similar to: Squid + wccp + firewalld

Howdy I'm trying to run FTP server behind firewall. And i can't enable passive mode from the Internet. There are plenty howtos but there aren't many with my combination. For now i have configured port forwarding and ftp server itself. On the router: # firewall-cmd --list-all --zone=external external (active) interfaces: enp3s1 sources: services: openvpn ssh ports: 1194/tcp

Hi, I just setup a very basic HTTP proxy with Squid on a router running CentOS 7. Up until early 2020 I've been using a bone-headed shell script with iptables to configure my firewall. But I decided to follow advice from a few gurus on this list, and I've since moved my configurations to FirewallD, which works nicely. There's one configuration left to tackle, that's port

Hi all, I have a problem when trying to run my squid-cache with wccp. The problem is that after running for 1 hour the network hangs . I have in the message log "/kernel: xl0: watchdog timeout" and in the squid logs " No buffer space available" The system is dual xeon @500Mhz with 2.5GB of RAM and 10x9.1GB SCSI, FreeBSD 4.9-PRERELEASE from Thu Sep 11 and squid-2.5.STABLE3 build

Hi, I have a centos 7 host server, which hosts vmware vms with various Os. I want to reach a ubuntu 14.04 vm through ssh and x2go (ssh as well). What I did. 1/ open a 2296 port in firewalld. 2/ add 2296=internalvmip:22 in tcp section of /etc/vmware/vmnet8/nat/nat.conf (vmnet8 being the vms network) >From the host server I can ssh the vm, but from outside, a ssh -p 2296 user at hostserverip

Still un-resolved. Could be wrong but I think its firewalld preventing me from accessing mail with roundcube. I'm getting Connection to storage server failed. >From roundcubemail log: [29-Jan-2017 16:45:05 -0500]: <4r5ccifn> IMAP Error: Login failed for tdukes from 192.168.1.102. AUTHENTICATE PLAIN: * BYE Internal error occurred. Refer to server log for more information. in

On CentOS7 I have following firewalld setting. external (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: dns ftp http https imaps pop3s smtp ssh ports: 110/tcp 21/tcp 20000/tcp 106/tcp 53/tcp 990/tcp 5432/tcp 8447/tcp 113/tcp 143/tcp 3306/tcp 5224/tcp 22/tcp 465/tcp 995/tcp 25/tcp 10000/tcp 8443/tcp 993/tcp 443/tcp 8880/tcp 587/tcp 20/tcp 53/udp

Dear Gordon Messmer, Thank you. Please teach me one more. By 'firewall-cmd --list' its answer is following. external (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: dns ftp http https imaps pop3s smtp ssh ports: 110/tcp 21/tcp 20000/tcp 106/tcp 53/tcp 990/tcp 5432/tcp 8447/tcp 113/tcp 143/tcp 3306/tcp 5224/tcp 22/tcp 465/tcp 995/tcp

On Jul 27, 2017, at 9:36 PM, ???? <tadao at creative-japan.org> wrote: > > On CentOS7 I have following firewalld setting. > > external (active) > target: default > icmp-block-inversion: no > interfaces: eth0 > sources: > services: dns ftp http https imaps pop3s smtp ssh > ports: 110/tcp 21/tcp 20000/tcp 106/tcp 53/tcp 990/tcp 5432/tcp 8447/tcp >

Am 30.07.2017 um 07:06 schrieb ????: > Please teach me one more. > By 'firewall-cmd --list' its answer is following. > > external (active) > target: default > icmp-block-inversion: no > interfaces: eth0 > sources: > services: dns ftp http https imaps pop3s smtp ssh > ports: 110/tcp 21/tcp 20000/tcp 106/tcp 53/tcp 990/tcp 5432/tcp 8447/tcp

On 28 January 2017 at 13:44, Mike McCarthy, W1NR <sysop at w1nr.net> wrote: > firewalld isn't the only thing that will prevent services from accessing > the internet. I found that I needed to do a relabel before postfix could > access DNS and I have seen other issues as well. Have you tried > disabling the firewall to see if you can get connections to work? Then > try to

Hi, I recently upgraded samba from 3.0.11 3.0.20. It's integrated with squid 2.5 STABLE 7 with patches for NTLM bugs. I am facing problem with NTLM authentication. The browser hangs and I get following error in log.winbindd [2005/09/02 13:53:10, 0] nsswitch/winbindd.c:process_loop(803) winbindd: Exceeding 200 client connections, no idle connection found [2005/09/02 13:53:10, 0]

http://bugzilla.netfilter.org/show_bug.cgi?id=803 Summary: IP Ranges do not work with hash:net Product: ipset Version: unspecified Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component: default AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy:

Is anyone aware of a package that can detect viri on the network & possibly alert when there are? Here is the scenario: Our network is utilized by guest users all the time, sometimes into the thousands. We see guests from all over with a variety of OSs & hardware, all of which, we have no control or say in that matter. I am looking for something that I can run in promiscuous mode and/or

I have a new pcap from beginning to the end with openldap "TLS negoiation failed" https://gwarband.de/openldap/tracefile.dump The sourceports are 45376 and 45377 Tobias Am 2017-03-20 19:59, schrieb Aki Tuomi: > Well, those actually *reduce* the possible algorithms that can be > used, so uncommenting those can make things worse. > > Anyways, your pcap seems incomplete,

Did you do some succesful lookup with something there? I can see few failed attempts and one that seems to have worked just fine. As pointed out earlier, are you using security frameworks like SELinux or AppArmor? Also, can you provide namei -l /etc/ssl/certs/LetsEncrypt.pem The failed attempts are really short, indicating a VERY early problem with SSL handshake. Aki > On March 20, 2017 at

Could you copy LetsEncrypt.pem to a world-readable location, with world-readable rights, and see if this helps with your problem. I saw you tried with cat using su(do), but unfortunately supplementary groups are not always used with processes. Aki On 20.03.2017 23:09, info at gwarband.de wrote: > The one that works fine was my openxchange server, that loads contacts > from openldap. >

The one that works fine was my openxchange server, that loads contacts from openldap. In my opinion I don't have installed a security framework list SELinux or AppArmor. The output of namei -l /etc/ssl/certs/LetsEncrypt.pem f: /etc/ssl/certs/LetsEncrypt.pem drwxr-xr-x root root / drwxr-xr-x root root etc drwxr-xr-x root root ssl drwxr-xr-x root root certs lrwxrwxrwx root

Just rebuilt and installed/world kernel: FreeBSD 4.8-STABLE #0: Fri Apr 11 14:34:37 EDT 2003 Using the latest Makefile for squid25: # fgrep \$FreeBSD /usr/ports/www/squid/Makefile # $FreeBSD: ports/www/squid/Makefile,v 1.100 2003/04/09 08:31:30 adrian Exp $ Modified with: # fgrep CONFIGURE_ARGS Makefile |fgrep -v \# CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --sysconfdir=${PREFIX}/etc/squid \

Hello! My name is Denis Shaposhnikov. I'm looking for a job in EU (Germany is preferably) as a UNIX/FreeBSD system administrator and/or network administrator that lets me utilize my experience in an Internet Service Providing (ISP). Skills: * Operating systems: UNIX (FreeBSD 2.2 - STABLE), Cisco IOS (10.x - 12.x), ZyNOS. Understand how systems work and is able to apply this

Hi all, I am having a problem indexing one of my mailboxes using the solr fts backend in dovecot 2.1.12 For many mailboxes it works just fine, but on one mailbox I currently always get a panic. solr setup: Java: icedtea 6.1.11.5 Solr: 3.6.2 running in tomcat 7.0.32 Command to reproduce error: doveadm index -u my at user badmailbox I already noticed that there have been some solr backend fixes