similar to: tinc confused on remote nodes behind NAT?

i have a switched and bridged tincd node with two addresses, each with a different port. Address = 37.70.156.168 28655 Address = 192.168.2.228 655 i was having trouble reliably connecting to it / thru it and noticed that a log from a remote tincd node indicated it may have mixed up the ports. It doesn't appear to use the 28655 port that would be needed for remote access. Before i

i created an ipset and added 8.8.8.8 to it and used the same iptables working all summer long but ?i can still ping 8.8.8.8 and do nslookup queries against it. ipset or iptables is broken. Anybody else rebooted since ipset-6.11-3.el6.i686 was installed and actually tested that IP addresses that are supposed to be blacklisted are actually blocked? ? Filed CentOS bug report 7977

Hello, I have tried for days on end with no success on this, so I thought I would post it here and see if someone can help me at all. *Here's the scenario:* I have 1 PC with a Static IP/Domain (a dyndns.org account - myserver.homeip.net) connected to a router, which in turn is the gateway to the internet. It also has a static local IP (192.168.1.2). I will call this the "server"

Would it be extremely difficult to do multicast over tinc? How about reliable multicast over tinc? This would be more traffic than multicast dns, but not _necessarily_ a great deal more. It would be for syncing some information among freeipa domain controllers. Would the tinc nodes need to be in all in switch or maybe even hub mode? EthernetOverIP over tinc?

[This email is either empty or too large to be displayed at this time]

Hi, I've successfully setup Asterisk on my local PC and can make call using Twinkle to the server. But, I cannot call to my Asterisk server at Rackspace. I have been trying several things to figure it out, no luck. My PC is behind NAT, so I've set that up in sip.conf (nat=yes). I can ping my Rackspace server so it seems to be Public-static IP. Anyway, I tried with setting externip,

Anybody on here successfully get ipset iptables sets to work _after_ a reboot? My question on StackExchange http://unix.stackexchange.com/questions/149536/upon-bootup-all-iptables-are-lost-because-the-kernel-module-ip-set-is-not-loade Some of the things that need to be in place, otherwise iptables does not load: 1.) The kernel module ip_set needs to be loaded. 2.) The "sets" need to be

Hi, I have 3 tinc nodes. 2 nodes, A and B are behind a nat router. And node C with a public ipaddress. I don't now the private ipadress for node A en B. So i don't use a ipaddress adres in the host file for node A en B. For node C is use the public ipaddress. node A en B connect to node C. But node A en B don't connect to each other. What do i have to change to connect node A

My Asterisk server is behind a NAT and I have set: ---------------------------------------------------------------------------- externhost="my.server.address" externrefresh=180 localnet=192.168.0.0/255.255.0.0 localnet=10.0.0.0/255.0.0.0 localnet=172.16.0.0/12 nat=yes --------------------------------------------------------------------------- in [general] section of sip.conf. I can

c:\APPS\TINC\tincd.exe --mlock --net=mynet --config=C:\APPS\tinc\mynet Without --mlock, the service starts OK. With --mlock, the service fails to start.

ping times to ConnectTo machine are often over a second or at least 300 milliseconds. Hundreds or thousands of times slower than other nodes from same physical location.

http://httpd.apache.org/security/vulnerabilities_20.html states that Apache 2.0.52 is 4 years old and the latest version is 2.0.68. i am no longer a httpd expert, but at least one of the security fixes involves XSS attacks via malformed ftp commands. I also realize that redhat / centos may patch things separately from Apache and that the sysadmin has a great deal to do with how secure things

I would like to make a suggestion and recommend that you put your Asterisk box on the outside and let it also pull duty as your firewall/nat router. The iptables overhead will be minimal on the system and you'll save yourself a lot of headaches in the long run. The biggest problem being that having an asterisk server behind a nat, and then also having sip phones trying to connect to said

Currently, i have nodes with PMTUDiscovery =yes and ClampMSS = yes. When the server does not receive a PMTU request back from one of the clients even when the packet size is very small (say 164), then it reverts to TCP. Should i turn off PMTUDiscovery or should it be ok to leave on? It takes a very long time to do simple pings (1 second or so), so i wonder what else i can do?

Since Fedora is pushing NSS SSL instead of OpenSSL, has someone tested tinc-vpn against NSS? As i recall, a single machine can not have OpenSSL and mod_nss installed at the same time anymore. So if you have apache running, you _may_ have problems running tinc? The nss api is supposed to mostly similar to openssl api, but there are some things openssl supports and somethings nss supports. Is

Have anything to do with firewall locations, meaning home vs work vs public vs lockdown. Probably not it at all. On Jul 13, 2016 3:22 PM, "Etienne Dechamps" <etienne at edechamps.fr> wrote: > That's strange. Can you post a detailed log from the affected node (run > tincd -d5 -D), especially the initialization phase? > > On 13 July 2016 at 16:17, Petr Man <petr

You might want to try with https://github.com/gsliepen/tinc/pull/120 - that said, this bug probably doesn't explain everything because tinc is supposed to log a message from setup_vpn_in_socket() anyway, but there's no such message in your log. In addition, I really don't see any way the "Received UDP packet from unknown source" message could be logged if the UDP socket

Not in my testing especially about the time of 6.4. On Apr 22, 2016 5:16 PM, "Gordon Messmer" <gordon.messmer at gmail.com> wrote: > On 04/22/2016 01:33 AM, Rob Townley wrote: > >> tune2fs against a LVM (albeit formatted with ext4) is not the same as >> tune2fs against ext4. >> > > tune2fs operates on the content of a block device. A logical volume

Hi all, Has there been any progress made on using UDP, but being a NAT? To avoid the Received UDP packet from unknown source 1.2.3.4 messages? I'm using TCP as a workaround for now. Thanks. David -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20140424/6114ed74/attachment.html>

http://bugzilla.mindrot.org/show_bug.cgi?id=391 Summary: ssh -n returning 255 status code Product: Portable OpenSSH Version: -current Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: