search for: established

...for bind the port 53. The clients (WinXP) seems to have problems to read and write from/to the home directories. Maybe samba4 need additional or other ports to working fine? Here my current iptables-rules: IPTABLES=/sbin/iptables #Bind $IPTABLES -A INPUT -p tcp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT; $IPTABLES -A OUTPUT -p tcp --sport 53 -m state --state ESTABLISHED -j ACCEPT; $IPTABLES -A INPUT -p udp --dport 53 -m state --state NEW,ESTABLISHED -j ACCEPT; $IPTABLES -A OUTPUT -p udp --sport 53 -m state --state ESTABLISHED -j ACCEPT; #Samba $IPTABLES -A INPUT -p udp --dport 137:...

...tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113 Chain all2all (0 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 Drop all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Shorewall:all2all:DROP:'' 0 0 DROP all -- * * 0.0.0.0/0...

Hi, I've been able to get tinc setup when I flush all my iptables, but after enabling iptables and a delay I get a "Destination Net Unknown". I have three host (HOME10.0.3.2, MASTER 10.0.3.1, WEB 10.0.3.3) MASTER and WEB are in Digital ocean in the same data centre. HOME <---> MASTER <---> WEB I've tried multiple forwarding/masquerading/etc rules and

...the first one is configured as CPE, the second one as NET(so I don't need real lines for developing and testing). Once in a while I do see the following libpri error messages simultaneously on both boxes: PRI Span: 1 TEI=0 MDL-ERROR (A): Got supervisory frame with F=1 in state 7(Multi-frame established) PRI Span: 2 TEI=0 MDL-ERROR (A): Got supervisory frame with F=1 in state 7(Multi-frame established) PRI Span: 2 TEI=0 MDL-ERROR (A): Got supervisory frame with F=1 in state 7(Multi-frame established) PRI Span: 4 TEI=0 MDL-ERROR (A): Got supervisory frame with F=1 in state 7(Multi-frame established...

...0 DROP icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 icmptype 8 > 0 0 ACCEPT icmp -- * * x.x.x.x 0.0.0.0/0 > icmptype 8 > 0 0 ACCEPT icmp -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED,ESTABLISHED > 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 > 0.0.0.0/0 tcp spt:5666 > 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:22 state NEW,ESTABLISHED > 192 13741 ACCEPT tcp -- eth0 * 0.0.0.0/0 &gt...

.../sbin/iptables -A INPUT -i lo -j ACCEPT # Permito las IP iptables -A INPUT -s 192.168.1.5 -j ACCEPT #permito el acceso a servicio ntp /sbin/iptables -A INPUT -s 192.168.2.3 -p udp -m udp --dport 123 -j ACCEPT /sbin/iptables -A INPUT -s 192.168.2.3 -p udp -m udp --sport 123 -m state --state RELATED,ESTABLISHED -j ACCEPT #permito el acceso a smb-udp #lan dvm /sbin/iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --dport 88 -j ACCEPT /sbin/iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --sport 88 -m state --state RELATED,ESTABLISHED -j ACCEPT /sbin/iptables -A INPUT -s 192.168.1.0/24 -p udp -m udp --d...

...11 forwarding? Currently we're using iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT iptables -A INPUT -m limit --limit 15/minute -j LOG --log-level 7 --log-prefix "Dropped by firewall: " iptables -A INPUT -i eth1 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth1 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth1 -p tcp --dport 8080 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth1 -p tcp --dport 6000 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i...

...fficulty with were cases pppoed MTU != 1500, from not having installed tcpmssd on my 4.*-RELEASE, but then running 6.1-RELEASE I realised that wasn't the problem. http://www.web.de Still failed, & http://www.sueddeutsche.de Was slow. I tried adding ${fwcmd} add pass tcp from any to any established from src/etc/rc.firewall case - simple. Which solved it. But I was scared, not undertstand what the established bit did, & how easily an attacker might fake something, etc. I found adding these tighter rules instead worked for me ${fwcmd} tcp from any http to me established in via tun0 ${fwcm...

Hi All, I've a BT Versatility PBX that I want to connect to my asterisk 11.9.0 box via BRI port in NT mode but actually I wasn't able to get it working. I've another standalone PBX, it's a Panasonic model, which works fine connected to the same port. The BT connected to a UK BT BRI line works quite fine after roughly a minute once connected. The PBX can be seen at

...snip> Out of some reason, port 6018 on 127.0.0.1 is not used by sshd (but it should: see "::1:6018" below). Further investigations lead to the following: <snip> jackdaw:~ # netstat -pn | grep ":6016" tcp 0 0 127.0.0.1:6016 127.0.0.1:6039 ESTABLISHED 14279/sshd: jens at no tcp 0 0 127.0.0.1:6016 127.0.0.1:6038 ESTABLISHED 14279/sshd: jens at no tcp 0 0 127.0.0.1:6016 127.0.0.1:6037 ESTABLISHED 14279/sshd: jens at no tcp 0 0 127.0.0.1:6016 127.0.0.1:6047 ES...

Hi, all. I set up a dht system, and sent a HUP signal to client to trigger the reconfiguration. But i found that the TCP connection established increased by the number of bricks(the number of glusterfsd progress). $ ps -ef | grep glusterfs root 8579 1 0 11:28 ? 00:00:00 glusterfsd -f /home/huz/dht/server.vol -l /home/huz/dht/server.log -L TRACE root 8583 1 0 11:28 ? 00:00:00 glusterfsd -f /home/huz/dht/s...

...cess to this port is disabled for security reasons. Added command (hint from earlier posting) and got this list # netstat -aptn | grep :389 tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 2407/slapd tcp 0 0 127.0.0.1:389 127.0.0.1:33057 ESTABLISHED 2407/slapd tcp 0 0 127.0.0.1:389 127.0.0.1:32833 ESTABLISHED 2407/slapd tcp 0 0 127.0.0.1:389 127.0.0.1:33058 ESTABLISHED 2407/slapd tcp 0 0 127.0.0.1:33053 127.0.0.1:389 ESTABLISHED 2576/httpd tcp...

.../24 0.0.0.0/0 0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmptype 8 0 0 ACCEPT icmp -- * * x.x.x.x 0.0.0.0/0 icmptype 8 0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp spt:5666 0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW,ESTABLISHED 192 13741 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt...

Hi all, I''ve followed http://reductivelabs.com/trac/puppet/wiki/UsingMongrel for configuring my puppet with mongrel. Al seems to work fine, except that, after a reinstall of 40 nodes atone time, I got many kind of errors like: ------------------------------------------------------------------------- err: Could not request certificate: Certificate retrieval failed: .tmp file already

Hi, I remember back in the days, there was a neat trick to recover a lost root password, or more exactly, redefine a new password for root. 1. In the bootloader, boot the system with the 'init=/bin/bash' kernel argument. 2. Remount the root partition in read-write mode: # mount -o remount,rw / 3. Set the password for root: # passwd 4. Remount the root partition in read-only

...> > Chain OUTPUT (policy ACCEPT) > target prot opt source destination > > Chain FI-vnet0 (1 references) > target prot opt source destination > RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:22 state ESTABLISHED ctdir ORIGINAL > RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:80 state ESTABLISHED ctdir ORIGINAL > RETURN icmp -- 0.0.0.0/0 0.0.0.0/0 state NEW,ESTABLISHED ctdir REPLY > RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp d...

I am working to a CentOS 6 server with nonstandard iptables system without rule for ACCEPT ESTABLISHED connections. All tables and chains empty (flush by legacy custom script) so only filter/INPUT chain has rules (also fail2ban chain): Chain INPUT (policy ACCEPT) target prot opt source destination f2b-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 192.168....

...######################################################################################## 4. Allow ALL incoming SSH########################################################################################################################iptables -A INPUT -i $EXIF -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT#iptables -A OUTPUT -o $EXIF -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT ######################################################################################################################## 5. Allow incoming SSH only from a specific network#################################...

...cp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN 2576/smbd tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 976/rpcbind tcp 0 0 0.0.0.0:464 0.0.0.0:* LISTEN 2580/samba tcp 0 0 DC1_IP:49153 Other_IP:49182 ESTABLISHED 8972/samba tcp 0 0 DC1_IP:49152 Other_IP:54906 ESTABLISHED 2573/samba tcp 0 0 DC1_IP:389 Other_IP:63555 ESTABLISHED 9412/samba tcp 0 0 DC1_IP:445 Other_IP:54486 ESTABLISHED 15410/smbd tcp 0 0 DC1_IP:135 Ot...

...6:5070 SYN_RECV tcp 0 0 localhost:80 116.24.107.180:3077 SYN_RECV tcp 0 0 localhost:80 77.70.106.4:5882 SYN_RECV tcp 0 0 localhost:80 38.100.200.234:2330 SYN_RECV tcp 0 0 localhost:80 222.89.236.208:4455 ESTABLISHED tcp 0 0 localhost:80 59.56.127.21:1711 TIME_WAIT tcp 0 0 localhost:80 72.232.110.42:2641 ESTABLISHED tcp 0 0 localhost:80 77.70.106.4:13781 ESTABLISHED tcp 0 0 localhost:80 75.37.103.134:54726 ESTABLISHE...