Le 1 juin 2023 Bonno Bloksma a écrit :
>> If you get an answer it's a dnssec problem with the error message in your
>> logs. If there is no answer it's another problem.
> Well, it seems I get an answer with the +cd option, and none without.
Yes. If I do :
# dig tio.nl A +dnssec +multiline
; <<
Hi,
@Tim,
If I use the dnssec-validation no; option then indeed it all works. Just tested
it again to make sure.
And as a final solution to this problem I might accept it, but I would rather
not.
@Michel,
> I reread all our mails and I miss to ask you this one (as answers via
> external dns
Le 1 juin 2023 Bonno Bloksma a écrit :
> I can do that, but ... that is only for inbound traffic TO my dns server on
> this network.
> That part is working without any problem. Changing that will not change
> anything for the clients on this network.
You are right. I simply used to fix explicit
On Thu, 1 Jun 2023, Bonno Bloksma wrote:
My bind instance can reach the company dns server buy claims the response is
false/insecure
Does that maybe mean that my bind gets a "normal" response from the company dns
whereas the external dns at toplevel .nl. (being the parent zone) tells that an
IPv4 only at this moment as the company network has
only partial IPv6 set up and is not using it over the whole network yet.
I am only sure to reach all servers via IPv4, including the dns servers. Which
is why I forward to the relevant ipv4 addresses.
> Usually fe80:: are local only and n
Le 1 juin 2023 Bonno Bloksma a écrit :
> linbobo:~# ss -nap | grep named
> tcp LISTEN 0 10 [2a02:a45f:96c2:1:1e69:7aff:fe0c:65e3]:53 [::]:*
> users:(("named",pid=554,fd=78))
> tcp LISTEN 0 10 [fe80::1e69:7aff:fe0c:65e3]%eno1:53 [::]:*
> users:(("named",pid=554,fd=71))
> tcp LISTEN 0 10 [fe80::33bc
Hi,
> resolv.conf must have only one search entry. And you don't want to resolv
> with google directly. So you should have :
Ok, I have the google dns commented. Alhough Now I remember why I had the
google dns in there. ;-)
For my machine to create the VPN it needs to know the ip number of
Le 19 mai 2023 Bonno Bloksma a écrit :
> Been a few busy week, that is why I only respond now, sory.
Same for me :/
> beheerdertio@linbobo:~$ cat /etc/resolv.conf
> domain bobo.xs4all.nl
> search bobo.xs4all.nl
> search tio.nl
> search staf.tio.nl
> search student.tio.nl
> nameserver 127.0.0.1
>
Hi,
Been a few busy week, that is why I only respond now, sory.
Also as there is a lot of sensitive info in this mail, like a complete lost
to domain controllers to be hacked, ;-) I am sending it direct. I will send a
redacted version to the list
>> What does +cd do? I was unable to find it
Le 8 mai 2023 Bonno Bloksma a écrit :
> I also do not understand this difference when querying the internal dns
> server directly.
> Why does the +trace +cd not show an answer but when I leave them out I get a
> correct answer. Is that because +trace forces it to start at the root which is
> irre
do but...
:)
Just did a flush and then a query. It still seems to query the public dns and
not (exclusively) forward the request.
linbobo:/etc/bind# dig einsccmdp-01.tio.nl +trace +cd
; <<>> DiG 9.16.37-Debian <<>>
Le 5 mai 2023 Bonno Bloksma a écrit :
> linbobo:/etc/bind# cat named.conf.local
You have only zone blocks in this file, right ?
And you don't use views ?
> Why does it first go to the public dns and then run into the dnssec problem?
> There is a direct definition for the tio.nl zone in my confi
lready on the same forwarders.
> I don't know if it's valid but it seems useless. And your logs suggest a
> problem between staf.tio.nl and tio.nl.
> Could you comment staf.tio.nl and student.tio.nl, restart bind (or reload +
> flush) and try again above dig ?
So you say if I just
Le 2 mai 2023 Bonno Bloksma a écrit :
> linbobo:/etc/bind# cat named.conf.local
> ---
> []
> zone "tio.nl" IN {
> type forward;
> forward only;
> forwarders {172.16.128.40; 172.16.208.10;};
> };
>
> zone &
zone
>> staf.tio.nl -- invalid response
>
> I suppose you reboot after your upgrade ?
Yes I do, however by now the machine has been up and running for over 3 days.
> Do you have defined somewhere on linbobo a zone staf.tio.nl ?
> I guess not but do a grep just to be sure.
Yes, li
Le 28 avril 2023 Bonno Bloksma a écrit :
> We use a different dns server(s) and zonefile for the external dns
> environment from what we use internally. Company dns is Windows server 2016
> incase that is relevant.
It's better to use dig (package bind9-dnsutils) to first eliminate
problems on o
internal dns servers.
A few months ago we had a change in our external dns provider and they enabled
secure dns.
After that I had some (security?) problems getting bind to forward my internal
dns servers. My guess was that somehow it would see the security for the domain
at the .nl level and it
On 04/21/2022 07:03 AM, Richard Owlett wrote:
I am not upgrading in place.
I currently have Debian 9.13 installed on one partition with /home on a
different partition.
I will install Debian 11.3 on a fresh partition and have /home remain on
its current partition.
I'm aware of cautions abou
* On 2021 05 Feb 19:02 -0600, darb wrote:
> For anyone following along this was fixed in the latest neomutt release
> 20210205 [1]
I was going to follow up that version 20201127+dfsg.1-1 landed in my
update for Bullseye today and the forwarding issue is fixed in this
latest Debian version.
- Na
On 06/01/21 08:41PM, Nate Bargmann wrote:
Last month I upgraded this desktop from Buster to Bullseye. It was a
fresh installation since something went wrong on that particular day
with 'apt dist-upgrade'. Oh well.
Anyway, with the current neoumtt package whenever I forward an ema
Well, yesterday I finally got around to filing a bug on the neomutt
GitHub issue tracker:
https://github.com/neomutt/neomutt/issues/2788
The developers quickly bisected to the bug and the fix has been applied:
https://github.com/neomutt/neomutt/commit/396a61b106ea16a8ea528a86fff5e0ab141df2fc
I
My apologies as I neglected to say that I set the variable to 'yes' and
restarted neomutt and forwarded the latest message and the HTML
attachment was dropped as before with this version.
- Nate
--
"The optimist proclaims that we live in the best of all
possible worlds. The pessimist fears thi
Well, that looked promising, David. Thanks for catching that.
It appears that the count_alternatives variable is intended for counting
the attachments a message has and showing that number in the index view.
Its documentation leads to:
https://neomutt.org/guide/mimesupport.html#attachments
whic
eoumtt package whenever I forward an email
> that is MIME encoded and has an HTML attachment wrapped in a
> multipart/alternative MIME block, the HTML attachment is dropped. The
> message I am forwarding is to a local hobbyist mailing list and I was
> notified by one of the list membe
7;apt dist-upgrade'. Oh well.
Anyway, with the current neoumtt package whenever I forward an email
that is MIME encoded and has an HTML attachment wrapped in a
multipart/alternative MIME block, the HTML attachment is dro
Greg Wooledge writes:
> Either you didn't run "apt-get update" first, or your mirror is out of
> sync. The current version of dovecot-core in buster is
> 1:2.3.4.1-5+deb10u1.
Thank you. It was the former. I failed to run apt-get
update but I didn't just forget. Ever since I upgraded
On Mon, Nov 04, 2019 at 12:06:44PM -0600, Martin McCormick wrote:
> Then the wheels flew off:
>
> Err:1 http://ftp.us.debian.org/debian buster/main i386 dovecot-core i386
> 1:2.3.4
> .1-5
> 404 Not Found [IP: 208.80.154.15 80]
Either you didn't run "apt-get update" first, or your mirror is ou
Bob Weber writes:
> Why not create a user on the Linux box to receive such emails and have the
> MAC client connect to that user on the Linux box. You might have to
> install a pop server (popa3d ... easiest to install and configure) or imac
> server (dovecot-imapd ... harder to configure and pro
. We are on a private vlan as in 192.168.x.x.
All local host names are resolved via hosts files. Messages to
go to the big wide world must go through Suddenlink's SMTP
smarthost and I definitely don't want to break that.
On rare occasions, I want to forward an email to the Mac
whi
to the big wide world must go through Suddenlink's SMTP
smarthost and I definitely don't want to break that.
On rare occasions, I want to forward an email to the Mac
which normally doesn't send or receive emails. What would be the
simplest way to "forward" an em
break that.
On rare occasions, I want to forward an email to the Mac
which normally doesn't send or receive emails. What would be the
simplest way to "forward" an email from the Linux box to the
Mac's mailer?
The Mac only needs to be able to receive, not send any
email.ou
o through Suddenlink's SMTP
smarthost and I definitely don't want to break that.
On rare occasions, I want to forward an email to the Mac
which normally doesn't send or receive emails. What would be the
simplest way to "forward" an email from the Linux box to the
M
Bob Weber writes:
>
>
> Why not create a user on the Linux box to receive such emails and have the
> MAC client connect to that user on the Linux box. You might have to
> install a pop server (popa3d ... easiest to install and configure) or imac
> server (dovecot-imapd ... harder to configure a
On rare occasions, I want to forward an email to the Mac
which normally doesn't send or receive emails. What would be the
simplest way to "forward" an email from the Linux box to the
Mac's mailer?
The Mac only needs to be able to receive, not send any
email.
Tha
Here is the setup. We are on a private vlan as in 192.168.x.x.
All local host names are resolved via hosts files. Messages to
go to the big wide world must go through Suddenlink's SMTP
smarthost and I definitely don't want to break that.
On rare occasions, I want to forward a
On Thu, Jun 13, 2019 at 10:06:30AM +0100, BELAHCENE Abdelkader wrote:
> Hi,
> I am using one machine, say SERV, as a gateway ( cards eth0, eth1) from
> network1 to network2, I want to forward all packets but tcp port 80 so
> I used
> *sysctl -w net.ipv4.ip_forward=1*
This j
Hi,
I am using one machine, say SERV, as a gateway ( cards eth0, eth1) from
network1 to network2, I want to forward all packets but tcp port 80 so
I used
*sysctl -w net.ipv4.ip_forward=1*
*I want to drop port 80, and accept others port*
*I tryed*
*iptables -A FORWARD -i eth1 -o eth0 -p
On Sat, Jan 20, 2018 at 07:30:09PM +, Joe wrote:
> On Sat, 20 Jan 2018 12:13:12 -0600
> Jason wrote:
>
> > Hi,
> >
> > I am trying to setup (what should be) a simple iptables table between
> > two machines on a local network, both with static IP addresses. The
> > machine I want to set up th
On Sat, Jan 20, 2018 at 07:58:27PM +0100, Pascal Hambourg wrote:
> Le 20/01/2018 à 19:13, Jason a écrit :
> >
> >I am trying to setup (what should be) a simple iptables table
>
> I don't think so. In iptables, "tables" are preexisting data structures
> containing chains, and chains contain rules t
Joe wrote:
> OK, that leaves little doubt that it's a firewall issue.
usually xauth missing or wrong xauth
people do upgrade, then just press yes and pile up mess over mess and then
come here to ask for help.
it's fun
regards
On Sat, 20 Jan 2018 12:13:12 -0600
Jason wrote:
> Hi,
>
> I am trying to setup (what should be) a simple iptables table between
> two machines on a local network, both with static IP addresses. The
> machine I want to set up the iptables on is a headless server which I
> access using ssh. I want
Le 20/01/2018 à 19:13, Jason a écrit :
I am trying to setup (what should be) a simple iptables table
I don't think so. In iptables, "tables" are preexisting data structures
containing chains, and chains contain rules that you create. The set of
rules in these chains and tables is called, wel
Hi,
I am trying to setup (what should be) a simple iptables table between
two machines on a local network, both with static IP addresses. The
machine I want to set up the iptables on is a headless server which I
access using ssh. I want to cut off all communications except with the
machine I ssh f
Mimiko wrote:
> I did some test today to with tcpdump. It's realy strange. First I
> uninstalled vlan. Configured all again. using tcpdump I saw it was
> sending packets. But at first it didn't want to work.
> I added 8021q to /etc/modules, rebooted server and as I wrote: ping
> works, ftp works
Well.
I did some test today to with tcpdump. It's realy strange. First I
uninstalled vlan. Configured all again. using tcpdump I saw it was
sending packets. But at first it didn't want to work.
I added 8021q to /etc/modules, rebooted server and as I wrote: ping
works, ftp works, but not http
Mimiko wrote:
> What is wrong with http/htpps ? Why icmp works, ftp works, but http/https is
> not working?
Since Sven pointed out that I was out of date I no longer have a
clue.
To debug this I would run tcpdump on both sides of the router and
examine the packets for http and verify that they ar
Sven Hartge wrote:
> Bob Proulx wrote:
> > I see no vlans in your configuration above. The above simply shows
> > additional IP addresses being assigned. If your switch is requiring
> > vlan tagging then that is likely your problem.
>
> Ah, nope.
>
> It's "magic". Since Wheezy ifupdown knows
Bob Proulx wrote:
> Mimiko wrote:
>> I set up in interfaces:
>> auto eth0
>> iface eth0 inet static
>> address local_lan_ip
>> netmask mask
>> auto eth1.2
>> iface eth1.2 inet static
>> address isp1
>> netmask mask
>> auto eth1.4
>> iface eth2.4 inet static
>> addres
Mimiko wrote:
> I set up in interfaces:
> auto eth0
> iface eth0 inet static
> address local_lan_ip
> netmask mask
> auto eth1.2
> iface eth1.2 inet static
> address isp1
> netmask mask
> auto eth1.4
> iface eth2.4 inet static
> address isp2
> netmask mask
>
> V
$eth2.4_gateway dev $eth2.4_eth
weight 100
In iptables I do:
iptables -t nat -A POSTROUTING -o eth1.2 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth1.4 -j MASQUERADE
iptables -A FORWARD -j ACCEPT
Now when i ping from the linux router - it works.
When I ping from some workstation behind
tdocs
Using Mod Proxy, forward all requests for image files
(.jpg, .gif, or .png) to the backend server without modifying the URL of
the request
All errors should log to
/var/www/vhosts/frontend/logs/error.log
All access requests should be logged to
/var/www/vhosts/frontend
Hi all,
This does not seems do be known as a bug.
But on my last kile (from sid) I can not find the "configure Kile" from
"tools" menu.
Moreover the inverse search with okular is not working anymore.
Neither the forward view from Kile.
Without the "configure kile
> john@example.net
> \john
Cool!
thanks :-)
Pol
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51a24d4f.9080...@fuckaround.org
Pol Hallen wrote:
> putting an email to .forward (into a dir account) its email goes to that
> address.
> I need keep a copy of that email.
> Can I do it with /etc/aliases? or there's another way?
Put yourself into the .forward too, prefixed with "\". For example
On Sat, 18 May 2013, Pol Hallen wrote:
> Hi folks!
>
> putting an email to .forward (into a dir account) its email goes to that
> address.
>
> I need keep a copy of that email.
>
> Can I do it with /etc/aliases? or there's another way?
>
> thanks!
>
&
Hi folks!
putting an email to .forward (into a dir account) its email goes to that
address.
I need keep a copy of that email.
Can I do it with /etc/aliases? or there's another way?
thanks!
Pol
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "u
On Tue, Apr 30, 2013 at 02:48:29PM +0800, Magicloud Magiclouds wrote:
>Hi,
> We have a barcode scanner used here, which for some reason has to be a
>serial device. So all its scanning output is sent to /dev/ttyACM0. If I
>`cat /dev/ttyACM0`, I could get the strings.
> Problem
Hi,
We have a barcode scanner used here, which for some reason has to be a
serial device. So all its scanning output is sent to /dev/ttyACM0. If I
`cat /dev/ttyACM0`, I could get the strings.
Problem now is, how to let these input be sent to X, acting like a normal
keyboard.
Any ideas?
--
am using exim4.
> >> Thanks.
> >
> > For cron, one common way is to add a line to the top of the crontab
> > entry for the user that cron is running the jobs for, like this:
> >
> > MAILTO="u...@othermachine.com"
> >
> > If you want all
ry for the user that cron is running the jobs for, like this:
>
> MAILTO="u...@othermachine.com"
>
> If you want all mail that's being sent to a local address to be
> forwarded, you can put a .forward file in the home directory of the
> user that's receiving the
quot;
If you want all mail that's being sent to a local address to be
forwarded, you can put a .forward file in the home directory of the
user that's receiving the mail, with the address to be forwarded to in
it. No other text is needed, just the address.
--Dave
On Thu, 24 May 2012 12:46:33 +0300
Lars Noodén wrote:
> On 5/24/12 11:32 AM, J. Bakshi wrote:
> > Ok, thanks.
> > Then I'll do it by rewrite through .htaccess
>
> If you have access to the web server's configuration file, put your
> changes there instead. It is better to have everything in the
On 5/24/12 11:32 AM, J. Bakshi wrote:
> Ok, thanks.
> Then I'll do it by rewrite through .htaccess
If you have access to the web server's configuration file, put your
changes there instead. It is better to have everything in the same
place. Also, if you haven't already, take a look at the Rewrit
``
> > # for 82 > 80 of 192.168.1.2
> > iptables -A INPUT -p tcp -m tcp --dport 82 -j ACCEPT
> > iptables -A PREROUTING -t nat -i ${LAN_IFACE} -p tcp --dport 82 -j DNAT
> > --to 192.168.1.2:80
> > iptables -A FORWARD -p tcp --dport 82 -i ${LAN_IFACE} -
iptables -A PREROUTING -t nat -i ${LAN_IFACE} -p tcp --dport 82 -j DNAT --to
> 192.168.1.2:80
> iptables -A FORWARD -p tcp --dport 82 -i ${LAN_IFACE} -j ACCEPT
>
> iptables -A PREROUTING -t nat -i ${WAN_IFACE} -p tcp --dport 82 -j DNAT --to
> 192.168.1.2:80
> iptables -A
gt; iptables -A PREROUTING -t nat -i ${LAN_IFACE} -p tcp --dport 82 -j DNAT
> --to 192.168.1.2:80
> iptables -A FORWARD -p tcp --dport 82 -i ${LAN_IFACE} -j ACCEPT
>
> iptables -A PREROUTING -t nat -i ${WAN_IFACE} -p tcp --dport 82 -j DNAT
> --to 192.168.1.2:80
> iptables -A
:80
iptables -A FORWARD -p tcp --dport 82 -i ${LAN_IFACE} -j ACCEPT
iptables -A PREROUTING -t nat -i ${WAN_IFACE} -p tcp --dport 82 -j DNAT --to
192.168.1.2:80
iptables -A FORWARD -p tcp -d 192.168.1.2 --dport 80 -j ACCEPT
```
How can I forward inside a folder like
192.168.
hers can't connect to me.
> how to I forward the ports to the eth1 machine so that I can have a
> server on it? (or as routers often call it "virtual servers")
You need port forwarding, known as DNAT to friends. The official
documentation is here:
http://www.netfilter.org
> my problem is that I cannot access the machine on eth1 when it
> serves. For example, from the machine connected to eth1 I could play
> quake 3 connecting to a server on the internet flawlessly, but I
> cannot host a server myself, others can't connect to me.
> how to I forw
On Jo, 12 ian 12, 16:34:16, YR wrote:
>
> The system has 2 network cards. Debian accesses the internet via
> eth0 without problems. (typical dhcp getting IP from ISP)
> the internet connection is shared, and the xp machine connected to
> eth1 connects to the internet also without problems (none th
could play quake 3
connecting to a server on the internet flawlessly, but I cannot host a
server myself, others can't connect to me.
how to I forward the ports to the eth1 machine so that I can have a
server on it? (or as routers often call it "virtual servers")
I also want to ac
On Tuesday 21 June 2011 09:10:41 giovanni_re wrote:
> I have given an opportunity to the Debian community
Tommy-rot.
The Debian community already was, and is still, able to post anything to the
wiki that it wishes. All you have done is create empty pages that will
confuse search engines, and p
On Tue, Jun 21, 2011 at 4:10 AM, giovanni_re wrote:
FYI
http://lists.debian.org/debian-www/2011/06/msg00157.html
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/ban
On 21/06/11 18:10, giovanni_re wrote:
> Thanks for your interest in this, Jon. :)
Please don't top post.
Please don't fork threads.
Please read, and respect the rules and guidelines for posting - it's not
that hard to re-quote posts as they were originally formatted.
>
> On Mon, 20 Jun 2011 15:
t, your erasure, plus this response = -1 + 2 = +1 for the debian
community. ;) :)
Please: next time, think for merely 10 to 15 seconds about what you
might do in merely 30 seconds to help move the debian community forward
when looking at
Sorry: the MAC I wrote is too long, please read aa:bb:cc:dd:ee:ff instead.
Nicolas
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4de79491.7070...@yahoo.fr
Hi,
I want to start a virtual machine and be able to connect to it from the host. Reading the
qemu manual, I found I have to use "-net nic" to choose both NIC MAC and model and "-net
user" in order to define port forwards from host to guest.
I want to forward ports (t
Bonno Bloksma wrote at 2010-11-24 13:31 -0700:
> I cannot get radvd to work out of the box because ipv6 forward is disabled
> However in sysctl.conf in sysctl.conf I have:
>
> linbobo:~# grep ipv6 /etc/sysctl.conf
> net.ipv6.conf.all.forwardin
On 2010-11-24 21:31 +0100, Bonno Bloksma wrote:
> I cannot get radvd to work out of the box because ipv6 forward is disabled
>
> linbobo:/var/log# /etc/init.d/radvd start
> Starting radvd:
> * IPv6 forwarding seems to be disabled.
> * See /usr/share/doc/r
Hello,
I cannot get radvd to work out of the box because ipv6 forward is disabled
linbobo:/var/log# /etc/init.d/radvd start
Starting radvd:
* IPv6 forwarding seems to be disabled.
* See /usr/share/doc/radvd/README.Debian
* radvd will *not* be started.
linbobo:/var/log
Mark wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Joe wrote:
Mark wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
I just installed a new debian lenny server and now i am trying to
forward all http request from my old debian etch installation to the new
one. The statement
2009/10/6 Mark :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hello,
>
> I just installed a new debian lenny server and now i am trying to
> forward all http request from my old debian etch installation to the new
> one. The statement i used was the following
Mark wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
I just installed a new debian lenny server and now i am trying to
forward all http request from my old debian etch installation to the new
one. The statement i used was the following:
iptables -t nat -A PREROUTING -p tcp --dport
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello,
I just installed a new debian lenny server and now i am trying to
forward all http request from my old debian etch installation to the new
one. The statement i used was the following:
iptables -t nat -A PREROUTING -p tcp --dport http -j DNAT
On Sat, Jul 18, 2009 at 18:25 +0200, Siggy Brentrup wrote:
> ps: I'm not sure whether ubuntu-users is the right place to ask,
> any admin forum will have better response time :-)
My humblest apologies for this error: I meant debian-user.
duckin'ly yours
Siggy
--
Please don't cc: me when r
On Sat, Jul 18, 2009 at 12:29 +0200, michal krajcirovic wrote:
> hello,
> I have server which has several IP. there come requests for port 80 and
> i want this forward requests to other server, where web is running. I
> need that but completely transparent - in the logs on the
hello,
I have server which has several IP. there come requests for port 80 and
i want this forward requests to other server, where web is running. I
need that but completely transparent - in the logs on the destination
server where the webs must be running as well as to direct the opening
you can be somewhat limited in what you
> can do, depending on the capabilities of the router and the
> capabilities of the software to deal with NAT. If you have a good
> router, you can use that --- if you don't, connect the computer from
> option b.) instead of the router. Then y
, you can use that --- if you don't, connect the computer from
option b.) instead of the router. Then you might want to use
additional software to increase safety ...
> > It's probably because input and output are being accepted instead of
> > dropped.
>
> That's
need to set ACCEPT for INPUT/OUTPUT
chains while all I want is FORWARD? - Why FORWARD seems to not function with
dropped INPUT/OUTPUT?
> Don't you need to assign a network card --- or at least an IP address
> --- to each of the different OSs you're running on the same computer
>
output are being accepted instead of
dropped.
> - IMHO all the forward should not
> apply to the routing machine - that are INPUT, OUTPUT on real machine. Or I
> miss something?
Don't you need to assign a network card --- or at least an IP address
--- to each of the different OSs you're r
Good day.
I want to make a well closed machine running vservers - that is I want to make
such a forwarding that any communications will be off the machine (for the
security reasons)
- but only affecting those in vserver.
Thus far I have on real machine:
*filter
:INPUT ACCEPT
:FORWARD DROP
On Fri, May 29, 2009 at 02:18:49AM +0900, EQMaker wrote:
> Dears...
>
> How can I make my linux-box to multicast packet forward enable?
>
> I made up unicast forwarding by edit [/etc/sysctl.conf]
> Yea... just uncomment...
>
> But.. I couldn't find about multicast
Dears...
How can I make my linux-box to multicast packet forward enable?
I made up unicast forwarding by edit [/etc/sysctl.conf]
Yea... just uncomment...
But.. I couldn't find about multicast section at [/etc/sysctl.conf]
To make
[net.ipv4.conf.all.mc_forwarding=1] and [net
On Thu, 28 May 2009, "EQMaker" writes:
> FORWARD_IPV4=yes at /etc/sysconfig/network.
$ grep forward /etc/sysctl.conf
# Uncomment the next line to enable packet forwarding for IPv4
#net.ipv4.ip_forward=1
# Uncomment the next line to enable packet forwarding for IPv6
#net.ipv6.conf.a
Hi all~ :)
As you know, on Fedora, to enable packet forwading,
FORWARD_IPV4=yes at /etc/sysconfig/network.
Where can I setup that on debian?
-Original Message-
From: Alex Samad
To: debian-user@lists.debian.org
Subject: Re: IP Forward Problems
Date: Mon, 16 Mar 2009 10:02:28 +1100
Mailer: Mutt/1.5.18 (2008-05-17)
On Fri, Mar 13, 2009 at 12:44:40PM +1100, Alex Samad wrote:
> On Thu, Mar 12, 2009 at 10:43:52AM -, Ger
why do you have 3 interface into the same ip network ? I presume there
> > > are all attached to the same ethernet broadcast domain ?
> > >
> > > that shouldn't be causing the problem though. have you done a tcpdump to
> > > see what traffic is being forwa
o the same ethernet broadcast domain ?
> >
> > that shouldn't be causing the problem though. have you done a tcpdump to
> > see what traffic is being forwarded ? The other question is why do you
> > need to forward ?
> >
> > can you do an ip route please
>
ces to a normal size and the
>> No buffer space available errors stop.
>
> why do you have 3 interface into the same ip network ? I presume there
> are all attached to the same ethernet broadcast domain ?
>
> that shouldn't be causing the problem though. have you done a t
1 - 100 of 395 matches
Mail list logo
