similar to: Iptables blocks out going connetion some times

Hello, Stephen, thank you for input. Yes, these servers have the same firewall rules, and both of them have the same problem from time to time, most of time they are good. Actually, these servers are newly installed to be used as the Glusterfs storage server, so not much data flowing at this time. >From the sysctl output, I suppose it can't be a conntrack table overflow :

On Wed, 24 Apr 2019 at 06:01, likun <kun.li at ucarinc.com> wrote: > Hi?guys. > > There is a wierd problem with iptables recently, hopes somebody can help > me. > > I have installed Centos 7.2.1511 on a bare metal Dell server these days, > disabled firewalld and enabled iptables.services, and setup a group of very > simple rules, as the following: > > I believe

Rowland, Did some editing in smb.conf that I had to reverse. Now I'm back to being able to connect with the firewall disabled. When I enable the firewall I get as far as windows network -> workgroup but no connection. I have only the rules you recommended in your last email. Louis, The information you requested is below: martin at radio:~$ dpkg -l|egrep "iptables|ufw" ii 

Rowland, OK. Should I delete these lines? diff yours mine 63d62 yours# -A ufw-after-logging-output -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW ALLOW] " 85,87d83 yours# -A ufw-before-logging-forward -m conntrack --ctstate NEW -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW AUDIT] " yours# -A ufw-before-logging-input -m conntrack

Louis, Made the changes. Still unable to mount office. Firewall also blocks Thunderbird mail and maybe internet. Will check that more fully later.Any thoughts ob Tony's response? Outputs: martin at radio:/etc$ sudo apt-get install ufw Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no

Hello, I came across an interesting problem in my home lab a few weeks ago as I'm prepping for my RHCE exam using Michael Jang study guide. I've been at this for days now, and I still can't wrap my head around how two or more virtual networks in default NAT configuration are even allowed to communicate with each other despite what the libvirt documentation said. Here's the

My firewall and asterisk pjsip config only has "permit" options for my ITSP's (SIP trunk) IPs. Here's the script that sets it up. -------------------------------------------------- #!/bin/bash EXIF="eth0" /sbin/iptables --flush /sbin/iptables --policy INPUT DROP /sbin/iptables --policy OUTPUT ACCEPT /sbin/iptables -A INPUT -i lo -j ACCEPT /sbin/iptables -A INPUT -m

Yes, I have double checked and am sure there is no IP address conflicts. Likun On 4/24/19 23:28, centos wrote: >On 4/24/19 10:31, likun wrote: >> Hello, Stephen, thank you for input. >> >> Yes, these servers have the same firewall rules, and both of them have the same problem from time to time, most of time they are good. >> >> Actually, these servers are newly

Yes, I have double checked and am sure there is no IP address conflicts. Likun On 4/24/19 23:28, centos wrote: >On 4/24/19 10:31, likun wrote: >> Hello, Stephen, thank you for input. >> >> Yes, these servers have the same firewall rules, and both of them have the same problem from time to time, most of time they are good. >> >> Actually, these servers are newly

On Thu, 12 Nov 2020 at 02:27, Ruhl, Michael J <michael.j.ruhl at intel.com> wrote: > > >-----Original Message----- > >From: Thomas Zimmermann <tzimmermann at suse.de> > >Sent: Wednesday, November 11, 2020 7:08 AM > >To: Ruhl, Michael J <michael.j.ruhl at intel.com>; bskeggs at redhat.com; > >airlied at linux.ie; daniel at ffwll.ch;

Hi Am 10.11.20 um 16:27 schrieb Ruhl, Michael J: > > >> -----Original Message----- >> From: Thomas Zimmermann <tzimmermann at suse.de> >> Sent: Tuesday, November 10, 2020 8:37 AM >> To: bskeggs at redhat.com; airlied at linux.ie; daniel at ffwll.ch; Ruhl, Michael J >> <michael.j.ruhl at intel.com>; christian.koenig at amd.com >> Cc: nouveau

The value of struct drm_device.ttm.type_vram can become -1 for unknown types of memory (see nouveau_ttm_init()). This leads to an out-of-bounds error when accessing struct nvif_mmu.type[]: [ 18.304116] ================================================================== [ 18.311649] BUG: KASAN: slab-out-of-bounds in nouveau_ttm_io_mem_reserve+0x17a/0x7e0 [nouveau] [ 18.320415] Read of

Hello, I'm trying to use http from syslinux.efi but it fails while trying to establish the connection to a FreeBSD http server. A packet capture shows: TCP healthd > http [SYN] Seq=0 Win=65535 Len=0 MSS=1460 WS=64 TSval=1094 TSecr=0 TCP http > healthd [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1460 WS=64 TSval=1596927428 TSecr=1094 TCP healthd > http [ACK] Seq=1 Ack=1 Win=2097152

Hello, This is on Centos 6 and not something I think is wrong with Centos 6 but I am looking to see if anybody else has experienced this and if there is solution. So thanks up front for indulging me. Because Linux makes routing decisions before SNAT it is causing problems when trying to use FTP with two upstream providers in a load balanced setup. Other than ftp, things seem to work OK. Below

Il giorno lun, 02/09/2019 alle 08.26 +0100, Rowland penny via samba ha scritto: > > set 01 22:36:56 s-addc.studiomosca.net named[639]: samba_dlz: > > cancelling transaction on zone studiomosca.net > > That is showing that a client isn't being allowed to update a record. Is it possible to cure it in some way? > > [2] ----[smb.conf] > > > Please do not post

Alright, I have setup the new rules and am waiting to see if I have any issues. If I do, I will keep working on it. I also read the article below, which mentions exactly what you I was told about 2008 and newer using different ports. https://support.microsoft.com/en-us/kb/929851 Here is the new configuration: root at dc01:~# iptables -S -P INPUT DROP -P FORWARD DROP -P OUTPUT ACCEPT -A INPUT -m

I have do a classicupdate from a NT4 style domain to Samba DC 4.10.7 BIND_DLZ without (apparently) problem All seem work fine, access to PC work, join or re-join a PC to domain work, access from a Linux samba member server to Win7 PC work, access from Win7 to samba member server work. But I cannot access from a PC with win7 to another PC with win7. If I try to access from win7-0 to win7-1 via

Hi I would like to add rules into the iptables of the Hosted Engine VM in Ovirt. the version is oVirt Engine Version: 4.1.1.8-1.el7.centos I have tried using the normal process for iptables (iptables-save etc), but it seems that the file /etc/sysconfig/iptables this is ignored in the Ovirt Engine VM. How can I add permanent rules into the Engine VM? Kind regards Andrew

Hello, I am new to dovecot and I am initially trying to setup a basic imap proxy with password forwarding, I can start the dovecot service, connect and give it my password, and that is where I hang. My config is: root at imap-test:/etc/dovecot# doveconf -n # 2.0.19: /etc/dovecot/dovecot.conf # OS: Linux 3.2.0-24-generic x86_64 Ubuntu 12.04 LTS auth_debug = yes auth_verbose = yes debug_log_path =

Hello, I've got an issue with RHEL6 running smbd & winbindd version 3.6.9-168.el6_5. This is authenticating against a Windows 2008R2 domain using the rid backend. If I run any command that has to look up user info I get a 35 second delay, after this initial delay it's fine until the cache time-out, then it happens again. This is making logins and most commands hang for 35 seconds