows Server w/ AD and join my other machines to the domain, but am not sure where to start. I already have file shares with Samba but now I want to setup a domain.
View 3 Replies
View Related
Apr 28, 2009
At the school i work in i have a server2k3 server that provides a domain to all the windows clients, aswell as a fedora server that acts as an imaging machine and webserver.
Im rather concious of the fact that if for any reason the Server2k3 server was to die there is no backup of active directory, or anything that can take its place whilst a replacement is found.
So is it possible to use a fedora machine with samba as a secondary domain controller? so it can be used as a login server, and has a copy of AD.
View 1 Replies
View Related
Jun 9, 2010
I was wondering if there is any way to enable an MS Windows client that is otherwise unable of joining a domain to join a domain controlled by (open)SUSE? Is that inability only for joining a Windows based domain but a client that runs XP Home Edition or similar domain- incapable version of Windows could join a domain if it was controlled by Linux?Pardon my newbie style, but answer doesn't have to be detailed step-by-step, just yes/no answer with some pointers would do. I am not new to linux but new to network services... search engines weren't friendly when asked this question at the search bar...
View 2 Replies
View Related
Aug 17, 2009
I want to give Administrator privileges to Root user in Linux Domain Controller
View 12 Replies
View Related
Apr 12, 2011
iam using centos5.2.configured qmail,vpopmail. while adding domain form vadddomain<domain.co.in> At first time domain folder get created in domains directory.and also postmaster user also get created by default.And also in mysql. Now the problem is after some times or rebooting system domain get erased automatic.also in /var/qmail/users/assign file domain name get erased.
View 1 Replies
View Related
Apr 7, 2011
i had created domain but not getting domain in /var/qmail/user/assign file.also it error /home/vpopmail/bin/vdominfo abc.co.inInvalid domain name
View 2 Replies
View Related
Feb 16, 2011
i have registered two domain names that i want to use to connect to my ubuntu server. I was wondering how to do this i was looking at bind9 but that didn't work that great. The server is behind a router with firewall i can connect to it using the external IP address but i like to use the two domain names if that is possible.
View 3 Replies
View Related
Feb 3, 2010
At work, we run Windows... Windows domain, windows workstations, etc. Today my boss asked me my thoughts on running an Ubuntu lab within the mixture of our existing Windows setup.
Well, that brought several questions to mind. So I understand you can bind an Ubuntu computer to a Windows domain, seems easy enough, whether you do it through Samba or the other guide I read that I kind of forget at the moment, but anyway...
I was just curious how Ubuntu interacts with domain users when on the windows domain. For example, if we have an Ubuntu machine on the Windows domain with a local user "administrator" and that's it, would any domain users be able to log into the Ubuntu work station, similar to how it is on Windows?
View 7 Replies
View Related
Jun 4, 2011
I want to host 5 websites on my new virtual server so I have created 2 nameservers that point to my virtual server's IP addresses as a glue record. What confuses me is when I create a new domain on my server it gives the new domain it's own nameservers (ns1.thenewdomain.co.uk etc) do I need to change these records so they use the nameservers I created earlier? If I do? Which particular records should I change? I'm running a Unix virtual server with a Plesk control panel.
View 2 Replies
View Related
Jun 27, 2011
i need to allow window domain controller user to use file share of linux.windows DC user can see the share file and directories of linux file server but not able to access.
below is brief--
I have a Linux machine which is on my network but not on my domain. I have configured SAMBA FILESERVER for file sharing purpose. I have a Windows XP PC which is on the domain(windows server) that I am trying to connect to a share on the Linux box. I supply my credentials but regardless of which login I use I always get Logon Failure. I have created an account on the Linux machine with the same user name and password as my domain account but so far no luck. Can I connect from a domain PC to a non-domain Linux box? Is there something else I should be checking?
View 14 Replies
View Related
Dec 30, 2010
I'm working for a smallish non-profit that has gone through some recent growing pains. We have two sites that are currently without a domain controller, and no money for MS licenses, so I was thinking of trying to add a couple of additional Linux machines (we already run Linux for web services internally, and I've set up a test case previously to see if I could get a server to join the domain, which was a success) and was trying to find out if I can get them to act as Domain Controllers without replacing the domain. The main issue that I'm having at those locations is drive mappings are not happening correctly against our DFS file servers. The one other location that had this issue had it go away when we added a local DC. The domain is a Server 2008 domain.
View 2 Replies
View Related
May 13, 2010
The company I work for, as usual, is Microsoft-centric. I'm attempting to integrate my Ubuntu server into the domain to allow domain users to authenticate to the server and access file shares using Samba. Here's my current configuration:
[Code].....
View 9 Replies
View Related
Jun 8, 2010
How do I give permission to a logged in user to stop/start a specific service without entering a root/sudo password? So they can do a simple "service SomeService stop|start" It is for a headless Ubuntu server.
View 5 Replies
View Related
Jul 24, 2010
I need to search a bunch of files in a specific folder for a specific number and add all the numbers together to a total sum. I use Rsync everyday, everytime I run rsync i get a logfile (rsync output) witch contains the textstring "Total bytes sent: xxxxxx".
The "xxxxx" can vary in lenght. I need to extract the "xxxxxx" from each file and add the numbers together to a total size over a week or a month. Is this possible? And I wish to only use bash. One way of doing stuff at a time my friends .
View 5 Replies
View Related
Jun 9, 2010
my system I want user1 and only user1 to be able to mount and unmount a specific partition, this partition contains backups and is usually mounted read only, needs to be temporarily mounted read/write by user1 while doing the backup.user1 is an unprivileged user. I've read that the user option will let any user mount the file-system (and only that user can then subsequently unmount it) and that the users option allows any user to mount or unmount the file-system.I also found this in mount's man pageQuote:The owner option is similar to the user option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for /dev/fd if a login script makes the console user owner of this device. The group option is similar, with the restriction that the user must be member of the group of the special file.So it looks like I'd need a login script for that user to make the user owner of the device file (/dev/voiceserv/backup in this case)
View 7 Replies
View Related
Dec 2, 2010
for example
else {
for fileDOC in $location/*.doc
do
[code]...
View 12 Replies
View Related
Oct 1, 2009
I'm trying to configure our mail server to block email from a specific sender reaching a specific recipient. In other words, if one of our employees is getting harassed by a 'stalker', how would one go about blocking, at the MTA (Sendmail) level, a specific sender email address from reaching a particular users inbox? We do not want to capture the email - simply block it before it consumes server resources.The Sendmail server (MTA) is a front end to our Exchange server so no user accounts exist on the Linux server. We simply use it as a SPAM and Virus scanner then forward clean email to the Exchange server.
View 6 Replies
View Related
Aug 3, 2010
My customer has a domain hosted by me and he has another domain hosted by another isp. He would like to have this domain am hosted to be forwarded so thwt upon entering the url he should have the website which is hosted by this other ISP displayed (the url of the website be musked). How do i configure my DNS at achieve this?
View 1 Replies
View Related
Aug 10, 2010
I need to redirect a domain to a subtree of another subdomain , for example : [URL] should be redirected to [URL] How should I do this ?
View 1 Replies
View Related
Jul 19, 2010
I want to replace specific character in a file after every specific line. example as follows.
O 000000000000000000
A 111111111111111111
C 222222222222222222
[code]...
View 2 Replies
View Related
Jul 20, 2009
I have a problem with my F11. I don't know how to add it to a domain !
View 1 Replies
View Related
Jun 13, 2011
I have got a centos 5.5 box with 2 interface (WAN & LAN) and trying to configure firewall so that LAN user can browse [URL]...
View 6 Replies
View Related
