I mistakenly ran 'iptables restart' on a server that was not set to run iptables. Immediately, the server quit making outgoing connections on port 80. It has problems completing a traceroute when another machine on the same VM Host can do everything just fine. One of our best networking technicians diagnosed it as issues with the TCP/IP stack on the OS.
I know that iptables is off, allowing all trafffic incoming/outgoing.
Can anyone tell me that how to get information about stack, allocated by kernel to a running process? for this ,is there any api function,any system call is available in ubuntu 8.04 ?
View 2 Replies View RelatedI have Centos 5.3 installed on my pc. I have mysql, PHP and apache server running on my computer too.Is there any way I can test my website on my pc without running any stack ( lampp )?
View 10 Replies View RelatedHow do we find the size of a stack when a process is running?
View 1 Replies View RelatedClient is running Oracle VM Server 2.2.1 (kernel 2.6.18-128.2.1.4.37.el5xen). Storage is a NetApp 3210 (NFS configured to use TCP).
Iptables on client has udp and tcp ports 111, 2049 and the NFS server ports opened. Info retrieved using: rpcinfo -p NetApp
When trying a manual mount ...
But when using the proto=tcp option, it works ...
Stopping iptables also works (I can manually mount the share without using proto=tcp).
Is the mounting process somehow trying to negotiate first using udp which the Netapp doesn't respond and hence it fails by timing out?
Can I configure iptables such that I don't have to use the proto=tcp option? Or is there another configuration file I can tweak so that I don't have to use the proto=tcp option?
I am trying to find the dyanmic heap size and stack size of a running process in rhel5.5 and rhel6.I read that the 23rd parameter in the file /proc/pid/stat gives the heap size.Can you elaborate more on this.Also is there any other way to do this?
View 5 Replies View RelatedI'm trying to open up some ports to connect via vnc to a server running Centos 5.5. I've edited /etc/sysconfig/iptables everything *looks* fine, but I still can't seem to get access to the port I've opened (I added some newlines for clarity between commands):
[Code]....
I just encountered an odd network stack glitch and wondered if anyone has seen this before, or knows what could cause it. When I connect to services on localhost (127.0.0.1) if there is a process listening, it works OK as expected. there is no process listening, I should get a NAK and see a connection refused message.With this glitch, that was not happening. And this was with 127.0.0.1 to 127.0.0.1. Nothing was listening, but the SYN attempts were all that were happening. If there was something listening that worked OK. Connections to other hosts worked as expected.
View 2 Replies View RelatedI'm trying to set up a Linux box with three ethernet interfaces as a bridge where I can do some packet filtering. I don't want this box to have any IP stack, packets that are allowed through the filter should be forwarded without changes just the way a switch would do it. I have build a kernel with ethernet support but no IP stack. It detects my interfaces, and I can bring them up with the ifconfig or ip commands. But when I try to start a bridge with brctl I get this error message:
can't setup bridge control: Address family not supported by protocol
A google search for that error message gave me no results at all. The command I used was "brctl addbr br", which does work on a full installation. Does brctl require IP support in the kernel? That would be a bit odd I think, since brctl doesn't do anything IP related, everything it does is at lower layers?
Does anybody know what the above message means, and what I might have been doing wrong?
Is there a linux command (or command combination or utility) that can identify all processes (PIDs) that are sharing a TCP/IP stack ?
View 4 Replies View RelatedI've got a little server setup on my local network and I'm trying to configure it to use miredo. I've got my laptop successfully using it, but for some reason miredo gives this error when I try to start it:
Code:
Error: IPv6 stack not available.
also running "lsmod | grep ipv6" gives these results
Code:
ipv6 270049 1 cnic
xfrm_nalgo 13381 1 ipv6
I get the impression that ipv6 is not enabled on my server, but I'm not sure how I enable it short of doing a reinstall.
downgrading PPP, NetworkManger, and NetworkManager-gnome. This worked but is there an easy way to know when it is safe to apply the updates that are available?
View 2 Replies View Relatedhow to disable rSIM in the current bluetooth stack?Starting about a week ago, whenever my phone (Android Captivate) pairs with my ubuntu workstation the rSIM profile is enabled which effectively turns off my cell service since my Ubuntu machine does not have a GSM/3G radio built in.I'd like to disable rSIM altogether so that I can again re-pair my phone to my Linux system. All my searching turn up results for people trying FIX this service...
View 2 Replies View RelatedFor a beginner, which technology is best to get a break in computer networking program?cisco,Microsoft or Linux?
View 5 Replies View RelatedHow do you I use duel stack i.e How do I use ipv6 packet inside ipv4 packet using fedora kernel 12 ?
View 1 Replies View RelatedI've troubles getting my new Sweex wireless 300N USB adapter to work. Tried searching in several directions (see closed thread). Further investigations shows however it is caused by the NDISGTK wrapper for Windows drivers. Can anyone tell me whether Sweex is shipping a faulty driver (it is the latest available) or it is a fault in ndisgtk? Or maybe I'm doing something stupid myself, which I do not find completely imagenary below some more detailed information on my findings: Started with network off and examined the networkstatus
Quote:
tpeelen@CC-desktop:~$ sudo lshw -C network
*-network DISABLED
description: Ethernet interface
product: RTL8111/8168B PCI Express Gigabit Ethernet controller
[code]....
Can I have both ufw and iptables running together? My server is currently using ufw, if I add an iptables rule will it have any effect?
View 6 Replies View RelatedAfter running iptables -F my server goes offline???
Isn't that suppose to flush the iptables, so it will allow all traffic?
if an admin decides this is security feel free to move, at the moment I can't decide where so posted here...On my laptop (msi-u100) my bluetooth stack creates rfcomm0 but is not applying the correct context label to it so selinux is bitching.
View 2 Replies View RelatedIn my server the iptables and ip6tables services are not running. But still i am getting some iptables and ip6tables related alerts on my /var/log/messages. My technical leader told me that there might be some mis-configuration in iptables configuration file. But i didnt see anything wrong.
Quote:
Quote:
What does it mean "Jan 25 11:01:32 beteduibsrv3 avahi-daemon[3308]: Leaving mDNS multicast group on interface eth0.IPv6 with address fe80::226:b9ff:fefc:6ec4."
I have been trying for days now to get this to work. didn't want to bother people with my questions, i have installed Fail2Ban 0.8.4 on CentOS 5.4.
I get the email notifications from Fail2Ban stating that it just blocked another IP, however, when i look at the iptables through webmin, nothing is actually in there, also the log/secure file dose not show that the ip has been blocked.
Even when I try to log-in with the wrong password, after a few tries i get the email telling me that my ip is blocked, however, I can still SSH using my 'blocked' IP.
I have 2 servers..
let say server A and server B
On server A open ssh is configured and is running on port 2298. So from my machine I can login there using ssh on port 2298
But when I login to server B and from there I try to connect to server A I cannot.
ssh: connect to host <ipaddress here> port 2298: Connection refused
Hi. I have Ubuntu 10.04, nm-applet is running in the background, my battery icon and sound icon are showing but my network icon has been missing for the past 2 days. It was working fine before but now it's not. How can I fix this issue if I don't have an ethernet cord? Is there a way to roll back the recent updates or do I need to reinstall my network manager?
I've tried restarting the system and I've tried killing nm-applet and reloading it using Alt F2. I get some Debug error.
When I try to run nm-applet --sm-disable
It says an instance is already running and then gives me a warning.
I tried removing "iface eth0 inet dhcp" from /etc/network/interfaces and then tried restarting by "sudo /etc/initi.d/networking restart"
It says:
What can I do to connect to the internet? I have a flash stick if its possible to download a .deb package on this mac and transfer it over to my other laptop to fix the problem. If its possible.
I am unable to restore my iptables from iptables-save after upgrading Fedora. I cannot get iptables-restore to work, and I have resorted to entering rules manually using the GUI.
View 2 Replies View RelatedI am facing a strange problem witht my iptables as there are some firewall entries stored somewhere which is displaying the below firewall entries even after flushing the iptables & when I restart the iptables service then the firewall entries are again shown in my iptables as shown below,
[root@myhome ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
[code]....
I recently installed a new Ubuntu PC that runs iptables and PSAD. I had the same script on another Ubuntu PC, but when I copied the script onto the new PC, I got this error. I don't remember where I found the tutorial for this, all I know is that this is the script (Edited for my usage):
Code:
#!/bin/bash
# Script to check important ports on remote webserver
# Copyright (c) 2009 blogama.org
# This script is licensed under GNU GPL version 2.0 or above
[code]....
Safe.txt contains:
Code:
127.0.0.1
192.168.1.8
192.168.1.1
98.200.58.73
192.168.0.1
And the error message generated is:
Code:
root@NETWORK-SERVER:/var/ddosprotect# ./ipblock.sh
' not found.4.4: host/network `127.0.0.1
Try `iptables -h' or 'iptables --help' for more information.
' not found.4.4: host/network `192.168.1.8
[code]....
IPtables creates an error during startup as well as when I try to restart it: Here's the output of:
[Code]....
I am running Ubuntu server 10.10 and trying to setup iptables rules in /etc/if-up.d/iptables
Quote:
root@host# cat /etc/network/if-up.d/iptables
#!/bin/sh -e
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Problem is that iptables doesn't get updated and I don't see them when iptables -L is executed after reboot.
To expand: I'm trying to set up a box with l7-filter, and I need to patch and compile iptables 1.4.1.1 as part of the process. I ./configured it with the prefix= argument so it would install into /sbin instead of /usr/sbin, and I did a yum remove iptables before installing it so as not to get in the way of the original iptables, but I'm wondering if this is really necessary - it's kind of annoying, because removing the original iptables removes the init.d script, deregisters the service, etc. If I don't, is it possible that iptables 1.4.1.1 might get overwritten in a system update or something, or will yum see that I've got a custom/newer version in there and leave it be?
View 4 Replies View RelatedIptables manual page says:
Why doesn't it make sense for packets coming from a wireless interface?
