I'm trying to connect to the www.freeopenvpn.com vpn service from my ubuntu 10.04 netbook edition. Installed the parts based on the instruction of the website, then the connection successful (lock icon on the connection area) but.....
the traffic does not go through, ping rejects with some "buffer error", network monitor does not show any data flow on the lan card. after the connection. Was trying it from commandline, and from gui as well. Same result. Can't even navigate to the service start page.
I do not have firewall, using the linksys built in firewall in my router. The same (dual boot) machine and router let the same vpn work under win XP, so the hardware is fine.
I suspect that it is a routing problem. (using dhcp from the modem-router)
Found that the vpn module installed the virtual tun0 interface and set up the routing table automatically.
I would like to have all traffic from the ethernet connection out through the wireless (basically using the box as a router) however I am having some trouble doing this.
I have done this before on Windows however I am having some trouble doing this on linux, I have tried using Squid Proxy however I am having some trouble using configuring/using it.
I am using Yellow Dog Linux however I am willing to change to any other distro as long as it is compatable with PS3 (as this is what im using linux on)
I am using Ubuntu 10,04 with a gnome interface on an ASUS K70IJ. It all works well, just the internet connection is sometimes blocked or very slow. I have tried it on several places (offices, hot spot, friends) with wireless lan and ethernet. I thought it might be a problem with the pilot for the internet connection. Can anybody tell me where I could find such a pilot and how I do to install it?
In my work I am trying to connect my home server behind symantech gateway but I cannot but when I try to connect with telnet to ssh port I can make connection.How can I connect my server via ssh client.
I have a fresh installation of CentOS 5 I'm using for a server, and I'm having issues with port configuration. I have iptables running, and it started with no /etc/sysconfig/iptables file. I added a few basic rules (port 53, port 10000 for webmin), saved the file, and restarted the service. I tried connecting to webmin, scanned ports, and traffic was blocked. I set iptables to allow all traffic and restarted the service, and it still showed basically every port as being blocked. It seems port 80 and port 22 work for some reason, even when I tell iptables to block all ports.
I'm not sure what's going on here. Iptables is reading the /etc/sysconfig/iptables file, and if I use lynx localhost:someport it responds as it should according to the file. However, if I try connecting by IP, it's like there's some other firewall or something running that does whatever it's configured to do.....
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code: iptables -I INPUT -p gre -j ACCEPT iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT iptables -I FORWARD -d 172.16.10.101 -j ACCEPT The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
I want to explicitly commit bandwidth to only 3 VOIP connections, where a connection is defined as a source IP address, destination IP address, and a traffic class. I would like the traffic controller to put the first 3 VOIP connections into 3 different queues that would have equal priorities that are higher than Best Effort. If a 4th VOIP connection were to start, its packets would be put into the Best Effort queue. When one of the VOIP connections ends, I would like the incoming packets of a VOIP connection that is in the Best Effort queue (assuming there is one) to now start going into the free VOIP queue. Is it possible to do this? Can traffic control keep track of connections being created and deleted like that? If so, how is it done? I would like to avoid having to be constantly updating my filters whenever a connection starts/ends. In actuality, I would want to do this for several different classes.
everything works fine, clients can connect to the vpn server with no problems and they can ping local machines! but no internet access through the vpn connection unless i uncheck the default gateway option on my client machine which is not what i want. I want my clients to get my server's ip address. my server is behind a router (router's ip : 192.168.0.1 | server's local ip: 192.168.0.100) so i used localip 192.168.0.100 & remoteip 192.168.0.234-238 in pptpd.conf. it think there is something wrong with routing or firewall rules, because it seems that the DNS resolution works .. when i try to browse a website my browser says "Waiting for xxxxx.com..." and it stays on that stage forever ! the funny part is that google.com works fine (don't know how).
p.s : * I have already opened the port in on my router. I even tried it locally to make sure that the router is not the problem here. * already added ms-dns 208.67.222.222 / ms-dns 208.67.220.220 to pptpd-options. (found another guide that suggested to do this, before adding these two lines even dns resolution was not working.)
Two days ago we started to receive the following message:
/etc/cron.daily/chkrootkit: The following suspicious files and directories were found: /lib/init/rw/.mdadm /lib/init/rw/.ramfs /lib/init/rw/.mdadm INFECTED (PORTS: 4369) You have 2 process hidden for ps command chkproc: Warning: Possible LKM Trojan installed
And about at the same time (a day before that) we have set up new rules for the queueing disciplines using 'tc' on our Debian lenny box (these rules are for some of the experiments we are carrying out). I have ran the chkrootkit manually and this message (as above) keeps appearing, while the rkhunter tool does not complain about these items. Could there be a connection between setting up the new qdisc's and the chkrootkit "INFECTED" messages?
I've recently turned an older PC into a linux box for the purpose of creating an online server with ftp and ssh capability and file sharing. I've installed Kubuntu 9.10 and I'm trying to ssh to the computer from outside the network.I've install the openssh-client and openssh-server and I've created a static ip address, which works fine. I cannot ssh to the machine from outside the isp using either the direct ip address or hostname. The machine is connected to the internet via a Linksys Wireless G router, and I've edited the configuration settings to keep port 22 open for connect in the port server utility.
I've checked the ssh_config and sshd_config settings and port 22 is the default connection port, which is supposed to be open. I've run ifconfig and everything looks fine. I can connect to the computer using a machine connected to the same router, but other computers cannot access it. I want it to be visible to everyone.
We have something on our network that is reaking havoc with our content filter. I am trying to track it down, but so far I have been unsuccessful. We have approximately 500 devices in 100+ different locations spread across 9 states. Looking at each computer is not really feasible.
I need a machine that can sit in between our network and our internet connection and graphically monitor in real time and logs how much traffic each device is sending and receiving. It would need to sit inline so it has to have two nics and be able to pass traffic. The machine also needs to be transparent. Reconfiguration of our routers or workstations is not an option.
I have used ethereal and wireshark before. Ethereal may be a viable option, but wireshark seems to provide lots of information, but no practical way to make use of it. how to set up the box to be a transparent device on the network that will allow internet bound traffic to flow (freely)?
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
I sometimes get my webserver blocked by my mysql server because of "to many connection errors" and have to use flush hosts to solve it, i now wonder if there is any way to increese that connection error value so the webserver wont get blocked ?
I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
So I set up an Ubuntu 10.04 server with apache2 installed, but for some reason I can't get to it from my browser. the iptables have all changed directories in 10.04 so I can't find the iptables. Apparmor wasn't the problem. The network hard ware is not the problem.There is something inside of 10.04 that is blocking port 80. I can ping it all day using the ip address but when I ping it useing http://ipaddress it can't find the host
I can't seem to remotely SSH or VNC into my machine. If I'm on the LAN and try accessing via LAN IP, it works fine. If i go in through a remote address (my dyndns) or even my home IP, I can't connect (yes, all of the ports are forwarded, I've triple checked this multiple times). Interestingly enough, port 80 works just fine. It would seem as though some sort of firewall is blocking me. I've done this plenty of times before with various machines, and this has me quite perplexed.
I dont know how, but somehow all the ports on my comp appear to be blocked except for 24, for ssh and 5900 unknown. I can connect to the network, but as far as I can tell, I'm powerless to do anything. No webpages load, I'm typing this on my phone.
I tried to install the packages for atmel at76 in order to get my usb wifi dongle work, the Kpackagemanager told me that "some modifcation are necessary to acomplish the task" on followings packages:
linux-generic linux image-generic linux firmware.
When selecting okay the following error message appear :
"The following packages block the update: linux-generic linux-image-generic linux-firmware"
I am trying to use Bittornado with iptables via Firestarter. Previously, I had no problems, but now I have started using Firestarter, traffic is blocked. AIUI, after selecting the .torrent file, the client (me) connects to the tracker. In Firestarter, I see that my IP is trying to connect to various ports, all of which are blocked.I assumed the problem was that because Firestarter has a restrictive outbound traffic policy, that I needed to add Bittornado to it. So in Bittornado, I selected the acceptable ports as 10000-10010 (randomized), and then in Firestarter for the outbound policy I allowed those same ports.The inbound traffic policy has no rules. All traffic is permitted and I have a direct connection to the Internet (no NAT). I do not understand why, if I have selected the permissible outbound ports in Firestarter, and also selected those same ports in Bittornado, why connections between my IP and the tracker are blocked?
So I have two ssh servers I connect to regularly that do not use the standard port 22, so I use the "-p" flag to connect to them. This works flawlessly EVERYWHERE except on my girlfriend's work network. When I am on that network (same laptop), I can ssh into servers which use port 22, but not the other servers on this alternate port.Is there any way OTHER than ssh'ing into a machine I can access and then ssh'ing again from there to my destination (which, by the way, does work)? I want to make a direct connection for speed and security reasons.
I am still trying to run my Write It Now4 under Wine. The first time I couldn't figure out how to do it and then I changed the permissions to give myself Execute permission.This allowed me to install it under wine.When I went to open it, I was given the message again that it was blocked by Ubuntu. How do I unblock it. I have the rights to use this program but the people upstairs seem to know better. this is why I am trying to leave Windows. I don't like my computer telling me that I cannot do something I know I am allowed to do because someone somewhere decided it was not good for me.
I've setup the Uncomplicated Firewall (UFW) on Ubuntu 10.04 LTS and blocked an IP address. UFW status shows that the firewall is active and the IP in question is denied. The issue is that I'm seeing the blocked IP address in my Apache logs.
In my Ubuntu 9.04 installation, just a few days ago, I lost my usage of the internet. I still had internet access. Firstly though, there was a problem with the router, so I tried a friend's router (both Netgear DG834) and the friend's one worked. But in Ubuntu, I could not access any web pages or email. Skype works.
I tried using my netbook and that could access web pages okay. So then I booted my main PC into the old installation that I kept there of Ubuntu 8.04, which I am using now. And in this the internet works just fine, I can access websites and download and send email.
But in Ubuntu 9.04, it seems like something is blocking my access. I do not recall installing anything new, although something may have been updated recently. I can see the DNS servers from Ubuntu 9.04 and it gets an IP address from the router. What is the likely cause of the Internet being blocked for websites and email (but not Skype)?
I have kubuntu running. I have tried updating to KDE 4.5 Beta using the KPackageKit and i now get 118 blocked packages which i cannot install. I used the CLI and typed apt-get update and apt-get upgrade and this did not fix the problem. Is there anyway to find out why those packages are blocked?
i block my screen (glmatriz screensaver), and go sleep or lunch, and when i get back, i have to logon again, and all my applications have been killed. the weirdest thing is that this does not happen everytime, but i cannot find a pattern to the times that happens.i pretty sure that the machine is not rebooting, cause my uptime still intact.some data: ubuntu lucid (upgraded from jaunty) x86, system all up to date. hardware is a desktop dell vostro 220n (intel chipset, 2gb memory and a pentium e5400.
I just upgraded to 10.10 (everything was working fine in 10.04). I have .jar files that in 10.04 would execute with OpenJDK. Now I get an error message, telling me that it is blocked:
"The file '[path]' is not marked as executable. If this was downloaded or copied from an untrusted source, it may be dangerous to run. For more details, read about the executable bit."
I try to set it as executable like it was before, and it's a no go. My checkmark takes then quickly disappears before my eyes.
I recently installed the XRDP server on my desktop edition of Ubuntu v10.04 following the simple instructions available here. I did this on two computers. One computer has Firestarter installed while the other does not.
When I use Windows to connect to the Ubuntu box without Firestarter, everything works just fine. However, when I try to connect to the one running Firestarter, I get a pop up showing an error message (see the attached file).
I checked the incoming rules in Firestarter and I don't see a way to add RDP sessions to the list of exceptions. I also tried adding my IP address in the host section but this too didn't help the situation.
