According to the man page, the "recent" match of iptables accepts certain parameters (e.g. "ip_list_tot"). I'd like to change the values of some of them.
All the solutions found on the web were about changing parameters for module, but my kernel was compiled without modules support (such that it can be used for installation booting as well).
How can I change the match parameters for my non-modular kernel ?
My question is about TCP parameters in Linux. By now, I want to change the default values of:
Initial Timeout
ACK Delay
Idle Connection Timeout
I have a Linux Box with kernel 2.6.x and 2 ethernet interfaces. I know TCP is a stack that doesn't have anything to do with ethernet devices. Said that, the question: is there a way to set custom values for each interface? For example, a server listening to connections in eth0 would use one value for Idle Connection Timeout and another server listening to connections in eth1 could use a different value for that parameter.
I'm playing around with iptables on Ubuntu 10.04 Beta2.
[Code]....
That's what I got so far. Accoring to iptables man pages: "/proc/net/ipt_recent/* are the current lists of addresses and information about each entry of each list." There's nothing like that there on my Ubuntu installation. There's a file that's called /proc/net/ip_tables_matches. However, it doesn't contain the information I'm looking for. It contains:
Code:
udplite
udp
tcp
recent
state
icmp
where I can find the file where iptables stores the matching IPs? Also, can anyone verify that I have put the rules in the right order for them to work?
Recently I was going through some chmod manipulations and found the umask values to be 0002 by default in Fedora 11 distro. What I knew about the default values to be 022. I don't know whether this is a kernel modification in this distro or my system is in compromise(I doubt for the latter option, but not confirmed).
View 4 Replies View RelatedI have a text file that needs to be updated to be used by some fortran code later. it looks like that:
1,1 !Ms for y-stations, Ns for x-stations
0,0,0, !xsta, ysta, zsta
I need to replace the "0,0,0" with new values for xsta,ysta and zsta;
I'm trying to write a script where I want to check if any of the parameters passed to a bash script match a string. The way I have it setup right now is if [ "$3" != "-disCopperBld" -a "$4" != "-disCopperBld" -a "$5" != "-disCopperBld" -a "$6" != "-disCopperBld"]but there might be a large number of parameters, so I was wondering if there is a better way to do this?EDIT:I tried this chunk of code out, and called the script with the option, -disableVenusBld, but it still prints out "Starting build". Am I doing something wrong?
while [ $# -ne 0 ]
do
arg="$1"
[code]....
So I am creating a LDAP server for my school's Linux lab, so users on our school network can log into the Linux machines.
I found a guide here url...Authentication
But during the install, I get the following error.
update-rc.d: warning: libnss-ldap start runlevel arguments (2 3 4 5) do not match LSB Default-Start values (none)
everytime i try to vnc to my box, it pops up the keyring authentication, which is obviously a huge problem when logging in remotely.how do i change my keyring password to match my login password?
View 4 Replies View RelatedI have iptables 1.3.5 on CentOS 5.5 32 bits. kernel 2.6.18
How to install statistic match module for iptables?
After resetting a pc running lenny I get iptables errors at boot ("resource temporarily unavailable", "bad rule" etc). "setting up firewall" (Guarddog) is not followed by any errors and the firewall apparently operates ok.How can I restore my iptables to the default installation values?
View 2 Replies View RelatedI've been tasked with setting up a RHEL FTP server to mirror one we currently have. From what I've read, I need to install and configure VSFTPD and then configure IPTables. From what I've been able to come up with, I need to follow the steps in this article to install and setup VSFTPD. Is this a good complete article to follow you think?Also, how do I copy the iptables config from that server to my new one? I think that iptables on our current server only allows certain IPs or blocks certain IPs (not sure which), so I need to have it do that on my new server as well
View 14 Replies View RelatedI need to do a script to change the background image. I can do this with this command
PHP Code:
[Code]....
that work's fine but i need send some parameters to the background image
1)I need to set the style(mosaic, center, etc)
2)I need to set a color(because the image is smaller than the resolution)
I can't find how set this two parameters
I have a mental block whenever I'm confronted with anything to do with grub2. Changing things in menu.lst was SO much simpler....
I want to include the command 'acpi=off' - but where do I put it? Can I change the detail of an existing grub entry in this way, or do I have to create a complete custom menu entry in grub.d and include it in that?
I was wondering if there is a way to change the value of positional parameters inside a file.I mean, i want to change the value of a certain field of a file to the one i provide with?
View 6 Replies View RelatedI want to change parameters of a RED queue during the simulation but it seems that some parameters can be modified only before starting the simulation, not dynamically, while the simulation is in progress. For example the following subroutines works before $ns run command but it do not change the behavior of the queue during the simulation( I want to change maxthresh_ and thresh_ after $ns
run command): Code: proc setREDParameters { redQueue MINth MAXth PER_MaxP Wq } {
$redQueue set thresh_ $MINth
$redQueue set maxthresh_ $MAXth
[code]....
I think I've messed my SELinux boolean values. How to restore default boolean values?
Modified boolean values are stored in
Code:
/etc/selinux/targeted/modules/active/booleans.local
Can I just delete the file and reboot to get the defaults?
I've been searching for the answer to my question for quite some time on google, no luck. Due to my searchings I've become very familiar with nice and renice.
I have a script I use for launching a game installed with wine. I cannot/wont run this game as root but I need to be able to use nice --7. As of now I can't I -- ofc -- get "permission denied"..
So how do I make the full range of niceness ( [-19;20] IIRC ) available for all users on my system -- or even just for 1 user?
I'm using Logitech WebCam on fedora 11 and running webcam server to capture the images on the browser.. it works fine but the image quality is poor...could anyone suggest me how to change the image quality by passing parameters via command line??I tested Video quality on cheese as well, which is poor too..I searched a lot in google for a solution but no use... i got some patch but couldn't install that since the gspca driver on my fedora 11 is in-built..
Output of lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 020: ID 046d:092f Logitech, Inc. QuickCam Express Plus
[code]....
I have a question about the icon sixe in gnome menues. I installed the program Calibre and the icon that shows up in the menues is like 4X the size of all the other icons. All the others are fine just Calibre.How do I change the icon size to match all the others?
View 7 Replies View RelatedIm using Ubuntu 9.10.When I use Nessus scan to scan my computer I can receive information about how match RAM, how man CPU etc.
View 1 Replies View Relatedim on ubuntu, and i was trying to change the settings under System->preference->network proxy
When i click apply system wide, it asks me for my root password wich i provide and then it asks me for this other password, with this message: Privileges are required to change gconf system values. What is this? is there a way around it?
I ran two scans in Zenmap: 1) Quick scan plus and 2) Quick Traceroute. Quick scan plus, under the Nmap Output tab, has a field called "Network Distance". The Quick Traceroute report under the same tab lists the HOP and RTT time. I was thinking that for a given server, the value for the Network Distance would be the same as the HOP field when initiating the scans from the same server, but they are not.
View 5 Replies View RelatedI reduced my system font sizes from default 10 down to 8, but I want to also reduce the height of the Main Menu correspondingly. I've searched the forums and Google, but can't find a method for doing this. See the screenshots - both menu heights are exactly the same, but if I reduce the font size, I'd like the menu to shrink too.
View 3 Replies View RelatedWe are trying to implement a firewall as kernel module through netfilter hooking (in C). In the following code we are allowing only TCP traffic. Source port number and destination port number are printed for every TCP packet. On execution, this code prints wrong port numbers. This is the first time we are using skb_transport_header function for accessing tcp headers.
We verified port numbers being printed by firewall through NFS traffic. On the same machine where firewall is running, we hosted an NFS server. An NFS client (from a different system) puts a file in exported mount. Firewall is able to capture packets for this file transfer but port numbers printed are wrong. It prints '69' for source portnumber (whereas ethereal capture shows it as 790) and prints '553231' for destination port (whereas for nfs version 4 it has to be 2049).
[Code]....
I have the following query:
Code:
$sql="SELECT table1.datetime, table1.user_id, table2.ip, FROM table1,table2 WHERE id='$id' AND (table1.id = table2.id AND table1.datetime = table2.datetime)";
In table2 the datetime fields are about 1 to 2 seconds off due to the source of the data, which I cannot change.
Is it possible via a query match table1.datetime & table2.datetime by HH:MM (ie. to the minute instead of to the second)?
I'm looking for a program that will add cookies to my web browser (firefox or chrome, preferably). The application would ask me for the Cookie's:Name
Content
Domain
Path
Send For (type of connection)
Expiration Date
If no one knows of an application that does this, does anyone know what files i could manually edit in order to change a particular browser's cookie values?
I have been struggling with this for a very long time now. I have installed Fedora Core 9 on my computer. I have set it up as a caching-nameserver and this is working.
Then I wanted to secure my server with iptables, and I have so far made this script:
# Load the connection tracker kernel module
modprobe ip_conntrack
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
[Code]....
I can reach the dns server with ping. When trying Nslookup it says that it got SERVFAIL from 127.0.0.1 trying next server, and then it times out.
My resolv.conf file lists:
nameserver 127.0.0.1
nameserver DNS-server
Im pulling my hair out trying to get ftp to work through iptables.Im using vsftpd
Table: filter
Chain INPUT (policy DROP)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
[code].....
I have a problem with iptables, when I execute
[code]....
I am trying to figure out how I can configure IPtables to only allow VNC traffic to an internal server over SSH.
My configuration is WAN < --- > Gateway (Ubuntu 9.10 Server) < --- > Internal Server (that I want to control with VNC over SSH)