search for: allows

Hi all, I am trying to configure squid as a interception HTTPS proxy under CentOS 7. At every https request, I am receiving a certificate error. My current config for squid is: # My localnet acl localnet src 172.22.55.0/28 acl localnet src 172.22.58.0/29 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70

...ut tripping up on some bugs in source3/utils/net_rpc.c, source3/utils/net_rpc_printer.c, and source3/utils/net_cache.c where there is an invalid use of the ":" operator. According to some other posts on the PostgreSQL forum, this shouldn't compile anywhere, even though GCC apparently allows it?? (http://archives.postgresql.org/pgsql-hackers/1998-09/msg00211.php) Maybe there's a way to skip building these components? Anyway, here's what I'm seeing on the console: bash-3.2# make WAF_MAKE=1 ./buildtools/bin/waf build Waf: Entering directory `/admin/tst/build/samb...

I recently setup my Puppetmaster server to run through Passenger via Apache instead of on the default webrick web server. SELinux made that not work and I've found some documentation on making rules to allow it however mine won't load. This is the policy I found via this website, http://sandcat.nl/~stijn/2012/01/20/selinux-passenger-and-puppet-oh-my/comment-page-1/ . module

If someone has some free time, can you go over my ipfw config. See if I have any problems, or things i should add. Im not an ipfw expert or anything. Here is the config. add 100 allow all from any to any via lo0 add 110 deny log all from any to 127.0.0.0/8 add 120 deny log ip from 127.0.0.0/8 to any add 00200 check-state add 00250 deny all from any to any frag in via bge0 add 00260 deny

Hello forum. I''m in the process of re-organizing my server and ACL-settings. I''ve seen so many different ways of doing ACL, which makes me wonder how I should do it myself. This is obviously the easiest way, only describing the positive permissions: /usr/bin/chmod -R A=\ group:sa:full_set:fd:allow,\ group:vk:read_set:fd:allow \ However, I''ve seen people split each

Hi: I have been using Dovecot for well over a year now and it has always worked with few problems. The mail setup is not simple... Postfix+MailScanner+ClamAV+Docvecot+MySql+postfix.admin... just to mention the major things. The system is CentOS 5.3 on VMware. The maildir is on an NFS share, index and control is local. About a month ago I thought I upgraded from 1.1.x to 1.2.x. by doing an

Hi, We want to restrict acces to the shares on our samba server using "hosts allow". Can I get this to work with clients who have dynamic IP addresses and don't have revers DNS lookup ? Best regards, Eric Eijkelboom Sr Systems Manager Medtronic B.V. Heerlen, The Netherlands Phone : +31-(0)45-566.8544 Fax : +31-(0)45-566.8008 www.medtronic.com <http://www.medtronic.com/>

Hi peeps, After compiling ipfw into the new 6.2 kernel, and typing "ipfw list", all I get is: "65535 deny ip from any to any" From reading the docs, this might indicate that this is the default rule. (I am certainly protected this way--but can't be very productive ;^) ) By the way, when I run "man ipfw" I get nothing. Using this instead:

Installed Packages Name : postfix Arch : x86_64 Epoch : 2 Version : 2.6.6 Release : 6.el6_5 Size : 9.7 M Repo : installed >From repo : updates I am seeing several of these in our maillog file after a restart of the Postfix service: Apr 23 12:48:27 inet08 setroubleshoot: SELinux is preventing /usr/libexec/postfix/smtp from 'read, write'

Dear W.D. Do you understand that by adding the rules into kernel space numbered from zero to sixty five thousand five hundred thirty four you may alter the behavior of the rule number sixty five thousand five hundred thirty five can you please define and list the goals you are trying to achieve by altering default rule in the terms you can both explain and understand. ----- Original Message

check out sslbump documentation: http://wiki.squid-cache.org/Features/SslBump -- Eero 2016-02-04 15:24 GMT+02:00 C. L. Martinez <carlopmart at gmail.com>: > Hi all, > > I am trying to configure squid as a interception HTTPS proxy under CentOS > 7. At every https request, I am receiving a certificate error. > > My current config for squid is: > > # My localnet

Hi all, I need to test the following scenario: +-----------+ +-----------+ | asterisk 1| | asterisk 2| +-----------+ +-----------+ | | | | _______|__________________|___________ | | | | | | +-------+ +-------+ | ATA 1 |

On 04/02/2016 13:24, C. L. Martinez wrote: > Hi all, > > I am trying to configure squid as a interception HTTPS proxy under CentOS 7. At every https request, I am receiving a certificate error. > > My current config for squid is: > > # My localnet > acl localnet src 172.22.55.0/28 > acl localnet src 172.22.58.0/29 > > acl SSL_ports port 443 > acl Safe_ports

I manage a bunch of workstations at the Wendell Free Library. They are all diskless, boot via PXE and mount all of their file systems via NFS from a server. All of the machines are 32-bit and run CentOS (fully up-to-date running 5.10). There are two printers with queues managed on the server. The server 'shares' these printers on the local LAN (eg with all of the workstations).

Dear Dovecot users, hello. I will merge two issues I have into a single email because they may be related. I used dovecot on a OmniOS server since 2014 (currently OmniOS r151014) with the following configuration (it shows 2.2.18 because I recently updated dovecot, skipping only the PostgreSQL plugin): # 2.2.18: /etc/dovecot/dovecot.conf # OS: SunOS 5.11 i86pc zfs mail_location =

Ok it seems like you are in the exact same situation I was. So here are the files in a tgz. Once uncompressed, you'll have to change each occurance of "DC=MYDOMAIN,DC=com" according to your configuration. you can do this with something like : perl -pi -e 's/DC=MYDOMAIN,DC=com/DC=Carlos,DC=com/g' * Then you will have to run ldbadd and ldbmodify in the correct order to upgrade

...See below. >> >> > >> # Allow DNS with name server >> > >> add allow udp from any to any domain out >> > >> add allow udp from any domain to any in >> > >Nope. >> >>You want to watch out here. This allows udp packets from any address >>with source port 53 to connect with any open udp port on your system, >>and allows the responses as well. It's a simple matter using such as >>netcat to source packets from port 53. > >Should I restrict it by specifically stating the serv...

msDS-isRODC is introduced in version 32 of the schema. This is the problem I faced. You can have a look to https://lists.samba.org/archive/samba/2015-August/193258.html. --------------------------------------------- Christophe Borivant Responsable d'exploitation informatique +33 5 62 20 71 71 (Poste 503) Devinlec - Groupe Leclerc -------------------------------------------- ----- Mail

Hi Friends, Same question has been asked on the Squid mailing list but so far no reply on the mailing list so posting it here also. We are trying to cache some files from apple.com like .dmg, .pkg, .ipa etc.. so that local clients can fetch the data from the cache. The problem we are facing is that we have download restrictions for every client to 25 MB during work hours except for a particular

I had the same problem so i setup up hosts.allow to only allow access from certain ips i require This has the affect of killing the connection from any other ip befor gettign to any login prompt example below sshd : localhost : allow sshd : 192.168.2. : allow sshd : 82.41.115.213 :allow sshd : 216.123.248.219 : allow <-- public ip i wish to allow of course i have changed it sshd : all :