I've looked today on my logs /var/log/message and I find device eth0 entered promiscuous mode I don't remember putting eth0 in promiscuous mode I'm connected to the net thru a router how do i turn that off ?
want to monitor network traffic with ntop from a Lucid 10.04 machine. Both NICs have picked up an IP address, I need to put one in promiscuous mode. I typed sudo ifconfig eth1 promisc and the response was SIOCSIFFLAGS: Permission denied
I need to route packets coming from a standalone switch port which is a mirror ("tap") of another port ("source"). I can't seem to forward packets whose MAC address is for a different device (the actual "target" of "source"). My device is in promisc mode,I can see the incoming packets in tcpdump and Wireshark. The only packets which get forwarded are those which have my MAC destination address (I changed the wiring to come straight from source and not the mirror port, to get "my" MAC address in the packet). My routing table is configured to forward and I have ip_forwarding enabled, obviously (otherwise packets sent to my MAC wouldn't route). By the way, the incoming packets are all VLAN tagged and I have matching subinterfaces.
Q1 - is this inherent, that packets won't get "passed up" to the IP layer unless the MAC addresses match?
Q2 - Would ebtables be a good solution, i.e. rewrite the dest MAC address to my own MAC addr and send to the INPUT target?
I try to generate a server client code. What i try to do is sending video streams from eth0 and eth1 to the other server programs' eth0 and eth1. In order to do that, i decided to use SO_BINDTODEVICE. But the code is not working. Am i misunderstood the usage of SO_BINDTODEVICE.
1-Defining two ports 2-Defining two sockets 3-Assigning host ips on them
I want to configure eth0 and eth1 in bonding mode with 2 vlans each (sam existing vlan 100 and 200)configured on 2 Cisco switches. How can I go about that? I got the following procedure for bonding from the internet, is it right?
1. Add the below lines to /etc/modprobe.conf alias bond0 bonding options bond0 mode=1 miimon=100
2. Create bond0 device file, /etc/sysconfig/network-scripts/ifcfg-bond0 with the following content:
I need to setup two ethernets in my Centos box. OK no problem both ethernet and 1 virtual works perfect. eth0, eth1 and eth1:0. I'm trying to set up diferent routes for eth0 and eth1/eth1:0 I need eth0 has a 192.168.1.1 gateway and eth1/eth1:0 192.168.1.100 gateway.I think I've tried almost every thing but always get one gateway for all the eth.These are my config..
/sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:XX:XX:XX:XX:XX inet addr:192.168.1.168 Bcast:192.168.1.255 Mask:255.255.255.0[code]......
I'm no expert on DHCP. My problem is that i have a CentOS 5.5 server on which i want to install a DHCP server. I have two NICs where eth0 has access to the internet and where eth1 should act as an DHCP server.
I have installed dhcpd and this is how my dhcpd.conf file looks like.
ifconfig looks like this
When i start dhcpd on eth1 i get no error messages but when i connect any devices to eth1 they don't get any IP. I cant find anything in any logs about devices trying to get an IP address. I dont have any firewall rules in iptables.
there are some configuration files where linux require the password of application user, to do something.how can i to encrypt the password in these files? Or how can i to store that password in encrypted file and retrieve it in secure mode?
I have Linux server (centos) in my company ,In Server have two Ethernet card we are using one for getting internet connection via eth0 and another one is passing network is shared through this ethernet eth1.Network is shared through this linux squid proxy server to Windows client .But thing is In Windows client Browsing internet via proxy is fine . But while ping google.com in cmd it say could not connect.
I have the following setup: An ADSL Router (192.168.4.1) which plugs into my server (that has 2 network cards) Server(eth0-connecting to the ADSL Router) = 192.168.4.2 Server(eth1-connecting to the windows XP PC) = 192.168.4.3 And the windows XP PC = 192.168.4.4 if I delete the entire routing table and add a default route route add default gw 192.168.4.1 dev eth0 I get an error (I can't remember the error, the PC's at work) however if I unplug the cable going from the PC to eth1, I can then successfully add the default route, and I can ping the router, however when I reconnect the cable to the PC and Server... I can still ping the router (from the server) but I cannot ping the PC
if I try and add another route such as: route add -net 192.168.4.0 netmask 255.255.255.0 gw 192.168.4.4 it wont let me add the rule I have a feeling i am doing something really stupid here with the addressing scheme,
I am trying to do something outlandish with iptables (or so I think!).I have a source sending udp packets to a destination (say dst11). Using port mirroring I am able to get all these packets to a different machine (say dst22). I am able to see these packets on dst22 interface using tcpdump.I want to analyze the packets on dst22. So what I do is put dst22 interface in promiscuous mode (using ifconfig eth0 promisc). This in theory should get the packet through the MAC layer. Now using iptables I am trying to DNAT the packets in nat prerouting to change the packets destination IP to dst22's interface and change the destination port.
this should be trivial for all you big sysadmin guys My box is a firewall/gateway. ETH0 is on the Internet-side, and is fully auto-configured (DHCP client) from my ISP. ETH1 is on the LAN-side, has DHCPD enabled, and I route the traffic to/from the Internet via iptables (NATting, of course). Everything works pretty good, except for the DNS-server assignment via DHCP: how can I configure dhcpd.conf to assign the SAME dns-server I receive from my provider on ETH0 to all my PC on ETH1?
I have a Fedora 11 system and cbq.init-v0.7.3 in it. Now I want to restrict upload speed from my ftp server to Internet (eth1). According to docs I've made a simple file /etc/sysconfig/cbq/cbq- 00.inet_upload_restrict:
So as you can see I want to limit outbound traffic on eth1 from my ftp port 20 to any to the 800Kbit/s (100Kbyte/s). Now I do cbq start, it says: find: warning: you have specified the -maxdepth option after a non-option argument (, but options are not positional (-maxdepth affects tests specified before it as well as those specified after it). Please specify options before other arguments.
find: warning: you have specified the -maxdepth option after a non-option argument (, but options are not positional (-maxdepth affects tests specified before it as well as those specified after it). Please specify options before other arguments. but it starts and works. Now I check the speed and it is...
I have a hardware device with two ethernet ports, eth0 and eth1 running Centos 5. Basically my goal is to forward packets from eth0->eth1 and eth1->eth0 as well as get a copy of these packets for analysis. If I set IP routing to do the forwarding then I won't get a copy of the packets for analysis.
I have openvpn tunnel setup between two CentOS servers. One of the CentOS servers also acts as a DHCP server for some client computers.
Server A= OpenVPN server Server B= OpenVPN client (connects to Server A with OpenVPN)
The two CentOS servers can ping each other (172.16.0.0/24) via the tun0.
However, client computer connected to Server B (DHCP server) can't reach 172.16.0.1 (which is the OpenVPN server).
I think I am missing some routing in my "ip route show". Following is the full picture:
What command can I issue to get this fixed? something along ip route add?
There is no firewall service on both end. service iptables stop! I can't bridge eth1 and tun0 as DHCP server might mess up the other side. I can't do a push of "redirect-gateway def1" because then clients loose their IP as they send DHCP requests to Server A.
I work for a company that makes portable devices running Linux and I was recently asked to make the underlying file system read-only for "security" purposes. Since the distribution is based on LinuxFromScratch, I know that very little writing happens at run time. So, even if the device runs on a usb flash device, I doubt that putting the root file system RO will be that beneficial. I am actually more concerned about a process actually breaking because it cannot open a file in RW mode than a process going rogue and filling the root file system with log files, etc. I'd really like to ear what kind of advantages disadvantages there really is with read-only file-systems.
I have two servers on a vlan at my datacentre/colocation and previously both servers had public IPs on their eth0 interfaces. The servers are HP ProLiant DL360s - one is a G4 and one is a G5 The newer G5 is now the LAMP server and the G4 has been retired and I want to repurpose it as an iSCSI target using openfiler freenas or similar.
My G5 has public/static IPs lashed to the eth0 physical interface and the eth1 is not configured to do anything yet. The G4 will have both interfaces available - perhaps one for ssh access from one of my static public IPs and the other to be a private IP on the local vlan. Here is what I am trying to get my head around...
The G5 eth0 - Public IP - full LAMP services on two or three virtual interfaces eth1 - Private IP 192.168.0.1 The G4 eth0 - Public IP for ssh eth1 - Private IP 192.168.0.2
Because my traffic between eth1 on these boxes is via private IPs on the local private vlan it doesn't add to my quota for bandwidth. How do I go about configuring the routing and gateways and other aspects of this so that I can run a private IP space network between the eth1s and still serve the outside world from the eth0s...
I am afraid that if I assign the private IPs to the eth1 interfaces the routing may either not work or interfere with the access to the production internet facing interfaces (eth0s).
I've a popular vbulletin forum (10k max in vbulletin stats 'whos online') runnin in two servers like this:
1) Web server running vBulletin. Dual Intel E5620 @ 2.40GHz (shows 16 cpus) 12 GB RAM 2 x 500 GB SATA (one for system/web and other for backups) CentOS 5.6 64 bit Apache/2.2.17 PHP 5.2.16
2) MySQL 5.server Dual Intel E5620 @ 2.40GHz (shows 16 cpus) 16 GB RAM 2 x 500 GB SATA (one for system/web and other for backups) CentOS 5.6 64 bit MySQL 5.0.77
Web server connects to MySQL using private LAN. Web-php server works with xcache as recommended by vBulletin. Image/avatars and other static files (css, js, etc) are on a CDN MySQL server uses Memcached for caching common queries.
The problem I'm facing, is from time to time (let's say one or two times a week) the Web server goes into read only mode... then the server has to be rebooted in order to get online normally and be able to work. From the logs I've seen this:
This is a new server, and in the old server the 'read only mode' issue happened very often too... so I guess it's not a HD issue.. it's just the HD have a heavy I/O usage. What do you think?
I am thinking about this solutions to improve the webserver performance:
1) 75% of the vbulletin users are anonymous users, so I've been thinking about using Cloudflare as a cache for all that traffic, that would reduce the php-webserver process a lot.
2) Using an external email server is a good option I guess... as right now the webservers also handles the email notifications for all the vbulletin users and it is constantly sending email everywhere. So, email will be stopped to gain server performance.
3) Mounting partitions with 'noatime' at /etc/fstab seems to improve I/O performance.
I have Ubuntu9.10 installed in my desktop and the version of thunderbird is 18.104.22.168 and I am facing a problem that if I open any attached document from my mail, it open in Read-Only mode. To make changes I have to save the file or click on edit button but if I click on edit button then file get renamed as Untitled document.
I have a dual boot (WinXp, Ubuntu) on my machine. Unbuntu is installed in the same partition of WinXp. Evertime i have to access a windows file or folder i mount the windows drive using the following command
Code: sudo mount -t ntfs -o nls=utf8,umask=0222 /dev/sda1 /media/c
This works just fine. My problem is that all the files are loaded with -rwxrwxrwx and the directories drwxrwxrwx. I cannot change the file mode bits using chmod even in su mode. chmod incidentally works just fine and does not give any error. But the file mode bits are still the same.
I'm trying to figure out the effects of some of the more unusual combinations of modes and file types. For instance, what does SGID do on a directory? What do SUID and SGID do on files that aren't executable? What effect does execute have on a FIFO?
Does anyone know where I can find the complete documentation for file modes under Linux? It's not in the chmod(1) man page. I can't find it in the documentation directory of the kernel tarball either. I thought it would be in the POSIX specs, but I can't find it if it is.
I just modified the grub file in 10.10 in order to see what the text line boot is like. Well now I want to go back, but when I try to gedit /etc/default/grub it gives an error that he couldn't display. How can I edit the file to go back to gnome??? I am on macbookpro 6.2 tripleboot Mac OS 10.6, Win7 and Ubuntu 10.10.
In fedora, to use browse mode, you have to right click on a folder and choose browse. How can I make that the default option, like in Ubuntu if that rings a bell on what I am talking about. Every time I double click a folder I would like browse mode.
installed a couple of apps, and then by accident removed one. The problem is he was looking about in all the sections, and he cant remember what section it was from let alone what he removed. Now when the laptop boots it shows xsplash then goes to a dialog screen which says :-
(EE) open /dev/fb0:no such file or directory
When I click <OK> I get a small menu with Run ubuntu in low-graphics mode Reconfigure graphics Troubleshoot Exit to console Reconfigure does no good, but I can get logged in to text install. The laptop is an Acer Aspire 3630 and uses SiS graphics.
I create a link to a file in order to open the file from the desktop. When I move the link from the file location to the desktop, the file is opended in read-only mode. How can I change this so that the file opens in regular mode so that I am able to edit contents? The file in question is an open office spreadsheet.
I have a multi user system for my roommates and myself that has separate folders for each of us. I've got user authentication working with samba, but unless I set every file and folder readable/writeable by all users, I can't browse it or edit the files.This isn't ideal as the shares are open to other users access, so I'm hoping there's a way to keep folders at 750 and files at 660 while allowing samba users to browse, delete and edit.Also, the samba share is actually a mounted NFS share from another server. Both the NFS server and the Samba server have the same users/uid's. When a file is created from a Windows host via the Samba client, the NFS server's permissions do show that the correct user owns the files, but since the files aren't mode 666 but 640 I can't edit or delete the file.
I went and generated a self signed SSL .pem file ($1000 for a signed wildcard ssl certificate is out of my price range at the moment). I can connect to my server on port 26 when using STARTTLS but not SSL/TLS mode. I would like to be able to connect to port 465 on SSL mode, but I have no idea how.
I am running redhat ES 5 on a dell server and recently, I ran into a snag where I was able to reduce a partition (ext3) but could not run resize2fs (mismatch between physical and logical blocks (i never found a solution to this). In any case I decided to log in a single user mode (appended 'single' at the GRUB loader prompt) and now I am always taken to this single user mode every single time I reboot and can't seem to get out of it. I have tried init 5 (runlevel that the system is set to boot into by default) but that does nothing (no message on the # prompt).Of course, I have 2 problems here:
1) partition issue 2) cannot log out of single user mode.
From system security point to view I want to prohibit 'linux rescue' mode in my installed RHEL system. Because as per my knowlege through linux rescue mode anyone who have physical access to system can mount root filesystem(/) and retrieve all data without knowing root password. Please guide should i encrypt / on any alternative .
I have a new installation. I try to boot and instead of my grub menu, I get "error: file not found" and am dropped into the rescue prompt. I have just a standard "Desktop" installation. I installed from the 5.05 net install cd. I installed grub to the MBR.
partitions are: hd0,2 is / hd0,5 is swap entering the "set" command results in: prefix=(hd0,2)/boot/grub root=hd0,2 [Code]...