I do not believe the firewall connection tracking is enabled. I have Centos 5.6 with 2.6.18-238.5.1.el5.centos.plus kernel. I went into the kernel .config and I see CONFIG_IP_NF_CONNTRACK=m. But when I do a lsmod I do not see this module.
View 2 RepliesOn my CentOS 5.4 box I run dns, ssh, and smtp servers. This box also has to be able to resolve and browse websites. So basically it needs iptable rules for
TCP 22 25 80 443
UDP 53
My question is, which of these services work nicely with connection tracking? I'm a little confused about how connection tracking works. For example say this iptables rule for smtp
Code:
iptables -A INPUT -s 0/0 --sport 513:65535 -d $myip --dport 25 -j ACCEPT
versus
Code:
iptables -A INPUT -s 0/0 --sport 513:65535 -d $myip --dport 25 -m state --state NEW,ESTABLISHED -j ACCEPT
So with connection tracking what exactly does it do that my first iptables rule does not do?
Also for centos is that port range correct? 2.6 Linux kernel randomly chooses a port 513-65535 when it connects to an external smtp server or say browses a site.
When I have video running and the video stops, I see that the connection is destroyed in about 5 seconds, which is what I want. If, rather than stopping the video, I pull the plug, I have seen it take 350 and 380 seconds before the connection is destroyed. Why is there such a large difference in the time to destroy a video connection between stopping the video and pulling the plug on it when using net filter connection tracking? How can I shorten the time for the connection to get destroyed when pulling the plug?
View 3 Replies View Relatedi want to performance a test of a network, without using connection-tracking.
how to disable connection-tracking,
i used the following iptables commands to disable connection-tracking,
iptables -t raw -A PREROUTING -p tcp -j NOTRACK
iptables -t raw -A OUTPUT -p tcp -j NOTRACK
but it is not working, when i see /proc/net/ip_conntrack, this file shows the existing connections.
On Kernel 2.6.33.4 I get this from /proc/net/ip_conntrack:
tcp 6 431557 ESTABLISHED src=X.X.X.X dst=X.X.X.X sport=44242 dport=993 packets=128 bytes=9267 src=X.X.X.X dst=X.X.X.X sport=993 dport=44242 packets=85 bytes=53950 [ASSURED] mark=0 use=2
On Kernel 2.6.36.2 I get this from that same file:
tcp 6 431665 ESTABLISHED src=X.X.X.X dst=X.X.X.X sport=4640 dport=8082 src=X.X.X.X dst=X.X.X.X sport=8082 dport=4640 [ASSURED] mark=0 use=2
It's missing the data on bytes and packets transmitted through that particular connection. I had written a program that uses this information. Was this pulled out of the kernel on purpose or did I miss some option when compiling the new kernel for my box?
I had been running "Etch" and upgraded to "Lenny". Now my mouse is NOT tracking correctly. When I move the mouse and then press and release the 'ctrl' key to show where the mouse pointer is the circle indicators are not where the pointer is. I therefore cannot make any selections from menus as 'lenny' thinks the mouse is somewhere other than where the pointer is. Also are there keyboard hot keys that i can use to access the menus?
View 1 Replies View RelatedI was recently looking into using tail -f to monitor some text files like so: tail -f /var/sometext However, when I did some testing, it doesn't seem to work. What I did was I created a new file and ran: tail -f /home/name/text Then, I opened the log in vim and did some editing, saved it, and it seems that tail is not "seeing" the change.
The weird thing is, running echo "hello" >> /home/name/text seems to work fine (tail sees the change). I read somewhere this has something to do with file descriptors and new inodes being created when saving a file.
Is there a way of tracking updates without booting into the system. I am still on Karmic because of an annoying 'black screen at boot' bug. However i've got Lucid on a test partition waiting when the bug is fixed to upgrade my main system. I do not want to boot into my test system to check if there are any updates but track them online in some way to see when it's worth to boot to upgrade.
View 4 Replies View RelatedI've been reading an interesting article about the fact that ISPs are able to collect net data from web users. What I think It's missing in the article is that in some locations it's compulsory for ISPs to collect and save all your networking data (For example, in Spain, where I live, it's compusory to store people's activity on the net for a period of 6 months (minimum) to 2 years (maximum). In the article they state that Witopia can do the job of encrypting your browsing activity and therefore mantain your privacy. Do you know any open source or, at least, free alternative to Witopia? What do you think about the article and about the ways of safeguarding your privacy?
View 9 Replies View RelatedFresh install of debian lenny / mostly default load
VLC 1.0.5 install
cd rom
dvd rom
vlc plays cd (no audio but can see tracking of song) but not dvd
fstab (cannot edit -permissions and don't know how to effect the proper permissions)
fstab
/dev/hda /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/hdb /media/cdrom1 udf,iso9660 user,noauto 0 0
someone recommended changing to
/dev/cdrom1 /""
Don't see how that would fix audio but anyway cannot change fstab.
checked advanced input / codec in VLC
dvd = dev/hdb
cd = dev/hda
Totem -plays the dvd but quality / volume is not there, prefer VLC. Soundjuicer plays the audio with sound nicely. Just would like VLC to do it all.
I've been trying to find a source tracking website similar to Freshmeat so that I can keep an eye on version updates.
I need one because I am trying to build myself a Linux distro from scratch and it would really help if there was a single source where I could see software updates, and download from.
I've introduced myself to OpenCV a bit now and can do some of the most basic things with it. My current goal is to have a solid color object (say a red ball) and have a camera be able to find that object. Anybody know of any resources to start learning how to do this? Any tutorials/books? Or is there something I should be searching for instead of color detection and tracking that will give me things more in the right direction?
View 2 Replies View RelatedQuote:Originally Posted by qweasd cannot wait. I upgraded to 13.1, but now I am planning a clean install, with the intention of making the new system even more stable and better documented. This time I really want to keep track of ALL the changes I inflict to the stock configuration files in /etc, anyone knows of good way to do that? I was thinking git, but may be it's overkill. I guess, I could simply make a list of files I changed...es,What I do is that I have /root/orig and /root/local. Orig contains a copy of every stock file Pat ships that I make a change to, and I keep my changed copy in /root/local and then copy it into place.
Code:
root@slack:~# tree /root/orig /root/local
/root/orig
[code]....
I am looking for a basic online expense tracking system that is:Web-based. Runs on LAMP, etc.Stable, reliable, etc.Open source.The end-user uses a web browser to enter the date of each expense, amount, vendor, etc.Print a periodic report and hand it over to the acccountant.
View 2 Replies View RelatedIs there a good way to set up internet tracking on an openSUSE 11.3 computer? I don't want users visiting porn sites or any other nonsense, and if they do, I want to know about it. Is there a good program that the administrator can set up to report this kind of thing or at least track it? Obviously, this would need to track all websites visited regardless of the application/browser used, and would need to be completely inaccessible to users. I don't want them having the ability to turn it off or circumvent it somehow.
View 8 Replies View RelatedIn the "software sources" windows under the "Updates" tab I have checked "Pre-released updates" and installed all the updates. I no longer want to track the proposed updates and have unchecked that item. Now am back to just security and recommended checked. How do i get it to downgrade the packages that it has modified when I had "Pre-released" checked? I want to get back on the stable "Recommended Updates". It seems to have changed what it looks at for updates but did not downgrade the packages.
View 1 Replies View RelatedI'm using Ubuntu 10.4 box with Apache2 web server. I have a site with several Domain Names. How do I set up tracking?
View 1 Replies View RelatedIs there a linux compatible program for tracking a stolen laptop? I tried Prey, but I can't get it installed and working. Something that works for the non-uber geek?
View 1 Replies View RelatedI am looking into setting up a system that can be used to track the progress and/or status of various projects being done by our I.T. staff. The specific features that I am looking for in the software are the following:
1. Project monitoring
2. Metrics
3. Email reminders
4. Bug tracking
5. Reporting
6. Scheduling
I have deployed applications like Bugzilla and RT Tracker in the past. However it has been several years since I have used either application so I am sure if either application can do some or all of the items that were listed above. Does anyone know if either of the two applications mentioned will do the items listed, or is there another application that is best suited for the job?
How can i add a PPPOE connection witch connect automatically on system start up in text mode in centos 5.4
View 3 Replies View RelatedI want to install CentOS from netinstall CD, but it doesn't work for wireless connection, because it just looks up for eth0 connection. Well, I connected server to wired USB connection and it's named eth1. I want to use netinstall CD but using eth1 connection. Is there any way for doing it?
View 2 Replies View RelatedIs there any way to setup the Centos Directory Server without an internet connection?? i tried using the command: yum install centos-ds
but this just tries to connect to the internet to to download the packages. Is there a site where i can find the package so that i can copy it to my server and install it or is there some other way to do this?
I have a CentOS server in one of my labs at work that does not have an Internet connection.Is there anyway that I can download the updates on a USB stick and then update the server? If so, what are the procedures?
View 1 Replies View RelatedHow can I keep a record of the memory usage of a particular software?The software I have in mind is firefox. All I want to do is to record the memory and cpu usage in regular intervals of time.htop (top) revels that firefox runs with many PIDs. So, is there a single command to keep track of the complete PIDs of firefox. If there exists a command to check the total usage at an instant I can write a script to run it periodically..
View 3 Replies View RelatedI have just installed a 5.2 centos under vmware ESX 3.5 as Virtual Machine and it works fine but ... after some minutes .. if I have opened a remote ssh session for example ... it is close .... and if I have running webmin ... it suddenly close
View 1 Replies View RelatedI just have moved from winXP to CentOS and i have found one problem. i can not get connection to the Internet
KDE "System -> Network Device Control" select "wlan0" push "Activate" and receive
Error for wireless request "Set Mode" (8B06) :
SET failed on device wlan0 ; Invalid argument.
Error for wireless request "Set Encode" (8B2A) :
[Code]....
also i did #service NetworkManager start
it is runing but i can not get connection
the network card is Intel PRO/Wireless 3945ABG Network Connection
In addition, how can i see a list of available wireless networks
I have SSH running on port 8662 and 22. I use 8662 for the outside world (eth0 which is 192.168 network) Here are the only lines I have changed in sshd_config:
Port 22
Port 8662
#Protocol 2,1
[code]....
BTW, ports forwarded on my firewall, checked and triple checked it.
I have installed Centos 5.5 on my PC and now since I am new to Linux environment I do not know how to set up Internet connection for it. I have laptop which runs on Windows and I access internet by typing in username and password for Wireless Internet (LAN cable from laptop to adapter and from adapter another cable to antenna which is outside.
View 4 Replies View RelatedI'm familiar with linux (Debian/Ubuntu), but new to CentOS. I recently installed CentOS 5.2 on a new server for my radio station. I can log in and do everything fine, save connect to any network. I only have a Broadcom wired nic. I know the wire and ethernet jack work fine, so that lead me to the server's settings. I'm not sure if I missed something somewhere, or a similar post (I'm sorry for double-posting if this has been done before).
There is a static IP address set, and that's done correctly.
From what I've seen, someone would like to see /sbin/lspci | grep -i ether: 03:00.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5722 Gigabit Ethernet PCI Express
I'm trying to setup a ssh connection from to my house that way I can learn Linux on a box that won't make my boss the sys admin (Im help desk) grind his teeth. He say that ssh port is allowing connections out of the firewall but not in so I can connect to my house. However If I try to connect to my box I get a message stating that the connection has time out. I have port forwarded the 22 to my box and have even changed the port to see if it is my isp blocking me. I am able to connect via SSH internally but when I try outside my house I am running into trouble. I looked up how to disable my fire wall and as far as I know it is.
View 3 Replies View Related